dolibarr 23.0.3
api_agendaevents.class.php
1<?php
2/* Copyright (C) 2015 Jean-François Ferry <jfefe@aternatik.fr>
3 * Copyright (C) 2016 Laurent Destailleur <eldy@users.sourceforge.net>
4 * Copyright (C) 2024-2025 MDW <mdeweerd@users.noreply.github.com>
5 * Copyright (C) 2025 William Mead <william@m34d.com>
6 * Copyright (C) 2025 Frédéric France <frederic.france@free.fr>
7 *
8 * This program is free software; you can redistribute it and/or modify
9 * it under the terms of the GNU General Public License as published by
10 * the Free Software Foundation; either version 3 of the License, or
11 * (at your option) any later version.
12 *
13 * This program is distributed in the hope that it will be useful,
14 * but WITHOUT ANY WARRANTY; without even the implied warranty of
15 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 * GNU General Public License for more details.
17 *
18 * You should have received a copy of the GNU General Public License
19 * along with this program. If not, see <https://www.gnu.org/licenses/>.
20 */
21
22use Luracast\Restler\RestException;
23
24require_once DOL_DOCUMENT_ROOT.'/comm/action/class/actioncomm.class.php';
25
26
35class AgendaEvents extends DolibarrApi
36{
40 public static $FIELDS = array(
41 'userownerid',
42 'type_code'
43 );
44
48 public $actioncomm;
49
50
54 public function __construct()
55 {
56 global $db, $conf;
57 $this->db = $db;
58 $this->actioncomm = new ActionComm($this->db);
59 }
60
73 public function get($id)
74 {
75 if (!DolibarrApiAccess::$user->hasRight('agenda', 'myactions', 'read')) {
76 throw new RestException(403, "Insufficient rights to read an event");
77 }
78 if ($id === 0) {
79 $result = $this->actioncomm->initAsSpecimen();
80 } else {
81 $result = $this->actioncomm->fetch($id);
82 if ($result) {
83 $this->actioncomm->fetch_optionals();
84 $this->actioncomm->fetchObjectLinked();
85 }
86 }
87 if (!$result) {
88 throw new RestException(404, 'Agenda Events not found');
89 }
90
91 if (!DolibarrApiAccess::$user->hasRight('agenda', 'allactions', 'read') && $this->actioncomm->userownerid != DolibarrApiAccess::$user->id) {
92 throw new RestException(403, 'Insufficient rights to read event of this owner id. Your id is '.DolibarrApiAccess::$user->id);
93 }
94
95 if (!DolibarrApi::_checkAccessToResource('agenda', $this->actioncomm->id, 'actioncomm', '', 'fk_soc', 'id')) {
96 throw new RestException(403, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
97 }
98 return $this->_cleanObjectDatas($this->actioncomm);
99 }
100
123 public function index($sortfield = "t.id", $sortorder = 'ASC', $limit = 100, $page = 0, $user_ids = '', $sqlfilters = '', $properties = '', $pagination_data = false)
124 {
125 global $db, $conf;
126
127 $obj_ret = array();
128
129 if (!DolibarrApiAccess::$user->hasRight('agenda', 'myactions', 'read')) {
130 throw new RestException(403, "Insufficient rights to read events");
131 }
132
133 // case of external user
134 $socid = DolibarrApiAccess::$user->socid ?: 0;
135
136 // If the internal user must only see his customers, force searching by him
137 $search_sale = 0;
138 if (!DolibarrApiAccess::$user->hasRight('societe', 'client', 'voir') && !$socid) {
139 $search_sale = DolibarrApiAccess::$user->id;
140 }
141 if (!isModEnabled('societe')) {
142 $search_sale = 0; // If module thirdparty not enabled, sale representative is something that does not exists
143 }
144
145 $sql = "SELECT t.id";
146 $sql .= " FROM ".MAIN_DB_PREFIX."actioncomm AS t";
147 $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."actioncomm_extrafields AS ef ON (ef.fk_object = t.id)"; // Modification VMR Global Solutions to include extrafields as search parameters in the API GET call, so we will be able to filter on extrafields
148 $sql .= ' WHERE t.entity IN ('.getEntity('agenda').')';
149 if ($user_ids) {
150 $sql .= " AND t.fk_user_action IN (".$this->db->sanitize($user_ids).")";
151 }
152 if ($socid > 0) {
