dolibarr  7.0.0-beta
api_orders.class.php
1 <?php
2 /* Copyright (C) 2015 Jean-Fran├žois Ferry <jfefe@aternatik.fr>
3  * Copyright (C) 2016 Laurent Destailleur <eldy@users.sourceforge.net>
4  *
5  * This program is free software; you can redistribute it and/or modify
6  * it under the terms of the GNU General Public License as published by
7  * the Free Software Foundation; either version 3 of the License, or
8  * (at your option) any later version.
9  *
10  * This program is distributed in the hope that it will be useful,
11  * but WITHOUT ANY WARRANTY; without even the implied warranty of
12  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
13  * GNU General Public License for more details.
14  *
15  * You should have received a copy of the GNU General Public License
16  * along with this program. If not, see <http://www.gnu.org/licenses/>.
17  */
18 
19  use Luracast\Restler\RestException;
20 
21  require_once DOL_DOCUMENT_ROOT.'/commande/class/commande.class.php';
22 
29 class Orders extends DolibarrApi
30 {
31 
35  static $FIELDS = array(
36  'socid'
37  );
38 
42  public $commande;
43 
47  function __construct()
48  {
49  global $db, $conf;
50  $this->db = $db;
51  $this->commande = new Commande($this->db);
52  }
53 
64  function get($id)
65  {
66  if(! DolibarrApiAccess::$user->rights->commande->lire) {
67  throw new RestException(401);
68  }
69 
70  $result = $this->commande->fetch($id);
71  if( ! $result ) {
72  throw new RestException(404, 'Order not found');
73  }
74 
75  if( ! DolibarrApi::_checkAccessToResource('commande',$this->commande->id)) {
76  throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
77  }
78 
79  $this->commande->fetchObjectLinked();
80  return $this->_cleanObjectDatas($this->commande);
81  }
82 
83 
84 
100  function index($sortfield = "t.rowid", $sortorder = 'ASC', $limit = 100, $page = 0, $thirdparty_ids = '', $sqlfilters = '') {
101  global $db, $conf;
102 
103  $obj_ret = array();
104 
105  // case of external user, $thirdparty_ids param is ignored and replaced by user's socid
106  $socids = DolibarrApiAccess::$user->societe_id ? DolibarrApiAccess::$user->societe_id : $thirdparty_ids;
107 
108  // If the internal user must only see his customers, force searching by him
109  $search_sale = 0;
110  if (! DolibarrApiAccess::$user->rights->societe->client->voir && !$socids) $search_sale = DolibarrApiAccess::$user->id;
111 
112  $sql = "SELECT t.rowid";
113  if ((!DolibarrApiAccess::$user->rights->societe->client->voir && !$socids) || $search_sale > 0) $sql .= ", sc.fk_soc, sc.fk_user"; // We need these fields in order to filter by sale (including the case where the user can only see his prospects)
114  $sql.= " FROM ".MAIN_DB_PREFIX."commande as t";
115 
116  if ((!DolibarrApiAccess::$user->rights->societe->client->voir && !$socids) || $search_sale > 0) $sql.= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; // We need this table joined to the select in order to filter by sale
117 
118  $sql.= ' WHERE t.entity IN ('.getEntity('commande').')';
119  if ((!DolibarrApiAccess::$user->rights->societe->client->voir && !$socids) || $search_sale > 0) $sql.= " AND t.fk_soc = sc.fk_soc";
120  if ($socids) $sql.= " AND t.fk_soc IN (".$socids.")";
121  if ($search_sale > 0) $sql.= " AND t.rowid = sc.fk_soc"; // Join for the needed table to filter by sale
122  // Insert sale filter
123  if ($search_sale > 0)
124  {
125  $sql .= " AND sc.fk_user = ".$search_sale;
126  }
127  // Add sql filters
128  if ($sqlfilters)
129  {
130  if (! DolibarrApi::_checkFilters($sqlfilters))
131  {
132  throw new RestException(503, 'Error when validating parameter sqlfilters '.$sqlfilters);
133  }
134  $regexstring='\(([^:\'\(\)]+:[^:\'\(\)]+:[^:\(\)]+)\)';
135  $sql.=" AND (".preg_replace_callback('/'.$regexstring.'/', 'DolibarrApi::_forge_criteria_callback', $sqlfilters).")";
136  }
137 
138  $sql.= $db->order($sortfield, $sortorder);
139  if ($limit) {
140  if ($page < 0)
141  {
