mirror of
https://github.com/Dolibarr/dolibarr.git
synced 2025-02-20 13:46:52 +01:00
Clean sql request to use exist instead of left join
This commit is contained in:
Laurent Destailleur
parent
9fdfa6fdb3
commit
e2f49c407f
|
|
@ -88,7 +88,6 @@ class AdherentStats extends Stats
|
|||
{
|
||||
$sql = "SELECT date_format(p.dateadh,'%m') as dm, count(*)";
|
||||
$sql .= " FROM ".$this->from;
|
||||
//if (empty($user->rights->societe->client->voir) && !$user->socid) $sql.= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
|
||||
$sql .= " WHERE ".dolSqlDateFilter('p.dateadh', 0, 0, (int) $year, 1);
|
||||
$sql .= " AND ".$this->where;
|
||||
$sql .= " GROUP BY dm";
|
||||
|
|
@ -106,7 +105,6 @@ class AdherentStats extends Stats
|
|||
{
|
||||
$sql = "SELECT date_format(p.dateadh,'%Y') as dm, count(*)";
|
||||
$sql .= " FROM ".$this->from;
|
||||
//if (empty($user->rights->societe->client->voir) && !$user->socid) $sql.= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
|
||||
$sql .= " WHERE ".$this->where;
|
||||
$sql .= " GROUP BY dm";
|
||||
$sql .= $this->db->order('dm', 'DESC');
|
||||
|
|
@ -125,7 +123,6 @@ class AdherentStats extends Stats
|
|||
{
|
||||
$sql = "SELECT date_format(p.dateadh,'%m') as dm, sum(p.".$this->field.")";
|
||||
$sql .= " FROM ".$this->from;
|
||||
//if (empty($user->rights->societe->client->voir) && !$user->socid) $sql.= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
|
||||
$sql .= " WHERE ".dolSqlDateFilter('p.dateadh', 0, 0, (int) $year, 1);
|
||||
$sql .= " AND ".$this->where;
|
||||
$sql .= " GROUP BY dm";
|
||||
|
|
@ -144,7 +141,6 @@ class AdherentStats extends Stats
|
|||
{
|
||||
$sql = "SELECT date_format(p.dateadh,'%m') as dm, avg(p.".$this->field.")";
|
||||
$sql .= " FROM ".$this->from;
|
||||
//if (empty($user->rights->societe->client->voir) && !$this->socid) $sql.= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
|
||||
$sql .= " WHERE ".dolSqlDateFilter('p.dateadh', 0, 0, (int) $year, 1);
|
||||
$sql .= " AND ".$this->where;
|
||||
$sql .= " GROUP BY dm";
|
||||
|
|
@ -163,7 +159,6 @@ class AdherentStats extends Stats
|
|||
{
|
||||
$sql = "SELECT date_format(p.dateadh,'%Y') as year, count(*) as nb, sum(".$this->field.") as total, avg(".$this->field.") as avg";
|
||||
$sql .= " FROM ".$this->from;
|
||||
//if (empty($user->rights->societe->client->voir) && !$this->socid) $sql.= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
|
||||
$sql .= " WHERE ".$this->where;
|
||||
$sql .= " GROUP BY year";
|
||||
$sql .= $this->db->order('year', 'DESC');
|
||||
|
|
|
|||
|
|
@ -99,8 +99,6 @@ class Boms extends DolibarrApi
|
|||
*/
|
||||
public function index($sortfield = "t.rowid", $sortorder = 'ASC', $limit = 100, $page = 0, $sqlfilters = '', $properties = '')
|
||||
{
|
||||
global $db, $conf;
|
||||
|
||||
if (!DolibarrApiAccess::$user->rights->bom->read) {
|
||||
throw new RestException(401);
|
||||
}
|
||||
|
|
@ -114,40 +112,27 @@ class Boms extends DolibarrApi
|
|||
|
||||
// If the internal user must only see his customers, force searching by him
|
||||
$search_sale = 0;
|
||||
if ($restrictonsocid && !DolibarrApiAccess::$user->rights->societe->client->voir && !$socid) {
|
||||
if ($restrictonsocid && !DolibarrApiAccess::$user->hasRight('societe', 'client', 'voir') && !$socid) {
|
||||
$search_sale = DolibarrApiAccess::$user->id;
|
||||
}
|
||||
|
||||
$sql = "SELECT t.rowid";
|
||||
if ($restrictonsocid && (!DolibarrApiAccess::$user->rights->societe->client->voir && !$socid) || $search_sale > 0) {
|
||||
$sql .= ", sc.fk_soc, sc.fk_user"; // We need these fields in order to filter by sale (including the case where the user can only see his prospects)
|
||||
}
|
||||
$sql .= " FROM ".MAIN_DB_PREFIX.$tmpobject->table_element." AS t LEFT JOIN ".MAIN_DB_PREFIX.$tmpobject->table_element."_extrafields AS ef ON (ef.fk_object = t.rowid)"; // Modification VMR Global Solutions to include extrafields as search parameters in the API GET call, so we will be able to filter on extrafields
|
||||
|
||||
if ($restrictonsocid && (!DolibarrApiAccess::$user->rights->societe->client->voir && !$socid) || $search_sale > 0) {
|
||||
$sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; // We need this table joined to the select in order to filter by sale
|
||||
}
|
||||
$sql .= " FROM ".MAIN_DB_PREFIX.$tmpobject->table_element." AS t";
|
||||
$sql .= " LEFT JOIN ".MAIN_DB_PREFIX.$tmpobject->table_element."_extrafields AS ef ON (ef.fk_object = t.rowid)"; // Modification VMR Global Solutions to include extrafields as search parameters in the API GET call, so we will be able to filter on extrafields
|
||||
$sql .= " WHERE 1 = 1";
|
||||
|
||||
// Example of use $mode
|
||||
//if ($mode == 1) $sql.= " AND s.client IN (1, 3)";
|
||||
//if ($mode == 2) $sql.= " AND s.client IN (2, 3)";
|
||||
|
||||
if ($tmpobject->ismultientitymanaged) {
|
||||
$sql .= ' AND t.entity IN ('.getEntity($tmpobject->element).')';
|
||||
}
|
||||
if ($restrictonsocid && (!DolibarrApiAccess::$user->rights->societe->client->voir && !$socid) || $search_sale > 0) {
|
||||
$sql .= " AND t.fk_soc = sc.fk_soc";
|
||||
}
|
||||
if ($restrictonsocid && $socid) {
|
||||
$sql .= " AND t.fk_soc = ".((int) $socid);
|
||||
}
|
||||
if ($restrictonsocid && $search_sale > 0) {
|
||||
$sql .= " AND t.rowid = sc.fk_soc"; // Join for the needed table to filter by sale
|
||||
}
|
||||
// Insert sale filter
|
||||
if ($restrictonsocid && $search_sale > 0) {
|
||||
$sql .= " AND sc.fk_user = ".((int) $search_sale);
|
||||
// Search on sale representative
|
||||
if ($search_sale && $search_sale != '-1') {
|
||||
if ($search_sale == -2) {
|
||||
$sql .= " AND NOT EXISTS (SELECT sc.fk_soc FROM ".MAIN_DB_PREFIX."societe_commerciaux as sc WHERE sc.fk_soc = t.fk_soc)";
|
||||
} elseif ($search_sale > 0) {
|
||||
$sql .= " AND EXISTS (SELECT sc.fk_soc FROM ".MAIN_DB_PREFIX."societe_commerciaux as sc WHERE sc.fk_soc = t.fk_soc AND sc.fk_user = ".((int) $search_sale).")";
|
||||
}
|
||||
}
|
||||
if ($sqlfilters) {
|
||||
$errormessage = '';
|
||||
|
|
|
|||
|
|
@ -114,14 +114,11 @@ class AgendaEvents extends DolibarrApi
|
|||
}
|
||||
|
||||
// case of external user
|
||||
$socid = 0;
|
||||
if (!empty(DolibarrApiAccess::$user->socid)) {
|
||||
$socid = DolibarrApiAccess::$user->socid;
|
||||
}
|
||||
$socid = DolibarrApiAccess::$user->socid ? DolibarrApiAccess::$user->socid : 0;
|
||||
|
||||
// If the internal user must only see his customers, force searching by him
|
||||
$search_sale = 0;
|
||||
if (!DolibarrApiAccess::$user->rights->societe->client->voir && !$socid) {
|
||||
if (!DolibarrApiAccess::$user->hasRight('societe', 'client', 'voir') && !$socid) {
|
||||
$search_sale = DolibarrApiAccess::$user->id;
|
||||
}
|
||||
if (!isModEnabled('societe')) {
|
||||
|
|
@ -129,32 +126,22 @@ class AgendaEvents extends DolibarrApi
|
|||
}
|
||||
|
||||
$sql = "SELECT t.id as rowid";
|
||||
if (isModEnabled("societe")) {
|
||||
if ((!DolibarrApiAccess::$user->rights->societe->client->voir && !$socid) || $search_sale > 0) {
|
||||
$sql .= ", sc.fk_soc, sc.fk_user"; // We need these fields in order to filter by sale (including the case where the user can only see his prospects)
|
||||
}
|
||||
}
|
||||
$sql .= " FROM ".MAIN_DB_PREFIX."actioncomm AS t LEFT JOIN ".MAIN_DB_PREFIX."actioncomm_extrafields AS ef ON (ef.fk_object = t.id)"; // Modification VMR Global Solutions to include extrafields as search parameters in the API GET call, so we will be able to filter on extrafields
|
||||
if (isModEnabled("societe")) {
|
||||
if ((!DolibarrApiAccess::$user->rights->societe->client->voir && !$socid) || $search_sale > 0) {
|
||||
$sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; // We need this table joined to the select in order to filter by sale
|
||||
}
|
||||
}
|
||||
$sql .= " FROM ".MAIN_DB_PREFIX."actioncomm AS t";
|
||||
$sql .= " LEFT JOIN ".MAIN_DB_PREFIX."actioncomm_extrafields AS ef ON (ef.fk_object = t.id)"; // Modification VMR Global Solutions to include extrafields as search parameters in the API GET call, so we will be able to filter on extrafields
|
||||
$sql .= ' WHERE t.entity IN ('.getEntity('agenda').')';
|
||||
if (isModEnabled("societe")) {
|
||||
if ((!DolibarrApiAccess::$user->rights->societe->client->voir && !$socid) || $search_sale > 0) {
|
||||
$sql .= " AND t.fk_soc = sc.fk_soc";
|
||||
}
|
||||
}
|
||||
if ($user_ids) {
|
||||
$sql .= " AND t.fk_user_action IN (".$this->db->sanitize($user_ids).")";
|
||||
}
|
||||
if ($socid > 0) {
|
||||
$sql .= " AND t.fk_soc = ".((int) $socid);
|
||||
}
|
||||
// Insert sale filter
|
||||
if ($search_sale > 0) {
|
||||
$sql .= " AND sc.fk_user = ".((int) $search_sale);
|
||||
// Search on sale representative
|
||||
if ($search_sale && $search_sale != '-1') {
|
||||
if ($search_sale == -2) {
|
||||
$sql .= " AND NOT EXISTS (SELECT sc.fk_soc FROM ".MAIN_DB_PREFIX."societe_commerciaux as sc WHERE sc.fk_soc = t.fk_soc)";
