2015-05-05 03:44:46 +02:00
< ? php
/* Copyright ( C ) 2015 Jean - François Ferry < jfefe @ aternatik . fr >
2016-09-26 02:18:11 +02:00
* Copyright ( C ) 2016 Laurent Destailleur < eldy @ users . sourceforge . net >
2015-05-05 03:44:46 +02:00
*
* This program is free software ; you can redistribute it and / or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation ; either version 3 of the License , or
* ( at your option ) any later version .
*
* This program is distributed in the hope that it will be useful ,
* but WITHOUT ANY WARRANTY ; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE . See the
* GNU General Public License for more details .
*
* You should have received a copy of the GNU General Public License
* along with this program . If not , see < http :// www . gnu . org / licenses />.
*/
use Luracast\Restler\RestException ;
require_once DOL_DOCUMENT_ROOT . '/commande/class/commande.class.php' ;
/**
2016-06-15 00:52:09 +02:00
* API class for orders
2015-05-05 03:44:46 +02:00
*
2016-09-26 09:34:51 +02:00
* @ access protected
2015-05-05 03:44:46 +02:00
* @ class DolibarrApiAccess { @ requires user , external }
*/
2016-06-15 00:52:09 +02:00
class Orders extends DolibarrApi
2015-05-06 00:55:42 +02:00
{
2015-05-05 03:44:46 +02:00
/**
2016-09-26 09:34:51 +02:00
* @ var array $FIELDS Mandatory fields , checked when create and update object
2015-05-05 03:44:46 +02:00
*/
static $FIELDS = array (
'socid'
);
/**
* @ var Commande $commande { @ type Commande }
*/
public $commande ;
/**
* Constructor
*/
function __construct ()
{
global $db , $conf ;
$this -> db = $db ;
$this -> commande = new Commande ( $this -> db );
}
/**
2017-10-19 12:30:36 +02:00
* Get properties of an order object
2015-05-05 03:44:46 +02:00
*
2017-10-19 12:30:36 +02:00
* Return an array with order informations
2016-09-26 09:34:51 +02:00
*
2015-05-06 00:55:42 +02:00
* @ param int $id ID of order
2015-05-05 03:44:46 +02:00
* @ return array | mixed data without useless information
2015-05-06 00:55:42 +02:00
*
2015-05-05 03:44:46 +02:00
* @ throws RestException
*/
2016-06-15 00:52:09 +02:00
function get ( $id )
2016-09-26 09:34:51 +02:00
{
2015-05-05 03:44:46 +02:00
if ( ! DolibarrApiAccess :: $user -> rights -> commande -> lire ) {
throw new RestException ( 401 );
}
2016-09-26 09:34:51 +02:00
2015-05-05 03:44:46 +02:00
$result = $this -> commande -> fetch ( $id );
if ( ! $result ) {
throw new RestException ( 404 , 'Order not found' );
}
2016-09-26 09:34:51 +02:00
2015-05-05 03:44:46 +02:00
if ( ! DolibarrApi :: _checkAccessToResource ( 'commande' , $this -> commande -> id )) {
throw new RestException ( 401 , 'Access not allowed for login ' . DolibarrApiAccess :: $user -> login );
}
2016-09-26 09:34:51 +02:00
2015-05-05 03:44:46 +02:00
$this -> commande -> fetchObjectLinked ();
return $this -> _cleanObjectDatas ( $this -> commande );
}
2017-07-28 10:16:17 +02:00
2015-05-05 03:44:46 +02:00
/**
* List orders
2016-09-26 09:34:51 +02:00
*
2015-05-05 03:44:46 +02:00
* Get a list of orders
2016-09-26 09:34:51 +02:00
*
2016-10-25 18:33:45 +02:00
* @ param string $sortfield Sort field
* @ param string $sortorder Sort order
* @ param int $limit Limit for list
