Introduce per-tenant override for helpdesk BC connection config. New table helpdesk_tenant_settings stores tenant-specific credentials with encrypted secrets (AES-256-GCM). EffectiveHelpdeskSettingsService resolves global vs tenant config per request. Settings UI extended with tenant override tab, toggle, and dual editing mode. All runtime consumers (OData, SOAP, OAuth) read through the new resolver. Token cache flushed on any config change. Default behavior unchanged — tenants use global config until override explicitly enabled. Also includes risk radar UI refinements: Stripe-style card redesign with accent borders and score pills, removal of redundant KPI tiles and search, and filtering of zero-score entries. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
72 lines
2.3 KiB
PHP
72 lines
2.3 KiB
PHP
<?php
|
|
|
|
namespace MintyPHP\Module\Helpdesk\Service;
|
|
|
|
/**
|
|
* Immutable value object holding the fully resolved helpdesk BC connection config.
|
|
*
|
|
* Created by EffectiveHelpdeskSettingsService — consumers read this instead
|
|
* of reaching into global or tenant settings directly.
|
|
*/
|
|
final class EffectiveHelpdeskSettings
|
|
{
|
|
/**
|
|
* @param 'global'|'tenant' $source
|
|
*/
|
|
public function __construct(
|
|
public readonly string $source,
|
|
public readonly string $authMode,
|
|
public readonly string $odataBaseUrl,
|
|
public readonly string $companyName,
|
|
public readonly ?string $basicUser,
|
|
public readonly ?string $basicPassword,
|
|
public readonly ?string $oauthTenantId,
|
|
public readonly ?string $oauthClientId,
|
|
public readonly ?string $oauthClientSecret,
|
|
public readonly ?string $oauthTokenEndpoint,
|
|
public readonly ?string $systemRecommendationsConfigRaw,
|
|
public readonly ?string $controllingRiskConfigRaw,
|
|
) {
|
|
}
|
|
|
|
public function buildEntityUrl(string $entitySet): string
|
|
{
|
|
$company = rawurlencode($this->companyName);
|
|
|
|
return $this->odataBaseUrl . "/Company('" . $company . "')/" . $entitySet;
|
|
}
|
|
|
|
/**
|
|
* @return array<string> List of missing setting descriptions (empty = valid)
|
|
*/
|
|
public function validateConfiguration(): array
|
|
{
|
|
$missing = [];
|
|
|
|
if ($this->basicUser === null && $this->authMode === HelpdeskSettingsGateway::AUTH_MODE_BASIC) {
|
|
$missing[] = 'BC Basic Auth User';
|
|
}
|
|
if ($this->basicPassword === null && $this->authMode === HelpdeskSettingsGateway::AUTH_MODE_BASIC) {
|
|
$missing[] = 'BC Basic Auth Password';
|
|
}
|
|
if ($this->authMode === HelpdeskSettingsGateway::AUTH_MODE_OAUTH2) {
|
|
if ($this->oauthClientId === null) {
|
|
$missing[] = 'BC OAuth2 Client ID';
|
|
}
|
|
if ($this->oauthClientSecret === null) {
|
|
$missing[] = 'BC OAuth2 Client Secret';
|
|
}
|
|
if ($this->oauthTokenEndpoint === null) {
|
|
$missing[] = 'BC OAuth2 Token Endpoint';
|
|
}
|
|
}
|
|
|
|
return $missing;
|
|
}
|
|
|
|
public function isConfigured(): bool
|
|
{
|
|
return $this->validateConfiguration() === [];
|
|
}
|
|
}
|