feat: 返品申請機能を追加#6838
Open
ttokoro20240902 wants to merge 24 commits into
Open
Conversation
- RefundRequest / RefundRequestFile / Master\RefundRequestStatus エンティティを追加 - Product に返品可否フラグ refund_allowed (default true) を追加 - 各 Repository(検索・注文明細別件数の一括取得=N+1回避)を追加 - 新規インストール用 CSV(mtb_refund_request_status, dtb_mail_template id=10, dtb_csv refund_allowed) - 既存環境アップデート用 INSERT マイグレーション(冪等・down 実装) Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
- EccubeEvents に返品申請関連の定数を追加(フロント/管理/ステータス変更/メール) - RefundRequestEvent を追加(ステータス変更時に変更前後のステータスを保持) Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
- refund_request ステートマシン設定(NEW→PROCESSING→ACCEPTED/DECLINED/INFO_REQUESTED) - RefundRequestStateMachine(遷移可否判定・遷移実行・利用可能遷移の取得) - RefundRequestService(申請作成+エビデンスファイル保存+ステータス遷移) - MailService に管理者向け返品申請通知メール送信を追加 - エビデンスファイルは非公開の var/ 配下に保存(配信はコントローラ経由に限定) - eccube.yaml に保存先・通知メールテンプレートIDの設定を追加 Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
- Front/RefundRequestType: 数量・理由・エビデンスファイル(最大3件/15MB/MIME制限) - Admin/SearchRefundRequestType: 複合検索・ステータス・作成日・更新日 - Admin/RefundRequestEditType: 管理者メモ・ステータス遷移(利用可能な遷移のみ表示) - Master/RefundRequestStatusType: マスタセレクト Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
- Mypage/RefundRequestController: 申請入力/確認/完了/商品別履歴/ファイル配信(所有チェック付き) - Admin/Order/RefundRequestController: 一覧検索/詳細編集/ステータス変更API/ファイル配信 - テンプレート7ファイル(フロント4 + 管理2 + メール通知1) - history.twig: 発送済み注文に返品申請・履歴リンクを追加 - ナビ: 受注管理配下に「返品申請管理」メニュー追加 - 翻訳: messages/validators の ja/en に返品申請関連キーを追加 Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
FormViewの`_token`プロパティへのアクセスが不正だったため、 form要素のnovalidate属性でCSRFトークンを自動注入するように修正。 これにより管理画面返品申請一覧が正常に表示されるようになった。 Co-Authored-By: Claude Haiku 4.5 <noreply@anthropic.com>
- Admin/RefundRequestController::export(): 検索条件に基づくCSVエクスポート - 出力カラム: 申請ID/注文番号/会員名/商品名/ステータス/数量/理由/申請日時/更新日時 - 一覧テンプレートにCSVエクスポートボタン追加 - BOM付きUTF-8でExcel互換 Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
StateMachine・Service・Repository・FormType・Controller(フロント/管理)の 各レイヤの単体・機能テスト計91件を追加。MailServiceのMailHistory保存で 存在しないsetMailTemplate()呼び出しを修正。 Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
フロント(申請フォーム表示・入力→確認→完了・履歴表示・バリデーション)と 管理画面(一覧・検索・詳細・メモ保存・ステータス遷移・CSV表示)のE2Eテストを追加。 テスト用フィクスチャ(発送済み注文を持つ会員)とCIマトリクスも追加。 Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
|
Note Reviews pausedIt looks like this branch is under active development. To avoid overwhelming you with review comments due to an influx of new commits, CodeRabbit has automatically paused this review. You can configure this behavior by changing the Use the following commands to manage reviews:
Use the checkboxes below for quick actions:
📝 WalkthroughWalkthroughEC-CUBE に返品申請機能を全面的に新規実装した。マイページからの申請フォーム(入力→確認→完了)、申請履歴、管理画面での一覧・検索・編集・CSV エクスポート、Symfony Workflow ベースのステートマシン、エビデンスファイルの非公開ローカル保存、管理者向けメール通知、Doctrine マイグレーション、PHPUnit テスト、Playwright E2E テストを一括追加した。 Changes返品申請機能(Refund Request Feature)
Estimated code review effort🎯 5 (Critical) | ⏱️ ~120 minutes Possibly related PRs
Suggested reviewers
Poem
✨ Finishing Touches🧪 Generate unit tests (beta)
Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out. Comment |
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
![coderabbitai[bot]](https://avatars.githubusercontent.com/in/347564?s=60&v=4){kind=small}
There was a problem hiding this comment.
