Subscriber filter in get subscribers endpoint

Author: tatevikg1

README.md

@@ -60,3 +60,11 @@ contribute and how to run the unit tests and style checks locally.
 This project adheres to a [Contributor Code of Conduct](CODE_OF_CONDUCT.md).
 By participating in this project and its community, you are expected to uphold
 this code.
+
+
+### Code style checks
+```bash
+vendor/bin/phpstan analyse -l 5 src/ tests/
+vendor/bin/phpmd src/ text vendor/phplist/core/config/PHPMD/rules.xml
+vendor/bin/phpcs --standard=vendor/phplist/core/config/PhpCodeSniffer/ src/ tests/
+```

composer.json

@@ -49,7 +49,8 @@
         "zircote/swagger-php": "^4.11",
         "ext-dom": "*",
         "tatevikgr/rss-feed": "dev-main as 0.1.0",
-        "psr/simple-cache": "^3.0"
+        "psr/simple-cache": "^3.0",
+        "symfony/expression-language": "^6.4"
     },
     "require-dev": {
         "phpunit/phpunit": "^10.0",

src/Common/Validator/RequestValidator.php

@@ -23,7 +23,8 @@ public function __construct(
     public function validate(Request $request, string $dtoClass): RequestInterface
     {
         try {
-            $body = json_decode($request->getContent(), true, 512, JSON_THROW_ON_ERROR);
+            $content = $request->getContent();
+            $body = ($content !== '' && $content !== '0') ? json_decode($content, true, 512, JSON_THROW_ON_ERROR) : [];
         } catch (Throwable $e) {
             throw new BadRequestHttpException('Invalid JSON: ' . $e->getMessage());
         }
@@ -33,7 +34,7 @@ public function validate(Request $request, string $dtoClass): RequestInterface
             $routeParams['listId'] = (int) $routeParams['listId'];
         }
 
-        $data = array_merge($routeParams, $body ?? []);
+        $data = array_merge($routeParams, $request->query->all(), $body ?? []);
 
         try {
             /** @var RequestInterface $dto */
@@ -44,7 +45,9 @@ public function validate(Request $request, string $dtoClass): RequestInterface
                 ['allow_extra_attributes' => true]
             );
         } catch (Throwable $e) {
-            throw new BadRequestHttpException('Invalid request data: ' . $e->getMessage());
+            throw new BadRequestHttpException(
+                'Invalid request data: ' . $e->getMessage() . ' Data: ' . json_encode($data)
+            );
         }
 
         return $this->validateDto($dto);

