vendor/shopware/core/Checkout/Promotion/Validator/PromotionValidator.php line 71

  1. <?php declare(strict_types=1);
  3. namespace Shopware\Core\Checkout\Promotion\Validator;
  5. use Doctrine\DBAL\Connection;
  6. use Doctrine\DBAL\Exception;
  7. use Shopware\Core\Checkout\Promotion\Aggregate\PromotionDiscount\PromotionDiscountDefinition;
  8. use Shopware\Core\Checkout\Promotion\Aggregate\PromotionDiscount\PromotionDiscountEntity;
  9. use Shopware\Core\Checkout\Promotion\PromotionDefinition;
  10. use Shopware\Core\Framework\Api\Exception\ResourceNotFoundException;
  11. use Shopware\Core\Framework\DataAbstractionLayer\Write\Command\InsertCommand;
  12. use Shopware\Core\Framework\DataAbstractionLayer\Write\Command\UpdateCommand;
  13. use Shopware\Core\Framework\DataAbstractionLayer\Write\Command\WriteCommand;
  14. use Shopware\Core\Framework\DataAbstractionLayer\Write\Validation\PreWriteValidationEvent;
  15. use Shopware\Core\Framework\Log\Package;
  16. use Shopware\Core\Framework\Validation\WriteConstraintViolationException;
  17. use Symfony\Component\EventDispatcher\EventSubscriberInterface;
  18. use Symfony\Component\Validator\ConstraintViolation;
  19. use Symfony\Component\Validator\ConstraintViolationInterface;
  20. use Symfony\Component\Validator\ConstraintViolationList;
  22. /**
  23.  * @internal
  24.  */
  25. #[Package('checkout')]
  26. class PromotionValidator implements EventSubscriberInterface
  27. {
  28.     /**
  29.      * this is the min value for all types
  30.      * (absolute, percentage, ...)
  31.      */
  32.     private const DISCOUNT_MIN_VALUE 0.00;
  34.     /**
  35.      * this is used for the maximum allowed
  36.      * percentage discount.
  37.      */
  38.     private const DISCOUNT_PERCENTAGE_MAX_VALUE 100.0;
  40.     /**
  41.      * @var list<array<string, mixed>>
  42.      */
  43.     private array $databasePromotions;
  45.     /**
  46.      * @var list<array<string, mixed>>
  47.      */
  48.     private array $databaseDiscounts;
  50.     /**
  51.      * @internal
  52.      */
  53.     public function __construct(private readonly Connection $connection)
  54.     {
  55.     }
  57.     public static function getSubscribedEvents(): array
  58.     {
  59.         return [
  60.             PreWriteValidationEvent::class => 'preValidate',
  61.         ];
  62.     }
  64.     /**
  65.      * This function validates our incoming delta-values for promotions
  66.      * and its aggregation. It does only check for business relevant rules and logic.
  67.      * All primitive "required" constraints are done inside the definition of the entity.
  68.      *
  69.      * @throws WriteConstraintViolationException
  70.      */
  71.     public function preValidate(PreWriteValidationEvent $event): void
  72.     {
  73.         $this->collect($event->getCommands());
  75.         $violationList = new ConstraintViolationList();
  76.         $writeCommands $event->getCommands();
  78.         foreach ($writeCommands as $index => $command) {
  79.             if (!$command instanceof InsertCommand && !$command instanceof UpdateCommand) {
  80.                 continue;
  81.             }
  83.             switch ($command->getDefinition()::class) {
  84.                 case PromotionDefinition::class:
  86.                     /** @var string $promotionId */
  87.                     $promotionId $command->getPrimaryKey()['id'];
  89.                     try {
  90.                         $promotion $this->getPromotionById($promotionId);
  91.                     } catch (ResourceNotFoundException) {
  92.                         $promotion = [];
  93.                     }
  95.                     $this->validatePromotion(
  96.                         $promotion,
  97.                         $command->getPayload(),
  98.                         $violationList,
  99.                         $index
  100.                     );
  102.                     break;
  104.                 case PromotionDiscountDefinition::class:
  106.                     /** @var string $discountId */
  107.                     $discountId $command->getPrimaryKey()['id'];
  109.                     try {
  110.                         $discount $this->getDiscountById($discountId);
  111.                     } catch (ResourceNotFoundException) {
  112.                         $discount = [];
  113.                     }
  115.                     $this->validateDiscount(
  116.                         $discount,
  117.                         $command->getPayload(),
  118.                         $violationList,
  119.                         $index
  120.                     );
  122.                     break;
  123.             }
  124.         }
  126.         if ($violationList->count() > 0) {
  127.             $event->getExceptions()->add(new WriteConstraintViolationException($violationList));
  128.         }
  129.     }
  131.     /**
  132.      * This function collects all database data that might be
  133.      * required for any of the received entities and values.
