dolibarr  21.0.0-alpha
api_knowledgemanagement.class.php
Go to the documentation of this file.
1 <?php
2 /* Copyright (C) 2015 Jean-Fran├žois Ferry <jfefe@aternatik.fr>
3  * Copyright (C) 2021 SuperAdmin <test@dolibarr.com>
4  *
5  * This program is free software; you can redistribute it and/or modify
6  * it under the terms of the GNU General Public License as published by
7  * the Free Software Foundation; either version 3 of the License, or
8  * (at your option) any later version.
9  *
10  * This program is distributed in the hope that it will be useful,
11  * but WITHOUT ANY WARRANTY; without even the implied warranty of
12  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
13  * GNU General Public License for more details.
14  *
15  * You should have received a copy of the GNU General Public License
16  * along with this program. If not, see <https://www.gnu.org/licenses/>.
17  */
18 
19 use Luracast\Restler\RestException;
20 
21 dol_include_once('/knowledgemanagement/class/knowledgerecord.class.php');
22 dol_include_once('/categories/class/categorie.class.php');
23 
24 
25 
39 {
43  public $knowledgerecord;
44 
51  public function __construct()
52  {
53  global $db, $conf;
54  $this->db = $db;
55  $this->knowledgerecord = new KnowledgeRecord($this->db);
56  }
57 
71  public function get($id)
72  {
73  if (!DolibarrApiAccess::$user->hasRight('knowledgemanagement', 'knowledgerecord', 'read')) {
74  throw new RestException(403);
75  }
76 
77  $result = $this->knowledgerecord->fetch($id);
78  if (!$result) {
79  throw new RestException(404, 'KnowledgeRecord not found');
80  }
81 
82  if (!DolibarrApi::_checkAccessToResource('knowledgerecord', $this->knowledgerecord->id, 'knowledgemanagement_knowledgerecord')) {
83  throw new RestException(403, 'Access to instance id='.$this->knowledgerecord->id.' of object not allowed for login '.DolibarrApiAccess::$user->login);
84  }
85 
86  return $this->_cleanObjectDatas($this->knowledgerecord);
87  }
88 
102  public function getCategories($id, $sortfield = "s.rowid", $sortorder = 'ASC', $limit = 0, $page = 0)
103  {
104  if (!DolibarrApiAccess::$user->hasRight('categorie', 'lire')) {
105  throw new RestException(403);
106  }
107 
108  $categories = new Categorie($this->db);
109 
110  $result = $categories->getListForItem($id, 'knowledgemanagement', $sortfield, $sortorder, $limit, $page);
111 
112  if ($result < 0) {
113  throw new RestException(503, 'Error when retrieve category list : '.implode(',', array_merge(array($categories->error), $categories->errors)));
114  }
115 
116  return $result;
117  }
118 
137  public function index($sortfield = "t.rowid", $sortorder = 'ASC', $limit = 100, $page = 0, $category = 0, $sqlfilters = '', $properties = '')
138  {
139  $obj_ret = array();
140  $tmpobject = new KnowledgeRecord($this->db);
141 
142  if (!DolibarrApiAccess::$user->hasRight('knowledgemanagement', 'knowledgerecord', 'read')) {
143  throw new RestException(403);
144  }
145 
146  $socid = DolibarrApiAccess::$user->socid ? DolibarrApiAccess::$user->socid : 0;
147 
148  $restrictonsocid = 0; // Set to 1 if there is a field socid in table of object
149 
150  // If the internal user must only see his customers, force searching by him
151  $search_sale = 0;
152  if ($restrictonsocid && !DolibarrApiAccess::$user->hasRight('societe', 'client', 'voir') && !$socid) {
153  $search_sale = DolibarrApiAccess::$user->id;
154  }
155 
156  $sql = "SELECT t.rowid";
157  $sql .= " FROM ".MAIN_DB_PREFIX.$tmpobject->table_element." AS t";
