chore(back-end and front-end): refractor and improvements calculator
This commit is contained in:
@@ -1,146 +1,62 @@
|
||||
package com.printcalculator.controller;
|
||||
|
||||
import com.printcalculator.dto.*;
|
||||
import com.printcalculator.entity.*;
|
||||
import com.printcalculator.repository.*;
|
||||
import com.printcalculator.service.payment.InvoicePdfRenderingService;
|
||||
import com.printcalculator.service.OrderService;
|
||||
import com.printcalculator.service.payment.PaymentService;
|
||||
import com.printcalculator.service.payment.QrBillService;
|
||||
import com.printcalculator.service.storage.StorageService;
|
||||
import com.printcalculator.service.payment.TwintPaymentService;
|
||||
import com.printcalculator.dto.CreateOrderRequest;
|
||||
import com.printcalculator.dto.OrderDto;
|
||||
import com.printcalculator.service.order.OrderControllerService;
|
||||
import jakarta.validation.Valid;
|
||||
import org.springframework.http.MediaType;
|
||||
import org.springframework.http.ResponseEntity;
|
||||
import org.springframework.util.StringUtils;
|
||||
import org.springframework.transaction.annotation.Transactional;
|
||||
import org.springframework.web.bind.annotation.*;
|
||||
import org.springframework.web.bind.annotation.GetMapping;
|
||||
import org.springframework.web.bind.annotation.PathVariable;
|
||||
import org.springframework.web.bind.annotation.PostMapping;
|
||||
import org.springframework.web.bind.annotation.RequestBody;
|
||||
import org.springframework.web.bind.annotation.RequestMapping;
|
||||
import org.springframework.web.bind.annotation.RequestParam;
|
||||
import org.springframework.web.bind.annotation.RestController;
|
||||
import org.springframework.web.multipart.MultipartFile;
|
||||
import jakarta.validation.Valid;
|
||||
|
||||
import java.io.IOException;
|
||||
|
||||
import java.nio.file.InvalidPathException;
|
||||
import java.nio.file.Path;
|
||||
|
||||
import java.util.List;
|
||||
import java.util.UUID;
|
||||
import java.util.Map;
|
||||
import java.util.HashMap;
|
||||
import java.util.Base64;
|
||||
import java.util.Set;
|
||||
import java.util.stream.Collectors;
|
||||
import java.net.URI;
|
||||
import java.util.Locale;
|
||||
import java.util.regex.Pattern;
|
||||
import java.util.UUID;
|
||||
|
||||
@RestController
|
||||
@RequestMapping("/api/orders")
|
||||
public class OrderController {
|
||||
private static final Pattern SAFE_EXTENSION_PATTERN = Pattern.compile("^[a-z0-9]{1,10}$");
|
||||
private static final Set<String> PERSONAL_DATA_REDACTED_STATUSES = Set.of(
|
||||
"IN_PRODUCTION",
|
||||
"SHIPPED",
|
||||
"COMPLETED"
|
||||
);
|
||||
|
||||
private final OrderService orderService;
|
||||
private final OrderRepository orderRepo;
|
||||
private final OrderItemRepository orderItemRepo;
|
||||
private final QuoteSessionRepository quoteSessionRepo;
|
||||
private final QuoteLineItemRepository quoteLineItemRepo;
|
||||
private final CustomerRepository customerRepo;
|
||||
private final StorageService storageService;
|
||||
private final InvoicePdfRenderingService invoiceService;
|
||||
private final QrBillService qrBillService;
|
||||
private final TwintPaymentService twintPaymentService;
|
||||
private final PaymentService paymentService;
|
||||
private final PaymentRepository paymentRepo;
|
||||
private final OrderControllerService orderControllerService;
|
||||
|
||||
|
||||
public OrderController(OrderService orderService,
|
||||
OrderRepository orderRepo,
|
||||
OrderItemRepository orderItemRepo,
|
||||
QuoteSessionRepository quoteSessionRepo,
|
||||
QuoteLineItemRepository quoteLineItemRepo,
|
||||
CustomerRepository customerRepo,
|
||||
StorageService storageService,
|
||||
InvoicePdfRenderingService invoiceService,
|
||||
QrBillService qrBillService,
|
||||
TwintPaymentService twintPaymentService,
|
||||
PaymentService paymentService,
|
||||
PaymentRepository paymentRepo) {
|
||||
this.orderService = orderService;
|
||||
this.orderRepo = orderRepo;
|
||||
this.orderItemRepo = orderItemRepo;
|
||||
this.quoteSessionRepo = quoteSessionRepo;
|
||||
this.quoteLineItemRepo = quoteLineItemRepo;
|
||||
this.customerRepo = customerRepo;
|
||||
this.storageService = storageService;
|
||||
this.invoiceService = invoiceService;
|
||||
this.qrBillService = qrBillService;
|
||||
this.twintPaymentService = twintPaymentService;
|
||||
this.paymentService = paymentService;
|
||||
this.paymentRepo = paymentRepo;
|
||||
public OrderController(OrderControllerService orderControllerService) {
|
||||
this.orderControllerService = orderControllerService;
|
||||
}
|
||||
|
||||
|
||||
// 1. Create Order from Quote
|
||||
@PostMapping("/from-quote/{quoteSessionId}")
|
||||
@Transactional
|
||||
public ResponseEntity<OrderDto> createOrderFromQuote(
|
||||
@PathVariable UUID quoteSessionId,
|
||||
@Valid @RequestBody com.printcalculator.dto.CreateOrderRequest request
|
||||
@Valid @RequestBody CreateOrderRequest request
|
||||
) {
|
||||
Order order = orderService.createOrderFromQuote(quoteSessionId, request);
|
||||
List<OrderItem> items = orderItemRepo.findByOrder_Id(order.getId());
|
||||
return ResponseEntity.ok(convertToDto(order, items));
|
||||
return ResponseEntity.ok(orderControllerService.createOrderFromQuote(quoteSessionId, request));
|
||||
}
|
||||
|
||||
|
||||
@PostMapping(value = "/{orderId}/items/{orderItemId}/file", consumes = MediaType.MULTIPART_FORM_DATA_VALUE)
|
||||
@Transactional
|
||||
public ResponseEntity<Void> uploadOrderItemFile(
|
||||
@PathVariable UUID orderId,
|
||||
@PathVariable UUID orderItemId,
|
||||
@RequestParam("file") MultipartFile file
|
||||
@PathVariable UUID orderId,
|
||||
@PathVariable UUID orderItemId,
|
||||
@RequestParam("file") MultipartFile file
|
||||
) throws IOException {
|
||||
|
||||
OrderItem item = orderItemRepo.findById(orderItemId)
|
||||
.orElseThrow(() -> new RuntimeException("OrderItem not found"));
|
||||
|
||||
if (!item.getOrder().getId().equals(orderId)) {
|
||||
boolean uploaded = orderControllerService.uploadOrderItemFile(orderId, orderItemId, file);
|
||||
if (!uploaded) {
|
||||
return ResponseEntity.badRequest().build();
|
||||
}
|
||||
|
||||
String relativePath = item.getStoredRelativePath();
|
||||
Path destinationRelativePath;
|
||||
if (relativePath == null || relativePath.equals("PENDING")) {
|
||||
String ext = getExtension(file.getOriginalFilename());
|
||||
String storedFilename = UUID.randomUUID() + "." + ext;
|
||||
destinationRelativePath = Path.of("orders", orderId.toString(), "3d-files", orderItemId.toString(), storedFilename);
|
||||
item.setStoredRelativePath(destinationRelativePath.toString());
|
||||
item.setStoredFilename(storedFilename);
|
||||
} else {
|
||||
destinationRelativePath = resolveOrderItemRelativePath(relativePath, orderId, orderItemId);
|
||||
if (destinationRelativePath == null) {
|
||||
return ResponseEntity.badRequest().build();
|
||||
}
|
||||
}
|
||||
|
||||
storageService.store(file, destinationRelativePath);
|
||||
item.setFileSizeBytes(file.getSize());
|
||||
item.setMimeType(file.getContentType());
|
||||
orderItemRepo.save(item);
|
||||
|
||||
return ResponseEntity.ok().build();
|
||||
}
|
||||
|
||||
@GetMapping("/{orderId}")
|
||||
public ResponseEntity<OrderDto> getOrder(@PathVariable UUID orderId) {
|
||||
return orderRepo.findById(orderId)
|
||||
.map(o -> {
|
||||
List<OrderItem> items = orderItemRepo.findByOrder_Id(o.getId());
|
||||
return ResponseEntity.ok(convertToDto(o, items));
|
||||
})
|
||||
return orderControllerService.getOrder(orderId)
|
||||
.map(ResponseEntity::ok)
|
||||
.orElse(ResponseEntity.notFound().build());
|
||||
}
|
||||
|
||||
@@ -150,89 +66,29 @@ public class OrderController {
|
||||
@PathVariable UUID orderId,
|
||||
@RequestBody Map<String, String> payload
|
||||
) {
|
||||
String method = payload.get("method");
|
||||
paymentService.reportPayment(orderId, method);
|
||||
return getOrder(orderId);
|
||||
return orderControllerService.reportPayment(orderId, payload.get("method"))
|
||||
.map(ResponseEntity::ok)
|
||||
.orElse(ResponseEntity.notFound().build());
|
||||
}
|
||||
|
||||
@GetMapping("/{orderId}/confirmation")
|
||||
public ResponseEntity<byte[]> getConfirmation(@PathVariable UUID orderId) {
|
||||
return generateDocument(orderId, true);
|
||||
return orderControllerService.getConfirmation(orderId);
|
||||
}
|
||||
|
||||
@GetMapping("/{orderId}/invoice")
|
||||
public ResponseEntity<byte[]> getInvoice(@PathVariable UUID orderId) {
|
||||
// Paid invoices are sent by email after back-office payment confirmation.
|
||||
// The public endpoint must not expose a "paid" invoice download.
|
||||
return ResponseEntity.notFound().build();
|
||||
}
|
||||
|
||||
private ResponseEntity<byte[]> generateDocument(UUID orderId, boolean isConfirmation) {
|
||||
Order order = orderRepo.findById(orderId)
|
||||
.orElseThrow(() -> new RuntimeException("Order not found"));
|
||||
|
||||
if (isConfirmation) {
|
||||
Path relativePath = buildConfirmationPdfRelativePath(order);
|
||||
try {
|
||||
byte[] existingPdf = storageService.loadAsResource(relativePath).getInputStream().readAllBytes();
|
||||
return ResponseEntity.ok()
|
||||
.header("Content-Disposition", "attachment; filename=\"confirmation-" + getDisplayOrderNumber(order) + ".pdf\"")
|
||||
.contentType(MediaType.APPLICATION_PDF)
|
||||
.body(existingPdf);
|
||||
} catch (Exception ignored) {
|
||||
// Fallback to on-the-fly generation if the stored file is missing or unreadable.
