dolibarr 18.0.6
api_expensereports.class.php
1<?php
2/* Copyright (C) 2015 Jean-François Ferry <jfefe@aternatik.fr>
3 * Copyright (C) 2016 Laurent Destailleur <eldy@users.sourceforge.net>
4 * Copyright (C) 2020 Frédéric France <frederic.france@netlogic.fr>
5 *
6 * This program is free software; you can redistribute it and/or modify
7 * it under the terms of the GNU General Public License as published by
8 * the Free Software Foundation; either version 3 of the License, or
9 * (at your option) any later version.
10 *
11 * This program is distributed in the hope that it will be useful,
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14 * GNU General Public License for more details.
15 *
16 * You should have received a copy of the GNU General Public License
17 * along with this program. If not, see <https://www.gnu.org/licenses/>.
18 */
19
20 use Luracast\Restler\RestException;
21
22 require_once DOL_DOCUMENT_ROOT.'/expensereport/class/expensereport.class.php';
23
30class ExpenseReports extends DolibarrApi
31{
32
36 public static $FIELDS = array(
37 'fk_user_author'
38 );
39
43 public $expensereport;
44
45
49 public function __construct()
50 {
51 global $db, $conf;
52 $this->db = $db;
53 $this->expensereport = new ExpenseReport($this->db);
54 }
55
66 public function get($id)
67 {
68 if (!DolibarrApiAccess::$user->rights->expensereport->lire) {
69 throw new RestException(401);
70 }
71
72 $result = $this->expensereport->fetch($id);
73 if (!$result) {
74 throw new RestException(404, 'Expense report not found');
75 }
76
77 if (!DolibarrApi::_checkAccessToResource('expensereport', $this->expensereport->id)) {
78 throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
79 }
80
81 $this->expensereport->fetchObjectLinked();
82 return $this->_cleanObjectDatas($this->expensereport);
83 }
84
98 public function index($sortfield = "t.rowid", $sortorder = 'ASC', $limit = 100, $page = 0, $user_ids = 0, $sqlfilters = '')
99 {
100 global $db, $conf;
101
102 if (!DolibarrApiAccess::$user->rights->expensereport->lire) {
103 throw new RestException(401);
104 }
105
106 $obj_ret = array();
107
108 // case of external user, $societe param is ignored and replaced by user's socid
109 //$socid = DolibarrApiAccess::$user->socid ? DolibarrApiAccess::$user->socid : $societe;
110
111 $sql = "SELECT t.rowid";
112 $sql .= " FROM ".MAIN_DB_PREFIX."expensereport AS t LEFT JOIN ".MAIN_DB_PREFIX."expensereport_extrafields AS ef ON (ef.fk_object = t.rowid)"; // Modification VMR Global Solutions to include extrafields as search parameters in the API GET call, so we will be able to filter on extrafields
113 $sql .= ' WHERE t.entity IN ('.getEntity('expensereport').')';
114 if ($user_ids) {
115 $sql .= " AND t.fk_user_author IN (".$this->db->sanitize($user_ids).")";
116 }
117
118 // Add sql filters
119 if ($sqlfilters) {
120 $errormessage = '';
121 $sql .= forgeSQLFromUniversalSearchCriteria($sqlfilters, $errormessage);
122 if ($errormessage) {
123 throw new RestException(400, 'Error when validating parameter sqlfilters -> '.$errormessage);
124 }
125 }
126
127 $sql .= $this->db->order($sortfield, $sortorder);
128 if ($limit) {
129 if ($page < 0) {
130 $page = 0;
131 }
132 $offset = $limit * $page;
133
134 $sql .= $this->db->plimit($limit + 1, $offset);
135 }
136
137 $result = $this->db->query($sql);
138
139 if ($result) {
140 $num = $this->db->num_rows($result);
141 $min = min($num, ($limit <= 0 ? $num : $limit));
142 $i = 0;
143 while ($i < $min) {
144 $obj = $this->db->fetch_object($result);
145 $expensereport_static = new ExpenseReport($this->db);
146 if ($expensereport_static->fetch($obj->rowid)) {
147 $obj_ret[] = $this->_cleanObjectDatas($expensereport_static);
148 }
149 $i++;
150 }
151 } else {
