Subscriber filter in get subscribers endpoint

tatevikg1 · tatevikg1 · commit eb763b34be6f · 2026-03-04T20:10:22.000+04:00
diff --git a/README.md b/README.md
@@ -60,3 +60,11 @@ contribute and how to run the unit tests and style checks locally.
 This project adheres to a [Contributor Code of Conduct](CODE_OF_CONDUCT.md).
 By participating in this project and its community, you are expected to uphold
 this code.
+
+
+### Code style checks
+```bash
+vendor/bin/phpstan analyse -l 5 src/ tests/
+vendor/bin/phpmd src/ text vendor/phplist/core/config/PHPMD/rules.xml
+vendor/bin/phpcs --standard=vendor/phplist/core/config/PhpCodeSniffer/ src/ tests/
+```
diff --git a/src/Common/Validator/RequestValidator.php b/src/Common/Validator/RequestValidator.php
@@ -23,7 +23,8 @@ public function __construct(
     public function validate(Request $request, string $dtoClass): RequestInterface
     {
         try {
-            $body = json_decode($request->getContent(), true, 512, JSON_THROW_ON_ERROR);
+            $content = $request->getContent();
+            $body = ($content !== '' && $content !== '0') ? json_decode($content, true, 512, JSON_THROW_ON_ERROR) : [];
         } catch (Throwable $e) {
             throw new BadRequestHttpException('Invalid JSON: ' . $e->getMessage());
         }
@@ -33,7 +34,7 @@ public function validate(Request $request, string $dtoClass): RequestInterface
             $routeParams['listId'] = (int) $routeParams['listId'];
         }
 
-        $data = array_merge($routeParams, $body ?? []);
+        $data = array_merge($routeParams, $request->query->all(), $body ?? []);
 
         try {
             /** @var RequestInterface $dto */
@@ -44,7 +45,9 @@ public function validate(Request $request, string $dtoClass): RequestInterface
                 ['allow_extra_attributes' => true]
             );
         } catch (Throwable $e) {
-            throw new BadRequestHttpException('Invalid request data: ' . $e->getMessage());
+            throw new BadRequestHttpException(
+                'Invalid request data: ' . $e->getMessage() . ' Data: ' . json_encode($data)
+            );
         }
 
         return $this->validateDto($dto);
diff --git a/src/Subscription/Controller/SubscriberController.php b/src/Subscription/Controller/SubscriberController.php
@@ -7,14 +7,14 @@
 use Doctrine\ORM\EntityManagerInterface;
 use OpenApi\Attributes as OA;
 use PhpList\Core\Domain\Identity\Model\PrivilegeFlag;
-use PhpList\Core\Domain\Subscription\Model\Filter\SubscriberFilter;
 use PhpList\Core\Domain\Subscription\Model\Subscriber;
 use PhpList\Core\Domain\Subscription\Service\Manager\SubscriberManager;
 use PhpList\Core\Security\Authentication;
 use PhpList\RestBundle\Common\Controller\BaseController;
 use PhpList\RestBundle\Common\Validator\RequestValidator;
 use PhpList\RestBundle\Common\Service\Provider\PaginatedDataProvider;
 use PhpList\RestBundle\Subscription\Request\CreateSubscriberRequest;
+use PhpList\RestBundle\Subscription\Request\SubscribersFilterRequest;
 use PhpList\RestBundle\Subscription\Request\UpdateSubscriberRequest;
 use PhpList\RestBundle\Subscription\Serializer\SubscriberNormalizer;
 use PhpList\RestBundle\Subscription\Service\SubscriberHistoryService;
@@ -75,7 +75,61 @@ public function __construct(
                 in: 'query',
                 required: false,
                 schema: new OA\Schema(type: 'integer', default: 25, maximum: 100, minimum: 1)
-            )
+            ),
+            new OA\Parameter(
+                name: 'is_confirmed',
+                description: 'Filter by confirmed status',
+                in: 'query',
+                required: false,
+                schema: new OA\Schema(
+                    type: 'string',
+                    enum: ['true', 'false', '0', '1'],
+                    example: '1'
+                )
+            ),
+            new OA\Parameter(
+                name: 'is_blacklisted',
+                description: 'Filter by blacklisted status',
+                in: 'query',
+                required: false,
+                schema: new OA\Schema(
+                    type: 'string',
+                    enum: ['true', 'false', '0', '1'],
+                    example: '1'
+                )
+            ),
+            new OA\Parameter(
+                name: 'sort_by',
+                description: 'Column to sort by',
+                in: 'query',
+                required: false,
+                schema: new OA\Schema(type: 'string', example: 'id')
+            ),
+            new OA\Parameter(
+                name: 'sort_direction',
+                description: 'Sort direction',
+                in: 'query',
+                required: false,
+                schema: new OA\Schema(
+                    type: 'string',
+                    enum: ['asc', 'desc'],
+                    example: 'desc'
+                )
+            ),
+            new OA\Parameter(
+                name: 'find_column',
+                description: 'Column to search in (requires find_value)',
+                in: 'query',
+                required: false,
+                schema: new OA\Schema(type: 'string', example: 'email')
+            ),
+            new OA\Parameter(
+                name: 'find_value',
+                description: 'Value to search for (requires find_column)',
+                in: 'query',
+                required: false,
+                schema: new OA\Schema(type: 'string', example: 'email@example.com')
+            ),
         ],
         responses: [
             new OA\Response(
@@ -104,14 +158,17 @@ public function getSubscribers(Request $request): JsonResponse
     {
         $this->requireAuthentication($request);
 
