dolibarr 22.0.5
api_agendaevents.class.php
1<?php
2/* Copyright (C) 2015 Jean-François Ferry <jfefe@aternatik.fr>
3 * Copyright (C) 2016 Laurent Destailleur <eldy@users.sourceforge.net>
4 * Copyright (C) 2024-2025 MDW <mdeweerd@users.noreply.github.com>
5 * Copyright (C) 2025 William Mead <william@m34d.com>
6 *
7 * This program is free software; you can redistribute it and/or modify
8 * it under the terms of the GNU General Public License as published by
9 * the Free Software Foundation; either version 3 of the License, or
10 * (at your option) any later version.
11 *
12 * This program is distributed in the hope that it will be useful,
13 * but WITHOUT ANY WARRANTY; without even the implied warranty of
14 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15 * GNU General Public License for more details.
16 *
17 * You should have received a copy of the GNU General Public License
18 * along with this program. If not, see <https://www.gnu.org/licenses/>.
19 */
20
21use Luracast\Restler\RestException;
22
23require_once DOL_DOCUMENT_ROOT.'/comm/action/class/actioncomm.class.php';
24
25
34class AgendaEvents extends DolibarrApi
35{
39 public static $FIELDS = array(
40 'userownerid',
41 'type_code'
42 );
43
47 public $actioncomm;
48
49
53 public function __construct()
54 {
55 global $db, $conf;
56 $this->db = $db;
57 $this->actioncomm = new ActionComm($this->db);
58 }
59
72 public function get($id)
73 {
74 if (!DolibarrApiAccess::$user->hasRight('agenda', 'myactions', 'read')) {
75 throw new RestException(403, "Insufficient rights to read an event");
76 }
77 if ($id === 0) {
78 $result = $this->actioncomm->initAsSpecimen();
79 } else {
80 $result = $this->actioncomm->fetch($id);
81 if ($result) {
82 $this->actioncomm->fetch_optionals();
83 $this->actioncomm->fetchObjectLinked();
84 }
85 }
86 if (!$result) {
87 throw new RestException(404, 'Agenda Events not found');
88 }
89
90 if (!DolibarrApiAccess::$user->hasRight('agenda', 'allactions', 'read') && $this->actioncomm->userownerid != DolibarrApiAccess::$user->id) {
91 throw new RestException(403, 'Insufficient rights to read event of this owner id. Your id is '.DolibarrApiAccess::$user->id);
92 }
93
94 if (!DolibarrApi::_checkAccessToResource('agenda', $this->actioncomm->id, 'actioncomm', '', 'fk_soc', 'id')) {
95 throw new RestException(403, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
96 }
97 return $this->_cleanObjectDatas($this->actioncomm);
98 }
99
122 public function index($sortfield = "t.id", $sortorder = 'ASC', $limit = 100, $page = 0, $user_ids = '', $sqlfilters = '', $properties = '', $pagination_data = false)
123 {
124 global $db, $conf;
125
126 $obj_ret = array();
127
128 if (!DolibarrApiAccess::$user->hasRight('agenda', 'myactions', 'read')) {
129 throw new RestException(403, "Insufficient rights to read events");
130 }
131
132 // case of external user
133 $socid = DolibarrApiAccess::$user->socid ?: 0;
134
135 // If the internal user must only see his customers, force searching by him
136 $search_sale = 0;
137 if (!DolibarrApiAccess::$user->hasRight('societe', 'client', 'voir') && !$socid) {
138 $search_sale = DolibarrApiAccess::$user->id;
139 }
140 if (!isModEnabled('societe')) {
141 $search_sale = 0; // If module thirdparty not enabled, sale representative is something that does not exists
142 }
143
144 $sql = "SELECT t.id";
145 $sql .= " FROM ".MAIN_DB_PREFIX."actioncomm AS t";
146 $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."actioncomm_extrafields AS ef ON (ef.fk_object = t.id)"; // Modification VMR Global Solutions to include extrafields as search parameters in the API GET call, so we will be able to filter on extrafields
147 $sql .= ' WHERE t.entity IN ('.getEntity('agenda').')';
148 if ($user_ids) {
149 $sql .= " AND t.fk_user_action IN (".$this->db->sanitize($user_ids).")";
150 }
151 if ($socid > 0) {
152 $sql .= " AND t.fk_soc = ".((int) $socid);
153 }
154 // Search on sale representative
155 if ($search_sale && $search_sale != '-1') {
156 if ($search_sale == -2) {
157 $sql .= " AND NOT EXISTS (SELECT sc.fk_soc FROM ".MAIN_DB_PREFIX."societe_commerciaux as sc WHERE sc.fk_soc = t.fk_soc)";
158 } elseif ($search_sale > 0) {
159 $sql .= " AND EXISTS (SELECT sc.fk_soc FROM ".MAIN_DB_PREFIX."societe_commerciaux as sc WHERE sc.fk_soc = t.fk_soc AND sc.fk_user = ".((int) $search_sale).")";
160 }
161 }
162 // Add sql filters
163 if ($sqlfilters) {
164 $errormessage = '';
165 $sql .= forgeSQLFromUniversalSearchCriteria($sqlfilters, $errormessage);
166 if ($errormessage) {
167 throw new RestException(400, 'Error when validating parameter sqlfilters -> '.$errormessage);
168 }
169 }
170
171 //this query will return total orders with the filters given
172 $sqlTotals = str_replace('SELECT t.id', 'SELECT count(t.id) as total', $sql);
173
174 $sql .= $this->db->order($sortfield, $sortorder);
175 if ($limit) {
176 if ($page < 0) {
177 $page = 0;
178 }
179 $offset = $limit * $page;
180
181 $sql .= $this->db->plimit($limit + 1, $offset);
182 }
183
184 $result = $this->db->query($sql);
185
186 if ($result) {
187 $i = 0;
188 $num = $this->db->num_rows($result);
189 $min = min($num, ($limit <= 0 ? $num : $limit));
190 while ($i < $min) {
191 $obj = $this->db->fetch_object($result);
192 $actioncomm_static = new ActionComm($this->db);
193 if ($actioncomm_static->fetch($obj->id)) {
194 $obj_ret[] = $this->_filterObjectProperties($this->_cleanObjectDatas($actioncomm_static), $properties);
195 }
196 $i++;
197 }
198 } else {
199 throw new RestException(503, 'Error when retrieve Agenda Event list : '.$this->db->lasterror());
200 }
201
202 //if $pagination_data is true the response will contain element data with all values and element pagination with pagination data(total,page,limit)
203 if ($pagination_data) {
204 $totalsResult = $this->db->query($sqlTotals);
205 $total = $this->db->fetch_object($totalsResult)->total;
206
207 $tmp = $obj_ret;
208 $obj_ret = [];
209
210 $obj_ret['data'] = $tmp;
211 $obj_ret['pagination'] = [
212 'total' => (int) $total,
213 'page' => $page, //count starts from 0
214 'page_count' => (int) ceil((int) $total / $limit),
215 'limit' => $limit
216 ];
217 }
218
219 return $obj_ret;
220 }
221
234 public function post($request_data = null)
235 {
236 if (!DolibarrApiAccess::$user->hasRight('agenda', 'myactions', 'create')) {
237 throw new RestException(403, "Insufficient rights to create your Agenda Event");
238 }
239 if (!DolibarrApiAccess::$user->hasRight('agenda', 'allactions', 'create') && DolibarrApiAccess::$user->id != $request_data['userownerid']) {
240 throw new RestException(403, "Insufficient rights to create an Agenda Event for owner id ".$request_data['userownerid'].' Your id is '.DolibarrApiAccess::$user->id);
241 }
242
243 // Check mandatory fields
244 $result = $this->_validate($request_data);
245
246 foreach ($request_data as $field => $value) {
247 if ($field === 'caller') {
248 // Add a mention of caller so on trigger called after action, we can filter to avoid a loop if we try to sync back again with the caller
249 $this->actioncomm->context['caller'] = sanitizeVal($request_data['caller'], 'aZ09');
250 continue;
251 }
252
253 $this->actioncomm->$field = $this->_checkValForAPI($field, $value, $this->actioncomm);
254 }
255 /*if (isset($request_data["lines"])) {
256 $lines = array();
257 foreach ($request_data["lines"] as $line) {
258 array_push($lines, (object) $line);
259 }
260 $this->expensereport->lines = $lines;
261 }*/
262
263 if ($this->actioncomm->create(DolibarrApiAccess::$user) < 0) {
264 throw new RestException(500, "Error creating event", array_merge(array($this->actioncomm->error), $this->actioncomm->errors));
265 }
266
267 return $this->actioncomm->id;
268 }
269
270
284 public function put($id, $request_data = null)
285 {
286 if (!DolibarrApiAccess::$user->hasRight('agenda', 'myactions', 'create')) {
287 throw new RestException(403, "Insufficient rights to create your Agenda Event");
288 }
289 if (!DolibarrApiAccess::$user->hasRight('agenda', 'allactions', 'create') && DolibarrApiAccess::$user->id != $request_data['userownerid']) {
290 throw new RestException(403, "Insufficient rights to create an Agenda Event for owner id ".$request_data['userownerid'].' Your id is '.DolibarrApiAccess::$user->id);
291 }
292
293 $result = $this->actioncomm->fetch($id);
294 if ($result) {
295 $this->actioncomm->fetch_optionals();
296 $this->actioncomm->fetch_userassigned();
297 $this->actioncomm->oldcopy = clone $this->actioncomm; // @phan-suppress-current-line PhanTypeMismatchProperty
298 }
299 if (!$result) {
300 throw new RestException(404, 'actioncomm not found');
301 }
302
303 if (!DolibarrApi::_checkAccessToResource('actioncomm', $this->actioncomm->id, 'actioncomm', '', 'fk_soc', 'id')) {
304 throw new RestException(403, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
305 }
306 foreach ($request_data as $field => $value) {
307 if ($field == 'id') {
308 continue;
309 }
310 if ($field === 'caller') {
311 // Add a mention of caller so on trigger called after action, we can filter to avoid a loop if we try to sync back again with the caller
312 $this->actioncomm->context['caller'] = sanitizeVal($request_data['caller'], 'aZ09');
313 continue;
314 }
315
316 if ($field == 'array_options' && is_array($value)) {
317 foreach ($value as $index => $val) {
318 $this->actioncomm->array_options[$index] = $this->_checkValForAPI($field, $val, $this->actioncomm);
319 }
320 continue;
321 }
322 $this->actioncomm->$field = $this->_checkValForAPI($field, $value, $this->actioncomm);
323 }
324
325 if ($this->actioncomm->update(DolibarrApiAccess::$user, 1) > 0) {
326 return $this->get($id);
327 }
328
329 return false;
330 }
331
345 public function delete($id)
346 {
347 if (!DolibarrApiAccess::$user->hasRight('agenda', 'myactions', 'delete')) {
348 throw new RestException(403, "Insufficient rights to delete your Agenda Event");
349 }
350
351 $result = $this->actioncomm->fetch($id);
352 if ($result) {
353 $this->actioncomm->fetch_optionals();
354 $this->actioncomm->fetch_userassigned();
355 $this->actioncomm->oldcopy = clone $this->actioncomm; // @phan-suppress-current-line PhanTypeMismatchProperty
356 }
357
358 if (!DolibarrApiAccess::$user->hasRight('agenda', 'allactions', 'delete') && DolibarrApiAccess::$user->id != $this->actioncomm->userownerid) {
359 throw new RestException(403, "Insufficient rights to delete an Agenda Event of owner id ".$this->actioncomm->userownerid.' Your id is '.DolibarrApiAccess::$user->id);
360 }
361
362 if (!$result) {
363 throw new RestException(404, 'Agenda Event not found');
364 }
365
366 if (!DolibarrApi::_checkAccessToResource('actioncomm', $this->actioncomm->id, 'actioncomm', '', 'fk_soc', 'id')) {
367 throw new RestException(403, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
368 }
369
370 if (!$this->actioncomm->delete(DolibarrApiAccess::$user)) {
371 throw new RestException(500, 'Error when delete Agenda Event : '.$this->actioncomm->error);
372 }
373
374 return array(
375 'success' => array(
376 'code' => 200,
377 'message' => 'Agenda Event deleted'
378 )
379 );
380 }
381
389 private function _validate($data)
390 {
391 if ($data === null) {
392 $data = array();
393 }
394 $event = array();
395 foreach (AgendaEvents::$FIELDS as $field) {
396 if (!isset($data[$field])) {
397 throw new RestException(400, "$field field missing");
398 }
399 $event[$field] = $data[$field];
400 }
401 return $event;
402 }
403
404 // phpcs:disable PEAR.NamingConventions.ValidFunctionName.PublicUnderscore
411 protected function _cleanObjectDatas($object)
412 {
413 // phpcs:enable
414 $object = parent::_cleanObjectDatas($object);
415
416 unset($object->note); // already in note_private or note_public
417 unset($object->usermod);
418 unset($object->libelle);
419 unset($object->context);
420 unset($object->canvas);
421 unset($object->contact);
422 unset($object->contact_id);
423 unset($object->thirdparty);
424 unset($object->user);
425 unset($object->origin);
426 unset($object->origin_id);
427 unset($object->ref_ext);
428 unset($object->statut);
429 unset($object->state_code);
430 unset($object->state_id);
431 unset($object->state);
432 unset($object->region);
433 unset($object->region_code);
434 unset($object->country);
435 unset($object->country_id);
436 unset($object->country_code);
437 unset($object->barcode_type);
438 unset($object->barcode_type_code);
439 unset($object->barcode_type_label);
440 unset($object->barcode_type_coder);
441 unset($object->mode_reglement_id);
442 unset($object->cond_reglement_id);
443 unset($object->cond_reglement);
444 unset($object->fk_delivery_address);
445 unset($object->shipping_method_id);
446 unset($object->fk_account);
447 unset($object->total_ht);
448 unset($object->total_tva);
449 unset($object->total_localtax1);
450 unset($object->total_localtax2);
451 unset($object->total_ttc);
452 unset($object->fk_incoterms);
453 unset($object->label_incoterms);
454 unset($object->location_incoterms);
455 unset($object->name);
456 unset($object->lastname);
457 unset($object->firstname);
458 unset($object->civility_id);
459 unset($object->contact);
460 unset($object->societe);
461 unset($object->demand_reason_id);
462 unset($object->transport_mode_id);
463 unset($object->region_id);
464 unset($object->actions);
465 unset($object->lines);
466
467 return $object;
468 }
469}
$id
$id
Support class for third parties, contacts, members, users or resources.
Definition account.php:48
$object
if( $user->socid > 0) if(! $user->hasRight('accounting', 'chartofaccount')) $object
Definition card.php:67
ActionComm
Class to manage agenda events (actions)
Definition actioncomm.class.php:41
AgendaEvents\_cleanObjectDatas
_cleanObjectDatas($object)
Clean sensible object datas.
Definition api_agendaevents.class.php:411
AgendaEvents\_validate
_validate($data)
Validate fields before create or update object.
Definition api_agendaevents.class.php:389
AgendaEvents\__construct
__construct()
Constructor.
Definition api_agendaevents.class.php:53
AgendaEvents\put
put($id, $request_data=null)
Update an agenda event.
Definition api_agendaevents.class.php:284
AgendaEvents\index
index($sortfield="t.id", $sortorder='ASC', $limit=100, $page=0, $user_ids='', $sqlfilters='', $properties='', $pagination_data=false)
List agenda events.
Definition api_agendaevents.class.php:122
AgendaEvents\post
post($request_data=null)
Create an agenda event.
Definition api_agendaevents.class.php:234
DolibarrApi
Class for API REST v1.
Definition api.class.php:33
DolibarrApi\_filterObjectProperties
_filterObjectProperties($object, $properties)
Filter properties that will be returned on object.
Definition api.class.php:156
DolibarrApi\_checkAccessToResource
static _checkAccessToResource($resource, $resource_id=0, $dbtablename='', $feature2='', $dbt_keyfield='fk_soc', $dbt_select='rowid')
Check access by user to a given resource.
Definition api.class.php:392
DolibarrApi\_checkValForAPI
_checkValForAPI($field, $value, $object)
Check and convert a string depending on its type/name.
Definition api.class.php:98
forgeSQLFromUniversalSearchCriteria
forgeSQLFromUniversalSearchCriteria($filter, &$errorstr='', $noand=0, $nopar=0, $noerror=0)
forgeSQLFromUniversalSearchCriteria
Definition functions.lib.php:14617
sanitizeVal
sanitizeVal($out='', $check='alphanohtml', $filter=null, $options=null)
Return a sanitized or empty value after checking value against a rule.
Definition functions.lib.php:1298
$conf
global $conf
The following vars must be defined: $type2label $form $conf, $lang, The following vars may also be de...
Definition member.php:79
Generated on Sun Jun 7 2026 01:00:18 for dolibarr by Doxygen 1.11.0