Skip to content

Commit

Permalink
bug #57341 [Serializer] properly handle invalid data for false/true t…
Browse files Browse the repository at this point in the history 
…ypes (xabbuh)

This PR was merged into the 5.4 branch.

Discussion
----------

[Serializer] properly handle invalid data for false/true types

| Q             | A
| ------------- | ---
| Branch?       | 5.4
| Bug fix?      | yes
| New feature?  | no
| Deprecations? | no
| Issues        | Fix symfony/symfony#57320 (comment)
| License       | MIT

Commits
-------

d35d4a337b properly handle invalid data for false/true types
  • Loading branch information
@xabbuh
xabbuh committed Jun 16, 2024
2 parents 296df0c + 311006a commit 3fd3eca
Show file tree
Hide file tree
Showing 2 changed files with 84 additions and 5 deletions.
32 changes: 27 additions & 5 deletions Normalizer/AbstractObjectNormalizer.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -621,12 +621,34 @@ private function validateAndDenormalize(array $types, string $currentClass, stri
return (float) $data;
}

if (Type::BUILTIN_TYPE_FALSE === $builtinType && false === $data) {
return $data;
}
switch ($builtinType) {
case Type::BUILTIN_TYPE_ARRAY:
case Type::BUILTIN_TYPE_BOOL:
case Type::BUILTIN_TYPE_CALLABLE:
case Type::BUILTIN_TYPE_FLOAT:
case Type::BUILTIN_TYPE_INT:
case Type::BUILTIN_TYPE_ITERABLE:
case Type::BUILTIN_TYPE_NULL:
case Type::BUILTIN_TYPE_OBJECT:
case Type::BUILTIN_TYPE_RESOURCE:
case Type::BUILTIN_TYPE_STRING:
if (('is_'.$builtinType)($data)) {
return $data;
}

break;
case Type::BUILTIN_TYPE_FALSE:
if (false === $data) {
return $data;
}

break;
case Type::BUILTIN_TYPE_TRUE:
if (true === $data) {
return $data;
}

if (('is_'.$builtinType)($data)) {
return $data;
break;
}
} catch (NotNormalizableValueException $e) {
if (!$isUnionType && !$isNullable) {
Expand Down
57 changes: 57 additions & 0 deletions Tests/Normalizer/AbstractObjectNormalizerTest.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -687,6 +687,26 @@ protected function setAttributeValue(object $object, string $attribute, $value,

$this->assertSame('scalar', $normalizer->denormalize('scalar', XmlScalarDummy::class, 'xml')->value);
}

/**
* @dataProvider provideBooleanTypesData
*/
public function testDenormalizeBooleanTypesWithNotMatchingData(array $data, string $type)
{
$normalizer = new AbstractObjectNormalizerWithMetadataAndPropertyTypeExtractors();

$this->expectException(NotNormalizableValueException::class);

$normalizer->denormalize($data, $type);
}

public function provideBooleanTypesData()
{
return [
[['foo' => true], FalsePropertyDummy::class],
[['foo' => false], TruePropertyDummy::class],
];
}
}

class AbstractObjectNormalizerDummy extends AbstractObjectNormalizer
Expand Down Expand Up @@ -816,6 +836,18 @@ class XmlScalarDummy
public $value;
}

class FalsePropertyDummy
{
/** @var false */
public $foo;
}

class TruePropertyDummy
{
/** @var true */
public $foo;
}

class SerializerCollectionDummy implements SerializerInterface, DenormalizerInterface
{
private $normalizers;
Expand Down Expand Up @@ -936,3 +968,28 @@ public function __sleep(): array
throw new \Error('not serializable');
}
}

class AbstractObjectNormalizerWithMetadataAndPropertyTypeExtractors extends AbstractObjectNormalizer
{
public function __construct()
{
parent::__construct(new ClassMetadataFactory(new AnnotationLoader()), null, new PropertyInfoExtractor([], [new PhpDocExtractor(), new ReflectionExtractor()]));
}

protected function extractAttributes(object $object, ?string $format = null, array $context = []): array
{
return [];
}

protected function getAttributeValue(object $object, string $attribute, ?string $format = null, array $context = [])
{
return null;
}

protected function setAttributeValue(object $object, string $attribute, $value, ?string $format = null, array $context = []): void
{
if (property_exists($object, $attribute)) {
$object->$attribute = $value;
}
}
}

0 comments on commit 3fd3eca

Please sign in to comment.