refactor : simplify codebase and fix critical issues

Backend: - Add MCP Serializer to centralize entity-to-array conversion (~300 lines deduped) - Fix race condition in task/ticket number generation (SELECT FOR UPDATE + transaction) - Add unique constraint on task (project_id, number) with migration - Fix MIME type validation: use server-detected finfo instead of client-supplied type - Add allowlist of permitted MIME types for uploads - Fix TaskDocumentDownloadController: allow ROLE_CLIENT access, add priority:1 - Fix notification sent even when ticket status unchanged - Remove redundant exception constructors - Simplify services (BookStackApi double fetch, TokenEncryptor, GiteaApi) - Consolidate duplicate checks in processors Frontend: - Fix useApi isHandlingUnauthorized scope (module-level to prevent double 401 redirect) - Fix client-tickets toast key copy-paste bug - Merge duplicated tasks service methods (getByProject + getByProjectArchived) - Extract shared uploadWithRelation helper in task-documents service - Extract formatFileSize utility from duplicated component code - Extract status transition logic into useClientTicketHelpers composable - Remove dead code (unused router, handleLogout, empty script blocks) - Merge duplicate watchers and onMounted calls - Normalize arrow functions to function declarations per convention Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-03-15 22:09:16 +01:00
parent a5144443a4
commit e4fc34b90f
52 changed files with 662 additions and 569 deletions
--- a/src/Service/TokenEncryptor.php
+++ b/src/Service/TokenEncryptor.php
@@ -17,31 +17,10 @@ final class TokenEncryptor
        #[Autowire('%env(ENCRYPTION_KEY)%')]
        string $encryptionKey,
    ) {
-        if ('' === $encryptionKey) {
-            $this->key        = '';
-            $this->configured = false;
+        $key = $this->tryDecodeKey($encryptionKey);

-            return;
-        }
-
-        try {
-            $key = sodium_hex2bin($encryptionKey);
-        } catch (SodiumException) {
-            $this->key        = '';
-            $this->configured = false;
-
-            return;
-        }
-
-        if (SODIUM_CRYPTO_SECRETBOX_KEYBYTES !== mb_strlen($key, '8bit')) {
-            $this->key        = '';
-            $this->configured = false;
-
-            return;
-        }
-
-        $this->key        = $key;
-        $this->configured = true;
+        $this->key        = $key ?? '';
+        $this->configured = null !== $key;
    }

    public function encrypt(string $plaintext): string
@@ -71,6 +50,25 @@ final class TokenEncryptor
        return $plaintext;
    }

+    private function tryDecodeKey(string $encryptionKey): ?string
+    {
+        if ('' === $encryptionKey) {
+            return null;
+        }
+
+        try {
+            $key = sodium_hex2bin($encryptionKey);
+        } catch (SodiumException) {
+            return null;
+        }
+
+        if (SODIUM_CRYPTO_SECRETBOX_KEYBYTES !== mb_strlen($key, '8bit')) {
+            return null;
+        }
+
+        return $key;
+    }
+
    private function assertConfigured(): void
    {
        if (!$this->configured) {