feat(commercial) : amélioration et validation stricte des champs date (ERP-148) (#92)
Auto Tag Develop / tag (push) Successful in 8s
Auto Tag Develop / tag (push) Successful in 8s
## Contexte ERP-148 — mise à jour @malio/layer-ui et amélioration des champs date (onglet Information, Client & Fournisseur). ## Changements - **MalioDate v1.7.10** : le composant expose désormais son état de validité (`@update:valid`) et la saisie brute invalide (`@update:rawValue`). - **Validation back-autoritaire du format** : `foundedAt` n'accepte plus que l'ISO strict `Y-m-d` (`#[Context]` DateTimeNormalizer) + `collectDenormalizationErrors` sur `Client` et `Supplier`. Toute saisie non-ISO renvoie un **422 porté sur le champ**. - Corrige un cas piège : `12/25/2026` (invalide en JJ/MM/AAAA côté front) était auparavant accepté par PHP en M/J/AAAA → 25 décembre. Désormais rejeté. - **Front** : la saisie invalide est transmise au back ; le message technique de type-error est surchargé par une clé i18n via le **code de violation** (`resolveViolationMessage` / `VIOLATION_MESSAGE_I18N`), affiché inline par `useFormErrors`. - Réorganisation des utils de formulaire sous `utils/forms/`. ## Tests - Back : `ClientFoundedAtFormatTest` / `SupplierFoundedAtFormatTest` (dont le cas piège `12/25/2026`). - Front : résolveur i18n (`api.test.ts`, `useFormErrors.test.ts`) + payloads (`clientEdit`/`supplierEdit` specs). - Suite Commercial verte ; vérifié bout-en-bout en navigateur (PATCH → 422, erreur inline, submit bloqué). ## Note Échecs JWT aléatoires connus du hook pre-commit (401/500 sur tests d'auth sans rapport) ; tous verts en isolation. Reviewed-on: #92 Co-authored-by: tristan <tristan@yuno.malio.fr> Co-committed-by: tristan <tristan@yuno.malio.fr>
This commit was merged in pull request #92.
This commit is contained in:
@@ -0,0 +1,71 @@
|
||||
<?php
|
||||
|
||||
declare(strict_types=1);
|
||||
|
||||
namespace App\Tests\Module\Commercial\Api;
|
||||
|
||||
/**
|
||||
* Validation back-autoritative du FORMAT de la date de creation (foundedAt,
|
||||
* onglet Information).
|
||||
*
|
||||
* Le front (MalioDate, cf. MUI-44) forwarde desormais la saisie brute invalide
|
||||
* au serveur plutot que de l'avaler. Cote back, une date non parsable doit
|
||||
* produire un 422 porte sur `foundedAt` (mappable inline par useFormErrors),
|
||||
* et non un 400 generique. Repose sur `collectDenormalizationErrors` actif sur
|
||||
* l'operation Patch du Client.
|
||||
*
|
||||
* @internal
|
||||
*/
|
||||
final class ClientFoundedAtFormatTest extends AbstractCommercialApiTestCase
|
||||
{
|
||||
private const string MERGE = 'application/merge-patch+json';
|
||||
|
||||
/** Date non parsable -> 422 porte sur foundedAt (et pas un 400 generique). */
|
||||
public function testFoundedAtNonParsableEst422(): void
|
||||
{
|
||||
$client = $this->createAdminClient();
|
||||
$seed = $this->seedClient('Founded Format SARL');
|
||||
|
||||
$body = $client->request('PATCH', '/api/clients/'.$seed->getId(), [
|
||||
'headers' => ['Content-Type' => self::MERGE],
|
||||
'json' => ['foundedAt' => '32/13/2026'],
|
||||
])->toArray(false);
|
||||
|
||||
self::assertResponseStatusCodeSame(422);
|
||||
self::assertArrayHasKey('foundedAt', $this->violationsByPath($body));
|
||||
}
|
||||
|
||||
/**
|
||||
* Cas piege : « 12/25/2026 » est invalide cote front (JJ/MM/AAAA -> mois 25)
|
||||
* mais PHP DateTime l'accepterait en M/J/AAAA (25 decembre). Le format d'entree
|
||||
* strict ISO `Y-m-d` (Context sur foundedAt) doit le rejeter -> 422.
