throw exception when extra attributes are used during an object denormalization
This commit is contained in:
parent
287f7c821a
commit
565a98499c
@ -0,0 +1,27 @@
|
||||
<?php
|
||||
|
||||
/*
|
||||
* This file is part of the Symfony package.
|
||||
*
|
||||
* (c) Fabien Potencier <fabien@symfony.com>
|
||||
*
|
||||
* For the full copyright and license information, please view the LICENSE
|
||||
* file that was distributed with this source code.
|
||||
*/
|
||||
|
||||
namespace Symfony\Component\Serializer\Exception;
|
||||
|
||||
/**
|
||||
* ExtraAttributesException.
|
||||
*
|
||||
* @author Julien DIDIER <julien@didier.io>
|
||||
*/
|
||||
class ExtraAttributesException extends RuntimeException
|
||||
{
|
||||
public function __construct(array $extraAttributes, \Exception $previous = null)
|
||||
{
|
||||
$msg = sprintf('Extra attributes are not allowed ("%s" are unknown).', implode('", "', $extraAttributes));
|
||||
|
||||
parent::__construct($msg, 0, $previous);
|
||||
}
|
||||
}
|
@ -13,6 +13,7 @@ namespace Symfony\Component\Serializer\Normalizer;
|
||||
|
||||
use Symfony\Component\PropertyAccess\Exception\InvalidArgumentException;
|
||||
use Symfony\Component\Serializer\Exception\CircularReferenceException;
|
||||
use Symfony\Component\Serializer\Exception\ExtraAttributesException;
|
||||
use Symfony\Component\Serializer\Exception\LogicException;
|
||||
use Symfony\Component\Serializer\Exception\UnexpectedValueException;
|
||||
use Symfony\Component\PropertyInfo\PropertyTypeExtractorInterface;
|
||||
@ -171,8 +172,10 @@ abstract class AbstractObjectNormalizer extends AbstractNormalizer
|
||||
if (!isset($context['cache_key'])) {
|
||||
$context['cache_key'] = $this->getCacheKey($format, $context);
|
||||
}
|
||||
|
||||
$allowedAttributes = $this->getAllowedAttributes($class, $context, true);
|
||||
$normalizedData = $this->prepareForDenormalization($data);
|
||||
$extraAttributes = array();
|
||||
|
||||
$reflectionClass = new \ReflectionClass($class);
|
||||
$object = $this->instantiateObject($normalizedData, $class, $context, $reflectionClass, $allowedAttributes, $format);
|
||||
@ -183,6 +186,10 @@ abstract class AbstractObjectNormalizer extends AbstractNormalizer
|
||||
}
|
||||
|
||||
if (($allowedAttributes !== false && !in_array($attribute, $allowedAttributes)) || !$this->isAllowedAttribute($class, $attribute, $format, $context)) {
|
||||
if (isset($context['allow_extra_attributes']) && !$context['allow_extra_attributes']) {
|
||||
$extraAttributes[] = $attribute;
|
||||
}
|
||||
|
||||
continue;
|
||||
}
|
||||
|
||||
@ -194,6 +201,10 @@ abstract class AbstractObjectNormalizer extends AbstractNormalizer
|
||||
}
|
||||
}
|
||||
|
||||
if (!empty($extraAttributes)) {
|
||||
throw new ExtraAttributesException($extraAttributes);
|
||||
}
|
||||
|
||||
return $object;
|
||||
}
|
||||
|
||||
|
@ -37,6 +37,21 @@ class AbstractObjectNormalizerTest extends \PHPUnit_Framework_TestCase
|
||||
$normalizer = new AbstractObjectNormalizerDummy();
|
||||
$normalizer->instantiateObject($data, $class, $context, new \ReflectionClass($class), array());
|
||||
}
|
||||
|
||||
/**
|
||||
* @expectedException \Symfony\Component\Serializer\Exception\ExtraAttributesException
|
||||
* @expectedExceptionMessage Extra attributes are not allowed ("fooFoo", "fooBar" are unknown).
|
||||
*/
|
||||
public function testDenormalizeWithExtraAttributes()
|
||||
{
|
||||
$normalizer = new AbstractObjectNormalizerDummy();
|
||||
$normalizer->denormalize(
|
||||
array('fooFoo' => 'foo', 'fooBar' => 'bar'),
|
||||
__NAMESPACE__.'\Dummy',
|
||||
'any',
|
||||
array('allow_extra_attributes' => false)
|
||||
);
|
||||
}
|
||||
}
|
||||
|
||||
class AbstractObjectNormalizerDummy extends AbstractObjectNormalizer
|
||||
|
Reference in New Issue
Block a user