dolibarr  16.0.5
api_expensereports.class.php
1 <?php
2 /* Copyright (C) 2015 Jean-François Ferry <jfefe@aternatik.fr>
3  * Copyright (C) 2016 Laurent Destailleur <eldy@users.sourceforge.net>
4  * Copyright (C) 2020 Frédéric France <frederic.france@netlogic.fr>
5  *
6  * This program is free software; you can redistribute it and/or modify
7  * it under the terms of the GNU General Public License as published by
8  * the Free Software Foundation; either version 3 of the License, or
9  * (at your option) any later version.
10  *
11  * This program is distributed in the hope that it will be useful,
12  * but WITHOUT ANY WARRANTY; without even the implied warranty of
13  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14  * GNU General Public License for more details.
15  *
16  * You should have received a copy of the GNU General Public License
17  * along with this program. If not, see <https://www.gnu.org/licenses/>.
18  */
19 
20  use Luracast\Restler\RestException;
21 
22  require_once DOL_DOCUMENT_ROOT.'/expensereport/class/expensereport.class.php';
23 
31 {
32 
36  public static $FIELDS = array(
37  'fk_user_author'
38  );
39 
43  public $expensereport;
44 
45 
49  public function __construct()
50  {
51  global $db, $conf;
52  $this->db = $db;
53  $this->expensereport = new ExpenseReport($this->db);
54  }
55 
66  public function get($id)
67  {
68  if (!DolibarrApiAccess::$user->rights->expensereport->lire) {
69  throw new RestException(401);
70  }
71 
72  $result = $this->expensereport->fetch($id);
73  if (!$result) {
74  throw new RestException(404, 'Expense report not found');
75  }
76 
77  if (!DolibarrApi::_checkAccessToResource('expensereport', $this->expensereport->id)) {
78  throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
79  }
80 
81  $this->expensereport->fetchObjectLinked();
82  return $this->_cleanObjectDatas($this->expensereport);
83  }
84 
98  public function index($sortfield = "t.rowid", $sortorder = 'ASC', $limit = 100, $page = 0, $user_ids = 0, $sqlfilters = '')
99  {
100  global $db, $conf;
101 
102  if (!DolibarrApiAccess::$user->rights->expensereport->lire) {
103  throw new RestException(401);
104  }
105 
106  $obj_ret = array();
107 
108  // case of external user, $societe param is ignored and replaced by user's socid
109  //$socid = DolibarrApiAccess::$user->socid ? DolibarrApiAccess::$user->socid : $societe;
110 
111  $sql = "SELECT t.rowid";
112  $sql .= " FROM ".MAIN_DB_PREFIX."expensereport as t";
113  $sql .= ' WHERE t.entity IN ('.getEntity('expensereport').')';
114  if ($user_ids) {
115  $sql .= " AND t.fk_user_author IN (".$this->db->sanitize($user_ids).")";
116  }
117 
118  // Add sql filters
119  if ($sqlfilters) {
120  $errormessage = '';
121  if (!DolibarrApi::_checkFilters($sqlfilters, $errormessage)) {
122  throw new RestException(503, 'Error when validating parameter sqlfilters -> '.$errormessage);
123  }
124  $regexstring = '\(([^:\'\(\)]+:[^:\'\(\)]+:[^\(\)]+)\)';
125  $sql .= " AND (".preg_replace_callback('/'.$regexstring.'/', 'DolibarrApi::_forge_criteria_callback', $sqlfilters).")";
126  }
127 
128  $sql .= $this->db->order($sortfield, $sortorder);
129  if ($limit) {
130  if ($page < 0) {
131  $page = 0;
132  }
133  $offset = $limit * $page;
134 
135  $sql .= $this->db->plimit($limit + 1, $offset);
136  }
137 
138  $result = $this->db->query($sql);
139 
140  if ($result) {
141  $num = $this->db->num_rows($result);
142  $min = min($num, ($limit <= 0 ? $num : $limit));
143  $i = 0;
144  while ($i < $min) {
145  $obj = $this->db->fetch_object($result);
146  $expensereport_static = new ExpenseReport($this->db);
147  if ($expensereport_static->fetch($obj->rowid)) {
148  $obj_ret[] = $this->_cleanObjectDatas($expensereport_static);
149  }
