gitea_admin/erp_naurua
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Move app into module structure

Browse Source
This commit is contained in:
Mathias Gläser
2026-06-15 10:11:05 +02:00
parent 63a1e79147
commit 6fc7ba6a0b
14 changed files with 3154 additions and 3130 deletions
Download Patch File Download Diff File Expand all files Collapse all files
modules/erp/direktverkauf/api/otc-order.php
+649
View File
@@ -0,0 +1,649 @@
<?php
declare(strict_types=1);
require_once __DIR__ . '/../../../shared/db.php';
require_once __DIR__ . '/../../../shared/webhook_throttle.php';
header('Content-Type: application/json; charset=utf-8');
function derive_excel_webhook_url(array $localEnv): string
{
$explicit = env_value('N8N_EXCEL_WEBHOOK_URL', $localEnv);
if ($explicit !== '') {
return $explicit;
}
$legacy = env_value('N8N_OUTBOUND_URL_ADRESSE', $localEnv);
if ($legacy !== '' && str_contains(strtolower($legacy), 'excel_befuellen')) {
return $legacy;
}
$base = env_value('N8N_BASE_URL', $localEnv);
if ($base === '') {
return '';
}
$root = preg_replace('#/api/v1/?$#', '', rtrim($base, '/'));
if (!is_string($root) || $root === '') {
return '';
}
return $root . '/webhook/excel_befuellen';
}
function post_json(string $url, array $payload, array $headers = [], int $timeoutSeconds = 15): array
{
$body = json_encode($payload, JSON_UNESCAPED_UNICODE | JSON_UNESCAPED_SLASHES);
if ($body === false) {
return ['ok' => false, 'status' => 0, 'body' => '', 'error' => 'Could not encode payload'];
}
$headerLines = ['Content-Type: application/json'];
foreach ($headers as $name => $value) {
if ($name === '' || $value === '') {
continue;
}
$headerLines[] = $name . ': ' . $value;
}
$context = stream_context_create([
'http' => [
'method' => 'POST',
'header' => implode("\r\n", $headerLines),
'content' => $body,
'timeout' => $timeoutSeconds,
'ignore_errors' => true,
],
]);
$responseBody = @file_get_contents($url, false, $context);
$responseHeaders = $http_response_header ?? [];
$status = 0;
if (isset($responseHeaders[0]) && preg_match('#HTTP/\S+\s+(\d{3})#', $responseHeaders[0], $m) === 1) {
$status = (int) $m[1];
}
if ($responseBody === false) {
$responseBody = '';
}
return [
'ok' => $status >= 200 && $status < 300,
'status' => $status,
'body' => substr($responseBody, 0, 500),
'error' => ($status === 0) ? 'Request failed or timed out' : '',
];
}
function trigger_excel_webhook(string $externalRef, array $localEnv): array
{
$url = derive_excel_webhook_url($localEnv);
if ($url === '') {
return [
'enabled' => false,
'ok' => false,
'message' => 'Excel webhook URL not configured',
];
}
$headers = [];
$secret = env_value('N8N_WEBHOOK_SECRET', $localEnv);
if ($secret !== '') {
$headers['X-Webhook-Secret'] = $secret;
$headers['X-N8N-Secret'] = $secret;
$headers['X-API-Key'] = $secret;
$headers['Authorization'] = 'Bearer ' . $secret;
}
throttle_webhook_channel('excel', 10);
$result = post_json($url, ['Bestellnummer' => $externalRef], $headers, 20);
return [
'enabled' => true,
'ok' => $result['ok'],
'status' => $result['status'],
'url' => $url,
'message' => $result['ok'] ? 'Excel webhook triggered' : ($result['error'] !== '' ? $result['error'] : 'Excel webhook returned non-2xx'),
'responseBody' => $result['body'],
];
}
function normalize_match_key(string $value): string
{
$value = trim(mb_strtolower($value, 'UTF-8'));
if ($value === '') {
return '';
}
if (function_exists('iconv')) {
$transliterated = iconv('UTF-8', 'ASCII//TRANSLIT//IGNORE', $value);
if ($transliterated !== false) {