152 throw new RestException(503, 'Error when retrieve Expense Report list : '.$this->db->lasterror());
153 }
154 if (!count($obj_ret)) {
155 throw new RestException(404, 'No Expense Report found');
156 }
157 return $obj_ret;
158 }
159
166 public function post($request_data = null)
167 {
168 if (!DolibarrApiAccess::$user->rights->expensereport->creer) {
169 throw new RestException(401, "Insuffisant rights");
170 }
171
172 // Check mandatory fields
173 $result = $this->_validate($request_data);
174
175 foreach ($request_data as $field => $value) {
176 $this->expensereport->$field = $value;
177 }
178 /*if (isset($request_data["lines"])) {
179 $lines = array();
180 foreach ($request_data["lines"] as $line) {
181 array_push($lines, (object) $line);
182 }
183 $this->expensereport->lines = $lines;
184 }*/
185 if ($this->expensereport->create(DolibarrApiAccess::$user) < 0) {
186 throw new RestException(500, "Error creating expensereport", array_merge(array($this->expensereport->error), $this->expensereport->errors));
187 }
188
189 return $this->expensereport->id;
190 }
191
201 /*
202 public function getLines($id)
203 {
204 if(! DolibarrApiAccess::$user->rights->expensereport->lire) {
205 throw new RestException(401);
206 }
207
208 $result = $this->expensereport->fetch($id);
209 if( ! $result ) {
210 throw new RestException(404, 'expensereport not found');
211 }
212
213 if( ! DolibarrApi::_checkAccessToResource('expensereport',$this->expensereport->id)) {
214 throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
215 }
216 $this->expensereport->getLinesArray();
217 $result = array();
218 foreach ($this->expensereport->lines as $line) {
219 array_push($result,$this->_cleanObjectDatas($line));
220 }
221 return $result;
222 }
223 */
224
235 /*
236 public function postLine($id, $request_data = null)
237 {
238 if(! DolibarrApiAccess::$user->rights->expensereport->creer) {
239 throw new RestException(401);
240 }
241
242 $result = $this->expensereport->fetch($id);
243 if( ! $result ) {
244 throw new RestException(404, 'expensereport not found');
245 }
246
247 if( ! DolibarrApi::_checkAccessToResource('expensereport',$this->expensereport->id)) {
248 throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
249 }
250
251 $request_data = (object) $request_data;
252
253 $request_data->desc = sanitizeVal($request_data->desc, 'restricthtml');
254 $request_data->label = sanitizeVal($request_data->label);
255
256 $updateRes = $this->expensereport->addline(
257 $request_data->desc,
258 $request_data->subprice,
259 $request_data->qty,
260 $request_data->tva_tx,
261 $request_data->localtax1_tx,
262 $request_data->localtax2_tx,
263 $request_data->fk_product,
264 $request_data->remise_percent,
265 $request_data->info_bits,
266 $request_data->fk_remise_except,
267 'HT',
268 0,
269 $request_data->date_start,
270 $request_data->date_end,
271 $request_data->product_type,
272 $request_data->rang,
273 $request_data->special_code,
274 $fk_parent_line,
275 $request_data->fk_fournprice,
276 $request_data->pa_ht,
277 $request_data->label,
278 $request_data->array_options,
279 $request_data->fk_unit,
280 $this->element,
281 $request_data->id
282 );
283
284 if ($updateRes > 0) {
285 return $updateRes;
286
287 }
288 return false;
289 }
290 */
291
303 /*
304 public function putLine($id, $lineid, $request_data = null)
305 {
306 if(! DolibarrApiAccess::$user->rights->expensereport->creer) {
307 throw new RestException(401);
308 }
309
310 $result = $this->expensereport->fetch($id);
311 if( ! $result ) {
312 throw new RestException(404, 'expensereport not found');
313 }
314
315 if( ! DolibarrApi::_checkAccessToResource('expensereport',$this->expensereport->id)) {
316 throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
