API平台验证不会阻止自定义操作

Question

我创建了一个自定义操作，并在列上进行了验证。需要进行验证。验证工作正常，并显示错误消息，但操作正在继续执行，这很奇怪。

我的代码：

    <?php
   
    namespace App\Entity;
   /**
     * @ApiResource(
     *     collectionOperations={
     *          "add_voucher"={
     *                 "access_control"="is_granted('ROLE_COMMERCIAL')",
     *                 "method"="POST",
     *                 "path"="/vouchers/add-new",
     *                 "controller"=AddVoucherAction::class,
     *                 "security_post_denormalize_message"="Sorry, Only Commercials can Generate Vouchers",
     *                  "denormalization_context"={
     *                      "groups"={"add_new_voucher"}
     *               },
     *                  "validation_groups"={"Default", "add_voucher_validation"}
     *         },
     *          "get"={
     *               "method"="GET",
     *                "normalization_context"={
     *                      "groups"={"vouchers_list"}
     *                   },
     *                },
     *     },
     * )
     * @ApiFilter(SearchFilter::class, properties={"code": "start", "client.firstName":"start"})
     * @ORM\Entity(repositoryClass="App\Repository\VoucherRepository", repositoryClass=VoucherRepository::class)
     */
    class Voucher
    {
        /**
         * @ORM\Id()
         * @ORM\GeneratedValue()
         * @ORM\Column(type="integer")
         */
        private $id;
    
        /**
         * @Groups({"add_new_voucher", "vouchers_list"})
         * @ORM\Column(type="string", length=255, unique=true)
         */
        private $code;
    
        /**
         * @Groups({"vouchers_list","add_new_voucher"})
         * @ORM\Column(type="integer")
         */
        private $discount;
    
        /**
         * @Groups({"vouchers_list","add_new_voucher"})
         * @OneToOne(targetEntity="App\Entity\Client")
         * @Assert\Valid()
         * @JoinColumn(name="client_id", referencedColumnName="id")
         */
        private $client;
    }

自定义操作：

public function __invoke(Request $request, Voucher $data)
    {
        $requestData = json_decode($request->getContent(), true);
        $request->request->replace(is_array($requestData) ? $requestData : array());
        $email = $request->request->get('email');
        if ($request->request->get('email') === null) {
            return new JsonResponse(
                [
                    "error" => "Empty Email",
                    "message" => "The email is required !"
                ]
                , Response::HTTP_BAD_REQUEST);
        }
        $firstName = $request->request->get('firstName');
        $lastName = $request->request->get('lastName');
        $phone = $request->request->get('phone');
        $user = $this->userRepository->findOneBy(['email' => $email]);
        if ($user) {
            return new JsonResponse(
                [
                    "error" => "User exist",
                    "message" => "This email is already used !"
                ]
                , Response::HTTP_BAD_REQUEST);
        }
        // User Creation
        $user = new Client();
        $user->setEmail($email);
        $user->setFirstname($firstName);
        $user->setLastname($lastName);
        $user->setPhone($phone);
        $this->entityManager->persist($user);
        $this->entityManager->flush();
        // Other code here not important
        return $user;
    }

我第一次发送post方法时，我正确地获得了验证错误，但是第二次使用相同的数据时，我得到了此消息，该电子邮件已被使用！