19 use Luracast\Restler\RestException;
70 public function get($id)
72 if (!DolibarrApiAccess::$user->rights->mymodule->myobject->read) {
73 throw new RestException(401);
76 $result = $this->myobject->fetch($id);
78 throw new RestException(404,
'MyObject not found');
82 throw new RestException(401,
'Access to instance id='.$this->myobject->id.
' of object not allowed for login '.DolibarrApiAccess::$user->login);
105 public function index($sortfield =
"t.rowid", $sortorder =
'ASC', $limit = 100, $page = 0, $sqlfilters =
'')
112 if (!DolibarrApiAccess::$user->rights->mymodule->myobject->read) {
113 throw new RestException(401);
116 $socid = DolibarrApiAccess::$user->socid ? DolibarrApiAccess::$user->socid :
'';
118 $restrictonsocid = 0;
122 if ($restrictonsocid && !DolibarrApiAccess::$user->rights->societe->client->voir && !$socid) {
123 $search_sale = DolibarrApiAccess::$user->id;
126 $sql =
"SELECT t.rowid";
127 if ($restrictonsocid && (!DolibarrApiAccess::$user->rights->societe->client->voir && !$socid) || $search_sale > 0) {
128 $sql .=
", sc.fk_soc, sc.fk_user";
130 $sql .=
" FROM ".MAIN_DB_PREFIX.$tmpobject->table_element.
" as t";
132 if ($restrictonsocid && (!DolibarrApiAccess::$user->rights->societe->client->voir && !$socid) || $search_sale > 0) {
133 $sql .=
", ".MAIN_DB_PREFIX.
"societe_commerciaux as sc";
135 $sql .=
" WHERE 1 = 1";
141 if ($tmpobject->ismultientitymanaged) {
142 $sql .=
' AND t.entity IN ('.getEntity($tmpobject->element).
')';
144 if ($restrictonsocid && (!DolibarrApiAccess::$user->rights->societe->client->voir && !$socid) || $search_sale > 0) {
145 $sql .=
" AND t.fk_soc = sc.fk_soc";
147 if ($restrictonsocid && $socid) {
148 $sql .=
" AND t.fk_soc = ".((int) $socid);
150 if ($restrictonsocid && $search_sale > 0) {
151 $sql .=
" AND t.rowid = sc.fk_soc";
154 if ($restrictonsocid && $search_sale > 0) {
155 $sql .=
" AND sc.fk_user = ".((int) $search_sale);
160 throw new RestException(503,
'Error when validating parameter sqlfilters -> '.$errormessage);
162 $regexstring =
'\(([^:\'\(\)]+:[^:\'\(\)]+:[^\(\)]+)\)';
163 $sql .=
" AND (".preg_replace_callback(
'/'.$regexstring.
'/',
'DolibarrApi::_forge_criteria_callback', $sqlfilters).
")";
166 $sql .= $this->
db->order($sortfield, $sortorder);
171 $offset = $limit * $page;
173 $sql .= $this->
db->plimit($limit + 1, $offset);
176 $result = $this->
db->query($sql);
179 $num = $this->
db->num_rows($result);
181 $obj = $this->
db->fetch_object($result);
183 if ($tmp_object->fetch($obj->rowid)) {
189 throw new RestException(503,
'Error when retrieving myobject list: '.$this->
db->lasterror());
191 if (!count($obj_ret)) {
192 throw new RestException(404,
'No myobject found');
207 public function post($request_data =
null)
209 if (!DolibarrApiAccess::$user->rights->mymodule->myobject->write) {
210 throw new RestException(401);
214 $result = $this->
_validate($request_data);
216 foreach ($request_data as $field => $value) {
217 $this->myobject->$field = $this->
_checkValForAPI($field, $value, $this->myobject);
223 if ($this->myobject->create(DolibarrApiAccess::$user)<0) {
224 throw new RestException(500,
"Error creating MyObject", array_merge(array($this->myobject->error), $this->myobject->errors));
226 return $this->myobject->id;
240 public function put($id, $request_data =
null)
242 if (!DolibarrApiAccess::$user->rights->mymodule->myobject->write) {
243 throw new RestException(401);
246 $result = $this->myobject->fetch($id);
248 throw new RestException(404,
'MyObject not found');
252 throw new RestException(401,
'Access to instance id='.$this->myobject->id.
' of object not allowed for login '.DolibarrApiAccess::$user->login);
255 foreach ($request_data as $field => $value) {
256 if ($field ==
'id') {
259 $this->myobject->$field = $this->
_checkValForAPI($field, $value, $this->myobject);
265 if ($this->myobject->update(DolibarrApiAccess::$user,
false) > 0) {
266 return $this->
get($id);
268 throw new RestException(500, $this->myobject->error);
282 public function delete($id)
284 if (!DolibarrApiAccess::$user->rights->mymodule->myobject->delete) {
285 throw new RestException(401);
287 $result = $this->myobject->fetch($id);
289 throw new RestException(404,
'MyObject not found');
293 throw new RestException(401,
'Access to instance id='.$this->myobject->id.
' of object not allowed for login '.DolibarrApiAccess::$user->login);
296 if ($this->myobject->delete(DolibarrApiAccess::$user) == 0) {
297 throw new RestException(409,
'Error when deleting MyObject : '.$this->myobject->error);
298 } elseif ($this->myobject->delete(DolibarrApiAccess::$user) < 0) {
299 throw new RestException(500,
'Error when deleting MyObject : '.$this->myobject->error);
305 'message' =>
'MyObject deleted'
321 $object = parent::_cleanObjectDatas($object);
323 unset($object->rowid);
324 unset($object->canvas);
361 if (isset($object->lines) && is_array($object->lines) && count($object->lines) > 0) {
362 $nboflines = count($object->lines);
363 for ($i = 0; $i < $nboflines; $i++) {
366 unset($object->lines[$i]->lines);
367 unset($object->lines[$i]->note);
385 foreach ($this->myobject->fields as $field => $propfield) {
386 if (in_array($field, array(
'rowid',
'entity',
'date_creation',
'tms',
'fk_user_creat')) || $propfield[
'notnull'] != 1) {
389 if (!isset($data[$field])) {
390 throw new RestException(400,
"$field field missing");
392 $myobject[$field] = $data[$field];
static _checkAccessToResource($resource, $resource_id=0, $dbtablename='', $feature2='', $dbt_keyfield='fk_soc', $dbt_select='rowid')
Check access by user to a given resource.
_checkFilters($sqlfilters, &$error='')
Return if a $sqlfilters parameter is valid.
_checkValForAPI($field, $value, $object)
Check and convert a string depending on its type/name.
index($sortfield="t.rowid", $sortorder='ASC', $limit=100, $page=0, $sqlfilters='')
List myobjects.
_cleanObjectDatas($object)
Clean sensible object datas.
__construct()
Constructor.
post($request_data=null)
Create myobject object.
put($id, $request_data=null)
Update myobject.
_validate($data)
Validate fields before create or update object.
if(!function_exists('dol_getprefix')) dol_include_once($relpath, $classname='')
Make an include_once using default root and alternate root if it fails.
$conf db
API class for accounts.