dolibarr 19.0.4
api_tickets.class.php
1<?php
2/* Copyright (C) 2016 Jean-François Ferry <hello@librethic.io>
3 *
4 * This program is free software; you can redistribute it and/or modify
5 * it under the terms of the GNU General Public License as published by
6 * the Free Software Foundation; either version 3 of the License, or
7 * (at your option) any later version.
8 *
9 * This program is distributed in the hope that it will be useful,
10 * but WITHOUT ANY WARRANTY; without even the implied warranty of
11 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 * GNU General Public License for more details.
13 *
14 * You should have received a copy of the GNU General Public License
15 * along with this program. If not, see <https://www.gnu.org/licenses/>.
16 */
17
18 use Luracast\Restler\RestException;
19
20require_once DOL_DOCUMENT_ROOT.'/ticket/class/ticket.class.php';
21require_once DOL_DOCUMENT_ROOT.'/core/lib/ticket.lib.php';
22
23
30class Tickets extends DolibarrApi
31{
35 public static $FIELDS = array(
36 'subject',
37 'message'
38 );
39
43 public static $FIELDS_MESSAGES = array(
44 'track_id',
45 'message'
46 );
47
51 public $ticket;
52
56 public function __construct()
57 {
58 global $db;
59 $this->db = $db;
60 $this->ticket = new Ticket($this->db);
61 }
62
75 public function get($id)
76 {
77 return $this->getCommon($id, '', '');
78 }
79
94 public function getByTrackId($track_id)
95 {
96 return $this->getCommon(0, $track_id, '');
97 }
98
113 public function getByRef($ref)
114 {
115 return $this->getCommon(0, '', $ref);
116 }
117
127 private function getCommon($id = 0, $track_id = '', $ref = '')
128 {
129 if (!DolibarrApiAccess::$user->rights->ticket->read) {
130 throw new RestException(403);
131 }
132
133 // Check parameters
134 if (($id < 0) && !$track_id && !$ref) {
135 throw new RestException(401, 'Wrong parameters');
136 }
137 if ($id == 0) {
138 $result = $this->ticket->initAsSpecimen();
139 } else {
140 $result = $this->ticket->fetch($id, $ref, $track_id);
141 }
142 if (!$result) {
143 throw new RestException(404, 'Ticket not found');
144 }
145
146 // String for user assigned
147 if ($this->ticket->fk_user_assign > 0) {
148 $userStatic = new User($this->db);
149 $userStatic->fetch($this->ticket->fk_user_assign);
150 $this->ticket->fk_user_assign_string = $userStatic->firstname.' '.$userStatic->lastname;
151 }
152
153 // Messages of ticket
154 $messages = array();
155 $this->ticket->loadCacheMsgsTicket();
156 if (is_array($this->ticket->cache_msgs_ticket) && count($this->ticket->cache_msgs_ticket) > 0) {
157 $num = count($this->ticket->cache_msgs_ticket);
158 $i = 0;
159 while ($i < $num) {
160 if ($this->ticket->cache_msgs_ticket[$i]['fk_user_author'] > 0) {
161 $user_action = new User($this->db);
162 $user_action->fetch($this->ticket->cache_msgs_ticket[$i]['fk_user_author']);
163 }
164
165 // Now define messages
166 $messages[] = array(
167 'id' => $this->ticket->cache_msgs_ticket[$i]['id'],
168 'fk_user_action' => $this->ticket->cache_msgs_ticket[$i]['fk_user_author'],
169 'fk_user_action_socid' => $user_action->socid,
170 'fk_user_action_string' => dolGetFirstLastname($user_action->firstname, $user_action->lastname),
171 'message' => $this->ticket->cache_msgs_ticket[$i]['message'],
172 'datec' => $this->ticket->cache_msgs_ticket[$i]['datec'],
173 'private' => $this->ticket->cache_msgs_ticket[$i]['private']
174 );
175 $i++;
176 }
177 $this->ticket->messages = $messages;
178 }
179
180 if (!DolibarrApi::_checkAccessToResource('ticket', $this->ticket->id)) {
181 throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
182 }
183 return $this->_cleanObjectDatas($this->ticket);
