d9/d9a/api__tickets_8class_8php_source.html

<?php

/* Copyright (C) 2016   Jean-François Ferry     <hello@librethic.io>

 * Copyright (C) 2024       Frédéric France             <frederic.france@free.fr>

 * Copyright (C) 2024   MDW             <mdeweerd@users.noreply.github.com>

 *

 * This program is free software; you can redistribute it and/or modify

 * it under the terms of the GNU General Public License as published by

 * the Free Software Foundation; either version 3 of the License, or

 * (at your option) any later version.

 *

 * This program is distributed in the hope that it will be useful,

 * but WITHOUT ANY WARRANTY; without even the implied warranty of

 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the

 * GNU General Public License for more details.

 *

 * You should have received a copy of the GNU General Public License

 * along with this program. If not, see <https://www.gnu.org/licenses/>.

 */


use Luracast\Restler\RestException;


require_once DOL_DOCUMENT_ROOT.'/ticket/class/ticket.class.php';

require_once DOL_DOCUMENT_ROOT.'/core/lib/ticket.lib.php';


class Tickets extends DolibarrApi

{

  public static $FIELDS = array(

    'subject',

    'message'

  );


  public static $FIELDS_MESSAGES = array(

    'track_id',

    'message'

  );


  public $ticket;


  public function __construct()

  {

    global $db;

    $this->db = $db;

    $this->ticket = new Ticket($this->db);

  }


  public function get($id)

  {

    return $this->getCommon($id, '', '');

  }


  public function getByTrackId($track_id)

  {

    return $this->getCommon(0, $track_id, '');

  }


  public function getByRef($ref)

  {

    return $this->getCommon(0, '', $ref);

  }


  private function getCommon($id = 0, $track_id = '', $ref = '')

  {

    if (!DolibarrApiAccess::$user->hasRight('ticket', 'read')) {

      throw new RestException(403);

    }


    // Check parameters

    if (($id < 0) && !$track_id && !$ref) {

      throw new RestException(400, 'Wrong parameters');

    }

    if (empty($id) && empty($ref) && empty($track_id)) {

      $result = $this->ticket->initAsSpecimen();

    } else {

      $result = $this->ticket->fetch($id, $ref, $track_id);

    }

    if (!$result) {

      throw new RestException(404, 'Ticket not found');

    }


    // String for user assigned

    if ($this->ticket->fk_user_assign > 0) {

      $userStatic = new User($this->db);

      $userStatic->fetch($this->ticket->fk_user_assign);

      $this->ticket->fk_user_assign_string = $userStatic->firstname.' '.$userStatic->lastname;

    }


    // Messages of ticket

    $messages = array();

    $this->ticket->loadCacheMsgsTicket();

    if (is_array($this->ticket->cache_msgs_ticket) && count($this->ticket->cache_msgs_ticket) > 0) {

      $num = count($this->ticket->cache_msgs_ticket);

      $i = 0;

      while ($i < $num) {

        if ($this->ticket->cache_msgs_ticket[$i]['fk_user_author'] > 0) {

          $user_action = new User($this->db);

          $user_action->fetch($this->ticket->cache_msgs_ticket[$i]['fk_user_author']);

        }


        // Now define messages

        $messages[] = array(

        'id' => $this->ticket->cache_msgs_ticket[$i]['id'],

        'fk_user_action' => $this->ticket->cache_msgs_ticket[$i]['fk_user_author'],

        'fk_user_action_socid' =>  $user_action->socid,

        'fk_user_action_string' => dolGetFirstLastname($user_action->firstname, $user_action->lastname),

        'message' => $this->ticket->cache_msgs_ticket[$i]['message'],

        'datec' => $this->ticket->cache_msgs_ticket[$i]['datec'],

        'private' => $this->ticket->cache_msgs_ticket[$i]['private']

        );

        $i++;

      }

      $this->ticket->messages = $messages;

    }


    if (!DolibarrApi::_checkAccessToResource('ticket', $this->ticket->id)) {

      throw new RestException(403, 'Access not allowed for login '.DolibarrApiAccess::$user->login);

    }

    return $this->_cleanObjectDatas($this->ticket);

  }


  public function index($socid = 0, $sortfield = "t.rowid", $sortorder = "ASC", $limit = 100, $page = 0, $sqlfilters = '', $properties = '', $pagination_data = false)

  {

    if (!DolibarrApiAccess::$user->hasRight('ticket', 'read')) {

      throw new RestException(403);

    }


    $obj_ret = array();


    $socid = DolibarrApiAccess::$user->socid ? DolibarrApiAccess::$user->socid : $socid;


