19use Luracast\Restler\RestException;
21require_once DOL_DOCUMENT_ROOT.
'/commande/class/commande.class.php';
34 public static $FIELDS = array(
51 $this->commande =
new Commande($this->db);
65 public function get($id, $contact_list = 1)
67 return $this->
_fetch($id,
'',
'', $contact_list);
83 public function getByRef($ref, $contact_list = 1)
85 return $this->
_fetch(
'', $ref,
'', $contact_list);
103 return $this->
_fetch(
'',
'', $ref_ext, $contact_list);
119 private function _fetch($id, $ref =
'', $ref_ext =
'', $contact_list = 1)
121 if (!DolibarrApiAccess::$user->hasRight(
'commande',
'lire')) {
122 throw new RestException(403);
125 $result = $this->commande->fetch($id, $ref, $ref_ext);
127 throw new RestException(404,
'Order not found');
131 throw new RestException(403,
'Access not allowed for login '.DolibarrApiAccess::$user->login);
135 $tmparray = $this->commande->liste_contact(-1,
'external', $contact_list);
136 if (is_array($tmparray)) {
137 $this->commande->contacts_ids = $tmparray;
139 $this->commande->fetchObjectLinked();
142 require_once DOL_DOCUMENT_ROOT.
'/core/lib/payments.lib.php';
143 $this->commande->online_payment_url = getOnlinePaymentUrl(0,
'order', $this->commande->ref);
167 public function index($sortfield =
"t.rowid", $sortorder =
'ASC', $limit = 100, $page = 0, $thirdparty_ids =
'', $sqlfilters =
'', $sqlfilterlines =
'', $properties =
'', $pagination_data =
false)
169 if (!DolibarrApiAccess::$user->hasRight(
'commande',
'lire')) {
170 throw new RestException(403);
176 $socids = DolibarrApiAccess::$user->socid ? DolibarrApiAccess::$user->socid : $thirdparty_ids;
180 if (!DolibarrApiAccess::$user->hasRight(
'societe',
'client',
'voir') && !$socids) {
181 $search_sale = DolibarrApiAccess::$user->id;
184 $sql =
"SELECT t.rowid";
185 $sql .=
" FROM ".MAIN_DB_PREFIX.
"commande AS t";
186 $sql .=
" LEFT JOIN ".MAIN_DB_PREFIX.
"commande_extrafields AS ef ON (ef.fk_object = t.rowid)";
187 $sql .=
' WHERE t.entity IN ('.getEntity(
'commande').
')';
189 $sql .=
" AND t.fk_soc IN (".$this->db->sanitize($socids).
")";
192 if ($search_sale && $search_sale !=
'-1') {
193 if ($search_sale == -2) {
194 $sql .=
" AND NOT EXISTS (SELECT sc.fk_soc FROM ".MAIN_DB_PREFIX.
"societe_commerciaux as sc WHERE sc.fk_soc = t.fk_soc)";
195 } elseif ($search_sale > 0) {
196 $sql .=
" AND EXISTS (SELECT sc.fk_soc FROM ".MAIN_DB_PREFIX.
"societe_commerciaux as sc WHERE sc.fk_soc = t.fk_soc AND sc.fk_user = ".((int) $search_sale).
")";
204 throw new RestException(400,
'Error when validating parameter sqlfilters -> '.$errormessage);
208 if ($sqlfilterlines) {
210 $sql .=
" AND EXISTS (SELECT tl.rowid FROM ".MAIN_DB_PREFIX.