|
||||
} elseif ($search_sale > 0) {
|
||||
$sql .= " AND EXISTS (SELECT sc.fk_soc FROM ".MAIN_DB_PREFIX."societe_commerciaux as sc WHERE sc.fk_soc = t.fk_soc AND sc.fk_user = ".((int) $search_sale).")";
|
||||
}
|
||||
}
|
||||
// Add sql filters
|
||||
if ($sqlfilters) {
|
||||
|
|
|
|||
|
|
@ -174,34 +174,24 @@ class Proposals extends DolibarrApi
|
|||
|
||||
// If the internal user must only see his customers, force searching by him
|
||||
$search_sale = 0;
|
||||
if (!DolibarrApiAccess::$user->rights->societe->client->voir && !$socids) {
|
||||
if (!DolibarrApiAccess::$user->rights->hasRight('societe', 'client', 'voir') && !$socids) {
|
||||
$search_sale = DolibarrApiAccess::$user->id;
|
||||
}
|
||||
|
||||
$sql = "SELECT t.rowid";
|
||||
if ((!DolibarrApiAccess::$user->rights->societe->client->voir && !$socids) || $search_sale > 0) {
|
||||
$sql .= ", sc.fk_soc, sc.fk_user"; // We need these fields in order to filter by sale (including the case where the user can only see his prospects)
|
||||
}
|
||||
$sql .= " FROM ".MAIN_DB_PREFIX."propal AS t LEFT JOIN ".MAIN_DB_PREFIX."propal_extrafields AS ef ON (ef.fk_object = t.rowid)"; // Modification VMR Global Solutions to include extrafields as search parameters in the API GET call, so we will be able to filter on extrafields
|
||||
|
||||
|
||||
if ((!DolibarrApiAccess::$user->rights->societe->client->voir && !$socids) || $search_sale > 0) {
|
||||
$sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; // We need this table joined to the select in order to filter by sale
|
||||
}
|
||||
|
||||
$sql .= " FROM ".MAIN_DB_PREFIX."propal AS t";
|
||||
$sql .= " LEFT JOIN ".MAIN_DB_PREFIX."propal_extrafields AS ef ON (ef.fk_object = t.rowid)"; // Modification VMR Global Solutions to include extrafields as search parameters in the API GET call, so we will be able to filter on extrafields
|
||||
$sql .= ' WHERE t.entity IN ('.getEntity('propal').')';
|
||||
if ((!DolibarrApiAccess::$user->rights->societe->client->voir && !$socids) || $search_sale > 0) {
|
||||
$sql .= " AND t.fk_soc = sc.fk_soc";
|
||||
}
|
||||
if ($socids) {
|
||||
$sql .= " AND t.fk_soc IN (".$this->db->sanitize($socids).")";
|
||||
}
|
||||
if ($search_sale > 0) {
|
||||
$sql .= " AND t.rowid = sc.fk_soc"; // Join for the needed table to filter by sale
|
||||
}
|
||||
// Insert sale filter
|
||||
if ($search_sale > 0) {
|
||||
$sql .= " AND sc.fk_user = ".((int) $search_sale);
|
||||
// Search on sale representative
|
||||
if ($search_sale && $search_sale != '-1') {
|
||||
if ($search_sale == -2) {
|
||||
$sql .= " AND NOT EXISTS (SELECT sc.fk_soc FROM ".MAIN_DB_PREFIX."societe_commerciaux as sc WHERE sc.fk_soc = t.fk_soc)";
|
||||
} elseif ($search_sale > 0) {
|
||||
$sql .= " AND EXISTS (SELECT sc.fk_soc FROM ".MAIN_DB_PREFIX."societe_commerciaux as sc WHERE sc.fk_soc = t.fk_soc AND sc.fk_user = ".((int) $search_sale).")";
|
||||
}
|
||||
}
|
||||
// Add sql filters
|
||||
if ($sqlfilters) {
|
||||
|
|
|
|||
|
|
@ -181,28 +181,19 @@ class Orders extends DolibarrApi
|
|||
}
|
||||
|
||||
$sql = "SELECT t.rowid";
|
||||
if ((!DolibarrApiAccess::$user->rights->societe->client->voir && !$socids) || $search_sale > 0) {
|
||||
$sql .= ", sc.fk_soc, sc.fk_user"; // We need these fields in order to filter by sale (including the case where the user can only see his prospects)
|
||||
}
|
||||
$sql .= " FROM ".MAIN_DB_PREFIX."commande AS t LEFT JOIN ".MAIN_DB_PREFIX."commande_extrafields AS ef ON (ef.fk_object = t.rowid)"; // Modification VMR Global Solutions to include extrafields as search parameters in the API GET call, so we will be able to filter on extrafields
|
||||
|
||||
if ((!DolibarrApiAccess::$user->rights->societe->client->voir && !$socids) || $search_sale > 0) {
|
||||
$sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; // We need this table joined to the select in order to filter by sale
|
||||
}
|
||||
|
||||
$sql .= " FROM ".MAIN_DB_PREFIX."commande AS t";
|
||||
$sql .= " LEFT JOIN ".MAIN_DB_PREFIX."commande_extrafields AS ef ON (ef.fk_object = t.rowid)"; // Modification VMR Global Solutions to include extrafields as search parameters in the API GET call, so we will be able to filter on extrafields
|
||||
$sql .= ' WHERE t.entity IN ('.getEntity('commande').')';
|
||||
if ((!DolibarrApiAccess::$user->rights->societe->client->voir && !$socids) || $search_sale > 0) {
|
||||
$sql .= " AND t.fk_soc = sc.fk_soc";
|
||||
}
|
||||
if ($socids) {
|
||||
$sql .= " AND t.fk_soc IN (".$this->db->sanitize($socids).")";
|
||||
}
|
||||
if ($search_sale > 0) {
|
||||
$sql .= " AND t.rowid = sc.fk_soc"; // Join for the needed table to filter by sale
|
||||
}
|
||||
// Insert sale filter
|
||||
if ($search_sale > 0) {
|
||||
$sql .= " AND sc.fk_user = ".((int) $search_sale);
|
||||
// Search on sale representative
|
||||
if ($search_sale && $search_sale != '-1') {
|
||||
if ($search_sale == -2) {
|
||||
$sql .= " AND NOT EXISTS (SELECT sc.fk_soc FROM ".MAIN_DB_PREFIX."societe_commerciaux as sc WHERE sc.fk_soc = t.fk_soc)";
|
||||
} elseif ($search_sale > 0) {
|
||||
$sql .= " AND EXISTS (SELECT sc.fk_soc FROM ".MAIN_DB_PREFIX."societe_commerciaux as sc WHERE sc.fk_soc = t.fk_soc AND sc.fk_user = ".((int) $search_sale).")";
|
||||
}
|
||||
}
|
||||
// Add sql filters
|
||||
if ($sqlfilters) {
|
||||
|
|
|
|||
|
|
@ -197,27 +197,20 @@ class Invoices extends DolibarrApi
|
|||
}
|
||||
|
||||
$sql = "SELECT t.rowid";
|
||||
if ((!DolibarrApiAccess::$user->rights->societe->client->voir && !$socids) || $search_sale > 0) {
|
||||
$sql .= ", sc.fk_soc, sc.fk_user"; // We need these fields in order to filter by sale (including the case where the user can only see his prospects)
|
||||
}
|
||||
$sql .= " FROM ".MAIN_DB_PREFIX."facture AS t LEFT JOIN ".MAIN_DB_PREFIX."facture_extrafields AS ef ON (ef.fk_object = t.rowid)"; // Modification VMR Global Solutions to include extrafields as search parameters in the API GET call, so we will be able to filter on extrafields
|
||||
|
||||
if ((!DolibarrApiAccess::$user->rights->societe->client->voir && !$socids) || $search_sale > 0) {
|
||||
$sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; // We need this table joined to the select in order to filter by sale
|
||||
}
|
||||
|
||||
$sql .= " FROM ".MAIN_DB_PREFIX."facture AS t";
|
||||
$sql .= " LEFT JOIN ".MAIN_DB_PREFIX."facture_extrafields AS ef ON (ef.fk_object = t.rowid)"; // Modification VMR Global Solutions to include extrafields as search parameters in the API GET call, so we will be able to filter on extrafields
|
||||
$sql .= ' WHERE t.entity IN ('.getEntity('invoice').')';
|
||||
if ((!DolibarrApiAccess::$user->rights->societe->client->voir && !$socids) || $search_sale > 0) {
|
||||
$sql .= " AND t.fk_soc = sc.fk_soc";
|
||||
}
|
||||
if ($socids) {
|
||||
$sql .= " AND t.fk_soc IN (".$this->db->sanitize($socids).")";
|
||||
}
|
||||
|
||||
if ($search_sale > 0) {
|
||||
$sql .= " AND t.rowid = sc.fk_soc"; // Join for the needed table to filter by sale
|
||||
// Search on sale representative
|
||||
if ($search_sale && $search_sale != '-1') {
|
||||
if ($search_sale == -2) {
|
||||
$sql .= " AND NOT EXISTS (SELECT sc.fk_soc FROM ".MAIN_DB_PREFIX."societe_commerciaux as sc WHERE sc.fk_soc = t.fk_soc)";
|
||||
} elseif ($search_sale > 0) {
|
||||
$sql .= " AND EXISTS (SELECT sc.fk_soc FROM ".MAIN_DB_PREFIX."societe_commerciaux as sc WHERE sc.fk_soc = t.fk_soc AND sc.fk_user = ".((int) $search_sale).")";
|
||||
}
|
||||
}
|
||||
|
||||
// Filter by status
|
||||
if ($status == 'draft') {
|
||||
$sql .= " AND t.fk_statut IN (0)";
|
||||
|
|
@ -231,10 +224,6 @@ class Invoices extends DolibarrApi
|
|||
if ($status == 'cancelled') {
|
||||
$sql .= " AND t.fk_statut IN (3)";
|
||||
}
|
||||
// Insert sale filter
|
||||
if ($search_sale > 0) {
|
||||
$sql .= " AND sc.fk_user = ".((int) $search_sale);
|
||||
}
|
||||
// Add sql filters
|
||||
if ($sqlfilters) {
|
||||
$errormessage = '';
|
||||
|
|
|
|||
|
|
@ -121,28 +121,18 @@ class Contracts extends DolibarrApi
|
|||
}
|
||||
|
||||
$sql = "SELECT t.rowid";
|
||||
if ((!DolibarrApiAccess::$user->rights->societe->client->voir && !$socids) || $search_sale > 0) {
|
||||
$sql .= ", sc.fk_soc, sc.fk_user"; // We need these fields in order to filter by sale (including the case where the user can only see his prospects)
|
||||
}
|
||||
$sql .= " FROM ".MAIN_DB_PREFIX."contrat AS t LEFT JOIN ".MAIN_DB_PREFIX."contrat_extrafields AS ef ON (ef.fk_object = t.rowid)"; // Modification VMR Global Solutions to include extrafields as search parameters in the API GET call, so we will be able to filter on extrafields
|
||||
|
||||
if ((!DolibarrApiAccess::$user->rights->societe->client->voir && !$socids) || $search_sale > 0) {
|
||||
$sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; // We need this table joined to the select in order to filter by sale
