src/Diplix/KMGBundle/Controller/Service/Api2Controller.php line 189

Open in your IDE?
  1. <?php
  2. namespace Diplix\KMGBundle\Controller\Service;
  4. use Cocur\Slugify\Slugify;
  5. use Diplix\Commons\DataHandlingBundle\Entity\SysLogEntry;
  6. use Diplix\Commons\DataHandlingBundle\Repository\SysLogRepository;
  7. use Diplix\KMGBundle\Controller\Availability\AvailabilityController;
  8. use Diplix\KMGBundle\Entity\Accounting\Job;
  9. use Diplix\KMGBundle\Entity\Address;
  10. use Diplix\KMGBundle\Entity\Availability;
  11. use Diplix\KMGBundle\Entity\Dispatching\ChatMessage;
  12. use Diplix\KMGBundle\Entity\Dispatching\DispatchQueueItem;
  13. use Diplix\KMGBundle\Entity\File;
  14. use Diplix\KMGBundle\Entity\Order;
  15. use Diplix\KMGBundle\Entity\OrderStatus;
  16. use Diplix\KMGBundle\Entity\PaymentType;
  17. use Diplix\KMGBundle\Entity\PriceList;
  18. use Diplix\KMGBundle\Entity\Role;
  19. use Diplix\KMGBundle\Entity\User;
  20. use Diplix\KMGBundle\Exception\OrderValidationException;
  21. use Diplix\KMGBundle\Form\OrderForm;
  22. use Diplix\KMGBundle\Form\Util\FormErrorsSerializer;
  23. use Diplix\KMGBundle\Helper\ClientConfigProvider;
  24. use Diplix\KMGBundle\PdfGeneration\JobPdf;
  25. use Diplix\KMGBundle\PriceCalculator\AbstractPriceCalculator;
  26. use Diplix\KMGBundle\Repository\AvailabilityRepository;
  27. use Diplix\KMGBundle\Repository\BasicRepository;
  28. use Diplix\KMGBundle\Repository\FileRepository;
  29. use Diplix\KMGBundle\Service\MobileNotifier;
  30. use Diplix\KMGBundle\Service\Notifier;
  31. use Diplix\KMGBundle\Service\OrderHandler;
  32. use Diplix\KMGBundle\Service\TaMiConnector;
  33. use Doctrine\ORM\EntityManagerInterface;
  34. use League\Flysystem\FilesystemOperator;
  35. use Symfony\Component\Form\FormError;
  36. use Symfony\Component\HttpFoundation\JsonResponse;
  37. use Symfony\Component\HttpFoundation\Request;
  38. use Symfony\Component\HttpKernel\Exception\NotFoundHttpException;
  39. use Symfony\Component\PasswordHasher\Hasher\UserPasswordHasherInterface;
  40. use Symfony\Component\PropertyAccess\PropertyAccess;
  41. use Symfony\Component\Routing\Exception\MethodNotAllowedException;
  42. use Symfony\Component\Security\Core\Encoder\EncoderFactoryInterface;
  44. class Api2Controller extends ServiceBaseController
  45. {
  46.     public const LOG_TYPE 'Api2';
  49.     protected function hasRole($role)
  50.     {
  51.         $R $this->user->getRoles(true);
  52.         /** @var Role $RR */
  53.         foreach ($R as $RR)
  54.         {
  55.             /** @noinspection TypeUnsafeComparisonInspection */
  56.             if ($RR->getRole() == $role) return true;
  57.         }
  58.         return false;
  59.     }
  60.     protected function parseAndAuth(Request $request)
  61.     {
  62.         $data $this->parseRequest($request);
  63.         $this->loadUser($data['login'],$data['password'],false);
  64.         // do not detach user -> deprecated and kills further ops which rely on objects with an association with that user (e.g. deviceTokens)
  65.         return $data;
  66.     }
  68.     protected function storeToken(array $req$source='')
  69.     {
  70.         SysLogRepository::logMessage(
  71.             $this->managerRegistry->getConnection(),
  72.             SysLogEntry::SYS_INFO,
  73.             sprintf('User#%d reported token "%s" for platform "%s" (%s)',$this->user->getId(), $req['fcm_token']??'-',$req['platform']??'-',$source)
  74.         );
  77.         if ( (isset($req['fcm_token']) && (strlen($req['fcm_token'])>1)) )
  78.         {
  79.             $token $req['fcm_token'];
  80.             $platform = isset($req['platform']) ? $req['platform'] : 'unknown platform';
  81.             $isNewToken $this->userRepo->addFcmTokenToUser($this->user->getId(), $token,$platform);
  82.             $logToken substr($token,0,4).'(...)'.substr($token,-4);
  83.             if ($isNewToken)
  84.                 SysLogRepository::logMessage(
  85.                     $this->managerRegistry->getConnection(),
  86.                     SysLogEntry::SYS_INFO,
