REST API: Bring back the existing API (for backward compatibility).

Bring back the existing API and mark all the operations as deprecated.
Both the existing and the new API are documented and browsable with the
Restler API Explorer. The existing API appears under "root".

htdocs/api/index.php

@@ -112,13 +112,24 @@ foreach ($modulesdir as $dir)
                     {
                         while (($file_searched = readdir($handle_part))!==false)
                         {
-                            if (is_readable($dir_part.$file_searched) && preg_match("/^api_(.*)\.class\.php$/i",$file_searched,$reg))
+                            // Support of the deprecated API.
+                            if (is_readable($dir_part.$file_searched) && preg_match("/^api_deprecated_(.*)\.class\.php$/i",$file_searched,$reg))
+                            {
+                                $classname = ucwords($reg[1]).'Api';
+                                require_once $dir_part.$file_searched;
+                                if (class_exists($classname))
+                                {
+                                    dol_syslog("Found deprecated API classname=".$classname);
+                                    $api->r->addAPIClass($classname, '');
+                                }
+                            }
+                            else if (is_readable($dir_part.$file_searched) && preg_match("/^api_(.*)\.class\.php$/i",$file_searched,$reg))
                             {
                                 $classname = ucwords($reg[1]);
                                 require_once $dir_part.$file_searched;
                                 if (class_exists($classname))
                                 {
-                                    dol_syslog("Found API classname=".$classname);    
+                                    dol_syslog("Found API classname=".$classname);
                                     $listofapis[] = $classname;
                                 }
                             }

htdocs/categories/class/api_deprecated_category.class.php

@@ -0,0 +1,489 @@
+<?php
+/* Copyright (C) 2015   Jean-François Ferry     <jfefe@aternatik.fr>
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program. If not, see <http://www.gnu.org/licenses/>.
+ */
+
+ use Luracast\Restler\RestException;
+
+ require_once DOL_DOCUMENT_ROOT.'/categories/class/categorie.class.php';
+ require_once DOL_DOCUMENT_ROOT.'/societe/class/client.class.php';
+
+/**
+ * API class for category object
+ *
+ * @smart-auto-routing false
+ * @access protected 
+ * @class  DolibarrApiAccess {@requires user,external}
+ * 
+ * @deprecated
+ */
+class CategoryApi extends DolibarrApi
+{
+    /**
+     * @var array   $FIELDS     Mandatory fields, checked when create and update object 
+     */
+    static $FIELDS = array(
+        'label',
+        'type'
+    );
+
+    static $TYPES = array(
+        0 => 'product',
+        1 => 'supplier',
+        2 => 'customer',
+        3 => 'member',
+        4 => 'contact',
+        5 => 'account',
+    );
+    
+    /**
+     * @var Categorie $category {@type Categorie}
+     */
+    public $category;
+
+    /**
+     * Constructor <b>Warning: Deprecated</b>
+     *
+     * @url     GET category/
+     * 
+     */
+    function __construct()
+    {
+		global $db, $conf;
+		$this->db = $db;
+        $this->category = new Categorie($this->db);
+        
+    }
+
+    /**
+     * Get properties of a category object <b>Warning: Deprecated</b>
+     *
+     * Return an array with category informations
+     *
+     * @param 	int 	$id ID of category
+     * @return 	array|mixed data without useless information
+	 * 
+     * @url	GET category/{id}
+     * @throws 	RestException
+     */
+    function get($id)
+    {		
+		if(! DolibarrApiAccess::$user->rights->categorie->lire) {
+			throw new RestException(401);
+		}
+			
+        $result = $this->category->fetch($id);
+        if( ! $result ) {
+            throw new RestException(404, 'category not found');
+        }
+		
+		if( ! DolibarrApi::_checkAccessToResource('category',$this->category->id)) {
+			throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
+		}
+
+		return $this->_cleanObjectDatas($this->category);
+    }
+
+    /**
+     * List categories <b>Warning: Deprecated</b>
+     * 