|
||||
}
|
||||
|
||||
$sql .= ' WHERE t.entity IN ('.getEntity('contrat').')';
|
||||
if ((!DolibarrApiAccess::$user->rights->societe->client->voir && !$socids) || $search_sale > 0) {
|
||||
$sql .= " AND t.fk_soc = sc.fk_soc";
|
||||
}
|
||||
if ($socids) {
|
||||
$sql .= " AND t.fk_soc IN (".$this->db->sanitize($socids).")";
|
||||
}
|
||||
if ($search_sale > 0) {
|
||||
$sql .= " AND t.rowid = sc.fk_soc"; // Join for the needed table to filter by sale
|
||||
}
|
||||
// Insert sale filter
|
||||
if ($search_sale > 0) {
|
||||
$sql .= " AND sc.fk_user = ".((int) $search_sale);
|
||||
// Search on sale representative
|
||||
if ($search_sale && $search_sale != '-1') {
|
||||
if ($search_sale == -2) {
|
||||
$sql .= " AND NOT EXISTS (SELECT sc.fk_soc FROM ".MAIN_DB_PREFIX."societe_commerciaux as sc WHERE sc.fk_soc = t.fk_soc)";
|
||||
} elseif ($search_sale > 0) {
|
||||
$sql .= " AND EXISTS (SELECT sc.fk_soc FROM ".MAIN_DB_PREFIX."societe_commerciaux as sc WHERE sc.fk_soc = t.fk_soc AND sc.fk_user = ".((int) $search_sale).")";
|
||||
}
|
||||
}
|
||||
// Add sql filters
|
||||
if ($sqlfilters) {
|
||||
|
|
|
|||
|
|
@ -119,28 +119,19 @@ class Shipments extends DolibarrApi
|
|||
}
|
||||
|
||||
$sql = "SELECT t.rowid";
|
||||
if ((!DolibarrApiAccess::$user->rights->societe->client->voir && !$socids) || $search_sale > 0) {
|
||||
$sql .= ", sc.fk_soc, sc.fk_user"; // We need these fields in order to filter by sale (including the case where the user can only see his prospects)
|
||||
}
|
||||
$sql .= " FROM ".MAIN_DB_PREFIX."expedition AS t LEFT JOIN ".MAIN_DB_PREFIX."expedition_extrafields AS ef ON (ef.fk_object = t.rowid)"; // Modification VMR Global Solutions to include extrafields as search parameters in the API GET call, so we will be able to filter on extrafields
|
||||
|
||||
if ((!DolibarrApiAccess::$user->rights->societe->client->voir && !$socids) || $search_sale > 0) {
|
||||
$sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; // We need this table joined to the select in order to filter by sale
|
||||
}
|
||||
|
||||
$sql .= " FROM ".MAIN_DB_PREFIX."expedition AS t";
|
||||
$sql .= " LEFT JOIN ".MAIN_DB_PREFIX."expedition_extrafields AS ef ON (ef.fk_object = t.rowid)"; // Modification VMR Global Solutions to include extrafields as search parameters in the API GET call, so we will be able to filter on extrafields
|
||||
$sql .= ' WHERE t.entity IN ('.getEntity('expedition').')';
|
||||
if ((!DolibarrApiAccess::$user->rights->societe->client->voir && !$socids) || $search_sale > 0) {
|
||||
$sql .= " AND t.fk_soc = sc.fk_soc";
|
||||
}
|
||||
if ($socids) {
|
||||
$sql .= " AND t.fk_soc IN (".$this->db->sanitize($socids).")";
|
||||
}
|
||||
if ($search_sale > 0) {
|
||||
$sql .= " AND t.rowid = sc.fk_soc"; // Join for the needed table to filter by sale
|
||||
}
|
||||
// Insert sale filter
|
||||
if ($search_sale > 0) {
|
||||
$sql .= " AND sc.fk_user = ".((int) $search_sale);
|
||||
// Search on sale representative
|
||||
if ($search_sale && $search_sale != '-1') {
|
||||
if ($search_sale == -2) {
|
||||
$sql .= " AND NOT EXISTS (SELECT sc.fk_soc FROM ".MAIN_DB_PREFIX."societe_commerciaux as sc WHERE sc.fk_soc = t.fk_soc)";
|
||||
} elseif ($search_sale > 0) {
|
||||
$sql .= " AND EXISTS (SELECT sc.fk_soc FROM ".MAIN_DB_PREFIX."societe_commerciaux as sc WHERE sc.fk_soc = t.fk_soc AND sc.fk_user = ".((int) $search_sale).")";
|
||||
}
|
||||
}
|
||||
// Add sql filters
|
||||
if ($sqlfilters) {
|
||||
|
|
|
|||
|
|
@ -130,28 +130,18 @@ class Interventions extends DolibarrApi
|
|||
}
|
||||
|
||||
$sql = "SELECT t.rowid";
|
||||
if ((!DolibarrApiAccess::$user->rights->societe->client->voir && !$socids) || $search_sale > 0) {
|
||||
$sql .= ", sc.fk_soc, sc.fk_user"; // We need these fields in order to filter by sale (including the case where the user can only see his prospects)
|
||||
}
|
||||
$sql .= " FROM ".MAIN_DB_PREFIX."fichinter AS t LEFT JOIN ".MAIN_DB_PREFIX."fichinter_extrafields AS ef ON (ef.fk_object = t.rowid)"; // Modification VMR Global Solutions to include extrafields as search parameters in the API GET call, so we will be able to filter on extrafields
|
||||
|
||||
if ((!DolibarrApiAccess::$user->rights->societe->client->voir && !$socids) || $search_sale > 0) {
|
||||
$sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; // We need this table joined to the select in order to filter by sale
|
||||
}
|
||||
|
||||
$sql .= ' WHERE t.entity IN ('.getEntity('intervention').')';
|
||||
if ((!DolibarrApiAccess::$user->rights->societe->client->voir && !$socids) || $search_sale > 0) {
|
||||
$sql .= " AND t.fk_soc = sc.fk_soc";
|
||||
}
|
||||
if ($socids) {
|
||||
$sql .= " AND t.fk_soc IN (".$this->db->sanitize($socids).")";
|
||||
}
|
||||
if ($search_sale > 0) {
|
||||
$sql .= " AND t.rowid = sc.fk_soc"; // Join for the needed table to filter by sale
|
||||
}
|
||||
// Insert sale filter
|
||||
if ($search_sale > 0) {
|
||||
$sql .= " AND sc.fk_user = ".((int) $search_sale);
|
||||
// Search on sale representative
|
||||
if ($search_sale && $search_sale != '-1') {
|
||||
if ($search_sale == -2) {
|
||||
$sql .= " AND NOT EXISTS (SELECT sc.fk_soc FROM ".MAIN_DB_PREFIX."societe_commerciaux as sc WHERE sc.fk_soc = t.fk_soc)";
|
||||
} elseif ($search_sale > 0) {
|
||||
$sql .= " AND EXISTS (SELECT sc.fk_soc FROM ".MAIN_DB_PREFIX."societe_commerciaux as sc WHERE sc.fk_soc = t.fk_soc AND sc.fk_user = ".((int) $search_sale).")";
|
||||
}
|
||||
}
|
||||
// Add sql filters
|
||||
if ($sqlfilters) {
|
||||
|
|
|
|||
|
|
@ -119,28 +119,12 @@ class SupplierInvoices extends DolibarrApi
|
|||
}
|
||||
|
||||
$sql = "SELECT t.rowid";
|
||||
// We need these fields in order to filter by sale (including the case where the user can only see his prospects)
|
||||
if (!DolibarrApiAccess::$user->hasRight("societe", "client", "voir") || $search_sale > 0) {
|
||||
$sql .= ", sc.fk_soc, sc.fk_user";
|
||||
}
|
||||
$sql .= " FROM " . MAIN_DB_PREFIX . "facture_fourn AS t LEFT JOIN " . MAIN_DB_PREFIX . "facture_fourn_extrafields AS ef ON (ef.fk_object = t.rowid)"; // Modification VMR Global Solutions to include extrafields as search parameters in the API GET call, so we will be able to filter on extrafields
|
||||
|
||||
// We need this table joined to the select in order to filter by sale
|
||||
if (!DolibarrApiAccess::$user->hasRight("societe", "client", "voir") || $search_sale > 0) {
|
||||
$sql .= ", " . MAIN_DB_PREFIX . "societe_commerciaux as sc";
|
||||
}
|
||||
|
||||
$sql .= " FROM " . MAIN_DB_PREFIX . "facture_fourn AS t";
|
||||
$sql .= " LEFT JOIN " . MAIN_DB_PREFIX . "facture_fourn_extrafields AS ef ON (ef.fk_object = t.rowid)"; // Modification VMR Global Solutions to include extrafields as search parameters in the API GET call, so we will be able to filter on extrafields
|
||||
$sql .= ' WHERE t.entity IN (' . getEntity('supplier_invoice') . ')';
|
||||
if (!DolibarrApiAccess::$user->hasRight("societe", "client", "voir") || $search_sale > 0) {
|
||||
$sql .= " AND t.fk_soc = sc.fk_soc";
|
||||
}
|
||||
if ($socids) {
|
||||
$sql .= " AND t.fk_soc IN (" . $this->db->sanitize($socids) . ")";
|
||||
}
|
||||
if ($search_sale > 0) {
|
||||
$sql .= " AND t.rowid = sc.fk_soc"; // Join for the needed table to filter by sale
|
||||
}
|
||||
|
||||
// Filter by status
|
||||
if ($status == 'draft') {
|
||||
$sql .= " AND t.fk_statut IN (0)";
|
||||
|
|
@ -154,9 +138,13 @@ class SupplierInvoices extends DolibarrApi
|
|||
if ($status == 'cancelled') {
|
||||
$sql .= " AND t.fk_statut IN (3)";
|
||||
}
|
||||
// Insert sale filter
|
||||
if ($search_sale > 0) {
|
||||
$sql .= " AND sc.fk_user = " . ((int) $search_sale);
|
||||
// Search on sale representative
|
||||
if ($search_sale && $search_sale != '-1') {
|
||||
if ($search_sale == -2) {
|
||||
$sql .= " AND NOT EXISTS (SELECT sc.fk_soc FROM ".MAIN_DB_PREFIX."societe_commerciaux as sc WHERE sc.fk_soc = t.fk_soc)";
|
||||
} elseif ($search_sale > 0) {
|
||||
$sql .= " AND EXISTS (SELECT sc.fk_soc FROM ".MAIN_DB_PREFIX."societe_commerciaux as sc WHERE sc.fk_soc = t.fk_soc AND sc.fk_user = ".((int) $search_sale).")";
|
||||
}
|
||||
}
|
||||
// Add sql filters
|
||||
if ($sqlfilters) {
|
||||
|
|
|
|||
|
|
@ -117,30 +117,18 @@ class SupplierOrders extends DolibarrApi
|
|||
}
|
||||
|
||||
$sql = "SELECT t.rowid";
|
||||
if ((!DolibarrApiAccess::$user->hasRight("societe", "client", "voir")) || $search_sale > 0) {
|
||||
$sql .= ", sc.fk_soc, sc.fk_user"; // We need these fields in order to filter by sale (including the case where the user can only see his prospects)
|
||||
}
|
||||
$sql .= " FROM ".MAIN_DB_PREFIX."commande_fournisseur AS t LEFT JOIN ".MAIN_DB_PREFIX."commande_fournisseur_extrafields AS ef ON (ef.fk_object = t.rowid)"; // Modification VMR Global Solutions to include extrafields as search parameters in the API GET call, so we will be able to filter on extrafields
