mirror of
https://github.com/Dolibarr/dolibarr.git
synced 2025-02-20 13:46:52 +01:00
Move API HTTP code from 401 to 403
This commit is contained in:
Laurent Destailleur
parent
5a589ca678
commit
43d8e26023
20
ChangeLog
20
ChangeLog
|
|
@ -3,6 +3,26 @@ English Dolibarr ChangeLog
|
|||
--------------------------------------------------------------
|
||||
|
||||
|
||||
***** ChangeLog for 19.0.0 compared to 18.0.0 *****
|
||||
|
||||
For users:
|
||||
----------
|
||||
NEW: Compatibility with PHP 8.3
|
||||
...
|
||||
|
||||
For developers or integrators:
|
||||
------------------------------
|
||||
...
|
||||
|
||||
WARNING:
|
||||
--------
|
||||
|
||||
The following changes may create regressions for some external modules, but were necessary to make Dolibarr better:
|
||||
* More class properties (with old name in french) are now deprecated in favor of the property name in english.
|
||||
* Some API HTTP return code were moved from 401 to 403 to better follow REST specification.
|
||||
|
||||
|
||||
|
||||
***** ChangeLog for 19.0.0 compared to 18.0.0 *****
|
||||
|
||||
For users:
|
||||
|
|
|
|||
|
|
@ -61,12 +61,17 @@ class SupplierInvoices extends DolibarrApi
|
|||
* @param int $id ID of supplier invoice
|
||||
* @return Object Object with cleaned properties
|
||||
*
|
||||
* @throws RestException
|
||||
* @throws RestException 403
|
||||
* @throws RestException 404
|
||||
*/
|
||||
public function get($id)
|
||||
{
|
||||
if (!DolibarrApiAccess::$user->hasRight("fournisseur", "facture", "lire")) {
|
||||
throw new RestException(401);
|
||||
throw new RestException(403);
|
||||
}
|
||||
|
||||
if (!DolibarrApi::_checkAccessToResource('fournisseur', $id, 'facture_fourn', 'facture')) {
|
||||
throw new RestException(403, 'Access not allowed for login ' . DolibarrApiAccess::$user->login);
|
||||
}
|
||||
|
||||
$result = $this->invoice->fetch($id);
|
||||
|
|
@ -74,10 +79,6 @@ class SupplierInvoices extends DolibarrApi
|
|||
throw new RestException(404, 'Supplier invoice not found');
|
||||
}
|
||||
|
||||
if (!DolibarrApi::_checkAccessToResource('fournisseur', $this->invoice->id, 'facture_fourn', 'facture')) {
|
||||
throw new RestException(401, 'Access not allowed for login ' . DolibarrApiAccess::$user->login);
|
||||
}
|
||||
|
||||
$this->invoice->fetchObjectLinked();
|
||||
return $this->_cleanObjectDatas($this->invoice);
|
||||
}
|
||||
|
|
@ -101,10 +102,8 @@ class SupplierInvoices extends DolibarrApi
|
|||
*/
|
||||
public function index($sortfield = "t.rowid", $sortorder = 'ASC', $limit = 100, $page = 0, $thirdparty_ids = '', $status = '', $sqlfilters = '', $properties = '')
|
||||
{
|
||||
global $db;
|
||||
|
||||
if (!DolibarrApiAccess::$user->hasRight("fournisseur", "facture", "lire")) {
|
||||
throw new RestException(401);
|
||||
throw new RestException(403);
|
||||
}
|
||||
|
||||
$obj_ret = array();
|
||||
|
|
@ -196,13 +195,13 @@ class SupplierInvoices extends DolibarrApi
|
|||
*
|
||||
* @return int ID of supplier invoice
|
||||
*
|
||||
* @throws RestException 401
|
||||
* @throws RestException 403
|
||||
* @throws RestException 500 System error
|
||||
*/
|
||||
public function post($request_data = null)
|
||||
{
|
||||
if (!DolibarrApiAccess::$user->hasRight("fournisseur", "facture", "creer")) {
|
||||
