dolibarr  9.0.0
api_orders.class.php
1 <?php
2 /* Copyright (C) 2015 Jean-Fran├žois Ferry <jfefe@aternatik.fr>
3  * Copyright (C) 2016 Laurent Destailleur <eldy@users.sourceforge.net>
4  *
5  * This program is free software; you can redistribute it and/or modify
6  * it under the terms of the GNU General Public License as published by
7  * the Free Software Foundation; either version 3 of the License, or
8  * (at your option) any later version.
9  *
10  * This program is distributed in the hope that it will be useful,
11  * but WITHOUT ANY WARRANTY; without even the implied warranty of
12  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
13  * GNU General Public License for more details.
14  *
15  * You should have received a copy of the GNU General Public License
16  * along with this program. If not, see <http://www.gnu.org/licenses/>.
17  */
18 
20 
21  require_once DOL_DOCUMENT_ROOT.'/commande/class/commande.class.php';
22 
29 class Orders extends DolibarrApi
30 {
31 
35  static $FIELDS = array(
36  'socid'
37  );
38 
42  public $commande;
43 
47  function __construct()
48  {
49  global $db, $conf;
50  $this->db = $db;
51  $this->commande = new Commande($this->db);
52  }
53 
64  function get($id)
65  {
66  if(! DolibarrApiAccess::$user->rights->commande->lire) {
67  throw new RestException(401);
68  }
69 
70  $result = $this->commande->fetch($id);
71  if( ! $result ) {
72  throw new RestException(404, 'Order not found');
73  }
74 
75  if( ! DolibarrApi::_checkAccessToResource('commande',$this->commande->id)) {
76  throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
77  }
78 
79  // Add external contacts ids
80  $this->commande->contacts_ids = $this->commande->liste_contact(-1,'external',1);
81  $this->commande->fetchObjectLinked();
82  return $this->_cleanObjectDatas($this->commande);
83  }
84 
85 
86 
102  function index($sortfield = "t.rowid", $sortorder = 'ASC', $limit = 100, $page = 0, $thirdparty_ids = '', $sqlfilters = '')
103  {
104  global $db, $conf;
105 
106  $obj_ret = array();
107 
108  // case of external user, $thirdparty_ids param is ignored and replaced by user's socid
109  $socids = DolibarrApiAccess::$user->societe_id ? DolibarrApiAccess::$user->societe_id : $thirdparty_ids;
110 
111  // If the internal user must only see his customers, force searching by him
112  $search_sale = 0;
113  if (! DolibarrApiAccess::$user->rights->societe->client->voir && !$socids) $search_sale = DolibarrApiAccess::$user->id;
114 
115  $sql = "SELECT t.rowid";
116  if ((!DolibarrApiAccess::$user->rights->societe->client->voir && !$socids) || $search_sale > 0) $sql .= ", sc.fk_soc, sc.fk_user"; // We need these fields in order to filter by sale (including the case where the user can only see his prospects)
117  $sql.= " FROM ".MAIN_DB_PREFIX."commande as t";
118 
119  if ((!DolibarrApiAccess::$user->rights->societe->client->voir && !$socids) || $search_sale > 0) $sql.= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; // We need this table joined to the select in order to filter by sale
120 
121  $sql.= ' WHERE t.entity IN ('.getEntity('commande').')';
122  if ((!DolibarrApiAccess::$user->rights->societe->client->voir && !$socids) || $search_sale > 0) $sql.= " AND t.fk_soc = sc.fk_soc";
123  if ($socids) $sql.= " AND t.fk_soc IN (".$socids.")";
124  if ($search_sale > 0) $sql.= " AND t.rowid = sc.fk_soc"; // Join for the needed table to filter by sale
125  // Insert sale filter
126  if ($search_sale > 0)
127  {
128  $sql .= " AND sc.fk_user = ".$search_sale;
129  }
130  // Add sql filters
131  if ($sqlfilters)
132  {
133  if (! DolibarrApi::_checkFilters($sqlfilters))
134  {
135  throw new RestException(503, 'Error when validating parameter sqlfilters '.$sqlfilters);
136  }
137  $regexstring='\(([^:\'\(\)]+:[^:\'\(\)]+:[^:\(\)]+)\)';
138  $sql.=" AND (".preg_replace_callback('/'.$regexstring.'/', 'DolibarrApi::_forge_criteria_callback', $sqlfilters).")";
139  }
140 
141  $sql.= $db->order($sortfield, $sortorder);
