vendor/shopware/core/Checkout/Promotion/Validator/PromotionValidator.php line 72

  1. <?php declare(strict_types=1);
  3. namespace Shopware\Core\Checkout\Promotion\Validator;
  5. use Doctrine\DBAL\ArrayParameterType;
  6. use Doctrine\DBAL\Connection;
  7. use Doctrine\DBAL\Exception;
  8. use Shopware\Core\Checkout\Promotion\Aggregate\PromotionDiscount\PromotionDiscountDefinition;
  9. use Shopware\Core\Checkout\Promotion\Aggregate\PromotionDiscount\PromotionDiscountEntity;
  10. use Shopware\Core\Checkout\Promotion\PromotionDefinition;
  11. use Shopware\Core\Framework\Api\Exception\ResourceNotFoundException;
  12. use Shopware\Core\Framework\DataAbstractionLayer\Write\Command\InsertCommand;
  13. use Shopware\Core\Framework\DataAbstractionLayer\Write\Command\UpdateCommand;
  14. use Shopware\Core\Framework\DataAbstractionLayer\Write\Command\WriteCommand;
  15. use Shopware\Core\Framework\DataAbstractionLayer\Write\Validation\PreWriteValidationEvent;
  16. use Shopware\Core\Framework\Log\Package;
  17. use Shopware\Core\Framework\Validation\WriteConstraintViolationException;
  18. use Symfony\Component\EventDispatcher\EventSubscriberInterface;
  19. use Symfony\Component\Validator\ConstraintViolation;
  20. use Symfony\Component\Validator\ConstraintViolationInterface;
  21. use Symfony\Component\Validator\ConstraintViolationList;
  23. /**
  24.  * @internal
  25.  */
  26. #[Package('checkout')]
  27. class PromotionValidator implements EventSubscriberInterface
  28. {
  29.     /**
  30.      * this is the min value for all types
  31.      * (absolute, percentage, ...)
  32.      */
  33.     private const DISCOUNT_MIN_VALUE 0.00;
  35.     /**
  36.      * this is used for the maximum allowed
  37.      * percentage discount.
  38.      */
  39.     private const DISCOUNT_PERCENTAGE_MAX_VALUE 100.0;
  41.     /**
  42.      * @var list<array<string, mixed>>
  43.      */
  44.     private array $databasePromotions;
  46.     /**
  47.      * @var list<array<string, mixed>>
  48.      */
  49.     private array $databaseDiscounts;
  51.     /**
  52.      * @internal
  53.      */
  54.     public function __construct(private readonly Connection $connection)
  55.     {
  56.     }
  58.     public static function getSubscribedEvents(): array
  59.     {
  60.         return [
  61.             PreWriteValidationEvent::class => 'preValidate',
  62.         ];
  63.     }
  65.     /**
  66.      * This function validates our incoming delta-values for promotions
  67.      * and its aggregation. It does only check for business relevant rules and logic.
  68.      * All primitive "required" constraints are done inside the definition of the entity.
  69.      *
  70.      * @throws WriteConstraintViolationException
  71.      */
  72.     public function preValidate(PreWriteValidationEvent $event): void
  73.     {
  74.         $this->collect($event->getCommands());
  76.         $violationList = new ConstraintViolationList();
  77.         $writeCommands $event->getCommands();
  79.         foreach ($writeCommands as $index => $command) {
  80.             if (!$command instanceof InsertCommand && !$command instanceof UpdateCommand) {
  81.                 continue;
  82.             }
  84.             switch ($command->getDefinition()::class) {
  85.                 case PromotionDefinition::class:
  87.                     /** @var string $promotionId */
  88.                     $promotionId $command->getPrimaryKey()['id'];
  90.                     try {
  91.                         $promotion $this->getPromotionById($promotionId);
  92.                     } catch (ResourceNotFoundException) {
  93.                         $promotion = [];
  94.                     }
  96.                     $this->validatePromotion(
  97.                         $promotion,
  98.                         $command->getPayload(),
  99.                         $violationList,
  100.                         $index
  101.                     );
  103.                     break;
  105.                 case PromotionDiscountDefinition::class:
  107.                     /** @var string $discountId */
  108.                     $discountId $command->getPrimaryKey()['id'];
  110.                     try {
  111.                         $discount $this->getDiscountById($discountId);
  112.                     } catch (ResourceNotFoundException) {
  113.                         $discount = [];
  114.                     }
  116.                     $this->validateDiscount(
  117.                         $discount,
  118.                         $command->getPayload(),
  119.                         $violationList,
  120.                         $index
  121.                     );
  123.                     break;
  124.             }
  125.         }
  127.         if ($violationList->count() > 0) {
  128.             $event->getExceptions()->add(new WriteConstraintViolationException($violationList));
  129.         }
  130.     }
  132.     /**
  133.      * This function collects all database data that might be
  134.      * required for any of the received entities and values.