throw new RestException(401, "Insuffisant rights");
|
||||
throw new RestException(403, "Insuffisant rights");
|
||||
}
|
||||
// Check mandatory fields
|
||||
$result = $this->_validate($request_data);
|
||||
|
|
@ -234,13 +233,17 @@ class SupplierInvoices extends DolibarrApi
|
|||
*
|
||||
* @return int
|
||||
*
|
||||
* @throws RestException 401
|
||||
* @throws RestException 403
|
||||
* @throws RestException 404
|
||||
*/
|
||||
public function put($id, $request_data = null)
|
||||
{
|
||||
if (!DolibarrApiAccess::$user->hasRight("fournisseur", "facture", "creer")) {
|
||||
throw new RestException(401);
|
||||
throw new RestException(403);
|
||||
}
|
||||
|
||||
if (!DolibarrApi::_checkAccessToResource('fournisseur', $id, 'facture_fourn', 'facture')) {
|
||||
throw new RestException(403, 'Access not allowed for login ' . DolibarrApiAccess::$user->login);
|
||||
}
|
||||
|
||||
$result = $this->invoice->fetch($id);
|
||||
|
|
@ -248,10 +251,6 @@ class SupplierInvoices extends DolibarrApi
|
|||
throw new RestException(404, 'Supplier invoice not found');
|
||||
}
|
||||
|
||||
if (!DolibarrApi::_checkAccessToResource('fournisseur', $this->invoice->id, 'facture_fourn', 'facture')) {
|
||||
throw new RestException(401, 'Access not allowed for login ' . DolibarrApiAccess::$user->login);
|
||||
}
|
||||
|
||||
foreach ($request_data as $field => $value) {
|
||||
if ($field == 'id') {
|
||||
continue;
|
||||
|
|
@ -279,24 +278,23 @@ class SupplierInvoices extends DolibarrApi
|
|||
*
|
||||
* @return array
|
||||
*
|
||||
* @throws RestException 401
|
||||
* @throws RestException 403
|
||||
* @throws RestException 404
|
||||
* @throws RestException 500 System error
|
||||
*/
|
||||
public function delete($id)
|
||||
{
|
||||
if (!DolibarrApiAccess::$user->hasRight("fournisseur", "facture", "supprimer")) {
|
||||
throw new RestException(401);
|
||||
throw new RestException(403);
|
||||
}
|
||||
if (!DolibarrApi::_checkAccessToResource('fournisseur', $id, 'facture_fourn', 'facture')) {
|
||||
throw new RestException(403, 'Access not allowed for login ' . DolibarrApiAccess::$user->login);
|
||||
}
|
||||
$result = $this->invoice->fetch($id);
|
||||
if (!$result) {
|
||||
throw new RestException(404, 'Supplier invoice not found');
|
||||
}
|
||||
|
||||
if (!DolibarrApi::_checkAccessToResource('fournisseur', $this->invoice->id, 'facture_fourn', 'facture')) {
|
||||
throw new RestException(401, 'Access not allowed for login ' . DolibarrApiAccess::$user->login);
|
||||
}
|
||||
|
||||
if ($this->invoice->delete(DolibarrApiAccess::$user) < 0) {
|
||||
throw new RestException(500, 'Error when deleting invoice');
|
||||
}
|
||||
|
|
@ -321,7 +319,7 @@ class SupplierInvoices extends DolibarrApi
|
|||
* @return array
|
||||
*
|
||||
* @throws RestException 304
|
||||
* @throws RestException 401
|
||||
* @throws RestException 403
|
||||
* @throws RestException 404
|
||||
* @throws RestException 405
|
||||
* @throws RestException 500 System error
|
||||
|
|
@ -329,17 +327,18 @@ class SupplierInvoices extends DolibarrApi
|
|||
public function validate($id, $idwarehouse = 0, $notrigger = 0)
|
||||
{
|
||||
if (!DolibarrApiAccess::$user->hasRight("fournisseur", "facture", "creer")) {
|
||||
throw new RestException(401);
|
||||
throw new RestException(403);
|
||||
}
|
