dolibarr 20.0.2
api_warehouses.class.php
1<?php
2/* Copyright (C) 2016 Laurent Destailleur <eldy@users.sourceforge.net>
3 *
4 * This program is free software; you can redistribute it and/or modify
5 * it under the terms of the GNU General Public License as published by
6 * the Free Software Foundation; either version 3 of the License, or
7 * (at your option) any later version.
8 *
9 * This program is distributed in the hope that it will be useful,
10 * but WITHOUT ANY WARRANTY; without even the implied warranty of
11 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 * GNU General Public License for more details.
13 *
14 * You should have received a copy of the GNU General Public License
15 * along with this program. If not, see <https://www.gnu.org/licenses/>.
16 */
17
18 use Luracast\Restler\RestException;
19
20 require_once DOL_DOCUMENT_ROOT.'/product/stock/class/entrepot.class.php';
21 require_once DOL_DOCUMENT_ROOT.'/product/class/product.class.php';
22
30{
34 public static $FIELDS = array(
35 'label',
36 );
37
41 public $warehouse;
42
46 public function __construct()
47 {
48 global $db, $conf;
49 $this->db = $db;
50 $this->warehouse = new Entrepot($this->db);
51 }
52
63 public function get($id)
64 {
65 if (!DolibarrApiAccess::$user->hasRight('stock', 'lire')) {
66 throw new RestException(403);
67 }
68
69 $result = $this->warehouse->fetch($id);
70 if (!$result) {
71 throw new RestException(404, 'warehouse not found');
72 }
73
74 if (!DolibarrApi::_checkAccessToResource('stock', $this->warehouse->id, 'entrepot')) {
75 throw new RestException(403, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
76 }
77
78 return $this->_cleanObjectDatas($this->warehouse);
79 }
80
97 public function index($sortfield = "t.rowid", $sortorder = 'ASC', $limit = 100, $page = 0, $category = 0, $sqlfilters = '', $properties = '')
98 {
99 global $db, $conf;
100
101 $obj_ret = array();
102
103 if (!DolibarrApiAccess::$user->hasRight('stock', 'lire')) {
104 throw new RestException(403);
105 }
106
107 $sql = "SELECT t.rowid";
108 $sql .= " FROM ".MAIN_DB_PREFIX."entrepot AS t LEFT JOIN ".MAIN_DB_PREFIX."entrepot_extrafields AS ef ON (ef.fk_object = t.rowid)"; // Modification VMR Global Solutions to include extrafields as search parameters in the API GET call, so we will be able to filter on extrafields
109 if ($category > 0) {
110 $sql .= ", ".$this->db->prefix()."categorie_warehouse as c";
111 }
112 $sql .= ' WHERE t.entity IN ('.getEntity('stock').')';
113 // Select warehouses of given category
114 if ($category > 0) {
115 $sql .= " AND c.fk_categorie = ".((int) $category);
116 $sql .= " AND c.fk_warehouse = t.rowid ";
117 }
118 // Add sql filters
119 if ($sqlfilters) {
120 $errormessage = '';
121 $sql .= forgeSQLFromUniversalSearchCriteria($sqlfilters, $errormessage);
122 if ($errormessage) {
123 throw new RestException(400, 'Error when validating parameter sqlfilters -> '.$errormessage);
124 }
125 }
126
127 $sql .= $this->db->order($sortfield, $sortorder);
128 if ($limit) {
129 if ($page < 0) {
130 $page = 0;
131 }
132 $offset = $limit * $page;
133
134 $sql .= $this->db->plimit($limit + 1, $offset);
135 }
136
137 $result = $this->db->query($sql);
138 if ($result) {
139 $i = 0;
140 $num = $this->db->num_rows($result);
141 $min = min($num, ($limit <= 0 ? $num : $limit));
142 while ($i < $min) {
143 $obj = $this->db->fetch_object($result);
144 $warehouse_static = new Entrepot($this->db);
145 if ($warehouse_static->fetch($obj->rowid)) {
146 $obj_ret[] = $this->_filterObjectProperties($this->_cleanObjectDatas($warehouse_static), $properties);
147 }
148 $i++;
149 }
150 } else {
151 throw new RestException(503, 'Error when retrieve warehouse list : '.$this->db->lasterror());
152 }
153
154 return $obj_ret;
155 }
156
157
164 public function post($request_data = null)
165 {
166 if (!DolibarrApiAccess::$user->hasRight('stock', 'creer')) {
167 throw new RestException(403);
168 }
169
170 // Check mandatory fields
171 $result = $this->_validate($request_data);
172
173 foreach ($request_data as $field => $value) {
174 if ($field === 'caller') {
175 // Add a mention of caller so on trigger called after action, we can filter to avoid a loop if we try to sync back again with the caller