* @ param int $page Page number
* @ param string $thirdparty_ids Thirdparty ids to filter orders of . { @ example '1' or '1,2,3' } { @ pattern /^ [ 0 - 9 ,] * $ / i }
* @ param string $sqlfilters Other criteria to filter answers separated by a comma . Syntax example " (t.ref:like:'SO-%') and (t.date_creation:<:'20160101') "
* @ return array Array of order objects
2016-12-05 13:31:29 +01:00
*
* @ throws RestException
2015-05-05 03:44:46 +02:00
*/
2016-10-25 18:33:45 +02:00
function index ( $sortfield = " t.rowid " , $sortorder = 'ASC' , $limit = 100 , $page = 0 , $thirdparty_ids = '' , $sqlfilters = '' ) {
2015-05-05 03:44:46 +02:00
global $db , $conf ;
2016-09-26 09:34:51 +02:00
2015-05-05 03:44:46 +02:00
$obj_ret = array ();
2017-07-28 10:16:17 +02:00
2016-12-07 19:02:39 +01:00
// case of external user, $thirdparty_ids param is ignored and replaced by user's socid
2016-09-09 20:05:45 +02:00
$socids = DolibarrApiAccess :: $user -> societe_id ? DolibarrApiAccess :: $user -> societe_id : $thirdparty_ids ;
2016-09-26 09:34:51 +02:00
2015-05-05 03:44:46 +02:00
// If the internal user must only see his customers, force searching by him
2016-12-07 19:02:39 +01:00
$search_sale = 0 ;
2016-09-09 20:05:45 +02:00
if ( ! DolibarrApiAccess :: $user -> rights -> societe -> client -> voir && ! $socids ) $search_sale = DolibarrApiAccess :: $user -> id ;
2015-05-05 03:44:46 +02:00
2016-10-25 18:33:45 +02:00
$sql = " SELECT t.rowid " ;
2016-09-09 20:05:45 +02:00
if (( ! DolibarrApiAccess :: $user -> rights -> societe -> client -> voir && ! $socids ) || $search_sale > 0 ) $sql .= " , sc.fk_soc, sc.fk_user " ; // We need these fields in order to filter by sale (including the case where the user can only see his prospects)
2016-10-25 18:33:45 +02:00
$sql .= " FROM " . MAIN_DB_PREFIX . " commande as t " ;
2016-09-26 09:34:51 +02:00
2016-09-09 20:05:45 +02:00
if (( ! DolibarrApiAccess :: $user -> rights -> societe -> client -> voir && ! $socids ) || $search_sale > 0 ) $sql .= " , " . MAIN_DB_PREFIX . " societe_commerciaux as sc " ; // We need this table joined to the select in order to filter by sale
2015-05-05 03:44:46 +02:00
2017-05-30 18:50:54 +02:00
$sql .= ' WHERE t.entity IN (' . getEntity ( 'commande' ) . ')' ;
2016-10-25 18:33:45 +02:00
if (( ! DolibarrApiAccess :: $user -> rights -> societe -> client -> voir && ! $socids ) || $search_sale > 0 ) $sql .= " AND t.fk_soc = sc.fk_soc " ;
if ( $socids ) $sql .= " AND t.fk_soc IN ( " . $socids . " ) " ;
if ( $search_sale > 0 ) $sql .= " AND t.rowid = sc.fk_soc " ; // Join for the needed table to filter by sale
2015-05-05 03:44:46 +02:00
// Insert sale filter
if ( $search_sale > 0 )
{
$sql .= " AND sc.fk_user = " . $search_sale ;
}
2016-10-25 18:33:45 +02:00
// Add sql filters
2017-07-28 10:16:17 +02:00
if ( $sqlfilters )
2015-05-05 03:44:46 +02:00
{
2016-10-25 18:33:45 +02:00
if ( ! DolibarrApi :: _checkFilters ( $sqlfilters ))
{
throw new RestException ( 503 , 'Error when validating parameter sqlfilters ' . $sqlfilters );
}
$regexstring = '\(([^:\'\(\)]+:[^:\'\(\)]+:[^:\(\)]+)\)' ;
$sql .= " AND ( " . preg_replace_callback ( '/' . $regexstring . '/' , 'DolibarrApi::_forge_criteria_callback' , $sqlfilters ) . " ) " ;