|
||||
|
||||
if ((!DolibarrApiAccess::$user->hasRight("societe", "client", "voir")) || $search_sale > 0) {
|
||||
$sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; // We need this table joined to the select in order to filter by sale
|
||||
}
|
||||
|
||||
$sql .= " FROM ".MAIN_DB_PREFIX."commande_fournisseur AS t";
|
||||
$sql .= " LEFT JOIN ".MAIN_DB_PREFIX."commande_fournisseur_extrafields AS ef ON (ef.fk_object = t.rowid)"; // Modification VMR Global Solutions to include extrafields as search parameters in the API GET call, so we will be able to filter on extrafields
|
||||
if (!empty($product_ids)) {
|
||||
$sql .= ", ".MAIN_DB_PREFIX."commande_fournisseurdet as cd"; // We need this table joined to the select in order to filter by product
|
||||
}
|
||||
|
||||
$sql .= ' WHERE t.entity IN ('.getEntity('supplier_order').')';
|
||||
if ((!DolibarrApiAccess::$user->hasRight("societe", "client", "voir")) || $search_sale > 0) {
|
||||
$sql .= " AND t.fk_soc = sc.fk_soc";
|
||||
}
|
||||
if (!empty($product_ids)) {
|
||||
$sql .= " AND cd.fk_commande = t.rowid AND cd.fk_product IN (".$this->db->sanitize($product_ids).")";
|
||||
}
|
||||
if ($socids) {
|
||||
$sql .= " AND t.fk_soc IN (".$this->db->sanitize($socids).")";
|
||||
}
|
||||
|
||||
// Filter by status
|
||||
if ($status == 'draft') {
|
||||
$sql .= " AND t.fk_statut IN (0)";
|
||||
|
|
@ -166,9 +154,13 @@ class SupplierOrders extends DolibarrApi
|
|||
if ($status == 'refused') {
|
||||
$sql .= " AND t.fk_statut IN (9)";
|
||||
}
|
||||
// Insert sale filter
|
||||
if ($search_sale > 0) {
|
||||
$sql .= " AND sc.fk_user = ".((int) $search_sale);
|
||||
// Search on sale representative
|
||||
if ($search_sale && $search_sale != '-1') {
|
||||
if ($search_sale == -2) {
|
||||
$sql .= " AND NOT EXISTS (SELECT sc.fk_soc FROM ".MAIN_DB_PREFIX."societe_commerciaux as sc WHERE sc.fk_soc = t.fk_soc)";
|
||||
} elseif ($search_sale > 0) {
|
||||
$sql .= " AND EXISTS (SELECT sc.fk_soc FROM ".MAIN_DB_PREFIX."societe_commerciaux as sc WHERE sc.fk_soc = t.fk_soc AND sc.fk_user = ".((int) $search_sale).")";
|
||||
}
|
||||
}
|
||||
// Add sql filters
|
||||
if ($sqlfilters) {
|
||||
|
|
|
|||
|
|
@ -136,8 +136,6 @@ class KnowledgeManagement extends DolibarrApi
|
|||
*/
|
||||
public function index($sortfield = "t.rowid", $sortorder = 'ASC', $limit = 100, $page = 0, $category = 0, $sqlfilters = '', $properties = '')
|
||||
{
|
||||
global $db, $conf;
|
||||
|
||||
$obj_ret = array();
|
||||
$tmpobject = new KnowledgeRecord($this->db);
|
||||
|
||||
|
|
@ -145,7 +143,7 @@ class KnowledgeManagement extends DolibarrApi
|
|||
throw new RestException(401);
|
||||
}
|
||||
|
||||
$socid = DolibarrApiAccess::$user->socid ? DolibarrApiAccess::$user->socid : '';
|
||||
$socid = DolibarrApiAccess::$user->socid ? DolibarrApiAccess::$user->socid : 0;
|
||||
|
||||
$restrictonsocid = 0; // Set to 1 if there is a field socid in table of object
|
||||
|
||||
|
|
@ -156,38 +154,25 @@ class KnowledgeManagement extends DolibarrApi
|
|||
}
|
||||
|
||||
$sql = "SELECT t.rowid";
|
||||
if ($restrictonsocid && (!DolibarrApiAccess::$user->rights->societe->client->voir && !$socid) || $search_sale > 0) {
|
||||
$sql .= ", sc.fk_soc, sc.fk_user"; // We need these fields in order to filter by sale (including the case where the user can only see his prospects)
|
||||
}
|
||||
$sql .= " FROM ".MAIN_DB_PREFIX.$tmpobject->table_element." AS t LEFT JOIN ".MAIN_DB_PREFIX.$tmpobject->table_element."_extrafields AS ef ON (ef.fk_object = t.rowid)"; // Modification VMR Global Solutions to include extrafields as search parameters in the API GET call, so we will be able to filter on extrafields
|
||||
|
||||
if ($restrictonsocid && (!DolibarrApiAccess::$user->rights->societe->client->voir && !$socid) || $search_sale > 0) {
|
||||
$sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; // We need this table joined to the select in order to filter by sale
|
||||
}
|
||||
$sql .= " FROM ".MAIN_DB_PREFIX.$tmpobject->table_element." AS t";
|
||||
$sql .= " LEFT JOIN ".MAIN_DB_PREFIX.$tmpobject->table_element."_extrafields AS ef ON (ef.fk_object = t.rowid)"; // Modification VMR Global Solutions to include extrafields as search parameters in the API GET call, so we will be able to filter on extrafields
|
||||
if ($category > 0) {
|
||||
$sql .= ", ".$this->db->prefix()."categorie_knowledgemanagement as c";
|
||||
}
|
||||
$sql .= " WHERE 1 = 1";
|
||||
|
||||
// Example of use $mode
|
||||
//if ($mode == 1) $sql.= " AND s.client IN (1, 3)";
|
||||
//if ($mode == 2) $sql.= " AND s.client IN (2, 3)";
|
||||
|
||||
if ($tmpobject->ismultientitymanaged) {
|
||||
$sql .= ' AND t.entity IN ('.getEntity($tmpobject->element).')';
|
||||
}
|
||||
if ($restrictonsocid && (!DolibarrApiAccess::$user->rights->societe->client->voir && !$socid) || $search_sale > 0) {
|
||||
$sql .= " AND t.fk_soc = sc.fk_soc";
|
||||
}
|
||||
if ($restrictonsocid && $socid) {
|
||||
$sql .= " AND t.fk_soc = ".((int) $socid);
|
||||
}
|
||||
if ($restrictonsocid && $search_sale > 0) {
|
||||
$sql .= " AND t.rowid = sc.fk_soc"; // Join for the needed table to filter by sale
|
||||
}
|
||||
// Insert sale filter
|
||||
if ($restrictonsocid && $search_sale > 0) {
|
||||
$sql .= " AND sc.fk_user = ".((int) $search_sale);
|
||||
// Search on sale representative
|
||||
if ($search_sale && $search_sale != '-1') {
|
||||
if ($search_sale == -2) {
|
||||
$sql .= " AND NOT EXISTS (SELECT sc.fk_soc FROM ".MAIN_DB_PREFIX."societe_commerciaux as sc WHERE sc.fk_soc = t.fk_soc)";
|
||||
} elseif ($search_sale > 0) {
|
||||
$sql .= " AND EXISTS (SELECT sc.fk_soc FROM ".MAIN_DB_PREFIX."societe_commerciaux as sc WHERE sc.fk_soc = t.fk_soc AND sc.fk_user = ".((int) $search_sale).")";
|
||||
}
|
||||
}
|
||||
// Select products of given category
|
||||
if ($category > 0) {
|
||||
|
|
|
|||
|
|
@ -107,8 +107,6 @@ class MyModuleApi extends DolibarrApi
|
|||
*/
|
||||
public function index($sortfield = "t.rowid", $sortorder = 'ASC', $limit = 100, $page = 0, $sqlfilters = '', $properties = '')
|
||||
{
|
||||
global $db, $conf;
|
||||
|
||||
$obj_ret = array();
|
||||
$tmpobject = new MyObject($this->db);
|
||||
|
||||
|
|
@ -116,46 +114,36 @@ class MyModuleApi extends DolibarrApi
|
|||
throw new RestException(401);
|
||||
}
|
||||
|
||||
$socid = DolibarrApiAccess::$user->socid ? DolibarrApiAccess::$user->socid : '';
|
||||
$socid = DolibarrApiAccess::$user->socid ? DolibarrApiAccess::$user->socid : 0;
|
||||
|
||||
$restrictonsocid = 0; // Set to 1 if there is a field socid in table of object
|
||||
|
||||
// If the internal user must only see his customers, force searching by him
|
||||
$search_sale = 0;
|
||||
if ($restrictonsocid && !DolibarrApiAccess::$user->rights->societe->client->voir && !$socid) {
|
||||
if ($restrictonsocid && !DolibarrApiAccess::$user->hasRight('societe', 'client', 'voir') && !$socid) {
|
||||
$search_sale = DolibarrApiAccess::$user->id;
|
||||
}
|
||||
if (!isModEnabled('societe')) {
|
||||
$search_sale = 0; // If module thirdparty not enabled, sale representative is something that does not exists
|
||||
}
|
||||
|
||||
$sql = "SELECT t.rowid";
|
||||
if ($restrictonsocid && (!DolibarrApiAccess::$user->rights->societe->client->voir && !$socid) || $search_sale > 0) {
|
||||
$sql .= ", sc.fk_soc, sc.fk_user"; // We need these fields in order to filter by sale (including the case where the user can only see his prospects)
|
||||
}
|
||||
$sql .= " FROM ".MAIN_DB_PREFIX.$tmpobject->table_element." AS t LEFT JOIN ".MAIN_DB_PREFIX.$tmpobject->table_element."_extrafields AS ef ON (ef.fk_object = t.rowid)"; // Modification VMR Global Solutions to include extrafields as search parameters in the API GET call, so we will be able to filter on extrafields
|
||||
|
||||
if ($restrictonsocid && (!DolibarrApiAccess::$user->rights->societe->client->voir && !$socid) || $search_sale > 0) {
|
||||
$sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; // We need this table joined to the select in order to filter by sale
|
||||
}
|
||||
$sql .= " FROM ".MAIN_DB_PREFIX.$tmpobject->table_element." AS t";
|
||||
$sql .= " LEFT JOIN ".MAIN_DB_PREFIX.$tmpobject->table_element."_extrafields AS ef ON (ef.fk_object = t.rowid)"; // Modification VMR Global Solutions to include extrafields as search parameters in the API GET call, so we will be able to filter on extrafields
|
||||
$sql .= " WHERE 1 = 1";
|
||||
|
||||
// Example of use $mode
|
||||
//if ($mode == 1) $sql.= " AND s.client IN (1, 3)";
|
||||
//if ($mode == 2) $sql.= " AND s.client IN (2, 3)";
|
||||
|
||||
if ($tmpobject->ismultientitymanaged) {
|
||||
$sql .= ' AND t.entity IN ('.getEntity($tmpobject->element).')';
|
||||
}
|
||||
if ($restrictonsocid && (!DolibarrApiAccess::$user->rights->societe->client->voir && !$socid) || $search_sale > 0) {
