dolibarr  17.0.3
api_contracts.class.php
1 <?php
2 /* Copyright (C) 2015 Jean-François Ferry <jfefe@aternatik.fr>
3  * Copyright (C) 2016 Laurent Destailleur <eldy@users.sourceforge.net>
4  * Copyright (C) 2018-2020 Frédéric France <frederic.france@netlogic.fr>
5  *
6  * This program is free software; you can redistribute it and/or modify
7  * it under the terms of the GNU General Public License as published by
8  * the Free Software Foundation; either version 3 of the License, or
9  * (at your option) any later version.
10  *
11  * This program is distributed in the hope that it will be useful,
12  * but WITHOUT ANY WARRANTY; without even the implied warranty of
13  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14  * GNU General Public License for more details.
15  *
16  * You should have received a copy of the GNU General Public License
17  * along with this program. If not, see <https://www.gnu.org/licenses/>.
18  */
19 
20  use Luracast\Restler\RestException;
21 
22  require_once DOL_DOCUMENT_ROOT.'/contrat/class/contrat.class.php';
23 
30 class Contracts extends DolibarrApi
31 {
32 
36  static $FIELDS = array(
37  'socid',
38  'date_contrat',
39  'commercial_signature_id',
40  'commercial_suivi_id'
41  );
42 
46  public $contract;
47 
51  public function __construct()
52  {
53  global $db, $conf;
54  $this->db = $db;
55  $this->contract = new Contrat($this->db);
56  }
57 
68  public function get($id)
69  {
70  if (!DolibarrApiAccess::$user->rights->contrat->lire) {
71  throw new RestException(401);
72  }
73 
74  $result = $this->contract->fetch($id);
75  if (!$result) {
76  throw new RestException(404, 'Contract not found');
77  }
78 
79  if (!DolibarrApi::_checkAccessToResource('contrat', $this->contract->id)) {
80  throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
81  }
82 
83  $this->contract->fetchObjectLinked();
84  return $this->_cleanObjectDatas($this->contract);
85  }
86 
87 
88 
105  public function index($sortfield = "t.rowid", $sortorder = 'ASC', $limit = 100, $page = 0, $thirdparty_ids = '', $sqlfilters = '')
106  {
107  global $db, $conf;
108 
109  if (!DolibarrApiAccess::$user->rights->contrat->lire) {
110  throw new RestException(401);
111  }
112 
113  $obj_ret = array();
114 
115  // case of external user, $thirdparty_ids param is ignored and replaced by user's socid
116  $socids = DolibarrApiAccess::$user->socid ? DolibarrApiAccess::$user->socid : $thirdparty_ids;
117 
118  // If the internal user must only see his customers, force searching by him
119  $search_sale = 0;
120  if (!DolibarrApiAccess::$user->rights->societe->client->voir && !$socids) {
121  $search_sale = DolibarrApiAccess::$user->id;
122  }
123 
124  $sql = "SELECT t.rowid";
125  if ((!DolibarrApiAccess::$user->rights->societe->client->voir && !$socids) || $search_sale > 0) {
126  $sql .= ", sc.fk_soc, sc.fk_user"; // We need these fields in order to filter by sale (including the case where the user can only see his prospects)
127  }
128  $sql .= " FROM ".MAIN_DB_PREFIX."contrat as t";
129 
130  if ((!DolibarrApiAccess::$user->rights->societe->client->voir && !$socids) || $search_sale > 0) {
131  $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; // We need this table joined to the select in order to filter by sale
132  }
133 
134  $sql .= ' WHERE t.entity IN ('.getEntity('contrat').')';
135  if ((!DolibarrApiAccess::$user->rights->societe->client->voir && !$socids) || $search_sale > 0) {
136  $sql .= " AND t.fk_soc = sc.fk_soc";
137  }
138  if ($socids) {
139  $sql .= " AND t.fk_soc IN (".$this->db->sanitize($socids).")";
140  }
141  if ($search_sale > 0) {
142  $sql .= " AND t.rowid = sc.fk_soc"; // Join for the needed table to filter by sale
143  }
144  // Insert sale filter
145  if ($search_sale > 0) {
