fix: pcsg/projects/walking-family-project#132 - better exception error message

00e15fd0 · Henning Leutz · 4db1b679 · 00e15fd0 · 00e15fd0
Bestätigt Commit 00e15fd0 erstellt 3 years ago von Henning Leutz
--- a/locale.xml
+++ b/locale.xml
@@ -529,8 +529,10 @@
            <en><![CDATA[Show EPC QR code on invoice]]></en>
        </locale>
        <locale name="invoice.settings.invoice.includeQrCode.description">
-            <de><![CDATA[Auf Rechnungen mit Zahlungsart Rechnung und Vorkasse soll ein EPC-QR-Code (auch "GiroCode") angezeigt werden. Mit diesem können alle nötigen Zahlungsinformationen für SEPA-Überweisungen in gängigen Banking-Apps über das Scannen des QR-Codes verfügbar gemacht werden.]]></de>
+            <de>
-            <en><![CDATA[An EPC QR code is to be displayed on invoices with payment methods invoice and prepayment. With this, all necessary payment information for SEPA transfers can be made available in common banking apps by scanning the QR code.]]></en>
+                <![CDATA[Auf Rechnungen mit Zahlungsart Rechnung und Vorkasse soll ein EPC-QR-Code (auch "GiroCode") angezeigt werden. Mit diesem können alle nötigen Zahlungsinformationen für SEPA-Überweisungen in gängigen Banking-Apps über das Scannen des QR-Codes verfügbar gemacht werden.]]></de>
+            <en>
+                <![CDATA[An EPC QR code is to be displayed on invoices with payment methods invoice and prepayment. With this, all necessary payment information for SEPA transfers can be made available in common banking apps by scanning the QR code.]]></en>
        </locale>
        <locale name="invoice.send.mail.message.description" html="true">
@@ -775,10 +777,12 @@
    </groups>
    <groups name="quiqqer/invoice" datatype="js">
        <locale name="controls.panels.TemporaryInvoice.invoice_files_no_customer">
-            <de><![CDATA[Bitte wähle zuerst einen Kunden für diese Rechnung aus, um Kunden-Dateien mit dieser Rechnung verknüpfen zu können.]]></de>
+            <de>
-            <en><![CDATA[Please select a customer for this invoice first to be able to link customer files to this invoice.]]></en>
+                <![CDATA[Bitte wähle zuerst einen Kunden für diese Rechnung aus, um Kunden-Dateien mit dieser Rechnung verknüpfen zu können.]]></de>
+            <en>
+                <![CDATA[Please select a customer for this invoice first to be able to link customer files to this invoice.]]></en>
        </locale>
        <locale name="journal.btn.paymentBook">
@@ -1277,8 +1281,10 @@
            <en><![CDATA[Prevents posting of invoice drafts]]></en>
        </locale>
        <locale name="processingStatus.tpl.descPreventInvoicePosting">
-            <de><![CDATA[Rechnungsentwürfe mit diesem Status können <b>nicht gebucht</b> werden, solange sie diesen Status innehaben. Sinnvoll für Status, die eine manuelle Überprüfung einer Rechnung erfordern.]]></de>
+            <de>
-            <en><![CDATA[Draft invoices with this status can <b>not be posted</b> as long as they have this status. Useful for statuses that require manual review of an invoice.]]></en>
+                <![CDATA[Rechnungsentwürfe mit diesem Status können <b>nicht gebucht</b> werden, solange sie diesen Status innehaben. Sinnvoll für Status, die eine manuelle Überprüfung einer Rechnung erfordern.]]></de>
+            <en>
+                <![CDATA[Draft invoices with this status can <b>not be posted</b> as long as they have this status. Useful for statuses that require manual review of an invoice.]]></en>
        </locale>
        <locale name="dialog.processingStatus.create.title">
@@ -1650,10 +1656,12 @@
            <en><![CDATA[Invoice [invoiceNo]]]></en>
        </locale>
        <locale name="exception.Invoice.addCustomerFile.no_customer">
-            <de><![CDATA[Die Rechnung hat noch keinen zugewiesenen Kunden. Bitte weise der Rechnung zuerst einen Kunden zu, bevor du der Rechnung Kunden-Dateien zuweist.]]></de>
+            <de>
-            <en><![CDATA[The invoice does not have an assigned customer yet. Please assign a customer to the invoice first before assigning customer files to the invoice.]]></en>
+                <![CDATA[Die Rechnung hat noch keinen zugewiesenen Kunden. Bitte weise der Rechnung zuerst einen Kunden zu, bevor du der Rechnung Kunden-Dateien zuweist.]]></de>
+            <en>
+                <![CDATA[The invoice does not have an assigned customer yet. Please assign a customer to the invoice first before assigning customer files to the invoice.]]></en>
        </locale>
        <locale name="RestApi.Provider.invoice.comment.source">
            <de><![CDATA[Rechnung erstellt über REST API. Herkunft: [source]]]></de>