317 }
318
319 $request_data = (object) $request_data;
320
321 $request_data->desc = sanitizeVal($request_data->desc, 'restricthtml');
322 $request_data->label = sanitizeVal($request_data->label);
323
324 $updateRes = $this->expensereport->updateline(
325 $lineid,
326 $request_data->desc,
327 $request_data->subprice,
328 $request_data->qty,
329 $request_data->remise_percent,
330 $request_data->tva_tx,
331 $request_data->localtax1_tx,
332 $request_data->localtax2_tx,
333 'HT',
334 $request_data->info_bits,
335 $request_data->date_start,
336 $request_data->date_end,
337 $request_data->product_type,
338 $request_data->fk_parent_line,
339 0,
340 $request_data->fk_fournprice,
341 $request_data->pa_ht,
342 $request_data->label,
343 $request_data->special_code,
344 $request_data->array_options,
345 $request_data->fk_unit
346 );
347
348 if ($updateRes > 0) {
349 $result = $this->get($id);
350 unset($result->line);
351 return $this->_cleanObjectDatas($result);
352 }
353 return false;
354 }
355 */
356
367 /*
368 public function deleteLine($id, $lineid)
369 {
370 if(! DolibarrApiAccess::$user->rights->expensereport->creer) {
371 throw new RestException(401);
372 }
373
374 $result = $this->expensereport->fetch($id);
375 if( ! $result ) {
376 throw new RestException(404, 'expensereport not found');
377 }
378
379 if( ! DolibarrApi::_checkAccessToResource('expensereport',$this->expensereport->id)) {
380 throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
381 }
382
383 // TODO Check the lineid $lineid is a line of ojbect
384
385 $updateRes = $this->expensereport->deleteline($lineid);
386 if ($updateRes == 1) {
387 return $this->get($id);
388 }
389 return false;
390 }
391 */
392
405 public function put($id, $request_data = null)
406 {
407 if (!DolibarrApiAccess::$user->rights->expensereport->creer) {
408 throw new RestException(401);
409 }
410
411 $result = $this->expensereport->fetch($id);
412 if (!$result) {
413 throw new RestException(404, 'expensereport not found');
414 }
415
416 if (!DolibarrApi::_checkAccessToResource('expensereport', $this->expensereport->id)) {
417 throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
418 }
419 foreach ($request_data as $field => $value) {
420 if ($field == 'id') {
421 continue;
422 }
423 if ($field == 'array_options' && is_array($value)) {
424 foreach ($value as $index => $val) {
425 $this->expensereport->array_options[$index] = $this->_checkValForAPI($field, $val, $this->expensereport);
426 }
427 continue;
428 }
429 $this->expensereport->$field = $value;
430 }
431
432 if ($this->expensereport->update(DolibarrApiAccess::$user) > 0) {
433 return $this->get($id);
434 } else {
435 throw new RestException(500, $this->expensereport->error);
436 }
437 }
438
446 public function delete($id)
447 {
448 if (!DolibarrApiAccess::$user->rights->expensereport->supprimer) {
449 throw new RestException(401);
450 }
451
452 $result = $this->expensereport->fetch($id);
453 if (!$result) {
454 throw new RestException(404, 'Expense Report not found');
455 }
456
457 if (!DolibarrApi::_checkAccessToResource('expensereport', $this->expensereport->id)) {
458 throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
459 }
460
461 if (!$this->expensereport->delete(DolibarrApiAccess::$user)) {
462 throw new RestException(500, 'Error when delete Expense Report : '.$this->expensereport->error);
463 }
464
465 return array(
466 'success' => array(
467 'code' => 200,
468 'message' => 'Expense Report deleted'
469 )
470 );
471 }
472
488 /*
489 public function validate($id, $idwarehouse=0)
490 {
491 if(! DolibarrApiAccess::$user->rights->expensereport->creer) {
492 throw new RestException(401);
493 }
494
495 $result = $this->expensereport->fetch($id);