142  $page = 0;
143  }
144  $offset = $limit * $page;
145 
146  $sql.= $db->plimit($limit + 1, $offset);
147  }
148 
149  dol_syslog("API Rest request");
150  $result = $db->query($sql);
151 
152  if ($result)
153  {
154  $num = $db->num_rows($result);
155  $min = min($num, ($limit <= 0 ? $num : $limit));
156  while ($i < $min)
157  {
158  $obj = $db->fetch_object($result);
159  $commande_static = new Commande($db);
160  if($commande_static->fetch($obj->rowid)) {
161  $obj_ret[] = $this->_cleanObjectDatas($commande_static);
162  }
163  $i++;
164  }
165  }
166  else {
167  throw new RestException(503, 'Error when retrieve commande list : '.$db->lasterror());
168  }
169  if( ! count($obj_ret)) {
170  throw new RestException(404, 'No order found');
171  }
172  return $obj_ret;
173  }
174 
181  function post($request_data = NULL)
182  {
183  if(! DolibarrApiAccess::$user->rights->commande->creer) {
184  throw new RestException(401, "Insuffisant rights");
185  }
186  // Check mandatory fields
187  $result = $this->_validate($request_data);
188 
189  foreach($request_data as $field => $value) {
190  $this->commande->$field = $value;
191  }
192  /*if (isset($request_data["lines"])) {
193  $lines = array();
194  foreach ($request_data["lines"] as $line) {
195  array_push($lines, (object) $line);
196  }
197  $this->commande->lines = $lines;
198  }*/
199 
200  if ($this->commande->create(DolibarrApiAccess::$user) < 0) {
201  throw new RestException(500, "Error creating order", array_merge(array($this->commande->error), $this->commande->errors));
202  }
203 
204  return $this->commande->id;
205  }
206 
216  function getLines($id) {
217  if(! DolibarrApiAccess::$user->rights->commande->lire) {
218  throw new RestException(401);
219  }
220 
221  $result = $this->commande->fetch($id);
222  if( ! $result ) {
223  throw new RestException(404, 'Order not found');
224  }
225 
226  if( ! DolibarrApi::_checkAccessToResource('commande',$this->commande->id)) {
227  throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
228  }
229  $this->commande->getLinesArray();
230  $result = array();
231  foreach ($this->commande->lines as $line) {
232  array_push($result,$this->_cleanObjectDatas($line));
233  }
234  return $result;
235  }
236 
247  function postLine($id, $request_data = NULL) {
248  if(! DolibarrApiAccess::$user->rights->commande->creer) {
249  throw new RestException(401);
250  }
251 
252  $result = $this->commande->fetch($id);
253  if( ! $result ) {
254  throw new RestException(404, 'Order not found');
255  }
256 
257  if( ! DolibarrApi::_checkAccessToResource('commande',$this->commande->id)) {
258  throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
259  }
260  $request_data = (object) $request_data;
261  $updateRes = $this->commande->addline(
262  $request_data->desc,
263  $request_data->subprice,
264  $request_data->qty,
265  $request_data->tva_tx,
266  $request_data->localtax1_tx,
267  $request_data->localtax2_tx,
268  $request_data->fk_product,
269  $request_data->remise_percent,
270  $request_data->info_bits,
271  $request_data->fk_remise_except,
272  'HT',
273  0,
274  $request_data->date_start,
275  $request_data->date_end,
276  $request_data->product_type,
277  $request_data->rang,
278  $request_data->special_code,
279  $fk_parent_line,
280  $request_data->fk_fournprice,
281  $request_data->pa_ht,
282  $request_data->label,
283  $request_data->array_options,
284  $request_data->fk_unit,
285  $request_data->origin,
286  $request_data->origin_id,
287  $request_data->multicurrency_subprice
288  );
289 
290  if ($updateRes > 0) {
291  return $updateRes;
292 
293  }
294  else {
295  throw new RestException(400, $this->commande->error);
296  }
297  }
298 
310  function putLine($id, $lineid, $request_data = NULL) {
311  if(! DolibarrApiAccess::$user->rights->commande->creer) {
312  throw new RestException(401);
313  }
314 
315  $result = $this->commande->fetch($id);
316  if( ! $result ) {