  134.      *
  135.      * @param list<WriteCommand> $writeCommands
  136.      *
  137.      * @throws ResourceNotFoundException
  138.      * @throws Exception
  139.      */
  140.     private function collect(array $writeCommands): void
  141.     {
  142.         $promotionIds = [];
  143.         $discountIds = [];
  145.         foreach ($writeCommands as $command) {
  146.             if (!$command instanceof InsertCommand && !$command instanceof UpdateCommand) {
  147.                 continue;
  148.             }
  150.             switch ($command->getDefinition()::class) {
  151.                 case PromotionDefinition::class:
  152.                     $promotionIds[] = $command->getPrimaryKey()['id'];
  154.                     break;
  156.                 case PromotionDiscountDefinition::class:
  157.                     $discountIds[] = $command->getPrimaryKey()['id'];
  159.                     break;
  160.             }
  161.         }
  163.         // why do we have inline sql queries in here?
  164.         // because we want to avoid any other private functions that accidentally access
  165.         // the database. all private getters should only access the local in-memory list
  166.         // to avoid additional database queries.
  167.         $this->databasePromotions = [];
  168.         if (!empty($promotionIds)) {
  169.             $promotionQuery $this->connection->executeQuery(
  170.                 'SELECT * FROM `promotion` WHERE `id` IN (:ids)',
  171.                 ['ids' => $promotionIds],
  172.                 ['ids' => Connection::PARAM_STR_ARRAY]
  173.             );
  175.             $this->databasePromotions $promotionQuery->fetchAllAssociative();
  176.         }
  178.         $this->databaseDiscounts = [];
  179.         if (!empty($discountIds)) {
  180.             $discountQuery $this->connection->executeQuery(
  181.                 'SELECT * FROM `promotion_discount` WHERE `id` IN (:ids)',
  182.                 ['ids' => $discountIds],
  183.                 ['ids' => Connection::PARAM_STR_ARRAY]
  184.             );
  186.             $this->databaseDiscounts $discountQuery->fetchAllAssociative();
  187.         }
  188.     }
  190.     /**
  191.      * Validates the provided Promotion data and adds
  192.      * violations to the provided list of violations, if found.
  193.      *
  194.      * @param array<string, mixed>    $promotion     the current promotion from the database as array type
  195.      * @param array<string, mixed>    $payload       the incoming delta-data
  196.      * @param ConstraintViolationList $violationList the list of violations that needs to be filled
  197.      * @param int                     $index         the index of this promotion in the command queue
  198.      *
  199.      * @throws \Exception
  200.      */
  201.     private function validatePromotion(array $promotion, array $payloadConstraintViolationList $violationListint $index): void
  202.     {
  203.         /** @var string|null $validFrom */
  204.         $validFrom $this->getValue($payload'valid_from'$promotion);
  206.         /** @var string|null $validUntil */
  207.         $validUntil $this->getValue($payload'valid_until'$promotion);
  209.         /** @var bool $useCodes */
  210.         $useCodes $this->getValue($payload'use_codes'$promotion);
  212.         /** @var bool $useCodesIndividual */
  213.         $useCodesIndividual $this->getValue($payload'use_individual_codes'$promotion);
  215.         /** @var string|null $pattern */
  216.         $pattern $this->getValue($payload'individual_code_pattern'$promotion);
  218.         /** @var string|null $promotionId */
  219.         $promotionId $this->getValue($payload'id'$promotion);
  221.         /** @var string|null $code */
  222.         $code $this->getValue($payload'code'$promotion);
  224.         if ($code === null) {
  225.             $code '';
  226.         }
  228.         if ($pattern === null) {
  229.             $pattern '';
  230.         }
  232.         $trimmedCode trim($code);
  234.         // if we have both a date from and until, make sure that
  235.         // the dateUntil is always in the future.