2015-05-05 03:44:46 +02:00
}
2017-07-28 10:16:17 +02:00
2015-05-05 03:44:46 +02:00
$sql .= $db -> order ( $sortfield , $sortorder );
if ( $limit ) {
if ( $page < 0 )
{
$page = 0 ;
}
$offset = $limit * $page ;
$sql .= $db -> plimit ( $limit + 1 , $offset );
}
2016-10-25 18:33:45 +02:00
dol_syslog ( " API Rest request " );
2015-05-05 03:44:46 +02:00
$result = $db -> query ( $sql );
2016-09-26 09:34:51 +02:00
2015-05-05 03:44:46 +02:00
if ( $result )
{
$num = $db -> num_rows ( $result );
2017-05-22 10:45:02 +02:00
$min = min ( $num , ( $limit <= 0 ? $num : $limit ));
while ( $i < $min )
2015-05-05 03:44:46 +02:00
{
$obj = $db -> fetch_object ( $result );
$commande_static = new Commande ( $db );
if ( $commande_static -> fetch ( $obj -> rowid )) {
2016-12-05 13:31:29 +01:00
$obj_ret [] = $this -> _cleanObjectDatas ( $commande_static );
2015-05-05 03:44:46 +02:00
}
$i ++ ;
}
}
else {
2016-12-05 13:31:29 +01:00
throw new RestException ( 503 , 'Error when retrieve commande list : ' . $db -> lasterror ());
2015-05-05 03:44:46 +02:00
}
if ( ! count ( $obj_ret )) {
2016-07-29 02:28:51 +02:00
throw new RestException ( 404 , 'No order found' );
2015-05-05 03:44:46 +02:00
}
return $obj_ret ;
}
2016-04-10 13:57:53 +02:00
2015-05-05 03:44:46 +02:00
/**
* Create order object
*
2016-06-15 00:52:09 +02:00
* @ param array $request_data Request data
2017-10-19 12:30:36 +02:00
* @ return int ID of order
2015-05-05 03:44:46 +02:00
*/
function post ( $request_data = NULL )
{
2016-04-27 08:59:12 +02:00
if ( ! DolibarrApiAccess :: $user -> rights -> commande -> creer ) {
throw new RestException ( 401 , " Insuffisant rights " );
}
2015-05-05 03:44:46 +02:00
// Check mandatory fields
$result = $this -> _validate ( $request_data );
2016-04-11 18:07:02 +02:00
2015-05-05 03:44:46 +02:00
foreach ( $request_data as $field => $value ) {
$this -> commande -> $field = $value ;
}
2016-07-29 02:28:51 +02:00
/* if ( isset ( $request_data [ " lines " ])) {
2016-04-11 18:07:02 +02:00
$lines = array ();
foreach ( $request_data [ " lines " ] as $line ) {
2016-04-11 23:27:43 +02:00
array_push ( $lines , ( object ) $line );
2016-04-11 18:07:02 +02:00
}
$this -> commande -> lines = $lines ;
2016-07-29 02:28:51 +02:00
} */
2017-10-19 19:06:48 +02:00
2016-12-23 02:08:22 +01:00
if ( $this -> commande -> create ( DolibarrApiAccess :: $user ) < 0 ) {
throw new RestException ( 500 , " Error creating order " , array_merge ( array ( $this -> commande -> error ), $this -> commande -> errors ));
2015-05-05 03:44:46 +02:00
}
2016-09-26 09:34:51 +02:00
2016-04-11 18:07:02 +02:00
return $this -> commande -> id ;
}
2016-06-15 00:52:09 +02:00
2016-04-11 22:41:35 +02:00
/**
* Get lines of an order
*
* @ param int $id Id of order
2016-09-26 09:34:51 +02:00
*
2016-06-15 00:52:09 +02:00
* @ url GET { id } / lines
2016-09-26 09:34:51 +02:00
*
* @ return int
2016-04-11 22:41:35 +02:00
*/
function getLines ( $id ) {
if ( ! DolibarrApiAccess :: $user -> rights -> commande -> lire ) {
throw new RestException ( 401 );
}
2016-09-26 09:34:51 +02:00
2016-04-11 22:41:35 +02:00
$result = $this -> commande -> fetch ( $id );
if ( ! $result ) {
