lainwir3d/dolibarr
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

REST API: Bring back the existing API (for backward compatibility).

Browse Source 
Bring back the existing API and mark all the operations as deprecated.
Both the existing and the new API are documented and browsable with the
Restler API Explorer. The existing API appears under "root".
This commit is contained in:
Xebax 2016-06-22 10:08:54 +02:00
parent 9e9e224c46
commit 70ba8ec78d
8 changed files with 2670 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

15
htdocs/api/index.php
View File

@ -112,13 +112,24 @@ foreach ($modulesdir as $dir)
{
while (($file_searched = readdir($handle_part))!==false)
{
if (is_readable($dir_part.$file_searched) && preg_match("/^api_(.*)\.class\.php$/i",$file_searched,$reg))
// Support of the deprecated API.
if (is_readable($dir_part.$file_searched) && preg_match("/^api_deprecated_(.*)\.class\.php$/i",$file_searched,$reg))
{
$classname = ucwords($reg[1]).'Api';
require_once $dir_part.$file_searched;
if (class_exists($classname))
{
dol_syslog("Found deprecated API classname=".$classname);
$api->r->addAPIClass($classname, '');
}
}
else if (is_readable($dir_part.$file_searched) && preg_match("/^api_(.*)\.class\.php$/i",$file_searched,$reg))
{
$classname = ucwords($reg[1]);
require_once $dir_part.$file_searched;
if (class_exists($classname))
{
dol_syslog("Found API classname=".$classname);
dol_syslog("Found API classname=".$classname);
$listofapis[] = $classname;
}
}

489
htdocs/categories/class/api_deprecated_category.class.php Normal file
View File

@ -0,0 +1,489 @@
<?php
/* Copyright (C) 2015 Jean-François Ferry <jfefe@aternatik.fr>
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 3 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
use Luracast\Restler\RestException;
require_once DOL_DOCUMENT_ROOT.'/categories/class/categorie.class.php';
require_once DOL_DOCUMENT_ROOT.'/societe/class/client.class.php';
/**
* API class for category object
*
* @smart-auto-routing false
* @access protected
* @class DolibarrApiAccess {@requires user,external}
*
* @deprecated
*/
class CategoryApi extends DolibarrApi
{
/**
* @var array $FIELDS Mandatory fields, checked when create and update object
*/
static $FIELDS = array(
'label',
'type'
);
static $TYPES = array(
0 => 'product',
1 => 'supplier',
2 => 'customer',
3 => 'member',
4 => 'contact',
5 => 'account',
);
/**
* @var Categorie $category {@type Categorie}
*/
public $category;
/**
* Constructor <b>Warning: Deprecated</b>
*
* @url GET category/
*
*/
function __construct()
{
global $db, $conf;
$this->db = $db;
$this->category = new Categorie($this->db);
}
/**
* Get properties of a category object <b>Warning: Deprecated</b>
*
* Return an array with category informations
*
* @param int $id ID of category
* @return array|mixed data without useless information
*
* @url GET category/{id}
* @throws RestException
*/
function get($id)
{
if(! DolibarrApiAccess::$user->rights->categorie->lire) {
throw new RestException(401);
}
$result = $this->category->fetch($id);
if( ! $result ) {
throw new RestException(404, 'category not found');
}
if( ! DolibarrApi::_checkAccessToResource('category',$this->category->id)) {
throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
}
return $this->_cleanObjectDatas($this->category);
}
/**
* List categories <b>Warning: Deprecated</b>
*
* Get a list of categories
*
* @param string $type Type of category ('member', 'customer', 'supplier', 'product', 'contact')
* @param string $sortfield Sort field
* @param string $sortorder Sort order
* @param int $limit Limit for list
* @param int $page Page number
* @return array Array of category objects
*
* @url GET /category/list
*/
function getList($type='product', $sortfield = "s.rowid", $sortorder = 'ASC', $limit = 0, $page = 0) {
global $db, $conf;
$obj_ret = array();
if(! DolibarrApiAccess::$user->rights->categorie->lire) {
throw new RestException(401);
}
$sql = "SELECT s.rowid";
$sql.= " FROM ".MAIN_DB_PREFIX."categorie as s";
$sql.= ' WHERE s.entity IN ('.getEntity('categorie', 1).')';
$sql.= ' AND s.type='.array_search($type,CategoryApi::$TYPES);
$nbtotalofrecords = 0;
if (empty($conf->global->MAIN_DISABLE_FULL_SCANLIST))
{
$result = $db->query($sql);
$nbtotalofrecords = $db->num_rows($result);
}
$sql.= $db->order($sortfield, $sortorder);
if ($limit) {
if ($page < 0)
{
$page = 0;
}
$offset = $limit * $page;
$sql.= $db->plimit($limit + 1, $offset);
}
$result = $db->query($sql);
if ($result)
{
$i=0;
$num = $db->num_rows($result);
while ($i < $num)
{
$obj = $db->fetch_object($result);
$category_static = new Categorie($db);
if($category_static->fetch($obj->rowid)) {
$obj_ret[] = parent::_cleanObjectDatas($category_static);
}
$i++;
}
}
else {
throw new RestException(503, 'Error when retrieve category list : '.$category_static->error);
}
if( ! count($obj_ret)) {
throw new RestException(404, 'No category found');
}
return $obj_ret;
}
/**
* List categories of an entity <b>Warning: Deprecated</b>
*
* Get a list of categories
*
* @param string $type Type of category ('member', 'customer', 'supplier', 'product', 'contact')
* @param string $sortfield Sort field
* @param string $sortorder Sort order
* @param int $limit Limit for list
* @param int $page Page number
* @param int $item Id of the item to get categories for
* @return array Array of category objects
*
* @url GET /product/{item}/categories
*/
function getListForItem($type='product', $sortfield = "s.rowid", $sortorder = 'ASC', $limit = 0, $page = 0, $item = 0) {
global $db, $conf;
$obj_ret = array();
if(! DolibarrApiAccess::$user->rights->categorie->lire) {
throw new RestException(401);
}
//if ($type == "") {
//$type="product";
//}
$sub_type = $type;
$subcol_name = "fk_".$type;
if ($type=="customer" || $type=="supplier") {
$sub_type="societe";
$subcol_name="fk_soc";
}
$sql = "SELECT s.rowid";
$sql.= " FROM ".MAIN_DB_PREFIX."categorie as s";
$sql.= " , ".MAIN_DB_PREFIX."categorie_".$sub_type." as sub ";
$sql.= ' WHERE s.entity IN ('.getEntity('categorie', 1).')';
$sql.= ' AND s.type='.array_search($type,CategoryApi::$TYPES);
$sql.= ' AND s.rowid = sub.fk_categorie';
$sql.= ' AND sub.'.$subcol_name.' = '.$item;
$nbtotalofrecords = 0;
if (empty($conf->global->MAIN_DISABLE_FULL_SCANLIST))
{
$result = $db->query($sql);
$nbtotalofrecords = $db->num_rows($result);
}
$sql.= $db->order($sortfield, $sortorder);
if ($limit) {
if ($page < 0)
{
$page = 0;
}
$offset = $limit * $page;
$sql.= $db->plimit($limit + 1, $offset);
}
$result = $db->query($sql);