142  if ($limit) {
143  if ($page < 0)
144  {
145  $page = 0;
146  }
147  $offset = $limit * $page;
148 
149  $sql.= $db->plimit($limit + 1, $offset);
150  }
151 
152  dol_syslog("API Rest request");
153  $result = $db->query($sql);
154 
155  if ($result)
156  {
157  $num = $db->num_rows($result);
158  $min = min($num, ($limit <= 0 ? $num : $limit));
159  $i=0;
160  while ($i < $min)
161  {
162  $obj = $db->fetch_object($result);
163  $commande_static = new Commande($db);
164  if($commande_static->fetch($obj->rowid)) {
165  // Add external contacts ids
166  $commande_static->contacts_ids = $commande_static->liste_contact(-1,'external',1);
167  $obj_ret[] = $this->_cleanObjectDatas($commande_static);
168  }
169  $i++;
170  }
171  }
172  else {
173  throw new RestException(503, 'Error when retrieve commande list : '.$db->lasterror());
174  }
175  if( ! count($obj_ret)) {
176  throw new RestException(404, 'No order found');
177  }
178  return $obj_ret;
179  }
180 
187  function post($request_data = null)
188  {
189  if(! DolibarrApiAccess::$user->rights->commande->creer) {
190  throw new RestException(401, "Insuffisant rights");
191  }
192  // Check mandatory fields
193  $result = $this->_validate($request_data);
194 
195  foreach($request_data as $field => $value) {
196  $this->commande->$field = $value;
197  }
198  /*if (isset($request_data["lines"])) {
199  $lines = array();
200  foreach ($request_data["lines"] as $line) {
201  array_push($lines, (object) $line);
202  }
203  $this->commande->lines = $lines;
204  }*/
205 
206  if ($this->commande->create(DolibarrApiAccess::$user) < 0) {
207  throw new RestException(500, "Error creating order", array_merge(array($this->commande->error), $this->commande->errors));
208  }
209 
210  return $this->commande->id;
211  }
212 
222  function getLines($id)
223  {
224  if(! DolibarrApiAccess::$user->rights->commande->lire) {
225  throw new RestException(401);
226  }
227 
228  $result = $this->commande->fetch($id);
229  if( ! $result ) {
230  throw new RestException(404, 'Order not found');
231  }
232 
233  if( ! DolibarrApi::_checkAccessToResource('commande',$this->commande->id)) {
234  throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
235  }
236  $this->commande->getLinesArray();
237  $result = array();
238  foreach ($this->commande->lines as $line) {
239  array_push($result,$this->_cleanObjectDatas($line));
240  }
241  return $result;
242  }
243 
254  function postLine($id, $request_data = null)
255  {
256  if(! DolibarrApiAccess::$user->rights->commande->creer) {
257  throw new RestException(401);
258  }
259 
260  $result = $this->commande->fetch($id);
261  if( ! $result ) {
262  throw new RestException(404, 'Order not found');
263  }
264 
265  if( ! DolibarrApi::_checkAccessToResource('commande',$this->commande->id)) {
266  throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
267  }
268  $request_data = (object) $request_data;
269  $updateRes = $this->commande->addline(
270  $request_data->desc,
271  $request_data->subprice,
272  $request_data->qty,
273  $request_data->tva_tx,
274  $request_data->localtax1_tx,
275  $request_data->localtax2_tx,
276  $request_data->fk_product,
277  $request_data->remise_percent,
278  $request_data->info_bits,
279  $request_data->fk_remise_except,
280  'HT',
281  0,
282  $request_data->date_start,
283  $request_data->date_end,
284  $request_data->product_type,
285  $request_data->rang,
286  $request_data->special_code,
287  $request_data->fk_parent_line,
288  $request_data->fk_fournprice,
289  $request_data->pa_ht,
290  $request_data->label,
291  $request_data->array_options,
292  $request_data->fk_unit,
293  $request_data->origin,
294  $request_data->origin_id,
295  $request_data->multicurrency_subprice
296  );
297 
298  if ($updateRes > 0) {
299  return $updateRes;
300  } else {
301  throw new RestException(400, $this->commande->error);
302  }
303  }
304 
316  function putLine($id, $lineid, $request_data = null)