  87.                     sprintf('User#%d stored a new FCM token "%s" for platform "%s"',$this->user->getId(),$logToken,$platform)
  88.                 );
  89.         }
  90.     }
  91.     public function storeFcmTokenAction(Request $request)
  92.     {
  93.         $req $this->parseAndAuth($request);
  94.         // auth successful at this point
  95.         $this->storeToken($req,"storeFcmTokenAction");
  96.         return new JsonResponse(['success' => true]);
  97.     }
  99.     public function __construct(
  100.         protected FileRepository $fileRepository,
  101.         protected OrderHandler $orderHandler,
  102.         protected Notifier $notifier,
  103.         protected MobileNotifier $mobileNotifier,
  104.         protected TaMiConnector $taMiConnector,
  105.         protected FilesystemOperator $uploadsFilesystem,
  106.         protected UserPasswordHasherInterface $hasher,
  107.         private readonly \Doctrine\Persistence\ManagerRegistry $managerRegistry,
  108.     )
  109.     {
  110.         parent::__construct($this->hasher,$this->managerRegistry);
  111.     }
  113.     public function indexAction(Request $request)
  114.     {
  115.         $req $this->parseAndAuth($request);
  116.         // auth successful at this point
  117.         $this->storeToken($req,"indexAction");
  118.         $res = [
  119.             'success' => true,
  120.             'user' => [
  121.                 'firstName' =>$this->user->getFirstName(),
  122.                 'lastName' =>$this->user->getLastName(),
  123.                 'email' =>$this->user->getEmail(),
  124.                 'id' =>$this->user->getId(),
  125.             ]
  126.         ];
  127.         $m $this->user->getMember();
  128.         if ($m !== null)
  129.         {
  130.             $res['member'] = [
  131.                 'name' => $m->getName(),
  132.                 'number' =>$m->getNumber(),
  133.                 'code' =>$m->getShortCode(),
  134.                 'id' =>$m->getId()
  135.             ];
  136.         }
  137.         $c $this->user->getCustomer();
  138.         if ($c !== null)
  139.         {
  140.             $res['customer'] = [
  141.                 'name' =>$c->getName(),
  142.                 'number' =>$c->getCustomerNo(),
  143.                 'id' =>$c->getId()
  144.             ];
  145.         }
  146.         return new JsonResponse($res);
  147.     }
  149.     public static function prepare4json(&$data,$humanReadable=true)
  150.     {
  151.         $data['customer'] =  $data['customer']['id'];
  152.         $data['beOwner'] =   $data['beOwner']['id'];
  153.         $data['assignedTo'] =   $data['assignedTo'] !== null $data['assignedTo']['id'] : 0;
  154.         $data['orderStatus'] = $data['orderStatus']['id'];
  155.         $data['orderTime'] = $data['orderTime']->format(self::DATE_FORMAT);
  156.         $data['paymentType'] = $humanReadable $data['paymentType']['name'] : $data['paymentType']['id'];;
  157.         $ft $data['flightTime'];
  158.         $data['flightTime'] = $ft != null $ft->format('H:i') : null;
  159.         for ($a=0$a$ac=count($data['addressList']); $a++)
  160.         {
  161.             $data['addressList'][$a]['beCreated'] = $data['addressList'][$a]['beCreated']->format(self::DATE_FORMAT);
  162.             $data['addressList'][$a]['beEdited'] = $data['addressList'][$a]['beEdited']  !== null $data['addressList'][$a]['beEdited']->format(self::DATE_FORMAT) : null;
  163.             unset($data['addressList'][$a]['beDeleted']);
  164.             unset($data['addressList'][$a]['creditCardNo']);
  165.             unset($data['addressList'][$a]['creditCardMonth']);
  166.             unset($data['addressList'][$a]['creditCardYear']);
  167.         }
  168.     }
  170.     public function singleOrderAction(Request $request)
  171.     {
  172.         $req $this->parseAndAuth($request);
  173.         $repo $this->managerRegistry->getRepository(Order::class);
  174.         //if ($this->user->getMember()===null) throw new \Exception('Fetching a single order is not enabled for your account.');
  175.         $data = [];
