2016-12-12 15:19:47 +01:00
< ? php
/* Copyright ( C ) 2016 Xebax Christy < xebax @ wanadoo . fr >
* Copyright ( C ) 2016 Laurent Destailleur < eldy @ users . sourceforge . net >
* Copyright ( C ) 2016 Jean - François Ferry < jfefe @ aternatik . fr >
*
* This program is free software you can redistribute it and / or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation ; either version 3 of the License , or
* ( at your option ) any later version .
*
* This program is distributed in the hope that it will be useful ,
* but WITHOUT ANY WARRANTY ; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE . See the
* GNU General Public License for more details .
*
* You should have received a copy of the GNU General Public License
2019-09-23 21:55:30 +02:00
* along with this program . If not , see < https :// www . gnu . org / licenses />.
2016-12-12 15:19:47 +01:00
*/
use Luracast\Restler\RestException ;
use Luracast\Restler\Format\UploadFormat ;
require_once DOL_DOCUMENT_ROOT . '/main.inc.php' ;
2017-09-28 12:14:49 +02:00
require_once DOL_DOCUMENT_ROOT . '/core/lib/files.lib.php' ;
2016-12-12 15:19:47 +01:00
/**
* API class for receive files
*
* @ access protected
* @ class Documents { @ requires user , external }
*/
class Documents extends DolibarrApi
{
2017-10-06 02:42:32 +02:00
/**
* @ var array $DOCUMENT_FIELDS Mandatory fields , checked when create and update object
*/
2021-02-23 17:44:43 +01:00
public static $DOCUMENT_FIELDS = array (
2017-10-06 02:42:32 +02:00
'modulepart'
);
/**
* Constructor
*/
2019-02-25 20:35:59 +01:00
public function __construct ()
2017-10-06 02:42:32 +02:00
{
global $db ;
$this -> db = $db ;
}
/**
2017-11-06 11:06:31 +01:00
* Download a document .
*
* Note that , this API is similar to using the wrapper link " documents.php " to download a file ( used for
* internal HTML links of documents into application ), but with no need to have a session cookie ( the token is used instead ) .
2017-10-06 02:42:32 +02:00
*
2019-08-25 16:38:09 +02:00
* @ param string $modulepart Name of module or area concerned by file download ( 'facture' , ... )
2017-10-06 02:42:32 +02:00
* @ param string $original_file Relative path with filename , relative to modulepart ( for example : IN201701 - 999 / IN201701 - 999. pdf )
* @ return array List of documents
*
2020-02-18 22:58:51 +01:00
* @ throws RestException 400
* @ throws RestException 401
* @ throws RestException 404
2017-11-06 11:06:31 +01:00
*
* @ url GET / download
2017-10-06 02:42:32 +02:00
*/
2019-08-25 16:38:09 +02:00
public function index ( $modulepart , $original_file = '' )
2017-10-06 02:42:32 +02:00
{
2017-10-07 20:21:47 +02:00
global $conf , $langs ;
2017-10-05 10:21:52 +02:00
2019-08-25 16:38:09 +02:00
if ( empty ( $modulepart )) {
2017-10-06 02:42:32 +02:00
throw new RestException ( 400 , 'bad value for parameter modulepart' );
}
if ( empty ( $original_file )) {
2017-12-27 15:48:20 +01:00
throw new RestException ( 400 , 'bad value for parameter original_file' );
2017-10-05 10:21:52 +02:00
}
2017-10-04 15:59:54 +02:00
2017-10-05 10:21:52 +02:00
//--- Finds and returns the document
2019-11-22 15:13:30 +01:00
$entity = $conf -> entity ;
2017-10-04 15:59:54 +02:00
2020-02-25 14:59:47 +01:00
// Special cases that need to use get_exdir to get real dir of object
// If future, all object should use this to define path of documents.
/*
$tmpreldir = '' ;
if ( $modulepart == 'supplier_invoice' ) {
$tmpreldir = get_exdir ( $object -> id , 2 , 0 , 0 , $object , 'invoice_supplier' );
}
$relativefile = $tmpreldir . dol_sanitizeFileName ( $object -> ref ); */
$relativefile = $original_file ;
$check_access = dol_check_secure_access_document ( $modulepart , $relativefile , $entity , DolibarrApiAccess :: $user , '' , 'read' );
2019-02-25 20:35:59 +01:00
$accessallowed = $check_access [ 'accessallowed' ];
2017-10-05 10:21:52 +02:00
$sqlprotectagainstexternals = $check_access [ 'sqlprotectagainstexternals' ];
2019-02-25 20:35:59 +01:00
$original_file = $check_access [ 'original_file' ];
2017-09-28 12:14:49 +02:00
2019-02-25 20:35:59 +01:00
if ( preg_match ( '/\.\./' , $original_file ) || preg_match ( '/[<>|]/' , $original_file )) {
2017-10-07 13:09:31 +02:00
throw new RestException ( 401 );
}
if ( ! $accessallowed ) {
throw new RestException ( 401 );
}
2017-12-27 15:48:20 +01:00
$filename = basename ( $original_file );
2019-11-22 15:13:30 +01:00
$original_file_osencoded = dol_osencode ( $original_file ); // New file name encoded in OS encoding charset
2017-12-27 15:48:20 +01:00
2021-02-23 17:44:43 +01:00
if ( ! file_exists ( $original_file_osencoded )) {
2019-08-25 16:38:09 +02:00
dol_syslog ( " Try to download not found file " . $original_file_osencoded , LOG_WARNING );
2017-12-27 15:48:20 +01:00
throw new RestException ( 404 , 'File not found' );
}
2017-10-07 13:09:31 +02:00
2019-11-22 15:13:30 +01:00
$file_content = file_get_contents ( $original_file_osencoded );
return array ( 'filename' => $filename , 'content-type' => dol_mimetype ( $filename ), 'filesize' => filesize ( $original_file ), 'content' => base64_encode ( $file_content ), 'encoding' => 'base64' );
2017-12-27 15:48:20 +01:00
}
/**
* Build a document .
*
2020-12-09 16:26:31 +01:00
* Test sample 1 : { " modulepart " : " invoice " , " original_file " : " FA1701-001/FA1701-001.pdf " , " doctemplate " : " crabe " , " langcode " : " fr_FR " } .
2017-12-27 15:48:20 +01:00
*
2021-10-06 18:50:29 +02:00
* @ param string $modulepart Name of module or area concerned by file download ( 'thirdparty' , 'member' , 'proposal' , 'supplier_proposal' , 'order' , 'supplier_order' , 'invoice' , 'supplier_invoice' , 'shipment' , 'project' , ... )
2017-12-27 15:48:20 +01:00
* @ param string $original_file Relative path with filename , relative to modulepart ( for example : IN201701 - 999 / IN201701 - 999. pdf ) .
* @ param string $doctemplate Set here the doc template to use for document generation ( If not set , use the default template ) .