||||
|
||||
if (!DolibarrApi::_checkAccessToResource('fournisseur', $id, 'facture_fourn', 'facture')) {
|
||||
throw new RestException(403, 'Access not allowed for login ' . DolibarrApiAccess::$user->login);
|
||||
}
|
||||
|
||||
$result = $this->invoice->fetch($id);
|
||||
if (!$result) {
|
||||
throw new RestException(404, 'Invoice not found');
|
||||
}
|
||||
|
||||
if (!DolibarrApi::_checkAccessToResource('fournisseur', $this->invoice->id, 'facture_fourn', 'facture')) {
|
||||
throw new RestException(401, 'Access not allowed for login ' . DolibarrApiAccess::$user->login);
|
||||
}
|
||||
|
||||
$result = $this->invoice->validate(DolibarrApiAccess::$user, '', $idwarehouse, $notrigger);
|
||||
if ($result == 0) {
|
||||
throw new RestException(304, 'Error nothing done. The invoice is already validated');
|
||||
|
|
@ -365,28 +364,28 @@ class SupplierInvoices extends DolibarrApi
|
|||
*
|
||||
* @return array
|
||||
* @throws RestException 400
|
||||
* @throws RestException 401
|
||||
* @throws RestException 403
|
||||
* @throws RestException 404
|
||||
* @throws RestException 405
|
||||
*/
|
||||
public function getPayments($id)
|
||||
{
|
||||
if (!DolibarrApiAccess::$user->hasRight("fournisseur", "facture", "lire")) {
|
||||
throw new RestException(401);
|
||||
}
|
||||
if (empty($id)) {
|
||||
throw new RestException(400, 'Invoice ID is mandatory');
|
||||
}
|
||||
|
||||
if (!DolibarrApiAccess::$user->hasRight("fournisseur", "facture", "lire")) {
|
||||
throw new RestException(403);
|
||||
}
|
||||
if (!DolibarrApi::_checkAccessToResource('fournisseur', $id, 'facture_fourn', 'facture')) {
|
||||
throw new RestException(403, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
}
|
||||
|
||||
$result = $this->invoice->fetch($id);
|
||||
if (!$result) {
|
||||
throw new RestException(404, 'Invoice not found');
|
||||
}
|
||||
|
||||
if (!DolibarrApi::_checkAccessToResource('fournisseur', $this->invoice->id, 'facture_fourn', 'facture')) {
|
||||
throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
}
|
||||
|
||||
$result = $this->invoice->getListOfPayments();
|
||||
if ($result < 0) {
|
||||
throw new RestException(405, $this->invoice->error);
|
||||
|
|
@ -413,19 +412,22 @@ class SupplierInvoices extends DolibarrApi
|
|||
* @url POST {id}/payments
|
||||
*
|
||||
* @return int Payment ID
|
||||
*
|
||||
* @throws RestException 400
|
||||
* @throws RestException 401
|
||||
* @throws RestException 403
|
||||
* @throws RestException 404
|
||||
*/
|
||||
public function addPayment($id, $datepaye, $payment_mode_id, $closepaidinvoices, $accountid, $num_payment = '', $comment = '', $chqemetteur = '', $chqbank = '', $amount = null)
|
||||
{
|
||||
global $conf;
|
||||
if (empty($id)) {
|
||||
throw new RestException(400, 'Invoice ID is mandatory');
|
||||
}
|
||||
|
||||
if (!DolibarrApiAccess::$user->hasRight("fournisseur", "facture", "creer")) {
|
||||
throw new RestException(403);
|
||||
}
|
||||
if (empty($id)) {
|
||||
throw new RestException(400, 'Invoice ID is mandatory');
|
||||
if (!DolibarrApi::_checkAccessToResource('fournisseur', $id, 'facture_fourn', 'facture')) {
|
||||
throw new RestException(403, 'Access not allowed for login ' . DolibarrApiAccess::$user->login);
|
||||
}
|
||||
|
||||
$result = $this->invoice->fetch($id);