146  $sql .= " AND sc.fk_user = ".((int) $search_sale);
147  }
148  // Add sql filters
149  if ($sqlfilters) {
150  $errormessage = '';
151  $sql .= forgeSQLFromUniversalSearchCriteria($sqlfilters, $errormessage);
152  if ($errormessage) {
153  throw new RestException(400, 'Error when validating parameter sqlfilters -> '.$errormessage);
154  }
155  }
156 
157  $sql .= $this->db->order($sortfield, $sortorder);
158  if ($limit) {
159  if ($page < 0) {
160  $page = 0;
161  }
162  $offset = $limit * $page;
163 
164  $sql .= $this->db->plimit($limit + 1, $offset);
165  }
166 
167  dol_syslog("API Rest request");
168  $result = $this->db->query($sql);
169 
170  if ($result) {
171  $num = $this->db->num_rows($result);
172  $min = min($num, ($limit <= 0 ? $num : $limit));
173  $i = 0;
174  while ($i < $min) {
175  $obj = $this->db->fetch_object($result);
176  $contrat_static = new Contrat($this->db);
177  if ($contrat_static->fetch($obj->rowid)) {
178  $obj_ret[] = $this->_cleanObjectDatas($contrat_static);
179  }
180  $i++;
181  }
182  } else {
183  throw new RestException(503, 'Error when retrieve contrat list : '.$this->db->lasterror());
184  }
185  if (!count($obj_ret)) {
186  throw new RestException(404, 'No contract found');
187  }
188  return $obj_ret;
189  }
190 
197  public function post($request_data = null)
198  {
199  if (!DolibarrApiAccess::$user->rights->contrat->creer) {
200  throw new RestException(401, "Insufficient rights");
201  }
202  // Check mandatory fields
203  $result = $this->_validate($request_data);
204 
205  foreach ($request_data as $field => $value) {
206  $this->contract->$field = $value;
207  }
208  /*if (isset($request_data["lines"])) {
209  $lines = array();
210  foreach ($request_data["lines"] as $line) {
211  array_push($lines, (object) $line);
212  }
213  $this->contract->lines = $lines;
214  }*/
215  if ($this->contract->create(DolibarrApiAccess::$user) < 0) {
216  throw new RestException(500, "Error creating contract", array_merge(array($this->contract->error), $this->contract->errors));
217  }
218 
219  return $this->contract->id;
220  }
221 
231  public function getLines($id)
232  {
233  if (!DolibarrApiAccess::$user->rights->contrat->lire) {
234  throw new RestException(401);
235  }
236 
237  $result = $this->contract->fetch($id);
238  if (!$result) {
239  throw new RestException(404, 'Contract not found');
240  }
241 
242  if (!DolibarrApi::_checkAccessToResource('contrat', $this->contract->id)) {
243  throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
244  }
245  $this->contract->getLinesArray();
246  $result = array();
247  foreach ($this->contract->lines as $line) {
248  array_push($result, $this->_cleanObjectDatas($line));
249  }
250  return $result;
251  }
252 
263  public function postLine($id, $request_data = null)
264  {
265  if (!DolibarrApiAccess::$user->rights->contrat->creer) {
266  throw new RestException(401);
267  }
268 
269  $result = $this->contract->fetch($id);
270  if (!$result) {
271  throw new RestException(404, 'Contract not found');
272  }
273 
274  if (!DolibarrApi::_checkAccessToResource('contrat', $this->contract->id)) {
275  throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
276  }
277 
278  $request_data = (object) $request_data;
279 
280  $request_data->desc = sanitizeVal($request_data->desc, 'restricthtml');
281  $request_data->price_base_type = sanitizeVal($request_data->price_base_type);
282 
283  $updateRes = $this->contract->addline(
284  $request_data->desc,
285  $request_data->subprice,
286  $request_data->qty,
287  $request_data->tva_tx,
288  $request_data->localtax1_tx,
289  $request_data->localtax2_tx,
290  $request_data->fk_product,
291  $request_data->remise_percent,
292  $request_data->date_start,
293  $request_data->date_end,