if ($result)
{
$i=0;
$num = $db->num_rows($result);
while ($i < $num)
{
$obj = $db->fetch_object($result);
$category_static = new Categorie($db);
if($category_static->fetch($obj->rowid)) {
$obj_ret[] = parent::_cleanObjectDatas($category_static);
}
$i++;
}
}
else {
throw new RestException(503, 'Error when retrieve category list : '.$category_static->error);
}
if( ! count($obj_ret)) {
throw new RestException(404, 'No category found');
}
return $obj_ret;
}
/**
* Get member categories list <b>Warning: Deprecated</b>
*
* @param string $sortfield Sort field
* @param string $sortorder Sort order
* @param int $limit Limit for list
* @param int $page Page number
* @return mixed
*
* @url GET /category/list/member
*/
function getListCategoryMember($sortfield = "s.rowid", $sortorder = 'ASC', $limit = 0, $page = 0) {
return $this->getList('member', $sortfield, $sortorder, $limit, $page);
}
/**
* Get customer categories list <b>Warning: Deprecated</b>
*
* @param string $sortfield Sort field
* @param string $sortorder Sort order
* @param int $limit Limit for list
* @param int $page Page number
*
* @return mixed
*
* @url GET /category/list/customer
*/
function getListCategoryCustomer($sortfield = "s.rowid", $sortorder = 'ASC', $limit = 0, $page = 0) {
return $this->getList('customer', $sortfield, $sortorder, $limit, $page);
}
/**
* Get categories for a customer <b>Warning: Deprecated</b>
*
* @param int $cusid Customer id filter
* @param string $sortfield Sort field
* @param string $sortorder Sort order
* @param int $limit Limit for list
* @param int $page Page number
*
* @return mixed
*
* @url GET /customer/{cusid}/categories
*/
function getListCustomerCategories($cusid, $sortfield = "s.rowid", $sortorder = 'ASC', $limit = 0, $page = 0) {
return $this->getListForItem('customer', $sortfield, $sortorder, $limit, $page, $cusid);
}
/**
* Add category to customer <b>Warning: Deprecated</b>
*
* @param int $cusid Id of customer
* @param int $catid Id of category
*
* @return mixed
*
* @url GET /customer/{cusid}/addCategory/{catid}
*/
function addCustomerCategory($cusid,$catid) {
if(! DolibarrApiAccess::$user->rights->societe->creer) {
throw new RestException(401);
}
$customer = new Client($this->db);
$customer->fetch($cusid);
if( ! $customer ) {
throw new RestException(404, 'customer not found');
}
$result = $this->category->fetch($catid);
if( ! $result ) {
throw new RestException(404, 'category not found');
}
if( ! DolibarrApi::_checkAccessToResource('societe',$customer->id)) {
throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
}
if( ! DolibarrApi::_checkAccessToResource('category',$this->category->id)) {
throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
}
$this->category->add_type($customer,'customer');
return $customer;
}
/**
* Get supplier categories list <b>Warning: Deprecated</b>
*
* @param string $sortfield Sort field
* @param string $sortorder Sort order
* @param int $limit Limit for list
* @param int $page Page number
*
* @return mixed
*
* @url GET /category/list/supplier
*/
function getListCategorySupplier($sortfield = "s.rowid", $sortorder = 'ASC', $limit = 0, $page = 0) {
return $this->getList('supplier', $sortfield, $sortorder, $limit, $page);
}
/**
* Get product categories list <b>Warning: Deprecated</b>
*
* @param string $sortfield Sort field
* @param string $sortorder Sort order
* @param int $limit Limit for list
* @param int $page Page number
*
* @return mixed
*
* @url GET /category/list/product
*/
function getListCategoryProduct($sortfield = "s.rowid", $sortorder = 'ASC', $limit = 0, $page = 0) {
return $this->getList('product', $sortfield, $sortorder, $limit, $page);
}
/**
* Get contact categories list <b>Warning: Deprecated</b>
*
* @param string $sortfield Sort field
* @param string $sortorder Sort order
* @param int $limit Limit for list
* @param int $page Page number
* @return mixed
*
* @url GET /category/list/contact
*/
function getListCategoryContact($sortfield = "s.rowid", $sortorder = 'ASC', $limit = 0, $page = 0) {
return $this->getList('contact', $sortfield, $sortorder, $limit, $page);
}
/**
* Create category object <b>Warning: Deprecated</b>
*
* @param array $request_data Request data
* @return int ID of category
*
* @url POST category/
*/
function post($request_data = NULL)
{
if(! DolibarrApiAccess::$user->rights->categorie->creer) {
throw new RestException(401);
}
// Check mandatory fields
$result = $this->_validate($request_data);
foreach($request_data as $field => $value) {
$this->category->$field = $value;
}
if($this->category->create(DolibarrApiAccess::$user) < 0) {
throw new RestException(503, 'Error when create category : '.$this->category->error);
}
return $this->category->id;
}
/**
* Update category <b>Warning: Deprecated</b>
*
* @param int $id Id of category to update
* @param array $request_data Datas
* @return int
*
* @url PUT category/{id}
*/
function put($id, $request_data = NULL)
{
if(! DolibarrApiAccess::$user->rights->categorie->creer) {
throw new RestException(401);
}
$result = $this->category->fetch($id);
if( ! $result ) {
throw new RestException(404, 'category not found');
}
if( ! DolibarrApi::_checkAccessToResource('category',$this->category->id)) {
throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
}
foreach($request_data as $field => $value) {
$this->category->$field = $value;
}
if($this->category->update(DolibarrApiAccess::$user))
return $this->get ($id);
return false;
}
/**
* Delete category <b>Warning: Deprecated</b>
*
* @param int $id Category ID
* @return array
*
* @url DELETE category/{id}
*/
function delete($id)
{
if(! DolibarrApiAccess::$user->rights->categorie->supprimer) {
throw new RestException(401);
}
$result = $this->category->fetch($id);
if( ! $result ) {
throw new RestException(404, 'category not found');
}
if( ! DolibarrApi::_checkAccessToResource('category',$this->category->id)) {
throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
}
if (! $this->category->delete(DolibarrApiAccess::$user)) {
throw new RestException(401,'error when delete category');
}
return array(
'success' => array(
'code' => 200,
'message' => 'Category deleted'
)
);
}
/**
* Validate fields before create or update object
*
* @param array $data Data to validate
* @return array
*
* @throws RestException
*/
function _validate($data)
{
$category = array();
foreach (CategoryApi::$FIELDS as $field) {
if (!isset($data[$field]))
throw new RestException(400, "$field field missing");
$category[$field] = $data[$field];
}
return $category;
}
}

