Respect Validations added to all fields

composer.json

@@ -20,6 +20,7 @@
     "require": {
         "clue/framework-x": "^0.17.0",
         "vlucas/phpdotenv": "^5.6",
-        "firebase/php-jwt": "^6.11"
+        "firebase/php-jwt": "^6.11",
+        "respect/validation": "^2.4"
     }
 }

composer.lock

@@ -4,7 +4,7 @@
         "Read more about it at https://getcomposer.org/doc/01-basic-usage.md#installing-dependencies",
         "This file is @generated automatically"
     ],
-    "content-hash": "290dc0f613a520d4fde731b332c80e13",
+    "content-hash": "c4f488cdc234020e7137afdb7ac742d8",
     "packages": [
         {
             "name": "clue/framework-x",
@@ -1100,6 +1100,128 @@
             ],
             "time": "2024-06-11T12:45:25+00:00"
         },
+        {
+            "name": "respect/stringifier",
+            "version": "0.2.0",
+            "source": {
+                "type": "git",
+                "url": "https://github.com/Respect/Stringifier.git",
+                "reference": "e55af3c8aeaeaa2abb5fa47a58a8e9688cc23b59"
+            },
+            "dist": {
+                "type": "zip",
+                "url": "https://api.github.com/repos/Respect/Stringifier/zipball/e55af3c8aeaeaa2abb5fa47a58a8e9688cc23b59",
+                "reference": "e55af3c8aeaeaa2abb5fa47a58a8e9688cc23b59",
+                "shasum": ""
+            },
+            "require": {
+                "php": ">=7.1"
+            },
+            "require-dev": {
+                "friendsofphp/php-cs-fixer": "^2.8",
+                "malukenho/docheader": "^0.1.7",
+                "phpunit/phpunit": "^6.4"
+            },
+            "type": "library",
+            "autoload": {
+                "files": [
+                    "src/stringify.php"
+                ],
+                "psr-4": {
+                    "Respect\\Stringifier\\": "src/"
+                }
+            },
+            "notification-url": "https://packagist.org/downloads/",
+            "license": [
+                "MIT"
+            ],
+            "authors": [
+                {
+                    "name": "Respect/Stringifier Contributors",
+                    "homepage": "https://github.com/Respect/Stringifier/graphs/contributors"
+                }
+            ],
+            "description": "Converts any value to a string",
+            "homepage": "http://respect.github.io/Stringifier/",
+            "keywords": [
+                "respect",
+                "stringifier",
+                "stringify"
+            ],
+            "support": {
+                "issues": "https://github.com/Respect/Stringifier/issues",
+                "source": "https://github.com/Respect/Stringifier/tree/0.2.0"
+            },
+            "time": "2017-12-29T19:39:25+00:00"
+        },
+        {
+            "name": "respect/validation",
+            "version": "2.4.4",
+            "source": {
+                "type": "git",
+                "url": "https://github.com/Respect/Validation.git",
+                "reference": "f13f10f19978aea33af2a102a2f58f2db1e63619"
+            },
+            "dist": {
+                "type": "zip",
+                "url": "https://api.github.com/repos/Respect/Validation/zipball/f13f10f19978aea33af2a102a2f58f2db1e63619",
+                "reference": "f13f10f19978aea33af2a102a2f58f2db1e63619",
+                "shasum": ""
+            },
+            "require": {
+                "php": ">=8.1",
+                "respect/stringifier": "^0.2.0",
+                "symfony/polyfill-mbstring": "^1.2"
+            },
+            "require-dev": {
+                "egulias/email-validator": "^3.0",
+                "giggsey/libphonenumber-for-php-lite": "^8.13 || ^9.0",
+                "malukenho/docheader": "^1.0",
+                "mikey179/vfsstream": "^1.6",
+                "phpstan/phpstan": "^1.9",
+                "phpstan/phpstan-deprecation-rules": "^1.1",
+                "phpstan/phpstan-phpunit": "^1.3",
+                "phpunit/phpunit": "^9.6",
+                "psr/http-message": "^1.0",
+                "respect/coding-standard": "^4.0",
+                "squizlabs/php_codesniffer": "^3.7"
+            },
+            "suggest": {
+                "egulias/email-validator": "Improves the Email rule if available",
+                "ext-bcmath": "Arbitrary Precision Mathematics",
+                "ext-fileinfo": "File Information",
+                "ext-mbstring": "Multibyte String Functions",
+                "giggsey/libphonenumber-for-php-lite": "Enables the phone rule if available"
+            },
+            "type": "library",
+            "autoload": {
+                "psr-4": {
+                    "Respect\\Validation\\": "library/"
+                }
+            },
+            "notification-url": "https://packagist.org/downloads/",
+            "license": [
+                "MIT"
+            ],
+            "authors": [
+                {
+                    "name": "Respect/Validation Contributors",
+                    "homepage": "https://github.com/Respect/Validation/graphs/contributors"
+                }
+            ],
+            "description": "The most awesome validation engine ever created for PHP",
+            "homepage": "http://respect.github.io/Validation/",
+            "keywords": [
+                "respect",
+                "validation",
+                "validator"
+            ],
+            "support": {
+                "issues": "https://github.com/Respect/Validation/issues",
+                "source": "https://github.com/Respect/Validation/tree/2.4.4"
+            },
+            "time": "2025-06-07T00:07:21+00:00"
+        },
         {
             "name": "symfony/polyfill-ctype",
             "version": "v1.32.0",
@@ -1428,10 +1550,10 @@
     "packages-dev": [],
     "aliases": [],
     "minimum-stability": "stable",
-    "stability-flags": {},
+    "stability-flags": [],
     "prefer-stable": false,
     "prefer-lowest": false,
-    "platform": {},
-    "platform-dev": {},
+    "platform": [],
+    "platform-dev": [],
     "plugin-api-version": "2.6.0"
 }