* @ param string $langcode Language code like 'en_US' , 'fr_FR' , 'es_ES' , ... ( If not set , use the default language ) .
* @ return array List of documents
*
2022-03-18 16:14:20 +01:00
* @ throws RestException 500 System error
2020-02-18 22:58:51 +01:00
* @ throws RestException 501
* @ throws RestException 400
* @ throws RestException 401
* @ throws RestException 404
2017-12-27 15:48:20 +01:00
*
* @ url PUT / builddoc
*/
2019-08-25 16:38:09 +02:00
public function builddoc ( $modulepart , $original_file = '' , $doctemplate = '' , $langcode = '' )
2017-12-27 15:48:20 +01:00
{
global $conf , $langs ;
2019-08-25 16:38:09 +02:00
if ( empty ( $modulepart )) {
2017-12-27 15:48:20 +01:00
throw new RestException ( 400 , 'bad value for parameter modulepart' );
}
if ( empty ( $original_file )) {
throw new RestException ( 400 , 'bad value for parameter original_file' );
}
$outputlangs = $langs ;
2021-02-23 17:44:43 +01:00
if ( $langcode && $langs -> defaultlang != $langcode ) {
2019-11-22 15:13:30 +01:00
$outputlangs = new Translate ( '' , $conf );
2017-12-27 15:48:20 +01:00
$outputlangs -> setDefaultLang ( $langcode );
}
//--- Finds and returns the document
2019-11-22 15:13:30 +01:00
$entity = $conf -> entity ;
2017-12-27 15:48:20 +01:00
2020-02-25 14:59:47 +01:00
// Special cases that need to use get_exdir to get real dir of object
// If future, all object should use this to define path of documents.
/*
$tmpreldir = '' ;
if ( $modulepart == 'supplier_invoice' ) {
$tmpreldir = get_exdir ( $object -> id , 2 , 0 , 0 , $object , 'invoice_supplier' );
}
$relativefile = $tmpreldir . dol_sanitizeFileName ( $object -> ref ); */
$relativefile = $original_file ;
$check_access = dol_check_secure_access_document ( $modulepart , $relativefile , $entity , DolibarrApiAccess :: $user , '' , 'write' );
2017-12-27 15:48:20 +01:00
$accessallowed = $check_access [ 'accessallowed' ];
$sqlprotectagainstexternals = $check_access [ 'sqlprotectagainstexternals' ];
$original_file = $check_access [ 'original_file' ];
2019-02-25 20:35:59 +01:00
if ( preg_match ( '/\.\./' , $original_file ) || preg_match ( '/[<>|]/' , $original_file )) {
2017-12-27 15:48:20 +01:00
throw new RestException ( 401 );
}
if ( ! $accessallowed ) {
throw new RestException ( 401 );
}
// --- Generates the document
$hidedetails = empty ( $conf -> global -> MAIN_GENERATE_DOCUMENTS_HIDE_DETAILS ) ? 0 : 1 ;
$hidedesc = empty ( $conf -> global -> MAIN_GENERATE_DOCUMENTS_HIDE_DESC ) ? 0 : 1 ;
$hideref = empty ( $conf -> global -> MAIN_GENERATE_DOCUMENTS_HIDE_REF ) ? 0 : 1 ;
2019-11-22 15:13:30 +01:00
$templateused = '' ;
2017-12-27 15:48:20 +01:00
2021-02-23 17:44:43 +01:00
if ( $modulepart == 'facture' || $modulepart == 'invoice' ) {
2017-12-27 15:48:20 +01:00
require_once DOL_DOCUMENT_ROOT . '/compta/facture/class/facture.class.php' ;
$this -> invoice = new Facture ( $this -> db );
$result = $this -> invoice -> fetch ( 0 , preg_replace ( '/\.[^\.]+$/' , '' , basename ( $original_file )));
2019-11-22 15:13:30 +01:00
if ( ! $result ) {
2017-12-27 15:48:20 +01:00
throw new RestException ( 404 , 'Invoice not found' );
2017-10-07 13:09:31 +02:00
}
2017-11-10 16:42:06 +01:00
2020-09-10 01:49:09 +02:00
$templateused = $doctemplate ? $doctemplate : $this -> invoice -> model_pdf ;
2017-12-27 15:48:20 +01:00
$result = $this -> invoice -> generateDocument ( $templateused , $outputlangs , $hidedetails , $hidedesc , $hideref );
2019-11-22 15:13:30 +01:00
if ( $result <= 0 ) {
2017-12-27 15:48:20 +01:00
throw new RestException ( 500 , 'Error generating document' );
}
2021-02-23 17:44:43 +01:00
} elseif ( $modulepart == 'commande' || $modulepart == 'order' ) {
2017-12-27 15:48:20 +01:00
require_once DOL_DOCUMENT_ROOT . '/commande/class/commande.class.php' ;
$this -> order = new Commande ( $this -> db );
$result = $this -> order -> fetch ( 0 , preg_replace ( '/\.[^\.]+$/' , '' , basename ( $original_file )));
2019-11-22 15:13:30 +01:00
if ( ! $result ) {
2017-12-27 15:48:20 +01:00
throw new RestException ( 404 , 'Order not found' );
}
2020-09-10 01:49:09 +02:00
$templateused = $doctemplate ? $doctemplate : $this -> order -> model_pdf ;
2017-12-27 15:48:20 +01:00
$result = $this -> order -> generateDocument ( $templateused , $outputlangs , $hidedetails , $hidedesc , $hideref );
2019-11-22 15:13:30 +01:00
if ( $result <= 0 ) {
2017-12-27 15:48:20 +01:00
throw new RestException ( 500 , 'Error generating document' );
}
2021-02-23 17:44:43 +01:00
} elseif ( $modulepart == 'propal' || $modulepart == 'proposal' ) {
2018-01-04 21:14:45 +01:00
require_once DOL_DOCUMENT_ROOT . '/comm/propal/class/propal.class.php' ;
$this -> propal = new Propal ( $this -> db );
$result = $this -> propal -> fetch ( 0 , preg_replace ( '/\.[^\.]+$/' , '' , basename ( $original_file )));
2019-11-22 15:13:30 +01:00
if ( ! $result ) {
2018-01-04 21:14:45 +01:00
throw new RestException ( 404 , 'Proposal not found' );
}
2020-09-10 01:49:09 +02:00
$templateused = $doctemplate ? $doctemplate : $this -> propal -> model_pdf ;
2018-01-04 21:14:45 +01:00
$result = $this -> propal -> generateDocument ( $templateused , $outputlangs , $hidedetails , $hidedesc , $hideref );
2019-11-22 15:13:30 +01:00
if ( $result <= 0 ) {
2018-01-04 21:14:45 +01:00
throw new RestException ( 500 , 'Error generating document' );
}
2020-10-31 09:03:09 +01:00
} else {
2017-12-27 15:48:20 +01:00