158  $sql .= " LEFT JOIN ".MAIN_DB_PREFIX.$tmpobject->table_element."_extrafields AS ef ON (ef.fk_object = t.rowid)"; // Modification VMR Global Solutions to include extrafields as search parameters in the API GET call, so we will be able to filter on extrafields
159  if ($category > 0) {
160  $sql .= ", ".$this->db->prefix()."categorie_knowledgemanagement as c";
161  }
162  $sql .= " WHERE 1 = 1";
163  if ($tmpobject->ismultientitymanaged) {
164  $sql .= ' AND t.entity IN ('.getEntity($tmpobject->element).')';
165  }
166  if ($restrictonsocid && $socid) {
167  $sql .= " AND t.fk_soc = ".((int) $socid);
168  }
169  // Search on sale representative
170  if ($search_sale && $search_sale != '-1') {
171  if ($search_sale == -2) {
172  $sql .= " AND NOT EXISTS (SELECT sc.fk_soc FROM ".MAIN_DB_PREFIX."societe_commerciaux as sc WHERE sc.fk_soc = t.fk_soc)";
173  } elseif ($search_sale > 0) {
174  $sql .= " AND EXISTS (SELECT sc.fk_soc FROM ".MAIN_DB_PREFIX."societe_commerciaux as sc WHERE sc.fk_soc = t.fk_soc AND sc.fk_user = ".((int) $search_sale).")";
175  }
176  }
177  // Select products of given category
178  if ($category > 0) {
179  $sql .= " AND c.fk_categorie = ".((int) $category);
180  $sql .= " AND c.fk_knowledgemanagement = t.rowid";
181  }
182  if ($sqlfilters) {
183  $errormessage = '';
184  $sql .= forgeSQLFromUniversalSearchCriteria($sqlfilters, $errormessage);
185  if ($errormessage) {
186  throw new RestException(400, 'Error when validating parameter sqlfilters -> '.$errormessage);
187  }
188  }
189 
190  $sql .= $this->db->order($sortfield, $sortorder);
191  if ($limit) {
192  if ($page < 0) {
193  $page = 0;
194  }
195  $offset = $limit * $page;
196 
197  $sql .= $this->db->plimit($limit + 1, $offset);
198  }
199 
200  $result = $this->db->query($sql);
201  $i = 0;
202  if ($result) {
203  $num = $this->db->num_rows($result);
204  while ($i < $num) {
205  $obj = $this->db->fetch_object($result);
206  $tmp_object = new KnowledgeRecord($this->db);
207  if ($tmp_object->fetch($obj->rowid)) {
208  $obj_ret[] = $this->_filterObjectProperties($this->_cleanObjectDatas($tmp_object), $properties);
209  }
210  $i++;
211  }
212  } else {
213  throw new RestException(503, 'Error when retrieving knowledgerecord list: '.$this->db->lasterror());
214  }
215 
216  return $obj_ret;
217  }
218 
229  public function post($request_data = null)
230  {
231  if (!DolibarrApiAccess::$user->hasRight('knowledgemanagement', 'knowledgerecord', 'write')) {
232  throw new RestException(403);
233  }
234 
235  // Check mandatory fields
236  $result = $this->_validate($request_data);
237 
238  foreach ($request_data as $field => $value) {
239  if ($field === 'caller') {
240  // Add a mention of caller so on trigger called after action, we can filter to avoid a loop if we try to sync back again with the caller
241  $this->knowledgerecord->context['caller'] = sanitizeVal($request_data['caller'], 'aZ09');
242  continue;
243  }
244 
245  $this->knowledgerecord->$field = $this->_checkValForAPI($field, $value, $this->knowledgerecord);
246  }
247 
248  // Clean data
249  // $this->knowledgerecord->abc = sanitizeVal($this->knowledgerecord->abc, 'alphanohtml');
250 
251  if ($this->knowledgerecord->create(DolibarrApiAccess::$user)<0) {
252  throw new RestException(500, "Error creating KnowledgeRecord", array_merge(array($this->knowledgerecord->error), $this->knowledgerecord->errors));
253  }
254  return $this->knowledgerecord->id;