"commandedet AS tl WHERE tl.fk_commande = t.rowid";
214 throw new RestException(400,
'Error when validating parameter sqlfilterlines -> '.$errormessage);
219 $sqlTotals = str_replace(
'SELECT t.rowid',
'SELECT count(t.rowid) as total', $sql);
221 $sql .= $this->db->order($sortfield, $sortorder);
226 $offset = $limit * $page;
228 $sql .= $this->db->plimit($limit + 1, $offset);
232 $result = $this->db->query($sql);
235 $num = $this->db->num_rows($result);
236 $min = min($num, ($limit <= 0 ? $num : $limit));
239 $obj = $this->db->fetch_object($result);
240 $commande_static =
new Commande($this->db);
241 if ($commande_static->fetch($obj->rowid)) {
243 $tmparray = $commande_static->liste_contact(-1,
'external', 1);
244 if (is_array($tmparray)) {
245 $commande_static->contacts_ids = $tmparray;
248 require_once DOL_DOCUMENT_ROOT.
'/core/lib/payments.lib.php';
249 $commande_static->online_payment_url = getOnlinePaymentUrl(0,
'order', $commande_static->ref);
256 throw new RestException(503,
'Error when retrieve commande list : '.$this->db->lasterror());
260 if ($pagination_data) {
261 $totalsResult = $this->db->query($sqlTotals);
262 $total = $this->db->fetch_object($totalsResult)->total;
267 $obj_ret[
'data'] = $tmp;
268 $obj_ret[
'pagination'] = [
269 'total' => (int) $total,
271 'page_count' => ceil((
int) $total / $limit),
287 public function post($request_data =
null)
289 if (!DolibarrApiAccess::$user->hasRight(
'commande',
'creer')) {
290 throw new RestException(403,
"Insuffisant rights");
293 $result = $this->
_validate($request_data);
295 foreach ($request_data as $field => $value) {
296 if ($field ===
'caller') {
298 $this->commande->context[
'caller'] =
sanitizeVal($request_data[
'caller'],
'aZ09');
302 $this->commande->$field = $this->
_checkValForAPI($field, $value, $this->commande);
312 if ($this->commande->create(DolibarrApiAccess::$user) < 0) {
313 throw new RestException(500,
"Error creating order", array_merge(array($this->commande->error), $this->commande->errors));
316 return ((
int) $this->commande->id);
330 if (!DolibarrApiAccess::$user->hasRight(
'commande',
'lire')) {
331 throw new RestException(403);
334 $result = $this->commande->fetch($id);
336 throw new RestException(404,
'Order not found');
340 throw new RestException(403,
'Access not allowed for login '.DolibarrApiAccess::$user->login);
342 $this->commande->getLinesArray();
344 foreach ($this->commande->lines as $line) {
360 public function postLine($id, $request_data =
null)
362 if (!DolibarrApiAccess::$user->hasRight(
'commande',
'creer')) {
363 throw new RestException(403);
366 $result = $this->commande->fetch($id);
368 throw new RestException(404,
'Order not found');
372 throw new RestException(403,
'Access not allowed for login '.DolibarrApiAccess::$user->login);
375 $request_data = (object) $request_data;
377 $request_data->desc =
sanitizeVal($request_data->desc,
'restricthtml');
378 $request_data->label =
sanitizeVal($request_data->label);
380 $updateRes = $this->commande->addline(
382 $request_data->subprice,
384 $request_data->tva_tx,
385 $request_data->localtax1_tx,
386 $request_data->localtax2_tx,
387 $request_data->fk_product,
388 $request_data->remise_percent,
389 $request_data->info_bits,
390 $request_data->fk_remise_except,
391 $request_data->price_base_type ? $request_data->price_base_type :
'HT',
392 $request_data->subprice,
393 $request_data->date_start,
394 $request_data->date_end,
395 $request_data->product_type,
397 $request_data->special_code,
398 $request_data->fk_parent_line,
399 $request_data->fk_fournprice,
400 $request_data->pa_ht,
401 $request_data->label,
