diff --git a/htdocs/adherents/class/api_members.class.php b/htdocs/adherents/class/api_members.class.php index 4d13b6347ec..99a4f401171 100644 --- a/htdocs/adherents/class/api_members.class.php +++ b/htdocs/adherents/class/api_members.class.php @@ -1,5 +1,6 @@ +/* Copyright (C) 2016 Xebax Christy + * Copyright (C) 2017 Regis Houssin * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -19,6 +20,7 @@ use Luracast\Restler\RestException; require_once DOL_DOCUMENT_ROOT.'/adherents/class/adherent.class.php'; require_once DOL_DOCUMENT_ROOT.'/adherents/class/subscription.class.php'; +require_once DOL_DOCUMENT_ROOT.'/categories/class/categorie.class.php'; /** * API class for members @@ -357,4 +359,38 @@ class Members extends DolibarrApi return $member->subscription($start_date, $amount, 0, '', $label, '', '', '', $end_date); } + /** + * Get categories for a member + * + * @param int $id ID of member + * @param string $sortfield Sort field + * @param string $sortorder Sort order + * @param int $limit Limit for list + * @param int $page Page number + * + * @return mixed + * + * @url GET {id}/categories + */ + function getCategories($id, $sortfield = "s.rowid", $sortorder = 'ASC', $limit = 0, $page = 0) + { + if (! DolibarrApiAccess::$user->rights->categorie->lire) { + throw new RestException(401); + } + + $categories = new Categorie($this->db); + + $result = $categories->getListForItem($id, 'member', $sortfield, $sortorder, $limit, $page); + + if (empty($result)) { + throw new RestException(404, 'No category found'); + } + + if ($result < 0) { + throw new RestException(503, 'Error when retrieve category list : '.$categories->error); + } + + return $result; + } + } diff --git a/htdocs/categories/class/api_categories.class.php b/htdocs/categories/class/api_categories.class.php index ed10e337f7b..1c8d9fcfe50 100644 --- a/htdocs/categories/class/api_categories.class.php +++ b/htdocs/categories/class/api_categories.class.php @@ -23,13 +23,13 @@ /** * API class for categories * - * @access protected + * @access protected * @class DolibarrApiAccess {@requires user,external} */ class Categories extends DolibarrApi { /** - * @var array $FIELDS Mandatory fields, checked when create and update object + * @var array $FIELDS Mandatory fields, checked when create and update object */ static $FIELDS = array( 'label', @@ -44,7 +44,7 @@ class Categories extends DolibarrApi 4 => 'contact', 5 => 'account', ); - + /** * @var Categorie $category {@type Categorie} */ @@ -67,20 +67,20 @@ class Categories extends DolibarrApi * * @param int $id ID of category * @return array|mixed data without useless information - * + * * @throws RestException */ function get($id) - { + { if(! DolibarrApiAccess::$user->rights->categorie->lire) { throw new RestException(401); } - + $result = $this->category->fetch($id); if( ! $result ) { throw new RestException(404, 'category not found'); } - + if( ! DolibarrApi::_checkAccessToResource('category',$this->category->id)) { throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login); } @@ -90,7 +90,7 @@ class Categories extends DolibarrApi /** * List categories - * + * * Get a list of categories * * @param string $sortfield Sort field @@ -105,13 +105,13 @@ class Categories extends DolibarrApi */ function index($sortfield = "t.rowid", $sortorder = 'ASC', $limit = 0, $page = 0, $type = '', $sqlfilters = '') { global $db, $conf; - + $obj_ret = array(); - + if(! DolibarrApiAccess::$user->rights->categorie->lire) { throw new RestException(401); } - + $sql = "SELECT t.rowid"; $sql.= " FROM ".MAIN_DB_PREFIX."categorie as t"; $sql.= ' WHERE t.entity IN ('.getEntity('category').')'; @@ -120,7 +120,7 @@ class Categories extends DolibarrApi $sql.= ' AND t.type='.array_search($type,Categories::$TYPES); } // Add sql filters - if ($sqlfilters) + if ($sqlfilters) { if (! DolibarrApi::_checkFilters($sqlfilters)) { @@ -129,93 +129,6 @@ class Categories extends DolibarrApi $regexstring='\(([^:\'\(\)]+:[^:\'\(\)]+:[^:\(\)]+)\)'; $sql.=" AND (".preg_replace_callback('/'.$regexstring.'