535
htdocs/commande/class/api_deprecated_commande.class.php Normal file
View File

@ -0,0 +1,535 @@
<?php
/* Copyright (C) 2015 Jean-François Ferry <jfefe@aternatik.fr>
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 3 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
use Luracast\Restler\RestException;
require_once DOL_DOCUMENT_ROOT.'/commande/class/commande.class.php';
/**
* API class for commande object
*
* @smart-auto-routing false
* @access protected
* @class DolibarrApiAccess {@requires user,external}
*
* @category Api
* @package Api
*
* @deprecated
*/
class CommandeApi extends DolibarrApi
{
/**
* @var array $FIELDS Mandatory fields, checked when create and update object
*/
static $FIELDS = array(
'socid'
);
/**
* @var Commande $commande {@type Commande}
*/
public $commande;
/**
* Constructor <b>Warning: Deprecated</b>
*
* @url GET order/
*
*/
function __construct()
{
global $db, $conf;
$this->db = $db;
$this->commande = new Commande($this->db);
}
/**
* Get properties of a commande object <b>Warning: Deprecated</b>
*
* Return an array with commande informations
*
* @param int $id ID of order
* @param string $ref Ref of object
* @param string $ref_ext External reference of object
* @param string $ref_int Internal reference of other object
* @return array|mixed data without useless information
*
* @url GET order/{id}
* @throws RestException
*/
function get($id='',$ref='', $ref_ext='', $ref_int='')
{
if(! DolibarrApiAccess::$user->rights->commande->lire) {
throw new RestException(401);
}
$result = $this->commande->fetch($id);
if( ! $result ) {
throw new RestException(404, 'Order not found');
}
if( ! DolibarrApi::_checkAccessToResource('commande',$this->commande->id)) {
throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
}
$this->commande->fetchObjectLinked();
return $this->_cleanObjectDatas($this->commande);
}
/**
* List orders <b>Warning: Deprecated</b>
*
* Get a list of orders
*
* @param int $mode Use this param to filter list
* @param string $sortfield Sort field
* @param string $sortorder Sort order
* @param int $limit Limit for list
* @param int $page Page number
* @param string $societe Societe filter field
*
* @url GET /order/list
* @return array Array of order objects
*/
function getList($mode=0, $sortfield = "s.rowid", $sortorder = 'ASC', $limit = 0, $page = 0, $societe = 0) {
global $db, $conf;
$obj_ret = array();
// case of external user, $societe param is ignored and replaced by user's socid
$socid = DolibarrApiAccess::$user->societe_id ? DolibarrApiAccess::$user->societe_id : $societe;
// If the internal user must only see his customers, force searching by him
if (! DolibarrApiAccess::$user->rights->societe->client->voir && !$socid) $search_sale = DolibarrApiAccess::$user->id;
$sql = "SELECT s.rowid";
if ((!DolibarrApiAccess::$user->rights->societe->client->voir && !$socid) || $search_sale > 0) $sql .= ", sc.fk_soc, sc.fk_user"; // We need these fields in order to filter by sale (including the case where the user can only see his prospects)
$sql.= " FROM ".MAIN_DB_PREFIX."commande as s";
if ((!DolibarrApiAccess::$user->rights->societe->client->voir && !$socid) || $search_sale > 0) $sql.= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; // We need this table joined to the select in order to filter by sale
// Example of use $mode
//if ($mode == 1) $sql.= " AND s.client IN (1, 3)";
//if ($mode == 2) $sql.= " AND s.client IN (2, 3)";
$sql.= ' WHERE s.entity IN ('.getEntity('commande', 1).')';
if ((!DolibarrApiAccess::$user->rights->societe->client->voir && !$socid) || $search_sale > 0) $sql.= " AND s.fk_soc = sc.fk_soc";
if ($socid) $sql.= " AND s.fk_soc = ".$socid;
if ($search_sale > 0) $sql.= " AND s.rowid = sc.fk_soc"; // Join for the needed table to filter by sale
// Insert sale filter
if ($search_sale > 0)
{
$sql .= " AND sc.fk_user = ".$search_sale;
}
$nbtotalofrecords = 0;
if (empty($conf->global->MAIN_DISABLE_FULL_SCANLIST))
{
$result = $db->query($sql);
$nbtotalofrecords = $db->num_rows($result);
}
$sql.= $db->order($sortfield, $sortorder);
if ($limit) {
if ($page < 0)
{
$page = 0;
}
$offset = $limit * $page;
$sql.= $db->plimit($limit + 1, $offset);
}
$result = $db->query($sql);
if ($result)
{
$num = $db->num_rows($result);
while ($i < $num)
{
$obj = $db->fetch_object($result);
$commande_static = new Commande($db);
if($commande_static->fetch($obj->rowid)) {
$obj_ret[] = parent::_cleanObjectDatas($commande_static);
}
$i++;
}
}
else {
throw new RestException(503, 'Error when retrieve commande list');
}
if( ! count($obj_ret)) {
throw new RestException(404, 'No commande found');
}
return $obj_ret;
}
/**
* List orders for specific thirdparty <b>Warning: Deprecated</b>
*
* Get a list of orders
*
* @param int $socid Id of customer
*
* @url GET /customer/{socid}/order/list
* @url GET /thirdparty/{socid}/order/list
* @return array Array of order objects
*/
function getListForSoc($socid = 0) {
return getList(0,"s.rowid","ASC",0,0,$socid);
}
/**
* Create order object <b>Warning: Deprecated</b>
*
* @param array $request_data Request datas
*
* @url POST order/
*
* @return int ID of commande
*/
function post($request_data = NULL)
{
if(! DolibarrApiAccess::$user->rights->commande->creer) {
throw new RestException(401, "Insuffisant rights");
}
// Check mandatory fields
$result = $this->_validate($request_data);
foreach($request_data as $field => $value) {
$this->commande->$field = $value;
}
if (isset($request_data["lines"])) {
$lines = array();
foreach ($request_data["lines"] as $line) {
array_push($lines, (object) $line);
}
$this->commande->lines = $lines;
}
if(! $this->commande->create(DolibarrApiAccess::$user) ) {
throw new RestException(500, "Error while creating order");
}
return $this->commande->id;
}
/**
* Get lines of an order <b>Warning: Deprecated</b>
*
*
* @param int $id Id of order
*
* @url GET order/{id}/line/list
*
* @return int
*/
function getLines($id) {
if(! DolibarrApiAccess::$user->rights->commande->lire) {
throw new RestException(401);
}
$result = $this->commande->fetch($id);
if( ! $result ) {
throw new RestException(404, 'Commande not found');
}
if( ! DolibarrApi::_checkAccessToResource('commande',$this->commande->id)) {
throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
}
$this->commande->getLinesArray();
$result = array();
foreach ($this->commande->lines as $line) {
array_push($result,$this->_cleanObjectDatas($line));
}
return $result;
}
/**
* Add a line to given order <b>Warning: Deprecated</b>
*
*
* @param int $id Id of commande to update
* @param array $request_data Orderline data
*
* @url POST order/{id}/line
*
* @return int
*/
function postLine($id, $request_data = NULL) {
if(! DolibarrApiAccess::$user->rights->commande->creer) {
throw new RestException(401);
}
$result = $this->commande->fetch($id);
if( ! $result ) {
throw new RestException(404, 'Commande not found');
}
if( ! DolibarrApi::_checkAccessToResource('commande',$this->commande->id)) {
throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
}
$request_data = (object) $request_data;
$updateRes = $this->commande->addline(
$request_data->desc,
$request_data->subprice,
$request_data->qty,
$request_data->tva_tx,
$request_data->localtax1_tx,
$request_data->localtax2_tx,
$request_data->fk_product,
$request_data->remise_percent,
$request_data->info_bits,
$request_data->fk_remise_except,
'HT',
0,
$request_data->date_start,
$request_data->date_end,
$request_data->product_type,
$request_data->rang,
$request_data->special_code,
$fk_parent_line,
$request_data->fk_fournprice,
$request_data->pa_ht,
$request_data->label,
$request_data->array_options,
$request_data->fk_unit,
$this->element,
$request_data->id
);
if ($updateRes > 0) {
return $this->get($id)->line->rowid;
}
return false;
}
/**
* Update a line to given order <b>Warning: Deprecated</b>
*
*
* @param int $id Id of commande to update
* @param int $lineid Id of line to update
* @param array $request_data Orderline data
*
* @url PUT order/{id}/line/{lineid}
*
* @return object
*/
function putLine($id, $lineid, $request_data = NULL) {
if(! DolibarrApiAccess::$user->rights->commande->creer) {
throw new RestException(401);
}
$result = $this->commande->fetch($id);
if( ! $result ) {
throw new RestException(404, 'Commande not found');
}
if( ! DolibarrApi::_checkAccessToResource('commande',$this->commande->id)) {
throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
}
$request_data = (object) $request_data;
$updateRes = $this->commande->updateline(
$lineid,
$request_data->desc,
$request_data->subprice,
$request_data->qty,
$request_data->remise_percent,
$request_data->tva_tx,
$request_data->localtax1_tx,
$request_data->localtax2_tx,
'HT',
$request_data->info_bits,
$request_data->date_start,
$request_data->date_end,
$request_data->product_type,
$request_data->fk_parent_line,
0,
$request_data->fk_fournprice,
$request_data->pa_ht,
$request_data->label,
$request_data->special_code,
$request_data->array_options,
$request_data->fk_unit
);
if ($updateRes > 0) {
$result = $this->get($id);
unset($result->line);
return $this->_cleanObjectDatas($result);
}
return false;
}
/**
* Delete a line to given order <b>Warning: Deprecated</b>
*
*
* @param int $id Id of commande to update
* @param int $lineid Id of line to delete
*
* @url DELETE order/{id}/line/{lineid}
*
* @return int
*/
function delLine($id, $lineid) {
if(! DolibarrApiAccess::$user->rights->commande->creer) {
throw new RestException(401);
}
$result = $this->commande->fetch($id);
if( ! $result ) {
throw new RestException(404, 'Commande not found');
}
if( ! DolibarrApi::_checkAccessToResource('commande',$this->commande->id)) {
throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
}
$request_data = (object) $request_data;
$updateRes = $this->commande->deleteline($lineid);
if ($updateRes == 1) {
return $this->get($id);
}
return false;
}
/**
* Update order general fields (won't touch lines of order) <b>Warning: Deprecated</b>
*
* @param int $id Id of commande to update
* @param array $request_data Datas
*
* @url PUT order/{id}
*
* @return int
*/
function put($id, $request_data = NULL) {
if(! DolibarrApiAccess::$user->rights->commande->creer) {
throw new RestException(401);
}
$result = $this->commande->fetch($id);
if( ! $result ) {
throw new RestException(404, 'Commande not found');
}
if( ! DolibarrApi::_checkAccessToResource('commande',$this->commande->id)) {
throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
}
foreach($request_data as $field => $value) {
$this->commande->$field = $value;
}
if($this->commande->update($id, DolibarrApiAccess::$user,1,'','','update'))
return $this->get($id);
return false;
}
/**
* Delete order <b>Warning: Deprecated</b>
*
* @param int $id Order ID
*
* @url DELETE order/{id}
*
* @return array
*/
function delete($id)
{
if(! DolibarrApiAccess::$user->rights->commande->supprimer) {
throw new RestException(401);
}
$result = $this->commande->fetch($id);
if( ! $result ) {
throw new RestException(404, 'Order not found');
}
if( ! DolibarrApi::_checkAccessToResource('commande',$this->commande->id)) {
throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
}
if( ! $this->commande->delete(DolibarrApiAccess::$user)) {
throw new RestException(500, 'Error when delete order : '.$this->commande->error);
}
return array(
'success' => array(
'code' => 200,
'message' => 'Order deleted'
)
);
}
/**
* Validate an order <b>Warning: Deprecated</b>
*
* @param int $id Order ID
* @param int $idwarehouse Warehouse ID
*
* @url GET order/{id}/validate
* @url POST order/{id}/validate
*
* @return array
*
*/
function validOrder($id, $idwarehouse=0)
{
if(! DolibarrApiAccess::$user->rights->commande->creer) {
throw new RestException(401);
}
$result = $this->commande->fetch($id);
if( ! $result ) {
throw new RestException(404, 'Order not found');
}
if( ! DolibarrApi::_checkAccessToResource('commande',$this->commande->id)) {
throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
}
if( ! $this->commande->valid(DolibarrApiAccess::$user, $idwarehouse)) {
throw new RestException(500, 'Error when validate order');
}
return array(
'success' => array(
'code' => 200,
'message' => 'Order validated'
)
);
}
/**
* Validate fields before create or update object
*
* @param array $data Array with data to verify
* @return array
* @throws RestException
*/
function _validate($data)
{
$commande = array();
foreach (CommandeApi::$FIELDS as $field) {
if (!isset($data[$field]))
throw new RestException(400, "$field field missing");
$commande[$field] = $data[$field];
}
return $commande;
}
}

