Fix infinite recursion on some schemas when setting defaults (#359) (#…

…365)

* Don't try to fetch files that don't exist

Throws an exception when the ref can't be resolved to a useful file URI,
rather than waiting for something further down the line to fail after
the fact.

* Refactor defaults code to use LooseTypeCheck where appropriate

* Test for not treating non-containers like arrays

* Update comments

* Rename variable for clarity

* Add CHECK_MODE_ONLY_REQUIRED_DEFAULTS

If CHECK_MODE_ONLY_REQUIRED_DEFAULTS is set, then only apply defaults
if they are marked as required.

* Workaround for $this scope issue on PHP-5.3

* Fix infinite recursion via $ref when applying defaults

* Add missing second test for array case

* Add test for setting a default value for null

* Also fix infinite recursion via $ref for array defaults

* Move nested closure into separate method

* $parentSchema will always be set when $name is, so don't check it

* Handle nulls properly - fixes issue #377

README.md

@@ -187,6 +187,7 @@ third argument to `Validator::validate()`, or can be provided as the third argum
 | `Constraint::CHECK_MODE_TYPE_CAST` | Enable fuzzy type checking for associative arrays and objects |
 | `Constraint::CHECK_MODE_COERCE_TYPES` | Convert data types to match the schema where possible |
 | `Constraint::CHECK_MODE_APPLY_DEFAULTS` | Apply default values from the schema if not set |
+| `Constraint::CHECK_MODE_ONLY_REQUIRED_DEFAULTS` | When applying defaults, only set values that are required |
 | `Constraint::CHECK_MODE_EXCEPTIONS` | Throw an exception immediately if validation fails |
 | `Constraint::CHECK_MODE_DISABLE_FORMAT` | Do not validate "format" constraints |
 

src/JsonSchema/Constraints/Constraint.php

@@ -31,6 +31,7 @@ abstract class Constraint extends BaseConstraint implements ConstraintInterface
  const CHECK_MODE_APPLY_DEFAULTS = 0x00000008;
  const CHECK_MODE_EXCEPTIONS = 0x00000010;
  const CHECK_MODE_DISABLE_FORMAT = 0x00000020;
+ const CHECK_MODE_ONLY_REQUIRED_DEFAULTS = 0x00000080;
 
  /**
  * Bubble down the path
@@ -78,10 +79,10 @@ protected function checkArray(&$value, $schema = null, JsonPointer $path = null,
  * @param mixed $i
  * @param mixed $patternProperties
  */
- protected function checkObject(&$value, $schema = null, JsonPointer $path = null, $i = null, $patternProperties = null)
+ protected function checkObject(&$value, $schema = null, JsonPointer $path = null, $i = null, $patternProperties = null, $appliedDefaults = array())
  {
  $validator = $this->factory->createInstanceFor('object');
- $validator->check($value, $schema, $path, $i, $patternProperties);
+ $validator->check($value, $schema, $path, $i, $patternProperties, $appliedDefaults);
 
  $this->addErrors($validator->getErrors());
  }
@@ -110,11 +111,11 @@ protected function checkType(&$value, $schema = null, JsonPointer $path = null,
  * @param JsonPointer|null $path
  * @param mixed $i
  */
- protected function checkUndefined(&$value, $schema = null, JsonPointer $path = null, $i = null)
+ protected function checkUndefined(&$value, $schema = null, JsonPointer $path = null, $i = null, $fromDefault = false)
  {
  $validator = $this->factory->createInstanceFor('undefined');
 
- $validator->check($value, $this->factory->getSchemaStorage()->resolveRefSchema($schema), $path, $i);
+ $validator->check($value, $this->factory->getSchemaStorage()->resolveRefSchema($schema), $path, $i, $fromDefault);
 
  $this->addErrors($validator->getErrors());
  }

src/JsonSchema/Constraints/ObjectConstraint.php

@@ -20,15 +20,22 @@
  */
 class ObjectConstraint extends Constraint
 {
+ /**
+ * @var array List of properties to which a default value has been applied
+ */
+ protected $appliedDefaults = array();
+
  /**
  * {@inheritdoc}
  */
- public function check(&$element, $definition = null, JsonPointer $path = null, $additionalProp = null, $patternProperties = null)
+ public function check(&$element, $definition = null, JsonPointer $path = null, $additionalProp = null, $patternProperties = null, $appliedDefaults = array())
  {
  if ($element instanceof UndefinedConstraint) {
  return;
  }
 