153 $sql .= " AND t.fk_soc = ".((int) $socid);
154 }
155 // Search on sale representative
156 if ($search_sale && $search_sale != '-1') {
157 if ($search_sale == -2) {
158 $sql .= " AND NOT EXISTS (SELECT sc.fk_soc FROM ".MAIN_DB_PREFIX."societe_commerciaux as sc WHERE sc.fk_soc = t.fk_soc)";
159 } elseif ($search_sale > 0) {
160 $sql .= " AND (t.fk_soc IS NULL OR EXISTS (SELECT sc.fk_soc FROM ".MAIN_DB_PREFIX."societe_commerciaux as sc WHERE sc.fk_soc = t.fk_soc AND sc.fk_user = ".((int) $search_sale)."))";
161 }
162 }
163 // Add sql filters
164 if ($sqlfilters) {
165 $errormessage = '';
166 $sql .= forgeSQLFromUniversalSearchCriteria($sqlfilters, $errormessage);
167 if ($errormessage) {
168 throw new RestException(400, 'Error when validating parameter sqlfilters -> '.$errormessage);
169 }
170 }
171
172 //this query will return total orders with the filters given
173 $sqlTotals = str_replace('SELECT t.id', 'SELECT count(t.id) as total', $sql);
174
175 $sql .= $this->db->order($sortfield, $sortorder);
176 if ($limit) {
177 if ($page < 0) {
178 $page = 0;
179 }
180 $offset = $limit * $page;
181
182 $sql .= $this->db->plimit($limit + 1, $offset);
183 }
184
185 $result = $this->db->query($sql);
186
187 if ($result) {
188 $i = 0;
189 $num = $this->db->num_rows($result);
190 $min = min($num, ($limit <= 0 ? $num : $limit));
191 while ($i < $min) {
192 $obj = $this->db->fetch_object($result);
193 $actioncomm_static = new ActionComm($this->db);
194 if ($actioncomm_static->fetch($obj->id)) {
195 $obj_ret[] = $this->_filterObjectProperties($this->_cleanObjectDatas($actioncomm_static), $properties);
196 }
197 $i++;
198 }
199 } else {
200 throw new RestException(503, 'Error when retrieve Agenda Event list : '.$this->db->lasterror());
201 }
202
203 //if $pagination_data is true the response will contain element data with all values and element pagination with pagination data(total,page,limit)
204 if ($pagination_data) {
205 $totalsResult = $this->db->query($sqlTotals);
206 $total = $this->db->fetch_object($totalsResult)->total;
207
208 $tmp = $obj_ret;
209 $obj_ret = [];
210
211 $obj_ret['data'] = $tmp;
212 $obj_ret['pagination'] = [
213 'total' => (int) $total,
214 'page' => $page, //count starts from 0
215 'page_count' => (int) ceil((int) $total / $limit),
216 'limit' => $limit
217 ];
218 }
219
220 return $obj_ret;
221 }
222
235 public function post($request_data = null)
236 {
237 if (!DolibarrApiAccess::$user->hasRight('agenda', 'myactions', 'create')) {
238 throw new RestException(403, "Insufficient rights to create your Agenda Event");
239 }
240 if (!DolibarrApiAccess::$user->hasRight('agenda', 'allactions', 'create') && DolibarrApiAccess::$user->id != $request_data['userownerid']) {
241 throw new RestException(403, "Insufficient rights to create an Agenda Event for owner id ".$request_data['userownerid'].' Your id is '.DolibarrApiAccess::$user->id);
242 }
243
244 // Check mandatory fields
245 $result = $this->_validate($request_data);
246
247 foreach ($request_data as $field => $value) {
248 if ($field === 'caller') {
249 // Add a mention of caller so on trigger called after action, we can filter to avoid a loop if we try to sync back again with the caller
250 $this->actioncomm->context['caller'] = sanitizeVal($request_data['caller'], 'aZ09');
251 continue;
252 }
253
254 $this->actioncomm->$field = $this->_checkValForAPI($field, $value, $this->actioncomm);
255 }
256 /*if (isset($request_data["lines"])) {
257 $lines = array();
258 foreach ($request_data["lines"] as $line) {
259 array_push($lines, (object) $line);
260 }
261 $this->expensereport->lines = $lines;
262 }*/
263
264 if ($this->actioncomm->create(DolibarrApiAccess::$user) < 0) {
265 throw new RestException(500, "Error creating event", array_merge(array($this->actioncomm->error), $this->actioncomm->errors));
266 }
267
268 return $this->actioncomm->id;
269 }
270
271
285 public function put($id, $request_data = null)