+     * Get a list of categories
+     *
+     * @param string	$type		Type of category ('member', 'customer', 'supplier', 'product', 'contact')
+     * @param string	$sortfield	Sort field
+     * @param string	$sortorder	Sort order
+     * @param int		$limit		Limit for list
+     * @param int		$page		Page number
+     * @return array Array of category objects
+     *
+     * @url	GET /category/list
+     */
+    function getList($type='product', $sortfield = "s.rowid", $sortorder = 'ASC', $limit = 0, $page = 0) {
+        global $db, $conf;
+        
+        $obj_ret = array();
+        
+         if(! DolibarrApiAccess::$user->rights->categorie->lire) {
+			throw new RestException(401);
+		}
+        
+        $sql = "SELECT s.rowid";
+        $sql.= " FROM ".MAIN_DB_PREFIX."categorie as s";
+        $sql.= ' WHERE s.entity IN ('.getEntity('categorie', 1).')';
+        $sql.= ' AND s.type='.array_search($type,CategoryApi::$TYPES);
+
+        $nbtotalofrecords = 0;
+        if (empty($conf->global->MAIN_DISABLE_FULL_SCANLIST))
+        {
+            $result = $db->query($sql);
+            $nbtotalofrecords = $db->num_rows($result);
+        }
+
+        $sql.= $db->order($sortfield, $sortorder);
+        if ($limit)	{
+            if ($page < 0)
+            {
+                $page = 0;
+            }
+            $offset = $limit * $page;
+
+            $sql.= $db->plimit($limit + 1, $offset);
+        }
+
+        $result = $db->query($sql);
+        if ($result)
+        {
+        	$i=0;
+            $num = $db->num_rows($result);
+            while ($i < $num)
+            {
+                $obj = $db->fetch_object($result);
+                $category_static = new Categorie($db);
+                if($category_static->fetch($obj->rowid)) {
+                    $obj_ret[] = parent::_cleanObjectDatas($category_static);
+                }
+                $i++;
+            }
+        }
+        else {
+            throw new RestException(503, 'Error when retrieve category list : '.$category_static->error);
+        }
+        if( ! count($obj_ret)) {
+            throw new RestException(404, 'No category found');
+        }
+		return $obj_ret;
+    }
+    /**
+     * List categories of an entity <b>Warning: Deprecated</b>
+     * 
+     * Get a list of categories
+     *
+     * @param string	$type		Type of category ('member', 'customer', 'supplier', 'product', 'contact')
+     * @param string	$sortfield	Sort field
+     * @param string	$sortorder	Sort order
+     * @param int		$limit		Limit for list
+     * @param int		$page		Page number
+     * @param int		$item		Id of the item to get categories for
+     * @return array Array of category objects
+     *
+     * @url	GET /product/{item}/categories
+     */
+    function getListForItem($type='product', $sortfield = "s.rowid", $sortorder = 'ASC', $limit = 0, $page = 0, $item = 0) {
+        global $db, $conf;
+        
+        $obj_ret = array();
+        
+         if(! DolibarrApiAccess::$user->rights->categorie->lire) {
+			    throw new RestException(401);
+         }
+        //if ($type == "") {
+          //$type="product";
+        //}
+        $sub_type = $type;
+        $subcol_name = "fk_".$type;
+        if ($type=="customer" || $type=="supplier") {
+          $sub_type="societe";
+          $subcol_name="fk_soc";
+        }
+        $sql = "SELECT s.rowid";
+        $sql.= " FROM ".MAIN_DB_PREFIX."categorie as s";
+        $sql.= " , ".MAIN_DB_PREFIX."categorie_".$sub_type." as sub ";
+        $sql.= ' WHERE s.entity IN ('.getEntity('categorie', 1).')';
+        $sql.= ' AND s.type='.array_search($type,CategoryApi::$TYPES);
+        $sql.= ' AND s.rowid = sub.fk_categorie';
+        $sql.= ' AND sub.'.$subcol_name.' = '.$item;
+
+        $nbtotalofrecords = 0;
+        if (empty($conf->global->MAIN_DISABLE_FULL_SCANLIST))
+        {
+            $result = $db->query($sql);
+            $nbtotalofrecords = $db->num_rows($result);
+        }
+
+        $sql.= $db->order($sortfield, $sortorder);
+        if ($limit)	{
+            if ($page < 0)
+            {
+                $page = 0;
+            }
+            $offset = $limit * $page;
+
+            $sql.= $db->plimit($limit + 1, $offset);
+        }
+
+        $result = $db->query($sql);
+        if ($result)
+        {
+        	$i=0;
