dolibarr  20.0.0-alpha
api_interventions.class.php
Go to the documentation of this file.
1 <?php
2 /* Copyright (C) 2015 Jean-François Ferry <jfefe@aternatik.fr>
3  * Copyright (C) 2016 Laurent Destailleur <eldy@users.sourceforge.net>
4  *
5  * This program is free software; you can redistribute it and/or modify
6  * it under the terms of the GNU General Public License as published by
7  * the Free Software Foundation; either version 3 of the License, or
8  * (at your option) any later version.
9  *
10  * This program is distributed in the hope that it will be useful,
11  * but WITHOUT ANY WARRANTY; without even the implied warranty of
12  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
13  * GNU General Public License for more details.
14  *
15  * You should have received a copy of the GNU General Public License
16  * along with this program. If not, see <https://www.gnu.org/licenses/>.
17  */
18 
24 use Luracast\Restler\RestException;
25 
26 require_once DOL_DOCUMENT_ROOT.'/fichinter/class/fichinter.class.php';
27 
28 
36 {
40  public static $FIELDS = array(
41  'socid',
42  'fk_project',
43  'description',
44  );
45 
49  public static $FIELDSLINE = array(
50  'description',
51  'date',
52  'duree',
53  );
54 
58  public $fichinter;
59 
63  public function __construct()
64  {
65  global $db, $conf;
66  $this->db = $db;
67  $this->fichinter = new Fichinter($this->db);
68  }
69 
79  public function get($id)
80  {
81  if (!DolibarrApiAccess::$user->hasRight('ficheinter', 'lire')) {
82  throw new RestException(403);
83  }
84 
85  $result = $this->fichinter->fetch($id);
86  if (!$result) {
87  throw new RestException(404, 'Intervention not found');
88  }
89 
90  if (!DolibarrApi::_checkAccessToResource('fichinter', $this->fichinter->id)) {
91  throw new RestException(403, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
92  }
93 
94  $this->fichinter->fetchObjectLinked();
95  return $this->_cleanObjectDatas($this->fichinter);
96  }
97 
113  public function index($sortfield = "t.rowid", $sortorder = 'ASC', $limit = 100, $page = 0, $thirdparty_ids = '', $sqlfilters = '', $properties = '')
114  {
115  if (!DolibarrApiAccess::$user->hasRight('ficheinter', 'lire')) {
116  throw new RestException(403);
117  }
118 
119  $obj_ret = array();
120 
121  // case of external user, $thirdparty_ids param is ignored and replaced by user's socid
122  $socids = DolibarrApiAccess::$user->socid ? DolibarrApiAccess::$user->socid : $thirdparty_ids;
123 
124  // If the internal user must only see his customers, force searching by him
125  $search_sale = 0;
126  if (!DolibarrApiAccess::$user->hasRight('societe', 'client', 'voir') && !$socids) {
127  $search_sale = DolibarrApiAccess::$user->id;
128  }
129 
130  $sql = "SELECT t.rowid";
131  $sql .= " FROM ".MAIN_DB_PREFIX."fichinter AS t LEFT JOIN ".MAIN_DB_PREFIX."fichinter_extrafields AS ef ON (ef.fk_object = t.rowid)"; // Modification VMR Global Solutions to include extrafields as search parameters in the API GET call, so we will be able to filter on extrafields
132  $sql .= ' WHERE t.entity IN ('.getEntity('intervention').')';
133  if ($socids) {
134  $sql .= " AND t.fk_soc IN (".$this->db->sanitize($socids).")";
135  }
136  // Search on sale representative
137  if ($search_sale && $search_sale != '-1') {
138  if ($search_sale == -2) {
139  $sql .= " AND NOT EXISTS (SELECT sc.fk_soc FROM ".MAIN_DB_PREFIX."societe_commerciaux as sc WHERE sc.fk_soc = t.fk_soc)";
140  } elseif ($search_sale > 0) {
141  $sql .= " AND EXISTS (SELECT sc.fk_soc FROM ".MAIN_DB_PREFIX."societe_commerciaux as sc WHERE sc.fk_soc = t.fk_soc AND sc.fk_user = ".((int) $search_sale).")";
142  }
143  }
144  // Add sql filters
145  if ($sqlfilters) {
146  $errormessage = '';
147  $sql .= forgeSQLFromUniversalSearchCriteria($sqlfilters, $errormessage);
148  if ($errormessage) {
149  throw new RestException(400, 'Error when validating parameter sqlfilters -> '.$errormessage);
150  }
151  }
152 
153  $sql .= $this->db->order($sortfield, $sortorder);
154  if ($limit) {
155  if ($page < 0) {
156  $page = 0;
157  }
158  $offset = $limit * $page;
159 
160  $sql .= $this->db->plimit($limit + 1, $offset);
161  }
162 
163  dol_syslog("API Rest request");
164  $result = $this->db->query($sql);
165 
166  if ($result) {
167  $num = $this->db->num_rows($result);
168  $min = min($num, ($limit <= 0 ? $num : $limit));
169  $i = 0;
170  while ($i < $min) {
171  $obj = $this->db->fetch_object($result);
172  $fichinter_static = new Fichinter($this->db);
173  if ($fichinter_static->fetch($obj->rowid)) {