    $search_sale = null;

    // If the internal user must only see his customers, force searching by him

    $search_sale = 0;

    if (!DolibarrApiAccess::$user->hasRight('societe', 'client', 'voir') && !$socid) {

      $search_sale = DolibarrApiAccess::$user->id;

    }


    $sql = "SELECT t.rowid";

    $sql .= " FROM ".MAIN_DB_PREFIX."ticket AS t";

    $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."ticket_extrafields AS ef ON (ef.fk_object = t.rowid)"; // Modification VMR Global Solutions to include extrafields as search parameters in the API GET call, so we will be able to filter on extrafields

    $sql .= ' WHERE t.entity IN ('.getEntity('ticket', 1).')';

    if ($socid > 0) {

      $sql .= " AND t.fk_soc = ".((int) $socid);

    }

    // Search on sale representative

    if ($search_sale && $search_sale != '-1') {

      if ($search_sale == -2) {

        $sql .= " AND NOT EXISTS (SELECT sc.fk_soc FROM ".MAIN_DB_PREFIX."societe_commerciaux as sc WHERE sc.fk_soc = t.fk_soc)";

      } elseif ($search_sale > 0) {

        $sql .= " AND EXISTS (SELECT sc.fk_soc FROM ".MAIN_DB_PREFIX."societe_commerciaux as sc WHERE sc.fk_soc = t.fk_soc AND sc.fk_user = ".((int) $search_sale).")";

      }

    }

    // Add sql filters

    if ($sqlfilters) {

      $errormessage = '';

      $sql .= forgeSQLFromUniversalSearchCriteria($sqlfilters, $errormessage);

      if ($errormessage) {

        throw new RestException(400, 'Error when validating parameter sqlfilters -> '.$errormessage);

      }

    }


    //this query will return total orders with the filters given

    $sqlTotals = str_replace('SELECT t.rowid', 'SELECT count(t.rowid) as total', $sql);


    $sql .= $this->db->order($sortfield, $sortorder);


    if ($limit) {

      if ($page < 0) {

        $page = 0;

      }

      $offset = $limit * $page;


      $sql .= $this->db->plimit($limit, $offset);

    }


    $result = $this->db->query($sql);

    if ($result) {

      $num = $this->db->num_rows($result);

      $i = 0;

      while ($i < $num) {

        $obj = $this->db->fetch_object($result);

        $ticket_static = new Ticket($this->db);

        if ($ticket_static->fetch($obj->rowid)) {

          if ($ticket_static->fk_user_assign > 0) {

            $userStatic = new User($this->db);

            $userStatic->fetch($ticket_static->fk_user_assign);

            $ticket_static->fk_user_assign_string = $userStatic->firstname.' '.$userStatic->lastname;

          }

          $obj_ret[] = $this->_filterObjectProperties($this->_cleanObjectDatas($ticket_static), $properties);

        }

        $i++;

      }

    } else {

      throw new RestException(503, 'Error when retrieve ticket list');

    }


    //if $pagination_data is true the response will contain element data with all values and element pagination with pagination data(total,page,limit)

    if ($pagination_data) {

      $totalsResult = $this->db->query($sqlTotals);

      $total = $this->db->fetch_object($totalsResult)->total;


      $tmp = $obj_ret;

      $obj_ret = [];


      $obj_ret['data'] = $tmp;

      $obj_ret['pagination'] = [

        'total' => (int) $total,

        'page' => $page, //count starts from 0

        'page_count' => ceil((int) $total / $limit),

        'limit' => $limit

      ];

    }


    return $obj_ret;

  }


  public function post($request_data = null)

  {

    $ticketstatic = new Ticket($this->db);

    if (!DolibarrApiAccess::$user->hasRight('ticket', 'write')) {

      throw new RestException(403);

    }

    // Check mandatory fields

    $result = $this->_validate($request_data);


    foreach ($request_data as $field => $value) {

      if ($field === 'caller') {

        // Add a mention of caller so on trigger called after action, we can filter to avoid a loop if we try to sync back again with the caller

        $this->ticket->context['caller'] = sanitizeVal($request_data['caller'], 'aZ09');

        continue;

      }


      $this->ticket->$field = $this->_checkValForAPI($field, $value, $this->ticket);

    }

    if (empty($this->ticket->ref)) {

      $this->ticket->ref = $ticketstatic->getDefaultRef();

    }

    if (empty($this->ticket->track_id)) {

      $this->ticket->track_id = generate_random_id(16);

    }


    if ($this->ticket->create(DolibarrApiAccess::$user) < 0) {

      throw new RestException(500, "Error creating ticket", array_merge(array($this->ticket->error), $this->ticket->errors));