2016-07-29 02:28:51 +02:00
throw new RestException ( 404 , 'Order not found' );
2016-04-11 22:41:35 +02:00
}
2016-09-26 09:34:51 +02:00
2016-04-11 22:41:35 +02:00
if ( ! DolibarrApi :: _checkAccessToResource ( 'commande' , $this -> commande -> id )) {
throw new RestException ( 401 , 'Access not allowed for login ' . DolibarrApiAccess :: $user -> login );
}
$this -> commande -> getLinesArray ();
$result = array ();
foreach ( $this -> commande -> lines as $line ) {
array_push ( $result , $this -> _cleanObjectDatas ( $line ));
}
return $result ;
}
2016-06-15 00:52:09 +02:00
2016-04-11 18:07:02 +02:00
/**
* Add a line to given order
*
2017-10-19 12:30:36 +02:00
* @ param int $id Id of order to update
* @ param array $request_data OrderLine data
2016-09-26 09:34:51 +02:00
*
2016-06-15 00:52:09 +02:00
* @ url POST { id } / lines
2016-09-26 09:34:51 +02:00
*
* @ return int
2016-04-11 18:07:02 +02:00
*/
function postLine ( $id , $request_data = NULL ) {
if ( ! DolibarrApiAccess :: $user -> rights -> commande -> creer ) {
throw new RestException ( 401 );
}
2016-09-26 09:34:51 +02:00
2016-04-11 18:07:02 +02:00
$result = $this -> commande -> fetch ( $id );
if ( ! $result ) {
2016-07-29 02:28:51 +02:00
throw new RestException ( 404 , 'Order not found' );
2016-04-11 18:07:02 +02:00
}
2016-09-26 09:34:51 +02:00
2016-04-11 18:07:02 +02:00
if ( ! DolibarrApi :: _checkAccessToResource ( 'commande' , $this -> commande -> id )) {
throw new RestException ( 401 , 'Access not allowed for login ' . DolibarrApiAccess :: $user -> login );
}
2016-04-11 23:27:43 +02:00
$request_data = ( object ) $request_data ;
2016-04-11 18:07:02 +02:00
$updateRes = $this -> commande -> addline (
$request_data -> desc ,
$request_data -> subprice ,
$request_data -> qty ,
$request_data -> tva_tx ,
$request_data -> localtax1_tx ,
$request_data -> localtax2_tx ,
$request_data -> fk_product ,
$request_data -> remise_percent ,
$request_data -> info_bits ,
$request_data -> fk_remise_except ,
'HT' ,
0 ,
$request_data -> date_start ,
$request_data -> date_end ,
$request_data -> product_type ,
$request_data -> rang ,
$request_data -> special_code ,
$fk_parent_line ,
$request_data -> fk_fournprice ,
$request_data -> pa_ht ,
$request_data -> label ,
$request_data -> array_options ,
$request_data -> fk_unit ,
2017-10-19 12:30:36 +02:00
$request_data -> origin ,
$request_data -> origin_id ,
$request_data -> multicurrency_subprice
2016-04-11 18:07:02 +02:00
);
if ( $updateRes > 0 ) {
2017-10-16 17:56:59 +02:00
return $updateRes ;
2016-04-11 22:41:35 +02:00
}
return false ;
}
2016-06-15 00:52:09 +02:00
2016-04-11 22:41:35 +02:00
/**
* Update a line to given order
*
2017-10-19 12:30:36 +02:00
* @ param int $id Id of order to update
2016-04-11 22:41:35 +02:00
* @ param int $lineid Id of line to update
2017-10-19 12:30:36 +02:00
* @ param array $request_data OrderLine data
2016-09-26 09:34:51 +02:00
*
2016-06-15 00:52:09 +02:00
* @ url PUT { id } / lines / { lineid }
2016-09-26 09:34:51 +02:00
*
* @ return object
2016-04-11 22:41:35 +02:00
*/
function putLine ( $id , $lineid , $request_data = NULL ) {
if ( ! DolibarrApiAccess :: $user -> rights -> commande -> creer ) {
throw new RestException ( 401 );
