serialization - JMSSerializerBundle. no control over third party meta data

Question

I have two entities I wish to serialize with the JMSSerializerBundle. The Music Entity has a mapping-file with exclusion_policy: NONE.

The Music entity has a field of the entity User from FOSUserBundle. The User entity has a mapping-file with exclusion_policy: ALL with a few fields set to expose: true, so they will be serialized.

The problem is, the User field gets fully serialized. It does not matter if I change the mapping-file of the User entity.

This is how it looks:

#My/Bundle/Resources/config/serializer/Entity.Music.yml
xxxxxxEntityMusic:
    exclusion_policy: NONE

#My/Bundle/Resources/config/serializer/Entity.User.yml
xxxxxxEntityUser:
    exclusion_policy: ALL
    properties:
        id:
            expose: true
        username:
            expose: true
        username_canonical:
            exclude: true
        email:
            exclude: true
        email_canonical:
            exclude: true
        enabled:
            exclude: true
        salt:
            exclude: true
        password:
            exclude: true
        last_login:
            exclude: true
        confirmation_token:
            exclude: true
        password_requested_at:
            exclude: true
        groups:
            exclude: true
        locked:
            exclude: true
        expired:
            exclude: true
        expires_at:
            exclude: true
        roles:
            expose: true
        credentials_expired:
            exclude: true
        credentials_expired_at:
            exclude: true

Why does it not refer to it's own mapping file? Or am I mistaken somewhere?

What have I tried thusfar

I have read the third party meta data documentation. It simply says to add a new directory in my serializer service. I have done that, but I have to extend the FOSUserBundleEntity class, and that also does not have access to the parent protected fields I'm trying to exclude.

Answer 1

I bet xxxxxxEntityUser: refers to your own namespace and class.

If it is, it is the wrong way to do.

The rules must be applied to the class where the properties live.

Given the property you exposed in your configuration, I guess you're using FOSUserBundle.

Therefore, you must apply your rules on FOSUserBundleModelUser.

Then you need to add a JMSSerializer config to indicate where the serializer metadata live for the given namespace.

It should look like:

jms_serializer:
  metadata:
    auto_detection: true
    directories:
      FOSUserBundle:
        namespace_prefix: "FOS\UserBundle"
        path: "@YourUserBundle/Resources/config/serializer/fos"

In fos/ directory you should have Model.User.yml

With something like:

FOSUserBundleModelUser:
  exclusion_policy: ALL
  properties:
    id:
      expose: true
      groups: [list, details]
    username:
      expose: true
      groups: [details]
    email:
      expose: true
      groups: [me]
    roles:
      expose: true
      groups: [details]

---

Details:

When applying rules to the Serializer through metadata, the Serializer looks for the property which are declared inside the class which is defined in the Metadata.

Example:

class Foo {
     protected $foo;
}

class Bar extends Foo {
     protected $bar;
}

Your metadata will look like this:

Foo:
  exclusion_policy: ALL
  properties:
      foo: 
          expose: true

Bar:
  exclusion_policy: ALL
  properties:
      bar: 
          expose: true

THE EXAMPLE BELOW IS NOT THE CORRECT WAY TO DO

Bar:
  exclusion_policy: ALL
  properties:
      foo: 
          expose: true
      bar: 
          expose: true

if you do this, only the rules on the property bar will be applied (and exposed).