throw new RestException ( 403 , 'Generation not available for this modulepart' );
2017-10-05 10:21:52 +02:00
}
2017-09-28 12:14:49 +02:00
2017-10-05 10:21:52 +02:00
$filename = basename ( $original_file );
2019-11-22 15:13:30 +01:00
$original_file_osencoded = dol_osencode ( $original_file ); // New file name encoded in OS encoding charset
2017-09-28 12:14:49 +02:00
2021-02-23 17:44:43 +01:00
if ( ! file_exists ( $original_file_osencoded )) {
2017-10-07 13:09:31 +02:00
throw new RestException ( 404 , 'File not found' );
2017-10-05 10:21:52 +02:00
}
2017-09-28 12:14:49 +02:00
2019-11-22 15:13:30 +01:00
$file_content = file_get_contents ( $original_file_osencoded );
return array ( 'filename' => $filename , 'content-type' => dol_mimetype ( $filename ), 'filesize' => filesize ( $original_file ), 'content' => base64_encode ( $file_content ), 'langcode' => $outputlangs -> defaultlang , 'template' => $templateused , 'encoding' => 'base64' );
2017-10-07 13:09:31 +02:00
}
2017-10-12 12:28:10 +02:00
/**
2017-10-16 08:52:00 +02:00
* Return the list of documents of a dedicated element ( from its ID or Ref )
2017-10-12 12:28:10 +02:00
*
2020-02-25 14:47:05 +01:00
* @ param string $modulepart Name of module or area concerned ( 'thirdparty' , 'member' , 'proposal' , 'order' , 'invoice' , 'supplier_invoice' , 'shipment' , 'project' , ... )
2017-10-16 08:52:00 +02:00
* @ param int $id ID of element
2017-10-12 12:28:10 +02:00
* @ param string $ref Ref of element
2017-10-16 08:52:00 +02:00
* @ param string $sortfield Sort criteria ( '' , 'fullname' , 'relativename' , 'name' , 'date' , 'size' )
* @ param string $sortorder Sort order ( 'asc' or 'desc' )
* @ return array Array of documents with path
2017-10-12 12:28:10 +02:00
*
2020-02-18 22:58:51 +01:00
* @ throws RestException 400
* @ throws RestException 401
* @ throws RestException 404
2022-03-18 16:14:20 +01:00
* @ throws RestException 500 System error
2017-10-12 12:28:10 +02:00
*
2017-11-06 11:06:31 +01:00
* @ url GET /
2017-10-12 12:28:10 +02:00
*/
2019-02-25 20:35:59 +01:00
public function getDocumentsListByElement ( $modulepart , $id = 0 , $ref = '' , $sortfield = '' , $sortorder = '' )
2017-10-12 12:28:10 +02:00
{
global $conf ;
if ( empty ( $modulepart )) {
throw new RestException ( 400 , 'bad value for parameter modulepart' );
}
if ( empty ( $id ) && empty ( $ref )) {
throw new RestException ( 400 , 'bad value for parameter id or ref' );
}
2019-11-22 15:13:30 +01:00
$id = ( empty ( $id ) ? 0 : $id );
2020-10-31 09:03:09 +01:00
$recursive = 0 ;
$type = 'files' ;
2017-10-12 12:28:10 +02:00
2021-02-23 17:44:43 +01:00
if ( $modulepart == 'societe' || $modulepart == 'thirdparty' ) {
2017-11-17 11:44:52 +01:00
require_once DOL_DOCUMENT_ROOT . '/societe/class/societe.class.php' ;
2022-09-10 11:00:38 +02:00
if ( ! DolibarrApiAccess :: $user -> hasRight ( 'societe' , 'lire' )) {
2017-10-12 12:28:10 +02:00
throw new RestException ( 401 );
}
$object = new Societe ( $this -> db );
2019-11-22 15:13:30 +01:00
$result = $object -> fetch ( $id , $ref );
if ( ! $result ) {
2017-10-12 12:28:10 +02:00
throw new RestException ( 404 , 'Thirdparty not found' );
}
2019-11-22 15:13:30 +01:00
$upload_dir = $conf -> societe -> multidir_output [ $object -> entity ] . " / " . $object -> id ;
2021-02-23 17:44:43 +01:00
} elseif ( $modulepart == 'user' ) {
2020-02-15 20:33:12 +01:00
require_once DOL_DOCUMENT_ROOT . '/user/class/user.class.php' ;
2020-02-18 22:49:53 +01:00
// Can get doc if has permission to read all user or if it is user itself
2020-02-18 22:50:13 +01:00
if ( ! DolibarrApiAccess :: $user -> rights -> user -> user -> lire && DolibarrApiAccess :: $user -> id != $id ) {
2020-02-15 20:33:12 +01:00
throw new RestException ( 401 );
}
$object = new User ( $this -> db );
$result = $object -> fetch ( $id , $ref );
if ( ! $result ) {
throw new RestException ( 404 , 'User not found' );
}
$upload_dir = $conf -> user -> dir_output . '/' . get_exdir ( 0 , 0 , 0 , 0 , $object , 'user' ) . '/' . $object -> id ;
2021-02-23 17:44:43 +01:00
} elseif ( $modulepart == 'adherent' || $modulepart == 'member' ) {
2017-10-12 12:28:10 +02:00
require_once DOL_DOCUMENT_ROOT . '/adherents/class/adherent.class.php' ;
if ( ! DolibarrApiAccess :: $user -> rights -> adherent -> lire ) {
throw new RestException ( 401 );
}
$object = new Adherent ( $this -> db );
2019-11-22 15:13:30 +01:00
$result = $object -> fetch ( $id , $ref );
if ( ! $result ) {
2017-10-12 12:28:10 +02:00
throw new RestException ( 404 , 'Member not found' );
}
2019-11-22 15:13:30 +01:00
$upload_dir = $conf -> adherent -> dir_output . " / " . get_exdir ( 0 , 0 , 0 , 1 , $object , 'member' );
2021-02-23 17:44:43 +01:00
} elseif ( $modulepart == 'propal' || $modulepart == 'proposal' ) {
2017-12-22 19:49:31 +01:00
require_once DOL_DOCUMENT_ROOT . '/comm/propal/class/propal.class.php' ;
if ( ! DolibarrApiAccess :: $user -> rights -> propal -> lire ) {
throw new RestException ( 401 );
}
$object = new Propal ( $this -> db );
2019-11-22 15:13:30 +01:00
$result = $object -> fetch ( $id , $ref );
if ( ! $result ) {
2017-12-22 19:49:31 +01:00
throw new RestException ( 404 , 'Proposal not found' );
}
2021-10-06 18:50:29 +02:00
$upload_dir = $conf -> propal -> multidir_output [ $object -> entity ] . " / " . get_exdir ( 0 , 0 , 0 , 1 , $object , 'propal' );
} elseif ( $modulepart == 'supplier_proposal' ) {
