diff --git a/src/Symfony/Component/Serializer/Normalizer/AbstractNormalizer.php b/src/Symfony/Component/Serializer/Normalizer/AbstractNormalizer.php
index cad6205dfb826..03c44af938929 100644
--- a/src/Symfony/Component/Serializer/Normalizer/AbstractNormalizer.php
+++ b/src/Symfony/Component/Serializer/Normalizer/AbstractNormalizer.php
@@ -200,11 +200,17 @@ protected function handleCircularReference($object)
* @param array $context
* @param bool $attributesAsString If false, return an array of {@link AttributeMetadataInterface}
*
+ * @throws \Symfony\Component\Serializer\Exception\LogicException if the 'allow_extra_attributes' context variable is false and no class metadata factory is provided
+ *
* @return string[]|AttributeMetadataInterface[]|bool
*/
protected function getAllowedAttributes($classOrObject, array $context, $attributesAsString = false)
{
if (!$this->classMetadataFactory) {
+ if (isset($context[static::ALLOW_EXTRA_ATTRIBUTES]) && !$context[static::ALLOW_EXTRA_ATTRIBUTES]) {
+ throw new LogicException(sprintf("A class metadata factory must be provided in the constructor when setting '%s' to false.", static::ALLOW_EXTRA_ATTRIBUTES));
+ }
+
return false;
}
diff --git a/src/Symfony/Component/Serializer/Tests/Normalizer/AbstractObjectNormalizerTest.php b/src/Symfony/Component/Serializer/Tests/Normalizer/AbstractObjectNormalizerTest.php
index 25f4c007d13f0..19a73c9c8474c 100644
--- a/src/Symfony/Component/Serializer/Tests/Normalizer/AbstractObjectNormalizerTest.php
+++ b/src/Symfony/Component/Serializer/Tests/Normalizer/AbstractObjectNormalizerTest.php
@@ -19,6 +19,7 @@
use Symfony\Component\Serializer\Mapping\Factory\ClassMetadataFactory;
use Symfony\Component\Serializer\Mapping\Loader\AnnotationLoader;
use Symfony\Component\Serializer\Normalizer\AbstractObjectNormalizer;
+use Symfony\Component\Serializer\Normalizer\ObjectNormalizer;
use Symfony\Component\Serializer\Normalizer\DenormalizerInterface;
use Symfony\Component\Serializer\SerializerAwareInterface;
use Symfony\Component\Serializer\SerializerInterface;
@@ -52,7 +53,8 @@ public function testInstantiateObjectDenormalizer()
*/
public function testDenormalizeWithExtraAttributes()
{
- $normalizer = new AbstractObjectNormalizerDummy();
+ $factory = new ClassMetadataFactory(new AnnotationLoader(new AnnotationReader()));
+ $normalizer = new AbstractObjectNormalizerDummy($factory);
$normalizer->denormalize(
array('fooFoo' => 'foo', 'fooBar' => 'bar'),
__NAMESPACE__.'\Dummy',
@@ -144,6 +146,23 @@ private function getDenormalizerForDummyCollection()
return $denormalizer;
}
+
+ /**
+ * Test that additional attributes throw an exception if no metadata factory is specified.
+ *
+ * @see https://symfony.com/doc/current/components/serializer.html#deserializing-an-object
+ *
+ * @expectedException \Symfony\Component\Serializer\Exception\LogicException
+ * @expectedExceptionMessage A class metadata factory must be provided in the constructor when setting 'allow_extra_attributes' to false.
+ */
+ public function testExtraAttributesException()
+ {
+ $normalizer = new ObjectNormalizer();
+
+ $normalizer->denormalize(array(), \stdClass::class, 'xml', array(
+ 'allow_extra_attributes' => false,
+ ));
+ }
}
class AbstractObjectNormalizerDummy extends AbstractObjectNormalizer
pFad - Phonifier reborn
Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.
Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.
Alternative Proxies:
Alternative Proxy
pFad Proxy
pFad v3 Proxy
pFad v4 Proxy