Actionable comments posted: 13
🧹 Nitpick comments (3)
tests/Eccube/Tests/Repository/RefundRequestRepositoryTest.php (1)
58-69: ⚡ Quick win検索テストが偽陽性になり得るため、期待ID/件数まで固定してください。
assertNotEmpty()だけだと、無関係データが返っても成功します。multi/status/create_dateそれぞれで「期待件数」と「期待ID(または全件が条件一致)」まで検証すると、クエリ退行を確実に検出できます。Also applies to: 71-101
🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the rest with a brief reason, keep changes minimal, and validate. In `@tests/Eccube/Tests/Repository/RefundRequestRepositoryTest.php` around lines 58 - 69, The test method testGetQueryBuilderBySearchDataMultiByOrderNo uses only assertNotEmpty() to verify search results, which can pass even when unrelated data is returned, creating a false positive. Replace the assertNotEmpty() assertion with more specific validations that check both the expected count of returned results and the expected IDs of those results (or verify all results match the search condition). This ensures the query correctly filters by the multi parameter and will catch regressions. Apply the same fix pattern to all similar search test methods in the test class that test multi, status, and create_date search criteria.tests/Eccube/Tests/Web/Admin/Order/RefundRequestControllerTest.php (1)
43-75: ⚡ Quick win検索系テストがHTTP 200のみで、検索条件の有効性を検証できていません。
testIndexWithSearch/testIndexWithStatusSearchは成功ステータスだけを見ているため、絞り込みが壊れても通過します。未使用の$crawlerを使って、結果内容まで検証してください。🔧 例: 検索結果の中身まで検証
- $this->assertTrue($this->client->getResponse()->isSuccessful()); + $this->assertTrue($this->client->getResponse()->isSuccessful()); + $content = (string) $this->client->getResponse()->getContent(); + $this->assertStringContainsString((string) $RefundRequest->getId(), $content);🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the rest with a brief reason, keep changes minimal, and validate. In `@tests/Eccube/Tests/Web/Admin/Order/RefundRequestControllerTest.php` around lines 43 - 75, Both testIndexWithSearch and testIndexWithStatusSearch methods only verify HTTP 200 response status but do not validate that the search filters actually work. Instead of leaving $crawler unused, use it to verify the contents of the search results. For testIndexWithSearch, use the crawler to assert that the result contains the RefundRequest with the matching ID. For testIndexWithStatusSearch, use the crawler to assert that only RefundRequests with the NEW status are present in the results. This ensures the search functionality is properly validated beyond just a successful response code.Source: Linters/SAST tools
src/Eccube/Controller/Mypage/RefundRequestController.php (1)
218-220: ⚡ Quick win
realpathの配下判定はディレクトリ境界付きで比較してください。
str_starts_with($realPath, $realTopDir)だけだと、prefix が同じ別ディレクトリを誤許可する余地があります。末尾セパレータを含めた厳密比較にしてください(同等ロジックの管理画面側も同時修正推奨)。修正例
- if ($realPath === false || $realTopDir === false || !str_starts_with($realPath, $realTopDir)) { + $baseDir = rtrim($realTopDir ?: '', DIRECTORY_SEPARATOR).DIRECTORY_SEPARATOR; + if ($realPath === false || $realTopDir === false || !str_starts_with($realPath, $baseDir)) { throw new NotFoundHttpException(); }🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the rest with a brief reason, keep changes minimal, and validate. In `@src/Eccube/Controller/Mypage/RefundRequestController.php` around lines 218 - 220, The realpath subdirectory validation using `str_starts_with($realPath, $realTopDir)` lacks proper directory boundary checking and could incorrectly allow paths from sibling or similarly-named directories. Modify the comparison to include the directory separator (typically a forward slash) to ensure strict boundary matching, for example by appending a separator to $realTopDir before the comparison or by checking that the character immediately following the prefix in $realPath is a directory separator. This same pattern should also be applied to equivalent path validation logic in the admin panel side to ensure consistency across the application.
🤖 Prompt for all review comments with AI agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.
Inline comments:
In `@app/DoctrineMigrations/Version20260615000000.php`:
- Around line 90-93: The down() method's DELETE statements are using only id as
a filter, which is too broad and could accidentally delete existing production
records during rollback if those IDs are already in use. Modify each of the
three DELETE statements (dtb_csv, dtb_mail_template, and
mtb_refund_request_status) to include additional WHERE conditions using
deployment-time identifiable keys such as file_name, entity_name, field_name, or
discriminator_type to narrow the deletion criteria and ensure only the newly
added migration data is removed.
In `@e2e/setup-fixtures.php`:
- Around line 217-237: The issue is that when the refund test customer already
exists, the order creation logic (from the $Delivery retrieval through the
shipping date foreach loop) is only executed in the if block and gets skipped in
the else branch. This means on subsequent test runs where the customer exists,
no shipped order is guaranteed to exist, causing test instability. Move the
order creation and delivery status setting logic outside of the if/else
conditional block so that it executes regardless of whether the customer is
newly created or already existed. Ensure that after the customer existence
check, the code always verifies and creates a delivered order for the refund
test customer if one doesn't already exist.
In `@e2e/tests/admin-refund-request.spec.ts`:
- Around line 37-50: The test uses conditional `if` statements that skip
verification when prerequisite data is not found, allowing the test to pass even
when required data is missing. Replace the conditional checks (the `if
(hasResults)` pattern and similar ones at the other affected sites) with
mandatory `expect` assertions that require the elements to exist before
proceeding. This ensures that if the data is missing, the test fails immediately
rather than silently skipping the validation. Update all affected locations:
lines 37-50 (the editBtn.isVisible check), lines 63-80, 104-120, 144-158,
171-173, and 186-195 in the same file to use expect assertions instead of
conditional branching for prerequisite data validation.
In `@src/Eccube/Controller/Admin/Order/RefundRequestController.php`:
- Around line 275-286: The CSV export in the RefundRequestController is
vulnerable to formula injection attacks. When customer names, product names, and
reasons are exported, if they start with formula characters (=, +, -, @), they
will be evaluated as formulas when opened in spreadsheet applications. Sanitize
the potentially dangerous fields (the customer name concatenation, product name
from getProductName(), and the reason from getReason()) by prepending a single
quote to any value that starts with these characters before they are added to
the row array that is passed to fputcsv(). This prevents the spreadsheet
application from interpreting them as formulas.
In `@src/Eccube/Controller/Mypage/RefundRequestController.php`:
- Around line 104-105: The UploadedFile objects obtained from
`$form->get('files')->getData()` in the refund request flow are not persisted
across the confirmation screen, causing the file array to be empty when
processing completes. Instead of directly passing the UploadedFile objects to
createRefundRequest, implement temporary file storage before the confirmation
screen by saving the uploaded files to a temporary location and generating a
token or identifier to track them. Pass this token/identifier through the
confirmation screen (via session, hidden form field, or similar mechanism), then
retrieve and use the temporarily stored files from this identifier in the
complete action instead of relying on form data that will have been lost.
In `@src/Eccube/Entity/RefundRequest.php`:
- Around line 222-224: The `removeRefundRequestFile()` method in the
RefundRequest entity only removes the RefundRequestFile from the collection but
does not clear the bidirectional relationship. To properly maintain
bidirectional relationship synchronization, after removing the element from the
RefundRequestFiles collection, you must also set the refundRequest property of
the removed RefundRequestFile object to null. This ensures Doctrine correctly
reflects the relationship removal and prevents data inconsistency.
In `@src/Eccube/Form/Type/Admin/RefundRequestEditType.php`:
- Around line 65-69: The `refund_request` option is defined as optional (with
null as the default value in setDefaults and null allowed in setAllowedTypes) in
the configureOptions method at lines 65-69, but the code at line 39 immediately
uses it as if it's always a RefundRequest object, which causes a runtime error
when the option is null or missing. Make the `refund_request` option mandatory
by removing the null default from the setDefaults call (remove the
'refund_request' => null line or set required to true) and remove 'null' from
the allowed types in setAllowedTypes so it only accepts RefundRequest::class,
ensuring the form contract matches the actual usage requirements.