require_once DOL_DOCUMENT_ROOT . '/supplier_proposal/class/supplier_proposal.class.php' ;
if ( ! DolibarrApiAccess :: $user -> rights -> supplier_proposal -> read ) {
throw new RestException ( 401 );
}
$object = new Propal ( $this -> db );
$result = $object -> fetch ( $id , $ref );
if ( ! $result ) {
throw new RestException ( 404 , 'Supplier proposal not found' );
}
2019-11-22 15:13:30 +01:00
$upload_dir = $conf -> propal -> multidir_output [ $object -> entity ] . " / " . get_exdir ( 0 , 0 , 0 , 1 , $object , 'propal' );
2021-02-23 17:44:43 +01:00
} elseif ( $modulepart == 'commande' || $modulepart == 'order' ) {
2017-12-22 19:49:31 +01:00
require_once DOL_DOCUMENT_ROOT . '/commande/class/commande.class.php' ;
if ( ! DolibarrApiAccess :: $user -> rights -> commande -> lire ) {
throw new RestException ( 401 );
}
$object = new Commande ( $this -> db );
2019-11-22 15:13:30 +01:00
$result = $object -> fetch ( $id , $ref );
if ( ! $result ) {
2017-12-22 19:49:31 +01:00
throw new RestException ( 404 , 'Order not found' );
}
2019-11-22 15:13:30 +01:00
$upload_dir = $conf -> commande -> dir_output . " / " . get_exdir ( 0 , 0 , 0 , 1 , $object , 'commande' );
2021-10-06 18:50:29 +02:00
} elseif ( $modulepart == 'commande_fournisseur' || $modulepart == 'supplier_order' ) {
$modulepart = 'supplier_order' ;
require_once DOL_DOCUMENT_ROOT . '/fourn/class/fournisseur.commande.class.php' ;
if ( empty ( DolibarrApiAccess :: $user -> rights -> fournisseur -> commande -> lire ) && empty ( DolibarrApiAccess :: $user -> rights -> supplier_order -> lire )) {
throw new RestException ( 401 );
}
$object = new CommandeFournisseur ( $this -> db );
$result = $object -> fetch ( $id , $ref );
if ( ! $result ) {
throw new RestException ( 404 , 'Purchase order not found' );
}
$upload_dir = $conf -> fournisseur -> dir_output . " /facture/ " . get_exdir ( $object -> id , 2 , 0 , 0 , $object , 'invoice_supplier' ) . dol_sanitizeFileName ( $object -> ref );
2021-02-23 17:44:43 +01:00
} elseif ( $modulepart == 'shipment' || $modulepart == 'expedition' ) {
2017-12-22 19:49:31 +01:00
require_once DOL_DOCUMENT_ROOT . '/expedition/class/expedition.class.php' ;
if ( ! DolibarrApiAccess :: $user -> rights -> expedition -> lire ) {
throw new RestException ( 401 );
}
$object = new Expedition ( $this -> db );
2019-11-22 15:13:30 +01:00
$result = $object -> fetch ( $id , $ref );
if ( ! $result ) {
2017-12-22 19:49:31 +01:00
throw new RestException ( 404 , 'Shipment not found' );
}
2019-11-22 15:13:30 +01:00
$upload_dir = $conf -> expedition -> dir_output . " /sending/ " . get_exdir ( 0 , 0 , 0 , 1 , $object , 'shipment' );
2021-02-23 17:44:43 +01:00
} elseif ( $modulepart == 'facture' || $modulepart == 'invoice' ) {
2017-12-22 19:49:31 +01:00
require_once DOL_DOCUMENT_ROOT . '/compta/facture/class/facture.class.php' ;
if ( ! DolibarrApiAccess :: $user -> rights -> facture -> lire ) {
throw new RestException ( 401 );
}
$object = new Facture ( $this -> db );
2019-11-22 15:13:30 +01:00
$result = $object -> fetch ( $id , $ref );
if ( ! $result ) {
2017-12-22 19:49:31 +01:00
throw new RestException ( 404 , 'Invoice not found' );
}
2019-11-22 15:13:30 +01:00
$upload_dir = $conf -> facture -> dir_output . " / " . get_exdir ( 0 , 0 , 0 , 1 , $object , 'invoice' );
2021-02-23 17:44:43 +01:00
} elseif ( $modulepart == 'facture_fournisseur' || $modulepart == 'supplier_invoice' ) {
2020-02-25 14:47:05 +01:00
$modulepart = 'supplier_invoice' ;
require_once DOL_DOCUMENT_ROOT . '/fourn/class/fournisseur.facture.class.php' ;
2021-10-06 18:50:29 +02:00
if ( empty ( DolibarrApiAccess :: $user -> rights -> fournisseur -> facture -> lire ) && empty ( DolibarrApiAccess :: $user -> rights -> supplier_invoice -> lire )) {
2020-02-25 14:47:05 +01:00
throw new RestException ( 401 );
}
$object = new FactureFournisseur ( $this -> db );
$result = $object -> fetch ( $id , $ref );
if ( ! $result ) {
throw new RestException ( 404 , 'Invoice not found' );
}
$upload_dir = $conf -> fournisseur -> dir_output . " /facture/ " . get_exdir ( $object -> id , 2 , 0 , 0 , $object , 'invoice_supplier' ) . dol_sanitizeFileName ( $object -> ref );
2021-02-23 17:44:43 +01:00
} elseif ( $modulepart == 'produit' || $modulepart == 'product' ) {
2019-02-27 00:48:13 +01:00
require_once DOL_DOCUMENT_ROOT . '/product/class/product.class.php' ;
if ( ! DolibarrApiAccess :: $user -> rights -> produit -> lire ) {
throw new RestException ( 401 );
}
$object = new Product ( $this -> db );
2019-11-22 15:13:30 +01:00
$result = $object -> fetch ( $id , $ref );
2020-10-31 14:32:18 +01:00
if ( $result == 0 ) {
2019-02-27 00:48:13 +01:00
throw new RestException ( 404 , 'Product not found' );
2020-10-31 14:32:18 +01:00
} elseif ( $result < 0 ) {
2020-07-31 16:09:38 +02:00
throw new RestException ( 500 , 'Error while fetching object: ' . $object -> error );
2019-02-27 00:48:13 +01:00
}
2021-01-30 13:57:42 +01:00
$upload_dir = $conf -> product -> multidir_output [ $object -> entity ] . '/' . get_exdir ( 0 , 0 , 0 , 1 , $object , 'product' );
2021-02-23 17:44:43 +01:00
} elseif ( $modulepart == 'agenda' || $modulepart == 'action' || $modulepart == 'event' ) {
2018-07-13 16:07:19 +02:00
require_once DOL_DOCUMENT_ROOT . '/comm/action/class/actioncomm.class.php' ;
if ( ! DolibarrApiAccess :: $user -> rights -> agenda -> myactions -> read && ! DolibarrApiAccess :: $user -> rights -> agenda -> allactions -> read ) {
