From 339d9dbfdf6a800b12387ba2226a95d2172d6865 Mon Sep 17 00:00:00 2001 From: Regis Houssin Date: Wed, 24 May 2017 18:44:03 +0200 Subject: [PATCH 1/2] New: add REST api "dictionaryevents" for to use with "agendaevents" --- .../api/class/api_dictionaryevents.class.php | 100 ++++++++++++++++++ 1 file changed, 100 insertions(+) create mode 100644 htdocs/api/class/api_dictionaryevents.class.php diff --git a/htdocs/api/class/api_dictionaryevents.class.php b/htdocs/api/class/api_dictionaryevents.class.php new file mode 100644 index 0000000000000..23d7e8e5dba7b --- /dev/null +++ b/htdocs/api/class/api_dictionaryevents.class.php @@ -0,0 +1,100 @@ + + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 3 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program. If not, see . + */ + +use Luracast\Restler\RestException; + +require_once DOL_DOCUMENT_ROOT.'/main.inc.php'; + +/** + * API class for events type (content of the actioncomm dictionary) + * + * @access protected + * @class DolibarrApiAccess {@requires user,external} + */ +class DictionaryEvents extends DolibarrApi +{ + /** + * Constructor + */ + function __construct() + { + global $db; + $this->db = $db; + } + + /** + * Get the list of events types. + * + * @param string $sortfield Sort field + * @param string $sortorder Sort order + * @param int $limit Number of items per page + * @param int $page Page number (starting from zero) + * @param string $type To filter on type of event + * @param string $module To filter on module events + * @param string $sqlfilters Other criteria to filter answers separated by a comma. Syntax example "(t.code:like:'A%') and (t.active:>=:0)" + * @return List of events types + * + * @throws RestException + */ + function index($sortfield = "code", $sortorder = 'ASC', $limit = 100, $page = 0, $type = '', $module = '', $sqlfilters = '') + { + $list = array(); + + $sql = "SELECT id, code, type, libelle as label, module"; + $sql.= " FROM ".MAIN_DB_PREFIX."c_actioncomm as t"; + $sql.= " WHERE t.active = 1"; + if ($type) $sql.=" AND t.type LIKE '%" . $this->db->escape($type) . "%'"; + if ($module) $sql.=" AND t.module LIKE '%" . $this->db->escape($module) . "%'"; + // Add sql filters + if ($sqlfilters) + { + if (! DolibarrApi::_checkFilters($sqlfilters)) + { + throw new RestException(503, 'Error when validating parameter sqlfilters '.$sqlfilters); + } + $regexstring='\(([^:\'\(\)]+:[^:\'\(\)]+:[^:\(\)]+)\)'; + $sql.=" AND (".preg_replace_callback('/'.$regexstring.'/', 'DolibarrApi::_forge_criteria_callback', $sqlfilters).")"; + } + + + $sql.= $this->db->order($sortfield, $sortorder); + + if ($limit) { + if ($page < 0) { + $page = 0; + } + $offset = $limit * $page; + + $sql .= $this->db->plimit($limit, $offset); + } + + $result = $this->db->query($sql); + + if ($result) { + $num = $this->db->num_rows($result); + $min = min($num, ($limit <= 0 ? $num : $limit)); + for ($i = 0; $i < $min; $i++) { + $list[] = $this->db->fetch_object($result); + } + } else { + throw new RestException(503, 'Error when retrieving list of events types : '.$this->db->lasterror()); + } + + return $list; + } + +} From ee2019ae37c307872781d2ab8350fb2cf49f93f8 Mon Sep 17 00:00:00 2001 From: Regis Houssin Date: Fri, 26 May 2017 16:52:27 +0200 Subject: [PATCH 2/2] Fix: limit to 100 by default to avoid freeze --- .../action/class/api_agendaevents.class.php | 88 +++++++++---------- 1 file changed, 44 insertions(+), 44 deletions(-) diff --git a/htdocs/comm/action/class/api_agendaevents.class.php b/htdocs/comm/action/class/api_agendaevents.class.php index 376df238a95ab..a056dccb8659e 100644 --- a/htdocs/comm/action/class/api_agendaevents.class.php +++ b/htdocs/comm/action/class/api_agendaevents.class.php @@ -1,7 +1,7 @@ * Copyright (C) 2016 