}
2016-09-26 09:34:51 +02:00
2016-04-11 22:41:35 +02:00
$result = $this -> commande -> fetch ( $id );
if ( ! $result ) {
2017-10-19 12:30:36 +02:00
throw new RestException ( 404 , 'Order not found' );
2016-04-11 22:41:35 +02:00
}
2016-09-26 09:34:51 +02:00
2016-04-11 22:41:35 +02:00
if ( ! DolibarrApi :: _checkAccessToResource ( 'commande' , $this -> commande -> id )) {
throw new RestException ( 401 , 'Access not allowed for login ' . DolibarrApiAccess :: $user -> login );
}
2016-04-11 23:27:43 +02:00
$request_data = ( object ) $request_data ;
2016-04-11 22:41:35 +02:00
$updateRes = $this -> commande -> updateline (
$lineid ,
$request_data -> desc ,
$request_data -> subprice ,
$request_data -> qty ,
$request_data -> remise_percent ,
$request_data -> tva_tx ,
$request_data -> localtax1_tx ,
$request_data -> localtax2_tx ,
'HT' ,
$request_data -> info_bits ,
$request_data -> date_start ,
$request_data -> date_end ,
$request_data -> product_type ,
$request_data -> fk_parent_line ,
0 ,
$request_data -> fk_fournprice ,
$request_data -> pa_ht ,
$request_data -> label ,
$request_data -> special_code ,
$request_data -> array_options ,
2017-10-19 12:30:36 +02:00
$request_data -> fk_unit ,
$request_data -> multicurrency_subprice
2016-04-11 22:41:35 +02:00
);
if ( $updateRes > 0 ) {
$result = $this -> get ( $id );
unset ( $result -> line );
return $this -> _cleanObjectDatas ( $result );
}
return false ;
}
2016-06-15 00:52:09 +02:00
2016-04-11 22:41:35 +02:00
/**
* Delete a line to given order
*
*
2017-10-07 14:11:01 +02:00
* @ param int $id Id of order to update
2016-04-11 22:41:35 +02:00
* @ param int $lineid Id of line to delete
2016-09-26 09:34:51 +02:00
*
2016-06-15 00:52:09 +02:00
* @ url DELETE { id } / lines / { lineid }
2016-09-26 09:34:51 +02:00
*
* @ return int
2017-10-07 14:11:01 +02:00
* @ throws 401
* @ throws 404
2016-04-11 22:41:35 +02:00
*/
2017-10-07 14:11:01 +02:00
function deleteLine ( $id , $lineid ) {
2016-04-11 22:41:35 +02:00
if ( ! DolibarrApiAccess :: $user -> rights -> commande -> creer ) {
throw new RestException ( 401 );
}
2016-09-26 09:34:51 +02:00
2016-04-11 22:41:35 +02:00
$result = $this -> commande -> fetch ( $id );
if ( ! $result ) {
throw new RestException ( 404 , 'Commande not found' );
}
2016-09-26 09:34:51 +02:00
2016-04-11 22:41:35 +02:00
if ( ! DolibarrApi :: _checkAccessToResource ( 'commande' , $this -> commande -> id )) {
throw new RestException ( 401 , 'Access not allowed for login ' . DolibarrApiAccess :: $user -> login );
}
2017-10-07 14:11:01 +02:00
$request_data = ( object ) $request_data ;
2016-09-26 09:34:51 +02:00
$updateRes = $this -> commande -> deleteline ( DolibarrApiAccess :: $user , $lineid );
2016-11-09 22:54:51 +01:00
if ( $updateRes > 0 ) {
2016-04-11 18:07:02 +02:00
return $this -> get ( $id );
}
return false ;
2015-05-05 03:44:46 +02:00
}
/**
2016-04-11 22:41:35 +02:00
* Update order general fields ( won ' t touch lines of order )
2015-05-05 03:44:46 +02:00
*
2017-10-18 15:34:03 +02:00
* @ param int $id Id of order to update
2016-09-26 09:34:51 +02:00
* @ param array $request_data Datas
*
* @ return int
2015-05-05 03:44:46 +02:00
*/
2016-04-11 18:07:02 +02:00