+            $num = $db->num_rows($result);
+            while ($i < $num)
+            {
+                $obj = $db->fetch_object($result);
+                $category_static = new Categorie($db);
+                if($category_static->fetch($obj->rowid)) {
+                    $obj_ret[] = parent::_cleanObjectDatas($category_static);
+                }
+                $i++;
+            }
+        }
+        else {
+            throw new RestException(503, 'Error when retrieve category list : '.$category_static->error);
+        }
+        if( ! count($obj_ret)) {
+            throw new RestException(404, 'No category found');
+        }
+		return $obj_ret;
+    }
+    
+    /**
+     * Get member categories list <b>Warning: Deprecated</b>
+     * 
+     * @param string	$sortfield	Sort field
+     * @param string	$sortorder	Sort order
+     * @param int		$limit		Limit for list
+     * @param int		$page		Page number
+     * @return mixed
+     * 
+     * @url GET /category/list/member
+     */
+    function getListCategoryMember($sortfield = "s.rowid", $sortorder = 'ASC', $limit = 0, $page = 0) {
+        return $this->getList('member', $sortfield, $sortorder, $limit, $page);  
+    }
+    
+    /**
+     * Get customer categories list <b>Warning: Deprecated</b>
+     * 
+     * @param string	$sortfield	Sort field
+     * @param string	$sortorder	Sort order
+     * @param int		$limit		Limit for list
+     * @param int		$page		Page number
+     * 
+     * @return mixed
+     * 
+     * @url GET /category/list/customer
+     */
+    function getListCategoryCustomer($sortfield = "s.rowid", $sortorder = 'ASC', $limit = 0, $page = 0) {
+        return $this->getList('customer', $sortfield, $sortorder, $limit, $page);  
+    }
+    /**
+     * Get categories for a customer <b>Warning: Deprecated</b>
+     * 
+     * @param int		$cusid  Customer id filter
+     * @param string	$sortfield	Sort field
+     * @param string	$sortorder	Sort order
+     * @param int		$limit		Limit for list
+     * @param int		$page		Page number
+     * 
+     * @return mixed
+     * 
+     * @url GET /customer/{cusid}/categories
+     */
+    function getListCustomerCategories($cusid, $sortfield = "s.rowid", $sortorder = 'ASC', $limit = 0, $page = 0) {
+        return $this->getListForItem('customer', $sortfield, $sortorder, $limit, $page, $cusid);  
+    }
+
+    /**
+     * Add category to customer <b>Warning: Deprecated</b>
+     * 
+     * @param int		$cusid	Id of customer
+     * @param int		$catid  Id of category
+     * 
+     * @return mixed
+     * 
+     * @url GET /customer/{cusid}/addCategory/{catid}
+     */
+    function addCustomerCategory($cusid,$catid) {
+      if(! DolibarrApiAccess::$user->rights->societe->creer) {
+			  throw new RestException(401);
+      }
+      $customer = new Client($this->db);
+      $customer->fetch($cusid);
+      if( ! $customer ) {
+        throw new RestException(404, 'customer not found');
+      }
+      $result = $this->category->fetch($catid);
+      if( ! $result ) {
+        throw new RestException(404, 'category not found');
+      }
+      
+      if( ! DolibarrApi::_checkAccessToResource('societe',$customer->id)) {
+        throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
+      }
+      if( ! DolibarrApi::_checkAccessToResource('category',$this->category->id)) {
+        throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
+      }
+      $this->category->add_type($customer,'customer');
+      return $customer;
+    }
+    
+    /**
+     * Get supplier categories list <b>Warning: Deprecated</b>
+     * 
+     * @param string	$sortfield	Sort field
+     * @param string	$sortorder	Sort order
+     * @param int		$limit		Limit for list
+     * @param int		$page		Page number
+     * 
+     * @return mixed
+     * 
+     * @url GET /category/list/supplier
+     */
+    function getListCategorySupplier($sortfield = "s.rowid", $sortorder = 'ASC', $limit = 0, $page = 0) {
+        return $this->getList('supplier', $sortfield, $sortorder, $limit, $page);  
+    }
+    
+    /**
+     * Get product categories list <b>Warning: Deprecated</b>
+     * 
+     * @param string	$sortfield	Sort field
+     * @param string	$sortorder	Sort order
+     * @param int		$limit		Limit for list
+     * @param int		$page		Page number
+     * 