/', 'DolibarrApi::_forge_criteria_callback', $sqlfilters).")"; } - - $sql.= $db->order($sortfield, $sortorder); - if ($limit) { - if ($page < 0) - { - $page = 0; - } - $offset = $limit * $page; - - $sql.= $db->plimit($limit + 1, $offset); - } - - $result = $db->query($sql); - if ($result) - { - $i=0; - $num = $db->num_rows($result); - $min = min($num, ($limit <= 0 ? $num : $limit)); - while ($i < $min) - { - $obj = $db->fetch_object($result); - $category_static = new Categorie($db); - if($category_static->fetch($obj->rowid)) { - $obj_ret[] = $this->_cleanObjectDatas($category_static); - } - $i++; - } - } - else { - throw new RestException(503, 'Error when retrieve category list : '.$db->lasterror()); - } - if( ! count($obj_ret)) { - throw new RestException(404, 'No category found'); - } - return $obj_ret; - } - - /** - * List categories of an entity - * - * Note: This method is not directly exposed in the API, it is used - * in the GET /xxx/{id}/categories requests. - * - * @param string $sortfield Sort field - * @param string $sortorder Sort order - * @param int $limit Limit for list - * @param int $page Page number - * @param string $type Type of category ('member', 'customer', 'supplier', 'product', 'contact') - * @param int $item Id of the item to get categories for - * @return array Array of category objects - * - * @access private - */ - function getListForItem($sortfield = "s.rowid", $sortorder = 'ASC', $limit = 0, $page = 0, $type='customer', $item = 0) { - global $db, $conf; - - $obj_ret = array(); - - if(! DolibarrApiAccess::$user->rights->categorie->lire) { - throw new RestException(401); - } - //if ($type == "") { - //$type="product"; - //} - $sub_type = $type; - $subcol_name = "fk_".$type; - if ($type=="customer" || $type=="supplier") { - $sub_type="societe"; - $subcol_name="fk_soc"; - } - if ($type=="contact") { - $subcol_name="fk_socpeople"; - } - $sql = "SELECT s.rowid"; - $sql.= " FROM ".MAIN_DB_PREFIX."categorie as s"; - $sql.= " , ".MAIN_DB_PREFIX."categorie_".$sub_type." as sub "; - $sql.= ' WHERE s.entity IN ('.getEntity('category').')'; - $sql.= ' AND s.type='.array_search($type,Categories::$TYPES); - $sql.= ' AND s.rowid = sub.fk_categorie'; - $sql.= ' AND sub.'.$subcol_name.' = '.$item; - - $nbtotalofrecords = ''; - if (empty($conf->global->MAIN_DISABLE_FULL_SCANLIST)) - { - $result = $db->query($sql); - $nbtotalofrecords = $db->num_rows($result); - } $sql.= $db->order($sortfield, $sortorder); if ($limit) { @@ -250,13 +163,12 @@ class Categories extends DolibarrApi if( ! count($obj_ret)) { throw new RestException(404, 'No category found'); } - return $obj_ret; } /** * Create category object - * + * * @param array $request_data Request data * @return int ID of category */ @@ -268,7 +180,7 @@ class Categories extends DolibarrApi // Check mandatory fields $result = $this->_validate($request_data); - + foreach($request_data as $field => $value) { $this->category->$field = $value; } @@ -280,22 +192,22 @@ class Categories extends DolibarrApi /** * Update category - * + * * @param int $id Id of category to update - * @param array $request_data Datas - * @return int + * @param array $request_data Datas + * @return int */ function put($id, $request_data = NULL) { if(! DolibarrApiAccess::$user->rights->categorie->creer) { throw new RestException(401); } - + $result = $this->category->fetch($id); if( ! $result ) { throw new RestException(404, 'category not found'); } - + if( ! DolibarrApi::_checkAccessToResource('category',$this->category->id)) { throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login); } @@ -304,13 +216,13 @@ class Categories extends DolibarrApi if ($field == 'id') continue; $this->category->$field = $value; } - + if($this->category->update(DolibarrApiAccess::$user)) return $this->get ($id); - + return false; } - + /** * Delete category * @@ -326,15 +238,15 @@ class Categories extends DolibarrApi if( ! $result ) { throw new RestException(404, 'category not found'); } - + if( ! DolibarrApi::_checkAccessToResource('category',$this->category->id)) { throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login); } - + if (! $this->category->delete(DolibarrApiAccess::$user)) { throw new RestException(401,'error when delete category'); } - + return array( 'success' => array( 'code' => 200, @@ -342,8 +254,8 @@ class Categories extends DolibarrApi ) ); } - - + + /** * Clean sensible object datas * @@ -351,9 +263,9 @@ class Categories extends DolibarrApi * @return array Array of cleaned object properties */ function _cleanObjectDatas($object) { - + $object = parent::_cleanObjectDatas($object); - + // Remove fields not relevent to categories unset($object->country); unset($object->country_id); @@ -394,16 +306,16 @@ class Categories extends DolibarrApi unset($object->fk_project); unset($object->note); unset($object->statut); - + return $object; } - + /** * Validate fields before create or update object - * + * * @param array|null $data Data to validate * @return array - * + * * @throws RestException */ function _validate($data) diff --git a/htdocs/categories/class/categorie.class.php b/htdocs/categories/class/categorie.class.php index 5cbe56554dd..6027f76ec58 100644 --- a/htdocs/categories/class/categorie.class.php +++ b/htdocs/categories/class/categorie.class.php @@ -879,6 +879,100 @@ class Categorie extends CommonObject } } + /** + * List categories of an element id + * + * @param int $item Id of element + * @param string $type Type of category ('member', 'customer', 'supplier', 'product', 'contact') + * @param string $sortfield Sort field + * @param string $sortorder Sort order + * @param int $limit Limit for list + * @param int $page Page number + * @return array Array of categories + */ + function getListForItem($id, $type='customer', $sortfield = "s.rowid", $sortorder = 'ASC', $limit = 0, $page = 0) + { + global $conf; + + $categories = array(); + + $sub_type = $type; + $subcol_name = "fk_".$type; + if ($type=="customer" || $type=="supplier") { + $sub_type="societe"; + $subcol_name="fk_soc"; + } + if ($type=="contact") { + $subcol_name="fk_socpeople"; + } + $sql = "SELECT s.rowid"; + $sql.= " FROM ".MAIN_DB_PREFIX."categorie as s"; + $sql.= " , ".MAIN_DB_PREFIX."categorie_".$sub_type." as sub "; + $sql.= ' WHERE s.entity IN ('.getEntity('category').')'; + $sql.= ' AND s.type='.array_search($type, self::$MAP_ID_TO_CODE); + $sql.= ' AND s.rowid = sub.fk_categorie'; + $sql.= ' AND sub.'.$subcol_name.' = '.$id; + + $nbtotalofrecords = ''; + if (empty($conf->global->MAIN_DISABLE_FULL_SCANLIST)) + { + $result = $this->db->query($sql); + $nbtotalofrecords = $this->db->num_rows($result); + } + + $sql.= $this->db->order($sortfield, $sortorder); + if ($limit) { + if ($page < 0) + { + $page = 0; + } + $offset = $limit * $page; + + $sql.= $this->db->plimit($limit + 1, $offset); + } + + $result = $this->db->query($sql); + if ($result) + { + $i=0; + $num = $this->db->num_rows($result); + $min = min($num, ($limit <= 0 ? $num : $limit)); + while ($i < $min) + { + $obj = $this->db->fetch_object($result); + $category_static = new Categorie($this->db); + if ($category_static->fetch($obj->rowid)) + { + $categories[$i]['id'] = $category_static->id; + $categories[$i]['fk_parent'] = $category_static->fk_parent; + $categories[$i]['label'] = $category_static->label; + $categories[$i]['description'] = $category_static->description; + $categories[$i]['color'] = $category_static->color; + $categories[$i]['socid'] = $category_static->socid; + $categories[$i]['visible'] = $category_static->visible; + $categories[$i]['type'] = $category_static->type; + $categories[$i]['entity'] = $category_static->entity; + $categories[$i]['array_options'] = $category_static->array_options; + + // multilangs + if (! empty($conf->global->MAIN_MULTILANGS)) { + $categories[$i]['multilangs'] = $category_static->multilangs; + } + } + $i++; + } + } + else { + $this->error = $this->db->lasterror(); + return -1; + } + if ( ! count($categories)) { + return 0; + } + + return $categories; + } + /** * Return childs of a category * diff --git a/htdocs/categories/viewcat.php