294  $request_data->price_base_type ? $request_data->price_base_type : 'HT',
295  $request_data->subprice_excl_tax,
296  $request_data->info_bits,
297  $request_data->fk_fournprice,
298  $request_data->pa_ht,
299  $request_data->array_options,
300  $request_data->fk_unit,
301  $request_data->rang
302  );
303 
304  if ($updateRes > 0) {
305  return $updateRes;
306  }
307  return false;
308  }
309 
321  public function putLine($id, $lineid, $request_data = null)
322  {
323  if (!DolibarrApiAccess::$user->rights->contrat->creer) {
324  throw new RestException(401);
325  }
326 
327  $result = $this->contract->fetch($id);
328  if (!$result) {
329  throw new RestException(404, 'Contrat not found');
330  }
331 
332  if (!DolibarrApi::_checkAccessToResource('contrat', $this->contract->id)) {
333  throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
334  }
335 
336  $request_data = (object) $request_data;
337 
338  $request_data->desc = sanitizeVal($request_data->desc, 'restricthtml');
339  $request_data->price_base_type = sanitizeVal($request_data->price_base_type);
340 
341  $updateRes = $this->contract->updateline(
342  $lineid,
343  $request_data->desc,
344  $request_data->subprice,
345  $request_data->qty,
346  $request_data->remise_percent,
347  $request_data->date_start,
348  $request_data->date_end,
349  $request_data->tva_tx,
350  $request_data->localtax1_tx,
351  $request_data->localtax2_tx,
352  $request_data->date_start_real,
353  $request_data->date_end_real,
354  $request_data->price_base_type ? $request_data->price_base_type : 'HT',
355  $request_data->info_bits,
356  $request_data->fk_fourn_price,
357  $request_data->pa_ht,
358  $request_data->array_options,
359  $request_data->fk_unit
360  );
361 
362  if ($updateRes > 0) {
363  $result = $this->get($id);
364  unset($result->line);
365  return $this->_cleanObjectDatas($result);
366  }
367 
368  return false;
369  }
370 
384  public function activateLine($id, $lineid, $datestart, $dateend = null, $comment = null)
385  {
386  if (!DolibarrApiAccess::$user->rights->contrat->creer) {
387  throw new RestException(401);
388  }
389 
390  $result = $this->contract->fetch($id);
391  if (!$result) {
392  throw new RestException(404, 'Contrat not found');
393  }
394 
395  if (!DolibarrApi::_checkAccessToResource('contrat', $this->contract->id)) {
396  throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
397  }
398 
399  $updateRes = $this->contract->active_line(DolibarrApiAccess::$user, $lineid, $datestart, $dateend, $comment);
400 
401  if ($updateRes > 0) {
402  $result = $this->get($id);
403  unset($result->line);
404  return $this->_cleanObjectDatas($result);
405  }
406 
407  return false;
408  }
409 
422  public function unactivateLine($id, $lineid, $datestart, $comment = null)
423  {
424  if (!DolibarrApiAccess::$user->rights->contrat->creer) {
425  throw new RestException(401);
426  }
427 
428  $result = $this->contract->fetch($id);
429  if (!$result) {
430  throw new RestException(404, 'Contrat not found');
431  }
432 
433  if (!DolibarrApi::_checkAccessToResource('contrat', $this->contract->id)) {
434  throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
435  }
436 
437  $updateRes = $this->contract->close_line(DolibarrApiAccess::$user, $lineid, $datestart, $comment);
438 
439  if ($updateRes > 0) {
440  $result = $this->get($id);
441  unset($result->line);
442  return $this->_cleanObjectDatas($result);
443  }
444 
445  return false;
446  }
447 
462  public function deleteLine($id, $lineid)
463  {
464  if (!DolibarrApiAccess::$user->rights->contrat->creer) {
465  throw new RestException(401);
466  }
467 
468  $result = $this->contract->fetch($id);
469  if (!$result) {
470  throw new RestException(404, 'Contrat not found');
471  }
472 
473  if (!DolibarrApi::_checkAccessToResource('contrat', $this->contract->id)) {
