dolibarr 20.0.2
api_interventions.class.php
Go to the documentation of this file.
1<?php
2/* Copyright (C) 2015 Jean-François Ferry <jfefe@aternatik.fr>
3 * Copyright (C) 2016 Laurent Destailleur <eldy@users.sourceforge.net>
4 *
5 * This program is free software; you can redistribute it and/or modify
6 * it under the terms of the GNU General Public License as published by
7 * the Free Software Foundation; either version 3 of the License, or
8 * (at your option) any later version.
9 *
10 * This program is distributed in the hope that it will be useful,
11 * but WITHOUT ANY WARRANTY; without even the implied warranty of
12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
13 * GNU General Public License for more details.
14 *
15 * You should have received a copy of the GNU General Public License
16 * along with this program. If not, see <https://www.gnu.org/licenses/>.
17 */
18
24use Luracast\Restler\RestException;
25
26require_once DOL_DOCUMENT_ROOT.'/fichinter/class/fichinter.class.php';
27
28
36{
40 public static $FIELDS = array(
41 'socid',
42 'fk_project',
43 'description',
44 );
45
49 public static $FIELDSLINE = array(
50 'description',
51 'date',
52 'duree',
53 );
54
58 public $fichinter;
59
63 public function __construct()
64 {
65 global $db, $conf;
66 $this->db = $db;
67 $this->fichinter = new Fichinter($this->db);
68 }
69
79 public function get($id)
80 {
81 if (!DolibarrApiAccess::$user->hasRight('ficheinter', 'lire')) {
82 throw new RestException(403);
83 }
84
85 $result = $this->fichinter->fetch($id);
86 if (!$result) {
87 throw new RestException(404, 'Intervention not found');
88 }
89
90 if (!DolibarrApi::_checkAccessToResource('fichinter', $this->fichinter->id)) {
91 throw new RestException(403, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
92 }
93
94 $this->fichinter->fetchObjectLinked();
95 return $this->_cleanObjectDatas($this->fichinter);
96 }
97
113 public function index($sortfield = "t.rowid", $sortorder = 'ASC', $limit = 100, $page = 0, $thirdparty_ids = '', $sqlfilters = '', $properties = '')
114 {
115 if (!DolibarrApiAccess::$user->hasRight('ficheinter', 'lire')) {
116 throw new RestException(403);
117 }
118
119 $obj_ret = array();
120
121 // case of external user, $thirdparty_ids param is ignored and replaced by user's socid
122 $socids = DolibarrApiAccess::$user->socid ? DolibarrApiAccess::$user->socid : $thirdparty_ids;
123
124 // If the internal user must only see his customers, force searching by him
125 $search_sale = 0;
126 if (!DolibarrApiAccess::$user->hasRight('societe', 'client', 'voir') && !$socids) {
127 $search_sale = DolibarrApiAccess::$user->id;
128 }
129
130 $sql = "SELECT t.rowid";
131 $sql .= " FROM ".MAIN_DB_PREFIX."fichinter AS t LEFT JOIN ".MAIN_DB_PREFIX."fichinter_extrafields AS ef ON (ef.fk_object = t.rowid)"; // Modification VMR Global Solutions to include extrafields as search parameters in the API GET call, so we will be able to filter on extrafields
132 $sql .= ' WHERE t.entity IN ('.getEntity('intervention').')';
133 if ($socids) {
134 $sql .= " AND t.fk_soc IN (".$this->db->sanitize($socids).")";
135 }
136 // Search on sale representative
137 if ($search_sale && $search_sale != '-1') {
138 if ($search_sale == -2) {
139 $sql .= " AND NOT EXISTS (SELECT sc.fk_soc FROM ".MAIN_DB_PREFIX."societe_commerciaux as sc WHERE sc.fk_soc = t.fk_soc)";
140 } elseif ($search_sale > 0) {
141 $sql .= " AND EXISTS (SELECT sc.fk_soc FROM ".MAIN_DB_PREFIX."societe_commerciaux as sc WHERE sc.fk_soc = t.fk_soc AND sc.fk_user = ".((int) $search_sale).")";
142 }
143 }
144 // Add sql filters
145 if ($sqlfilters) {
146 $errormessage = '';
147 $sql .= forgeSQLFromUniversalSearchCriteria($sqlfilters, $errormessage);
148 if ($errormessage) {
149 throw new RestException(400, 'Error when validating parameter sqlfilters -> '.$errormessage);
150 }
151 }
152
153 $sql .= $this->db->order($sortfield, $sortorder);
154 if ($limit) {
155 if ($page < 0) {
156 $page = 0;
157 }
158 $offset = $limit * $page;
159
160 $sql .= $this->db->plimit($limit + 1, $offset);
161 }
162
163 dol_syslog("API Rest request");
164 $result = $this->db->query($sql);
165
166 if ($result) {
167 $num = $this->db->num_rows($result);
168 $min = min($num, ($limit <= 0 ? $num : $limit));