255  }
256 
268  public function put($id, $request_data = null)
269  {
270  if (!DolibarrApiAccess::$user->hasRight('knowledgemanagement', 'knowledgerecord', 'write')) {
271  throw new RestException(403);
272  }
273 
274  $result = $this->knowledgerecord->fetch($id);
275  if (!$result) {
276  throw new RestException(404, 'KnowledgeRecord not found');
277  }
278 
279  if (!DolibarrApi::_checkAccessToResource('knowledgerecord', $this->knowledgerecord->id, 'knowledgemanagement_knowledgerecord')) {
280  throw new RestException(403, 'Access to instance id='.$this->knowledgerecord->id.' of object not allowed for login '.DolibarrApiAccess::$user->login);
281  }
282 
283  foreach ($request_data as $field => $value) {
284  if ($field == 'id') {
285  continue;
286  }
287  if ($field === 'caller') {
288  // Add a mention of caller so on trigger called after action, we can filter to avoid a loop if we try to sync back again with the caller
289  $this->knowledgerecord->context['caller'] = sanitizeVal($request_data['caller'], 'aZ09');
290  continue;
291  }
292 
293  $this->knowledgerecord->$field = $this->_checkValForAPI($field, $value, $this->knowledgerecord);
294  }
295 
296  // Clean data
297  // $this->knowledgerecord->abc = sanitizeVal($this->knowledgerecord->abc, 'alphanohtml');
298 
299  if ($this->knowledgerecord->update(DolibarrApiAccess::$user, false) > 0) {
300  return $this->get($id);
301  } else {
302  throw new RestException(500, $this->knowledgerecord->error);
303  }
304  }
305 
316  public function delete($id)
317  {
318  if (!DolibarrApiAccess::$user->hasRight('knowledgemanagement', 'knowledgerecord', 'delete')) {
319  throw new RestException(403);
320  }
321  $result = $this->knowledgerecord->fetch($id);
322  if (!$result) {
323  throw new RestException(404, 'KnowledgeRecord not found');
324  }
325 
326  if (!DolibarrApi::_checkAccessToResource('knowledgerecord', $this->knowledgerecord->id, 'knowledgemanagement_knowledgerecord')) {
327  throw new RestException(403, 'Access to instance id='.$this->knowledgerecord->id.' of object not allowed for login '.DolibarrApiAccess::$user->login);
328  }
329 
330  if (!$this->knowledgerecord->delete(DolibarrApiAccess::$user)) {
331  throw new RestException(500, 'Error when deleting KnowledgeRecord : '.$this->knowledgerecord->error);
332  }
333 
334  return array(
335  'success' => array(
336  'code' => 200,
337  'message' => 'KnowledgeRecord deleted'
338  )
339  );
340  }
341 
342 
343  // phpcs:disable PEAR.NamingConventions.ValidFunctionName.PublicUnderscore
350  protected function _cleanObjectDatas($object)
351  {
352  // phpcs:enable
353  $object = parent::_cleanObjectDatas($object);
354 
355  unset($object->rowid);
356  unset($object->canvas);
357 
358  /*unset($object->name);
359  unset($object->lastname);
360  unset($object->firstname);
361  unset($object->civility_id);
362  unset($object->statut);
363  unset($object->state);
364  unset($object->state_id);
365  unset($object->state_code);
366  unset($object->region);
367  unset($object->region_code);
368  unset($object->country);
369  unset($object->country_id);
370  unset($object->country_code);
371  unset($object->barcode_type);
372  unset($object->barcode_type_code);
373  unset($object->barcode_type_label);
374  unset($object->barcode_type_coder);
375  unset($object->total_ht);
376  unset($object->total_tva);
377  unset($object->total_localtax1);
378  unset($object->total_localtax2);
379  unset($object->total_ttc);
380  unset($object->fk_account);