            <en><![CDATA[Invoice created via REST API. Source: [source]]]></en>
@@ -1888,12 +1896,12 @@
        </locale>
        <locale name="exception.invoice.not.found" html="true">
-            <de><![CDATA[Die gewünschte Rechnung wurde leider nicht gefunden.]]></de>
+            <de><![CDATA[Die gewünschte Rechnung [id] wurde leider nicht gefunden.]]></de>
-            <en><![CDATA[The desired invoice was unfortunately not found.]]></en>
+            <en><![CDATA[The desired invoice [id] was unfortunately not found.]]></en>
        </locale>
        <locale name="exception.temporary.invoice.not.found" html="true">
-            <de><![CDATA[Die gewünschte Rechnung wurde leider nicht gefunden.]]></de>
+            <de><![CDATA[Die gewünschte Rechnung [id] wurde leider nicht gefunden.]]></de>
-            <en><![CDATA[The desired invoice was unfortunately not found.]]></en>
+            <en><![CDATA[The desired invoice [id] was unfortunately not found.]]></en>
        </locale>
        <locale name="exception.parted.invoice.cant.be.canceled">

--- a/src/QUI/ERP/Accounting/Invoice/Handler.php
+++ b/src/QUI/ERP/Accounting/Invoice/Handler.php
@@ -8,6 +8,14 @@
 use QUI;
+use function array_flip;
+use function explode;
+use function is_numeric;
+use function is_string;
+use function mb_strtoupper;
+use function str_replace;
+use function strpos;
 /**
 * Class Handler
 * - Maintains invoices
@@ -229,7 +237,7 @@ public function count($queryParams = [])
     * @param array $params - search params
     * @return array
     */
-    public function searchTemporaryInvoices($params = [])
+    public function searchTemporaryInvoices(array $params = []): array
    {
        $query = [
            'from'  => $this->temporaryInvoiceTable(),
@@ -267,7 +275,7 @@ public function searchTemporaryInvoices($params = [])
     *
     * @throws QUI\DataBase\Exception
     */
-    public function countTemporaryInvoices($queryParams = [])
+    public function countTemporaryInvoices(array $queryParams = []): int
    {
        $query = [
            'from'  => $this->temporaryInvoiceTable(),
@@ -298,7 +306,7 @@ public function countTemporaryInvoices($queryParams = [])
     * Return an Invoice
     * Alias for getInvoice()
     *
-     * @param string $id - ID of the Invoice or InvoiceTemporary
+     * @param string|int $id - ID of the Invoice or InvoiceTemporary
     * @return InvoiceTemporary|Invoice
     *
     * @throws QUI\Exception
@@ -307,7 +315,7 @@ public function get($id)
    {
        $prefix = Settings::getInstance()->getTemporaryInvoicePrefix();
-        if (\strpos($id, $prefix) !== false) {
+        if (strpos($id, $prefix) !== false) {
            return $this->getTemporaryInvoice($id);
        }
@@ -317,13 +325,13 @@ public function get($id)
    /**
     * Return an Invoice
     *
-     * @param string $id - ID of the Invoice
+     * @param string|int $id - ID of the Invoice
     * @return Invoice
     *
     * @throws Exception
     * @throws QUI\Exception
     */
-    public function getInvoice($id)
+    public function getInvoice($id): Invoice
    {
        return new Invoice($id, $this);
    }
@@ -337,7 +345,7 @@ public function getInvoice($id)
     * @throws Exception
     * @throws QUI\Exception
     */
-    public function getInvoiceByHash($hash)
+    public function getInvoiceByHash(string $hash): Invoice
    {
        $result = QUI::getDataBase()->fetch([
            'select' => 'id',
@@ -348,9 +356,11 @@ public function getInvoiceByHash($hash)
            'limit'  => 1
        ]);
+        $hash = QUI\Utils\Security\Orthos::clear($hash);
        if (!isset($result[0])) {
            throw new Exception(
-                ['quiqqer/invoice', 'exception.invoice.not.found'],
+                ['quiqqer/invoice', 'exception.invoice.not.found', ['id' => $hash]],
                404
            );
        }
@@ -367,13 +377,14 @@ public function getInvoiceByHash($hash)
     * @throws Exception
     * @throws QUI\Exception
     */
-    public function getInvoiceData($id)
+    public function getInvoiceData($id): array
    {
        $prefix = Settings::getInstance()->getInvoicePrefix();
+        $hash   = QUI\Utils\Security\Orthos::clear($id);
-        if (!\is_numeric(\str_replace($prefix, '', $id))) {
+        if (!is_numeric(str_replace($prefix, '', $id))) {
            throw new Exception(
-                ['quiqqer/invoice', 'exception.invoice.not.found'],
+                ['quiqqer/invoice', 'exception.invoice.not.found', ['id' => $hash]],
                404
            );
        }
@@ -381,14 +392,14 @@ public function getInvoiceData($id)
        $result = QUI::getDataBase()->fetch([