286 {
287 if (!DolibarrApiAccess::$user->hasRight('agenda', 'myactions', 'create')) {
288 throw new RestException(403, "Insufficient rights to create your Agenda Event");
289 }
290 if (!DolibarrApiAccess::$user->hasRight('agenda', 'allactions', 'create') && DolibarrApiAccess::$user->id != $request_data['userownerid']) {
291 throw new RestException(403, "Insufficient rights to create an Agenda Event for owner id ".$request_data['userownerid'].' Your id is '.DolibarrApiAccess::$user->id);
292 }
293
294 $result = $this->actioncomm->fetch($id);
295 if ($result) {
296 $this->actioncomm->fetch_optionals();
297 $this->actioncomm->fetch_userassigned();
298 $this->actioncomm->oldcopy = clone $this->actioncomm; // @phan-suppress-current-line PhanTypeMismatchProperty
299 }
300 if (!$result) {
301 throw new RestException(404, 'actioncomm not found');
302 }
303
304 if (!DolibarrApi::_checkAccessToResource('actioncomm', $this->actioncomm->id, 'actioncomm', '', 'fk_soc', 'id')) {
305 throw new RestException(403, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
306 }
307 foreach ($request_data as $field => $value) {
308 if ($field == 'id') {
309 continue;
310 }
311 if ($field === 'caller') {
312 // Add a mention of caller so on trigger called after action, we can filter to avoid a loop if we try to sync back again with the caller
313 $this->actioncomm->context['caller'] = sanitizeVal($request_data['caller'], 'aZ09');
314 continue;
315 }
316
317 if ($field == 'array_options' && is_array($value)) {
318 foreach ($value as $index => $val) {
319 $this->actioncomm->array_options[$index] = $this->_checkValForAPI($field, $val, $this->actioncomm);
320 }
321 continue;
322 }
323 $this->actioncomm->$field = $this->_checkValForAPI($field, $value, $this->actioncomm);
324 }
325
326 if ($this->actioncomm->update(DolibarrApiAccess::$user, 1) > 0) {
327 return $this->get($id);
328 }
329
330 return false;
331 }
332
346 public function delete($id)
347 {
348 if (!DolibarrApiAccess::$user->hasRight('agenda', 'myactions', 'delete')) {
349 throw new RestException(403, "Insufficient rights to delete your Agenda Event");
350 }
351
352 $result = $this->actioncomm->fetch($id);
353 if ($result) {
354 $this->actioncomm->fetch_optionals();
355 $this->actioncomm->fetch_userassigned();
356 $this->actioncomm->oldcopy = clone $this->actioncomm; // @phan-suppress-current-line PhanTypeMismatchProperty
357 }
358
359 if (!DolibarrApiAccess::$user->hasRight('agenda', 'allactions', 'delete') && DolibarrApiAccess::$user->id != $this->actioncomm->userownerid) {
360 throw new RestException(403, "Insufficient rights to delete an Agenda Event of owner id ".$this->actioncomm->userownerid.' Your id is '.DolibarrApiAccess::$user->id);
361 }
362
363 if (!$result) {
364 throw new RestException(404, 'Agenda Event not found');
365 }
366
367 if (!DolibarrApi::_checkAccessToResource('actioncomm', $this->actioncomm->id, 'actioncomm', '', 'fk_soc', 'id')) {
368 throw new RestException(403, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
369 }
370
371 if (!$this->actioncomm->delete(DolibarrApiAccess::$user)) {
372 throw new RestException(500, 'Error when delete Agenda Event : '.$this->actioncomm->error);
373 }
374
375 return array(
376 'success' => array(
377 'code' => 200,
378 'message' => 'Agenda Event deleted'
379 )
380 );
381 }
382
390 private function _validate($data)
391 {
392 if ($data === null) {
393 $data = array();
394 }
395 $event = array();
396 foreach (AgendaEvents::$FIELDS as $field) {
397 if (!isset($data[$field])) {
398 throw new RestException(400, "$field field missing");
399 }
400 $event[$field] = $data[$field];
401 }
402 return $event;
403 }
404
405 // phpcs:disable PEAR.NamingConventions.ValidFunctionName.PublicUnderscore
415 protected function _cleanObjectDatas($object)
416 {
417 // phpcs:enable
418 $object = parent::_cleanObjectDatas($object);
419