  236.         if ($validFrom !== null && $validUntil !== null) {
  237.             // now convert into real date times
  238.             // and start comparing them
  239.             $dateFrom = new \DateTime($validFrom);
  240.             $dateUntil = new \DateTime($validUntil);
  241.             if ($dateUntil $dateFrom) {
  242.                 $violationList->add($this->buildViolation(
  243.                     'Expiration Date of Promotion must be after Start of Promotion',
  244.                     $payload['valid_until'],
  245.                     'validUntil',
  246.                     'PROMOTION_VALID_UNTIL_VIOLATION',
  247.                     $index
  248.                 ));
  249.             }
  250.         }
  252.         // check if we use global codes
  253.         if ($useCodes && !$useCodesIndividual) {
  254.             // make sure the code is not empty
  255.             if ($trimmedCode === '') {
  256.                 $violationList->add($this->buildViolation(
  257.                     'Please provide a valid code',
  258.                     $code,
  259.                     'code',
  260.                     'PROMOTION_EMPTY_CODE_VIOLATION',
  261.                     $index
  262.                 ));
  263.             }
  265.             // if our code length is greater than the trimmed one,
  266.             // this means we have leading or trailing whitespaces
  267.             if (mb_strlen($code) > mb_strlen($trimmedCode)) {
  268.                 $violationList->add($this->buildViolation(
  269.                     'Code may not have any leading or ending whitespaces',
  270.                     $code,
  271.                     'code',
  272.                     'PROMOTION_CODE_WHITESPACE_VIOLATION',
  273.                     $index
  274.                 ));
  275.             }
  276.         }
  278.         if ($pattern !== '' && $this->isCodePatternAlreadyUsed($pattern$promotionId)) {
  279.             $violationList->add($this->buildViolation(
  280.                 'Code Pattern already exists in other promotion. Please provide a different pattern.',
  281.                 $pattern,
  282.                 'individualCodePattern',
  283.                 'PROMOTION_DUPLICATE_PATTERN_VIOLATION',
  284.                 $index
  285.             ));
  286.         }
  288.         // lookup global code if it does already exist in database
  289.         if ($trimmedCode !== '' && $this->isCodeAlreadyUsed($trimmedCode$promotionId)) {
  290.             $violationList->add($this->buildViolation(
  291.                 'Code already exists in other promotion. Please provide a different code.',
  292.                 $trimmedCode,
  293.                 'code',
  294.                 'PROMOTION_DUPLICATED_CODE_VIOLATION',
  295.                 $index
  296.             ));
  297.         }
  298.     }
  300.     /**
  301.      * Validates the provided PromotionDiscount data and adds
  302.      * violations to the provided list of violations, if found.
  303.      *
  304.      * @param array<string, mixed>    $discount      the discount as array from the database
  305.      * @param array<string, mixed>    $payload       the incoming delta-data
  306.      * @param ConstraintViolationList $violationList the list of violations that needs to be filled
  307.      */
  308.     private function validateDiscount(array $discount, array $payloadConstraintViolationList $violationListint $index): void
  309.     {
  310.         /** @var string $type */
  311.         $type $this->getValue($payload'type'$discount);
  313.         /** @var float|null $value */
  314.         $value $this->getValue($payload'value'$discount);
  316.         if ($value === null) {
  317.             return;
  318.         }
  320.         if ($value self::DISCOUNT_MIN_VALUE) {
  321.             $violationList->add($this->buildViolation(
  322.                 'Value must not be less than ' self::DISCOUNT_MIN_VALUE,
  323.                 $value,
  324.                 'value',
  325.                 'PROMOTION_DISCOUNT_MIN_VALUE_VIOLATION',
  326.                 $index
  327.             ));
  328.         }
  330.         switch ($type) {
  331.             case PromotionDiscountEntity::TYPE_PERCENTAGE:
  332.                 if ($value self::DISCOUNT_PERCENTAGE_MAX_VALUE) {
  333.                     $violationList->add($this->buildViolation(
  334.                         'Absolute value must not greater than ' self::DISCOUNT_PERCENTAGE_MAX_VALUE,
  335.                         $value,
  336.                         'value',
  337.                         'PROMOTION_DISCOUNT_MAX_VALUE_VIOLATION',
  338.                         $index
  339.                     ));
  340.                 }
  342.                 break;
  343.         }
  344.     }
  346.     /**
  347.      * Gets a value from an array. It also does clean checks if
  348.      * the key is set, and also provides the option for default values.
