diff --git a/htdocs/societe/class/api_contacts.class.php b/htdocs/societe/class/api_contacts.class.php index f94e182b010..fc90f37e5bf 100644 --- a/htdocs/societe/class/api_contacts.class.php +++ b/htdocs/societe/class/api_contacts.class.php @@ -421,6 +421,48 @@ class Contacts extends DolibarrApi return $this->_cleanObjectDatas($this->contact); } + /** + * Remove the link between a category and a contact + * + * @url DELETE {id}/categories/{category_id} + * + * @param int $id Id of contact + * @param int $category_id Id of category + * @return mixed + * + * @throws 401 RestException Insufficient rights + * @throws 401 RestException Access not allowed for login + * @throws 404 RestException Category not found + * @throws 404 RestException Contact not found + */ + public function deleteCategory($id, $category_id) + { + if(! DolibarrApiAccess::$user->rights->societe->contact->creer) { + throw new RestException(401, 'Insufficient rights'); + } + + $result = $this->contact->fetch($id); + if( ! $result ) { + throw new RestException(404, 'Contact not found'); + } + $category = new Categorie($this->db); + $result = $category->fetch($category_id); + if( ! $result ) { + throw new RestException(404, 'category not found'); + } + + if( ! DolibarrApi::_checkAccessToResource('contact', $this->contact->id)) { + throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login); + } + if( ! DolibarrApi::_checkAccessToResource('category', $category->id)) { + throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login); + } + + $category->del_type($this->contact, 'contact'); + + return $this->_cleanObjectDatas($this->contact); + } + // phpcs:disable PEAR.NamingConventions.ValidFunctionName.PublicUnderscore /** * Clean sensible object datas