474  throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
475  }
476 
477  // TODO Check the lineid $lineid is a line of object
478 
479  $updateRes = $this->contract->deleteline($lineid, DolibarrApiAccess::$user);
480  if ($updateRes > 0) {
481  return $this->get($id);
482  } else {
483  throw new RestException(405, $this->contract->error);
484  }
485  }
486 
495  public function put($id, $request_data = null)
496  {
497  if (!DolibarrApiAccess::$user->rights->contrat->creer) {
498  throw new RestException(401);
499  }
500 
501  $result = $this->contract->fetch($id);
502  if (!$result) {
503  throw new RestException(404, 'Contrat not found');
504  }
505 
506  if (!DolibarrApi::_checkAccessToResource('contrat', $this->contract->id)) {
507  throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
508  }
509  foreach ($request_data as $field => $value) {
510  if ($field == 'id') {
511  continue;
512  }
513  $this->contract->$field = $value;
514  }
515 
516  if ($this->contract->update(DolibarrApiAccess::$user) > 0) {
517  return $this->get($id);
518  } else {
519  throw new RestException(500, $this->contract->error);
520  }
521  }
522 
530  public function delete($id)
531  {
532  if (!DolibarrApiAccess::$user->rights->contrat->supprimer) {
533  throw new RestException(401);
534  }
535  $result = $this->contract->fetch($id);
536  if (!$result) {
537  throw new RestException(404, 'Contract not found');
538  }
539 
540  if (!DolibarrApi::_checkAccessToResource('contrat', $this->contract->id)) {
541  throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
542  }
543 
544  if (!$this->contract->delete(DolibarrApiAccess::$user)) {
545  throw new RestException(500, 'Error when delete contract : '.$this->contract->error);
546  }
547 
548  return array(
549  'success' => array(
550  'code' => 200,
551  'message' => 'Contract deleted'
552  )
553  );
554  }
555 
572  public function validate($id, $notrigger = 0)
573  {
574  if (!DolibarrApiAccess::$user->rights->contrat->creer) {
575  throw new RestException(401);
576  }
577  $result = $this->contract->fetch($id);
578  if (!$result) {
579  throw new RestException(404, 'Contract not found');
580  }
581 
582  if (!DolibarrApi::_checkAccessToResource('contrat', $this->contract->id)) {
583  throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
584  }
585 
586  $result = $this->contract->validate(DolibarrApiAccess::$user, '', $notrigger);
587  if ($result == 0) {
588  throw new RestException(304, 'Error nothing done. May be object is already validated');
589  }
590  if ($result < 0) {
591  throw new RestException(500, 'Error when validating Contract: '.$this->contract->error);
592  }
593 
594  return array(
595  'success' => array(
596  'code' => 200,
597  'message' => 'Contract validated (Ref='.$this->contract->ref.')'
598  )
599  );
600  }
601 
618  public function close($id, $notrigger = 0)
619  {
620  if (!DolibarrApiAccess::$user->rights->contrat->creer) {
621  throw new RestException(401);
622  }
623  $result = $this->contract->fetch($id);
624  if (!$result) {
625  throw new RestException(404, 'Contract not found');
626  }
627 
628  if (!DolibarrApi::_checkAccessToResource('contrat', $this->contract->id)) {
629  throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
630  }
631 
632  $result = $this->contract->closeAll(DolibarrApiAccess::$user, $notrigger);
633  if ($result == 0) {
634  throw new RestException(304, 'Error nothing done. May be object is already close');
635  }
636  if ($result < 0) {
637  throw new RestException(500, 'Error when closing Contract: '.$this->contract->error);
638  }
639 
640  return array(
641  'success' => array(
642  'code' => 200,
643  'message' => 'Contract closed (Ref='.$this->contract->ref.'). All services were closed.'