+     * @return mixed
+     * 
+     * @url GET /category/list/product
+     */
+    function getListCategoryProduct($sortfield = "s.rowid", $sortorder = 'ASC', $limit = 0, $page = 0) {
+        return $this->getList('product', $sortfield, $sortorder, $limit, $page);  
+    }
+    
+    /**
+     * Get contact categories list <b>Warning: Deprecated</b>
+     * 
+     * @param string	$sortfield	Sort field
+     * @param string	$sortorder	Sort order
+     * @param int		$limit		Limit for list
+     * @param int		$page		Page number
+     * @return mixed
+     * 
+     * @url GET /category/list/contact
+     */
+    function getListCategoryContact($sortfield = "s.rowid", $sortorder = 'ASC', $limit = 0, $page = 0) {
+        return $this->getList('contact', $sortfield, $sortorder, $limit, $page);  
+    }
+    
+    /**
+     * Create category object <b>Warning: Deprecated</b>
+     * 
+     * @param array $request_data   Request data
+     * @return int  ID of category
+     *
+     * @url	POST category/
+     */
+    function post($request_data = NULL)
+    {
+        if(! DolibarrApiAccess::$user->rights->categorie->creer) {
+			throw new RestException(401);
+		}
+        // Check mandatory fields
+        $result = $this->_validate($request_data);
+        
+        foreach($request_data as $field => $value) {
+            $this->category->$field = $value;
+        }
+        if($this->category->create(DolibarrApiAccess::$user) < 0) {
+            throw new RestException(503, 'Error when create category : '.$this->category->error);
+        }
+        return $this->category->id;
+    }
+
+    /**
+     * Update category <b>Warning: Deprecated</b>
+     * 
+     * @param int   $id             Id of category to update
+     * @param array $request_data   Datas   
+     * @return int 
+     *
+     * @url	PUT category/{id}
+     */
+    function put($id, $request_data = NULL)
+    {
+        if(! DolibarrApiAccess::$user->rights->categorie->creer) {
+			throw new RestException(401);
+		}
+        
+        $result = $this->category->fetch($id);
+        if( ! $result ) {
+            throw new RestException(404, 'category not found');
+        }
+		
+		if( ! DolibarrApi::_checkAccessToResource('category',$this->category->id)) {
+			throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
+		}
+
+        foreach($request_data as $field => $value) {
+            $this->category->$field = $value;
+        }
+        
+        if($this->category->update(DolibarrApiAccess::$user))
+            return $this->get ($id);
+        
+        return false;
+    }
+    
+    /**
+     * Delete category <b>Warning: Deprecated</b>
+     *
+     * @param int $id   Category ID
+     * @return array
+     * 
+     * @url	DELETE category/{id}
+     */
+    function delete($id)
+    {
+        if(! DolibarrApiAccess::$user->rights->categorie->supprimer) {
+			throw new RestException(401);
+		}
+        $result = $this->category->fetch($id);
+        if( ! $result ) {
+            throw new RestException(404, 'category not found');
+        }
+		
+		if( ! DolibarrApi::_checkAccessToResource('category',$this->category->id)) {
+			throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
+		}
+        
+        if (! $this->category->delete(DolibarrApiAccess::$user)) {
+            throw new RestException(401,'error when delete category');
+        }
+        
+        return array(
+            'success' => array(
+                'code' => 200,
+                'message' => 'Category deleted'
+            )
+        );
+    }
+    
+    /**
+     * Validate fields before create or update object
+     * 
+     * @param array $data   Data to validate
+     * @return array
+     * 
+     * @throws RestException
+     */
+    function _validate($data)
+    {
+        $category = array();
+        foreach (CategoryApi::$FIELDS as $field) {
+            if (!isset($data[$field]))
+                throw new RestException(400, "$field field missing");
+            $category[$field] = $data[$field];
+        }
+        return $category;
+    }
+}

htdocs/commande/class/api_deprecated_commande.class.php

@@ -0,0 +1,535 @@
+<?php
+/* Copyright (C) 2015   Jean-François Ferry     <jfefe@aternatik.fr>
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program. If not, see <http://www.gnu.org/licenses/>.