|
||||
*/
|
||||
public function testFoundedAtFormatAmbiguUsEst422(): void
|
||||
{
|
||||
$client = $this->createAdminClient();
|
||||
$seed = $this->seedClient('Founded Ambigu SARL');
|
||||
|
||||
$body = $client->request('PATCH', '/api/clients/'.$seed->getId(), [
|
||||
'headers' => ['Content-Type' => self::MERGE],
|
||||
'json' => ['foundedAt' => '12/25/2026'],
|
||||
])->toArray(false);
|
||||
|
||||
self::assertResponseStatusCodeSame(422);
|
||||
self::assertArrayHasKey('foundedAt', $this->violationsByPath($body));
|
||||
}
|
||||
|
||||
/** Non-regression : une date ISO valide reste acceptee (200). */
|
||||
public function testFoundedAtIsoValideEst200(): void
|
||||
{
|
||||
$client = $this->createAdminClient();
|
||||
$seed = $this->seedClient('Founded Ok SARL');
|
||||
|
||||
$data = $client->request('PATCH', '/api/clients/'.$seed->getId(), [
|
||||
'headers' => ['Content-Type' => self::MERGE],
|
||||
'json' => ['foundedAt' => '2010-05-01'],
|
||||
])->toArray();
|
||||
|
||||
self::assertResponseStatusCodeSame(200);
|
||||
self::assertStringStartsWith('2010-05-01', $data['foundedAt']);
|
||||
}
|
||||
}
|
||||
@@ -0,0 +1,71 @@
|
||||
<?php
|
||||
|
||||
declare(strict_types=1);
|
||||
|
||||
namespace App\Tests\Module\Commercial\Api;
|
||||
|
||||
/**
|
||||
* Validation back-autoritative du FORMAT de la date de creation (foundedAt,
|
||||
* onglet Information) du fournisseur. Miroir de {@see ClientFoundedAtFormatTest}.
|
||||
*
|
||||
* Une date non parsable (saisie brute forwardee par MalioDate, MUI-44) doit
|
||||
* produire un 422 porte sur `foundedAt` (mappable inline par useFormErrors), et
|
||||
* non un 400 generique. Repose sur `collectDenormalizationErrors` sur les
|
||||
* operations write du Supplier.
|
||||
*
|
||||
* @internal
|
||||
*/
|
||||
final class SupplierFoundedAtFormatTest extends AbstractSupplierApiTestCase
|
||||
{
|
||||
/** Date non parsable -> 422 porte sur foundedAt (et pas un 400 generique). */
|
||||
public function testFoundedAtNonParsableEst422(): void
|
||||
{
|
||||
$seed = $this->seedSupplier('Founded Format Negoce');
|
||||
$credentials = $this->createUserWithPermission('commercial.suppliers.manage');
|
||||
$client = $this->authenticatedClient($credentials['username'], $credentials['password']);
|
||||
|
||||
$body = $client->request('PATCH', '/api/suppliers/'.$seed->getId(), [
|
||||
'headers' => ['Content-Type' => self::MERGE],
|
||||
'json' => ['foundedAt' => '32/13/2026'],
|
||||
])->toArray(false);
|
||||
|
||||
self::assertResponseStatusCodeSame(422);
|
||||
self::assertArrayHasKey('foundedAt', $this->violationsByPath($body));
|
||||
}
|
||||
|
||||
/**
|
||||
* Cas piege : « 12/25/2026 » est invalide cote front (JJ/MM/AAAA -> mois 25)
|
||||
* mais PHP DateTime l'accepterait en M/J/AAAA. Le format d'entree strict ISO
|
||||
* `Y-m-d` (Context sur foundedAt) doit le rejeter -> 422.
|
||||
*/
|
||||
public function testFoundedAtFormatAmbiguUsEst422(): void
|
||||
{
|
||||
$seed = $this->seedSupplier('Founded Ambigu Negoce');
|
||||
$credentials = $this->createUserWithPermission('commercial.suppliers.manage');
|
||||
$client = $this->authenticatedClient($credentials['username'], $credentials['password']);
|
||||
|
||||
$body = $client->request('PATCH', '/api/suppliers/'.$seed->getId(), [
|
||||
'headers' => ['Content-Type' => self::MERGE],
|
||||
'json' => ['foundedAt' => '12/25/2026'],
|
||||
])->toArray(false);
|
||||
|
||||
self::assertResponseStatusCodeSame(422);
|
||||
self::assertArrayHasKey('foundedAt', $this->violationsByPath($body));
|
||||
}
|
||||
|
||||
/** Non-regression : une date ISO valide reste acceptee (200). */
|
||||
public function testFoundedAtIsoValideEst200(): void
|
||||
{
|
||||
$seed = $this->seedSupplier('Founded Ok Negoce');
|
||||
$credentials = $this->createUserWithPermission('commercial.suppliers.manage');
|
||||
$client = $this->authenticatedClient($credentials['username'], $credentials['password']);
|
||||
|
||||
$data = $client->request('PATCH', '/api/suppliers/'.$seed->getId(), [
|
||||
'headers' => ['Content-Type' => self::MERGE],
|
||||
'json' => ['foundedAt' => '2010-05-01'],
|
||||
])->toArray();
|
||||
|
||||
self::assertResponseStatusCodeSame(200);
|
||||
self::assertStringStartsWith('2010-05-01', $data['foundedAt']);
|
||||
}
|
||||
}
|
||||
Reference in New Issue
Block a user