169 $i = 0;
170 while ($i < $min) {
171 $obj = $this->db->fetch_object($result);
172 $fichinter_static = new Fichinter($this->db);
173 if ($fichinter_static->fetch($obj->rowid)) {
174 $obj_ret[] = $this->_filterObjectProperties($this->_cleanObjectDatas($fichinter_static), $properties);
175 }
176 $i++;
177 }
178 } else {
179 throw new RestException(503, 'Error when retrieve intervention list : '.$this->db->lasterror());
180 }
181
182 return $obj_ret;
183 }
184
191 public function post($request_data = null)
192 {
193 if (!DolibarrApiAccess::$user->hasRight('ficheinter', 'creer')) {
194 throw new RestException(403, "Insuffisant rights");
195 }
196 // Check mandatory fields
197 $result = $this->_validate($request_data);
198 foreach ($request_data as $field => $value) {
199 if ($field === 'caller') {
200 // Add a mention of caller so on trigger called after action, we can filter to avoid a loop if we try to sync back again with the caller
201 $this->fichinter->context['caller'] = sanitizeVal($request_data['caller'], 'aZ09');
202 continue;
203 }
204
205 $this->fichinter->$field = $this->_checkValForAPI($field, $value, $this->fichinter);
206 }
207
208 if ($this->fichinter->create(DolibarrApiAccess::$user) < 0) {
209 throw new RestException(500, "Error creating intervention", array_merge(array($this->fichinter->error), $this->fichinter->errors));
210 }
211
212 return $this->fichinter->id;
213 }
214
215
225 /* TODO
226 public function getLines($id)
227 {
228 if(! DolibarrApiAccess::$user->hasRight('ficheinter', 'lire')) {
229 throw new RestException(403);
230 }
231
232 $result = $this->fichinter->fetch($id);
233 if( ! $result ) {
234 throw new RestException(404, 'Intervention not found');
235 }
236
237 if( ! DolibarrApi::_checkAccessToResource('fichinter',$this->fichinter->id)) {
238 throw new RestException(403, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
239 }
240 $this->fichinter->getLinesArray();
241 $result = array();
242 foreach ($this->fichinter->lines as $line) {
243 array_push($result,$this->_cleanObjectDatas($line));
244 }
245 return $result;
246 }
247 */
248
259 public function postLine($id, $request_data = null)
260 {
261 if (!DolibarrApiAccess::$user->hasRight('ficheinter', 'creer')) {
262 throw new RestException(403, "Insuffisant rights");
263 }
264 // Check mandatory fields
265 $result = $this->_validateLine($request_data);
266
267 foreach ($request_data as $field => $value) {
268 if ($field === 'caller') {
269 // Add a mention of caller so on trigger called after action, we can filter to avoid a loop if we try to sync back again with the caller
270 $this->fichinter->context['caller'] = sanitizeVal($request_data['caller'], 'aZ09');
271 continue;
272 }
273
274 $this->fichinter->$field = $this->_checkValForAPI($field, $value, $this->fichinter);
275 }
276
277 if (!$result) {
278 throw new RestException(404, 'Intervention not found');
279 }
280
281 if (!DolibarrApi::_checkAccessToResource('fichinter', $this->fichinter->id)) {
282 throw new RestException(403, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
283 }
284
285 $updateRes = $this->fichinter->addLine(
286 DolibarrApiAccess::$user,
287 $id,
288 $this->fichinter->description,
289 $this->fichinter->date,
290 $this->fichinter->duree
291 );
292
293 if ($updateRes > 0) {
294 return $updateRes;
295 } else {
296 throw new RestException(400, $this->fichinter->error);
297 }
298 }
299
306 public function delete($id)
307 {
308 if (!DolibarrApiAccess::$user->hasRight('ficheinter', 'supprimer')) {
309 throw new RestException(403);
310 }
311 $result = $this->fichinter->fetch($id);
312 if (!$result) {
313 throw new RestException(404, 'Intervention not found');
314 }
315
316 if (!DolibarrApi::_checkAccessToResource('fichinter', $this->fichinter->id)) {
317 throw new RestException(403, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
318 }
319
320 if (!$this->fichinter->delete(DolibarrApiAccess::$user)) {
321 throw new RestException(500, 'Error when delete intervention : '.$this->fichinter->error);
322 }
323
324 return array(
325 'success' => array(
326 'code' => 200,
327 'message' => 'Intervention deleted'
328 )
329 );
330 }
331
347 public function validate($id, $notrigger = 0)
348 {
349 if (!DolibarrApiAccess::$user->hasRight('ficheinter', 'creer')) {
350 throw new RestException(403, "Insuffisant rights");
351 }
352 $result = $this->fichinter->fetch($id);
353 if (!$result) {
354 throw new RestException(404, 'Intervention not found');
355 }
356
357 if (!DolibarrApi::_checkAccessToResource('fichinter', $this->fichinter->id)) {
358 throw new RestException(403, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
359 }
360
361 $result = $this->fichinter->setValid(DolibarrApiAccess::$user, $notrigger);
362 if ($result == 0) {
363 throw new RestException(304, 'Error nothing done. May be object is already validated');
364 }
365 if ($result < 0) {
366 throw new RestException(500, 'Error when validating Intervention: '.$this->fichinter->error);
367 }
368
369 $this->fichinter->fetchObjectLinked();
370
371 return $this->_cleanObjectDatas($this->fichinter);
372 }
373
383 public function closeFichinter($id)
384 {
385 if (!DolibarrApiAccess::$user->hasRight('ficheinter', 'creer')) {
386 throw new RestException(403, "Insuffisant rights");
387 }
388 $result = $this->fichinter->fetch($id);
389 if (!$result) {
390 throw new RestException(404, 'Intervention not found');
391 }
392
393 if (!DolibarrApi::_checkAccessToResource('fichinter', $this->fichinter->id)) {
394 throw new RestException(403, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
395 }
396
397 $result = $this->fichinter->setStatut(3);
398
399 if ($result == 0) {
400 throw new RestException(304, 'Error nothing done. May be object is already closed');
401 }
402 if ($result < 0) {
403 throw new RestException(500, 'Error when closing Intervention: '.$this->fichinter->error);
404 }
405
406 $this->fichinter->fetchObjectLinked();
407
408 return $this->_cleanObjectDatas($this->fichinter);
409 }
410
419 private function _validate($data)
420 {
421 $fichinter = array();
422 foreach (Interventions::$FIELDS as $field) {
423 if (!isset($data[$field])) {
424 throw new RestException(400, "$field field missing");
425 }
426 $fichinter[$field] = $data[$field];
427 }
428 return $fichinter;
429 }
430
431
432 // phpcs:disable PEAR.NamingConventions.ValidFunctionName.PublicUnderscore
439 protected function _cleanObjectDatas($object)
440 {
441 // phpcs:enable
442 $object = parent::_cleanObjectDatas($object);
443
444 unset($object->labelStatus);
445 unset($object->labelStatusShort);
446
447 return $object;
448 }
449
458 private function _validateLine($data)
459 {
460 $fichinter = array();
461 foreach (Interventions::$FIELDSLINE as $field) {
462 if (!isset($data[$field])) {
463 throw new RestException(400, "$field field missing");
464 }
465 $fichinter[$field] = $data[$field];
466 }
467 return $fichinter;
468 }
469}
if( $user->socid > 0) if(! $user->hasRight('accounting', 'chartofaccount')) $object
Definition card.php:58
Class for API REST v1.
Definition api.class.php:30
_filterObjectProperties($object, $properties)
Filter properties that will be returned on object.
static _checkAccessToResource($resource, $resource_id=0, $dbtablename='', $feature2='', $dbt_keyfield='fk_soc', $dbt_select='rowid')
Check access by user to a given resource.
_checkValForAPI($field, $value, $object)
Check and convert a string depending on its type/name.
Definition api.class.php:82
Class to manage interventions.
index($sortfield="t.rowid", $sortorder='ASC', $limit=100, $page=0, $thirdparty_ids='', $sqlfilters='', $properties='')
List of interventions Return a list of interventions.
_cleanObjectDatas($object)
Clean sensible object datas.
validate($id, $notrigger=0)
Validate an intervention.
_validateLine($data)
Validate fields before create or update object.
post($request_data=null)
Create intervention object.
closeFichinter($id)
Close an intervention.
_validate($data)
Validate fields before create or update object.
postLine($id, $request_data=null)
Get lines of an intervention.
forgeSQLFromUniversalSearchCriteria($filter, &$errorstr='', $noand=0, $nopar=0, $noerror=0)
forgeSQLFromUniversalSearchCriteria
sanitizeVal($out='', $check='alphanohtml', $filter=null, $options=null)
Return a sanitized or empty value after checking value against a rule.
dol_syslog($message, $level=LOG_INFO, $ident=0, $suffixinfilename='', $restricttologhandler='', $logcontext=null)
Write log message into outputs.