dolibarr 21.0.0-beta
api_agendaevents.class.php
1<?php
2/* Copyright (C) 2015 Jean-François Ferry <jfefe@aternatik.fr>
3 * Copyright (C) 2016 Laurent Destailleur <eldy@users.sourceforge.net>
4 * Copyright (C) 2024 MDW <mdeweerd@users.noreply.github.com>
5 *
6 * This program is free software; you can redistribute it and/or modify
7 * it under the terms of the GNU General Public License as published by
8 * the Free Software Foundation; either version 3 of the License, or
9 * (at your option) any later version.
10 *
11 * This program is distributed in the hope that it will be useful,
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14 * GNU General Public License for more details.
15 *
16 * You should have received a copy of the GNU General Public License
17 * along with this program. If not, see <https://www.gnu.org/licenses/>.
18 */
19
20use Luracast\Restler\RestException;
21
22require_once DOL_DOCUMENT_ROOT.'/comm/action/class/actioncomm.class.php';
23
24
32{
36 public static $FIELDS = array(
37 );
38
42 public $actioncomm;
43
44
48 public function __construct()
49 {
50 global $db, $conf;
51 $this->db = $db;
52 $this->actioncomm = new ActionComm($this->db);
53 }
54
65 public function get($id)
66 {
67 if (!DolibarrApiAccess::$user->hasRight('agenda', 'myactions', 'read')) {
68 throw new RestException(403, "Insufficient rights to read an event");
69 }
70 if ($id === 0) {
71 $result = $this->actioncomm->initAsSpecimen();
72 } else {
73 $result = $this->actioncomm->fetch($id);
74 if ($result) {
75 $this->actioncomm->fetch_optionals();
76 $this->actioncomm->fetchObjectLinked();
77 }
78 }
79 if (!$result) {
80 throw new RestException(404, 'Agenda Events not found');
81 }
82
83 if (!DolibarrApiAccess::$user->hasRight('agenda', 'allactions', 'read') && $this->actioncomm->userownerid != DolibarrApiAccess::$user->id) {
84 throw new RestException(403, 'Insufficient rights to read event of this owner id. Your id is '.DolibarrApiAccess::$user->id);
85 }
86
87 if (!DolibarrApi::_checkAccessToResource('agenda', $this->actioncomm->id, 'actioncomm', '', 'fk_soc', 'id')) {
88 throw new RestException(403, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
89 }
90 return $this->_cleanObjectDatas($this->actioncomm);
91 }
92
108 public function index($sortfield = "t.id", $sortorder = 'ASC', $limit = 100, $page = 0, $user_ids = '', $sqlfilters = '', $properties = '', $pagination_data = false)
109 {
110 global $db, $conf;
111
112 $obj_ret = array();
113
114 if (!DolibarrApiAccess::$user->hasRight('agenda', 'myactions', 'read')) {
115 throw new RestException(403, "Insufficient rights to read events");
116 }
117
118 // case of external user
119 $socid = DolibarrApiAccess::$user->socid ? DolibarrApiAccess::$user->socid : 0;
120
121 // If the internal user must only see his customers, force searching by him
122 $search_sale = 0;
123 if (!DolibarrApiAccess::$user->hasRight('societe', 'client', 'voir') && !$socid) {
124 $search_sale = DolibarrApiAccess::$user->id;
125 }
126 if (!isModEnabled('societe')) {
127 $search_sale = 0; // If module thirdparty not enabled, sale representative is something that does not exists
128 }
129
130 $sql = "SELECT t.id";
131 $sql .= " FROM ".MAIN_DB_PREFIX."actioncomm AS t";
132 $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."actioncomm_extrafields AS ef ON (ef.fk_object = t.id)"; // Modification VMR Global Solutions to include extrafields as search parameters in the API GET call, so we will be able to filter on extrafields
133 $sql .= ' WHERE t.entity IN ('.getEntity('agenda').')';