src/Subscription/Controller/SubscriberController.php

@@ -7,14 +7,14 @@
 use Doctrine\ORM\EntityManagerInterface;
 use OpenApi\Attributes as OA;
 use PhpList\Core\Domain\Identity\Model\PrivilegeFlag;
-use PhpList\Core\Domain\Subscription\Model\Filter\SubscriberFilter;
 use PhpList\Core\Domain\Subscription\Model\Subscriber;
 use PhpList\Core\Domain\Subscription\Service\Manager\SubscriberManager;
 use PhpList\Core\Security\Authentication;
 use PhpList\RestBundle\Common\Controller\BaseController;
 use PhpList\RestBundle\Common\Validator\RequestValidator;
 use PhpList\RestBundle\Common\Service\Provider\PaginatedDataProvider;
 use PhpList\RestBundle\Subscription\Request\CreateSubscriberRequest;
+use PhpList\RestBundle\Subscription\Request\SubscribersFilterRequest;
 use PhpList\RestBundle\Subscription\Request\UpdateSubscriberRequest;
 use PhpList\RestBundle\Subscription\Serializer\SubscriberNormalizer;
 use PhpList\RestBundle\Subscription\Service\SubscriberHistoryService;
@@ -75,7 +75,61 @@ public function __construct(
                 in: 'query',
                 required: false,
                 schema: new OA\Schema(type: 'integer', default: 25, maximum: 100, minimum: 1)
-            )
+            ),
+            new OA\Parameter(
+                name: 'is_confirmed',
+                description: 'Filter by confirmed status',
+                in: 'query',
+                required: false,
+                schema: new OA\Schema(
+                    type: 'string',
+                    enum: ['true', 'false', '0', '1'],
+                    example: '1'
+                )
+            ),
+            new OA\Parameter(
+                name: 'is_blacklisted',
+                description: 'Filter by blacklisted status',
+                in: 'query',
+                required: false,
+                schema: new OA\Schema(
+                    type: 'string',
+                    enum: ['true', 'false', '0', '1'],
+                    example: '1'
+                )
+            ),
+            new OA\Parameter(
+                name: 'sort_by',
+                description: 'Column to sort by',
+                in: 'query',
+                required: false,
+                schema: new OA\Schema(type: 'string', example: 'id')
+            ),
+            new OA\Parameter(
+                name: 'sort_direction',
+                description: 'Sort direction',
+                in: 'query',
+                required: false,
+                schema: new OA\Schema(
+                    type: 'string',
+                    enum: ['asc', 'desc'],
+                    example: 'desc'
+                )
+            ),
+            new OA\Parameter(
+                name: 'find_column',
+                description: 'Column to search in (requires find_value)',
+                in: 'query',
+                required: false,
+                schema: new OA\Schema(type: 'string', example: 'email')
+            ),
+            new OA\Parameter(
+                name: 'find_value',
+                description: 'Value to search for (requires find_column)',
+                in: 'query',
+                required: false,
+                schema: new OA\Schema(type: 'string', example: 'email@example.com')
+            ),
         ],
         responses: [
             new OA\Response(
@@ -104,14 +158,17 @@ public function getSubscribers(Request $request): JsonResponse
     {
         $this->requireAuthentication($request);
 
+        /** @var SubscribersFilterRequest $subscriberRequest */
+        $subscriberRequest = $this->validator->validate($request, SubscribersFilterRequest::class);
+
         return $this->json(
-            $this->paginatedDataProvider->getPaginatedList(
-                $request,
-                $this->subscriberNormalizer,
-                Subscriber::class,
-                new SubscriberFilter(),
+            data: $this->paginatedDataProvider->getPaginatedList(
+                request: $request,
+                normalizer: $this->subscriberNormalizer,
+                className: Subscriber::class,
+                filter: $subscriberRequest->getDto(),
             ),
-            Response::HTTP_OK
+            status: Response::HTTP_OK
         );
     }
 

src/Subscription/Request/SubscribersFilterRequest.php

@@ -0,0 +1,76 @@
+<?php
+
+declare(strict_types=1);
+
+namespace PhpList\RestBundle\Subscription\Request;
+
+use PhpList\Core\Domain\Subscription\Model\Filter\SubscriberFilter;
+use PhpList\RestBundle\Common\Request\RequestInterface;
+use Symfony\Component\Validator\Constraints as Assert;
+
+class SubscribersFilterRequest implements RequestInterface
+{
+    #[Assert\Choice(
+        choices: ['true', 'false', '1', '0', true, false, 1, 0],
+        message: 'isConfirmed must be one of: true, false, 1, 0'
+    )]
+    public mixed $isConfirmed = null;
+
+    #[Assert\Choice(
+        choices: ['true', 'false', '1', '0', true, false, 1, 0],
+        message: 'isBlacklisted must be one of: true, false, 1, 0'
+    )]
+    public mixed $isBlacklisted = null;
+
+    #[Assert\Choice(
+        choices: ['email', 'confirmedAt', 'createdAt'],
+        message: 'Invalid sortBy value'
+    )]
+    public ?string $sortBy = null;
+
+    #[Assert\Choice(
+        choices: ['asc', 'desc'],
+        message: 'sortDirection must be asc or desc'
+    )]
+    public ?string $sortDirection = null;
+
+    #[Assert\Choice(
+        choices: ['email', 'name'],
+        message: 'Invalid findColumn value'
+    )]
+    public ?string $findColumn = null;
+
+    #[Assert\Type(type: 'string')]
+    public ?string $findValue = null;
+
+    #[Assert\Expression(
+        expression: '(this.findColumn === null and this.findValue === null) or (this.findColumn !== null and this.findValue !== null)',
+        message: 'findColumn and findValue must be provided together'
+    )]
+    public mixed $findPairValidation = null;
+
+    public function getDto(): SubscriberFilter
+    {
+        return new SubscriberFilter(
+            isConfirmed: $this->normalizeBoolean($this->isConfirmed),
+            isBlacklisted: $this->normalizeBoolean($this->isBlacklisted),
+            sortBy: $this->sortBy,
+            sortDirection: $this->sortDirection,
+            findColumn: $this->findColumn,
+            findValue: $this->findColumn ? $this->findValue : null,
+        );
+    }
+
+    private function normalizeBoolean(mixed $value): ?bool
+    {
+        if ($value === null) {
+            return null;
+        }
+
+        if (is_bool($value)) {
+            return $value;
+        }
+
+        return (bool) filter_var($value, FILTER_VALIDATE_BOOLEAN);
+    }
+}