controllers/CategoryCreateController.php

@@ -5,6 +5,8 @@ namespace Controllers;
 use Libs\ResponseLib;
 use Models\CategoryModel;
 use Psr\Http\Message\ServerRequestInterface;
+use Respect\Validation\Validator as v;
+use Respect\Validation\Exceptions\ValidationException;
 
 class CategoryCreateController
 {
@@ -18,12 +20,24 @@ class CategoryCreateController
     public function __invoke(ServerRequestInterface $request)
     {
         $body = json_decode((string)$request->getBody(), true) ?? [];
-        $companyId = $body['company_id'] ?? null;
-        $created = $this->model->createCategory(
-                    $body['category_name'],
-                    $companyId,
-                    $body['category_is_kitchen'] ?? false
-                );
-        return $created ? ResponseLib::sendOk(['created' => true]) : ResponseLib::sendFail("Failed to Create Category", [], "E_VALIDATE")->withStatus(402);
+
+        try {
+            v::key('company_id', v::intType()->positive())
+             ->key('category_name', v::stringType()->notEmpty()->alnum(' '))
+             ->key('category_is_kitchen', v::optional(v::boolType()))
+             ->assert($body);
+        } catch (ValidationException $e) {
+            return ResponseLib::sendFail("Validation failed: " . $e->getFullMessage(), [], "E_VALIDATE")->withStatus(400);
+        }
+
+        $companyId = $body['company_id'];
+        $categoryName = $body['category_name'];
+        $categoryIsKitchen = $body['category_is_kitchen'] ?? false;
+
+        $created = $this->model->createCategory($categoryName, $companyId, $categoryIsKitchen);
+
+        return $created
+            ? ResponseLib::sendOk(['created' => true])
+            : ResponseLib::sendFail("Failed to Create Category", [], "E_VALIDATE")->withStatus(402);
     }
 }

controllers/CategoryDeleteController.php

@@ -5,6 +5,8 @@ namespace Controllers;
 use Libs\ResponseLib;
 use Models\CategoryModel;
 use Psr\Http\Message\ServerRequestInterface;
+use Respect\Validation\Validator as v;
+use Respect\Validation\Exceptions\ValidationException;
 
 class CategoryDeleteController
 {
@@ -18,9 +20,22 @@ class CategoryDeleteController
     public function __invoke(ServerRequestInterface $request)
     {
         $body = json_decode((string)$request->getBody(), true) ?? [];
-        $companyId = $body['company_id'] ?? null;
-        $deleted = $this->model->deleteByName($body['category_name'], $companyId);
-        return $deleted ? ResponseLib::sendOk(['deleted' => true]) : ResponseLib::sendFail("Failed to Delete Category", [], "E_VALIDATE")->withStatus(204);
 