317  throw new RestException(404, 'Order not found');
318  }
319 
320  if( ! DolibarrApi::_checkAccessToResource('commande',$this->commande->id)) {
321  throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
322  }
323  $request_data = (object) $request_data;
324  $updateRes = $this->commande->updateline(
325  $lineid,
326  $request_data->desc,
327  $request_data->subprice,
328  $request_data->qty,
329  $request_data->remise_percent,
330  $request_data->tva_tx,
331  $request_data->localtax1_tx,
332  $request_data->localtax2_tx,
333  'HT',
334  $request_data->info_bits,
335  $request_data->date_start,
336  $request_data->date_end,
337  $request_data->product_type,
338  $request_data->fk_parent_line,
339  0,
340  $request_data->fk_fournprice,
341  $request_data->pa_ht,
342  $request_data->label,
343  $request_data->special_code,
344  $request_data->array_options,
345  $request_data->fk_unit,
346  $request_data->multicurrency_subprice
347  );
348 
349  if ($updateRes > 0) {
350  $result = $this->get($id);
351  unset($result->line);
352  return $this->_cleanObjectDatas($result);
353  }
354  return false;
355  }
356 
370  function deleteLine($id, $lineid) {
371  if(! DolibarrApiAccess::$user->rights->commande->creer) {
372  throw new RestException(401);
373  }
374 
375  $result = $this->commande->fetch($id);
376  if( ! $result ) {
377  throw new RestException(404, 'Order not found');
378  }
379 
380  if( ! DolibarrApi::_checkAccessToResource('commande',$this->commande->id)) {
381  throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
382  }
383 
384  // TODO Check the lineid $lineid is a line of ojbect
385 
386  $updateRes = $this->commande->deleteline(DolibarrApiAccess::$user,$lineid);
387  if ($updateRes > 0) {
388  return $this->get($id);
389  }
390  else
391  {
392  throw new RestException(405, $this->commande->error);
393  }
394  }
395 
404  function put($id, $request_data = NULL) {
405  if (! DolibarrApiAccess::$user->rights->commande->creer) {
406  throw new RestException(401);
407  }
408 
409  $result = $this->commande->fetch($id);
410  if (! $result) {
411  throw new RestException(404, 'Order not found');
412  }
413 
414  if (! DolibarrApi::_checkAccessToResource('commande',$this->commande->id)) {
415  throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
416  }
417  foreach($request_data as $field => $value) {
418  if ($field == 'id') continue;
419  $this->commande->$field = $value;
420  }
421 
422  // Update availability
423  if (!empty($this->commande->availability_id)) {
424  if ($this->commande->availability($this->commande->availability_id) < 0)
425  throw new RestException(400, 'Error while updating availability');
426  }
427  // update bank account
428  if(!empty($this->commande->fk_account))
429  {
430  if($this->commande->setBankAccount($this->commande->fk_account) == 0)
431  {
432  throw new RestException(400,$this->commande->error);
433  }
434  }
435 
436  if ($this->commande->update(DolibarrApiAccess::$user) > 0)
437  {
438  return $this->get($id);
439  }
440  else
441  {
442  throw new RestException(500, $this->commande->error);
443  }
444  }
445 
452  function delete($id)
453  {
454  if(! DolibarrApiAccess::$user->rights->commande->supprimer) {
455  throw new RestException(401);
456  }
457  $result = $this->commande->fetch($id);
458  if( ! $result ) {
459  throw new RestException(404, 'Order not found');
460  }
461 
462  if( ! DolibarrApi::_checkAccessToResource('commande',$this->commande->id)) {
463  throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
464  }
465 
466  if( ! $this->commande->delete(DolibarrApiAccess::$user)) {
467  throw new RestException(500, 'Error when delete order : '.$this->commande->error);
468  }
469 
470  return array(
471  'success' => array(
472  'code' => 200,
473  'message' => 'Order deleted'
474  )
475  );
476 
477  }
478 
501  function validate($id, $idwarehouse=0, $notrigger=0)
502  {
503  if(! DolibarrApiAccess::$user->rights->commande->creer) {