402 $request_data->array_options,
403 $request_data->fk_unit,
404 $request_data->origin,
405 $request_data->origin_id,
406 $request_data->multicurrency_subprice,
407 $request_data->ref_ext
410 if ($updateRes > 0) {
413 throw new RestException(400, $this->commande->error);
427 public function putLine($id, $lineid, $request_data =
null)
429 if (!DolibarrApiAccess::$user->hasRight(
'commande',
'creer')) {
430 throw new RestException(403);
433 $result = $this->commande->fetch($id);
435 throw new RestException(404,
'Order not found');
439 throw new RestException(403,
'Access not allowed for login '.DolibarrApiAccess::$user->login);
442 $request_data = (object) $request_data;
444 $request_data->desc =
sanitizeVal($request_data->desc,
'restricthtml');
445 $request_data->label =
sanitizeVal($request_data->label);
447 $updateRes = $this->commande->updateline(
450 $request_data->subprice,
452 $request_data->remise_percent,
453 $request_data->tva_tx,
454 $request_data->localtax1_tx,
455 $request_data->localtax2_tx,
456 $request_data->price_base_type ? $request_data->price_base_type :
'HT',
457 $request_data->info_bits,
458 $request_data->date_start,
459 $request_data->date_end,
460 $request_data->product_type,
461 $request_data->fk_parent_line,
463 $request_data->fk_fournprice,
464 $request_data->pa_ht,
465 $request_data->label,
466 $request_data->special_code,
467 $request_data->array_options,
468 $request_data->fk_unit,
469 $request_data->multicurrency_subprice,
471 $request_data->ref_ext,
475 if ($updateRes > 0) {
476 $result = $this->
get($id);
477 unset($result->line);
497 if (!DolibarrApiAccess::$user->hasRight(
'commande',
'creer')) {
498 throw new RestException(403);
501 $result = $this->commande->fetch($id);
503 throw new RestException(404,
'Order not found');
507 throw new RestException(403,
'Access not allowed for login '.DolibarrApiAccess::$user->login);
510 $updateRes = $this->commande->deleteLine(DolibarrApiAccess::$user, $lineid, $id);
511 if ($updateRes > 0) {
512 return $this->
get($id);
514 throw new RestException(405, $this->commande->error);
533 if (!DolibarrApiAccess::$user->hasRight(
'commande',
'lire')) {
534 throw new RestException(403);
537 $result = $this->commande->fetch($id);
539 throw new RestException(404,
'Order not found');
543 throw new RestException(403,
'Access not allowed for login '.DolibarrApiAccess::$user->login);
546 $contacts = $this->commande->liste_contact(-1,
'external', 0, $type);
566 if (!DolibarrApiAccess::$user->hasRight(
'commande',
'creer')) {
567 throw new RestException(403);
570 $result = $this->commande->fetch($id);
572 throw new RestException(404,
'Order not found');
576 throw new RestException(403,
'Access not allowed for login '.DolibarrApiAccess::$user->login);
579 $result = $this->commande->add_contact($contactid, $type,
'external');
582 throw new RestException(500,
'Error when added the contact');
586 throw new RestException(304,
'contact already added');
592 'message' =>
'Contact linked to the order'
614 if (!DolibarrApiAccess::$user->hasRight(
'commande',
'creer')) {
615 throw new RestException(403);
618 $result = $this->commande->fetch($id);
620 throw new RestException(404,
'Order not found');
624 throw new RestException(403,
'Access not allowed for login '.DolibarrApiAccess::$user->login);
627 $contacts = $this->commande->liste_contact();
629 foreach ($contacts as $contact) {
630 if ($contact[
'id'] == $contactid && $contact[
'code'] == $type) {
631 $result = $this->commande->delete_contact($contact[
'rowid']);
634 throw new RestException(500,
'Error when deleted the contact');