  176.         $item $repo->getSingleAsArray($req['id']);
  177.         if ($item!=null)
  178.         {
  179.             self::prepare4json($item);
  180.             $data[]= $item;
  181.         }
  182.         return new JsonResponse([   'success'   => true,
  183.             'data'      => $data
  184.         ]);
  185.     }
  187.     public function ordersAction(Request $request)
  188.     {
  189.         $req $this->parseAndAuth($request);
  190.         // get filters owned orders
  191.         $filterStatus array_key_exists('status',$req) ? $req['status'] : 0;
  192.         $from = (new \DateTime())->sub(new \DateInterval('P3M'));
  193.         $to = (new \DateTime())->add(new \DateInterval('P3M'));
  194.         $from array_key_exists('from',$req) ? new \DateTime($req['from']) : $from ;
  195.         $to array_key_exists('until',$req) ? new \DateTime($req['until']) : $to ;
  197.         $repo $this->managerRegistry->getRepository(Order::class);
  198.         if ($this->user->getMember()!==null)
  199.         {
  200.             $data $repo->findAllForOverview(
  201.                 null,
  202.                 0,
  203.                 $filterStatus,
  204.                 $from,
  205.                 $to,
  206.                 $this->user->getMember()->getId());
  207.         }
  208.         else
  209.         {
  210.             $filterUserList $this->userRepo->findUsersISubstitute($this->user);
  211.             $filterUserList[] = $this->user;
  212.             $filterCustomerId 0// 0 = no additional filtering - already done through userlist
  213.             // no superadmin or orderadmin filters at the moment
  214.             $data $repo->findAllForOverview(
  215.                 $filterUserList,
  216.                 $filterCustomerId,
  217.                 $filterStatus,
  218.                 $from,
  219.                 $to);
  220.         }
  221.         // pre-process joined table fields
  222.         $ic count($data);
  223.         for ($i=0;$i<$ic;$i++)
  224.         {
  225.             $this->prepare4json($data[$i]);
  226.         }
  227.         return new JsonResponse([   'success'   => true,
  228.             'from'      => $from,
  229.             'until'        => $to,
  230.             'data'      => $data
  231.         ]);
  232.     }
  234.     const CODE_MINE 1;
  235.     const CODE_NOT_MINE 2;
  237.     protected function mnLog($it,$msg,$isError=false,$details=[])
  238.     {
  239.         $itid = ($it instanceof DispatchQueueItem $it->getId() : ($it !== null ? (string)$it 'null'));
  240.         $this->managerRegistry
  241.             ->getRepository(SysLogEntry::class)
  242.             ->log(($isError SysLogEntry::SYS_ERROR SysLogEntry::SYS_INFO), MobileNotifier::LOG_TYPE$msg$details00$itid);
  243.     }
  245.     public function acceptOrDenyOrderAction(Request $request)
  246.     {
  247.         $repo $this->managerRegistry->getRepository(Order::class);
  248.         $dqi $this->managerRegistry->getRepository(DispatchQueueItem::class);
  249.         try {
  250.             $code self::CODE_NOT_MINE;
  251.             $req $this->parseAndAuth($request);
  252.             if (!in_array($req['action'],['accept','decline']))
  253.             {
  254.                 throw new \Exception('Unbekannte action.');
  255.             }
  256.             $this->managerRegistry->getManager()->transactional(function(EntityManagerInterface $em) use ($repo,$dqi,$req,&$code) {
  257.                 $order null;
  258.                 if (isset($req['id']))
  259.                 {
  260.                     $order $repo->findOneBy(['id'=>$req['id']]);
  261.                 }
  262.                 else
  263.                 {
  264.                     $order $repo->findOneBy(['orderId'=>$req['orderId']]);
  265.                 }
  267.                 $refMsg $dqi->findOneBy(['id'=>$req['reference'] ?? 'null']);
  268.                 if (($order->getAssignedTo()===null) || ($order->getAssignedTo()->getId() != $this->user->getMember()->getId()) )
  269.                 {
