Reputation: 1511
Serialization of 'Symfony\Component\HttpFoundation\File\File' is not allowed, Symfony4
I've added an avatar image to my User class. When I wanted to render my edit form, I got this error
Serialization of 'Symfony\Component\HttpFoundation\File\File' is not allowed
I tried to solve the problem by implementing \Serializable in my User class according to Symfony Official Documentation. But when I implemented that,It redirected to login page and the Authentication turned to anon. and by logging in again, it redirected to login page again and stay anon. too.
I should mention that I have set some Authorizations. It will redirect you to the log in page if you are "anon." and want to access some protected routes.
Here is my UserEntity, User.php:
<?php
namespace App\Entity;
use Doctrine\ORM\Mapping as ORM;
use Symfony\Bridge\Doctrine\Validator\Constraints\UniqueEntity;
use Symfony\Component\Security\Core\User\UserInterface;
use Symfony\Component\Validator\Constraints as Assert;
/**
* @ORM\Entity(repositoryClass="App\Repository\UserRepository")
* @ORM\Table(name="user")
* @UniqueEntity(fields={"username"}, message="This username has been taken!")
*/
class User implements UserInterface
{
/**
* @ORM\Id
* @ORM\GeneratedValue(strategy="AUTO")
* @ORM\Column(type="integer")
*/
private $id;
/**
* @ORM\Column(type="string", unique=true,length=191)
* @Assert\NotBlank()
* @Assert\Length(min="5", minMessage="Username most contain at least 5 characters!")
*/
private $username;
/**
* @ORM\Column(type="string")
*/
private $password;
/**
* @ORM\Column(type="string")
*/
private $displayName;
/**
* @ORM\Column(type="boolean")
*/
private $showAdminBar;
/**
* @ORM\OneToMany(targetEntity="Post", mappedBy="owner")
*/
private $posts;
/**
* @ORM\Column(type="string")
*/
private $avatar;
/**
* @Assert\NotBlank(groups={"Registration"})
* @Assert\Length(min="6", minMessage="Password most contain at least 6 characters!")
*/
private $plainPassword;
public function getUsername()
{
return $this->username;
}
public function getRoles()
{
return ['ROLE_ADMIN'];
}
public function getPassword()
{
return $this->password;
}
public function getSalt()
{
}
public function eraseCredentials()
{
$this->plainPassword = null;
}
public function serialize()
{
return serialize(array(
$this->id,
$this->username,
$this->displayName,
$this->avatar,
// see section on salt below
// $this->salt,
));
}
/**
* @param mixed $username
*/
public function setUsername($username)
{
$this->username = $username;
}
/**
* @param mixed $password
*/
public function setPassword($password)
{
$this->password = $password;
}
/**
* @return mixed
*/
public function getPlainPassword()
{
return $this->plainPassword;
}
/**
* @param mixed $plainPassword
*/
public function setPlainPassword($plainPassword)
{
$this->plainPassword = $plainPassword;
//To make sure that Doctrine see the entity as "dirty"
$this->password = null;
}
/**
* @return mixed
*/
public function getDisplayName()
{
return $this->displayName;
}
/**
* @param mixed $displayName
*/
public function setDisplayName($displayName)
{
$this->displayName = $displayName;
}
/**
* @return mixed
*/
public function getShowAdminBar()
{
return $this->showAdminBar;
}
/**
* @param mixed $showAdminBar
*/
public function setShowAdminBar($showAdminBar)
{
$this->showAdminBar = $showAdminBar;
}
/**
* @return mixed
*/
public function getPosts()
{
return $this->posts;
}
/**
* @param mixed $posts
*/
public function setPosts($posts)
{
$this->posts = $posts;
}
/**
* @return mixed
*/
public function getAvatar()
{
return $this->avatar;
}
/**
* @param mixed $avatar
*/
public function setAvatar($avatar)
{
$this->avatar = $avatar;
}
/**
* @param mixed $id
*/
public function setId($id)
{
$this->id = $id;
}
}
Here is my UserController.php
<?php
namespace App\Controller\Admin;
use App\Constants;
use App\Entity\User;
use App\Form\UserType;