642 'message' =>
'Contact unlinked from order'
654 public function put($id, $request_data =
null)
656 if (!DolibarrApiAccess::$user->hasRight(
'commande',
'creer')) {
657 throw new RestException(403);
660 $result = $this->commande->fetch($id);
662 throw new RestException(404,
'Order not found');
666 throw new RestException(403,
'Access not allowed for login '.DolibarrApiAccess::$user->login);
668 foreach ($request_data as $field => $value) {
669 if ($field ==
'id') {
672 if ($field ===
'caller') {
674 $this->commande->context[
'caller'] =
sanitizeVal($request_data[
'caller'],
'aZ09');
677 if ($field ==
'array_options' && is_array($value)) {
678 foreach ($value as $index => $val) {
679 $this->commande->array_options[$index] = $this->
_checkValForAPI($field, $val, $this->commande);
684 $this->commande->$field = $this->
_checkValForAPI($field, $value, $this->commande);
688 if (!empty($this->commande->availability_id)) {
689 if ($this->commande->availability($this->commande->availability_id) < 0) {
690 throw new RestException(400,
'Error while updating availability');
694 if ($this->commande->update(DolibarrApiAccess::$user) > 0) {
695 return $this->
get($id);
697 throw new RestException(500, $this->commande->error);
707 public function delete($id)
709 if (!DolibarrApiAccess::$user->hasRight(
'commande',
'supprimer')) {
710 throw new RestException(403);
712 $result = $this->commande->fetch($id);
714 throw new RestException(404,
'Order not found');
718 throw new RestException(403,
'Access not allowed for login '.DolibarrApiAccess::$user->login);
721 if (!$this->commande->delete(DolibarrApiAccess::$user)) {
722 throw new RestException(500,
'Error when deleting order : '.$this->commande->error);
728 'message' =>
'Order deleted'
755 public function validate($id, $idwarehouse = 0, $notrigger = 0)
757 if (!DolibarrApiAccess::$user->hasRight(
'commande',
'creer')) {
758 throw new RestException(403);
760 $result = $this->commande->fetch($id);
762 throw new RestException(404,
'Order not found');
765 $result = $this->commande->fetch_thirdparty();
768 throw new RestException(403,
'Access not allowed for login '.DolibarrApiAccess::$user->login);
771 $result = $this->commande->valid(DolibarrApiAccess::$user, $idwarehouse, $notrigger);
773 throw new RestException(304,
'Error nothing done. May be object is already validated');
776 throw new RestException(500,
'Error when validating Order: '.$this->commande->error);
778 $result = $this->commande->fetch($id);
780 $this->commande->fetchObjectLinked();
783 require_once DOL_DOCUMENT_ROOT.
'/core/lib/payments.lib.php';
784 $this->commande->online_payment_url = getOnlinePaymentUrl(0,
'order', $this->commande->ref);
808 if (!DolibarrApiAccess::$user->hasRight(
'commande',
'creer')) {
809 throw new RestException(403);
812 throw new RestException(400,
'Order ID is mandatory');
814 $result = $this->commande->fetch($id);
816 throw new RestException(404,
'Order not found');
819 $result = $this->commande->set_reopen(DolibarrApiAccess::$user);
821 throw new RestException(405, $this->commande->error);
822 } elseif ($result == 0) {
823 throw new RestException(304);
844 if (!DolibarrApiAccess::$user->hasRight(
'commande',
'creer')) {
845 throw new RestException(403);
848 throw new RestException(400,
'Order ID is mandatory');
850 $result = $this->commande->fetch($id);
852 throw new RestException(404,
'Order not found');
855 $result = $this->commande->classifyBilled(DolibarrApiAccess::$user);
857 throw new RestException(400, $this->commande->error);
860 $result = $this->commande->fetch($id);
862 throw new RestException(404,
'Order not found');
