From aad0da25134dd51c4fb78d3be652ed2ef5a3fda2 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Thu, 21 Dec 2017 16:50:18 +0100 Subject: [PATCH] Fix maxi debug of APIs (clean output fields) --- htdocs/adherents/class/api_members.class.php | 4 +- .../class/api_memberstypes.class.php | 2 +- .../class/api_subscriptions.class.php | 2 +- htdocs/api/class/api.class.php | 49 +- .../categories/class/api_categories.class.php | 2 +- .../comm/propal/class/api_proposals.class.php | 10 +- htdocs/comm/propal/class/propal.class.php | 5 + htdocs/commande/class/api_orders.class.php | 20 +- htdocs/commande/class/commande.class.php | 4 +- .../bank/class/api_bankaccounts.class.php | 2 +- .../facture/class/api_invoices.class.php | 20 +- htdocs/compta/facture/class/facture.class.php | 2 +- htdocs/contrat/class/api_contracts.class.php | 9 +- htdocs/contrat/class/contrat.class.php | 1 + htdocs/core/lib/functions2.lib.php | 3 + .../expedition/class/api_shipments.class.php | 659 ++++++++++++++++++ htdocs/expedition/class/expedition.class.php | 44 +- .../class/api_expensereports.class.php | 6 +- htdocs/societe/class/api_contacts.class.php | 25 + .../societe/class/api_thirdparties.class.php | 3 + htdocs/user/class/api_users.class.php | 2 +- 21 files changed, 828 insertions(+), 46 deletions(-) create mode 100644 htdocs/expedition/class/api_shipments.class.php diff --git a/htdocs/adherents/class/api_members.class.php b/htdocs/adherents/class/api_members.class.php index 453b45f59b3..217ab47c0ab 100644 --- a/htdocs/adherents/class/api_members.class.php +++ b/htdocs/adherents/class/api_members.class.php @@ -225,13 +225,13 @@ class Members extends DolibarrApi // If there is no error, update() returns the number of affected rows // so if the update is a no op, the return value is zero. - if($member->update(DolibarrApiAccess::$user) >= 0) + if ($member->update(DolibarrApiAccess::$user) >= 0) { return $this->get($id); } else { - throw new RestException(500, $this->task->error); + throw new RestException(500, $member->error); } } diff --git a/htdocs/adherents/class/api_memberstypes.class.php b/htdocs/adherents/class/api_memberstypes.class.php index 6e793d7229d..26d3d115f75 100644 --- a/htdocs/adherents/class/api_memberstypes.class.php +++ b/htdocs/adherents/class/api_memberstypes.class.php @@ -209,7 +209,7 @@ class MembersTypes extends DolibarrApi } else { - throw new RestException(500, $this->task->error); + throw new RestException(500, $membertype->error); } } diff --git a/htdocs/adherents/class/api_subscriptions.class.php b/htdocs/adherents/class/api_subscriptions.class.php index 60a243e6d90..3ae4f6f39d5 100644 --- a/htdocs/adherents/class/api_subscriptions.class.php +++ b/htdocs/adherents/class/api_subscriptions.class.php @@ -198,7 +198,7 @@ class Subscriptions extends DolibarrApi } else { - throw new RestException(500, $this->task->error); + throw new RestException(500, $subscription->error); } } diff --git a/htdocs/api/class/api.class.php b/htdocs/api/class/api.class.php index 66ab13bc8fb..df87efcd8c3 100644 --- a/htdocs/api/class/api.class.php +++ b/htdocs/api/class/api.class.php @@ -97,6 +97,7 @@ class DolibarrApi // Remove $db object property for object unset($object->db); unset($object->ismultientitymanaged); + unset($object->restrictiononfksoc); // Remove linkedObjects. We should already have linkedObjectIds that avoid huge responses unset($object->linkedObjects); @@ -104,7 +105,6 @@ class DolibarrApi unset($object->lignes); // we don't want lignes, we want only ->lines unset($object->fields); - unset($object->oldline); unset($object->error); @@ -141,6 +141,8 @@ class DolibarrApi unset($object->picto); unset($object->facturee); // Replace with billed + unset($object->fieldsforcombobox); + unset($object->comments); unset($object->skip_update_total); unset($object->context); @@ -157,23 +159,48 @@ class DolibarrApi unset($object->oldcopy); // If object has lines, remove $db property - if(isset($object->lines) && count($object->lines) > 0) { + if (isset($object->lines) && is_array($object->lines) && count($object->lines) > 0) { $nboflines = count($object->lines); for ($i=0; $i < $nboflines; $i++) { $this->_cleanObjectDatas($object->lines[$i]); + + unset($object->lines[$i]->contact); + unset($object->lines[$i]->contact_id); + unset($object->lines[$i]->country); + unset($object->lines[$i]->country_id); + unset($object->lines[$i]->country_code); + unset($object->lines[$i]->mode_reglement_id); + unset($object->lines[$i]->mode_reglement_code); + unset($object->lines[$i]->mode_reglement); + unset($object->lines[$i]->cond_reglement_id); + unset($object->lines[$i]->cond_reglement_code); + unset($object->lines[$i]->cond_reglement); + unset($object->lines[$i]->fk_delivery_address); + unset($object->lines[$i]->fk_projet); + unset($object->lines[$i]->thirdparty); + unset($object->lines[$i]->user); + unset($object->lines[$i]->model_pdf); + unset($object->lines[$i]->modelpdf); + unset($object->lines[$i]->note_public); + unset($object->lines[$i]->note_private); + unset($object->lines[$i]->fk_incoterms); + unset($object->lines[$i]->libelle_incoterms); + unset($object->lines[$i]->location_incoterms); + unset($object->lines[$i]->name); + unset($object->lines[$i]->lastname); + unset($object->lines[$i]->firstname); + unset($object->lines[$i]->civility_id); + unset($object->lines[$i]->fk_multicurrency); + unset($object->lines[$i]->multicurrency_code); + unset($object->lines[$i]->shipping_method_id); } } - // If object has linked objects, remove $db property - /* - if(isset($object->linkedObjects) && count($object->linkedObjects) > 0) { - foreach($object->linkedObjects as $type_object => $linked_object) { - foreach($linked_object as $object2clean) { - $this->_cleanObjectDatas($object2clean); - } - } - }*/ + if (! empty($object->thirdparty) && is_object($object->thirdparty)) + { + $this->_cleanObjectDatas($object->thirdparty); + } return $object; } diff --git a/htdocs/categories/class/api_categories.class.php b/htdocs/categories/class/api_categories.class.php index ddf0495bcc1..46332f9f979 100644 --- a/htdocs/categories/class/api_categories.class.php +++ b/htdocs/categories/class/api_categories.class.php @@ -223,7 +223,7 @@ class Categories extends DolibarrApi } else { - throw new RestException(500, $this->task->error); + throw new RestException(500, $this->category->error); } } diff --git a/htdocs/comm/propal/class/api_proposals.class.php b/htdocs/comm/propal/class/api_proposals.class.php index 160f6999c40..96e3e6d2509 100644 --- a/htdocs/comm/propal/class/api_proposals.class.php +++ b/htdocs/comm/propal/class/api_proposals.class.php @@ -389,12 +389,16 @@ class Proposals extends DolibarrApi throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login); } + // TODO Check the lineid $lineid is a line of ojbect + $updateRes = $this->propal->deleteline($lineid); if ($updateRes > 0) { return $this->get($id); } - - return false; + else + { + throw new RestException(405, $this->propal->error); + } } /** @@ -442,7 +446,7 @@ class Proposals extends DolibarrApi } else { - throw new RestException(500, $this->task->error); + throw new RestException(500, $this->propal->error); } } diff --git a/htdocs/comm/propal/class/propal.class.php b/htdocs/comm/propal/class/propal.class.php index 84ad5707fe2..1386baa6b45 100644 --- a/htdocs/comm/propal/class/propal.class.php +++ b/htdocs/comm/propal/class/propal.class.php @@ -804,6 +804,8 @@ class Propal extends CommonObject if ($this->statut == self::STATUS_DRAFT) { + $this->db->begin(); + $line=new PropaleLigne($this->db); // For triggers @@ -813,15 +815,18 @@ class Propal extends CommonObject { $this->update_price(1); + $this->db->commit(); return 1; } else { + $this->db->rollback(); return -1; } } else { + $this->error='ErrorDeleteLineNotAllowedByObjectStatus'; return -2; } } diff --git a/htdocs/commande/class/api_orders.class.php b/htdocs/commande/class/api_orders.class.php index c15befe46e2..5d0f9722e37 100644 --- a/htdocs/commande/class/api_orders.class.php +++ b/htdocs/commande/class/api_orders.class.php @@ -372,19 +372,23 @@ class Orders extends DolibarrApi $result = $this->commande->fetch($id); if( ! $result ) { - throw new RestException(404, 'Commande not found'); + throw new RestException(404, 'Order not found'); } if( ! DolibarrApi::_checkAccessToResource('commande',$this->commande->id)) { throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login); } - $request_data = (object) $request_data; + // TODO Check the lineid $lineid is a line of ojbect + $updateRes = $this->commande->deleteline(DolibarrApiAccess::$user,$lineid); if ($updateRes > 0) { return $this->get($id); } - return false; + else + { + throw new RestException(405, $this->commande->error); + } } /** @@ -434,7 +438,7 @@ class Orders extends DolibarrApi } else { - throw new RestException(500, $this->task->error); + throw new RestException(500, $this->commande->error); } } @@ -534,7 +538,7 @@ class Orders extends DolibarrApi * @url POST {id}/reopen * * @return int - * + * * @throws 304 * @throws 400 * @throws 401 @@ -545,7 +549,7 @@ class Orders extends DolibarrApi if(! DolibarrApiAccess::$user->rights->commande->creer) { throw new RestException(401); - } + } if(empty($id)) { throw new RestException(400, 'Order ID is mandatory'); } @@ -572,7 +576,7 @@ class Orders extends DolibarrApi * @url POST {id}/setinvoiced * * @return int - * + * * @throws 400 * @throws 401 * @throws 404 @@ -582,7 +586,7 @@ class Orders extends DolibarrApi if(! DolibarrApiAccess::$user->rights->commande->creer) { throw new RestException(401); - } + } if(empty($id)) { throw new RestException(400, 'Order ID is mandatory'); } diff --git a/htdocs/commande/class/commande.class.php b/htdocs/commande/class/commande.class.php index 35ead22c32f..4d094712c57 100644 --- a/htdocs/commande/class/commande.class.php +++ b/htdocs/commande/class/commande.class.php @@ -2074,7 +2074,6 @@ class Commande extends CommonOrder */ function deleteline($user=null, $lineid=0) { - if ($this->statut == self::STATUS_DRAFT) { $this->db->begin(); @@ -2137,7 +2136,8 @@ class Commande extends CommonOrder } else { - return -1; + $this->error='ErrorDeleteLineNotAllowedByObjectStatus'; + return -1; } } diff --git a/htdocs/compta/bank/class/api_bankaccounts.class.php b/htdocs/compta/bank/class/api_bankaccounts.class.php index 0da039a1a88..ffe01f41e7a 100644 --- a/htdocs/compta/bank/class/api_bankaccounts.class.php +++ b/htdocs/compta/bank/class/api_bankaccounts.class.php @@ -196,7 +196,7 @@ class BankAccounts extends DolibarrApi } else { - throw new RestException(500, $this->task->error); + throw new RestException(500, $account->error); } } diff --git a/htdocs/compta/facture/class/api_invoices.class.php b/htdocs/compta/facture/class/api_invoices.class.php index e6a2be07184..9500dd02a58 100644 --- a/htdocs/compta/facture/class/api_invoices.class.php +++ b/htdocs/compta/facture/class/api_invoices.class.php @@ -240,7 +240,7 @@ class Invoices extends DolibarrApi } if(! DolibarrApiAccess::$user->rights->facture->creer) { throw new RestException(401); - } + } if(empty($orderid)) { throw new RestException(400, 'Order ID is mandatory'); } @@ -380,18 +380,24 @@ class Invoices extends DolibarrApi throw new RestException(404, 'Invoice not found'); } - $result = $this->invoice->deleteline($lineid); - if( $result < 0) { + // TODO Check the lineid $lineid is a line of ojbect + + $updateRes = $this->invoice->deleteline($lineid); + if ($updateRes > 0) { + return $this->get($id); + } + else + { throw new RestException(405, $this->invoice->error); } - $result = $this->invoice->fetch($id); + /*$result = $this->invoice->fetch($id); $this->invoice->getLinesArray(); $result = array(); foreach ($this->invoice->lines as $line) { array_push($result,$this->_cleanObjectDatas($line)); - } + }*/ return $result; } @@ -508,10 +514,10 @@ class Invoices extends DolibarrApi $request_data->fk_parent_line = 0; } - // calculate pa_ht + // calculate pa_ht $marginInfos = getMarginInfos($request_data->subprice, $request_data->remise_percent, $request_data->tva_tx, $request_data->localtax1_tx, $request_data->localtax2_tx, $request_data->fk_fournprice, $request_data->pa_ht); $pa_ht = $marginInfos[0]; - + $updateRes = $this->invoice->addline( $request_data->desc, $request_data->subprice, diff --git a/htdocs/compta/facture/class/facture.class.php b/htdocs/compta/facture/class/facture.class.php index 0d96236a6ab..c5f9ae7fc92 100644 --- a/htdocs/compta/facture/class/facture.class.php +++ b/htdocs/compta/facture/class/facture.class.php @@ -3009,7 +3009,7 @@ class Facture extends CommonInvoice if (! $this->brouillon) { - $this->error='ErrorBadStatus'; + $this->error='ErrorDeleteLineNotAllowedByObjectStatus'; return -1; } diff --git a/htdocs/contrat/class/api_contracts.class.php b/htdocs/contrat/class/api_contracts.class.php index 04f17985f4d..689b0465fd4 100644 --- a/htdocs/contrat/class/api_contracts.class.php +++ b/htdocs/contrat/class/api_contracts.class.php @@ -450,11 +450,16 @@ class Contracts extends DolibarrApi throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login); } + // TODO Check the lineid $lineid is a line of ojbect + $updateRes = $this->contract->deleteline($lineid, DolibarrApiAccess::$user); if ($updateRes > 0) { return $this->get($id); } - return false; + else + { + throw new RestException(405, $this->contract->error); + } } /** @@ -489,7 +494,7 @@ class Contracts extends DolibarrApi } else { - throw new RestException(500, $this->task->error); + throw new RestException(500, $this->contract->error); } } diff --git a/htdocs/contrat/class/contrat.class.php b/htdocs/contrat/class/contrat.class.php index 1b52ac278ec..de2f89a5cd8 100644 --- a/htdocs/contrat/class/contrat.class.php +++ b/htdocs/contrat/class/contrat.class.php @@ -1758,6 +1758,7 @@ class Contrat extends CommonObject } else { + $this->error = 'ErrorDeleteLineNotAllowedByObjectStatus'; return -2; } } diff --git a/htdocs/core/lib/functions2.lib.php b/htdocs/core/lib/functions2.lib.php index 2add3e04b63..9f0869aac1d 100644 --- a/htdocs/core/lib/functions2.lib.php +++ b/htdocs/core/lib/functions2.lib.php @@ -2223,6 +2223,9 @@ function getModuleDirForApiClass($module) elseif ($module == 'order' || $module == 'orders') { $moduledirforclass = 'commande'; } + elseif ($module == 'shipments') { + $moduledirforclass = 'expedition'; + } elseif ($module == 'facture' || $module == 'invoice' || $module == 'invoices') { $moduledirforclass = 'compta/facture'; } diff --git a/htdocs/expedition/class/api_shipments.class.php b/htdocs/expedition/class/api_shipments.class.php new file mode 100644 index 00000000000..23d4e284484 --- /dev/null +++ b/htdocs/expedition/class/api_shipments.class.php @@ -0,0 +1,659 @@ + + * Copyright (C) 2016 Laurent Destailleur + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 3 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program. If not, see . + */ + + use Luracast\Restler\RestException; + + require_once DOL_DOCUMENT_ROOT.'/expedition/class/expedition.class.php'; + +/** + * API class for shipments + * + * @access protected + * @class DolibarrApiAccess {@requires user,external} + */ +class Shipments extends DolibarrApi +{ + + /** + * @var array $FIELDS Mandatory fields, checked when create and update object + */ + static $FIELDS = array( + 'socid', + 'origin_id', + 'origin_type' + ); + + /** + * @var Expedition $shipment {@type Expedition} + */ + public $shipment; + + /** + * Constructor + */ + function __construct() + { + global $db, $conf; + $this->db = $db; + $this->shipment = new Expedition($this->db); + } + + /** + * Get properties of a shipment object + * + * Return an array with shipment informations + * + * @param int $id ID of shipment + * @return array|mixed data without useless information + * + * @throws RestException + */ + function get($id) + { + if(! DolibarrApiAccess::$user->rights->expedition->lire) { + throw new RestException(401); + } + + $result = $this->shipment->fetch($id); + if( ! $result ) { + throw new RestException(404, 'Shipment not found'); + } + + if( ! DolibarrApi::_checkAccessToResource('expedition',$this->shipment->id)) { + throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login); + } + + $this->shipment->fetchObjectLinked(); + return $this->_cleanObjectDatas($this->shipment); + } + + + + /** + * List shipments + * + * Get a list of shipments + * + * @param string $sortfield Sort field + * @param string $sortorder Sort order + * @param int $limit Limit for list + * @param int $page Page number + * @param string $thirdparty_ids Thirdparty ids to filter shipments of. {@example '1' or '1,2,3'} {@pattern /^[0-9,]*$/i} + * @param string $sqlfilters Other criteria to filter answers separated by a comma. Syntax example "(t.ref:like:'SO-%') and (t.date_creation:<:'20160101')" + * @return array Array of shipment objects + * + * @throws RestException + */ + function index($sortfield = "t.rowid", $sortorder = 'ASC', $limit = 100, $page = 0, $thirdparty_ids = '', $sqlfilters = '') { + global $db, $conf; + + $obj_ret = array(); + + // case of external user, $thirdparty_ids param is ignored and replaced by user's socid + $socids = DolibarrApiAccess::$user->societe_id ? DolibarrApiAccess::$user->societe_id : $thirdparty_ids; + + // If the internal user must only see his customers, force searching by him + $search_sale = 0; + if (! DolibarrApiAccess::$user->rights->societe->client->voir && !$socids) $search_sale = DolibarrApiAccess::$user->id; + + $sql = "SELECT t.rowid"; + if ((!DolibarrApiAccess::$user->rights->societe->client->voir && !$socids) || $search_sale > 0) $sql .= ", sc.fk_soc, sc.fk_user"; // We need these fields in order to filter by sale (including the case where the user can only see his prospects) + $sql.= " FROM ".MAIN_DB_PREFIX."expedition as t"; + + if ((!DolibarrApiAccess::$user->rights->societe->client->voir && !