mirror of
https://github.com/Dolibarr/dolibarr.git
synced 2025-02-20 13:46:52 +01:00
Some API HTTP return code were moved from 401 to 403 to better follow
REST specification.
This commit is contained in:
Laurent Destailleur
parent
9811ef1a78
commit
7715513ac9
|
|
@ -81,7 +81,7 @@ class Members extends DolibarrApi
|
|||
}
|
||||
|
||||
if (!DolibarrApi::_checkAccessToResource('adherent', $member->id) && $id > 0) {
|
||||
throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
throw new RestException(403, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
}
|
||||
|
||||
return $this->_cleanObjectDatas($member);
|
||||
|
|
@ -114,7 +114,7 @@ class Members extends DolibarrApi
|
|||
}
|
||||
|
||||
if (!DolibarrApi::_checkAccessToResource('adherent', $member->id)) {
|
||||
throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
throw new RestException(403, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
}
|
||||
|
||||
return $this->_cleanObjectDatas($member);
|
||||
|
|
@ -153,7 +153,7 @@ class Members extends DolibarrApi
|
|||
}
|
||||
|
||||
if (!DolibarrApi::_checkAccessToResource('adherent', $member->id)) {
|
||||
throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
throw new RestException(403, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
}
|
||||
|
||||
return $this->_cleanObjectDatas($member);
|
||||
|
|
@ -192,7 +192,7 @@ class Members extends DolibarrApi
|
|||
}
|
||||
|
||||
if (!DolibarrApi::_checkAccessToResource('adherent', $member->id)) {
|
||||
throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
throw new RestException(403, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
}
|
||||
|
||||
return $this->_cleanObjectDatas($member);
|
||||
|
|
@ -337,7 +337,7 @@ class Members extends DolibarrApi
|
|||
}
|
||||
|
||||
if (!DolibarrApi::_checkAccessToResource('member', $member->id)) {
|
||||
throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
throw new RestException(403, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
}
|
||||
|
||||
foreach ($request_data as $field => $value) {
|
||||
|
|
@ -410,7 +410,7 @@ class Members extends DolibarrApi
|
|||
}
|
||||
|
||||
if (!DolibarrApi::_checkAccessToResource('member', $member->id)) {
|
||||
throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
throw new RestException(403, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
}
|
||||
|
||||
|
||||
|
|
@ -651,7 +651,7 @@ class Members extends DolibarrApi
|
|||
}
|
||||
|
||||
if (!DolibarrApi::_checkAccessToResource('member', $membertype->id, 'adherent_type')) {
|
||||
throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
throw new RestException(403, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
}
|
||||
|
||||
return $this->_cleanObjectDatas($membertype);
|
||||
|
|
@ -788,7 +788,7 @@ class Members extends DolibarrApi
|
|||
}
|
||||
|
||||
if (!DolibarrApi::_checkAccessToResource('member', $membertype->id, 'adherent_type')) {
|
||||
throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
throw new RestException(403, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
}
|
||||
|
||||
foreach ($request_data as $field => $value) {
|
||||
|
|
@ -839,7 +839,7 @@ class Members extends DolibarrApi
|
|||
}
|
||||
|
||||
if (!DolibarrApi::_checkAccessToResource('member', $membertype->id, 'adherent_type')) {
|
||||
throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
throw new RestException(403, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
}
|
||||
|
||||
$res = $membertype->delete(DolibarrApiAccess::$user);
|
||||
|
|
|
|||
|
|
@ -287,7 +287,7 @@ class Boms extends DolibarrApi
|
|||
}
|
||||
|
||||
if (!DolibarrApi::_checkAccessToResource('bom', $this->bom->id, 'bom_bom')) {
|
||||
throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
throw new RestException(403, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
}
|
||||
|
||||
if (!$this->bom->delete(DolibarrApiAccess::$user)) {
|
||||
|
|
|
|||
|
|
@ -99,7 +99,7 @@ class Categories extends DolibarrApi
|
|||
}
|
||||
|
||||
if (!DolibarrApi::_checkAccessToResource('categorie', $this->category->id)) {
|
||||
throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
throw new RestException(403, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
}
|
||||
|
||||
if ($include_childs) {
|
||||
|
|
@ -234,7 +234,7 @@ class Categories extends DolibarrApi
|
|||
}
|
||||
|
||||
if (!DolibarrApi::_checkAccessToResource('categorie', $this->category->id)) {
|
||||
throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
throw new RestException(403, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
}
|
||||
|
||||
foreach ($request_data as $field => $value) {
|
||||
|
|
@ -274,7 +274,7 @@ class Categories extends DolibarrApi
|
|||
}
|
||||
|
||||
if (!DolibarrApi::_checkAccessToResource('categorie', $this->category->id)) {
|
||||
throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
throw new RestException(403, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
}
|
||||
|
||||
if (!$this->category->delete(DolibarrApiAccess::$user)) {
|
||||
|
|
@ -767,7 +767,7 @@ class Categories extends DolibarrApi
|
|||
}
|
||||
|
||||
if (!DolibarrApi::_checkAccessToResource('categorie', $this->category->id)) {
|
||||
throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
throw new RestException(403, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
}
|
||||
|
||||
$result = $this->category->getObjectsInCateg($type, $onlyids);
|
||||
|
|
|
|||
|
|
@ -84,7 +84,7 @@ class AgendaEvents extends DolibarrApi
|
|||
}
|
||||
|
||||
if (!DolibarrApi::_checkAccessToResource('agenda', $this->actioncomm->id, 'actioncomm', '', 'fk_soc', 'id')) {
|
||||
throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
throw new RestException(403, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
}
|
||||
return $this->_cleanObjectDatas($this->actioncomm);
|
||||
}
|
||||
|
|
@ -253,7 +253,7 @@ class AgendaEvents extends DolibarrApi
|
|||
}
|
||||
|
||||
if (!DolibarrApi::_checkAccessToResource('actioncomm', $this->actioncomm->id, 'actioncomm', '', 'fk_soc', 'id')) {
|
||||
throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
throw new RestException(403, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
}
|
||||
foreach ($request_data as $field => $value) {
|
||||
if ($field == 'id') {
|
||||
|
|
@ -304,7 +304,7 @@ class AgendaEvents extends DolibarrApi
|
|||
}
|
||||
|
||||
if (!DolibarrApi::_checkAccessToResource('actioncomm', $this->actioncomm->id, 'actioncomm', '', 'fk_soc', 'id')) {
|
||||
throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
throw new RestException(403, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
}
|
||||
|
||||
if (!$this->actioncomm->delete(DolibarrApiAccess::$user)) {
|
||||
|
|
|
|||
|
|
@ -132,7 +132,7 @@ class Proposals extends DolibarrApi
|
|||
}
|
||||
|
||||
if (!DolibarrApi::_checkAccessToResource('propal', $this->propal->id)) {
|
||||
throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
throw new RestException(403, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
}
|
||||
|
||||
// Add external contacts ids.
