Return HTTP 422 code when form is invalid (#168)

sulu · Apr 25, 2024 · d95bfd8 · d95bfd8
1 parent 723b4b4
commit d95bfd8
Show file tree

Hide file tree

Showing 7 changed files with 58 additions and 7 deletions.
diff --git a/Controller/AbstractController.php b/Controller/AbstractController.php
@@ -120,9 +120,25 @@ protected function renderTemplate(string $type, array $data = []): Response
             Configuration::TEMPLATE
         );
 
+        $response = new Response();
+
+        // Reuse logic from Symfony AbstractController.
+        // See: https://github.com/symfony/symfony/blob/6.3/src/Symfony/Bundle/FrameworkBundle/Controller/AbstractController.php#L239-L243
+        // See: https://github.com/symfony/symfony/blob/6.3/src/Symfony/Bundle/FrameworkBundle/Controller/AbstractController.php#L260-L265
+        foreach ($data as $k => $v) {
+            if ($v instanceof FormInterface) {
+                if ($v->isSubmitted() && !$v->isValid()) {
+                    $response->setStatusCode(422);
+                }
+
+                $data[$k] = $v->createView();
+            }
+        }
+
         return $this->render(
             $template,
-            $data
+            $data,
+            $response
         );
     }
 

diff --git a/Controller/CompletionController.php b/Controller/CompletionController.php
@@ -81,7 +81,7 @@ public function indexAction(Request $request): Response
         return $this->renderTemplate(
             self::TYPE,
             [
-                'form' => $form->createView(),
+                'form' => $form,
                 'success' => $success,
             ]
         );

diff --git a/Controller/PasswordController.php b/Controller/PasswordController.php
@@ -67,7 +67,7 @@ public function forgetAction(Request $request): Response
         return $this->renderTemplate(
             Configuration::TYPE_PASSWORD_FORGET,
             [
-                'form' => $form->createView(),
+                'form' => $form,
                 'success' => $success,
             ]
         );
@@ -138,7 +138,7 @@ public function resetAction(Request $request, string $token): Response
         return $this->renderTemplate(
             Configuration::TYPE_PASSWORD_RESET,
             [
-                'form' => $form->createView(),
+                'form' => $form,
                 'success' => $success,
             ]
         );

diff --git a/Controller/ProfileController.php b/Controller/ProfileController.php
@@ -73,7 +73,7 @@ public function indexAction(Request $request): Response
         return $this->renderTemplate(
             self::TYPE,
             [
-                'form' => $form->createView(),
+                'form' => $form,
                 'success' => $success,
             ]
         );

diff --git a/Controller/RegistrationController.php b/Controller/RegistrationController.php
@@ -78,7 +78,7 @@ public function indexAction(Request $request): Response
         return $this->renderTemplate(
             self::TYPE,
             [
-                'form' => $form->createView(),
+                'form' => $form,
                 'success' => $success,
             ]
         );

diff --git a/Tests/Functional/Controller/ProfileControllerTest.php b/Tests/Functional/Controller/ProfileControllerTest.php
@@ -172,6 +172,19 @@ public function testProfileWithoutNote(): void
         $this->assertNull($user->getContact()->getNote());
     }
 
+    public function testProfileInvalid(): void
+    {
+        $crawler = $this->client->request('GET', '/profile');
+        $this->assertHttpStatusCode(200, $this->client->getResponse());
+
+        $form = $crawler->selectButton('profile[submit]')->form([
+            'profile[firstName]' => null,
+        ]);
+
+        $this->client->submit($form);
+        $this->assertHttpStatusCode(422, $this->client->getResponse());
+    }
+
     /**
      * @return array{
      *     'sulu.context': SuluKernel::CONTEXT_WEBSITE,

diff --git a/Tests/Functional/Controller/RegistrationTest.php b/Tests/Functional/Controller/RegistrationTest.php
@@ -92,6 +92,17 @@ public function testRegister(): void
         $this->assertHttpStatusCode(302, $this->client->getResponse());
     }
 
+    public function testRegisterInvalid(): void
+    {
+        $crawler = $this->client->request('GET', '/registration');
+
+        $form = $crawler->selectButton('registration[submit]')->form([
+            'registration[username]' => null,
+        ]);
+        $this->client->submit($form);
+        $this->assertHttpStatusCode(422, $this->client->getResponse());
+    }
+
     public function testConfirmation(): User
     {
         $this->testRegister();
@@ -180,7 +191,7 @@ public function testRegistrationBlacklistedBlocked(): void
             ]
         );
         $this->client->submit($form);
-        $this->assertHttpStatusCode(200, $this->client->getResponse());
+        $this->assertHttpStatusCode(422, $this->client->getResponse());
         $content = $this->client->getResponse()->getContent();
 
         $this->assertIsString($content);
@@ -344,6 +355,17 @@ public function testPasswordForget(): void
         $this->assertStringStartsWith('my-new-password', $password);
     }
 
+    public function testPasswordForgetInvalid(): void
+    {
+        $crawler = $this->client->request('GET', '/password-forget');
+
+        $form = $crawler->selectButton('password_forget[submit]')->form([
+            'password_forget[email_username]' => 'hikaru@sulu.io',
+        ]);
+        $this->client->submit($form);
+        $this->assertHttpStatusCode(422, $this->client->getResponse());
+    }
+
     /**
      * Find user by username.
      */