|
||||
$sql .= " AND t.fk_soc = sc.fk_soc";
|
||||
}
|
||||
if ($restrictonsocid && $socid) {
|
||||
$sql .= " AND t.fk_soc = ".((int) $socid);
|
||||
}
|
||||
if ($restrictonsocid && $search_sale > 0) {
|
||||
$sql .= " AND t.rowid = sc.fk_soc"; // Join for the needed table to filter by sale
|
||||
}
|
||||
// Insert sale filter
|
||||
if ($restrictonsocid && $search_sale > 0) {
|
||||
$sql .= " AND sc.fk_user = ".((int) $search_sale);
|
||||
// Search on sale representative
|
||||
if ($search_sale && $search_sale != '-1') {
|
||||
if ($search_sale == -2) {
|
||||
$sql .= " AND NOT EXISTS (SELECT sc.fk_soc FROM ".MAIN_DB_PREFIX."societe_commerciaux as sc WHERE sc.fk_soc = t.fk_soc)";
|
||||
} elseif ($search_sale > 0) {
|
||||
$sql .= " AND EXISTS (SELECT sc.fk_soc FROM ".MAIN_DB_PREFIX."societe_commerciaux as sc WHERE sc.fk_soc = t.fk_soc AND sc.fk_user = ".((int) $search_sale).")";
|
||||
}
|
||||
}
|
||||
if ($sqlfilters) {
|
||||
$errormessage = '';
|
||||
|
|
|
|||
|
|
@ -106,7 +106,7 @@ class Mos extends DolibarrApi
|
|||
$obj_ret = array();
|
||||
$tmpobject = new Mo($this->db);
|
||||
|
||||
$socid = DolibarrApiAccess::$user->socid ? DolibarrApiAccess::$user->socid : '';
|
||||
$socid = DolibarrApiAccess::$user->socid ? DolibarrApiAccess::$user->socid : 0;
|
||||
|
||||
$restrictonsocid = 0; // Set to 1 if there is a field socid in table of object
|
||||
|
||||
|
|
@ -117,35 +117,22 @@ class Mos extends DolibarrApi
|
|||
}
|
||||
|
||||
$sql = "SELECT t.rowid";
|
||||
if ($restrictonsocid && (!DolibarrApiAccess::$user->rights->societe->client->voir && !$socid) || $search_sale > 0) {
|
||||
$sql .= ", sc.fk_soc, sc.fk_user"; // We need these fields in order to filter by sale (including the case where the user can only see his prospects)
|
||||
}
|
||||
$sql .= " FROM ".MAIN_DB_PREFIX.$tmpobject->table_element." AS t LEFT JOIN ".MAIN_DB_PREFIX.$tmpobject->table_element."_extrafields AS ef ON (ef.fk_object = t.rowid)"; // Modification VMR Global Solutions to include extrafields as search parameters in the API GET call, so we will be able to filter on extrafields
|
||||
|
||||
if ($restrictonsocid && (!DolibarrApiAccess::$user->rights->societe->client->voir && !$socid) || $search_sale > 0) {
|
||||
$sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; // We need this table joined to the select in order to filter by sale
|
||||
}
|
||||
$sql .= " FROM ".MAIN_DB_PREFIX.$tmpobject->table_element." AS t";
|
||||
$sql .= " LEFT JOIN ".MAIN_DB_PREFIX.$tmpobject->table_element."_extrafields AS ef ON (ef.fk_object = t.rowid)"; // Modification VMR Global Solutions to include extrafields as search parameters in the API GET call, so we will be able to filter on extrafields
|
||||
$sql .= " WHERE 1 = 1";
|
||||
|
||||
// Example of use $mode
|
||||
//if ($mode == 1) $sql.= " AND s.client IN (1, 3)";
|
||||
//if ($mode == 2) $sql.= " AND s.client IN (2, 3)";
|
||||
|
||||
if ($tmpobject->ismultientitymanaged) {
|
||||
$sql .= ' AND t.entity IN ('.getEntity($tmpobject->element).')';
|
||||
}
|
||||
if ($restrictonsocid && (!DolibarrApiAccess::$user->rights->societe->client->voir && !$socid) || $search_sale > 0) {
|
||||
$sql .= " AND t.fk_soc = sc.fk_soc";
|
||||
}
|
||||
if ($restrictonsocid && $socid) {
|
||||
$sql .= " AND t.fk_soc = ".((int) $socid);
|
||||
}
|
||||
if ($restrictonsocid && $search_sale > 0) {
|
||||
$sql .= " AND t.rowid = sc.fk_soc"; // Join for the needed table to filter by sale
|
||||
}
|
||||
// Insert sale filter
|
||||
if ($restrictonsocid && $search_sale > 0) {
|
||||
$sql .= " AND sc.fk_user = ".((int) $search_sale);
|
||||
// Search on sale representative
|
||||
if ($search_sale && $search_sale != '-1') {
|
||||
if ($search_sale == -2) {
|
||||
$sql .= " AND NOT EXISTS (SELECT sc.fk_soc FROM ".MAIN_DB_PREFIX."societe_commerciaux as sc WHERE sc.fk_soc = t.fk_soc)";
|
||||
} elseif ($search_sale > 0) {
|
||||
$sql .= " AND EXISTS (SELECT sc.fk_soc FROM ".MAIN_DB_PREFIX."societe_commerciaux as sc WHERE sc.fk_soc = t.fk_soc AND sc.fk_user = ".((int) $search_sale).")";
|
||||
}
|
||||
}
|
||||
if ($sqlfilters) {
|
||||
$errormessage = '';
|
||||
|
|
|
|||
|
|
@ -113,7 +113,7 @@ class Partnerships extends DolibarrApi
|
|||
throw new RestException(401);
|
||||
}
|
||||
|
||||
$socid = DolibarrApiAccess::$user->socid ? DolibarrApiAccess::$user->socid : '';
|
||||
$socid = DolibarrApiAccess::$user->socid ? DolibarrApiAccess::$user->socid : 0;
|
||||
|
||||
$restrictonsocid = 0; // Set to 1 if there is a field socid in table of object
|
||||
|
||||
|
|
@ -124,35 +124,22 @@ class Partnerships extends DolibarrApi
|
|||
}
|
||||
|
||||
$sql = "SELECT t.rowid";
|
||||
if ($restrictonsocid && (!DolibarrApiAccess::$user->rights->societe->client->voir && !$socid) || $search_sale > 0) {
|
||||
$sql .= ", sc.fk_soc, sc.fk_user"; // We need these fields in order to filter by sale (including the case where the user can only see his prospects)
|
||||
}
|
||||
$sql .= " FROM ".MAIN_DB_PREFIX.$tmpobject->table_element." AS t LEFT JOIN ".MAIN_DB_PREFIX.$tmpobject->table_element."_extrafields AS ef ON (ef.fk_object = t.rowid)"; // Modification VMR Global Solutions to include extrafields as search parameters in the API GET call, so we will be able to filter on extrafields
|
||||
|
||||
if ($restrictonsocid && (!DolibarrApiAccess::$user->rights->societe->client->voir && !$socid) || $search_sale > 0) {
|
||||
$sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; // We need this table joined to the select in order to filter by sale
|
||||
}
|
||||
$sql .= " FROM ".MAIN_DB_PREFIX.$tmpobject->table_element." AS t";
|
||||
$sql .= " LEFT JOIN ".MAIN_DB_PREFIX.$tmpobject->table_element."_extrafields AS ef ON (ef.fk_object = t.rowid)"; // Modification VMR Global Solutions to include extrafields as search parameters in the API GET call, so we will be able to filter on extrafields
|
||||
$sql .= " WHERE 1 = 1";
|
||||
|
||||
// Example of use $mode
|
||||
//if ($mode == 1) $sql.= " AND s.client IN (1, 3)";
|
||||
//if ($mode == 2) $sql.= " AND s.client IN (2, 3)";
|
||||
|
||||
if ($tmpobject->ismultientitymanaged) {
|
||||
$sql .= ' AND t.entity IN ('.getEntity($tmpobject->element).')';
|
||||
}
|
||||
if ($restrictonsocid && (!DolibarrApiAccess::$user->rights->societe->client->voir && !$socid) || $search_sale > 0) {
|
||||
$sql .= " AND t.fk_soc = sc.fk_soc";
|
||||
}
|
||||
if ($restrictonsocid && $socid) {
|
||||
$sql .= " AND t.fk_soc = ".((int) $socid);
|
||||
}
|
||||
if ($restrictonsocid && $search_sale > 0) {
|
||||
$sql .= " AND t.rowid = sc.fk_soc"; // Join for the needed table to filter by sale
|
||||
}
|
||||
// Insert sale filter
|
||||
if ($restrictonsocid && $search_sale > 0) {
|
||||
$sql .= " AND sc.fk_user = ".((int) $search_sale);
|
||||
// Search on sale representative
|
||||
if ($search_sale && $search_sale != '-1') {
|
||||
if ($search_sale == -2) {
|
||||
$sql .= " AND NOT EXISTS (SELECT sc.fk_soc FROM ".MAIN_DB_PREFIX."societe_commerciaux as sc WHERE sc.fk_soc = t.fk_soc)";
|
||||
} elseif ($search_sale > 0) {
|
||||
$sql .= " AND EXISTS (SELECT sc.fk_soc FROM ".MAIN_DB_PREFIX."societe_commerciaux as sc WHERE sc.fk_soc = t.fk_soc AND sc.fk_user = ".((int) $search_sale).")";
|
||||
}
|
||||
}
|
||||
if ($sqlfilters) {
|
||||
$errormessage = '';
|
||||
|
|
|
|||
|
|
@ -123,31 +123,22 @@ class Projects extends DolibarrApi
|
|||
}
|
||||
|
||||
$sql = "SELECT t.rowid";
|
||||
if ((!DolibarrApiAccess::$user->rights->societe->client->voir && !$socids) || $search_sale > 0) {
|
||||
$sql .= ", sc.fk_soc, sc.fk_user"; // We need these fields in order to filter by sale (including the case where the user can only see his prospects)
|
||||
}
|
||||
$sql .= " FROM ".MAIN_DB_PREFIX."projet as t";
|
||||
$sql .= " LEFT JOIN ".MAIN_DB_PREFIX."projet_extrafields AS ef ON ef.fk_object = t.rowid"; // So we will be able to filter on extrafields
|
||||
if ($category > 0) {
|
||||
$sql .= ", ".MAIN_DB_PREFIX."categorie_project as c";
|
||||
}
|
||||
if ((!DolibarrApiAccess::$user->rights->societe->client->voir && !$socids) || $search_sale > 0) {
|
||||
$sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; // We need this table joined to the select in order to filter by sale
|
||||
}
|
||||
|
||||
$sql .= ' WHERE t.entity IN ('.getEntity('project').')';
|
||||
if ((!DolibarrApiAccess::$user->rights->societe->client->voir && !$socids) || $search_sale > 0) {
|
||||
$sql .= " AND t.fk_soc = sc.fk_soc";
|
||||
}
|
||||
if ($socids) {
|
||||
$sql .= " AND t.fk_soc IN (".$this->db->sanitize($socids).")";
|
||||
}
|
||||
if ($search_sale > 0) {
|
||||
$sql .= " AND t.rowid = sc.fk_soc"; // Join for the needed table to filter by sale
|
||||
}
|
||||
// Insert sale filter
|
||||
if ($search_sale > 0) {
|
||||
$sql .= " AND sc.fk_user = ".((int) $search_sale);
|
||||