In
`@src/Eccube/Resource/template/default/Mypage/refund_request_item_history.twig`:
- Around line 77-80: The image link in the refund request file display lacks an
accessible name because the img element has an empty alt attribute, making it a
nameless link for assistive technologies. Add meaningful alt text to the img
element inside the link that describes the attached file (such as the filename
or a descriptive label like "View attached file"), or add an aria-label
attribute to the a element to provide context. This will ensure assistive
technologies can properly identify and announce the purpose of the link to
users.
In `@src/Eccube/Service/MailService.php`:
- Around line 916-918: In the catch block for TransportExceptionInterface in the
MailService class around line 916-918, the current error log only includes the
RefundRequest ID but omits the actual exception message. Add the exception
message from the caught TransportExceptionInterface variable $e to the log
context by including $e->getMessage() in the array passed to log_error, so that
debugging information about the actual mail sending failure is preserved in the
logs.
In `@src/Eccube/Service/RefundRequestService.php`:
- Around line 60-63: The instanceof UploadedFile check in the foreach loop is
causing PHPStan failures because the parameter type hint already declares
$uploadedFiles as UploadedFile[], making every element guaranteed to be an
UploadedFile instance. Remove the redundant instanceof UploadedFile condition in
the foreach loop that iterates over $uploadedFiles and directly execute the
addRefundRequestFile call without the conditional wrapper. This will eliminate
the static analysis error by removing the unnecessary type check.
In `@tests/Eccube/Tests/Form/Type/Front/RefundRequestTypeTest.php`:
- Around line 37-125: The RefundRequestTypeTest class is missing test cases for
file attachment validation requirements. Add new test methods following the
existing pattern (testValidData, testInvalidQuantity*, etc.) to cover file
attachment scenarios: testValidFileSubmission (within limits),
testInvalidFilesExceedMaxCount (more than 3 files), testInvalidFileSizeExceeded
(file exceeding size limit), and testInvalidMimeType (invalid MIME types). Each
test should submit form data with file attachments and assert the validation
result using isValid(), ensuring the form properly enforces the specification
constraints for maximum 3 files, file size limits, and MIME type validation.
In `@tests/Eccube/Tests/Service/RefundRequestServiceTest.php`:
- Around line 63-83: The current test testCreateRefundRequestWithoutFiles only
covers the scenario where a RefundRequest is created with no files (passing an
empty array). Add a new test method that verifies the "with files" scenario by
creating a RefundRequest with at least one attached file and then asserting that
the RefundRequestFile objects are correctly created, properly associated to the
RefundRequest, and contain all necessary metadata. This ensures the
createRefundRequest method properly handles and persists file attachments.
In `@tests/Eccube/Tests/Web/Mypage/RefundRequestControllerTest.php`:
- Around line 245-291: The validation tests testValidationQuantityZero() and
testValidationReasonEmpty() only assert that the response is successful but do
not verify that validation actually failed. Add explicit assertions to each test
to confirm that validation errors are displayed or that the confirmation screen
is not reached, such as checking that the crawler still contains the input form
elements or does not contain confirmation screen content, ensuring that invalid
inputs (quantity of 0 and empty reason respectively) are properly rejected.
---
Nitpick comments:
In `@src/Eccube/Controller/Mypage/RefundRequestController.php`:
- Around line 218-220: The realpath subdirectory validation using
`str_starts_with($realPath, $realTopDir)` lacks proper directory boundary
checking and could incorrectly allow paths from sibling or similarly-named
directories. Modify the comparison to include the directory separator (typically
a forward slash) to ensure strict boundary matching, for example by appending a
separator to $realTopDir before the comparison or by checking that the character
immediately following the prefix in $realPath is a directory separator. This
same pattern should also be applied to equivalent path validation logic in the
admin panel side to ensure consistency across the application.
In `@tests/Eccube/Tests/Repository/RefundRequestRepositoryTest.php`:
- Around line 58-69: The test method
testGetQueryBuilderBySearchDataMultiByOrderNo uses only assertNotEmpty() to
verify search results, which can pass even when unrelated data is returned,
creating a false positive. Replace the assertNotEmpty() assertion with more
specific validations that check both the expected count of returned results and
the expected IDs of those results (or verify all results match the search
condition). This ensures the query correctly filters by the multi parameter and
will catch regressions. Apply the same fix pattern to all similar search test
methods in the test class that test multi, status, and create_date search
criteria.
In `@tests/Eccube/Tests/Web/Admin/Order/RefundRequestControllerTest.php`:
- Around line 43-75: Both testIndexWithSearch and testIndexWithStatusSearch
methods only verify HTTP 200 response status but do not validate that the search
filters actually work. Instead of leaving $crawler unused, use it to verify the
contents of the search results. For testIndexWithSearch, use the crawler to
assert that the result contains the RefundRequest with the matching ID. For
testIndexWithStatusSearch, use the crawler to assert that only RefundRequests
with the NEW status are present in the results. This ensures the search
functionality is properly validated beyond just a successful response code.