+        try {
+            v::key('company_id', v::intType()->positive())
+             ->key('category_name', v::stringType()->notEmpty()->alnum(' '))
+             ->assert($body);
+        } catch (ValidationException $e) {
+            return ResponseLib::sendFail("Validation failed: " . $e->getFullMessage(), [], "E_VALIDATE")->withStatus(400);
+        }
+
+        $companyId = $body['company_id'];
+        $categoryName = $body['category_name'];
+
+        $deleted = $this->model->deleteByName($categoryName, $companyId);
+
+        return $deleted
+            ? ResponseLib::sendOk(['deleted' => true])
+            : ResponseLib::sendFail("Failed to Delete Category", [], "E_VALIDATE")->withStatus(204);
     }
 }

controllers/CategoryGetController.php

@@ -5,6 +5,8 @@ namespace Controllers;
 use Libs\ResponseLib;
 use Models\CategoryModel;
 use Psr\Http\Message\ServerRequestInterface;
+use Respect\Validation\Validator as v;
+use Respect\Validation\Exceptions\ValidationException;
 
 class CategoryGetController
 {
@@ -18,12 +20,21 @@ class CategoryGetController
     public function __invoke(ServerRequestInterface $request)
     {
         $body = json_decode((string)$request->getBody(), true) ?? [];
-        $companyId = $body['company_id'] ?? null;
+
+        try {
+            v::key('company_id', v::intType()->positive())
+             ->assert($body);
+        } catch (ValidationException $e) {
+            return ResponseLib::sendFail("Validation failed: " . $e->getFullMessage(), [], "E_VALIDATE")->withStatus(400);
+        }
+
+        $companyId = (int) $body['company_id'];
         $categories = $this->model->getCategories($companyId);
-        
+
         if ($categories) {
             return ResponseLib::sendOk($categories);
         }
+
         return ResponseLib::sendFail("Failed to retrieve categories", [], "E_DATABASE")->withStatus(500);
     }
 }

controllers/LoginController.php

@@ -6,19 +6,26 @@ use Firebase\JWT\JWT;
 use Libs\ResponseLib;
 use Models\UserModel;
 use Psr\Http\Message\ServerRequestInterface;
+use Respect\Validation\Validator as v;
+use Respect\Validation\Exceptions\ValidationException;
 
 class LoginController
 {
     public function __invoke(ServerRequestInterface $request)
     {
-        $body = json_decode((string) $request->getBody(), true);
-        $username = $body['username'] ?? '';
-        $password = $body['password'] ?? '';
-
-        if (empty($username) || empty($password)) {
-            return ResponseLib::sendFail("Missing username or password", [], "E_VALIDATE")->withStatus(401);
+        $body = json_decode((string) $request->getBody(), true) ?? [];
+
+        try {
+            v::key('username', v::alnum(' ')->notEmpty())
+             ->key('password', v::stringType()->notEmpty())
+             ->assert($body);
+        } catch (ValidationException $e) {
+            return ResponseLib::sendFail("Validation failed: " . $e->getFullMessage(), [], "E_VALIDATE")->withStatus(401);
         }
 
+        $username = $body['username'];
+        $password = $body['password'];
+
         $userModel = new UserModel();
         $user = $userModel->validateLogin($username, $password);
 
@@ -39,4 +46,4 @@ class LoginController
 
         return ResponseLib::sendOk(['token' => $jwt, 'user_id' => $user['user_id'], 'role_id' => $user['role_id']]);
     }
-}   
+}

controllers/ProductCreateController.php

@@ -5,6 +5,8 @@ namespace Controllers;
 use Libs\ResponseLib;
 use Models\ProductModel;
 use Psr\Http\Message\ServerRequestInterface;
+use Respect\Validation\Validator as v;
+use Respect\Validation\Exceptions\ValidationException;
 
 class ProductCreateController
 {
@@ -18,21 +20,31 @@ class ProductCreateController
     public function __invoke(ServerRequestInterface $request)
     {
         $body = json_decode((string)$request->getBody(), true) ?? [];
-        $companyId = $body['company_id'] ?? null;
-        $productName = $body['product_name'] ?? null;
-        $productPrice = $body['product_price'] ?? null;
-        $categoryId = $body['category_id'] ?? null;
 
