- Home
- Skills
- Makfly
- Superpowers Symfony
- Api Platform Tests
api-platform-tests_skill
- Shell
69
GitHub Stars
2
Bundled Files
2 months ago
Catalog Refreshed
4 months ago
First Indexed
Readme & install
Copy the install command, review bundled files from the catalogue, and read any extended description pulled from the listing source.
Installation
Preview and clipboard use veilstrat where the catalogue uses aiagentskills.
npx veilstrat add skill makfly/superpowers-symfony --skill api-platform-tests- reference.md8.9 KB
- SKILL.md1.2 KB
Overview
This skill helps deliver robust API Platform contracts in Symfony by making operations, payload mapping, and policy behavior explicit. It focuses on test-driven verification of serialization, validation, and security across happy and negative paths. The goal is predictable, version-aware API behavior with clear artifacts and rationale.
How this skill works
You define operation-level contracts and explicit payload boundaries, then implement resources, DTOs, providers, and processors with deliberate mapping. Operation-specific validation and security constraints are applied and exercised by functional tests that verify both expected success and failure scenarios. The skill outputs changed API artifacts, documented contract and security decisions, and verification results for each operation.
When to use it
- Designing or evolving API Platform operations and contracts
- Aligning serialization, validation, and and security behavior between code and docs
- Introducing DTOs or explicit mapping to prevent entity leakage
- Hardening API behavior before a public version or breaking change
- Writing or reviewing functional tests that cover negative paths and policy enforcement
Best practices
- Keep contracts explicit and version-aware; treat operation signatures as API surface
- Never expose internal entity fields implicitly; use DTOs or explicit serialization groups
- Apply validation and security rules at the operation level, not only on entities
- Map incoming and outgoing payloads explicitly in providers/processors to avoid drift
- Write tests for both happy paths and negative/security paths; capture rationale for decisions
Example use cases
- Add a new POST operation with a DTO, provider, and processor and verify mapping and validation
- Replace implicit serialization groups with explicit DTOs to prevent leaking fields
- Enforce operation-specific security rules and prove denial cases with functional tests
- Version an existing GET operation and validate backward-compatible serialization behavior
- Document contract and policy decisions alongside test results for review and audit
FAQ
Include changed API artifacts (resources, DTOs, providers, processors), the contract and security decisions with rationale, and functional verification results for each operation.
How do I prevent mismatch between docs and behavior?
Make payloads and serialization explicit, version operation contracts, and keep tests that assert documented responses and error shapes.