From 712da5b1727e2fdac52e734b391f74f0924d47bc Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Charl=C3=A8ne=20Benke?= <1179011+defrance@users.noreply.github.com> Date: Tue, 25 Nov 2025 14:21:58 +0100 Subject: [PATCH] NEW : api setup - Add dictionnary holiday lists (#36402) * Add methods to retrieve holiday and public holiday lists * Fix SQL query formatting in api_setup.class.php * Add user permission checks for API access Added permission checks for user access rights before fetching data for expense reports, holidays, and HR public holidays. --- htdocs/api/class/api_setup.class.php | 161 +++++++++++++++++++++++++++ 1 file changed, 161 insertions(+) diff --git a/htdocs/api/class/api_setup.class.php b/htdocs/api/class/api_setup.class.php index 8bce68de0c9..db84049d46e 100644 --- a/htdocs/api/class/api_setup.class.php +++ b/htdocs/api/class/api_setup.class.php @@ -977,6 +977,10 @@ class Setup extends DolibarrApi { $list = array(); + if (!DolibarrApiAccess::$user->hasRight('expensereport', 'lire')) { + throw new RestException(403); + } + $sql = "SELECT id, code, label, accountancy_code, active, module, position"; $sql .= " FROM ".MAIN_DB_PREFIX."c_type_fees as t"; $sql .= " WHERE t.active = ".((int) $active); @@ -1019,6 +1023,163 @@ class Setup extends DolibarrApi return $list; } + /** + * Get the list of holiday types. + * + * @param string $sortfield Sort field + * @param string $sortorder Sort order + * @param int $limit Number of items per page + * @param int $page Page number (starting from zero) + * @param string $fk_country To filter on country + * @param int $active Holiday is active or not {@min 0} {@max 1} + * @param string $lang Code of the language the label of the holiday must be translated to + * @param string $sqlfilters Other criteria to filter answers separated by a comma. Syntax example "(t.code:like:'A%') and (t.active:>=:0)" + * @return array List of holiday types + * @phan-return array + * @phpstan-return array + * + * @url GET dictionary/holiday_types + * + * @throws RestException 400 Bad value for sqlfilters + * @throws RestException 503 Error when retrieving list of holiday types + */ + public function getListOfHolidayTypes($sortfield = "sortorder", $sortorder = 'ASC', $limit = 100, $page = 0, $fk_country = '', $active = 1, $lang = '', $sqlfilters = '') + { + global $langs; + $langs->loadLangs(array('holiday')); + + if (!DolibarrApiAccess::$user->hasRight('holiday', 'lire')) { + throw new RestException(403); + } + + $list = array(); + + $sql = "SELECT rowid, code, label, affect, delay, newbymonth, fk_country"; + $sql .= " FROM ".MAIN_DB_PREFIX."c_holiday_types as t"; + $sql .= " WHERE t.active = ".((int) $active); + if ($fk_country) { + $sql .= " AND (t.fk_country = ".((int) $fk_country); + $sql .= " OR t.fk_country is null)"; + } + // Add sql filters + if ($sqlfilters) { + $errormessage = ''; + $sql .= forgeSQLFromUniversalSearchCriteria($sqlfilters, $errormessage); + if ($errormessage) { + throw new RestException(400, 'Error when validating parameter sqlfilters -> '.$errormessage); + } + } + + $sql .= $this->db->order($sortfield, $sortorder); + + if ($limit) { + if ($page < 0) { + $page = 0; + } + $offset = $limit * $page; + + $sql .= $this->db->plimit($limit, $offset); + } + + $result = $this->db->query($sql); + + if ($result) { + $num = $this->db->num_rows($result); + $min = min($num, ($limit <= 0 ? $num : $limit)); + for ($i = 0; $i < $min; $i++) { + $holiday = $this->db->fetch_object($result); + $tmplabel = $langs->trans($holiday->code); + if ($tmplabel != $holiday->code) { + $holiday->label = $tmplabel; + } + //$this->translateLabel($holiday, $lang, 'Holiday', array('dict')); + $list[] = $holiday; + } + } else { + throw new RestException(503, 'Error when retrieving list of holiday : '.$this->db->lasterror()); + } + + return $list; + } + + /** + * Get the list of public holiday. + * + * @param string $sortfield Sort field + * @param string $sortorder Sort order + * @param int $limit Number of items per page + * @param int $page Page number (starting from zero) + * @param string $fk_country To filter on country + * @param int $active Holiday is active or not {@min 0} {@max 1} + * @param string $lang Code of the language the label of the holiday must be translated to + * @param string $sqlfilters Other criteria to filter answers separated by a comma. Syntax example "(t.code:like:'A%') and (t.active:>=:0)" + * @return array List of public holiday + * @phan-return array + * @phpstan-return array + * + * @url GET dictionary/public_holiday + * + * @throws RestException 400 Bad value for sqlfilters + * @throws RestException 503 Error when retrieving list of holiday types + */ + public function getListOfPublicHolidays($sortfield = "code", $sortorder = 'ASC', $limit = 100, $page = 0, $fk_country = '', $active = 1, $lang = '', $sqlfilters = '') + { + global $langs; + $langs->loadLangs(array('hrm')); + + if (!DolibarrApiAccess::$user->hasRight('holiday', 'lire')) { + throw new RestException(403); + } + + $list = array(); + + $sql = "SELECT id, code, dayrule, day, month, year, fk_country, code as label"; + $sql .= " FROM ".MAIN_DB_PREFIX."c_hrm_public_holiday as t"; + $sql .= " WHERE t.active = ".((int) $active); + if ($fk_country) { + $sql .= " AND (t.fk_country = ".((int) $fk_country); + $sql .= " OR t.fk_country is null)"; + } + // Add sql filters + if ($sqlfilters) { + $errormessage = ''; + $sql .= forgeSQLFromUniversalSearchCriteria($sqlfilters, $errormessage); + if ($errormessage) { + throw new RestException(400, 'Error when validating parameter sqlfilters -> '.$errormessage); + } + } + + $sql .= $this->db->order($sortfield, $sortorder); + + if ($limit) { + if ($page < 0) { + $page = 0; + } + $offset = $limit * $page; + + $sql .= $this->db->plimit($limit, $offset); + } + + $result = $this->db->query($sql); + + if ($result) { + $num = $this->db->num_rows($result); + $min = min($num, ($limit <= 0 ? $num : $limit)); + for ($i = 0; $i < $min; $i++) { + $holiday = $this->db->fetch_object($result); + $tmplabel = $langs->trans($holiday->code); + if ($tmplabel != $holiday->code) { + $holiday->label = $tmplabel; + } + //$this->translateLabel($holiday, $lang, 'Holiday', array('dict')); + $list[] = $holiday; + } + } else { + throw new RestException(503, 'Error when retrieving list of public holiday : '.$this->db->lasterror()); + } + + return $list; + } /** * Get the list of contacts types.