Merge pull request #7511 from Oeris/develop-api

NEW Get a list of payments terms
2017-10-02 00:13:30 +02:00 · 2017-10-02 00:13:30 +02:00 · c118f4a317
commit c118f4a317
parent a81d458829 7374a2accd
2 changed files with 126 additions and 14 deletions
--- a/htdocs/api/class/api_dictionary.class.php
+++ b/htdocs/api/class/api_dictionary.class.php
@ -1,5 +1,9 @@
 <?php
-/* Copyright (C) 2017	Neil Orley	<neil.orley@oeris.fr>
+/* Copyright (C) 2016   Xebax Christy           <xebax@wanadoo.fr>
+ * Copyright (C) 2016	Laurent Destailleur		<eldy@users.sourceforge.net>
+ * Copyright (C) 2017	Regis Houssin	<regis.houssin@capnetworks.com>
+ * Copyright (C) 2017	Neil Orley	<neil.orley@oeris.fr>
+ *
 *
 * This program is free software; you can redistribute it and/or modify
 * it under the terms of the GNU General Public License as published by
@ -21,7 +25,7 @@ require_once DOL_DOCUMENT_ROOT.'/main.inc.php';
 require_once DOL_DOCUMENT_ROOT.'/core/class/ccountry.class.php';

 /**
- * API class for payment type (content of the paiement dictionary)
+ * API class for dictionaries
 *
 * @access protected
 * @class DolibarrApiAccess {@requires user,external}
@ -47,13 +51,14 @@ class Dictionary extends DolibarrApi
     * @param int       $limit      Number of items per page
     * @param int       $page       Page number {@min 0}
     * @param int       $active     Payment type is active or not {@min 0} {@max 1}
-     * @param string    $sqlfilters SQL criteria to filter. Syntax example "(t.code:=:'CHQ')"
+     * @param string    $sqlfilters SQL criteria to filter with. Syntax example "(t.code:=:'CHQ')"
     * 
-     * @url     GET payments
+     * @url     GET payment/types
     *
-     * @return List of payment types
-     *
-     * @throws RestException
+     * @return array [List of payment types]
+     *     
+     * @throws 400 RestException
+     * @throws 200 OK
     */
    function getPaymentTypes($sortfield = "code", $sortorder = 'ASC', $limit = 100, $page = 0, $active = 1, $sqlfilters = '')
    {
@ -67,9 +72,9 @@ class Dictionary extends DolibarrApi
        {
            if (! DolibarrApi::_checkFilters($sqlfilters))
            {
-                throw new RestException(503, 'Error when validating parameter sqlfilters '.$sqlfilters);
+                throw new RestException(400, 'error when validating parameter sqlfilters '.$sqlfilters);
            }
-	        $regexstring='\(([^:\'\(\)]+:[^:\'\(\)]+:[^:\(\)]+)\)';
+	          $regexstring='\(([^:\'\(\)]+:[^:\'\(\)]+:[^:\(\)]+)\)';
            $sql.=" AND (".preg_replace_callback('/'.$regexstring.'/', 'DolibarrApi::_forge_criteria_callback', $sqlfilters).")";
        }

@ -94,7 +99,7 @@ class Dictionary extends DolibarrApi
                $list[] = $this->db->fetch_object($result);
            }
        } else {
-            throw new RestException(503, 'Error when retrieving list of payment types : '.$this->db->lasterror());
+            throw new RestException(400, $this->db->lasterror());
        }