|
||||
}
|
||||
}
|
||||
|
||||
List<OrderItem> items = orderItemRepo.findByOrder_Id(orderId);
|
||||
Payment payment = paymentRepo.findByOrder_Id(orderId).orElse(null);
|
||||
|
||||
byte[] pdf = invoiceService.generateDocumentPdf(order, items, isConfirmation, qrBillService, payment);
|
||||
String typePrefix = isConfirmation ? "confirmation-" : "invoice-";
|
||||
String truncatedUuid = order.getId().toString().substring(0, 8);
|
||||
return ResponseEntity.ok()
|
||||
.header("Content-Disposition", "attachment; filename=\"" + typePrefix + truncatedUuid + ".pdf\"")
|
||||
.contentType(MediaType.APPLICATION_PDF)
|
||||
.body(pdf);
|
||||
}
|
||||
|
||||
private Path buildConfirmationPdfRelativePath(Order order) {
|
||||
return Path.of(
|
||||
"orders",
|
||||
order.getId().toString(),
|
||||
"documents",
|
||||
"confirmation-" + getDisplayOrderNumber(order) + ".pdf"
|
||||
);
|
||||
}
|
||||
|
||||
@GetMapping("/{orderId}/twint")
|
||||
public ResponseEntity<Map<String, String>> getTwintPayment(@PathVariable UUID orderId) {
|
||||
Order order = orderRepo.findById(orderId).orElse(null);
|
||||
if (order == null) {
|
||||
return ResponseEntity.notFound().build();
|
||||
}
|
||||
|
||||
byte[] qrPng = twintPaymentService.generateQrPng(order, 360);
|
||||
String qrDataUri = "data:image/png;base64," + Base64.getEncoder().encodeToString(qrPng);
|
||||
|
||||
Map<String, String> data = new HashMap<>();
|
||||
data.put("paymentUrl", twintPaymentService.getTwintPaymentUrl(order));
|
||||
data.put("openUrl", "/api/orders/" + orderId + "/twint/open");
|
||||
data.put("qrImageUrl", "/api/orders/" + orderId + "/twint/qr");
|
||||
data.put("qrImageDataUri", qrDataUri);
|
||||
return ResponseEntity.ok(data);
|
||||
return orderControllerService.getTwintPayment(orderId);
|
||||
}
|
||||
|
||||
@GetMapping("/{orderId}/twint/open")
|
||||
public ResponseEntity<Void> openTwintPayment(@PathVariable UUID orderId) {
|
||||
Order order = orderRepo.findById(orderId).orElse(null);
|
||||
if (order == null) {
|
||||
return ResponseEntity.notFound().build();
|
||||
}
|
||||
|
||||
return ResponseEntity.status(302)
|
||||
.location(URI.create(twintPaymentService.getTwintPaymentUrl(order)))
|
||||
.build();
|
||||
return orderControllerService.openTwintPayment(orderId);
|
||||
}
|
||||
|
||||
@GetMapping("/{orderId}/twint/qr")
|
||||
@@ -240,150 +96,6 @@ public class OrderController {
|
||||
@PathVariable UUID orderId,
|
||||
@RequestParam(defaultValue = "320") int size
|
||||
) {
|
||||
Order order = orderRepo.findById(orderId).orElse(null);
|
||||
if (order == null) {
|
||||
return ResponseEntity.notFound().build();
|
||||
}
|
||||
|
||||
int normalizedSize = Math.max(200, Math.min(size, 600));
|
||||
byte[] png = twintPaymentService.generateQrPng(order, normalizedSize);
|
||||
|
||||
return ResponseEntity.ok()
|
||||
.contentType(MediaType.IMAGE_PNG)
|
||||
.body(png);
|
||||
return orderControllerService.getTwintQr(orderId, size);
|
||||
}
|
||||
|
||||
private String getExtension(String filename) {
|
||||
if (filename == null) return "stl";
|
||||
String cleaned = StringUtils.cleanPath(filename);
|
||||
if (cleaned.contains("..")) {
|
||||
return "stl";
|
||||
}
|
||||
int i = cleaned.lastIndexOf('.');
|
||||
if (i > 0 && i < cleaned.length() - 1) {
|
||||
String ext = cleaned.substring(i + 1).toLowerCase(Locale.ROOT);
|
||||
if (SAFE_EXTENSION_PATTERN.matcher(ext).matches()) {
|
||||
return ext;
|
||||
}
|
||||
}
|
||||
return "stl";
|
||||
}
|
||||
|
||||
private Path resolveOrderItemRelativePath(String storedRelativePath, UUID orderId, UUID orderItemId) {
|
||||
try {
|
||||
Path candidate = Path.of(storedRelativePath).normalize();
|
||||
if (candidate.isAbsolute()) {
|
||||
return null;
|
||||
}
|
||||
|
||||
Path expectedPrefix = Path.of("orders", orderId.toString(), "3d-files", orderItemId.toString());
|
||||
if (!candidate.startsWith(expectedPrefix)) {
|
||||
return null;
|
||||
}
|
||||
|
||||
return candidate;
|
||||
} catch (InvalidPathException e) {
|
||||
return null;
|
||||
}
|
||||
}
|
||||
|
||||
private OrderDto convertToDto(Order order, List<OrderItem> items) {
|
||||
OrderDto dto = new OrderDto();
|
||||
dto.setId(order.getId());
|
||||
dto.setOrderNumber(getDisplayOrderNumber(order));
|
||||
dto.setStatus(order.getStatus());
|
||||
|
||||
paymentRepo.findByOrder_Id(order.getId()).ifPresent(p -> {
|
||||
dto.setPaymentStatus(p.getStatus());
|
||||
dto.setPaymentMethod(p.getMethod());
|
||||
});
|
||||
|
||||
boolean redactPersonalData = shouldRedactPersonalData(order.getStatus());
|
||||
if (!redactPersonalData) {
|
||||
dto.setCustomerEmail(order.getCustomerEmail());
|
||||
dto.setCustomerPhone(order.getCustomerPhone());
|
||||
dto.setBillingCustomerType(order.getBillingCustomerType());
|
||||
}
|
||||
dto.setPreferredLanguage(order.getPreferredLanguage());
|
||||
dto.setCurrency(order.getCurrency());
|
||||
dto.setSetupCostChf(order.getSetupCostChf());
|
||||
dto.setShippingCostChf(order.getShippingCostChf());
|
||||
dto.setDiscountChf(order.getDiscountChf());
|
||||
dto.setSubtotalChf(order.getSubtotalChf());
|
||||
dto.setIsCadOrder(order.getIsCadOrder());
|
||||
dto.setSourceRequestId(order.getSourceRequestId());
|
||||
dto.setCadHours(order.getCadHours());
|
||||
dto.setCadHourlyRateChf(order.getCadHourlyRateChf());
|
||||
dto.setCadTotalChf(order.getCadTotalChf());
|
||||
dto.setTotalChf(order.getTotalChf());
|
||||
dto.setCreatedAt(order.getCreatedAt());
|
||||
dto.setShippingSameAsBilling(order.getShippingSameAsBilling());
|
||||
|
||||
if (!redactPersonalData) {
|
||||
AddressDto billing = new AddressDto();
|
||||
billing.setFirstName(order.getBillingFirstName());
|
||||
billing.setLastName(order.getBillingLastName());
|
||||
billing.setCompanyName(order.getBillingCompanyName());
|
||||
billing.setContactPerson(order.getBillingContactPerson());
|
||||
billing.setAddressLine1(order.getBillingAddressLine1());
|
||||
billing.setAddressLine2(order.getBillingAddressLine2());
|
||||
billing.setZip(order.getBillingZip());
|
||||
billing.setCity(order.getBillingCity());
|
||||
billing.setCountryCode(order.getBillingCountryCode());
|
||||
dto.setBillingAddress(billing);
|
||||
|
||||
if (!order.getShippingSameAsBilling()) {
|
||||
AddressDto shipping = new AddressDto();
|
||||
shipping.setFirstName(order.getShippingFirstName());
|
||||
shipping.setLastName(order.getShippingLastName());
|
||||
shipping.setCompanyName(order.getShippingCompanyName());
|
||||
shipping.setContactPerson(order.getShippingContactPerson());
|
||||
shipping.setAddressLine1(order.getShippingAddressLine1());
|
||||
shipping.setAddressLine2(order.getShippingAddressLine2());
|
||||
shipping.setZip(order.getShippingZip());
|
||||
shipping.setCity(order.getShippingCity());
|
||||
shipping.setCountryCode(order.getShippingCountryCode());
|
||||
dto.setShippingAddress(shipping);
|
||||
}
|
||||
}
|
||||
|
||||
List<OrderItemDto> itemDtos = items.stream().map(i -> {
|
||||
OrderItemDto idto = new OrderItemDto();
|
||||
idto.setId(i.getId());
|
||||
idto.setOriginalFilename(i.getOriginalFilename());
|
||||
idto.setMaterialCode(i.getMaterialCode());
|
||||
idto.setColorCode(i.getColorCode());
|
||||
idto.setQuality(i.getQuality());
|
||||
idto.setNozzleDiameterMm(i.getNozzleDiameterMm());
|
||||
idto.setLayerHeightMm(i.getLayerHeightMm());
|
||||
idto.setInfillPercent(i.getInfillPercent());
|
||||
idto.setInfillPattern(i.getInfillPattern());
|
||||
idto.setSupportsEnabled(i.getSupportsEnabled());
|
||||
idto.setQuantity(i.getQuantity());
|
||||
idto.setPrintTimeSeconds(i.getPrintTimeSeconds());
|
||||
idto.setMaterialGrams(i.getMaterialGrams());
|
||||
idto.setUnitPriceChf(i.getUnitPriceChf());
|
||||
idto.setLineTotalChf(i.getLineTotalChf());
|
||||
return idto;
|
||||
}).collect(Collectors.toList());
|
||||
dto.setItems(itemDtos);
|
||||
|
||||
return dto;
|
||||
}
|
||||
|
||||
private boolean shouldRedactPersonalData(String status) {
|
||||
if (status == null || status.isBlank()) {
|
||||
return false;
|
||||
}
|
||||
return PERSONAL_DATA_REDACTED_STATUSES.contains(status.trim().toUpperCase(Locale.ROOT));
|
||||
}
|
||||
|
||||
private String getDisplayOrderNumber(Order order) {
|
||||
String orderNumber = order.getOrderNumber();
|
||||
if (orderNumber != null && !orderNumber.isBlank()) {
|
||||
return orderNumber;
|
||||
}
|
||||
return order.getId() != null ? order.getId().toString() : "unknown";
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
@@ -1,25 +1,9 @@
|
||||
package com.printcalculator.controller.admin;
|
||||
|
||||
import com.printcalculator.dto.AddressDto;
|
||||
import com.printcalculator.dto.AdminOrderStatusUpdateRequest;
|
||||
import com.printcalculator.dto.OrderDto;
|
||||
import com.printcalculator.dto.OrderItemDto;
|
||||
import com.printcalculator.entity.*;
|
||||
import com.printcalculator.event.OrderShippedEvent;
|
||||
import com.printcalculator.repository.OrderItemRepository;
|
||||
import com.printcalculator.repository.OrderRepository;
|
||||
import com.printcalculator.repository.PaymentRepository;
|
||||
import com.printcalculator.repository.QuoteLineItemRepository;
|
||||
import com.printcalculator.service.payment.InvoicePdfRenderingService;