+ */
+
+ use Luracast\Restler\RestException;
+
+ require_once DOL_DOCUMENT_ROOT.'/commande/class/commande.class.php';
+
+/**
+ * API class for commande object
+ *
+ * @smart-auto-routing false
+ * @access protected 
+ * @class  DolibarrApiAccess {@requires user,external}
+ * 
+ * @category Api
+ * @package  Api
+ * 
+ * @deprecated
+ */
+class CommandeApi extends DolibarrApi
+{
+
+    /**
+     * @var array   $FIELDS     Mandatory fields, checked when create and update object 
+     */
+    static $FIELDS = array(
+        'socid'
+    );
+
+    /**
+     * @var Commande $commande {@type Commande}
+     */
+    public $commande;
+
+    /**
+     * Constructor <b>Warning: Deprecated</b>
+     *
+     * @url     GET order/
+     * 
+     */
+    function __construct()
+    {
+		global $db, $conf;
+		$this->db = $db;
+        $this->commande = new Commande($this->db);
+    }
+
+    /**
+     * Get properties of a commande object <b>Warning: Deprecated</b>
+     *
+     * Return an array with commande informations
+     * 
+     * @param       int         $id         ID of order
+     * @param		string		$ref		Ref of object
+     * @param		string		$ref_ext		External reference of object
+     * @param		string		$ref_int		Internal reference of other object
+     * @return 	array|mixed data without useless information
+	 *
+     * @url	GET order/{id} 
+     * @throws 	RestException
+     */
+    function get($id='',$ref='', $ref_ext='', $ref_int='')
+    {		
+		if(! DolibarrApiAccess::$user->rights->commande->lire) {
+			throw new RestException(401);
+		}
+			
+        $result = $this->commande->fetch($id);
+        if( ! $result ) {
+            throw new RestException(404, 'Order not found');
+        }
+		
+		if( ! DolibarrApi::_checkAccessToResource('commande',$this->commande->id)) {
+			throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
+		}
+        
+        $this->commande->fetchObjectLinked();
+		return $this->_cleanObjectDatas($this->commande);
+    }
+
+    /**
+     * List orders <b>Warning: Deprecated</b>
+     * 
+     * Get a list of orders
+     * 
+     * @param int		$mode		Use this param to filter list
+     * @param string	$sortfield	Sort field
+     * @param string	$sortorder	Sort order
+     * @param int		$limit		Limit for list
+     * @param int		$page		Page number
+     * @param string	$societe	Societe filter field
+     *
+     * @url     GET     /order/list
+     * @return  array   Array of order objects
+     */
+    function getList($mode=0, $sortfield = "s.rowid", $sortorder = 'ASC', $limit = 0, $page = 0, $societe = 0) {
+        global $db, $conf;
+        
+        $obj_ret = array();
+        // case of external user, $societe param is ignored and replaced by user's socid
+        $socid = DolibarrApiAccess::$user->societe_id ? DolibarrApiAccess::$user->societe_id : $societe;
+            
+        // If the internal user must only see his customers, force searching by him
+        if (! DolibarrApiAccess::$user->rights->societe->client->voir && !$socid) $search_sale = DolibarrApiAccess::$user->id;
+
+        $sql = "SELECT s.rowid";
+        if ((!DolibarrApiAccess::$user->rights->societe->client->voir && !$socid) || $search_sale > 0) $sql .= ", sc.fk_soc, sc.fk_user"; // We need these fields in order to filter by sale (including the case where the user can only see his prospects)
+        $sql.= " FROM ".MAIN_DB_PREFIX."commande as s";
+        
+        if ((!DolibarrApiAccess::$user->rights->societe->client->voir && !$socid) || $search_sale > 0) $sql.= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; // We need this table joined to the select in order to filter by sale
+        
+		// Example of use $mode
+        //if ($mode == 1) $sql.= " AND s.client IN (1, 3)";
+        //if ($mode == 2) $sql.= " AND s.client IN (2, 3)";
+
+        $sql.= ' WHERE s.entity IN ('.getEntity('commande', 1).')';
+        if ((!DolibarrApiAccess::$user->rights->societe->client->voir && !$socid) || $search_sale > 0) $sql.= " AND s.fk_soc = sc.fk_soc";
+        if ($socid) $sql.= " AND s.fk_soc = ".$socid;
+        if ($search_sale > 0) $sql.= " AND s.rowid = sc.fk_soc";		// Join for the needed table to filter by sale
+        
+        // Insert sale filter
+        if ($search_sale > 0)
+        {
+            $sql .= " AND sc.fk_user = ".$search_sale;
+        }
+        
+        $nbtotalofrecords = 0;
