diff --git a/htdocs/don/class/api_donations.class.php b/htdocs/don/class/api_donations.class.php index b326c6f4959..f2ad47f1b2e 100644 --- a/htdocs/don/class/api_donations.class.php +++ b/htdocs/don/class/api_donations.class.php @@ -1,6 +1,6 @@ - * Copyright (C) 2016 Laurent Destailleur +/* Copyright (C) 2019 Thibault FOUCART + * Copyright (C) 2019 Laurent Destailleur * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -72,13 +72,13 @@ class Donations extends DolibarrApi throw new RestException(404, 'Donation not found'); } - if( ! DolibarrApi::_checkAccessToResource('commande', $this->don->id)) { + if( ! DolibarrApi::_checkAccessToResource('donation', $this->don->id)) { throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login); } // Add external contacts ids - //$this->commande->contacts_ids = $this->don->liste_contact(-1,'external',1); - //$this->commande->fetchObjectLinked(); + //$this->don->contacts_ids = $this->don->liste_contact(-1,'external',1); + //$this->don->fetchObjectLinked(); return $this->_cleanObjectDatas($this->don); } @@ -87,14 +87,14 @@ class Donations extends DolibarrApi /** * List donations * - * Get a list of orders + * Get a list of donations * - * @param string $sortfield Sort field - * @param string $sortorder Sort order + * @param string $sortfield Sort field + * @param string $sortorder Sort order * @param int $limit Limit for list * @param int $page Page number - * @param string $thirdparty_ids Thirdparty ids to filter orders of. {@example '1' or '1,2,3'} {@pattern /^[0-9,]*$/i} - * @param string $sqlfilters Other criteria to filter answers separated by a comma. Syntax example "(t.ref:like:'SO-%') and (t.date_creation:<:'20160101')" + * @param string $thirdparty_ids Thirdparty ids to filter orders of. {@example '1' or '1,2,3'} {@pattern /^[0-9,]*$/i} + * @param string $sqlfilters Other criteria to filter answers separated by a comma. Syntax example "(t.ref:like:'SO-%') and (t.date_creation:<:'20160101')" * @return array Array of order objects * * @throws RestException @@ -108,25 +108,14 @@ class Donations extends DolibarrApi // case of external user, $thirdparty_ids param is ignored and replaced by user's socid $socids = DolibarrApiAccess::$user->societe_id ? DolibarrApiAccess::$user->societe_id : $thirdparty_ids; - // If the internal user must only see his customers, force searching by him - $search_sale = 0; - if (! DolibarrApiAccess::$user->rights->societe->client->voir && !$socids) $search_sale = DolibarrApiAccess::$user->id; - $sql = "SELECT t.rowid"; - if ((!DolibarrApiAccess::$user->rights->societe->client->voir && !$socids) || $search_sale > 0) $sql .= ", sc.fk_soc, sc.fk_user"; // We need these fields in order to filter by sale (including the case where the user can only see his prospects) + if ((!DolibarrApiAccess::$user->rights->societe->client->voir && !$socids) ) $sql .= ", sc.fk_soc, sc.fk_user"; // We need these fields in order to filter by sale (including the case where the user can only see his prospects) $sql.= " FROM ".MAIN_DB_PREFIX."don as t"; - if ((!DolibarrApiAccess::$user->rights->societe->client->voir && !$socids) || $search_sale > 0) $sql.= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; // We need this table joined to the select in order to filter by sale - $sql.= ' WHERE t.entity IN ('.getEntity('don').')'; - if ((!DolibarrApiAccess::$user->rights->societe->client->voir && !$socids) || $search_sale > 0) $sql.= " AND t.fk_soc = sc.fk_soc"; - if ($socids) $sql.= " AND t.fk_soc IN (".$socids.")"; - if ($search_sale > 0) $sql.= " AND t.rowid = sc.fk_soc"; // Join for the needed table to filter by sale - // Insert sale filter - if ($search_sale > 0) - { - $sql .= " AND sc.fk_user = ".$search_sale; - } + if ((!DolibarrApiAccess::$user->rights->societe->client->voir && !$socids) ) $sql.= " AND t.fk_soc = sc.fk_soc"; + if ($thirdparty_ids) $sql.= " AND t.fk_soc = ".$thirdparty_ids." "; + // Add sql filters if ($sqlfilters) { @@ -151,7 +140,7 @@ class Donations extends DolibarrApi dol_syslog("API Rest request"); $result = $db->query($sql); - + if ($result) { $num = $db->num_rows($result); @@ -160,21 +149,22 @@ class Donations extends DolibarrApi while ($i < $min) { $obj = $db->fetch_object($result); - $commande_static = new Commande($db); - if($commande_static->fetch($obj->rowid)) { + $don_static = new Don($db); + if($don_static->fetch($obj->rowid)) { // Add external contacts ids - $commande_static->contacts_ids = $commande_static->liste_contact(-1, 'external', 1); - $obj_ret[] = $this->_cleanObjectDatas($commande_static); + //$don_static->contacts_ids = $don_static->liste_contact(-1, 'external', 1); + $obj_ret[] = $this->_cleanObjectDatas($don_static); } $i++; } } else { - throw new RestException(503, 'Error when retrieve commande list : '.$db->lasterror()); + throw new RestException(503, 'Error when retrieve donation list : '.