504  throw new RestException(401);
505  }
506  $result = $this->commande->fetch($id);
507  if( ! $result ) {
508  throw new RestException(404, 'Order not found');
509  }
510 
511  if( ! DolibarrApi::_checkAccessToResource('commande',$this->commande->id)) {
512  throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
513  }
514 
515  $result = $this->commande->valid(DolibarrApiAccess::$user, $idwarehouse, $notrigger);
516  if ($result == 0) {
517  throw new RestException(304, 'Error nothing done. May be object is already validated');
518  }
519  if ($result < 0) {
520  throw new RestException(500, 'Error when validating Order: '.$this->commande->error);
521  }
522  $result = $this->commande->fetch($id);
523  if( ! $result ) {
524  throw new RestException(404, 'Order not found');
525  }
526 
527  if( ! DolibarrApi::_checkAccessToResource('commande',$this->commande->id)) {
528  throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
529  }
530 
531  $this->commande->fetchObjectLinked();
532 
533  return $this->_cleanObjectDatas($this->commande);
534  }
535 
553  function reopen($id) {
554 
555  if(! DolibarrApiAccess::$user->rights->commande->creer) {
556  throw new RestException(401);
557  }
558  if(empty($id)) {
559  throw new RestException(400, 'Order ID is mandatory');
560  }
561  $result = $this->commande->fetch($id);
562  if( ! $result ) {
563  throw new RestException(404, 'Order not found');
564  }
565 
566  $result = $this->commande->set_reopen(DolibarrApiAccess::$user);
567  if( $result < 0) {
568  throw new RestException(405, $this->commande->error);
569  }else if( $result == 0) {
570  throw new RestException(304);
571  }
572 
573  return $result;
574  }
575 
590  function setinvoiced($id) {
591 
592  if(! DolibarrApiAccess::$user->rights->commande->creer) {
593  throw new RestException(401);
594  }
595  if(empty($id)) {
596  throw new RestException(400, 'Order ID is mandatory');
597  }
598  $result = $this->commande->fetch($id);
599  if( ! $result ) {
600  throw new RestException(404, 'Order not found');
601  }
602 
603  $result = $this->commande->classifyBilled(DolibarrApiAccess::$user);
604  if( $result < 0) {
605  throw new RestException(400, $this->commande->error);
606  }
607 
608  $result = $this->commande->fetch($id);
609  if( ! $result ) {
610  throw new RestException(404, 'Order not found');
611  }
612 
613  if( ! DolibarrApi::_checkAccessToResource('commande',$this->commande->id)) {
614  throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
615  }
616 
617  $this->commande->fetchObjectLinked();
618 
619  return $this->_cleanObjectDatas($this->commande);
620  }
621 
632  function close($id, $notrigger=0)
633  {
634  if(! DolibarrApiAccess::$user->rights->commande->creer) {
635  throw new RestException(401);
636  }
637  $result = $this->commande->fetch($id);
638  if( ! $result ) {
639  throw new RestException(404, 'Order not found');
640  }
641 
642  if( ! DolibarrApi::_checkAccessToResource('commande',$this->commande->id)) {
643  throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
644  }
645 
646  $result = $this->commande->cloture(DolibarrApiAccess::$user, $notrigger);
647  if ($result == 0) {
648  throw new RestException(304, 'Error nothing done. May be object is already closed');
649  }
650  if ($result < 0) {
651  throw new RestException(500, 'Error when closing Order: '.$this->commande->error);
652  }
653 
654  $result = $this->commande->fetch($id);
655  if( ! $result ) {
656  throw new RestException(404, 'Order not found');
657  }
658 
659  if( ! DolibarrApi::_checkAccessToResource('commande',$this->commande->id)) {
660  throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
661  }
662 
663  $this->commande->fetchObjectLinked();
664 
665  return $this->_cleanObjectDatas($this->commande);
666  }
667 
678  function settodraft($id, $idwarehouse=-1)
679  {
680  if(! DolibarrApiAccess::$user->rights->commande->creer) {
681  throw new RestException(401);
682  }