420 unset($object->note); // already in note_private or note_public
421 unset($object->usermod);
422 unset($object->libelle);
423 unset($object->context);
424 unset($object->canvas);
425 unset($object->contact);
426 unset($object->contact_id);
427 unset($object->thirdparty);
428 unset($object->user);
429 unset($object->origin);
430 unset($object->origin_id);
431 unset($object->ref_ext);
432 unset($object->statut);
433 unset($object->state_code);
434 unset($object->state_id);
435 unset($object->state);
436 unset($object->region);
437 unset($object->region_code);
438 unset($object->country);
439 unset($object->country_id);
440 unset($object->country_code);
441 unset($object->barcode_type);
442 unset($object->barcode_type_code);
443 unset($object->barcode_type_label);
444 unset($object->barcode_type_coder);
445 unset($object->mode_reglement_id);
446 unset($object->cond_reglement_id);
447 unset($object->cond_reglement);
448 unset($object->fk_delivery_address);
449 unset($object->shipping_method_id);
450 unset($object->fk_account);
451 unset($object->total_ht);
452 unset($object->total_tva);
453 unset($object->total_localtax1);
454 unset($object->total_localtax2);
455 unset($object->total_ttc);
456 unset($object->fk_incoterms);
457 unset($object->label_incoterms);
458 unset($object->location_incoterms);
459 unset($object->name);
460 unset($object->lastname);
461 unset($object->firstname);
462 unset($object->civility_id);
463 unset($object->contact);
464 unset($object->societe);
465 unset($object->demand_reason_id);
466 unset($object->transport_mode_id);
467 unset($object->region_id);
468 unset($object->actions);
469 unset($object->lines);
470
471 return $object;
472 }
473}
$id
$id
Support class for third parties, contacts, members, users or resources.
Definition account.php:47
$object
if(! $sortfield) if(! $sortorder) $object
Definition account.php:100
ActionComm
Class to manage agenda events (actions)
Definition actioncomm.class.php:42
AgendaEvents\_cleanObjectDatas
_cleanObjectDatas($object)
Clean sensible object datas @phpstan-template T.
Definition api_agendaevents.class.php:415
AgendaEvents\_validate
_validate($data)
Validate fields before create or update object.
Definition api_agendaevents.class.php:390
AgendaEvents\__construct
__construct()
Constructor.
Definition api_agendaevents.class.php:54
AgendaEvents\put
put($id, $request_data=null)
Update an agenda event.
Definition api_agendaevents.class.php:285
AgendaEvents\index
index($sortfield="t.id", $sortorder='ASC', $limit=100, $page=0, $user_ids='', $sqlfilters='', $properties='', $pagination_data=false)
List agenda events.
Definition api_agendaevents.class.php:123
AgendaEvents\post
post($request_data=null)
Create an agenda event.
Definition api_agendaevents.class.php:235
DolibarrApi
Class for API REST v1.
Definition api.class.php:33
DolibarrApi\_filterObjectProperties
_filterObjectProperties($object, $properties)
Filter properties that will be returned on object.
Definition api.class.php:162
DolibarrApi\_checkAccessToResource
static _checkAccessToResource($resource, $resource_id=0, $dbtablename='', $feature2='', $dbt_keyfield='fk_soc', $dbt_select='rowid')
Check access by user to a given resource.
Definition api.class.php:399
DolibarrApi\_checkValForAPI
_checkValForAPI($field, $value, $object)
Check and convert a string depending on its type/name.
Definition api.class.php:98
forgeSQLFromUniversalSearchCriteria
forgeSQLFromUniversalSearchCriteria($filter, &$errorstr='', $noand=0, $nopar=0, $noerror=0)
forgeSQLFromUniversalSearchCriteria
Definition functions.lib.php:15728
sanitizeVal
sanitizeVal($out='', $check='alphanohtml', $filter=null, $options=null)
Return a sanitized or empty value after checking value against a rule.
Definition functions.lib.php:1364
isModEnabled
isModEnabled($module)
Is Dolibarr module enabled.
Definition functions.lib.php:440
Generated on Mon Jun 22 2026 20:45:23 for dolibarr by Doxygen 1.11.0