Thanks to visit codestin.com
Credit goes to github.com

Skip to content

Commit 8444b21

Browse files
juliendidierjuliendidier
committed
throw exception when extra attributes are used during an object denormalization
1 parent c21bed7 commit 8444b21

File tree

3 files changed

+49
-2
lines changed

3 files changed

+49
-2
lines changed

src/Symfony/Component/Serializer/Exception/ExtraAttributesException.php

Lines changed: 21 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,21 @@
1+
<?php
2+
3+
/*
4+
* This file is part of the Symfony package.
5+
*
6+
* (c) Fabien Potencier <[email protected]>
7+
*
8+
* For the full copyright and license information, please view the LICENSE
9+
* file that was distributed with this source code.
10+
*/
11+
12+
namespace Symfony\Component\Serializer\Exception;
13+
14+
/**
15+
* ExtraAttributesException.
16+
*
17+
* @author Julien DIDIER <[email protected]>
18+
*/
19+
class ExtraAttributesException extends RuntimeException
20+
{
21+
}

src/Symfony/Component/Serializer/Normalizer/AbstractObjectNormalizer.php

Lines changed: 13 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -12,11 +12,12 @@
1212
namespace Symfony\Component\Serializer\Normalizer;
1313

1414
use Symfony\Component\PropertyAccess\Exception\InvalidArgumentException;
15+
use Symfony\Component\PropertyInfo\PropertyTypeExtractorInterface;
16+
use Symfony\Component\PropertyInfo\Type;
1517
use Symfony\Component\Serializer\Exception\CircularReferenceException;
18+
use Symfony\Component\Serializer\Exception\ExtraAttributesException;
1619
use Symfony\Component\Serializer\Exception\LogicException;
1720
use Symfony\Component\Serializer\Exception\UnexpectedValueException;
18-
use Symfony\Component\PropertyInfo\PropertyTypeExtractorInterface;
19-
use Symfony\Component\PropertyInfo\Type;
2021
use Symfony\Component\Serializer\Mapping\Factory\ClassMetadataFactoryInterface;
2122
use Symfony\Component\Serializer\NameConverter\NameConverterInterface;
2223

@@ -171,8 +172,10 @@ public function denormalize($data, $class, $format = null, array $context = arra
171172
if (!isset($context['cache_key'])) {
172173
$context['cache_key'] = $this->getCacheKey($format, $context);
173174
}
175+
174176
$allowedAttributes = $this->getAllowedAttributes($class, $context, true);
175177
$normalizedData = $this->prepareForDenormalization($data);
178+
$extraAttributes = array();
176179

177180
$reflectionClass = new \ReflectionClass($class);
178181
$object = $this->instantiateObject($normalizedData, $class, $context, $reflectionClass, $allowedAttributes, $format);
@@ -183,6 +186,10 @@ public function denormalize($data, $class, $format = null, array $context = arra
183186
}
184187

185188
if (($allowedAttributes !== false && !in_array($attribute, $allowedAttributes)) || !$this->isAllowedAttribute($class, $attribute, $format, $context)) {
189+
if (isset($context['allow_extra_attributes']) && !$context['allow_extra_attributes']) {
190+
$extraAttributes[] = $attribute;
191+
}
192+
186193
continue;
187194
}
188195

@@ -194,6 +201,10 @@ public function denormalize($data, $class, $format = null, array $context = arra
194201
}
195202
}
196203

204+
if (!empty($extraAttributes)) {
205+
throw new ExtraAttributesException(sprintf('Extra attributes are not allowed ("%s" are unknown).', implode('", "', $extraAttributes)));
206+
}
207+
197208
return $object;
198209
}
199210

src/Symfony/Component/Serializer/Tests/Normalizer/AbstractObjectNormalizerTest.php

Lines changed: 15 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -37,6 +37,21 @@ public function testInstantiateObjectDenormalizer()
3737
$normalizer = new AbstractObjectNormalizerDummy();
3838
$normalizer->instantiateObject($data, $class, $context, new \ReflectionClass($class), array());
3939
}
40+
41+
/**
42+
* @expectedException \Symfony\Component\Serializer\Exception\ExtraAttributesException
43+
* @expectedExceptionMessage Extra attributes are not allowed ("fooFoo", "fooBar" are unknown).
44+
*/
45+
public function testDenormalizeWithExtraAttributes()
46+
{
47+
$normalizer = new AbstractObjectNormalizerDummy();
48+
$normalizer->denormalize(
49+
array('fooFoo' => 'foo', 'fooBar' => 'bar'),
50+
__NAMESPACE__.'\Dummy',
51+
'any',
52+
array('allow_extra_attributes' => false)
53+
);
54+
}
4055
}
4156

4257
class AbstractObjectNormalizerDummy extends AbstractObjectNormalizer

0 commit comments

Comments
 (0)