  135.      *
  136.      * @param list<WriteCommand> $writeCommands
  137.      *
  138.      * @throws ResourceNotFoundException
  139.      * @throws Exception
  140.      */
  141.     private function collect(array $writeCommands): void
  142.     {
  143.         $promotionIds = [];
  144.         $discountIds = [];
  146.         foreach ($writeCommands as $command) {
  147.             if (!$command instanceof InsertCommand && !$command instanceof UpdateCommand) {
  148.                 continue;
  149.             }
  151.             switch ($command->getDefinition()::class) {
  152.                 case PromotionDefinition::class:
  153.                     $promotionIds[] = $command->getPrimaryKey()['id'];
  155.                     break;
  157.                 case PromotionDiscountDefinition::class:
  158.                     $discountIds[] = $command->getPrimaryKey()['id'];
  160.                     break;
  161.             }
  162.         }
  164.         // why do we have inline sql queries in here?
  165.         // because we want to avoid any other private functions that accidentally access
  166.         // the database. all private getters should only access the local in-memory list
  167.         // to avoid additional database queries.
  168.         $this->databasePromotions = [];
  169.         if (!empty($promotionIds)) {
  170.             $promotionQuery $this->connection->executeQuery(
  171.                 'SELECT * FROM `promotion` WHERE `id` IN (:ids)',
  172.                 ['ids' => $promotionIds],
  173.                 ['ids' => ArrayParameterType::STRING]
  174.             );
  176.             $this->databasePromotions $promotionQuery->fetchAllAssociative();
  177.         }
  179.         $this->databaseDiscounts = [];
  180.         if (!empty($discountIds)) {
  181.             $discountQuery $this->connection->executeQuery(
  182.                 'SELECT * FROM `promotion_discount` WHERE `id` IN (:ids)',
  183.                 ['ids' => $discountIds],
  184.                 ['ids' => ArrayParameterType::STRING]
  185.             );
  187.             $this->databaseDiscounts $discountQuery->fetchAllAssociative();
  188.         }
  189.     }
  191.     /**
  192.      * Validates the provided Promotion data and adds
  193.      * violations to the provided list of violations, if found.
  194.      *
  195.      * @param array<string, mixed>    $promotion     the current promotion from the database as array type
  196.      * @param array<string, mixed>    $payload       the incoming delta-data
  197.      * @param ConstraintViolationList $violationList the list of violations that needs to be filled
  198.      * @param int                     $index         the index of this promotion in the command queue
  199.      *
  200.      * @throws \Exception
  201.      */
  202.     private function validatePromotion(array $promotion, array $payloadConstraintViolationList $violationListint $index): void
  203.     {
  204.         /** @var string|null $validFrom */
  205.         $validFrom $this->getValue($payload'valid_from'$promotion);
  207.         /** @var string|null $validUntil */
  208.         $validUntil $this->getValue($payload'valid_until'$promotion);
  210.         /** @var bool $useCodes */
  211.         $useCodes $this->getValue($payload'use_codes'$promotion);
  213.         /** @var bool $useCodesIndividual */
  214.         $useCodesIndividual $this->getValue($payload'use_individual_codes'$promotion);
  216.         /** @var string|null $pattern */
  217.         $pattern $this->getValue($payload'individual_code_pattern'$promotion);
  219.         /** @var string|null $promotionId */
  220.         $promotionId $this->getValue($payload'id'$promotion);
  222.         /** @var string|null $code */
  223.         $code $this->getValue($payload'code'$promotion);
  225.         if ($code === null) {
  226.             $code '';
  227.         }
  229.         if ($pattern === null) {
  230.             $pattern '';
  231.         }
  233.         $trimmedCode trim($code);
  235.         // if we have both a date from and until, make sure that
  236.         // the dateUntil is always in the future.