// Search on sale representative
|
||||
if ($search_sale && $search_sale != '-1') {
|
||||
if ($search_sale == -2) {
|
||||
$sql .= " AND NOT EXISTS (SELECT sc.fk_soc FROM ".MAIN_DB_PREFIX."societe_commerciaux as sc WHERE sc.fk_soc = t.fk_soc)";
|
||||
} elseif ($search_sale > 0) {
|
||||
$sql .= " AND EXISTS (SELECT sc.fk_soc FROM ".MAIN_DB_PREFIX."societe_commerciaux as sc WHERE sc.fk_soc = t.fk_soc AND sc.fk_user = ".((int) $search_sale).")";
|
||||
}
|
||||
}
|
||||
// Select projects of given category
|
||||
if ($category > 0) {
|
||||
|
|
|
|||
|
|
@ -116,7 +116,7 @@ class Tasks extends DolibarrApi
|
|||
$obj_ret = array();
|
||||
|
||||
// case of external user, $thirdparty_ids param is ignored and replaced by user's socid
|
||||
$socids = DolibarrApiAccess::$user->socid ? DolibarrApiAccess::$user->socid : '';
|
||||
$socids = DolibarrApiAccess::$user->socid ? DolibarrApiAccess::$user->socid : 0;
|
||||
|
||||
// If the internal user must only see his customers, force searching by him
|
||||
$search_sale = 0;
|
||||
|
|
@ -125,28 +125,20 @@ class Tasks extends DolibarrApi
|
|||
}
|
||||
|
||||
$sql = "SELECT t.rowid";
|
||||
if ((!DolibarrApiAccess::$user->rights->societe->client->voir && !$socids) || $search_sale > 0) {
|
||||
$sql .= ", sc.fk_soc, sc.fk_user"; // We need these fields in order to filter by sale (including the case where the user can only see his prospects)
|
||||
}
|
||||
$sql .= " FROM ".MAIN_DB_PREFIX."projet_task AS t LEFT JOIN ".MAIN_DB_PREFIX."projet_task_extrafields AS ef ON (ef.fk_object = t.rowid)"; // Modification VMR Global Solutions to include extrafields as search parameters in the API GET call, so we will be able to filter on extrafields
|
||||
|
||||
if ((!DolibarrApiAccess::$user->rights->societe->client->voir && !$socids) || $search_sale > 0) {
|
||||
$sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; // We need this table joined to the select in order to filter by sale
|
||||
}
|
||||
|
||||
$sql .= " FROM ".MAIN_DB_PREFIX."projet_task AS t";
|
||||
$sql .= " LEFT JOIN ".MAIN_DB_PREFIX."projet_task_extrafields AS ef ON (ef.fk_object = t.rowid)"; // Modification VMR Global Solutions to include extrafields as search parameters in the API GET call, so we will be able to filter on extrafields
|
||||
$sql .= " INNER JOIN ".MAIN_DB_PREFIX."projet AS p ON p.rowid = t.fk_projet";
|
||||
$sql .= ' WHERE t.entity IN ('.getEntity('project').')';
|
||||
if ((!DolibarrApiAccess::$user->rights->societe->client->voir && !$socids) || $search_sale > 0) {
|
||||
$sql .= " AND t.fk_soc = sc.fk_soc";
|
||||
}
|
||||
if ($socids) {
|
||||
$sql .= " AND t.fk_soc IN (".$this->db->sanitize($socids).")";
|
||||
}
|
||||
if ($search_sale > 0) {
|
||||
$sql .= " AND t.rowid = sc.fk_soc"; // Join for the needed table to filter by sale
|
||||
}
|
||||
// Insert sale filter
|
||||
if ($search_sale > 0) {
|
||||
$sql .= " AND sc.fk_user = ".((int) $search_sale);
|
||||
// Search on sale representative
|
||||
if ($search_sale && $search_sale != '-1') {
|
||||
if ($search_sale == -2) {
|
||||
$sql .= " AND NOT EXISTS (SELECT sc.fk_soc FROM ".MAIN_DB_PREFIX."societe_commerciaux as sc WHERE sc.fk_soc = p.fk_soc)";
|
||||
} elseif ($search_sale > 0) {
|
||||
$sql .= " AND EXISTS (SELECT sc.fk_soc FROM ".MAIN_DB_PREFIX."societe_commerciaux as sc WHERE sc.fk_soc = p.fk_soc AND sc.fk_user = ".((int) $search_sale).")";
|
||||
}
|
||||
}
|
||||
// Add sql filters
|
||||
if ($sqlfilters) {
|
||||
|
|
|
|||
|
|
@ -100,8 +100,6 @@ class Receptions extends DolibarrApi
|
|||
*/
|
||||
public function index($sortfield = "t.rowid", $sortorder = 'ASC', $limit = 100, $page = 0, $thirdparty_ids = '', $sqlfilters = '', $properties = '')
|
||||
{
|
||||
global $db, $conf;
|
||||
|
||||
if (!DolibarrApiAccess::$user->rights->reception->lire) {
|
||||
throw new RestException(401);
|
||||
}
|
||||
|
|
@ -118,28 +116,19 @@ class Receptions extends DolibarrApi
|
|||
}
|
||||
|
||||
$sql = "SELECT t.rowid";
|
||||
if ((!DolibarrApiAccess::$user->rights->societe->client->voir && !$socids) || $search_sale > 0) {
|
||||
$sql .= ", sc.fk_soc, sc.fk_user"; // We need these fields in order to filter by sale (including the case where the user can only see his prospects)
|
||||
}
|
||||
$sql .= " FROM ".MAIN_DB_PREFIX."reception AS t LEFT JOIN ".MAIN_DB_PREFIX."reception_extrafields AS ef ON (ef.fk_object = t.rowid)"; // Modification VMR Global Solutions to include extrafields as search parameters in the API GET call, so we will be able to filter on extrafields
|
||||
|
||||
if ((!DolibarrApiAccess::$user->rights->societe->client->voir && !$socids) || $search_sale > 0) {
|
||||
$sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; // We need this table joined to the select in order to filter by sale
|
||||
}
|
||||
|
||||
$sql .= " FROM ".MAIN_DB_PREFIX."reception AS t";
|
||||
$sql .= " LEFT JOIN ".MAIN_DB_PREFIX."reception_extrafields AS ef ON (ef.fk_object = t.rowid)"; // Modification VMR Global Solutions to include extrafields as search parameters in the API GET call, so we will be able to filter on extrafields
|
||||
$sql .= ' WHERE t.entity IN ('.getEntity('reception').')';
|
||||
if ((!DolibarrApiAccess::$user->rights->societe->client->voir && !$socids) || $search_sale > 0) {
|
||||
$sql .= " AND t.fk_soc = sc.fk_soc";
|
||||
}
|
||||
if ($socids) {
|
||||
$sql .= " AND t.fk_soc IN (".$this->db->sanitize($socids).")";
|
||||
}
|
||||
if ($search_sale > 0) {
|
||||
$sql .= " AND t.rowid = sc.fk_soc"; // Join for the needed table to filter by sale
|
||||
}
|
||||
// Insert sale filter
|
||||
if ($search_sale > 0) {
|
||||
$sql .= " AND sc.fk_user = ".((int) $search_sale);
|
||||
// Search on sale representative
|
||||
if ($search_sale && $search_sale != '-1') {
|
||||
if ($search_sale == -2) {
|
||||
$sql .= " AND NOT EXISTS (SELECT sc.fk_soc FROM ".MAIN_DB_PREFIX."societe_commerciaux as sc WHERE sc.fk_soc = t.fk_soc)";
|
||||
} elseif ($search_sale > 0) {
|
||||
$sql .= " AND EXISTS (SELECT sc.fk_soc FROM ".MAIN_DB_PREFIX."societe_commerciaux as sc WHERE sc.fk_soc = t.fk_soc AND sc.fk_user = ".((int) $search_sale).")";
|
||||
}
|
||||
}
|
||||
// Add sql filters
|
||||
if ($sqlfilters) {
|
||||
|
|
|
|||
|
|
@ -143,8 +143,6 @@ class Recruitments extends DolibarrApi
|
|||
*/
|
||||
public function indexJobPosition($sortfield = "t.rowid", $sortorder = 'ASC', $limit = 100, $page = 0, $sqlfilters = '', $properties = '')
|
||||
{
|
||||
global $db, $conf;
|
||||
|
||||
$obj_ret = array();
|
||||
$tmpobject = new RecruitmentJobPosition($this->db);
|
||||
|
||||
|
|
@ -152,7 +150,7 @@ class Recruitments extends DolibarrApi
|
|||
throw new RestException(401);
|
||||
}
|
||||
|
||||
$socid = DolibarrApiAccess::$user->socid ? DolibarrApiAccess::$user->socid : '';
|
||||
$socid = DolibarrApiAccess::$user->socid ? DolibarrApiAccess::$user->socid : 0;
|
||||
|
||||
$restrictonsocid = 0; // Set to 1 if there is a field socid in table of object
|
||||
|
||||
|
|
@ -163,35 +161,22 @@ class Recruitments extends DolibarrApi
|
|||
}
|
||||
|
||||
$sql = "SELECT t.rowid";
|
||||
if ($restrictonsocid && (!DolibarrApiAccess::$user->rights->societe->client->voir && !$socid) || $search_sale > 0) {
|
||||
$sql .= ", sc.fk_soc, sc.fk_user"; // We need these fields in order to filter by sale (including the case where the user can only see his prospects)
|
||||
}
|
||||
$sql .= " FROM ".MAIN_DB_PREFIX.$tmpobject->table_element." AS t LEFT JOIN ".MAIN_DB_PREFIX.$tmpobject->table_element."_extrafields AS ef ON (ef.fk_object = t.rowid)"; // Modification VMR Global Solutions to include extrafields as search parameters in the API GET call, so we will be able to filter on extrafields
|
||||
|
||||
if ($restrictonsocid && (!DolibarrApiAccess::$user->rights->societe->client->voir && !$socid) || $search_sale > 0) {
|
||||
$sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; // We need this table joined to the select in order to filter by sale
|
||||
}
|
||||
$sql .= " FROM ".MAIN_DB_PREFIX.$tmpobject->table_element." AS t";
|
||||
$sql .= " LEFT JOIN ".MAIN_DB_PREFIX.$tmpobject->table_element."_extrafields AS ef ON (ef.fk_object = t.rowid)"; // Modification VMR Global Solutions to include extrafields as search parameters in the API GET call, so we will be able to filter on extrafields
|
||||
$sql .= " WHERE 1 = 1";
|
||||
|
||||
// Example of use $mode
|
||||
//if ($mode == 1) $sql.= " AND s.client IN (1, 3)";
|
||||
//if ($mode == 2) $sql.= " AND s.client IN (2, 3)";
|
||||
|
||||
if ($tmpobject->ismultientitymanaged) {
|
||||
$sql .= ' AND t.entity IN ('.getEntity($tmpobject->element).')';
|
||||
}
|
||||
if ($restrictonsocid && (!DolibarrApiAccess::$user->rights->societe->client->voir && !$socid) || $search_sale > 0) {
|
||||
$sql .= " AND t.fk_soc = sc.fk_soc";
|
||||
}
|
||||
if ($restrictonsocid && $socid) {
|
||||
$sql .= " AND t.fk_soc = ".((int) $socid);