-        if (!$companyId || !$productName || !$productPrice || !$categoryId) {
-            return ResponseLib::sendFail("Missing product_name, product_price, category_id or company_id", [], "E_VALIDATE")->withStatus(400);
+        try {
+            v::key('company_id', v::intType()->positive())
+             ->key('product_name', v::stringType()->notEmpty()->alnum(' '))
+             ->key('product_price', v::number()->positive())
+             ->key('category_id', v::intType()->positive())
+             ->assert($body);
+        } catch (ValidationException $e) {
+            return ResponseLib::sendFail("Validation failed: " . $e->getFullMessage(), [], "E_VALIDATE")->withStatus(400);
         }
 
+        $companyId = $body['company_id'];
+        $productName = $body['product_name'];
+        $productPrice = (float) $body['product_price'];
+        $categoryId = $body['category_id'];
+
         $created = $this->model->createProduct(
             $productName,
-            (float)$productPrice,
+            $productPrice,
             (int)$categoryId,
             (int)$companyId
         );
-        return $created ? ResponseLib::sendOk(['created' => true]) : ResponseLib::sendFail("Failed to Create Product", [], "E_DATABASE")->withStatus(402);
+
+        return $created
+            ? ResponseLib::sendOk(['created' => true])
+            : ResponseLib::sendFail("Failed to Create Product", [], "E_DATABASE")->withStatus(402);
     }
-}
+}

controllers/ProductDeleteController.php

@@ -5,6 +5,8 @@ namespace Controllers;
 use Libs\ResponseLib;
 use Models\ProductModel;
 use Psr\Http\Message\ServerRequestInterface;
+use Respect\Validation\Validator as v;
+use Respect\Validation\Exceptions\ValidationException;
 
 class ProductDeleteController
 {
@@ -18,17 +20,22 @@ class ProductDeleteController
     public function __invoke(ServerRequestInterface $request)
     {
         $body = json_decode((string)$request->getBody(), true) ?? [];
-        $companyId = $body['company_id'] ?? null;
-        $productName = $body['product_name'] ?? null; // Alterado para receber 'product_name'
 
-        if (!$companyId || !$productName) { // Validação para 'product_name'
-            return ResponseLib::sendFail("Missing company_id or product_name", [], "E_VALIDATE")->withStatus(400);
+        try {
+            v::key('company_id', v::intType()->positive())
+             ->key('product_name', v::stringType()->notEmpty()->alnum(' '))
+             ->assert($body);
+        } catch (ValidationException $e) {
+            return ResponseLib::sendFail("Validation failed: " . $e->getFullMessage(), [], "E_VALIDATE")->withStatus(400);
         }
 
-        $deleted = $this->model->deleteProductByName( // Chamada ao novo método no model
-            $productName,
-            (int)$companyId
-        );
-        return $deleted ? ResponseLib::sendOk(['deleted' => true]) : ResponseLib::sendFail("Failed to Delete Product or Product Not Found", [], "E_DATABASE")->withStatus(403);
+        $companyId = (int) $body['company_id'];
+        $productName = $body['product_name'];
+
+        $deleted = $this->model->deleteProductByName($productName, $companyId);
+
+        return $deleted
+            ? ResponseLib::sendOk(['deleted' => true])
+            : ResponseLib::sendFail("Failed to Delete Product or Product Not Found", [], "E_DATABASE")->withStatus(403);
     }
-}
+}

controllers/ProductGetController.php

@@ -5,6 +5,8 @@ namespace Controllers;
 use Libs\ResponseLib;
 use Models\ProductModel;
 use Psr\Http\Message\ServerRequestInterface;
+use Respect\Validation\Validator as v;
+use Respect\Validation\Exceptions\ValidationException;
 
 class ProductGetController
 {
@@ -18,17 +20,22 @@ class ProductGetController
     public function __invoke(ServerRequestInterface $request)
     {
         $body = json_decode((string)$request->getBody(), true) ?? [];
-        $companyId = $body['company_id'] ?? null;
 