+ $this->appliedDefaults = $appliedDefaults;
+
  $matches = array();
  if ($patternProperties) {
  $matches = $this->validatePatternProperties($element, $path, $patternProperties);
@@ -64,7 +71,7 @@ public function validatePatternProperties($element, JsonPointer $path = null, $p
  foreach ($element as $i => $value) {
  if (preg_match($delimiter . $pregex . $delimiter . 'u', $i)) {
  $matches[] = $i;
- $this->checkUndefined($value, $schema ?: new \stdClass(), $path, $i);
+ $this->checkUndefined($value, $schema ?: new \stdClass(), $path, $i, in_array($i, $this->appliedDefaults));
  }
  }
  }
@@ -96,9 +103,9 @@ public function validateElement($element, $matches, $objectDefinition = null, Js
  // additional properties defined
  if (!in_array($i, $matches) && $additionalProp && !$definition) {
  if ($additionalProp === true) {
- $this->checkUndefined($value, null, $path, $i);
+ $this->checkUndefined($value, null, $path, $i, in_array($i, $this->appliedDefaults));
  } else {
- $this->checkUndefined($value, $additionalProp, $path, $i);
+ $this->checkUndefined($value, $additionalProp, $path, $i, in_array($i, $this->appliedDefaults));
  }
  }
 
@@ -135,7 +142,7 @@ public function validateDefinition(&$element, $objectDefinition = null, JsonPoin
 
  if (is_object($definition)) {
  // Undefined constraint will check for is_object() and quit if is not - so why pass it?
- $this->checkUndefined($property, $definition, $path, $i);
+ $this->checkUndefined($property, $definition, $path, $i, in_array($i, $this->appliedDefaults));
  }
  }
  }

src/JsonSchema/Constraints/UndefinedConstraint.php

@@ -23,16 +23,24 @@
  */
 class UndefinedConstraint extends Constraint
 {
+ /**
+ * @var array List of properties to which a default value has been applied
+ */
+ protected $appliedDefaults = array();
+
  /**
  * {@inheritdoc}
  */
- public function check(&$value, $schema = null, JsonPointer $path = null, $i = null)
+ public function check(&$value, $schema = null, JsonPointer $path = null, $i = null, $fromDefault = false)
  {
  if (is_null($schema) || !is_object($schema)) {
  return;
  }
 
  $path = $this->incrementPath($path ?: new JsonPointer(''), $i);
+ if ($fromDefault) {
+ $path->setFromDefault();
+ }
 
  // check special properties
  $this->validateCommonProperties($value, $schema, $path, $i);
@@ -68,7 +76,8 @@ public function validateTypes(&$value, $schema = null, JsonPointer $path, $i = n
  isset($schema->properties) ? $this->factory->getSchemaStorage()->resolveRefSchema($schema->properties) : $schema,
  $path,
  isset($schema->additionalProperties) ? $schema->additionalProperties : null,
- isset($schema->patternProperties) ? $schema->patternProperties : null
+ isset($schema->patternProperties) ? $schema->patternProperties : null,
+ $this->appliedDefaults
  );
  }
 
@@ -113,46 +122,8 @@ protected function validateCommonProperties(&$value, $schema = null, JsonPointer
  }
 
  // Apply default values from schema
- if ($this->factory->getConfig(self::CHECK_MODE_APPLY_DEFAULTS)) {
- if ($this->getTypeCheck()->isObject($value) && isset($schema->properties)) {
- // $value is an object, so apply default properties if defined
- foreach ($schema->properties as $currentProperty => $propertyDefinition) {
- if (!$this->getTypeCheck()->propertyExists($value, $currentProperty) && isset($propertyDefinition->default)) {
- if (is_object($propertyDefinition->default)) {
- $this->getTypeCheck()->propertySet($value, $currentProperty, clone $propertyDefinition->default);
- } else {
- $this->getTypeCheck()->propertySet($value, $currentProperty, $propertyDefinition->default);
- }
- }
- }
- } elseif ($this->getTypeCheck()->isArray($value)) {
- if (isset($schema->properties)) {
- // $value is an array, but default properties are defined, so treat as assoc
- foreach ($schema->properties as $currentProperty => $propertyDefinition) {
- if (!isset($value[$currentProperty]) && isset($propertyDefinition->default)) {
- if (is_object($propertyDefinition->default)) {
- $value[$currentProperty] = clone $propertyDefinition->default;
- } else {
- $value[$currentProperty] = $propertyDefinition->default;
- }
- }
- }
- } elseif (isset($schema->items)) {
- // $value is an array, and default items are defined - treat as plain array
- foreach ($schema->items as $currentProperty => $itemDefinition) {
- if (!isset($value[$currentProperty]) && isset($itemDefinition->default)) {
- if (is_object($itemDefinition->default)) {
- $value[$currentProperty] = clone $itemDefinition->default;
- } else {
- $value[$currentProperty] = $itemDefinition->default;
- }
- }
- }
- }
- } elseif (($value instanceof self || $value === null) && isset($schema->default)) {
- // $value is a leaf, not a container - apply the default directly
- $value = is_object($schema->default) ? clone $schema->default : $schema->default;
- }
+ if (!$path->fromDefault()) {
+ $this->applyDefaultValues($value, $schema, $path);
  }
 
  // Verify required values
@@ -216,6 +187,96 @@ protected function validateCommonProperties(&$value, $schema = null, JsonPointer
  }
  }
 