174  $obj_ret[] = $this->_filterObjectProperties($this->_cleanObjectDatas($fichinter_static), $properties);
175  }
176  $i++;
177  }
178  } else {
179  throw new RestException(503, 'Error when retrieve intervention list : '.$this->db->lasterror());
180  }
181 
182  return $obj_ret;
183  }
184 
191  public function post($request_data = null)
192  {
193  if (!DolibarrApiAccess::$user->hasRight('ficheinter', 'creer')) {
194  throw new RestException(403, "Insuffisant rights");
195  }
196  // Check mandatory fields
197  $result = $this->_validate($request_data);
198  foreach ($request_data as $field => $value) {
199  if ($field === 'caller') {
200  // Add a mention of caller so on trigger called after action, we can filter to avoid a loop if we try to sync back again with the caller
201  $this->fichinter->context['caller'] = sanitizeVal($request_data['caller'], 'aZ09');
202  continue;
203  }
204 
205  $this->fichinter->$field = $this->_checkValForAPI($field, $value, $this->fichinter);
206  }
207 
208  if ($this->fichinter->create(DolibarrApiAccess::$user) < 0) {
209  throw new RestException(500, "Error creating intervention", array_merge(array($this->fichinter->error), $this->fichinter->errors));
210  }
211 
212  return $this->fichinter->id;
213  }
214 
215 
225  /* TODO
226  public function getLines($id)
227  {
228  if(! DolibarrApiAccess::$user->hasRight('ficheinter', 'lire')) {
229  throw new RestException(403);
230  }
231 
232  $result = $this->fichinter->fetch($id);
233  if( ! $result ) {
234  throw new RestException(404, 'Intervention not found');
235  }
236 
237  if( ! DolibarrApi::_checkAccessToResource('fichinter',$this->fichinter->id)) {
238  throw new RestException(403, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
239  }
240  $this->fichinter->getLinesArray();
241  $result = array();
242  foreach ($this->fichinter->lines as $line) {
243  array_push($result,$this->_cleanObjectDatas($line));
244  }
245  return $result;
246  }
247  */
248 
259  public function postLine($id, $request_data = null)
260  {
261  if (!DolibarrApiAccess::$user->hasRight('ficheinter', 'creer')) {
262  throw new RestException(403, "Insuffisant rights");
263  }
264  // Check mandatory fields
265  $result = $this->_validateLine($request_data);
266 
267  foreach ($request_data as $field => $value) {
268  if ($field === 'caller') {
269  // Add a mention of caller so on trigger called after action, we can filter to avoid a loop if we try to sync back again with the caller
270  $this->fichinter->context['caller'] = sanitizeVal($request_data['caller'], 'aZ09');
271  continue;
272  }
273 
274  $this->fichinter->$field = $this->_checkValForAPI($field, $value, $this->fichinter);
275  }
276 
277  if (!$result) {
278  throw new RestException(404, 'Intervention not found');
279  }
280 
281  if (!DolibarrApi::_checkAccessToResource('fichinter', $this->fichinter->id)) {
282  throw new RestException(403, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
283  }
284 
285  $updateRes = $this->fichinter->addLine(
286  DolibarrApiAccess::$user,
287  $id,
288  $this->fichinter->description,
289  $this->fichinter->date,
290  $this->fichinter->duree
291  );
292 
293  if ($updateRes > 0) {
294  return $updateRes;
295  } else {
296  throw new RestException(400, $this->fichinter->error);
297  }
298  }
299 
306  public function delete($id)
307  {
308  if (!DolibarrApiAccess::$user->hasRight('ficheinter', 'supprimer')) {
309  throw new RestException(403);
310  }
311  $result = $this->fichinter->fetch($id);
312  if (!$result) {
313  throw new RestException(404, 'Intervention not found');
314  }
315 
316  if (!DolibarrApi::_checkAccessToResource('fichinter', $this->fichinter->id)) {
317  throw new RestException(403, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
318  }
319 
320  if (!$this->fichinter->delete(DolibarrApiAccess::$user)) {
321  throw new RestException(500, 'Error when delete intervention : '.$this->fichinter->error);
322  }
323 
324  return array(
325  'success' => array(
326  'code' => 200,
327  'message' => 'Intervention deleted'
328  )
329  );
330  }
331 
347  public function validate($id, $notrigger = 0)
348  {
349  if (!DolibarrApiAccess::$user->hasRight('ficheinter', 'creer')) {
350  throw new RestException(403, "Insuffisant rights");
351  }
352  $result = $this->fichinter->fetch($id);
353  if (!$result) {
354  throw new RestException(404, 'Intervention not found');
355  }
356 
357  if (!DolibarrApi::_checkAccessToResource('fichinter', $this->fichinter->id)) {
358  throw new RestException(403, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
359  }
360 