866 throw new RestException(403,
'Access not allowed for login '.DolibarrApiAccess::$user->login);
869 $this->commande->fetchObjectLinked();
883 public function close($id, $notrigger = 0)
885 if (!DolibarrApiAccess::$user->hasRight(
'commande',
'creer')) {
886 throw new RestException(403);
888 $result = $this->commande->fetch($id);
890 throw new RestException(404,
'Order not found');
894 throw new RestException(403,
'Access not allowed for login '.DolibarrApiAccess::$user->login);
897 $result = $this->commande->cloture(DolibarrApiAccess::$user, $notrigger);
899 throw new RestException(304,
'Error nothing done. May be object is already closed');
902 throw new RestException(500,
'Error when closing Order: '.$this->commande->error);
905 $result = $this->commande->fetch($id);
907 throw new RestException(404,
'Order not found');
911 throw new RestException(403,
'Access not allowed for login '.DolibarrApiAccess::$user->login);
914 $this->commande->fetchObjectLinked();
930 if (!DolibarrApiAccess::$user->hasRight(
'commande',
'creer')) {
931 throw new RestException(403);
933 $result = $this->commande->fetch($id);
935 throw new RestException(404,
'Order not found');
939 throw new RestException(403,
'Access not allowed for login '.DolibarrApiAccess::$user->login);
942 $result = $this->commande->setDraft(DolibarrApiAccess::$user, $idwarehouse);
944 throw new RestException(304,
'Nothing done. May be object is already closed');
947 throw new RestException(500,
'Error when closing Order: '.$this->commande->error);
950 $result = $this->commande->fetch($id);
952 throw new RestException(404,
'Order not found');
956 throw new RestException(403,
'Access not allowed for login '.DolibarrApiAccess::$user->login);
959 $this->commande->fetchObjectLinked();
980 require_once DOL_DOCUMENT_ROOT.
'/comm/propal/class/propal.class.php';
982 if (!DolibarrApiAccess::$user->hasRight(
'propal',
'lire')) {
983 throw new RestException(403);
985 if (!DolibarrApiAccess::$user->hasRight(
'commande',
'creer')) {
986 throw new RestException(403);
988 if (empty($proposalid)) {
989 throw new RestException(400,
'Proposal ID is mandatory');
992 $propal =
new Propal($this->db);
993 $result = $propal->fetch($proposalid);
995 throw new RestException(404,
'Proposal not found');
998 $result = $this->commande->createFromProposal($propal, DolibarrApiAccess::$user);
1000 throw new RestException(405, $this->commande->error);
1002 $this->commande->fetchObjectLinked();
1022 require_once DOL_DOCUMENT_ROOT.
'/expedition/class/expedition.class.php';
1023 if (!DolibarrApiAccess::$user->hasRight(
'expedition',
'lire')) {
1024 throw new RestException(403);
1027 $sql =
"SELECT e.rowid";
1028 $sql .=
" FROM ".MAIN_DB_PREFIX.
"expedition as e";
1029 $sql .=
" JOIN ".MAIN_DB_PREFIX.
"expeditiondet as edet";
1030 $sql .=
" ON e.rowid = edet.fk_expedition";
1031 $sql .=
" JOIN ".MAIN_DB_PREFIX.
"commandedet as cdet";
1032 $sql .=
" ON edet.fk_elementdet = cdet.rowid";
1033 $sql .=
" JOIN ".MAIN_DB_PREFIX.
"commande as c";
1034 $sql .=
" ON cdet.fk_commande = c.rowid";
1035 $sql .=
" WHERE c.rowid = ".((int) $id);
1036 $sql .=
" GROUP BY e.rowid";
1037 $sql .= $this->db->order(
"e.rowid",
"ASC");
1040 $result = $this->db->query($sql);
1043 $num = $this->db->num_rows($result);
1045 throw new RestException(404,
'Shipments not found ');
1049 $obj = $this->db->fetch_object($result);
1050 $shipment_static =
new Expedition($this->db);
1051 if ($shipment_static->fetch($obj->rowid)) {
1057 throw new RestException(500,
'Error when retrieve shipment list : '.$this->db->lasterror());
1078 require_once DOL_DOCUMENT_ROOT.