$value = $transliterated;
}
}
$value = preg_replace('/[^a-z0-9]+/', ' ', $value) ?? '';
return trim($value);
}
function detect_product_family_key(string $normalizedName): ?string
{
if (str_contains($normalizedName, 'lion') && str_contains($normalizedName, 'mane')) {
return 'lionsmane';
}
if (str_contains($normalizedName, 'chaga')) {
return 'chaga';
}
if (str_contains($normalizedName, 'reishi')) {
return 'reishi';
}
if (str_contains($normalizedName, 'shiitake')) {
return 'shiitake';
}
return null;
}
function resolve_otc_product(PDO $pdo, string $title): array
{
$normalizedTitle = normalize_match_key($title);
$familyKey = detect_product_family_key($normalizedTitle);
if ($familyKey === null) {
throw new RuntimeException("Kein Produkt-Matching fuer '{$title}' gefunden");
}
$stmt = $pdo->query(
"SELECT id, sku, name
FROM product
WHERE status = 'active'
ORDER BY id"
);
foreach ($stmt->fetchAll() as $product) {
$productName = (string) ($product['name'] ?? '');
$productKey = detect_product_family_key(normalize_match_key($productName));
if ($productKey === $familyKey) {
return [
'id' => (int) $product['id'],
'sku' => (string) $product['sku'],
'name' => $productName,
];
}
}
throw new RuntimeException("Kein aktives ERP-Produkt fuer '{$title}' gefunden");
}
function resolve_otc_sellable_item(PDO $pdo, int $productId): array
{
$stmt = $pdo->prepare(
"SELECT
si.id,
si.display_name,
eia.external_article_number
FROM sellable_item si
JOIN sellable_item_component sic ON sic.sellable_item_id = si.id
LEFT JOIN external_item_alias eia
ON eia.sellable_item_id = si.id
AND eia.source_system = 'wix'
AND eia.is_active = TRUE
WHERE si.status = 'active'
AND sic.product_id = :product_id
AND sic.qty_per_item = 1
AND NOT EXISTS (
SELECT 1
FROM sellable_item_component sic_other
WHERE sic_other.sellable_item_id = si.id
AND sic_other.id <> sic.id
)
ORDER BY
CASE WHEN eia.external_article_number IS NULL OR eia.external_article_number = '' THEN 1 ELSE 0 END,
eia.external_article_number,
si.id
LIMIT 1"
);
$stmt->execute([':product_id' => $productId]);
$row = $stmt->fetch();
if ($row === false) {
throw new RuntimeException("Kein Einzelartikel fuer Produkt-ID {$productId} gefunden");
}
return [
'id' => (int) $row['id'],
'display_name' => (string) $row['display_name'],
'article_number' => trim((string) ($row['external_article_number'] ?? '')),
];
}
function get_default_location_ids(PDO $pdo): array
{
$row = $pdo->query(
"SELECT
(SELECT id FROM location WHERE type = 'storage' ORDER BY id LIMIT 1) AS storage_id,
(SELECT id FROM location WHERE type = 'dispatch' ORDER BY id LIMIT 1) AS dispatch_id"
)->fetch();
if (!is_array($row) || $row['storage_id'] === null || $row['dispatch_id'] === null) {
throw new RuntimeException('Erforderliche Lagerorte fehlen');
}
return [
'storage' => (int) $row['storage_id'],
'dispatch' => (int) $row['dispatch_id'],
];
}
function get_item_components(PDO $pdo, int $sellableItemId): array
{
$stmt = $pdo->prepare(
'SELECT product_id, qty_per_item
FROM sellable_item_component
WHERE sellable_item_id = :sellable_item_id
ORDER BY id'
);
$stmt->execute([':sellable_item_id' => $sellableItemId]);
return $stmt->fetchAll();
}
function get_current_lot_balance_for_update(PDO $pdo, int $productId): array
{
$stmt = $pdo->prepare(
"SELECT
sl.id AS lot_id,
COALESCE((
SELECT v.qty_net
FROM v_stock_lot_balance v
WHERE v.stock_lot_id = sl.id
), 0) AS qty_net
FROM stock_lot sl
WHERE sl.product_id = :product_id
AND sl.status = 'current'
LIMIT 1
FOR UPDATE"
);
$stmt->execute([':product_id' => $productId]);