$socids) || $search_sale > 0) $sql.= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; // We need this table joined to the select in order to filter by sale + + $sql.= ' WHERE t.entity IN ('.getEntity('expedition').')'; + if ((!DolibarrApiAccess::$user->rights->societe->client->voir && !$socids) || $search_sale > 0) $sql.= " AND t.fk_soc = sc.fk_soc"; + if ($socids) $sql.= " AND t.fk_soc IN (".$socids.")"; + if ($search_sale > 0) $sql.= " AND t.rowid = sc.fk_soc"; // Join for the needed table to filter by sale + // Insert sale filter + if ($search_sale > 0) + { + $sql .= " AND sc.fk_user = ".$search_sale; + } + // Add sql filters + if ($sqlfilters) + { + if (! DolibarrApi::_checkFilters($sqlfilters)) + { + throw new RestException(503, 'Error when validating parameter sqlfilters '.$sqlfilters); + } + $regexstring='\(([^:\'\(\)]+:[^:\'\(\)]+:[^:\(\)]+)\)'; + $sql.=" AND (".preg_replace_callback('/'.$regexstring.'/', 'DolibarrApi::_forge_criteria_callback', $sqlfilters).")"; + } + + $sql.= $db->order($sortfield, $sortorder); + if ($limit) { + if ($page < 0) + { + $page = 0; + } + $offset = $limit * $page; + + $sql.= $db->plimit($limit + 1, $offset); + } + + dol_syslog("API Rest request"); + $result = $db->query($sql); + + if ($result) + { + $num = $db->num_rows($result); + $min = min($num, ($limit <= 0 ? $num : $limit)); + while ($i < $min) + { + $obj = $db->fetch_object($result); + $shipment_static = new Expedition($db); + if($shipment_static->fetch($obj->rowid)) { + $obj_ret[] = $this->_cleanObjectDatas($shipment_static); + } + $i++; + } + } + else { + throw new RestException(503, 'Error when retrieve commande list : '.$db->lasterror()); + } + if( ! count($obj_ret)) { + throw new RestException(404, 'No shipment found'); + } + return $obj_ret; + } + + /** + * Create shipment object + * + * @param array $request_data Request data + * @return int ID of shipment + */ + function post($request_data = NULL) + { + if(! DolibarrApiAccess::$user->rights->expedition->creer) { + throw new RestException(401, "Insuffisant rights"); + } + // Check mandatory fields + $result = $this->_validate($request_data); + + foreach($request_data as $field => $value) { + $this->shipment->$field = $value; + } + /*if (isset($request_data["lines"])) { + $lines = array(); + foreach ($request_data["lines"] as $line) { + array_push($lines, (object) $line); + } + $this->shipment->lines = $lines; + }*/ + + if ($this->shipment->create(DolibarrApiAccess::$user) < 0) { + throw new RestException(500, "Error creating shipment", array_merge(array($this->shipment->error), $this->shipment->errors)); + } + + return $this->shipment->id; + } + + /** + * Get lines of an shipment + * + * @param int $id Id of shipment + * + * @url GET {id}/lines + * + * @return int + */ + /* + function getLines($id) { + if(! DolibarrApiAccess::$user->rights->expedition->lire) { + throw new RestException(401); + } + + $result = $this->shipment->fetch($id); + if( ! $result ) { + throw new RestException(404, 'Shipment not found'); + } + + if( ! DolibarrApi::_checkAccessToResource('expedition',$this->shipment->id)) { + throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login); + } + $this->shipment->getLinesArray(); + $result = array(); + foreach ($this->shipment->lines as $line) { + array_push($result,$this->_cleanObjectDatas($line)); + } + return $result; + } + */ + + /** + * Add a line to given shipment + * + * @param int $id Id of shipment to update + * @param array $request_data ShipmentLine data + * + * @url POST {id}/lines + * + * @return int + */ + /* + function postLine($id, $request_data = NULL) { + if(! DolibarrApiAccess::$user->rights->expedition->creer) { + throw new RestException(401); + } + + $result = $this->shipment->fetch($id); + if( ! $result ) { + throw new RestException(404, 'Shipment not found'); + } + + if( ! DolibarrApi::_checkAccessToResource('expedition',$this->shipment->id)) { + throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login); + } + $request_data = (object) $request_data; + $updateRes = $this->shipment->addline( + $request_data->desc, + $request_data->subprice, + $request_data->qty, + $request_data->tva_tx, + $request_data->localtax1_tx, + $request_data->localtax2_tx, + $request_data->fk_product, + $request_data->remise_percent, + $request_data->info_bits, + $request_data->fk_remise_except, + 'HT', + 