throw new RestException ( 401 );
}
$object = new ActionComm ( $this -> db );
2019-11-22 15:13:30 +01:00
$result = $object -> fetch ( $id , $ref );
if ( ! $result ) {
2018-07-13 16:07:19 +02:00
throw new RestException ( 404 , 'Event not found' );
}
$upload_dir = $conf -> agenda -> dir_output . '/' . dol_sanitizeFileName ( $object -> ref );
2021-02-23 17:44:43 +01:00
} elseif ( $modulepart == 'expensereport' ) {
2020-02-25 14:36:05 +01:00
require_once DOL_DOCUMENT_ROOT . '/expensereport/class/expensereport.class.php' ;
if ( ! DolibarrApiAccess :: $user -> rights -> expensereport -> read && ! DolibarrApiAccess :: $user -> rights -> expensereport -> read ) {
throw new RestException ( 401 );
}
$object = new ExpenseReport ( $this -> db );
$result = $object -> fetch ( $id , $ref );
if ( ! $result ) {
throw new RestException ( 404 , 'Expense report not found' );
}
$upload_dir = $conf -> expensereport -> dir_output . '/' . dol_sanitizeFileName ( $object -> ref );
2022-04-14 21:47:35 +02:00
} elseif ( $modulepart == 'knowledgemanagement' ) {
require_once DOL_DOCUMENT_ROOT . '/knowledgemanagement/class/knowledgerecord.class.php' ;
2023-02-11 22:13:15 +01:00
if ( ! DolibarrApiAccess :: $user -> hasRight ( 'knowledgemanagement' , 'knowledgerecord' , 'read' ) && ! DolibarrApiAccess :: $user -> hasRight ( 'knowledgemanagement' , 'knowledgerecord' , 'read' )) {
2022-04-14 21:47:35 +02:00
throw new RestException ( 401 );
}
$object = new KnowledgeRecord ( $this -> db );
$result = $object -> fetch ( $id , $ref );
if ( ! $result ) {
2022-04-14 22:16:17 +02:00
throw new RestException ( 404 , 'KM article not found' );
2022-04-14 21:47:35 +02:00
}
$upload_dir = $conf -> knowledgemanagement -> dir_output . '/knowledgerecord/' . dol_sanitizeFileName ( $object -> ref );
2021-02-23 17:44:43 +01:00
} elseif ( $modulepart == 'categorie' || $modulepart == 'category' ) {
2020-04-05 11:20:24 +02:00
require_once DOL_DOCUMENT_ROOT . '/categories/class/categorie.class.php' ;
if ( ! DolibarrApiAccess :: $user -> rights -> categorie -> lire ) {
throw new RestException ( 401 );
}
$object = new Categorie ( $this -> db );
$result = $object -> fetch ( $id , $ref );
if ( ! $result ) {
throw new RestException ( 404 , 'Category not found' );
}
$upload_dir = $conf -> categorie -> multidir_output [ $object -> entity ] . '/' . get_exdir ( $object -> id , 2 , 0 , 0 , $object , 'category' ) . $object -> id . " /photos/ " . dol_sanitizeFileName ( $object -> ref );
2020-10-31 09:03:09 +01:00
} elseif ( $modulepart == 'ecm' ) {
2020-12-01 02:41:19 +01:00
throw new RestException ( 500 , 'Modulepart Ecm not implemented yet.' );
2020-10-31 09:03:09 +01:00
// // require_once DOL_DOCUMENT_ROOT.'/ecm/class/ecmdirectory.class.php';
// if (!DolibarrApiAccess::$user->rights->ecm->read) {
// throw new RestException(401);
// }
// // $object = new EcmDirectory($this->db);
// // $result = $object->fetch($ref);
// // if (!$result) {
// // throw new RestException(404, 'EcmDirectory not found');
// // }
// $upload_dir = $conf->ecm->dir_output;
// $type = 'all';
// $recursive = 0;
} else {
2017-10-12 12:28:10 +02:00
throw new RestException ( 500 , 'Modulepart ' . $modulepart . ' not implemented yet.' );
}
2022-11-26 00:02:17 +01:00
$objectType = $modulepart ;
2022-12-01 17:46:13 +01:00
if ( ! empty ( $object -> id ) && ! empty ( $object -> table_element )) {
$objectType = $object -> table_element ;
}
2022-11-26 00:02:17 +01:00
2020-10-31 09:03:09 +01:00
$filearray = dol_dir_list ( $upload_dir , $type , $recursive , '' , '(\.meta|_preview.*\.png)$' , $sortfield , ( strtolower ( $sortorder ) == 'desc' ? SORT_DESC : SORT_ASC ), 1 );
2017-10-12 12:28:10 +02:00
if ( empty ( $filearray )) {
2020-10-31 09:03:09 +01:00
throw new RestException ( 404 , 'Search for modulepart ' . $modulepart . ' with Id ' . $object -> id . ( ! empty ( $object -> ref ) ? ' or Ref ' . $object -> ref : '' ) . ' does not return any document.' );
2020-12-11 10:21:10 +01:00
} else {
if (( $object -> id ) > 0 && ! empty ( $modulepart )) {
2021-10-25 22:07:31 +02:00
require_once DOL_DOCUMENT_ROOT . '/ecm/class/ecmfiles.class.php' ;
2020-12-11 10:21:10 +01:00
$ecmfile = new EcmFiles ( $this -> db );
2022-11-26 00:02:17 +01:00
$result = $ecmfile -> fetchAll ( '' , '' , 0 , 0 , array ( 't.src_object_type' => $objectType , 't.src_object_id' => $object -> id ));
2020-12-11 10:21:10 +01:00
if ( $result < 0 ) {
2021-10-25 22:07:31 +02:00
throw new RestException ( 503 , 'Error when retrieve ecm list : ' . $this -> db -> lasterror ());
2020-12-11 10:21:10 +01:00
} elseif ( is_array ( $ecmfile -> lines ) && count ( $ecmfile -> lines ) > 0 ) {
2022-11-26 00:42:50 +01:00
$count = count ( $filearray );
for ( $i = 0 ; $i < $count ; $i ++ ) {
2022-11-26 00:35:08 +01:00
if ( $filearray [ $i ][ 'name' ] == $ecmfile -> lines [ $i ] -> filename ) $filearray [ $i ] = array_merge ( $filearray [ $i ], ( array ) $ecmfile -> lines [ 0 ]);
2022-11-26 00:02:17 +01:00
}
2020-12-11 10:21:10 +01:00
}
}
2017-10-12 12:28:10 +02:00
}
return $filearray ;
}
2017-10-07 13:09:31 +02:00
/**
* Return a document .
*
* @ param int $id ID of document
* @ return array Array with data of file
*
* @ throws RestException
*/
/*
2021-02-23 17:44:43 +01:00
public function get ( $id ) {
return array ( 'note' => 'xxx' );
} */
2017-10-05 10:21:52 +02:00
2017-10-07 13:09:31 +02:00
/**
2017-11-06 11:06:31 +01:00
* Upload a file .
