Dolibarr · eldy · Apr 12, 2024 · Apr 7, 2024 · Apr 7, 2024 · Apr 7, 2024
diff --git a/htdocs/api/class/api_setup.class.php b/htdocs/api/class/api_setup.class.php
@@ -5,6 +5,7 @@
  * Copyright (C) 2017	Neil Orley	            <neil.orley@oeris.fr>
  * Copyright (C) 2018-2021   Frédéric France         <frederic.france@netlogic.fr>
  * Copyright (C) 2018-2022   Thibault FOUCART        <support@ptibogxiv.net>
+ * Copyright (C) 2024        Jon Bendtsen            <jon.bendtsen.github@jonb.dk>
  *
  *
  * This program is free software; you can redistribute it and/or modify
@@ -1232,7 +1233,170 @@ public function deleteExtrafieldsFromNames($attrname, $elementtype)
 		);
 	}
 
+
+
+	/** get Extrafield object
+	 *
+	 * @param	string	$attrname		extrafield attrname
+	 * @param	string	$elementtype	extrafield elementtype
+	 * @return	array					List of extra fields
+	 *
+	 * @url     GET		extrafields/{elementtype}/{attrname}
+	 *
+	 * @suppress PhanPluginUnknownArrayMethodParamType  Luracast limitation
+	 *
+	 */
+	public function getExtrafields($attrname, $elementtype)
+	{
+		$answer = array();
+
+		if (!DolibarrApiAccess::$user->admin) {
+			throw new RestException(403, 'Only an admin user can get list of extrafields');
+		}
+
+		if ($elementtype == 'thirdparty') {
+			$elementtype = 'societe';
+		}
+		if ($elementtype == 'contact') {
+			$elementtype = 'socpeople';
+		}
+
+		$sql = "SELECT t.rowid as id, t.name, t.entity, t.elementtype, t.label, t.type, t.size, t.fieldcomputed, t.fielddefault,";
+		$sql .= " t.fieldunique, t.fieldrequired, t.perms, t.enabled, t.pos, t.alwayseditable, t.param, t.list, t.printable,";
+		$sql .= " t.totalizable, t.langs, t.help, t.css, t.cssview, t.fk_user_author, t.fk_user_modif, t.datec, t.tms";
+		$sql .= " FROM ".MAIN_DB_PREFIX."extrafields as t";
+		$sql .= " WHERE t.entity IN (".getEntity('extrafields').")";
+		$sql .= " AND t.elementtype = '".$this->db->escape($elementtype)."'";
+		$sql .= " AND t.name = '".$this->db->escape($attrname)."'";
+
+		$resql = $this->db->query($sql);
+		if ($resql) {
+			if ($this->db->num_rows($resql)) {
+				while ($tab = $this->db->fetch_object($resql)) {
+					// New usage
+					$answer[$tab->elementtype][$tab->name]['id'] = $tab->id;
+					$answer[$tab->elementtype][$tab->name]['type'] = $tab->type;
+					$answer[$tab->elementtype][$tab->name]['label'] = $tab->label;
+					$answer[$tab->elementtype][$tab->name]['size'] = $tab->size;
+					$answer[$tab->elementtype][$tab->name]['elementtype'] = $tab->elementtype;
+					$answer[$tab->elementtype][$tab->name]['default'] = $tab->fielddefault;
+					$answer[$tab->elementtype][$tab->name]['computed'] = $tab->fieldcomputed;
+					$answer[$tab->elementtype][$tab->name]['unique'] = $tab->fieldunique;
+					$answer[$tab->elementtype][$tab->name]['required'] = $tab->fieldrequired;
+					$answer[$tab->elementtype][$tab->name]['param'] = ($tab->param ? jsonOrUnserialize($tab->param) : '');	// This may be a string encoded with serialise() or json_encode()
+					$answer[$tab->elementtype][$tab->name]['pos'] = $tab->pos;
+					$answer[$tab->elementtype][$tab->name]['alwayseditable'] = $tab->alwayseditable;
+					$answer[$tab->elementtype][$tab->name]['perms'] = $tab->perms;
+					$answer[$tab->elementtype][$tab->name]['list'] = $tab->list;
+					$answer[$tab->elementtype][$tab->name]['printable'] = $tab->printable;
+					$answer[$tab->elementtype][$tab->name]['totalizable'] = $tab->totalizable;
+					$answer[$tab->elementtype][$tab->name]['langs'] = $tab->langs;
+					$answer[$tab->elementtype][$tab->name]['help'] = $tab->help;
+					$answer[$tab->elementtype][$tab->name]['css'] = $tab->css;
+					$answer[$tab->elementtype][$tab->name]['cssview'] = $tab->cssview;
