added maxDepth for RouteBasedResource to prevent endless nesting

tobias-trozowski · weierophinney · commit 43772a47bf5b · 2019-05-13T16:03:08.000-05:00
diff --git a/docs/book/cookbook/generating-custom-resources.md b/docs/book/cookbook/generating-custom-resources.md
@@ -22,7 +22,8 @@ interface StrategyInterface
         $instance,
         Metadata\AbstractMetadata $metadata,
         ResourceGenerator $resourceGenerator,
-        ServerRequestInterface $request
+        ServerRequestInterface $request,
+        int $depth = 0
     ) : HalResource;
 }
 ```
diff --git a/docs/book/factories.md b/docs/book/factories.md
@@ -109,6 +109,7 @@ The additional pairs are as follows:
       represents the resource identifier; defaults to "id".
     - `route_params`: an array of additional routing parameters to use when
       generating the self relational link for the resource.
+    - `max_depth`: the number of nesting levels processed. Defaults to 10.
 - For `RouteBasedCollectionMetadata`:
     - `collection_class`: the collection class the metadata describes.
     - `collection_relation`: the embedded relation for the collection in the
diff --git a/docs/book/resource-generator.md b/docs/book/resource-generator.md
@@ -50,6 +50,7 @@ following information:
       that maps to the resource identifier)
     - array `$routeParams = []` (associative array of additional routing
       parameters to substitute when generating the URI)
+    - int `$maxDepth = 10` max allowed nesting levels.
 - `Zend\Expressive\Hal\Metadata\UrlBasedCollectionMetadata`:
     - string `$class`
     - string `$collectionRelation`
diff --git a/src/Metadata/RouteBasedResourceMetadata.php b/src/Metadata/RouteBasedResourceMetadata.php
@@ -21,20 +21,25 @@ class RouteBasedResourceMetadata extends AbstractResourceMetadata
     /** @var array */
     private $routeParams;
 
+    /** @var int */
+    private $maxDepth;
+
     public function __construct(
         string $class,
         string $route,
         string $extractor,
         string $resourceIdentifier = 'id',
         string $routeIdentifierPlaceholder = 'id',
-        array $routeParams = []
+        array $routeParams = [],
+        int $maxDepth = 10
     ) {
         $this->class = $class;
         $this->route = $route;
         $this->extractor = $extractor;
         $this->resourceIdentifier = $resourceIdentifier;
         $this->routeIdentifierPlaceholder = $routeIdentifierPlaceholder;
         $this->routeParams = $routeParams;
+        $this->maxDepth = $maxDepth;
     }
 
     public function getRoute() : string
@@ -61,4 +66,9 @@ public function setRouteParams(array $routeParams) : void
     {
         $this->routeParams = $routeParams;
     }
+
+    public function getMaxDepth(): int
+    {
+        return $this->maxDepth;
+    }
 }
diff --git a/src/Metadata/RouteBasedResourceMetadataFactory.php b/src/Metadata/RouteBasedResourceMetadataFactory.php
@@ -46,6 +46,10 @@ class RouteBasedResourceMetadataFactory implements MetadataFactoryInterface
      *          // generating the self relational link for the collection
      *          // resource. Defaults to an empty array.
      *          'route_params' => [],
+     *
+     *          // Max depth to render
+     *          // Defaults to 10.
+     *          'max_depth' => 10,
      *     ]
      *     </code>
      * @return AbstractMetadata
@@ -72,7 +76,8 @@ public function createMetadata(string $requestedName, array $metadata) : Abstrac
             $metadata['extractor'],
             $metadata['resource_identifier'] ?? 'id',
             $metadata['route_identifier_placeholder'] ?? 'id',
-            $metadata['route_params'] ?? []
+            $metadata['route_params'] ?? [],
+            $metadata['max_depth'] ?? 10
         );
     }
 }
diff --git a/src/ResourceGenerator.php b/src/ResourceGenerator.php
@@ -123,7 +123,7 @@ public function fromArray(array $data, string $uri = null) : HalResource
      *     against types registered in the metadata map.