317  {
318  if(! DolibarrApiAccess::$user->rights->commande->creer) {
319  throw new RestException(401);
320  }
321 
322  $result = $this->commande->fetch($id);
323  if( ! $result ) {
324  throw new RestException(404, 'Order not found');
325  }
326 
327  if( ! DolibarrApi::_checkAccessToResource('commande',$this->commande->id)) {
328  throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
329  }
330  $request_data = (object) $request_data;
331  $updateRes = $this->commande->updateline(
332  $lineid,
333  $request_data->desc,
334  $request_data->subprice,
335  $request_data->qty,
336  $request_data->remise_percent,
337  $request_data->tva_tx,
338  $request_data->localtax1_tx,
339  $request_data->localtax2_tx,
340  'HT',
341  $request_data->info_bits,
342  $request_data->date_start,
343  $request_data->date_end,
344  $request_data->product_type,
345  $request_data->fk_parent_line,
346  0,
347  $request_data->fk_fournprice,
348  $request_data->pa_ht,
349  $request_data->label,
350  $request_data->special_code,
351  $request_data->array_options,
352  $request_data->fk_unit,
353  $request_data->multicurrency_subprice
354  );
355 
356  if ($updateRes > 0) {
357  $result = $this->get($id);
358  unset($result->line);
359  return $this->_cleanObjectDatas($result);
360  }
361  return false;
362  }
363 
377  function deleteLine($id, $lineid)
378  {
379  if(! DolibarrApiAccess::$user->rights->commande->creer) {
380  throw new RestException(401);
381  }
382 
383  $result = $this->commande->fetch($id);
384  if( ! $result ) {
385  throw new RestException(404, 'Order not found');
386  }
387 
388  if( ! DolibarrApi::_checkAccessToResource('commande',$this->commande->id)) {
389  throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
390  }
391 
392  // TODO Check the lineid $lineid is a line of ojbect
393 
394  $updateRes = $this->commande->deleteline(DolibarrApiAccess::$user,$lineid);
395  if ($updateRes > 0) {
396  return $this->get($id);
397  } else {
398  throw new RestException(405, $this->commande->error);
399  }
400  }
401 
410  function put($id, $request_data = null)
411  {
412  if (! DolibarrApiAccess::$user->rights->commande->creer) {
413  throw new RestException(401);
414  }
415 
416  $result = $this->commande->fetch($id);
417  if (! $result) {
418  throw new RestException(404, 'Order not found');
419  }
420 
421  if (! DolibarrApi::_checkAccessToResource('commande',$this->commande->id)) {
422  throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
423  }
424  foreach($request_data as $field => $value) {
425  if ($field == 'id') continue;
426  $this->commande->$field = $value;
427  }
428 
429  // Update availability
430  if (!empty($this->commande->availability_id)) {
431  if ($this->commande->availability($this->commande->availability_id) < 0)
432  throw new RestException(400, 'Error while updating availability');
433  }
434 
435  if ($this->commande->update(DolibarrApiAccess::$user) > 0)
436  {
437  return $this->get($id);
438  }
439  else
440  {
441  throw new RestException(500, $this->commande->error);
442  }
443  }
444 
451  function delete($id)
452  {
453  if(! DolibarrApiAccess::$user->rights->commande->supprimer) {
454  throw new RestException(401);
455  }
456  $result = $this->commande->fetch($id);
457  if( ! $result ) {
458  throw new RestException(404, 'Order not found');
459  }
460 
461  if( ! DolibarrApi::_checkAccessToResource('commande',$this->commande->id)) {
462  throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
463  }
464 
465  if( ! $this->commande->delete(DolibarrApiAccess::$user)) {
466  throw new RestException(500, 'Error when delete order : '.$this->commande->error);
467  }
468 
469  return array(
470  'success' => array(
471  'code' => 200,
472  'message' => 'Order deleted'
473  )
474  );
475  }
476 
499  function validate($id, $idwarehouse=0, $notrigger=0)
500  {
501  if(! DolibarrApiAccess::$user->rights->commande->creer) {
502  throw new RestException(401);
