platform/src/Core/Checkout/Promotion/Validator/PromotionValidator.php line 59

Open in your IDE?
  1. <?php declare(strict_types=1);
  3. namespace Shopware\Core\Checkout\Promotion\Validator;
  5. use Doctrine\DBAL\Connection;
  6. use Shopware\Core\Checkout\Promotion\Aggregate\PromotionDiscount\PromotionDiscountDefinition;
  7. use Shopware\Core\Checkout\Promotion\Aggregate\PromotionDiscount\PromotionDiscountEntity;
  8. use Shopware\Core\Checkout\Promotion\PromotionDefinition;
  9. use Shopware\Core\Framework\Api\Exception\ResourceNotFoundException;
  10. use Shopware\Core\Framework\DataAbstractionLayer\Write\Command\InsertCommand;
  11. use Shopware\Core\Framework\DataAbstractionLayer\Write\Command\UpdateCommand;
  12. use Shopware\Core\Framework\DataAbstractionLayer\Write\Command\WriteCommand;
  13. use Shopware\Core\Framework\DataAbstractionLayer\Write\Validation\PreWriteValidationEvent;
  14. use Shopware\Core\Framework\Validation\WriteConstraintViolationException;
  15. use Symfony\Component\EventDispatcher\EventSubscriberInterface;
  16. use Symfony\Component\Validator\ConstraintViolation;
  17. use Symfony\Component\Validator\ConstraintViolationInterface;
  18. use Symfony\Component\Validator\ConstraintViolationList;
  20. class PromotionValidator implements EventSubscriberInterface
  21. {
  22.     /**
  23.      * this is the min value for all types
  24.      * (absolute, percentage, ...)
  25.      */
  26.     private const DISCOUNT_MIN_VALUE 0.00;
  28.     /**
  29.      * this is used for the maximum allowed
  30.      * percentage discount.
  31.      */
  32.     private const DISCOUNT_PERCENTAGE_MAX_VALUE 100.0;
  34.     private Connection $connection;
  36.     private array $databasePromotions;
  38.     private array $databaseDiscounts;
  40.     public function __construct(Connection $connection)
  41.     {
  42.         $this->connection $connection;
  43.     }
  45.     public static function getSubscribedEvents(): array
  46.     {
  47.         return [
  48.             PreWriteValidationEvent::class => 'preValidate',
  49.         ];
  50.     }
  52.     /**
  53.      * This function validates our incoming delta-values for promotions
  54.      * and its aggregation. It does only check for business relevant rules and logic.
  55.      * All primitive "required" constraints are done inside the definition of the entity.
  56.      *
  57.      * @throws WriteConstraintViolationException
  58.      */
  59.     public function preValidate(PreWriteValidationEvent $event): void
  60.     {
  61.         $this->collect($event->getCommands());
  63.         $violationList = new ConstraintViolationList();
  64.         $writeCommands $event->getCommands();
  66.         foreach ($writeCommands as $index => $command) {
  67.             if (!$command instanceof InsertCommand && !$command instanceof UpdateCommand) {
  68.                 continue;
  69.             }
  71.             switch (\get_class($command->getDefinition())) {
  72.                 case PromotionDefinition::class:
  74.                     /** @var string $promotionId */
  75.                     $promotionId $command->getPrimaryKey()['id'];
  77.                     try {
  78.                         /** @var array $promotion */
  79.                         $promotion $this->getPromotionById($promotionId);
  80.                     } catch (ResourceNotFoundException $ex) {
  81.                         $promotion = [];
  82.                     }
  84.                     $this->validatePromotion(
  85.                         $promotion,
  86.                         $command->getPayload(),
  87.                         $violationList,
  88.                         $index
  89.                     );
  91.                     break;
  93.                 case PromotionDiscountDefinition::class:
  95.                     /** @var string $discountId */
  96.                     $discountId $command->getPrimaryKey()['id'];
  98.                     try {
  99.                         /** @var array $discount */
  100.                         $discount $this->getDiscountById($discountId);
  101.                     } catch (ResourceNotFoundException $ex) {
  102.                         $discount = [];
  103.                     }
  105.                     $this->validateDiscount(
  106.                         $discount,
  107.                         $command->getPayload(),
  108.                         $violationList,
  109.                         $index
  110.                     );
  112.                     break;
  113.             }
  114.         }
  116.         if ($violationList->count() > 0) {
  117.             $event->getExceptions()->add(new WriteConstraintViolationException($violationList));
  118.         }
  119.     }
  121.     /**
  122.      * This function collects all database data that might be
  123.      * required for any of the received entities and values.