$row = $stmt->fetch();
if ($row === false) {
throw new RuntimeException("Keine aktuelle Charge fuer Produkt {$productId} vorhanden");
}
return [
'lot_id' => (int) $row['lot_id'],
'qty_net' => (float) $row['qty_net'],
];
}
function insert_stock_move_out(
PDO $pdo,
int $productId,
int $lotId,
float $qty,
int $fromLocationId,
int $toLocationId,
string $note
): int {
$stmt = $pdo->prepare(
"INSERT INTO stock_move (
product_id, lot_id, from_location_id, to_location_id, qty, move_type, move_date, note, created_at, updated_at
) VALUES (
:product_id, :lot_id, :from_location_id, :to_location_id, :qty, 'out', NOW(), :note, NOW(), NOW()
)
RETURNING id"
);
$stmt->execute([
':product_id' => $productId,
':lot_id' => $lotId,
':from_location_id' => $fromLocationId,
':to_location_id' => $toLocationId,
':qty' => $qty,
':note' => $note,
]);
$id = $stmt->fetchColumn();
if ($id === false) {
throw new RuntimeException('Konnte Lagerabgang nicht schreiben');
}
return (int) $id;
}
function switch_current_lot(PDO $pdo, int $productId, int $oldCurrentLotId, int $storageLocationId): int
{
$closeStmt = $pdo->prepare(
"UPDATE stock_lot
SET status = 'closed', updated_at = NOW()
WHERE id = :id"
);
$closeStmt->execute([':id' => $oldCurrentLotId]);
$openStmt = $pdo->prepare(
"SELECT id
FROM stock_lot
WHERE product_id = :product_id
AND status = 'open'
ORDER BY id
LIMIT 1
FOR UPDATE"
);
$openStmt->execute([':product_id' => $productId]);
$newCurrentLotId = $openStmt->fetchColumn();
if ($newCurrentLotId === false) {
throw new RuntimeException("Keine offene Platzhalter-Charge fuer Produkt {$productId} vorhanden");
}
$promoteStmt = $pdo->prepare(
"UPDATE stock_lot
SET status = 'current',
updated_at = NOW()
WHERE id = :id"
);
$promoteStmt->execute([':id' => (int) $newCurrentLotId]);
$createOpenStmt = $pdo->prepare(
"INSERT INTO stock_lot (product_id, status, created_at, updated_at)
VALUES (:product_id, 'open', NOW(), NOW())
RETURNING id"
);
$createOpenStmt->execute([':product_id' => $productId]);
$createdOpenLotId = $createOpenStmt->fetchColumn();
if ($createdOpenLotId === false) {
throw new RuntimeException("Konnte keine neue offene Platzhalter-Charge fuer Produkt {$productId} anlegen");
}
return (int) $newCurrentLotId;
}
function allocate_components_for_line(
PDO $pdo,
int $orderId,
int $lineId,
int $lineNo,
array $components,
float $lineQty,
array $locations
): array {
if ($components === []) {
throw new RuntimeException("Keine Komponenten fuer Verkaufsposition {$lineNo} gefunden");
}
$allocationInsert = $pdo->prepare(
"INSERT INTO sales_order_line_lot_allocation (
sales_order_line_id, product_id, lot_id, qty, allocation_status, stock_move_id, created_at, updated_at
) VALUES (
:sales_order_line_id, :product_id, :lot_id, :qty, 'allocated', :stock_move_id, NOW(), NOW()
)"
);
foreach ($components as $component) {
$productId = (int) $component['product_id'];
$remaining = $lineQty * (float) $component['qty_per_item'];
$guard = 0;
while ($remaining > 0.0000001) {
$guard++;
if ($guard > 100) {
throw new RuntimeException("Allokationsschutz ausgelost fuer Produkt {$productId}");
}
$current = get_current_lot_balance_for_update($pdo, $productId);
$lotId = $current['lot_id'];
$available = $current['qty_net'];
if ($available <= 0.0000001) {
$lotId = switch_current_lot($pdo, $productId, $lotId, (int) $locations['storage']);
$current = get_current_lot_balance_for_update($pdo, $productId);
$available = $current['qty_net'];
$lotId = $current['lot_id'];
}
if ($available <= 0.0000001) {