|
||||
import com.printcalculator.service.payment.PaymentService;
|
||||
import com.printcalculator.service.payment.QrBillService;
|
||||
import com.printcalculator.service.storage.StorageService;
|
||||
import org.springframework.context.ApplicationEventPublisher;
|
||||
import com.printcalculator.service.order.AdminOrderControllerService;
|
||||
import org.springframework.core.io.Resource;
|
||||
import org.springframework.core.io.UrlResource;
|
||||
import org.springframework.http.ContentDisposition;
|
||||
import org.springframework.http.HttpHeaders;
|
||||
import org.springframework.http.MediaType;
|
||||
import org.springframework.http.ResponseEntity;
|
||||
import org.springframework.transaction.annotation.Transactional;
|
||||
import org.springframework.web.bind.annotation.GetMapping;
|
||||
@@ -28,80 +12,30 @@ import org.springframework.web.bind.annotation.PostMapping;
|
||||
import org.springframework.web.bind.annotation.RequestBody;
|
||||
import org.springframework.web.bind.annotation.RequestMapping;
|
||||
import org.springframework.web.bind.annotation.RestController;
|
||||
import org.springframework.web.server.ResponseStatusException;
|
||||
|
||||
import java.nio.charset.StandardCharsets;
|
||||
import java.nio.file.Files;
|
||||
import java.nio.file.InvalidPathException;
|
||||
import java.nio.file.Path;
|
||||
import java.nio.file.Paths;
|
||||
import java.util.Comparator;
|
||||
import java.util.List;
|
||||
import java.util.Locale;
|
||||
import java.util.Map;
|
||||
import java.util.UUID;
|
||||
|
||||
import static org.springframework.http.HttpStatus.BAD_REQUEST;
|
||||
import static org.springframework.http.HttpStatus.NOT_FOUND;
|
||||
|
||||
@RestController
|
||||
@RequestMapping("/api/admin/orders")
|
||||
@Transactional(readOnly = true)
|
||||
public class AdminOrderController {
|
||||
private static final Path QUOTE_STORAGE_ROOT = Paths.get("storage_quotes").toAbsolutePath().normalize();
|
||||
private static final List<String> ALLOWED_ORDER_STATUSES = List.of(
|
||||
"PENDING_PAYMENT",
|
||||
"PAID",
|
||||
"IN_PRODUCTION",
|
||||
"SHIPPED",
|
||||
"COMPLETED",
|
||||
"CANCELLED"
|
||||
);
|
||||
|
||||
private final OrderRepository orderRepo;
|
||||
private final OrderItemRepository orderItemRepo;
|
||||
private final PaymentRepository paymentRepo;
|
||||
private final QuoteLineItemRepository quoteLineItemRepo;
|
||||
private final PaymentService paymentService;
|
||||
private final StorageService storageService;
|
||||
private final InvoicePdfRenderingService invoiceService;
|
||||
private final QrBillService qrBillService;
|
||||
private final ApplicationEventPublisher eventPublisher;
|
||||
private final AdminOrderControllerService adminOrderControllerService;
|
||||
|
||||
public AdminOrderController(
|
||||
OrderRepository orderRepo,
|
||||
OrderItemRepository orderItemRepo,
|
||||
PaymentRepository paymentRepo,
|
||||
QuoteLineItemRepository quoteLineItemRepo,
|
||||
PaymentService paymentService,
|
||||
StorageService storageService,
|
||||
InvoicePdfRenderingService invoiceService,
|
||||
QrBillService qrBillService,
|
||||
ApplicationEventPublisher eventPublisher
|
||||
) {
|
||||
this.orderRepo = orderRepo;
|
||||
this.orderItemRepo = orderItemRepo;
|
||||
this.paymentRepo = paymentRepo;
|
||||
this.quoteLineItemRepo = quoteLineItemRepo;
|
||||
this.paymentService = paymentService;
|
||||
this.storageService = storageService;
|
||||
this.invoiceService = invoiceService;
|
||||
this.qrBillService = qrBillService;
|
||||
this.eventPublisher = eventPublisher;
|
||||
public AdminOrderController(AdminOrderControllerService adminOrderControllerService) {
|
||||
this.adminOrderControllerService = adminOrderControllerService;
|
||||
}
|
||||
|
||||
@GetMapping
|
||||
public ResponseEntity<List<OrderDto>> listOrders() {
|
||||
List<OrderDto> response = orderRepo.findAllByOrderByCreatedAtDesc()
|
||||
.stream()
|
||||
.map(this::toOrderDto)
|
||||
.toList();
|
||||
return ResponseEntity.ok(response);
|
||||
return ResponseEntity.ok(adminOrderControllerService.listOrders());
|
||||
}
|
||||
|
||||
@GetMapping("/{orderId}")
|
||||
public ResponseEntity<OrderDto> getOrder(@PathVariable UUID orderId) {
|
||||
return ResponseEntity.ok(toOrderDto(getOrderOrThrow(orderId)));
|
||||
return ResponseEntity.ok(adminOrderControllerService.getOrder(orderId));
|
||||
}
|
||||
|
||||
@PostMapping("/{orderId}/payments/confirm")
|
||||
@@ -110,13 +44,7 @@ public class AdminOrderController {
|
||||
@PathVariable UUID orderId,
|
||||
@RequestBody(required = false) Map<String, String> payload
|
||||
) {
|
||||
getOrderOrThrow(orderId);
|
||||
String method = payload != null ? payload.get("method") : null;
|
||||
if (method == null || method.isBlank()) {
|
||||
throw new ResponseStatusException(BAD_REQUEST, "Payment method is required");
|
||||
}
|
||||
paymentService.updatePaymentMethod(orderId, method);
|
||||
return ResponseEntity.ok(toOrderDto(getOrderOrThrow(orderId)));
|
||||
return ResponseEntity.ok(adminOrderControllerService.updatePaymentMethod(orderId, payload));
|
||||
}
|
||||
|
||||
@PostMapping("/{orderId}/status")
|
||||
@@ -125,28 +53,7 @@ public class AdminOrderController {
|
||||
@PathVariable UUID orderId,
|
||||
@RequestBody AdminOrderStatusUpdateRequest payload
|
||||
) {
|
||||
if (payload == null || payload.getStatus() == null || payload.getStatus().isBlank()) {
|
||||
throw new ResponseStatusException(org.springframework.http.HttpStatus.BAD_REQUEST, "Status is required");
|
||||
}
|
||||
|
||||
Order order = getOrderOrThrow(orderId);
|
||||
String normalizedStatus = payload.getStatus().trim().toUpperCase(Locale.ROOT);
|
||||
if (!ALLOWED_ORDER_STATUSES.contains(normalizedStatus)) {
|
||||
throw new ResponseStatusException(
|
||||
BAD_REQUEST,
|
||||
"Invalid order status. Allowed values: " + String.join(", ", ALLOWED_ORDER_STATUSES)
|
||||
);
|
||||
}
|
||||
String previousStatus = order.getStatus();
|
||||
order.setStatus(normalizedStatus);
|
||||
Order savedOrder = orderRepo.save(order);
|
||||
|
||||
// Notify customer only on transition to SHIPPED.
|
||||
if (!"SHIPPED".equals(previousStatus) && "SHIPPED".equals(normalizedStatus)) {
|
||||
eventPublisher.publishEvent(new OrderShippedEvent(this, savedOrder));
|
||||
}
|
||||
|
||||
return ResponseEntity.ok(toOrderDto(savedOrder));
|
||||
return ResponseEntity.ok(adminOrderControllerService.updateOrderStatus(orderId, payload));
|
||||
}
|
||||
|
||||
@GetMapping("/{orderId}/items/{orderItemId}/file")
|
||||
@@ -154,290 +61,16 @@ public class AdminOrderController {
|
||||
@PathVariable UUID orderId,
|
||||
@PathVariable UUID orderItemId
|
||||
) {
|
||||
OrderItem item = orderItemRepo.findById(orderItemId)
|
||||
.orElseThrow(() -> new ResponseStatusException(NOT_FOUND, "Order item not found"));
|
||||
|
||||
if (!item.getOrder().getId().equals(orderId)) {
|
||||
throw new ResponseStatusException(NOT_FOUND, "Order item not found for order");
|
||||
}
|
||||
|
||||
String relativePath = item.getStoredRelativePath();
|
||||
if (relativePath == null || relativePath.isBlank() || "PENDING".equals(relativePath)) {
|
||||
throw new ResponseStatusException(NOT_FOUND, "File not available");
|
||||
}
|
||||
Path safeRelativePath = resolveOrderItemRelativePath(relativePath, orderId, orderItemId);
|
||||
if (safeRelativePath == null) {
|
||||
throw new ResponseStatusException(NOT_FOUND, "File not available");
|
||||
}
|
||||
|
||||
try {
|
||||
Resource resource = storageService.loadAsResource(safeRelativePath);
|
||||
MediaType contentType = MediaType.APPLICATION_OCTET_STREAM;
|
||||
if (item.getMimeType() != null && !item.getMimeType().isBlank()) {
|
||||
try {
|
||||
contentType = MediaType.parseMediaType(item.getMimeType());
|
||||
} catch (Exception ignored) {
|
||||
contentType = MediaType.APPLICATION_OCTET_STREAM;
|
||||
}
|
||||
}
|
||||
|
||||
String filename = item.getOriginalFilename() != null && !item.getOriginalFilename().isBlank()
|
||||
? item.getOriginalFilename()
|
||||
: "order-item-" + orderItemId;
|
||||
|
||||
return ResponseEntity.ok()
|
||||
.contentType(contentType)
|
||||
.header(HttpHeaders.CONTENT_DISPOSITION, ContentDisposition.attachment()
|
||||
.filename(filename, StandardCharsets.UTF_8)
|
||||
.build()
|
||||
.toString())
|
||||
.body(resource);
|
||||
} catch (Exception e) {
|
||||
throw new ResponseStatusException(NOT_FOUND, "File not available");
|
||||
}
|
||||
return adminOrderControllerService.downloadOrderItemFile(orderId, orderItemId);
|
||||
}
|
||||
|
||||
@GetMapping("/{orderId}/documents/confirmation")
|
||||
public ResponseEntity<byte[]> downloadOrderConfirmation(@PathVariable UUID orderId) {
|
||||
return generateDocument(getOrderOrThrow(orderId), true);
|
||||
return adminOrderControllerService.downloadOrderConfirmation(orderId);
|
||||
}
|
||||
|
||||
@GetMapping("/{orderId}/documents/invoice")
|
||||
public ResponseEntity<byte[]> downloadOrderInvoice(@PathVariable UUID orderId) {
|
||||
return generateDocument(getOrderOrThrow(orderId), false);
|
||||
}
|
||||
|
||||
private Order getOrderOrThrow(UUID orderId) {
|
||||
return orderRepo.findById(orderId)
|
||||