|
||||
|
|
@ -297,7 +297,7 @@ class Proposals extends DolibarrApi
|
|||
}
|
||||
|
||||
if (!DolibarrApi::_checkAccessToResource('propal', $this->propal->id)) {
|
||||
throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
throw new RestException(403, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
}
|
||||
|
||||
$sql = '';
|
||||
|
|
@ -339,7 +339,7 @@ class Proposals extends DolibarrApi
|
|||
}
|
||||
|
||||
if (!DolibarrApi::_checkAccessToResource('propal', $this->propal->id)) {
|
||||
throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
throw new RestException(403, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
}
|
||||
|
||||
$request_data = (object) $request_data;
|
||||
|
|
@ -405,7 +405,7 @@ class Proposals extends DolibarrApi
|
|||
}
|
||||
|
||||
if (!DolibarrApi::_checkAccessToResource('propal', $this->propal->id)) {
|
||||
throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
throw new RestException(403, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
}
|
||||
|
||||
$errors = [];
|
||||
|
|
@ -486,7 +486,7 @@ class Proposals extends DolibarrApi
|
|||
}
|
||||
|
||||
if (!DolibarrApi::_checkAccessToResource('propal', $this->propal->id)) {
|
||||
throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
throw new RestException(403, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
}
|
||||
|
||||
$request_data = (object) $request_data;
|
||||
|
|
@ -564,7 +564,7 @@ class Proposals extends DolibarrApi
|
|||
}
|
||||
|
||||
if (!DolibarrApi::_checkAccessToResource('propal', $this->propal->id)) {
|
||||
throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
throw new RestException(403, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
}
|
||||
|
||||
$updateRes = $this->propal->deleteLine($lineid, $id);
|
||||
|
|
@ -605,7 +605,7 @@ class Proposals extends DolibarrApi
|
|||
}
|
||||
|
||||
if (!DolibarrApi::_checkAccessToResource('propal', $this->propal->id)) {
|
||||
throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
throw new RestException(403, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
}
|
||||
|
||||
$result = $this->propal->add_contact($contactid, $type, 'external');
|
||||
|
|
@ -649,7 +649,7 @@ class Proposals extends DolibarrApi
|
|||
}
|
||||
|
||||
if (!DolibarrApi::_checkAccessToResource('propal', $this->propal->id)) {
|
||||
throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
throw new RestException(403, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
}
|
||||
|
||||
$contacts = $this->propal->liste_contact();
|
||||
|
|
@ -686,7 +686,7 @@ class Proposals extends DolibarrApi
|
|||
}
|
||||
|
||||
if (!DolibarrApi::_checkAccessToResource('propal', $this->propal->id)) {
|
||||
throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
throw new RestException(403, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
}
|
||||
foreach ($request_data as $field => $value) {
|
||||
if ($field == 'id') {
|
||||
|
|
@ -741,7 +741,7 @@ class Proposals extends DolibarrApi
|
|||
}
|
||||
|
||||
if (!DolibarrApi::_checkAccessToResource('propal', $this->propal->id)) {
|
||||
throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
throw new RestException(403, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
}
|
||||
|
||||
if (!$this->propal->delete(DolibarrApiAccess::$user)) {
|
||||
|
|
@ -775,7 +775,7 @@ class Proposals extends DolibarrApi
|
|||
}
|
||||
|
||||
if (!DolibarrApi::_checkAccessToResource('propal', $this->propal->id)) {
|
||||
throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
throw new RestException(403, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
}
|
||||
|
||||
$result = $this->propal->setDraft(DolibarrApiAccess::$user);
|
||||
|
|
@ -792,7 +792,7 @@ class Proposals extends DolibarrApi
|
|||
}
|
||||
|
||||
if (!DolibarrApi::_checkAccessToResource('propal', $this->propal->id)) {
|
||||
throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
throw new RestException(403, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
}
|
||||
|
||||
$this->propal->fetchObjectLinked();
|
||||
|
|
@ -831,7 +831,7 @@ class Proposals extends DolibarrApi
|
|||
}
|
||||
|
||||
if (!DolibarrApi::_checkAccessToResource('propal', $this->propal->id)) {
|
||||
throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
throw new RestException(403, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
}
|
||||
|
||||
$result = $this->propal->valid(DolibarrApiAccess::$user, $notrigger);
|
||||
|
|
@ -848,7 +848,7 @@ class Proposals extends DolibarrApi
|
|||
}
|
||||
|
||||
if (!DolibarrApi::_checkAccessToResource('propal', $this->propal->id)) {
|
||||
throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
throw new RestException(403, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
}
|
||||
|
||||
$this->propal->fetchObjectLinked();
|
||||
|
|
@ -878,7 +878,7 @@ class Proposals extends DolibarrApi
|
|||
}
|
||||
|
||||
if (!DolibarrApi::_checkAccessToResource('propal', $this->propal->id)) {
|
||||
throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
throw new RestException(403, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
}
|
||||
|
||||
$result = $this->propal->closeProposal(DolibarrApiAccess::$user, $status, $note_private, $notrigger);
|
||||
|
|
@ -895,7 +895,7 @@ class Proposals extends DolibarrApi
|
|||
}
|
||||
|
||||
if (!DolibarrApi::_checkAccessToResource('propal', $this->propal->id)) {
|
||||
throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
throw new RestException(403, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
}
|
||||
|
||||
$this->propal->fetchObjectLinked();
|
||||
|
|
@ -922,7 +922,7 @@ class Proposals extends DolibarrApi
|
|||
}
|
||||
|
||||
if (!DolibarrApi::_checkAccessToResource('propal', $this->propal->id)) {
|
||||
throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
throw new RestException(403, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
}
|
||||
|
||||
$result = $this->propal->classifyBilled(DolibarrApiAccess::$user);
|
||||
|
|
@ -936,7 +936,7 @@ class Proposals extends DolibarrApi
|
|||
}
|
||||
|
||||
if (!DolibarrApi::_checkAccessToResource('propal', $this->propal->id)) {
|
||||
throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
throw new RestException(403, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
}
|
||||
|
||||
$this->propal->fetchObjectLinked();
|
||||
|
|
|
|||
|
|
@ -128,7 +128,7 @@ class Orders extends DolibarrApi
|
|||
}
|
||||
|
||||
if (!DolibarrApi::_checkAccessToResource('commande', $this->commande->id)) {
|
||||
throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
throw new RestException(403, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
}
|
||||
|
||||
// Add external contacts ids
|
||||
|
|
@ -315,7 +315,7 @@ class Orders extends DolibarrApi
|
|||
}
|
||||
|
||||
if (!DolibarrApi::_checkAccessToResource('commande', $this->commande->id)) {
|
||||
throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
throw new RestException(403, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
}
|
||||
$this->commande->getLinesArray();
|
||||
$result = array();
|
||||
|
|
@ -347,7 +347,7 @@ class Orders extends DolibarrApi
|
|||
}
|
||||
|
||||
if (!DolibarrApi::_checkAccessToResource('commande', $this->commande->id)) {
|
||||
throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
throw new RestException(403, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
}
|
||||
|
||||
$request_data = (object) $request_data;
|
||||
|
|
@ -414,7 +414,7 @@ class Orders extends DolibarrApi
|
|||
}
|
||||
|
||||
if (!DolibarrApi::_checkAccessToResource('commande', $this->commande->id)) {
|
||||
throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
throw new RestException(403, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
}
|
||||
|
||||
$request_data = (object) $request_data;
|
||||
|
|
@ -482,7 +482,7 @@ class Orders extends DolibarrApi
|
|||
}
|
||||
|
||||
if (!DolibarrApi::_checkAccessToResource('commande', $this->commande->id)) {
|
||||
throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
throw new RestException(403, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
}
|
||||
|
||||
$updateRes = $this->commande->deleteLine(DolibarrApiAccess::$user, $lineid, $id);
|
||||
|
|
@ -518,7 +518,7 @@ class Orders extends DolibarrApi
|
|||
}
|
||||
|
||||
if (!DolibarrApi::_checkAccessToResource('commande', $this->commande->id)) {
|
||||
throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
throw new RestException(403, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
}
|
||||
|
||||
$contacts = $this->commande->liste_contact(-1, 'external', 0, $type);
|
||||
|
|
@ -551,7 +551,7 @@ class Orders extends DolibarrApi
|
|||
}
|
||||
|
||||
if (!DolibarrApi::_checkAccessToResource('commande', $this->commande->id)) {
|
||||
throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
throw new RestException(403, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
}
|
||||
|
||||
$result = $this->commande->add_contact($contactid, $type, 'external');
|
||||
|
|
@ -599,7 +599,7 @@ class Orders extends DolibarrApi
|
|||
}
|
||||
|
||||
if (!DolibarrApi::_checkAccessToResource('commande', $this->commande->id)) {
|
||||
throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
throw new RestException(403, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
}
|
||||
|
||||
$contacts = $this->commande->liste_contact();
|
||||
|
|
@ -641,7 +641,7 @@ class Orders extends DolibarrApi
|
|||
}
|
||||
|
||||
if (!DolibarrApi::_checkAccessToResource('commande', $this->commande->id)) {
|
||||
throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
throw new RestException(403, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
}
|
||||
foreach ($request_data as $field => $value) {
|
||||
if ($field == 'id') {
|
||||
|
|
@ -693,7 +693,7 @@ class Orders extends DolibarrApi
|
|||
}
|
||||
|
||||
if (!DolibarrApi::_checkAccessToResource('commande', $this->commande->id)) {
|
||||
throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
throw new RestException(403, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
}
|
||||
|
||||
if (!$this->commande->delete(DolibarrApiAccess::$user)) {
|
||||
|
|
@ -743,7 +743,7 @@ class Orders extends DolibarrApi
|
|||
$result = $this->commande->fetch_thirdparty(); // do not check result, as failure is not fatal (used only for mail notification substitutes)
|
||||
|
