dolibarr 22.0.5
api_orders.class.php
1<?php
2/* Copyright (C) 2015 Jean-François Ferry <jfefe@aternatik.fr>
3 * Copyright (C) 2016 Laurent Destailleur <eldy@users.sourceforge.net>
4 * Copyright (C) 2024 Frédéric France <frederic.france@free.fr>
5 * Copyright (C) 2025 MDW <mdeweerd@users.noreply.github.com>
6 *
7 * This program is free software; you can redistribute it and/or modify
8 * it under the terms of the GNU General Public License as published by
9 * the Free Software Foundation; either version 3 of the License, or
10 * (at your option) any later version.
11 *
12 * This program is distributed in the hope that it will be useful,
13 * but WITHOUT ANY WARRANTY; without even the implied warranty of
14 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15 * GNU General Public License for more details.
16 *
17 * You should have received a copy of the GNU General Public License
18 * along with this program. If not, see <https://www.gnu.org/licenses/>.
19 */
20
21use Luracast\Restler\RestException;
22
23require_once DOL_DOCUMENT_ROOT.'/commande/class/commande.class.php';
24
31class Orders extends DolibarrApi
32{
36 public static $FIELDS = array(
37 'socid',
38 'date'
39 );
40
44 public $commande;
45
49 public function __construct()
50 {
51 global $db;
52
53 $this->db = $db;
54 $this->commande = new Commande($this->db);
55 }
56
68 public function get($id, $contact_list = -1)
69 {
70 return $this->_fetch($id, '', '', $contact_list);
71 }
72
86 public function getByRef($ref, $contact_list = -1)
87 {
88 return $this->_fetch(0, $ref, '', $contact_list);
89 }
90
104 public function getByRefExt($ref_ext, $contact_list = -1)
105 {
106 return $this->_fetch(0, '', $ref_ext, $contact_list);
107 }
108
122 private function _fetch($id, $ref = '', $ref_ext = '', $contact_list = -1)
123 {
124 if (!DolibarrApiAccess::$user->hasRight('commande', 'lire')) {
125 throw new RestException(403);
126 }
127
128 $result = $this->commande->fetch($id, $ref, $ref_ext);
129 if (!$result) {
130 throw new RestException(404, 'Order not found');
131 }
132
133 if (!DolibarrApi::_checkAccessToResource('commande', $this->commande->id)) {
134 throw new RestException(403, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
135 }
136
137 if ($contact_list > -1) {
138 // Add external contacts ids
139 $tmparray = $this->commande->liste_contact(-1, 'external', $contact_list);
140 if (is_array($tmparray)) {
141 $this->commande->contacts_ids = $tmparray;
142 }
143 $tmparray = $this->commande->liste_contact(-1, 'internal', $contact_list);
144 if (is_array($tmparray)) {
145 $this->commande->contacts_ids_internal = $tmparray;
146 }
147 }
148
149 $this->commande->fetchObjectLinked();
150
151 // Add online_payment_url, cf #20477
152 require_once DOL_DOCUMENT_ROOT.'/core/lib/payments.lib.php';
153 $this->commande->online_payment_url = getOnlinePaymentUrl(0, 'order', $this->commande->ref);
154
155 return $this->_cleanObjectDatas($this->commande);
156 }
157
180 public function index($sortfield = "t.rowid", $sortorder = 'ASC', $limit = 100, $page = 0, $thirdparty_ids = '', $sqlfilters = '', $sqlfilterlines = '', $properties = '', $pagination_data = false, $loadlinkedobjects = 0)
181 {
182 if (!DolibarrApiAccess::$user->hasRight('commande', 'lire')) {
183 throw new RestException(403);
184 }
185
186 $obj_ret = array();
187
188 // case of external user, $thirdparty_ids param is ignored and replaced by user's socid
189 $socids = DolibarrApiAccess::$user->socid ?: $thirdparty_ids;
190
191 // If the internal user must only see his customers, force searching by him
192 $search_sale = 0;
193 if (!DolibarrApiAccess::$user->hasRight('societe', 'client', 'voir') && !$socids) {
194 $search_sale = DolibarrApiAccess::$user->id;
195 }
196
197 $sql = "SELECT t.rowid";
198 $sql .= " FROM ".MAIN_DB_PREFIX."commande AS t";
199 $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."commande_extrafields AS ef ON (ef.fk_object = t.rowid)"; // Modification VMR Global Solutions to include extrafields as search parameters in the API GET call, so we will be able to filter on extrafields
200 $sql .= ' WHERE t.entity IN ('.getEntity('commande').')';
201 if ($socids) {
202 $sql .= " AND t.fk_soc IN (".$this->db->sanitize($socids).")";
203 }
204 // Search on sale representative
205 if ($search_sale && $search_sale != '-1') {
206 if ($search_sale == -2) {
207 $sql .= " AND NOT EXISTS (SELECT sc.fk_soc FROM ".MAIN_DB_PREFIX."societe_commerciaux as sc WHERE sc.fk_soc = t.fk_soc)";
208 } elseif ($search_sale > 0) {
209 $sql .= " AND EXISTS (SELECT sc.fk_soc FROM ".MAIN_DB_PREFIX."societe_commerciaux as sc WHERE sc.fk_soc = t.fk_soc AND sc.fk_user = ".((int) $search_sale).")";
210 }
211 }
212 // Add sql filters
213 if ($sqlfilters) {
214 $errormessage = '';
215 $sql .= forgeSQLFromUniversalSearchCriteria($sqlfilters, $errormessage);
216 if ($errormessage) {
217 throw new RestException(400, 'Error when validating parameter sqlfilters -> '.$errormessage);
218 }
219 }
220 // Add sql filters for lines
221 if ($sqlfilterlines) {
222 $errormessage = '';
223 $sql .= " AND EXISTS (SELECT tl.rowid FROM ".MAIN_DB_PREFIX."commandedet AS tl WHERE tl.fk_commande = t.rowid";
224 $sql .= forgeSQLFromUniversalSearchCriteria($sqlfilterlines, $errormessage);
225 $sql .= ")";
226 if ($errormessage) {
227 throw new RestException(400, 'Error when validating parameter sqlfilterlines -> '.$errormessage);
228 }
229 }
230
231 //this query will return total orders with the filters given
232 $sqlTotals = str_replace('SELECT t.rowid', 'SELECT count(t.rowid) as total', $sql);
233
234 $sql .= $this->db->order($sortfield, $sortorder);
235 if ($limit) {
236 if ($page < 0) {
237 $page = 0;
238 }
239 $offset = $limit * $page;
240
241 $sql .= $this->db->plimit($limit + 1, $offset);
242 }
243
244 dol_syslog("API Rest request");
245 $result = $this->db->query($sql);
246
247 if ($result) {
248 $num = $this->db->num_rows($result);
249 $min = min($num, ($limit <= 0 ? $num : $limit));
250 $i = 0;
251 while ($i < $min) {
252 $obj = $this->db->fetch_object($result);
253 $commande_static = new Commande($this->db);
254 if ($commande_static->fetch($obj->rowid) > 0) {
255 // Add external contacts ids
256 $tmparray = $commande_static->liste_contact(-1, 'external', 1);
257 if (is_array($tmparray)) {
258 $commande_static->contacts_ids = $tmparray;
259 }
260
261 if ($loadlinkedobjects) {
262 // retrieve linked objects
263 $commande_static->fetchObjectLinked();
264 }
265
266 // Add online_payment_url, cf #20477
267 require_once DOL_DOCUMENT_ROOT.'/core/lib/payments.lib.php';
268 $commande_static->online_payment_url = getOnlinePaymentUrl(0, 'order', $commande_static->ref);
269
270 $obj_ret[] = $this->_filterObjectProperties($this->_cleanObjectDatas($commande_static), $properties);
271 }
272 $i++;
273 }
274 } else {
275 throw new RestException(503, 'Error when retrieve commande list : '.$this->db->lasterror());
276 }
277
278 //if $pagination_data is true the response will contain element data with all values and element pagination with pagination data(total,page,limit)
279 if ($pagination_data) {
280 $totalsResult = $this->db->query($sqlTotals);
281 $total = $this->db->fetch_object($totalsResult)->total;
282
283 $tmp = $obj_ret;
284 $obj_ret = [];
285
286 $obj_ret['data'] = $tmp;
287 $obj_ret['pagination'] = [
288 'total' => (int) $total,
289 'page' => $page, //count starts from 0
290 'page_count' => ceil((int) $total / $limit),
291 'limit' => $limit
292 ];
293 }
294
295 return $obj_ret;
296 }
297
308 public function post($request_data = null)
309 {
310 if (!DolibarrApiAccess::$user->hasRight('commande', 'creer')) {
311 throw new RestException(403, "Insuffisant rights");
312 }
313 // Check mandatory fields
314 $result = $this->_validate($request_data);
315
316 foreach ($request_data as $field => $value) {
317 if ($field === 'caller') {
318 // Add a mention of caller so on trigger called after action, we can filter to avoid a loop if we try to sync back again with the caller
319 $this->commande->context['caller'] = sanitizeVal($request_data['caller'], 'aZ09');
320 continue;
321 }
322
323 $this->commande->$field = $this->_checkValForAPI($field, $value, $this->commande);
324 }
325 /*if (isset($request_data["lines"])) {
326 $lines = array();
327 foreach ($request_data["lines"] as $line) {
328 array_push($lines, (object) $line);
329 }
330 $this->commande->lines = $lines;
331 }*/
332
333 if ($this->commande->create(DolibarrApiAccess::$user) < 0) {
334 throw new RestException(500, "Error creating order", array_merge(array($this->commande->error), $this->commande->errors));
335 }
336
337 return ((int) $this->commande->id);
338 }
339
351 public function getLines($id)
352 {
353 if (!DolibarrApiAccess::$user->hasRight('commande', 'lire')) {
354 throw new RestException(403);
355 }
356
357 $result = $this->commande->fetch($id);
358 if (!$result) {
359 throw new RestException(404, 'Order not found');
360 }
361
362 if (!DolibarrApi::_checkAccessToResource('commande', $this->commande->id)) {
363 throw new RestException(403, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
364 }
365 $this->commande->getLinesArray();
366 $result = array();
367 foreach ($this->commande->lines as $line) {
368 array_push($result, $this->_cleanObjectDatas($line));
369 }
370 return $result;
371 }
372
384 public function getLine($id, $lineid, $properties = '')
385 {
386 if (!DolibarrApiAccess::$user->hasRight('commande', 'lire')) {
387 throw new RestException(403);
388 }
389
390 $result = $this->commande->fetch($id);
391 if (!$result) {
392 throw new RestException(404, 'Order not found');
393 }
394
395 if (!DolibarrApi::_checkAccessToResource('commande', $this->commande->id)) {
396 throw new RestException(403, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
397 }
398
399 $this->commande->fetch_lines();
400 foreach ($this->commande->lines as $line) {
401 if ($line->id == $lineid) {
402 return $this->_filterObjectProperties($this->_cleanObjectDatas($line), $properties);
403 }
404 }
405 throw new RestException(404, 'Line not found');
406 }
407
420 public function postLine($id, $request_data = null)
421 {
422 if (!DolibarrApiAccess::$user->hasRight('commande', 'creer')) {
423 throw new RestException(403);
424 }
425
426 $result = $this->commande->fetch($id);
427 if (!$result) {
428 throw new RestException(404, 'Order not found');
429 }
430
431 if (!DolibarrApi::_checkAccessToResource('commande', $this->commande->id)) {
432 throw new RestException(403, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
433 }
434
435 $request_data = (object) $request_data;
436
437 $request_data->desc = sanitizeVal($request_data->desc, 'restricthtml');
438 $request_data->label = sanitizeVal($request_data->label);
439
440 $updateRes = $this->commande->addline(
441 $request_data->desc,
442 $request_data->subprice,
443 $request_data->qty,
444 $request_data->tva_tx,
445 $request_data->localtax1_tx,
446 $request_data->localtax2_tx,
447 $request_data->fk_product,
448 $request_data->remise_percent,
449 $request_data->info_bits,
450 $request_data->fk_remise_except,
451 $request_data->price_base_type ? $request_data->price_base_type : 'HT',
452 $request_data->subprice,
453 $request_data->date_start,
454 $request_data->date_end,
455 $request_data->product_type,
456 $request_data->rang,
457 $request_data->special_code,
458 $request_data->fk_parent_line,
459 $request_data->fk_fournprice,
460 $request_data->pa_ht,
461 $request_data->label,
462 $request_data->array_options,
463 $request_data->fk_unit,
464 $request_data->origin,
465 $request_data->origin_id,
466 $request_data->multicurrency_subprice,
467 $request_data->ref_ext
468 );
469
470 if ($updateRes > 0) {
471 return $updateRes;
472 } else {
473 throw new RestException(400, $this->commande->error);
474 }
475 }
476
489 public function putLine($id, $lineid, $request_data = null)
490 {
491 if (!DolibarrApiAccess::$user->hasRight('commande', 'creer')) {
492 throw new RestException(403);
493 }
494
495 $result = $this->commande->fetch($id);
496 if (!$result) {
497 throw new RestException(404, 'Order not found');
498 }
499
500 if (!DolibarrApi::_checkAccessToResource('commande', $this->commande->id)) {
501 throw new RestException(403, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
502 }
503
504 $request_data = (object) $request_data;
505
506 $request_data->desc = sanitizeVal($request_data->desc, 'restricthtml');
507 $request_data->label = sanitizeVal($request_data->label);
508
509 $updateRes = $this->commande->updateline(
510 $lineid,
511 $request_data->desc,
512 $request_data->subprice,
513 $request_data->qty,
514 $request_data->remise_percent,
515 $request_data->tva_tx,
516 $request_data->localtax1_tx,
517 $request_data->localtax2_tx,
518 $request_data->price_base_type ? $request_data->price_base_type : 'HT',
519 $request_data->info_bits,
520 $request_data->date_start,
521 $request_data->date_end,
522 $request_data->product_type,
523 $request_data->fk_parent_line,
524 0,
525 $request_data->fk_fournprice,
526 $request_data->pa_ht,
527 $request_data->label,
528 $request_data->special_code,
529 $request_data->array_options,
530 $request_data->fk_unit,
531 $request_data->multicurrency_subprice,
532 0,
533 $request_data->ref_ext,
534 $request_data->rang
535 );
536
537 if ($updateRes > 0) {
538 $result = $this->get($id);
539 unset($result->line);
540 return $this->_cleanObjectDatas($result);
541 }
542 return false;
543 }
544
557 public function deleteLine($id, $lineid)
558 {
559 if (!DolibarrApiAccess::$user->hasRight('commande', 'creer')) {
560 throw new RestException(403);
561 }
562
563 $result = $this->commande->fetch($id);
564 if (!$result) {
565 throw new RestException(404, 'Order not found');
566 }
567
568 if (!DolibarrApi::_checkAccessToResource('commande', $this->commande->id)) {
569 throw new RestException(403, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
570 }
571
572 $updateRes = $this->commande->deleteLine(DolibarrApiAccess::$user, $lineid, $id);
573 if ($updateRes > 0) {
574 return $this->get($id);
575 } else {
576 throw new RestException(405, $this->commande->error);
577 }
578 }
579
593 public function getContacts($id, $type = '')
594 {
595 if (!DolibarrApiAccess::$user->hasRight('commande', 'lire')) {
596 throw new RestException(403);
597 }
598
599 $result = $this->commande->fetch($id);
600 if (!$result) {
601 throw new RestException(404, 'Order not found');
602 }
603
604 if (!DolibarrApi::_checkAccessToResource('commande', $this->commande->id)) {
605 throw new RestException(403, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
606 }
607
608 $contacts = $this->commande->liste_contact(-1, 'external', 0, $type);
609
610 return $this->_cleanObjectDatas($contacts);
611 }
612
628 public function postContact($id, $contactid, $type)
629 {
630 if (!DolibarrApiAccess::$user->hasRight('commande', 'creer')) {
631 throw new RestException(403);
632 }
633
634 $result = $this->commande->fetch($id);
635 if (!$result) {
636 throw new RestException(404, 'Order not found');
637 }
638
639 if (!DolibarrApi::_checkAccessToResource('commande', $this->commande->id)) {
640 throw new RestException(403, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
641 }
642
643 $result = $this->commande->add_contact($contactid, $type, 'external');
644
645 if ($result < 0) {
646 throw new RestException(500, 'Error when added the contact');
647 }
648
649 if ($result == 0) {
650 throw new RestException(304, 'contact already added');
651 }
652
653 return array(
654 'success' => array(
655 'code' => 200,
656 'message' => 'Contact linked to the order'
657 )
658 );
659 }
660
678 public function deleteContact($id, $contactid, $type)
679 {
680 if (!DolibarrApiAccess::$user->hasRight('commande', 'creer')) {
681 throw new RestException(403);
682 }
683
684 $result = $this->commande->fetch($id);
685 if (!$result) {
686 throw new RestException(404, 'Order not found');
687 }
688
689 if (!DolibarrApi::_checkAccessToResource('commande', $this->commande->id)) {
690 throw new RestException(403, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
691 }
692
693 $contacts = $this->commande->liste_contact();
694
695 foreach ($contacts as $contact) {
696 if ($contact['id'] == $contactid && $contact['code'] == $type) {
697 $result = $this->commande->delete_contact($contact['rowid']);
698
699 if (!$result) {
700 throw new RestException(500, 'Error when deleted the contact');
701 }
702 }
703 }
704
705 return array(
706 'success' => array(
707 'code' => 200,
708 'message' => 'Contact unlinked from order'
709 )
710 );
711 }
712
722 public function put($id, $request_data = null)
723 {
724 if (!DolibarrApiAccess::$user->hasRight('commande', 'creer')) {
725 throw new RestException(403);
726 }
727
728 $result = $this->commande->fetch($id);
729 if (!$result) {
730 throw new RestException(404, 'Order not found');
731 }
732
733 if (!DolibarrApi::_checkAccessToResource('commande', $this->commande->id)) {
734 throw new RestException(403, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
735 }
736 foreach ($request_data as $field => $value) {
737 if ($field == 'id') {
738 continue;
739 }
740 if ($field === 'caller') {
741 // Add a mention of caller so on trigger called after action, we can filter to avoid a loop if we try to sync back again with the caller
742 $this->commande->context['caller'] = sanitizeVal($request_data['caller'], 'aZ09');
743 continue;
744 }
745 if ($field == 'array_options' && is_array($value)) {
746 foreach ($value as $index => $val) {
747 $this->commande->array_options[$index] = $this->_checkValForAPI($field, $val, $this->commande);
748 }
749 continue;
750 }
751
752 $this->commande->$field = $this->_checkValForAPI($field, $value, $this->commande);
753 }
754
755 // Update availability
756 if (!empty($this->commande->availability_id)) {
757 if ($this->commande->availability($this->commande->availability_id) < 0) {
758 throw new RestException(400, 'Error while updating availability');
759 }
760 }
761
762 if ($this->commande->update(DolibarrApiAccess::$user) > 0) {
763 return $this->get($id);
764 } else {
765 throw new RestException(500, $this->commande->error);
766 }
767 }
768
777 public function delete($id)
778 {
779 if (!DolibarrApiAccess::$user->hasRight('commande', 'supprimer')) {
780 throw new RestException(403);
781 }
782 $result = $this->commande->fetch($id);
783 if (!$result) {
784 throw new RestException(404, 'Order not found');
785 }
786
787 if (!DolibarrApi::_checkAccessToResource('commande', $this->commande->id)) {
788 throw new RestException(403, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
789 }
790
791 if (!$this->commande->delete(DolibarrApiAccess::$user)) {
792 throw new RestException(500, 'Error when deleting order : '.$this->commande->error);
793 }
794
795 return array(
796 'success' => array(
797 'code' => 200,
798 'message' => 'Order deleted'
799 )
800 );
801 }
802
824 public function validate($id, $idwarehouse = 0, $notrigger = 0)
825 {
826 if (!DolibarrApiAccess::$user->hasRight('commande', 'creer')) {
827 throw new RestException(403);
828 }
829 $result = $this->commande->fetch($id);
830 if (!$result) {
831 throw new RestException(404, 'Order not found');
832 }
833
834 $result = $this->commande->fetch_thirdparty(); // do not check result, as failure is not fatal (used only for mail notification substitutes)
835
836 if (!DolibarrApi::_checkAccessToResource('commande', $this->commande->id)) {
837 throw new RestException(403, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
838 }
839
840 $result = $this->commande->valid(DolibarrApiAccess::$user, $idwarehouse, $notrigger);
841 if ($result == 0) {
842 throw new RestException(304, 'Error nothing done. May be object is already validated');
843 }
844 if ($result < 0) {
845 throw new RestException(500, 'Error when validating Order: '.$this->commande->error);
846 }
847 $result = $this->commande->fetch($id);
848
849 $this->commande->fetchObjectLinked();
850
851 //fix #20477 : add online_payment_url
852 require_once DOL_DOCUMENT_ROOT.'/core/lib/payments.lib.php';
853 $this->commande->online_payment_url = getOnlinePaymentUrl(0, 'order', $this->commande->ref);
854
855 return $this->_cleanObjectDatas($this->commande);
856 }
857
875 public function reopen($id)
876 {
877 if (!DolibarrApiAccess::$user->hasRight('commande', 'creer')) {
878 throw new RestException(403);
879 }
880 if (empty($id)) {
881 throw new RestException(400, 'Order ID is mandatory');
882 }
883 $result = $this->commande->fetch($id);
884 if (!$result) {
885 throw new RestException(404, 'Order not found');
886 }
887
888 $result = $this->commande->set_reopen(DolibarrApiAccess::$user);
889 if ($result < 0) {
890 throw new RestException(405, $this->commande->error);
891 } elseif ($result == 0) {
892 throw new RestException(304);
893 }
894
895 return $result;
896 }
897
911 public function setinvoiced($id)
912 {
913 if (!DolibarrApiAccess::$user->hasRight('commande', 'creer')) {
914 throw new RestException(403);
915 }
916 if (empty($id)) {
917 throw new RestException(400, 'Order ID is mandatory');
918 }
919 $result = $this->commande->fetch($id);
920 if (!$result) {
921 throw new RestException(404, 'Order not found');
922 }
923
924 $result = $this->commande->classifyBilled(DolibarrApiAccess::$user);
925 if ($result < 0) {
926 throw new RestException(400, $this->commande->error);
927 }
928
929 $result = $this->commande->fetch($id);
930 if (!$result) {
931 throw new RestException(404, 'Order not found');
932 }
933
934 if (!DolibarrApi::_checkAccessToResource('commande', $this->commande->id)) {
935 throw new RestException(403, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
936 }
937
938 $this->commande->fetchObjectLinked();
939
940 return $this->_cleanObjectDatas($this->commande);
941 }
942
952 public function close($id, $notrigger = 0)
953 {
954 if (!DolibarrApiAccess::$user->hasRight('commande', 'creer')) {
955 throw new RestException(403);
956 }
957 $result = $this->commande->fetch($id);
958 if (!$result) {
959 throw new RestException(404, 'Order not found');
960 }
961
962 if (!DolibarrApi::_checkAccessToResource('commande', $this->commande->id)) {
963 throw new RestException(403, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
964 }
965
966 $result = $this->commande->cloture(DolibarrApiAccess::$user, $notrigger);
967 if ($result == 0) {
968 throw new RestException(304, 'Error nothing done. May be object is already closed');
969 }
970 if ($result < 0) {
971 throw new RestException(500, 'Error when closing Order: '.$this->commande->error);
972 }
973
974 $result = $this->commande->fetch($id);
975 if (!$result) {
976 throw new RestException(404, 'Order not found');
977 }
978
979 if (!DolibarrApi::_checkAccessToResource('commande', $this->commande->id)) {
980 throw new RestException(403, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
981 }
982
983 $this->commande->fetchObjectLinked();
984
985 return $this->_cleanObjectDatas($this->commande);
986 }
987
997 public function settodraft($id, $idwarehouse = -1)
998 {
999 if (!DolibarrApiAccess::$user->hasRight('commande', 'creer')) {
1000 throw new RestException(403);
1001 }
1002 $result = $this->commande->fetch($id);
1003 if (!$result) {
1004 throw new RestException(404, 'Order not found');
1005 }
1006
1007 if (!DolibarrApi::_checkAccessToResource('commande', $this->commande->id)) {
1008 throw new RestException(403, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
1009 }
1010
1011 $result = $this->commande->setDraft(DolibarrApiAccess::$user, $idwarehouse);
1012 if ($result == 0) {
1013 throw new RestException(304, 'Nothing done. May be object is already closed');
1014 }
1015 if ($result < 0) {
1016 throw new RestException(500, 'Error when closing Order: '.$this->commande->error);
1017 }
1018
1019 $result = $this->commande->fetch($id);
1020 if (!$result) {
1021 throw new RestException(404, 'Order not found');
1022 }
1023
1024 if (!DolibarrApi::_checkAccessToResource('commande', $this->commande->id)) {
1025 throw new RestException(403, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
1026 }
1027
1028 $this->commande->fetchObjectLinked();
1029
1030 return $this->_cleanObjectDatas($this->commande);
1031 }
1032
1033
1047 public function createOrderFromProposal($proposalid)
1048 {
1049 require_once DOL_DOCUMENT_ROOT.'/comm/propal/class/propal.class.php';
1050
1051 if (!DolibarrApiAccess::$user->hasRight('propal', 'lire')) {
1052 throw new RestException(403);
1053 }
1054 if (!DolibarrApiAccess::$user->hasRight('commande', 'creer')) {
1055 throw new RestException(403);
1056 }
1057 if (empty($proposalid)) {
1058 throw new RestException(400, 'Proposal ID is mandatory');
1059 }
1060
1061 $propal = new Propal($this->db);
1062 $result = $propal->fetch($proposalid);
1063 if (!$result) {
1064 throw new RestException(404, 'Proposal not found');
1065 }
1066
1067 $result = $this->commande->createFromProposal($propal, DolibarrApiAccess::$user);
1068 if ($result < 0) {
1069 throw new RestException(405, $this->commande->error);
1070 }
1071 $this->commande->fetchObjectLinked();
1072
1073 return $this->_cleanObjectDatas($this->commande);
1074 }
1075
1091 public function getOrderShipments($id)
1092 {
1093 require_once DOL_DOCUMENT_ROOT.'/expedition/class/expedition.class.php';
1094 if (!DolibarrApiAccess::$user->hasRight('expedition', 'lire')) {
1095 throw new RestException(403);
1096 }
1097 $obj_ret = array();
1098 $sql = "SELECT e.rowid";
1099 $sql .= " FROM ".MAIN_DB_PREFIX."expedition as e";
1100 $sql .= " JOIN ".MAIN_DB_PREFIX."expeditiondet as edet";
1101 $sql .= " ON e.rowid = edet.fk_expedition";
1102 $sql .= " JOIN ".MAIN_DB_PREFIX."commandedet as cdet";
1103 $sql .= " ON edet.fk_elementdet = cdet.rowid";
1104 $sql .= " JOIN ".MAIN_DB_PREFIX."commande as c";
1105 $sql .= " ON cdet.fk_commande = c.rowid";
1106 $sql .= " WHERE c.rowid = ".((int) $id);
1107 $sql .= " GROUP BY e.rowid";
1108 $sql .= $this->db->order("e.rowid", "ASC");
1109
1110 dol_syslog("API Rest request");
1111 $result = $this->db->query($sql);
1112
1113 if ($result) {
1114 $num = $this->db->num_rows($result);
1115 if ($num <= 0) {
1116 throw new RestException(404, 'Shipments not found ');
1117 }
1118 $i = 0;
1119 while ($i < $num) {
1120 $obj = $this->db->fetch_object($result);
1121 $shipment_static = new Expedition($this->db);
1122 if ($shipment_static->fetch($obj->rowid)) {
1123 $obj_ret[] = $this->_cleanObjectDatas($shipment_static);
1124 }
1125 $i++;
1126 }
1127 } else {
1128 throw new RestException(500, 'Error when retrieve shipment list : '.$this->db->lasterror());
1129 }
1130 return $obj_ret;
1131 }
1132
1147 public function createOrderShipment($id, $warehouse_id)
1148 {
1149 require_once DOL_DOCUMENT_ROOT.'/expedition/class/expedition.class.php';
1150 if (!DolibarrApiAccess::$user->hasRight('expedition', 'creer')) {
1151 throw new RestException(403);
1152 }
1153 if ($warehouse_id <= 0) {
1154 throw new RestException(404, 'Warehouse not found');
1155 }
1156 $result = $this->commande->fetch($id);
1157 if (!$result) {
1158 throw new RestException(404, 'Order not found');
1159 }
1160 $shipment = new Expedition($this->db);
1161 $shipment->socid = $this->commande->socid;
1162 $shipment->origin_id = $this->commande->id;
1163 $shipment->origin = $this->commande->element;
1164 $result = $shipment->create(DolibarrApiAccess::$user);
1165 if ($result <= 0) {
1166 throw new RestException(500, 'Error on creating expedition :'.$this->db->lasterror());
1167 }
1168 foreach ($this->commande->lines as $line) {
1169 $result = $shipment->create_line($warehouse_id, $line->id, $line->qty);
1170 if ($result <= 0) {
1171 throw new RestException(500, 'Error on creating expedition lines:'.$this->db->lasterror());
1172 }
1173 }
1174 return $shipment->id;
1175 }
1176
1177 // phpcs:disable PEAR.NamingConventions.ValidFunctionName.PublicUnderscore
1184 protected function _cleanObjectDatas($object)
1185 {
1186 // phpcs:enable
1187 $object = parent::_cleanObjectDatas($object);
1188
1189 unset($object->note);
1190 unset($object->address);
1191 unset($object->barcode_type);
1192 unset($object->barcode_type_code);
1193 unset($object->barcode_type_label);
1194 unset($object->barcode_type_coder);
1195
1196 return $object;
1197 }
1198
1206 private function _validate($data)
1207 {
1208 if ($data === null) {
1209 $data = array();
1210 }
1211 $commande = array();
1212 foreach (Orders::$FIELDS as $field) {
1213 if (!isset($data[$field])) {
1214 throw new RestException(400, $field." field missing");
1215 }
1216 $commande[$field] = $data[$field];
1217 }
1218 return $commande;
1219 }
1220}
$id
$id
Support class for third parties, contacts, members, users or resources.
Definition account.php:48
$object
if( $user->socid > 0) if(! $user->hasRight('accounting', 'chartofaccount')) $object
Definition card.php:67
Commande
Class to manage customers orders.
Definition commande.class.php:52
DolibarrApi
Class for API REST v1.
Definition api.class.php:33
DolibarrApi\_filterObjectProperties
_filterObjectProperties($object, $properties)
Filter properties that will be returned on object.
Definition api.class.php:156
DolibarrApi\_checkAccessToResource
static _checkAccessToResource($resource, $resource_id=0, $dbtablename='', $feature2='', $dbt_keyfield='fk_soc', $dbt_select='rowid')
Check access by user to a given resource.
Definition api.class.php:392
DolibarrApi\_checkValForAPI
_checkValForAPI($field, $value, $object)
Check and convert a string depending on its type/name.
Definition api.class.php:98
Orders\deleteContact
deleteContact($id, $contactid, $type)
Unlink a contact type of given order.
Definition api_orders.class.php:678
Orders\__construct
__construct()
Constructor.
Definition api_orders.class.php:49
Orders\_validate
_validate($data)
Validate fields before create or update object.
Definition api_orders.class.php:1206
Orders\deleteLine
deleteLine($id, $lineid)
Delete a line of a given order.
Definition api_orders.class.php:557
Orders\getByRef
getByRef($ref, $contact_list=-1)
Get properties of an order object by ref.
Definition api_orders.class.php:86
Orders\close
close($id, $notrigger=0)
Close an order (Classify it as "Delivered")
Definition api_orders.class.php:952
Orders\index
index($sortfield="t.rowid", $sortorder='ASC', $limit=100, $page=0, $thirdparty_ids='', $sqlfilters='', $sqlfilterlines='', $properties='', $pagination_data=false, $loadlinkedobjects=0)
List orders.
Definition api_orders.class.php:180
Orders\_cleanObjectDatas
_cleanObjectDatas($object)
Clean sensible object datas.
Definition api_orders.class.php:1184
Orders\_fetch
_fetch($id, $ref='', $ref_ext='', $contact_list=-1)
Get properties of an order object.
Definition api_orders.class.php:122
Orders\put
put($id, $request_data=null)
Update order general fields (won't touch lines of order)
Definition api_orders.class.php:722
Orders\getLines
getLines($id)
Get lines of an order.
Definition api_orders.class.php:351
Orders\postContact
postContact($id, $contactid, $type)
Add a contact type of given order.
Definition api_orders.class.php:628
Orders\reopen
reopen($id)
Tag the order as validated (opened)
Definition api_orders.class.php:875
Orders\setinvoiced
setinvoiced($id)
Classify the order as invoiced.
Definition api_orders.class.php:911
Orders\getContacts
getContacts($id, $type='')
Get contacts of given order.
Definition api_orders.class.php:593
Orders\getLine
getLine($id, $lineid, $properties='')
Get properties of a line of an order object by id.
Definition api_orders.class.php:384
Orders\postLine
postLine($id, $request_data=null)
Add a line to given order.
Definition api_orders.class.php:420
Orders\post
post($request_data=null)
Create a sale order.
Definition api_orders.class.php:308
Orders\validate
validate($id, $idwarehouse=0, $notrigger=0)
Validate an order.
Definition api_orders.class.php:824
Orders\createOrderFromProposal
createOrderFromProposal($proposalid)
Create an order using an existing proposal.
Definition api_orders.class.php:1047
Orders\putLine
putLine($id, $lineid, $request_data=null)
Update a line to given order.
Definition api_orders.class.php:489
Orders\getOrderShipments
getOrderShipments($id)
Get the shipments of an order.
Definition api_orders.class.php:1091
Orders\settodraft
settodraft($id, $idwarehouse=-1)
Set an order to draft.
Definition api_orders.class.php:997
Orders\createOrderShipment
createOrderShipment($id, $warehouse_id)
Create the shipment of an order.
Definition api_orders.class.php:1147
Orders\getByRefExt
getByRefExt($ref_ext, $contact_list=-1)
Get properties of an order object by ref_ext.
Definition api_orders.class.php:104
Propal
Class to manage proposals.
Definition propal.class.php:56
forgeSQLFromUniversalSearchCriteria
forgeSQLFromUniversalSearchCriteria($filter, &$errorstr='', $noand=0, $nopar=0, $noerror=0)
forgeSQLFromUniversalSearchCriteria
Definition functions.lib.php:14617
sanitizeVal
sanitizeVal($out='', $check='alphanohtml', $filter=null, $options=null)
Return a sanitized or empty value after checking value against a rule.
Definition functions.lib.php:1298
dol_syslog
dol_syslog($message, $level=LOG_INFO, $ident=0, $suffixinfilename='', $restricttologhandler='', $logcontext=null)
Write log message into outputs.
Definition functions.lib.php:2519
Generated on Sun Jun 7 2026 01:00:18 for dolibarr by Doxygen 1.11.0