function put ( $id , $request_data = NULL ) {
if ( ! DolibarrApiAccess :: $user -> rights -> commande -> creer ) {
throw new RestException ( 401 );
}
2016-09-26 09:34:51 +02:00
2015-05-05 03:44:46 +02:00
$result = $this -> commande -> fetch ( $id );
if ( ! $result ) {
2017-10-19 19:06:48 +02:00
throw new RestException ( 404 , 'Order not found' );
2015-05-05 03:44:46 +02:00
}
2016-09-26 09:34:51 +02:00
2015-05-05 03:44:46 +02:00
if ( ! DolibarrApi :: _checkAccessToResource ( 'commande' , $this -> commande -> id )) {
throw new RestException ( 401 , 'Access not allowed for login ' . DolibarrApiAccess :: $user -> login );
}
foreach ( $request_data as $field => $value ) {
2016-11-19 16:08:27 +01:00
if ( $field == 'id' ) continue ;
2015-05-05 03:44:46 +02:00
$this -> commande -> $field = $value ;
}
2016-09-26 09:34:51 +02:00
2017-11-10 16:22:20 +01:00
// Update availability
if ( isset ( $this -> commande -> availability_id ) && ! empty ( $this -> commande -> availability_id ) ) {
if ( $this -> commande -> availability ( $this -> commande -> availability_id ) < 0 )
throw new RestException ( 400 , 'Error while updating availability' );
}
2016-09-26 01:15:17 +02:00
if ( $this -> commande -> update ( $id , DolibarrApiAccess :: $user , 1 , '' , '' , 'update' ))
2016-04-11 18:07:02 +02:00
return $this -> get ( $id );
2016-09-26 09:34:51 +02:00
2015-05-05 03:44:46 +02:00
return false ;
}
2016-09-26 09:34:51 +02:00
2015-05-05 03:44:46 +02:00
/**
2015-05-06 00:55:42 +02:00
* Delete order
2015-05-05 03:44:46 +02:00
*
2015-05-06 00:55:42 +02:00
* @ param int $id Order ID
2016-09-26 09:34:51 +02:00
*
2015-05-06 00:55:42 +02:00
* @ return array
2015-05-05 03:44:46 +02:00
*/
function delete ( $id )
{
if ( ! DolibarrApiAccess :: $user -> rights -> commande -> supprimer ) {
throw new RestException ( 401 );
}
$result = $this -> commande -> fetch ( $id );
if ( ! $result ) {
throw new RestException ( 404 , 'Order not found' );
}
2016-09-26 09:34:51 +02:00
2015-05-05 03:44:46 +02:00
if ( ! DolibarrApi :: _checkAccessToResource ( 'commande' , $this -> commande -> id )) {
throw new RestException ( 401 , 'Access not allowed for login ' . DolibarrApiAccess :: $user -> login );
}
2016-09-26 09:34:51 +02:00
2015-05-05 03:44:46 +02:00
if ( ! $this -> commande -> delete ( DolibarrApiAccess :: $user )) {
throw new RestException ( 500 , 'Error when delete order : ' . $this -> commande -> error );
}
2016-09-26 09:34:51 +02:00
2015-05-05 03:44:46 +02:00
return array (
'success' => array (
'code' => 200 ,
'message' => 'Order deleted'
)
);
2016-09-26 09:34:51 +02:00
2015-05-05 03:44:46 +02:00
}
2016-09-26 09:34:51 +02:00
2015-05-05 03:44:46 +02:00
/**
* Validate an order
2016-09-26 09:34:51 +02:00
*
2015-05-06 00:55:42 +02:00
* @ param int $id Order ID
* @ param int $idwarehouse Warehouse ID
2016-09-24 07:18:38 +02:00
* @ param int $notrigger 1 = Does not execute triggers , 0 = execute triggers
2016-09-24 23:06:09 +02:00
*
2016-06-17 17:42:46 +02:00
* @ url POST { id } / validate
2016-09-26 09:34:51 +02:00
*
2015-05-06 00:55:42 +02:00
* @ return array
2016-06-17 17:42:46 +02:00
* FIXME An error 403 is returned if the request has an empty body .
