Class for API REST v1. More...

Inheritance diagram for DolibarrApi:

Public Member Functions
	__construct ($db, $cachedir='', $refreshCache=false)
	Constructor.

Protected Member Functions
	_checkValForAPI ($field, $value, $object)
	Check and convert a string depending on its type/name.

	_checkValExtrafieldsForAPI ($field, $value, $object)
	Check and convert a string depending on its type/name.

	_filterObjectProperties ($object, $properties)
	Filter properties that will be returned on object.

	_cleanObjectDatas ($object)
	Clean sensitive object data @phpstan-template T.

	_checkFilters ($sqlfilters, &$error='')
	Return if a $sqlfilters parameter is valid Function no more used.

Static Protected Member Functions
static	_checkAccessToResource ($resource, $resource_id=0, $dbtablename='', $feature2='', $dbt_keyfield='fk_soc', $dbt_select='rowid')
	Check access by user to a given resource.

static	_forge_criteria_callback ($matches)
	Function to forge a SQL criteria from a Generic filter string.

Detailed Description

Class for API REST v1.

Definition at line 34 of file api.class.php.

Constructor & Destructor Documentation

◆ __construct()

DolibarrApi::__construct	(	$db,
		$cachedir = '',
		$refreshCache = false )

Constructor.

Parameters

DoliDB	$db	Database handler
string	$cachedir	Cache dir
boolean	$refreshCache	Update cache

Definition at line 53 of file api.class.php.

References $conf, $dolibarr_main_url_root, dol_is_dir(), dol_mkdir(), dol_syslog(), getDolGlobalBool(), and getDolGlobalString().

Member Function Documentation

◆ _checkAccessToResource()

static DolibarrApi::_checkAccessToResource	(	$resource,
		$resource_id = 0,
		$dbtablename = '',
		$feature2 = '',
		$dbt_keyfield = 'fk_soc',
		$dbt_select = 'rowid' )

staticprotected

Check access by user to a given resource.

Parameters

string	$resource	element to check
int \| string \| Object	$resource_id	Full object or object ID or list of object id. For example if we want to check a particular record (optional) is linked to a owned thirdparty (optional).
string	$dbtablename	'TableName&SharedElement' with Tablename is table where object is stored. SharedElement is an optional key to define where to check entity. Not used if objectid is null (optional)
string	$feature2	Feature to check, second level of permission (optional). Can be or check with 'level1\|level2'.
string	$dbt_keyfield	Field name for socid foreign key if not fk_soc. Not used if objectid is null (optional)
string	$dbt_select	Field name for select if not rowid. Not used if objectid is null (optional)

Returns: bool

Definition at line 493 of file api.class.php.

References checkUserAccessToObject().

◆ _checkFilters()

DolibarrApi::_checkFilters	(		$sqlfilters,
		&	$error = '' )

protected

Return if a $sqlfilters parameter is valid Function no more used.

Kept for backward compatibility with old APIs of modules

Parameters

string	$sqlfilters	sqlfilter string
string	$error	Error message

Returns: boolean|string True if valid, False if not valid

Definition at line 521 of file api.class.php.

◆ _checkValExtrafieldsForAPI()

DolibarrApi::_checkValExtrafieldsForAPI	(	$field,
		$value,
		$object )

protected

Check and convert a string depending on its type/name.

Parameters

string	$field	Field name
string \| string[]	$value	Value to check/clean
Object	$object	Object

Returns: string|array<string,mixed> Value cleaned

Definition at line 185 of file api.class.php.

References $object, _checkValExtrafieldsForAPI(), and sanitizeVal().

Referenced by _checkValExtrafieldsForAPI(), Contacts\post(), MyModuleApi\post(), SupplierProposals\post(), Thirdparties\post(), AgendaEvents\put(), BankAccounts\put(), Boms\put(), Categories\put(), Contacts\put(), Donations\put(), ExpenseReports\put(), Holidays\put(), Interventions\put(), Invoices\put(), KnowledgeManagement\put(), Mailings\put(), Members\put(), MembersTypes\put(), Mos\put(), MyModuleApi\put(), Orders\put(), Partnerships\put(), Productlots\put(), Products\put(), Projects\put(), Proposals\put(), Receptions\put(), Shipments\put(), Subscriptions\put(), SupplierInvoices\put(), SupplierOrders\put(), SupplierProposals\put(), Thirdparties\put(), Tickets\put(), Users\put(), and Warehouses\put().