||||
if (!DolibarrApi::_checkAccessToResource('commande', $this->commande->id)) {
|
||||
throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
throw new RestException(403, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
}
|
||||
|
||||
$result = $this->commande->valid(DolibarrApiAccess::$user, $idwarehouse, $notrigger);
|
||||
|
|
@ -841,7 +841,7 @@ class Orders extends DolibarrApi
|
|||
}
|
||||
|
||||
if (!DolibarrApi::_checkAccessToResource('commande', $this->commande->id)) {
|
||||
throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
throw new RestException(403, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
}
|
||||
|
||||
$this->commande->fetchObjectLinked();
|
||||
|
|
@ -869,7 +869,7 @@ class Orders extends DolibarrApi
|
|||
}
|
||||
|
||||
if (!DolibarrApi::_checkAccessToResource('commande', $this->commande->id)) {
|
||||
throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
throw new RestException(403, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
}
|
||||
|
||||
$result = $this->commande->cloture(DolibarrApiAccess::$user, $notrigger);
|
||||
|
|
@ -886,7 +886,7 @@ class Orders extends DolibarrApi
|
|||
}
|
||||
|
||||
if (!DolibarrApi::_checkAccessToResource('commande', $this->commande->id)) {
|
||||
throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
throw new RestException(403, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
}
|
||||
|
||||
$this->commande->fetchObjectLinked();
|
||||
|
|
@ -914,7 +914,7 @@ class Orders extends DolibarrApi
|
|||
}
|
||||
|
||||
if (!DolibarrApi::_checkAccessToResource('commande', $this->commande->id)) {
|
||||
throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
throw new RestException(403, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
}
|
||||
|
||||
$result = $this->commande->setDraft(DolibarrApiAccess::$user, $idwarehouse);
|
||||
|
|
@ -931,7 +931,7 @@ class Orders extends DolibarrApi
|
|||
}
|
||||
|
||||
if (!DolibarrApi::_checkAccessToResource('commande', $this->commande->id)) {
|
||||
throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
throw new RestException(403, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
}
|
||||
|
||||
$this->commande->fetchObjectLinked();
|
||||
|
|
|
|||
|
|
@ -146,7 +146,7 @@ class Invoices extends DolibarrApi
|
|||
$this->invoice->remaintopay = price2num($this->invoice->total_ttc - $this->invoice->totalpaid - $this->invoice->totalcreditnotes - $this->invoice->totaldeposits, 'MT');
|
||||
|
||||
if (!DolibarrApi::_checkAccessToResource('facture', $this->invoice->id)) {
|
||||
throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
throw new RestException(403, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
}
|
||||
|
||||
// Add external contacts ids
|
||||
|
|
@ -426,7 +426,7 @@ class Invoices extends DolibarrApi
|
|||
}
|
||||
|
||||
if (!DolibarrApi::_checkAccessToResource('facture', $this->invoice->id)) {
|
||||
throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
throw new RestException(403, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
}
|
||||
$this->invoice->getLinesArray();
|
||||
$result = array();
|
||||
|
|
@ -462,7 +462,7 @@ class Invoices extends DolibarrApi
|
|||
}
|
||||
|
||||
if (!DolibarrApi::_checkAccessToResource('facture', $this->invoice->id)) {
|
||||
throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
throw new RestException(403, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
}
|
||||
|
||||
$request_data = (object) $request_data;
|
||||
|
|
@ -538,7 +538,7 @@ class Invoices extends DolibarrApi
|
|||
}
|
||||
|
||||
if (!DolibarrApi::_checkAccessToResource('invoice', $this->invoice->id)) {
|
||||
throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
throw new RestException(403, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
}
|
||||
|
||||
$result = $this->invoice->add_contact($contactid, $type, 'external');
|
||||
|
|
@ -582,7 +582,7 @@ class Invoices extends DolibarrApi
|
|||
}
|
||||
|
||||
if (!DolibarrApi::_checkAccessToResource('invoice', $this->invoice->id)) {
|
||||
throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
throw new RestException(403, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
}
|
||||
|
||||
$contacts = $this->invoice->liste_contact();
|
||||
|
|
@ -624,7 +624,7 @@ class Invoices extends DolibarrApi
|
|||
}
|
||||
|
||||
if (!DolibarrApi::_checkAccessToResource('facture', $id)) {
|
||||
throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
throw new RestException(403, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
}
|
||||
|
||||
$result = $this->invoice->fetch($id);
|
||||
|
|
@ -659,7 +659,7 @@ class Invoices extends DolibarrApi
|
|||
}
|
||||
|
||||
if (!DolibarrApi::_checkAccessToResource('facture', $this->invoice->id)) {
|
||||
throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
throw new RestException(403, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
}
|
||||
|
||||
foreach ($request_data as $field => $value) {
|
||||
|
|
@ -717,7 +717,7 @@ class Invoices extends DolibarrApi
|
|||
}
|
||||
|
||||
if (!DolibarrApi::_checkAccessToResource('facture', $this->invoice->id)) {
|
||||
throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
throw new RestException(403, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
}
|
||||
|
||||
$result = $this->invoice->delete(DolibarrApiAccess::$user);
|
||||
|
|
@ -770,7 +770,7 @@ class Invoices extends DolibarrApi
|
|||
}
|
||||
|
||||
if (!DolibarrApi::_checkAccessToResource('facture', $this->invoice->id)) {
|
||||
throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
throw new RestException(403, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
}
|
||||
|
||||
$request_data = (object) $request_data;
|
||||
|
|
@ -857,7 +857,7 @@ class Invoices extends DolibarrApi
|
|||
}
|
||||
|
||||
if (!DolibarrApi::_checkAccessToResource('facture', $this->invoice->id)) {
|
||||
throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
throw new RestException(403, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
}
|
||||
|
||||
$result = $this->invoice->add_contact($fk_socpeople, $type_contact, $source, $notrigger);
|
||||
|
|
@ -871,7 +871,7 @@ class Invoices extends DolibarrApi
|
|||
}
|
||||
|
||||
if (!DolibarrApi::_checkAccessToResource('facture', $this->invoice->id)) {
|
||||
throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
throw new RestException(403, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
}
|
||||
|
||||
return $this->_cleanObjectDatas($this->invoice);
|
||||
|
|
@ -905,7 +905,7 @@ class Invoices extends DolibarrApi
|
|||
}
|
||||
|
||||
if (!DolibarrApi::_checkAccessToResource('facture', $this->invoice->id)) {
|
||||
throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
throw new RestException(403, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
}
|
||||
|
||||
$result = $this->invoice->setDraft(DolibarrApiAccess::$user, $idwarehouse);
|
||||
|
|
@ -922,7 +922,7 @@ class Invoices extends DolibarrApi
|
|||
}
|
||||
|
||||
if (!DolibarrApi::_checkAccessToResource('facture', $this->invoice->id)) {
|
||||
throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
throw new RestException(403, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
}
|
||||
|
||||
return $this->_cleanObjectDatas($this->invoice);
|
||||
|
|
@ -957,7 +957,7 @@ class Invoices extends DolibarrApi
|
|||
}
|
||||
|
||||
if (!DolibarrApi::_checkAccessToResource('facture', $this->invoice->id)) {
|
||||
throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
throw new RestException(403, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
}
|
||||
|
||||
$result = $this->invoice->validate(DolibarrApiAccess::$user, $force_number, $idwarehouse, $notrigger);
|
||||
|
|
@ -974,7 +974,7 @@ class Invoices extends DolibarrApi
|
|||
}
|
||||
|
||||
if (!DolibarrApi::_checkAccessToResource('facture', $this->invoice->id)) {
|
||||
throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
throw new RestException(403, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
}
|
||||
|
||||
// copy from order
|
||||
|
|
@ -1010,7 +1010,7 @@ class Invoices extends DolibarrApi
|
|||
}
|
||||
|
||||
if (!DolibarrApi::_checkAccessToResource('facture', $this->invoice->id)) {
|
||||
throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
throw new RestException(403, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
}
|
||||
|
||||
$result = $this->invoice->setPaid(DolibarrApiAccess::$user, $close_code, $close_note);
|
||||
|
|
@ -1028,7 +1028,7 @@ class Invoices extends DolibarrApi
|
|||
}
|
||||
|
||||
if (!DolibarrApi::_checkAccessToResource('facture', $this->invoice->id)) {
|
||||
throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
throw new RestException(403, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
}
|
||||
|
||||
return $this->_cleanObjectDatas($this->invoice);
|
||||
|
|
@ -1059,7 +1059,7 @@ class Invoices extends DolibarrApi
|
|||
}
|
||||
|
||||
if (!DolibarrApi::_checkAccessToResource('facture', $this->invoice->id)) {
|
||||
throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
throw new RestException(403, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
}
|
||||
|
||||
$result = $this->invoice->setUnpaid(DolibarrApiAccess::$user);
|
||||
|
|
@ -1077,7 +1077,7 @@ class Invoices extends DolibarrApi
|
|||
}
|
||||
|
||||
if (!DolibarrApi::_checkAccessToResource('facture', $this->invoice->id)) {
|
||||
throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
throw new RestException(403, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
}
|
||||
|
||||
return $this->_cleanObjectDatas($this->invoice);
|
||||
|
|
@ -1105,7 +1105,7 @@ class Invoices extends DolibarrApi
|
|||
}
|
||||
|
||||
if (!DolibarrApi::_checkAccessToResource('facture', $this->invoice->id)) {
|
||||
throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
throw new RestException(403, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
}
|
||||
|
||||
$discountcheck = new DiscountAbsolute($this->db);
|
||||
|
|
@ -1148,7 +1148,7 @@ class Invoices extends DolibarrApi
|
|||
}
|
||||
|
||||
if (!DolibarrApi::_checkAccessToResource('facture', $this->invoice->id)) {
|
||||
throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
throw new RestException(403, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
}
|
||||
|
||||
if ($this->invoice->paye) {
|
||||
|
|