  270.                     throw new \Exception(/*var_export($req,true).*/sprintf('Diese Fahrt(#%d:%s) ist Ihnen(%s) nicht zugeordnet.',$order->getId(),$order->getOrderId(),$this->user->getMember()->getId()),self::CODE_NOT_MINE);
  271.                 }
  273.                 if ($req['action']==='accept')
  274.                 {
  275.                     $order->setAssignmentConfirmed(true$this->user);
  276.                     $order->setAssignmentStatus(Order::AS_NONE);
  277.                     $code self::CODE_MINE;
  278.                     if ($refMsg!==null)
  279.                     {
  280.                         $refMsg->setResponse(DispatchQueueItem::R_CONFIRMED);
  281.                     }
  282.                     $this->mnLog($refMsg,'Fahrt angenommen');
  283.                 }
  284.                 else
  285.                 if ($req['action']==='decline')
  286.                 {
  287.                     if ($order->isAssignmentConfirmed())
  288.                     {
  289.                         throw new \Exception('Fahrt wurde bereits bestätigt. Bitte rufen Sie an um Ă„nderungen vorzunehmen.',self::CODE_MINE);
  290.                     }
  292.                     if ($order->getOrderStatus()->getId()==OrderStatus::STATUS_VERMITTELT)
  293.                     {
  294.                         $osOffen $em->find(OrderStatus::class,OrderStatus::STATUS_OPEN);
  295.                         $order->setOrderStatus($osOffen);
  296.                     }
  297.                     $order->setAssignedTo(null);
  298.                     if ($order->getXchgStatus() !== Order::XCHG_RECEIVED_FROM_OTHER// falls Fahrt von Fremdsystem darf der Status nicht geändert werden
  299.                     {
  300.                         $order->setXchgStatus(Order::XCHG_NONE);
  301.                     }
  303.                     $order->setXchgTo(null);
  304.                     $order->setAssignmentStatus(Order::AS_LAST_ASSIGNMENT_DENIED);
  305.                     if ($refMsg!==null)
  306.                     {
  307.                         $refMsg->setResponse(DispatchQueueItem::R_REFUSED);
  308.                     }
  309.                     $this->mnLog($refMsg,'Fahrt abgelehnt');
  310.                 }
  311.             });
  312.             // TODO: notifications/orderhandler??
  313.             $order null;
  314.             if (isset($req['id']))
  315.             {
  316.                 $order $repo->findOneBy(['id'=>$req['id']]);
  317.             }
  318.             else
  319.             {
  320.                 $order $repo->findOneBy(['orderId'=>$req['orderId']]);
  321.             }
  323.             $this->notifier->triggerOrderUpdateForMember($order); // having this line in finally() crashes since entity manager is already closed when an error occurs above
  324.             return new JsonResponse([   'success'   => true'mine'=>($code == self::CODE_MINE) ]);
  325.         }
  326.         catch (\Throwable $ex)
  327.         {
  328.             SysLogRepository::logMessage($this->managerRegistry->getConnection(),SysLogEntry::SYS_ERROR'acceptOrDenyOrderAction():'.$ex->getMessage());
  329.             return new JsonResponse([   'success'   => false'mine'=>($ex->getCode()==self::CODE_MINE), 'message'=>$ex->getMessage()??'' ]);
  330.         }
  331.     }
  333.     public function confirmMessageReceivedAction(Request $request)
  334.     {
  335.         try {
  336.             $req $this->parseAndAuth($request);
  337.             $mn $this->mobileNotifier;
  338.             $ok $mn->confirmReceived($req['guid'],true);
  339.             return new JsonResponse([ 'success'   => $ok ]);
  340.         }
  341.         catch (\Exception $ex)
  342.         {
  343.             SysLogRepository::logMessage($this->managerRegistry->getConnection(),SysLogEntry::SYS_ERROR'confirmMessageReceivedAction():'.$ex->getMessage());
  344.             return new JsonResponse([ 'success'   => false'message'=>$ex->getMessage() ]);
  345.         }
  346.     }
  348.     /**
  349.      * @param $id
  350.      * @return Order
  351.      */
  352.     protected function fetchOrderAndCheckAssignment($id)
