No validation is executed when editing value on list with editable->true

[kgasienica]

Environment

Sonata packages

show

sonata-project/admin-bundle              3.79.0 3.79.0 The missing Symfony Admin Generator
sonata-project/block-bundle              3.21.0 3.21.0 Symfony SonataBlockBundle
sonata-project/cache                     2.0.1  2.1.1  Cache library
Package sonata-project/cache is abandoned, you should avoid using it. No replacement was suggested.
sonata-project/doctrine-extensions       1.10.1 1.10.1 Doctrine2 behavioral extensions
sonata-project/doctrine-orm-admin-bundle 3.24.0 3.24.0 Integrate Doctrine ORM into the SonataAdminBundle
sonata-project/exporter                  2.4.1  2.4.1  Lightweight Exporter library
sonata-project/form-extensions           1.6.0  1.6.0  Symfony form extensions
sonata-project/twig-extensions           1.4.1  1.4.1  Sonata twig extensions

Symfony packages

show

symfony/asset                      v4.4.37 v5.4.7  Manages URL generation and versioning of web assets such as CSS stylesheets, JavaScript files and image files
symfony/cache                      v4.4.38 v5.4.7  Provides an extended PSR-6, PSR-16 (and tags) implementation
symfony/cache-contracts            v2.5.0  v2.5.1  Generic abstractions related to caching
symfony/config                     v4.4.37 v5.4.7  Helps you find, load, combine, autofill and validate configuration values of any kind
symfony/console                    v4.4.38 v5.4.7  Eases the creation of beautiful and testable command line interfaces
symfony/debug                      v4.4.37 v4.4.37 Provides tools to ease debugging PHP code
symfony/dependency-injection       v4.4.37 v5.4.7  Allows you to standardize and centralize the way objects are constructed in your application
symfony/deprecation-contracts      v2.5.0  v2.5.1  A generic function and convention to trigger deprecation notices
symfony/doctrine-bridge            v4.4.34 v5.4.7  Provides integration for Doctrine with various Symfony components
symfony/dotenv                     v4.4.4  v5.4.5  Registers environment variables from a .env file
symfony/error-handler              v4.4.37 v5.4.7  Provides tools to manage errors and ease debugging PHP code
symfony/event-dispatcher           v4.4.37 v5.4.3  Provides tools that allow your application components to communicate with each other by dispatching events and listening to them
symfony/event-dispatcher-contracts v1.1.11 v2.5.1  Generic abstractions related to dispatching event
symfony/expression-language        v4.4.37 v5.4.7  Provides an engine that can compile and evaluate expressions
symfony/filesystem                 v4.4.39 v5.4.7  Provides basic utilities for the filesystem
symfony/finder                     v4.4.37 v5.4.3  Finds files and directories via an intuitive fluent interface
symfony/flex                       v1.18.5 v1.18.6 Composer plugin for Symfony
symfony/form                       v4.4.38 v5.4.7  Allows to easily create, process and reuse HTML forms
symfony/framework-bundle           v4.4.37 v5.4.7  Provides a tight integration between Symfony components and the Symfony full-stack framework
symfony/http-client-contracts      v2.5.0  v2.5.1  Generic abstractions related to HTTP clients
symfony/http-foundation            v4.4.39 v5.4.6  Defines an object-oriented layer for the HTTP specification
symfony/http-kernel                v4.4.39 v5.4.7  Provides a structured process for converting a Request into a Response
symfony/inflector                  v4.4.37 v5.4.3  Converts words between their singular and plural forms (English only)
Package symfony/inflector is abandoned, you should avoid using it. Use EnglishInflector from the String component instead.
symfony/intl                       v4.4.38 v5.4.5  Provides a PHP replacement layer for the C intl extension that includes additional data from the ICU library
symfony/ldap                       v4.4.38 v5.4.5  Provides a LDAP client for PHP on top of PHP's ldap extension
symfony/maker-bundle               v1.38.0 v1.40.1 Symfony Maker helps you create empty commands, controllers, form classes, tests and more so you can forget about writing boilerplate code.
symfony/mime                       v4.4.37 v5.4.7  Allows manipulating MIME messages
symfony/monolog-bridge             v4.4.4  v5.4.3  Symfony Monolog Bridge
symfony/monolog-bundle             v3.7.0  v3.7.1  Symfony MonologBundle
symfony/options-resolver           v4.4.37 v5.4.3  Provides an improved replacement for the array_replace PHP function
symfony/polyfill-intl-grapheme     v1.25.0 v1.25.0 Symfony polyfill for intl's grapheme_* functions
symfony/polyfill-intl-icu          v1.25.0 v1.25.0 Symfony polyfill for intl's ICU-related data and classes
symfony/polyfill-intl-idn          v1.25.0 v1.25.0 Symfony polyfill for intl's idn_to_ascii and idn_to_utf8 functions
symfony/polyfill-intl-normalizer   v1.25.0 v1.25.0 Symfony polyfill for intl's Normalizer class and related functions
symfony/polyfill-mbstring          v1.25.0 v1.25.0 Symfony polyfill for the Mbstring extension
symfony/polyfill-php72             v1.25.0 v1.25.0 Symfony polyfill backporting some PHP 7.2+ features to lower PHP versions
symfony/polyfill-php73             v1.25.0 v1.25.0 Symfony polyfill backporting some PHP 7.3+ features to lower PHP versions
symfony/polyfill-php80             v1.25.0 v1.25.0 Symfony polyfill backporting some PHP 8.0+ features to lower PHP versions
symfony/polyfill-php81             v1.25.0 v1.25.0 Symfony polyfill backporting some PHP 8.1+ features to lower PHP versions
symfony/process                    v4.4.4  v5.4.7  Symfony Process Component
symfony/property-access            v4.4.38 v5.4.7  Provides functions to read and write from/to an object or array using a simple string notation
symfony/proxy-manager-bridge       v4.4.18 v5.4.6  Symfony ProxyManager Bridge
symfony/routing                    v4.4.37 v5.4.3  Maps an HTTP request to a set of configuration variables
symfony/security-acl               v3.3.1  v3.3.1  Symfony Security Component - ACL (Access Control List)
symfony/security-bundle            v4.4.38 v5.4.5  Provides a tight integration of the Security component into the Symfony full-stack framework
symfony/security-core              v4.4.38 v5.4.7  Symfony Security Component - Core Library
symfony/security-csrf              v4.4.37 v5.4.3  Symfony Security Component - CSRF Library
symfony/security-guard             v4.4.37 v5.4.3  Symfony Security Component - Guard
symfony/security-http              v4.4.37 v5.4.5  Symfony Security Component - HTTP Integration
symfony/service-contracts          v2.5.0  v2.5.1  Generic abstractions related to writing services
symfony/stopwatch                  v4.4.11 v5.4.5  Symfony Stopwatch Component
symfony/string                     v5.4.3  v5.4.3  Provides an object-oriented API to strings and deals with bytes, UTF-8 code points and grapheme clusters in a unified way
symfony/templating                 v4.4.37 v5.4.3  Provides all the tools needed to build any kind of template system
symfony/translation                v4.4.37 v5.4.7  Provides tools to internationalize your application
symfony/translation-contracts      v2.5.0  v2.5.1  Generic abstractions related to translation
symfony/twig-bridge                v4.4.38 v5.4.7  Provides integration for Twig with various Symfony components
symfony/twig-bundle                v4.4.37 v5.4.3  Provides a tight integration of Twig into the Symfony full-stack framework
symfony/validator                  v4.4.39 v5.4.7  Provides tools to validate values
symfony/var-dumper                 v4.4.39 v5.4.6  Provides mechanisms for walking through any arbitrary PHP variable
symfony/var-exporter               v4.4.39 v5.4.7  Allows exporting any serializable PHP data structure to plain PHP code
symfony/web-profiler-bundle        v4.4.39 v5.4.6  Provides a development tool that gives detailed information about the execution of any request
symfony/yaml                       v4.4.4  v5.4.3  Symfony Yaml Component

