ver. 0.296: REST API for ordersPRO — orders management, dictionaries, API key auth
- New API layer: ApiRouter, OrdersApiController, DictionariesApiController - Orders API: list (with filters/pagination/updated_since), details, change status, set paid/unpaid - Dictionaries API: order statuses, transport methods, payment methods - X-Api-Key authentication via pp_settings.api_key - OrderRepository: listForApi(), findForApi(), touchUpdatedAt() - updated_at column on pp_shop_orders for polling support - api.php: skip session for API requests, route to ApiRouter - SettingsController: api_key field in system tab - 30 new tests (666 total, 1930 assertions) Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
This commit is contained in:
@@ -311,6 +311,7 @@ class OrderRepository
|
||||
}
|
||||
|
||||
$this->db->update('pp_shop_orders', ['notes' => $notes], ['id' => $orderId]);
|
||||
$this->touchUpdatedAt($orderId);
|
||||
|
||||
return true;
|
||||
}
|
||||
@@ -370,6 +371,8 @@ class OrderRepository
|
||||
'id' => $orderId,
|
||||
]);
|
||||
|
||||
$this->touchUpdatedAt($orderId);
|
||||
|
||||
return true;
|
||||
}
|
||||
|
||||
@@ -688,6 +691,7 @@ class OrderRepository
|
||||
'coupon_id' => $coupon ? $coupon->id : null,
|
||||
'message' => $basket_message ? $basket_message : null,
|
||||
'apilo_order_status_date' => date('Y-m-d H:i:s'),
|
||||
'updated_at' => $order_date,
|
||||
]);
|
||||
|
||||
$order_id = $this->db->id();
|
||||
@@ -832,16 +836,22 @@ class OrderRepository
|
||||
public function setAsPaid(int $orderId): void
|
||||
{
|
||||
$this->db->update('pp_shop_orders', ['paid' => 1], ['id' => $orderId]);
|
||||
$this->touchUpdatedAt($orderId);
|
||||
}
|
||||
|
||||
public function setAsUnpaid(int $orderId): void
|
||||
{
|
||||
$this->db->update('pp_shop_orders', ['paid' => 0], ['id' => $orderId]);
|
||||
$this->touchUpdatedAt($orderId);
|
||||
}
|
||||
|
||||
public function updateOrderStatus(int $orderId, int $status): bool
|
||||
{
|
||||
return (bool)$this->db->update('pp_shop_orders', ['status' => $status], ['id' => $orderId]);
|
||||
$result = (bool)$this->db->update('pp_shop_orders', ['status' => $status], ['id' => $orderId]);
|
||||
if ($result) {
|
||||
$this->touchUpdatedAt($orderId);
|
||||
}
|
||||
return $result;
|
||||
}
|
||||
|
||||
public function insertStatusHistory(int $orderId, int $statusId, int $mail): void
|
||||
@@ -858,6 +868,145 @@ class OrderRepository
|
||||
$this->db->update('pp_shop_orders', ['apilo_order_status_date' => $date], ['id' => $orderId]);
|
||||
}
|
||||
|
||||
// =========================================================================
|
||||
// API methods (for ordersPRO)
|
||||
// =========================================================================
|
||||
|
||||
public function listForApi(array $filters, int $page = 1, int $perPage = 50): array
|
||||
{
|
||||
$page = max(1, $page);
|
||||
$perPage = min(self::MAX_PER_PAGE, max(1, $perPage));
|
||||
$offset = ($page - 1) * $perPage;
|
||||
|
||||
$where = [];
|
||||
$params = [];
|
||||
|
||||
$status = trim((string)($filters['status'] ?? ''));
|
||||
if ($status !== '' && is_numeric($status)) {
|
||||
$where[] = 'o.status = :status';
|
||||
$params[':status'] = (int)$status;
|
||||
}
|
||||
|
||||
$paid = trim((string)($filters['paid'] ?? ''));
|
||||
if ($paid !== '' && is_numeric($paid)) {
|
||||
$where[] = 'o.paid = :paid';
|
||||
$params[':paid'] = (int)$paid;
|
||||
}
|
||||
|
||||
$dateFrom = $this->normalizeDateFilter($filters['date_from'] ?? '');
|
||||
if ($dateFrom !== null) {
|
||||
$where[] = 'o.date_order >= :date_from';
|
||||
$params[':date_from'] = $dateFrom . ' 00:00:00';
|
||||
}
|
||||
|
||||
$dateTo = $this->normalizeDateFilter($filters['date_to'] ?? '');
|
||||
if ($dateTo !== null) {
|
||||
$where[] = 'o.date_order <= :date_to';
|
||||
