This project does not seem to handle request data directly as such no vulnerable execution paths were found.
include
, or for example
via PHP's auto-loading mechanism.
These results are based on our legacy PHP analysis, consider migrating to our new PHP analysis engine instead. Learn more
1 | <?php |
||
2 | |||
3 | /* |
||
4 | * This file is part of the FOSRestBundle package. |
||
5 | * |
||
6 | * (c) FriendsOfSymfony <http://friendsofsymfony.github.com/> |
||
7 | * |
||
8 | * For the full copyright and license information, please view the LICENSE |
||
9 | * file that was distributed with this source code. |
||
10 | */ |
||
11 | |||
12 | namespace FOS\RestBundle\DependencyInjection; |
||
13 | |||
14 | use Symfony\Component\Config\Definition\Builder\ArrayNodeDefinition; |
||
15 | use Symfony\Component\Config\Definition\Builder\TreeBuilder; |
||
16 | use Symfony\Component\Config\Definition\ConfigurationInterface; |
||
17 | use Symfony\Component\Config\Definition\Exception\InvalidConfigurationException; |
||
18 | use Symfony\Component\HttpFoundation\Response; |
||
19 | use Symfony\Component\OptionsResolver\OptionsResolver; |
||
20 | use Symfony\Component\Serializer\Encoder\XmlEncoder; |
||
21 | |||
22 | /** |
||
23 | * This class contains the configuration information for the bundle. |
||
24 | * |
||
25 | * This information is solely responsible for how the different configuration |
||
26 | * sections are normalized, and merged. |
||
27 | * |
||
28 | * @author Lukas Kahwe Smith <[email protected]> |
||
29 | * |
||
30 | * @internal |
||
31 | */ |
||
32 | final class Configuration implements ConfigurationInterface |
||
33 | { |
||
34 | private $debug; |
||
35 | |||
36 | 60 | public function __construct(bool $debug) |
|
37 | { |
||
38 | 60 | $this->debug = $debug; |
|
39 | 60 | } |
|
40 | |||
41 | 59 | public function getConfigTreeBuilder(): TreeBuilder |
|
42 | { |
||
43 | 59 | $treeBuilder = new TreeBuilder('fos_rest'); |
|
44 | |||
45 | 59 | $rootNode = $treeBuilder->getRootNode(); |
|
46 | |||
47 | $rootNode |
||
48 | 59 | ->children() |
|
49 | 59 | ->scalarNode('disable_csrf_role')->defaultNull()->end() |
|
50 | 59 | ->scalarNode('unauthorized_challenge')->defaultNull()->end() |
|
51 | 59 | ->arrayNode('param_fetcher_listener') |
|
52 | 59 | ->beforeNormalization() |
|
53 | 59 | ->ifString() |
|
54 | View Code Duplication | ->then(function ($v) { |
|
55 | 1 | return ['enabled' => in_array($v, ['force', 'true']), 'force' => 'force' === $v]; |
|
56 | 59 | }) |
|
57 | 59 | ->end() |
|
58 | 59 | ->canBeEnabled() |
|
59 | 59 | ->children() |
|
60 | 59 | ->booleanNode('force')->defaultFalse()->end() |
|
61 | 59 | ->scalarNode('service')->defaultNull()->end() |
|
62 | 59 | ->end() |
|
63 | 59 | ->end() |
|
64 | 59 | ->scalarNode('cache_dir')->cannotBeEmpty()->defaultValue('%kernel.cache_dir%/fos_rest')->end() |
|
65 | 59 | ->arrayNode('allowed_methods_listener') |
|
66 | 59 | ->canBeEnabled() |
|
67 | 59 | ->children() |
|
68 | 59 | ->scalarNode('service')->defaultNull()->end() |
|
69 | 59 | ->end() |
|
70 | 59 | ->end() |
|
71 | 59 | ->booleanNode('routing_loader') |
|
72 | 59 | ->defaultValue(false) |