176 $this->warehouse->context['caller'] = sanitizeVal($request_data['caller'], 'aZ09');
177 continue;
178 }
179
180 $this->warehouse->$field = $this->_checkValForAPI($field, $value, $this->warehouse);
181 }
182 if ($this->warehouse->create(DolibarrApiAccess::$user) < 0) {
183 throw new RestException(500, "Error creating warehouse", array_merge(array($this->warehouse->error), $this->warehouse->errors));
184 }
185 return $this->warehouse->id;
186 }
187
195 public function put($id, $request_data = null)
196 {
197 if (!DolibarrApiAccess::$user->hasRight('stock', 'creer')) {
198 throw new RestException(403);
199 }
200
201 $result = $this->warehouse->fetch($id);
202 if (!$result) {
203 throw new RestException(404, 'warehouse not found');
204 }
205
206 if (!DolibarrApi::_checkAccessToResource('stock', $this->warehouse->id)) {
207 throw new RestException(403, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
208 }
209
210 foreach ($request_data as $field => $value) {
211 if ($field == 'id') {
212 continue;
213 }
214 if ($field === 'caller') {
215 // Add a mention of caller so on trigger called after action, we can filter to avoid a loop if we try to sync back again with the caller
216 $this->warehouse->context['caller'] = sanitizeVal($request_data['caller'], 'aZ09');
217 continue;
218 }
219
220 $this->warehouse->$field = $this->_checkValForAPI($field, $value, $this->warehouse);
221 }
222
223 if ($this->warehouse->update($id, DolibarrApiAccess::$user)) {
224 return $this->get($id);
225 } else {
226 throw new RestException(500, $this->warehouse->error);
227 }
228 }
229
236 public function delete($id)
237 {
238 if (!DolibarrApiAccess::$user->hasRight('stock', 'supprimer')) {
239 throw new RestException(403);
240 }
241 $result = $this->warehouse->fetch($id);
242 if (!$result) {
243 throw new RestException(404, 'warehouse not found');
244 }
245
246 if (!DolibarrApi::_checkAccessToResource('stock', $this->warehouse->id)) {
247 throw new RestException(403, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
248 }
249
250 if (!$this->warehouse->delete(DolibarrApiAccess::$user)) {
251 throw new RestException(403, 'error when delete warehouse');
252 }
253
254 return array(
255 'success' => array(
256 'code' => 200,
257 'message' => 'Warehouse deleted'
258 )
259 );
260 }
261
262
263 // phpcs:disable PEAR.NamingConventions.ValidFunctionName.PublicUnderscore
270 protected function _cleanObjectDatas($object)
271 {
272 // phpcs:enable
273 $object = parent::_cleanObjectDatas($object);
274
275 // Remove the subscriptions because they are handled as a subresource.
276 //unset($object->subscriptions);
277
278 return $object;
279 }
280
281
290 private function _validate($data)
291 {
292 $warehouse = array();
293 foreach (Warehouses::$FIELDS as $field) {
294 if (!isset($data[$field])) {
295 throw new RestException(400, "$field field missing");
296 }
297 $warehouse[$field] = $data[$field];
298 }
299 return $warehouse;
300 }
301}
if( $user->socid > 0) if(! $user->hasRight('accounting', 'chartofaccount')) $object
Definition card.php:58
Class for API REST v1.
Definition api.class.php:30
_filterObjectProperties($object, $properties)
Filter properties that will be returned on object.
static _checkAccessToResource($resource, $resource_id=0, $dbtablename='', $feature2='', $dbt_keyfield='fk_soc', $dbt_select='rowid')
Check access by user to a given resource.
_checkValForAPI($field, $value, $object)
Check and convert a string depending on its type/name.
Definition api.class.php:82
Class to manage warehouses.
_validate($data)
Validate fields before create or update object.
_cleanObjectDatas($object)
Clean sensible object datas.
index($sortfield="t.rowid", $sortorder='ASC', $limit=100, $page=0, $category=0, $sqlfilters='', $properties='')
List warehouses.
__construct()
Constructor.
put($id, $request_data=null)
Update warehouse.
post($request_data=null)
Create warehouse object.
forgeSQLFromUniversalSearchCriteria($filter, &$errorstr='', $noand=0, $nopar=0, $noerror=0)
forgeSQLFromUniversalSearchCriteria
sanitizeVal($out='', $check='alphanohtml', $filter=null, $options=null)
Return a sanitized or empty value after checking value against a rule.