I would like to exclude several (especially the password) field of my serialized object.
I have an object that has a relation to: Application\Sonata\UserBundle\Entity\User
When I serialze that object it gives me the user like:
id: 1,
username: "bla",
salt: "fvasdfs9h834sgkcwsg808000w08ccwo",
password: "E7Qsfswef9zdwfNvS6TecQraLYlbsefetRy/DPbqXvyknccxisefesefCicl4IxnXgSOnBx29Tgtp9ceUs1hPg=="
How can I remove the password and salt field?
I tried to alter the Config file at: Application/Sonata/UserBundle/Resources/config/serializer/Entity.User.xml but it seems to not use that config, even though I cleared the cache...
My first guess is that your SonataUserBundle extends FOSUserBundle, if you check the Model User of Sonata there is no password field : https://github.com/sonata-project/SonataUserBundle/blob/master/Model/User.php the password field is in the Model user of FOSUserBundle so your xml file is not used.
You have to set the path where your custom properties are defined :
config.yml
jms_serializer:
metadata:
directories:
FOSUserBundle:
path: "@ApplicationSonataUserBundle/Resources/config/serializer/"
namespace_prefix: "FOS\\UserBundle"
I'm not used to xml file so here is the yml to stop exposing the password.
Application/Sonata/UserBundle/Resources/config/serializer/Model.user.yml
FOS\UserBundle\Model\User:
properties:
password:
expose: false
Related question / answer : https://stackoverflow.com/a/12961994/3726645