|
||||
}
|
||||
if ($restrictonsocid && $search_sale > 0) {
|
||||
$sql .= " AND t.rowid = sc.fk_soc"; // Join for the needed table to filter by sale
|
||||
}
|
||||
// Insert sale filter
|
||||
if ($restrictonsocid && $search_sale > 0) {
|
||||
$sql .= " AND sc.fk_user = ".((int) $search_sale);
|
||||
// Search on sale representative
|
||||
if ($search_sale && $search_sale != '-1') {
|
||||
if ($search_sale == -2) {
|
||||
$sql .= " AND NOT EXISTS (SELECT sc.fk_soc FROM ".MAIN_DB_PREFIX."societe_commerciaux as sc WHERE sc.fk_soc = t.fk_soc)";
|
||||
} elseif ($search_sale > 0) {
|
||||
$sql .= " AND EXISTS (SELECT sc.fk_soc FROM ".MAIN_DB_PREFIX."societe_commerciaux as sc WHERE sc.fk_soc = t.fk_soc AND sc.fk_user = ".((int) $search_sale).")";
|
||||
}
|
||||
}
|
||||
if ($sqlfilters) {
|
||||
$errormessage = '';
|
||||
|
|
@ -257,7 +242,7 @@ class Recruitments extends DolibarrApi
|
|||
throw new RestException(401);
|
||||
}
|
||||
|
||||
$socid = DolibarrApiAccess::$user->socid ? DolibarrApiAccess::$user->socid : '';
|
||||
$socid = DolibarrApiAccess::$user->socid ? DolibarrApiAccess::$user->socid : 0;
|
||||
|
||||
$restrictonsocid = 0; // Set to 1 if there is a field socid in table of object
|
||||
|
||||
|
|
@ -268,35 +253,22 @@ class Recruitments extends DolibarrApi
|
|||
}
|
||||
|
||||
$sql = "SELECT t.rowid";
|
||||
if ($restrictonsocid && (!DolibarrApiAccess::$user->rights->societe->client->voir && !$socid) || $search_sale > 0) {
|
||||
$sql .= ", sc.fk_soc, sc.fk_user"; // We need these fields in order to filter by sale (including the case where the user can only see his prospects)
|
||||
}
|
||||
$sql .= " FROM ".MAIN_DB_PREFIX.$tmpobject->table_element." AS t LEFT JOIN ".MAIN_DB_PREFIX.$tmpobject->table_element."_extrafields AS ef ON (ef.fk_object = t.rowid)"; // Modification VMR Global Solutions to include extrafields as search parameters in the API GET call, so we will be able to filter on extrafields
|
||||
|
||||
if ($restrictonsocid && (!DolibarrApiAccess::$user->rights->societe->client->voir && !$socid) || $search_sale > 0) {
|
||||
$sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; // We need this table joined to the select in order to filter by sale
|
||||
}
|
||||
$sql .= " FROM ".MAIN_DB_PREFIX.$tmpobject->table_element." AS t";
|
||||
$sql .= " LEFT JOIN ".MAIN_DB_PREFIX.$tmpobject->table_element."_extrafields AS ef ON (ef.fk_object = t.rowid)"; // Modification VMR Global Solutions to include extrafields as search parameters in the API GET call, so we will be able to filter on extrafields
|
||||
$sql .= " WHERE 1 = 1";
|
||||
|
||||
// Example of use $mode
|
||||
//if ($mode == 1) $sql.= " AND s.client IN (1, 3)";
|
||||
//if ($mode == 2) $sql.= " AND s.client IN (2, 3)";
|
||||
|
||||
if ($tmpobject->ismultientitymanaged) {
|
||||
$sql .= ' AND t.entity IN ('.getEntity($tmpobject->element).')';
|
||||
}
|
||||
if ($restrictonsocid && (!DolibarrApiAccess::$user->rights->societe->client->voir && !$socid) || $search_sale > 0) {
|
||||
$sql .= " AND t.fk_soc = sc.fk_soc";
|
||||
}
|
||||
if ($restrictonsocid && $socid) {
|
||||
$sql .= " AND t.fk_soc = ".((int) $socid);
|
||||
}
|
||||
if ($restrictonsocid && $search_sale > 0) {
|
||||
$sql .= " AND t.rowid = sc.fk_soc"; // Join for the needed table to filter by sale
|
||||
}
|
||||
// Insert sale filter
|
||||
if ($restrictonsocid && $search_sale > 0) {
|
||||
$sql .= " AND sc.fk_user = ".((int) $search_sale);
|
||||
// Search on sale representative
|
||||
if ($search_sale && $search_sale != '-1') {
|
||||
if ($search_sale == -2) {
|
||||
$sql .= " AND NOT EXISTS (SELECT sc.fk_soc FROM ".MAIN_DB_PREFIX."societe_commerciaux as sc WHERE sc.fk_soc = t.fk_soc)";
|
||||
} elseif ($search_sale > 0) {
|
||||
$sql .= " AND EXISTS (SELECT sc.fk_soc FROM ".MAIN_DB_PREFIX."societe_commerciaux as sc WHERE sc.fk_soc = t.fk_soc AND sc.fk_user = ".((int) $search_sale).")";
|
||||
}
|
||||
}
|
||||
if ($sqlfilters) {
|
||||
$errormessage = '';
|
||||
|
|
|
|||
|
|
@ -196,27 +196,19 @@ class Contacts extends DolibarrApi
|
|||
$sql .= ", ".MAIN_DB_PREFIX."categorie_contact as c";
|
||||
}
|
||||
$sql .= " LEFT JOIN ".MAIN_DB_PREFIX."socpeople_extrafields as te ON te.fk_object = t.rowid";
|
||||
if ((!DolibarrApiAccess::$user->rights->societe->client->voir && !$socids) || $search_sale > 0) {
|
||||
// We need this table joined to the select in order to filter by sale
|
||||
$sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
|
||||
}
|
||||
$sql .= " LEFT JOIN ".MAIN_DB_PREFIX."societe as s ON t.fk_soc = s.rowid";
|
||||
$sql .= ' WHERE t.entity IN ('.getEntity('contact').')';
|
||||
if ($socids) {
|
||||
$sql .= " AND t.fk_soc IN (".$this->db->sanitize($socids).")";
|
||||
}
|
||||
|
||||
if ((!DolibarrApiAccess::$user->rights->societe->client->voir && !$socids) || $search_sale > 0) {
|
||||
$sql .= " AND t.fk_soc = sc.fk_soc";
|
||||
// Search on sale representative
|
||||
if ($search_sale && $search_sale != '-1') {
|
||||
if ($search_sale == -2) {
|
||||
$sql .= " AND NOT EXISTS (SELECT sc.fk_soc FROM ".MAIN_DB_PREFIX."societe_commerciaux as sc WHERE sc.fk_soc = t.fk_soc)";
|
||||
} elseif ($search_sale > 0) {
|
||||
$sql .= " AND EXISTS (SELECT sc.fk_soc FROM ".MAIN_DB_PREFIX."societe_commerciaux as sc WHERE sc.fk_soc = t.fk_soc AND sc.fk_user = ".((int) $search_sale).")";
|
||||
}
|
||||
}
|
||||
if ($search_sale > 0) {
|
||||
$sql .= " AND s.rowid = sc.fk_soc"; // Join for the needed table to filter by sale
|
||||
}
|
||||
// Insert sale filter
|
||||
if ($search_sale > 0) {
|
||||
$sql .= " AND sc.fk_user = ".((int) $search_sale);
|
||||
}
|
||||
|
||||
// Select contacts of given category
|
||||
if ($category > 0) {
|
||||
$sql .= " AND c.fk_categorie = ".((int) $category);
|
||||
|
|
|
|||
|
|
@ -139,7 +139,7 @@ class Thirdparties extends DolibarrApi
|
|||
}
|
||||
|
||||
// case of external user, we force socids
|
||||
$socids = DolibarrApiAccess::$user->socid ? DolibarrApiAccess::$user->socid : '';
|
||||
$socids = DolibarrApiAccess::$user->socid ? (string) DolibarrApiAccess::$user->socid : '';
|
||||
|
||||
// If the internal user must only see his customers, force searching by him
|
||||
$search_sale = 0;
|
||||
|
|
@ -148,9 +148,6 @@ class Thirdparties extends DolibarrApi
|
|||
}
|
||||
|
||||
$sql = "SELECT t.rowid";
|
||||
if ((!DolibarrApiAccess::$user->rights->societe->client->voir && !$socids) || $search_sale > 0) {
|
||||
$sql .= ", sc.fk_soc, sc.fk_user"; // We need these fields in order to filter by sale (including the case where the user can only see his prospects)
|
||||
}
|
||||
$sql .= " FROM ".MAIN_DB_PREFIX."societe as t";
|
||||
$sql .= " LEFT JOIN ".MAIN_DB_PREFIX."societe_extrafields AS ef ON ef.fk_object = t.rowid"; // So we will be able to filter on extrafields
|
||||
if ($category > 0) {
|
||||
|
|
@ -161,13 +158,9 @@ class Thirdparties extends DolibarrApi
|
|||
$sql .= ", ".MAIN_DB_PREFIX."categorie_fournisseur as cc";
|
||||
}
|
||||
}
|
||||
if ((!DolibarrApiAccess::$user->rights->societe->client->voir && !$socids) || $search_sale > 0) {
|
||||
$sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; // We need this table joined to the select in order to filter by sale
|
||||
}
|
||||
$sql .= ", ".MAIN_DB_PREFIX."c_stcomm as st";
|
||||
$sql .= " WHERE t.entity IN (".getEntity('societe').")";
|
||||
$sql .= " AND t.fk_stcomm = st.id";
|
||||
|
||||
if ($mode == 1) {
|
||||
$sql .= " AND t.client IN (1, 3)";
|
||||
} elseif ($mode == 2) {
|
||||
|
|
@ -177,7 +170,6 @@ class Thirdparties extends DolibarrApi
|
|||
} elseif ($mode == 4) {
|
||||
$sql .= " AND t.fournisseur IN (1)";
|
||||
}
|
||||
|
||||
// Select thirdparties of given category
|
||||
if ($category > 0) {
|
||||
if (!empty($mode) && $mode != 4) {
|
||||
|
|
@ -188,20 +180,16 @@ class Thirdparties extends DolibarrApi
|
|||
$sql .= " AND ((c.fk_categorie = ".((int) $category)." AND c.fk_soc = t.rowid) OR (cc.fk_categorie = ".((int) $category)." AND cc.fk_soc = t.rowid))";
|
||||
}
|
||||
}
|
||||
|
||||
if ((!DolibarrApiAccess::$user->rights->societe->client->voir && !$socids) || $search_sale > 0) {
|
||||
$sql .= " AND t.rowid = sc.fk_soc";
|
||||
}
|
||||
//if ($email != NULL) $sql.= " AND s.email = \"".$email."\"";
|
||||
if ($socids) {
|
||||
$sql .= " AND t.rowid IN (".$this->db->sanitize($socids).")";
|
||||
}
|
||||
if ($search_sale > 0) {
|
||||
$sql .= " AND t.rowid = sc.fk_soc"; // Join for the needed table to filter by sale
|
||||
}
|
||||
// Insert sale filter
|
||||
if ($search_sale > 0) {
|
||||
$sql .= " AND sc.fk_user = ".((int) $search_sale);
|
||||
// Search on sale representative
|
||||
if ($search_sale && $search_sale != '-1') {
|
||||
if ($search_sale == -2) {
|
||||
$sql .= " AND NOT EXISTS (SELECT sc.fk_soc FROM ".MAIN_DB_PREFIX."societe_commerciaux as sc WHERE sc.fk_soc = t.rowid)";
|
||||
} elseif ($search_sale > 0) {
