mein-sterntours/app/Http/Requests/Offer/OfferTemplateRequest.php

<?php

namespace App\Http\Requests\Offer;

use App\Models\OfferItem;
use Illuminate\Foundation\Http\FormRequest;
use Illuminate\Validation\Rule;
use Illuminate\Validation\Validator;

class OfferTemplateRequest extends FormRequest
{
    public function authorize(): bool
    {
        return $this->user() !== null;
    }

    public function rules(): array
    {
        return [
            'branch_id'   => 'nullable|integer|exists:branch,id',
            'name'        => 'required|string|max:255',
            'description' => 'nullable|string|max:5000',

            'default_headline'   => 'nullable|string|max:500',
            'default_intro'      => 'nullable|string|max:65000',
            'default_itinerary'  => 'nullable|string|max:65000',
            'default_closing'    => 'nullable|string|max:65000',

            'default_items' => 'nullable|array|max:200',
            'default_items.*' => 'array',
            'default_items.*.type' => ['required', Rule::in(OfferItem::TYPES)],
            'default_items.*.title'  => 'required|string|max:1000',
            'default_items.*.description' => 'nullable|string|max:20000',
            'default_items.*.quantity'   => 'required|integer|min:1',
            'default_items.*.price_per_unit' => 'required|numeric',
            'default_items.*.travel_program_id' => 'nullable|integer|min:0',
            'default_items.*.fewo_lodging_id'  => 'nullable|integer|min:0',
            'default_items.*.metadata'  => 'nullable|array',

            'is_active' => 'nullable|boolean',
        ];
    }

    public function withValidator(Validator $validator): void
    {
        $validator->after(function (Validator $v) {
            if ($v->fails()) {
                return;
            }
            $rows = $this->input('default_items', []) ?? [];
            foreach (array_values($rows) as $i => $row) {
                if (! is_array($row)) {
                    continue;
                }
                $type = $row['type'] ?? null;
                $p    = $row['price_per_unit'] ?? null;
                if ($type === null || $p === null) {
                    continue;
                }
                if (in_array($type, [OfferItem::TYPE_TRAVEL, OfferItem::TYPE_SERVICE, OfferItem::TYPE_OPTION, OfferItem::TYPE_INSURANCE, OfferItem::TYPE_CUSTOM], true)) {
                    if ((float) $p < 0) {
                        $v->errors()->add("default_items.$i.price_per_unit", 'Der Einzelpreis muss mindestens 0 sein (außer bei Rabatten).');
                    }
                }
            }
        });
    }

    protected function prepareForValidation(): void
    {
        if ($this->has('default_headline') && is_string($this->input('default_headline'))) {
            $this->merge(['default_headline' => strip_tags($this->input('default_headline'))]);
        }
        $this->merge(
            $this->sanitizeWysiwygInput([
                'default_intro'     => $this->input('default_intro'),
                'default_itinerary' => $this->input('default_itinerary'),
                'default_closing'   => $this->input('default_closing'),
            ])
        );
    }

    /**
     * @param  array<string, mixed>  $fields
     * @return array<string, string|null>
     */
    protected function sanitizeWysiwygInput(array $fields): array
    {
        $allowed = '<p><br><br/><strong><b><em><i><u><ul><ol><li><a><h1><h2><h3><h4><h5><h6><blockquote><span><div><table><thead><tbody><tr><th><td>';
        $out     = [];
        foreach ($fields as $key => $val) {
            if ($val === null) {
                $out[$key] = $val;
                continue;
            }
            if (! is_string($val)) {
                $out[$key] = (string) $val;
                continue;
            }
            $out[$key] = strip_tags($val, $allowed);
        }
        return $out;
    }
}