0, + $request_data->date_start, + $request_data->date_end, + $request_data->product_type, + $request_data->rang, + $request_data->special_code, + $fk_parent_line, + $request_data->fk_fournprice, + $request_data->pa_ht, + $request_data->label, + $request_data->array_options, + $request_data->fk_unit, + $request_data->origin, + $request_data->origin_id, + $request_data->multicurrency_subprice + ); + + if ($updateRes > 0) { + return $updateRes; + + } + return false; + }*/ + + /** + * Update a line to given shipment + * + * @param int $id Id of shipment to update + * @param int $lineid Id of line to update + * @param array $request_data ShipmentLine data + * + * @url PUT {id}/lines/{lineid} + * + * @return object + */ + /* + function putLine($id, $lineid, $request_data = NULL) { + if(! DolibarrApiAccess::$user->rights->expedition->creer) { + throw new RestException(401); + } + + $result = $this->shipment->fetch($id); + if( ! $result ) { + throw new RestException(404, 'Shipment not found'); + } + + if( ! DolibarrApi::_checkAccessToResource('expedition',$this->shipment->id)) { + throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login); + } + $request_data = (object) $request_data; + $updateRes = $this->shipment->updateline( + $lineid, + $request_data->desc, + $request_data->subprice, + $request_data->qty, + $request_data->remise_percent, + $request_data->tva_tx, + $request_data->localtax1_tx, + $request_data->localtax2_tx, + 'HT', + $request_data->info_bits, + $request_data->date_start, + $request_data->date_end, + $request_data->product_type, + $request_data->fk_parent_line, + 0, + $request_data->fk_fournprice, + $request_data->pa_ht, + $request_data->label, + $request_data->special_code, + $request_data->array_options, + $request_data->fk_unit, + $request_data->multicurrency_subprice + ); + + if ($updateRes > 0) { + $result = $this->get($id); + unset($result->line); + return $this->_cleanObjectDatas($result); + } + return false; + }*/ + + /** + * Delete a line to given shipment + * + * + * @param int $id Id of shipment to update + * @param int $lineid Id of line to delete + * + * @url DELETE {id}/lines/{lineid} + * + * @return int + * @throws 401 + * @throws 404 + */ + function deleteLine($id, $lineid) { + if(! DolibarrApiAccess::$user->rights->expedition->creer) { + throw new RestException(401); + } + + $result = $this->shipment->fetch($id); + if( ! $result ) { + throw new RestException(404, 'Shipment not found'); + } + + if( ! DolibarrApi::_checkAccessToResource('expedition',$this->shipment->id)) { + throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login); + } + + // TODO Check the lineid $lineid is a line of ojbect + + $request_data = (object) $request_data; + $updateRes = $this->shipment->deleteline(DolibarrApiAccess::$user, $lineid); + if ($updateRes > 0) { + return $this->get($id); + } + else + { + throw new RestException(405, $this->shipment->error); + } + } + + /** + * Update shipment general fields (won't touch lines of shipment) + * + * @param int $id Id of shipment to update + * @param array $request_data Datas + * + * @return int + */ + function put($id, $request_data = NULL) { + if (! DolibarrApiAccess::$user->rights->expedition->creer) { + throw new RestException(401); + } + + $result = $this->shipment->fetch($id); + if (! $result) { + throw new RestException(404, 'Shipment not found'); + } + + if (! DolibarrApi::_checkAccessToResource('expedition',$this->shipment->id)) { + throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login); + } + foreach($request_data as $field => $value) { + if ($field == 'id') continue; + $this->shipment->$field = $value; + } + + if ($this->shipment->update(DolibarrApiAccess::$user) > 0) + { + return $this->get($id); + } + else + { + throw new RestException(500, $this->shipment->error); + } + } + + /** + * Delete shipment + * + * @param int $id Shipment ID + * + * @return array + */ + function delete($id) + { + if(! DolibarrApiAccess::$user->rights->shipment->supprimer) { + throw new RestException(401); + } + $result = $this->shipment->fetch($id); + if( ! $result ) { + throw new RestException(404, 'Shipment not found'); + } + + if( ! DolibarrApi::_checkAccessToResource('expedition',$this->shipment->id)) { + throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login); + } + + if( ! $this->shipment->delete(DolibarrApiAccess::$user)) { + throw new RestException(500, 'Error when deleting shipment : '.