21use Luracast\Restler\Restler;
22use Luracast\Restler\Defaults;
24require_once DOL_DOCUMENT_ROOT.
'/user/class/user.class.php';
48 public function __construct($db, $cachedir =
'', $refreshCache =
false)
50 global
$conf, $dolibarr_main_url_root;
52 if (empty($cachedir)) {
53 $cachedir =
$conf->api->dir_temp;
55 Defaults::$cacheDirectory = $cachedir;
59 $this->r =
new Restler($production_mode, $refreshCache);
61 $urlwithouturlroot = preg_replace(
'/'.preg_quote(DOL_URL_ROOT,
'/').
'$/i',
'', trim($dolibarr_main_url_root));
62 $urlwithroot = $urlwithouturlroot.DOL_URL_ROOT;
64 $urlwithouturlrootautodetect = preg_replace(
'/'.preg_quote(DOL_URL_ROOT,
'/').
'$/i',
'', trim(DOL_MAIN_URL_ROOT));
65 $urlwithrootautodetect = $urlwithouturlroot.DOL_URL_ROOT;
67 $this->r->setBaseUrls($urlwithouturlroot, $urlwithouturlrootautodetect);
68 $this->r->setAPIVersion(1);
85 if (!is_array($value)) {
87 if (!empty(
$object->fields) && !empty(
$object->fields[$field]) && !empty(
$object->fields[$field][
'type'])) {
88 if (strpos(
$object->fields[$field][
'type'],
'int') || strpos(
$object->fields[$field][
'type'],
'double') || in_array(
$object->fields[$field][
'type'], array(
'real',
'price',
'stock'))) {
91 if (
$object->fields[$field][
'type'] ==
'html') {
94 if (
$object->fields[$field][
'type'] ==
'select') {
98 if (
$object->fields[$field][
'type'] ==
'sellist' ||
$object->fields[$field][
'type'] ==
'checkbox') {
101 if (
$object->fields[$field][
'type'] ==
'boolean' ||
$object->fields[$field][
'type'] ==
'radio') {
104 if (
$object->fields[$field][
'type'] ==
'email') {
107 if (
$object->fields[$field][
'type'] ==
'password') {
113 if (in_array($field, array(
'note',
'note_private',
'note_public',
'desc',
'description'))) {
119 $newarrayvalue = array();
120 foreach ($value as $tmpkey => $tmpvalue) {
124 return $newarrayvalue;
140 if (empty($properties)) {
145 $arr_properties = explode(
',', $properties);
146 $magic_properties = array();
147 $real_properties = get_object_vars(
$object);
151 foreach ($arr_properties as $key) {
152 if (!array_key_exists($key, $real_properties)) {
156 $magic_properties[$key] =
$object->$key;
162 foreach (get_object_vars(
$object) as $key => $value) {
163 if (!in_array($key, $arr_properties)) {
169 foreach ($magic_properties as $key => $value) {
192 unset(
$object->isextrafieldmanaged);
193 unset(
$object->ismultientitymanaged);
194 unset(
$object->restrictiononfksoc);
197 unset(
$object->pass_indatabase);
214 unset(
$object->barcode_type_code);
215 unset(
$object->barcode_type_label);
217 unset(
$object->mode_reglement);
218 unset(
$object->cond_reglement);
227 unset(
$object->timespent_old_duration);
229 unset(
$object->timespent_duration);
230 unset(
$object->timespent_date);
231 unset(
$object->timespent_datehour);
232 unset(
$object->timespent_withhour);
233 unset(
$object->timespent_fk_user);
234 unset(
$object->timespent_note);
235 unset(
$object->fk_delivery_address);
244 unset(
$object->showphoto_on_popup);
252 unset(
$object->stats_commande);
255 unset(
$object->stats_commande_fournisseur);
256 unset(
$object->stats_reception);
257 unset(
$object->stats_mrptoconsume);
258 unset(
$object->stats_mrptoproduce);
260 unset(
$object->fieldsforcombobox);
263 unset(
$object->skip_update_total);
265 unset(
$object->next_prev_filter);
272 unset(
$object->fk_departement);
274 unset(
$object->departement_code);
276 unset(
$object->libelle_statut);
277 unset(
$object->libelle_paiement);
279 unset(
$object->labelStatusShort);
286 if (!isset(
$object->table_element) || ! in_array(
$object->table_element, array(
'expensereport_det',
'ticket'))) {
293 unset(
$object->element_for_permission);
296 unset(
$object->table_element_line);
297 unset(
$object->class_element_line);
299 unset(
$object->linked_objects);