361  $result = $this->fichinter->setValid(DolibarrApiAccess::$user, $notrigger);
362  if ($result == 0) {
363  throw new RestException(304, 'Error nothing done. May be object is already validated');
364  }
365  if ($result < 0) {
366  throw new RestException(500, 'Error when validating Intervention: '.$this->fichinter->error);
367  }
368 
369  $this->fichinter->fetchObjectLinked();
370 
371  return $this->_cleanObjectDatas($this->fichinter);
372  }
373 
383  public function closeFichinter($id)
384  {
385  if (!DolibarrApiAccess::$user->hasRight('ficheinter', 'creer')) {
386  throw new RestException(403, "Insuffisant rights");
387  }
388  $result = $this->fichinter->fetch($id);
389  if (!$result) {
390  throw new RestException(404, 'Intervention not found');
391  }
392 
393  if (!DolibarrApi::_checkAccessToResource('fichinter', $this->fichinter->id)) {
394  throw new RestException(403, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
395  }
396 
397  $result = $this->fichinter->setStatut(3);
398 
399  if ($result == 0) {
400  throw new RestException(304, 'Error nothing done. May be object is already closed');
401  }
402  if ($result < 0) {
403  throw new RestException(500, 'Error when closing Intervention: '.$this->fichinter->error);
404  }
405 
406  $this->fichinter->fetchObjectLinked();
407 
408  return $this->_cleanObjectDatas($this->fichinter);
409  }
410 
419  private function _validate($data)
420  {
421  $fichinter = array();
422  foreach (Interventions::$FIELDS as $field) {
423  if (!isset($data[$field])) {
424  throw new RestException(400, "$field field missing");
425  }
426  $fichinter[$field] = $data[$field];
427  }
428  return $fichinter;
429  }
430 
431 
432  // phpcs:disable PEAR.NamingConventions.ValidFunctionName.PublicUnderscore
439  protected function _cleanObjectDatas($object)
440  {
441  // phpcs:enable
442  $object = parent::_cleanObjectDatas($object);
443 
444  unset($object->labelStatus);
445  unset($object->labelStatusShort);
446 
447  return $object;
448  }
449 
458  private function _validateLine($data)
459  {
460  $fichinter = array();
461  foreach (Interventions::$FIELDSLINE as $field) {
462  if (!isset($data[$field])) {
463  throw new RestException(400, "$field field missing");
464  }
465  $fichinter[$field] = $data[$field];
466  }
467  return $fichinter;
468  }
469 }
if($user->socid > 0) if(! $user->hasRight('accounting', 'chartofaccount')) $object
Definition: card.php:58
Class for API REST v1.
Definition: api.class.php:30
_filterObjectProperties($object, $properties)
Filter properties that will be returned on object.
Definition: api.class.php:136
static _checkAccessToResource($resource, $resource_id=0, $dbtablename='', $feature2='', $dbt_keyfield='fk_soc', $dbt_select='rowid')
Check access by user to a given resource.
Definition: api.class.php:369
_checkValForAPI($field, $value, $object)
Check and convert a string depending on its type/name.
Definition: api.class.php:82
Class to manage interventions.
index($sortfield="t.rowid", $sortorder='ASC', $limit=100, $page=0, $thirdparty_ids='', $sqlfilters='', $properties='')
List of interventions Return a list of interventions.
_cleanObjectDatas($object)
Clean sensible object datas.
validate($id, $notrigger=0)
Validate an intervention.
_validateLine($data)
Validate fields before create or update object.
post($request_data=null)
Create intervention object.
closeFichinter($id)
Close an intervention.
_validate($data)
Validate fields before create or update object.
__construct()
Constructor.
postLine($id, $request_data=null)
Get lines of an intervention.
if(isModEnabled('invoice') && $user->hasRight('facture', 'lire')) if((isModEnabled('fournisseur') &&!getDolGlobalString('MAIN_USE_NEW_SUPPLIERMOD') && $user->hasRight("fournisseur", "facture", "lire"))||(isModEnabled('supplier_invoice') && $user->hasRight("supplier_invoice", "lire"))) if(isModEnabled('don') && $user->hasRight('don', 'lire')) if(isModEnabled('tax') && $user->hasRight('tax', 'charges', 'lire')) if(isModEnabled('invoice') &&isModEnabled('order') && $user->hasRight("commande", "lire") &&!getDolGlobalString('WORKFLOW_DISABLE_CREATE_INVOICE_FROM_ORDER')) $sql
Social contributions to pay.
Definition: index.php:744
forgeSQLFromUniversalSearchCriteria($filter, &$errorstr='', $noand=0, $nopar=0, $noerror=0)
forgeSQLFromUniversalSearchCriteria
sanitizeVal($out='', $check='alphanohtml', $filter=null, $options=null)
Return a sanitized or empty value after checking value against a rule.
dol_syslog($message, $level=LOG_INFO, $ident=0, $suffixinfilename='', $restricttologhandler='', $logcontext=null)
Write log message into outputs.