134 if ($user_ids) {
135 $sql .= " AND t.fk_user_action IN (".$this->db->sanitize($user_ids).")";
136 }
137 if ($socid > 0) {
138 $sql .= " AND t.fk_soc = ".((int) $socid);
139 }
140 // Search on sale representative
141 if ($search_sale && $search_sale != '-1') {
142 if ($search_sale == -2) {
143 $sql .= " AND NOT EXISTS (SELECT sc.fk_soc FROM ".MAIN_DB_PREFIX."societe_commerciaux as sc WHERE sc.fk_soc = t.fk_soc)";
144 } elseif ($search_sale > 0) {
145 $sql .= " AND EXISTS (SELECT sc.fk_soc FROM ".MAIN_DB_PREFIX."societe_commerciaux as sc WHERE sc.fk_soc = t.fk_soc AND sc.fk_user = ".((int) $search_sale).")";
146 }
147 }
148 // Add sql filters
149 if ($sqlfilters) {
150 $errormessage = '';
151 $sql .= forgeSQLFromUniversalSearchCriteria($sqlfilters, $errormessage);
152 if ($errormessage) {
153 throw new RestException(400, 'Error when validating parameter sqlfilters -> '.$errormessage);
154 }
155 }
156
157 //this query will return total orders with the filters given
158 $sqlTotals = str_replace('SELECT t.id', 'SELECT count(t.id) as total', $sql);
159
160 $sql .= $this->db->order($sortfield, $sortorder);
161 if ($limit) {
162 if ($page < 0) {
163 $page = 0;
164 }
165 $offset = $limit * $page;
166
167 $sql .= $this->db->plimit($limit + 1, $offset);
168 }
169
170 $result = $this->db->query($sql);
171
172 if ($result) {
173 $i = 0;
174 $num = $this->db->num_rows($result);
175 $min = min($num, ($limit <= 0 ? $num : $limit));
176 while ($i < $min) {
177 $obj = $this->db->fetch_object($result);
178 $actioncomm_static = new ActionComm($this->db);
179 if ($actioncomm_static->fetch($obj->id)) {
180 $obj_ret[] = $this->_filterObjectProperties($this->_cleanObjectDatas($actioncomm_static), $properties);
181 }
182 $i++;
183 }
184 } else {
185 throw new RestException(503, 'Error when retrieve Agenda Event list : '.$this->db->lasterror());
186 }
187
188 //if $pagination_data is true the response will contain element data with all values and element pagination with pagination data(total,page,limit)
189 if ($pagination_data) {
190 $totalsResult = $this->db->query($sqlTotals);
191 $total = $this->db->fetch_object($totalsResult)->total;
192
193 $tmp = $obj_ret;
194 $obj_ret = [];
195
196 $obj_ret['data'] = $tmp;
197 $obj_ret['pagination'] = [
198 'total' => (int) $total,
199 'page' => $page, //count starts from 0
200 'page_count' => ceil((int) $total / $limit),
201 'limit' => $limit
202 ];
203 }
204
205 return $obj_ret;
206 }
207
214 public function post($request_data = null)
215 {
216 if (!DolibarrApiAccess::$user->hasRight('agenda', 'myactions', 'create')) {
217 throw new RestException(403, "Insufficient rights to create your Agenda Event");
218 }
219 if (!DolibarrApiAccess::$user->hasRight('agenda', 'allactions', 'create') && DolibarrApiAccess::$user->id != $request_data['userownerid']) {
220 throw new RestException(403, "Insufficient rights to create an Agenda Event for owner id ".$request_data['userownerid'].' Your id is '.DolibarrApiAccess::$user->id);
221 }
222
223 // Check mandatory fields
224 $result = $this->_validate($request_data);
225
226 foreach ($request_data as $field => $value) {
227 if ($field === 'caller') {
228 // Add a mention of caller so on trigger called after action, we can filter to avoid a loop if we try to sync back again with the caller
229 $this->actioncomm->context['caller'] = sanitizeVal($request_data['caller'], 'aZ09');
230 continue;
231 }
232
233 $this->actioncomm->$field = $this->_checkValForAPI($field, $value, $this->actioncomm);
234 }
235 /*if (isset($request_data["lines"])) {