b/htdocs/categories/viewcat.php index 75a9215e18d..a3ca8053281 100644 --- a/htdocs/categories/viewcat.php +++ b/htdocs/categories/viewcat.php @@ -319,7 +319,7 @@ else // List of products or services (type is type of category) -if ($object->type == Categorie::TYPE_PRODUCT) +if ($type == Categorie::TYPE_PRODUCT) { $prods = $object->getObjectsInCateg("product"); if ($prods < 0) @@ -391,7 +391,7 @@ if ($object->type == Categorie::TYPE_PRODUCT) } } -if ($object->type == Categorie::TYPE_SUPPLIER) +if ($type == Categorie::TYPE_SUPPLIER) { $socs = $object->getObjectsInCateg("supplier"); if ($socs < 0) @@ -440,7 +440,7 @@ if ($object->type == Categorie::TYPE_SUPPLIER) } } -if($object->type == Categorie::TYPE_CUSTOMER) +if($type == Categorie::TYPE_CUSTOMER) { $socs = $object->getObjectsInCateg("customer"); if ($socs < 0) @@ -494,7 +494,7 @@ if($object->type == Categorie::TYPE_CUSTOMER) } // List of members -if ($object->type == Categorie::TYPE_MEMBER) +if ($type == Categorie::TYPE_MEMBER) { require_once DOL_DOCUMENT_ROOT.'/adherents/class/adherent.class.php'; @@ -547,7 +547,7 @@ if ($object->type == Categorie::TYPE_MEMBER) } // Categorie contact -if($object->type == Categorie::TYPE_CONTACT) +if ($type == Categorie::TYPE_CONTACT) { $contacts = $object->getObjectsInCateg("contact"); if ($contacts < 0) @@ -600,7 +600,7 @@ if($object->type == Categorie::TYPE_CONTACT) } // List of accounts -if ($object->type == Categorie::TYPE_ACCOUNT) +if ($type == Categorie::TYPE_ACCOUNT) { require_once DOL_DOCUMENT_ROOT.'/compta/bank/class/account.class.php'; @@ -653,7 +653,7 @@ if ($object->type == Categorie::TYPE_ACCOUNT) } // List of Project -if ($object->type == Categorie::TYPE_PROJECT) +if ($type == Categorie::TYPE_PROJECT) { require_once DOL_DOCUMENT_ROOT.'/projet/class/project.class.php'; diff --git a/htdocs/product/class/api_products.class.php b/htdocs/product/class/api_products.class.php index 0d6694ac569..25071801fe3 100644 --- a/htdocs/product/class/api_products.class.php +++ b/htdocs/product/class/api_products.class.php @@ -16,24 +16,24 @@ */ use Luracast\Restler\RestException; - + require_once DOL_DOCUMENT_ROOT.'/product/class/product.class.php'; require_once DOL_DOCUMENT_ROOT.'/categories/class/categorie.class.php'; /** * API class for products * - * @access protected + * @access protected * @class DolibarrApiAccess {@requires user,external} */ class Products extends DolibarrApi { /** - * @var array $FIELDS Mandatory fields, checked when create and update object + * @var array $FIELDS Mandatory fields, checked when create and update object */ static $FIELDS = array( 'ref', - 'label' + 'label' ); /** @@ -53,30 +53,30 @@ class Products extends DolibarrApi /** * Get properties of a product object - * + * * Return an array with product informations * * @param int $id ID of product * @return array|mixed data without useless information - * + * * @throws RestException * TODO implement getting a product by ref or by $ref_ext */ function get($id) - { + { if(! DolibarrApiAccess::$user->rights->produit->lire) { throw new RestException(401); } - + $result = $this->product->fetch($id); if( ! $result ) { throw new RestException(404, 'Product not found'); } - + if( ! DolibarrApi::_checkAccessToResource('product',$this->product->id)) { throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login); } - + $this->product->load_stock(); return $this->_cleanObjectDatas($this->product); @@ -84,9 +84,9 @@ class Products extends DolibarrApi /** * List products - * + * * Get a list of products - * + * * @param string $sortfield Sort field * @param string $sortorder Sort order * @param int $limit Limit for list @@ -98,9 +98,9 @@ class Products extends DolibarrApi */ function index($sortfield = "t.ref", $sortorder = 'ASC', $limit = 0, $page = 0, $mode=0, $category=0, $sqlfilters = '') { global $db, $conf; - + $obj_ret = array(); - + $socid = DolibarrApiAccess::$user->societe_id ? DolibarrApiAccess::$user->societe_id : ''; $sql = "SELECT t.rowid, t.ref, t.ref_ext"; @@ -121,7 +121,7 @@ class Products extends DolibarrApi // Show services if ($mode == 2) $sql.