314 $nboflines = count(
$object->lines);
315 for ($i = 0; $i < $nboflines; $i++) {
318 unset(
$object->lines[$i]->contact);
319 unset(
$object->lines[$i]->contact_id);
320 unset(
$object->lines[$i]->country);
321 unset(
$object->lines[$i]->country_id);
322 unset(
$object->lines[$i]->country_code);
323 unset(
$object->lines[$i]->mode_reglement_id);
324 unset(
$object->lines[$i]->mode_reglement_code);
325 unset(
$object->lines[$i]->mode_reglement);
326 unset(
$object->lines[$i]->cond_reglement_id);
327 unset(
$object->lines[$i]->cond_reglement_code);
328 unset(
$object->lines[$i]->cond_reglement);
329 unset(
$object->lines[$i]->fk_delivery_address);
330 unset(
$object->lines[$i]->fk_projet);
331 unset(
$object->lines[$i]->fk_project);
332 unset(
$object->lines[$i]->thirdparty);
333 unset(
$object->lines[$i]->user);
334 unset(
$object->lines[$i]->model_pdf);
335 unset(
$object->lines[$i]->note_public);
336 unset(
$object->lines[$i]->note_private);
337 unset(
$object->lines[$i]->fk_incoterms);
338 unset(
$object->lines[$i]->label_incoterms);
339 unset(
$object->lines[$i]->location_incoterms);
340 unset(
$object->lines[$i]->name);
341 unset(
$object->lines[$i]->lastname);
342 unset(
$object->lines[$i]->firstname);
343 unset(
$object->lines[$i]->civility_id);
344 unset(
$object->lines[$i]->fk_multicurrency);
345 unset(
$object->lines[$i]->multicurrency_code);
346 unset(
$object->lines[$i]->shipping_method_id);
350 if (!empty(
$object->thirdparty) && is_object(
$object->thirdparty)) {
373 protected static function _checkAccessToResource($resource, $resource_id = 0, $dbtablename =
'', $feature2 =
'', $dbt_keyfield =
'fk_soc', $dbt_select =
'rowid')
377 $featuresarray = array($resource);
378 if (preg_match(
'/&/', $resource)) {
379 $featuresarray = explode(
"&", $resource);
380 } elseif (preg_match(
'/\|/', $resource)) {
381 $featuresarray = explode(
"|", $resource);
385 if (!empty($feature2)) {
386 $feature2 = explode(
"|", $feature2);
389 return checkUserAccessToObject(DolibarrApiAccess::$user, $featuresarray, $resource_id, $dbtablename, $feature2, $dbt_keyfield, $dbt_select);
404 $firstandlastparenthesis = 0;
if( $user->socid > 0) if(! $user->hasRight('accounting', 'chartofaccount')) $object
__construct($db, $cachedir='', $refreshCache=false)
Constructor.
_filterObjectProperties($object, $properties)
Filter properties that will be returned on object.
static _checkAccessToResource($resource, $resource_id=0, $dbtablename='', $feature2='', $dbt_keyfield='fk_soc', $dbt_select='rowid')
Check access by user to a given resource.
_checkFilters($sqlfilters, &$error='')
Return if a $sqlfilters parameter is valid Function no more used.
_checkValForAPI($field, $value, $object)
Check and convert a string depending on its type/name.
_cleanObjectDatas($object)
Clean sensitive object data @phpstan-template T of Object.
static _forge_criteria_callback($matches)
Function to forge a SQL criteria from a Generic filter string.
dolCheckFilters($sqlfilters, &$error='', &$parenthesislevel=0)
Return if a $sqlfilters parameter has a valid balance of parenthesis.
dolForgeSQLCriteriaCallback($matches)
Function to forge a SQL criteria from a USF (Universal Filter Syntax) string.
getDolGlobalBool($key, $default=false)
Return a Dolibarr global constant boolean value.
sanitizeVal($out='', $check='alphanohtml', $filter=null, $options=null)
Return a sanitized or empty value after checking value against a rule.
global $conf
The following vars must be defined: $type2label $form $conf, $lang, The following vars may also be de...
checkUserAccessToObject($user, array $featuresarray, $object=0, $tableandshare='', $feature2='', $dbt_keyfield='', $dbt_select='rowid', $parenttableforentity='')
Check that access by a given user to an object is ok.