feat(form-builder): integrate PublishGuard framework into FormSchemaService::publish() (WS-6)

assertPublishGuardsSatisfied() runs additively after the existing assertRequiredBindingsPresent() check. Failures are collected (not first-fail) so PublishGuardViolationException carries the full list to the builder UI in one 422 response. PurposeRequirementsNotMetException remains for missing bindings; PublishGuardViolationException covers semantic constraints (is_identity_key flag, no-ambiguous-trust, append-collection-only, section-aware schemas, conditional triggers). Two pre-existing tests updated their fixtures to satisfy the new guards (PublishChecksRelationalBindingsTest + PurposeSchemaLifecycleTest): EMAIL field type + is_identity_key on person.email + unique trust levels are now required for event_registration to publish. Refs: RFC-WS-6.md §3 (Q13) Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
2026-04-25 23:07:12 +02:00
parent e3c9211e3f
commit 7a747382a0
5 changed files with 288 additions and 15 deletions
--- a/api/tests/Feature/FormBuilder/Purposes/PurposeSchemaLifecycleTest.php
+++ b/api/tests/Feature/FormBuilder/Purposes/PurposeSchemaLifecycleTest.php
@@ -135,26 +135,42 @@ final class PurposeSchemaLifecycleTest extends TestCase
    {
        match ($purpose) {
            FormPurpose::EVENT_REGISTRATION => [
-                $this->addBindingField($schema, 'person', 'email', 'email'),
-                $this->addBindingField($schema, 'person', 'first_name', 'first_name'),
-                $this->addBindingField($schema, 'person', 'last_name', 'last_name'),
+                // WS-6 publish guards require: identity_key flag on email,
+                // EMAIL field type present, unique trust levels per target.
+                $this->addBindingField($schema, 'person', 'email', 'email', FormFieldType::EMAIL, isIdentityKey: true, trustLevel: 80),
+                $this->addBindingField($schema, 'person', 'first_name', 'first_name', trustLevel: 70),
+                $this->addBindingField($schema, 'person', 'last_name', 'last_name', trustLevel: 60),
            ],
            FormPurpose::SUPPLIER_INTAKE => [
-                $this->addBindingField($schema, 'company', 'name', 'company_name'),
+                $this->addBindingField($schema, 'company', 'name', 'company_name', isIdentityKey: true, trustLevel: 80),
            ],
            default => null,
        };
    }

-    private function addBindingField(FormSchema $schema, string $entity, string $column, string $slug): FormField
-    {
-        return FormField::factory()
-            ->withEntityBinding($entity, $column)
+    private function addBindingField(
+        FormSchema $schema,
+        string $entity,
+        string $column,
+        string $slug,
+        FormFieldType $fieldType = FormFieldType::TEXT,
+        bool $isIdentityKey = false,
+        int $trustLevel = 50,
+    ): FormField {
+        $field = FormField::factory()->create([
+            'form_schema_id' => $schema->id,
+            'field_type' => $fieldType->value,
+            'slug' => $slug,
+            'label' => ucfirst($slug),
+        ]);
+        \App\Models\FormBuilder\FormFieldBinding::factory()
+            ->forField($field)
+            ->entityOwned($entity, $column)
            ->create([
-                'form_schema_id' => $schema->id,
-                'field_type' => FormFieldType::TEXT,
-                'slug' => $slug,
-                'label' => ucfirst($slug),
+                'is_identity_key' => $isIdentityKey,
+                'trust_level' => $trustLevel,
            ]);
+
+        return $field;
    }
 }