Refactor tax settings save endpoint to use DTO and validation

hesabixCore/src/Controller/Plugins/TaxSettingsController.php

@@ -14,8 +14,9 @@ use Symfony\Component\Routing\Annotation\Route;
 use App\Entity\PluginTaxsettingsKey;
 use App\Entity\HesabdariDoc;
 use App\Entity\PluginTaxInvoice;
+use App\Dto\TaxSettingsDto;
+use Symfony\Component\Validator\Validator\ValidatorInterface;
 use DateTime;
-use DateInterval;
 
 class TaxSettingsController extends AbstractController
 {
@@ -51,7 +52,7 @@ class TaxSettingsController extends AbstractController
     }
 
     #[Route('/api/plugins/tax/settings/save', name: 'plugin_tax_settings_save', methods: ['POST'])]
-    public function plugin_tax_settings_save(Request $request, registryMGR $registryMGR, Access $access, Log $log, EntityManagerInterface $em): JsonResponse
+    public function plugin_tax_settings_save(Request $request, registryMGR $registryMGR, Access $access, Log $log, EntityManagerInterface $em, ValidatorInterface $validator): JsonResponse
     {
         $acc = $access->hasRole('plugTaxSettings');
         if (!$acc) {
@@ -59,6 +60,24 @@ class TaxSettingsController extends AbstractController
         }
 
         $params = $request->getPayload()->all();
+        $dto = new TaxSettingsDto();
+        $dto->taxMemoryId = $params['taxMemoryId'] ?? '';
+        $dto->economicCode = $params['economicCode'] ?? '';
+        $dto->privateKey = $params['privateKey'] ?? '';
+
+        $errors = $validator->validate($dto);
+        if (count($errors) > 0) {
+            $messages = [];
+            foreach ($errors as $error) {
+                $messages[$error->getPropertyPath()] = $error->getMessage();
+            }
+            return $this->json([
+                'success' => false,
+                'errors' => $messages,
+                'message' => 'اطلاعات وارد شده معتبر نیست.'
+            ], 422);
+        }
+
         $businessId = is_object($acc['bid']) ? $acc['bid']->getId() : $acc['bid'];
         $user = $this->getUser();
         $userId = $user instanceof \App\Entity\User ? $user->getId() : null;
@@ -69,12 +88,12 @@ class TaxSettingsController extends AbstractController
             $entity = new PluginTaxsettingsKey();
             $entity->setBusinessId($businessId);
             $entity->setUserId($userId);
-            $entity->setCreatedAt(new DateTime());
+            $entity->setCreatedAt(new \DateTime());
         }
-        $entity->setPrivateKey($params['privateKey'] ?? '');
-        $entity->setTaxMemoryId($params['taxMemoryId'] ?? null);
-        $entity->setEconomicCode($params['economicCode'] ?? null);
-        $entity->setUpdatedAt(new DateTime());
+        $entity->setPrivateKey($dto->privateKey);
+        $entity->setTaxMemoryId($dto->taxMemoryId);
+        $entity->setEconomicCode($dto->economicCode);
+        $entity->setUpdatedAt(new \DateTime());
 
         $em->persist($entity);
         $em->flush();

src/Dto/TaxSettingsDto.php

@@ -0,0 +1,33 @@
+<?php
+
+namespace App\Dto;
+
+use Symfony\Component\Validator\Constraints as Assert;
+
+class TaxSettingsDto
+{
+    #[Assert\NotBlank(message: 'شناسه حافظه مالیاتی الزامی است.')]
+    #[Assert\Length(
+        max: 50,
+        maxMessage: 'شناسه حافظه مالیاتی نباید بیشتر از ۵۰ کاراکتر باشد.'
+    )]
+    public string $taxMemoryId;
+
+    #[Assert\NotBlank(message: 'کد اقتصادی الزامی است.')]
+    #[Assert\Regex(
+        pattern: '/^\d{11}$/',
+        message: 'کد اقتصادی باید دقیقا ۱۱ رقم باشد.'
+    )]
+    public string $economicCode;
+
+    #[Assert\NotBlank(message: 'کلید خصوصی الزامی است.')]
+    #[Assert\Length(
+        min: 100,
+        minMessage: 'کلید خصوصی باید حداقل ۱۰۰ کاراکتر باشد.'
+    )]
+    #[Assert\Regex(
+        pattern: '/^-----BEGIN (RSA )?PRIVATE KEY-----[\s\S]+-----END (RSA )?PRIVATE KEY-----$/',
+        message: 'فرمت کلید خصوصی معتبر نیست.'
+    )]
+    public string $privateKey;
+}