    }


    return $this->ticket->id;

  }


  public function postNewMessage($request_data = null)

  {

    $ticketstatic = new Ticket($this->db);

    if (!DolibarrApiAccess::$user->hasRight('ticket', 'write')) {

      throw new RestException(403);

    }

    // Check mandatory fields

    $result = $this->_validateMessage($request_data);


    foreach ($request_data as $field => $value) {

      if ($field === 'caller') {

        // Add a mention of caller so on trigger called after action, we can filter to avoid a loop if we try to sync back again with the caller

        $this->ticket->context['caller'] = sanitizeVal($request_data['caller'], 'aZ09');

        continue;

      }


      $this->ticket->$field = $this->_checkValForAPI($field, $value, $this->ticket);

    }

    $ticketMessageText = $this->ticket->message;

    $result = $this->ticket->fetch(0, '', $this->ticket->track_id);

    if (!$result) {

      throw new RestException(404, 'Ticket not found');

    }

    $this->ticket->message = $ticketMessageText;

    if (!$this->ticket->createTicketMessage(DolibarrApiAccess::$user)) {

      throw new RestException(500, 'Error when creating ticket');

    }

    return $this->ticket->id;

  }


  public function put($id, $request_data = null)

  {

    if (!DolibarrApiAccess::$user->hasRight('ticket', 'write')) {

      throw new RestException(403);

    }


    $result = $this->ticket->fetch($id);

    if (!$result) {

      throw new RestException(404, 'Ticket not found');

    }


    if (!DolibarrApi::_checkAccessToResource('ticket', $this->ticket->id)) {

      throw new RestException(403, 'Access not allowed for login '.DolibarrApiAccess::$user->login);

    }


    foreach ($request_data as $field => $value) {

      if ($field === 'caller') {

        // Add a mention of caller so on trigger called after action, we can filter to avoid a loop if we try to sync back again with the caller

        $this->ticket->context['caller'] = sanitizeVal($request_data['caller'], 'aZ09');

        continue;

      }


      $this->ticket->$field = $this->_checkValForAPI($field, $value, $this->ticket);

    }


    if ($this->ticket->update(DolibarrApiAccess::$user) > 0) {

      return $this->get($id);

    } else {

      throw new RestException(500, $this->ticket->error);

    }

  }


  public function delete($id)

  {

    if (!DolibarrApiAccess::$user->hasRight('ticket', 'delete')) {

      throw new RestException(403);

    }

    $result = $this->ticket->fetch($id);

    if (!$result) {

      throw new RestException(404, 'Ticket not found');

    }


    if (!DolibarrApi::_checkAccessToResource('ticket', $this->ticket->id)) {

      throw new RestException(403, 'Access not allowed for login '.DolibarrApiAccess::$user->login);

    }


    if (!$this->ticket->delete(DolibarrApiAccess::$user)) {

      throw new RestException(500, 'Error when deleting ticket');

    }


    return array(

      'success' => array(

        'code' => 200,

        'message' => 'Ticket deleted'

      )

    );

  }


  private function _validate($data)

  {

    $ticket = array();

    foreach (Tickets::$FIELDS as $field) {

      if (!isset($data[$field])) {

        throw new RestException(400, "$field field missing");

      }

      $ticket[$field] = $data[$field];

    }

    return $ticket;

  }


  private function _validateMessage($data)

  {

    $ticket = array();

    foreach (Tickets::$FIELDS_MESSAGES as $field) {

      if (!isset($data[$field])) {

        throw new RestException(400, "$field field missing");

      }

      $ticket[$field] = $data[$field];

    }

    return $ticket;

  }


  // phpcs:disable PEAR.NamingConventions.ValidFunctionName.PublicUnderscore


  protected function _cleanObjectDatas($object)

  {

    // phpcs:enable

    $object = parent::_cleanObjectDatas($object);


    // Other attributes to clean

    $attr2clean = array(

      "contact",

      "contact_id",

      "ref_previous",

      "ref_next",

      "ref_ext",

      "table_element_line",

      "statut",

      "country",

      "country_id",

      "country_code",

      "barcode_type",

      "barcode_type_code",

      "barcode_type_label",

      "barcode_type_coder",

      "mode_reglement_id",

      "cond_reglement_id",

      "cond_reglement",

      "fk_delivery_address",

      "shipping_method_id",

      "modelpdf",

      "fk_account",

      "note_public",

      "note_private",

      "note",

      "total_ht",

      "total_tva",

      "total_localtax1",

      "total_localtax2",

      "total_ttc",

      "fk_incoterms",

      "label_incoterms",

      "location_incoterms",

      "name",

      "lastname",

      "firstname",

      "civility_id",

      "canvas",

      "cache_msgs_ticket",

      "cache_logs_ticket",

      "cache_types_tickets",

      "cache_category_tickets",

      "regeximgext",

      "labelStatus",

      "labelStatusShort",

      "multicurrency_code",

      "multicurrency_tx",

      "multicurrency_total_ht",

      "multicurrency_total_ttc",

      "multicurrency_total_tva",

      "multicurrency_total_localtax1",

      "multicurrency_total_localtax2"