throw new RuntimeException("Kein verfuegbarer Bestand fuer Produkt {$productId}");
}
$take = min($remaining, $available);
$stockMoveId = insert_stock_move_out(
$pdo,
$productId,
$lotId,
$take,
(int) $locations['storage'],
(int) $locations['dispatch'],
"otc-order:order={$orderId}:line={$lineNo}:product={$productId}"
);
$allocationInsert->execute([
':sales_order_line_id' => $lineId,
':product_id' => $productId,
':lot_id' => $lotId,
':qty' => $take,
':stock_move_id' => $stockMoveId,
]);
$remaining -= $take;
}
}
return [
'allocated' => true,
];
}
if ($_SERVER['REQUEST_METHOD'] !== 'POST') {
json_response(405, ['ok' => false, 'error' => 'Method Not Allowed']);
}
$jsonInput = file_get_contents('php://input');
if ($jsonInput === false || trim($jsonInput) === '') {
json_response(400, ['ok' => false, 'error' => 'Empty payload']);
}
try {
$data = json_decode($jsonInput, true, 512, JSON_THROW_ON_ERROR);
} catch (JsonException) {
json_response(400, ['ok' => false, 'error' => 'Invalid JSON payload']);
}
if (!is_array($data)) {
json_response(400, ['ok' => false, 'error' => 'JSON object expected']);
}
$required = ['products', 'totalPrice', 'paymentMethod', 'billing'];
foreach ($required as $field) {
if (!array_key_exists($field, $data)) {
json_response(422, ['ok' => false, 'error' => "Missing field: {$field}"]);
}
}
$products = $data['products'];
$totalPrice = parse_number($data['totalPrice']);
$paymentMethodCode = trim((string) $data['paymentMethod']);
$billing = is_array($data['billing']) ? $data['billing'] : [];
if (!is_array($products) || count($products) === 0) {
json_response(422, ['ok' => false, 'error' => 'No products specified']);
}
if ($totalPrice === null || $totalPrice <= 0) {
json_response(422, ['ok' => false, 'error' => 'Invalid total price']);
}
$resolvedProducts = [];
$totalQty = 0;
foreach ($products as $product) {
if (!is_array($product) || !isset($product['qty'], $product['title'])) {
json_response(422, ['ok' => false, 'error' => 'Product missing title or qty']);
}
$qty = parse_number($product['qty']);
$title = trim((string) $product['title']);
if ($qty === null || $qty <= 0 || $title === '') {
json_response(422, ['ok' => false, 'error' => 'Invalid product quantity or title']);
}
$resolvedProducts[] = [
'qty' => (float) $qty,
'title' => $title,
];
$totalQty += (float) $qty;
}
if ($totalQty <= 0) {
json_response(422, ['ok' => false, 'error' => 'No product quantity specified']);
}
try {
$pdo = connect_database();
$pdo->beginTransaction();
$locations = get_default_location_ids($pdo);
$paymentMethodStmt = $pdo->prepare('SELECT id FROM payment_method WHERE code = :code LIMIT 1');
$paymentMethodStmt->execute([':code' => $paymentMethodCode]);
$paymentMethodId = $paymentMethodStmt->fetchColumn();
if ($paymentMethodId === false) {
throw new RuntimeException('Invalid payment method');
}
$partyName = trim(((string) ($billing['firstName'] ?? '')) . ' ' . ((string) ($billing['lastName'] ?? '')));
$partyName = $partyName === '' ? 'OTC Kunde' : $partyName;
$partyStmt = $pdo->prepare(
"INSERT INTO party (type, name, status, created_at, updated_at)
VALUES ('customer', :name, 'active', NOW(), NOW())
RETURNING id"
);
$partyStmt->execute([':name' => $partyName]);
$partyId = $partyStmt->fetchColumn();
if ($partyId === false) {
throw new RuntimeException('Could not create party');
}
$partyId = (int) $partyId;
$addressStmt = $pdo->prepare(
"INSERT INTO address (
party_id, type, first_name, last_name, street, house_number, zip, city, country_name, created_at, updated_at
