diff --git a/htdocs/comm/propal/class/api_proposals.class.php b/htdocs/comm/propal/class/api_proposals.class.php index 844c204f441..63b26373f60 100644 --- a/htdocs/comm/propal/class/api_proposals.class.php +++ b/htdocs/comm/propal/class/api_proposals.class.php @@ -516,7 +516,7 @@ class Proposals extends DolibarrApi throw new RestException(500, 'Error : '.$this->propal->error); } - $result = $this->propal->fetch($id); + $result = $this->propal->fetch($id); if( ! $result ) { throw new RestException(404, 'Proposal not found'); } @@ -531,37 +531,6 @@ class Proposals extends DolibarrApi } - /** - * Set a commercial proposal billed. Could be also called setbilled - * - * @param int $id Commercial proposal ID - * - * @url POST {id}/setbilled - * - * @return array - */ - function setinvoiced($id) - { - if(! DolibarrApiAccess::$user->rights->propal->creer) { - throw new RestException(401); - } - $result = $this->propal->fetch($id); - if( ! $result ) { - throw new RestException(404, 'Commercial Proposal not found'); - } - - if( ! DolibarrApi::_checkAccessToResource('propal',$this->propal->id)) { - throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login); - } - - $result = $this->propal->classifyBilled(DolibarrApiAccess::$user); - if( $result < 0) { - throw new RestException(400, $this->propal->error); - } - - return $result; - } - /** * Validate a commercial proposal * @@ -584,8 +553,6 @@ class Proposals extends DolibarrApi */ function validate($id, $notrigger=0) { - var_dump($notrigger);exit; - if(! DolibarrApiAccess::$user->rights->propal->creer) { throw new RestException(401); } @@ -615,6 +582,8 @@ class Proposals extends DolibarrApi throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login); } + $this->propal->fetchObjectLinked(); + return $this->_cleanObjectDatas($this->propal); } @@ -652,16 +621,22 @@ class Proposals extends DolibarrApi throw new RestException(500, 'Error when closing Commercial Proposal: '.$this->propal->error); } - return array( - 'success' => array( - 'code' => 200, - 'message' => 'Commercial Proposal closed (Ref='.$this->propal->ref.')' - ) - ); + $result = $this->propal->fetch($id); + if( ! $result ) { + throw new RestException(404, 'Proposal not found'); + } + + if( ! DolibarrApi::_checkAccessToResource('propal',$this->propal->id)) { + throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login); + } + + $this->propal->fetchObjectLinked(); + + return $this->_cleanObjectDatas($this->propal); } /** - * Set a commercial proposal billed + * Set a commercial proposal billed. Could be also called setbilled * * @param int $id Commercial proposal ID * @@ -688,12 +663,18 @@ class Proposals extends DolibarrApi throw new RestException(500, 'Error : '.$this->propal->error); } - return array( - 'success' => array( - 'code' => 200, - 'message' => 'Commercial Proposal set billed (Ref='.$this->propal->ref.')' - ) - ); + $result = $this->propal->fetch($id); + if( ! $result ) { + throw new RestException(404, 'Proposal not found'); + } + + if( ! DolibarrApi::_checkAccessToResource('propal',$this->propal->id)) { + throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login); + } + + $this->propal->fetchObjectLinked(); + + return $this->_cleanObjectDatas($this->propal); } diff --git a/htdocs/commande/class/api_orders.class.php b/htdocs/commande/class/api_orders.class.php index 1d30e08205b..e1edde93922 100644 --- a/htdocs/commande/class/api_orders.class.php +++ b/htdocs/commande/class/api_orders.class.php @@ -605,7 +605,18 @@ class Orders extends DolibarrApi throw new RestException(400, $this->commande->error); } - return $result; + $result = $this->commande->fetch($id); + if( ! $result ) { + throw new RestException(404, 'Order not found'); + } + + if( ! DolibarrApi::_checkAccessToResource('commande',$this->commande->id)) { + throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login); + } + + $this->commande->fetchObjectLinked(); + + return $this->_cleanObjectDatas($this->commande); } /** @@ -640,7 +651,18 @@ class Orders extends DolibarrApi throw new RestException(500, 'Error when closing Order: '.$this->commande->error); } - return $result; + $result = $this->commande->fetch($id); + if( ! $result ) { + throw new RestException(404, 'Order not found'); + } + + if( ! DolibarrApi::_checkAccessToResource('commande',$this->commande->id)) { + throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login); + } + + $this->commande->fetchObjectLinked(); + + return $this->_cleanObjectDatas($this->commande); } /**