  237.         if ($validFrom !== null && $validUntil !== null) {
  238.             // now convert into real date times
  239.             // and start comparing them
  240.             $dateFrom = new \DateTime($validFrom);
  241.             $dateUntil = new \DateTime($validUntil);
  242.             if ($dateUntil $dateFrom) {
  243.                 $violationList->add($this->buildViolation(
  244.                     'Expiration Date of Promotion must be after Start of Promotion',
  245.                     $payload['valid_until'],
  246.                     'validUntil',
  247.                     'PROMOTION_VALID_UNTIL_VIOLATION',
  248.                     $index
  249.                 ));
  250.             }
  251.         }
  253.         // check if we use global codes
  254.         if ($useCodes && !$useCodesIndividual) {
  255.             // make sure the code is not empty
  256.             if ($trimmedCode === '') {
  257.                 $violationList->add($this->buildViolation(
  258.                     'Please provide a valid code',
  259.                     $code,
  260.                     'code',
  261.                     'PROMOTION_EMPTY_CODE_VIOLATION',
  262.                     $index
  263.                 ));
  264.             }
  266.             // if our code length is greater than the trimmed one,
  267.             // this means we have leading or trailing whitespaces
  268.             if (mb_strlen($code) > mb_strlen($trimmedCode)) {
  269.                 $violationList->add($this->buildViolation(
  270.                     'Code may not have any leading or ending whitespaces',
  271.                     $code,
  272.                     'code',
  273.                     'PROMOTION_CODE_WHITESPACE_VIOLATION',
  274.                     $index
  275.                 ));
  276.             }
  277.         }
  279.         if ($pattern !== '' && $this->isCodePatternAlreadyUsed($pattern$promotionId)) {
  280.             $violationList->add($this->buildViolation(
  281.                 'Code Pattern already exists in other promotion. Please provide a different pattern.',
  282.                 $pattern,
  283.                 'individualCodePattern',
  284.                 'PROMOTION_DUPLICATE_PATTERN_VIOLATION',
  285.                 $index
  286.             ));
  287.         }
  289.         // lookup global code if it does already exist in database
  290.         if ($trimmedCode !== '' && $this->isCodeAlreadyUsed($trimmedCode$promotionId)) {
  291.             $violationList->add($this->buildViolation(
  292.                 'Code already exists in other promotion. Please provide a different code.',
  293.                 $trimmedCode,
  294.                 'code',
  295.                 'PROMOTION_DUPLICATED_CODE_VIOLATION',
  296.                 $index
  297.             ));
  298.         }
  299.     }
  301.     /**
  302.      * Validates the provided PromotionDiscount data and adds
  303.      * violations to the provided list of violations, if found.
  304.      *
  305.      * @param array<string, mixed>    $discount      the discount as array from the database
  306.      * @param array<string, mixed>    $payload       the incoming delta-data
  307.      * @param ConstraintViolationList $violationList the list of violations that needs to be filled
  308.      */
  309.     private function validateDiscount(array $discount, array $payloadConstraintViolationList $violationListint $index): void
  310.     {
  311.         /** @var string $type */
  312.         $type $this->getValue($payload'type'$discount);
  314.         /** @var float|null $value */
  315.         $value $this->getValue($payload'value'$discount);
  317.         if ($value === null) {
  318.             return;
  319.         }
  321.         if ($value self::DISCOUNT_MIN_VALUE) {
  322.             $violationList->add($this->buildViolation(
  323.                 'Value must not be less than ' self::DISCOUNT_MIN_VALUE,
  324.                 $value,
  325.                 'value',
  326.                 'PROMOTION_DISCOUNT_MIN_VALUE_VIOLATION',
  327.                 $index
  328.             ));
  329.         }
  331.         switch ($type) {
  332.             case PromotionDiscountEntity::TYPE_PERCENTAGE:
  333.                 if ($value self::DISCOUNT_PERCENTAGE_MAX_VALUE) {
  334.                     $violationList->add($this->buildViolation(
  335.                         'Absolute value must not greater than ' self::DISCOUNT_PERCENTAGE_MAX_VALUE,
  336.                         $value,
  337.                         'value',
  338.                         'PROMOTION_DISCOUNT_MAX_VALUE_VIOLATION',
  339.                         $index
  340.                     ));
  341.                 }
  343.                 break;
  344.         }
  345.     }
  347.     /**
  348.      * Gets a value from an array. It also does clean checks if
  349.      * the key is set, and also provides the option for default values.