= " AND t.fk_product_type = 1"; // Add sql filters - if ($sqlfilters) + if ($sqlfilters) { if (! DolibarrApi::_checkFilters($sqlfilters)) { @@ -130,7 +130,7 @@ class Products extends DolibarrApi $regexstring='\(([^:\'\(\)]+:[^:\'\(\)]+:[^:\(\)]+)\)'; $sql.=" AND (".preg_replace_callback('/'.$regexstring.'/', 'DolibarrApi::_forge_criteria_callback', $sqlfilters).")"; } - + $sql.= $db->order($sortfield, $sortorder); if ($limit) { if ($page < 0) @@ -165,10 +165,10 @@ class Products extends DolibarrApi } return $obj_ret; } - + /** * Create product object - * + * * @param array $request_data Request data * @return int ID of product */ @@ -179,35 +179,35 @@ class Products extends DolibarrApi } // Check mandatory fields $result = $this->_validate($request_data); - + foreach($request_data as $field => $value) { $this->product->$field = $value; } if ($this->product->create(DolibarrApiAccess::$user) < 0) { throw new RestException(500, "Error creating product", array_merge(array($this->product->error), $this->product->errors)); } - + return $this->product->id; } /** * Update product - * + * * @param int $id Id of product to update - * @param array $request_data Datas - * @return int + * @param array $request_data Datas + * @return int */ function put($id, $request_data = NULL) { if(! DolibarrApiAccess::$user->rights->produit->creer) { throw new RestException(401); } - + $result = $this->product->fetch($id); if( ! $result ) { throw new RestException(404, 'Product not found'); } - + if( ! DolibarrApi::_checkAccessToResource('product',$this->product->id)) { throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login); } @@ -216,16 +216,16 @@ class Products extends DolibarrApi if ($field == 'id') continue; $this->product->$field = $value; } - + if($this->product->update($id, DolibarrApiAccess::$user,1,'update')) return $this->get ($id); - + return false; } - + /** * Delete product - * + * * @param int $id Product ID * @return array */ @@ -238,18 +238,18 @@ class Products extends DolibarrApi if( ! $result ) { throw new RestException(404, 'Product not found'); } - + if( ! DolibarrApi::_checkAccessToResource('product',$this->product->id)) { throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login); } - + // The Product::delete() method uses the global variable $user. global $user; $user = DolibarrApiAccess::$user; return $this->product->delete(DolibarrApiAccess::$user); } - + /** * Get categories for a product * @@ -263,9 +263,25 @@ class Products extends DolibarrApi * * @url GET {id}/categories */ - function getCategories($id, $sortfield = "s.rowid", $sortorder = 'ASC', $limit = 0, $page = 0) { - $categories = new Categories(); - return $categories->getListForItem($sortfield, $sortorder, $limit, $page, 'product', $id); + function getCategories($id, $sortfield = "s.rowid", $sortorder = 'ASC', $limit = 0, $page = 0) + { + if (! DolibarrApiAccess::$user->rights->categorie->lire) { + throw new RestException(401); + } + + $categories = new Categorie($this->db); + + $result = $categories->getListForItem($id, 'product', $sortfield, $sortorder, $limit, $page); + + if (empty($result)) { + throw new RestException(404, 'No category found'); + } + + if ($result < 0) { + throw new RestException(503, 'Error when retrieve category list : '.$categories->error); + } + + return $result; } /** @@ -275,17 +291,17 @@ class Products extends DolibarrApi * @return array Array of cleaned object properties */ function _cleanObjectDatas($object) { - + $object = parent::_cleanObjectDatas($object); - + unset($object->regeximgext); - + return $object; } - + /** * Validate fields before create or update object - * + * * @param array $data Datas to validate * @return array * @throws RestException diff --git a/htdocs/societe/class/api_contacts.class.php b/htdocs/societe/class/api_contacts.class.php index fcfdf4ad084..0e3c10ce726 100644 --- a/htdocs/societe/class/api_contacts.class.php +++ b/htdocs/societe/class/api_contacts.class.php @@ -18,6 +18,7 @@ use Luracast\Restler\RestException; //require_once DOL_DOCUMENT_ROOT . '/contact/class/contact.class.php'; +require_once DOL_DOCUMENT_ROOT.'