🪄 Autofix (Beta)
Fix all unresolved CodeRabbit comments on this PR:
- Push a commit to this branch (recommended)
- Create a new PR with the fixes
ℹ️ Review info
⚙️ Run configuration
Configuration used: Organization UI
Review profile: CHILL
Plan: Pro
Run ID: bdd39dc0-0128-4e9e-8d83-0f9f4ae8b496
⛔ Files ignored due to path filters (6)
src/Eccube/Resource/doctrine/import_csv/en/dtb_csv.csvis excluded by!**/*.csvsrc/Eccube/Resource/doctrine/import_csv/en/dtb_mail_template.csvis excluded by!**/*.csvsrc/Eccube/Resource/doctrine/import_csv/en/mtb_refund_request_status.csvis excluded by!**/*.csvsrc/Eccube/Resource/doctrine/import_csv/ja/dtb_csv.csvis excluded by!**/*.csvsrc/Eccube/Resource/doctrine/import_csv/ja/dtb_mail_template.csvis excluded by!**/*.csvsrc/Eccube/Resource/doctrine/import_csv/ja/mtb_refund_request_status.csvis excluded by!**/*.csv
📒 Files selected for processing (45)
.github/workflows/e2e-test.ymlapp/DoctrineMigrations/Version20260615000000.phpapp/config/eccube/packages/eccube.yamlapp/config/eccube/packages/eccube_nav.yamlapp/config/eccube/packages/refund_request_state_machine.phpe2e/setup-fixtures.phpe2e/tests/admin-refund-request.spec.tse2e/tests/front-refund-request.spec.tssrc/Eccube/Controller/Admin/Order/RefundRequestController.phpsrc/Eccube/Controller/Mypage/RefundRequestController.phpsrc/Eccube/Entity/Master/RefundRequestStatus.phpsrc/Eccube/Entity/Product.phpsrc/Eccube/Entity/RefundRequest.phpsrc/Eccube/Entity/RefundRequestFile.phpsrc/Eccube/Event/EccubeEvents.phpsrc/Eccube/Event/RefundRequestEvent.phpsrc/Eccube/Form/Type/Admin/RefundRequestEditType.phpsrc/Eccube/Form/Type/Admin/SearchRefundRequestType.phpsrc/Eccube/Form/Type/Front/RefundRequestType.phpsrc/Eccube/Form/Type/Master/RefundRequestStatusType.phpsrc/Eccube/Repository/Master/RefundRequestStatusRepository.phpsrc/Eccube/Repository/RefundRequestFileRepository.phpsrc/Eccube/Repository/RefundRequestRepository.phpsrc/Eccube/Resource/locale/messages.en.yamlsrc/Eccube/Resource/locale/messages.ja.yamlsrc/Eccube/Resource/locale/validators.en.yamlsrc/Eccube/Resource/locale/validators.ja.yamlsrc/Eccube/Resource/template/admin/Order/refund_request.twigsrc/Eccube/Resource/template/admin/Order/refund_request_edit.twigsrc/Eccube/Resource/template/default/Mail/refund_request_notify.twigsrc/Eccube/Resource/template/default/Mypage/history.twigsrc/Eccube/Resource/template/default/Mypage/refund_request.twigsrc/Eccube/Resource/template/default/Mypage/refund_request_complete.twigsrc/Eccube/Resource/template/default/Mypage/refund_request_confirm.twigsrc/Eccube/Resource/template/default/Mypage/refund_request_item_history.twigsrc/Eccube/Service/MailService.phpsrc/Eccube/Service/RefundRequestService.phpsrc/Eccube/Service/RefundRequestStateMachine.phptests/Eccube/Tests/Form/Type/Admin/SearchRefundRequestTypeTest.phptests/Eccube/Tests/Form/Type/Front/RefundRequestTypeTest.phptests/Eccube/Tests/Repository/RefundRequestRepositoryTest.phptests/Eccube/Tests/Service/RefundRequestServiceTest.phptests/Eccube/Tests/Service/RefundRequestStateMachineTest.phptests/Eccube/Tests/Web/Admin/Order/RefundRequestControllerTest.phptests/Eccube/Tests/Web/Mypage/RefundRequestControllerTest.php
There was a problem hiding this comment.
♻️ Duplicate comments (2)
tests/Eccube/Tests/Web/Mypage/RefundRequestControllerTest.php (2)
270-292:⚠️ Potential issue | 🟡 Minor | ⚡ Quick winバリデーション失敗を明示的に検証してください。
testValidationReasonEmpty()も同様に、理由が空の場合にバリデーションが実際に失敗することを明示的に検証してください。🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the rest with a brief reason, keep changes minimal, and validate. In `@tests/Eccube/Tests/Web/Mypage/RefundRequestControllerTest.php` around lines 270 - 292, The testValidationReasonEmpty() method needs to explicitly verify that validation actually fails when the reason field is empty. Instead of only checking that the response is successful, add assertions to verify that validation errors are present in the response or form. Check for the presence of validation error messages, form error constraints, or other validation failure indicators when submitting the refund request with an empty reason value to confirm the validation is working as expected.
246-268:⚠️ Potential issue | 🟡 Minor | ⚡ Quick winバリデーション失敗を明示的に検証してください。
testValidationQuantityZero()はisSuccessful()のみを確認していますが、バリデーションが実際に失敗したこと(入力画面に留まる、またはエラーメッセージが表示される)を検証していません。無効な入力で誤って確認画面に進んでも通過してしまいます。🔧 検証の追加例
$this->assertTrue($this->client->getResponse()->isSuccessful()); +$content = (string) $this->client->getResponse()->getContent(); +// 確認画面へ進まないことを確認 +$this->assertStringNotContainsString('返品申請内容確認', $content); +// または入力フォームが残っていることを確認 +$this->assertGreaterThan(0, $crawler->filter('`#refund_request_quantity`')->count());🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the rest with a brief reason, keep changes minimal, and validate. In `@tests/Eccube/Tests/Web/Mypage/RefundRequestControllerTest.php` around lines 246 - 268, The testValidationQuantityZero() method only verifies that the response is successful but does not explicitly check that validation actually failed for the quantity zero input. To fix this, add assertions that verify the validation failure is clearly evident, such as checking for validation error messages in the response content, verifying that the page remains on the input form rather than progressing to the confirmation screen, or confirming that specific error text related to the invalid quantity is present in the rendered page. This ensures the test actually validates that the zero quantity validation rule is enforced.
🧹 Nitpick comments (6)
tests/Eccube/Tests/Form/Type/Front/RefundRequestTypeTest.php (4)
152-175: ⚡ Quick winフォーム再生成の一貫性を保ってください。
testInvalidFilesExceedMaxCount()でも同様にフォームを再構築しています。既存テストとの一貫性のため$this->formの再利用を検討してください。🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the rest with a brief reason, keep changes minimal, and validate. In `@tests/Eccube/Tests/Form/Type/Front/RefundRequestTypeTest.php` around lines 152 - 175, The testInvalidFilesExceedMaxCount method creates a form inline using $this->formFactory->createBuilder instead of reusing $this->form like other tests in the class. For consistency with existing tests, refactor the method to reuse the $this->form property instead of inline form creation. If necessary, configure the form with the required options (csrf_protection and max_quantity) before submission to maintain consistency with the test class pattern.
