symfony: \Symfony\Bridge\Doctrine\Form\ChoiceList\ORMQueryBuilderLoader::getEntitiesByIds doesn't filter invalid UUIDs

@webmozart that’s true, they could be. However the issue is when you’re specifically using the guid column type and pass a non-valid guid string to postres, an exception is thrown. If you want strings of any format you should be using the string column type.

Because the EntityType class uses the ORMQueryBuilderLoader, anything submitted to a form will get pumped directly into the database. So if I have a REST API where someone sends through an invalid guid it’s going to cause an error. At the moment I can fix this by filtering input values in a pre-submit form listener that checks UUID validity, but obviously I have to know to do that, and it gets more complicated as entities are nested, there are collections, and so on.

So out of the box, if I create an entity with a guid type primary key, use Postres as my database, and create a form with an EntityType field with my new entity. As soon as someone submits the form with an invalid guid value a 500 error will result.

this bug is still valid

I was thinking of an even more generic way, because this issue means the transformer cannot rely on the ChoiceListInterface. Here’s a quick gist that leverages the check without breaking anything in user land code if we decide to add a feature like an option flag passed to the ChoicesToValuesTransformer that can then deprecated in 5.0. On the other hand, a choice loader or custom list which does not return the same count of entries than given (on way or the other) is breaking the interface contract. So it makes senses that these implementations handle the case by throwing an exception, but it not their responsibility to throw a TransformationFailedException though.