Cakephp api POST 请求,未经验证保存数据

Cakephp api POST request , saving data without validation

我创建了一个带有 Api 前缀的路由

$routes->scope('/api', function (RouteBuilder $routes) {
        $routes->setExtensions(['json']);
        
        $routes->post(
            '/add-categories',
            ['controller' => 'Miles', 'action' => 'addCategories','prefix'=>'Api']
        );
 }

我在目录 Controller/Api/MilesController.php

中创建了一个控制器文件

我创建了如下所示的 addCategory 方法

    public function addCategories()
    {
            $categoriesTable = $this->fetchTable('Categories');
            $categoryEnt = $categoriesTable->newEmptyEntity();
            if ($this->request->is('post')) {
                $category = $categoriesTable->patchEntity($categoryEnt, $this->request->getData());
                if ($categoriesTable->save($category)) {
                    $responseBody = [
                        'status' => 201,
                        'data' => $category
                    ];
                }else{
                    $responseBody = [
                        'status' => 400,
                        'data' => $category->getErrors()
                    ];
                }
            }
            $this->set(compact('responseBody'));
            $this->viewBuilder()->setOption('serialize', ['responseBody']);
   }

在 postman 中,如果我尝试发送一个没有任何数据的 post 请求,那么我会得到如下响应

{
    "responseBody": {
        "status": 201,
        "data": {
            "created": "2022-05-10T20:04:13+09:00",
            "modified": "2022-05-10T20:04:13+09:00",
            "id": 8
        }
    }
}

我的Model/Table/CategoriesTable.php长得像

<?php
declare(strict_types=1);

namespace App\Model\Table;

use Cake\ORM\Query;
use Cake\ORM\RulesChecker;
use Cake\ORM\Table;
use Cake\Validation\Validator;


class CategoriesTable extends Table
{
    public function initialize(array $config): void
    {
        parent::initialize($config);

        $this->setTable('categories');
        $this->setDisplayField('name');
        $this->setPrimaryKey('id');

        $this->addBehavior('Timestamp');

        $this->hasMany('Products', [
            'foreignKey' => 'category_id',
        ]);
    }

    public function validationDefault(Validator $validator): Validator
    {
        $validator
            ->allowEmptyString('id', null, 'create');

        $validator
            ->scalar('title')
            ->notEmptyString('title');

        $validator
            ->boolean('status')
            ->notEmptyString('status');

        $validator
            ->scalar('imageUrl')
            ->allowEmptyFile('imageUrl');

        return $validator;
    }
}

为什么我写在 CategoriesTable.php 文件中的 notEmptyString 验证不起作用? 注意:这个Api/MilesController.php没有自己的模型。如何在此处应用 CategoriesTable 验证?

None 您的字段被设置为必填,即它们都是可选的,当缺少可选字段时,将不会应用任何验证规则。

所以对于所有必须存在的字段,使用requirePresence(),例如:

$validator
    ->requirePresence('title', 'create') // required on create, optional on update
    ->scalar('title')
    ->notEmptyString('title');

另见