90 global $conf, $db, $langs, $mysoc, $user;
95 $userClass = Defaults::$userIdentifierClass;
104 if (isset($_GET[
'api_key'])) {
106 $api_key = $_GET[
'api_key'];
108 if (isset($_GET[
'DOLAPIKEY'])) {
110 $api_key = $_GET[
'DOLAPIKEY'];
112 if (isset($_SERVER[
'HTTP_DOLAPIKEY'])) {
113 $api_key = $_SERVER[
'HTTP_DOLAPIKEY'];
115 if (preg_match(
'/^dolcrypt:/i', $api_key)) {
116 throw new RestException(503,
'Bad value for the API key. An API key should not start with dolcrypt:');
122 $sql =
"SELECT u.login, u.datec, u.api_key,";
123 $sql .=
" u.tms as date_modification, u.entity";
124 $sql .=
" FROM ".MAIN_DB_PREFIX.
"user as u";
125 $sql .=
" WHERE u.api_key = '".$this->db->escape($api_key).
"' OR u.api_key = '".$this->db->escape(
dolEncrypt($api_key,
'',
'',
'dolibarr')).
"'";
127 $result = $this->db->query($sql);
129 $nbrows = $this->db->num_rows($result);
131 $obj = $this->db->fetch_object($result);
132 $login = $obj->login;
134 $userentity = $obj->entity;
136 if (!defined(
"DOLENTITY") && $conf->entity != ($obj->entity ? $obj->entity : 1)) {
137 $conf->entity = ($obj->entity ? $obj->entity : 1);
139 dol_syslog(
"Entity was not set on http header with HTTP_DOLAPIENTITY (recommanded for performance purpose), so we switch now on entity of user (".$conf->entity.
") and we have to reload configuration.", LOG_WARNING);
140 $conf->setValues($this->db);
144 require_once DOL_DOCUMENT_ROOT.
'/societe/class/societe.class.php';
147 $fmysoc->setMysoc($conf);
150 if ($fmysoc->country_code ==
'DE' && !isset($conf->global->MAIN_INVERT_SENDER_RECIPIENT)) {
152 $conf->global->MAIN_INVERT_SENDER_RECIPIENT = 1;
154 if ($fmysoc->country_code ==
'FR' && !isset($conf->global->INVOICE_CATEGORY_OF_OPERATION)) {
156 $conf->global->INVOICE_CATEGORY_OF_OPERATION = 1;
158 if ($fmysoc->country_code ==
'FR' && !isset($conf->global->INVOICE_DISABLE_REPLACEMENT)) {
162 $conf->global->INVOICE_DISABLE_REPLACEMENT = 1;
164 if ($fmysoc->country_code ==
'GR' && !isset($conf->global->INVOICE_DISABLE_REPLACEMENT)) {
166 $conf->global->INVOICE_DISABLE_REPLACEMENT = 1;
168 if ($fmysoc->country_code ==
'GR' && !isset($conf->global->INVOICE_DISABLE_DEPOSIT)) {
170 $conf->global->INVOICE_DISABLE_DEPOSIT = 1;
173 if (($fmysoc->localtax1_assuj || $fmysoc->localtax2_assuj) && !isset($conf->global->MAIN_NO_INPUT_PRICE_WITH_TAX)) {
176 $conf->global->MAIN_NO_INPUT_PRICE_WITH_TAX = 1;
182 $langcode = (empty($conf->global->MAIN_LANG_DEFAULT) ?
'auto' : $conf->global->MAIN_LANG_DEFAULT);
183 if (!empty($user->conf->MAIN_LANG_DEFAULT)) {
184 $langcode = $user->conf->MAIN_LANG_DEFAULT;
186 if ($langs->getDefaultLang() != $langcode) {
187 $langs->setDefaultLang($langcode);
188 $langs->tab_translate = array();
189 $langs->loadLangs(array(
'main'));
192 } elseif ($nbrows > 1) {
193 throw new RestException(503,
'Error when fetching user api_key : More than 1 user with this apikey');
196 throw new RestException(503,
'Error when fetching user api_key :'.$this->db->error_msg);
199 if ($login && $stored_key != $api_key) {
200 $userClass::setCacheIdentifier($api_key);
204 $genericmessageerroruser =
'Error user not valid (not found with api key or bad status or bad validity dates) (conf->entity='.$conf->entity.
')';
207 dol_syslog(
"functions_isallowed::check_user_api_key Authentication KO for api key: Error when searching login user from api key", LOG_NOTICE);
209 throw new RestException(401, $genericmessageerroruser);
212 $fuser =
new User($this->db);
213 $result = $fuser->fetch(
'', $login,
'', 0, (empty($userentity) ? -1 : $conf->entity));
215 dol_syslog(
"functions_isallowed::check_user_api_key Authentication KO for '".$login.
"': Failed to fetch on entity", LOG_NOTICE);
217 throw new RestException(401, $genericmessageerroruser);
221 if ($fuser->status != $fuser::STATUS_ENABLED) {
223 dol_syslog(
"functions_isallowed::check_user_api_key Authentication KO for '".$login.
"': The user has been disabled", LOG_NOTICE);
225 throw new RestException(401, $genericmessageerroruser);
229 if (($fuser->flagdelsessionsbefore && !empty($_SESSION[
"dol_logindate"]) && $fuser->flagdelsessionsbefore > $_SESSION[
"dol_logindate"])) {
231 dol_syslog(
"functions_isallowed::check_user_api_key Authentication KO for '".$login.
"': The user has a date for session invalidation = ".$fuser->flagdelsessionsbefore.
" and a session date = ".$_SESSION[
"dol_logindate"].
". We must invalidate its sessions.");
233 throw new RestException(401, $genericmessageerroruser);
237 if ($fuser->isNotIntoValidityDateRange()) {
239 dol_syslog(
"functions_isallowed::check_user_api_key Authentication KO for '".$login.
"': The user login has a validity between [".$fuser->datestartvalidity.
" and ".$fuser->dateendvalidity.
"], curren date is ".
dol_now());
241 throw new RestException(401, $genericmessageerroruser);
248 static::$user = $fuser;
254 static::$role =
'external';
258 static::$role =
'admin';
261 throw new RestException(401,
"Failed to login to API. No parameter 'HTTP_DOLAPIKEY' on HTTP header (and no parameter DOLAPIKEY in URL).");
264 $userClass::setCacheIdentifier(static::$role);
265 Resources::$accessControlFunction =
'DolibarrApiAccess::verifyAccess';
266 $requirefortest = static::$requires;
267 if (!is_array($requirefortest)) {
268 $requirefortest = explode(
',', $requirefortest);
270 return in_array(static::$role, (array) $requirefortest) || static::$role ==
'admin';