644  )
645  );
646  }
647 
648 
649 
650  // phpcs:disable PEAR.NamingConventions.ValidFunctionName.PublicUnderscore
657  protected function _cleanObjectDatas($object)
658  {
659  // phpcs:enable
660  $object = parent::_cleanObjectDatas($object);
661 
662  unset($object->address);
663  unset($object->civility_id);
664 
665  return $object;
666  }
667 
675  private function _validate($data)
676  {
677  $contrat = array();
678  foreach (Contracts::$FIELDS as $field) {
679  if (!isset($data[$field])) {
680  throw new RestException(400, "$field field missing");
681  }
682  $contrat[$field] = $data[$field];
683  }
684  return $contrat;
685  }
686 }
Contracts\_cleanObjectDatas
_cleanObjectDatas($object)
Clean sensible object datas.
Definition: api_contracts.class.php:657
Contracts\postLine
postLine($id, $request_data=null)
Add a line to given contract.
Definition: api_contracts.class.php:263
db
$conf db
API class for accounts.
Definition: inc.php:41
Contracts\__construct
__construct()
Constructor.
Definition: api_contracts.class.php:51
Contracts\unactivateLine
unactivateLine($id, $lineid, $datestart, $comment=null)
Unactivate a service line of a given contract.
Definition: api_contracts.class.php:422
Contracts\getLines
getLines($id)
Get lines of a contract.
Definition: api_contracts.class.php:231
Contracts
Definition: api_contracts.class.php:30
Contracts\deleteLine
deleteLine($id, $lineid)
Delete a line to given contract.
Definition: api_contracts.class.php:462
sanitizeVal
sanitizeVal($out='', $check='alphanohtml', $filter=null, $options=null)
Return a sanitized or empty value after checking value against a rule.
Definition: functions.lib.php:867
DolibarrApi\_checkAccessToResource
static _checkAccessToResource($resource, $resource_id=0, $dbtablename='', $feature2='', $dbt_keyfield='fk_soc', $dbt_select='rowid')
Check access by user to a given resource.
Definition: api.class.php:283
Contracts\_validate
_validate($data)
Validate fields before create or update object.
Definition: api_contracts.class.php:675
DolibarrApi
Class for API REST v1.
Definition: api.class.php:30
Contracts\post
post($request_data=null)
Create contract object.
Definition: api_contracts.class.php:197
Contracts\put
put($id, $request_data=null)
Update contract general fields (won't touch lines of contract)
Definition: api_contracts.class.php:495
dol_syslog
dol_syslog($message, $level=LOG_INFO, $ident=0, $suffixinfilename='', $restricttologhandler='', $logcontext=null)
Write log message into outputs.
Definition: functions.lib.php:1628
Contracts\validate
validate($id, $notrigger=0)
Validate a contract.
Definition: api_contracts.class.php:572
forgeSQLFromUniversalSearchCriteria
forgeSQLFromUniversalSearchCriteria($filter, &$error='')
forgeSQLFromUniversalSearchCriteria
Definition: functions.lib.php:11566
Contracts\activateLine
activateLine($id, $lineid, $datestart, $dateend=null, $comment=null)
Activate a service line of a given contract.
Definition: api_contracts.class.php:384
Contrat
Class to manage contracts.
Definition: contrat.class.php:43
Contracts\close
close($id, $notrigger=0)
Close all services of a contract.
Definition: api_contracts.class.php:618
Contracts\putLine
putLine($id, $lineid, $request_data=null)
Update a line to given contract.
Definition: api_contracts.class.php:321
Contracts\index
index($sortfield="t.rowid", $sortorder='ASC', $limit=100, $page=0, $thirdparty_ids='', $sqlfilters='')
List contracts.
Definition: api_contracts.class.php:105