.orElseThrow(() -> new ResponseStatusException(NOT_FOUND, "Order not found"));
|
||||
}
|
||||
|
||||
private OrderDto toOrderDto(Order order) {
|
||||
List<OrderItem> items = orderItemRepo.findByOrder_Id(order.getId());
|
||||
OrderDto dto = new OrderDto();
|
||||
dto.setId(order.getId());
|
||||
dto.setOrderNumber(getDisplayOrderNumber(order));
|
||||
dto.setStatus(order.getStatus());
|
||||
|
||||
paymentRepo.findByOrder_Id(order.getId()).ifPresent(p -> {
|
||||
dto.setPaymentStatus(p.getStatus());
|
||||
dto.setPaymentMethod(p.getMethod());
|
||||
});
|
||||
|
||||
dto.setCustomerEmail(order.getCustomerEmail());
|
||||
dto.setCustomerPhone(order.getCustomerPhone());
|
||||
dto.setPreferredLanguage(order.getPreferredLanguage());
|
||||
dto.setBillingCustomerType(order.getBillingCustomerType());
|
||||
dto.setCurrency(order.getCurrency());
|
||||
dto.setSetupCostChf(order.getSetupCostChf());
|
||||
dto.setShippingCostChf(order.getShippingCostChf());
|
||||
dto.setDiscountChf(order.getDiscountChf());
|
||||
dto.setSubtotalChf(order.getSubtotalChf());
|
||||
dto.setIsCadOrder(order.getIsCadOrder());
|
||||
dto.setSourceRequestId(order.getSourceRequestId());
|
||||
dto.setCadHours(order.getCadHours());
|
||||
dto.setCadHourlyRateChf(order.getCadHourlyRateChf());
|
||||
dto.setCadTotalChf(order.getCadTotalChf());
|
||||
dto.setTotalChf(order.getTotalChf());
|
||||
dto.setCreatedAt(order.getCreatedAt());
|
||||
dto.setShippingSameAsBilling(order.getShippingSameAsBilling());
|
||||
QuoteSession sourceSession = order.getSourceQuoteSession();
|
||||
if (sourceSession != null) {
|
||||
dto.setPrintMaterialCode(sourceSession.getMaterialCode());
|
||||
dto.setPrintNozzleDiameterMm(sourceSession.getNozzleDiameterMm());
|
||||
dto.setPrintLayerHeightMm(sourceSession.getLayerHeightMm());
|
||||
dto.setPrintInfillPattern(sourceSession.getInfillPattern());
|
||||
dto.setPrintInfillPercent(sourceSession.getInfillPercent());
|
||||
dto.setPrintSupportsEnabled(sourceSession.getSupportsEnabled());
|
||||
}
|
||||
|
||||
AddressDto billing = new AddressDto();
|
||||
billing.setFirstName(order.getBillingFirstName());
|
||||
billing.setLastName(order.getBillingLastName());
|
||||
billing.setCompanyName(order.getBillingCompanyName());
|
||||
billing.setContactPerson(order.getBillingContactPerson());
|
||||
billing.setAddressLine1(order.getBillingAddressLine1());
|
||||
billing.setAddressLine2(order.getBillingAddressLine2());
|
||||
billing.setZip(order.getBillingZip());
|
||||
billing.setCity(order.getBillingCity());
|
||||
billing.setCountryCode(order.getBillingCountryCode());
|
||||
dto.setBillingAddress(billing);
|
||||
|
||||
if (!Boolean.TRUE.equals(order.getShippingSameAsBilling())) {
|
||||
AddressDto shipping = new AddressDto();
|
||||
shipping.setFirstName(order.getShippingFirstName());
|
||||
shipping.setLastName(order.getShippingLastName());
|
||||
shipping.setCompanyName(order.getShippingCompanyName());
|
||||
shipping.setContactPerson(order.getShippingContactPerson());
|
||||
shipping.setAddressLine1(order.getShippingAddressLine1());
|
||||
shipping.setAddressLine2(order.getShippingAddressLine2());
|
||||
shipping.setZip(order.getShippingZip());
|
||||
shipping.setCity(order.getShippingCity());
|
||||
shipping.setCountryCode(order.getShippingCountryCode());
|
||||
dto.setShippingAddress(shipping);
|
||||
}
|
||||
|
||||
List<OrderItemDto> itemDtos = items.stream().map(i -> {
|
||||
OrderItemDto idto = new OrderItemDto();
|
||||
idto.setId(i.getId());
|
||||
idto.setOriginalFilename(i.getOriginalFilename());
|
||||
idto.setMaterialCode(i.getMaterialCode());
|
||||
idto.setColorCode(i.getColorCode());
|
||||
idto.setQuantity(i.getQuantity());
|
||||
idto.setPrintTimeSeconds(i.getPrintTimeSeconds());
|
||||
idto.setMaterialGrams(i.getMaterialGrams());
|
||||
idto.setUnitPriceChf(i.getUnitPriceChf());
|
||||
idto.setLineTotalChf(i.getLineTotalChf());
|
||||
return idto;
|
||||
}).toList();
|
||||
dto.setItems(itemDtos);
|
||||
|
||||
return dto;
|
||||
}
|
||||
|
||||
private String getDisplayOrderNumber(Order order) {
|
||||
String orderNumber = order.getOrderNumber();
|
||||
if (orderNumber != null && !orderNumber.isBlank()) {
|
||||
return orderNumber;
|
||||
}
|
||||
return order.getId() != null ? order.getId().toString() : "unknown";
|
||||
}
|
||||
|
||||
private ResponseEntity<byte[]> generateDocument(Order order, boolean isConfirmation) {
|
||||
String displayOrderNumber = getDisplayOrderNumber(order);
|
||||
if (isConfirmation) {
|
||||
Path relativePath = buildConfirmationPdfRelativePath(order.getId(), displayOrderNumber);
|
||||
try {
|
||||
byte[] existingPdf = storageService.loadAsResource(relativePath).getInputStream().readAllBytes();
|
||||
return ResponseEntity.ok()
|
||||
.header(HttpHeaders.CONTENT_DISPOSITION, "attachment; filename=\"confirmation-" + displayOrderNumber + ".pdf\"")
|
||||
.contentType(MediaType.APPLICATION_PDF)
|
||||
.body(existingPdf);
|
||||
} catch (Exception ignored) {
|
||||
// fallback to generated confirmation document
|
||||
}
|
||||
}
|
||||
|
||||
List<OrderItem> items = orderItemRepo.findByOrder_Id(order.getId());
|
||||
Payment payment = paymentRepo.findByOrder_Id(order.getId()).orElse(null);
|
||||
byte[] pdf = invoiceService.generateDocumentPdf(order, items, isConfirmation, qrBillService, payment);
|
||||
|
||||
String prefix = isConfirmation ? "confirmation-" : "invoice-";
|
||||
return ResponseEntity.ok()
|
||||
.header(HttpHeaders.CONTENT_DISPOSITION, "attachment; filename=\"" + prefix + displayOrderNumber + ".pdf\"")
|
||||
.contentType(MediaType.APPLICATION_PDF)
|
||||
.body(pdf);
|
||||
}
|
||||
|
||||
private Path resolveOrderItemRelativePath(String storedRelativePath, UUID orderId, UUID orderItemId) {
|
||||
try {
|
||||
Path candidate = Path.of(storedRelativePath).normalize();
|
||||
if (candidate.isAbsolute()) {
|
||||
return null;
|
||||
}
|
||||
Path expectedPrefix = Path.of("orders", orderId.toString(), "3d-files", orderItemId.toString());
|
||||
if (!candidate.startsWith(expectedPrefix)) {
|
||||
return null;
|
||||
}
|
||||
return candidate;
|
||||
} catch (InvalidPathException e) {
|
||||
return null;
|
||||
}
|
||||
}
|
||||
|
||||
private Resource loadOrderItemResourceWithRecovery(OrderItem item, Path safeRelativePath) {
|
||||
try {
|
||||
return storageService.loadAsResource(safeRelativePath);
|
||||
} catch (Exception primaryFailure) {
|
||||
Path sourceQuotePath = resolveFallbackQuoteItemPath(item);
|
||||
if (sourceQuotePath == null) {
|
||||
throw new ResponseStatusException(NOT_FOUND, "File not available");
|
||||
}
|
||||
try {
|
||||
storageService.store(sourceQuotePath, safeRelativePath);
|
||||
return storageService.loadAsResource(safeRelativePath);
|
||||
} catch (Exception copyFailure) {
|
||||
try {
|
||||
Resource quoteResource = new UrlResource(sourceQuotePath.toUri());
|
||||
if (quoteResource.exists() || quoteResource.isReadable()) {
|
||||
return quoteResource;
|
||||
}
|
||||
} catch (Exception ignored) {
|
||||
// fall through to 404
|
||||
}
|
||||
throw new ResponseStatusException(NOT_FOUND, "File not available");
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
private Path resolveFallbackQuoteItemPath(OrderItem orderItem) {
|
||||
Order order = orderItem.getOrder();
|
||||
QuoteSession sourceSession = order != null ? order.getSourceQuoteSession() : null;
|
||||
UUID sourceSessionId = sourceSession != null ? sourceSession.getId() : null;
|
||||
if (sourceSessionId == null) {
|
||||
return null;
|
||||
}
|
||||
|
||||
String targetFilename = normalizeFilename(orderItem.getOriginalFilename());
|
||||
if (targetFilename == null) {
|
||||
return null;
|
||||
}
|
||||
|
||||
return quoteLineItemRepo.findByQuoteSessionId(sourceSessionId).stream()
|
||||
.filter(q -> targetFilename.equals(normalizeFilename(q.getOriginalFilename())))
|
||||
.sorted(Comparator.comparingInt((QuoteLineItem q) -> scoreQuoteMatch(orderItem, q)).reversed())
|
||||
.map(q -> resolveStoredQuotePath(q.getStoredPath(), sourceSessionId))
|
||||
.filter(path -> path != null && Files.exists(path))
|
||||
.findFirst()
|
||||
.orElse(null);
|
||||
}
|
||||
|
||||
private int scoreQuoteMatch(OrderItem orderItem, QuoteLineItem quoteItem) {
|
||||
int score = 0;
|
||||
if (orderItem.getQuantity() != null && orderItem.getQuantity().equals(quoteItem.getQuantity())) {
|
||||
score += 4;
|
||||
}
|
||||
if (orderItem.getPrintTimeSeconds() != null && orderItem.getPrintTimeSeconds().equals(quoteItem.getPrintTimeSeconds())) {
|
||||
score += 3;
|
||||
}
|
||||
if (orderItem.getMaterialCode() != null
|
||||
&& quoteItem.getMaterialCode() != null
|
||||
&& orderItem.getMaterialCode().equalsIgnoreCase(quoteItem.getMaterialCode())) {
|
||||
score += 3;
|
||||
}
|
||||
if (orderItem.getMaterialGrams() != null
|
||||
&& quoteItem.getMaterialGrams() != null
|
||||
&& orderItem.getMaterialGrams().compareTo(quoteItem.getMaterialGrams()) == 0) {
|
||||
score += 2;
|
||||
}
|
||||
return score;
|
||||
}
|
||||
|
||||
private String normalizeFilename(String filename) {
|
||||
if (filename == null || filename.isBlank()) {
|
||||
return null;
|
||||
}
|
||||
return filename.trim();
|
||||