Laurent Destailleur - * + * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation; either version 3 of the License, or @@ -23,14 +23,14 @@ /** * API class for Agenda Events * - * @access protected + * @access protected * @class DolibarrApiAccess {@requires user,external} */ class AgendaEvents extends DolibarrApi { /** - * @var array $FIELDS Mandatory fields, checked when create and update object + * @var array $FIELDS Mandatory fields, checked when create and update object */ static $FIELDS = array( ); @@ -40,7 +40,7 @@ class AgendaEvents extends DolibarrApi */ public $actioncomm; - + /** * Constructor */ @@ -55,61 +55,61 @@ function __construct() * Get properties of a Agenda Events object * * Return an array with Agenda Events informations - * + * * @param int $id ID of Agenda Events * @return array|mixed Data without useless information * * @throws RestException */ function get($id) - { + { if(! DolibarrApiAccess::$user->rights->agenda->myactions->read) { throw new RestException(401, "Insuffisant rights to read an event"); } - + $result = $this->actioncomm->fetch($id); if( ! $result ) { throw new RestException(404, 'Agenda Events not found'); } - + if(! DolibarrApiAccess::$user->rights->agenda->allactions->read && $this->actioncomm->ownerid != DolibarrApiAccess::$user->id) { throw new RestException(401, "Insuffisant rights to read event for owner id ".$request_data['userownerid'].' Your id is '.DolibarrApiAccess::$user->id); } - + if( ! DolibarrApi::_checkAccessToResource('agenda',$this->actioncomm->id)) { throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login); } - + $this->actioncomm->fetchObjectLinked(); return $this->_cleanObjectDatas($this->actioncomm); } /** * List Agenda Events - * + * * Get a list of Agenda Events - * + * * @param string $sortfield Sort field * @param string $sortorder Sort order * @param int $limit Limit for list * @param int $page Page number * @param string $user_ids User ids filter field (owners of event). Example: '1' or '1,2,3' {@pattern /^[0-9,]*$/i} - * @param string $sqlfilters Other criteria to filter answers separated by a comma. Syntax example "(t.label:like:'%dol%') and (t.date_creation:<:'20160101')" + * @param string $sqlfilters Other criteria to filter answers separated by a comma. Syntax example "(t.label:like:'%dol%') and (t.datec:<:'20160101')" * @return array Array of Agenda Events objects */ - function index($sortfield = "t.id", $sortorder = 'ASC', $limit = 0, $page = 0, $user_ids = 0, $sqlfilters = '') { + function index($sortfield = "t.id", $sortorder = 'ASC', $limit = 100, $page = 0, $user_ids = 0, $sqlfilters = '') { global $db, $conf; - + $obj_ret = array(); // case of external user $socid = 0; - if (! empty(DolibarrApiAccess::$user->societe_id)) $socid = DolibarrApiAccess::$user->societe_id; - + if (! empty(DolibarrApiAccess::$user->socid)) $socid = DolibarrApiAccess::$user->socid; + // If the internal user must only see his customers, force searching by him $search_sale = 0; if (! DolibarrApiAccess::$user->rights->societe->client->voir && !$socid) $search_sale = DolibarrApiAccess::$user->id; - + $sql = "SELECT t.id as rowid"; $sql.= " FROM ".MAIN_DB_PREFIX."actioncomm as t"; $sql.= ' WHERE t.entity IN ('.getEntity('agenda', 1).')'; @@ -121,7 +121,7 @@ function index($sortfield = "t.id", $sortorder = 'ASC', $limit = 0, $page = 0, $ $sql .= " AND sc.fk_user = ".$search_sale; } // Add sql filters - if ($sqlfilters) + if ($sqlfilters) { if (! DolibarrApi::_checkFilters($sqlfilters)) { @@ -130,7 +130,7 @@ function index($sortfield = "t.id", $sortorder = 'ASC', $limit = 0, $page = 0, $ $regexstring='\(([^:\'\(\)]+:[^:\'\(\)]+:[^:\(\)]+)\)'; $sql.=" AND (".preg_replace_callback('/'.$regexstring.'