use Sensio\Bundle\FrameworkExtraBundle\Configuration\Security;
use Symfony\Component\HttpFoundation\File\File;
use Symfony\Component\HttpFoundation\Request;
use Symfony\Component\Routing\Annotation\Route;
use Symfony\Bundle\FrameworkBundle\Controller\Controller;
/**
* @Route("/admin/user")
* @Security("is_granted('ROLE_ADMIN')")
*/
class UserController extends Controller
{
/**
* @Route("/profile", name="admin_user_profile")
*/
public function profileAction(Request $request)
{
$user = $this->getUser();
$user->setAvatar(
new File(Constants::UPLOAD_AVATAR.'/'.$user->getAvatar())
);
$form = $this->createForm(UserType::class, $user);
$form->handleRequest($request);
if ($form->isSubmitted() && $form->isValid()) {
$user = $form->getData();
$em = $this->getDoctrine()->getManager();
$em->persist($user);
$em->flush();
$this->addFlash('success', 'Your Info Has Been Updated!');
return $this->redirectToRoute('admin');
}
return $this->render('admin/user/profile.html.twig', [
'user' => $user,
'form' => $form->createView()
]);
}
/**
* @Route("/list", name="admin_user_list")
*/
public function listAction(Request $request)
{
$em = $this->getDoctrine()->getManager();
$users = $em->getRepository(User::class)
->findAll();
return $this->renderView('admin/user/list.html,twig',[
'users' => $users
]);
}
}
Here is my UserForm, UserType.php
<?php
namespace App\Form;
use App\Entity\User;
use Symfony\Component\Form\AbstractType;
use Symfony\Component\Form\Extension\Core\Type\FileType;
use Symfony\Component\Form\Extension\Core\Type\PasswordType;
use Symfony\Component\Form\Extension\Core\Type\RepeatedType;
use Symfony\Component\Form\FormBuilderInterface;
use Symfony\Component\OptionsResolver\OptionsResolver;
class UserType extends AbstractType
{
public function buildForm(FormBuilderInterface $builder, array $options)
{
$builder
->add('displayName')
->add('plainPassword', RepeatedType::class, [
'type' => PasswordType::class
])
->add('avatar',FileType::class)
;
}
public function configureOptions(OptionsResolver $resolver)
{
$resolver->setDefaults([
'data_class' => User::class,
]);
}
}
Upvotes: 8
Views: 14988
Answers (8)
Reputation: 124
This may help someone, the issue is actually not so much of a big deal. Simply add the @Ignore annotation on the File field in your entity - fixed the issue for me.
Example:
/**
* @Vich\UploadableField(mapping="users", fileNameProperty="imageName")
* @Ignore()
*/
private ?File $imageFile = null;
Upvotes: 1
Reputation: 1
Just recently again active with symfony, working my way through symfony 5.
But what I did was following:
- created the User entity implementing Userinterface
- Added an entity Userfile and made the many to one relation in the User entity
- Made that class Serializable (and that is the trick)
If you do that, you can add files/photo's while you're authenticated, and won't get that error
Upvotes: 0
Reputation: 1
In the User entity:
/**
* @ORM\OneToMany(targetEntity="UserFile",mappedBy="user", cascade={"remove"})
* @ORM\OrderBy({"created_at" = "DESC"})
*/
protected $userfiles;
The Userfile class:
<?php
namespace App\Entity;
use App\Repository\UserFileRepository;
use Doctrine\Common\Collections\ArrayCollection;
use Doctrine\ORM\Mapping as ORM;
use Symfony\Component\Security\Core\User\UserInterface;
use Symfony\Component\Security\Core\Validator\Constraints as SecurityAssert;
use Symfony\Component\Validator\Constraints as Assert;
use Symfony\Component\HttpFoundation\File\File;
use Symfony\Component\HttpFoundation\File\UploadedFile;
use Vich\UploaderBundle\Entity\File as EmbeddedFile;
use Vich\UploaderBundle\Mapping\Annotation as Vich;
/**
* @ORM\Entity(repositoryClass=UserFileRepository::class)
* @Vich\Uploadable
* @ORM\HasLifecycleCallbacks
*/
class UserFile implements \Serializable
{
/**
* Constructor
*/
public function __construct()
{
// voor de VichUploader
$this->image = new EmbeddedFile();