-        if (!$companyId) {
-            return ResponseLib::sendFail("Missing Company ID", [], "E_VALIDATE")->withStatus(401);
+        try {
+            v::key('company_id', v::intType()->positive())
+             ->assert($body);
+        } catch (ValidationException $e) {
+            return ResponseLib::sendFail("Validation failed: " . $e->getFullMessage(), [], "E_VALIDATE")->withStatus(401);
         }
 
+        $companyId = (int) $body['company_id'];
+
         $products = $this->model->getProducts($companyId);
-        
+
         if ($products) {
             return ResponseLib::sendOk($products);
         }
+
         return ResponseLib::sendFail("Failed to retrieve products", [], "E_DATABASE")->withStatus(500);
     }
-}
+}

controllers/ProductUpdateController.php

@@ -5,6 +5,8 @@ namespace Controllers;
 use Libs\ResponseLib;
 use Models\ProductModel;
 use Psr\Http\Message\ServerRequestInterface;
+use Respect\Validation\Validator as v;
+use Respect\Validation\Exceptions\ValidationException;
 
 class ProductUpdateController
 {
@@ -18,25 +20,39 @@ class ProductUpdateController
     public function __invoke(ServerRequestInterface $request)
     {
         $body = json_decode((string)$request->getBody(), true) ?? [];
-        $companyId = $body['company_id'] ?? null;
-        $productId = $body['update_product_id'] ?? null;
-        $productName = $body['product_name'] ?? null;
-        $productPrice = $body['product_price'] ?? null;
 
-        if (!$companyId || !$productId) {
-            return ResponseLib::sendFail("Missing company_id or update_product_id", [], "E_VALIDATE")->withStatus(400);
+        try {
+            v::key('company_id', v::intType()->positive())
+             ->key('update_product_id', v::intType()->positive())
+             ->key('product_name', v::optional(v::stringType()->notEmpty()), false)
+             ->key('product_price', v::optional(v::number()->positive()), false)
+             ->assert($body);
+        } catch (ValidationException $e) {
+            return ResponseLib::sendFail("Validation failed: " . $e->getFullMessage(), [], "E_VALIDATE")->withStatus(400);
         }
 
-        if ($productName === null && $productPrice === null) {
+        // Verifica se pelo menos um dos dois está presente
+        $hasProductName = isset($body['product_name']) && $body['product_name'] !== null;
+        $hasProductPrice = isset($body['product_price']) && $body['product_price'] !== null;
+
+        if (!$hasProductName && !$hasProductPrice) {
             return ResponseLib::sendFail("Missing product_name or product_price for update", [], "E_VALIDATE")->withStatus(400);
         }
 
+        $companyId = $body['company_id'];
+        $productId = $body['update_product_id'];
+        $productName = $hasProductName ? $body['product_name'] : null;
+        $productPrice = $hasProductPrice ? (float)$body['product_price'] : null;
+
         $updated = $this->model->updateProduct(
             (int)$productId,
             (int)$companyId,
             $productName,
-            $productPrice !== null ? (float)$productPrice : null
+            $productPrice
         );
-        return $updated ? ResponseLib::sendOk(['updated' => true]) : ResponseLib::sendFail("Failed to Update Product or Product Not Found", [], "E_DATABASE")->withStatus(404);
+
+        return $updated
+            ? ResponseLib::sendOk(['updated' => true])
+            : ResponseLib::sendFail("Failed to Update Product or Product Not Found", [], "E_DATABASE")->withStatus(404);
     }
-}
+}

controllers/RegisterController.php

@@ -5,28 +5,32 @@ namespace Controllers;
 use Libs\ResponseLib;
 use Models\UserModel;
 use Psr\Http\Message\ServerRequestInterface;
+use Respect\Validation\Validator as v;
+use Respect\Validation\Exceptions\ValidationException;
 
 class RegisterController
 {
     public function __invoke(ServerRequestInterface $request)
     {
-        $body = json_decode((string) $request->getBody(), true);
+        $body = json_decode((string) $request->getBody(), true) ?? [];
+
+        try {
+            v::key('username', v::alnum(' ')->notEmpty())
+             ->key('password', v::stringType()->length(8, null))
+             ->key('email', v::email())
+             ->key('company_id', v::intType()->positive())
+             ->key('role_id', v::intType()->positive())
+             ->assert($body);
+        } catch (ValidationException $e) {
+            return ResponseLib::sendFail("Validation failed: " . $e->getFullMessage(), [], "E_VALIDATE")->withStatus(400);
+        }
+
         $username = $body['username'];
         $password = $body['password'];
         $email = $body['email'];
         $company_id = (int) $body['company_id'];
         $role_id = (int) $body['role_id'];
 