+        /** @var SubscribersFilterRequest $subscriberRequest */
+        $subscriberRequest = $this->validator->validate($request, SubscribersFilterRequest::class);
+
         return $this->json(
-            $this->paginatedDataProvider->getPaginatedList(
-                $request,
-                $this->subscriberNormalizer,
-                Subscriber::class,
-                new SubscriberFilter(),
+            data: $this->paginatedDataProvider->getPaginatedList(
+                request: $request,
+                normalizer: $this->subscriberNormalizer,
+                className: Subscriber::class,
+                filter: $subscriberRequest->getDto(),
             ),
-            Response::HTTP_OK
+            status: Response::HTTP_OK
         );
     }
 
diff --git a/src/Subscription/Request/SubscribersFilterRequest.php b/src/Subscription/Request/SubscribersFilterRequest.php
@@ -0,0 +1,57 @@
+<?php
+
+declare(strict_types=1);
+
+namespace PhpList\RestBundle\Subscription\Request;
+
+use PhpList\Core\Domain\Subscription\Model\Filter\SubscriberFilter;
+use PhpList\RestBundle\Common\Request\RequestInterface;
+use Symfony\Component\Validator\Constraints as Assert;
+
+class SubscribersFilterRequest implements RequestInterface
+{
+    #[Assert\Choice(choices: ['true', 'false', '1', '0'], message: 'Invalid boolean value')]
+    public ?bool $isConfirmed = null;
+
+    #[Assert\Choice(choices: ['true', 'false', '1', '0'], message: 'Invalid boolean value')]
+    public ?bool $isBlacklisted = null;
+
+    #[Assert\Type(type: 'string')]
+    public ?string $sortBy = null;
+
+    #[Assert\Choice(choices: ['asc', 'desc'])]
+    public ?string $sortDirection = null;
+
+    #[Assert\Type(type: 'string')]
+    public ?string $findColumn = null;
+
+    #[Assert\Type(type: 'string')]
+    public ?string $findValue = null;
+
+    public function getDto(): SubscriberFilter
+    {
+        $findColumn = $this->findColumn;
+        $findValue = $this->findValue;
+        if (($findColumn === null) xor ($findValue === null)) {
+            $findColumn = null;
+            $findValue = null;
+        }
+
+        $isConfirmed = $this->isConfirmed !== null
+            ? filter_var($this->isConfirmed, FILTER_VALIDATE_BOOLEAN)
+            : null;
+
+        $isBlacklisted = $this->isBlacklisted !== null
+            ? filter_var($this->isBlacklisted, FILTER_VALIDATE_BOOLEAN)
+            : null;
+
+        return new SubscriberFilter(
+            isConfirmed: $isConfirmed,
+            isBlacklisted: $isBlacklisted,
+            sortBy: $this->sortBy,
+            sortDirection: $this->sortDirection,
+            findColumn: $findColumn,
+            findValue: $findValue,
+        );
+    }
+}
diff --git a/tests/Integration/Identity/Controller/PasswordResetControllerTest.php b/tests/Integration/Identity/Controller/PasswordResetControllerTest.php
@@ -18,13 +18,11 @@ public function testControllerIsAvailableViaContainer(): void
         );
     }
 