683  $result = $this->commande->fetch($id);
684  if( ! $result ) {
685  throw new RestException(404, 'Order not found');
686  }
687 
688  if( ! DolibarrApi::_checkAccessToResource('commande',$this->commande->id)) {
689  throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
690  }
691 
692  $result = $this->commande->set_draft(DolibarrApiAccess::$user, $idwarehouse);
693  if ($result == 0) {
694  throw new RestException(304, 'Nothing done. May be object is already closed');
695  }
696  if ($result < 0) {
697  throw new RestException(500, 'Error when closing Order: '.$this->commande->error);
698  }
699 
700  $result = $this->commande->fetch($id);
701  if( ! $result ) {
702  throw new RestException(404, 'Order not found');
703  }
704 
705  if( ! DolibarrApi::_checkAccessToResource('commande',$this->commande->id)) {
706  throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
707  }
708 
709  $this->commande->fetchObjectLinked();
710 
711  return $this->_cleanObjectDatas($this->commande);
712  }
713 
714 
729  function createOrderFromProposal($proposalid) {
730 
731  require_once DOL_DOCUMENT_ROOT . '/comm/propal/class/propal.class.php';
732 
733  if(! DolibarrApiAccess::$user->rights->propal->lire) {
734  throw new RestException(401);
735  }
736  if(! DolibarrApiAccess::$user->rights->commande->creer) {
737  throw new RestException(401);
738  }
739  if(empty($proposalid)) {
740  throw new RestException(400, 'Proposal ID is mandatory');
741  }
742 
743  $propal = new Propal($this->db);
744  $result = $propal->fetch($proposalid);
745  if( ! $result ) {
746  throw new RestException(404, 'Proposal not found');
747  }
748 
749  $result = $this->commande->createFromProposal($propal, DolibarrApiAccess::$user);
750  if( $result < 0) {
751  throw new RestException(405, $this->commande->error);
752  }
753  $this->commande->fetchObjectLinked();
754 
755  return $this->_cleanObjectDatas($this->commande);
756  }
757 
758 
765  function _cleanObjectDatas($object) {
766 
767  $object = parent::_cleanObjectDatas($object);
768 
769  unset($object->note);
770  unset($object->address);
771  unset($object->barcode_type);
772  unset($object->barcode_type_code);
773  unset($object->barcode_type_label);
774  unset($object->barcode_type_coder);
775 
776  return $object;
777  }
778 
786  function _validate($data)
787  {
788  $commande = array();
789  foreach (Orders::$FIELDS as $field) {
790  if (!isset($data[$field]))
791  throw new RestException(400, "$field field missing");
792  $commande[$field] = $data[$field];
793 
794  }
795  return $commande;
796  }
797 }
put($id, $request_data=NULL)
Update order general fields (won't touch lines of order)
__construct()
Constructor.
setinvoiced($id)
Classify the order as invoiced.
_checkFilters($sqlfilters)
Return if a $sqlfilters parameter is valid.
Definition: api.class.php:246
post($request_data=NULL)
Create order object.
Class for API REST v1.
Definition: api.class.php:29
putLine($id, $lineid, $request_data=NULL)
Update a line to given order.
dol_syslog($message, $level=LOG_INFO, $ident=0, $suffixinfilename='', $restricttologhandler='')
Write log message into outputs.
postLine($id, $request_data=NULL)
Add a line to given order.
_validate($data)
Validate fields before create or update object.
settodraft($id, $idwarehouse=-1)
Set an order to draft.
Class to manage customers orders.
close($id, $notrigger=0)
Close an order (Classify it as "Delivered")
static _checkAccessToResource($resource, $resource_id=0, $dbtablename='', $feature2='', $dbt_keyfield='fk_soc', $dbt_select='rowid')
Check user access to a resource.
Definition: api.class.php:221
_cleanObjectDatas($object)
Clean sensible object datas.
validate($id, $idwarehouse=0, $notrigger=0)
Validate an order.
deleteLine($id, $lineid)
Delete a line to given order.
reopen($id)
Tag the order as validated (opened)
getLines($id)
Get lines of an order.
createOrderFromProposal($proposalid)
Create an order using an existing proposal.
Class to manage proposals.