297
htdocs/compta/facture/class/api_deprecated_invoice.class.php Normal file
View File

@ -0,0 +1,297 @@
<?php
/* Copyright (C) 2015 Jean-François Ferry <jfefe@aternatik.fr>
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 3 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
use Luracast\Restler\RestException;
require_once DOL_DOCUMENT_ROOT.'/compta/facture/class/facture.class.php';
/**
* API class for invoice object
*
* @smart-auto-routing false
* @access protected
* @class DolibarrApiAccess {@requires user,external}
* @deprecated
*/
class InvoiceApi extends DolibarrApi
{
/**
*
* @var array $FIELDS Mandatory fields, checked when create and update object
*/
static $FIELDS = array(
'socid'
);
/**
* @var Facture $invoice {@type Facture}
*/
public $invoice;
/**
* Constructor <b>Warning: Deprecated</b>
*
* @url GET invoice/
*
*/
function __construct()
{
global $db, $conf;
$this->db = $db;
$this->invoice = new Facture($this->db);
}
/**
* Get properties of a invoice object <b>Warning: Deprecated</b>
*
* Return an array with invoice informations
*
* @param int $id ID of invoice
* @return array|mixed data without useless information
*
* @url GET invoice/{id}
* @throws RestException
*/
function get($id)
{
if(! DolibarrApiAccess::$user->rights->facture->lire) {
throw new RestException(401);
}
$result = $this->invoice->fetch($id);
if( ! $result ) {
throw new RestException(404, 'Facture not found');
}
if( ! DolibarrApi::_checkAccessToResource('facture',$this->invoice->id)) {
throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
}
return $this->_cleanObjectDatas($this->invoice);
}
/**
* List invoices <b>Warning: Deprecated</b>
*
* Get a list of invoices
*
* @param int $socid Filter list with thirdparty ID
* @param string $mode Filter by invoice status : draft | unpaid | paid | cancelled
* @param string $sortfield Sort field
* @param string $sortorder Sort order
* @param int $limit Limit for list
* @param int $page Page number
*
* @return array Array of invoice objects
*
* @url GET invoice/list
* @url GET invoice/list/{mode}
* @url GET thirdparty/{socid}/invoice/list
* @url GET thirdparty/{socid}/invoice/list/{mode}
*/
function getList($socid=0, $mode='', $sortfield = "s.rowid", $sortorder = 'ASC', $limit = 0, $page = 0) {
global $db, $conf;
$obj_ret = array();
$socid = DolibarrApiAccess::$user->societe_id ? DolibarrApiAccess::$user->societe_id : '';
// If the internal user must only see his customers, force searching by him
if (! DolibarrApiAccess::$user->rights->societe->client->voir && !$socid) $search_sale = DolibarrApiAccess::$user->id;
$sql = "SELECT s.rowid";
if ((!DolibarrApiAccess::$user->rights->societe->client->voir && !$socid) || $search_sale > 0) $sql .= ", sc.fk_soc, sc.fk_user"; // We need these fields in order to filter by sale (including the case where the user can only see his prospects)
$sql.= " FROM ".MAIN_DB_PREFIX."facture as s";
if ((!DolibarrApiAccess::$user->rights->societe->client->voir && !$socid) || $search_sale > 0) $sql.= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; // We need this table joined to the select in order to filter by sale
$sql.= ' WHERE s.entity IN ('.getEntity('facture', 1).')';
if ((!DolibarrApiAccess::$user->rights->societe->client->voir && !$socid) || $search_sale > 0) $sql.= " AND s.fk_soc = sc.fk_soc";
if ($socid) $sql.= " AND s.fk_soc = ".$socid;
if ($search_sale > 0) $sql.= " AND s.rowid = sc.fk_soc"; // Join for the needed table to filter by sale
// Example of use $mode
if ($mode == 'draft') $sql.= " AND s.fk_statut IN (0)";
if ($mode == 'unpaid') $sql.= " AND s.fk_statut IN (1)";
if ($mode == 'paid') $sql.= " AND s.fk_statut IN (2)";
if ($mode == 'cancelled') $sql.= " AND s.fk_statut IN (3)";
// Insert sale filter
if ($search_sale > 0)
{
$sql .= " AND sc.fk_user = ".$search_sale;
}
$nbtotalofrecords = 0;
if (empty($conf->global->MAIN_DISABLE_FULL_SCANLIST))
{
$result = $db->query($sql);
$nbtotalofrecords = $db->num_rows($result);
}
$sql.= $db->order($sortfield, $sortorder);
if ($limit) {
if ($page < 0)
{
$page = 0;
}
$offset = $limit * $page;
$sql.= $db->plimit($limit + 1, $offset);
}
$result = $db->query($sql);
if ($result)
{
$num = $db->num_rows($result);
while ($i < $num)
{
$obj = $db->fetch_object($result);
$invoice_static = new Facture($db);
if($invoice_static->fetch($obj->rowid)) {
$obj_ret[] = parent::_cleanObjectDatas($invoice_static);
}
$i++;
}
}
else {
throw new RestException(503, 'Error when retrieve invoice list');
}
if( ! count($obj_ret)) {
throw new RestException(404, 'No invoice found');
}
return $obj_ret;
}
/**
* Create invoice object <b>Warning: Deprecated</b>
*
* @param array $request_data Request datas
* @return int ID of invoice
*
* @url POST invoice/
*/
function post($request_data = NULL)
{
if(! DolibarrApiAccess::$user->rights->facture->creer) {
throw new RestException(401);
}
// Check mandatory fields
$result = $this->_validate($request_data);
foreach($request_data as $field => $value) {
$this->invoice->$field = $value;
}
if(! array_keys($request_data,'date')) {
$this->invoice->date = dol_now();
}
if( ! $this->invoice->create(DolibarrApiAccess::$user)) {
throw new RestException(500);
}
return $this->invoice->id;
}
/**
* Update invoice <b>Warning: Deprecated</b>
*
* @param int $id Id of invoice to update
* @param array $request_data Datas
* @return int
*
* @url PUT invoice/{id}
*/
function put($id, $request_data = NULL)
{
if(! DolibarrApiAccess::$user->rights->facture->creer) {
throw new RestException(401);
}
$result = $this->invoice->fetch($id);
if( ! $result ) {
throw new RestException(404, 'Facture not found');
}
if( ! DolibarrApi::_checkAccessToResource('facture',$this->invoice->id)) {
throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
}
foreach($request_data as $field => $value) {
$this->invoice->$field = $value;
}
if($this->invoice->update($id, DolibarrApiAccess::$user))
return $this->get ($id);
return false;
}
/**
* Delete invoice <b>Warning: Deprecated</b>
*
* @param int $id Invoice ID
* @return type
*
* @url DELETE invoice/{id}
*/
function delete($id)
{
if(! DolibarrApiAccess::$user->rights->facture->supprimer) {
throw new RestException(401);
}
$result = $this->invoice->fetch($id);
if( ! $result ) {
throw new RestException(404, 'Facture not found');
}
if( ! DolibarrApi::_checkAccessToResource('facture',$this->facture->id)) {
throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
}
if( !$this->invoice->delete($id))
{
throw new RestException(500);
}
return array(
'success' => array(
'code' => 200,
'message' => 'Facture deleted'
)
);
}
/**
* Validate fields before create or update object
*
* @param array $data Datas to validate
* @return array
*
* @throws RestException
*/
function _validate($data)
{
$invoice = array();
foreach (InvoiceApi::$FIELDS as $field) {
if (!isset($data[$field]))
throw new RestException(400, "$field field missing");
$invoice[$field] = $data[$field];
}
return $invoice;
}
}