}
|
||||
|
||||
private Path resolveStoredQuotePath(String storedPath, UUID expectedSessionId) {
|
||||
if (storedPath == null || storedPath.isBlank()) {
|
||||
return null;
|
||||
}
|
||||
try {
|
||||
Path raw = Path.of(storedPath).normalize();
|
||||
Path resolved = raw.isAbsolute() ? raw : QUOTE_STORAGE_ROOT.resolve(raw).normalize();
|
||||
Path expectedSessionRoot = QUOTE_STORAGE_ROOT.resolve(expectedSessionId.toString()).normalize();
|
||||
if (!resolved.startsWith(expectedSessionRoot)) {
|
||||
return null;
|
||||
}
|
||||
return resolved;
|
||||
} catch (InvalidPathException e) {
|
||||
return null;
|
||||
}
|
||||
}
|
||||
|
||||
private Path buildConfirmationPdfRelativePath(UUID orderId, String orderNumber) {
|
||||
return Path.of("orders", orderId.toString(), "documents", "confirmation-" + orderNumber + ".pdf");
|
||||
return adminOrderControllerService.downloadOrderInvoice(orderId);
|
||||
}
|
||||
}
|
||||
|
||||
@@ -0,0 +1,423 @@
|
||||
package com.printcalculator.service.order;
|
||||
|
||||
import com.printcalculator.dto.AddressDto;
|
||||
import com.printcalculator.dto.AdminOrderStatusUpdateRequest;
|
||||
import com.printcalculator.dto.OrderDto;
|
||||
import com.printcalculator.dto.OrderItemDto;
|
||||
import com.printcalculator.entity.Order;
|
||||
import com.printcalculator.entity.OrderItem;
|
||||
import com.printcalculator.entity.Payment;
|
||||
import com.printcalculator.entity.QuoteLineItem;
|
||||
import com.printcalculator.entity.QuoteSession;
|
||||
import com.printcalculator.event.OrderShippedEvent;
|
||||
import com.printcalculator.repository.OrderItemRepository;
|
||||
import com.printcalculator.repository.OrderRepository;
|
||||
import com.printcalculator.repository.PaymentRepository;
|
||||
import com.printcalculator.repository.QuoteLineItemRepository;
|
||||
import com.printcalculator.service.payment.InvoicePdfRenderingService;
|
||||
import com.printcalculator.service.payment.PaymentService;
|
||||
import com.printcalculator.service.payment.QrBillService;
|
||||
import com.printcalculator.service.storage.StorageService;
|
||||
import org.springframework.context.ApplicationEventPublisher;
|
||||
import org.springframework.core.io.Resource;
|
||||
import org.springframework.core.io.UrlResource;
|
||||
import org.springframework.http.ContentDisposition;
|
||||
import org.springframework.http.HttpHeaders;
|
||||
import org.springframework.http.MediaType;
|
||||
import org.springframework.http.ResponseEntity;
|
||||
import org.springframework.stereotype.Service;
|
||||
import org.springframework.transaction.annotation.Transactional;
|
||||
import org.springframework.web.server.ResponseStatusException;
|
||||
|
||||
import java.nio.charset.StandardCharsets;
|
||||
import java.nio.file.Files;
|
||||
import java.nio.file.InvalidPathException;
|
||||
import java.nio.file.Path;
|
||||
import java.nio.file.Paths;
|
||||
import java.util.Comparator;
|
||||
import java.util.List;
|
||||
import java.util.Locale;
|
||||
import java.util.Map;
|
||||
import java.util.UUID;
|
||||
|
||||
import static org.springframework.http.HttpStatus.BAD_REQUEST;
|
||||
import static org.springframework.http.HttpStatus.NOT_FOUND;
|
||||
|
||||
@Service
|
||||
@Transactional(readOnly = true)
|
||||
public class AdminOrderControllerService {
|
||||
private static final Path QUOTE_STORAGE_ROOT = Paths.get("storage_quotes").toAbsolutePath().normalize();
|
||||
private static final List<String> ALLOWED_ORDER_STATUSES = List.of(
|
||||
"PENDING_PAYMENT",
|
||||
"PAID",
|
||||
"IN_PRODUCTION",
|
||||
"SHIPPED",
|
||||
"COMPLETED",
|
||||
"CANCELLED"
|
||||
);
|
||||
|
||||
private final OrderRepository orderRepo;
|
||||
private final OrderItemRepository orderItemRepo;
|
||||
private final PaymentRepository paymentRepo;
|
||||
private final QuoteLineItemRepository quoteLineItemRepo;
|
||||
private final PaymentService paymentService;
|
||||
private final StorageService storageService;
|
||||
private final InvoicePdfRenderingService invoiceService;
|
||||
private final QrBillService qrBillService;
|
||||
private final ApplicationEventPublisher eventPublisher;
|
||||
|
||||
public AdminOrderControllerService(OrderRepository orderRepo,
|
||||
OrderItemRepository orderItemRepo,
|
||||
PaymentRepository paymentRepo,
|
||||
QuoteLineItemRepository quoteLineItemRepo,
|
||||
PaymentService paymentService,
|
||||
StorageService storageService,
|
||||
InvoicePdfRenderingService invoiceService,
|
||||
QrBillService qrBillService,
|
||||
ApplicationEventPublisher eventPublisher) {
|
||||
this.orderRepo = orderRepo;
|
||||
this.orderItemRepo = orderItemRepo;
|
||||
this.paymentRepo = paymentRepo;
|
||||
this.quoteLineItemRepo = quoteLineItemRepo;
|
||||
this.paymentService = paymentService;
|
||||
this.storageService = storageService;
|
||||
this.invoiceService = invoiceService;
|
||||
this.qrBillService = qrBillService;
|
||||
this.eventPublisher = eventPublisher;
|
||||
}
|
||||
|
||||
public List<OrderDto> listOrders() {
|
||||
return orderRepo.findAllByOrderByCreatedAtDesc()
|
||||
.stream()
|
||||
.map(this::toOrderDto)
|
||||
.toList();
|
||||
}
|
||||
|
||||
public OrderDto getOrder(UUID orderId) {
|
||||
return toOrderDto(getOrderOrThrow(orderId));
|
||||
}
|
||||
|
||||
@Transactional
|
||||
public OrderDto updatePaymentMethod(UUID orderId, Map<String, String> payload) {
|
||||
getOrderOrThrow(orderId);
|
||||
String method = payload != null ? payload.get("method") : null;
|
||||
if (method == null || method.isBlank()) {
|
||||
throw new ResponseStatusException(BAD_REQUEST, "Payment method is required");
|
||||
}
|
||||
paymentService.updatePaymentMethod(orderId, method);
|
||||
return toOrderDto(getOrderOrThrow(orderId));
|
||||
}
|
||||
|
||||
@Transactional
|
||||
public OrderDto updateOrderStatus(UUID orderId, AdminOrderStatusUpdateRequest payload) {
|
||||
if (payload == null || payload.getStatus() == null || payload.getStatus().isBlank()) {
|
||||
throw new ResponseStatusException(BAD_REQUEST, "Status is required");
|
||||
}
|
||||
|
||||
Order order = getOrderOrThrow(orderId);
|
||||
String normalizedStatus = payload.getStatus().trim().toUpperCase(Locale.ROOT);
|
||||
if (!ALLOWED_ORDER_STATUSES.contains(normalizedStatus)) {
|
||||
throw new ResponseStatusException(
|
||||
BAD_REQUEST,
|
||||
"Invalid order status. Allowed values: " + String.join(", ", ALLOWED_ORDER_STATUSES)
|
||||
);
|
||||
}
|
||||
String previousStatus = order.getStatus();
|
||||
order.setStatus(normalizedStatus);
|
||||
Order savedOrder = orderRepo.save(order);
|
||||
|
||||
if (!"SHIPPED".equals(previousStatus) && "SHIPPED".equals(normalizedStatus)) {
|
||||
eventPublisher.publishEvent(new OrderShippedEvent(this, savedOrder));
|
||||
}
|
||||
|
||||
return toOrderDto(savedOrder);
|
||||
}
|
||||
|
||||
public ResponseEntity<Resource> downloadOrderItemFile(UUID orderId, UUID orderItemId) {
|
||||
OrderItem item = orderItemRepo.findById(orderItemId)
|
||||
.orElseThrow(() -> new ResponseStatusException(NOT_FOUND, "Order item not found"));
|
||||
|
||||
if (!item.getOrder().getId().equals(orderId)) {
|
||||
throw new ResponseStatusException(NOT_FOUND, "Order item not found for order");
|
||||
}
|
||||
|
||||
String relativePath = item.getStoredRelativePath();
|
||||
if (relativePath == null || relativePath.isBlank() || "PENDING".equals(relativePath)) {
|
||||
throw new ResponseStatusException(NOT_FOUND, "File not available");
|
||||
}
|
||||
Path safeRelativePath = resolveOrderItemRelativePath(relativePath, orderId, orderItemId);
|
||||
if (safeRelativePath == null) {
|
||||
throw new ResponseStatusException(NOT_FOUND, "File not available");
|
||||
}
|
||||
|
||||
try {
|
||||
Resource resource = loadOrderItemResourceWithRecovery(item, safeRelativePath);
|
||||
MediaType contentType = MediaType.APPLICATION_OCTET_STREAM;
|
||||
if (item.getMimeType() != null && !item.getMimeType().isBlank()) {
|
||||
try {
|
||||
contentType = MediaType.parseMediaType(item.getMimeType());
|
||||
} catch (Exception ignored) {
|
||||
contentType = MediaType.APPLICATION_OCTET_STREAM;
|
||||
}
|
||||
}
|
||||
|
||||
String filename = item.getOriginalFilename() != null && !item.getOriginalFilename().isBlank()
|
||||
? item.getOriginalFilename()
|
||||
: "order-item-" + orderItemId;
|
||||
|
||||
return ResponseEntity.ok()
|
||||
.contentType(contentType)
|
||||
.header(HttpHeaders.CONTENT_DISPOSITION, ContentDisposition.attachment()
|
||||
.filename(filename, StandardCharsets.UTF_8)
|
||||
.build()
|
||||
.toString())
|
||||
.body(resource);
|
||||
} catch (ResponseStatusException e) {
|
||||
throw e;
|
||||
} catch (Exception e) {
|
||||
throw new ResponseStatusException(NOT_FOUND, "File not available");
|
||||
}
|
||||
}
|
||||
|
||||
public ResponseEntity<byte[]> downloadOrderConfirmation(UUID orderId) {
|
||||
return generateDocument(getOrderOrThrow(orderId), true);
|
||||
}
|
||||
|
||||
public ResponseEntity<byte[]> downloadOrderInvoice(UUID orderId) {
|
||||
return generateDocument(getOrderOrThrow(orderId), false);
|
||||
}
|
||||
|
||||
private Order getOrderOrThrow(UUID orderId) {
|
||||
return orderRepo.findById(orderId)
|
||||