/categories/class/categorie.class.php'; /** * API class for contacts @@ -333,9 +334,25 @@ class Contacts extends DolibarrApi * * @url GET {id}/categories */ - function getCategories($id, $sortfield = "s.rowid", $sortorder = 'ASC', $limit = 0, $page = 0) { - $categories = new Categories(); - return $categories->getListForItem($sortfield, $sortorder, $limit, $page, 'contact', $id); + function getCategories($id, $sortfield = "s.rowid", $sortorder = 'ASC', $limit = 0, $page = 0) + { + if (! DolibarrApiAccess::$user->rights->categorie->lire) { + throw new RestException(401); + } + + $categories = new Categorie($this->db); + + $result = $categories->getListForItem($id, 'contact', $sortfield, $sortorder, $limit, $page); + + if (empty($result)) { + throw new RestException(404, 'No category found'); + } + + if ($result < 0) { + throw new RestException(503, 'Error when retrieve category list : '.$categories->error); + } + + return $result; } /** diff --git a/htdocs/societe/class/api_thirdparties.class.php b/htdocs/societe/class/api_thirdparties.class.php index f25fda9a5fb..ab38f62b2ed 100644 --- a/htdocs/societe/class/api_thirdparties.class.php +++ b/htdocs/societe/class/api_thirdparties.class.php @@ -17,19 +17,20 @@ use Luracast\Restler\RestException; + require_once DOL_DOCUMENT_ROOT.'/categories/class/categorie.class.php'; /** * API class for thirdparties * - * @access protected + * @access protected * @class DolibarrApiAccess {@requires user,external} - * + * */ class Thirdparties extends DolibarrApi { /** * - * @var array $FIELDS Mandatory fields, checked when create and update object + * @var array $FIELDS Mandatory fields, checked when create and update object */ static $FIELDS = array( 'name' @@ -48,7 +49,7 @@ class Thirdparties extends DolibarrApi global $db, $conf; $this->db = $db; $this->company = new Societe($this->db); - + if (! empty($conf->global->SOCIETE_EMAIL_MANDATORY)) { static::$FIELDS[] = 'email'; } @@ -61,20 +62,20 @@ class Thirdparties extends DolibarrApi * * @param int $id ID of thirdparty * @return array|mixed data without useless information - * + * * @throws RestException */ function get($id) - { + { if(! DolibarrApiAccess::$user->rights->societe->lire) { throw new RestException(401); } - + $result = $this->company->fetch($id); if( ! $result ) { throw new RestException(404, 'Thirdparty not found'); } - + if( ! DolibarrApi::_checkAccessToResource('societe',$this->company->id)) { throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login); } @@ -84,14 +85,14 @@ class Thirdparties extends DolibarrApi /** * List thirdparties - * + * * Get a list of thirdparties - * + * * @param string $sortfield Sort field * @param string $sortorder Sort order * @param int $limit Limit for list * @param int $page Page number - * @param int $mode Set to 1 to show only customers + * @param int $mode Set to 1 to show only customers * Set to 2 to show only prospects * Set to 3 to show only those are not customer neither prospect * @param string $sqlfilters Other criteria to filter answers separated by a comma. Syntax example "(t.ref:like:'SO-%') and (t.date_creation:<:'20160101')" @@ -99,12 +100,12 @@ class Thirdparties extends DolibarrApi */ function index($sortfield = "t.rowid", $sortorder = 'ASC', $limit = 0, $page = 0, $mode=0, $sqlfilters = '') { global $db, $conf; - + $obj_ret = array(); - + // case of external user, we force socids $socids = DolibarrApiAccess::$user->societe_id ? DolibarrApiAccess::$user->societe_id : ''; - + // If the internal user must only see his customers, force searching by him $search_sale = 0; if (! DolibarrApiAccess::$user->rights->societe->client->voir && !$socids) $search_sale = DolibarrApiAccess::$user->id; @@ -112,7 +113,7 @@ class Thirdparties extends DolibarrApi $sql = "SELECT t.rowid"; if ((!DolibarrApiAccess::$user->rights->societe->client->voir && !$socids) || $search_sale > 0) $sql .