[Serializer] Harden the ObjectNormalizer

dunglas · dunglas · commit 26a07fb2abf6 · 2016-04-18T19:37:45.000+02:00
diff --git a/src/Symfony/Component/Serializer/Normalizer/AbstractObjectNormalizer.php b/src/Symfony/Component/Serializer/Normalizer/AbstractObjectNormalizer.php
@@ -11,8 +11,10 @@
 
 namespace Symfony\Component\Serializer\Normalizer;
 
+use Symfony\Component\PropertyAccess\Exception\InvalidArgumentException;
 use Symfony\Component\Serializer\Exception\CircularReferenceException;
 use Symfony\Component\Serializer\Exception\LogicException;
+use Symfony\Component\Serializer\Exception\UnexpectedValueException;
 
 /**
  * Base class for a normalizer dealing with objects.
@@ -172,7 +174,11 @@ public function denormalize($data, $class, $format = null, array $context = arra
             $ignored = in_array($attribute, $this->ignoredAttributes);
 
             if ($allowed && !$ignored) {
-                $this->setAttributeValue($object, $attribute, $value, $format, $context);
+                try {
+                    $this->setAttributeValue($object, $attribute, $value, $format, $context);
+                } catch (InvalidArgumentException $e) {
+                    throw new UnexpectedValueException($e->getMessage(), $e->getCode(), $e);
+                }
             }
         }
 
diff --git a/src/Symfony/Component/Serializer/Tests/Normalizer/ObjectNormalizerTest.php b/src/Symfony/Component/Serializer/Tests/Normalizer/ObjectNormalizerTest.php
@@ -498,6 +498,14 @@ public function testMaxDepth()
 
         $this->assertEquals($expected, $result);
     }
+
+    /**
+     * @expectedException \Symfony\Component\Serializer\Exception\UnexpectedValueException
+     */
+    public function testThrowUnexpectedValueException()
+    {
+        $this->normalizer->denormalize(array('foo' => 'bar'), ObjectTypeHinted::class);
+    }
 }
 
 class ObjectDummy
@@ -658,3 +666,10 @@ public static function getBaz()
         return 'L';
     }
 }
+
+class ObjectTypeHinted
+{
+    public function setFoo(array $f)
+    {
+    }
+}
diff --git a/src/Symfony/Component/Serializer/composer.json b/src/Symfony/Component/Serializer/composer.json
@@ -27,6 +27,9 @@
         "doctrine/annotations": "~1.0",
         "doctrine/cache": "~1.0"
     },
+    "conflict": {
+        "symfony/property-access": ">=3.0,<3.0.4|>=2.8,<2.8.4"
+    },
     "suggest": {
         "psr/cache-implementation": "For using the metadata cache.",
         "symfony/yaml": "For using the default YAML mapping loader.",

Original file line number	Diff line number	Diff line change
`@@ -498,6 +498,14 @@ public function testMaxDepth()`
`498`	`498`
`499`	`499`	`$this->assertEquals($expected, $result);`
`500`	`500`	`}`
	`501`	`+`
	`502`	`+ /**`
	`503`	`+ * @expectedException \Symfony\Component\Serializer\Exception\UnexpectedValueException`
	`504`	`+ */`
	`505`	`+ public function testThrowUnexpectedValueException()`
	`506`	`+ {`
	`507`	`+ $this->normalizer->denormalize(array('foo' => 'bar'), ObjectTypeHinted::class);`
	`508`	`+ }`
`501`	`509`	`}`
`502`	`510`
`503`	`511`	`class ObjectDummy`
`@@ -658,3 +666,10 @@ public static function getBaz()`
`658`	`666`	`return 'L';`
`659`	`667`	`}`
`660`	`668`	`}`
	`669`	`+`
	`670`	`+class ObjectTypeHinted`
	`671`	`+{`
	`672`	`+ public function setFoo(array $f)`
	`673`	`+ {`
	`674`	`+ }`
	`675`	`+}`