      * @param ServerRequestInterface $request
      */
-    public function fromObject($instance, ServerRequestInterface $request) : HalResource
+    public function fromObject($instance, ServerRequestInterface $request, int $depth = 0) : HalResource
     {
         if (! is_object($instance)) {
             throw Exception\InvalidObjectException::forNonObject($instance);
@@ -146,7 +146,8 @@ public function fromObject($instance, ServerRequestInterface $request) : HalReso
             $instance,
             $metadata,
             $this,
-            $request
+            $request,
+            $depth
         );
     }
 }
diff --git a/src/ResourceGenerator/ExtractCollectionTrait.php b/src/ResourceGenerator/ExtractCollectionTrait.php
@@ -46,21 +46,22 @@ private function extractCollection(
         Traversable $collection,
         AbstractCollectionMetadata $metadata,
         ResourceGenerator $resourceGenerator,
-        ServerRequestInterface $request
+        ServerRequestInterface $request,
+        int $depth = 0
     ) : HalResource {
         if (! $metadata instanceof AbstractCollectionMetadata) {
             throw Exception\UnexpectedMetadataTypeException::forCollection($metadata, get_class($this));
         }
 
         if ($collection instanceof Paginator) {
-            return $this->extractPaginator($collection, $metadata, $resourceGenerator, $request);
+            return $this->extractPaginator($collection, $metadata, $resourceGenerator, $request, $depth);
         }
 
         if ($collection instanceof DoctrinePaginator) {
-            return $this->extractDoctrinePaginator($collection, $metadata, $resourceGenerator, $request);
+            return $this->extractDoctrinePaginator($collection, $metadata, $resourceGenerator, $request, $depth);
         }
 
-        return $this->extractIterator($collection, $metadata, $resourceGenerator, $request);
+        return $this->extractIterator($collection, $metadata, $resourceGenerator, $request, $depth);
     }
 
     /**
@@ -77,7 +78,8 @@ private function extractPaginator(
         Paginator $collection,
         AbstractCollectionMetadata $metadata,
         ResourceGenerator $resourceGenerator,
-        ServerRequestInterface $request
+        ServerRequestInterface $request,
+        int $depth = 0
     ) : HalResource {
         $data      = ['_total_items' => $collection->getTotalItemCount()];
         $pageCount = $collection->count();
@@ -91,7 +93,8 @@ function (int $page) use ($collection) {
             $collection,
             $metadata,
             $resourceGenerator,
-            $request
+            $request,
+            $depth
         );
     }
 
@@ -106,7 +109,8 @@ private function extractDoctrinePaginator(
         DoctrinePaginator $collection,
         AbstractCollectionMetadata $metadata,
         ResourceGenerator $resourceGenerator,
-        ServerRequestInterface $request
+        ServerRequestInterface $request,
+        int $depth = 0
     ) : HalResource {
         $query      = $collection->getQuery();
         $totalItems = count($collection);
@@ -124,22 +128,24 @@ function (int $page) use ($query, $perPage) {
             $collection,
             $metadata,
             $resourceGenerator,
-            $request
+            $request,
+            $depth
         );
     }
 
     private function extractIterator(
         Traversable $collection,
         AbstractCollectionMetadata $metadata,
         ResourceGenerator $resourceGenerator,
-        ServerRequestInterface $request
+        ServerRequestInterface $request,
+        int $depth = 0
     ) : HalResource {
         $isCountable = $collection instanceof Countable;
         $count = $isCountable ? $collection->count() : 0;
 
         $resources = [];
         foreach ($collection as $item) {
-            $resources[] = $resourceGenerator->fromObject($item, $request);
+            $resources[] = $resourceGenerator->fromObject($item, $request, $depth + 1);
             $count = $isCountable ? $count : $count + 1;
         }
 
@@ -184,7 +190,8 @@ private function createPaginatedCollectionResource(
         iterable $collection,
         AbstractCollectionMetadata $metadata,
         ResourceGenerator $resourceGenerator,
-        ServerRequestInterface $request
+        ServerRequestInterface $request,
+        int $depth = 0
     ) : HalResource {
         $links               = [];
         $paginationParamType = $metadata->getPaginationParamType();
@@ -197,7 +204,8 @@ private function createPaginatedCollectionResource(