|
73 | 59 | ->validate() |
|
74 | 59 | ->ifTrue() |
|
75 | 59 | ->thenInvalid('only "false" is supported') |
|
76 | 59 | ->end() |
|
77 | 59 | ->end() |
|
78 | 59 | ->arrayNode('body_converter') |
|
79 | 59 | ->canBeEnabled() |
|
80 | 59 | ->children() |
|
81 | 59 | ->scalarNode('validate') |
|
82 | 59 | ->defaultFalse() |
|
83 | 59 | ->beforeNormalization() |
|
84 | 59 | ->ifTrue() |
|
85 | ->then(function ($value) { |
||
86 | 1 | if (!class_exists(OptionsResolver::class)) { |
|
87 | throw new InvalidConfigurationException("'body_converter.validate: true' requires OptionsResolver component installation ( composer require symfony/options-resolver )"); |
||
88 | } |
||
89 | |||
90 | 1 | return $value; |
|
91 | 59 | }) |
|
92 | 59 | ->end() |
|
93 | 59 | ->end() |
|
94 | 59 | ->scalarNode('validation_errors_argument')->defaultValue('validationErrors')->end() |
|
95 | 59 | ->end() |
|
96 | 59 | ->end() |
|
97 | 59 | ->arrayNode('service') |
|
98 | 59 | ->addDefaultsIfNotSet() |
|
99 | 59 | ->children() |
|
100 | 59 | ->scalarNode('serializer')->defaultNull()->end() |
|
101 | 59 | ->scalarNode('view_handler')->defaultValue('fos_rest.view_handler.default')->end() |
|
102 | 59 | ->scalarNode('validator')->defaultValue('validator')->end() |
|
103 | 59 | ->end() |
|
104 | 59 | ->end() |
|
105 | 59 | ->arrayNode('serializer') |
|
106 | 59 | ->addDefaultsIfNotSet() |
|
107 | 59 | ->children() |
|
108 | 59 | ->scalarNode('version')->defaultNull()->end() |
|
109 | 59 | ->arrayNode('groups') |
|
110 | 59 | ->prototype('scalar')->end() |
|
111 | 59 | ->end() |
|
112 | 59 | ->booleanNode('serialize_null')->defaultFalse()->end() |
|
113 | 59 | ->end() |
|
114 | 59 | ->end() |
|
115 | 59 | ->arrayNode('zone') |
|
116 | 59 | ->cannotBeOverwritten() |
|
117 | 59 | ->prototype('array') |
|
118 | 59 | ->fixXmlConfig('ip') |
|
119 | 59 | ->children() |
|
120 | 59 | ->scalarNode('path') |
|
121 | 59 | ->defaultNull() |
|
122 | 59 | ->info('use the urldecoded format') |
|
123 | 59 | ->example('^/path to resource/') |
|
124 | 59 | ->end() |
|
125 | 59 | ->scalarNode('host')->defaultNull()->end() |
|
126 | 59 | ->arrayNode('methods') |
|
127 | ->beforeNormalization()->ifString()->then(function ($v) { |
||
128 | return preg_split('/\s*,\s*/', $v); |
||
129 | 59 | })->end() |
|
130 | 59 | ->prototype('scalar')->end() |
|
131 | 59 | ->end() |
|
132 | 59 | ->arrayNode('ips') |
|
133 | ->beforeNormalization()->ifString()->then(function ($v) { |
||
134 | 1 | return array($v); |
|
135 | 59 | })->end() |
|
136 | 59 | ->prototype('scalar')->end() |
|
137 | 59 | ->end() |
|
138 | 59 | ->end() |
|
139 | 59 | ->end() |
|
140 | 59 | ->end() |
|
141 | 59 | ->end(); |
|
142 | |||
143 | 59 | $this->addViewSection($rootNode); |
|
144 | 59 | $this->addExceptionSection($rootNode); |
|
145 | 59 | $this->addBodyListenerSection($rootNode); |
|
146 | 59 | $this->addFormatListenerSection($rootNode); |
|
147 | 59 | $this->addVersioningSection($rootNode); |
|
148 | |||
149 | 59 | return $treeBuilder; |
|
150 | } |
||
151 | |||
152 | 59 | private function addViewSection(ArrayNodeDefinition $rootNode): void |
|
153 | { |
||
154 | $rootNode |