tests/Integration/Identity/Controller/PasswordResetControllerTest.php

@@ -18,13 +18,11 @@ public function testControllerIsAvailableViaContainer(): void
         );
     }
 
-    public function testRequestPasswordResetWithNoJsonReturnsError400(): void
+    public function testRequestPasswordResetWithNoJsonReturnsError422(): void
     {
         $this->jsonRequest('post', '/api/v2/password-reset/request');
 
-        $this->assertHttpBadRequest();
-        $data = $this->getDecodedJsonResponseContent();
-        $this->assertStringContainsString('Invalid JSON:', $data['message']);
+        $this->assertHttpUnprocessableEntity();
     }
 
     public function testRequestPasswordResetWithInvalidEmailReturnsError422(): void
@@ -55,13 +53,11 @@ public function testRequestPasswordResetWithValidEmailReturnsSuccess(): void
         $this->assertHttpNoContent();
     }
 
-    public function testValidateTokenWithNoJsonReturnsError400(): void
+    public function testValidateTokenWithNoJsonReturnsError422(): void
     {
         $this->jsonRequest('post', '/api/v2/password-reset/validate');
 
-        $this->assertHttpBadRequest();
-        $data = $this->getDecodedJsonResponseContent();
-        $this->assertStringContainsString('Invalid JSON:', $data['message']);
+        $this->assertHttpUnprocessableEntity();
     }
 
     public function testValidateTokenWithInvalidTokenReturnsInvalidResult(): void
@@ -75,13 +71,11 @@ public function testValidateTokenWithInvalidTokenReturnsInvalidResult(): void
         $this->assertFalse($data['valid']);
     }
 
-    public function testResetPasswordWithNoJsonReturnsError400(): void
+    public function testResetPasswordWithNoJsonReturnsError422(): void
     {
         $this->jsonRequest('post', '/api/v2/password-reset/reset');
 
-        $this->assertHttpBadRequest();
-        $data = $this->getDecodedJsonResponseContent();
-        $this->assertStringContainsString('Invalid JSON:', $data['message']);
+        $this->assertHttpUnprocessableEntity();
     }
 
     public function testResetPasswordWithInvalidTokenReturnsBadRequest(): void

tests/Integration/Identity/Controller/SessionControllerTest.php

@@ -42,13 +42,11 @@ public function testGetSessionsIsNotAllowed()
         $this->assertHttpMethodNotAllowed();
     }
 
-    public function testPostSessionsWithNoJsonReturnsError400()
+    public function testPostSessionsWithNoJsonReturnsError422()
     {
         $this->jsonRequest('post', '/api/v2/sessions');
 