496 if( ! $result ) {
497 throw new RestException(404, 'expensereport not found');
498 }
499
500 if( ! DolibarrApi::_checkAccessToResource('expensereport',$this->expensereport->id)) {
501 throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
502 }
503
504 if( ! $this->expensereport->valid(DolibarrApiAccess::$user, $idwarehouse)) {
505 throw new RestException(500, 'Error when validate expensereport');
506 }
507
508 return array(
509 'success' => array(
510 'code' => 200,
511 'message' => 'expensereport validated'
512 )
513 );
514 }*/
515
516 // phpcs:disable PEAR.NamingConventions.ValidFunctionName.PublicUnderscore
523 protected function _cleanObjectDatas($object)
524 {
525 // phpcs:enable
526 $object = parent::_cleanObjectDatas($object);
527
528 unset($object->fk_statut);
529 unset($object->statut);
530 unset($object->user);
531 unset($object->thirdparty);
532
533 unset($object->cond_reglement);
534 unset($object->shipping_method_id);
535
536 unset($object->barcode_type);
537 unset($object->barcode_type_code);
538 unset($object->barcode_type_label);
539 unset($object->barcode_type_coder);
540
541 unset($object->code_paiement);
542 unset($object->code_statut);
543 unset($object->fk_c_paiement);
544 unset($object->fk_incoterms);
545 unset($object->label_incoterms);
546 unset($object->location_incoterms);
547 unset($object->mode_reglement_id);
548 unset($object->cond_reglement_id);
549
550 unset($object->name);
551 unset($object->lastname);
552 unset($object->firstname);
553 unset($object->civility_id);
554 unset($object->cond_reglement_id);
555 unset($object->contact);
556 unset($object->contact_id);
557
558 unset($object->state);
559 unset($object->state_id);
560 unset($object->state_code);
561 unset($object->country);
562 unset($object->country_id);
563 unset($object->country_code);
564
565 unset($object->note); // We already use note_public and note_pricate
566
567 return $object;
568 }
569
577 private function _validate($data)
578 {
579 $expensereport = array();
580 foreach (ExpenseReports::$FIELDS as $field) {
581 if (!isset($data[$field])) {
582 throw new RestException(400, "$field field missing");
583 }
584 $expensereport[$field] = $data[$field];
585 }
586 return $expensereport;
587 }
588}
DolibarrApi
Class for API REST v1.
Definition api.class.php:31
DolibarrApi\_checkAccessToResource
static _checkAccessToResource($resource, $resource_id=0, $dbtablename='', $feature2='', $dbt_keyfield='fk_soc', $dbt_select='rowid')
Check access by user to a given resource.
Definition api.class.php:282
DolibarrApi\_checkValForAPI
_checkValForAPI($field, $value, $object)
Check and convert a string depending on its type/name.
Definition api.class.php:86
ExpenseReport
Class to manage Trips and Expenses.
Definition expensereport.class.php:37
ExpenseReports\index
index($sortfield="t.rowid", $sortorder='ASC', $limit=100, $page=0, $user_ids=0, $sqlfilters='')
List Expense Reports.
Definition api_expensereports.class.php:98
ExpenseReports\_cleanObjectDatas
_cleanObjectDatas($object)
Validate an Expense Report.
Definition api_expensereports.class.php:523
ExpenseReports\_validate
_validate($data)
Validate fields before create or update object.
Definition api_expensereports.class.php:577
ExpenseReports\put
put($id, $request_data=null)
Get lines of an Expense Report.
Definition api_expensereports.class.php:405
ExpenseReports\post
post($request_data=null)
Create Expense Report object.
Definition api_expensereports.class.php:166
forgeSQLFromUniversalSearchCriteria
forgeSQLFromUniversalSearchCriteria($filter, &$errorstr='', $noand=0, $nopar=0, $noerror=0)
forgeSQLFromUniversalSearchCriteria
Definition functions.lib.php:12029
Generated on Sun Feb 2 2025 01:00:29 for dolibarr by Doxygen 1.11.0