359
htdocs/product/class/api_deprecated_product.class.php Normal file
View File

@ -0,0 +1,359 @@
<?php
/* Copyright (C) 2015 Jean-François Ferry <jfefe@aternatik.fr>
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 3 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
use Luracast\Restler\RestException;
require_once DOL_DOCUMENT_ROOT.'/product/class/product.class.php';
require_once DOL_DOCUMENT_ROOT.'/categories/class/categorie.class.php';
/**
* API class for product object
*
* @smart-auto-routing false
* @access protected
* @class DolibarrApiAccess {@requires user,external}
* @deprecated
*/
class ProductApi extends DolibarrApi
{
/**
* @var array $FIELDS Mandatory fields, checked when create and update object
*/
static $FIELDS = array(
'ref',
'label'
);
/**
* @var Product $product {@type Product}
*/
public $product;
/**
* Constructor <b>Warning: Deprecated</b>
*
* @url product/
*
*/
function __construct()
{
global $db, $conf;
$this->db = $db;
$this->product = new Product($this->db);
}
/**
* Get properties of a product object <b>Warning: Deprecated</b>
*
* Return an array with product informations
*
* @param int $id ID of product
* @param string $ref Product ref
* @param string $ref_ext Product ref ext
* @return array|mixed data without useless information
*
* @url GET product/{id}
* @throws RestException
*/
function get($id='', $ref='', $ref_ext='')
{
if(! DolibarrApiAccess::$user->rights->produit->lire) {
throw new RestException(401);
}
$result = $this->product->fetch($id,$ref,$ref_ext);
if( ! $result ) {
throw new RestException(404, 'Product not found');
}
if( ! DolibarrApi::_checkAccessToResource('product',$this->product->id)) {
throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
}
$this->product->load_stock();
return $this->_cleanObjectDatas($this->product);
}
/**
* List products <b>Warning: Deprecated</b>
*
* Get a list of products
*
* @param int $mode Use this param to filter list (0 for all, 1 for only product, 2 for only service)
* @param mixed $to_sell Filter products to sell (1) or not to sell (0)
* @param mixed $to_buy Filter products to nuy (1) or not to buy (0)
* @param string $sortfield Sort field
* @param string $sortorder Sort order
* @param int $limit Limit for list
* @param int $page Page number
*
* @return array Array of product objects
*
* @url GET /product/list
*/
function getList($mode=0, $to_sell='', $to_buy='', $sortfield = "p.ref", $sortorder = 'ASC', $limit = 0, $page = 0) {
global $db, $conf;
$obj_ret = array();
$socid = DolibarrApiAccess::$user->societe_id ? DolibarrApiAccess::$user->societe_id : '';
$sql ="SELECT rowid, ref, ref_ext";
$sql.= " FROM ".MAIN_DB_PREFIX."product as p";
$sql.= ' WHERE p.entity IN ('.getEntity('product', 1).')';
// Show products
if ($mode == 1) $sql.= " AND p.fk_product_type = 0";
// Show services
if ($mode == 2) $sql.= " AND p.fk_product_type = 1";
// Show product on sell
if ($to_sell) $sql.= " AND p.to_sell = ".$db->escape($to_sell);
// Show product on buy
if ($to_buy) $sql.= " AND p.to_nuy = ".$db->escape($to_nuy);
$nbtotalofrecords = 0;
if (empty($conf->global->MAIN_DISABLE_FULL_SCANLIST))
{
$result = $db->query($sql);
$nbtotalofrecords = $db->num_rows($result);
}
$sql.= $db->order($sortfield, $sortorder);
if ($limit) {
if ($page < 0)
{
$page = 0;
}
$offset = $limit * $page;
$sql.= $db->plimit($limit + 1, $offset);
}
$result = $db->query($sql);
if ($result)
{
$num = $db->num_rows($result);
while ($i < $num)
{
$obj = $db->fetch_object($result);
$product_static = new Product($db);
if($product_static->fetch($obj->rowid)) {
$obj_ret[] = parent::_cleanObjectDatas($product_static);
}
$i++;
}
}
else {
throw new RestException(503, 'Error when retrieve product list');
}
if( ! count($obj_ret)) {
throw new RestException(404, 'No product found');
}
return $obj_ret;
}
/**
* List products in a category <b>Warning: Deprecated</b>
*
* Get a list of products
*
* @param int $mode Use this param to filter list (0 for all, 1 for only product, 2 for only service)
* @param int $category Use this param to filter list by category
* @param mixed $to_sell Filter products to sell (1) or not to sell (0)
* @param mixed $to_buy Filter products to nuy (1) or not to buy (0)
* @param string $sortfield Sort field
* @param string $sortorder Sort order
* @param int $limit Limit for list
* @param int $page Page number
*
* @return array Array of product objects
*
* @url GET /product/list/category/{category}
*/
function getByCategory($mode=0, $category=0, $to_sell='', $to_buy='', $sortfield = "p.ref", $sortorder = 'ASC', $limit = 0, $page = 0) {
global $db, $conf;
$obj_ret = array();
$socid = DolibarrApiAccess::$user->societe_id ? DolibarrApiAccess::$user->societe_id : '';
$sql = "SELECT rowid, ref, ref_ext";
$sql.= " FROM ".MAIN_DB_PREFIX."product as p, ";
$sql.= MAIN_DB_PREFIX."categorie_product as c";
$sql.= ' WHERE p.entity IN ('.getEntity('product', 1).')';
// Select products of given category
$sql.= " AND c.fk_categorie = ".$db->escape($category);
$sql.= " AND c.fk_product = p.rowid ";
// Show products
if ($mode == 1) $sql.= " AND p.fk_product_type = 0";
// Show services
if ($mode == 2) $sql.= " AND p.fk_product_type = 1";
// Show product on sell
if ($to_sell) $sql.= " AND p.to_sell = ".$db->escape($to_sell);
// Show product on buy
if ($to_buy) $sql.= " AND p.to_nuy = ".$db->escape($to_nuy);
$nbtotalofrecords = 0;
if (empty($conf->global->MAIN_DISABLE_FULL_SCANLIST))
{
$result = $db->query($sql);
$nbtotalofrecords = $db->num_rows($result);
}
$sql.= $db->order($sortfield, $sortorder);
if ($limit) {
if ($page < 0)
{
$page = 0;
}
$offset = $limit * $page;
$sql.= $db->plimit($limit + 1, $offset);
}
$result = $db->query($sql);
if ($result)
{
$num = $db->num_rows($result);
while ($i < $num)
{
$obj = $db->fetch_object($result);
$product_static = new Product($db);
if($product_static->fetch($obj->rowid)) {
$obj_ret[] = parent::_cleanObjectDatas($product_static);
}
$i++;
}
}
else {
throw new RestException(503, 'Error when retrieve product list');
}
if( ! count($obj_ret)) {
throw new RestException(404, 'No product found');
}
return $obj_ret;
}
/**
* Create product object <b>Warning: Deprecated</b>
*
* @param array $request_data Request data
* @return int ID of product
*
* @url POST product/
*/
function post($request_data = NULL)
{
if(! DolibarrApiAccess::$user->rights->produit->creer) {
throw new RestException(401);
}
// Check mandatory fields
$result = $this->_validate($request_data);
foreach($request_data as $field => $value) {
$this->product->$field = $value;
}
$result = $this->product->create(DolibarrApiAccess::$user);
if($result < 0) {
throw new RestException(503,'Error when creating product : '.$this->product->error);
}
return $this->product->id;
}
/**
* Update product <b>Warning: Deprecated</b>
*
* @param int $id Id of product to update
* @param array $request_data Datas
* @return int
*
* @url PUT product/{id}
*/
function put($id, $request_data = NULL)
{
if(! DolibarrApiAccess::$user->rights->produit->creer) {
throw new RestException(401);
}
$result = $this->product->fetch($id);
if( ! $result ) {
throw new RestException(404, 'Product not found');
}
if( ! DolibarrApi::_checkAccessToResource('product',$this->product->id)) {
throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
}
foreach($request_data as $field => $value) {
$this->product->$field = $value;
}
if($this->product->update($id, DolibarrApiAccess::$user,1,'','','update'))
return $this->get ($id);
return false;
}
/**
* Delete product <b>Warning: Deprecated</b>
*
* @param int $id Product ID
* @return array
*
* @url DELETE product/{id}
*/
function delete($id)
{
if(! DolibarrApiAccess::$user->rights->product->supprimer) {
throw new RestException(401);
}
$result = $this->product->fetch($id);
if( ! $result ) {
throw new RestException(404, 'Product not found');
}
if( ! DolibarrApi::_checkAccessToResource('product',$this->product->id)) {
throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
}
return $this->product->delete($id);
}
/**
* Validate fields before create or update object
*
* @param array $data Datas to validate
* @return array
* @throws RestException
*/
function _validate($data)
{
$product = array();
foreach (ProductApi::$FIELDS as $field) {
if (!isset($data[$field]))
throw new RestException(400, "$field field missing");
$product[$field] = $data[$field];
}
return $product;
}
}

