dolibarr  20.0.0-beta
api_donations.class.php
1 <?php
2 /* Copyright (C) 2019 Thibault FOUCART <support@ptibogxiv.net>
3  * Copyright (C) 2019 Laurent Destailleur <eldy@users.sourceforge.net>
4  *
5  * This program is free software; you can redistribute it and/or modify
6  * it under the terms of the GNU General Public License as published by
7  * the Free Software Foundation; either version 3 of the License, or
8  * (at your option) any later version.
9  *
10  * This program is distributed in the hope that it will be useful,
11  * but WITHOUT ANY WARRANTY; without even the implied warranty of
12  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
13  * GNU General Public License for more details.
14  *
15  * You should have received a copy of the GNU General Public License
16  * along with this program. If not, see <https://www.gnu.org/licenses/>.
17  */
18 
19 use Luracast\Restler\RestException;
20 
21 require_once DOL_DOCUMENT_ROOT.'/don/class/don.class.php';
22 
29 class Donations extends DolibarrApi
30 {
34  public static $FIELDS = array(
35  'amount'
36  );
37 
41  public $don;
42 
46  public function __construct()
47  {
48  global $db, $conf;
49  $this->db = $db;
50  $this->don = new Don($this->db);
51  }
52 
63  public function get($id)
64  {
65  if (!DolibarrApiAccess::$user->hasRight('don', 'lire')) {
66  throw new RestException(403);
67  }
68 
69  $result = $this->don->fetch($id);
70  if (!$result) {
71  throw new RestException(404, 'Donation not found');
72  }
73 
74  if (!DolibarrApi::_checkAccessToResource('don', $this->don->id)) {
75  throw new RestException(403, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
76  }
77 
78  // Add external contacts ids
79  //$this->don->contacts_ids = $this->don->liste_contact(-1,'external',1);
80  //$this->don->fetchObjectLinked();
81  return $this->_cleanObjectDatas($this->don);
82  }
83 
84 
85 
102  public function index($sortfield = "t.rowid", $sortorder = 'ASC', $limit = 100, $page = 0, $thirdparty_ids = '', $sqlfilters = '', $properties = '')
103  {
104  if (!DolibarrApiAccess::$user->hasRight('don', 'lire')) {
105  throw new RestException(403);
106  }
107 
108  $obj_ret = array();
109 
110  // case of external user, $thirdparty_ids param is ignored and replaced by user's socid
111  $socids = DolibarrApiAccess::$user->socid ? DolibarrApiAccess::$user->socid : $thirdparty_ids;
112 
113  $sql = "SELECT t.rowid";
114  if ((!DolibarrApiAccess::$user->hasRight('societe', 'client', 'voir') && !$socids)) {
115  $sql .= ", sc.fk_soc, sc.fk_user"; // We need these fields in order to filter by sale (including the case where the user can only see his prospects)
116  }
117  $sql .= " FROM ".MAIN_DB_PREFIX."don AS t LEFT JOIN ".MAIN_DB_PREFIX."don_extrafields AS ef ON (ef.fk_object = t.rowid)"; // Modification VMR Global Solutions to include extrafields as search parameters in the API GET call, so we will be able to filter on extrafields
118 
119  $sql .= ' WHERE t.entity IN ('.getEntity('don').')';
120  if ((!DolibarrApiAccess::$user->hasRight('societe', 'client', 'voir') && !$socids)) {
121  $sql .= " AND t.fk_soc = sc.fk_soc";
122  }
123  if ($thirdparty_ids) {
124  $sql .= " AND t.fk_soc = ".((int) $thirdparty_ids)." ";
125  }
126 
127  // Add sql filters
128  if ($sqlfilters) {
129  $errormessage = '';
130  $sql .= forgeSQLFromUniversalSearchCriteria($sqlfilters, $errormessage);
131  if ($errormessage) {
132  throw new RestException(400, 'Error when validating parameter sqlfilters -> '.$errormessage);
133  }
134  }
135 
136  $sql .= $this->db->order($sortfield, $sortorder);
137  if ($limit) {
138  if ($page < 0) {
139  $page = 0;
140  }
141  $offset = $limit * $page;
142 
143  $sql .= $this->db->plimit($limit + 1, $offset);
144  }
145 
146  dol_syslog("API Rest request");
147  $result = $this->db->query($sql);
148 
149  if ($result) {
150  $num = $this->db->num_rows($result);