|
||||
|
|
@ -433,10 +435,6 @@ class SupplierInvoices extends DolibarrApi
|
|||
throw new RestException(404, 'Invoice not found');
|
||||
}
|
||||
|
||||
if (!DolibarrApi::_checkAccessToResource('fournisseur', $this->invoice->id, 'facture_fourn', 'facture')) {
|
||||
throw new RestException(401, 'Access not allowed for login ' . DolibarrApiAccess::$user->login);
|
||||
}
|
||||
|
||||
if (isModEnabled("banque")) {
|
||||
if (empty($accountid)) {
|
||||
throw new RestException(400, 'Bank account ID is mandatory');
|
||||
|
|
@ -507,11 +505,17 @@ class SupplierInvoices extends DolibarrApi
|
|||
* @url GET {id}/lines
|
||||
*
|
||||
* @return array
|
||||
*
|
||||
* @throws RestException 403
|
||||
* @throws RestException 404
|
||||
*/
|
||||
public function getLines($id)
|
||||
{
|
||||
if (!DolibarrApiAccess::$user->hasRight("fournisseur", "facture", "creer")) {
|
||||
throw new RestException(401);
|
||||
throw new RestException(403);
|
||||
}
|
||||
if (!DolibarrApi::_checkAccessToResource('fournisseur', $id, 'facture_fourn', 'facture')) {
|
||||
throw new RestException(403, 'Access not allowed for login ' . DolibarrApiAccess::$user->login);
|
||||
}
|
||||
|
||||
$result = $this->invoice->fetch($id);
|
||||
|
|
@ -519,9 +523,6 @@ class SupplierInvoices extends DolibarrApi
|
|||
throw new RestException(404, 'Supplier invoice not found');
|
||||
}
|
||||
|
||||
if (!DolibarrApi::_checkAccessToResource('fournisseur', $this->invoice->id, 'facture_fourn', 'facture')) {
|
||||
throw new RestException(401, 'Access not allowed for login ' . DolibarrApiAccess::$user->login);
|
||||
}
|
||||
$this->invoice->fetch_lines();
|
||||
$result = array();
|
||||
foreach ($this->invoice->lines as $line) {
|
||||
|
|
@ -543,11 +544,18 @@ class SupplierInvoices extends DolibarrApi
|
|||
* @url POST {id}/lines
|
||||
*
|
||||
* @return int|bool
|
||||
*
|
||||
* @throws RestException 403
|
||||
* @throws RestException 404
|
||||
*/
|
||||
public function postLine($id, $request_data = null)
|
||||
{
|
||||
if (!DolibarrApiAccess::$user->hasRight("fournisseur", "facture", "creer")) {
|
||||
throw new RestException(401);
|
||||
throw new RestException(403);
|
||||
}
|
||||
|
||||
if (!DolibarrApi::_checkAccessToResource('fournisseur', $id, 'facture_fourn', 'facture')) {
|
||||
throw new RestException(403, 'Access not allowed for login ' . DolibarrApiAccess::$user->login);
|
||||
}
|
||||
|
||||
$result = $this->invoice->fetch($id);
|
||||
|
|
@ -555,10 +563,6 @@ class SupplierInvoices extends DolibarrApi
|
|||
throw new RestException(404, 'Supplier invoice not found');
|
||||
}
|
||||
|
||||
if (!DolibarrApi::_checkAccessToResource('fournisseur', $this->invoice->id, 'facture_fourn', 'facture')) {
|
||||
throw new RestException(401, 'Access not allowed for login ' . DolibarrApiAccess::$user->login);
|
||||
}
|
||||
|
||||
$request_data = (object) $request_data;
|
||||
|
||||
$request_data->description = sanitizeVal($request_data->description, 'restricthtml');
|
||||
|
|
@ -607,14 +611,18 @@ class SupplierInvoices extends DolibarrApi
|
|||
*
|
||||
* @return object
|
||||
*
|
||||
* @throws RestException 401 Not allowed
|
||||
* @throws RestException 403 Not allowed
|
||||
* @throws RestException 404 Not found
|
||||
* @throws RestException 304 Error
|
||||