◆ _checkValForAPI()

DolibarrApi::_checkValForAPI	(	$field,
		$value,
		$object )

protected

Check and convert a string depending on its type/name.

Parameters

string	$field	Field name
string \| string[]	$value	Value to check/clean
Object	$object	Object

Returns: string|array<string,mixed> Value cleaned

Exceptions

RestException 400 Bad parameters

Definition at line 101 of file api.class.php.

References $object, _checkValForAPI(), dol_syslog(), and sanitizeVal().

Referenced by _checkValForAPI(), ObjectLinks\_setObjectLinkField(), ExpenseReports\addPayment(), Salaries\addPayment(), Thirdparties\createCompanyBankAccount(), Thirdparties\createCompanyNotification(), Thirdparties\createCompanyNotificationByCode(), Thirdparties\createSocieteAccount(), Users\createUserNotification(), Users\createUserNotificationByCode(), AgendaEvents\post(), BankAccounts\post(), Boms\post(), Categories\post(), Contacts\post(), Contracts\post(), Donations\post(), EmailTemplates\post(), EventAttendees\post(), ExpenseReports\post(), Holidays\post(), Interventions\post(), Invoices\post(), KnowledgeManagement\post(), Mailings\post(), Members\post(), MembersTypes\post(), Mos\post(), MultiCurrencies\post(), MyModuleApi\post(), Orders\post(), Partnerships\post(), Productlots\post(), Products\post(), Projects\post(), Proposals\post(), Receptions\post(), Salaries\post(), Shipments\post(), Subscriptions\post(), SupplierInvoices\post(), SupplierOrders\post(), SupplierProposals\post(), Tasks\post(), Thirdparties\post(), Tickets\post(), Users\post(), Warehouses\post(), Webhook\post(), Zapier\post(), Recruitments\postCandidature(), Setup\postExtrafields(), Users\postGroups(), Recruitments\postJobPosition(), Interventions\postLine(), Tickets\postNewMessage(), Thirdparties\postSocieteAccount(), Mailings\postTarget(), Members\postType(), AgendaEvents\put(), BankAccounts\put(), Boms\put(), Categories\put(), Contacts\put(), Donations\put(), ExpenseReports\put(), Holidays\put(), Interventions\put(), Invoices\put(), KnowledgeManagement\put(), Mailings\put(), Members\put(), MembersTypes\put(), Mos\put(), MultiCurrencies\put(), MyModuleApi\put(), Orders\put(), Paiements\put(), Partnerships\put(), Productlots\put(), Products\put(), Projects\put(), Proposals\put(), Receptions\put(), Salaries\put(), Shipments\put(), Subscriptions\put(), SupplierInvoices\put(), SupplierOrders\put(), SupplierProposals\put(), Tasks\put(), Thirdparties\put(), Tickets\put(), Users\put(), Warehouses\put(), Webhook\put(), EmailTemplates\putById(), EventAttendees\putById(), EmailTemplates\putbyLabel(), EventAttendees\putByRef(), Recruitments\putCandidature(), Users\putGroups(), Recruitments\putJobPosition(), Thirdparties\putSocieteAccount(), Members\putType(), Thirdparties\updateCompanyBankAccount(), Thirdparties\updateCompanyNotification(), Setup\updateExtrafields(), ExpenseReports\updatePayment(), Salaries\updatePayment(), Mailings\updateTarget(), and Users\updateUserNotification().

◆ _cleanObjectDatas()

DolibarrApi::_cleanObjectDatas ( $object )

protected

Clean sensitive object data @phpstan-template T.