128-150: ⚡ Quick winフォーム再生成の一貫性を保ってください。
testValidWithFiles()では新たにフォームを構築していますが、既存テスト(38–116行目)ではsetUp()で用意した$this->formを再利用しています。一貫性のため、既存パターンに合わせて$this->form->submit(...)を使用することを推奨します。ただし、ファイルアップロードテストでフォーム状態の分離が必要な技術的理由がある場合は、コメントで明示してください。
🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the rest with a brief reason, keep changes minimal, and validate. In `@tests/Eccube/Tests/Form/Type/Front/RefundRequestTypeTest.php` around lines 128 - 150, The testValidWithFiles() method creates a new form instance rather than reusing the $this->form that is initialized in setUp() like other tests do (lines 38-116). For consistency with the existing test pattern, either refactor testValidWithFiles() to use $this->form->submit() instead of creating a new form builder, or if form state isolation is technically necessary for file upload testing, add a clear comment to the method explaining why the new form instance approach is required here.
128-198: ⚡ Quick win一時ファイルのクリーンアップを追加してください。
3つの新規テストメソッドで
tempnam()やfile_put_contents()で作成した一時ファイルが削除されていません。テスト終了後にunlink()でクリーンアップすることを推奨します。🔧 クリーンアップ例
public function testValidWithFiles(): void { $tmpFile = tempnam(sys_get_temp_dir(), 'refund_type_').'.gif'; file_put_contents($tmpFile, "GIF89a..."); + try { $form = $this->formFactory->createBuilder(...)->getForm(); $form->submit([...]); $this->assertTrue($form->isValid()); + } finally { + if (file_exists($tmpFile)) { + unlink($tmpFile); + } + } }🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the rest with a brief reason, keep changes minimal, and validate. In `@tests/Eccube/Tests/Form/Type/Front/RefundRequestTypeTest.php` around lines 128 - 198, Add cleanup code to remove temporary files created during test execution in the three test methods: testValidWithFiles(), testInvalidFilesExceedMaxCount(), and testInvalidFileDisallowedMimeType(). In testValidWithFiles() and testInvalidFileDisallowedMimeType(), add unlink($tmpFile) at the end of each method to delete the temporary file created with tempnam(). In testInvalidFilesExceedMaxCount(), add cleanup logic at the end to iterate through the temporary files created in the loop and delete each one using unlink() to ensure all temporary files are properly removed after each test completes.
177-198: ⚡ Quick winフォーム再生成の一貫性を保ってください。
testInvalidFileDisallowedMimeType()でも同様です。既存テストパターンに合わせることで、コードの可読性と保守性が向上します。🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the rest with a brief reason, keep changes minimal, and validate. In `@tests/Eccube/Tests/Form/Type/Front/RefundRequestTypeTest.php` around lines 177 - 198, The testInvalidFileDisallowedMimeType() method should follow the same form creation and submission pattern used by other similar test methods in this file. Review the existing test methods (likely other testInvalid* methods) to identify the established pattern for form setup and submission, then refactor testInvalidFileDisallowedMimeType() to match that same structure and approach for consistency and maintainability.tests/Eccube/Tests/Web/Admin/Order/RefundRequestControllerTest.php (1)
347-368: ⚡ Quick winテストヘルパーメソッドが重複しています。
createTestFile()メソッドが Admin と Mypage の両コントローラテストで同一実装として重複しています。共通の trait または基底クラスに抽出することで、保守性が向上します。
tests/Eccube/Tests/Web/Admin/Order/RefundRequestControllerTest.php#L347-L368: このメソッドを共通 trait(例:RefundRequestTestHelperTrait)に抽出する。tests/Eccube/Tests/Web/Mypage/RefundRequestControllerTest.php#L402-L423: 同じく共通 trait を use して重複を削除する。🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the rest with a brief reason, keep changes minimal, and validate. In `@tests/Eccube/Tests/Web/Admin/Order/RefundRequestControllerTest.php` around lines 347 - 368, The `createTestFile()` method is duplicated across two test classes: RefundRequestControllerTest in the Admin/Order directory (lines 347-368) and RefundRequestControllerTest in the Mypage directory (lines 402-423). Create a new trait called RefundRequestTestHelperTrait that contains the shared `createTestFile()` method implementation, then add a use statement for this trait in both test classes at tests/Eccube/Tests/Web/Admin/Order/RefundRequestControllerTest.php and tests/Eccube/Tests/Web/Mypage/RefundRequestControllerTest.php, and remove the duplicate method implementations from both classes.tests/Eccube/Tests/Service/RefundRequestServiceTest.php (1)
180-244: ⚡ Quick win一時ファイルのクリーンアップを追加してください。
testCreateRefundRequestWithFiles()およびtestCreateRefundRequestWithMultipleFiles()で作成した一時ファイルが削除されていません。テスト終了後に明示的にクリーンアップすることを推奨します。🔧 クリーンアップ例
public function testCreateRefundRequestWithFiles(): void { // ... setup code ... $tmpFile = tempnam(sys_get_temp_dir(), 'refund_test_'); file_put_contents($tmpFile, str_repeat("\x00", 100)); $uploadedFile = new UploadedFile($tmpFile, 'test.jpg', 'image/jpeg', null, true); + try { $result = $this->refundRequestService->createRefundRequest($RefundRequest, [$uploadedFile]); // ... assertions ... + } finally { + if (file_exists($tmpFile)) { + unlink($tmpFile); + } + } }🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the rest with a brief reason, keep changes minimal, and validate. In `@tests/Eccube/Tests/Service/RefundRequestServiceTest.php` around lines 180 - 244, The temporary files created using tempnam() in the testCreateRefundRequestWithFiles() method are not being deleted after the test completes. Add a cleanup section after the assertions to explicitly delete the $tmpFile using unlink(). Similarly, in the testCreateRefundRequestWithMultipleFiles() method, add cleanup code after the assertions that iterates through the $files array and deletes each temporary file. This ensures no temporary files are left behind in the system after tests complete.
🤖 Prompt for all review comments with AI agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.
Duplicate comments:
In `@tests/Eccube/Tests/Web/Mypage/RefundRequestControllerTest.php`:
- Around line 270-292: The testValidationReasonEmpty() method needs to
explicitly verify that validation actually fails when the reason field is empty.