-    public function testRequestPasswordResetWithNoJsonReturnsError400(): void
+    public function testRequestPasswordResetWithNoJsonReturnsError422(): void
     {
         $this->jsonRequest('post', '/api/v2/password-reset/request');
 
-        $this->assertHttpBadRequest();
-        $data = $this->getDecodedJsonResponseContent();
-        $this->assertStringContainsString('Invalid JSON:', $data['message']);
+        $this->assertHttpUnprocessableEntity();
     }
 
     public function testRequestPasswordResetWithInvalidEmailReturnsError422(): void
@@ -55,13 +53,11 @@ public function testRequestPasswordResetWithValidEmailReturnsSuccess(): void
         $this->assertHttpNoContent();
     }
 
-    public function testValidateTokenWithNoJsonReturnsError400(): void
+    public function testValidateTokenWithNoJsonReturnsError422(): void
     {
         $this->jsonRequest('post', '/api/v2/password-reset/validate');
 
-        $this->assertHttpBadRequest();
-        $data = $this->getDecodedJsonResponseContent();
-        $this->assertStringContainsString('Invalid JSON:', $data['message']);
+        $this->assertHttpUnprocessableEntity();
     }
 
     public function testValidateTokenWithInvalidTokenReturnsInvalidResult(): void
@@ -75,13 +71,11 @@ public function testValidateTokenWithInvalidTokenReturnsInvalidResult(): void
         $this->assertFalse($data['valid']);
     }
 
-    public function testResetPasswordWithNoJsonReturnsError400(): void
+    public function testResetPasswordWithNoJsonReturnsError422(): void
     {
         $this->jsonRequest('post', '/api/v2/password-reset/reset');
 
-        $this->assertHttpBadRequest();
-        $data = $this->getDecodedJsonResponseContent();
-        $this->assertStringContainsString('Invalid JSON:', $data['message']);
+        $this->assertHttpUnprocessableEntity();
     }
 
     public function testResetPasswordWithInvalidTokenReturnsBadRequest(): void
diff --git a/tests/Integration/Identity/Controller/SessionControllerTest.php b/tests/Integration/Identity/Controller/SessionControllerTest.php
@@ -42,13 +42,11 @@ public function testGetSessionsIsNotAllowed()
         $this->assertHttpMethodNotAllowed();
     }
 
-    public function testPostSessionsWithNoJsonReturnsError400()
+    public function testPostSessionsWithNoJsonReturnsError422()
     {
         $this->jsonRequest('post', '/api/v2/sessions');
 