+        if (empty($conf->global->MAIN_DISABLE_FULL_SCANLIST))
+        {
+            $result = $db->query($sql);
+            $nbtotalofrecords = $db->num_rows($result);
+        }
+
+        $sql.= $db->order($sortfield, $sortorder);
+        if ($limit)	{
+            if ($page < 0)
+            {
+                $page = 0;
+            }
+            $offset = $limit * $page;
+
+            $sql.= $db->plimit($limit + 1, $offset);
+        }
+
+        $result = $db->query($sql);
+        
+        if ($result)
+        {
+            $num = $db->num_rows($result);
+            while ($i < $num)
+            {
+                $obj = $db->fetch_object($result);
+                $commande_static = new Commande($db);
+                if($commande_static->fetch($obj->rowid)) {
+                    $obj_ret[] = parent::_cleanObjectDatas($commande_static);
+                }
+                $i++;
+            }
+        }
+        else {
+            throw new RestException(503, 'Error when retrieve commande list');
+        }
+        if( ! count($obj_ret)) {
+            throw new RestException(404, 'No commande found');
+        }
+		return $obj_ret;
+    }
+
+    /**
+     * List orders for specific thirdparty <b>Warning: Deprecated</b>
+     * 
+     * Get a list of orders
+     * 
+     * @param int	$socid Id of customer
+     *
+     * @url     GET     /customer/{socid}/order/list
+     * @url     GET     /thirdparty/{socid}/order/list
+     * @return  array   Array of order objects
+     */
+    function getListForSoc($socid = 0) {
+      return getList(0,"s.rowid","ASC",0,0,$socid);
+    }
+
+    
+    /**
+     * Create order object <b>Warning: Deprecated</b>
+     *
+     * @param   array   $request_data   Request datas
+     * 
+     * @url     POST    order/
+     * 
+     * @return  int     ID of commande
+     */
+    function post($request_data = NULL)
+    {
+      if(! DolibarrApiAccess::$user->rights->commande->creer) {
+			  throw new RestException(401, "Insuffisant rights");
+		  }
+        // Check mandatory fields
+        $result = $this->_validate($request_data);
+
+        foreach($request_data as $field => $value) {
+            $this->commande->$field = $value;
+        }
+        if (isset($request_data["lines"])) {
+          $lines = array();
+          foreach ($request_data["lines"] as $line) {
+            array_push($lines, (object) $line);
+          }
+          $this->commande->lines = $lines;
+        }
+        if(! $this->commande->create(DolibarrApiAccess::$user) ) {
+            throw new RestException(500, "Error while creating order");
+        }
+        
+        return $this->commande->id;
+    }
+    /**
+     * Get lines of an order <b>Warning: Deprecated</b>
+     *
+     *
+     * @param int   $id             Id of order
+     * 
+     * @url	GET order/{id}/line/list
+     * 
+     * @return int 
+     */
+    function getLines($id) {
+      if(! DolibarrApiAccess::$user->rights->commande->lire) {
+		  	throw new RestException(401);
+		  }
+        
+      $result = $this->commande->fetch($id);
+      if( ! $result ) {
+         throw new RestException(404, 'Commande not found');
+      }
+		
+		  if( ! DolibarrApi::_checkAccessToResource('commande',$this->commande->id)) {
+			  throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
+      }
+      $this->commande->getLinesArray();
+      $result = array();
+      foreach ($this->commande->lines as $line) {
+        array_push($result,$this->_cleanObjectDatas($line));
+      }
+      return $result;
+    }
+    /**
+     * Add a line to given order <b>Warning: Deprecated</b>
+     *
+     *
+     * @param int   $id             Id of commande to update
+     * @param array $request_data   Orderline data   
+     * 
+     * @url	POST order/{id}/line
+     * 
+     * @return int 
+     */
+    function postLine($id, $request_data = NULL) {
+      if(! DolibarrApiAccess::$user->rights->commande->creer) {
+		  	throw new RestException(401);
+		  }
+        
+      $result = $this->commande->fetch($id);
+      if( ! $result ) {
+         throw new RestException(404, 'Commande not found');
+      }
+		
+		  if( ! DolibarrApi::_checkAccessToResource('commande',$this->commande->id)) {
+			  throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
+      }
+			$request_data = (object) $request_data;
