test fix: Tshield

controllers/TshieldWebhookController.php

@@ -23,24 +23,62 @@ class TshieldWebhookController
             return ResponseLib::sendFail('Invalid JSON payload.', [], 'E_VALIDATE')->withStatus(400);
         }
 
-        $statusDescription = $body['status']['status'] ?? null;
-        if ($statusDescription !== 'Aprovado') {
+        error_log('[TShieldWebhook] payload=' . json_encode($body, JSON_UNESCAPED_SLASHES | JSON_UNESCAPED_UNICODE));
+
+        $statusDescription = $body['status']['status']
+            ?? $body['status']
+            ?? ($body['data']['status']['status'] ?? null);
+        $statusNormalized = is_string($statusDescription) ? mb_strtolower(trim($statusDescription)) : '';
+        $isApproved = $statusNormalized === 'aprovado'
+            || $statusNormalized === 'aprovada'
+            || (is_string($statusNormalized) && str_contains($statusNormalized, 'aprov'));
+        if (!$isApproved) {
             return ResponseLib::sendOk([
                 'processed' => false,
                 'reason' => 'Status not approved. No action taken.',
+                'status' => $statusDescription,
             ], 'S_IGNORED');
         }
 
-        $externalNumber = $body['number'] ?? $body['token'] ?? null;
-        if (!is_string($externalNumber) || trim($externalNumber) === '') {
+        $externalIds = [
+            $body['number'] ?? null,
+            $body['token'] ?? null,
+            $body['data']['number'] ?? null,
+            $body['data']['token'] ?? null,
+            $body['analysis']['number'] ?? null,
+            $body['analysis']['token'] ?? null,
+            $body['query']['number'] ?? null,
+            $body['query']['token'] ?? null,
+        ];
+
+        $externalNumber = null;
+        foreach ($externalIds as $candidate) {
+            if (is_numeric($candidate)) {
+                $candidate = (string)$candidate;
+            }
+            if (!is_string($candidate)) {
+                continue;
+            }
+            $candidate = trim($candidate);
+            if ($candidate === '') {
+                continue;
+            }
+            $externalNumber = $candidate;
+            break;
+        }
+
+        if ($externalNumber === null) {
             return ResponseLib::sendFail('Missing analysis number/token in payload.', [], 'E_VALIDATE')->withStatus(400);
         }
 
-        $updated = $this->model->approveByExternalId($externalNumber);
+        error_log('[TShieldWebhook] approved candidates=' . json_encode($externalIds, JSON_UNESCAPED_SLASHES | JSON_UNESCAPED_UNICODE));
+        error_log('[TShieldWebhook] approved number=' . $externalNumber);
+
+        $updated = $this->model->approveByExternalIds($externalIds);
         if (!$updated) {
             return ResponseLib::sendFail(
                 'No user found for provided analysis number.',
-                ['number' => $externalNumber],
+                ['number' => $externalNumber, 'candidates' => $externalIds],
                 'E_NOT_FOUND'
             )->withStatus(404);
         }

models/TshieldWebhookModel.php

@@ -17,10 +17,39 @@ class TshieldWebhookModel
 
     public function approveByExternalId(string $externalId): bool
     {
-        $stmt = $this->pdo->prepare(
-            'UPDATE "user" SET user_kyc = 1 WHERE kyc_external_id = :external_id AND user_flag = \'a\''
-        );
-        $stmt->execute(['external_id' => $externalId]);
+        return $this->approveByExternalIds([$externalId]);
+    }
+
+    public function approveByExternalIds(array $externalIds): bool
+    {
+        $externalIds = array_values(array_unique(array_filter(array_map(static function ($id) {
+            if (is_numeric($id)) {
+                $id = (string)$id;
+            }
+            if (!is_string($id)) {
+                return null;
+            }
+            $id = trim($id);
+            return $id === '' ? null : $id;
+        }, $externalIds))));
+
+        if (empty($externalIds)) {
+            return false;
+        }
+
+        $params = [];
+        $placeholders = [];
+        foreach ($externalIds as $i => $id) {
+            $key = 'id' . $i;
+            $placeholders[] = ':' . $key;
+            $params[$key] = $id;
+        }
+
+        $sql = 'UPDATE "user" SET user_kyc = 1 '
+            . 'WHERE kyc_external_id IN (' . implode(',', $placeholders) . ') '
+            . 'AND user_flag = \'a\'';
+        $stmt = $this->pdo->prepare($sql);
+        $stmt->execute($params);
         return $stmt->rowCount() > 0;
     }
 }