-        $this->assertHttpBadRequest();
-        $data = $this->getDecodedJsonResponseContent();
-        $this->assertStringContainsString('Invalid JSON:', $data['message']);
+        $this->assertHttpUnprocessableEntity();
     }
 
     public function testPostSessionsWithInvalidJsonWithJsonContentTypeReturnsError400()

tests/Integration/Subscription/Controller/SubscriberControllerTest.php

@@ -15,6 +15,7 @@
  * Testcase.
  *
  * @author Oliver Klee <oliver@phplist.com>
+ * @author Tatevik Grigoryan <tatevik@phplist.com>
  */
 class SubscriberControllerTest extends AbstractTestController
 {

tests/Unit/Subscription/Request/SubscribersFilterRequestTest.php

@@ -0,0 +1,85 @@
+<?php
+
+declare(strict_types=1);
+
+namespace PhpList\RestBundle\Tests\Unit\Subscription\Request;
+
+use PhpList\Core\Domain\Subscription\Model\Filter\SubscriberFilter;
+use PhpList\RestBundle\Subscription\Request\SubscribersFilterRequest;
+use PHPUnit\Framework\TestCase;
+
+class SubscribersFilterRequestTest extends TestCase
+{
+    public function testGetDtoReturnsCorrectDtoWithAllValues(): void
+    {
+        $request = new SubscribersFilterRequest();
+        $request->isConfirmed = 'true';
+        $request->isBlacklisted = 'false';
+        $request->sortBy = 'email';
+        $request->sortDirection = 'desc';
+        $request->findColumn = 'email';
+        $request->findValue = 'test@example.com';
+
+        $dto = $request->getDto();
+
+        $this->assertInstanceOf(SubscriberFilter::class, $dto);
+        $this->assertTrue($dto->getIsConfirmed());
+        $this->assertFalse($dto->getIsBlacklisted());
+        $this->assertEquals('email', $dto->getSortBy());
+        $this->assertEquals('desc', $dto->getSortDirection());
+        $this->assertEquals('email', $dto->getFindColumn());
+        $this->assertEquals('test@example.com', $dto->getFindValue());
+    }
+
+    public function testGetDtoWithBooleanValues(): void
+    {
+        $request = new SubscribersFilterRequest();
+        $request->isConfirmed = true;
+        $request->isBlacklisted = false;
+
+        $dto = $request->getDto();
+
+        $this->assertTrue($dto->getIsConfirmed());
+        $this->assertFalse($dto->getIsBlacklisted());
+    }
+
+    public function testGetDtoWithNumericStringValues(): void
+    {
+        $request = new SubscribersFilterRequest();
+        $request->isConfirmed = '1';
+        $request->isBlacklisted = '0';
+
+        $dto = $request->getDto();
+
+        $this->assertTrue($dto->getIsConfirmed());
+        $this->assertFalse($dto->getIsBlacklisted());
+    }
+
+    public function testGetDtoReturnsCorrectDtoWithNullValues(): void
+    {
+        $request = new SubscribersFilterRequest();
+
+        $dto = $request->getDto();
+
+        $this->assertInstanceOf(SubscriberFilter::class, $dto);
+        $this->assertNull($dto->getIsConfirmed());
+        $this->assertNull($dto->getIsBlacklisted());
+        $this->assertNull($dto->getSortBy());
+        $this->assertNull($dto->getSortDirection());
+        $this->assertNull($dto->getFindColumn());
+        $this->assertNull($dto->getFindValue());
+    }
+
+    public function testGetDtoNullsFindColumnAndValueWhenOnlyValueProvided(): void
+    {
+        $request = new SubscribersFilterRequest();
+        $request->findColumn = null;
+        $request->findValue = 'test@example.com';
+
+        $dto = $request->getDto();
+
+        $this->assertInstanceOf(SubscriberFilter::class, $dto);
+        $this->assertNull($dto->getFindColumn());
+        $this->assertNull($dto->getFindValue());
+    }
+}