  350.      *
  351.      * @param array<string, mixed> $data  the data array
  352.      * @param string               $key   the requested key in the array
  353.      * @param array<string, mixed> $dbRow the db row of from the database
  354.      *
  355.      * @return mixed the object found in the key, or the default value
  356.      */
  357.     private function getValue(array $datastring $key, array $dbRow)
  358.     {
  359.         // try in our actual data set
  360.         if (isset($data[$key])) {
  361.             return $data[$key];
  362.         }
  364.         // try in our db row fallback
  365.         if (isset($dbRow[$key])) {
  366.             return $dbRow[$key];
  367.         }
  369.         // use default
  370.         return null;
  371.     }
  373.     /**
  374.      * @throws ResourceNotFoundException
  375.      *
  376.      * @return array<string, mixed>
  377.      */
  378.     private function getPromotionById(string $id)
  379.     {
  380.         foreach ($this->databasePromotions as $promotion) {
  381.             if ($promotion['id'] === $id) {
  382.                 return $promotion;
  383.             }
  384.         }
  386.         throw new ResourceNotFoundException('promotion', [$id]);
  387.     }
  389.     /**
  390.      * @throws ResourceNotFoundException
  391.      *
  392.      * @return array<string, mixed>
  393.      */
  394.     private function getDiscountById(string $id)
  395.     {
  396.         foreach ($this->databaseDiscounts as $discount) {
  397.             if ($discount['id'] === $id) {
  398.                 return $discount;
  399.             }
  400.         }
  402.         throw new ResourceNotFoundException('promotion_discount', [$id]);
  403.     }
  405.     /**
  406.      * This helper function builds an easy violation
  407.      * object for our validator.
  408.      *
  409.      * @param string $message      the error message
  410.      * @param mixed  $invalidValue the actual invalid value
  411.      * @param string $propertyPath the property path from the root value to the invalid value without initial slash
  412.      * @param string $code         the error code of the violation
  413.      * @param int    $index        the position of this entity in the command queue
  414.      *
  415.      * @return ConstraintViolationInterface the built constraint violation
  416.      */
  417.     private function buildViolation(string $messagemixed $invalidValuestring $propertyPathstring $codeint $index): ConstraintViolationInterface
  418.     {
  419.         $formattedPath "/{$index}/{$propertyPath}";
  421.         return new ConstraintViolation(
  422.             $message,
  423.             '',
  424.             [
  425.                 'value' => $invalidValue,
  426.             ],
  427.             $invalidValue,
  428.             $formattedPath,
  429.             $invalidValue,
  430.             null,
  431.             $code
  432.         );
  433.     }
  435.     /**
  436.      * True, if the provided pattern is already used in another promotion.
  437.      */
  438.     private function isCodePatternAlreadyUsed(string $pattern, ?string $promotionId): bool
  439.     {
  440.         $qb $this->connection->createQueryBuilder();
  442.         $query $qb
  443.             ->select('id')
  444.             ->from('promotion')
  445.             ->where($qb->expr()->eq('individual_code_pattern'':pattern'))
  446.             ->setParameter('pattern'$pattern);
  448.         $promotions $query->executeQuery()->fetchFirstColumn();
  450.         /** @var string $id */
  451.         foreach ($promotions as $id) {
  452.             // if we have a promotion id to verify
  453.             // and a promotion with another id exists, then return that is used
  454.             if ($promotionId !== null && $id !== $promotionId) {
  455.                 return true;
  456.             }
  457.         }
  459.         return false;
  460.     }
  462.     /**
  463.      * True, if the provided code is already used as global
  464.      * or individual code in another promotion.
  465.      */
  466.     private function isCodeAlreadyUsed(string $code, ?string $promotionId): bool
  467.     {
  468.         $qb $this->connection->createQueryBuilder();
  470.         // check if individual code.
  471.         // if we dont have a promotion Id only
  472.         // check if its existing somewhere,
  473.         // if we have an Id, verify if it's existing in another promotion
  474.         $query $qb
  475.             ->select('COUNT(*)')
  476.             ->from('promotion_individual_code')
  477.             ->where($qb->expr()->eq('code'':code'))
  478.             ->setParameter('code'$code);
  480.         if ($promotionId !== null) {
  481.             $query->andWhere($qb->expr()->neq('promotion_id'':promotion_id'))
  482.                 ->setParameter('promotion_id'$promotionId);
  483.         }
  485.         $existingIndividual = ((int) $query->executeQuery()->fetchOne()) > 0;
  487.         if ($existingIndividual) {
  488.             return true;
  489.         }
  491.         $qb $this->connection->createQueryBuilder();
  493.         // check if it is a global promotion code.
  494.         // again with either an existing promotion Id
  495.         // or without one.
  496.         $query
  497.             $qb->select('COUNT(*)')
  498.             ->from('promotion')
  499.             ->where($qb->expr()->eq('code'':code'))
  500.             ->setParameter('code'$code);
  502.         if ($promotionId !== null) {
  503.             $query->andWhere($qb->expr()->neq('id'':id'))
  504.                 ->setParameter('id'$promotionId);
  505.         }
  507.         return ((int) $query->executeQuery()->fetchOne()) > 0;
  508.     }
  509. }