Parameters

Object $object Object to clean

Returns: Object Object with cleaned properties

@phpstan-param T $object @phpstan-return T

Reimplemented in AgendaEvents, BankAccounts, Boms, Categories, Contacts, Contracts, Donations, EmailTemplates, EventAttendees, ExpenseReports, Interventions, Invoices, KnowledgeManagement, Mailings, Members, MembersTypes, Mos, MultiCurrencies, MyModuleApi, ObjectLinks, Orders, Paiements, Partnerships, Productlots, Products, Projects, Proposals, Receptions, Recruitments, Salaries, Setup, Shipments, StockMovements, SupplierInvoices, SupplierOrders, SupplierProposals, Tasks, Thirdparties, Tickets, Users, Warehouses, Webhook, and Zapier.

Definition at line 299 of file api.class.php.

References $object, and _cleanObjectDatas().

Referenced by _cleanObjectDatas(), Workstations\_fetch(), Holidays\approve(), Holidays\cancel(), Holidays\get(), Subscriptions\get(), Holidays\index(), Subscriptions\index(), Workstations\index(), Holidays\refuse(), Holidays\reopen(), and Holidays\validate().

◆ _filterObjectProperties()

DolibarrApi::_filterObjectProperties	(		$object,
			$properties )

protected

Filter properties that will be returned on object.

@phpstan-template T

Parameters

Object	$object	Object to clean
string	$properties	Comma separated list of properties names

Returns: Object Object with cleaned properties @phpstan-param T $object @phpstan-return T

Definition at line 248 of file api.class.php.

References $object.

Referenced by Contracts\get(), Invoices\get(), Products\getAttributes(), Orders\getLine(), Contracts\getLines(), AgendaEvents\index(), BankAccounts\index(), Boms\index(), Categories\index(), Contacts\index(), Contracts\index(), Donations\index(), EmailTemplates\index(), EventAttendees\index(), ExpenseReports\index(), Holidays\index(), Interventions\index(), Invoices\index(), KnowledgeManagement\index(), Mailings\index(), Members\index(), MembersTypes\index(), Mos\index(), MultiCurrencies\index(), MyModuleApi\index(), Orders\index(), Paiements\index(), Partnerships\index(), Productlots\index(), Products\index(), Projects\index(), Proposals\index(), Receptions\index(), Shipments\index(), StockMovements\index(), Subscriptions\index(), SupplierInvoices\index(), SupplierOrders\index(), SupplierProposals\index(), Tasks\index(), Thirdparties\index(), Tickets\index(), Users\index(), Warehouses\index(), Webhook\index(), Workstations\index(), Zapier\index(), Recruitments\indexCandidature(), Recruitments\indexJobPosition(), Mailings\indexTargets(), Invoices\indexTemplateInvoices(), Members\indexType(), Users\listGroups(), Warehouses\listProducts(), and Projects\listTimespent().

◆ _forge_criteria_callback()

static DolibarrApi::_forge_criteria_callback ( $matches )

staticprotected

Function to forge a SQL criteria from a Generic filter string.

Function no more used. Kept for backward compatibility with old APIs of modules

Parameters

string[] $matches Array of found string by regex search. Each entry is 1 and only 1 criteria. Example: "t.ref:like:'SO-%'", "t.date_creation:>:'20160101'", "t.date_creation:<:'2016-01-01 12:30:00'", "t.nature:is:NULL", "t.field2:isnot:NULL"

Returns: string Forged criteria. Example: "t.field like 'abc%'"

Definition at line 539 of file api.class.php.

The documentation for this class was generated from the following file:

dolibarr_dev/htdocs/api/class/api.class.php

Public Member Functions

Protected Member Functions

Static Protected Member Functions

Detailed Description

Constructor & Destructor Documentation

◆ __construct()

Member Function Documentation

◆ _checkAccessToResource()

◆ _checkFilters()

◆ _checkValExtrafieldsForAPI()

◆ _checkValForAPI()

◆ _cleanObjectDatas()

◆ _filterObjectProperties()

◆ _forge_criteria_callback()