@ -1319,7 +1319,7 @@ class Invoices extends DolibarrApi
|
|||
}
|
||||
|
||||
if (!DolibarrApi::_checkAccessToResource('facture', $id)) {
|
||||
throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
throw new RestException(403, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
}
|
||||
|
||||
$result = $this->invoice->fetch($id);
|
||||
|
|
@ -1366,7 +1366,7 @@ class Invoices extends DolibarrApi
|
|||
}
|
||||
|
||||
if (!DolibarrApi::_checkAccessToResource('facture', $id)) {
|
||||
throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
throw new RestException(403, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
}
|
||||
$discount = new DiscountAbsolute($this->db);
|
||||
$result = $discount->fetch($discountid);
|
||||
|
|
@ -1405,7 +1405,7 @@ class Invoices extends DolibarrApi
|
|||
}
|
||||
|
||||
if (!DolibarrApi::_checkAccessToResource('facture', $id)) {
|
||||
throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
throw new RestException(403, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
}
|
||||
|
||||
$result = $this->invoice->fetch($id);
|
||||
|
|
@ -1817,7 +1817,7 @@ class Invoices extends DolibarrApi
|
|||
}
|
||||
|
||||
if (!DolibarrApi::_checkAccessToResource('facturerec', $this->template_invoice->id)) {
|
||||
throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
throw new RestException(403, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
}
|
||||
|
||||
// Add external contacts ids
|
||||
|
|
|
|||
|
|
@ -75,7 +75,7 @@ class Contracts extends DolibarrApi
|
|||
}
|
||||
|
||||
if (!DolibarrApi::_checkAccessToResource('contrat', $this->contract->id)) {
|
||||
throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
throw new RestException(403, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
}
|
||||
|
||||
$this->contract->fetchObjectLinked();
|
||||
|
|
@ -233,7 +233,7 @@ class Contracts extends DolibarrApi
|
|||
}
|
||||
|
||||
if (!DolibarrApi::_checkAccessToResource('contrat', $this->contract->id)) {
|
||||
throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
throw new RestException(403, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
}
|
||||
$this->contract->getLinesArray();
|
||||
$result = array();
|
||||
|
|
@ -265,7 +265,7 @@ class Contracts extends DolibarrApi
|
|||
}
|
||||
|
||||
if (!DolibarrApi::_checkAccessToResource('contrat', $this->contract->id)) {
|
||||
throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
throw new RestException(403, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
}
|
||||
|
||||
$request_data = (object) $request_data;
|
||||
|
|
@ -323,7 +323,7 @@ class Contracts extends DolibarrApi
|
|||
}
|
||||
|
||||
if (!DolibarrApi::_checkAccessToResource('contrat', $this->contract->id)) {
|
||||
throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
throw new RestException(403, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
}
|
||||
|
||||
$request_data = (object) $request_data;
|
||||
|
|
@ -386,7 +386,7 @@ class Contracts extends DolibarrApi
|
|||
}
|
||||
|
||||
if (!DolibarrApi::_checkAccessToResource('contrat', $this->contract->id)) {
|
||||
throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
throw new RestException(403, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
}
|
||||
|
||||
$updateRes = $this->contract->active_line(DolibarrApiAccess::$user, $lineid, $datestart, $dateend, $comment);
|
||||
|
|
@ -424,7 +424,7 @@ class Contracts extends DolibarrApi
|
|||
}
|
||||
|
||||
if (!DolibarrApi::_checkAccessToResource('contrat', $this->contract->id)) {
|
||||
throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
throw new RestException(403, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
}
|
||||
|
||||
$updateRes = $this->contract->close_line(DolibarrApiAccess::$user, $lineid, $datestart, $comment);
|
||||
|
|
@ -464,7 +464,7 @@ class Contracts extends DolibarrApi
|
|||
}
|
||||
|
||||
if (!DolibarrApi::_checkAccessToResource('contrat', $this->contract->id)) {
|
||||
throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
throw new RestException(403, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
}
|
||||
|
||||
// TODO Check the lineid $lineid is a line of object
|
||||
|
|
@ -496,7 +496,7 @@ class Contracts extends DolibarrApi
|
|||
}
|
||||
|
||||
if (!DolibarrApi::_checkAccessToResource('contrat', $this->contract->id)) {
|
||||
throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
throw new RestException(403, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
}
|
||||
foreach ($request_data as $field => $value) {
|
||||
if ($field == 'id') {
|
||||
|
|
@ -624,7 +624,7 @@ class Contracts extends DolibarrApi
|
|||
}
|
||||
|
||||
if (!DolibarrApi::_checkAccessToResource('contrat', $this->contract->id)) {
|
||||
throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
throw new RestException(403, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
}
|
||||
|
||||
$result = $this->contract->closeAll(DolibarrApiAccess::$user, $notrigger);
|
||||
|
|
|
|||
|
|
@ -72,7 +72,7 @@ class Donations extends DolibarrApi
|
|||
}
|
||||
|
||||
if (!DolibarrApi::_checkAccessToResource('don', $this->don->id)) {
|
||||
throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
throw new RestException(403, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
}
|
||||
|
||||
// Add external contacts ids
|
||||
|
|
@ -225,7 +225,7 @@ class Donations extends DolibarrApi
|
|||
}
|
||||
|
||||
if (!DolibarrApi::_checkAccessToResource('donation', $this->don->id)) {
|
||||
throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
throw new RestException(403, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
}
|
||||
foreach ($request_data as $field => $value) {
|
||||
if ($field == 'id') {
|
||||
|
|
@ -265,7 +265,7 @@ class Donations extends DolibarrApi
|
|||
}
|
||||
|
||||
if (!DolibarrApi::_checkAccessToResource('donation', $this->don->id)) {
|
||||
throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
throw new RestException(403, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
}
|
||||
|
||||
if (!$this->don->delete(DolibarrApiAccess::$user)) {
|
||||
|
|
@ -314,7 +314,7 @@ class Donations extends DolibarrApi
|
|||
}
|
||||
|
||||
if (!DolibarrApi::_checkAccessToResource('don', $this->don->id)) {
|
||||
throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
throw new RestException(403, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
}
|
||||
|
||||
// @phan-suppress-next-line PhanPluginSuspiciousParamPosition
|
||||
|
|
@ -331,7 +331,7 @@ class Donations extends DolibarrApi
|
|||
}
|
||||
|
||||
if (!DolibarrApi::_checkAccessToResource('don', $this->don->id)) {
|
||||
throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
throw new RestException(403, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
}
|
||||
|
||||
$this->don->fetchObjectLinked();
|
||||
|
|
|
|||
|
|
@ -74,7 +74,7 @@ class Shipments extends DolibarrApi
|
|||
}
|
||||
|
||||
if (!DolibarrApi::_checkAccessToResource('expedition', $this->shipment->id)) {
|
||||
throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
throw new RestException(403, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
}
|
||||
|
||||
$this->shipment->fetchObjectLinked();
|
||||
|
|
@ -234,7 +234,7 @@ class Shipments extends DolibarrApi
|
|||
}
|
||||
|
||||
if( ! DolibarrApi::_checkAccessToResource('expedition',$this->shipment->id)) {
|
||||
throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
throw new RestException(403, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
}
|
||||
$this->shipment->getLinesArray();
|
||||
$result = array();
|
||||
|
|
@ -268,7 +268,7 @@ class Shipments extends DolibarrApi
|
|||
}
|
||||
|
||||
if( ! DolibarrApi::_checkAccessToResource('expedition',$this->shipment->id)) {
|
||||
throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
throw new RestException(403, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
}
|
||||
|
||||
$request_data = (object) $request_data;
|
||||
|
|
@ -336,7 +336,7 @@ class Shipments extends DolibarrApi
|
|||
}
|
||||
|
||||
if( ! DolibarrApi::_checkAccessToResource('expedition',$this->shipment->id)) {
|
||||
throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
throw new RestException(403, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
}
|
||||
|
||||
$request_data = (object) $request_data;
|
||||
|
|
@ -403,7 +403,7 @@ class Shipments extends DolibarrApi
|
|||
}
|
||||
|
||||
if (!DolibarrApi::_checkAccessToResource('expedition', $this->shipment->id)) {
|
||||
throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
throw new RestException(403, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
}
|
||||
|
||||
// TODO Check the lineid $lineid is a line of object
|
||||
|
|
@ -440,7 +440,7 @@ class Shipments extends DolibarrApi
|
|||
}
|
||||
|
||||
if (!DolibarrApi::_checkAccessToResource('expedition', $this->shipment->id)) {
|
||||
throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
throw new RestException(403, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
}
|
||||
foreach ($request_data as $field => $value) {
|
||||
if ($field == 'id') {
|
||||
|
|
@ -480,7 +480,7 @@ class Shipments extends DolibarrApi
|
|||
}
|
||||
|
||||
if (!DolibarrApi::_checkAccessToResource('expedition', $this->shipment->id)) {
|
||||
throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
throw new RestException(403, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
}
|
||||
|
||||
if (!$this->shipment->delete(DolibarrApiAccess::$user)) {
|
||||
|
|
@ -525,7 +525,7 @@ class Shipments extends DolibarrApi
|
|||
}
|
||||
|
||||
if (!DolibarrApi::_checkAccessToResource('expedition', $this->shipment->id)) {
|
||||
throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
throw new RestException(403, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
}
|
||||
|
||||
$result = $this->shipment->valid(DolibarrApiAccess::$user, $notrigger);
|
||||
|
|
@ -648,7 +648,7 @@ class Shipments extends DolibarrApi
|
|||
}
|
||||
|
||||
if (!DolibarrApi::_checkAccessToResource('expedition', $this->shipment->id)) {
|
||||
throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
throw new RestException(403, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
}
|
||||
|
||||
$result = $this->shipment->setClosed();
|
||||
|
|
|
|||
|
|
@ -86,7 +86,7 @@ class ExpenseReports extends DolibarrApi
|
|||
}
|
||||
|
||||