||
155 | 59 | ->children() |
|
156 | 59 | ->arrayNode('view') |
|
157 | 59 | ->fixXmlConfig('format', 'formats') |
|
158 | 59 | ->fixXmlConfig('mime_type', 'mime_types') |
|
159 | 59 | ->addDefaultsIfNotSet() |
|
160 | 59 | ->children() |
|
161 | 59 | ->arrayNode('mime_types') |
|
162 | 59 | ->canBeEnabled() |
|
163 | 59 | ->beforeNormalization() |
|
164 | ->ifArray()->then(function ($v) { |
||
165 | 1 | if (!empty($v) && empty($v['formats'])) { |
|
166 | 1 | unset($v['enabled']); |
|
167 | 1 | $v = ['enabled' => true, 'formats' => $v]; |
|
168 | } |
||
169 | |||
170 | 1 | return $v; |
|
171 | 59 | }) |
|
172 | 59 | ->end() |
|
173 | 59 | ->fixXmlConfig('format', 'formats') |
|
174 | 59 | ->children() |
|
175 | 59 | ->scalarNode('service')->defaultNull()->end() |
|
176 | 59 | ->arrayNode('formats') |
|
177 | 59 | ->useAttributeAsKey('name') |
|
178 | 59 | ->prototype('array') |
|
179 | 59 | ->beforeNormalization() |
|
180 | 59 | ->ifString() |
|
181 | ->then(function ($v) { return array($v); }) |
||
182 | 59 | ->end() |
|
183 | 59 | ->prototype('scalar')->end() |
|
184 | 59 | ->end() |
|
185 | 59 | ->end() |
|
186 | 59 | ->end() |
|
187 | 59 | ->end() |
|
188 | 59 | ->arrayNode('formats') |
|
189 | 59 | ->useAttributeAsKey('name') |
|
190 | 59 | ->defaultValue(['json' => true, 'xml' => true]) |
|
191 | 59 | ->prototype('boolean')->end() |
|
192 | 59 | ->end() |
|
193 | 59 | ->arrayNode('view_response_listener') |
|
194 | 59 | ->beforeNormalization() |
|
195 | 59 | ->ifString() |
|
196 | View Code Duplication | ->then(function ($v) { |
|
197 | 4 | return ['enabled' => in_array($v, ['force', 'true']), 'force' => 'force' === $v]; |
|
198 | 59 | }) |
|
199 | 59 | ->end() |
|
200 | 59 | ->canBeEnabled() |
|
201 | 59 | ->children() |
|
202 | 59 | ->booleanNode('force')->defaultFalse()->end() |
|
203 | 59 | ->scalarNode('service')->defaultNull()->end() |
|
204 | 59 | ->end() |
|
205 | 59 | ->end() |
|
206 | 59 | ->scalarNode('failed_validation')->defaultValue(Response::HTTP_BAD_REQUEST)->end() |
|
207 | 59 | ->scalarNode('empty_content')->defaultValue(Response::HTTP_NO_CONTENT)->end() |
|
208 | 59 | ->booleanNode('serialize_null')->defaultFalse()->end() |
|
209 | 59 | ->arrayNode('jsonp_handler') |
|
210 | 59 | ->canBeUnset() |
|
211 | 59 | ->children() |
|
212 | 59 | ->scalarNode('callback_param')->defaultValue('callback')->end() |
|
213 | 59 | ->scalarNode('mime_type')->defaultValue('application/javascript+jsonp')->end() |
|
214 | 59 | ->end() |
|
215 | 59 | ->end() |
|
216 | 59 | ->end() |
|
217 | 59 | ->end() |
|
218 | 59 | ->end(); |
|
219 | 59 | } |
|
220 | |||
221 | 59 | private function addBodyListenerSection(ArrayNodeDefinition $rootNode): void |
|
222 | { |
||
223 | 59 | $decodersDefaultValue = ['json' => 'fos_rest.decoder.json']; |
|
224 | 59 | if (class_exists(XmlEncoder::class)) { |
|
225 | 59 | $decodersDefaultValue['xml'] = 'fos_rest.decoder.xml'; |
|
226 | } |
||
227 | $rootNode |
||
228 | 59 | ->children() |
|
229 | 59 | ->arrayNode('body_listener') |
|
230 | 59 | ->fixXmlConfig('decoder', 'decoders') |
|
231 | 59 | ->addDefaultsIfNotSet() |
|
232 | 59 | ->canBeUnset() |
|
