feat(form-builder): integrate PublishGuard framework into FormSchemaService::publish() (WS-6)

assertPublishGuardsSatisfied() runs additively after the existing assertRequiredBindingsPresent() check. Failures are collected (not first-fail) so PublishGuardViolationException carries the full list to the builder UI in one 422 response. PurposeRequirementsNotMetException remains for missing bindings; PublishGuardViolationException covers semantic constraints (is_identity_key flag, no-ambiguous-trust, append-collection-only, section-aware schemas, conditional triggers). Two pre-existing tests updated their fixtures to satisfy the new guards (PublishChecksRelationalBindingsTest + PurposeSchemaLifecycleTest): EMAIL field type + is_identity_key on person.email + unique trust levels are now required for event_registration to publish. Refs: RFC-WS-6.md §3 (Q13) Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
2026-04-25 23:07:12 +02:00
parent e3c9211e3f
commit 7a747382a0
5 changed files with 288 additions and 15 deletions
--- a/api/app/Exceptions/FormBuilder/PublishGuardViolationException.php
+++ b/api/app/Exceptions/FormBuilder/PublishGuardViolationException.php
@@ -0,0 +1,50 @@
+<?php
+
+declare(strict_types=1);
+
+namespace App\Exceptions\FormBuilder;
+
+use App\FormBuilder\Publishing\PublishGuardResult;
+use Illuminate\Http\JsonResponse;
+use Illuminate\Http\Request;
+use RuntimeException;
+
+/**
+ * RFC-WS-6 §3 (Q13) — schema publish blocked because one or more
+ * PublishGuards failed. Distinct from PurposeRequirementsNotMetException
+ * (binding existence). Both can fire on `publish()`; both produce 422,
+ * but they describe different failure classes.
+ */
+final class PublishGuardViolationException extends RuntimeException
+{
+    /**
+     * @param  list<PublishGuardResult>  $violations
+     */
+    public function __construct(
+        public readonly string $purposeSlug,
+        public readonly array $violations,
+    ) {
+        $codes = array_map(static fn (PublishGuardResult $v): string => $v->guardCode, $violations);
+        parent::__construct(
+            "Schema publish blocked for purpose '{$purposeSlug}': " . implode(', ', $codes),
+        );
+    }
+
+    public function render(Request $request): JsonResponse
+    {
+        return response()->json([
+            'error' => 'publish_blocked',
+            'message' => 'Schema kan niet gepubliceerd worden — er zijn problemen.',
+            'purpose_slug' => $this->purposeSlug,
+            'violations' => array_map(
+                static fn (PublishGuardResult $v): array => [
+                    'code' => $v->guardCode,
+                    'message_key' => $v->messageKey,
+                    'form_field_id' => $v->offendingFormFieldId,
+                    'context' => $v->context,
+                ],
+                $this->violations,
+            ),
+        ], 422);
+    }
+}
--- a/api/app/Services/FormBuilder/FormSchemaService.php
+++ b/api/app/Services/FormBuilder/FormSchemaService.php
@@ -8,7 +8,9 @@ use App\Enums\FormBuilder\FormPurpose;
 use App\Enums\FormBuilder\FormSubmissionStatus;
 use App\Exceptions\FormBuilder\DestructiveConfirmationRequiredException;
 use App\Exceptions\FormBuilder\EditLockConflictException;
+use App\Exceptions\FormBuilder\PublishGuardViolationException;
 use App\Exceptions\FormBuilder\PurposeRequirementsNotMetException;
+use App\FormBuilder\Publishing\PublishGuardResult;
 use App\FormBuilder\Purposes\PurposeRegistry;
 use App\Models\FormBuilder\FormField;
 use App\Models\FormBuilder\FormFieldBinding;
@@ -120,6 +122,7 @@ final class FormSchemaService
    public function publish(FormSchema $schema, User $actor): FormSchema
    {
        $this->assertRequiredBindingsPresent($schema);
+        $this->assertPublishGuardsSatisfied($schema);

        $schema->is_published = true;
        $schema->last_updated_by_user_id = $actor->id;
@@ -129,6 +132,44 @@ final class FormSchemaService
        return $schema->refresh();
    }

+    /**
+     * RFC-WS-6 §3 (Q13) — runs after assertRequiredBindingsPresent().
+     * Collects every guard violation (not first-fail) so the builder UI
+     * can surface all problems in one 422 response.
+     */
+    private function assertPublishGuardsSatisfied(FormSchema $schema): void
+    {
+        $purposeValue = $schema->purpose->value;
+
+        if (! $this->purposeRegistry->has($purposeValue)) {
+            return;
+        }
+
+        // Eager-load relations needed by guards (avoid N+1).
+        $schema->loadMissing(['fields.bindings', 'fields.configs', 'sections']);
+
+        $provider = $this->purposeRegistry->guardProviderFor($purposeValue);
+
+        $violations = [];
+        foreach ($provider->publishGuards() as $guard) {
+            $result = $guard->evaluate($schema);
+            if (! $result->passed) {
+                $violations[] = $result;
+            }
+        }
+
+        if ($violations === []) {
+            return;
+        }
+
+        usort(
+            $violations,
+            static fn (PublishGuardResult $a, PublishGuardResult $b): int => strcmp($a->guardCode, $b->guardCode),
+        );
+
+        throw new PublishGuardViolationException($purposeValue, $violations);
+    }
+
    /**
     * Verify that every `required_bindings` path declared by the schema's
     * purpose is bound by at least one field on the schema.