*
2020-02-25 00:51:06 +01:00
* Test sample for invoice : { " filename " : " mynewfile.txt " , " modulepart " : " invoice " , " ref " : " FA1701-001 " , " subdir " : " " , " filecontent " : " content text " , " fileencoding " : " " , " overwriteifexists " : " 0 " } .
* Test sample for supplier invoice : { " filename " : " mynewfile.txt " , " modulepart " : " supplier_invoice " , " ref " : " FA1701-001 " , " subdir " : " " , " filecontent " : " content text " , " fileencoding " : " " , " overwriteifexists " : " 0 " } .
* Test sample for medias file : { " filename " : " mynewfile.txt " , " modulepart " : " medias " , " ref " : " " , " subdir " : " image/mywebsite " , " filecontent " : " Y29udGVudCB0ZXh0Cg== " , " fileencoding " : " base64 " , " overwriteifexists " : " 0 " } .
2017-10-07 13:09:31 +02:00
*
2020-12-16 02:33:21 +01:00
* @ param string $filename Name of file to create ( 'FA1705-0123.txt' )
2021-10-06 16:19:36 +02:00
* @ param string $modulepart Name of module or area concerned by file upload ( 'product' , 'service' , 'invoice' , 'proposal' , 'project' , 'project_task' , 'supplier_invoice' , 'expensereport' , 'member' , ... )
2020-12-16 02:33:21 +01:00
* @ param string $ref Reference of object ( This will define subdir automatically and store submited file into it )
* @ param string $subdir Subdirectory ( Only if ref not provided )
* @ param string $filecontent File content ( string with file content . An empty file will be created if this parameter is not provided )
* @ param string $fileencoding File encoding ( '' = no encoding , 'base64' = Base 64 )
* @ param int $overwriteifexists Overwrite file if exists ( 1 by default )
* @ param int $createdirifnotexists Create subdirectories if the doesn ' t exists ( 1 by default )
2020-10-31 14:32:18 +01:00
* @ return string
2017-11-06 11:06:31 +01:00
*
2020-02-18 22:58:51 +01:00
* @ throws RestException 400
* @ throws RestException 401
* @ throws RestException 404
2022-03-18 16:14:20 +01:00
* @ throws RestException 500 System error
2017-12-27 15:48:20 +01:00
*
* @ url POST / upload
2017-10-07 13:09:31 +02:00
*/
2020-12-16 02:33:21 +01:00
public function post ( $filename , $modulepart , $ref = '' , $subdir = '' , $filecontent = '' , $fileencoding = '' , $overwriteifexists = 0 , $createdirifnotexists = 1 )
2017-10-07 13:09:31 +02:00
{
global $db , $conf ;
2022-05-17 14:55:38 +02:00
//var_dump($modulepart);
//var_dump($filename);
//var_dump($filecontent);exit;
2017-10-05 10:21:52 +02:00
2021-02-23 17:44:43 +01:00
if ( empty ( $modulepart )) {
2017-10-08 23:26:35 +02:00
throw new RestException ( 400 , 'Modulepart not provided.' );
}
2016-12-12 15:19:47 +01:00
2017-10-07 13:09:31 +02:00
if ( ! DolibarrApiAccess :: $user -> rights -> ecm -> upload ) {
throw new RestException ( 401 );
}
2016-12-12 15:19:47 +01:00
2017-10-07 13:09:31 +02:00
$newfilecontent = '' ;
2021-02-23 17:44:43 +01:00
if ( empty ( $fileencoding )) {
$newfilecontent = $filecontent ;
}
if ( $fileencoding == 'base64' ) {
$newfilecontent = base64_decode ( $filecontent );
}
2016-12-12 15:19:47 +01:00
2017-05-20 15:52:36 +02:00
$original_file = dol_sanitizeFileName ( $filename );
2016-12-12 15:19:47 +01:00
2017-05-20 15:52:36 +02:00
// Define $uploadir
$object = null ;
2017-10-16 09:29:10 +02:00
$entity = DolibarrApiAccess :: $user -> entity ;
2021-02-23 17:44:43 +01:00
if ( empty ( $entity )) {
$entity = 1 ;
}
2020-12-16 02:33:21 +01:00
2021-02-23 17:44:43 +01:00
if ( $ref ) {
2019-11-22 15:13:30 +01:00
$tmpreldir = '' ;
2017-10-16 09:29:10 +02:00
2021-02-23 17:44:43 +01:00
if ( $modulepart == 'facture' || $modulepart == 'invoice' ) {
2019-11-22 15:13:30 +01:00
$modulepart = 'facture' ;
2017-11-17 11:44:52 +01:00
require_once DOL_DOCUMENT_ROOT . '/compta/facture/class/facture.class.php' ;
2017-10-08 23:26:35 +02:00
$object = new Facture ( $this -> db );
2021-02-23 17:44:43 +01:00
} elseif ( $modulepart == 'facture_fournisseur' || $modulepart == 'supplier_invoice' ) {
2020-02-25 00:51:06 +01:00
$modulepart = 'supplier_invoice' ;
require_once DOL_DOCUMENT_ROOT . '/fourn/class/fournisseur.facture.class.php' ;
$object = new FactureFournisseur ( $this -> db );
2022-04-26 01:00:10 +02:00
} elseif ( $modulepart == 'commande' || $modulepart == 'order' ) {
$modulepart = 'commande' ;
require_once DOL_DOCUMENT_ROOT . '/commande/class/commande.class.php' ;
$object = new Commande ( $this -> db );
} elseif ( $modulepart == 'commande_fournisseur' || $modulepart == 'supplier_order' ) {
$modulepart = 'supplier_order' ;
require_once DOL_DOCUMENT_ROOT . '/fourn/class/fournisseur.commande.class.php' ;
$object = new CommandeFournisseur ( $this -> db );
2021-02-23 17:44:43 +01:00
} elseif ( $modulepart == 'project' ) {
2017-11-17 11:44:52 +01:00
require_once DOL_DOCUMENT_ROOT . '/projet/class/project.class.php' ;
2017-10-08 23:26:35 +02:00
$object = new Project ( $this -> db );
2021-02-23 17:44:43 +01:00
} elseif ( $modulepart == 'task' || $modulepart == 'project_task' ) {
2017-10-08 23:26:35 +02:00
$modulepart = 'project_task' ;
2017-11-17 11:44:52 +01:00
require_once DOL_DOCUMENT_ROOT . '/projet/class/task.class.php' ;
2017-10-08 23:26:35 +02:00
$object = new Task ( $this -> db );