) VALUES (
:party_id, 'billing', :first_name, :last_name, :street, :house_number, :zip, :city, 'Switzerland', NOW(), NOW()
)"
);
$addressStmt->execute([
':party_id' => $partyId,
':first_name' => trim((string) ($billing['firstName'] ?? '')),
':last_name' => trim((string) ($billing['lastName'] ?? '')),
':street' => trim((string) ($billing['street'] ?? '')),
':house_number' => trim((string) ($billing['houseNumber'] ?? '')),
':zip' => trim((string) ($billing['zip'] ?? '')),
':city' => trim((string) ($billing['city'] ?? '')),
]);
$orderStmt = $pdo->prepare(
"INSERT INTO sales_order (
external_ref, party_id, order_source, order_status, payment_status, payment_method_id,
amount_net, amount_shipping, amount_tax, amount_discount, total_amount, currency, imported_at, created_at, updated_at
) VALUES (
'', :party_id, 'direct', 'imported', 'paid', :payment_method_id,
:amount_net, 0, 0, 0, :total_amount, 'CHF', NOW(), NOW(), NOW()
)
RETURNING id, external_ref"
);
$orderStmt->execute([
':party_id' => $partyId,
':payment_method_id' => (int) $paymentMethodId,
':amount_net' => $totalPrice,
':total_amount' => $totalPrice,
]);
$order = $orderStmt->fetch();
if ($order === false) {
throw new RuntimeException('Could not create order');
}
$orderId = (int) $order['id'];
$externalRef = (string) $order['external_ref'];
$lineInsert = $pdo->prepare(
"INSERT INTO sales_order_line (
sales_order_id, line_no, sellable_item_id, raw_external_article_number, raw_external_title,
qty, unit_price, line_total, created_at, updated_at
) VALUES (
:sales_order_id, :line_no, :sellable_item_id, :article_number, :title,
:qty, :unit_price, :line_total, NOW(), NOW()
)
RETURNING id"
);
$remainingTotal = round((float) $totalPrice, 2);
$remainingQty = (float) $totalQty;
$lineNo = 0;
foreach ($resolvedProducts as $product) {
$lineNo++;
$qty = (float) $product['qty'];
$title = $product['title'];
$resolvedProduct = resolve_otc_product($pdo, $title);
$resolvedSellable = resolve_otc_sellable_item($pdo, (int) $resolvedProduct['id']);
if ($lineNo === count($resolvedProducts)) {
$unitPrice = round($remainingTotal / $qty, 4);
$lineTotal = $remainingTotal;
} else {
$unitPrice = round((float) $totalPrice / (float) $totalQty, 4);
$lineTotal = round($qty * $unitPrice, 2);
$remainingTotal = round($remainingTotal - $lineTotal, 2);
$remainingQty -= $qty;
}
$lineInsert->execute([
':sales_order_id' => $orderId,
':line_no' => $lineNo,
':sellable_item_id' => (int) $resolvedSellable['id'],
':article_number' => $resolvedSellable['article_number'],
':title' => $resolvedSellable['display_name'],
':qty' => $qty,
':unit_price' => $unitPrice,
':line_total' => $lineTotal,
]);
$lineId = $lineInsert->fetchColumn();
if ($lineId === false) {
throw new RuntimeException("Could not create line {$lineNo}");
}
$components = get_item_components($pdo, (int) $resolvedSellable['id']);
allocate_components_for_line(
$pdo,
$orderId,
(int) $lineId,
$lineNo,
$components,
$qty,
$locations
);
}
$pdo->commit();
$env = expand_env_values(parse_env_file(__DIR__ . '/../../.env'));
$excelTrigger = trigger_excel_webhook($externalRef, $env);
json_response(201, [
'ok' => true,
'orderId' => $orderId,
'externalRef' => $externalRef,
'partyId' => $partyId,
'excelTrigger' => $excelTrigger,
'message' => 'OTC order created successfully',
]);
} catch (Throwable $e) {
if (isset($pdo) && $pdo instanceof PDO && $pdo->inTransaction()) {
$pdo->rollBack();
}
json_response(500, [
'ok' => false,
'error' => 'Internal server error: ' . $e->getMessage(),
]);
}