dolibarr 18.0.6
api_expensereports.class.php
1<?php
2/* Copyright (C) 2015 Jean-François Ferry <jfefe@aternatik.fr>
3 * Copyright (C) 2016 Laurent Destailleur <eldy@users.sourceforge.net>
4 * Copyright (C) 2020 Frédéric France <frederic.france@netlogic.fr>
5 *
6 * This program is free software; you can redistribute it and/or modify
7 * it under the terms of the GNU General Public License as published by
8 * the Free Software Foundation; either version 3 of the License, or
9 * (at your option) any later version.
10 *
11 * This program is distributed in the hope that it will be useful,
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14 * GNU General Public License for more details.
15 *
16 * You should have received a copy of the GNU General Public License
17 * along with this program. If not, see <https://www.gnu.org/licenses/>.
18 */
19
20 use Luracast\Restler\RestException;
21
22 require_once DOL_DOCUMENT_ROOT.'/expensereport/class/expensereport.class.php';
23
30class ExpenseReports extends DolibarrApi
31{
32
36 public static $FIELDS = array(
37 'fk_user_author'
38 );
39
43 public $expensereport;
44
45
49 public function __construct()
50 {
51 global $db, $conf;
52 $this->db = $db;
53 $this->expensereport = new ExpenseReport($this->db);
54 }
55
66 public function get($id)
67 {
68 if (!DolibarrApiAccess::$user->rights->expensereport->lire) {
69 throw new RestException(401);
70 }
71
72 $result = $this->expensereport->fetch($id);
73 if (!$result) {
74 throw new RestException(404, 'Expense report not found');
75 }
76
77 if (!DolibarrApi::_checkAccessToResource('expensereport', $this->expensereport->id)) {
78 throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
79 }
80
81 $this->expensereport->fetchObjectLinked();
82 return $this->_cleanObjectDatas($this->expensereport);
83 }
84
98 public function index($sortfield = "t.rowid", $sortorder = 'ASC', $limit = 100, $page = 0, $user_ids = 0, $sqlfilters = '')
99 {
100 global $db, $conf;
101
102 if (!DolibarrApiAccess::$user->rights->expensereport->lire) {
103 throw new RestException(401);
104 }
105
106 $obj_ret = array();
107
108 // case of external user, $societe param is ignored and replaced by user's socid
109 //$socid = DolibarrApiAccess::$user->socid ? DolibarrApiAccess::$user->socid : $societe;
110
111 $sql = "SELECT t.rowid";
112 $sql .= " FROM ".MAIN_DB_PREFIX."expensereport AS t LEFT JOIN ".MAIN_DB_PREFIX."expensereport_extrafields AS ef ON (ef.fk_object = t.rowid)"; // Modification VMR Global Solutions to include extrafields as search parameters in the API GET call, so we will be able to filter on extrafields
113 $sql .= ' WHERE t.entity IN ('.getEntity('expensereport').')';
114 if ($user_ids) {
115 $sql .= " AND t.fk_user_author IN (".$this->db->sanitize($user_ids).")";
116 }
117
118 // Add sql filters
119 if ($sqlfilters) {
120 $errormessage = '';
121 $sql .= forgeSQLFromUniversalSearchCriteria($sqlfilters, $errormessage);
122 if ($errormessage) {
123 throw new RestException(400, 'Error when validating parameter sqlfilters -> '.$errormessage);
124 }
125 }
126
127 $sql .= $this->db->order($sortfield, $sortorder);
128 if ($limit) {
129 if ($page < 0) {
130 $page = 0;
131 }
132 $offset = $limit * $page;
133
134 $sql .= $this->db->plimit($limit + 1, $offset);
135 }
136
137 $result = $this->db->query($sql);
138
139 if ($result) {
140 $num = $this->db->num_rows($result);
141 $min = min($num, ($limit <= 0 ? $num : $limit));
142 $i = 0;
143 while ($i < $min) {
144 $obj = $this->db->fetch_object($result);
145 $expensereport_static = new ExpenseReport($this->db);
146 if ($expensereport_static->fetch($obj->rowid)) {