= ", sc.fk_soc, sc.fk_user"; // We need these fields in order to filter by sale (including the case where the user can only see his prospects) $sql.= " FROM ".MAIN_DB_PREFIX."societe as t"; - + if ((!DolibarrApiAccess::$user->rights->societe->client->voir && !$socids) || $search_sale > 0) $sql.= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; // We need this table joined to the select in order to filter by sale $sql.= ", ".MAIN_DB_PREFIX."c_stcomm as st"; $sql.= " WHERE t.fk_stcomm = st.id"; @@ -130,7 +131,7 @@ class Thirdparties extends DolibarrApi $sql .= " AND sc.fk_user = ".$search_sale; } // Add sql filters - if ($sqlfilters) + if ($sqlfilters) { if (! DolibarrApi::_checkFilters($sqlfilters)) { @@ -139,7 +140,7 @@ class Thirdparties extends DolibarrApi $regexstring='\(([^:\'\(\)]+:[^:\'\(\)]+:[^:\(\)]+)\)'; $sql.=" AND (".preg_replace_callback('/'.$regexstring.'/', 'DolibarrApi::_forge_criteria_callback', $sqlfilters).")"; } - + $sql.= $db->order($sortfield, $sortorder); if ($limit) { @@ -175,7 +176,7 @@ class Thirdparties extends DolibarrApi } return $obj_ret; } - + /** * Create thirdparty object * @@ -189,13 +190,13 @@ class Thirdparties extends DolibarrApi } // Check mandatory fields $result = $this->_validate($request_data); - + foreach($request_data as $field => $value) { $this->company->$field = $value; } if ($this->company->create(DolibarrApiAccess::$user) < 0) throw new RestException(500, 'Error creating thirdparty', array_merge(array($this->company->error), $this->company->errors)); - + return $this->company->id; } @@ -203,20 +204,20 @@ class Thirdparties extends DolibarrApi * Update thirdparty * * @param int $id Id of thirdparty to update - * @param array $request_data Datas - * @return int + * @param array $request_data Datas + * @return int */ function put($id, $request_data = NULL) { if(! DolibarrApiAccess::$user->rights->societe->creer) { throw new RestException(401); } - + $result = $this->company->fetch($id); if( ! $result ) { throw new RestException(404, 'Thirdparty not found'); } - + if( ! DolibarrApi::_checkAccessToResource('societe',$this->company->id)) { throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login); } @@ -225,13 +226,13 @@ class Thirdparties extends DolibarrApi if ($field == 'id') continue; $this->company->$field = $value; } - + if($this->company->update($id, DolibarrApiAccess::$user,1,'','','update')) return $this->get ($id); - + return false; } - + /** * Delete thirdparty * @@ -252,7 +253,7 @@ class Thirdparties extends DolibarrApi } return $this->company->delete($id); } - + /** * Get categories for a thirdparty * @@ -266,9 +267,25 @@ class Thirdparties extends DolibarrApi * * @url GET {id}/categories */ - function getCategories($id, $sortfield = "s.rowid", $sortorder = 'ASC', $limit = 0, $page = 0) { - $categories = new Categories(); - return $categories->getListForItem($sortfield, $sortorder, $limit, $page, 'customer', $id); + function getCategories($id, $sortfield = "s.rowid", $sortorder = 'ASC', $limit = 0, $page = 0) + { + if (! DolibarrApiAccess::$user->rights->categorie->lire) { + throw new RestException(401); + } + + $categories = new Categorie($this->db); + + $result = $categories->getListForItem($id, 'customer', $sortfield, $sortorder, $limit, $page); + + if (empty($result)) { + throw new RestException(404, 'No category found'); + } + + if ($result < 0) { + throw new RestException(503, 'Error when retrieve category list : '.$categories->error); + } + + return $result; } /** @@ -318,24 +335,24 @@ class Thirdparties extends DolibarrApi * @return array Array of cleaned object properties */ function _cleanObjectDatas($object) { - + $object = parent::_cleanObjectDatas($object); - + unset($object->total_ht); unset($object->total_tva); unset($object->total_localtax1); unset($object->total_localtax2); unset($object->total_ttc); - + return $object; - } - + } + /** * Validate fields before create or update object - * + * * @param array $data Datas to validate * @return array - * + * * @throws RestException */ function _validate($data)