Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Routing: Using the "scoped" method with "apiResource" in routing with the "apiResources" method as an option #50025

Closed
shahmal1yev opened this issue Feb 9, 2024 · 2 comments
Closed

Routing: Using the "scoped" method with "apiResource" in routing with the "apiResources" method as an option #50025

shahmal1yev opened this issue Feb 9, 2024 · 2 comments

Comments

@shahmal1yev
Copy link

Laravel Version

10.41.0

PHP Version

8.2.12

Database Driver & Version

mariadb Ver 15.1 Distrib 10.11.6-MariaDB, for debian-linux-gnu (x86_64) using EditLine wrapper | Linux shahmal1yev 6.5.0-kali3-amd64 #1 SMP PREEMPT_DYNAMIC Debian 6.5.6-1kali1 (2023-10-09) x86_64 GNU/Linux

Description

I'm not entirely sure if this is a genuine bug, but I wanted to report it anyway. Perhaps I'm doing something wrong. But the situation is as follows:

Route::apiResource('employees.companies', \App\Http\Controllers\API\EmployeeCompanyController::class)->scoped();
public function show(
    Employee $employee,
    Company $company
)
{
    $this->authorize('view', $company);

    return response()->ok(new CompanyResource($company));
}

It works correctly this way. Trials are conducted as follows:

Example 1

Postman Request:

{{apiUrl}}/employees/1/companies/23

Postman Output:

{
    "id": 22,
    "name": "Grant, Kerluke and Huel",
    "sun": "bbd1ba64-6574-31fe-8108-1805a1f23a96",
    "voen": 208795510,
    "bank_name": "Irma",
    "bank_filial": "Bogisich-Konopelski",
    "kod": "b7fd16d9-e97b-3a28-8904-5cc4ed695e14",
    "bank_voen": 418181827,
    "cor_account": "d6bec26f-77c7-39f2-8fc7-f9c7831f89c1",
    "swift": "TR380320632PHM6RFR20L82F21",
    "azn_account": "PT32008228823030793772873",
    "usd_account": "MU47UZMO9956483178746831329SZR",
    "eur_account": "LU7437062I4630L7TOPP",
    "country": "Argentina",
    "city": "East Deionside",
    "poct_index": "90329-0014",
    "tel": "1-862-883-9626",
    "founder": "Alvah Steuber II",
    "service_id": 1,
    "insert_user_id": null,
    "update_user_id": null,
    "status": 1,
    "address": "6394 Avery Parkways\nMyrticeside, ID 52478",
    "enterprise_head_fullname": "Pete Jakubowski",
    "enterprise_head_position": "Selmer Windler",
    "created_at": "2024-02-09T06:01:26.000000Z",
    "updated_at": "2024-02-09T06:01:26.000000Z"
}

Postman Request:

{{apiUrl}}/employees/1/companies/22

{
    "message": "No query results for model [App\\Models\\Company] 22",
    "exception": "Symfony\\Component\\HttpKernel\\Exception\\NotFoundHttpException",
    "file": "/var/www/hrmanagement.run/vendor/laravel/framework/src/Illuminate/Foundation/Exceptions/Handler.php",
    "line": 487,
    ...
}

Note: The company actually exists.

Example 2

Route::apiResources(['employees.companies' => \App\Http\Controllers\API\EmployeeCompanyController::class], [
    'scoped' => []
]);

Postman Request 1:

{{apiUrl}}/employees/1/companies/22

{
    "id": 22,
    "name": "Grant, Kerluke and Huel",
    "sun": "bbd1ba64-6574-31fe-8108-1805a1f23a96",
    "voen": 208795510,
    "bank_name": "Irma",
    "bank_filial": "Bogisich-Konopelski",
    "kod": "b7fd16d9-e97b-3a28-8904-5cc4ed695e14",
    "bank_voen": 418181827,
    "cor_account": "d6bec26f-77c7-39f2-8fc7-f9c7831f89c1",
    "swift": "TR380320632PHM6RFR20L82F21",
    "azn_account": "PT32008228823030793772873",
    "usd_account": "MU47UZMO9956483178746831329SZR",
    "eur_account": "LU7437062I4630L7TOPP",
    "country": "Argentina",
    "city": "East Deionside",
    "poct_index": "90329-0014",
    "tel": "1-862-883-9626",
    "founder": "Alvah Steuber II",
    "service_id": 1,
    "insert_user_id": null,
    "update_user_id": null,
    "status": 1,
    "address": "6394 Avery Parkways\nMyrticeside, ID 52478",
    "enterprise_head_fullname": "Pete Jakubowski",
    "enterprise_head_position": "Selmer Windler",
    "created_at": "2024-02-09T06:01:26.000000Z",
    "updated_at": "2024-02-09T06:01:26.000000Z"
}

Postman Request 2:

{{apiUrl}}/employees/1/companies/23

{
    "id": 23,
    "name": "Hegmann Ltd",
    "sun": "6190d34c-5ab5-38c5-b2f3-b40562562d15",
    "voen": 476190160,
    "bank_name": "Bianka",
    "bank_filial": "Dare Group",
    "kod": "6a5276a8-0fbd-327a-aac5-8d4b6424d855",
    "bank_voen": 577439286,
    "cor_account": "a99661da-95a9-3b24-8bc3-f20c15fa9165",
    "swift": "BG24ACTG428405NUEQ0N4W",
    "azn_account": "GT15E1UWL34K2L79M1F4K6B7050O",
    "usd_account": "FI2447282447985342",
    "eur_account": "CZ0452497440901665001059",
    "country": "Argentina",
    "city": "Emardburgh",
    "poct_index": "17338",
    "tel": "+1-607-501-2455",
    "founder": "Stacey Langosh",
    "service_id": 2,
    "insert_user_id": null,
    "update_user_id": null,
    "status": 0,
    "address": "1458 Hilton Hollow\nGoldnertown, IN 79460",
    "enterprise_head_fullname": "Carley Johns",
    "enterprise_head_position": "Dorothea Littel",
    "created_at": "2024-02-09T06:01:38.000000Z",
    "updated_at": "2024-02-09T06:01:38.000000Z"
}

To prevent unnecessary responses regarding assigning an empty array to the 'scoped' value in the options of apiResources, I'm leaving the 'scoped' method below. It seems that when accessed through 'apiResource', it's used without parameters, accepting an empty array. However, I might be mistaken. I apologize in advance for this.

namespace Illuminate\Routing;

class PendingResourceRegistration
{
    /**
     * Indicate that the resource routes should be scoped using the given binding fields.
     *
     * @param  array  $fields
     * @return \Illuminate\Routing\PendingResourceRegistration
     */
    public function scoped(array $fields = [])
    {
        $this->options['bindingFields'] = $fields;

        return $this;
    }
}

Steps To Reproduce

1. Create a simple posts and comments relationship in your Laravel project.

2. Create a nested route as posts.comments using the apiResource method in your routes. Don't forget to add the 'scoped' method as well.

Route::apiResource('employees.companies', \App\Http\Controllers\API\EmployeeCompanyController::class)
  ->scoped(/*default: []*/);

3. Attempt to retrieve a specific comment belonging to a post via Postman. Then try to fetch an unassociated comment.

4. Now, create a nested route as posts.comments using the apiResources method in your routes. Also, pass an empty array to the 'scoped' option in the options parameter.

Route::apiResources(['employees.companies' => \App\Http\Controllers\API\EmployeeCompanyController::class], [
    'scoped' => []
]);

5. Repeat step 3 and examine the situation.
@shahmal1yev
Copy link
Author

Could the fix at #42571 be suitable for this? What do you think, @ksassnowski?

@driesvints
Copy link
Member

Hey there,

Can you first please try one of the support channels below? If you can actually identify this as a bug, feel free to open up a new issue with a link to the original one and we'll gladly help you out.

Thanks!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@driesvints @shahmal1yev