diff --git a/src/DataFormatter.php b/src/DataFormatter.php index 246ca34..2e2ace6 100644 --- a/src/DataFormatter.php +++ b/src/DataFormatter.php @@ -301,7 +301,9 @@ abstract class DataFormatter if (is_array($this->customFields)) { foreach ($this->customFields as $fieldName) { // @todo Possible security risk by making methods accessible - implement field-level security - if ($obj->hasField($fieldName) || $obj->hasMethod("get{$fieldName}")) { + if (($obj->hasField($fieldName) && !is_object($obj->getField($fieldName))) + || $obj->hasMethod("get{$fieldName}") + ) { $dbFields[$fieldName] = $fieldName; } } diff --git a/tests/unit/Stubs/RestfulServerTestAuthor.php b/tests/unit/Stubs/RestfulServerTestAuthor.php index 8f16a07..0145f03 100644 --- a/tests/unit/Stubs/RestfulServerTestAuthor.php +++ b/tests/unit/Stubs/RestfulServerTestAuthor.php @@ -2,11 +2,8 @@ namespace SilverStripe\RestfulServer\Tests\Stubs; -use SilverStripe\RestfulServer\Tests\Stubs\RestfulServerTestPage; -use SilverStripe\RestfulServer\Tests\Stubs\RestfulServerTestAuthor; -use SilverStripe\RestfulServer\Tests\Stubs\RestfulServerTestAuthorRating; -use SilverStripe\ORM\DataObject; use SilverStripe\Dev\TestOnly; +use SilverStripe\ORM\DataObject; class RestfulServerTestAuthor extends DataObject implements TestOnly { diff --git a/tests/unit/Stubs/RestfulServerTestAuthorRating.php b/tests/unit/Stubs/RestfulServerTestAuthorRating.php index 87f2500..79300d6 100644 --- a/tests/unit/Stubs/RestfulServerTestAuthorRating.php +++ b/tests/unit/Stubs/RestfulServerTestAuthorRating.php @@ -2,9 +2,8 @@ namespace SilverStripe\RestfulServer\Tests\Stubs; -use SilverStripe\RestfulServer\Tests\Stubs\RestfulServerTestAuthor; -use SilverStripe\ORM\DataObject; use SilverStripe\Dev\TestOnly; +use SilverStripe\ORM\DataObject; class RestfulServerTestAuthorRating extends DataObject implements TestOnly { diff --git a/tests/unit/Stubs/RestfulServerTestComment.php b/tests/unit/Stubs/RestfulServerTestComment.php index c780003..349b01c 100644 --- a/tests/unit/Stubs/RestfulServerTestComment.php +++ b/tests/unit/Stubs/RestfulServerTestComment.php @@ -2,12 +2,10 @@ namespace SilverStripe\RestfulServer\Tests\Stubs; -use SilverStripe\RestfulServer\Tests\Stubs\RestfulServerTestPage; -use SilverStripe\RestfulServer\Tests\Stubs\RestfulServerTestAuthor; -use SilverStripe\Security\Permission; -use SilverStripe\ORM\DataObject; -use SilverStripe\Security\PermissionProvider; use SilverStripe\Dev\TestOnly; +use SilverStripe\ORM\DataObject; +use SilverStripe\Security\Permission; +use SilverStripe\Security\PermissionProvider; /** * Everybody can view comments, logged in members in the "users" group can create comments, diff --git a/tests/unit/Stubs/RestfulServerTestPage.php b/tests/unit/Stubs/RestfulServerTestPage.php index 7c3a725..774d450 100644 --- a/tests/unit/Stubs/RestfulServerTestPage.php +++ b/tests/unit/Stubs/RestfulServerTestPage.php @@ -2,10 +2,8 @@ namespace SilverStripe\RestfulServer\Tests\Stubs; -use SilverStripe\RestfulServer\Tests\Stubs\RestfulServerTestAuthor; -use SilverStripe\RestfulServer\Tests\Stubs\RestfulServerTestComment; -use SilverStripe\ORM\DataObject; use SilverStripe\Dev\TestOnly; +use SilverStripe\ORM\DataObject; class RestfulServerTestPage extends DataObject implements TestOnly { diff --git a/tests/unit/Stubs/RestfulServerTestSecretThing.php b/tests/unit/Stubs/RestfulServerTestSecretThing.php index 8faec95..2a87239 100644 --- a/tests/unit/Stubs/RestfulServerTestSecretThing.php +++ b/tests/unit/Stubs/RestfulServerTestSecretThing.php @@ -2,9 +2,9 @@ namespace SilverStripe\RestfulServer\Tests\Stubs; -use SilverStripe\Security\Permission; -use SilverStripe\ORM\DataObject; use SilverStripe\Dev\TestOnly; +use SilverStripe\ORM\DataObject; +use SilverStripe\Security\Permission; use SilverStripe\Security\PermissionProvider; class RestfulServerTestSecretThing extends DataObject implements TestOnly, PermissionProvider