*/
|
||||
public function putLine($id, $lineid, $request_data = null)
|
||||
{
|
||||
if (!DolibarrApiAccess::$user->hasRight("fournisseur", "facture", "creer")) {
|
||||
throw new RestException(401);
|
||||
throw new RestException(403);
|
||||
}
|
||||
|
||||
if (!DolibarrApi::_checkAccessToResource('fournisseur', $id, 'facture_fourn', 'facture')) {
|
||||
throw new RestException(403, 'Access not allowed for login ' . DolibarrApiAccess::$user->login);
|
||||
}
|
||||
|
||||
$result = $this->invoice->fetch($id);
|
||||
|
|
@ -622,10 +630,6 @@ class SupplierInvoices extends DolibarrApi
|
|||
throw new RestException(404, 'Supplier invoice not found');
|
||||
}
|
||||
|
||||
if (!DolibarrApi::_checkAccessToResource('fournisseur', $this->invoice->id, 'facture_fourn', 'facture')) {
|
||||
throw new RestException(401, 'Access not allowed for login ' . DolibarrApiAccess::$user->login);
|
||||
}
|
||||
|
||||
$request_data = (object) $request_data;
|
||||
|
||||
$request_data->description = sanitizeVal($request_data->description, 'restricthtml');
|
||||
|
|
@ -674,14 +678,21 @@ class SupplierInvoices extends DolibarrApi
|
|||
* @return array
|
||||
*
|
||||
* @throws RestException 400 Bad parameters
|
||||
* @throws RestException 401 Not allowed
|
||||
* @throws RestException 403 Not allowed
|
||||
* @throws RestException 404 Not found
|
||||
* @throws RestException 405 Error
|
||||
*/
|
||||
public function deleteLine($id, $lineid)
|
||||
{
|
||||
if (empty($lineid)) {
|
||||
throw new RestException(400, 'Line ID is mandatory');
|
||||
}
|
||||
|
||||
if (!DolibarrApiAccess::$user->hasRight("fournisseur", "facture", "creer")) {
|
||||
throw new RestException(401);
|
||||
throw new RestException(403);
|
||||
}
|
||||
if (!DolibarrApi::_checkAccessToResource('fournisseur', $id, 'facture_fourn', 'facture')) {
|
||||
throw new RestException(403, 'Access not allowed for login ' . DolibarrApiAccess::$user->login);
|
||||
}
|
||||
|
||||
$result = $this->invoice->fetch($id);
|
||||
|
|
@ -689,14 +700,6 @@ class SupplierInvoices extends DolibarrApi
|
|||
throw new RestException(404, 'Supplier invoice not found');
|
||||
}
|
||||
|
||||
if (empty($lineid)) {
|
||||
throw new RestException(400, 'Line ID is mandatory');
|
||||
}
|
||||
|
||||
if (!DolibarrApi::_checkAccessToResource('fournisseur', $this->invoice->id, 'facture_fourn', 'facture')) {
|
||||
throw new RestException(401, 'Access not allowed for login ' . DolibarrApiAccess::$user->login);
|
||||
}
|
||||
|
||||
// TODO Check the lineid $lineid is a line of object
|
||||
|
||||
$updateRes = $this->invoice->deleteline($lineid);
|
||||
|
|
|
|||
|
|
@ -66,13 +66,16 @@ class MyModuleApi extends DolibarrApi
|
|||
*
|
||||
* @url GET myobjects/{id}
|
||||
*
|
||||
* @throws RestException 401 Not allowed
|
||||
* @throws RestException 403 Not allowed
|
||||
* @throws RestException 404 Not found
|
||||
*/
|
||||
public function get($id)
|
||||
{
|
||||
if (!DolibarrApiAccess::$user->rights->mymodule->myobject->read) {
|
||||
throw new RestException(401);
|
||||
throw new RestException(403);
|
||||
}
|
||||
if (!DolibarrApi::_checkAccessToResource('myobject', $id, 'mymodule_myobject')) {
|
||||
throw new RestException(403, 'Access to instance id='.$this->myobject->id.' of object not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