147 $obj_ret[] = $this->_cleanObjectDatas($expensereport_static);
148 }
149 $i++;
150 }
151 } else {
152 throw new RestException(503, 'Error when retrieve Expense Report list : '.$this->db->lasterror());
153 }
154 if (!count($obj_ret)) {
155 throw new RestException(404, 'No Expense Report found');
156 }
157 return $obj_ret;
158 }
159
166 public function post($request_data = null)
167 {
168 if (!DolibarrApiAccess::$user->rights->expensereport->creer) {
169 throw new RestException(401, "Insuffisant rights");
170 }
171
172 // Check mandatory fields
173 $result = $this->_validate($request_data);
174
175 foreach ($request_data as $field => $value) {
176 $this->expensereport->$field = $value;
177 }
178 /*if (isset($request_data["lines"])) {
179 $lines = array();
180 foreach ($request_data["lines"] as $line) {
181 array_push($lines, (object) $line);
182 }
183 $this->expensereport->lines = $lines;
184 }*/
185 if ($this->expensereport->create(DolibarrApiAccess::$user) < 0) {
186 throw new RestException(500, "Error creating expensereport", array_merge(array($this->expensereport->error), $this->expensereport->errors));
187 }
188
189 return $this->expensereport->id;
190 }
191
201 /*
202 public function getLines($id)
203 {
204 if(! DolibarrApiAccess::$user->rights->expensereport->lire) {
205 throw new RestException(401);
206 }
207
208 $result = $this->expensereport->fetch($id);
209 if( ! $result ) {
210 throw new RestException(404, 'expensereport not found');
211 }
212
213 if( ! DolibarrApi::_checkAccessToResource('expensereport',$this->expensereport->id)) {
214 throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
215 }
216 $this->expensereport->getLinesArray();
217 $result = array();
218 foreach ($this->expensereport->lines as $line) {
219 array_push($result,$this->_cleanObjectDatas($line));
220 }
221 return $result;
222 }
223 */
224
235 /*
236 public function postLine($id, $request_data = null)
237 {
238 if(! DolibarrApiAccess::$user->rights->expensereport->creer) {
239 throw new RestException(401);
240 }
241
242 $result = $this->expensereport->fetch($id);
243 if( ! $result ) {
244 throw new RestException(404, 'expensereport not found');
245 }
246
247 if( ! DolibarrApi::_checkAccessToResource('expensereport',$this->expensereport->id)) {
248 throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
249 }
250
251 $request_data = (object) $request_data;
252
253 $request_data->desc = sanitizeVal($request_data->desc, 'restricthtml');
254 $request_data->label = sanitizeVal($request_data->label);
255
256 $updateRes = $this->expensereport->addline(
257 $request_data->desc,
258 $request_data->subprice,
259 $request_data->qty,
260 $request_data->tva_tx,
261 $request_data->localtax1_tx,
262 $request_data->localtax2_tx,
263 $request_data->fk_product,
264 $request_data->remise_percent,
265 $request_data->info_bits,
266 $request_data->fk_remise_except,
267 'HT',
268 0,
269 $request_data->date_start,
270 $request_data->date_end,
271 $request_data->product_type,
272 $request_data->rang,
273 $request_data->special_code,
274 $fk_parent_line,
275 $request_data->fk_fournprice,
276 $request_data->pa_ht,
277 $request_data->label,
278 $request_data->array_options,
279 $request_data->fk_unit,
280 $this->element,
281 $request_data->id
282 );
283
284 if ($updateRes > 0) {
285 return $updateRes;
286
287 }
288 return false;
289 }
290 */
291
303 /*
304 public function putLine($id, $lineid, $request_data = null)
305 {
306 if(! DolibarrApiAccess::$user->rights->expensereport->creer) {
307 throw new RestException(401);
308 }
309
310 $result = $this->expensereport->fetch($id);
311 if( ! $result ) {