if (!DolibarrApi::_checkAccessToResource('expensereport', $this->expensereport->id)) {
|
||||
throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
throw new RestException(403, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
}
|
||||
|
||||
$this->expensereport->fetchObjectLinked();
|
||||
|
|
@ -225,7 +225,7 @@ class ExpenseReports extends DolibarrApi
|
|||
}
|
||||
|
||||
if( ! DolibarrApi::_checkAccessToResource('expensereport',$this->expensereport->id)) {
|
||||
throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
throw new RestException(403, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
}
|
||||
$this->expensereport->getLinesArray();
|
||||
$result = array();
|
||||
|
|
@ -259,7 +259,7 @@ class ExpenseReports extends DolibarrApi
|
|||
}
|
||||
|
||||
if( ! DolibarrApi::_checkAccessToResource('expensereport',$this->expensereport->id)) {
|
||||
throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
throw new RestException(403, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
}
|
||||
|
||||
$request_data = (object) $request_data;
|
||||
|
|
@ -327,7 +327,7 @@ class ExpenseReports extends DolibarrApi
|
|||
}
|
||||
|
||||
if( ! DolibarrApi::_checkAccessToResource('expensereport',$this->expensereport->id)) {
|
||||
throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
throw new RestException(403, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
}
|
||||
|
||||
$request_data = (object) $request_data;
|
||||
|
|
@ -391,7 +391,7 @@ class ExpenseReports extends DolibarrApi
|
|||
}
|
||||
|
||||
if( ! DolibarrApi::_checkAccessToResource('expensereport',$this->expensereport->id)) {
|
||||
throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
throw new RestException(403, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
}
|
||||
|
||||
// TODO Check the lineid $lineid is a line of object
|
||||
|
|
@ -427,7 +427,7 @@ class ExpenseReports extends DolibarrApi
|
|||
}
|
||||
|
||||
if (!DolibarrApi::_checkAccessToResource('expensereport', $this->expensereport->id)) {
|
||||
throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
throw new RestException(403, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
}
|
||||
foreach ($request_data as $field => $value) {
|
||||
if ($field == 'id') {
|
||||
|
|
@ -511,7 +511,7 @@ class ExpenseReports extends DolibarrApi
|
|||
}
|
||||
|
||||
if( ! DolibarrApi::_checkAccessToResource('expensereport',$this->expensereport->id)) {
|
||||
throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
throw new RestException(403, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
}
|
||||
|
||||
if( ! $this->expensereport->valid(DolibarrApiAccess::$user, $idwarehouse)) {
|
||||
|
|
|
|||
|
|
@ -88,7 +88,7 @@ class Interventions extends DolibarrApi
|
|||
}
|
||||
|
||||
if (!DolibarrApi::_checkAccessToResource('fichinter', $this->fichinter->id)) {
|
||||
throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
throw new RestException(403, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
}
|
||||
|
||||
$this->fichinter->fetchObjectLinked();
|
||||
|
|
@ -235,7 +235,7 @@ class Interventions extends DolibarrApi
|
|||
}
|
||||
|
||||
if( ! DolibarrApi::_checkAccessToResource('fichinter',$this->fichinter->id)) {
|
||||
throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
throw new RestException(403, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
}
|
||||
$this->fichinter->getLinesArray();
|
||||
$result = array();
|
||||
|
|
@ -279,7 +279,7 @@ class Interventions extends DolibarrApi
|
|||
}
|
||||
|
||||
if (!DolibarrApi::_checkAccessToResource('fichinter', $this->fichinter->id)) {
|
||||
throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
throw new RestException(403, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
}
|
||||
|
||||
$updateRes = $this->fichinter->addLine(
|
||||
|
|
@ -314,7 +314,7 @@ class Interventions extends DolibarrApi
|
|||
}
|
||||
|
||||
if (!DolibarrApi::_checkAccessToResource('fichinter', $this->fichinter->id)) {
|
||||
throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
throw new RestException(403, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
}
|
||||
|
||||
if (!$this->fichinter->delete(DolibarrApiAccess::$user)) {
|
||||
|
|
@ -355,7 +355,7 @@ class Interventions extends DolibarrApi
|
|||
}
|
||||
|
||||
if (!DolibarrApi::_checkAccessToResource('fichinter', $this->fichinter->id)) {
|
||||
throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
throw new RestException(403, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
}
|
||||
|
||||
$result = $this->fichinter->setValid(DolibarrApiAccess::$user, $notrigger);
|
||||
|
|
@ -391,7 +391,7 @@ class Interventions extends DolibarrApi
|
|||
}
|
||||
|
||||
if (!DolibarrApi::_checkAccessToResource('fichinter', $this->fichinter->id)) {
|
||||
throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
throw new RestException(403, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
}
|
||||
|
||||
$result = $this->fichinter->setStatut(3);
|
||||
|
|
|
|||
|
|
@ -73,7 +73,7 @@ class SupplierOrders extends DolibarrApi
|
|||
}
|
||||
|
||||
if (!DolibarrApi::_checkAccessToResource('fournisseur', $this->order->id, 'commande_fournisseur', 'commande')) {
|
||||
throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
throw new RestException(403, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
}
|
||||
|
||||
$this->order->fetchObjectLinked();
|
||||
|
|
@ -273,7 +273,7 @@ class SupplierOrders extends DolibarrApi
|
|||
}
|
||||
|
||||
if (!DolibarrApi::_checkAccessToResource('fournisseur', $this->order->id, 'commande_fournisseur', 'commande')) {
|
||||
throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
throw new RestException(403, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
}
|
||||
|
||||
foreach ($request_data as $field => $value) {
|
||||
|
|
@ -322,7 +322,7 @@ class SupplierOrders extends DolibarrApi
|
|||
}
|
||||
|
||||
if (!DolibarrApi::_checkAccessToResource('fournisseur', $this->order->id, 'commande_fournisseur', 'commande')) {
|
||||
throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
throw new RestException(403, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
}
|
||||
$contacts = array();
|
||||
|
||||
|
|
@ -365,7 +365,7 @@ class SupplierOrders extends DolibarrApi
|
|||
}
|
||||
|
||||
if (!DolibarrApi::_checkAccessToResource('fournisseur', $this->order->id, 'commande_fournisseur', 'commande')) {
|
||||
throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
throw new RestException(403, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
}
|
||||
|
||||
$result = $this->order->add_contact($contactid, $type, $source);
|
||||
|
|
@ -414,7 +414,7 @@ class SupplierOrders extends DolibarrApi
|
|||
}
|
||||
|
||||
if (!DolibarrApi::_checkAccessToResource('fournisseur', $this->order->id, 'commande_fournisseur', 'commande')) {
|
||||
throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
throw new RestException(403, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
}
|
||||
|
||||
$contacts = $this->order->liste_contact(-1, $source, 0, $type);
|
||||
|
|
@ -462,7 +462,7 @@ class SupplierOrders extends DolibarrApi
|
|||
}
|
||||
|
||||
if (!DolibarrApi::_checkAccessToResource('fournisseur', $this->order->id, 'commande_fournisseur', 'commande')) {
|
||||
throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
throw new RestException(403, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
}
|
||||
|
||||
if ($this->order->delete(DolibarrApiAccess::$user) < 0) {
|
||||
|
|
@ -507,7 +507,7 @@ class SupplierOrders extends DolibarrApi
|
|||
}
|
||||
|
||||
if (!DolibarrApi::_checkAccessToResource('fournisseur', $this->order->id, 'commande_fournisseur', 'commande')) {
|
||||
throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
throw new RestException(403, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
}
|
||||
|
||||
$result = $this->order->valid(DolibarrApiAccess::$user, $idwarehouse, $notrigger);
|
||||
|
|
@ -555,7 +555,7 @@ class SupplierOrders extends DolibarrApi
|
|||
}
|
||||
|
||||
if (!DolibarrApi::_checkAccessToResource('fournisseur', $this->order->id, 'commande_fournisseur', 'commande')) {
|
||||
throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
throw new RestException(403, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
}
|
||||
|
||||
$result = $this->order->approve(DolibarrApiAccess::$user, $idwarehouse, $secondlevel);
|
||||
|
|
@ -606,7 +606,7 @@ class SupplierOrders extends DolibarrApi
|
|||
}
|
||||
|
||||
if (!DolibarrApi::_checkAccessToResource('fournisseur', $this->order->id, 'commande_fournisseur', 'commande')) {
|
||||
throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
throw new RestException(403, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
}
|
||||
|
||||
$result = $this->order->commande(DolibarrApiAccess::$user, $date, $method, $comment);
|
||||
|
|
@ -669,7 +669,7 @@ class SupplierOrders extends DolibarrApi
|
|||
}
|
||||
|
||||
if (!DolibarrApi::_checkAccessToResource('fournisseur', $this->order->id, 'commande_fournisseur', 'commande')) {
|
||||
throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
throw new RestException(403, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
}
|
||||
|
||||
foreach ($lines as $line) {
|
||||
|
|
|
|||
|
|
@ -221,7 +221,7 @@ class Mos extends DolibarrApi
|
|||
}
|
||||
|
||||
if (!DolibarrApi::_checkAccessToResource('mrp', $this->mo->id, 'mrp_mo')) {
|
||||
throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
throw new RestException(403, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
}
|
||||
|
||||
foreach ($request_data as $field => $value) {
|
||||
|
|
|
|||
|
|
@ -351,7 +351,7 @@ class Products extends DolibarrApi
|
|||
}
|
||||
|
||||
if (!DolibarrApi::_checkAccessToResource('product', $this->product->id)) {
|
||||
throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
throw new RestException(403, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
}
|
||||
|
||||
$oldproduct = dol_clone($this->product);
|
||||
|
|
@ -453,7 +453,7 @@ class Products extends DolibarrApi
|
|||
}
|
||||
|
||||
if (!DolibarrApi::_checkAccessToResource('product', $this->product->id)) {
|
||||
throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
throw new RestException(403, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
}
|
||||
|
||||
// The Product::delete() method uses the global variable $user.