            'from'  => self::invoiceTable(),
            'where' => [
-                'id' => (int)\str_replace($prefix, '', $id)
+                'id' => (int)str_replace($prefix, '', $id)
            ],
            'limit' => 1
        ]);
        if (!isset($result[0])) {
            throw new Exception(
-                ['quiqqer/invoice', 'exception.invoice.not.found'],
+                ['quiqqer/invoice', 'exception.invoice.not.found', ['id' => $hash]],
                404
            );
        }
@@ -416,7 +427,7 @@ public function getInvoiceData($id)
     *
     * @return string
     */
-    public function temporaryInvoiceTable()
+    public function temporaryInvoiceTable(): string
    {
        return QUI::getDBTableName(self::TABLE_TEMPORARY_INVOICE);
    }
@@ -424,13 +435,13 @@ public function temporaryInvoiceTable()
    /**
     * Return a temporary invoice
     *
-     * @param string $id - ID of the Invoice
+     * @param string|int $id - ID of the Invoice
     * @return InvoiceTemporary
     *
     * @throws Exception
     * @throws QUI\Exception
     */
-    public function getTemporaryInvoice($id)
+    public function getTemporaryInvoice($id): InvoiceTemporary
    {
        return new InvoiceTemporary($id, $this);
    }
@@ -444,7 +455,7 @@ public function getTemporaryInvoice($id)
     * @throws Exception
     * @throws QUI\Exception
     */
-    public function getTemporaryInvoiceByHash($hash)
+    public function getTemporaryInvoiceByHash(string $hash): InvoiceTemporary
    {
        $result = QUI::getDataBase()->fetch([
            'select' => 'id',
@@ -455,9 +466,11 @@ public function getTemporaryInvoiceByHash($hash)
            'limit'  => 1
        ]);
+        $hash = QUI\Utils\Security\Orthos::clear($hash);
        if (!isset($result[0])) {
            throw new Exception(
-                ['quiqqer/invoice', 'exception.temporary.invoice.not.found'],
+                ['quiqqer/invoice', 'exception.temporary.invoice.not.found', ['id' => $hash]],
                404
            );
        }
@@ -468,27 +481,29 @@ public function getTemporaryInvoiceByHash($hash)
    /**
     * Return the data from a temporary invoice
     *
-     * @param string $id
+     * @param string|int $id
     * @return array
     *
     * @throws Exception
     * @throws QUI\Exception
     */
-    public function getTemporaryInvoiceData($id)
+    public function getTemporaryInvoiceData($id): array
    {
        $prefix = Settings::getInstance()->getTemporaryInvoicePrefix();
        $result = QUI::getDataBase()->fetch([
            'from'  => self::temporaryInvoiceTable(),
            'where' => [
-                'id' => (int)\str_replace($prefix, '', $id)
+                'id' => (int)str_replace($prefix, '', $id)
            ],
            'limit' => 1
        ]);
+        $id = QUI\Utils\Security\Orthos::clear($id);
        if (!isset($result[0])) {
            throw new Exception(
-                ['quiqqer/invoice', 'exception.temporary.invoice.not.found'],
+                ['quiqqer/invoice', 'exception.temporary.invoice.not.found', ['id' => $id]],
                404
            );
        }
@@ -527,7 +542,7 @@ public function getTemporaryInvoiceData($id)
     *
     * @throws QUI\DataBase\Exception
     */
-    public function getInvoicesByGlobalProcessId($processId)
+    public function getInvoicesByGlobalProcessId($processId): array
    {
        $result = [];
@@ -567,7 +582,7 @@ public function getInvoicesByGlobalProcessId($processId)
    /**
     * @return array
     */
-    protected function getOrderGroupFields()
+    protected function getOrderGroupFields(): array
    {
        return [
            'id',
@@ -603,14 +618,14 @@ protected function getOrderGroupFields()
     * @param $str
     * @return bool
     */
-    protected function canBeUseAsOrderField($str)
+    protected function canBeUseAsOrderField($str): bool
    {
-        if (!\is_string($str)) {
+        if (!is_string($str)) {
            return false;
        }
-        $fields = \array_flip($this->getOrderGroupFields());
+        $fields = array_flip($this->getOrderGroupFields());
-        $str    = \explode(' ', $str);
+        $str    = explode(' ', $str);
        if (!isset($fields[$str[0]])) {
            return false;
@@ -620,8 +635,8 @@ protected function canBeUseAsOrderField($str)
            return true;
        }
-        if (\mb_strtoupper($fields[$str[1]]) === 'DESC' ||
+        if (mb_strtoupper($fields[$str[1]]) === 'DESC' ||
-            \mb_strtoupper($fields[$str[1]]) === 'ASC') {
+            mb_strtoupper($fields[$str[1]]) === 'ASC') {
            return true;
        }