381  unset($object->comments);
382  unset($object->note);
383  unset($object->mode_reglement_id);
384  unset($object->cond_reglement_id);
385  unset($object->cond_reglement);
386  unset($object->shipping_method_id);
387  unset($object->fk_incoterms);
388  unset($object->label_incoterms);
389  unset($object->location_incoterms);
390  */
391 
392  // If object has lines, remove $db property
393  if (isset($object->lines) && is_array($object->lines) && count($object->lines) > 0) {
394  $nboflines = count($object->lines);
395  for ($i = 0; $i < $nboflines; $i++) {
396  $this->_cleanObjectDatas($object->lines[$i]);
397 
398  unset($object->lines[$i]->lines);
399  unset($object->lines[$i]->note);
400  }
401  }
402 
403  return $object;
404  }
405 
414  private function _validate($data)
415  {
416  $knowledgerecord = array();
417  foreach ($this->knowledgerecord->fields as $field => $propfield) {
418  if (in_array($field, array('rowid', 'entity', 'date_creation', 'tms', 'fk_user_creat')) || $propfield['notnull'] != 1) {
419  continue; // Not a mandatory field
420  }
421  if (!isset($data[$field])) {
422  throw new RestException(400, "$field field missing");
423  }
424  $knowledgerecord[$field] = $data[$field];
425  }
426  return $knowledgerecord;
427  }
428 }
if($user->socid > 0) if(! $user->hasRight('accounting', 'chartofaccount')) $object
Definition: card.php:58
Class to manage categories.
Class for API REST v1.
Definition: api.class.php:30
_filterObjectProperties($object, $properties)
Filter properties that will be returned on object.
Definition: api.class.php:136
static _checkAccessToResource($resource, $resource_id=0, $dbtablename='', $feature2='', $dbt_keyfield='fk_soc', $dbt_select='rowid')
Check access by user to a given resource.
Definition: api.class.php:369
_checkValForAPI($field, $value, $object)
Check and convert a string depending on its type/name.
Definition: api.class.php:82
post($request_data=null)
Create knowledgerecord object.
_validate($data)
Validate fields before create or update object.
getCategories($id, $sortfield="s.rowid", $sortorder='ASC', $limit=0, $page=0)
Get categories for a knowledgerecord object.
put($id, $request_data=null)
Update knowledgerecord.
index($sortfield="t.rowid", $sortorder='ASC', $limit=100, $page=0, $category=0, $sqlfilters='', $properties='')
List knowledgerecords.
_cleanObjectDatas($object)
Clean sensible object datas.
Class for KnowledgeRecord.
if(isModEnabled('invoice') && $user->hasRight('facture', 'lire')) if((isModEnabled('fournisseur') &&!getDolGlobalString('MAIN_USE_NEW_SUPPLIERMOD') && $user->hasRight("fournisseur", "facture", "lire"))||(isModEnabled('supplier_invoice') && $user->hasRight("supplier_invoice", "lire"))) if(isModEnabled('don') && $user->hasRight('don', 'lire')) if(isModEnabled('tax') && $user->hasRight('tax', 'charges', 'lire')) if(isModEnabled('invoice') &&isModEnabled('order') && $user->hasRight("commande", "lire") &&!getDolGlobalString('WORKFLOW_DISABLE_CREATE_INVOICE_FROM_ORDER')) $sql
Social contributions to pay.
Definition: index.php:751
forgeSQLFromUniversalSearchCriteria($filter, &$errorstr='', $noand=0, $nopar=0, $noerror=0)
forgeSQLFromUniversalSearchCriteria
if(!function_exists('dol_getprefix')) dol_include_once($relpath, $classname='')
Make an include_once using default root and alternate root if it fails.
sanitizeVal($out='', $check='alphanohtml', $filter=null, $options=null)
Return a sanitized or empty value after checking value against a rule.