Instead of only checking that the response is successful, add assertions to
verify that validation errors are present in the response or form. Check for the
presence of validation error messages, form error constraints, or other
validation failure indicators when submitting the refund request with an empty
reason value to confirm the validation is working as expected.
- Around line 246-268: The testValidationQuantityZero() method only verifies
that the response is successful but does not explicitly check that validation
actually failed for the quantity zero input. To fix this, add assertions that
verify the validation failure is clearly evident, such as checking for
validation error messages in the response content, verifying that the page
remains on the input form rather than progressing to the confirmation screen, or
confirming that specific error text related to the invalid quantity is present
in the rendered page. This ensures the test actually validates that the zero
quantity validation rule is enforced.
---
Nitpick comments:
In `@tests/Eccube/Tests/Form/Type/Front/RefundRequestTypeTest.php`:
- Around line 152-175: The testInvalidFilesExceedMaxCount method creates a form
inline using $this->formFactory->createBuilder instead of reusing $this->form
like other tests in the class. For consistency with existing tests, refactor the
method to reuse the $this->form property instead of inline form creation. If
necessary, configure the form with the required options (csrf_protection and
max_quantity) before submission to maintain consistency with the test class
pattern.
- Around line 128-150: The testValidWithFiles() method creates a new form
instance rather than reusing the $this->form that is initialized in setUp() like
other tests do (lines 38-116). For consistency with the existing test pattern,
either refactor testValidWithFiles() to use $this->form->submit() instead of
creating a new form builder, or if form state isolation is technically necessary
for file upload testing, add a clear comment to the method explaining why the
new form instance approach is required here.
- Around line 128-198: Add cleanup code to remove temporary files created during
test execution in the three test methods: testValidWithFiles(),
testInvalidFilesExceedMaxCount(), and testInvalidFileDisallowedMimeType(). In
testValidWithFiles() and testInvalidFileDisallowedMimeType(), add
unlink($tmpFile) at the end of each method to delete the temporary file created
with tempnam(). In testInvalidFilesExceedMaxCount(), add cleanup logic at the
end to iterate through the temporary files created in the loop and delete each
one using unlink() to ensure all temporary files are properly removed after each
test completes.
- Around line 177-198: The testInvalidFileDisallowedMimeType() method should
follow the same form creation and submission pattern used by other similar test
methods in this file. Review the existing test methods (likely other
testInvalid* methods) to identify the established pattern for form setup and
submission, then refactor testInvalidFileDisallowedMimeType() to match that same
structure and approach for consistency and maintainability.
In `@tests/Eccube/Tests/Service/RefundRequestServiceTest.php`:
- Around line 180-244: The temporary files created using tempnam() in the
testCreateRefundRequestWithFiles() method are not being deleted after the test
completes. Add a cleanup section after the assertions to explicitly delete the
$tmpFile using unlink(). Similarly, in the
testCreateRefundRequestWithMultipleFiles() method, add cleanup code after the
assertions that iterates through the $files array and deletes each temporary
file. This ensures no temporary files are left behind in the system after tests
complete.
In `@tests/Eccube/Tests/Web/Admin/Order/RefundRequestControllerTest.php`:
- Around line 347-368: The `createTestFile()` method is duplicated across two
test classes: RefundRequestControllerTest in the Admin/Order directory (lines
347-368) and RefundRequestControllerTest in the Mypage directory (lines
402-423). Create a new trait called RefundRequestTestHelperTrait that contains
the shared `createTestFile()` method implementation, then add a use statement
for this trait in both test classes at
tests/Eccube/Tests/Web/Admin/Order/RefundRequestControllerTest.php and
tests/Eccube/Tests/Web/Mypage/RefundRequestControllerTest.php, and remove the
duplicate method implementations from both classes.
ℹ️ Review info
⚙️ Run configuration
Configuration used: Organization UI
Review profile: CHILL
Plan: Pro
Run ID: 1a0ecaaf-4fdc-46a9-bb16-51824c083d89
📒 Files selected for processing (4)
tests/Eccube/Tests/Form/Type/Front/RefundRequestTypeTest.phptests/Eccube/Tests/Service/RefundRequestServiceTest.phptests/Eccube/Tests/Web/Admin/Order/RefundRequestControllerTest.phptests/Eccube/Tests/Web/Mypage/RefundRequestControllerTest.php
- PHPStan: 冗長なinstanceofチェックを削除(RefundRequestService) - Rector: 未使用catch変数の削除、#[\Override]属性の追加、 (string)キャスト追加、assertInstanceOf追加、 名前付き引数のDataProvider、EccubeConfig::class化 Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
- Rector: 2つ目のcatch未使用変数を修正 - CSV数式インジェクション対策(=+\-@始まりをサニタイズ) - マイグレーション down() の DELETE条件を安全化 - Entity双方向関連の削除同期を追加 - RefundRequestEditType の refund_request オプション必須化 - テンプレート画像リンクの alt/aria-label 追加 - MailService ログに例外メッセージを含める Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
確認画面のテンプレが `form_rest(form)` で全フィールドを再描画していたため、 <input type="file"> は HTML 仕様上 value を再送できず、複数ステップを跨いだ申請完了時に エビデンスファイルが 1 件も保存されない問題を修正。 合わせて確認画面に編集可能な input/textarea/file が並んでしまう UX 不具合も解消する。 Enterprise 版 (FilePond + S3) の「一時アップロード→セッション参照→確定時に永続領域へ移動」 パターンをローカル FS で再現: - Mypage/RefundRequestController: index (入力 POST) と confirm (確認 POST) を分離。 入力 POST でファイルを一時保存 → セッションに参照キー格納 → /confirm へリダイレクト。 confirm POST で CSRF 検証後、永続領域へ rename して RefundRequest を確定。 - RefundRequestService: saveTempFile/getTempFilePath/removeTempFile を追加。 createRefundRequest を (RefundRequest, list $tempFiles, string $sessionId) に変更。 - eccube.yaml: eccube_temp_refund_request_file_dir を追加。 - refund_request.twig / refund_request_confirm.twig: form_rest を撤去し編集欄を完全排除。 EC-CUBE 標準フォーム (Entry/index.twig 等) に倣い ec-mypageRole + ec-input/ec-halfInput で レイアウトを統一し、textarea/file input/数量入力が全幅で表示されるよう修正。 - downloadFile: Content-Type を DB の mime_type で明示、X-Content-Type-Options: nosniff を付与。 テスト: - PHPUnit: ファイル添付付き 2 段階フローで RefundRequestFile が永続化されることを assert (testConfirmPostWithFilePersistsFile, testCreateRefundRequestWithTempFiles)。 - E2E: 確認画面に編集欄が残らないこと/履歴に file リンクが出ること/セッション喪失時の挙動を追加。 - TraceableEventDispatcher 依存を EventDispatcherInterface に修正 (pre-existing バグ)。 Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
There was a problem hiding this comment.