$this->shipment->error); + } + + return array( + 'success' => array( + 'code' => 200, + 'message' => 'Shipment deleted' + ) + ); + + } + + /** + * Validate a shipment + * + * This may record stock movements if module stock is enabled and option to + * decrease stock on shipment is on. + * + * @param int $id Shipment ID + * @param int $notrigger 1=Does not execute triggers, 0= execute triggers + * + * @url POST {id}/validate + * + * @return array + * FIXME An error 403 is returned if the request has an empty body. + * Error message: "Forbidden: Content type `text/plain` is not supported." + * Workaround: send this in the body + * { + * "notrigger": 0 + * } + */ + function validate($id, $notrigger=0) + { + if(! DolibarrApiAccess::$user->rights->expedition->creer) { + throw new RestException(401); + } + $result = $this->shipment->fetch($id); + if( ! $result ) { + throw new RestException(404, 'Shipment not found'); + } + + if( ! DolibarrApi::_checkAccessToResource('expedition',$this->shipment->id)) { + throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login); + } + + $result = $this->shipment->valid(DolibarrApiAccess::$user, $notrigger); + if ($result == 0) { + throw new RestException(304, 'Error nothing done. May be object is already validated'); + } + if ($result < 0) { + throw new RestException(500, 'Error when validating Shipment: '.$this->shipment->error); + } + $result = $this->shipment->fetch($id); + if( ! $result ) { + throw new RestException(404, 'Shipment not found'); + } + + if( ! DolibarrApi::_checkAccessToResource('expedition',$this->shipment->id)) { + throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login); + } + + $this->shipment->fetchObjectLinked(); + return $this->_cleanObjectDatas($this->shipment); + } + + + /** + * Classify the shipment as invoiced + * + * @param int $id Id of the shipment + * + * @url POST {id}/setinvoiced + * + * @return int + * + * @throws 400 + * @throws 401 + * @throws 404 + * @throws 405 + */ +/* function setinvoiced($id) { + + if(! DolibarrApiAccess::$user->rights->expedition->creer) { + throw new RestException(401); + } + if(empty($id)) { + throw new RestException(400, 'Shipment ID is mandatory'); + } + $result = $this->shipment->fetch($id); + if( ! $result ) { + throw new RestException(404, 'Shipment not found'); + } + + $result = $this->shipment->classifyBilled(DolibarrApiAccess::$user); + if( $result < 0) { + throw new RestException(400, $this->shipment->error); + } + return $result; + } +*/ + + + /** + * Create a shipment using an existing order. + * + * @param int $orderid Id of the order + * + * @url POST /createfromorder/{orderid} + * + * @return int + * @throws 400 + * @throws 401 + * @throws 404 + * @throws 405 + */ + /* + function createShipmentFromOrder($orderid) { + + require_once DOL_DOCUMENT_ROOT . '/commande/class/commande.class.php'; + + if(! DolibarrApiAccess::$user->rights->expedition->lire) { + throw new RestException(401); + } + if(! DolibarrApiAccess::$user->rights->expedition->creer) { + throw new RestException(401); + } + if(empty($proposalid)) { + throw new RestException(400, 'Order ID is mandatory'); + } + + $order = new Commande($this->db); + $result = $order->fetch($proposalid); + if( ! $result ) { + throw new RestException(404, 'Order not found'); + } + + $result = $this->shipment->createFromOrder($order, DolibarrApiAccess::$user); + if( $result < 0) { + throw new RestException(405, $this->shipment->error); + } + $this->shipment->fetchObjectLinked(); + return $this->_cleanObjectDatas($this->shipment); + } + */ + + /** + * Clean sensible object datas + * + * @param object $object Object to clean + * @return array Array of cleaned object properties + */ + function _cleanObjectDatas($object) { + + $object = parent::_cleanObjectDatas($object); + + unset($object->thirdparty); // id already returned + + unset($object->note); + unset($object->address); + unset($object->barcode_type); + unset($object->barcode_type_code); + unset($object->barcode_type_label); + unset($object->barcode_type_coder); + + if (! empty($object->lines) && is_array($object->lines)) + { + foreach ($object->lines as $line) + { + unset($line->tva_tx); + unset($line->vat_src_code); + unset($line->total_ht); + unset($line->total_ttc); + unset($line->total_tva); + unset($line->total_localtax1); + unset($line->total_localtax2); + unset($line->remise_percent); + } + } + + return $object; + } + + /** + * Validate fields before create or update object + * + * @param