.orElseThrow(() -> new ResponseStatusException(NOT_FOUND, "Order not found"));
|
||||
}
|
||||
|
||||
private OrderDto toOrderDto(Order order) {
|
||||
List<OrderItem> items = orderItemRepo.findByOrder_Id(order.getId());
|
||||
OrderDto dto = new OrderDto();
|
||||
dto.setId(order.getId());
|
||||
dto.setOrderNumber(getDisplayOrderNumber(order));
|
||||
dto.setStatus(order.getStatus());
|
||||
|
||||
paymentRepo.findByOrder_Id(order.getId()).ifPresent(payment -> {
|
||||
dto.setPaymentStatus(payment.getStatus());
|
||||
dto.setPaymentMethod(payment.getMethod());
|
||||
});
|
||||
|
||||
dto.setCustomerEmail(order.getCustomerEmail());
|
||||
dto.setCustomerPhone(order.getCustomerPhone());
|
||||
dto.setPreferredLanguage(order.getPreferredLanguage());
|
||||
dto.setBillingCustomerType(order.getBillingCustomerType());
|
||||
dto.setCurrency(order.getCurrency());
|
||||
dto.setSetupCostChf(order.getSetupCostChf());
|
||||
dto.setShippingCostChf(order.getShippingCostChf());
|
||||
dto.setDiscountChf(order.getDiscountChf());
|
||||
dto.setSubtotalChf(order.getSubtotalChf());
|
||||
dto.setIsCadOrder(order.getIsCadOrder());
|
||||
dto.setSourceRequestId(order.getSourceRequestId());
|
||||
dto.setCadHours(order.getCadHours());
|
||||
dto.setCadHourlyRateChf(order.getCadHourlyRateChf());
|
||||
dto.setCadTotalChf(order.getCadTotalChf());
|
||||
dto.setTotalChf(order.getTotalChf());
|
||||
dto.setCreatedAt(order.getCreatedAt());
|
||||
dto.setShippingSameAsBilling(order.getShippingSameAsBilling());
|
||||
QuoteSession sourceSession = order.getSourceQuoteSession();
|
||||
if (sourceSession != null) {
|
||||
dto.setPrintMaterialCode(sourceSession.getMaterialCode());
|
||||
dto.setPrintNozzleDiameterMm(sourceSession.getNozzleDiameterMm());
|
||||
dto.setPrintLayerHeightMm(sourceSession.getLayerHeightMm());
|
||||
dto.setPrintInfillPattern(sourceSession.getInfillPattern());
|
||||
dto.setPrintInfillPercent(sourceSession.getInfillPercent());
|
||||
dto.setPrintSupportsEnabled(sourceSession.getSupportsEnabled());
|
||||
}
|
||||
|
||||
AddressDto billing = new AddressDto();
|
||||
billing.setFirstName(order.getBillingFirstName());
|
||||
billing.setLastName(order.getBillingLastName());
|
||||
billing.setCompanyName(order.getBillingCompanyName());
|
||||
billing.setContactPerson(order.getBillingContactPerson());
|
||||
billing.setAddressLine1(order.getBillingAddressLine1());
|
||||
billing.setAddressLine2(order.getBillingAddressLine2());
|
||||
billing.setZip(order.getBillingZip());
|
||||
billing.setCity(order.getBillingCity());
|
||||
billing.setCountryCode(order.getBillingCountryCode());
|
||||
dto.setBillingAddress(billing);
|
||||
|
||||
if (!Boolean.TRUE.equals(order.getShippingSameAsBilling())) {
|
||||
AddressDto shipping = new AddressDto();
|
||||
shipping.setFirstName(order.getShippingFirstName());
|
||||
shipping.setLastName(order.getShippingLastName());
|
||||
shipping.setCompanyName(order.getShippingCompanyName());
|
||||
shipping.setContactPerson(order.getShippingContactPerson());
|
||||
shipping.setAddressLine1(order.getShippingAddressLine1());
|
||||
shipping.setAddressLine2(order.getShippingAddressLine2());
|
||||
shipping.setZip(order.getShippingZip());
|
||||
shipping.setCity(order.getShippingCity());
|
||||
shipping.setCountryCode(order.getShippingCountryCode());
|
||||
dto.setShippingAddress(shipping);
|
||||
}
|
||||
|
||||
List<OrderItemDto> itemDtos = items.stream().map(item -> {
|
||||
OrderItemDto itemDto = new OrderItemDto();
|
||||
itemDto.setId(item.getId());
|
||||
itemDto.setOriginalFilename(item.getOriginalFilename());
|
||||
itemDto.setMaterialCode(item.getMaterialCode());
|
||||
itemDto.setColorCode(item.getColorCode());
|
||||
itemDto.setQuantity(item.getQuantity());
|
||||
itemDto.setPrintTimeSeconds(item.getPrintTimeSeconds());
|
||||
itemDto.setMaterialGrams(item.getMaterialGrams());
|
||||
itemDto.setUnitPriceChf(item.getUnitPriceChf());
|
||||
itemDto.setLineTotalChf(item.getLineTotalChf());
|
||||
return itemDto;
|
||||
}).toList();
|
||||
dto.setItems(itemDtos);
|
||||
|
||||
return dto;
|
||||
}
|
||||
|
||||
private String getDisplayOrderNumber(Order order) {
|
||||
String orderNumber = order.getOrderNumber();
|
||||
if (orderNumber != null && !orderNumber.isBlank()) {
|
||||
return orderNumber;
|
||||
}
|
||||
return order.getId() != null ? order.getId().toString() : "unknown";
|
||||
}
|
||||
|
||||
private ResponseEntity<byte[]> generateDocument(Order order, boolean isConfirmation) {
|
||||
String displayOrderNumber = getDisplayOrderNumber(order);
|
||||
if (isConfirmation) {
|
||||
Path relativePath = buildConfirmationPdfRelativePath(order.getId(), displayOrderNumber);
|
||||
try {
|
||||
byte[] existingPdf = storageService.loadAsResource(relativePath).getInputStream().readAllBytes();
|
||||
return ResponseEntity.ok()
|
||||
.header(HttpHeaders.CONTENT_DISPOSITION, "attachment; filename=\"confirmation-" + displayOrderNumber + ".pdf\"")
|
||||
.contentType(MediaType.APPLICATION_PDF)
|
||||
.body(existingPdf);
|
||||
} catch (Exception ignored) {
|
||||
// fallback to generated confirmation document
|
||||
}
|
||||
}
|
||||
|
||||
List<OrderItem> items = orderItemRepo.findByOrder_Id(order.getId());
|
||||
Payment payment = paymentRepo.findByOrder_Id(order.getId()).orElse(null);
|
||||
byte[] pdf = invoiceService.generateDocumentPdf(order, items, isConfirmation, qrBillService, payment);
|
||||
|
||||
String prefix = isConfirmation ? "confirmation-" : "invoice-";
|
||||
return ResponseEntity.ok()
|
||||
.header(HttpHeaders.CONTENT_DISPOSITION, "attachment; filename=\"" + prefix + displayOrderNumber + ".pdf\"")
|
||||
.contentType(MediaType.APPLICATION_PDF)
|
||||
.body(pdf);
|
||||
}
|
||||
|
||||
private Path resolveOrderItemRelativePath(String storedRelativePath, UUID orderId, UUID orderItemId) {
|
||||
try {
|
||||
Path candidate = Path.of(storedRelativePath).normalize();
|
||||
if (candidate.isAbsolute()) {
|
||||
return null;
|
||||
}
|
||||
Path expectedPrefix = Path.of("orders", orderId.toString(), "3d-files", orderItemId.toString());
|
||||
if (!candidate.startsWith(expectedPrefix)) {
|
||||
return null;
|
||||
}
|
||||
return candidate;
|
||||
} catch (InvalidPathException e) {
|
||||
return null;
|
||||
}
|
||||
}
|
||||
|
||||
private Resource loadOrderItemResourceWithRecovery(OrderItem item, Path safeRelativePath) {
|
||||
try {
|
||||
return storageService.loadAsResource(safeRelativePath);
|
||||
} catch (Exception primaryFailure) {
|
||||
Path sourceQuotePath = resolveFallbackQuoteItemPath(item);
|
||||
if (sourceQuotePath == null) {
|
||||
throw new ResponseStatusException(NOT_FOUND, "File not available");
|
||||
}
|
||||
try {
|
||||
storageService.store(sourceQuotePath, safeRelativePath);
|
||||
return storageService.loadAsResource(safeRelativePath);
|
||||
} catch (Exception copyFailure) {
|
||||
try {
|
||||
Resource quoteResource = new UrlResource(sourceQuotePath.toUri());
|
||||
if (quoteResource.exists() || quoteResource.isReadable()) {
|
||||
return quoteResource;
|
||||
}
|
||||
} catch (Exception ignored) {
|
||||
// fall through to 404
|
||||
}
|
||||
throw new ResponseStatusException(NOT_FOUND, "File not available");
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
private Path resolveFallbackQuoteItemPath(OrderItem orderItem) {
|
||||
Order order = orderItem.getOrder();
|
||||
QuoteSession sourceSession = order != null ? order.getSourceQuoteSession() : null;
|
||||
UUID sourceSessionId = sourceSession != null ? sourceSession.getId() : null;
|
||||
if (sourceSessionId == null) {
|
||||
return null;
|
||||
}
|
||||
|
||||
String targetFilename = normalizeFilename(orderItem.getOriginalFilename());
|
||||
if (targetFilename == null) {
|
||||
return null;
|
||||
}
|
||||
|
||||
return quoteLineItemRepo.findByQuoteSessionId(sourceSessionId).stream()
|
||||
.filter(quoteItem -> targetFilename.equals(normalizeFilename(quoteItem.getOriginalFilename())))
|
||||
.sorted(Comparator.comparingInt((QuoteLineItem quoteItem) -> scoreQuoteMatch(orderItem, quoteItem)).reversed())
|
||||
.map(quoteItem -> resolveStoredQuotePath(quoteItem.getStoredPath(), sourceSessionId))
|
||||
.filter(path -> path != null && Files.exists(path))
|
||||
.findFirst()
|
||||
.orElse(null);
|
||||
}
|
||||
|
||||
private int scoreQuoteMatch(OrderItem orderItem, QuoteLineItem quoteItem) {
|
||||
int score = 0;
|
||||
if (orderItem.getQuantity() != null && orderItem.getQuantity().equals(quoteItem.getQuantity())) {
|
||||
score += 4;
|
||||
}
|
||||
if (orderItem.getPrintTimeSeconds() != null && orderItem.getPrintTimeSeconds().equals(quoteItem.getPrintTimeSeconds())) {
|
||||
score += 3;
|
||||
}
|
||||
if (orderItem.getMaterialCode() != null
|
||||
&& quoteItem.getMaterialCode() != null
|
||||
&& orderItem.getMaterialCode().equalsIgnoreCase(quoteItem.getMaterialCode())) {
|
||||
score += 3;
|
||||
}
|
||||
if (orderItem.getMaterialGrams() != null
|
||||
&& quoteItem.getMaterialGrams() != null
|
||||
&& orderItem.getMaterialGrams().compareTo(quoteItem.getMaterialGrams()) == 0) {
|
||||
score += 2;
|
||||
}
|
||||
return score;
|
||||
}
|
||||
|
||||
private String normalizeFilename(String filename) {
|
||||