                 $collection,
                 $metadata,
                 $resourceGenerator,
-                $request
+                $request,
+                $depth
             );
         }
 
@@ -236,7 +244,8 @@ private function createPaginatedCollectionResource(
             $collection,
             $metadata,
             $resourceGenerator,
-            $request
+            $request,
+            $depth
         );
     }
 
@@ -255,11 +264,12 @@ private function createCollectionResource(
         iterable $collection,
         AbstractCollectionMetadata $metadata,
         ResourceGenerator $resourceGenerator,
-        ServerRequestInterface $request
+        ServerRequestInterface $request,
+        int $depth = 0
     ) : HalResource {
         $resources = [];
         foreach ($collection as $item) {
-            $resources[] = $resourceGenerator->fromObject($item, $request);
+            $resources[] = $resourceGenerator->fromObject($item, $request, $depth + 1);
         }
 
         return new HalResource($data, $links, [
diff --git a/src/ResourceGenerator/ExtractInstanceTrait.php b/src/ResourceGenerator/ExtractInstanceTrait.php
@@ -10,6 +10,7 @@
 use Psr\Http\Message\ServerRequestInterface;
 use Zend\Expressive\Hal\Metadata\AbstractCollectionMetadata;
 use Zend\Expressive\Hal\Metadata\AbstractMetadata;
+use Zend\Expressive\Hal\Metadata\RouteBasedResourceMetadata;
 use Zend\Expressive\Hal\ResourceGenerator;
 use Zend\Hydrator\ExtractionInterface;
 
@@ -27,7 +28,8 @@ private function extractInstance(
         $instance,
         AbstractMetadata $metadata,
         ResourceGenerator $resourceGenerator,
-        ServerRequestInterface $request
+        ServerRequestInterface $request,
+        int $depth = 0
     ) : array {
         $hydrators = $resourceGenerator->getHydrators();
         $extractor = $hydrators->get($metadata->getExtractor());
@@ -37,6 +39,16 @@ private function extractInstance(
 
         $array = $extractor->extract($instance);
 
+        if ($metadata instanceof RouteBasedResourceMetadata) {
+            $maxDepth = $metadata->getMaxDepth();
+            if ($depth > $maxDepth) {
+                $resourceIdentifier = $metadata->getResourceIdentifier();
+                return [
+                    $resourceIdentifier => $array[$resourceIdentifier]
+                ];
+            }
+        }
+
         // Extract nested resources if present in metadata map
         $metadataMap = $resourceGenerator->getMetadataMap();
         foreach ($array as $key => $value) {
@@ -49,7 +61,7 @@ private function extractInstance(
                 continue;
             }
 
-            $childData = $resourceGenerator->fromObject($value, $request);
+            $childData = $resourceGenerator->fromObject($value, $request, $depth + 1);
 
             // Nested collections need to be merged.
             $childMetadata = $metadataMap->get($childClass);
diff --git a/src/ResourceGenerator/RouteBasedCollectionStrategy.php b/src/ResourceGenerator/RouteBasedCollectionStrategy.php
@@ -25,7 +25,8 @@ public function createResource(
         $instance,
         Metadata\AbstractMetadata $metadata,
         ResourceGenerator $resourceGenerator,
-        ServerRequestInterface $request
+        ServerRequestInterface $request,
+        int $depth = 0
     ) : HalResource {
         if (! $metadata instanceof Metadata\RouteBasedCollectionMetadata) {
             throw Exception\UnexpectedMetadataTypeException::forMetadata(
diff --git a/src/ResourceGenerator/RouteBasedResourceStrategy.php b/src/ResourceGenerator/RouteBasedResourceStrategy.php
@@ -20,7 +20,8 @@ public function createResource(
         $instance,
         Metadata\AbstractMetadata $metadata,
         ResourceGenerator $resourceGenerator,
-        ServerRequestInterface $request
+        ServerRequestInterface $request,
+        int $depth = 0
     ) : HalResource {
         if (! $metadata instanceof Metadata\RouteBasedResourceMetadata) {
             throw Exception\UnexpectedMetadataTypeException::forMetadata(
@@ -34,7 +35,8 @@ public function createResource(
             $instance,
             $metadata,
             $resourceGenerator,
-            $request
+            $request,
+            $depth
         );
 
         $routeParams        = $metadata->getRouteParams();
@@ -45,6 +47,11 @@ public function createResource(
             $routeParams[$routeIdentifier] = $data[$resourceIdentifier];
         }
 
+        $maxDepth = $metadata->getMaxDepth();