}
/**
* @ORM\Id
* @ORM\GeneratedValue
* @ORM\Column(type="integer")
*/
private $id;
/**
* @ORM\ManyToOne(targetEntity="User", inversedBy="userfiles")
* @ORM\JoinColumn(name="user_id", referencedColumnName="id")
* @ORM\OrderBy({"achternaam" = "DESC"})
* @Assert\NotBlank()
*/
protected $user;
/**
* @var string
* @ORM\Column(name="type", type="string", length=20, nullable=true)
*/
protected $type;
//--------------------------------------------------------------------------------
/**
* @ORM\Column(name="created_at", type="datetime", nullable=true)
*
*/
protected $created_at;
/**
* @ORM\Column(name="updated_at", type="datetime", nullable=true)
*
*/
protected $updated_at;
//--------------------------------------------------------------------------------
// de kolommen voor het uploaden van een image via VichUploader
//--------------------------------------------------------------------------------
/**
* NOTE: This is not a mapped field of entity metadata, just a simple property.
*
* @Vich\UploadableField(mapping="gebruiker_foto",
* fileNameProperty="image.name",
* size="image.size",
* mimeType="image.mimeType",
* originalName="image.originalName",
* dimensions="image.dimensions")
*
* @var File|null
*/
private $imageFile;
/**
* @ORM\Embedded(class="Vich\UploaderBundle\Entity\File")
* @var EmbeddedFile
*/
private $image;
//--------------------------------------------------------------------------------
public function getId(): ?int
{
return $this->id;
}
//--------------------------------------------------------------------------------
public function getUser() : ?User
{
return $this->user;
}
public function setUser(?User $user)
{
$this->user = $user;
return $this;
}
/**
* @return string
*/
public function getType(): ?string
{
return $this->type;
}
/**
* @param string $type
* @return UserFile
*/
public function setType(?string $type): self
{
$this->type = $type;
return $this;
}
//--------------------------------------------------------------------------------
/**
*
*/
public function getCreatedAt()
{
return $this->created_at;
}
/**
*
*/
public function getUpdatedAt()
{
return $this->updated_at;
}
//--------------------------------------------------------------------------------
// callbacks
//--------------------------------------------------------------------------------
/**
* @ORM\PrePersist()
* Hook on pre-persist operations
*/
public function prePersist()
{
$this->created_at = new \DateTime;
$this->updated_at = new \DateTime;
}
/**
* @ORM\PreUpdate()
* Hook on pre-update operations
*/
public function preUpdate()
{
$this->updated_at = new \DateTime;
}
/**
* @ORM\PostPersist()
* @ORM\PostUpdate()
*/
public function verkleinFoto()
{
if (null === $this->imageFile) {
return;
}
// create smaller image, wel graag vierkante plaatjes!!
$width = 160;
$imagine = new \Imagine\Gd\Imagine();
$image = $imagine->open($this->imageFile);
$size = $image->getSize();
$image->resize($size->widen($width));
$realpath = $this->imageFile->getRealPath();
$image->save($realpath);
// if there is an error when moving the file, an exception will
// be automatically thrown by move(). This will properly prevent
// the entity from being persisted to the database on error
//$this->file->move($this->getUploadRootDir(), $this->path);
//unset($this->file);
}
//--------------------------------------------------------------------------------
// de setters/getters voor het uploaden van een image via VichUploader
//--------------------------------------------------------------------------------
/**
* If manually uploading a file (i.e. not using Symfony Form) ensure an instance
* of 'UploadedFile' is injected into this setter to trigger the update. If this
* bundle's configuration parameter 'inject_on_load' is set to 'true' this setter
* must be able to accept an instance of 'File' as the bundle will inject one here
* during Doctrine hydration.