184 }
185
202 public function index($socid = 0, $sortfield = "t.rowid", $sortorder = "ASC", $limit = 100, $page = 0, $sqlfilters = '', $properties = '')
203 {
204 global $db, $conf;
205
206 if (!DolibarrApiAccess::$user->rights->ticket->read) {
207 throw new RestException(403);
208 }
209
210 $obj_ret = array();
211
212 if (!$socid && DolibarrApiAccess::$user->socid) {
213 $socid = DolibarrApiAccess::$user->socid;
214 }
215
216 $search_sale = null;
217 // If the internal user must only see his customers, force searching by him
218 $search_sale = 0;
219 if (!DolibarrApiAccess::$user->rights->societe->client->voir && !$socid) {
220 $search_sale = DolibarrApiAccess::$user->id;
221 }
222
223 $sql = "SELECT t.rowid";
224 if ((!DolibarrApiAccess::$user->rights->societe->client->voir && !$socid) || $search_sale > 0) {
225 $sql .= ", sc.fk_soc, sc.fk_user"; // We need these fields in order to filter by sale (including the case where the user can only see his prospects)
226 }
227 $sql .= " FROM ".MAIN_DB_PREFIX."ticket AS t LEFT JOIN ".MAIN_DB_PREFIX."ticket_extrafields AS ef ON (ef.fk_object = t.rowid)"; // Modification VMR Global Solutions to include extrafields as search parameters in the API GET call, so we will be able to filter on extrafields
228
229 if ((!DolibarrApiAccess::$user->rights->societe->client->voir && !$socid) || $search_sale > 0) {
230 $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; // We need this table joined to the select in order to filter by sale
231 }
232
233 $sql .= ' WHERE t.entity IN ('.getEntity('ticket', 1).')';
234 if ((!DolibarrApiAccess::$user->rights->societe->client->voir && !$socid) || $search_sale > 0) {
235 $sql .= " AND t.fk_soc = sc.fk_soc";
236 }
237 if ($socid > 0) {
238 $sql .= " AND t.fk_soc = ".((int) $socid);
239 }
240 if ($search_sale > 0) {
241 $sql .= " AND t.rowid = sc.fk_soc"; // Join for the needed table to filter by sale
242 }
243
244 // Insert sale filter
245 if ($search_sale > 0) {
246 $sql .= " AND sc.fk_user = ".((int) $search_sale);
247 }
248 // Add sql filters
249 if ($sqlfilters) {
250 $errormessage = '';
251 $sql .= forgeSQLFromUniversalSearchCriteria($sqlfilters, $errormessage);
252 if ($errormessage) {
253 throw new RestException(400, 'Error when validating parameter sqlfilters -> '.$errormessage);
254 }
255 }
256
257 $sql .= $this->db->order($sortfield, $sortorder);
258
259 if ($limit) {
260 if ($page < 0) {
261 $page = 0;
262 }
263 $offset = $limit * $page;
264
265 $sql .= $this->db->plimit($limit, $offset);
266 }
267
268 $result = $this->db->query($sql);
269 if ($result) {
270 $num = $this->db->num_rows($result);
271 $i = 0;
272 while ($i < $num) {
273 $obj = $this->db->fetch_object($result);
274 $ticket_static = new Ticket($this->db);
275 if ($ticket_static->fetch($obj->rowid)) {
276 if ($ticket_static->fk_user_assign > 0) {
277 $userStatic = new User($this->db);
278 $userStatic->fetch($ticket_static->fk_user_assign);
279 $ticket_static->fk_user_assign_string = $userStatic->firstname.' '.$userStatic->lastname;
280 }
281 $obj_ret[] = $this->_filterObjectProperties($this->_cleanObjectDatas($ticket_static), $properties);
282 }
283 $i++;
284 }
285 } else {
286 throw new RestException(503, 'Error when retrieve ticket list');
287 }
288
289 return $obj_ret;
290 }
291
298 public function post($request_data = null)
299 {
300 $ticketstatic = new Ticket($this->db);
301 if (!DolibarrApiAccess::$user->rights->ticket->write) {
302 throw new RestException(401);
303 }
304 // Check mandatory fields
305 $result = $this->_validate($request_data);
306
307 foreach ($request_data as $field => $value) {