  353.     {
  354.         return $this->fetchOrderAndCheckAssignmentByQuery(array('id' => $id));
  355.     }
  357.     /**
  358.      * @param $id
  359.      * @return Order
  360.      */
  361.     protected function fetchOrderAndCheckAssignmentByQuery(array $predicates)
  362.     {
  363.         $repo $this->managerRegistry->getRepository(Order::class);
  364.         /** @var Order $row */
  365.         $row $repo->findOneBy($predicates);
  366.         if ($row === null)
  367.         {
  368.             throw new NotFoundHttpException('Invalid id: '.var_export($predicates,true));
  369.         }
  370.         if ( ($row->getAssignedTo() === null) ||($row->getAssignedTo()->getId()!= $this->user->getMember()->getId()) )
  371.         {
  372.             throw $this->createAccessDeniedException('Fahrt ist Ihnen nicht zugeordnet.');
  373.         }
  375.         return $row;
  376.     }
  378.     public function jobPdfAction(Request $request$id)
  379.     {
  380.         $this->parseAndAuth($request);
  381.         $row $this->fetchOrderAndCheckAssignment($id);
  382.         $pdfFile $this->orderHandler->getJobPdf($row,$this->user,'App',true);
  383.         return $this->getDownloadResponse($pdfFile,basename($pdfFile));
  384.     }
  386.     public function updateJobByOrderIdAction(Request $request)
  387.     {
  388.         // todo merge with updateJobInfoAction()
  389.         $jr $this->managerRegistry->getRepository(Job::class);
  390.         $fr $this->fileRepository;
  391.         $req $this->parseAndAuth($request);
  392.         $row $this->fetchOrderAndCheckAssignmentByQuery(['orderId'=>$req['orderId']]);
  393.         $job $jr->findOrCreateForOrder($row);
  395.         $pp PropertyAccess::createPropertyAccessor();
  397.         // transform
  398.         foreach (['flightOnPositionTime',
  399.                      'departureAtOriginTime',
  400.                      'arrivalAtDestinationTime',] as $k)
  401.         {
  402.             if (isset($req[$k]) && $req[$k]!=null$req[$k] = new \DateTime($req[$k]);
  403.         }
  404.         foreach (["memberExtraKm"] as $k)
  405.         {
  406.             if (isset($req[$k])&& $req[$k]!=null)  $req[$k] = (int)$req[$k];
  407.         }
  409.         foreach ([  'flightOnPositionTime',
  410.                      'departureAtOriginTime',
  411.                      'arrivalAtDestinationTime',
  412.                      'passengerNotMet',
  413.                      'taxameter',
  414.                      'taxameterVat',
  415.                      'extraCostName',
  416.                      'extraCostPrice',
  417.                      'memberExtraKm',
  418.                      'confirmedByCustomerThrough',
  419.                      'approvedByDriver',
  420.                      'werksRundfahrt',
  421.                     'extraWaitingTimeRide',
  422.                     'extraWaitingTime',
  423.                     'instantRideAdditionalWaitingTime',
  424.                     // not allowed to set: instantRide
  425.                     // not allowed to set: hasMemberExtraKm
  426.                  ] as $k)
  427.         {
  428.             if (array_key_exists($k,$req))
  429.             {
  430.                 $pp->setValue($job,$k,$req[$k]);
  431.             }
  432.         }
  433.         if ($job->getConfirmedByCustomerThrough()>0)
  434.         {
  435.             $job->setApprovedByPassenger(true);
  436.         }
  437.         if ((array_key_exists('customerSignature',$req)) && ($req['customerSignature']!=null))
  438.         {
  439.             $stream '';
  440.             foreach ($req['customerSignature'] as $char)
  441.             {
  442.                 $stream.= chr($char);
  443.             }
  444.             $F File::fromPsr7StreamOrString($streamsprintf('signature_%s_%d.png',$row->getOrderId(),(new \DateTime())->getTimestamp()), $this->uploadsFilesystem,'signatures');
  445.             $fr->persistFlush($F);
  446.             $job->setCustomerSignature($F);
  447.         }
  449.         if ($job->isApprovedByDriver())
  450.         {