$params[':date_to'] = $dateTo . ' 23:59:59';
|
||||
}
|
||||
|
||||
$updatedSince = trim((string)($filters['updated_since'] ?? ''));
|
||||
if ($updatedSince !== '' && preg_match('/^\d{4}-\d{2}-\d{2}[ T]\d{2}:\d{2}:\d{2}$/', $updatedSince)) {
|
||||
$where[] = 'o.updated_at >= :updated_since';
|
||||
$params[':updated_since'] = $updatedSince;
|
||||
}
|
||||
|
||||
$number = $this->normalizeTextFilter($filters['number'] ?? '');
|
||||
if ($number !== '') {
|
||||
$where[] = 'o.number LIKE :number';
|
||||
$params[':number'] = '%' . $number . '%';
|
||||
}
|
||||
|
||||
$client = $this->normalizeTextFilter($filters['client'] ?? '');
|
||||
if ($client !== '') {
|
||||
$where[] = "(o.client_name LIKE :client OR o.client_surname LIKE :client2 OR o.client_email LIKE :client3)";
|
||||
$params[':client'] = '%' . $client . '%';
|
||||
$params[':client2'] = '%' . $client . '%';
|
||||
$params[':client3'] = '%' . $client . '%';
|
||||
}
|
||||
|
||||
$whereSql = '';
|
||||
if (!empty($where)) {
|
||||
$whereSql = ' WHERE ' . implode(' AND ', $where);
|
||||
}
|
||||
|
||||
$sqlCount = 'SELECT COUNT(0) FROM pp_shop_orders AS o' . $whereSql;
|
||||
$stmtCount = $this->db->query($sqlCount, $params);
|
||||
$countRows = $stmtCount ? $stmtCount->fetchAll() : [];
|
||||
$total = 0;
|
||||
if (is_array($countRows) && isset($countRows[0]) && is_array($countRows[0])) {
|
||||
$firstValue = reset($countRows[0]);
|
||||
$total = $firstValue !== false ? (int)$firstValue : 0;
|
||||
}
|
||||
|
||||
$sql = 'SELECT o.id, o.number, o.date_order, o.updated_at, o.status, o.paid,'
|
||||
. ' o.client_name, o.client_surname, o.client_email, o.client_phone,'
|
||||
. ' o.client_street, o.client_postal_code, o.client_city,'
|
||||
. ' o.firm_name, o.firm_nip,'
|
||||
. ' o.transport, o.transport_cost, o.payment_method, o.summary'
|
||||
. ' FROM pp_shop_orders AS o'
|
||||
. $whereSql
|
||||
. ' ORDER BY o.updated_at DESC, o.id DESC'
|
||||
. ' LIMIT ' . $perPage . ' OFFSET ' . $offset;
|
||||
|
||||
$stmt = $this->db->query($sql, $params);
|
||||
$items = ($stmt) ? $stmt->fetchAll() : [];
|
||||
if (!is_array($items)) {
|
||||
$items = [];
|
||||
}
|
||||
|
||||
foreach ($items as &$item) {
|
||||
$item['id'] = (int)($item['id'] ?? 0);
|
||||
$item['status'] = (int)($item['status'] ?? 0);
|
||||
$item['paid'] = (int)($item['paid'] ?? 0);
|
||||
$item['summary'] = (float)($item['summary'] ?? 0);
|
||||
$item['transport_cost'] = (float)($item['transport_cost'] ?? 0);
|
||||
}
|
||||
unset($item);
|
||||
|
||||
return [
|
||||
'items' => $items,
|
||||
'total' => $total,
|
||||
'page' => $page,
|
||||
'per_page' => $perPage,
|
||||
];
|
||||
}
|
||||
|
||||
public function findForApi(int $orderId): ?array
|
||||
{
|
||||
if ($orderId <= 0) {
|
||||
return null;
|
||||
}
|
||||
|
||||
$order = $this->db->get('pp_shop_orders', '*', ['id' => $orderId]);
|
||||
if (!is_array($order)) {
|
||||
return null;
|
||||
}
|
||||
|
||||
$order['id'] = (int)($order['id'] ?? 0);
|
||||
$order['status'] = (int)($order['status'] ?? 0);
|
||||
$order['paid'] = (int)($order['paid'] ?? 0);
|
||||
$order['summary'] = (float)($order['summary'] ?? 0);
|
||||
$order['transport_cost'] = (float)($order['transport_cost'] ?? 0);
|
||||
$order['products'] = $this->orderProducts($orderId);
|
||||
$order['statuses'] = $this->orderStatusHistory($orderId);
|
||||
|
||||
return $order;
|
||||
}
|
||||
|
||||
public function touchUpdatedAt(int $orderId): void
|
||||
{
|
||||
if ($orderId <= 0) {
|
||||
return;
|
||||
}
|
||||
|
||||
$this->db->update('pp_shop_orders', [
|
||||
'updated_at' => date('Y-m-d H:i:s'),
|
||||
], [
|
||||
'id' => $orderId,
|
||||
]);
|
||||
}
|
||||
|
||||
private function nullableString(string $value): ?string
|
||||
{
|
||||
$value = trim($value);
|
||||
|
||||
Reference in New Issue
Block a user