308 if ($field === 'caller') {
309 // Add a mention of caller so on trigger called after action, we can filter to avoid a loop if we try to sync back again whith the caller
310 $this->ticket->context['caller'] = $request_data['caller'];
311 continue;
312 }
313
314 $this->ticket->$field = $value;
315 }
316 if (empty($this->ticket->ref)) {
317 $this->ticket->ref = $ticketstatic->getDefaultRef();
318 }
319 if (empty($this->ticket->track_id)) {
320 $this->ticket->track_id = generate_random_id(16);
321 }
322
323 if ($this->ticket->create(DolibarrApiAccess::$user) < 0) {
324 throw new RestException(500, "Error creating ticket", array_merge(array($this->ticket->error), $this->ticket->errors));
325 }
326
327 return $this->ticket->id;
328 }
329
337 public function postNewMessage($request_data = null)
338 {
339 $ticketstatic = new Ticket($this->db);
340 if (!DolibarrApiAccess::$user->rights->ticket->write) {
341 throw new RestException(401);
342 }
343 // Check mandatory fields
344 $result = $this->_validateMessage($request_data);
345
346 foreach ($request_data as $field => $value) {
347 if ($field === 'caller') {
348 // Add a mention of caller so on trigger called after action, we can filter to avoid a loop if we try to sync back again whith the caller
349 $this->ticket->context['caller'] = $request_data['caller'];
350 continue;
351 }
352
353 $this->ticket->$field = $value;
354 }
355 $ticketMessageText = $this->ticket->message;
356 $result = $this->ticket->fetch('', '', $this->ticket->track_id);
357 if (!$result) {
358 throw new RestException(404, 'Ticket not found');
359 }
360 $this->ticket->message = $ticketMessageText;
361 if (!$this->ticket->createTicketMessage(DolibarrApiAccess::$user)) {
362 throw new RestException(500, 'Error when creating ticket');
363 }
364 return $this->ticket->id;
365 }
366
375 public function put($id, $request_data = null)
376 {
377 if (!DolibarrApiAccess::$user->rights->ticket->write) {
378 throw new RestException(401);
379 }
380
381 $result = $this->ticket->fetch($id);
382 if (!$result) {
383 throw new RestException(404, 'Ticket not found');
384 }
385
386 if (!DolibarrApi::_checkAccessToResource('ticket', $this->ticket->id)) {
387 throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
388 }
389
390 foreach ($request_data as $field => $value) {
391 if ($field === 'caller') {
392 // Add a mention of caller so on trigger called after action, we can filter to avoid a loop if we try to sync back again whith the caller
393 $this->ticket->context['caller'] = $request_data['caller'];
394 continue;
395 }
396
397 $this->ticket->$field = $value;
398 }
399
400 if ($this->ticket->update(DolibarrApiAccess::$user)) {
401 return $this->get($id);
402 }
403
404 return false;
405 }
406
414 public function delete($id)
415 {
416 if (!DolibarrApiAccess::$user->rights->ticket->delete) {
417 throw new RestException(401);
418 }
419 $result = $this->ticket->fetch($id);
420 if (!$result) {
421 throw new RestException(404, 'Ticket not found');
422 }
423
424 if (!DolibarrApi::_checkAccessToResource('ticket', $this->ticket->id)) {
425 throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
426 }
427
428 if (!$this->ticket->delete($id)) {
429 throw new RestException(500, 'Error when deleting ticket');
430 }
431
432 return array(
433 'success' => array(
434 'code' => 200,
435 'message' => 'Ticket deleted'
436 )
437 );
438 }
439
448 private function _validate($data)
449 {
450 $ticket = array();
451 foreach (Tickets::$FIELDS as $field) {
452 if (!isset($data[$field])) {
453 throw new RestException(400, "$field field missing");
454 }
455 $ticket[$field] = $data[$field];