* Error message : " Forbidden: Content type `text/plain` is not supported. "
* Workaround : send this in the body
* {
2016-09-22 12:53:44 +02:00
* " idwarehouse " : 0 ,
* " notrigger " : 0
2016-06-17 17:42:46 +02:00
* }
2015-05-05 03:44:46 +02:00
*/
2016-09-22 12:53:44 +02:00
function validate ( $id , $idwarehouse = 0 , $notrigger = 0 )
2015-05-05 03:44:46 +02:00
{
if ( ! DolibarrApiAccess :: $user -> rights -> commande -> creer ) {
throw new RestException ( 401 );
}
$result = $this -> commande -> fetch ( $id );
if ( ! $result ) {
throw new RestException ( 404 , 'Order not found' );
}
2016-09-26 09:34:51 +02:00
2015-05-05 03:44:46 +02:00
if ( ! DolibarrApi :: _checkAccessToResource ( 'commande' , $this -> commande -> id )) {
throw new RestException ( 401 , 'Access not allowed for login ' . DolibarrApiAccess :: $user -> login );
}
2016-09-26 09:34:51 +02:00
2016-09-22 12:53:44 +02:00
$result = $this -> commande -> valid ( DolibarrApiAccess :: $user , $idwarehouse , $notrigger );
if ( $result == 0 ) {
throw new RestException ( 500 , 'Error nothing done. May be object is already validated' );
}
if ( $result < 0 ) {
2017-11-10 15:48:43 +01:00
throw new RestException ( 304 , 'Error when validating Order: ' . $this -> commande -> error );
2016-09-22 12:53:44 +02:00
}
2017-11-10 15:46:53 +01:00
$result = $this -> commande -> fetch ( $id );
if ( ! $result ) {
throw new RestException ( 404 , 'Order not found' );
}
2016-09-26 09:34:51 +02:00
2017-11-10 15:46:53 +01:00
if ( ! DolibarrApi :: _checkAccessToResource ( 'commande' , $this -> commande -> id )) {
throw new RestException ( 401 , 'Access not allowed for login ' . DolibarrApiAccess :: $user -> login );
}
$this -> commande -> fetchObjectLinked ();
return $this -> _cleanObjectDatas ( $this -> commande );
2015-05-05 03:44:46 +02:00
}
2016-09-26 09:34:51 +02:00
2017-10-18 15:34:03 +02:00
/**
* Close an order ( Classify it as " Delivered " )
*
* @ param int $id Order ID
* @ param int $notrigger Disabled triggers
*
* @ url POST { id } / close
*
* @ return array
*/
function close ( $id , $notrigger = 0 )
{
if ( ! DolibarrApiAccess :: $user -> rights -> commande -> creer ) {
throw new RestException ( 401 );
}
$result = $this -> commande -> fetch ( $id );
if ( ! $result ) {
throw new RestException ( 404 , 'Order not found' );
}
if ( ! DolibarrApi :: _checkAccessToResource ( 'commande' , $this -> commande -> id )) {
throw new RestException ( 401 , 'Access not allowed for login ' . DolibarrApiAccess :: $user -> login );
}
$result = $this -> commande -> cloture ( DolibarrApiAccess :: $user , $notrigger );
if ( $result == 0 ) {
throw new RestException ( 500 , 'Error nothing done. May be object is already closed' );
}
if ( $result < 0 ) {
throw new RestException ( 500 , 'Error when closing Order: ' . $this -> commande -> error );
}
return array (
'success' => array (