  124.      *
  125.      * @throws ResourceNotFoundException
  126.      * @throws \Doctrine\DBAL\DBALException
  127.      */
  128.     private function collect(array $writeCommands): void
  129.     {
  130.         $promotionIds = [];
  131.         $discountIds = [];
  133.         /** @var WriteCommand $command */
  134.         foreach ($writeCommands as $command) {
  135.             if (!$command instanceof InsertCommand && !$command instanceof UpdateCommand) {
  136.                 continue;
  137.             }
  139.             switch (\get_class($command->getDefinition())) {
  140.                 case PromotionDefinition::class:
  141.                     $promotionIds[] = $command->getPrimaryKey()['id'];
  143.                     break;
  145.                 case PromotionDiscountDefinition::class:
  146.                     $discountIds[] = $command->getPrimaryKey()['id'];
  148.                     break;
  149.             }
  150.         }
  152.         // why do we have inline sql queries in here?
  153.         // because we want to avoid any other private functions that accidentally access
  154.         // the database. all private getters should only access the local in-memory list
  155.         // to avoid additional database queries.
  157.         $promotionQuery $this->connection->executeQuery(
  158.             'SELECT * FROM `promotion` WHERE `id` IN (:ids)',
  159.             ['ids' => $promotionIds],
  160.             ['ids' => Connection::PARAM_STR_ARRAY]
  161.         );
  163.         $this->databasePromotions $promotionQuery->fetchAll();
  165.         $discountQuery $this->connection->executeQuery(
  166.             'SELECT * FROM `promotion_discount` WHERE `id` IN (:ids)',
  167.             ['ids' => $discountIds],
  168.             ['ids' => Connection::PARAM_STR_ARRAY]
  169.         );
  171.         $this->databaseDiscounts $discountQuery->fetchAll();
  172.     }
  174.     /**
  175.      * Validates the provided Promotion data and adds
  176.      * violations to the provided list of violations, if found.
  177.      *
  178.      * @param array                   $promotion     the current promotion from the database as array type
  179.      * @param array                   $payload       the incoming delta-data
  180.      * @param ConstraintViolationList $violationList the list of violations that needs to be filled
  181.      * @param int                     $index         the index of this promotion in the command queue
  182.      *
  183.      * @throws \Exception
  184.      */
  185.     private function validatePromotion(array $promotion, array $payloadConstraintViolationList $violationListint $index): void
  186.     {
  187.         /** @var string|null $validFrom */
  188.         $validFrom $this->getValue($payload'valid_from'$promotion);
  190.         /** @var string|null $validUntil */
  191.         $validUntil $this->getValue($payload'valid_until'$promotion);
  193.         /** @var bool $useCodes */
  194.         $useCodes $this->getValue($payload'use_codes'$promotion);
  196.         /** @var bool $useCodesIndividual */
  197.         $useCodesIndividual $this->getValue($payload'use_individual_codes'$promotion);
  199.         /** @var string|null $pattern */
  200.         $pattern $this->getValue($payload'individual_code_pattern'$promotion);
  202.         /** @var string|null $promotionId */
  203.         $promotionId $this->getValue($payload'id'$promotion);
  205.         /** @var string|null $code */
  206.         $code $this->getValue($payload'code'$promotion);
  208.         if ($code === null) {
  209.             $code '';
  210.         }
  212.         if ($pattern === null) {
  213.             $pattern '';
  214.         }
  216.         $trimmedCode trim($code);
  218.         // if we have both a date from and until, make sure that
  219.         // the dateUntil is always in the future.