150  $i++;
151  }
152  } else {
153  throw new RestException(503, 'Error when retrieve Expense Report list : '.$this->db->lasterror());
154  }
155  if (!count($obj_ret)) {
156  throw new RestException(404, 'No Expense Report found');
157  }
158  return $obj_ret;
159  }
160 
167  public function post($request_data = null)
168  {
169  if (!DolibarrApiAccess::$user->rights->expensereport->creer) {
170  throw new RestException(401, "Insuffisant rights");
171  }
172 
173  // Check mandatory fields
174  $result = $this->_validate($request_data);
175 
176  foreach ($request_data as $field => $value) {
177  $this->expensereport->$field = $value;
178  }
179  /*if (isset($request_data["lines"])) {
180  $lines = array();
181  foreach ($request_data["lines"] as $line) {
182  array_push($lines, (object) $line);
183  }
184  $this->expensereport->lines = $lines;
185  }*/
186  if ($this->expensereport->create(DolibarrApiAccess::$user) < 0) {
187  throw new RestException(500, "Error creating expensereport", array_merge(array($this->expensereport->error), $this->expensereport->errors));
188  }
189 
190  return $this->expensereport->id;
191  }
192 
202  /*
203  public function getLines($id)
204  {
205  if(! DolibarrApiAccess::$user->rights->expensereport->lire) {
206  throw new RestException(401);
207  }
208 
209  $result = $this->expensereport->fetch($id);
210  if( ! $result ) {
211  throw new RestException(404, 'expensereport not found');
212  }
213 
214  if( ! DolibarrApi::_checkAccessToResource('expensereport',$this->expensereport->id)) {
215  throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
216  }
217  $this->expensereport->getLinesArray();
218  $result = array();
219  foreach ($this->expensereport->lines as $line) {
220  array_push($result,$this->_cleanObjectDatas($line));
221  }
222  return $result;
223  }
224  */
225 
236  /*
237  public function postLine($id, $request_data = null)
238  {
239  if(! DolibarrApiAccess::$user->rights->expensereport->creer) {
240  throw new RestException(401);
241  }
242 
243  $result = $this->expensereport->fetch($id);
244  if( ! $result ) {
245  throw new RestException(404, 'expensereport not found');
246  }
247 
248  if( ! DolibarrApi::_checkAccessToResource('expensereport',$this->expensereport->id)) {
249  throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
250  }
251 
252  $request_data = (object) $request_data;
253 
254  $request_data->desc = sanitizeVal($request_data->desc, 'restricthtml');
255  $request_data->label = sanitizeVal($request_data->label);
256 
257  $updateRes = $this->expensereport->addline(
258  $request_data->desc,
259  $request_data->subprice,
260  $request_data->qty,
261  $request_data->tva_tx,
262  $request_data->localtax1_tx,
263  $request_data->localtax2_tx,
264  $request_data->fk_product,
265  $request_data->remise_percent,
266  $request_data->info_bits,
267  $request_data->fk_remise_except,
268  'HT',
269  0,
270  $request_data->date_start,
271  $request_data->date_end,
272  $request_data->product_type,
273  $request_data->rang,
274  $request_data->special_code,
275  $fk_parent_line,
276  $request_data->fk_fournprice,
277  $request_data->pa_ht,
278  $request_data->label,
279  $request_data->array_options,
280  $request_data->fk_unit,
281  $this->element,
282  $request_data->id
283  );
284 
285  if ($updateRes > 0) {
286  return $updateRes;
287 
288  }
289  return false;
290  }
291  */
292 
304  /*
305  public function putLine($id, $lineid, $request_data = null)
306  {
307  if(! DolibarrApiAccess::$user->rights->expensereport->creer) {
308  throw new RestException(401);
309  }
310 
311  $result = $this->expensereport->fetch($id);
312  if( ! $result ) {
313  throw new RestException(404, 'expensereport not found');
314  }
315 