2017-10-18 15:35:51 +02:00
'code' => 200 ,
'message' => 'Order closed (Ref=' . $this -> commande -> ref . ')'
)
2017-10-18 15:34:03 +02:00
);
}
2017-11-10 16:22:20 +01:00
/**
* Set an order to draft
*
* @ param int $id Order ID
*
* @ url POST { id } / settodraft
*
* @ return array
*/
function settodraft ( $id )
{
if ( ! DolibarrApiAccess :: $user -> rights -> commande -> creer ) {
throw new RestException ( 401 );
}
$result = $this -> commande -> fetch ( $id );
if ( ! $result ) {
throw new RestException ( 404 , 'Order not found' );
}
if ( ! DolibarrApi :: _checkAccessToResource ( 'commande' , $this -> commande -> id )) {
throw new RestException ( 401 , 'Access not allowed for login ' . DolibarrApiAccess :: $user -> login );
}
$result = $this -> commande -> set_draft ( DolibarrApiAccess :: $user );
if ( $result == 0 ) {
throw new RestException ( 304 , 'Nothing done. May be object is already closed' );
}
if ( $result < 0 ) {
throw new RestException ( 500 , 'Error when closing Order: ' . $this -> commande -> error );
}
$result = $this -> commande -> fetch ( $id );
if ( ! $result ) {
throw new RestException ( 404 , 'Order not found' );
}
if ( ! DolibarrApi :: _checkAccessToResource ( 'commande' , $this -> commande -> id )) {
throw new RestException ( 401 , 'Access not allowed for login ' . DolibarrApiAccess :: $user -> login );
}
$this -> commande -> fetchObjectLinked ();
return $this -> _cleanObjectDatas ( $this -> commande );
}
2017-10-18 15:34:03 +02:00
2017-05-16 18:12:10 +02:00
/**
* Clean sensible object datas
*
* @ param object $object Object to clean
* @ return array Array of cleaned object properties
*/
function _cleanObjectDatas ( $object ) {
2017-07-28 10:16:17 +02:00
2017-05-16 18:12:10 +02:00
$object = parent :: _cleanObjectDatas ( $object );
2017-07-28 10:16:17 +02:00
2017-11-06 11:06:31 +01:00
unset ( $object -> note );
2017-05-16 18:12:10 +02:00
unset ( $object -> address );
2017-10-18 15:34:03 +02:00
unset ( $object -> barcode_type );
unset ( $object -> barcode_type_code );
unset ( $object -> barcode_type_label );
unset ( $object -> barcode_type_coder );
2017-07-28 10:16:17 +02:00
2017-05-16 18:12:10 +02:00
return $object ;
}
2017-07-28 10:16:17 +02:00
2015-05-05 03:44:46 +02:00
/**
* Validate fields before create or update object
2016-09-26 09:34:51 +02:00
*
2015-05-06 00:55:42 +02:00
* @ param array $data Array with data to verify
2016-09-26 09:34:51 +02:00
* @ return array
2015-05-06 00:55:42 +02:00
* @ throws RestException
2015-05-05 03:44:46 +02:00
*/
function _validate ( $data )
{
$commande = array ();
2016-06-15 00:52:09 +02:00
foreach ( Orders :: $FIELDS as $field ) {
2015-05-05 03:44:46 +02:00
if ( ! isset ( $data [ $field ]))
throw new RestException ( 400 , " $field field missing " );
$commande [ $field ] = $data [ $field ];
2016-09-26 09:34:51 +02:00
2015-05-05 03:44:46 +02:00
}
return $commande ;
}
}