  220.         if ($validFrom !== null && $validUntil !== null) {
  221.             // now convert into real date times
  222.             // and start comparing them
  223.             $dateFrom = new \DateTime($validFrom);
  224.             $dateUntil = new \DateTime($validUntil);
  225.             if ($dateUntil $dateFrom) {
  226.                 $violationList->add($this->buildViolation(
  227.                     'Expiration Date of Promotion must be after Start of Promotion',
  228.                     $payload['valid_until'],
  229.                     'validUntil',
  230.                     'PROMOTION_VALID_UNTIL_VIOLATION',
  231.                     $index
  232.                 ));
  233.             }
  234.         }
  236.         // check if we use global codes
  237.         if ($useCodes && !$useCodesIndividual) {
  238.             // make sure the code is not empty
  239.             if ($trimmedCode === '') {
  240.                 $violationList->add($this->buildViolation(
  241.                     'Please provide a valid code',
  242.                     $code,
  243.                     'code',
  244.                     'PROMOTION_EMPTY_CODE_VIOLATION',
  245.                     $index
  246.                 ));
  247.             }
  249.             // if our code length is greater than the trimmed one,
  250.             // this means we have leading or trailing whitespaces
  251.             if (mb_strlen($code) > mb_strlen($trimmedCode)) {
  252.                 $violationList->add($this->buildViolation(
  253.                     'Code may not have any leading or ending whitespaces',
  254.                     $code,
  255.                     'code',
  256.                     'PROMOTION_CODE_WHITESPACE_VIOLATION',
  257.                     $index
  258.                 ));
  259.             }
  260.         }
  262.         if ($pattern !== '' && $this->isCodePatternAlreadyUsed($pattern$promotionId)) {
  263.             $violationList->add($this->buildViolation(
  264.                 'Code Pattern already exists in other promotion. Please provide a different pattern.',
  265.                 $pattern,
  266.                 'individualCodePattern',
  267.                 'PROMOTION_DUPLICATE_PATTERN_VIOLATION',
  268.                 $index
  269.             ));
  270.         }
  272.         // lookup global code if it does already exist in database
  273.         if ($trimmedCode !== '' && $this->isCodeAlreadyUsed($trimmedCode$promotionId)) {
  274.             $violationList->add($this->buildViolation(
  275.                 'Code already exists in other promotion. Please provide a different code.',
  276.                 $trimmedCode,
  277.                 'code',
  278.                 'PROMOTION_DUPLICATED_CODE_VIOLATION',
  279.                 $index
  280.             ));
  281.         }
  282.     }
  284.     /**
  285.      * Validates the provided PromotionDiscount data and adds
  286.      * violations to the provided list of violations, if found.
  287.      *
  288.      * @param array                   $discount      the discount as array from the database
  289.      * @param array                   $payload       the incoming delta-data
  290.      * @param ConstraintViolationList $violationList the list of violations that needs to be filled
  291.      */
  292.     private function validateDiscount(array $discount, array $payloadConstraintViolationList $violationListint $index): void
  293.     {
  294.         /** @var string $type */
  295.         $type $this->getValue($payload'type'$discount);
  297.         /** @var float|null $value */
  298.         $value $this->getValue($payload'value'$discount);
  300.         if ($value === null) {
  301.             return;
  302.         }
  304.         if ($value self::DISCOUNT_MIN_VALUE) {
  305.             $violationList->add($this->buildViolation(
  306.                 'Value must not be less than ' self::DISCOUNT_MIN_VALUE,
  307.                 $value,
  308.                 'value',
  309.                 'PROMOTION_DISCOUNT_MIN_VALUE_VIOLATION',
  310.                 $index
  311.             ));
  312.         }
  314.         switch ($type) {
  315.             case PromotionDiscountEntity::TYPE_PERCENTAGE:
  316.                 if ($value self::DISCOUNT_PERCENTAGE_MAX_VALUE) {
  317.                     $violationList->add($this->buildViolation(
  318.                         'Absolute value must not greater than ' self::DISCOUNT_PERCENTAGE_MAX_VALUE,
  319.                         $value,
  320.                         'value',
  321.                         'PROMOTION_DISCOUNT_MAX_VALUE_VIOLATION',
  322.                         $index
  323.                     ));
  324.                 }
  326.                 break;
  327.         }
  328.     }
  330.     /**
  331.      * Gets a value from an array. It also does clean checks if
  332.      * the key is set, and also provides the option for default values.