PHP version

PHP 7.2.34 (cli) (built: Dec 11 2020 11:22:50) ( NTS )
Copyright (c) 1997-2018 The PHP Group
Zend Engine v3.2.0, Copyright (c) 1998-2018 Zend Technologies
    with Zend OPcache v7.2.34, Copyright (c) 1999-2018, by Zend Technologies
    with Xdebug v2.6.0, Copyright (c) 2002-2018, by Derick Rethans

Subject

When you try to edit a value with invalid data on a list with configureListFields->editable => true it gives a 500 because no validation is triggered, even if there is validate() method or defined constraints in configureFormFields

Minimal repository with the bug

Steps to reproduce

Create a field with validation or constraint:

    public function validate(ErrorElement $errorElement, $object)
    {
        $errorElement
            ->with('categoryId')
            ->assertLength(['max' => 9])
            ->end();
    }

    protected function configureFormFields(FormMapper $form): void
    {
        $form
            ->add('categoryId', IntegerType::class, [
                'constraints' => [
                    new Length(['max' => 9])
                ],
            ])

let it be edited inline in list:

    protected function configureListFields(ListMapper $list): void
    {
        $list
            ->add('categoryId', TemplateRegistry::TYPE_INTEGER, [
                'editable' => true,
            ])

try edit it inline in list with invalid data, there will be no validation executed.

Expected results

There are several options:

• add constraints to configureListFields like:

    protected function configureListFields(ListMapper $list): void
    {
        $list
            ->add('categoryId', TemplateRegistry::TYPE_INTEGER, [
                'editable' => true,
                'constraints' => [
                    new Length(['max' => 9])
                ],
            ])

• execute validate() method
• verify constraints from configureFormFields() method

Actual results

[jordisala1991]

There is no feature that allows you to define constraints directly on the List Field Mapper AFAIK. But it should work with constraints defined on entity level, can you try with that?

[kgasienica]

I dont want to mess with my entities and add Asserts as comments in them. I want to have another way to validate data before. Entity should always be in proper state.

[VincentLanglet]

The validation is executed on the object only https://github.com/sonata-project/SonataAdminBundle/blob/4.x/src/Action/SetObjectFieldValueAction.php#L167

Since we're accessing to the fieldDescription https://github.com/sonata-project/SonataAdminBundle/blob/4.x/src/Action/SetObjectFieldValueAction.php#L124, it should be possible to access to a constraint property.

Something like

$violations = array_merge(
    $this->validator->validate($object);
    $this->validator->validate($object, $listFieldDescription->getOption('constraints')
);

But we won't add support for the validate method, it's already removed on 4.x ; you opened your issue about a non supported sonataAdmin version.

[kgasienica]

Sure, those are just my proposals. Is there other way than assertions in entity to run validations for value on a list?

[VincentLanglet]

Sure, those are just my proposals. Is there other way than assertions in entity to run validations for value on a list?

Currently no. But

    protected function configureListFields(ListMapper $list): void
    {
        $list
            ->add('categoryId', TemplateRegistry::TYPE_INTEGER, [
                'editable' => true,
                'constraints' => [
                    new Length(['max' => 9])
                ],
            ])

should be easily supported with my previous message. Do you want to provide the PR ?

[kgasienica]

Sure, I will do it on Wednesday.

[jordisala1991]

I am not sure that we want to add more features to the editable concept given its current situation... IMO we should first ensure that it wont be deprecated and removed on next major and then work on improve it.

[github-actions[bot]]

This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions.