dolibarr 23.0.3
api_holidays.class.php
1<?php
2/* Copyright (C) 2015 Jean-François Ferry <jfefe@aternatik.fr>
3 * Copyright (C) 2016 Laurent Destailleur <eldy@users.sourceforge.net>
4 * Copyright (C) 2020-2025 Frédéric France <frederic.france@free.fr>
5 * Copyright (C) 2025 MDW <mdeweerd@users.noreply.github.com>
6 * Copyright (C) 2025 William Mead <william@m34d.com>
7 * Copyright (C) 2025 Charlene Benke <charlene@patas-monkey.com>
8 *
9 * This program is free software; you can redistribute it and/or modify
10 * it under the terms of the GNU General Public License as published by
11 * the Free Software Foundation; either version 3 of the License, or
12 * (at your option) any later version.
13 *
14 * This program is distributed in the hope that it will be useful,
15 * but WITHOUT ANY WARRANTY; without even the implied warranty of
16 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
17 * GNU General Public License for more details.
18 *
19 * You should have received a copy of the GNU General Public License
20 * along with this program. If not, see <https://www.gnu.org/licenses/>.
21 */
22
23use Luracast\Restler\RestException;
24
25require_once DOL_DOCUMENT_ROOT.'/holiday/class/holiday.class.php';
26
27
36class Holidays extends DolibarrApi
37{
41 public static $FIELDS = array(
42 'fk_user',
43 'date_debut',
44 'date_fin',
45 );
46
50 public $holiday;
51
52
56 public function __construct()
57 {
58 global $db;
59
60 $this->db = $db;
61 $this->holiday = new Holiday($this->db);
62 }
63
76 public function get($id)
77 {
78 if (!DolibarrApiAccess::$user->hasRight('holiday', 'read')) {
79 throw new RestException(403);
80 }
81
82 $result = $this->holiday->fetch($id);
83 if (!$result) {
84 throw new RestException(404, 'Leave not found');
85 }
86
87 if (!DolibarrApi::_checkAccessToResource('holiday', $this->holiday)) {
88 throw new RestException(403, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
89 }
90
91 $this->holiday->fetchObjectLinked();
92 return $this->_cleanObjectDatas($this->holiday);
93 }
94
114 public function index($sortfield = "t.rowid", $sortorder = 'ASC', $limit = 100, $page = 0, $user_ids = '', $sqlfilters = '', $properties = '', $pagination_data = false)
115 {
116 // TODO Check on permission holiday->read only if all ID are inside the childids of user
117
118 if (!DolibarrApiAccess::$user->hasRight('holiday', 'readall')) {
119 throw new RestException(403);
120 }
121
122 $obj_ret = array();
123
124 // case of external user, $societe param is ignored and replaced by user's socid
125 //$socid = DolibarrApiAccess::$user->socid ?: $societe;
126
127 $sql = "SELECT t.rowid";
128 $sql .= " FROM ".MAIN_DB_PREFIX."holiday AS t LEFT JOIN ".MAIN_DB_PREFIX."holiday_extrafields AS ef ON (ef.fk_object = t.rowid)"; // Modification VMR Global Solutions to include extrafields as search parameters in the API GET call, so we will be able to filter on extrafields
129 $sql .= ' WHERE t.entity IN ('.getEntity('holiday').')';
130 if ($user_ids) {
131 $sql .= " AND t.fk_user IN (".$this->db->sanitize($user_ids).")";
132 }
133
134 // Add sql filters
135 if ($sqlfilters) {
136 $errormessage = '';
137 $sql .= forgeSQLFromUniversalSearchCriteria($sqlfilters, $errormessage);
138 if ($errormessage) {
139 throw new RestException(400, 'Error when validating parameter sqlfilters -> '.$errormessage);
140 }
141 }
142
143 //this query will return total orders with the filters given
144 $sqlTotals = str_replace('SELECT t.rowid', 'SELECT count(t.rowid) as total', $sql);
145
146 $sql .= $this->db->order($sortfield, $sortorder);
147 if ($limit) {
148 if ($page < 0) {
149 $page = 0;
150 }
151 $offset = $limit * $page;
152
153 $sql .= $this->db->plimit($limit + 1, $offset);
154 }
155
156 $result = $this->db->query($sql);
157
158 if ($result) {
159 $num = $this->db->num_rows($result);
160 $min = min($num, ($limit <= 0 ? $num : $limit));
161 $i = 0;
162 while ($i < $min) {
163 $obj = $this->db->fetch_object($result);
164 $holiday_static = new Holiday($this->db);
165 if ($holiday_static->fetch($obj->rowid)) {
166 $obj_ret[] = $this->_filterObjectProperties($this->_cleanObjectDatas($holiday_static), $properties);
167 }
168 $i++;
169 }
170 } else {
171 throw new RestException(503, 'Error when retrieve Leave list : '.$this->db->lasterror());
172 }
173
174 //if $pagination_data is true the response will contain element data with all values and element pagination with pagination data(total,page,limit)
175 if ($pagination_data) {
176 $totalsResult = $this->db->query($sqlTotals);
177 $total = $this->db->fetch_object($totalsResult)->total;
178
179 $tmp = $obj_ret;
180 $obj_ret = [];
181
182 $obj_ret['data'] = $tmp;
183 $obj_ret['pagination'] = [
184 'total' => (int) $total,
185 'page' => $page, //count starts from 0
186 'page_count' => ceil((int) $total / $limit),
187 'limit' => $limit
188 ];
189 }
190
191 return $obj_ret;
192 }
193
206 public function post($request_data = null)
207 {
208 if (!DolibarrApiAccess::$user->hasRight('holiday', 'write')) {
209 throw new RestException(403, "Insufficiant rights");
210 }
211
212 // Check mandatory fields
213 $result = $this->_validate($request_data);
214
215 foreach ($request_data as $field => $value) {
216 if ($field === 'caller') {
217 // Add a mention of caller so on trigger called after action, we can filter to avoid a loop if we try to sync back again with the caller
218 $this->holiday->context['caller'] = sanitizeVal($request_data['caller'], 'aZ09');
219 continue;
220 }
221
222 $this->holiday->$field = $this->_checkValForAPI($field, $value, $this->holiday);
223 }
224 /*if (isset($request_data["lines"])) {
225 $lines = array();
226 foreach ($request_data["lines"] as $line) {
227 array_push($lines, (object) $line);
228 }
229 $this->holiday->lines = $lines;
230 }*/
231 if ($this->holiday->create(DolibarrApiAccess::$user) < 0) {
232 throw new RestException(500, "Error creating holiday", array_merge(array($this->holiday->error), $this->holiday->errors));
233 }
234
235 return $this->holiday->id;
236 }
237
238
256 public function put($id, $request_data = null)
257 {
258 if (!DolibarrApiAccess::$user->hasRight('holiday', 'write')) {
259 throw new RestException(403);
260 }
261
262 $result = $this->holiday->fetch($id);
263 if (!$result) {
264 throw new RestException(404, 'Leave not found');
265 }
266
267 if (!DolibarrApi::_checkAccessToResource('holiday', $this->holiday)) {
268 throw new RestException(403, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
269 }
270 foreach ($request_data as $field => $value) {
271 if ($field == 'id') {
272 continue;
273 }
274 if ($field === 'caller') {
275 // Add a mention of caller so on trigger called after action, we can filter to avoid a loop if we try to sync back again with the caller
276 $this->holiday->context['caller'] = sanitizeVal($request_data['caller'], 'aZ09');
277 continue;
278 }
279
280 if ($field == 'array_options' && is_array($value)) {
281 foreach ($value as $index => $val) {
282 $this->holiday->array_options[$index] = $this->_checkValForAPI($field, $val, $this->holiday);
283 }
284 continue;
285 }
286
287 $this->holiday->$field = $this->_checkValForAPI($field, $value, $this->holiday);
288 }
289
290 if ($this->holiday->update(DolibarrApiAccess::$user) > 0) {
291 return $this->get($id);
292 } else {
293 throw new RestException(500, $this->holiday->error);
294 }
295 }
296
309 public function delete($id)
310 {
311 if (!DolibarrApiAccess::$user->hasRight('holiday', 'delete')) {
312 throw new RestException(403);
313 }
314
315 $result = $this->holiday->fetch($id);
316 if (!$result) {
317 throw new RestException(404, 'Leave not found');
318 }
319
320 if (!DolibarrApi::_checkAccessToResource('holiday', $this->holiday)) {
321 throw new RestException(403, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
322 }
323
324 if (!$this->holiday->delete(DolibarrApiAccess::$user)) {
325 throw new RestException(500, 'Error when deleting Leave : '.$this->holiday->error);
326 }
327
328 return array(
329 'success' => array(
330 'code' => 200,
331 'message' => 'Leave deleted'
332 )
333 );
334 }
335
355 public function validate($id, $notrigger = 0)
356 {
357 if (!DolibarrApiAccess::$user->hasRight('holiday', 'write')) {
358 throw new RestException(403, "Insufficiant rights");
359 }
360 $result = $this->holiday->fetch($id);
361 if (!$result) {
362 throw new RestException(404, 'Leave not found');
363 }
364
365 if (!DolibarrApi::_checkAccessToResource('holiday', $this->holiday)) {
366 throw new RestException(403, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
367 }
368
369 $this->holiday->status = Holiday::STATUS_VALIDATED;
370 $result = $this->holiday->validate(DolibarrApiAccess::$user, $notrigger);
371 if ($result == 0) {
372 throw new RestException(304, 'Error nothing done. May be object is already validated');
373 }
374 if ($result < 0) {
375 throw new RestException(500, 'Error when validating leave: '.$this->holiday->error);
376 }
377
378 return $this->_cleanObjectDatas($this->holiday);
379 }
380
381
401 public function approve($id, $notrigger = 0)
402 {
403 if (!DolibarrApiAccess::$user->hasRight('holiday', 'approve')) {
404 throw new RestException(403, "Insufficiant rights");
405 }
406 $result = $this->holiday->fetch($id);
407 if (!$result) {
408 throw new RestException(404, 'Leave not found');
409 }
410
411 if (!DolibarrApi::_checkAccessToResource('holiday', $this->holiday)) {
412 throw new RestException(403, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
413 }
414
415 $this->holiday->status = Holiday::STATUS_APPROVED;
416 $result = $this->holiday->approve(DolibarrApiAccess::$user, $notrigger);
417 if ($result == 0) {
418 throw new RestException(304, 'Error nothing done. May be object is already approved');
419 }
420 if ($result < 0) {
421 throw new RestException(500, 'Error when approving expense report: '.$this->holiday->error);
422 }
423
424 return $this->_cleanObjectDatas($this->holiday);
425 }
426
446 public function cancel($id, $notrigger = 0)
447 {
448 if (!DolibarrApiAccess::$user->hasRight('holiday', 'write')) {
449 throw new RestException(403, "Insufficient rights");
450 }
451
452 $result = $this->holiday->fetch($id);
453 if (!$result) {
454 throw new RestException(404, 'Leave not found');
455 }
456
457 if (!DolibarrApi::_checkAccessToResource('holiday', $this->holiday)) {
458 throw new RestException(403, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
459 }
460
461 $this->holiday->status = Holiday::STATUS_CANCELED;
462 $result = $this->holiday->update(DolibarrApiAccess::$user, $notrigger);
463 if ($result == 0) {
464 throw new RestException(304, 'Error nothing done. May be object is already canceled');
465 }
466 if ($result < 0) {
467 throw new RestException(500, 'Error when canceling holiday: '.$this->holiday->error);
468 }
469
470 return $this->_cleanObjectDatas($this->holiday);
471 }
472
493 public function refuse($id, $detail_refuse, $notrigger = 0)
494 {
495 if (!DolibarrApiAccess::$user->hasRight('holiday', 'approve')) {
496 throw new RestException(403, "Insufficient rights");
497 }
498
499 $result = $this->holiday->fetch($id);
500 if (!$result) {
501 throw new RestException(404, 'Leave not found');
502 }
503
504 if (!DolibarrApi::_checkAccessToResource('holiday', $this->holiday)) {
505 throw new RestException(403, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
506 }
507
508 $this->holiday->status = Holiday::STATUS_REFUSED;
509 $this->holiday->detail_refuse = $detail_refuse;
510 $result = $this->holiday->update(DolibarrApiAccess::$user, $notrigger);
511 if ($result == 0) {
512 throw new RestException(304, 'Error nothing done. May be object is already refused');
513 }
514 if ($result < 0) {
515 throw new RestException(500, 'Error when refusing holiday: '.$this->holiday->error);
516 }
517
518 return $this->_cleanObjectDatas($this->holiday);
519 }
520
543 public function reopen($id, $notrigger = 0)
544 {
545 if (!DolibarrApiAccess::$user->hasRight('holiday', 'write')) {
546 throw new RestException(403, "Insufficient rights");
547 }
548
549 $result = $this->holiday->fetch($id);
550 if (!$result) {
551 throw new RestException(404, 'Leave not found');
552 }
553
554 if (!DolibarrApi::_checkAccessToResource('holiday', $this->holiday)) {
555 throw new RestException(403, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
556 }
557
558 // Check if the holiday is actually canceled
559 if ($this->holiday->statut != Holiday::STATUS_CANCELED) {
560 throw new RestException(400, 'Holiday is not canceled. Only canceled holidays can be reopened.');
561 }
562 $this->holiday->status = Holiday::STATUS_VALIDATED;
563 $result = $this->holiday->validate(DolibarrApiAccess::$user, $notrigger);
564 if ($result < 0) {
565 throw new RestException(500, 'Error when canceling holiday: '.$this->holiday->error);
566 }
567
568 return $this->_cleanObjectDatas($this->holiday);
569 }
570
571 // phpcs:disable PEAR.NamingConventions.ValidFunctionName.PublicUnderscore
581 protected function _cleanObjectDatas($object)
582 {
583 // phpcs:enable
584 $object = parent::_cleanObjectDatas($object);
588 unset($object->statut);
589 unset($object->user);
590 unset($object->thirdparty);
591
592 unset($object->cond_reglement);
593 unset($object->shipping_method_id);
594
595 unset($object->barcode_type);
596 unset($object->barcode_type_code);
597 unset($object->barcode_type_label);
598 unset($object->barcode_type_coder);
599
600 unset($object->mode_reglement_id);
601 unset($object->cond_reglement_id);
602
603 unset($object->name);
604 unset($object->lastname);
605 unset($object->firstname);
606 unset($object->civility_id);
607 unset($object->cond_reglement_id);
608 unset($object->contact);
609 unset($object->contact_id);
610
611 unset($object->state);
612 unset($object->state_id);
613 unset($object->state_code);
614 unset($object->country);
615 unset($object->country_id);
616 unset($object->country_code);
617
618 unset($object->logs);
619 unset($object->events);
620 unset($object->holiday);
621 unset($object->canvas);
622 unset($object->lines);
623
624 unset($object->totalpaid);
625 unset($object->totalpaid_multicurrency);
626
627 unset($object->note); // We already use note_public and note_pricate
628
629 return $object;
630 }
631
639 private function _validate($data)
640 {
641 if ($data === null) {
642 $data = array();
643 }
644 $expensereport = array();
645 foreach (self::$FIELDS as $field) {
646 if (!isset($data[$field])) {
647 throw new RestException(400, "$field field missing");
648 }
649 $expensereport[$field] = $data[$field];
650 }
651 return $expensereport;
652 }
653}
$id
$id
Support class for third parties, contacts, members, users or resources.
Definition account.php:47
$object
if(! $sortfield) if(! $sortorder) $object
Definition account.php:100
DolibarrApi
Class for API REST v1.
Definition api.class.php:33
DolibarrApi\_filterObjectProperties
_filterObjectProperties($object, $properties)
Filter properties that will be returned on object.
Definition api.class.php:162
DolibarrApi\_checkAccessToResource
static _checkAccessToResource($resource, $resource_id=0, $dbtablename='', $feature2='', $dbt_keyfield='fk_soc', $dbt_select='rowid')
Check access by user to a given resource.
Definition api.class.php:399
DolibarrApi\_checkValForAPI
_checkValForAPI($field, $value, $object)
Check and convert a string depending on its type/name.
Definition api.class.php:98
DolibarrApi\_cleanObjectDatas
_cleanObjectDatas($object)
Clean sensitive object data @phpstan-template T.
Definition api.class.php:213
Holiday
Class of the module paid holiday.
Definition holiday.class.php:36
Holiday\STATUS_VALIDATED
const STATUS_VALIDATED
Validated status.
Definition holiday.class.php:185
Holiday\STATUS_REFUSED
const STATUS_REFUSED
Refused.
Definition holiday.class.php:197
Holiday\STATUS_CANCELED
const STATUS_CANCELED
Canceled.
Definition holiday.class.php:193
Holiday\STATUS_APPROVED
const STATUS_APPROVED
Approved.
Definition holiday.class.php:189
Holidays\_validate
_validate($data)
Validate fields before create or update object.
Definition api_holidays.class.php:639
Holidays\index
index($sortfield="t.rowid", $sortorder='ASC', $limit=100, $page=0, $user_ids='', $sqlfilters='', $properties='', $pagination_data=false)
List leaves.
Definition api_holidays.class.php:114
Holidays\put
put($id, $request_data=null)
Update expense report general fields.
Definition api_holidays.class.php:256
Holidays\validate
validate($id, $notrigger=0)
Validate a holiday.
Definition api_holidays.class.php:355
Holidays\refuse
refuse($id, $detail_refuse, $notrigger=0)
Refuse a holiday.
Definition api_holidays.class.php:493
Holidays\__construct
__construct()
Constructor.
Definition api_holidays.class.php:56
Holidays\cancel
cancel($id, $notrigger=0)
Cancel a holiday.
Definition api_holidays.class.php:446
Holidays\reopen
reopen($id, $notrigger=0)
Reopen a canceled holiday.
Definition api_holidays.class.php:543
Holidays\approve
approve($id, $notrigger=0)
Approve a leave.
Definition api_holidays.class.php:401
Holidays\post
post($request_data=null)
Create a leave.
Definition api_holidays.class.php:206
forgeSQLFromUniversalSearchCriteria
forgeSQLFromUniversalSearchCriteria($filter, &$errorstr='', $noand=0, $nopar=0, $noerror=0)
forgeSQLFromUniversalSearchCriteria
Definition functions.lib.php:15728
sanitizeVal
sanitizeVal($out='', $check='alphanohtml', $filter=null, $options=null)
Return a sanitized or empty value after checking value against a rule.
Definition functions.lib.php:1364
Generated on Mon Jun 22 2026 20:45:30 for dolibarr by Doxygen 1.11.0