233 | 59 | ->canBeEnabled() |
|
234 | 59 | ->children() |
|
235 | 59 | ->scalarNode('service')->defaultNull()->end() |
|
236 | 59 | ->scalarNode('default_format')->defaultNull()->end() |
|
237 | 59 | ->booleanNode('throw_exception_on_unsupported_content_type') |
|
238 | 59 | ->defaultFalse() |
|
239 | 59 | ->end() |
|
240 | 59 | ->arrayNode('decoders') |
|
241 | 59 | ->useAttributeAsKey('name') |
|
242 | 59 | ->defaultValue($decodersDefaultValue) |
|
243 | 59 | ->prototype('scalar')->end() |
|
244 | 59 | ->end() |
|
245 | 59 | ->arrayNode('array_normalizer') |
|
246 | 59 | ->addDefaultsIfNotSet() |
|
247 | 59 | ->beforeNormalization() |
|
248 | ->ifString()->then(function ($v) { |
||
249 | 1 | return ['service' => $v]; |
|
250 | 59 | }) |
|
251 | 59 | ->end() |
|
252 | 59 | ->children() |
|
253 | 59 | ->scalarNode('service')->defaultNull()->end() |
|
254 | 59 | ->booleanNode('forms')->defaultFalse()->end() |
|
255 | 59 | ->end() |
|
256 | 59 | ->end() |
|
257 | 59 | ->end() |
|
258 | 59 | ->end() |
|
259 | 59 | ->end(); |
|
260 | 59 | } |
|
261 | |||
262 | 59 | private function addFormatListenerSection(ArrayNodeDefinition $rootNode): void |
|
263 | { |
||
264 | $rootNode |
||
265 | 59 | ->children() |
|
266 | 59 | ->arrayNode('format_listener') |
|
267 | 59 | ->fixXmlConfig('rule', 'rules') |
|
268 | 59 | ->addDefaultsIfNotSet() |
|
269 | 59 | ->canBeUnset() |
|
270 | 59 | ->beforeNormalization() |
|
271 | ->ifTrue(function ($v) { |
||
272 | // check if we got an assoc array in rules |
||
273 | 6 | return isset($v['rules']) |
|
274 | 6 | && is_array($v['rules']) |
|
275 | 6 | && array_keys($v['rules']) !== range(0, count($v['rules']) - 1); |
|
276 | 59 | }) |
|
277 | ->then(function ($v) { |
||
278 | 1 | $v['rules'] = [$v['rules']]; |
|
279 | |||
280 | 1 | return $v; |
|
281 | 59 | }) |
|
282 | 59 | ->end() |
|
283 | 59 | ->canBeEnabled() |
|
284 | 59 | ->children() |
|
285 | 59 | ->scalarNode('service')->defaultNull()->end() |
|
286 | 59 | ->arrayNode('rules') |
|
287 | 59 | ->performNoDeepMerging() |
|
288 | 59 | ->prototype('array') |
|
289 | 59 | ->fixXmlConfig('priority', 'priorities') |
|
290 | 59 | ->fixXmlConfig('attribute', 'attributes') |
|
291 | 59 | ->children() |
|
292 | 59 | ->scalarNode('path')->defaultNull()->info('URL path info')->end() |
|
293 | 59 | ->scalarNode('host')->defaultNull()->info('URL host name')->end() |
|
294 | 59 | ->variableNode('methods')->defaultNull()->info('Method for URL')->end() |
|
295 | 59 | ->arrayNode('attributes') |
|
296 | 59 | ->useAttributeAsKey('name') |
|
297 | 59 | ->prototype('variable')->end() |
|
298 | 59 | ->end() |
|
299 | 59 | ->booleanNode('stop')->defaultFalse()->end() |
|
300 | 59 | ->booleanNode('prefer_extension')->defaultTrue()->end() |
|
301 | 59 | ->scalarNode('fallback_format')->defaultValue('html')->end() |
|
302 | 59 | ->arrayNode('priorities') |
|
303 | ->beforeNormalization()->ifString()->then(function ($v) { |
||
304 | return preg_split('/\s*,\s*/', $v); |
||
305 | 59 | })->end() |
|
306 | 59 | ->prototype('scalar')->end() |
|
307 | 59 | ->end() |
|
308 | 59 | ->end() |
|
309 | 59 | ->end() |
|
310 | 59 | ->end() |
|