|
||||
|
|
@ -494,7 +494,7 @@ class Products extends DolibarrApi
|
|||
}
|
||||
|
||||
if (!DolibarrApi::_checkAccessToResource('product', $id)) {
|
||||
throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
throw new RestException(403, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
}
|
||||
|
||||
$childrenArbo = $this->product->getChildsArbo($id, 1);
|
||||
|
|
@ -532,7 +532,7 @@ class Products extends DolibarrApi
|
|||
}
|
||||
|
||||
if (!DolibarrApi::_checkAccessToResource('product', $id)) {
|
||||
throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
throw new RestException(403, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
}
|
||||
|
||||
$result = $this->product->add_sousproduit($id, $subproduct_id, $qty, $incdec);
|
||||
|
|
@ -562,7 +562,7 @@ class Products extends DolibarrApi
|
|||
}
|
||||
|
||||
if (!DolibarrApi::_checkAccessToResource('product', $id)) {
|
||||
throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
throw new RestException(403, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
}
|
||||
|
||||
$result = $this->product->del_sousproduit($id, $subproduct_id);
|
||||
|
|
@ -775,7 +775,7 @@ class Products extends DolibarrApi
|
|||
}
|
||||
|
||||
if (!DolibarrApi::_checkAccessToResource('product', $this->productsupplier->id)) {
|
||||
throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
throw new RestException(403, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
}
|
||||
|
||||
$socid = DolibarrApiAccess::$user->socid ? DolibarrApiAccess::$user->socid : '';
|
||||
|
|
@ -832,7 +832,7 @@ class Products extends DolibarrApi
|
|||
}
|
||||
|
||||
if (!DolibarrApi::_checkAccessToResource('product', $this->productsupplier->id)) {
|
||||
throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
throw new RestException(403, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
}
|
||||
|
||||
$resultsupplier = 0;
|
||||
|
|
@ -987,7 +987,7 @@ class Products extends DolibarrApi
|
|||
}
|
||||
|
||||
if (!DolibarrApi::_checkAccessToResource('product', $this->product->id)) {
|
||||
throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
throw new RestException(403, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
}
|
||||
|
||||
$product_fourn_list = array();
|
||||
|
|
@ -2064,7 +2064,7 @@ class Products extends DolibarrApi
|
|||
}
|
||||
|
||||
if (!DolibarrApi::_checkAccessToResource('product', $this->product->id)) {
|
||||
throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
throw new RestException(403, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
}
|
||||
|
||||
if (!empty($includestockdata) && DolibarrApiAccess::$user->hasRight('stock', 'lire')) {
|
||||
|
|
|
|||
|
|
@ -75,7 +75,7 @@ class StockMovements extends DolibarrApi
|
|||
}
|
||||
|
||||
if (!DolibarrApi::_checkAccessToResource('warehouse',$this->stockmovement->id)) {
|
||||
throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
throw new RestException(403, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
}
|
||||
|
||||
return $this->_cleanObjectDatas($this->stockmovement);
|
||||
|
|
@ -228,7 +228,7 @@ class StockMovements extends DolibarrApi
|
|||
}
|
||||
|
||||
if( ! DolibarrApi::_checkAccessToResource('stock',$this->stockmovement->id)) {
|
||||
throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
throw new RestException(403, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
}
|
||||
|
||||
foreach($request_data as $field => $value) {
|
||||
|
|
@ -260,7 +260,7 @@ class StockMovements extends DolibarrApi
|
|||
}
|
||||
|
||||
if (! DolibarrApi::_checkAccessToResource('stock',$this->stockmovement->id)) {
|
||||
throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
throw new RestException(403, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
}
|
||||
|
||||
if (! $this->stockmovement->delete(DolibarrApiAccess::$user)) {
|
||||
|
|
|
|||
|
|
@ -72,7 +72,7 @@ class Warehouses extends DolibarrApi
|
|||
}
|
||||
|
||||
if (!DolibarrApi::_checkAccessToResource('stock', $this->warehouse->id, 'entrepot')) {
|
||||
throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
throw new RestException(403, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
}
|
||||
|
||||
return $this->_cleanObjectDatas($this->warehouse);
|
||||
|
|
@ -204,7 +204,7 @@ class Warehouses extends DolibarrApi
|
|||
}
|
||||
|
||||
if (!DolibarrApi::_checkAccessToResource('stock', $this->warehouse->id)) {
|
||||
throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
throw new RestException(403, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
}
|
||||
|
||||
foreach ($request_data as $field => $value) {
|
||||
|
|
@ -244,7 +244,7 @@ class Warehouses extends DolibarrApi
|
|||
}
|
||||
|
||||
if (!DolibarrApi::_checkAccessToResource('stock', $this->warehouse->id)) {
|
||||
throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
throw new RestException(403, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
}
|
||||
|
||||
if (!$this->warehouse->delete(DolibarrApiAccess::$user)) {
|
||||
|
|
|
|||
|
|
@ -81,7 +81,7 @@ class Projects extends DolibarrApi
|
|||
}
|
||||
|
||||
if (!DolibarrApi::_checkAccessToResource('project', $this->project->id)) {
|
||||
throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
throw new RestException(403, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
}
|
||||
|
||||
$this->project->fetchObjectLinked();
|
||||
|
|
@ -112,7 +112,7 @@ class Projects extends DolibarrApi
|
|||
}
|
||||
|
||||
if (!DolibarrApi::_checkAccessToResource('project', $this->project->id)) {
|
||||
throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
throw new RestException(403, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
}
|
||||
|
||||
$this->project->fetchObjectLinked();
|
||||
|
|
@ -143,7 +143,7 @@ class Projects extends DolibarrApi
|
|||
}
|
||||
|
||||
if (!DolibarrApi::_checkAccessToResource('project', $this->project->id)) {
|
||||
throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
throw new RestException(403, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
}
|
||||
|
||||
$this->project->fetchObjectLinked();
|
||||
|
|
@ -304,7 +304,7 @@ class Projects extends DolibarrApi
|
|||
}
|
||||
|
||||
if (!DolibarrApi::_checkAccessToResource('project', $this->project->id)) {
|
||||
throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
throw new RestException(403, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
}
|
||||
$this->project->getLinesArray(DolibarrApiAccess::$user);
|
||||
$result = array();
|
||||
|
|
@ -344,7 +344,7 @@ class Projects extends DolibarrApi
|
|||
}
|
||||
|
||||
if (!DolibarrApi::_checkAccessToResource('project', $this->project->id)) {
|
||||
throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
throw new RestException(403, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
}
|
||||
|
||||
require_once DOL_DOCUMENT_ROOT.'/projet/class/task.class.php';
|
||||
|
|
@ -387,7 +387,7 @@ class Projects extends DolibarrApi
|
|||
}
|
||||
|
||||
if( ! DolibarrApi::_checkAccessToResource('project',$this->project->id)) {
|
||||
throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
throw new RestException(403, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
}
|
||||
|
||||
$request_data = (object) $request_data;
|
||||
|
|
@ -454,7 +454,7 @@ class Projects extends DolibarrApi
|
|||
}
|
||||
|
||||
if( ! DolibarrApi::_checkAccessToResource('project',$this->project->id)) {
|
||||
throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
throw new RestException(403, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
}
|
||||
|
||||
$request_data = (object) $request_data;
|
||||
|
|
@ -514,7 +514,7 @@ class Projects extends DolibarrApi
|
|||
}
|
||||
|
||||
if (!DolibarrApi::_checkAccessToResource('project', $this->project->id)) {
|
||||
throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
throw new RestException(403, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
}
|
||||
foreach ($request_data as $field => $value) {
|
||||
if ($field == 'id') {
|
||||
|
|
@ -554,7 +554,7 @@ class Projects extends DolibarrApi
|
|||
}
|
||||
|
||||
if (!DolibarrApi::_checkAccessToResource('project', $this->project->id)) {
|
||||
throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
throw new RestException(403, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
}
|
||||
|
||||
if (!$this->project->delete(DolibarrApiAccess::$user)) {
|
||||
|
|
@ -598,7 +598,7 @@ class Projects extends DolibarrApi
|
|||
}
|
||||
|
||||
if (!DolibarrApi::_checkAccessToResource('project', $this->project->id)) {
|
||||
throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
throw new RestException(403, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
}
|
||||
|
||||
$result = $this->project->setValid(DolibarrApiAccess::$user, $notrigger);
|
||||
|
|
|
|||
|
|
@ -77,7 +77,7 @@ class Tasks extends DolibarrApi
|
|||
}
|
||||
|
||||
if (!DolibarrApi::_checkAccessToResource('task', $this->task->id)) {
|
||||
throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
throw new RestException(403, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
}
|
||||
|
||||
if ($includetimespent == 1) {
|
||||
|
|
@ -239,7 +239,7 @@ class Tasks extends DolibarrApi
|
|||
}
|
||||
|
||||
if( ! DolibarrApi::_checkAccessToResource('project',$this->project->id)) {
|
||||
throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
throw new RestException(403, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
}
|
||||
$this->project->getLinesArray(DolibarrApiAccess::$user);
|
||||
$result = array();
|
||||
|
|
@ -284,7 +284,7 @@ class Tasks extends DolibarrApi
|
|||
}
|
||||
|
||||
if (!DolibarrApi::_checkAccessToResource('tasks', $this->task->id)) {
|
||||
throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
throw new RestException(403, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
}
|
||||
|
||||
$usert = DolibarrApiAccess::$user;
|
||||
|
|
@ -325,7 +325,7 @@ class Tasks extends DolibarrApi
|
|||
}
|
||||
|
||||
if( ! DolibarrApi::_checkAccessToResource('project',$this->project->id)) {
|
||||
throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
throw new RestException(403, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
}
|
||||
|
||||
$request_data = (object) $request_data;
|
||||
|
|
@ -392,7 +392,7 @@ class Tasks extends DolibarrApi
|
|||
}
|
||||
|
||||
if( ! DolibarrApi::_checkAccessToResource('project',$this->project->id)) {
|
||||
throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
throw new RestException(403, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
}
|
||||
|
||||
$request_data = (object) $request_data;
|
||||
|
|
@ -451,7 +451,7 @@ class Tasks extends DolibarrApi
|
|||
}
|
||||
|
||||
if (!DolibarrApi::_checkAccessToResource('task', $this->task->id)) {