  451.             $jr->setApprovedByDriver($job);
  452.             $this->orderHandler->triggerJobCalculation($job);
  453.         }
  455.         $job->setLastChangeByMember(new \DateTime());
  456.         $jr->flush();
  457.         return new JsonResponse(['success' => true]);
  458.     }
  460.     public function updateJobInfoAction(Request $request$id)
  461.     {
  462.         $jr $this->managerRegistry->getRepository(Job::class);
  463.         $fr $this->fileRepository;
  464.         $req $this->parseAndAuth($request);
  465.         $row $this->fetchOrderAndCheckAssignment($id);
  466.         $job $jr->findOrCreateForOrder($row);
  467.         $pp PropertyAccess::createPropertyAccessor();
  469.         // transform
  470.         foreach (['flightOnPositionTime',
  471.                      'departureAtOriginTime',
  472.                      'arrivalAtDestinationTime',] as $k)
  473.         {
  474.             if ($req[$k]!=null$req[$k] = new \DateTime($req[$k]);
  475.         }
  477.         foreach ([  'flightOnPositionTime',
  478.                     'departureAtOriginTime',
  479.                     'arrivalAtDestinationTime',
  480.                     'passengerNotMet',
  481.                     'taxameter',
  482.                     'taxameterVat',
  483.                     'extraCostName',
  484.                     'extraCostPrice',
  485.                     'memberExtraKm',
  486.                     'confirmedByCustomerThrough',
  487.                     'approvedByDriver'
  488.                      ] as $k)
  489.         {
  490.             if ($k==="memberExtraKm"$req[$k] = (int)$req[$k];
  491.             $pp->setValue($job,$k,$req[$k]);
  492.         }
  493.         if ($job->getConfirmedByCustomerThrough()>0)
  494.         {
  495.             $job->setApprovedByPassenger(true);
  496.         }
  497.         if ((array_key_exists('customerSignature',$req)) && ($req['customerSignature']!=null))
  498.         {
  499.             $stream '';
  500.             foreach ($req['customerSignature'] as $char)
  501.             {
  502.                 $stream.= chr($char);
  503.             }
  504.             $F File::fromPsr7StreamOrString($streamsprintf('signature_%s_%d.png',$row->getOrderId(),(new \DateTime())->getTimestamp()), $this->uploadsFilesystem,'signatures');
  505.             $fr->persistFlush($F);
  506.             $job->setCustomerSignature($F);
  507.         }
  509.         if ($job->isApprovedByDriver())
  510.         {
  511.             $this->orderHandler->triggerJobCalculation($job);
  512.         }
  514.         $job->setLastChangeByMember(new \DateTime());
  515.         $jr->flush();
  516.         return new JsonResponse(['success' => true]);
  517.     }
  519.     public function chatMessageAction(Request $request)
  520.     {
  521.         $req $this->parseAndAuth($request);
  522.         $notifier $this->notifier;
  523.         $repo $this->managerRegistry->getRepository(ChatMessage::class);
  524.         $msg ChatMessage::textFrom($this->user,$req['message']);
  525.         $repo->persistFlush($msg);
  526.         $notifier->notifyWebSocketAboutChatMessage($msg);
  527.         return new JsonResponse(['success' => true'ref'=>$msg->getId() ]);
  528.     }
  530.     /**
  531.      * @return PriceList
  532.      * @throws \Exception
  533.      * todo : remove redudancy
  534.      */
  535.     protected function getDefaultPriceList()
  536.     {
  537.         $pl $this->user->getCustomer()->getDefaultPriceList();
  538.         if ($pl === null)
  539.         {
  540.             $pl $this->user->getCustomer()->getPriceLists()->get(0);
  541.             if ($pl === null) throw new \Exception("No priceList set");
  542.         }
  543.         return $pl;
  544.     }
  546.     protected function getDefaultPaymentType(User $user)
  547.     {
  548.         $pt $user->getCustomer()->getDefaultPaymentType();
  549.         if ($pt === null)
  550.         {
  551.             $pt $user->getCustomer()->getPaymentTypes()->get(0);
  552.             if ($pt === null) throw new \Exception("No paymentType set");
