# Deserialization engine limiting which types can be deserialized
class SafeDeserializer
	super Deserializer

	# Accepted parameterized classes to deserialize
	#
	# If `whitelist.empty`, all types are accepted.
	#
	# ~~~
	# import json
	#
	# class MyClass
	#     serialize
	# end
	#
	# var json_string = """
	# {"__class": "MyClass"}
	# """
	#
	# var deserializer = new JsonDeserializer(json_string)
	# var obj = deserializer.deserialize
	# assert deserializer.errors.is_empty
	# assert obj isa MyClass
	#
	# deserializer = new JsonDeserializer(json_string)
	# deserializer.whitelist.add "Array[String]"
	# deserializer.whitelist.add "AnotherAcceptedClass"
	# obj = deserializer.deserialize
	# assert deserializer.errors.length == 1
	# assert obj == null
	# ~~~
	var whitelist = new Array[Text]

	# Should objects be checked if they a subtype of the static type before deserialization?
	#
	# Defaults to `true`, as it should always be activated.
	# It can be turned off to implement the subtype check itself.
	var check_subtypes = true is writable

	# Should `self` accept to deserialize an instance of `dynamic_type` for an attribute wuth `static_type`?
	#
	# Uses `whitelist` if not empty...
	# Check correct inheritance if `check_subtypes`...
	fun accept(dynamic_type: Text, static_type: nullable Text): Bool
	do
		if whitelist.not_empty and not whitelist.has(dynamic_type) then
			errors.add new Error("Deserialization Error: '{dynamic_type}' not in whitelist")
			return false
		end

		if static_type != null and check_subtypes then
			var static_class = static_type.strip_nullable_and_params.to_s
			var dynamic_class = dynamic_type.strip_nullable_and_params.to_s
			if not class_inheritance_metamodel.has_edge(dynamic_class, static_class) then
				errors.add new Error("Deserialization Error: `{dynamic_type}` is not a subtype of the static type `{static_type}`")
				return false
			end
		end

		return true
	end
end