From cf967185d57ab9fd2500e8d5f479bc5eb2358a46 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Charl=C3=A8ne=20Benke?=
 <1179011+defrance@users.noreply.github.com>
Date: Tue, 10 Jun 2025 16:25:24 +0200
Subject: [PATCH] Add getConfs call to get all const in one call (#34385)

* Add getConfs call to get all const in one call

* Update api_setup.class.php

* Update api_setup.class.php
---
 htdocs/api/class/api_setup.class.php | 47 ++++++++++++++++++++++++++++
 1 file changed, 47 insertions(+)

diff --git a/htdocs/api/class/api_setup.class.php b/htdocs/api/class/api_setup.class.php
index 652b1dcae98..0df8e50efe2 100644
--- a/htdocs/api/class/api_setup.class.php
+++ b/htdocs/api/class/api_setup.class.php
@@ -7,6 +7,7 @@
  * Copyright (C) 2018-2022  Thibault FOUCART        <support@ptibogxiv.net>
  * Copyright (C) 2024       Jon Bendtsen            <jon.bendtsen.github@jonb.dk>
  * Copyright (C) 2024-2025	MDW						<mdeweerd@users.noreply.github.com>
+ * Copyright (C) 2025       Charlene Benke          <charlene@patas-monkey.com>
  *
  *
  * This program is free software; you can redistribute it and/or modify
@@ -2476,6 +2477,52 @@ class Setup extends DolibarrApi
 		return getDolGlobalString($constantname);
 	}
 
+	/**
+	 * Get all setup variables
+	 *
+	 * Note that conf variables that stores security key or password hashes can't be loaded with API.
+	 *
+	 * @return array				List of establishments
+	 * @phan-return array<Object|false>
+	 * @phpstan-return array<Object|false>
+	 *
+	 * @url     GET conf/
+	 *
+	 * @throws RestException 400 Error Bad or unknown value for constantname
+	 * @throws RestException 403 Forbidden
+	 */
+	public function getConfs()
+	{
+		global $conf;
+		$list = array();
+
+		if (!DolibarrApiAccess::$user->admin
+			&& (!getDolGlobalString('API_LOGINS_ALLOWED_FOR_CONST_READ') || DolibarrApiAccess::$user->login != getDolGlobalString('API_LOGINS_ALLOWED_FOR_CONST_READ'))) {
+			throw new RestException(403, 'Error API open to admin users only or to the users with logins defined into constant API_LOGINS_ALLOWED_FOR_CONST_READ');
+		}
+
+		$sql = "select name, value";
+		$sql .= " FROM ".MAIN_DB_PREFIX."const";
+		$sql .= " WHERE entity IN (".getEntity('const').')';
+
+		$result = $this->db->query($sql);
+
+		if ($result) {
+			$num = $this->db->num_rows($result);
+			for ($i = 0; $i < $num; $i++) {
+				$obj = $this->db->fetch_object($result);
+				if (!isASecretKey($obj->name)) {
+					// We do not return secret keys
+					$list[$obj->name] = $obj->value;
+				}
+			}
+		} else {
+			throw new RestException(503, 'Error when retrieving list of const : '.$this->db->lasterror());
+		}
+
+		return $list;
+	}
+
 	/**
 	 * Do a test of integrity for files and setup.
 	 *