|
||||
throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
throw new RestException(403, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
}
|
||||
foreach ($request_data as $field => $value) {
|
||||
if ($field == 'id') {
|
||||
|
|
@ -497,7 +497,7 @@ class Tasks extends DolibarrApi
|
|||
}
|
||||
|
||||
if (!DolibarrApi::_checkAccessToResource('task', $this->task->id)) {
|
||||
throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
throw new RestException(403, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
}
|
||||
|
||||
if (!$this->task->delete(DolibarrApiAccess::$user)) {
|
||||
|
|
@ -540,7 +540,7 @@ class Tasks extends DolibarrApi
|
|||
}
|
||||
|
||||
if (!DolibarrApi::_checkAccessToResource('project', $this->task->fk_project)) {
|
||||
throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
throw new RestException(403, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
}
|
||||
|
||||
$uid = $user_id;
|
||||
|
|
@ -596,7 +596,7 @@ class Tasks extends DolibarrApi
|
|||
$this->timespentRecordChecks($id, $timespent_id);
|
||||
|
||||
if (!DolibarrApi::_checkAccessToResource('task', $this->task->id)) {
|
||||
throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
throw new RestException(403, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
}
|
||||
|
||||
$newdate = dol_stringtotime($date, 1);
|
||||
|
|
@ -641,7 +641,7 @@ class Tasks extends DolibarrApi
|
|||
$this->timespentRecordChecks($id, $timespent_id);
|
||||
|
||||
if (!DolibarrApi::_checkAccessToResource('task', $this->task->id)) {
|
||||
throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
throw new RestException(403, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
}
|
||||
|
||||
if ($this->task->delTimeSpent(DolibarrApiAccess::$user, 0) < 0) {
|
||||
|
|
|
|||
|
|
@ -73,7 +73,7 @@ class Receptions extends DolibarrApi
|
|||
}
|
||||
|
||||
if (!DolibarrApi::_checkAccessToResource('reception', $this->reception->id)) {
|
||||
throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
throw new RestException(403, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
}
|
||||
|
||||
$this->reception->fetchObjectLinked();
|
||||
|
|
@ -231,7 +231,7 @@ class Receptions extends DolibarrApi
|
|||
}
|
||||
|
||||
if (!DolibarrApi::_checkAccessToResource('reception',$this->reception->id)) {
|
||||
throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
throw new RestException(403, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
}
|
||||
$this->reception->getLinesArray();
|
||||
$result = array();
|
||||
|
|
@ -265,7 +265,7 @@ class Receptions extends DolibarrApi
|
|||
}
|
||||
|
||||
if (!DolibarrApi::_checkAccessToResource('reception',$this->reception->id)) {
|
||||
throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
throw new RestException(403, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
}
|
||||
|
||||
$request_data = (object) $request_data;
|
||||
|
|
@ -333,7 +333,7 @@ class Receptions extends DolibarrApi
|
|||
}
|
||||
|
||||
if (!DolibarrApi::_checkAccessToResource('reception',$this->reception->id)) {
|
||||
throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
throw new RestException(403, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
}
|
||||
|
||||
$request_data = (object) $request_data;
|
||||
|
|
@ -398,7 +398,7 @@ class Receptions extends DolibarrApi
|
|||
}
|
||||
|
||||
if (!DolibarrApi::_checkAccessToResource('reception', $this->reception->id)) {
|
||||
throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
throw new RestException(403, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
}
|
||||
|
||||
// TODO Check the lineid $lineid is a line of object
|
||||
|
|
@ -435,7 +435,7 @@ class Receptions extends DolibarrApi
|
|||
}
|
||||
|
||||
if (!DolibarrApi::_checkAccessToResource('reception', $this->reception->id)) {
|
||||
throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
throw new RestException(403, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
}
|
||||
foreach ($request_data as $field => $value) {
|
||||
if ($field == 'id') {
|
||||
|
|
@ -474,7 +474,7 @@ class Receptions extends DolibarrApi
|
|||
}
|
||||
|
||||
if (!DolibarrApi::_checkAccessToResource('reception', $this->reception->id)) {
|
||||
throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
throw new RestException(403, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
}
|
||||
|
||||
if (!$this->reception->delete(DolibarrApiAccess::$user)) {
|
||||
|
|
@ -519,7 +519,7 @@ class Receptions extends DolibarrApi
|
|||
}
|
||||
|
||||
if (!DolibarrApi::_checkAccessToResource('reception', $this->reception->id)) {
|
||||
throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
throw new RestException(403, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
}
|
||||
|
||||
$result = $this->reception->valid(DolibarrApiAccess::$user, $notrigger);
|
||||
|
|
@ -642,7 +642,7 @@ class Receptions extends DolibarrApi
|
|||
}
|
||||
|
||||
if (!DolibarrApi::_checkAccessToResource('reception', $this->reception->id)) {
|
||||
throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
throw new RestException(403, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
}
|
||||
|
||||
$result = $this->reception->setClosed();
|
||||
|
|
|
|||
|
|
@ -87,7 +87,7 @@ class Contacts extends DolibarrApi
|
|||
}
|
||||
|
||||
if (!DolibarrApi::_checkAccessToResource('contact', $this->contact->id, 'socpeople&societe')) {
|
||||
throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
throw new RestException(403, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
}
|
||||
|
||||
if ($includecount) {
|
||||
|
|
@ -135,7 +135,7 @@ class Contacts extends DolibarrApi
|
|||
}
|
||||
|
||||
if (!DolibarrApi::_checkAccessToResource('contact', $this->contact->id, 'socpeople&societe')) {
|
||||
throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
throw new RestException(403, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
}
|
||||
|
||||
if ($includecount) {
|
||||
|
|
@ -328,7 +328,7 @@ class Contacts extends DolibarrApi
|
|||
}
|
||||
|
||||
if (!DolibarrApi::_checkAccessToResource('contact', $this->contact->id, 'socpeople&societe')) {
|
||||
throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
throw new RestException(403, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
}
|
||||
|
||||
foreach ($request_data as $field => $value) {
|
||||
|
|
@ -378,7 +378,7 @@ class Contacts extends DolibarrApi
|
|||
}
|
||||
|
||||
if (!DolibarrApi::_checkAccessToResource('contact', $this->contact->id, 'socpeople&societe')) {
|
||||
throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
throw new RestException(403, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
}
|
||||
$this->contact->oldcopy = clone $this->contact;
|
||||
return $this->contact->delete(DolibarrApiAccess::$user);
|
||||
|
|
@ -498,10 +498,10 @@ class Contacts extends DolibarrApi
|
|||
}
|
||||
|
||||
if (!DolibarrApi::_checkAccessToResource('contact', $this->contact->id)) {
|
||||
throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
throw new RestException(403, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
}
|
||||
if (!DolibarrApi::_checkAccessToResource('category', $category->id)) {
|
||||
throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
throw new RestException(403, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
}
|
||||
|
||||
$category->add_type($this->contact, 'contact');
|
||||
|
|
@ -538,10 +538,10 @@ class Contacts extends DolibarrApi
|
|||
}
|
||||
|
||||
if (!DolibarrApi::_checkAccessToResource('contact', $this->contact->id)) {
|
||||
throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
throw new RestException(403, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
}
|
||||
if (!DolibarrApi::_checkAccessToResource('category', $category->id)) {
|
||||
throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
throw new RestException(403, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
}
|
||||
|
||||
$category->del_type($this->contact, 'contact');
|
||||
|
|
|
|||
|
|
@ -292,7 +292,7 @@ class Thirdparties extends DolibarrApi
|
|||
}
|
||||
|
||||
if (!DolibarrApi::_checkAccessToResource('societe', $this->company->id)) {
|
||||
throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
throw new RestException(403, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
}
|
||||
|
||||
foreach ($request_data as $field => $value) {
|
||||
|
|
@ -349,7 +349,7 @@ class Thirdparties extends DolibarrApi
|
|||
}
|
||||
|
||||
if (!DolibarrApi::_checkAccessToResource('societe', $this->company->id)) {
|
||||
throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
throw new RestException(403, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
}
|
||||
|
||||
$companytoremove = new Societe($this->db);
|
||||
|
|
@ -359,7 +359,7 @@ class Thirdparties extends DolibarrApi
|
|||
}
|
||||
|
||||
if (!DolibarrApi::_checkAccessToResource('societe', $companytoremove->id)) {
|
||||
throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
throw new RestException(403, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
}
|
||||
|
||||
$user = DolibarrApiAccess::$user;
|
||||
|
|
@ -387,7 +387,7 @@ class Thirdparties extends DolibarrApi
|
|||
throw new RestException(404, 'Thirdparty not found');
|
||||
}
|
||||
if (!DolibarrApi::_checkAccessToResource('societe', $this->company->id)) {
|
||||
throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
throw new RestException(403, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
}
|
||||
$this->company->oldcopy = clone $this->company;
|
||||
|
||||
|
|
@ -493,7 +493,7 @@ class Thirdparties extends DolibarrApi
|
|||
throw new RestException(404, 'User not found');
|
||||
}
|
||||
if (!DolibarrApi::_checkAccessToResource('societe', $this->company->id)) {
|
||||
throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
throw new RestException(403, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
}
|
||||
$result = $this->company->add_commercial(DolibarrApiAccess::$user, $representative_id);
|
||||
|
||||
|
|
@ -527,7 +527,7 @@ class Thirdparties extends DolibarrApi
|
|||
throw new RestException(404, 'User not found');
|
||||
}
|
||||
if (!DolibarrApi::_checkAccessToResource('societe', $this->company->id)) {
|
||||
throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
throw new RestException(403, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
}
|
||||
$result = $this->company->del_commercial(DolibarrApiAccess::$user, $representative_id);
|
||||
|
||||
|
|
@ -598,10 +598,10 @@ class Thirdparties extends DolibarrApi
|
|||
}
|
||||
|
||||
if (!DolibarrApi::_checkAccessToResource('societe', $this->company->id)) {
|
||||
throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