|
||||
$sql .= " AND EXISTS (SELECT sc.fk_soc FROM ".MAIN_DB_PREFIX."societe_commerciaux as sc WHERE sc.fk_soc = t.rowid AND sc.fk_user = ".((int) $search_sale).")";
|
||||
}
|
||||
}
|
||||
// Add sql filters
|
||||
if ($sqlfilters) {
|
||||
|
|
|
|||
|
|
@ -112,28 +112,19 @@ class SupplierProposals extends DolibarrApi
|
|||
}
|
||||
|
||||
$sql = "SELECT t.rowid";
|
||||
if ((!DolibarrApiAccess::$user->rights->societe->client->voir && !$socids) || $search_sale > 0) {
|
||||
$sql .= ", sc.fk_soc, sc.fk_user"; // We need these fields in order to filter by sale (including the case where the user can only see his prospects)
|
||||
}
|
||||
$sql .= " FROM ".MAIN_DB_PREFIX."supplier_proposal AS t LEFT JOIN ".MAIN_DB_PREFIX."supplier_proposal_extrafields AS ef ON (ef.fk_object = t.rowid)"; // Modification VMR Global Solutions to include extrafields as search parameters in the API GET call, so we will be able to filter on extrafields
|
||||
|
||||
if ((!DolibarrApiAccess::$user->rights->societe->client->voir && !$socids) || $search_sale > 0) {
|
||||
$sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; // We need this table joined to the select in order to filter by sale
|
||||
}
|
||||
|
||||
$sql .= " FROM ".MAIN_DB_PREFIX."supplier_proposal AS t";
|
||||
$sql .= " LEFT JOIN ".MAIN_DB_PREFIX."supplier_proposal_extrafields AS ef ON (ef.fk_object = t.rowid)"; // Modification VMR Global Solutions to include extrafields as search parameters in the API GET call, so we will be able to filter on extrafields
|
||||
$sql .= ' WHERE t.entity IN ('.getEntity('propal').')';
|
||||
if ((!DolibarrApiAccess::$user->rights->societe->client->voir && !$socids) || $search_sale > 0) {
|
||||
$sql .= " AND t.fk_soc = sc.fk_soc";
|
||||
}
|
||||
if ($socids) {
|
||||
$sql .= " AND t.fk_soc IN (".$this->db->sanitize($socids).")";
|
||||
}
|
||||
if ($search_sale > 0) {
|
||||
$sql .= " AND t.rowid = sc.fk_soc"; // Join for the needed table to filter by sale
|
||||
}
|
||||
// Insert sale filter
|
||||
if ($search_sale > 0) {
|
||||
$sql .= " AND sc.fk_user = ".((int) $search_sale);
|
||||
// Search on sale representative
|
||||
if ($search_sale && $search_sale != '-1') {
|
||||
if ($search_sale == -2) {
|
||||
$sql .= " AND NOT EXISTS (SELECT sc.fk_soc FROM ".MAIN_DB_PREFIX."societe_commerciaux as sc WHERE sc.fk_soc = t.fk_soc)";
|
||||
} elseif ($search_sale > 0) {
|
||||
$sql .= " AND EXISTS (SELECT sc.fk_soc FROM ".MAIN_DB_PREFIX."societe_commerciaux as sc WHERE sc.fk_soc = t.fk_soc AND sc.fk_user = ".((int) $search_sale).")";
|
||||
}
|
||||
}
|
||||
// Add sql filters
|
||||
if ($sqlfilters) {
|
||||
|
|
|
|||
|
|
@ -201,17 +201,13 @@ class Tickets extends DolibarrApi
|
|||
*/
|
||||
public function index($socid = 0, $sortfield = "t.rowid", $sortorder = "ASC", $limit = 100, $page = 0, $sqlfilters = '', $properties = '')
|
||||
{
|
||||
global $db, $conf;
|
||||
|
||||
if (!DolibarrApiAccess::$user->rights->ticket->read) {
|
||||
throw new RestException(403);
|
||||
}
|
||||
|
||||
$obj_ret = array();
|
||||
|
||||
if (!$socid && DolibarrApiAccess::$user->socid) {
|
||||
$socid = DolibarrApiAccess::$user->socid;
|
||||
}
|
||||
$socid = DolibarrApiAccess::$user->socid ? DolibarrApiAccess::$user->socid : $socid;
|
||||
|
||||
$search_sale = null;
|
||||
// If the internal user must only see his customers, force searching by him
|
||||
|
|
@ -221,29 +217,19 @@ class Tickets extends DolibarrApi
|
|||
}
|
||||
|
||||
$sql = "SELECT t.rowid";
|
||||
if ((!DolibarrApiAccess::$user->rights->societe->client->voir && !$socid) || $search_sale > 0) {
|
||||
$sql .= ", sc.fk_soc, sc.fk_user"; // We need these fields in order to filter by sale (including the case where the user can only see his prospects)
|
||||
}
|
||||
$sql .= " FROM ".MAIN_DB_PREFIX."ticket AS t LEFT JOIN ".MAIN_DB_PREFIX."ticket_extrafields AS ef ON (ef.fk_object = t.rowid)"; // Modification VMR Global Solutions to include extrafields as search parameters in the API GET call, so we will be able to filter on extrafields
|
||||
|
||||
if ((!DolibarrApiAccess::$user->rights->societe->client->voir && !$socid) || $search_sale > 0) {
|
||||
$sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; // We need this table joined to the select in order to filter by sale
|
||||
}
|
||||
|
||||
$sql .= " FROM ".MAIN_DB_PREFIX."ticket AS t";
|
||||
$sql .= " LEFT JOIN ".MAIN_DB_PREFIX."ticket_extrafields AS ef ON (ef.fk_object = t.rowid)"; // Modification VMR Global Solutions to include extrafields as search parameters in the API GET call, so we will be able to filter on extrafields
|
||||
$sql .= ' WHERE t.entity IN ('.getEntity('ticket', 1).')';
|
||||
if ((!DolibarrApiAccess::$user->rights->societe->client->voir && !$socid) || $search_sale > 0) {
|
||||
$sql .= " AND t.fk_soc = sc.fk_soc";
|
||||
}
|
||||
if ($socid > 0) {
|
||||
$sql .= " AND t.fk_soc = ".((int) $socid);
|
||||
}
|
||||
if ($search_sale > 0) {
|
||||
$sql .= " AND t.rowid = sc.fk_soc"; // Join for the needed table to filter by sale
|
||||
}
|
||||
|
||||
// Insert sale filter
|
||||
if ($search_sale > 0) {
|
||||
$sql .= " AND sc.fk_user = ".((int) $search_sale);
|
||||
// Search on sale representative
|
||||
if ($search_sale && $search_sale != '-1') {
|
||||
if ($search_sale == -2) {
|
||||
$sql .= " AND NOT EXISTS (SELECT sc.fk_soc FROM ".MAIN_DB_PREFIX."societe_commerciaux as sc WHERE sc.fk_soc = t.fk_soc)";
|
||||
} elseif ($search_sale > 0) {
|
||||
$sql .= " AND EXISTS (SELECT sc.fk_soc FROM ".MAIN_DB_PREFIX."societe_commerciaux as sc WHERE sc.fk_soc = t.fk_soc AND sc.fk_user = ".((int) $search_sale).")";
|
||||
}
|
||||
}
|
||||
// Add sql filters
|
||||
if ($sqlfilters) {
|
||||
|
|
|
|||
|
|
@ -56,7 +56,8 @@ class Zapier extends DolibarrApi
|
|||
*/
|
||||
public function __construct()
|
||||
{
|
||||
global $db, $conf;
|
||||
global $db;
|
||||
|
||||
$this->db = $db;
|
||||
$this->hook = new Hook($this->db);
|
||||
}
|
||||
|
|
@ -144,15 +145,13 @@ class Zapier extends DolibarrApi
|
|||
*/
|
||||
public function index($sortfield = "t.rowid", $sortorder = 'ASC', $limit = 100, $page = 0, $sqlfilters = '', $properties = '')
|
||||
{
|
||||
global $db, $conf;
|
||||
|
||||
if (!DolibarrApiAccess::$user->rights->zapier->read) {
|
||||
throw new RestException(401);
|
||||
}
|
||||
|
||||
$obj_ret = array();
|
||||
|
||||
$socid = DolibarrApiAccess::$user->socid ? DolibarrApiAccess::$user->socid : '';
|
||||
$socid = DolibarrApiAccess::$user->socid ? DolibarrApiAccess::$user->socid : 0;
|
||||
|
||||
// Set to 1 if there is a field socid in table of object
|
||||
$restrictonsocid = 0;
|
||||
|
|
@ -164,38 +163,22 @@ class Zapier extends DolibarrApi
|
|||
}
|
||||
|
||||
$sql = "SELECT t.rowid";
|
||||
if ($restrictonsocid && (!DolibarrApiAccess::$user->rights->societe->client->voir && !$socid) || $search_sale > 0) {
|
||||
// We need these fields in order to filter by sale (including the case where the user can only see his prospects)
|
||||
$sql .= ", sc.fk_soc, sc.fk_user";
|
||||
}
|
||||
$sql .= " FROM ".MAIN_DB_PREFIX."hook_mytable as t";
|
||||
|
||||
if ($restrictonsocid && (!DolibarrApiAccess::$user->rights->societe->client->voir && !$socid) || $search_sale > 0) {
|
||||
$sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; // We need this table joined to the select in order to filter by sale
|
||||
}
|
||||
$sql .= " WHERE 1 = 1";
|
||||
|
||||
// Example of use $mode
|
||||
//if ($mode == 1) $sql.= " AND s.client IN (1, 3)";
|
||||
//if ($mode == 2) $sql.= " AND s.client IN (2, 3)";
|
||||
|
||||
$tmpobject = new Hook($this->db);
|
||||
if ($tmpobject->ismultientitymanaged) {
|
||||
$sql .= ' AND t.entity IN ('.getEntity('hook').')';
|
||||
}
|
||||
if ($restrictonsocid && (!DolibarrApiAccess::$user->rights->societe->client->voir && !$socid) || $search_sale > 0) {
|
||||
$sql .= " AND t.fk_soc = sc.fk_soc";
|
||||
}
|
||||
if ($restrictonsocid && $socid) {
|
||||
$sql .= " AND t.fk_soc = ".((int) $socid);
|
||||
}
|
||||
if ($restrictonsocid && $search_sale > 0) {
|
||||
// Join for the needed table to filter by sale
|
||||
$sql .= " AND t.rowid = sc.fk_soc";
|
||||
}
|
||||
// Insert sale filter
|
||||
if ($restrictonsocid && $search_sale > 0) {
|
||||
$sql .= " AND sc.fk_user = ".((int) $search_sale);
|
||||
// Search on sale representative
|
||||
if ($search_sale && $search_sale != '-1') {
|
||||
if ($search_sale == -2) {
|
||||
$sql .= " AND NOT EXISTS (SELECT sc.fk_soc FROM ".MAIN_DB_PREFIX."societe_commerciaux as sc WHERE sc.fk_soc = t.fk_soc)";
|
||||
} elseif ($search_sale > 0) {
|
||||
$sql .= " AND EXISTS (SELECT sc.fk_soc FROM ".MAIN_DB_PREFIX."societe_commerciaux as sc WHERE sc.fk_soc = t.fk_soc AND sc.fk_user = ".((int) $search_sale).")";
|
||||
}
|
||||
}
|
||||
if ($sqlfilters) {
|
||||
$errormessage = '';
|
||||
|
|
|
|||
Loading…
Reference in New Issue
Block a user