311 | 59 | ->end() |
|
312 | 59 | ->end() |
|
313 | 59 | ->end(); |
|
314 | 59 | } |
|
315 | |||
316 | 59 | private function addVersioningSection(ArrayNodeDefinition $rootNode): void |
|
317 | { |
||
318 | $rootNode |
||
319 | 59 | ->children() |
|
320 | 59 | ->arrayNode('versioning') |
|
321 | 59 | ->canBeEnabled() |
|
322 | 59 | ->children() |
|
323 | 59 | ->scalarNode('default_version')->defaultNull()->end() |
|
324 | 59 | ->arrayNode('resolvers') |
|
325 | 59 | ->addDefaultsIfNotSet() |
|
326 | 59 | ->children() |
|
327 | 59 | ->arrayNode('query') |
|
328 | 59 | ->canBeDisabled() |
|
329 | 59 | ->children() |
|
330 | 59 | ->scalarNode('parameter_name')->defaultValue('version')->end() |
|
331 | 59 | ->end() |
|
332 | 59 | ->end() |
|
333 | 59 | ->arrayNode('custom_header') |
|
334 | 59 | ->canBeDisabled() |
|
335 | 59 | ->children() |
|
336 | 59 | ->scalarNode('header_name')->defaultValue('X-Accept-Version')->end() |
|
337 | 59 | ->end() |
|
338 | 59 | ->end() |
|
339 | 59 | ->arrayNode('media_type') |
|
340 | 59 | ->canBeDisabled() |
|
341 | 59 | ->children() |
|
342 | 59 | ->scalarNode('regex')->defaultValue('/(v|version)=(?P<version>[0-9\.]+)/')->end() |
|
343 | 59 | ->end() |
|
344 | 59 | ->end() |
|
345 | 59 | ->end() |
|
346 | 59 | ->end() |
|
347 | 59 | ->arrayNode('guessing_order') |
|
348 | 59 | ->defaultValue(['query', 'custom_header', 'media_type']) |
|
349 | 59 | ->validate() |
|
350 | ->ifTrue(function ($v) { |
||
351 | foreach ($v as $resolver) { |
||
352 | if (!in_array($resolver, ['query', 'custom_header', 'media_type'])) { |
||
353 | return true; |
||
354 | } |
||
355 | } |
||
356 | 59 | }) |
|
357 | 59 | ->thenInvalid('Versioning guessing order can only contain "query", "custom_header", "media_type".') |
|
358 | 59 | ->end() |
|
359 | 59 | ->prototype('scalar')->end() |
|
360 | 59 | ->end() |
|
361 | 59 | ->end() |
|
362 | 59 | ->end() |
|
363 | 59 | ->end(); |
|
364 | 59 | } |
|
365 | |||
366 | 59 | private function addExceptionSection(ArrayNodeDefinition $rootNode): void |
|
367 | { |
||
368 | $rootNode |
||
369 | 59 | ->children() |
|
370 | 59 | ->arrayNode('exception') |
|
371 | 59 | ->fixXmlConfig('code', 'codes') |
|
372 | 59 | ->fixXmlConfig('message', 'messages') |
|
373 | 59 | ->addDefaultsIfNotSet() |
|
374 | 59 | ->canBeEnabled() |
|
375 | 59 | ->validate() |
|
376 | 59 | ->always() |
|
377 | ->then(function ($v) { |
||
378 | 13 | if (!$v['enabled']) { |
|
379 | return $v; |
||
380 | } |
||
381 | |||
382 | 13 | if ($v['exception_listener']) { |
|
383 | @trigger_error('Enabling the "fos_rest.exception.exception_listener" option is deprecated since FOSRestBundle 2.8.', E_USER_DEPRECATED); |
||
384 | } |
||
385 | 13 | if ($v['serialize_exceptions']) { |
|
386 | @trigger_error('Enabling the "fos_rest.exception.serialize_exceptions" option is deprecated since FOSRestBundle 2.8.', E_USER_DEPRECATED); |
||
387 | } |
||
388 | |||
389 | 13 | return $v; |
|
390 | 59 | }) |
|
391 | 59 | ->end() |
|
392 | 59 | ->children() |
|
393 | 59 | ->booleanNode('map_exception_codes') |
|
394 | 59 | ->defaultFalse() |
|