+ /**
+ * Check whether a default should be applied for this value
+ *
+ * @param mixed $schema
+ * @param mixed $parentSchema
+ * @param bool $requiredOnly
+ *
+ * @return bool
+ */
+ private function shouldApplyDefaultValue($requiredOnly, $schema, $name = null, $parentSchema = null)
+ {
+ // required-only mode is off
+ if (!$requiredOnly) {
+ return true;
+ }
+ // draft-04 required is set
+ if (
+ $name !== null
+ && isset($parentSchema->required)
+ && is_array($parentSchema->required)
+ && in_array($name, $parentSchema->required)
+ ) {
+ return true;
+ }
+ // draft-03 required is set
+ if (isset($schema->required) && !is_array($schema->required) && $schema->required) {
+ return true;
+ }
+ // default case
+ return false;
+ }
+
+ /**
+ * Apply default values
+ *
+ * @param mixed $value
+ * @param mixed $schema
+ * @param JsonPointer $path
+ */
+ protected function applyDefaultValues(&$value, $schema, $path)
+ {
+ // only apply defaults if feature is enabled
+ if (!$this->factory->getConfig(self::CHECK_MODE_APPLY_DEFAULTS)) {
+ return;
+ }
+
+ // apply defaults if appropriate
+ $requiredOnly = $this->factory->getConfig(self::CHECK_MODE_ONLY_REQUIRED_DEFAULTS);
+ if (isset($schema->properties) && LooseTypeCheck::isObject($value)) {
+ // $value is an object or assoc array, and properties are defined - treat as an object
+ foreach ($schema->properties as $currentProperty => $propertyDefinition) {
+ if (
+ !LooseTypeCheck::propertyExists($value, $currentProperty)
+ && property_exists($propertyDefinition, 'default')
+ && $this->shouldApplyDefaultValue($requiredOnly, $propertyDefinition, $currentProperty, $schema)
+ ) {
+ // assign default value
+ if (is_object($propertyDefinition->default)) {
+ LooseTypeCheck::propertySet($value, $currentProperty, clone $propertyDefinition->default);
+ } else {
+ LooseTypeCheck::propertySet($value, $currentProperty, $propertyDefinition->default);
+ }
+ $this->appliedDefaults[] = $currentProperty;
+ }
+ }
+ } elseif (isset($schema->items) && LooseTypeCheck::isArray($value)) {
+ // $value is an array, and items are defined - treat as plain array
+ foreach ($schema->items as $currentItem => $itemDefinition) {
+ if (
+ !array_key_exists($currentItem, $value)
+ && property_exists($itemDefinition, 'default')
+ && $this->shouldApplyDefaultValue($requiredOnly, $itemDefinition)) {
+ if (is_object($itemDefinition->default)) {
+ $value[$currentItem] = clone $itemDefinition->default;
+ } else {
+ $value[$currentItem] = $itemDefinition->default;
+ }
+ }
+ $path->setFromDefault();
+ }
+ } elseif (
+ $value instanceof self
+ && property_exists($schema, 'default')
+ && $this->shouldApplyDefaultValue($requiredOnly, $schema)) {
+ // $value is a leaf, not a container - apply the default directly
+ $value = is_object($schema->default) ? clone $schema->default : $schema->default;
+ $path->setFromDefault();
+ }
+ }
+
  /**
  * Validate allOf, anyOf, and oneOf properties
  *

src/JsonSchema/Entity/JsonPointer.php

@@ -24,6 +24,11 @@ class JsonPointer
  /** @var string[] */
  private $propertyPaths = array();
 
+ /**
+ * @var bool Whether the value at this path was set from a schema default
+ */
+ private $fromDefault = false;
+
  /**
  * @param string $value
  *
@@ -135,4 +140,22 @@ public function __toString()
  {
  return $this->getFilename() . $this->getPropertyPathAsString();
  }
+
+ /**
+ * Mark the value at this path as being set from a schema default
+ */
+ public function setFromDefault()
+ {
+ $this->fromDefault = true;
+ }
+
+ /**
+ * Check whether the value at this path was set from a schema default
+ *
+ * @return bool
+ */
+ public function fromDefault()
+ {
+ return $this->fromDefault;
+ }
 }

src/JsonSchema/SchemaStorage.php

@@ -79,8 +79,18 @@ public function getSchema($id)
  public function resolveRef($ref)
  {
  $jsonPointer = new JsonPointer($ref);
- $refSchema = $this->getSchema($jsonPointer->getFilename());
 
+ // resolve filename for pointer
+ $fileName = $jsonPointer->getFilename();
+ if (!strlen($fileName)) {
+ throw new UnresolvableJsonPointerException(sprintf(
+ "Could not resolve fragment '%s': no file is defined",
+ $jsonPointer->getPropertyPathAsString()
+ ));
+ }
+
+ // get & process the schema
+ $refSchema = $this->getSchema($fileName);
  foreach ($jsonPointer->getPropertyPaths() as $path) {
  if (is_object($refSchema) && property_exists($refSchema, $path)) {
  $refSchema = $this->resolveRefSchema($refSchema->{$path});