model = new TableModel(); } public function __invoke(ServerRequestInterface $request) { $body = json_decode((string)$request->getBody(), true) ?? []; // ✅ Validação com Respect\Validation (letras, números e espaços permitidos) try { v::key('company_id', v::intVal()->positive()) ->key('table_number', v::stringType()->notEmpty()->regex('/^[\pL\pN ]+$/u')->length(1, 10)) ->key('status_id', v::intVal()->positive()) ->assert($body); } catch (NestedValidationException $e) { return ResponseLib::sendFail($e->getMessages(), [], "E_VALIDATE")->withStatus(400); } $companyId = (int) $body['company_id']; $tableNumber = (string) $body['table_number']; $statusId = (int) $body['status_id']; if (!$this->model->companyExists($companyId)) { return ResponseLib::sendFail("Invalid company_id", [], "E_VALIDATE")->withStatus(400); } if (!$this->model->statusExists($statusId)) { return ResponseLib::sendFail("Invalid status_id", [], "E_VALIDATE")->withStatus(400); } $created = $this->model->createTable($companyId, $tableNumber, $statusId); return $created ? ResponseLib::sendOk(['created' => true]) : ResponseLib::sendFail("Failed to create table", [], "E_DATABASE")->withStatus(500); } }