503  }
504  $result = $this->commande->fetch($id);
505  if( ! $result ) {
506  throw new RestException(404, 'Order not found');
507  }
508 
509  if( ! DolibarrApi::_checkAccessToResource('commande',$this->commande->id)) {
510  throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
511  }
512 
513  $result = $this->commande->valid(DolibarrApiAccess::$user, $idwarehouse, $notrigger);
514  if ($result == 0) {
515  throw new RestException(304, 'Error nothing done. May be object is already validated');
516  }
517  if ($result < 0) {
518  throw new RestException(500, 'Error when validating Order: '.$this->commande->error);
519  }
520  $result = $this->commande->fetch($id);
521  if( ! $result ) {
522  throw new RestException(404, 'Order not found');
523  }
524 
525  if( ! DolibarrApi::_checkAccessToResource('commande',$this->commande->id)) {
526  throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
527  }
528 
529  $this->commande->fetchObjectLinked();
530 
531  return $this->_cleanObjectDatas($this->commande);
532  }
533 
551  function reopen($id)
552  {
553 
554  if(! DolibarrApiAccess::$user->rights->commande->creer) {
555  throw new RestException(401);
556  }
557  if(empty($id)) {
558  throw new RestException(400, 'Order ID is mandatory');
559  }
560  $result = $this->commande->fetch($id);
561  if( ! $result ) {
562  throw new RestException(404, 'Order not found');
563  }
564 
565  $result = $this->commande->set_reopen(DolibarrApiAccess::$user);
566  if( $result < 0) {
567  throw new RestException(405, $this->commande->error);
568  }else if( $result == 0) {
569  throw new RestException(304);
570  }
571 
572  return $result;
573  }
574 
589  function setinvoiced($id)
590  {
591 
592  if(! DolibarrApiAccess::$user->rights->commande->creer) {
593  throw new RestException(401);
594  }
595  if(empty($id)) {
596  throw new RestException(400, 'Order ID is mandatory');
597  }
598  $result = $this->commande->fetch($id);
599  if( ! $result ) {
600  throw new RestException(404, 'Order not found');
601  }
602 
603  $result = $this->commande->classifyBilled(DolibarrApiAccess::$user);
604  if( $result < 0) {
605  throw new RestException(400, $this->commande->error);
606  }
607 
608  $result = $this->commande->fetch($id);
609  if( ! $result ) {
610  throw new RestException(404, 'Order not found');
611  }
612 
613  if( ! DolibarrApi::_checkAccessToResource('commande',$this->commande->id)) {
614  throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
615  }
616 
617  $this->commande->fetchObjectLinked();
618 
619  return $this->_cleanObjectDatas($this->commande);
620  }
621 
632  function close($id, $notrigger=0)
633  {
634  if(! DolibarrApiAccess::$user->rights->commande->creer) {
635  throw new RestException(401);
636  }
637  $result = $this->commande->fetch($id);
638  if( ! $result ) {
639  throw new RestException(404, 'Order not found');
640  }
641 
642  if( ! DolibarrApi::_checkAccessToResource('commande',$this->commande->id)) {
643  throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
644  }
645 
646  $result = $this->commande->cloture(DolibarrApiAccess::$user, $notrigger);
647  if ($result == 0) {
648  throw new RestException(304, 'Error nothing done. May be object is already closed');
649  }
650  if ($result < 0) {
651  throw new RestException(500, 'Error when closing Order: '.$this->commande->error);
652  }
653 
654  $result = $this->commande->fetch($id);
655  if( ! $result ) {
656  throw new RestException(404, 'Order not found');
657  }
658 
659  if( ! DolibarrApi::_checkAccessToResource('commande',$this->commande->id)) {
660  throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
661  }
662 
663  $this->commande->fetchObjectLinked();
664 
665  return $this->_cleanObjectDatas($this->commande);
666  }
667 
678  function settodraft($id, $idwarehouse=-1)
679  {
680  if(! DolibarrApiAccess::$user->rights->commande->creer) {
681  throw new RestException(401);
682  }
683  $result = $this->commande->fetch($id);