if (filename == null || filename.isBlank()) {
|
||||
return null;
|
||||
}
|
||||
return filename.trim();
|
||||
}
|
||||
|
||||
private Path resolveStoredQuotePath(String storedPath, UUID expectedSessionId) {
|
||||
if (storedPath == null || storedPath.isBlank()) {
|
||||
return null;
|
||||
}
|
||||
try {
|
||||
Path raw = Path.of(storedPath).normalize();
|
||||
Path resolved = raw.isAbsolute() ? raw : QUOTE_STORAGE_ROOT.resolve(raw).normalize();
|
||||
Path expectedSessionRoot = QUOTE_STORAGE_ROOT.resolve(expectedSessionId.toString()).normalize();
|
||||
if (!resolved.startsWith(expectedSessionRoot)) {
|
||||
return null;
|
||||
}
|
||||
return resolved;
|
||||
} catch (InvalidPathException e) {
|
||||
return null;
|
||||
}
|
||||
}
|
||||
|
||||
private Path buildConfirmationPdfRelativePath(UUID orderId, String orderNumber) {
|
||||
return Path.of("orders", orderId.toString(), "documents", "confirmation-" + orderNumber + ".pdf");
|
||||
}
|
||||
}
|
||||
@@ -0,0 +1,352 @@
|
||||
package com.printcalculator.service.order;
|
||||
|
||||
import com.printcalculator.dto.AddressDto;
|
||||
import com.printcalculator.dto.CreateOrderRequest;
|
||||
import com.printcalculator.dto.OrderDto;
|
||||
import com.printcalculator.dto.OrderItemDto;
|
||||
import com.printcalculator.entity.Order;
|
||||
import com.printcalculator.entity.OrderItem;
|
||||
import com.printcalculator.entity.Payment;
|
||||
import com.printcalculator.repository.OrderItemRepository;
|
||||
import com.printcalculator.repository.OrderRepository;
|
||||
import com.printcalculator.repository.PaymentRepository;
|
||||
import com.printcalculator.service.OrderService;
|
||||
import com.printcalculator.service.payment.InvoicePdfRenderingService;
|
||||
import com.printcalculator.service.payment.PaymentService;
|
||||
import com.printcalculator.service.payment.QrBillService;
|
||||
import com.printcalculator.service.payment.TwintPaymentService;
|
||||
import com.printcalculator.service.storage.StorageService;
|
||||
import org.springframework.http.MediaType;
|
||||
import org.springframework.http.ResponseEntity;
|
||||
import org.springframework.stereotype.Service;
|
||||
import org.springframework.transaction.annotation.Transactional;
|
||||
import org.springframework.util.StringUtils;
|
||||
import org.springframework.web.multipart.MultipartFile;
|
||||
|
||||
import java.io.IOException;
|
||||
import java.net.URI;
|
||||
import java.nio.file.InvalidPathException;
|
||||
import java.nio.file.Path;
|
||||
import java.util.Base64;
|
||||
import java.util.HashMap;
|
||||
import java.util.List;
|
||||
import java.util.Locale;
|
||||
import java.util.Map;
|
||||
import java.util.Optional;
|
||||
import java.util.Set;
|
||||
import java.util.UUID;
|
||||
import java.util.regex.Pattern;
|
||||
import java.util.stream.Collectors;
|
||||
|
||||
@Service
|
||||
@Transactional(readOnly = true)
|
||||
public class OrderControllerService {
|
||||
private static final Pattern SAFE_EXTENSION_PATTERN = Pattern.compile("^[a-z0-9]{1,10}$");
|
||||
private static final Set<String> PERSONAL_DATA_REDACTED_STATUSES = Set.of(
|
||||
"IN_PRODUCTION",
|
||||
"SHIPPED",
|
||||
"COMPLETED"
|
||||
);
|
||||
|
||||
private final OrderService orderService;
|
||||
private final OrderRepository orderRepo;
|
||||
private final OrderItemRepository orderItemRepo;
|
||||
private final StorageService storageService;
|
||||
private final InvoicePdfRenderingService invoiceService;
|
||||
private final QrBillService qrBillService;
|
||||
private final TwintPaymentService twintPaymentService;
|
||||
private final PaymentService paymentService;
|
||||
private final PaymentRepository paymentRepo;
|
||||
|
||||
public OrderControllerService(OrderService orderService,
|
||||
OrderRepository orderRepo,
|
||||
OrderItemRepository orderItemRepo,
|
||||
StorageService storageService,
|
||||
InvoicePdfRenderingService invoiceService,
|
||||
QrBillService qrBillService,
|
||||
TwintPaymentService twintPaymentService,
|
||||
PaymentService paymentService,
|
||||
PaymentRepository paymentRepo) {
|
||||
this.orderService = orderService;
|
||||
this.orderRepo = orderRepo;
|
||||
this.orderItemRepo = orderItemRepo;
|
||||
this.storageService = storageService;
|
||||
this.invoiceService = invoiceService;
|
||||
this.qrBillService = qrBillService;
|
||||
this.twintPaymentService = twintPaymentService;
|
||||
this.paymentService = paymentService;
|
||||
this.paymentRepo = paymentRepo;
|
||||
}
|
||||
|
||||
@Transactional
|
||||
public OrderDto createOrderFromQuote(UUID quoteSessionId, CreateOrderRequest request) {
|
||||
Order order = orderService.createOrderFromQuote(quoteSessionId, request);
|
||||
List<OrderItem> items = orderItemRepo.findByOrder_Id(order.getId());
|
||||
return convertToDto(order, items);
|
||||
}
|
||||
|
||||
@Transactional
|
||||
public boolean uploadOrderItemFile(UUID orderId, UUID orderItemId, MultipartFile file) throws IOException {
|
||||
OrderItem item = orderItemRepo.findById(orderItemId)
|
||||
.orElseThrow(() -> new RuntimeException("OrderItem not found"));
|
||||
|
||||
if (!item.getOrder().getId().equals(orderId)) {
|
||||
return false;
|
||||
}
|
||||
|
||||
String relativePath = item.getStoredRelativePath();
|
||||
Path destinationRelativePath;
|
||||
if (relativePath == null || relativePath.equals("PENDING")) {
|
||||
String ext = getExtension(file.getOriginalFilename());
|
||||
String storedFilename = UUID.randomUUID() + "." + ext;
|
||||
destinationRelativePath = Path.of("orders", orderId.toString(), "3d-files", orderItemId.toString(), storedFilename);
|
||||
item.setStoredRelativePath(destinationRelativePath.toString());
|
||||
item.setStoredFilename(storedFilename);
|
||||
} else {
|
||||
destinationRelativePath = resolveOrderItemRelativePath(relativePath, orderId, orderItemId);
|
||||
if (destinationRelativePath == null) {
|
||||
return false;
|
||||
}
|
||||
}
|
||||
|
||||
storageService.store(file, destinationRelativePath);
|
||||
item.setFileSizeBytes(file.getSize());
|
||||
item.setMimeType(file.getContentType());
|
||||
orderItemRepo.save(item);
|
||||
|
||||
return true;
|
||||
}
|
||||
|
||||
public Optional<OrderDto> getOrder(UUID orderId) {
|
||||
return orderRepo.findById(orderId)
|
||||
.map(order -> {
|
||||
List<OrderItem> items = orderItemRepo.findByOrder_Id(order.getId());
|
||||
return convertToDto(order, items);
|
||||
});
|
||||
}
|
||||
|
||||
@Transactional
|
||||
public Optional<OrderDto> reportPayment(UUID orderId, String method) {
|
||||
paymentService.reportPayment(orderId, method);
|
||||
return getOrder(orderId);
|
||||
}
|
||||
|
||||
public ResponseEntity<byte[]> getConfirmation(UUID orderId) {
|
||||
return generateDocument(orderId, true);
|
||||
}
|
||||
|
||||
public ResponseEntity<Map<String, String>> getTwintPayment(UUID orderId) {
|
||||
Order order = orderRepo.findById(orderId).orElse(null);
|
||||
if (order == null) {
|
||||
return ResponseEntity.notFound().build();
|
||||
}
|
||||
|
||||
byte[] qrPng = twintPaymentService.generateQrPng(order, 360);
|
||||
String qrDataUri = "data:image/png;base64," + Base64.getEncoder().encodeToString(qrPng);
|
||||
|
||||
Map<String, String> data = new HashMap<>();
|
||||
data.put("paymentUrl", twintPaymentService.getTwintPaymentUrl(order));
|
||||
data.put("openUrl", "/api/orders/" + orderId + "/twint/open");
|
||||
data.put("qrImageUrl", "/api/orders/" + orderId + "/twint/qr");
|
||||
data.put("qrImageDataUri", qrDataUri);
|
||||
return ResponseEntity.ok(data);
|
||||
}
|
||||
|
||||
public ResponseEntity<Void> openTwintPayment(UUID orderId) {
|
||||
Order order = orderRepo.findById(orderId).orElse(null);
|
||||
if (order == null) {
|
||||
return ResponseEntity.notFound().build();
|
||||
}
|
||||
|
||||
return ResponseEntity.status(302)
|
||||
.location(URI.create(twintPaymentService.getTwintPaymentUrl(order)))
|
||||
.build();
|
||||
}
|
||||
|
||||
public ResponseEntity<byte[]> getTwintQr(UUID orderId, int size) {
|
||||
Order order = orderRepo.findById(orderId).orElse(null);
|
||||
if (order == null) {
|
||||
return ResponseEntity.notFound().build();
|
||||
}
|
||||
|
||||
int normalizedSize = Math.max(200, Math.min(size, 600));
|
||||
byte[] png = twintPaymentService.generateQrPng(order, normalizedSize);
|
||||
|
||||
return ResponseEntity.ok()
|
||||
.contentType(MediaType.IMAGE_PNG)
|
||||
.body(png);
|
||||
}
|
||||
|
||||
private ResponseEntity<byte[]> generateDocument(UUID orderId, boolean isConfirmation) {
|
||||
Order order = orderRepo.findById(orderId)
|
||||
.orElseThrow(() -> new RuntimeException("Order not found"));
|
||||
|
||||
if (isConfirmation) {
|
||||
Path relativePath = buildConfirmationPdfRelativePath(order);
|
||||
try {
|
||||
byte[] existingPdf = storageService.loadAsResource(relativePath).getInputStream().readAllBytes();
|
||||
return ResponseEntity.ok()
|
||||
.header("Content-Disposition", "attachment; filename=\"confirmation-" + getDisplayOrderNumber(order) + ".pdf\"")
|
||||
.contentType(MediaType.APPLICATION_PDF)
|
||||
.body(existingPdf);
|
||||
} catch (Exception ignored) {
|
||||
// Fallback to on-the-fly generation if the stored file is missing or unreadable.