316  if( ! DolibarrApi::_checkAccessToResource('expensereport',$this->expensereport->id)) {
317  throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
318  }
319 
320  $request_data = (object) $request_data;
321 
322  $request_data->desc = sanitizeVal($request_data->desc, 'restricthtml');
323  $request_data->label = sanitizeVal($request_data->label);
324 
325  $updateRes = $this->expensereport->updateline(
326  $lineid,
327  $request_data->desc,
328  $request_data->subprice,
329  $request_data->qty,
330  $request_data->remise_percent,
331  $request_data->tva_tx,
332  $request_data->localtax1_tx,
333  $request_data->localtax2_tx,
334  'HT',
335  $request_data->info_bits,
336  $request_data->date_start,
337  $request_data->date_end,
338  $request_data->product_type,
339  $request_data->fk_parent_line,
340  0,
341  $request_data->fk_fournprice,
342  $request_data->pa_ht,
343  $request_data->label,
344  $request_data->special_code,
345  $request_data->array_options,
346  $request_data->fk_unit
347  );
348 
349  if ($updateRes > 0) {
350  $result = $this->get($id);
351  unset($result->line);
352  return $this->_cleanObjectDatas($result);
353  }
354  return false;
355  }
356  */
357 
368  /*
369  public function deleteLine($id, $lineid)
370  {
371  if(! DolibarrApiAccess::$user->rights->expensereport->creer) {
372  throw new RestException(401);
373  }
374 
375  $result = $this->expensereport->fetch($id);
376  if( ! $result ) {
377  throw new RestException(404, 'expensereport not found');
378  }
379 
380  if( ! DolibarrApi::_checkAccessToResource('expensereport',$this->expensereport->id)) {
381  throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
382  }
383 
384  // TODO Check the lineid $lineid is a line of ojbect
385 
386  $updateRes = $this->expensereport->deleteline($lineid);
387  if ($updateRes == 1) {
388  return $this->get($id);
389  }
390  return false;
391  }
392  */
393 
406  public function put($id, $request_data = null)
407  {
408  if (!DolibarrApiAccess::$user->rights->expensereport->creer) {
409  throw new RestException(401);
410  }
411 
412  $result = $this->expensereport->fetch($id);
413  if (!$result) {
414  throw new RestException(404, 'expensereport not found');
415  }
416 
417  if (!DolibarrApi::_checkAccessToResource('expensereport', $this->expensereport->id)) {
418  throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
419  }
420  foreach ($request_data as $field => $value) {
421  if ($field == 'id') {
422  continue;
423  }
424  $this->expensereport->$field = $value;
425  }
426 
427  if ($this->expensereport->update(DolibarrApiAccess::$user) > 0) {
428  return $this->get($id);
429  } else {
430  throw new RestException(500, $this->expensereport->error);
431  }
432  }
433 
441  public function delete($id)
442  {
443  if (!DolibarrApiAccess::$user->rights->expensereport->supprimer) {
444  throw new RestException(401);
445  }
446 
447  $result = $this->expensereport->fetch($id);
448  if (!$result) {
449  throw new RestException(404, 'Expense Report not found');
450  }
451 
452  if (!DolibarrApi::_checkAccessToResource('expensereport', $this->expensereport->id)) {
453  throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
454  }
455 
456  if (!$this->expensereport->delete(DolibarrApiAccess::$user)) {
457  throw new RestException(500, 'Error when delete Expense Report : '.$this->expensereport->error);
458  }
459 
460  return array(
461  'success' => array(
462  'code' => 200,
463  'message' => 'Expense Report deleted'
464  )
465  );
466  }
467 
483  /*
484  public function validate($id, $idwarehouse=0)
485  {
486  if(! DolibarrApiAccess::$user->rights->expensereport->creer) {
487  throw new RestException(401);
488  }
489 
490  $result = $this->expensereport->fetch($id);
