diff --git a/src/Bundle/ChillMainBundle/Controller/PermissionApiController.php b/src/Bundle/ChillMainBundle/Controller/PermissionApiController.php
index beeb76089..3476c4bbe 100644
--- a/src/Bundle/ChillMainBundle/Controller/PermissionApiController.php
+++ b/src/Bundle/ChillMainBundle/Controller/PermissionApiController.php
@@ -1,5 +1,12 @@
 <?php
 
+/**
+ * Chill is a software for social workers
+ *
+ * For the full copyright and license information, please view
+ * the LICENSE file that was distributed with this source code.
+ */
+
 namespace Chill\MainBundle\Controller;
 
 use Symfony\Bundle\FrameworkBundle\Controller\AbstractController;
@@ -9,10 +16,13 @@ use Symfony\Component\HttpKernel\Exception\BadRequestHttpException;
 use Symfony\Component\Routing\Annotation\Route;
 use Symfony\Component\Security\Core\Security;
 use Symfony\Component\Serializer\Normalizer\DenormalizerInterface;
+use function array_key_exists;
+use function json_decode;
 
 class PermissionApiController extends AbstractController
 {
     private DenormalizerInterface $denormalizer;
+
     private Security $security;
 
     public function __construct(
@@ -25,25 +35,29 @@ class PermissionApiController extends AbstractController
 
     /**
      * @Route("/api/1.0/main/permissions/info.json", methods={"POST"})
+     *
      * @throws \Symfony\Component\Serializer\Exception\ExceptionInterface
      */
     public function getPermissions(Request $request): JsonResponse
     {
         $this->denyAccessUnlessGranted('ROLE_USER');
 
-        $data = \json_decode($request->getContent(), true);
+        $data = json_decode($request->getContent(), true);
 
         if (null === $data) {
             throw new BadRequestHttpException(sprintf(
-                "Could not decode json received, or data invalid: %s, %s", \json_last_error(), \json_last_error_msg()
+                'Could not decode json received, or data invalid: %s, %s',
+                json_last_error(),
+                json_last_error_msg()
             ));
         }
 
-        if (!\array_key_exists('object', $data)) {
-            throw new BadRequestHttpException("the object key is not present");
+        if (!array_key_exists('object', $data)) {
+            throw new BadRequestHttpException('the object key is not present');
         }
-        if (!\array_key_exists('class', $data)) {
-            throw new BadRequestHttpException("the class key is not present");
+
+        if (!array_key_exists('class', $data)) {
+            throw new BadRequestHttpException('the class key is not present');
         }
 
         if (null !== $data['object']) {
@@ -54,14 +68,13 @@ class PermissionApiController extends AbstractController
         $roles = [];
 
         foreach (($data['roles'] ?? []) as $role) {
-           $roles[$role] = $this->security->isGranted($role, $object);
+            $roles[$role] = $this->security->isGranted($role, $object);
         }
 
         return $this->json(
-            ['roles' => $roles, ],
+            ['roles' => $roles],
             200,
             [],
         );
     }
-
 }
diff --git a/src/Bundle/ChillMainBundle/Tests/Controller/PermissionApiControllerTest.php b/src/Bundle/ChillMainBundle/Tests/Controller/PermissionApiControllerTest.php
index 0eac990ec..f267421bf 100644
--- a/src/Bundle/ChillMainBundle/Tests/Controller/PermissionApiControllerTest.php
+++ b/src/Bundle/ChillMainBundle/Tests/Controller/PermissionApiControllerTest.php
@@ -1,14 +1,51 @@
 <?php
 
+/**
+ * Chill is a software for social workers
+ *
+ * For the full copyright and license information, please view
+ * the LICENSE file that was distributed with this source code.
+ */
+
 namespace Controller;
 
 use Chill\MainBundle\Test\PrepareClientTrait;
+use DateTime;
 use Symfony\Bundle\FrameworkBundle\Test\WebTestCase;
 
+/**
+ * @internal
+ * @coversNothing
+ */
 class PermissionApiControllerTest extends WebTestCase
 {
     use PrepareClientTrait;
 
+    public function testDenormalizingObject()
+    {
+        $client = $this->getClientAuthenticated();
+
+        $client->request(
+            'POST',
+            '/api/1.0/main/permissions/info.json',
+            [], // parameters
+            [], // files
+            [], // server
+            json_encode([
+                'object' => [
+                    'datetime' => '1969-07-09T00:00:00+0100',
+                ],
+                'class' => DateTime::class,
+                'roles' => ['FOO_ROLE'],
+            ])
+        );
+
+        $this->assertResponseIsSuccessful();
+
+        $data = json_decode($client->getResponse()->getContent(), true);
+        $this->assertFalse($data['roles']['FOO_ROLE']);
+    }
+
     public function testNullObject()
     {
         $client = $this->getClientAuthenticated();
@@ -19,18 +56,17 @@ class PermissionApiControllerTest extends WebTestCase
             [], // parameters
             [], // files
             [], // server
-            \json_encode([
+            json_encode([
                 'object' => null,
                 'class' => null,
-                'roles' => ['ROLE_USER', 'ROLE_ADMIN']
+                'roles' => ['ROLE_USER', 'ROLE_ADMIN'],
             ])
         );
 
         $this->assertResponseIsSuccessful();
 
-        $data = \json_decode($client->getResponse()->getContent(), true);
+        $data = json_decode($client->getResponse()->getContent(), true);
         $this->assertTrue($data['roles']['ROLE_USER']);
         $this->assertFalse($data['roles']['ROLE_ADMIN']);
     }
-
 }