-        $this->assertHttpBadRequest();
-        $data = $this->getDecodedJsonResponseContent();
-        $this->assertStringContainsString('Invalid JSON:', $data['message']);
+        $this->assertHttpUnprocessableEntity();
     }
 
     public function testPostSessionsWithInvalidJsonWithJsonContentTypeReturnsError400()
diff --git a/tests/Integration/Subscription/Controller/SubscriberControllerTest.php b/tests/Integration/Subscription/Controller/SubscriberControllerTest.php
@@ -15,6 +15,7 @@
  * Testcase.
  *
  * @author Oliver Klee <oliver@phplist.com>
+ * @author Tatevik Grigoryan <tatevik@phplist.com>
  */
 class SubscriberControllerTest extends AbstractTestController
 {
diff --git a/tests/Unit/Subscription/Request/SubscribersFilterRequestTest.php b/tests/Unit/Subscription/Request/SubscribersFilterRequestTest.php
@@ -0,0 +1,74 @@
+<?php
+
+declare(strict_types=1);
+
+namespace PhpList\RestBundle\Tests\Unit\Subscription\Request;
+
+use PhpList\Core\Domain\Subscription\Model\Filter\SubscriberFilter;
+use PhpList\RestBundle\Subscription\Request\SubscribersFilterRequest;
+use PHPUnit\Framework\TestCase;
+
+class SubscribersFilterRequestTest extends TestCase
+{
+    public function testGetDtoReturnsCorrectDtoWithAllValues(): void
+    {
+        $request = new SubscribersFilterRequest();
+        $request->isConfirmed = true;
+        $request->isBlacklisted = false;
+        $request->sortBy = 'email';
+        $request->sortDirection = 'desc';
+        $request->findColumn = 'email';
+        $request->findValue = 'test@example.com';
+
+        $dto = $request->getDto();
+
+        $this->assertInstanceOf(SubscriberFilter::class, $dto);
+        $this->assertTrue($dto->getIsConfirmed());
+        $this->assertFalse($dto->getIsBlacklisted());
+        $this->assertEquals('email', $dto->getSortBy());
+        $this->assertEquals('desc', $dto->getSortDirection());
+        $this->assertEquals('email', $dto->getFindColumn());
+        $this->assertEquals('test@example.com', $dto->getFindValue());
+    }
+
+    public function testGetDtoReturnsCorrectDtoWithNullValues(): void
+    {
+        $request = new SubscribersFilterRequest();
+
+        $dto = $request->getDto();
+
+        $this->assertInstanceOf(SubscriberFilter::class, $dto);
+        $this->assertNull($dto->getIsConfirmed());
+        $this->assertNull($dto->getIsBlacklisted());
+        $this->assertNull($dto->getSortBy());
+        $this->assertNull($dto->getSortDirection());
+        $this->assertNull($dto->getFindColumn());
+        $this->assertNull($dto->getFindValue());
+    }
+
+    public function testGetDtoNulsFindColumnAndValueWhenOnlyColumnProvided(): void
+    {
+        $request = new SubscribersFilterRequest();
+        $request->findColumn = 'email';
+        $request->findValue = null;
+
+        $dto = $request->getDto();
+
+        $this->assertInstanceOf(SubscriberFilter::class, $dto);
+        $this->assertNull($dto->getFindColumn());
+        $this->assertNull($dto->getFindValue());
+    }
+
+    public function testGetDtoNulsFindColumnAndValueWhenOnlyValueProvided(): void
+    {
+        $request = new SubscribersFilterRequest();
+        $request->findColumn = null;
+        $request->findValue = 'test@example.com';
+
+        $dto = $request->getDto();
+
+        $this->assertInstanceOf(SubscriberFilter::class, $dto);
+        $this->assertNull($dto->getFindColumn());
+        $this->assertNull($dto->getFindValue());
+    }
+}