151  $min = min($num, ($limit <= 0 ? $num : $limit));
152  $i = 0;
153  while ($i < $min) {
154  $obj = $this->db->fetch_object($result);
155  $don_static = new Don($this->db);
156  if ($don_static->fetch($obj->rowid)) {
157  // Add external contacts ids
158  //$don_static->contacts_ids = $don_static->liste_contact(-1, 'external', 1);
159  $obj_ret[] = $this->_filterObjectProperties($this->_cleanObjectDatas($don_static), $properties);
160  }
161  $i++;
162  }
163  } else {
164  throw new RestException(503, 'Error when retrieve donation list : '.$this->db->lasterror());
165  }
166 
167  return $obj_ret;
168  }
169 
176  public function post($request_data = null)
177  {
178  if (!DolibarrApiAccess::$user->hasRight('don', 'creer')) {
179  throw new RestException(403, "Insuffisant rights");
180  }
181 
182  // Check mandatory fields
183  $result = $this->_validate($request_data);
184 
185  foreach ($request_data as $field => $value) {
186  if ($field === 'caller') {
187  // Add a mention of caller so on trigger called after action, we can filter to avoid a loop if we try to sync back again with the caller
188  $this->don->context['caller'] = sanitizeVal($request_data['caller'], 'aZ09');
189  continue;
190  }
191 
192  $this->don->$field = $this->_checkValForAPI($field, $value, $this->don);
193  }
194  /*if (isset($request_data["lines"])) {
195  $lines = array();
196  foreach ($request_data["lines"] as $line) {
197  array_push($lines, (object) $line);
198  }
199  $this->don->lines = $lines;
200  }*/
201 
202  if ($this->don->create(DolibarrApiAccess::$user) < 0) {
203  throw new RestException(500, "Error creating donation", array_merge(array($this->don->error), $this->don->errors));
204  }
205 
206  return $this->don->id;
207  }
208 
216  public function put($id, $request_data = null)
217  {
218  if (!DolibarrApiAccess::$user->hasRight('don', 'creer')) {
219  throw new RestException(403);
220  }
221 
222  $result = $this->don->fetch($id);
223  if (!$result) {
224  throw new RestException(404, 'Donation not found');
225  }
226 
227  if (!DolibarrApi::_checkAccessToResource('donation', $this->don->id)) {
228  throw new RestException(403, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
229  }
230  foreach ($request_data as $field => $value) {
231  if ($field == 'id') {
232  continue;
233  }
234  if ($field === 'caller') {
235  // Add a mention of caller so on trigger called after action, we can filter to avoid a loop if we try to sync back again with the caller
236  $this->don->context['caller'] = sanitizeVal($request_data['caller'], 'aZ09');
237  continue;
238  }
239 
240  $this->don->$field = $this->_checkValForAPI($field, $value, $this->don);
241  }
242 
243  if ($this->don->update(DolibarrApiAccess::$user) > 0) {
244  return $this->get($id);
245  } else {
246  throw new RestException(500, $this->don->error);
247  }
248  }
249 
256  public function delete($id)
257  {
258  if (!DolibarrApiAccess::$user->hasRight('don', 'supprimer')) {
259  throw new RestException(403);
260  }
261 
262  $result = $this->don->fetch($id);
263  if (!$result) {
264  throw new RestException(404, 'Donation not found');
265  }
266 
267  if (!DolibarrApi::_checkAccessToResource('donation', $this->don->id)) {
268  throw new RestException(403, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
269  }
270 
271  if (!$this->don->delete(DolibarrApiAccess::$user)) {
272  throw new RestException(500, 'Error when delete donation : '.$this->don->error);
273  }
274 
275  return array(
276  'success' => array(
277  'code' => 200,
278  'message' => 'Donation deleted'
279  )
280  );
281  }
282 
305  public function validate($id, $idwarehouse = 0, $notrigger = 0)
306  {
307  if (!DolibarrApiAccess::$user->hasRight('don', 'creer')) {
308  throw new RestException(403);
309  }
310 
311  $result = $this->don->fetch($id);
312  if (!$result) {
313  throw new RestException(404, 'Donation not found');
314  }
315 
