diff --git a/dev/skeletons/skeleton_api_class.class.php b/dev/skeletons/skeleton_api_class.class.php new file mode 100644 index 00000000000..86086dfe80b --- /dev/null +++ b/dev/skeletons/skeleton_api_class.class.php @@ -0,0 +1,254 @@ + + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 3 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program. If not, see . + */ + + use Luracast\Restler\RestException; + + +/** + * + * API class for skeleton object + * + * @smart-auto-routing false + * @access protected + * @class DolibarrApiAccess {@requires user,external} + * + * + */ +class SkeletonApi extends DolibarrApi { + + /** + * + * @var array $FIELDS Mandatory fields, checked when create and update object + */ + static $FIELDS = array( + 'name' + ); + + /** + * @var Skeleton $skeleton {@type Skeleton} + */ + public $skeleton; + + /** + * Constructor + * + * @url skeleton/ + * + */ + function __construct() + { + global $db, $conf; + $this->db = $db; + $this->skeleton = new Skeleton($this->db); + } + + /** + * Get properties of a skeleton object + * + * Return an array with skeleton informations + * + * @url GET skeleton/{id} + * @param int $id ID of skeleton + * @return array|mixed data without useless information + * + * @throws RestException + */ + function get($id) + { + if(! DolibarrApiAccess::$user->rights->skeleton->read) { + throw new RestException(401); + } + + $result = $this->skeleton->fetch($id); + if( ! $result ) { + throw new RestException(404, 'Skeleton not found'); + } + + if( ! DolibarrApi::_checkAccessToResource('skeleton',$this->skeleton->id)) { + throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login); + } + + return $this->_cleanObjectDatas($this->skeleton); + } + + /** + * List skeletons + * + * Get a list of skeletons + * + * @url GET /skeletons/ + * + * + * + * @return array Array of skeleton objects + */ + function getList() { + global $db, $conf; + + $obj_ret = array(); + + $socid = DolibarrApiAccess::$user->societe_id ? DolibarrApiAccess::$user->societe_id : ''; + + // If the internal user must only see his customers, force searching by him + if (! DolibarrApiAccess::$user->rights->societe->client->voir && !$socid) $search_sale = DolibarrApiAccess::$user->id; + + $sql = "SELECT s.rowid"; + if ((!DolibarrApiAccess::$user->rights->societe->client->voir && !$socid) || $search_sale > 0) $sql .= ", sc.fk_soc, sc.fk_user"; // We need these fields in order to filter by sale (including the case where the user can only see his prospects) + $sql.= " FROM ".MAIN_DB_PREFIX."skeleton as s"; + + if ((!DolibarrApiAccess::$user->rights->societe->client->voir && !$socid) || $search_sale > 0) $sql.= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; // We need this table joined to the select in order to filter by sale + $sql.= ", ".MAIN_DB_PREFIX."c_stcomm as st"; + $sql.= " WHERE s.fk_stcomm = st.id"; + if ($only_customer) $sql.= " AND s.client IN (1, 3)"; + if ($only_prospect) $sql.= " AND s.client IN (2, 3)"; + if ($only_others) $sql.= " AND s.client IN (0)"; + $sql.= ' AND s.entity IN ('.getEntity('skeleton', 1).')'; + if ((!DolibarrApiAccess::$user->rights->societe->client->voir && !$socid) || $search_sale > 0) $sql.= " AND s.fk_soc = sc.fk_soc"; + if ($socid) $sql.= " AND s.fk_soc = ".$socid; + if ($search_sale > 0) $sql.= " AND s.rowid = sc.fk_soc"; // Join for the needed table to filter by sale + + // Insert sale filter + if ($search_sale > 0) + { + $sql .= " AND sc.fk_user = ".$search_sale; + } + + $nbtotalofrecords = 0; + if (empty($conf->global->MAIN_DISABLE_FULL_SCANLIST)) + { + $result = $db->query($sql); + $nbtotalofrecords = $db->num_rows($result); + } + + $sql.= $db->order($sortfield,$sortorder); + $sql.= $db->plimit($conf->liste_limit +1, $offset); + + $result = $db->query($sql); + if ($result) + { + $num = $db->num_rows($result); + while ($i < min($num,$conf->liste_limit)) + { + $obj = $db->fetch_object($result); + $soc_static = new Skeleton($db); + if($soc_static->fetch($obj->rowid)) { + $obj_ret[] = parent::_cleanObjectDatas($soc_static); + } + $i++; + } + } + if( ! count($obj_ret)) { + throw new RestException(404, 'Thirdparties not found'); + } + return $obj_ret; + } + + /** + * Create skeleton object + * + * @url POST skeleton/ + * @param array $request_data + * @return int ID of skeleton + */ + function post($request_data = NULL) + { + if(! DolibarrApiAccess::$user->rights->skeleton->create) { + throw new RestException(401); + } + // Check mandatory fields + $result = $this->_validate($request_data); + + foreach($request_data as $field => $value) { + $this->skeleton->$field = $value; + } + return $this->skeleton->create(DolibarrApiAccess::$user); + } + + /** + * Update skeleton + * + * @url PUT skeleton/{id} + * @param int $id Id of skeleton to update + * @param array $request_data Datas + * @return int + */ + function put($id, $request_data = NULL) + { + if(! DolibarrApiAccess::$user->rights->skeleton->create) { + throw new RestException(401); + } + + $result = $this->skeleton->fetch($id); + if( ! $result ) { + throw new RestException(404, 'Skeleton not found'); + } + + if( ! DolibarrApi::_checkAccessToResource('skeleton',$this->skeleton->id)) { + throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login); + } + + foreach($request_data as $field => $value) { + $this->skeleton->$field = $value; + } + + if($this->skeleton->update($id, DolibarrApiAccess::$user,1,'','','update')) + return $this->get ($id); + + return false; + } + + /** + * Delete skeleton + * + * @url DELETE skeleton/{id} + * @param int $id + * @return type + */ + function delete($id) + { + if(! DolibarrApiAccess::$user->rights->skeleton->supprimer) { + throw new RestException(401); + } + $result = $this->skeleton->fetch($id); + if( ! $result ) { + throw new RestException(404, 'Skeleton not found'); + } + + if( ! DolibarrApi::_checkAccessToResource('skeleton',$this->skeleton->id)) { + throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login); + } + + return $this->skeleton->delete($id); + } + + /** + * Validate fields before create or update object + * @param array $data + * @return array + * @throws RestException + */ + function _validate($data) + { + $skeleton = array(); + foreach (SkeletonApi::$FIELDS as $field) { + if (!isset($data[$field])) + throw new RestException(400, "$field field missing"); + $skeleton[$field] = $data[$field]; + } + return $skeleton; + } +}