$task_result = $object -> fetch ( '' , $ref );
2017-12-27 15:48:20 +01:00
// Fetching the tasks project is required because its out_dir might be a sub-directory of the project
2021-02-23 17:44:43 +01:00
if ( $task_result > 0 ) {
2017-10-08 23:26:35 +02:00
$project_result = $object -> fetch_projet ();
2021-02-23 17:44:43 +01:00
if ( $project_result >= 0 ) {
2017-10-08 23:26:35 +02:00
$tmpreldir = dol_sanitizeFileName ( $object -> project -> ref ) . '/' ;
}
2020-10-31 09:03:09 +01:00
} else {
2017-10-08 23:26:35 +02:00
throw new RestException ( 500 , 'Error while fetching Task ' . $ref );
}
2021-02-23 17:44:43 +01:00
} elseif ( $modulepart == 'product' || $modulepart == 'produit' || $modulepart == 'service' || $modulepart == 'produit|service' ) {
2019-11-08 19:54:38 +01:00
require_once DOL_DOCUMENT_ROOT . '/product/class/product.class.php' ;
$object = new Product ( $this -> db );
2021-02-23 17:44:43 +01:00
} elseif ( $modulepart == 'expensereport' ) {
2020-02-25 14:36:05 +01:00
require_once DOL_DOCUMENT_ROOT . '/expensereport/class/expensereport.class.php' ;
$object = new ExpenseReport ( $this -> db );
2022-01-23 12:06:40 +01:00
} elseif ( $modulepart == 'fichinter' ) {
require_once DOL_DOCUMENT_ROOT . '/fichinter/class/fichinter.class.php' ;
$object = new Fichinter ( $this -> db );
2021-02-23 17:44:43 +01:00
} elseif ( $modulepart == 'adherent' || $modulepart == 'member' ) {
2020-06-16 22:46:36 +02:00
$modulepart = 'adherent' ;
2020-06-14 14:42:54 +02:00
require_once DOL_DOCUMENT_ROOT . '/adherents/class/adherent.class.php' ;
$object = new Adherent ( $this -> db );
2021-02-23 17:44:43 +01:00
} elseif ( $modulepart == 'proposal' || $modulepart == 'propal' || $modulepart == 'propale' ) {
2020-10-28 01:47:25 +01:00
$modulepart = 'propale' ;
require_once DOL_DOCUMENT_ROOT . '/comm/propal/class/propal.class.php' ;
$object = new Propal ( $this -> db );
2020-10-31 09:03:09 +01:00
} else {
2020-12-01 02:41:19 +01:00
// TODO Implement additional moduleparts
2017-10-08 23:26:35 +02:00
throw new RestException ( 500 , 'Modulepart ' . $modulepart . ' not implemented yet.' );
}
2021-02-23 17:44:43 +01:00
if ( is_object ( $object )) {
2017-10-06 02:42:32 +02:00
$result = $object -> fetch ( '' , $ref );
2017-10-08 23:26:35 +02:00
2021-02-23 17:44:43 +01:00
if ( $result == 0 ) {
2017-12-27 15:48:20 +01:00
throw new RestException ( 404 , " Object with ref ' " . $ref . " ' was not found. " );
2021-02-23 17:44:43 +01:00
} elseif ( $result < 0 ) {
2020-07-31 16:09:38 +02:00
throw new RestException ( 500 , 'Error while fetching object: ' . $object -> error );
2017-10-08 23:26:35 +02:00
}
2017-10-06 02:42:32 +02:00
}
2020-12-16 02:33:21 +01:00
if ( ! ( $object -> id > 0 )) {
2021-02-23 17:44:43 +01:00
throw new RestException ( 404 , 'The object ' . $modulepart . " with ref ' " . $ref . " ' was not found. " );
2017-10-06 02:42:32 +02:00
}
2020-02-25 00:51:06 +01:00
// Special cases that need to use get_exdir to get real dir of object
2022-04-26 01:00:10 +02:00
// In future, all object should use this to define path of documents.
2020-02-25 00:51:06 +01:00
if ( $modulepart == 'supplier_invoice' ) {
$tmpreldir = get_exdir ( $object -> id , 2 , 0 , 0 , $object , 'invoice_supplier' );
}
2017-12-27 15:48:20 +01:00
$relativefile = $tmpreldir . dol_sanitizeFileName ( $object -> ref );
$tmp = dol_check_secure_access_document ( $modulepart , $relativefile , $entity , DolibarrApiAccess :: $user , $ref , 'write' );
2019-11-22 15:13:30 +01:00
$upload_dir = $tmp [ 'original_file' ]; // No dirname here, tmp['original_file'] is already the dir because dol_check_secure_access_document was called with param original_file that is only the dir
2017-10-06 02:42:32 +02:00
2021-02-23 17:44:43 +01:00
if ( empty ( $upload_dir ) || $upload_dir == '/' ) {
2020-12-16 02:33:21 +01:00
throw new RestException ( 500 , 'This value of modulepart (' . $modulepart . ') does not support yet usage of ref. Check modulepart parameter or try to use subdir parameter instead of ref.' );
2017-10-06 02:42:32 +02:00
}
2020-10-31 09:03:09 +01:00
} else {
2021-02-23 17:44:43 +01:00
if ( $modulepart == 'invoice' ) {
$modulepart = 'facture' ;
}
if ( $modulepart == 'member' ) {
$modulepart = 'adherent' ;
}
2017-10-05 10:21:52 +02:00
2017-12-27 15:48:20 +01:00
$relativefile = $subdir ;
$tmp = dol_check_secure_access_document ( $modulepart , $relativefile , $entity , DolibarrApiAccess :: $user , '' , 'write' );
2019-11-22 15:13:30 +01:00
$upload_dir = $tmp [ 'original_file' ]; // No dirname here, tmp['original_file'] is already the dir because dol_check_secure_access_document was called with param original_file that is only the dir
2017-05-20 15:52:36 +02:00
2020-12-16 02:33:21 +01:00
if ( empty ( $upload_dir ) || $upload_dir == '/' ) {
if ( ! empty ( $tmp [ 'error' ])) {
throw new RestException ( 401 , 'Error returned by dol_check_secure_access_document: ' . $tmp [ 'error' ]);
} else {
throw new RestException ( 500 , 'This value of modulepart (' . $modulepart . ') is not allowed with this value of subdir (' . $relativefile . ')' );
}
2017-10-06 02:42:32 +02:00
}
2016-12-12 15:19:47 +01:00
}
2017-12-27 15:48:20 +01:00
// $original_file here is still value of filename without any dir.