+        if ($depth > $maxDepth) {
+            $data = [];
+        }
+
         return new HalResource($data, [
             $resourceGenerator->getLinkGenerator()->fromRoute(
                 'self',
diff --git a/src/ResourceGenerator/StrategyInterface.php b/src/ResourceGenerator/StrategyInterface.php
@@ -23,6 +23,7 @@ public function createResource(
         $instance,
         Metadata\AbstractMetadata $metadata,
         ResourceGenerator $resourceGenerator,
-        ServerRequestInterface $request
+        ServerRequestInterface $request,
+        int $depth = 0
     ) : HalResource;
 }
diff --git a/src/ResourceGenerator/UrlBasedCollectionStrategy.php b/src/ResourceGenerator/UrlBasedCollectionStrategy.php
@@ -33,7 +33,8 @@ public function createResource(
         $instance,
         Metadata\AbstractMetadata $metadata,
         ResourceGenerator $resourceGenerator,
-        ServerRequestInterface $request
+        ServerRequestInterface $request,
+        int $depth = 0
     ) : HalResource {
         if (! $metadata instanceof Metadata\UrlBasedCollectionMetadata) {
             throw Exception\UnexpectedMetadataTypeException::forMetadata(
diff --git a/src/ResourceGenerator/UrlBasedResourceStrategy.php b/src/ResourceGenerator/UrlBasedResourceStrategy.php
@@ -21,7 +21,8 @@ public function createResource(
         $instance,
         Metadata\AbstractMetadata $metadata,
         ResourceGenerator $resourceGenerator,
-        ServerRequestInterface $request
+        ServerRequestInterface $request,
+        int $depth = 0
     ) : HalResource {
         if (! $metadata instanceof Metadata\UrlBasedResourceMetadata) {
             throw Exception\UnexpectedMetadataTypeException::forMetadata(
diff --git a/test/ResourceGenerator/DoctrinePaginatorTest.php b/test/ResourceGenerator/DoctrinePaginatorTest.php
@@ -123,7 +123,8 @@ public function testDoesNotCreateLinksForUnknownPaginationParamType()
             $this->generator
                 ->fromObject(
                     (object) ['value' => $value],
-                    Argument::that([$this->request, 'reveal'])
+                    Argument::that([$this->request, 'reveal']),
+                    1
                 )
                 ->will(function () use ($testCase) {
                     $resource = $testCase->prophesize(HalResource::class);
@@ -182,7 +183,8 @@ public function testCreatesLinksForQueryBasedPagination()
             $this->generator
                 ->fromObject(
                     (object) ['value' => $value],
-                    Argument::that([$this->request, 'reveal'])
+                    Argument::that([$this->request, 'reveal']),
+                    1
                 )
                 ->will(function () use ($testCase) {
                     $resource = $testCase->prophesize(HalResource::class);
@@ -250,7 +252,8 @@ public function testCreatesLinksForRouteBasedPagination()
             $this->generator
                 ->fromObject(
                     (object) ['value' => $value],
-                    Argument::that([$this->request, 'reveal'])
+                    Argument::that([$this->request, 'reveal']),
+                    1
                 )
                 ->will(function () use ($testCase) {
                     $resource = $testCase->prophesize(HalResource::class);
diff --git a/test/ResourceGenerator/ResourceWithNestedInstancesTest.php b/test/ResourceGenerator/ResourceWithNestedInstancesTest.php
diff --git a/test/ResourceGenerator/ResourceWithSelfReferringInstanceTest.php b/test/ResourceGenerator/ResourceWithSelfReferringInstanceTest.php

Original file line number	Diff line number	Diff line change
`@@ -123,7 +123,7 @@ public function fromArray(array $data, string $uri = null) : HalResource`
`123`	`123`	`* against types registered in the metadata map.`
`124`	`124`	`* @param ServerRequestInterface $request`
`125`	`125`	`*/`
`126`		`- public function fromObject($instance, ServerRequestInterface $request) : HalResource`
	`126`	`+ public function fromObject($instance, ServerRequestInterface $request, int $depth = 0) : HalResource`
`127`	`127`	`{`
`128`	`128`	`if (! is_object($instance)) {`
`129`	`129`	`throw Exception\InvalidObjectException::forNonObject($instance);`
`@@ -146,7 +146,8 @@ public function fromObject($instance, ServerRequestInterface $request) : HalReso`
`146`	`146`	`$instance,`
`147`	`147`	`$metadata,`
`148`	`148`	`$this,`
`149`		`- $request`
	`149`	`+ $request,`
	`150`	`+ $depth`
`150`	`151`	`);`
`151`	`152`	`}`
`152`	`153`	`}`