  349.      *
  350.      * @param array<string, mixed> $data  the data array
  351.      * @param string               $key   the requested key in the array
  352.      * @param array<string, mixed> $dbRow the db row of from the database
  353.      *
  354.      * @return mixed the object found in the key, or the default value
  355.      */
  356.     private function getValue(array $datastring $key, array $dbRow)
  357.     {
  358.         // try in our actual data set
  359.         if (isset($data[$key])) {
  360.             return $data[$key];
  361.         }
  363.         // try in our db row fallback
  364.         if (isset($dbRow[$key])) {
  365.             return $dbRow[$key];
  366.         }
  368.         // use default
  369.         return null;
  370.     }
  372.     /**
  373.      * @throws ResourceNotFoundException
  374.      *
  375.      * @return array<string, mixed>
  376.      */
  377.     private function getPromotionById(string $id)
  378.     {
  379.         foreach ($this->databasePromotions as $promotion) {
  380.             if ($promotion['id'] === $id) {
  381.                 return $promotion;
  382.             }
  383.         }
  385.         throw new ResourceNotFoundException('promotion', [$id]);
  386.     }
  388.     /**
  389.      * @throws ResourceNotFoundException
  390.      *
  391.      * @return array<string, mixed>
  392.      */
  393.     private function getDiscountById(string $id)
  394.     {
  395.         foreach ($this->databaseDiscounts as $discount) {
  396.             if ($discount['id'] === $id) {
  397.                 return $discount;
  398.             }
  399.         }
  401.         throw new ResourceNotFoundException('promotion_discount', [$id]);
  402.     }
  404.     /**
  405.      * This helper function builds an easy violation
  406.      * object for our validator.
  407.      *
  408.      * @param string $message      the error message
  409.      * @param mixed  $invalidValue the actual invalid value
  410.      * @param string $propertyPath the property path from the root value to the invalid value without initial slash
  411.      * @param string $code         the error code of the violation
  412.      * @param int    $index        the position of this entity in the command queue
  413.      *
  414.      * @return ConstraintViolationInterface the built constraint violation
  415.      */
  416.     private function buildViolation(string $messagemixed $invalidValuestring $propertyPathstring $codeint $index): ConstraintViolationInterface
  417.     {
  418.         $formattedPath "/{$index}/{$propertyPath}";
  420.         return new ConstraintViolation(
  421.             $message,
  422.             '',
  423.             [
  424.                 'value' => $invalidValue,
  425.             ],
  426.             $invalidValue,
  427.             $formattedPath,
  428.             $invalidValue,
  429.             null,
  430.             $code
  431.         );
  432.     }
  434.     /**
  435.      * True, if the provided pattern is already used in another promotion.
  436.      */
  437.     private function isCodePatternAlreadyUsed(string $pattern, ?string $promotionId): bool
  438.     {
  439.         $qb $this->connection->createQueryBuilder();
  441.         $query $qb
  442.             ->select('id')
  443.             ->from('promotion')
  444.             ->where($qb->expr()->eq('individual_code_pattern'':pattern'))
  445.             ->setParameter('pattern'$pattern);
  447.         $promotions $query->executeQuery()->fetchFirstColumn();
  449.         /** @var string $id */
  450.         foreach ($promotions as $id) {
  451.             // if we have a promotion id to verify
  452.             // and a promotion with another id exists, then return that is used
  453.             if ($promotionId !== null && $id !== $promotionId) {
  454.                 return true;
  455.             }
  456.         }
  458.         return false;
  459.     }
  461.     /**
  462.      * True, if the provided code is already used as global
  463.      * or individual code in another promotion.
  464.      */
  465.     private function isCodeAlreadyUsed(string $code, ?string $promotionId): bool
  466.     {
  467.         $qb $this->connection->createQueryBuilder();
  469.         // check if individual code.
  470.         // if we dont have a promotion Id only
  471.         // check if its existing somewhere,
  472.         // if we have an Id, verify if it's existing in another promotion
  473.         $query $qb
  474.             ->select('COUNT(*)')
  475.             ->from('promotion_individual_code')
  476.             ->where($qb->expr()->eq('code'':code'))
  477.             ->setParameter('code'$code);
  479.         if ($promotionId !== null) {
  480.             $query->andWhere($qb->expr()->neq('promotion_id'':promotion_id'))
  481.                 ->setParameter('promotion_id'$promotionId);
  482.         }
  484.         $existingIndividual = ((int) $query->executeQuery()->fetchOne()) > 0;
  486.         if ($existingIndividual) {
  487.             return true;
  488.         }
  490.         $qb $this->connection->createQueryBuilder();
  492.         // check if it is a global promotion code.
  493.         // again with either an existing promotion Id
  494.         // or without one.
  495.         $query
  496.             $qb->select('COUNT(*)')
  497.             ->from('promotion')
  498.             ->where($qb->expr()->eq('code'':code'))
  499.             ->setParameter('code'$code);
  501.         if ($promotionId !== null) {
  502.             $query->andWhere($qb->expr()->neq('id'':id'))
  503.                 ->setParameter('id'$promotionId);
  504.         }
  506.         return ((int) $query->executeQuery()->fetchOne()) > 0;
  507.     }
  508. }