|
||||
}
|
||||
}
|
||||
|
||||
List<OrderItem> items = orderItemRepo.findByOrder_Id(orderId);
|
||||
Payment payment = paymentRepo.findByOrder_Id(orderId).orElse(null);
|
||||
|
||||
byte[] pdf = invoiceService.generateDocumentPdf(order, items, isConfirmation, qrBillService, payment);
|
||||
String typePrefix = isConfirmation ? "confirmation-" : "invoice-";
|
||||
String truncatedUuid = order.getId().toString().substring(0, 8);
|
||||
return ResponseEntity.ok()
|
||||
.header("Content-Disposition", "attachment; filename=\"" + typePrefix + truncatedUuid + ".pdf\"")
|
||||
.contentType(MediaType.APPLICATION_PDF)
|
||||
.body(pdf);
|
||||
}
|
||||
|
||||
private Path buildConfirmationPdfRelativePath(Order order) {
|
||||
return Path.of(
|
||||
"orders",
|
||||
order.getId().toString(),
|
||||
"documents",
|
||||
"confirmation-" + getDisplayOrderNumber(order) + ".pdf"
|
||||
);
|
||||
}
|
||||
|
||||
private String getExtension(String filename) {
|
||||
if (filename == null) {
|
||||
return "stl";
|
||||
}
|
||||
String cleaned = StringUtils.cleanPath(filename);
|
||||
if (cleaned.contains("..")) {
|
||||
return "stl";
|
||||
}
|
||||
int i = cleaned.lastIndexOf('.');
|
||||
if (i > 0 && i < cleaned.length() - 1) {
|
||||
String ext = cleaned.substring(i + 1).toLowerCase(Locale.ROOT);
|
||||
if (SAFE_EXTENSION_PATTERN.matcher(ext).matches()) {
|
||||
return ext;
|
||||
}
|
||||
}
|
||||
return "stl";
|
||||
}
|
||||
|
||||
private Path resolveOrderItemRelativePath(String storedRelativePath, UUID orderId, UUID orderItemId) {
|
||||
try {
|
||||
Path candidate = Path.of(storedRelativePath).normalize();
|
||||
if (candidate.isAbsolute()) {
|
||||
return null;
|
||||
}
|
||||
|
||||
Path expectedPrefix = Path.of("orders", orderId.toString(), "3d-files", orderItemId.toString());
|
||||
if (!candidate.startsWith(expectedPrefix)) {
|
||||
return null;
|
||||
}
|
||||
|
||||
return candidate;
|
||||
} catch (InvalidPathException e) {
|
||||
return null;
|
||||
}
|
||||
}
|
||||
|
||||
private OrderDto convertToDto(Order order, List<OrderItem> items) {
|
||||
OrderDto dto = new OrderDto();
|
||||
dto.setId(order.getId());
|
||||
dto.setOrderNumber(getDisplayOrderNumber(order));
|
||||
dto.setStatus(order.getStatus());
|
||||
|
||||
paymentRepo.findByOrder_Id(order.getId()).ifPresent(payment -> {
|
||||
dto.setPaymentStatus(payment.getStatus());
|
||||
dto.setPaymentMethod(payment.getMethod());
|
||||
});
|
||||
|
||||
boolean redactPersonalData = shouldRedactPersonalData(order.getStatus());
|
||||
if (!redactPersonalData) {
|
||||
dto.setCustomerEmail(order.getCustomerEmail());
|
||||
dto.setCustomerPhone(order.getCustomerPhone());
|
||||
dto.setBillingCustomerType(order.getBillingCustomerType());
|
||||
}
|
||||
dto.setPreferredLanguage(order.getPreferredLanguage());
|
||||
dto.setCurrency(order.getCurrency());
|
||||
dto.setSetupCostChf(order.getSetupCostChf());
|
||||
dto.setShippingCostChf(order.getShippingCostChf());
|
||||
dto.setDiscountChf(order.getDiscountChf());
|
||||
dto.setSubtotalChf(order.getSubtotalChf());
|
||||
dto.setIsCadOrder(order.getIsCadOrder());
|
||||
dto.setSourceRequestId(order.getSourceRequestId());
|
||||
dto.setCadHours(order.getCadHours());
|
||||
dto.setCadHourlyRateChf(order.getCadHourlyRateChf());
|
||||
dto.setCadTotalChf(order.getCadTotalChf());
|
||||
dto.setTotalChf(order.getTotalChf());
|
||||
dto.setCreatedAt(order.getCreatedAt());
|
||||
dto.setShippingSameAsBilling(order.getShippingSameAsBilling());
|
||||
|
||||
if (!redactPersonalData) {
|
||||
AddressDto billing = new AddressDto();
|
||||
billing.setFirstName(order.getBillingFirstName());
|
||||
billing.setLastName(order.getBillingLastName());
|
||||
billing.setCompanyName(order.getBillingCompanyName());
|
||||
billing.setContactPerson(order.getBillingContactPerson());
|
||||
billing.setAddressLine1(order.getBillingAddressLine1());
|
||||
billing.setAddressLine2(order.getBillingAddressLine2());
|
||||
billing.setZip(order.getBillingZip());
|
||||
billing.setCity(order.getBillingCity());
|
||||
billing.setCountryCode(order.getBillingCountryCode());
|
||||
dto.setBillingAddress(billing);
|
||||
|
||||
if (!Boolean.TRUE.equals(order.getShippingSameAsBilling())) {
|
||||
AddressDto shipping = new AddressDto();
|
||||
shipping.setFirstName(order.getShippingFirstName());
|
||||
shipping.setLastName(order.getShippingLastName());
|
||||
shipping.setCompanyName(order.getShippingCompanyName());
|
||||
shipping.setContactPerson(order.getShippingContactPerson());
|
||||
shipping.setAddressLine1(order.getShippingAddressLine1());
|
||||
shipping.setAddressLine2(order.getShippingAddressLine2());
|
||||
shipping.setZip(order.getShippingZip());
|
||||
shipping.setCity(order.getShippingCity());
|
||||
shipping.setCountryCode(order.getShippingCountryCode());
|
||||
dto.setShippingAddress(shipping);
|
||||
}
|
||||
}
|
||||
|
||||
List<OrderItemDto> itemDtos = items.stream().map(item -> {
|
||||
OrderItemDto itemDto = new OrderItemDto();
|
||||
itemDto.setId(item.getId());
|
||||
itemDto.setOriginalFilename(item.getOriginalFilename());
|
||||
itemDto.setMaterialCode(item.getMaterialCode());
|
||||
itemDto.setColorCode(item.getColorCode());
|
||||
itemDto.setQuality(item.getQuality());
|
||||
itemDto.setNozzleDiameterMm(item.getNozzleDiameterMm());
|
||||
itemDto.setLayerHeightMm(item.getLayerHeightMm());
|
||||
itemDto.setInfillPercent(item.getInfillPercent());
|
||||
itemDto.setInfillPattern(item.getInfillPattern());
|
||||
itemDto.setSupportsEnabled(item.getSupportsEnabled());
|
||||
itemDto.setQuantity(item.getQuantity());
|
||||
itemDto.setPrintTimeSeconds(item.getPrintTimeSeconds());
|
||||
itemDto.setMaterialGrams(item.getMaterialGrams());
|
||||
itemDto.setUnitPriceChf(item.getUnitPriceChf());
|
||||
itemDto.setLineTotalChf(item.getLineTotalChf());
|
||||
return itemDto;
|
||||
}).collect(Collectors.toList());
|
||||
dto.setItems(itemDtos);
|
||||
|
||||
return dto;
|
||||
}
|
||||
|
||||
private boolean shouldRedactPersonalData(String status) {
|
||||
if (status == null || status.isBlank()) {
|
||||
return false;
|
||||
}
|
||||
return PERSONAL_DATA_REDACTED_STATUSES.contains(status.trim().toUpperCase(Locale.ROOT));
|
||||
}
|
||||
|
||||
private String getDisplayOrderNumber(Order order) {
|
||||
String orderNumber = order.getOrderNumber();
|
||||
if (orderNumber != null && !orderNumber.isBlank()) {
|
||||
return orderNumber;
|
||||
}
|
||||
return order.getId() != null ? order.getId().toString() : "unknown";
|
||||
}
|
||||
}
|
||||
@@ -2,14 +2,12 @@ package com.printcalculator.controller;
|
||||
|
||||
import com.printcalculator.dto.OrderDto;
|
||||
import com.printcalculator.entity.Order;
|
||||
import com.printcalculator.repository.CustomerRepository;
|
||||
import com.printcalculator.repository.OrderItemRepository;
|
||||
import com.printcalculator.repository.OrderRepository;
|
||||
import com.printcalculator.repository.PaymentRepository;
|
||||
import com.printcalculator.repository.QuoteLineItemRepository;
|
||||
import com.printcalculator.repository.QuoteSessionRepository;
|
||||
import com.printcalculator.service.payment.InvoicePdfRenderingService;
|
||||
import com.printcalculator.service.OrderService;
|
||||
import com.printcalculator.service.order.OrderControllerService;
|
||||
import com.printcalculator.service.payment.PaymentService;
|
||||
import com.printcalculator.service.payment.QrBillService;
|
||||
import com.printcalculator.service.storage.StorageService;
|
||||
@@ -41,12 +39,6 @@ class OrderControllerPrivacyTest {
|
||||
@Mock
|
||||
private OrderItemRepository orderItemRepo;
|
||||
@Mock
|
||||
private QuoteSessionRepository quoteSessionRepo;
|
||||
@Mock
|
||||
private QuoteLineItemRepository quoteLineItemRepo;
|
||||
@Mock
|
||||
private CustomerRepository customerRepo;
|
||||
@Mock
|
||||
private StorageService storageService;
|
||||
@Mock
|
||||
private InvoicePdfRenderingService invoiceService;
|
||||
@@ -63,13 +55,10 @@ class OrderControllerPrivacyTest {
|
||||
|
||||
@BeforeEach
|
||||
void setUp() {
|
||||
controller = new OrderController(
|
||||
OrderControllerService orderControllerService = new OrderControllerService(
|
||||
orderService,
|
||||
orderRepo,
|
||||
orderItemRepo,
|
||||
quoteSessionRepo,
|
||||
quoteLineItemRepo,
|
||||
customerRepo,
|
||||
storageService,
|
||||
invoiceService,
|
||||
qrBillService,
|
||||
@@ -77,6 +66,7 @@ class OrderControllerPrivacyTest {
|
||||
paymentService,
|
||||
paymentRepo
|
||||
);
|
||||
controller = new OrderController(orderControllerService);
|
||||
}
|
||||
|
||||
@Test
|
||||
|
||||
@@ -6,6 +6,8 @@ import com.printcalculator.entity.Order;
|
||||
import com.printcalculator.repository.OrderItemRepository;
|
||||
import com.printcalculator.repository.OrderRepository;
|
||||
import com.printcalculator.repository.PaymentRepository;
|
||||
import com.printcalculator.repository.QuoteLineItemRepository;
|
||||
import com.printcalculator.service.order.AdminOrderControllerService;
|
||||
import com.printcalculator.service.payment.InvoicePdfRenderingService;
|
||||
import com.printcalculator.service.payment.PaymentService;
|
||||
import com.printcalculator.service.payment.QrBillService;
|
||||
@@ -41,6 +43,8 @@ class AdminOrderControllerStatusValidationTest {
|
||||
@Mock
|
||||
private PaymentRepository paymentRepository;
|
||||
@Mock
|
||||
private QuoteLineItemRepository quoteLineItemRepository;
|
||||
@Mock
|
||||
private PaymentService paymentService;
|
||||
@Mock
|
||||
private StorageService storageService;
|
||||
@@ -55,16 +59,18 @@ class AdminOrderControllerStatusValidationTest {
|
||||
|
||||
@BeforeEach
|
||||
void setUp() {
|
||||
controller = new AdminOrderController(
|
||||
AdminOrderControllerService adminOrderControllerService = new AdminOrderControllerService(
|
||||
orderRepository,
|
||||
orderItemRepository,
|
||||
paymentRepository,
|
||||
quoteLineItemRepository,
|
||||
paymentService,
|
||||
storageService,
|
||||
invoicePdfRenderingService,
|
||||
qrBillService,
|
||||
eventPublisher
|
||||
);
|
||||
controller = new AdminOrderController(adminOrderControllerService);
|
||||
}
|
||||
|
||||
@Test
|
||||
|
||||
Reference in New Issue
Block a user