395 | 59 | ->info('Enables an event listener that maps exception codes to response status codes based on the map configured with the "fos_rest.exception.codes" option.') |
|
396 | 59 | ->end() |
|
397 | 59 | ->booleanNode('exception_listener') |
|
398 | 59 | ->defaultValue(false) |
|
399 | 59 | ->validate() |
|
400 | 59 | ->ifTrue() |
|
401 | 59 | ->thenInvalid('only "false" is supported') |
|
402 | 59 | ->end() |
|
403 | 59 | ->end() |
|
404 | 59 | ->booleanNode('serialize_exceptions') |
|
405 | 59 | ->defaultValue(false) |
|
406 | 59 | ->validate() |
|
407 | 59 | ->ifTrue() |
|
408 | 59 | ->thenInvalid('only "false" is supported') |
|
409 | 59 | ->end() |
|
410 | 59 | ->end() |
|
411 | 59 | ->enumNode('flatten_exception_format') |
|
412 | 59 | ->defaultValue('legacy') |
|
413 | 59 | ->values(['legacy', 'rfc7807']) |
|
414 | 59 | ->end() |
|
415 | 59 | ->booleanNode('serializer_error_renderer')->defaultValue(false)->end() |
|
416 | 59 | ->arrayNode('codes') |
|
417 | 59 | ->useAttributeAsKey('name') |
|
418 | 59 | ->beforeNormalization() |
|
419 | 59 | ->ifArray() |
|
420 | ->then(function (array $items) { |
||
421 | 13 | foreach ($items as &$item) { |
|
422 | 13 | if (is_int($item)) { |
|
423 | 3 | continue; |
|
424 | } |
||
425 | |||
426 | 10 | if (!defined(sprintf('%s::%s', Response::class, $item))) { |
|
427 | 9 | throw new InvalidConfigurationException(sprintf('Invalid HTTP code in fos_rest.exception.codes, see %s for all valid codes.', Response::class)); |
|
428 | } |
||
429 | |||
430 | 1 | $item = constant(sprintf('%s::%s', Response::class, $item)); |
|
431 | } |
||
432 | |||
433 | 4 | return $items; |
|
434 | 59 | }) |
|
435 | 59 | ->end() |
|
436 | 59 | ->prototype('integer')->end() |
|
437 | |||
438 | 59 | ->validate() |
|
439 | 59 | ->ifArray() |
|
440 | ->then(function (array $items) { |
||
441 | 4 | foreach ($items as $class => $code) { |
|
442 | 4 | $this->testExceptionExists($class); |
|
443 | } |
||
444 | |||
445 | 3 | return $items; |
|
446 | 59 | }) |
|
447 | 59 | ->end() |
|
448 | 59 | ->end() |
|
449 | 59 | ->arrayNode('messages') |
|
450 | 59 | ->useAttributeAsKey('name') |
|
451 | 59 | ->prototype('boolean')->end() |
|
452 | 59 | ->validate() |
|
453 | 59 | ->ifArray() |
|
454 | ->then(function (array $items) { |
||
455 | 9 | foreach ($items as $class => $nomatter) { |
|
456 | 9 | $this->testExceptionExists($class); |
|
457 | } |
||
458 | |||
459 | 8 | return $items; |
|
460 | 59 | }) |
|
461 | 59 | ->end() |
|
462 | 59 | ->end() |
|
463 | 59 | ->booleanNode('debug') |
|
464 | 59 | ->defaultValue($this->debug) |
|
465 | 59 | ->end() |
|
466 | 59 | ->end() |
|
467 | 59 | ->end() |
|
468 | 59 | ->end(); |
|
469 | 59 | } |
|
470 | |||
471 | 13 | private function testExceptionExists(string $throwable): void |
|
472 | { |
||
473 | 13 | if (!is_subclass_of($throwable, \Throwable::class)) { |
|
0 ignored issues
–
show
Bug
introduced
by
Loading history...
|
|||
474 | 2 | throw new InvalidConfigurationException(sprintf('FOSRestBundle exception mapper: Could not load class "%s" or the class does not extend from "%s". Most probably this is a configuration problem.', $throwable, \Throwable::class)); |
|
475 | } |
||
476 | 11 | } |
|
477 | } |
||
478 |