RetailCRM-Mirror/NelmioApiDocBundle
1
0
Fork 0
mirror of https://github.com/retailcrm/NelmioApiDocBundle.git synced 2025-02-09 02:59:27 +03:00
Code Issues Projects Releases Wiki Activity

Merge branch '3.x'

Browse Source
This commit is contained in:
Guilhem Niot 2020-12-17 00:06:17 +01:00
commit ba3fe1cdfa
6 changed files with 58 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
ModelDescriber/ObjectModelDescriber.php
View File

@ -72,10 +72,15 @@ class ObjectModelDescriber implements ModelDescriberInterface, ModelRegistryAwar
$annotationsReader->updateDefinition($reflClass, $schema); $annotationsReader->updateDefinition($reflClass, $schema);
$propertyInfoProperties = $this->propertyInfo->getProperties($class, $context); $propertyInfoProperties = $this->propertyInfo->getProperties($class, $context);
if (null === $propertyInfoProperties) { if (null === $propertyInfoProperties) {
return; return;
} }
// Fix for https://github.com/nelmio/NelmioApiDocBundle/issues/1756
// The SerializerExtractor does expose private/protected properties for some reason, so we eliminate them here
$propertyInfoProperties = array_intersect($propertyInfoProperties, $this->propertyInfo->getProperties($class, []) ?? []);
foreach ($propertyInfoProperties as $propertyName) { foreach ($propertyInfoProperties as $propertyName) {
$serializedName = null !== $this->nameConverter ? $this->nameConverter->normalize($propertyName, $class, null, null !== $model->getGroups() ? ['groups' => $model->getGroups()] : []) : $propertyName; $serializedName = null !== $this->nameConverter ? $this->nameConverter->normalize($propertyName, $class, null, null !== $model->getGroups() ? ['groups' => $model->getGroups()] : []) : $propertyName;
@ -86,7 +91,7 @@ class ObjectModelDescriber implements ModelDescriberInterface, ModelRegistryAwar
$serializedName = $annotationsReader->getPropertyName($reflection, $serializedName); $serializedName = $annotationsReader->getPropertyName($reflection, $serializedName);
} }
$property = Util::getProperty($schema, $annotationsReader->getPropertyName($reflection, $serializedName)); $property = Util::getProperty($schema, $serializedName);
// Interpret additional options // Interpret additional options
$groups = $model->getGroups(); $groups = $model->getGroups();

30
Tests/Functional/Entity/PrivateProtectedExposure.php Normal file
View File

@ -0,0 +1,30 @@
<?php
/*
* This file is part of the NelmioApiDocBundle package.
*
* (c) Nelmio
*
* For the full copyright and license information, please view the LICENSE
* file that was distributed with this source code.
*/
namespace Nelmio\ApiDocBundle\Tests\Functional\Entity;
/**
* @author Guilhem N. <guilhem.niot@gmail.com>
*/
class PrivateProtectedExposure
{
private $privateField;
protected $protectedField;
/**
* @var string
*/
public $publicField;
protected function setProtected(string $thing)
{
}
}

15
Tests/Functional/FunctionalTest.php
View File

@ -471,4 +471,19 @@ class FunctionalTest extends WebTestCase
$operation = $this->getOperation('/api/article/{id}', 'get'); $operation = $this->getOperation('/api/article/{id}', 'get');
$this->assertNull($operation->operationId); $this->assertNull($operation->operationId);
} }
/**
* Related to https://github.com/nelmio/NelmioApiDocBundle/issues/1756
* Ensures private/protected properties are not exposed, just like the symfony serializer does.
*/
public function testPrivateProtectedExposure()
{
// Ensure that groups are supported
$model = $this->getModel('PrivateProtectedExposure');
$this->assertCount(1, $model->properties);
$this->assertHasProperty('publicField', $model);
$this->assertNotHasProperty('privateField', $model);
$this->assertNotHasProperty('protectedField', $model);
$this->assertNotHasProperty('protected', $model);
}
} }

1
Tests/Functional/SwaggerUiTest.php
View File

@ -53,6 +53,7 @@ class SwaggerUiTest extends WebTestCase
$expected['servers'] = [ $expected['servers'] = [
['url' => 'http://api.example.com/app_dev.php'], ['url' => 'http://api.example.com/app_dev.php'],
]; ];
$this->assertEquals($expected, json_decode($crawler->filterXPath('//script[@id="swagger-data"]')->text(), true)['spec']); $this->assertEquals($expected, json_decode($crawler->filterXPath('//script[@id="swagger-data"]')->text(), true)['spec']);
} }

5
Tests/Functional/TestKernel.php
View File

@ -19,6 +19,7 @@ use JMS\SerializerBundle\JMSSerializerBundle;
use Nelmio\ApiDocBundle\NelmioApiDocBundle; use Nelmio\ApiDocBundle\NelmioApiDocBundle;
use Nelmio\ApiDocBundle\Tests\Functional\Entity\BazingaUser; use Nelmio\ApiDocBundle\Tests\Functional\Entity\BazingaUser;
use Nelmio\ApiDocBundle\Tests\Functional\Entity\NestedGroup\JMSPicture; use Nelmio\ApiDocBundle\Tests\Functional\Entity\NestedGroup\JMSPicture;
use Nelmio\ApiDocBundle\Tests\Functional\Entity\PrivateProtectedExposure;
use Nelmio\ApiDocBundle\Tests\Functional\ModelDescriber\VirtualTypeClassDoesNotExistsHandlerDefinedDescriber; use Nelmio\ApiDocBundle\Tests\Functional\ModelDescriber\VirtualTypeClassDoesNotExistsHandlerDefinedDescriber;
use Sensio\Bundle\FrameworkExtraBundle\SensioFrameworkExtraBundle; use Sensio\Bundle\FrameworkExtraBundle\SensioFrameworkExtraBundle;
use Symfony\Bundle\FrameworkBundle\FrameworkBundle; use Symfony\Bundle\FrameworkBundle\FrameworkBundle;
@ -232,6 +233,10 @@ class TestKernel extends Kernel
], ],
'models' => [ 'models' => [
'names' => [ 'names' => [
[
'alias' => 'PrivateProtectedExposure',
'type' => PrivateProtectedExposure::class,
],
[ [
'alias' => 'JMSPicture_mini', 'alias' => 'JMSPicture_mini',
'type' => JMSPicture::class, 'type' => JMSPicture::class,

2
composer.json
View File

@ -43,7 +43,7 @@
"doctrine/common": "^2.4", "doctrine/common": "^2.4",
"api-platform/core": "^2.4", "api-platform/core": "^2.4",
"friendsofsymfony/rest-bundle": "^2.8|^3.0@dev", "friendsofsymfony/rest-bundle": "^2.8|^3.0",
"willdurand/hateoas-bundle": "^1.0|^2.0", "willdurand/hateoas-bundle": "^1.0|^2.0",
"jms/serializer-bundle": "^2.3|^3.0", "jms/serializer-bundle": "^2.3|^3.0",
"jms/serializer": "^1.14|^3.0" "jms/serializer": "^1.14|^3.0"