293
htdocs/societe/class/api_deprecated_contact.class.php Normal file
View File

@ -0,0 +1,293 @@
<?php
/* Copyright (C) 2015 Jean-François Ferry <jfefe@aternatik.fr>
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 3 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
use Luracast\Restler\RestException;
//require_once DOL_DOCUMENT_ROOT . '/contact/class/contact.class.php';
/**
* API class for contact object
*
* @smart-auto-routing false
* @access protected
* @class DolibarrApiAccess {@requires user,external}
* @deprecated
*/
class ContactApi extends DolibarrApi
{
/**
*
* @var array $FIELDS Mandatory fields, checked when create and update object
*/
static $FIELDS = array(
'lastname'
);
/**
* @var Contact $contact {@type Contact}
*/
public $contact;
/**
* Constructor <b>Warning: Deprecated</b>
*
* @url contact/
*
*/
function __construct() {
global $db, $conf;
$this->db = $db;
$this->contact = new Contact($this->db);
}
/**
* Get properties of a contact object <b>Warning: Deprecated</b>
*
* Return an array with contact informations
*
* @param int $id ID of contact
* @return array|mixed data without useless information
*
* @url GET contact/{id}
* @throws RestException
*/
function get($id) {
if (!DolibarrApiAccess::$user->rights->societe->contact->lire)
{
throw new RestException(401);
}
$result = $this->contact->fetch($id);
if (!$result)
{
throw new RestException(404, 'Contact not found');
}
if (!DolibarrApi::_checkAccessToResource('contact', $this->contact->id, 'socpeople&societe'))
{
throw new RestException(401, 'Access not allowed for login ' . DolibarrApiAccess::$user->login);
}
return $this->_cleanObjectDatas($this->contact);
}
/**
* List contacts <b>Warning: Deprecated</b>
*
* Get a list of contacts
*
* @param int $socid ID of thirdparty to filter list
* @param string $sortfield Sort field
* @param string $sortorder Sort order
* @param int $limit Limit for list
* @param int $page Page number
* @return array Array of contact objects
*
* @url GET /contact/list
* @url GET /contact/list/{socid}
* @url GET /thirdparty/{socid}/contacts
* @url GET /customer/{socid}/contacts
*
* @throws RestException
*/
function getList($socid = 0, $sortfield = "c.rowid", $sortorder = 'ASC', $limit = 0, $page = 0) {
global $db, $conf;
$obj_ret = array();
if (!$socid)
{
$socid = DolibarrApiAccess::$user->societe_id ? DolibarrApiAccess::$user->societe_id : '';
}
// If the internal user must only see his customers, force searching by him
if (!DolibarrApiAccess::$user->rights->societe->client->voir && !$socid)
$search_sale = DolibarrApiAccess::$user->id;
$sql = "SELECT c.rowid";
$sql.= " FROM " . MAIN_DB_PREFIX . "socpeople as c";
if ((!DolibarrApiAccess::$user->rights->societe->client->voir && !$socid) || $search_sale > 0) {
// We need this table joined to the select in order to filter by sale
$sql.= ", " . MAIN_DB_PREFIX . "societe_commerciaux as sc";
}
$sql.= " LEFT JOIN " . MAIN_DB_PREFIX . "societe as s ON c.fk_soc = s.rowid";
$sql.= ' WHERE c.entity IN (' . getEntity('contact', 1) . ')';
if ($socid)
$sql.= " AND c.fk_soc = " . $socid;
if ((!DolibarrApiAccess::$user->rights->societe->client->voir && !$socid) || $search_sale > 0)
$sql.= " AND c.fk_soc = sc.fk_soc";
if ($search_sale > 0)
$sql.= " AND s.rowid = sc.fk_soc"; // Join for the needed table to filter by sale
// Insert sale filter
if ($search_sale > 0)
{
$sql .= " AND sc.fk_user = " . $search_sale;
}
$nbtotalofrecords = 0;
if (empty($conf->global->MAIN_DISABLE_FULL_SCANLIST))
{
$result = $db->query($sql);
$nbtotalofrecords = $db->num_rows($result);
}
$sql.= $db->order($sortfield, $sortorder);
if ($limit)
{
if ($page < 0)
{
$page = 0;
}
$offset = $limit * $page;
$sql.= $db->plimit($limit + 1, $offset);
}
$result = $db->query($sql);
if ($result)
{
$num = $db->num_rows($result);
while ($i < $num)
{
$obj = $db->fetch_object($result);
$contact_static = new Contact($db);
if ($contact_static->fetch($obj->rowid))
{
$obj_ret[] = parent::_cleanObjectDatas($contact_static);
}
$i++;
}
}
else {
throw new RestException(503, 'Error when retreive contacts : ' . $sql);
}
if (!count($obj_ret))
{
throw new RestException(404, 'Contacts not found');
}
return $obj_ret;
}
/**
* Create contact object <b>Warning: Deprecated</b>
*
* @param array $request_data Request datas
* @return int ID of contact
*
* @url POST contact/
*/
function post($request_data = NULL) {
if (!DolibarrApiAccess::$user->rights->societe->contact->creer)
{
throw new RestException(401);
}
// Check mandatory fields
$result = $this->_validate($request_data);
foreach ($request_data as $field => $value)
{
$this->contact->$field = $value;
}
return $this->contact->create(DolibarrApiAccess::$user);
}
/**
* Update contact <b>Warning: Deprecated</b>
*
* @param int $id Id of contact to update
* @param array $request_data Datas
* @return int
*
* @url PUT contact/{id}
*/
function put($id, $request_data = NULL) {
if (!DolibarrApiAccess::$user->rights->societe->contact->creer)
{
throw new RestException(401);
}
$result = $this->contact->fetch($id);
if (!$result)
{
throw new RestException(404, 'Contact not found');
}
if (!DolibarrApi::_checkAccessToResource('contact', $this->contact->id, 'socpeople&societe'))
{
throw new RestException(401, 'Access not allowed for login ' . DolibarrApiAccess::$user->login);
}
foreach ($request_data as $field => $value)
{
$this->contact->$field = $value;
}
if ($this->contact->update($id, DolibarrApiAccess::$user, 1, '', '', 'update'))
return $this->get($id);
return false;
}
/**
* Delete contact <b>Warning: Deprecated</b>
*
* @param int $id Contact ID
* @return integer
*
* @url DELETE contact/{id}
*/
function delete($id) {
if (!DolibarrApiAccess::$user->rights->contact->supprimer)
{
throw new RestException(401);
}
$result = $this->contact->fetch($id);
if (!$result)
{
throw new RestException(404, 'Contact not found');
}
if (!DolibarrApi::_checkAccessToResource('contact', $this->contact->id, 'socpeople&societe'))
{
throw new RestException(401, 'Access not allowed for login ' . DolibarrApiAccess::$user->login);
}
return $this->contact->delete($id);
}
/**
* Validate fields before create or update object
*
* @param array $data Data to validate
* @return array
* @throws RestException
*/
function _validate($data) {
$contact = array();
foreach (ContactApi::$FIELDS as $field)
{
if (!isset($data[$field]))
throw new RestException(400, "$field field missing");
$contact[$field] = $data[$field];
}
return $contact;
}
}