*
* @param File|UploadedFile|null $imageFile
*/
public function setImageFile(?File $imageFile = null): void
{
$this->imageFile = $imageFile;
if (null !== $imageFile) {
// It is required that at least one field changes if you are using doctrine
// otherwise the event listeners won't be called and the file is lost
$this->updated_at = new \DateTimeImmutable();
}
}
public function getImageFile(): ?File
{
return $this->imageFile;
}
public function setImage(EmbeddedFile $image): void
{
$this->image = $image;
}
public function getImage(): ?EmbeddedFile
{
return $this->image;
}
//--------------------------------------------------------------------------------
public function serialize()
{
$this->imageFile = base64_encode($this->imageFile);
}
public function unserialize($serialized)
{
$this->imageFile = base64_decode($this->imageFile);
}
}
Upvotes: 0
Reputation: 188
1. First error
Serialization of 'Symfony\Component\HttpFoundation\File\File' is not allowed
- this is because of this instruction in
profileAction(): you assigned theFileobject to the avatar field ... which became not serializable.
public function profileAction(Request $request)
{
$user = $this->getUser();
$user->setAvatar(
new File(Constants::UPLOAD_AVATAR.'/'.$user->getAvatar())
);
...
}
You cannot also set the avatar field like that anytime you enter profileAction() function ... this recursively change the name, adding prefix directory ahead the name.
2. security error, back to login page, anon. authentication
If you correctly remove the serialization problem, the user authentication can proceed normally to authenticated status ... If you have problem again with login form loop with anon. status, you may have to implement EquatableInterface as now required in SF4.
Hope this help you.
Upvotes: 0
Reputation: 31
I've done something like this:
class User implements UserInterface, Serializable {
// our image
private $profileImage;
/*
Rest of our awesome entity
*/
public function serialize()
{
$this->profileImage = base64_encode($this->profileImage);
}
public function unserialize($serialized)
{
$this->profileImage = base64_decode($this->profileImage);
}
}
And it's working pretty well.
Upvotes: 3
Reputation: 21
Be carefull ! If you have some mistakes in your form, symfony will still try to serialize your uploaded file on form page rendering. I had to set to null imageFile if $form->isValid() return false too.
Upvotes: 0
Reputation: 357
Very good answer Sohell, you summed it up perfectly.
I had the same problem and found a workaround, after flushing the entityManager, I just set the imageFile property of the user object to null.
It let's the user object update and persist the right object in session, the File object excluded
Upvotes: 2
Reputation: 1511
After some debugging I found the solution myself.
The problem is, when User Entity was implementing the UserInterface, the user provider(actually the Doctrine, behind the scene) tried to Serializing the User object to store it in the session but because of the file that I assigned it to this class, it fails it's career!
To solve the problem, first I tried to fetch separate User object from database but unfortunately Doctrine gave me the exact reference of the User object again.(That's not a bug. Thanks to Doctrine. It's too smart to query as less as possible).
Second, I clone the User object myself in the controller before sending it to the UserType form, and then everything went well.
But that is not the best practice because you may have some other problems with registration, profile update or other scenarios that you may have with
Userclass.
In my application, I added another entity called Media and it stores the files with the file system and each entity like User which need some media (Like user avatar here), just have a ManyToOne relationship with this entity. In this case you can just save the name file as string in avatar field in User class.
You may have some other designs in your application but as I experienced, Do not assign a File field directly to the User entity which is implementing UserInterface!
Upvotes: 15
Related Questions
- Symfony 3 - Serialization of File is not allowed
- Serialization of UploadedFile is not allowed
- Problem with uploading file in symfony 5.3
- Serialization of 'Symfony\Component\HttpFoundation\File\UploadedFile' is not allowed
- Symfony 4 : Unsezialise() , ["allowed_classes" => false] error
- Serialization of UploadedFile is not allowed (only when max size is reach)
- Symfony 4 File Upload Not working
- Symfony/Component/HttpFoundation/File/UploadedFile ; Where is Error code meaning list?
- Symfony - Serialization not allowed in multiple files upload
- Catchable Fatal Error: Argument 1 passed to \Entity\Image::setFile() must be an instance of Symfony\Component\HttpFoundation\File\UploadedFile,