  333.      *
  334.      * @param array  $data  the data array
  335.      * @param string $key   the requested key in the array
  336.      * @param array  $dbRow the db row of from the database
  337.      *
  338.      * @return mixed the object found in the key, or the default value
  339.      */
  340.     private function getValue(array $datastring $key, array $dbRow)
  341.     {
  342.         // try in our actual data set
  343.         if (isset($data[$key])) {
  344.             return $data[$key];
  345.         }
  347.         // try in our db row fallback
  348.         if (isset($dbRow[$key])) {
  349.             return $dbRow[$key];
  350.         }
  352.         // use default
  353.         return null;
  354.     }
  356.     /**
  357.      * @throws ResourceNotFoundException
  358.      *
  359.      * @return array|mixed
  360.      */
  361.     private function getPromotionById(string $id)
  362.     {
  363.         /** @var array $promotion */
  364.         foreach ($this->databasePromotions as $promotion) {
  365.             if ($promotion['id'] === $id) {
  366.                 return $promotion;
  367.             }
  368.         }
  370.         throw new ResourceNotFoundException('promotion', [$id]);
  371.     }
  373.     /**
  374.      * @throws ResourceNotFoundException
  375.      *
  376.      * @return array|mixed
  377.      */
  378.     private function getDiscountById(string $id)
  379.     {
  380.         /** @var array $discount */
  381.         foreach ($this->databaseDiscounts as $discount) {
  382.             if ($discount['id'] === $id) {
  383.                 return $discount;
  384.             }
  385.         }
  387.         throw new ResourceNotFoundException('promotion_discount', [$id]);
  388.     }
  390.     /**
  391.      * This helper function builds an easy violation
  392.      * object for our validator.
  393.      *
  394.      * @param string $message      the error message
  395.      * @param mixed  $invalidValue the actual invalid value
  396.      * @param string $propertyPath the property path from the root value to the invalid value without initial slash
  397.      * @param string $code         the error code of the violation
  398.      * @param int    $index        the position of this entity in the command queue
  399.      *
  400.      * @return ConstraintViolationInterface the built constraint violation
  401.      */
  402.     private function buildViolation(string $message$invalidValuestring $propertyPathstring $codeint $index): ConstraintViolationInterface
  403.     {
  404.         $formattedPath "/{$index}/{$propertyPath}";
  406.         return new ConstraintViolation(
  407.             $message,
  408.             '',
  409.             [
  410.                 'value' => $invalidValue,
  411.             ],
  412.             $invalidValue,
  413.             $formattedPath,
  414.             $invalidValue,
  415.             null,
  416.             $code
  417.         );
  418.     }
  420.     /**
  421.      * True, if the provided pattern is already used in another promotion.
  422.      */
  423.     private function isCodePatternAlreadyUsed(string $pattern, ?string $promotionId): bool
  424.     {
  425.         $qb $this->connection->createQueryBuilder();
  427.         $query $qb
  428.             ->select('id')
  429.             ->from('promotion')
  430.             ->where($qb->expr()->eq('individual_code_pattern'':pattern'))
  431.             ->setParameter(':pattern'$pattern);
  433.         $promotions $query->execute()->fetchAll();
  435.         /** @var array $p */
  436.         foreach ($promotions as $p) {
  437.             // if we have a promotion id to verify
  438.             // and a promotion with another id exists, then return that is used
  439.             if ($promotionId !== null && $p['id'] !== $promotionId) {
  440.                 return true;
  441.             }
  442.         }
  444.         return false;
  445.     }
  447.     /**
  448.      * True, if the provided code is already used as global
  449.      * or individual code in another promotion.
  450.      */
  451.     private function isCodeAlreadyUsed(string $code, ?string $promotionId): bool
  452.     {
  453.         $qb $this->connection->createQueryBuilder();
  455.         // check if individual code.
  456.         // if we dont have a promotion Id only
  457.         // check if its existing somewhere,
  458.         // if we have an Id, verify if it's existing in another promotion
  459.         $query $qb
  460.             ->select('id')
  461.             ->from('promotion_individual_code')
  462.             ->where($qb->expr()->eq('code'':code'))
  463.             ->setParameter(':code'$code);
  465.         if ($promotionId !== null) {
  466.             $query->andWhere($qb->expr()->neq('promotion_id'':promotion_id'))
  467.                 ->setParameter(':promotion_id'$promotionId);
  468.         }
  470.         $existingIndividual \count($query->execute()->fetchAll()) > 0;
  472.         if ($existingIndividual) {
  473.             return true;
  474.         }
  476.         $qb $this->connection->createQueryBuilder();
  478.         // check if it is a global promotion code.
  479.         // again with either an existing promotion Id
  480.         // or without one.
  481.         $query
  482.             $qb->select('id')
  483.             ->from('promotion')
  484.             ->where($qb->expr()->eq('code'':code'))
  485.             ->setParameter(':code'$code);
  487.         if ($promotionId !== null) {
  488.             $query->andWhere($qb->expr()->neq('id'':id'))
  489.                 ->setParameter(':id'$promotionId);
  490.         }
  492.         return \count($query->execute()->fetchAll()) > 0;
  493.     }
  494. }