456 }
457 return $ticket;
458 }
459
468 private function _validateMessage($data)
469 {
470 $ticket = array();
471 foreach (Tickets::$FIELDS_MESSAGES as $field) {
472 if (!isset($data[$field])) {
473 throw new RestException(400, "$field field missing");
474 }
475 $ticket[$field] = $data[$field];
476 }
477 return $ticket;
478 }
479
480 // phpcs:disable PEAR.NamingConventions.ValidFunctionName.PublicUnderscore
490 protected function _cleanObjectDatas($object)
491 {
492 // phpcs:enable
493 $object = parent::_cleanObjectDatas($object);
494
495 // Other attributes to clean
496 $attr2clean = array(
497 "contact",
498 "contact_id",
499 "ref_previous",
500 "ref_next",
501 "ref_ext",
502 "table_element_line",
503 "statut",
504 "country",
505 "country_id",
506 "country_code",
507 "barcode_type",
508 "barcode_type_code",
509 "barcode_type_label",
510 "barcode_type_coder",
511 "mode_reglement_id",
512 "cond_reglement_id",
513 "cond_reglement",
514 "fk_delivery_address",
515 "shipping_method_id",
516 "modelpdf",
517 "fk_account",
518 "note_public",
519 "note_private",
520 "note",
521 "total_ht",
522 "total_tva",
523 "total_localtax1",
524 "total_localtax2",
525 "total_ttc",
526 "fk_incoterms",
527 "label_incoterms",
528 "location_incoterms",
529 "name",
530 "lastname",
531 "firstname",
532 "civility_id",
533 "canvas",
534 "cache_msgs_ticket",
535 "cache_logs_ticket",
536 "cache_types_tickets",
537 "cache_category_tickets",
538 "regeximgext",
539 "labelStatus",
540 "labelStatusShort"
541 );
542 foreach ($attr2clean as $toclean) {
543 unset($object->$toclean);
544 }
545
546 // If object has lines, remove $db property
547 if (isset($object->lines) && count($object->lines) > 0) {
548 $nboflines = count($object->lines);
549 for ($i = 0; $i < $nboflines; $i++) {
550 $this->_cleanObjectDatas($object->lines[$i]);
551 }
552 }
553
554 // If object has linked objects, remove $db property
555 if (isset($object->linkedObjects) && count($object->linkedObjects) > 0) {
556 foreach ($object->linkedObjects as $type_object => $linked_object) {
557 foreach ($linked_object as $object2clean) {
558 $this->_cleanObjectDatas($object2clean);
559 }
560 }
561 }
562 return $object;
563 }
564}
Class for API REST v1.
Definition api.class.php:31
_filterObjectProperties($object, $properties)
Filter properties that will be returned on object.
static _checkAccessToResource($resource, $resource_id=0, $dbtablename='', $feature2='', $dbt_keyfield='fk_soc', $dbt_select='rowid')
Check access by user to a given resource.
getCommon($id=0, $track_id='', $ref='')
Get properties of a Ticket object Return an array with ticket informations.
getByRef($ref)
Get properties of a Ticket object from ref.
index($socid=0, $sortfield="t.rowid", $sortorder="ASC", $limit=100, $page=0, $sqlfilters='', $properties='')
List tickets.
__construct()
Constructor.
_cleanObjectDatas($object)
Clean sensible object datas.
postNewMessage($request_data=null)
Create ticket object.
post($request_data=null)
Create ticket object.
put($id, $request_data=null)
Update ticket.
_validateMessage($data)
Validate fields before create or update object message.
getByTrackId($track_id)
Get properties of a Ticket object from track id.
_validate($data)
Validate fields before create or update object.
Class to manage Dolibarr users.
forgeSQLFromUniversalSearchCriteria($filter, &$errorstr='', $noand=0, $nopar=0, $noerror=0)
forgeSQLFromUniversalSearchCriteria
dolGetFirstLastname($firstname, $lastname, $nameorder=-1)
Return firstname and lastname in correct order.
Class to generate the form for creating a new ticket.
generate_random_id($car=16)
Generate a random id.