/', 'DolibarrApi::_forge_criteria_callback', $sqlfilters).")"; } - + $sql.= $db->order($sortfield, $sortorder); if ($limit) { if ($page < 0) @@ -143,7 +143,7 @@ function index($sortfield = "t.id", $sortorder = 'ASC', $limit = 0, $page = 0, $ } $result = $db->query($sql); - + if ($result) { $num = $db->num_rows($result); @@ -181,7 +181,7 @@ function post($request_data = NULL) if(! DolibarrApiAccess::$user->rights->agenda->allactions->create && DolibarrApiAccess::$user->id != $request_data['userownerid']) { throw new RestException(401, "Insuffisant rights to create an Agenda Event for owner id ".$request_data['userownerid'].' Your id is '.DolibarrApiAccess::$user->id); } - + // Check mandatory fields $result = $this->_validate($request_data); @@ -198,18 +198,18 @@ function post($request_data = NULL) if ($this->actioncomm->create(DolibarrApiAccess::$user) < 0) { throw new RestException(500, "Error creating event", array_merge(array($this->actioncomm->error), $this->actioncomm->errors)); } - + return $this->actioncomm->id; } - + /** * Update Agenda Event general fields (won't touch lines of expensereport) * * @param int $id Id of Agenda Event to update - * @param array $request_data Datas - * - * @return int + * @param array $request_data Datas + * + * @return int */ /* function put($id, $request_data = NULL) { @@ -219,12 +219,12 @@ function put($id, $request_data = NULL) { if(! DolibarrApiAccess::$user->rights->agenda->allactions->create && DolibarrApiAccess::$user->id != $request_data['userownerid']) { throw new RestException(401, "Insuffisant rights to create an Agenda Event for owner id ".$request_data['userownerid'].' Your id is '.DolibarrApiAccess::$user->id); } - + $result = $this->expensereport->fetch($id); if( ! $result ) { throw new RestException(404, 'expensereport not found'); } - + if( ! DolibarrApi::_checkAccessToResource('expensereport',$this->expensereport->id)) { throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login); } @@ -232,19 +232,19 @@ function put($id, $request_data = NULL) { if ($field == 'id') continue; $this->expensereport->$field = $value; } - + if($this->expensereport->update($id, DolibarrApiAccess::$user,1,'','','update')) return $this->get($id); - + return false; } */ - + /** * Delete Agenda Event * * @param int $id Agenda Event ID - * + * * @return array */ function delete($id) @@ -252,39 +252,39 @@ function delete($id) if(! DolibarrApiAccess::$user->rights->agenda->myactions->delete) { throw new RestException(401, "Insuffisant rights to delete your Agenda Event"); } - + $result = $this->actioncomm->fetch($id); - + if(! DolibarrApiAccess::$user->rights->agenda->allactions->delete && DolibarrApiAccess::$user->id != $this->actioncomm->userownerid) { throw new RestException(401, "Insuffisant rights to delete an Agenda Event of owner id ".$request_data['userownerid'].' Your id is '.DolibarrApiAccess::$user->id); } - + if( ! $result ) { throw new RestException(404, 'Agenda Event not found'); } - + if( ! DolibarrApi::_checkAccessToResource('actioncomm',$this->actioncomm->id)) { throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login); } - + if( ! $this->actioncomm->delete(DolibarrApiAccess::$user)) { throw new RestException(500, 'Error when delete Agenda Event : '.$this->actioncomm->error); } - + return array( 'success' => array( 'code' => 200, 'message' => 'Agenda Event deleted' ) ); - + } - + /** * Validate fields before create or update object - * + * * @param array $data Array with data to verify - * @return array + * @return array * @throws RestException */ function _validate($data) @@ -294,7 +294,7 @@ function _validate($data) if (!isset($data[$field])) throw new RestException(400, "$field field missing"); $event[$field] = $data[$field]; - + } return $event; }