    );

    foreach ($attr2clean as $toclean) {

      unset($object->$toclean);

    }


    // If object has lines, remove $db property

    if (isset($object->lines) && count($object->lines) > 0) {

      $nboflines = count($object->lines);

      for ($i = 0; $i < $nboflines; $i++) {

        $this->_cleanObjectDatas($object->lines[$i]);

      }

    }


    // If object has linked objects, remove $db property

    if (isset($object->linkedObjects) && count($object->linkedObjects) > 0) {

      foreach ($object->linkedObjects as $type_object => $linked_object) {

        foreach ($linked_object as $object2clean) {

          $this->_cleanObjectDatas($object2clean);

        }

      }

    }

    return $object;

  }


}


$id
$id
Definition account.php:39

$object
if( $user->socid > 0) if(! $user->hasRight('accounting', 'chartofaccount')) $object
Definition card.php:58

DolibarrApi
Class for API REST v1.
Definition api.class.php:30

DolibarrApi\_filterObjectProperties
_filterObjectProperties($object, $properties)
Filter properties that will be returned on object.
Definition api.class.php:136

DolibarrApi\_checkAccessToResource
static _checkAccessToResource($resource, $resource_id=0, $dbtablename='', $feature2='', $dbt_keyfield='fk_soc', $dbt_select='rowid')
Check access by user to a given resource.
Definition api.class.php:373

DolibarrApi\_checkValForAPI
_checkValForAPI($field, $value, $object)
Check and convert a string depending on its type/name.
Definition api.class.php:82

Tickets
Definition api_tickets.class.php:33

Tickets\getCommon
getCommon($id=0, $track_id='', $ref='')
Get properties of a Ticket object Return an array with ticket information.
Definition api_tickets.class.php:129

Tickets\getByRef
getByRef($ref)
Get properties of a Ticket object from ref.
Definition api_tickets.class.php:115

Tickets\__construct
__construct()
Constructor.
Definition api_tickets.class.php:58

Tickets\_cleanObjectDatas
_cleanObjectDatas($object)
Clean sensible object datas.
Definition api_tickets.class.php:498

Tickets\index
index($socid=0, $sortfield="t.rowid", $sortorder="ASC", $limit=100, $page=0, $sqlfilters='', $properties='', $pagination_data=false)
List tickets.
Definition api_tickets.class.php:205

Tickets\postNewMessage
postNewMessage($request_data=null)
Add a new message to an existing ticket identified by property ->track_id into request.
Definition api_tickets.class.php:346

Tickets\post
post($request_data=null)
Create ticket object.
Definition api_tickets.class.php:307

Tickets\put
put($id, $request_data=null)
Update ticket.
Definition api_tickets.class.php:383

Tickets\_validateMessage
_validateMessage($data)
Validate fields before create or update object message.
Definition api_tickets.class.php:476

Tickets\getByTrackId
getByTrackId($track_id)
Get properties of a Ticket object from track id.
Definition api_tickets.class.php:96

Tickets\_validate
_validate($data)
Validate fields before create or update object.
Definition api_tickets.class.php:456

User
Class to manage Dolibarr users.
Definition user.class.php:50

forgeSQLFromUniversalSearchCriteria
forgeSQLFromUniversalSearchCriteria($filter, &$errorstr='', $noand=0, $nopar=0, $noerror=0)
forgeSQLFromUniversalSearchCriteria
Definition functions.lib.php:13695

dolGetFirstLastname
dolGetFirstLastname($firstname, $lastname, $nameorder=-1)
Return firstname and lastname in correct order.
Definition functions.lib.php:9865

sanitizeVal
sanitizeVal($out='', $check='alphanohtml', $filter=null, $options=null)
Return a sanitized or empty value after checking value against a rule.
Definition functions.lib.php:1197

Ticket
Class to generate the form for creating a new ticket.
Definition html.formticket.class.php:35

generate_random_id
generate_random_id($car=16)
Generate a random id.
Definition ticket.lib.php:207