diogo/symfony
Archived
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

bug #18837 [Serializer] AbstractObjectNormalizer: be sure that isAllowedAttribute is called (dunglas)

Browse Source 
This PR was submitted for the master branch but it was merged into the 3.1 branch instead (closes #18837).

Discussion
----------

[Serializer] AbstractObjectNormalizer: be sure that isAllowedAttribute is called

| Q             | A
| ------------- | ---
| Branch?       | 3.1
| Bug fix?      | yes
| New feature?  | no
| BC breaks?    | no
| Deprecations? | no
| Tests pass?   | yes
| Fixed tickets | n/a
| License       | MIT
| Doc PR        | n/a

Please merge before the release of 3.1 (potential bug fix)

Commits
-------

29b4115 [Serializer] AbstractObjectNormalizer: be sure that isAllowedAttribute is called
This commit is contained in:
Fabien Potencier 2016-05-24 12:12:38 +02:00
commit 7dc1491ec0
1 changed files with 1 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
src/Symfony/Component/Serializer/Normalizer/AbstractObjectNormalizer.php
View File

@ -182,10 +182,7 @@ abstract class AbstractObjectNormalizer extends AbstractNormalizer
$attribute = $this->nameConverter->denormalize($attribute);
}
$allowed = $allowedAttributes === false || in_array($attribute, $allowedAttributes);
$ignored = in_array($attribute, $this->ignoredAttributes);
if (!$allowed || $ignored) {
if (($allowedAttributes !== false && !in_array($attribute, $allowedAttributes)) || !$this->isAllowedAttribute($class, $attribute, $format, $context)) {
continue;
}