  553.         }
  554.         return $pt;
  555.     }
  557.     public function placeOrderAction(Request $request)
  558.     {
  559.         // TODO refactor order process (mail,tami,...) into service
  561.         $req $this->parseAndAuth($request);
  563.         if ($request->getMethod()!==Request::METHOD_POST)
  564.         {
  565.             return new JsonResponse(['success' => false'errorList' => ["Use POST !"]]);
  566.         }
  568.         $orderRepo $this->managerRegistry->getRepository(Order::class);
  569.         $tami $this->taMiConnector;
  570.         $oh $this->orderHandler;
  571.         // check request
  572.         $user $this->managerRegistry->getRepository(User::class)->findOneBy(['id'=>$this->user->getId()]);
  573.         $row =   $oh->getNewOrder($user,null,OrderStatus::STATUS_DRAFT);
  574.         $form $this->createForm(OrderForm::class,$row, [
  575.             OrderForm::OPT_CUSTOMER => $this->user->getCustomer(),
  576.             OrderForm::em => $this->managerRegistry->getManager(),
  577.             OrderForm::fromService => false,
  578.             'allow_extra_fields'=>true// omit extra fields warnings
  579.             'csrf_protection' => false
  580.         ]);
  582.         // auto-inject defaults
  583.         $req["ordererName"] = $this->user->getLastName();
  584.         $req["ordererMail"] = $this->user->getEmail();
  585.         $req["ordererPhone"] = $this->user->getPhone();
  586.         $req["paymentType"] = $this->getDefaultPaymentType($this->user)->getId();
  587.         $req["priceList"] = $this->getDefaultPriceList()->getId();
  588.         $req['lastEstimatedDistance'] = 0;
  589.         $req['lastEstimatedPrice'] = 0;
  591.         // tranform origin/destination to our internal address structure
  592.         if (isset($req['origin']) && isset($req['destination']))
  593.         {
  594.             // try to parse address
  595.             /** @var Address $a1 */
  596.             $a1 $row->getAddressList()->get(0);
  597.             /** @var Address $a2 */
  598.             $a2 $row->getAddressList()->get(1);
  599.             if (is_array($req['origin']))
  600.                 $a1->fromJson($req['origin']);
  601.             else
  602.                 CustomerEndpointController::tryParseAddress($a1,$req['origin']);
  603.             if (is_array($req['destination']))
  604.                 $a2->fromJson($req['destination']);
  605.             else
  606.                 CustomerEndpointController::tryParseAddress($a2,$req['destination']);
  607.             $a1->setSortOrder(0);
  608.             $a2->setSortOrder(1);
  609.             $req['addressList'] = [];
  610.             $req['addressList'][0] = $a1->jsonSerialize();
  611.             $req['addressList'][1] = $a2->jsonSerialize();
  612.             $req array_merge($req,$a1->jsonSerialize('addressList_0_'));
  613.             $req array_merge($req,$a2->jsonSerialize('addressList_1_'));
  614.         }
  615.         else
  616.         {
  617.             // the address is supposed to be transmitted in the correct structure like it has been submitted via form
  618.             // done via prepare4json which is also used in OrderHandler::sendToPlatform
  619.         }
  620.         $xchg = isset($req['xchg'])&&($req['xchg']);
  622.         $fes = new FormErrorsSerializer();
  623.         $form->submit($req);
  624.         if ($form->isValid())
  625.         {
  626.             if ($xchg)
  627.             {
  628.                 $row->setXchgStatus(Order::XCHG_RECEIVED_FROM_OTHER);
  629.                 $row->setXchgOrderId(  $req['original_order_id'] );
  630.                 $row->setOriginOrderId$req['original_order_id'] );
  631.             }
  632.             if ( (isset($req['commit']))&&($req['commit']== true) )
  633.             {
  634.                 try {
  635.                     $oh-> storeOrUpdate($row);
  636.                     $oh->initiateOrder($row);
  637.                 } catch (OrderValidationException $ex) {
  638.                     $form->addError(new FormError($ex->getMessage()));