312 throw new RestException(404, 'expensereport not found');
313 }
314
315 if( ! DolibarrApi::_checkAccessToResource('expensereport',$this->expensereport->id)) {
316 throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
317 }
318
319 $request_data = (object) $request_data;
320
321 $request_data->desc = sanitizeVal($request_data->desc, 'restricthtml');
322 $request_data->label = sanitizeVal($request_data->label);
323
324 $updateRes = $this->expensereport->updateline(
325 $lineid,
326 $request_data->desc,
327 $request_data->subprice,
328 $request_data->qty,
329 $request_data->remise_percent,
330 $request_data->tva_tx,
331 $request_data->localtax1_tx,
332 $request_data->localtax2_tx,
333 'HT',
334 $request_data->info_bits,
335 $request_data->date_start,
336 $request_data->date_end,
337 $request_data->product_type,
338 $request_data->fk_parent_line,
339 0,
340 $request_data->fk_fournprice,
341 $request_data->pa_ht,
342 $request_data->label,
343 $request_data->special_code,
344 $request_data->array_options,
345 $request_data->fk_unit
346 );
347
348 if ($updateRes > 0) {
349 $result = $this->get($id);
350 unset($result->line);
351 return $this->_cleanObjectDatas($result);
352 }
353 return false;
354 }
355 */
356
367 /*
368 public function deleteLine($id, $lineid)
369 {
370 if(! DolibarrApiAccess::$user->rights->expensereport->creer) {
371 throw new RestException(401);
372 }
373
374 $result = $this->expensereport->fetch($id);
375 if( ! $result ) {
376 throw new RestException(404, 'expensereport not found');
377 }
378
379 if( ! DolibarrApi::_checkAccessToResource('expensereport',$this->expensereport->id)) {
380 throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
381 }
382
383 // TODO Check the lineid $lineid is a line of ojbect
384
385 $updateRes = $this->expensereport->deleteline($lineid);
386 if ($updateRes == 1) {
387 return $this->get($id);
388 }
389 return false;
390 }
391 */
392
405 public function put($id, $request_data = null)
406 {
407 if (!DolibarrApiAccess::$user->rights->expensereport->creer) {
408 throw new RestException(401);
409 }
410
411 $result = $this->expensereport->fetch($id);
412 if (!$result) {
413 throw new RestException(404, 'expensereport not found');
414 }
415
416 if (!DolibarrApi::_checkAccessToResource('expensereport', $this->expensereport->id)) {
417 throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
418 }
419 foreach ($request_data as $field => $value) {
420 if ($field == 'id') {
421 continue;
422 }
423 $this->expensereport->$field = $value;
424 }
425
426 if ($this->expensereport->update(DolibarrApiAccess::$user) > 0) {
427 return $this->get($id);
428 } else {
429 throw new RestException(500, $this->expensereport->error);
430 }
431 }
432
440 public function delete($id)
441 {
442 if (!DolibarrApiAccess::$user->rights->expensereport->supprimer) {
443 throw new RestException(401);
444 }
445
446 $result = $this->expensereport->fetch($id);
447 if (!$result) {
448 throw new RestException(404, 'Expense Report not found');
449 }
450
451 if (!DolibarrApi::_checkAccessToResource('expensereport', $this->expensereport->id)) {
452 throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
453 }
454
455 if (!$this->expensereport->delete(DolibarrApiAccess::$user)) {
456 throw new RestException(500, 'Error when delete Expense Report : '.$this->expensereport->error);
457 }
458
459 return array(
460 'success' => array(
461 'code' => 200,
462 'message' => 'Expense Report deleted'
463 )
464 );
465 }
466
482 /*
483 public function validate($id, $idwarehouse=0)
484 {
485 if(! DolibarrApiAccess::$user->rights->expensereport->creer) {
486 throw new RestException(401);
487 }