        return $list;
@ -447,6 +452,68 @@ class Dictionary extends DolibarrApi
        }
        
        return $list;
-    }       
+    } 
+
+    /**
+     * Get the list of payments terms.
+     *
+     * @param string    $sortfield  Sort field
+     * @param string    $sortorder  Sort order
+     * @param int       $limit      Number of items per page
+     * @param int       $page       Page number {@min 0}
+     * @param int       $active     Payment term is active or not {@min 0} {@max 1}
+     * @param string    $sqlfilters SQL criteria to filter. Syntax example "(t.code:=:'CHQ')"
+     *
+     * @url     GET payment/terms
+     *
+     * @return array List of payment terms
+     *
+     * @throws 400 RestException
+     * @throws 200 OK
+     */
+    function getPaymentTerms($sortfield = "sortorder", $sortorder = 'ASC', $limit = 100, $page = 0, $active = 1, $sqlfilters = '')
+    {
+        $list = array();
+
+        $sql = "SELECT rowid as id, code, sortorder, libelle as label, libelle_facture as descr, type_cdr, nbjour, decalage, module";
+        $sql.= " FROM ".MAIN_DB_PREFIX."c_payment_term as t";
+        $sql.= " WHERE t.active = ".$active;
+        // Add sql filters
+        if ($sqlfilters)
+        {
+            if (! DolibarrApi::_checkFilters($sqlfilters))
+            {
+                throw new RestException(400, 'Error when validating parameter sqlfilters '.$sqlfilters);
+            }
+                $regexstring='\(([^:\'\(\)]+:[^:\'\(\)]+:[^:\(\)]+)\)';
+            $sql.=" AND (".preg_replace_callback('/'.$regexstring.'/', 'DolibarrApi::_forge_criteria_callback', $sqlfilters).")";
+        }
+
+
+        $sql.= $this->db->order($sortfield, $sortorder);
+
+        if ($limit) {
+            if ($page < 0) {
+                $page = 0;
+            }
+            $offset = $limit * $page;
+
+            $sql .= $this->db->plimit($limit, $offset);
+        }
+
+        $result = $this->db->query($sql);
+
+        if ($result) {
+            $num = $this->db->num_rows($result);
+            $min = min($num, ($limit <= 0 ? $num : $limit));
+            for ($i = 0; $i < $min; $i++) {
+                $list[] = $this->db->fetch_object($result);
+            }
+        } else {
+            throw new RestException(400, $this->db->lasterror());
+        }
+
+        return $list;
+    }

 }
--- a/htdocs/api/class/api_documents.class.php
+++ b/htdocs/api/class/api_documents.class.php
@ -22,6 +22,7 @@ use Luracast\Restler\Format\UploadFormat;


 require_once DOL_DOCUMENT_ROOT.'/main.inc.php';
+require_once DOL_DOCUMENT_ROOT.'/core/lib/files.lib.php';

 /**
 * API class for receive files
@ -54,13 +55,57 @@ class Documents extends DolibarrApi
     *
     * @param   string  $module_part    Name of module or area concerned by file download ('facture', ...)
     * @param   string  $ref            Reference of object (This will define subdir automatically)
-     * @param   string  $subdir         Subdirectory (Only if ref not provided)
+     * @param   string  $subdir         NOT YET AVAILABLE : Subdirectory (Only if ref not provided)
     * @return  array                   List of documents
     *
-     * @throws RestException
+     * @throws 400
+     * @throws 401
+     * @throws 200 OK
     */
    public function index($module_part, $ref='', $subdir='') {
-        return array('note'=>'FeatureNotYetAvailable');
+	global $conf;
+
+	if (empty($module_part)) {
+            throw new RestException(400, 'bad value for parameter modulepart');
+	}
+        if (empty($ref) && empty($subdir)) {
+            throw new RestException(400, 'bad value for parameter ref or subdir');
+        }
+        if (empty($ref)) {
+            throw new RestException(404, 'FeatureNotYetAvailable');
+        }
+	if (!DolibarrApiAccess::$user->rights->ecm->read) {
+            throw new RestException(401);
+        }
+
+	$original_file = str_replace("../","/", $ref.'/'.$ref.'.pdf');
+	$refname=basename(dirname($original_file)."/");
+	$entity=$conf->entity;
+
+	$check_access = dol_check_secure_access_document($module_part,$original_file,$entity,DolibarrApiAccess::$user);
+	$accessallowed              = $check_access['accessallowed'];
+	$sqlprotectagainstexternals = $check_access['sqlprotectagainstexternals'];
+	$original_file              = $check_access['original_file'];
+
+	if (preg_match('/\.\./',$original_file) || preg_match('/[<>|]/',$original_file))
+	{
+	    throw new RestException(401);
+	}
+        if (!$accessallowed) {
+            throw new RestException(401);
+        }
+
+
+	$filename = basename($original_file);
+	$original_file_osencoded=dol_osencode($original_file);	// New file name encoded in OS encoding charset
+
+	if (! file_exists($original_file_osencoded))
+	{
+	    throw new RestException(404, 'File not found');
+	}
+
+	$file_content=file_get_contents($original_file_osencoded);
+        return array('filename'=>$filename, 'content'=>base64_encode($file_content), 'encoding'=>'MIME base64 (base64_encode php function, http://php.net/manual/en/function.base64-encode.php)' );
    }