throw new RestException(403, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
}
|
||||
if (!DolibarrApi::_checkAccessToResource('category', $category->id)) {
|
||||
throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
throw new RestException(403, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
}
|
||||
|
||||
$category->add_type($this->company, 'customer');
|
||||
|
|
@ -636,10 +636,10 @@ class Thirdparties extends DolibarrApi
|
|||
}
|
||||
|
||||
if (!DolibarrApi::_checkAccessToResource('societe', $this->company->id)) {
|
||||
throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
throw new RestException(403, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
}
|
||||
if (!DolibarrApi::_checkAccessToResource('category', $category->id)) {
|
||||
throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
throw new RestException(403, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
}
|
||||
|
||||
$category->del_type($this->company, 'customer');
|
||||
|
|
@ -713,10 +713,10 @@ class Thirdparties extends DolibarrApi
|
|||
}
|
||||
|
||||
if (!DolibarrApi::_checkAccessToResource('societe', $this->company->id)) {
|
||||
throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
throw new RestException(403, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
}
|
||||
if (!DolibarrApi::_checkAccessToResource('category', $category->id)) {
|
||||
throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
throw new RestException(403, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
}
|
||||
|
||||
$category->add_type($this->company, 'supplier');
|
||||
|
|
@ -751,10 +751,10 @@ class Thirdparties extends DolibarrApi
|
|||
}
|
||||
|
||||
if (!DolibarrApi::_checkAccessToResource('societe', $this->company->id)) {
|
||||
throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
throw new RestException(403, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
}
|
||||
if (!DolibarrApi::_checkAccessToResource('category', $category->id)) {
|
||||
throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
throw new RestException(403, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
}
|
||||
|
||||
$category->del_type($this->company, 'supplier');
|
||||
|
|
@ -788,7 +788,7 @@ class Thirdparties extends DolibarrApi
|
|||
}
|
||||
|
||||
if (!DolibarrApi::_checkAccessToResource('societe', $id)) {
|
||||
throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
throw new RestException(403, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
}
|
||||
|
||||
$result = $this->company->fetch($id);
|
||||
|
|
@ -830,7 +830,7 @@ class Thirdparties extends DolibarrApi
|
|||
}
|
||||
|
||||
if (!DolibarrApi::_checkAccessToResource('societe', $id)) {
|
||||
throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
throw new RestException(403, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
}
|
||||
|
||||
$result = $this->company->fetch($id);
|
||||
|
|
@ -871,7 +871,7 @@ class Thirdparties extends DolibarrApi
|
|||
}
|
||||
|
||||
if (!DolibarrApi::_checkAccessToResource('societe', $id)) {
|
||||
throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
throw new RestException(403, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
}
|
||||
|
||||
$result = $this->company->fetch($id);
|
||||
|
|
@ -912,7 +912,7 @@ class Thirdparties extends DolibarrApi
|
|||
}
|
||||
|
||||
if (!DolibarrApi::_checkAccessToResource('societe', $id)) {
|
||||
throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
throw new RestException(403, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
}
|
||||
|
||||
$result = $this->company->fetch($id);
|
||||
|
|
@ -955,7 +955,7 @@ class Thirdparties extends DolibarrApi
|
|||
}
|
||||
|
||||
if (!DolibarrApi::_checkAccessToResource('societe', $id)) {
|
||||
throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
throw new RestException(403, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
}
|
||||
|
||||
$result = $this->company->fetch($id);
|
||||
|
|
@ -1014,7 +1014,7 @@ class Thirdparties extends DolibarrApi
|
|||
}
|
||||
|
||||
if (!DolibarrApi::_checkAccessToResource('societe', $id)) {
|
||||
throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
throw new RestException(403, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
}
|
||||
|
||||
/*$result = $this->thirdparty->fetch($id);
|
||||
|
|
@ -1057,7 +1057,7 @@ class Thirdparties extends DolibarrApi
|
|||
}
|
||||
|
||||
if (!DolibarrApi::_checkAccessToResource('societe', $id)) {
|
||||
throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
throw new RestException(403, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
}
|
||||
|
||||
/*$result = $this->thirdparty->fetch($id);
|
||||
|
|
@ -1265,7 +1265,7 @@ class Thirdparties extends DolibarrApi
|
|||
}
|
||||
|
||||
if (!DolibarrApi::_checkAccessToResource('societe', $id)) {
|
||||
throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
throw new RestException(403, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
}
|
||||
|
||||
/**
|
||||
|
|
@ -1562,7 +1562,7 @@ class Thirdparties extends DolibarrApi
|
|||
}
|
||||
|
||||
if (!DolibarrApi::_checkAccessToResource('societe', $id)) {
|
||||
throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
throw new RestException(403, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
}
|
||||
|
||||
/**
|
||||
|
|
@ -2003,7 +2003,7 @@ class Thirdparties extends DolibarrApi
|
|||
global $conf;
|
||||
|
||||
if (!DolibarrApiAccess::$user->hasRight('societe', 'lire')) {
|
||||
throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login.'. No read permission on thirdparties.');
|
||||
throw new RestException(403, 'Access not allowed for login '.DolibarrApiAccess::$user->login.'. No read permission on thirdparties.');
|
||||
}
|
||||
|
||||
if ($rowid === 0) {
|
||||
|
|
@ -2016,7 +2016,7 @@ class Thirdparties extends DolibarrApi
|
|||
}
|
||||
|
||||
if (!DolibarrApi::_checkAccessToResource('societe', $this->company->id)) {
|
||||
throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login.' on this thirdparty');
|
||||
throw new RestException(403, 'Access not allowed for login '.DolibarrApiAccess::$user->login.' on this thirdparty');
|
||||
}
|
||||
if (isModEnabled('mailing')) {
|
||||
$this->company->getNoEmail();
|
||||
|
|
|
|||
|
|
@ -73,7 +73,7 @@ class SupplierProposals extends DolibarrApi
|
|||
}
|
||||
|
||||
if (!DolibarrApi::_checkAccessToResource('supplier_proposal', $this->supplier_proposal->id)) {
|
||||
throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
throw new RestException(403, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
}
|
||||
|
||||
$this->supplier_proposal->fetchObjectLinked();
|
||||
|
|
|
|||
|
|
@ -179,7 +179,7 @@ class Tickets extends DolibarrApi
|
|||
}
|
||||
|
||||
if (!DolibarrApi::_checkAccessToResource('ticket', $this->ticket->id)) {
|
||||
throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
throw new RestException(403, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
}
|
||||
return $this->_cleanObjectDatas($this->ticket);
|
||||
}
|
||||
|
|
@ -370,7 +370,7 @@ class Tickets extends DolibarrApi
|
|||
}
|
||||
|
||||
if (!DolibarrApi::_checkAccessToResource('ticket', $this->ticket->id)) {
|
||||
throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
throw new RestException(403, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
}
|
||||
|
||||
foreach ($request_data as $field => $value) {
|
||||
|
|
@ -408,7 +408,7 @@ class Tickets extends DolibarrApi
|
|||
}
|
||||
|
||||
if (!DolibarrApi::_checkAccessToResource('ticket', $this->ticket->id)) {
|
||||
throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
throw new RestException(403, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
}
|
||||
|
||||
if (!$this->ticket->delete(DolibarrApiAccess::$user)) {
|
||||
|
|
|
|||
|
|
@ -163,7 +163,7 @@ class Users extends DolibarrApi
|
|||
}
|
||||
|
||||
if ($id > 0 && !DolibarrApi::_checkAccessToResource('user', $this->useraccount->id, 'user')) {
|
||||
throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
throw new RestException(403, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
}
|
||||
|
||||
if ($includepermissions) {
|
||||
|
|
@ -202,7 +202,7 @@ class Users extends DolibarrApi
|
|||
}
|
||||
|
||||
if (!DolibarrApi::_checkAccessToResource('user', $this->useraccount->id, 'user')) {
|
||||
throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
throw new RestException(403, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
}
|
||||
|
||||
if ($includepermissions) {
|
||||
|
|
@ -241,7 +241,7 @@ class Users extends DolibarrApi
|
|||
}
|
||||
|
||||
if (!DolibarrApi::_checkAccessToResource('user', $this->useraccount->id, 'user')) {
|
||||
throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
throw new RestException(403, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
}
|
||||
|
||||
if ($includepermissions) {
|
||||
|
|
@ -276,7 +276,7 @@ class Users extends DolibarrApi
|
|||
}
|
||||
|
||||
if (!DolibarrApi::_checkAccessToResource('user', $this->useraccount->id, 'user')) {
|
||||
throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
throw new RestException(403, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
}
|
||||
|
||||
if ($includepermissions) {
|
||||
|
|
@ -370,7 +370,7 @@ class Users extends DolibarrApi
|
|||
}
|
||||
|
||||
if (!DolibarrApi::_checkAccessToResource('user', $this->useraccount->id, 'user')) {
|
||||
throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
throw new RestException(403, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
}
|
||||
|
||||
foreach ($request_data as $field => $value) {
|
||||
|
|
|
|||
|
|
@ -85,7 +85,7 @@ class Zapier extends DolibarrApi
|
|||
}
|
||||
|
||||
if (!DolibarrApi::_checkAccessToResource('hook', $this->hook->id)) {
|
||||
throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
throw new RestException(403, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
}
|
||||
|
||||
return $this->_cleanObjectDatas($this->hook);
|
||||
|
|
@ -120,7 +120,7 @@ class Zapier extends DolibarrApi
|
|||
// }
|
||||
|
||||
// if (! DolibarrApi::_checkAccessToResource('hook', $this->hook->id)) {
|
||||
// throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
// throw new RestException(403, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
// }
|
||||
|
||||
return $arraychoices;
|
||||
|
|
@ -279,7 +279,7 @@ class Zapier extends DolibarrApi
|
|||
}
|
||||
|
||||
if (!DolibarrApi::_checkAccessToResource('hook', $this->hook->id)) {
|
||||
throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
throw new RestException(403, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
|
||||
}
|
||||
|
||||
if (!$this->hook->delete(DolibarrApiAccess::$user)) {
|
||||
|
|
|
|||
Loading…
Reference in New Issue
Block a user