236 $lines = array();
237 foreach ($request_data["lines"] as $line) {
238 array_push($lines, (object) $line);
239 }
240 $this->expensereport->lines = $lines;
241 }*/
242
243 if ($this->actioncomm->create(DolibarrApiAccess::$user) < 0) {
244 throw new RestException(500, "Error creating event", array_merge(array($this->actioncomm->error), $this->actioncomm->errors));
245 }
246
247 return $this->actioncomm->id;
248 }
249
250
258 public function put($id, $request_data = null)
259 {
260 if (!DolibarrApiAccess::$user->hasRight('agenda', 'myactions', 'create')) {
261 throw new RestException(403, "Insufficient rights to create your Agenda Event");
262 }
263 if (!DolibarrApiAccess::$user->hasRight('agenda', 'allactions', 'create') && DolibarrApiAccess::$user->id != $request_data['userownerid']) {
264 throw new RestException(403, "Insufficient rights to create an Agenda Event for owner id ".$request_data['userownerid'].' Your id is '.DolibarrApiAccess::$user->id);
265 }
266
267 $result = $this->actioncomm->fetch($id);
268 if ($result) {
269 $this->actioncomm->fetch_optionals();
270 $this->actioncomm->fetch_userassigned();
271 $this->actioncomm->oldcopy = clone $this->actioncomm;
272 }
273 if (!$result) {
274 throw new RestException(404, 'actioncomm not found');
275 }
276
277 if (!DolibarrApi::_checkAccessToResource('actioncomm', $this->actioncomm->id, 'actioncomm', '', 'fk_soc', 'id')) {
278 throw new RestException(403, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
279 }
280 foreach ($request_data as $field => $value) {
281 if ($field == 'id') {
282 continue;
283 }
284 if ($field === 'caller') {
285 // Add a mention of caller so on trigger called after action, we can filter to avoid a loop if we try to sync back again with the caller
286 $this->actioncomm->context['caller'] = sanitizeVal($request_data['caller'], 'aZ09');
287 continue;
288 }
289
290 $this->actioncomm->$field = $this->_checkValForAPI($field, $value, $this->actioncomm);
291 }
292
293 if ($this->actioncomm->update(DolibarrApiAccess::$user, 1) > 0) {
294 return $this->get($id);
295 }
296
297 return false;
298 }
299
307 public function delete($id)
308 {
309 if (!DolibarrApiAccess::$user->hasRight('agenda', 'myactions', 'delete')) {
310 throw new RestException(403, "Insufficient rights to delete your Agenda Event");
311 }
312
313 $result = $this->actioncomm->fetch($id);
314 if ($result) {
315 $this->actioncomm->fetch_optionals();
316 $this->actioncomm->fetch_userassigned();
317 $this->actioncomm->oldcopy = clone $this->actioncomm;
318 }
319
320 if (!DolibarrApiAccess::$user->hasRight('agenda', 'allactions', 'delete') && DolibarrApiAccess::$user->id != $this->actioncomm->userownerid) {
321 throw new RestException(403, "Insufficient rights to delete an Agenda Event of owner id ".$this->actioncomm->userownerid.' Your id is '.DolibarrApiAccess::$user->id);
322 }
323
324 if (!$result) {
325 throw new RestException(404, 'Agenda Event not found');
326 }
327
328 if (!DolibarrApi::_checkAccessToResource('actioncomm', $this->actioncomm->id, 'actioncomm', '', 'fk_soc', 'id')) {
329 throw new RestException(403, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
330 }
331
332 if (!$this->actioncomm->delete(DolibarrApiAccess::$user)) {
333 throw new RestException(500, 'Error when delete Agenda Event : '.$this->actioncomm->error);
334 }
335
336 return array(
337 'success' => array(
338 'code' => 200,
339 'message' => 'Agenda Event deleted'
340 )
341 );
342 }
343
351 private function _validate($data)
352 {
353 $event = array();