488
489 $result = $this->expensereport->fetch($id);
490 if( ! $result ) {
491 throw new RestException(404, 'expensereport not found');
492 }
493
494 if( ! DolibarrApi::_checkAccessToResource('expensereport',$this->expensereport->id)) {
495 throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
496 }
497
498 if( ! $this->expensereport->valid(DolibarrApiAccess::$user, $idwarehouse)) {
499 throw new RestException(500, 'Error when validate expensereport');
500 }
501
502 return array(
503 'success' => array(
504 'code' => 200,
505 'message' => 'expensereport validated'
506 )
507 );
508 }*/
509
510 // phpcs:disable PEAR.NamingConventions.ValidFunctionName.PublicUnderscore
517 protected function _cleanObjectDatas($object)
518 {
519 // phpcs:enable
520 $object = parent::_cleanObjectDatas($object);
521
522 unset($object->fk_statut);
523 unset($object->statut);
524 unset($object->user);
525 unset($object->thirdparty);
526
527 unset($object->cond_reglement);
528 unset($object->shipping_method_id);
529
530 unset($object->barcode_type);
531 unset($object->barcode_type_code);
532 unset($object->barcode_type_label);
533 unset($object->barcode_type_coder);
534
535 unset($object->code_paiement);
536 unset($object->code_statut);
537 unset($object->fk_c_paiement);
538 unset($object->fk_incoterms);
539 unset($object->label_incoterms);
540 unset($object->location_incoterms);
541 unset($object->mode_reglement_id);
542 unset($object->cond_reglement_id);
543
544 unset($object->name);
545 unset($object->lastname);
546 unset($object->firstname);
547 unset($object->civility_id);
548 unset($object->cond_reglement_id);
549 unset($object->contact);
550 unset($object->contact_id);
551
552 unset($object->state);
553 unset($object->state_id);
554 unset($object->state_code);
555 unset($object->country);
556 unset($object->country_id);
557 unset($object->country_code);
558
559 unset($object->note); // We already use note_public and note_pricate
560
561 return $object;
562 }
563
571 private function _validate($data)
572 {
573 $expensereport = array();
574 foreach (ExpenseReports::$FIELDS as $field) {
575 if (!isset($data[$field])) {
576 throw new RestException(400, "$field field missing");
577 }
578 $expensereport[$field] = $data[$field];
579 }
580 return $expensereport;
581 }
582}
DolibarrApi
Class for API REST v1.
Definition api.class.php:31
DolibarrApi\_checkAccessToResource
static _checkAccessToResource($resource, $resource_id=0, $dbtablename='', $feature2='', $dbt_keyfield='fk_soc', $dbt_select='rowid')
Check access by user to a given resource.
Definition api.class.php:282
ExpenseReport
Class to manage Trips and Expenses.
Definition expensereport.class.php:37
ExpenseReports\index
index($sortfield="t.rowid", $sortorder='ASC', $limit=100, $page=0, $user_ids=0, $sqlfilters='')
List Expense Reports.
Definition api_expensereports.class.php:98
ExpenseReports\_cleanObjectDatas
_cleanObjectDatas($object)
Validate an Expense Report.
Definition api_expensereports.class.php:517
ExpenseReports\_validate
_validate($data)
Validate fields before create or update object.
Definition api_expensereports.class.php:571
ExpenseReports\put
put($id, $request_data=null)
Get lines of an Expense Report.
Definition api_expensereports.class.php:405
ExpenseReports\post
post($request_data=null)
Create Expense Report object.
Definition api_expensereports.class.php:166
forgeSQLFromUniversalSearchCriteria
forgeSQLFromUniversalSearchCriteria($filter, &$errorstr='', $noand=0, $nopar=0, $noerror=0)
forgeSQLFromUniversalSearchCriteria
Definition functions.lib.php:12003
Generated on Mon Sep 2 2024 01:00:27 for dolibarr by Doxygen 1.11.0