Actionable comments posted: 1
♻️ Duplicate comments (1)
tests/Eccube/Tests/Web/Mypage/RefundRequestControllerTest.php (1)
371-415:⚠️ Potential issue | 🟠 Major | ⚡ Quick win無効入力テストが成功条件を十分に検証できていません。
Line 371 と Line 394 のテストは
isSuccessful()のみを見ており、無効値でも確認画面へ進んだ回帰を検知できません。入力画面に留まること(例: 確認見出しが出ない / 入力フォーム要素が残る)を明示的に検証してください。修正例
@@ public function testValidationQuantityZero(): void @@ - $this->assertTrue($this->client->getResponse()->isSuccessful()); + $this->assertTrue($this->client->getResponse()->isSuccessful()); + $content = (string) $this->client->getResponse()->getContent(); + $this->assertStringNotContainsString('返品申請内容確認', $content); + $this->assertGreaterThan(0, $this->client->getCrawler()->filter('`#refund_request_quantity`')->count()); @@ public function testValidationReasonEmpty(): void @@ - $this->assertTrue($this->client->getResponse()->isSuccessful()); + $this->assertTrue($this->client->getResponse()->isSuccessful()); + $content = (string) $this->client->getResponse()->getContent(); + $this->assertStringNotContainsString('返品申請内容確認', $content); + $this->assertGreaterThan(0, $this->client->getCrawler()->filter('`#refund_request_reason`')->count());🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the rest with a brief reason, keep changes minimal, and validate. In `@tests/Eccube/Tests/Web/Mypage/RefundRequestControllerTest.php` around lines 371 - 415, The testValidationQuantityZero() and testValidationReasonEmpty() test methods only verify that the response is successful but do not explicitly confirm that invalid input causes the form to remain on the input screen rather than proceeding to the confirmation page. Add explicit assertions in both methods to verify that the input screen is retained when validation fails, such as checking that the input form elements remain present or that confirmation screen elements (like a confirmation heading) are absent. This ensures that invalid values with quantity equal to zero and empty reason fields are properly rejected and do not allow progression to the confirmation screen.
🧹 Nitpick comments (1)
src/Eccube/Service/RefundRequestService.php (1)
127-142: ⚡ Quick win
rename()は異なるファイルシステム間で失敗します。Docker や分散ストレージ環境で一時ディレクトリと本保存ディレクトリが異なるマウントポイントにある場合、
rename()が失敗します。copy()+unlink()へのフォールバックを追加するとより堅牢になります。♻️ 修正案
$finalPath = $finalDir.'/'.$info['key']; - if (!`@rename`($tempPath, $finalPath)) { - throw new \RuntimeException(sprintf('Failed to move temp file: %s', $info['key'])); + if (!`@rename`($tempPath, $finalPath)) { + // rename fails across filesystems; fallback to copy + unlink + if (!`@copy`($tempPath, $finalPath) || !`@unlink`($tempPath)) { + throw new \RuntimeException(sprintf('Failed to move temp file: %s', $info['key'])); + } }🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the rest with a brief reason, keep changes minimal, and validate. In `@src/Eccube/Service/RefundRequestService.php` around lines 127 - 142, The rename() function fails when moving files between different filesystems (common in Docker or distributed storage environments). In the foreach loop in RefundRequestService.php where tempFiles are being moved, replace the simple rename() call with a more robust approach that attempts rename() first, then falls back to copy() followed by unlink() if rename() fails. This ensures the file move operation succeeds across filesystem boundaries. Update the error handling to throw an exception only if both the rename and the fallback copy+unlink operations fail.
🤖 Prompt for all review comments with AI agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.
Inline comments:
In `@src/Eccube/Controller/Mypage/RefundRequestController.php`:
- Around line 174-176: The return value of the isTokenValid() method is not
being checked in the POST request handler of RefundRequestController, which
bypasses CSRF token validation. Modify the code to check the boolean return
value of isTokenValid() and prevent further processing if the token is invalid.
If isTokenValid() returns false, the refund request processing should not
continue. Add a conditional check after calling isTokenValid() to verify it
returned true before proceeding with the refund application logic.
---
Duplicate comments:
In `@tests/Eccube/Tests/Web/Mypage/RefundRequestControllerTest.php`:
- Around line 371-415: The testValidationQuantityZero() and
testValidationReasonEmpty() test methods only verify that the response is
successful but do not explicitly confirm that invalid input causes the form to
remain on the input screen rather than proceeding to the confirmation page. Add
explicit assertions in both methods to verify that the input screen is retained
when validation fails, such as checking that the input form elements remain
present or that confirmation screen elements (like a confirmation heading) are
absent. This ensures that invalid values with quantity equal to zero and empty
reason fields are properly rejected and do not allow progression to the
confirmation screen.
---
Nitpick comments:
In `@src/Eccube/Service/RefundRequestService.php`:
- Around line 127-142: The rename() function fails when moving files between
different filesystems (common in Docker or distributed storage environments). In
the foreach loop in RefundRequestService.php where tempFiles are being moved,
replace the simple rename() call with a more robust approach that attempts
rename() first, then falls back to copy() followed by unlink() if rename()
fails. This ensures the file move operation succeeds across filesystem
boundaries. Update the error handling to throw an exception only if both the
rename and the fallback copy+unlink operations fail.