$db->lasterror()); } if( ! count($obj_ret)) { - throw new RestException(404, 'No order found'); + throw new RestException(404, 'No donation found'); } + return $obj_ret; } @@ -186,28 +176,28 @@ class Donations extends DolibarrApi */ function post($request_data = null) { - if(! DolibarrApiAccess::$user->rights->commande->creer) { + if(! DolibarrApiAccess::$user->rights->don->creer) { throw new RestException(401, "Insuffisant rights"); } // Check mandatory fields $result = $this->_validate($request_data); foreach($request_data as $field => $value) { - $this->commande->$field = $value; + $this->don->$field = $value; } /*if (isset($request_data["lines"])) { $lines = array(); foreach ($request_data["lines"] as $line) { array_push($lines, (object) $line); } - $this->commande->lines = $lines; + $this->don->lines = $lines; }*/ - if ($this->commande->create(DolibarrApiAccess::$user) < 0) { - throw new RestException(500, "Error creating order", array_merge(array($this->commande->error), $this->commande->errors)); + if ($this->don->create(DolibarrApiAccess::$user) < 0) { + throw new RestException(500, "Error creating order", array_merge(array($this->don->error), $this->don->errors)); } - return $this->commande->id; + return $this->don->id; } /** @@ -220,36 +210,30 @@ class Donations extends DolibarrApi */ function put($id, $request_data = null) { - if (! DolibarrApiAccess::$user->rights->commande->creer) { + if (! DolibarrApiAccess::$user->rights->don->creer) { throw new RestException(401); } - $result = $this->commande->fetch($id); + $result = $this->don->fetch($id); if (! $result) { - throw new RestException(404, 'Order not found'); + throw new RestException(404, 'Donation not found'); } - if (! DolibarrApi::_checkAccessToResource('commande', $this->commande->id)) { + if (! DolibarrApi::_checkAccessToResource('donation', $this->don->id)) { throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login); } foreach($request_data as $field => $value) { if ($field == 'id') continue; - $this->commande->$field = $value; + $this->don->$field = $value; } - // Update availability - if (!empty($this->commande->availability_id)) { - if ($this->commande->availability($this->commande->availability_id) < 0) - throw new RestException(400, 'Error while updating availability'); - } - - if ($this->commande->update(DolibarrApiAccess::$user) > 0) + if ($this->don->update(DolibarrApiAccess::$user) > 0) { return $this->get($id); } else { - throw new RestException(500, $this->commande->error); + throw new RestException(500, $this->don->error); } } @@ -269,7 +253,7 @@ class Donations extends DolibarrApi throw new RestException(404, 'Donation not found'); } - if( ! DolibarrApi::_checkAccessToResource('don', $this->don->id)) { + if( ! DolibarrApi::_checkAccessToResource('donation', $this->don->id)) { throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login); } @@ -309,10 +293,10 @@ class Donations extends DolibarrApi */ function validate($id, $idwarehouse = 0, $notrigger = 0) { - if(! DolibarrApiAccess::$user->rights->commande->creer) { + if(! DolibarrApiAccess::$user->rights->don->creer) { throw new RestException(401); } - $result = $this->commande->fetch($id); + $result = $this->don->fetch($id); if( ! $result ) { throw new RestException(404, 'Donation not found'); } @@ -321,25 +305,25 @@ class Donations extends DolibarrApi throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login); } - $result = $this->commande->valid(DolibarrApiAccess::$user, $idwarehouse, $notrigger); + $result = $this->don->valid(DolibarrApiAccess::$user, $idwarehouse, $notrigger); if ($result == 0) { throw new RestException(304, 'Error nothing done. May be object is already validated'); } if ($result < 0) { - throw new RestException(500, 'Error when validating Order: '.$this->commande->error); + throw new RestException(500, 'Error when validating Order: '.$this->don->error); } - $result = $this->commande->fetch($id); + $result = $this->don->fetch($id); if( ! $result ) { throw new RestException(404, 'Order not found'); } - if( ! DolibarrApi::_checkAccessToResource('commande', $this->commande->id)) { + if( ! DolibarrApi::_checkAccessToResource('don', $this->don->id)) { throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login); } - $this->commande->fetchObjectLinked(); + $this->don->fetchObjectLinked(); - return $this->_cleanObjectDatas($this->commande); + return $this->_cleanObjectDatas($this->don); } /** @@ -372,12 +356,12 @@ class Donations extends DolibarrApi */ function _validate($data) { - $commande = array(); + $don = array(); foreach (Orders::$FIELDS as $field) { if (!isset($data[$field])) throw new RestException(400, $field ." field missing"); - $commande[$field] = $data[$field]; + $don[$field] = $data[$field]; } - return $commande; + return $don; } }