316  if (!DolibarrApi::_checkAccessToResource('don', $this->don->id)) {
317  throw new RestException(403, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
318  }
319 
320  // @phan-suppress-next-line PhanPluginSuspiciousParamPosition
321  $result = $this->don->valid_promesse($id, DolibarrApiAccess::$user->id, $notrigger);
322  if ($result == 0) {
323  throw new RestException(304, 'Error nothing done. May be object is already validated');
324  }
325  if ($result < 0) {
326  throw new RestException(500, 'Error when validating Order: '.$this->don->error);
327  }
328  $result = $this->don->fetch($id);
329  if (!$result) {
330  throw new RestException(404, 'Order not found');
331  }
332 
333  if (!DolibarrApi::_checkAccessToResource('don', $this->don->id)) {
334  throw new RestException(403, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
335  }
336 
337  $this->don->fetchObjectLinked();
338 
339  return $this->_cleanObjectDatas($this->don);
340  }
341 
342  // phpcs:disable PEAR.NamingConventions.ValidFunctionName.PublicUnderscore
349  protected function _cleanObjectDatas($object)
350  {
351  // phpcs:enable
352  $object = parent::_cleanObjectDatas($object);
353 
354  unset($object->note);
355  unset($object->address);
356  unset($object->barcode_type);
357  unset($object->barcode_type_code);
358  unset($object->barcode_type_label);
359  unset($object->barcode_type_coder);
360 
361  return $object;
362  }
363 
371  private function _validate($data)
372  {
373  $don = array();
374  foreach (Donations::$FIELDS as $field) {
375  if (!isset($data[$field])) {
376  throw new RestException(400, $field." field missing");
377  }
378  $don[$field] = $data[$field];
379  }
380  return $don;
381  }
382 }
if($user->socid > 0) if(! $user->hasRight('accounting', 'chartofaccount')) $object
Definition: card.php:58
Class for API REST v1.
Definition: api.class.php:30
_filterObjectProperties($object, $properties)
Filter properties that will be returned on object.
Definition: api.class.php:136
static _checkAccessToResource($resource, $resource_id=0, $dbtablename='', $feature2='', $dbt_keyfield='fk_soc', $dbt_select='rowid')
Check access by user to a given resource.
Definition: api.class.php:369
_checkValForAPI($field, $value, $object)
Check and convert a string depending on its type/name.
Definition: api.class.php:82
Class to manage donations.
Definition: don.class.php:41
validate($id, $idwarehouse=0, $notrigger=0)
Validate an donation.
post($request_data=null)
Create donation object.
_cleanObjectDatas($object)
Clean sensible object datas.
index($sortfield="t.rowid", $sortorder='ASC', $limit=100, $page=0, $thirdparty_ids='', $sqlfilters='', $properties='')
List donations.
put($id, $request_data=null)
Update order general fields (won't touch lines of order)
__construct()
Constructor.
_validate($data)
Validate fields before create or update object.
if(isModEnabled('invoice') && $user->hasRight('facture', 'lire')) if((isModEnabled('fournisseur') &&!getDolGlobalString('MAIN_USE_NEW_SUPPLIERMOD') && $user->hasRight("fournisseur", "facture", "lire"))||(isModEnabled('supplier_invoice') && $user->hasRight("supplier_invoice", "lire"))) if(isModEnabled('don') && $user->hasRight('don', 'lire')) if(isModEnabled('tax') && $user->hasRight('tax', 'charges', 'lire')) if(isModEnabled('invoice') &&isModEnabled('order') && $user->hasRight("commande", "lire") &&!getDolGlobalString('WORKFLOW_DISABLE_CREATE_INVOICE_FROM_ORDER')) $sql
Social contributions to pay.
Definition: index.php:745
forgeSQLFromUniversalSearchCriteria($filter, &$errorstr='', $noand=0, $nopar=0, $noerror=0)
forgeSQLFromUniversalSearchCriteria
sanitizeVal($out='', $check='alphanohtml', $filter=null, $options=null)
Return a sanitized or empty value after checking value against a rule.
dol_syslog($message, $level=LOG_INFO, $ident=0, $suffixinfilename='', $restricttologhandler='', $logcontext=null)
Write log message into outputs.