}
|
||||
|
||||
$result = $this->myobject->fetch($id);
|
||||
|
|
@ -80,10 +83,6 @@ class MyModuleApi extends DolibarrApi
|
|||
throw new RestException(404, 'MyObject not found');
|
||||
}
|
||||
|
||||
if (!DolibarrApi::_checkAccessToResource('myobject', $this->myobject->id, 'mymodule_myobject')) {
|
||||
throw new RestException(401, 'Access to instance id='.$this->myobject->id.' of object not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
}
|
||||
|
||||
return $this->_cleanObjectDatas($this->myobject);
|
||||
}
|
||||
|
||||
|
|
@ -101,7 +100,8 @@ class MyModuleApi extends DolibarrApi
|
|||
* @param string $properties Restrict the data returned to these properties. Ignored if empty. Comma separated list of properties names
|
||||
* @return array Array of order objects
|
||||
*
|
||||
* @throws RestException
|
||||
* @throws RestException 403 Not allowed
|
||||
* @throws RestException 503 System error
|
||||
*
|
||||
* @url GET /myobjects/
|
||||
*/
|
||||
|
|
@ -111,7 +111,7 @@ class MyModuleApi extends DolibarrApi
|
|||
$tmpobject = new MyObject($this->db);
|
||||
|
||||
if (!DolibarrApiAccess::$user->rights->mymodule->myobject->read) {
|
||||
throw new RestException(401);
|
||||
throw new RestException(403);
|
||||
}
|
||||
|
||||
$socid = DolibarrApiAccess::$user->socid ? DolibarrApiAccess::$user->socid : 0;
|
||||
|
|
@ -186,16 +186,17 @@ class MyModuleApi extends DolibarrApi
|
|||
* Create myobject object
|
||||
*
|
||||
* @param array $request_data Request datas
|
||||
* @return int ID of myobject
|
||||
* @return int ID of myobject
|
||||
*
|
||||
* @throws RestException
|
||||
* @throws RestException 403 Not allowed
|
||||
* @throws RestException 500 System error
|
||||
*
|
||||
* @url POST myobjects/
|
||||
*/
|
||||
public function post($request_data = null)
|
||||
{
|
||||
if (!DolibarrApiAccess::$user->rights->mymodule->myobject->write) {
|
||||
throw new RestException(401);
|
||||
throw new RestException(403);
|
||||
}
|
||||
|
||||
// Check mandatory fields
|
||||
|
|
@ -227,14 +228,19 @@ class MyModuleApi extends DolibarrApi
|
|||
* @param array $request_data Datas
|
||||
* @return int
|
||||
*
|
||||
* @throws RestException
|
||||
* @throws RestException 403 Not allowed
|
||||
* @throws RestException 404 Not found
|
||||
* @throws RestException 500 System error
|
||||
*
|
||||
* @url PUT myobjects/{id}
|
||||
*/
|
||||
public function put($id, $request_data = null)
|
||||
{
|
||||
if (!DolibarrApiAccess::$user->rights->mymodule->myobject->write) {
|
||||
throw new RestException(401);
|
||||
throw new RestException(403);
|
||||
}
|
||||
if (!DolibarrApi::_checkAccessToResource('myobject', $id, 'mymodule_myobject')) {
|
||||
throw new RestException(403, 'Access to instance id='.$this->myobject->id.' of object not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
}
|
||||
|
||||
$result = $this->myobject->fetch($id);
|
||||
|
|
@ -242,10 +248,6 @@ class MyModuleApi extends DolibarrApi
|
|||
throw new RestException(404, 'MyObject not found');
|
||||
}
|
||||
|
||||
if (!DolibarrApi::_checkAccessToResource('myobject', $this->myobject->id, 'mymodule_myobject')) {
|
||||
throw new RestException(401, 'Access to instance id='.$this->myobject->id.' of object not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
