Skip to content

Commit

Permalink
Test unserialize safelist
Browse files Browse the repository at this point in the history
  • Loading branch information
@rawilk
rawilk committed Nov 14, 2023
1 parent a28f62b commit 8a63299
Showing 1 changed file with 34 additions and 0 deletions.
34 changes: 34 additions & 0 deletions tests/Unit/ValueSerializers/ValueSerializerTest.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,6 +2,8 @@

declare(strict_types=1);

use Carbon\Carbon;
use Illuminate\Support\Facades\Date;
use Rawilk\Settings\Support\ValueSerializers\ValueSerializer;

it('serializes values', function (mixed $value) {
Expand All @@ -22,6 +24,38 @@
}
})->with('values');

test('certain objects can be safelisted for unserialization', function () {
config(['settings.unserialize_safelist' => [
Carbon::class,
]]);

$serializer = new ValueSerializer;

Date::setTestNow('2023-01-01 10:00:00');

$now = Carbon::now();

$serialized = serialize($now);
$unserialized = $serializer->unserialize($serialized);

expect($unserialized)->toBeInstanceOf(Carbon::class)
->and($unserialized->eq($now))->toBeTrue()
->and($unserialized->toDateTimeString())->toBe('2023-01-01 10:00:00');
});

test('objects not in the safelist will be unserialized to __PHP_Incomplete_Class', function () {
config(['settings.unserialize_safelist' => []]);

$serializer = new ValueSerializer;

$serialized = serialize(Carbon::now());
$unserialized = $serializer->unserialize($serialized);

expect($unserialized)->toBeObject()
->and($unserialized)->not->toBeInstanceOf(Carbon::class)
->and($unserialized)->toBeInstanceOf(__PHP_Incomplete_Class::class);
});

dataset('values', [
null,
1,
Expand Down

0 comments on commit 8a63299

Please sign in to comment.