-
-        if (empty($username) || empty($password) || empty($email)) {
-            return ResponseLib::sendFail("Missing username, password or email", [], "E_VALIDATE")->withStatus(400);
-        }
-
-        // Validação básica (ex: comprimento mínimo)
-        if (strlen($password) < 8) {
-            return ResponseLib::sendFail("Password must be at least 8 characters", [], "E_VALIDATE")->withStatus(400);
-        }
-
         $userModel = new UserModel();
         $userData = $userModel->createUser($username, $email, $password, $company_id, $role_id);
 
@@ -36,4 +40,4 @@ class RegisterController
 
         return ResponseLib::sendOk($userData, "S_CREATED");
     }
-}
+}

controllers/TableCreateController.php

@@ -5,6 +5,8 @@ namespace Controllers;
 use Libs\ResponseLib;
 use Models\TableModel;
 use Psr\Http\Message\ServerRequestInterface;
+use Respect\Validation\Validator as v;
+use Respect\Validation\Exceptions\NestedValidationException;
 
 class TableCreateController
 {
@@ -19,23 +21,29 @@ class TableCreateController
     {
         $body = json_decode((string)$request->getBody(), true) ?? [];
 
-        $companyId = $body['company_id'] ?? null;
-        $tableNumber = $body['table_number'] ?? null;
-        $statusId = $body['status_id'] ?? null;
-
-        if (!$companyId || !$tableNumber || !$statusId) {
-            return ResponseLib::sendFail("Missing required fields", [], "E_VALIDATE")->withStatus(400);
+        // ✅ Validação com Respect\Validation (letras, números e espaços permitidos)
+        try {
+            v::key('company_id', v::intVal()->positive())
+             ->key('table_number', v::stringType()->notEmpty()->regex('/^[\pL\pN ]+$/u')->length(1, 50))
+             ->key('status_id', v::intVal()->positive())
+             ->assert($body);
+        } catch (NestedValidationException $e) {
+            return ResponseLib::sendFail($e->getMessages(), [], "E_VALIDATE")->withStatus(400);
         }
 
-        if (!$this->model->companyExists((int)$companyId)) {
+        $companyId = (int) $body['company_id'];
+        $tableNumber = (string) $body['table_number'];
+        $statusId = (int) $body['status_id'];
+
+        if (!$this->model->companyExists($companyId)) {
             return ResponseLib::sendFail("Invalid company_id", [], "E_VALIDATE")->withStatus(400);
         }
 
-        if (!$this->model->statusExists((int)$statusId)) {
+        if (!$this->model->statusExists($statusId)) {
             return ResponseLib::sendFail("Invalid status_id", [], "E_VALIDATE")->withStatus(400);
         }
 
-        $created = $this->model->createTable((int)$companyId, (string)$tableNumber, (int)$statusId);
+        $created = $this->model->createTable($companyId, $tableNumber, $statusId);
 
         return $created
             ? ResponseLib::sendOk(['created' => true])

controllers/TableDeleteController.php

@@ -5,6 +5,8 @@ namespace Controllers;
 use Libs\ResponseLib;
 use Models\TableModel;
 use Psr\Http\Message\ServerRequestInterface;
+use Respect\Validation\Validator as v;
+use Respect\Validation\Exceptions\ValidationException;
 
 class TableDeleteController
 {
@@ -22,8 +24,13 @@ class TableDeleteController
         $tableNumber = $body['table_number'] ?? null;
         $companyId = $body['company_id'] ?? null;
 
-        if (!$tableNumber || !$companyId) {
-            return ResponseLib::sendFail("Missing table_number or company_id", [], "E_VALIDATE")->withStatus(400);
+        // Validação usando Respect Validation
+        try {
+            v::key('table_number', v::alnum(' ')->notEmpty())
+             ->key('company_id', v::intType()->positive())
+             ->assert($body);
+        } catch (ValidationException $e) {
+            return ResponseLib::sendFail("Validation failed: " . $e->getFullMessage(), [], "E_VALIDATE")->withStatus(400);
         }
 