'/expedition/class/expedition.class.php';
1079 if (!DolibarrApiAccess::$user->hasRight(
'expedition',
'creer')) {
1080 throw new RestException(403);
1082 if ($warehouse_id <= 0) {
1083 throw new RestException(404,
'Warehouse not found');
1085 $result = $this->commande->fetch($id);
1087 throw new RestException(404,
'Order not found');
1090 $shipment->socid = $this->commande->socid;
1091 $shipment->origin_id = $this->commande->id;
1092 $result = $shipment->create(DolibarrApiAccess::$user);
1094 throw new RestException(500,
'Error on creating expedition :'.$this->db->lasterror());
1096 foreach ($this->commande->lines as $line) {
1097 $result = $shipment->create_line($warehouse_id, $line->id, $line->qty);
1099 throw new RestException(500,
'Error on creating expedition lines:'.$this->db->lasterror());
1102 return $shipment->id;
1120 unset(
$object->barcode_type_code);
1121 unset(
$object->barcode_type_label);
1122 unset(
$object->barcode_type_coder);
1136 $commande = array();
1137 foreach (Orders::$FIELDS as $field) {
1138 if (!isset($data[$field])) {
1139 throw new RestException(400, $field.
" field missing");
1141 $commande[$field] = $data[$field];
if( $user->socid > 0) if(! $user->hasRight('accounting', 'chartofaccount')) $object
Class to manage customers orders.
_filterObjectProperties($object, $properties)
Filter properties that will be returned on object.
static _checkAccessToResource($resource, $resource_id=0, $dbtablename='', $feature2='', $dbt_keyfield='fk_soc', $dbt_select='rowid')
Check access by user to a given resource.
_checkValForAPI($field, $value, $object)
Check and convert a string depending on its type/name.
Class to manage shipments.
deleteContact($id, $contactid, $type)
Unlink a contact type of given order.
__construct()
Constructor.
_validate($data)
Validate fields before create or update object.
deleteLine($id, $lineid)
Delete a line of a given order.
getByRef($ref, $contact_list=1)
Get properties of an order object by ref.
close($id, $notrigger=0)
Close an order (Classify it as "Delivered")
getByRefExt($ref_ext, $contact_list=1)
Get properties of an order object by ref_ext.
_cleanObjectDatas($object)
Clean sensible object datas.
put($id, $request_data=null)
Update order general fields (won't touch lines of order)
getLines($id)
Get lines of an order.
postContact($id, $contactid, $type)
Add a contact type of given order.
reopen($id)
Tag the order as validated (opened)
setinvoiced($id)
Classify the order as invoiced.
index($sortfield="t.rowid", $sortorder='ASC', $limit=100, $page=0, $thirdparty_ids='', $sqlfilters='', $sqlfilterlines='', $properties='', $pagination_data=false)
List orders.
getContacts($id, $type='')
Get contacts of given order.
postLine($id, $request_data=null)
Add a line to given order.
post($request_data=null)
Create a sale order.
validate($id, $idwarehouse=0, $notrigger=0)
Validate an order.
createOrderFromProposal($proposalid)
Create an order using an existing proposal.
putLine($id, $lineid, $request_data=null)
Update a line to given order.
getOrderShipments($id)
Get the shipments of an order.
settodraft($id, $idwarehouse=-1)
Set an order to draft.
createOrderShipment($id, $warehouse_id)
Create the shipment of an order.
_fetch($id, $ref='', $ref_ext='', $contact_list=1)
Get properties of an order object.
Class to manage proposals.
forgeSQLFromUniversalSearchCriteria($filter, &$errorstr='', $noand=0, $nopar=0, $noerror=0)
forgeSQLFromUniversalSearchCriteria
sanitizeVal($out='', $check='alphanohtml', $filter=null, $options=null)
Return a sanitized or empty value after checking value against a rule.
dol_syslog($message, $level=LOG_INFO, $ident=0, $suffixinfilename='', $restricttologhandler='', $logcontext=null)
Write log message into outputs.