feat(form-builder): integrate PublishGuard framework into FormSchemaService::publish() (WS-6)

assertPublishGuardsSatisfied() runs additively after the existing assertRequiredBindingsPresent() check. Failures are collected (not first-fail) so PublishGuardViolationException carries the full list to the builder UI in one 422 response. PurposeRequirementsNotMetException remains for missing bindings; PublishGuardViolationException covers semantic constraints (is_identity_key flag, no-ambiguous-trust, append-collection-only, section-aware schemas, conditional triggers). Two pre-existing tests updated their fixtures to satisfy the new guards (PublishChecksRelationalBindingsTest + PurposeSchemaLifecycleTest): EMAIL field type + is_identity_key on person.email + unique trust levels are now required for event_registration to publish. Refs: RFC-WS-6.md §3 (Q13) Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
2026-04-25 23:07:12 +02:00
parent e3c9211e3f
commit 7a747382a0
5 changed files with 288 additions and 15 deletions
--- a/api/app/Exceptions/FormBuilder/PublishGuardViolationException.php
+++ b/api/app/Exceptions/FormBuilder/PublishGuardViolationException.php
@@ -0,0 +1,50 @@
+<?php
+
+declare(strict_types=1);
+
+namespace App\Exceptions\FormBuilder;
+
+use App\FormBuilder\Publishing\PublishGuardResult;
+use Illuminate\Http\JsonResponse;
+use Illuminate\Http\Request;
+use RuntimeException;
+
+/**
+ * RFC-WS-6 §3 (Q13) — schema publish blocked because one or more
+ * PublishGuards failed. Distinct from PurposeRequirementsNotMetException
+ * (binding existence). Both can fire on `publish()`; both produce 422,
+ * but they describe different failure classes.
+ */
+final class PublishGuardViolationException extends RuntimeException
+{
+    /**
+     * @param  list<PublishGuardResult>  $violations
+     */
+    public function __construct(
+        public readonly string $purposeSlug,
+        public readonly array $violations,
+    ) {
+        $codes = array_map(static fn (PublishGuardResult $v): string => $v->guardCode, $violations);
+        parent::__construct(
+            "Schema publish blocked for purpose '{$purposeSlug}': " . implode(', ', $codes),
+        );
+    }
+
+    public function render(Request $request): JsonResponse
+    {
+        return response()->json([
+            'error' => 'publish_blocked',
+            'message' => 'Schema kan niet gepubliceerd worden — er zijn problemen.',
+            'purpose_slug' => $this->purposeSlug,
+            'violations' => array_map(
+                static fn (PublishGuardResult $v): array => [
+                    'code' => $v->guardCode,
+                    'message_key' => $v->messageKey,
+                    'form_field_id' => $v->offendingFormFieldId,
+                    'context' => $v->context,
+                ],
+                $this->violations,
+            ),
+        ], 422);
+    }
+}