+					$answer[$tab->elementtype][$tab->name]['csslist'] = $tab->csslist;
+					$answer[$tab->elementtype][$tab->name]['fk_user_author'] = $tab->fk_user_author;
+					$answer[$tab->elementtype][$tab->name]['fk_user_modif'] = $tab->fk_user_modif;
+					$answer[$tab->elementtype][$tab->name]['datec'] = $tab->datec;
+					$answer[$tab->elementtype][$tab->name]['tms'] = $tab->tms;
+				}
+			}
+		} else {
+			throw new RestException(503, 'Error when retrieving list of extra fields : '.$this->db->lasterror());
+		}
+
+		return $answer;
+	}
+
+	/**
+	 * Create Extrafield object
+	 *
+	 * @param	string	$attrname		extrafield attrname
+	 * @param	string	$elementtype	extrafield elementtype
+	 * @param	array	$request_data	Request datas
+	 * @return	int						ID of extrafield
+	 *
+	 * @url     POST	extrafields/{elementtype}/{attrname}
+	 *
+	 * @suppress PhanPluginUnknownArrayMethodParamType  Luracast limitation
+	 *
+	 */
+	public function postExtrafields($attrname, $elementtype, $request_data = null)
+	{
+		if (!DolibarrApiAccess::$user->admin) {
+			throw new RestException(403, 'Only an admin user can create an extrafield');
+		}
+
+		$extrafields = new ExtraFields($this->db);
+
+		$result = $extrafields->fetch_name_optionals_label($elementtype, false, $attrname);
+		if ($result) {
+			throw new RestException(409, 'Duplicate extrafield already found from attrname and elementtype');
+		}
+
+		// Check mandatory fields is not working despise being a modified copy from api_thirdparties.class.php
+		// $result = $this->_validateExtrafields($request_data, $extrafields);
+
+		foreach ($request_data as $field => $value) {
+			$extrafields->$field = $this->_checkValForAPI($field, $value, $extrafields);
+		}
+
+		// built in validation
+		$enabled = 1; // hardcoded because it seems to always be 1 in every row in the database
+		if ($request_data['entity']) {
+			$entity = $request_data['entity'];
+		} else {
+			throw new RestException(400, "Entity field absent");
+		}
+		if ($request_data['label']) {
+			$label = $request_data['label'];
+		} else {
+			throw new RestException(400, "label field absent");
+		}
+
+		$alwayseditable = $request_data['alwayseditable'];
+		$default_value = $request_data['default_value'];
+		$totalizable = $request_data['totalizable'];
+		$printable = $request_data['printable'];
+		$required = $request_data['required'];
+		$langfile = $request_data['langfile'];
+		$computed = $request_data['computed'];
+		$unique = $request_data['unique'];
+		$param = $request_data['param'];
+		$perms = $request_data['perms'];
+		$size = $request_data['size'];
+		$type = $request_data['type'];
+		$list = $request_data['list'];
+		$help = $request_data['help'];
+		$pos = $request_data['pos'];
+		$moreparams = array();
+
+		if ( 0 > $extrafields->addExtraField($attrname, $label, $type, $pos, $size, $elementtype, $unique, $required, $default_value, $param, $alwayseditable, $perms, $list, $help, $computed, $entity, $langfile, $enabled, $totalizable, $printable, $moreparams)) {
+			throw new RestException(500, 'Error creating extrafield', array_merge(array($extrafields->errno), $extrafields->errors));
+		}
+
+		$sql = "SELECT t.rowid as id";
+		$sql .= " FROM ".MAIN_DB_PREFIX."extrafields as t";
+		$sql .= " WHERE elementtype = '".$this->db->escape($elementtype)."'";
+		$sql .= " AND name = '".$this->db->escape($attrname)."'";
+
+		$resql = $this->db->query($sql);
+		if ($resql) {
+			if ($this->db->num_rows($resql)) {
+				$tab = $this->db->fetch_object($resql);
+				$id = (int) $tab->id;
+			} else {
+				$id = (int) -1;
+			}
+		} else {
+			$id = (int) -2;
+		}
+
+		return $id;
+	}
+
 	/**
+
 	 * Update Extrafield object
 	 *
 	 * @param	string	$attrname		extrafield attrname