🪄 Autofix (Beta)
Fix all unresolved CodeRabbit comments on this PR:
- Push a commit to this branch (recommended)
- Create a new PR with the fixes
ℹ️ Review info
⚙️ Run configuration
Configuration used: Organization UI
Review profile: CHILL
Plan: Pro
Run ID: da791865-a2f8-4f9e-af24-a84241ba7df0
⛔ Files ignored due to path filters (1)
e2e/fixtures/evidence.pngis excluded by!**/*.png
📒 Files selected for processing (8)
app/config/eccube/packages/eccube.yamle2e/tests/front-refund-request.spec.tssrc/Eccube/Controller/Mypage/RefundRequestController.phpsrc/Eccube/Resource/template/default/Mypage/refund_request.twigsrc/Eccube/Resource/template/default/Mypage/refund_request_confirm.twigsrc/Eccube/Service/RefundRequestService.phptests/Eccube/Tests/Service/RefundRequestServiceTest.phptests/Eccube/Tests/Web/Mypage/RefundRequestControllerTest.php
🚧 Files skipped from review as they are similar to previous changes (1)
- src/Eccube/Resource/template/default/Mypage/refund_request.twig
完了画面・履歴画面が ec-orderRole > ec-orderRole__detail (注文表示用・左寄せ) を使っていたため左に寄って見栄えが悪かった。入力・確認画面と同じく ec-mypageRole 直下にコンテンツを配置し、ボタンは ec-RegisterRole__actions で 中央寄せにする。 Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
受注一覧 (admin/Order/index.twig) と同じ書式に揃え、 .card + text-center で中央寄せ表示にする。 Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
SearchRefundRequestType の status (EntityType + multiple: true) は未選択でも 空の ArrayCollection を返すため、Repository の `is_iterable && !empty` チェックを 通過してしまい、IN 句が "IN (NULL)" となって何にもマッチしなくなっていた。 count() による要素数チェックを追加して空コレクションを除外する。 回帰防止テスト testGetQueryBuilderBySearchDataEmptyStatusCollection を追加。 Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
受注一覧 (admin/Order/index.twig) と同じ件数切替セレクタを追加。 pager.twig に 'routes' を渡しておらず初期表示で 500 になっていた問題も修正。 - refund_request.twig: - CSV エクスポートボタン横に表示件数セレクタを追加 (10/20/30/.../100件) - pager include に 'routes': 'admin_refund_request_page' を追加 - PHPUnit: testIndexPageCountPersistsInSession / testIndexInitialShowsAllRefundRequests を追加 - E2E (admin-refund-request.spec.ts): 件数セレクタの選択と URL 反映を検証、 status IN (NULL) 回帰防止の初期表示テストを追加 Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
- 外側コンテナを c-outsideBlock--small → c-outsideBlock に変更し 画面いっぱい使えるよう左右余白を統一 - ページャを row.justify-content-md-center.pb-4.mb-4 でラップして中央寄せ - pager include に pagination.totalItemCount > 0 のガードを追加 admin/Order/index.twig と同じ構造に揃えた。 Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
受注一覧 (admin/Order/index.twig) は結果テーブル領域も c-outsideBlock__contents (padding 15px) で囲んでいるが、返品申請管理は カードを直接 c-outsideBlock に置いていたため左右に余白が無かった。 標準と同じ構造に揃える。 Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
c-conversionAreaをc-outsideBlock--smallの外に移動し、受注編集画面と同じレイアウト構造に統一。 Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
CodeRabbit: - 返品申請確認の POST で isTokenValid() の戻り値を確認するよう修正(CSRF 保護) - 入力バリデーションテストで確認画面遷移しないことを明示 - E2E setup-fixtures.php で既存会員でも発送済み注文と返品申請(NEW)を必ず保証 - E2E admin-refund-request.spec.ts の条件分岐スキップを expect で必須化 Rector: - RefundRequest::removeRefundRequestFile の setRefundRequest(null) を引数省略形に - RefundRequestService::saveTempFile の (string) キャストを除去 - RefundRequestRepositoryTest で ArrayCollection を use 文に整理 Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
mtb_refund_request_status.csv を追加していたが import_csv/{ja,en}/definition.yml
への登録漏れがあり、eccube:fixtures:load が "mtb_refund_request_status.csv is
undefined in definition.yml" で失敗していた。これにより dockerbuild の
新規インストールフロー全 PHP バージョンで起動失敗していた問題を修正。
Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
Codecov Report❌ Patch coverage is Additional details and impacted files@@ Coverage Diff @@
## 4.4 #6838 +/- ##
==========================================
- Coverage 74.82% 74.48% -0.34%
==========================================
Files 463 477 +14
Lines 24029 24804 +775
==========================================
+ Hits 17979 18476 +497
- Misses 6050 6328 +278
Flags with carried forward coverage won't be shown. Click here to find out more. ☔ View full report in Codecov by Harness. 🚀 New features to boost your workflow:
|
詳細画面には「申請内容」「操作」の2つの .card-body があり、 条件分岐スキップを expect に置き換えた結果アサーション本体が 常時実行されるようになって strict-mode violation が顕在化した。 申請内容カードに限定する .first() を入れて解消。 Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
- マイページ注文履歴の返品履歴ボタンを, 返品申請がある明細にのみ表示する(getRefundRequestCountsByCustomer を利用してN+1回避, 受入基準に準拠)。 - 管理のステータス更新で canApplyTransition による遷移ガードを追加し, 未定義・適用不可の遷移を確実に400で返す。 - 管理の添付ファイル配信に Content-Type / X-Content-Type-Options: nosniff / 末尾区切り付きパスガードを追加し, フロント配信と挙動を統一。 - アップロードのサイズ超過(15M)テストと, 履歴ボタン条件表示テストを追加。 Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
マイページから返品申請を行い、管理画面で承認・却下できる機能を追加します。
closes #6820
主な変更内容
データ層
RefundRequest/RefundRequestFileエンティティ、RefundRequestStatusマスタを追加RefundRequestRepositoryによる検索・ページネーションビジネスロジック
RefundRequestService— 申請作成・添付ファイル保存・メール送信RefundRequestStateMachine— Symfony Workflow によるステータス遷移(申請中→承認/却下/取消)RefundRequestEvent/EccubeEvents定数追加フロント(マイページ)
管理画面
フォーム
RefundRequestType(フロント用)/RefundRequestEditType(管理用)/SearchRefundRequestType(検索用)RefundRequestStatusType(マスタ選択)メール
テスト
Test plan
🤖 Generated with Claude Code
Summary by CodeRabbit
リリースノート