  639.                 }
  640.                 // success
  641.                 if ( ($form->isValid()) && ($form->getErrors()->count() < 1))
  642.                 {
  643.                     SysLogRepository::logMessage(
  644.                         $this->managerRegistry->getConnection(),
  645.                         SysLogEntry::SYS_INFO,
  646.                         sprintf('API: Order %s placed.',$row->getOrderId())
  647.                     );
  648.                     return new JsonResponse(['success' => true'data' => $row->getOrderId()]);
  649.                 }
  650.                 // failed
  651.                 $errors $fes->serializeFormErrors($formtruetrue);
  652.                 SysLogRepository::logMessage(
  653.                     $this->managerRegistry->getConnection(),
  654.                     SysLogEntry::SYS_INFO,
  655.                     sprintf('API: Order rejected: %s',var_export($errors,true))
  656.                 );
  657.                 return new JsonResponse(['success' => false'errorList' => $errors]);
  658.             }
  659.             // simulation active
  660.             return new JsonResponse(['success' => true'data' => 'not committed']);
  661.         }
  662.         // form is not valid
  663.         $errors $fes->serializeFormErrors($formtruetrue);
  664.         return new JsonResponse(['success' => false'errorList' => $errors]);
  665.     }
  668.     public function announceReadyAction(Request $request)
  669.     {
  670.         $req $this->parseAndAuth($request);
  671.         $tomorrow $req['tomorrow'] === 'true';
  672.         /** @var AvailabilityRepository $repo */
  673.         $repo $this->managerRegistry->getRepository(Availability::class);
  674.         $ret $repo->announceReady($this->user->getMember(),$tomorrow);
  675.         return new JsonResponse(['success' => $ret'data' =>[]]);
  676.     }
  678.     public function cancelOrderAction(Request $request)
  679.     {
  680.         $req $this->parseAndAuth($request);
  681.         $repo $this->managerRegistry->getRepository(Order::class);
  682.         try
  683.         {
  684.             if ($request->getMethod()!==Request::METHOD_POST)
  685.             {
  686.                 throw new MethodNotAllowedException([Request::METHOD_POST],"Use POST !");
  687.             }
  688.             if (!isset($req['orderId']))
  689.             {
  690.                 throw new \RuntimeException("No orderId");
  691.             }
  692.             $row $repo->findOneBy(["orderId"=>$req['orderId'], 'customer'=> $this->user->getCustomer()->getId()]);
  693.             if ($row === null)
  694.             {
  695.                 throw new \RuntimeException('Unbekannte oder nicht zugehörige OrderId');
  696.             }
  698.             // bereits storniert -> erfolgsfall melden
  699.             if ($row->getOrderStatus()->getId() === OrderStatus::STATUS_CANCELED)
  700.             {
  701.                 return new JsonResponse(['success' => true'data' => $row->getOrderId() . " storniert"]);
  702.             }
  704.             $oh $this->orderHandler;
  705.             $oh->ensureThatOrderCanBeCancelled($row);
  706.             if ( (isset($req['commit']))&&($req['commit']== true) )
  707.             {
  708.                 $oh->cancelOrder($row);
  709.                 SysLogRepository::logMessage(
  710.                     $this->managerRegistry->getConnection(),
  711.                     SysLogEntry::SYS_INFO,
  712.                     sprintf('API: Order %s cancelled.',$row->getOrderId())
  713.                 );
  715.                 return new JsonResponse(['success' => true'data' => $row->getOrderId() . " storniert"]);
  716.             }
  717.             else
  718.             {
  719.                 return new JsonResponse(['success' => true'data' => 'not committed']);
  720.             }
  721.         }
  722.         catch (\Throwable $ex)
  723.         {
  724.             return new JsonResponse(['success' => false'errorList' => [ $ex->getMessage() ]]);
  725.         }
  726.     }
  729. }