array $data Array with data to verify + * @return array + * @throws RestException + */ + function _validate($data) + { + $shipment = array(); + foreach (Shipments::$FIELDS as $field) { + if (!isset($data[$field])) + throw new RestException(400, "$field field missing"); + $shipment[$field] = $data[$field]; + + } + return $shipment; + } +} diff --git a/htdocs/expedition/class/expedition.class.php b/htdocs/expedition/class/expedition.class.php index 88d43335603..9817e232e9e 100644 --- a/htdocs/expedition/class/expedition.class.php +++ b/htdocs/expedition/class/expedition.class.php @@ -523,9 +523,6 @@ class Expedition extends CommonObject if ($this->statut == 0) $this->brouillon = 1; - $file = $conf->expedition->dir_output . "/" .get_exdir($this->id, 2, 0, 0, $this, 'shipment') . "/" . $this->id.".pdf"; - $this->pdf_filename = $file; - // Tracking url $this->GetUrlTrackingStatus($obj->tracking_number); @@ -1457,6 +1454,47 @@ class Expedition extends CommonObject } } + /** + * Delete detail line + * + * @param User $user User making deletion + * @param int $lineid Id of line to delete + * @return int >0 if OK, <0 if KO + */ + function deleteline($user, $lineid) + { + global $user; + + if ($this->statut == self::STATUS_DRAFT) + { + $this->db->begin(); + + $line=new ExpeditionLigne($this->db); + + // For triggers + $line->fetch($lineid); + + if ($line->delete($user) > 0) + { + //$this->update_price(1); + + $this->db->commit(); + return 1; + } + else + { + $this->db->rollback(); + return -1; + } + } + else + { + $this->error='ErrorDeleteLineNotAllowedByObjectStatus'; + return -2; + } + } + + /** * Return clicable link of object (with eventually picto) * diff --git a/htdocs/expensereport/class/api_expensereports.class.php b/htdocs/expensereport/class/api_expensereports.class.php index 07250466fc0..e68c9338b92 100644 --- a/htdocs/expensereport/class/api_expensereports.class.php +++ b/htdocs/expensereport/class/api_expensereports.class.php @@ -361,7 +361,9 @@ class ExpenseReports extends DolibarrApi if( ! DolibarrApi::_checkAccessToResource('expensereport',$this->expensereport->id)) { throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login); } - $request_data = (object) $request_data; + + // TODO Check the lineid $lineid is a line of ojbect + $updateRes = $this->expensereport->deleteline($lineid); if ($updateRes == 1) { return $this->get($id); @@ -402,7 +404,7 @@ class ExpenseReports extends DolibarrApi } else { - throw new RestException(500, $this->task->error); + throw new RestException(500, $this->expensereport->error); } } diff --git a/htdocs/societe/class/api_contacts.class.php b/htdocs/societe/class/api_contacts.class.php index 84442aaefac..3270bc144c2 100644 --- a/htdocs/societe/class/api_contacts.class.php +++ b/htdocs/societe/class/api_contacts.class.php @@ -357,6 +357,30 @@ class Contacts extends DolibarrApi return $result; } + + /** + * Clean sensible object datas + * + * @param object $object Object to clean + * @return array Array of cleaned object properties + */ + function _cleanObjectDatas($object) { + + $object = parent::_cleanObjectDatas($object); + + unset($object->total_ht); + unset($object->total_tva); + unset($object->total_localtax1); + unset($object->total_localtax2); + unset($object->total_ttc); + + unset($object->note); + unset($object->lines); + unset($object->thirdparty); + + return $object; + } + /** * Validate fields before create or update object * @@ -372,6 +396,7 @@ class Contacts extends DolibarrApi throw new RestException(400, "$field field missing"); $contact[$field] = $data[$field]; } + return $contact; } } diff --git a/htdocs/societe/class/api_thirdparties.class.php b/htdocs/societe/class/api_thirdparties.class.php index 1dc0eeb334b..9fd95a13a65 100644 --- a/htdocs/societe/class/api_thirdparties.class.php +++ b/htdocs/societe/class/api_thirdparties.class.php @@ -500,6 +500,9 @@ class Thirdparties extends DolibarrApi unset($object->total_localtax2); unset($object->total_ttc); + unset($object->lines); + unset($object->thirdparty); + return $object; } diff --git a/htdocs/user/class/api_users.class.php b/htdocs/user/class/api_users.class.php index 0145fd5eead..c30cacd72c0 100644 --- a/htdocs/user/class/api_users.class.php +++ b/htdocs/user/class/api_users.class.php @@ -222,7 +222,7 @@ class Users extends DolibarrApi } else { - throw new RestException(500, $this->task->error); + throw new RestException(500, $this->useraccount->error); } }