Wavyzz/dolibarr
2
0
Fork 1
mirror of https://github.com/Dolibarr/dolibarr.git synced 2026-02-07 16:41:48 +01:00
Code Issues Packages Projects Releases Wiki Activity

Some API HTTP return code were moved from 401 to 403 to better follow

Browse Source 
REST specification.
This commit is contained in:
Laurent Destailleur
2024-04-02 14:47:49 +02:00
parent 9811ef1a78
commit 7715513ac9
26 changed files with 212 additions and 212 deletions
Download Patch File Download Diff File Expand all files Collapse all files

32
htdocs/commande/class/api_orders.class.php
View File

@@ -128,7 +128,7 @@ class Orders extends DolibarrApi
}
if (!DolibarrApi::_checkAccessToResource('commande', $this->commande->id)) {
throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
throw new RestException(403, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
}
// Add external contacts ids
@@ -315,7 +315,7 @@ class Orders extends DolibarrApi
}
if (!DolibarrApi::_checkAccessToResource('commande', $this->commande->id)) {
throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
throw new RestException(403, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
}
$this->commande->getLinesArray();
$result = array();
@@ -347,7 +347,7 @@ class Orders extends DolibarrApi
}
if (!DolibarrApi::_checkAccessToResource('commande', $this->commande->id)) {
throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
throw new RestException(403, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
}
$request_data = (object) $request_data;
@@ -414,7 +414,7 @@ class Orders extends DolibarrApi
}
if (!DolibarrApi::_checkAccessToResource('commande', $this->commande->id)) {
throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
throw new RestException(403, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
}
$request_data = (object) $request_data;
@@ -482,7 +482,7 @@ class Orders extends DolibarrApi
}
if (!DolibarrApi::_checkAccessToResource('commande', $this->commande->id)) {
throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
throw new RestException(403, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
}
$updateRes = $this->commande->deleteLine(DolibarrApiAccess::$user, $lineid, $id);
@@ -518,7 +518,7 @@ class Orders extends DolibarrApi
}
if (!DolibarrApi::_checkAccessToResource('commande', $this->commande->id)) {
throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
throw new RestException(403, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
}
$contacts = $this->commande->liste_contact(-1, 'external', 0, $type);
@@ -551,7 +551,7 @@ class Orders extends DolibarrApi
}
if (!DolibarrApi::_checkAccessToResource('commande', $this->commande->id)) {
throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
throw new RestException(403, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
}
$result = $this->commande->add_contact($contactid, $type, 'external');
@@ -599,7 +599,7 @@ class Orders extends DolibarrApi
}
if (!DolibarrApi::_checkAccessToResource('commande', $this->commande->id)) {
throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
throw new RestException(403, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
}
$contacts = $this->commande->liste_contact();
@@ -641,7 +641,7 @@ class Orders extends DolibarrApi
}
if (!DolibarrApi::_checkAccessToResource('commande', $this->commande->id)) {
throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
throw new RestException(403, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
}
foreach ($request_data as $field => $value) {
if ($field == 'id') {
@@ -693,7 +693,7 @@ class Orders extends DolibarrApi
}
if (!DolibarrApi::_checkAccessToResource('commande', $this->commande->id)) {
throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
throw new RestException(403, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
}
if (!$this->commande->delete(DolibarrApiAccess::$user)) {
@@ -743,7 +743,7 @@ class Orders extends DolibarrApi
$result = $this->commande->fetch_thirdparty(); // do not check result, as failure is not fatal (used only for mail notification substitutes)
if (!DolibarrApi::_checkAccessToResource('commande', $this->commande->id)) {
throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
throw new RestException(403, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
}
$result = $this->commande->valid(DolibarrApiAccess::$user, $idwarehouse, $notrigger);
@@ -841,7 +841,7 @@ class Orders extends DolibarrApi
}
if (!DolibarrApi::_checkAccessToResource('commande', $this->commande->id)) {
throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
throw new RestException(403, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
}
$this->commande->fetchObjectLinked();
@@ -869,7 +869,7 @@ class Orders extends DolibarrApi
}
if (!DolibarrApi::_checkAccessToResource('commande', $this->commande->id)) {
throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
throw new RestException(403, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
}
$result = $this->commande->cloture(DolibarrApiAccess::$user, $notrigger);
@@ -886,7 +886,7 @@ class Orders extends DolibarrApi
}
if (!DolibarrApi::_checkAccessToResource('commande', $this->commande->id)) {
throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
throw new RestException(403, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
}
$this->commande->fetchObjectLinked();
@@ -914,7 +914,7 @@ class Orders extends DolibarrApi
}
if (!DolibarrApi::_checkAccessToResource('commande', $this->commande->id)) {
throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
throw new RestException(403, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
}
$result = $this->commande->setDraft(DolibarrApiAccess::$user, $idwarehouse);
@@ -931,7 +931,7 @@ class Orders extends DolibarrApi
}
if (!DolibarrApi::_checkAccessToResource('commande', $this->commande->id)) {
throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
throw new RestException(403, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
}
$this->commande->fetchObjectLinked();