refactor: fix 7 CRUD system inconsistencies for robustness and maintainability

- Add user-assignment dependency check to DepartmentService.deleteByUuid (409 when users assigned)
- Standardize POST detection to isMethod('POST') in 10 create/edit actions
- Align RoleService code uniqueness to warning pattern (matching departments)
- Normalize repository create() return types from mixed to int|false (3 repos + 3 interfaces)
- Add JSON response branches to 4 non-user delete actions
- Document delete authorization ordering pattern
- Decompose AdminSettingsService.updateFromAdmin into domain-scoped private methods

Workflow: .agents/runs/CRUD-CONSISTENCY-001/
Reviewed by: Code Reviewer (pass), Security Reviewer (pass), Acceptance Tester (pass)
Quality gates: QG-001 PHPUnit pass, QG-002 PHPStan pass, QG-003 Architecture pass

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
This commit is contained in:
2026-03-22 18:25:33 +01:00
parent 984d0430d3
commit c429ff43cd
29 changed files with 495 additions and 207 deletions

View File

@@ -235,14 +235,22 @@ class DepartmentService
return ['ok' => false, 'status' => 404, 'error' => 'not_found'];
}
$deleted = $this->departmentRepository->delete((int) $department['id']);
$departmentId = (int) $department['id'];
$userDeptRepo = $this->userServicesFactory->createUserDepartmentRepository();
$counts = $userDeptRepo->countUsersByDepartmentIds([$departmentId]);
$userCount = (int) ($counts[$departmentId] ?? 0);
if ($userCount > 0) {
return ['ok' => false, 'status' => 409, 'error' => 'department_has_users', 'user_count' => $userCount];
}
$deleted = $this->departmentRepository->delete($departmentId);
if (!$deleted) {
return ['ok' => false, 'status' => 500, 'error' => 'delete_failed'];
}
$this->systemAuditService->record('admin.departments.delete', 'success', [
'target_type' => 'department',
'target_id' => (int) $department['id'],
'target_id' => $departmentId,
'target_uuid' => (string) ($department['uuid'] ?? ''),
]);