411
htdocs/societe/class/api_deprecated_thirdparty.class.php Normal file
View File

@ -0,0 +1,411 @@
<?php
/* Copyright (C) 2015 Jean-François Ferry <jfefe@aternatik.fr>
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 3 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
use Luracast\Restler\RestException;
/**
* API class for thirdparty object
*
* @smart-auto-routing false
* @access protected
* @class DolibarrApiAccess {@requires user,external}
* @deprecated
*/
class ThirdpartyApi extends DolibarrApi
{
/**
*
* @var array $FIELDS Mandatory fields, checked when create and update object
*/
static $FIELDS = array(
'name'
);
/**
* @var Societe $company {@type Societe}
*/
public $company;
/**
* @var Customer $customer {@type Client}
*/
public $customer;
/**
* Constructor <b>Warning: Deprecated</b>
*
* @url thirdparty/
*
*/
function __construct()
{
global $db, $conf;
$this->db = $db;
$this->company = new Societe($this->db);
$this->customer = new Client($this->db);
if (! empty($conf->global->SOCIETE_MAIL_REQUIRED)) {
static::$FIELDS[] = 'email';
}
}
/**
* Get properties of a customer object <b>Warning: Deprecated</b>
*
* Return an array with customer informations
*
* @param int $id ID of customer
* @return array|mixed data without useless information
*
* @url GET customer/{id}
* @throws RestException
*/
function getCustomer($id)
{
if(! DolibarrApiAccess::$user->rights->societe->lire) {
throw new RestException(401);
}
$result = $this->customer->fetch($id);
if( ! $result ) {
throw new RestException(404, 'Customer not found');
}
if( ! DolibarrApi::_checkAccessToResource('societe',$this->customer->id)) {
throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
}
return $this->_cleanObjectDatas($this->customer);
}
/**
* Search customer by email <b>Warning: Deprecated</b>
*
* @param string $email email id
*
* @return object client with given email
*
* @url GET customer/byemail/{email}
*/
function getByEmail($email) {
$res = $this->getList(1,$email);
if (count($res) == 1) {
$customer = $res[0];
return $customer;
}
return $res;
}
/**
* Get properties of a thirdparty object <b>Warning: Deprecated</b>
*
* Return an array with thirdparty informations
*
* @param int $id ID of thirdparty
* @return array|mixed data without useless information
*
* @url GET thirdparty/{id}
* @throws RestException
*/
function get($id)
{
if(! DolibarrApiAccess::$user->rights->societe->lire) {
throw new RestException(401);
}
$result = $this->company->fetch($id);
if( ! $result ) {
throw new RestException(404, 'Thirdparty not found');
}
if( ! DolibarrApi::_checkAccessToResource('societe',$this->company->id)) {
throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
}
return $this->_cleanObjectDatas($this->company);
}
/**
* List thirdparties <b>Warning: Deprecated</b>
*
* Get a list of thirdparties
*
* @param int $mode Set to 1 to show only customers
* Set to 2 to show only prospects
* Set to 3 to show only those are not customer neither prospect
* @param Text $email Search by email filter
* @param string $sortfield Sort field
* @param string $sortorder Sort order
* @param int $limit Limit for list
* @param int $page Page number
* @return array Array of thirdparty objects
*
* @url GET /thirdparty/list
*
*/
function getList($mode=0, $email=NULL, $sortfield = "s.rowid", $sortorder = 'ASC', $limit = 0, $page = 0) {
global $db, $conf;
$obj_ret = array();
$socid = DolibarrApiAccess::$user->societe_id ? DolibarrApiAccess::$user->societe_id : '';
// If the internal user must only see his customers, force searching by him
if (! DolibarrApiAccess::$user->rights->societe->client->voir && !$socid) $search_sale = DolibarrApiAccess::$user->id;
$sql = "SELECT s.rowid";
if ((!DolibarrApiAccess::$user->rights->societe->client->voir && !$socid) || $search_sale > 0) $sql .= ", sc.fk_soc, sc.fk_user"; // We need these fields in order to filter by sale (including the case where the user can only see his prospects)
$sql.= " FROM ".MAIN_DB_PREFIX."societe as s";
if ((!DolibarrApiAccess::$user->rights->societe->client->voir && !$socid) || $search_sale > 0) $sql.= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; // We need this table joined to the select in order to filter by sale
$sql.= ", ".MAIN_DB_PREFIX."c_stcomm as st";
$sql.= " WHERE s.fk_stcomm = st.id";
if ($mode == 1) $sql.= " AND s.client IN (1, 3)";
if ($mode == 2) $sql.= " AND s.client IN (2, 3)";
if ($mode == 3) $sql.= " AND s.client IN (0)";
$sql.= ' AND s.entity IN ('.getEntity('societe', 1).')';
if ((!DolibarrApiAccess::$user->rights->societe->client->voir && !$socid) || $search_sale > 0) $sql.= " AND s.rowid = sc.fk_soc";
if ($email != NULL) $sql.= " AND s.email = \"".$email."\"";
if ($socid) $sql.= " AND s.rowid = ".$socid;
if ($search_sale > 0) $sql.= " AND s.rowid = sc.fk_soc"; // Join for the needed table to filter by sale
// Insert sale filter
if ($search_sale > 0)
{
$sql .= " AND sc.fk_user = ".$search_sale;
}
$nbtotalofrecords = 0;
if (empty($conf->global->MAIN_DISABLE_FULL_SCANLIST))
{
$result = $db->query($sql);
$nbtotalofrecords = $db->num_rows($result);
}
$sql.= $db->order($sortfield, $sortorder);
if ($limit) {
if ($page < 0)
{
$page = 0;
}
$offset = $limit * $page;
$sql.= $db->plimit($limit + 1, $offset);
}
$result = $db->query($sql);
if ($result)
{
$num = $db->num_rows($result);
while ($i < $num)
{
$obj = $db->fetch_object($result);
$soc_static = new Societe($db);
if($soc_static->fetch($obj->rowid)) {
$obj_ret[] = parent::_cleanObjectDatas($soc_static);
}
$i++;
}
}
else {
throw new RestException(503, 'Error when retrieve thirdparties : ' . $sql);
}
if( ! count($obj_ret)) {
throw new RestException(404, 'Thirdparties not found');
}
return $obj_ret;
}
/**
* Show customers <b>Warning: Deprecated</b>
*
* @return array List of customers
*
* @url GET /thirdparty/list/customers
* @url GET /customer/list
*/
function getListCustomers() {
return $this->getList(1);
}
/**
* Show prospects <b>Warning: Deprecated</b>
*
* @return array List of prospects
*
* @url GET /thirdparty/list/prospects
*/
function getListProspects() {
return $this->getList(2);
}
/**
* Show other <b>Warning: Deprecated</b>
*
* @return array List of thirpdparties who are not customer neither prospect
*
* @url GET /thirdparty/list/others
*/
function getListOthers() {
return $this->getList(3);
}
/**
* Create thirdparty object <b>Warning: Deprecated</b>
*
* @param array $request_data Request datas
* @return int ID of thirdparty
*
* @url POST thirdparty/
*/
function post($request_data = NULL)
{
if(! DolibarrApiAccess::$user->rights->societe->creer) {
throw new RestException(401);
}
// Check mandatory fields
$result = $this->_validate($request_data);
foreach($request_data as $field => $value) {
$this->company->$field = $value;
}
return $this->company->create(DolibarrApiAccess::$user);
}
/**
* Create customer object <b>Warning: Deprecated</b>
*
* @param array $request_data Request datas
* @return int ID of thirdparty
*
* @url POST customer/
*/
function postCustomer($request_data) {
$this->post($request_data);
$this->company->set_as_client();
return $this->company->id;
}
/**
* Update thirdparty <b>Warning: Deprecated</b>
*
* @param int $id Id of thirdparty to update
* @param array $request_data Datas
* @return int
*
* @url PUT thirdparty/{id}
*/
function put($id, $request_data = NULL)
{
if(! DolibarrApiAccess::$user->rights->societe->creer) {
throw new RestException(401);
}
$result = $this->company->fetch($id);
if( ! $result ) {
throw new RestException(404, 'Thirdparty not found');
}
if( ! DolibarrApi::_checkAccessToResource('societe',$this->company->id)) {
throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
}
foreach($request_data as $field => $value) {
$this->company->$field = $value;
}
if($this->company->update($id, DolibarrApiAccess::$user,1,'','','update'))
return $this->get ($id);
return false;
}
/**
* Update customer <b>Warning: Deprecated</b>
*
* @param int $id Id of thirdparty to update
* @param array $request_data Datas
* @return int
*
* @url PUT customer/{id}
*/
function putClient($id, $request_data = NULL) {
if(! DolibarrApiAccess::$user->rights->societe->creer) {
throw new RestException(401);
}
$result = $this->customer->fetch($id);
if( ! $result ) {
throw new RestException(404, 'Customer not found');
}
if( ! DolibarrApi::_checkAccessToResource('societe',$this->customer->id)) {
throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
}
foreach($request_data as $field => $value) {
$this->customer->$field = $value;
}
if($this->customer->update($id, DolibarrApiAccess::$user,1,'','','update'))
return $this->get ($id);
return false;
}
/**
* Delete thirdparty <b>Warning: Deprecated</b>
*
* @param int $id Thirparty ID
* @return integer
*
* @url DELETE thirdparty/{id}
* @url DELETE customer/{id}
*/
function delete($id)
{
if(! DolibarrApiAccess::$user->rights->societe->supprimer) {
throw new RestException(401);
}
$result = $this->company->fetch($id);
if( ! $result ) {
throw new RestException(404, 'Thirdparty not found');
}
if( ! DolibarrApi::_checkAccessToResource('societe',$this->company->id)) {
throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
}
return $this->company->delete($id);
}
/**
* Validate fields before create or update object
*
* @param array $data Datas to validate
* @return array
*
* @throws RestException
*/
function _validate($data)
{
$thirdparty = array();
foreach (ThirdpartyApi::$FIELDS as $field) {
if (!isset($data[$field]))
throw new RestException(400, "$field field missing");
$thirdparty[$field] = $data[$field];
}
return $thirdparty;
}
}