         $deleted = $this->model->deleteTableByNumber((string)$tableNumber, (int)$companyId);

controllers/TableGetController.php

@@ -5,6 +5,8 @@ namespace Controllers;
 use Libs\ResponseLib;
 use Models\TableModel;
 use Psr\Http\Message\ServerRequestInterface;
+use Respect\Validation\Validator as v;
+use Respect\Validation\Exceptions\ValidationException;
 
 class TableGetController
 {
@@ -18,12 +20,17 @@ class TableGetController
     public function __invoke(ServerRequestInterface $request)
     {
         $body = json_decode((string)$request->getBody(), true) ?? [];
-        $companyId = $body['company_id'] ?? null;
 
-        if (!$companyId) {
-            return ResponseLib::sendFail("Missing company_id", [], "E_VALIDATE")->withStatus(400);
+        // Validação do company_id
+        try {
+            v::key('company_id', v::intType()->positive())
+             ->assert($body);
+        } catch (ValidationException $e) {
+            return ResponseLib::sendFail("Validation failed: " . $e->getFullMessage(), [], "E_VALIDATE")->withStatus(400);
         }
 
+        $companyId = $body['company_id'];
+
         $tables = $this->model->getTables((int)$companyId);
 
         if ($tables) {

controllers/TableUpdateController.php

@@ -5,6 +5,8 @@ namespace Controllers;
 use Libs\ResponseLib;
 use Models\TableModel;
 use Psr\Http\Message\ServerRequestInterface;
+use Respect\Validation\Validator as v;
+use Respect\Validation\Exceptions\ValidationException;
 
 class TableUpdateController
 {
@@ -19,22 +21,27 @@ class TableUpdateController
     {
         $body = json_decode((string)$request->getBody(), true) ?? [];
 
-        $tableNumber = $body['table_number'] ?? null;
-$companyId = $body['company_id'] ?? null;
-$statusStatus = $body['status_status'] ?? null;
+        // Validação dos campos com Respect Validation
+        try {
+            v::key('table_number', v::alnum(' ')->notEmpty())
+             ->key('company_id', v::intType()->positive())
+             ->key('status_status', v::stringType()->notEmpty())
+             ->assert($body);
+        } catch (ValidationException $e) {
+            return ResponseLib::sendFail("Validation failed: " . $e->getFullMessage(), [], "E_VALIDATE")->withStatus(400);
+        }
 
-if (!$tableNumber || !$companyId || !$statusStatus) {
-    return ResponseLib::sendFail("Missing required fields", [], "E_VALIDATE")->withStatus(400);
-}
-
-$statusId = $this->model->getStatusIdByName($statusStatus);
+        $tableNumber = $body['table_number'];
+        $companyId = $body['company_id'];
+        $statusStatus = $body['status_status'];
 
-if ($statusId === null) {
-    return ResponseLib::sendFail("Invalid status_status: '{$statusStatus}'", [], "E_VALIDATE")->withStatus(400);
-}
+        $statusId = $this->model->getStatusIdByName($statusStatus);
 
-$updated = $this->model->updateTableByNumber((string)$tableNumber, (int)$companyId, $statusId);
+        if ($statusId === null) {
+            return ResponseLib::sendFail("Invalid status_status: '{$statusStatus}'", [], "E_VALIDATE")->withStatus(400);
+        }
 
+        $updated = $this->model->updateTableByNumber((string)$tableNumber, (int)$companyId, $statusId);
 
         return $updated
             ? ResponseLib::sendOk(['updated' => true])

public/index.php

@@ -52,7 +52,7 @@ $app->post('/category/delete', $cors, $authJwt, \Controllers\CategoryDeleteContr
 $app->post('/category/add-product', $cors, $authJwt, \Controllers\CategoryAddProductController::class);
 
 //Rotas Product 
-$app->post('/product/get', $cors, $authJwt, \Controllers\ProductGetController::class);
+$app->post('/product/get', $cors, \Controllers\ProductGetController::class);
 $app->post('/product/create', $cors, $authJwt, \Controllers\ProductCreateController::class);
 $app->post('/product/update', $cors, $authJwt, \Controllers\ProductUpdateController::class);
 $app->post('/product/delete', $cors, $authJwt, \Controllers\ProductDeleteController::class);