Original file line number	Diff line number	Diff line change
`@@ -18,13 +18,11 @@ public function testControllerIsAvailableViaContainer(): void`
`18`	`18`	`);`
`19`	`19`	`}`
`20`	`20`
`21`		`- public function testRequestPasswordResetWithNoJsonReturnsError400(): void`
	`21`	`+ public function testRequestPasswordResetWithNoJsonReturnsError422(): void`
`22`	`22`	`{`
`23`	`23`	`$this->jsonRequest('post', '/api/v2/password-reset/request');`
`24`	`24`
`25`		`- $this->assertHttpBadRequest();`
`26`		`- $data = $this->getDecodedJsonResponseContent();`
`27`		`- $this->assertStringContainsString('Invalid JSON:', $data['message']);`
	`25`	`+ $this->assertHttpUnprocessableEntity();`
`28`	`26`	`}`
`29`	`27`
`30`	`28`	`public function testRequestPasswordResetWithInvalidEmailReturnsError422(): void`
`@@ -55,13 +53,11 @@ public function testRequestPasswordResetWithValidEmailReturnsSuccess(): void`
`55`	`53`	`$this->assertHttpNoContent();`
`56`	`54`	`}`
`57`	`55`
`58`		`- public function testValidateTokenWithNoJsonReturnsError400(): void`
	`56`	`+ public function testValidateTokenWithNoJsonReturnsError422(): void`
`59`	`57`	`{`
`60`	`58`	`$this->jsonRequest('post', '/api/v2/password-reset/validate');`
`61`	`59`
`62`		`- $this->assertHttpBadRequest();`
`63`		`- $data = $this->getDecodedJsonResponseContent();`
`64`		`- $this->assertStringContainsString('Invalid JSON:', $data['message']);`
	`60`	`+ $this->assertHttpUnprocessableEntity();`
`65`	`61`	`}`
`66`	`62`
`67`	`63`	`public function testValidateTokenWithInvalidTokenReturnsInvalidResult(): void`
`@@ -75,13 +71,11 @@ public function testValidateTokenWithInvalidTokenReturnsInvalidResult(): void`
`75`	`71`	`$this->assertFalse($data['valid']);`
`76`	`72`	`}`
`77`	`73`
`78`		`- public function testResetPasswordWithNoJsonReturnsError400(): void`
	`74`	`+ public function testResetPasswordWithNoJsonReturnsError422(): void`
`79`	`75`	`{`
`80`	`76`	`$this->jsonRequest('post', '/api/v2/password-reset/reset');`
`81`	`77`
`82`		`- $this->assertHttpBadRequest();`
`83`		`- $data = $this->getDecodedJsonResponseContent();`
`84`		`- $this->assertStringContainsString('Invalid JSON:', $data['message']);`
	`78`	`+ $this->assertHttpUnprocessableEntity();`
`85`	`79`	`}`
`86`	`80`
`87`	`81`	`public function testResetPasswordWithInvalidTokenReturnsBadRequest(): void`
Original file line number	Diff line number	Diff line change
`@@ -42,13 +42,11 @@ public function testGetSessionsIsNotAllowed()`
`42`	`42`	`$this->assertHttpMethodNotAllowed();`
`43`	`43`	`}`
`44`	`44`
`45`		`- public function testPostSessionsWithNoJsonReturnsError400()`
	`45`	`+ public function testPostSessionsWithNoJsonReturnsError422()`
`46`	`46`	`{`
`47`	`47`	`$this->jsonRequest('post', '/api/v2/sessions');`
`48`	`48`
`49`		`- $this->assertHttpBadRequest();`
`50`		`- $data = $this->getDecodedJsonResponseContent();`
`51`		`- $this->assertStringContainsString('Invalid JSON:', $data['message']);`
	`49`	`+ $this->assertHttpUnprocessableEntity();`
`52`	`50`	`}`
`53`	`51`
`54`	`52`	`public function testPostSessionsWithInvalidJsonWithJsonContentTypeReturnsError400()`
Original file line number	Diff line number	Diff line change
`@@ -15,6 +15,7 @@`
`15`	`15`	`* Testcase.`
`16`	`16`	`*`
`17`	`17`	`* @author Oliver Klee <oliver@phplist.com>`
	`18`	`+ * @author Tatevik Grigoryan <tatevik@phplist.com>`
`18`	`19`	`*/`
`19`	`20`	`class SubscriberControllerTest extends AbstractTestController`
`20`	`21`	`{`