491  if( ! $result ) {
492  throw new RestException(404, 'expensereport not found');
493  }
494 
495  if( ! DolibarrApi::_checkAccessToResource('expensereport',$this->expensereport->id)) {
496  throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
497  }
498 
499  if( ! $this->expensereport->valid(DolibarrApiAccess::$user, $idwarehouse)) {
500  throw new RestException(500, 'Error when validate expensereport');
501  }
502 
503  return array(
504  'success' => array(
505  'code' => 200,
506  'message' => 'expensereport validated'
507  )
508  );
509  }*/
510 
511  // phpcs:disable PEAR.NamingConventions.ValidFunctionName.PublicUnderscore
518  protected function _cleanObjectDatas($object)
519  {
520  // phpcs:enable
521  $object = parent::_cleanObjectDatas($object);
522 
523  unset($object->fk_statut);
524  unset($object->statut);
525  unset($object->user);
526  unset($object->thirdparty);
527 
528  unset($object->cond_reglement);
529  unset($object->shipping_method_id);
530 
531  unset($object->barcode_type);
532  unset($object->barcode_type_code);
533  unset($object->barcode_type_label);
534  unset($object->barcode_type_coder);
535 
536  unset($object->code_paiement);
537  unset($object->code_statut);
538  unset($object->fk_c_paiement);
539  unset($object->fk_incoterms);
540  unset($object->label_incoterms);
541  unset($object->location_incoterms);
542  unset($object->mode_reglement_id);
543  unset($object->cond_reglement_id);
544 
545  unset($object->name);
546  unset($object->lastname);
547  unset($object->firstname);
548  unset($object->civility_id);
549  unset($object->cond_reglement_id);
550  unset($object->contact);
551  unset($object->contact_id);
552 
553  unset($object->state);
554  unset($object->state_id);
555  unset($object->state_code);
556  unset($object->country);
557  unset($object->country_id);
558  unset($object->country_code);
559 
560  unset($object->note); // We already use note_public and note_pricate
561 
562  return $object;
563  }
564 
572  private function _validate($data)
573  {
574  $expensereport = array();
575  foreach (ExpenseReports::$FIELDS as $field) {
576  if (!isset($data[$field])) {
577  throw new RestException(400, "$field field missing");
578  }
579  $expensereport[$field] = $data[$field];
580  }
581  return $expensereport;
582  }
583 }
ExpenseReports\_validate
_validate($data)
Validate fields before create or update object.
Definition: api_expensereports.class.php:572
db
$conf db
API class for accounts.
Definition: inc.php:41
ExpenseReports\_cleanObjectDatas
_cleanObjectDatas($object)
Validate an Expense Report.
Definition: api_expensereports.class.php:518
ExpenseReports\__construct
__construct()
Constructor.
Definition: api_expensereports.class.php:49
DolibarrApi\_checkAccessToResource
static _checkAccessToResource($resource, $resource_id=0, $dbtablename='', $feature2='', $dbt_keyfield='fk_soc', $dbt_select='rowid')
Check access by user to a given resource.
Definition: api.class.php:283
ExpenseReports\put
put($id, $request_data=null)
Get lines of an Expense Report.
Definition: api_expensereports.class.php:406
DolibarrApi
Class for API REST v1.
Definition: api.class.php:30
DolibarrApi\_checkFilters
_checkFilters($sqlfilters, &$error='')
Return if a $sqlfilters parameter is valid.
Definition: api.class.php:310
ExpenseReports\index
index($sortfield="t.rowid", $sortorder='ASC', $limit=100, $page=0, $user_ids=0, $sqlfilters='')
List Expense Reports.
Definition: api_expensereports.class.php:98
ExpenseReports\post
post($request_data=null)
Create Expense Report object.
Definition: api_expensereports.class.php:167
ExpenseReport
Class to manage Trips and Expenses.
Definition: expensereport.class.php:36
ExpenseReports
Definition: api_expensereports.class.php:30