2017-10-05 10:21:52 +02:00
2017-05-20 15:52:36 +02:00
$upload_dir = dol_sanitizePathName ( $upload_dir );
2019-11-08 19:58:49 +01:00
2020-12-16 02:33:21 +01:00
if ( ! empty ( $createdirifnotexists )) {
if ( dol_mkdir ( $upload_dir ) < 0 ) { // needed by products
2020-12-23 17:25:38 +01:00
throw new RestException ( 500 , 'Error while trying to create directory ' . $upload_dir );
2020-12-16 02:33:21 +01:00
}
2019-11-08 19:54:38 +01:00
}
2017-10-05 10:21:52 +02:00
2019-11-22 15:13:30 +01:00
$destfile = $upload_dir . '/' . $original_file ;
$destfiletmp = DOL_DATA_ROOT . '/admin/temp/' . $original_file ;
2017-05-21 14:06:43 +02:00
dol_delete_file ( $destfiletmp );
2017-12-27 15:48:20 +01:00
//var_dump($original_file);exit;
2017-10-05 10:21:52 +02:00
2017-12-27 15:48:20 +01:00
if ( ! dol_is_dir ( dirname ( $destfile ))) {
throw new RestException ( 401 , 'Directory not exists : ' . dirname ( $destfile ));
2017-10-06 02:42:32 +02:00
}
2017-10-05 10:21:52 +02:00
2020-12-16 02:33:21 +01:00
if ( ! $overwriteifexists && dol_is_file ( $destfile )) {
2017-10-06 02:42:32 +02:00
throw new RestException ( 500 , " File with name ' " . $original_file . " ' already exists. " );
}
2017-10-05 10:21:52 +02:00
2017-10-06 02:42:32 +02:00
$fhandle = @ fopen ( $destfiletmp , 'w' );
2020-10-31 09:08:07 +01:00
if ( $fhandle ) {
2017-10-06 02:42:32 +02:00
$nbofbyteswrote = fwrite ( $fhandle , $newfilecontent );
fclose ( $fhandle );
@ chmod ( $destfiletmp , octdec ( $conf -> global -> MAIN_UMASK ));
2020-10-31 09:03:09 +01:00
} else {
2017-10-06 02:42:32 +02:00
throw new RestException ( 500 , " Failed to open file ' " . $destfiletmp . " ' for write " );
}
2016-12-12 15:19:47 +01:00
2017-10-06 02:42:32 +02:00
$result = dol_move ( $destfiletmp , $destfile , 0 , $overwriteifexists , 1 );
2020-10-31 09:08:07 +01:00
if ( ! $result ) {
2017-12-27 15:48:20 +01:00
throw new RestException ( 500 , " Failed to move file into ' " . $destfile . " ' " );
}
2017-10-06 02:42:32 +02:00
2017-12-27 15:48:20 +01:00
return dol_basename ( $destfile );
2017-10-06 02:42:32 +02:00
}
2019-11-09 00:48:46 +01:00
2019-11-09 00:47:03 +01:00
/**
* Delete a document .
*
* @ param string $modulepart Name of module or area concerned by file download ( 'product' , ... )
* @ param string $original_file Relative path with filename , relative to modulepart ( for example : PRODUCT - REF - 999 / IMAGE - 999. jpg )
* @ return array List of documents
*
2020-02-18 22:58:51 +01:00
* @ throws RestException 400
* @ throws RestException 401
* @ throws RestException 404
2019-11-09 00:47:03 +01:00
*
2019-11-09 11:52:03 +01:00
* @ url DELETE /
2019-11-09 00:47:03 +01:00
*/
2019-11-09 19:01:03 +01:00
public function delete ( $modulepart , $original_file )
2019-11-09 00:47:03 +01:00
{
2020-10-31 14:32:18 +01:00
global $conf , $langs ;
2019-11-09 00:48:46 +01:00
2020-10-31 14:32:18 +01:00
if ( empty ( $modulepart )) {
throw new RestException ( 400 , 'bad value for parameter modulepart' );
}
if ( empty ( $original_file )) {
throw new RestException ( 400 , 'bad value for parameter original_file' );
}
2019-11-09 00:48:46 +01:00
2020-10-31 14:32:18 +01:00
//--- Finds and returns the document
$entity = $conf -> entity ;
2019-11-09 00:48:46 +01:00
2020-10-31 14:32:18 +01:00
// Special cases that need to use get_exdir to get real dir of object
// If future, all object should use this to define path of documents.
/*
2021-02-23 17:44:43 +01:00
$tmpreldir = '' ;
if ( $modulepart == 'supplier_invoice' ) {
$tmpreldir = get_exdir ( $object -> id , 2 , 0 , 0 , $object , 'invoice_supplier' );
}
2020-02-25 14:59:47 +01:00
2021-02-23 17:44:43 +01:00
$relativefile = $tmpreldir . dol_sanitizeFileName ( $object -> ref ); */
2020-10-31 14:32:18 +01:00
$relativefile = $original_file ;
2020-02-25 14:59:47 +01:00
2020-10-31 14:32:18 +01:00
$check_access = dol_check_secure_access_document ( $modulepart , $relativefile , $entity , DolibarrApiAccess :: $user , '' , 'read' );
$accessallowed = $check_access [ 'accessallowed' ];
$sqlprotectagainstexternals = $check_access [ 'sqlprotectagainstexternals' ];
$original_file = $check_access [ 'original_file' ];
2019-11-09 00:48:46 +01:00
2020-10-31 14:32:18 +01:00
if ( preg_match ( '/\.\./' , $original_file ) || preg_match ( '/[<>|]/' , $original_file )) {
throw new RestException ( 401 );
}
if ( ! $accessallowed ) {
throw new RestException ( 401 );
}
2019-11-09 00:48:46 +01:00
2020-10-31 14:32:18 +01:00
$filename = basename ( $original_file );
$original_file_osencoded = dol_osencode ( $original_file ); // New file name encoded in OS encoding charset
2019-11-09 00:48:46 +01:00
2021-02-23 17:44:43 +01:00
if ( ! file_exists ( $original_file_osencoded )) {
2020-10-31 14:32:18 +01:00
dol_syslog ( " Try to download not found file " . $original_file_osencoded , LOG_WARNING );
throw new RestException ( 404 , 'File not found' );
}
2019-11-09 00:48:46 +01:00
2020-10-31 14:32:18 +01:00
if ( @ unlink ( $original_file_osencoded )) {
return array (
'success' => array (
'code' => 200 ,
'message' => 'Document deleted'
)
);
}
2019-11-09 00:48:46 +01:00
2020-10-31 14:32:18 +01:00
throw new RestException ( 401 );
2019-11-09 00:47:03 +01:00
}
2017-10-06 02:42:32 +02:00
2020-10-31 14:32:18 +01:00
// phpcs:disable PEAR.NamingConventions.ValidFunctionName
2017-10-06 02:42:32 +02:00
/**
* Validate fields before create or update object
*
* @ param array $data Array with data to verify
* @ return array
* @ throws RestException
*/
2020-10-31 14:32:18 +01:00
private function _validate_file ( $data )
{
// phpcs:enable
2017-10-06 02:42:32 +02:00
$result = array ();
foreach ( Documents :: $DOCUMENT_FIELDS as $field ) {
2021-02-23 17:44:43 +01:00
if ( ! isset ( $data [ $field ])) {
2017-10-06 02:42:32 +02:00
throw new RestException ( 400 , " $field field missing " );
2021-02-23 17:44:43 +01:00
}
2017-10-06 02:42:32 +02:00
$result [ $field ] = $data [ $field ];
}
return $result ;
}
2016-12-12 15:19:47 +01:00
}