354 foreach (AgendaEvents::$FIELDS as $field) {
355 if (!isset($data[$field])) {
356 throw new RestException(400, "$field field missing");
357 }
358 $event[$field] = $data[$field];
359 }
360 return $event;
361 }
362
363 // phpcs:disable PEAR.NamingConventions.ValidFunctionName.PublicUnderscore
370 protected function _cleanObjectDatas($object)
371 {
372 // phpcs:enable
373 $object = parent::_cleanObjectDatas($object);
374
375 unset($object->note); // already in note_private or note_public
376 unset($object->usermod);
377 unset($object->libelle);
378 unset($object->context);
379 unset($object->canvas);
380 unset($object->contact);
381 unset($object->contact_id);
382 unset($object->thirdparty);
383 unset($object->user);
384 unset($object->origin);
385 unset($object->origin_id);
386 unset($object->ref_ext);
387 unset($object->statut);
388 unset($object->state_code);
389 unset($object->state_id);
390 unset($object->state);
391 unset($object->region);
392 unset($object->region_code);
393 unset($object->country);
394 unset($object->country_id);
395 unset($object->country_code);
396 unset($object->barcode_type);
397 unset($object->barcode_type_code);
398 unset($object->barcode_type_label);
399 unset($object->barcode_type_coder);
400 unset($object->mode_reglement_id);
401 unset($object->cond_reglement_id);
402 unset($object->cond_reglement);
403 unset($object->fk_delivery_address);
404 unset($object->shipping_method_id);
405 unset($object->fk_account);
406 unset($object->total_ht);
407 unset($object->total_tva);
408 unset($object->total_localtax1);
409 unset($object->total_localtax2);
410 unset($object->total_ttc);
411 unset($object->fk_incoterms);
412 unset($object->label_incoterms);
413 unset($object->location_incoterms);
414 unset($object->name);
415 unset($object->lastname);
416 unset($object->firstname);
417 unset($object->civility_id);
418 unset($object->contact);
419 unset($object->societe);
420 unset($object->demand_reason_id);
421 unset($object->transport_mode_id);
422 unset($object->region_id);
423 unset($object->actions);
424 unset($object->lines);
425
426 return $object;
427 }
428}
$id
Definition account.php:48
if( $user->socid > 0) if(! $user->hasRight('accounting', 'chartofaccount')) $object
Definition card.php:66
Class to manage agenda events (actions)
_cleanObjectDatas($object)
Clean sensible object datas.
_validate($data)
Validate fields before create or update object.
__construct()
Constructor.
put($id, $request_data=null)
Update Agenda Event general fields.
index($sortfield="t.id", $sortorder='ASC', $limit=100, $page=0, $user_ids='', $sqlfilters='', $properties='', $pagination_data=false)
List Agenda Events.
post($request_data=null)
Create Agenda Event object.
Class for API REST v1.
Definition api.class.php:30
_filterObjectProperties($object, $properties)
Filter properties that will be returned on object.
static _checkAccessToResource($resource, $resource_id=0, $dbtablename='', $feature2='', $dbt_keyfield='fk_soc', $dbt_select='rowid')
Check access by user to a given resource.
_checkValForAPI($field, $value, $object)
Check and convert a string depending on its type/name.
Definition api.class.php:82
forgeSQLFromUniversalSearchCriteria($filter, &$errorstr='', $noand=0, $nopar=0, $noerror=0)
forgeSQLFromUniversalSearchCriteria
sanitizeVal($out='', $check='alphanohtml', $filter=null, $options=null)
Return a sanitized or empty value after checking value against a rule.
global $conf
The following vars must be defined: $type2label $form $conf, $lang, The following vars may also be de...
Definition member.php:79