273
htdocs/user/class/api_deprecated_user.class.php Normal file
View File

@ -0,0 +1,273 @@
<?php
/* Copyright (C) 2015 Jean-François Ferry <jfefe@aternatik.fr>
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 3 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
use Luracast\Restler\RestException;
//require_once DOL_DOCUMENT_ROOT . '/contact/class/contact.class.php';
/**
* API class for user object
*
* @smart-auto-routing false
* @access protected
* @class DolibarrApiAccess {@requires user,external}
* @deprecated
*/
class UserApi extends DolibarrApi
{
/**
*
* @var array $FIELDS Mandatory fields, checked when create and update object
*/
static $FIELDS = array(
'login'
);
/**
* @var User $user {@type User}
*/
public $useraccount;
/**
* Constructor <b>Warning: Deprecated</b>
*
* @url user/
*
*/
function __construct() {
global $db, $conf;
$this->db = $db;
$this->useraccount = new User($this->db);
}
/**
* Get properties of an user object <b>Warning: Deprecated</b>
*
* Return an array with user informations
*
* @param int $id ID of user
* @return array|mixed data without useless information
*
* @url GET user/{id}
* @throws RestException
*/
function get($id) {
//if (!DolibarrApiAccess::$user->rights->user->user->lire) {
//throw new RestException(401);
//}
$result = $this->useraccount->fetch($id);
if (!$result)
{
throw new RestException(404, 'User not found');
}
if (!DolibarrApi::_checkAccessToResource('user', $this->useraccount->id, 'user'))
{
throw new RestException(401, 'Access not allowed for login ' . DolibarrApiAccess::$user->login);
}
return $this->_cleanObjectDatas($this->useraccount);
}
/**
* Create useraccount object from contact <b>Warning: Deprecated</b>
*
* @param int $contactid Id of contact
* @param array $request_data Request datas
* @return int ID of user
*
* @url POST /contact/{contactid}/createUser
*/
function createFromContact($contactid, $request_data = NULL) {
//if (!DolibarrApiAccess::$user->rights->user->user->creer) {
//throw new RestException(401);
//}
if (!isset($request_data["login"]))
throw new RestException(400, "login field missing");
if (!isset($request_data["password"]))
throw new RestException(400, "password field missing");
if (!DolibarrApiAccess::$user->rights->societe->contact->lire) {
throw new RestException(401);
}
$contact = new Contact($this->db);
$contact->fetch($contactid);
if ($contact->id <= 0) {
throw new RestException(404, 'Contact not found');
}
if (!DolibarrApi::_checkAccessToResource('contact', $contact->id, 'socpeople&societe')) {
throw new RestException(401, 'Access not allowed for login ' . DolibarrApiAccess::$user->login);
}
// Check mandatory fields
$login = $request_data["login"];
$password = $request_data["password"];
$result = $this->useraccount->create_from_contact($contact,$login,$password);
if ($result <= 0) {
throw new RestException(500, "User not created");
}
// password parameter not used in create_from_contact
$this->useraccount->setPassword($this->useraccount,$password);
return $result;
}
/**
* Create user account <b>Warning: Deprecated</b>
*
* @param array $request_data New user data
* @return int
*
* @url POST user/
*/
function post($request_data = NULL) {
// check user authorization
//if(! DolibarrApiAccess::$user->rights->user->creer) {
// throw new RestException(401, "User creation not allowed");
//}
// check mandatory fields
/*if (!isset($request_data["login"]))
throw new RestException(400, "login field missing");
if (!isset($request_data["password"]))
throw new RestException(400, "password field missing");
if (!isset($request_data["lastname"]))
throw new RestException(400, "lastname field missing");*/
//assign field values
$xxx=var_export($request_data, true);
dol_syslog("xxx=".$xxx);
foreach ($request_data as $field => $value)
{
$this->useraccount->$field = $value;
}
$result = $this->useraccount->create(DolibarrApiAccess::$user);
if ($result <=0) {
throw new RestException(500, "User not created : ".$this->useraccount->error);
}
return array('id'=>$result);
}
/**
* Update account <b>Warning: Deprecated</b>
*
* @param int $id Id of account to update
* @param array $request_data Datas
* @return int
*
* @url PUT user/{id}
*/
function put($id, $request_data = NULL) {
//if (!DolibarrApiAccess::$user->rights->user->user->creer) {
//throw new RestException(401);
//}
$result = $this->useraccount->fetch($id);
if (!$result)
{
throw new RestException(404, 'Account not found');
}
if (!DolibarrApi::_checkAccessToResource('user', $this->useraccount->id, 'user'))
{
throw new RestException(401, 'Access not allowed for login ' . DolibarrApiAccess::$user->login);
}
foreach ($request_data as $field => $value)
{
$this->useraccount->$field = $value;
}
if ($this->useraccount->update($id, DolibarrApiAccess::$user, 1, '', '', 'update'))
return $this->get($id);
return false;
}
/**
* add user to group <b>Warning: Deprecated</b>
*
* @param int $id User ID
* @param int $group Group ID
* @return int
*
* @url GET user/{id}/setGroup/{group}
*/
function setGroup($id,$group) {
//if (!DolibarrApiAccess::$user->rights->user->user->supprimer) {
//throw new RestException(401);
//}
$result = $this->useraccount->fetch($id);
if (!$result)
{
throw new RestException(404, 'User not found');
}
if (!DolibarrApi::_checkAccessToResource('user', $this->useraccount->id, 'user'))
{
throw new RestException(401, 'Access not allowed for login ' . DolibarrApiAccess::$user->login);
}
return $this->useraccount->SetInGroup($group,1);
}
/**
* Delete account <b>Warning: Deprecated</b>
*
* @param int $id Account ID
* @return array
*
* @url DELETE user/{id}
*/
function delete($id) {
//if (!DolibarrApiAccess::$user->rights->user->user->supprimer) {
//throw new RestException(401);
//}
$result = $this->useraccount->fetch($id);
if (!$result)
{
throw new RestException(404, 'User not found');
}
if (!DolibarrApi::_checkAccessToResource('user', $this->useraccount->id, 'user'))
{
throw new RestException(401, 'Access not allowed for login ' . DolibarrApiAccess::$user->login);
}
return $this->useraccount->delete($id);
}
/**
* Validate fields before create or update object
*
* @param array $data Data to validate
* @return array
* @throws RestException
*/
function _validate($data) {
$account = array();
foreach (UserApi::$FIELDS as $field)
{
if (!isset($data[$field]))
throw new RestException(400, "$field field missing");
$account[$field] = $data[$field];
}
return $account;
}
}