84 global $conf, $db, $langs, $mysoc, $user;
89 $userClass = Defaults::$userIdentifierClass;
98 if (isset($_GET[
'api_key'])) {
100 $api_key = $_GET[
'api_key'];
102 if (isset($_GET[
'DOLAPIKEY'])) {
104 $api_key = $_GET[
'DOLAPIKEY'];
106 if (isset($_SERVER[
'HTTP_DOLAPIKEY'])) {
107 $api_key = $_SERVER[
'HTTP_DOLAPIKEY'];
109 if (preg_match(
'/^dolcrypt:/i', $api_key)) {
110 throw new RestException(503,
'Bad value for the API key. An API key should not start with dolcrypt:');
116 $sql =
"SELECT u.login, u.datec, u.api_key,";
117 $sql .=
" u.tms as date_modification, u.entity";
118 $sql .=
" FROM ".MAIN_DB_PREFIX.
"user as u";
119 $sql .=
" WHERE u.api_key = '".$this->db->escape($api_key).
"' OR u.api_key = '".$this->db->escape(
dolEncrypt($api_key,
'',
'',
'dolibarr')).
"'";
121 $result = $this->db->query($sql);
123 $nbrows = $this->db->num_rows($result);
125 $obj = $this->db->fetch_object($result);
126 $login = $obj->login;
128 $userentity = $obj->entity;
130 if (!defined(
"DOLENTITY") && $conf->entity != ($obj->entity ? $obj->entity : 1)) {
131 $conf->entity = ($obj->entity ? $obj->entity : 1);
133 dol_syslog(
"Entity was not set on http header with HTTP_DOLAPIENTITY (recommanded for performance purpose), so we switch now on entity of user (".$conf->entity.
") and we have to reload configuration.", LOG_WARNING);
134 $conf->setValues($this->db);
138 require_once DOL_DOCUMENT_ROOT.
'/societe/class/societe.class.php';
141 $fmysoc->setMysoc($conf);
144 if ($fmysoc->country_code ==
'DE' && !isset($conf->global->MAIN_INVERT_SENDER_RECIPIENT)) {
146 $conf->global->MAIN_INVERT_SENDER_RECIPIENT = 1;
148 if ($fmysoc->country_code ==
'FR' && !isset($conf->global->INVOICE_CATEGORY_OF_OPERATION)) {
150 $conf->global->INVOICE_CATEGORY_OF_OPERATION = 1;
152 if ($fmysoc->country_code ==
'FR' && !isset($conf->global->INVOICE_DISABLE_REPLACEMENT)) {
156 $conf->global->INVOICE_DISABLE_REPLACEMENT = 1;
158 if ($fmysoc->country_code ==
'GR' && !isset($conf->global->INVOICE_DISABLE_REPLACEMENT)) {
160 $conf->global->INVOICE_DISABLE_REPLACEMENT = 1;
162 if ($fmysoc->country_code ==
'GR' && !isset($conf->global->INVOICE_DISABLE_DEPOSIT)) {
164 $conf->global->INVOICE_DISABLE_DEPOSIT = 1;
167 if (($fmysoc->localtax1_assuj || $fmysoc->localtax2_assuj) && !isset($conf->global->MAIN_NO_INPUT_PRICE_WITH_TAX)) {
170 $conf->global->MAIN_NO_INPUT_PRICE_WITH_TAX = 1;
176 $langcode = (empty($conf->global->MAIN_LANG_DEFAULT) ?
'auto' : $conf->global->MAIN_LANG_DEFAULT);
177 if (!empty($user->conf->MAIN_LANG_DEFAULT)) {
178 $langcode = $user->conf->MAIN_LANG_DEFAULT;
180 if ($langs->getDefaultLang() != $langcode) {
181 $langs->setDefaultLang($langcode);
182 $langs->tab_translate = array();
183 $langs->loadLangs(array(
'main'));
186 } elseif ($nbrows > 1) {
187 throw new RestException(503,
'Error when fetching user api_key : More than 1 user with this apikey');
190 throw new RestException(503,
'Error when fetching user api_key :'.$this->db->error_msg);
193 if ($login && $stored_key != $api_key) {
194 $userClass::setCacheIdentifier($api_key);
198 $genericmessageerroruser =
'Error user not valid (not found with api key or bad status or bad validity dates) (conf->entity='.$conf->entity.
')';
201 dol_syslog(
"functions_isallowed::check_user_api_key Authentication KO for api key: Error when searching login user from api key", LOG_NOTICE);
203 throw new RestException(401, $genericmessageerroruser);
206 $fuser =
new User($this->db);
207 $result = $fuser->fetch(
'', $login,
'', 0, (empty($userentity) ? -1 : $conf->entity));
209 dol_syslog(
"functions_isallowed::check_user_api_key Authentication KO for '".$login.
"': Failed to fetch on entity", LOG_NOTICE);
211 throw new RestException(401, $genericmessageerroruser);
215 if ($fuser->statut != $fuser::STATUS_ENABLED) {
217 dol_syslog(
"functions_isallowed::check_user_api_key Authentication KO for '".$login.
"': The user has been disabled", LOG_NOTICE);
219 throw new RestException(401, $genericmessageerroruser);
223 if (($fuser->flagdelsessionsbefore && !empty($_SESSION[
"dol_logindate"]) && $fuser->flagdelsessionsbefore > $_SESSION[
"dol_logindate"])) {
225 dol_syslog(
"functions_isallowed::check_user_api_key Authentication KO for '".$login.
"': The user has a date for session invalidation = ".$fuser->flagdelsessionsbefore.
" and a session date = ".$_SESSION[
"dol_logindate"].
". We must invalidate its sessions.");
227 throw new RestException(401, $genericmessageerroruser);
231 if ($fuser->isNotIntoValidityDateRange()) {
233 dol_syslog(
"functions_isallowed::check_user_api_key Authentication KO for '".$login.
"': The user login has a validity between [".$fuser->datestartvalidity.
" and ".$fuser->dateendvalidity.
"], curren date is ".
dol_now());
235 throw new RestException(401, $genericmessageerroruser);
242 static::$user = $fuser;
248 static::$role =
'external';
252 static::$role =
'admin';
255 throw new RestException(401,
"Failed to login to API. No parameter 'HTTP_DOLAPIKEY' on HTTP header (and no parameter DOLAPIKEY in URL).");
258 $userClass::setCacheIdentifier(static::$role);
259 Resources::$accessControlFunction =
'DolibarrApiAccess::verifyAccess';
260 $requirefortest = static::$requires;
261 if (!is_array($requirefortest)) {
262 $requirefortest = explode(
',', $requirefortest);
264 return in_array(static::$role, (array) $requirefortest) || static::$role ==
'admin';