}
|
||||
|
||||
foreach ($request_data as $field => $value) {
|
||||
if ($field == 'id') {
|
||||
continue;
|
||||
|
|
@ -275,24 +277,27 @@ class MyModuleApi extends DolibarrApi
|
|||
* @param int $id MyObject ID
|
||||
* @return array
|
||||
*
|
||||
* @throws RestException
|
||||
* @throws RestException 403 Not allowed
|
||||
* @throws RestException 404 Not found
|
||||
* @throws RestException 409 Nothing to do
|
||||
* @throws RestException 500 System error
|
||||
*
|
||||
* @url DELETE myobjects/{id}
|
||||
*/
|
||||
public function delete($id)
|
||||
{
|
||||
if (!DolibarrApiAccess::$user->rights->mymodule->myobject->delete) {
|
||||
throw new RestException(401);
|
||||
if (!DolibarrApiAccess::$user->hasRight('mymodule', 'myobject', 'delete')) {
|
||||
throw new RestException(403);
|
||||
}
|
||||
if (!DolibarrApi::_checkAccessToResource('myobject', $id, 'mymodule_myobject')) {
|
||||
throw new RestException(403, 'Access to instance id='.$this->myobject->id.' of object not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
}
|
||||
|
||||
$result = $this->myobject->fetch($id);
|
||||
if (!$result) {
|
||||
throw new RestException(404, 'MyObject not found');
|
||||
}
|
||||
|
||||
if (!DolibarrApi::_checkAccessToResource('myobject', $this->myobject->id, 'mymodule_myobject')) {
|
||||
throw new RestException(401, 'Access to instance id='.$this->myobject->id.' of object not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
}
|
||||
|
||||
if ($this->myobject->delete(DolibarrApiAccess::$user) == 0) {
|
||||
throw new RestException(409, 'Error when deleting MyObject : '.$this->myobject->error);
|
||||
} elseif ($this->myobject->delete(DolibarrApiAccess::$user) < 0) {
|
||||
|
|
@ -348,40 +353,6 @@ class MyModuleApi extends DolibarrApi
|
|||
unset($object->rowid);
|
||||
unset($object->canvas);
|
||||
|
||||
/*unset($object->name);
|
||||
unset($object->lastname);
|
||||
unset($object->firstname);
|
||||
unset($object->civility_id);
|
||||
unset($object->statut);
|
||||
unset($object->state);
|
||||
unset($object->state_id);
|
||||
unset($object->state_code);
|
||||
unset($object->region);
|
||||
unset($object->region_code);
|
||||
unset($object->country);
|
||||
unset($object->country_id);
|
||||
unset($object->country_code);
|
||||
unset($object->barcode_type);
|
||||
unset($object->barcode_type_code);
|
||||
unset($object->barcode_type_label);
|
||||
unset($object->barcode_type_coder);
|
||||
unset($object->total_ht);
|
||||
unset($object->total_tva);
|
||||
unset($object->total_localtax1);
|
||||
unset($object->total_localtax2);
|
||||
unset($object->total_ttc);
|
||||
unset($object->fk_account);
|
||||
unset($object->comments);
|
||||
unset($object->note);
|
||||
unset($object->mode_reglement_id);
|
||||
unset($object->cond_reglement_id);
|
||||
unset($object->cond_reglement);
|
||||
unset($object->shipping_method_id);
|
||||
unset($object->fk_incoterms);
|
||||
unset($object->label_incoterms);
|
||||
unset($object->location_incoterms);
|
||||
*/
|
||||
|
||||
// If object has lines, remove $db property
|
||||
if (isset($object->lines) && is_array($object->lines) && count($object->lines) > 0) {
|
||||
$nboflines = count($object->lines);
|
||||
|
|
|
|||
Loading…
Reference in New Issue
Block a user