REST API: fix deleting a product/service.

The global variable $user must be set before calling the Product::delete() method else the check of permissions fails.
2016-06-21 23:08:22 +02:00 · 2016-06-21 23:08:22 +02:00 · 9e9e224c46
commit 9e9e224c46
parent 4a0d554986
1 changed files with 4 additions and 1 deletions
--- a/htdocs/product/class/api_products.class.php
+++ b/htdocs/product/class/api_products.class.php
@ -232,7 +232,6 @@ class Products extends DolibarrApi
     * 
     * @param   int     $id   Product ID
     * @return  array
-     * FIXME Deleting a product/service does not work because the Product::delete() method uses a global $user but it is not set.
     */
    function delete($id)
    {
@ -248,6 +247,10 @@ class Products extends DolibarrApi
 			throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
 		}
        
+        // The Product::delete() method uses the global variable $user.
+        global $user;
+        $user = DolibarrApiAccess::$user;
+
        return $this->product->delete($id);
    }