684  if( ! $result ) {
685  throw new RestException(404, 'Order not found');
686  }
687 
688  if( ! DolibarrApi::_checkAccessToResource('commande',$this->commande->id)) {
689  throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
690  }
691 
692  $result = $this->commande->set_draft(DolibarrApiAccess::$user, $idwarehouse);
693  if ($result == 0) {
694  throw new RestException(304, 'Nothing done. May be object is already closed');
695  }
696  if ($result < 0) {
697  throw new RestException(500, 'Error when closing Order: '.$this->commande->error);
698  }
699 
700  $result = $this->commande->fetch($id);
701  if( ! $result ) {
702  throw new RestException(404, 'Order not found');
703  }
704 
705  if( ! DolibarrApi::_checkAccessToResource('commande',$this->commande->id)) {
706  throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
707  }
708 
709  $this->commande->fetchObjectLinked();
710 
711  return $this->_cleanObjectDatas($this->commande);
712  }
713 
714 
729  function createOrderFromProposal($proposalid)
730  {
731 
732  require_once DOL_DOCUMENT_ROOT . '/comm/propal/class/propal.class.php';
733 
734  if(! DolibarrApiAccess::$user->rights->propal->lire) {
735  throw new RestException(401);
736  }
737  if(! DolibarrApiAccess::$user->rights->commande->creer) {
738  throw new RestException(401);
739  }
740  if(empty($proposalid)) {
741  throw new RestException(400, 'Proposal ID is mandatory');
742  }
743 
744  $propal = new Propal($this->db);
745  $result = $propal->fetch($proposalid);
746  if( ! $result ) {
747  throw new RestException(404, 'Proposal not found');
748  }
749 
750  $result = $this->commande->createFromProposal($propal, DolibarrApiAccess::$user);
751  if( $result < 0) {
752  throw new RestException(405, $this->commande->error);
753  }
754  $this->commande->fetchObjectLinked();
755 
756  return $this->_cleanObjectDatas($this->commande);
757  }
758 
759 
766  function _cleanObjectDatas($object)
767  {
768 
769  $object = parent::_cleanObjectDatas($object);
770 
771  unset($object->note);
772  unset($object->address);
773  unset($object->barcode_type);
774  unset($object->barcode_type_code);
775  unset($object->barcode_type_label);
776  unset($object->barcode_type_coder);
777 
778  return $object;
779  }
780 
788  function _validate($data)
789  {
790  $commande = array();
791  foreach (Orders::$FIELDS as $field) {
792  if (!isset($data[$field]))
793  throw new RestException(400, $field ." field missing");
794  $commande[$field] = $data[$field];
795  }
796  return $commande;
797  }
798 }
putLine($id, $lineid, $request_data=null)
Update a line to given order.
post($request_data=null)
Create order object.
__construct()
Constructor.
setinvoiced($id)
Classify the order as invoiced.
postLine($id, $request_data=null)
Add a line to given order.
_checkFilters($sqlfilters)
Return if a $sqlfilters parameter is valid.
Definition: api.class.php:251
Class for API REST v1.
Definition: api.class.php:29
dol_syslog($message, $level=LOG_INFO, $ident=0, $suffixinfilename='', $restricttologhandler='')
Write log message into outputs.
_validate($data)
Validate fields before create or update object.
settodraft($id, $idwarehouse=-1)
Set an order to draft.
Class to manage customers orders.
close($id, $notrigger=0)
Close an order (Classify it as "Delivered")
static _checkAccessToResource($resource, $resource_id=0, $dbtablename='', $feature2='', $dbt_keyfield='fk_soc', $dbt_select='rowid')
Check user access to a resource.
Definition: api.class.php:225
put($id, $request_data=null)
Update order general fields (won&#39;t touch lines of order)
_cleanObjectDatas($object)
Clean sensible object datas.
validate($id, $idwarehouse=0, $notrigger=0)
Validate an order.
deleteLine($id, $lineid)
Delete a line to given order.
reopen($id)
Tag the order as validated (opened)
getLines($id)
Get lines of an order.
createOrderFromProposal($proposalid)
Create an order using an existing proposal.
Class to manage proposals.