+      $updateRes = $this->commande->addline(
+                        $request_data->desc,
+                        $request_data->subprice,
+                        $request_data->qty,
+                        $request_data->tva_tx,
+                        $request_data->localtax1_tx,
+                        $request_data->localtax2_tx,
+                        $request_data->fk_product,
+                        $request_data->remise_percent,
+                        $request_data->info_bits,
+                        $request_data->fk_remise_except,
+                        'HT',
+                        0,
+                        $request_data->date_start,
+                        $request_data->date_end,
+                        $request_data->product_type,
+                        $request_data->rang,
+                        $request_data->special_code,
+                        $fk_parent_line,
+                        $request_data->fk_fournprice,
+                        $request_data->pa_ht,
+                        $request_data->label,
+                        $request_data->array_options,
+                        $request_data->fk_unit,
+                        $this->element,
+                        $request_data->id
+      );
+
+      if ($updateRes > 0) {
+        return $this->get($id)->line->rowid;
+
+      }
+      return false;
+    }
+    /**
+     * Update a line to given order <b>Warning: Deprecated</b>
+     *
+     *
+     * @param int   $id             Id of commande to update
+     * @param int   $lineid         Id of line to update
+     * @param array $request_data   Orderline data   
+     * 
+     * @url	PUT order/{id}/line/{lineid}
+     * 
+     * @return object 
+     */
+    function putLine($id, $lineid, $request_data = NULL) {
+      if(! DolibarrApiAccess::$user->rights->commande->creer) {
+		  	throw new RestException(401);
+		  }
+        
+      $result = $this->commande->fetch($id);
+      if( ! $result ) {
+         throw new RestException(404, 'Commande not found');
+      }
+		
+		  if( ! DolibarrApi::_checkAccessToResource('commande',$this->commande->id)) {
+			  throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
+      }
+			$request_data = (object) $request_data;
+      $updateRes = $this->commande->updateline(
+                        $lineid,
+                        $request_data->desc,
+                        $request_data->subprice,
+                        $request_data->qty,
+                        $request_data->remise_percent,
+                        $request_data->tva_tx,
+                        $request_data->localtax1_tx,
+                        $request_data->localtax2_tx,
+                        'HT',
+                        $request_data->info_bits,
+                        $request_data->date_start,
+                        $request_data->date_end,
+                        $request_data->product_type,
+                        $request_data->fk_parent_line,
+                        0,
+                        $request_data->fk_fournprice,
+                        $request_data->pa_ht,
+                        $request_data->label,
+                        $request_data->special_code,
+                        $request_data->array_options,
+                        $request_data->fk_unit
+      );
+
+      if ($updateRes > 0) {
+        $result = $this->get($id);
+        unset($result->line);
+        return $this->_cleanObjectDatas($result);
+      }
+      return false;
+    }
+    /**
+     * Delete a line to given order <b>Warning: Deprecated</b>
+     *
+     *
+     * @param int   $id             Id of commande to update
+     * @param int   $lineid         Id of line to delete
+     * 
+     * @url	DELETE order/{id}/line/{lineid}
+     * 
+     * @return int 
+     */
+    function delLine($id, $lineid) {
+      if(! DolibarrApiAccess::$user->rights->commande->creer) {
+		  	throw new RestException(401);
+		  }
+        
+      $result = $this->commande->fetch($id);
+      if( ! $result ) {
+         throw new RestException(404, 'Commande not found');
+      }
+		
+		  if( ! DolibarrApi::_checkAccessToResource('commande',$this->commande->id)) {
+			  throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
+      }
+			$request_data = (object) $request_data;
+      $updateRes = $this->commande->deleteline($lineid);
+      if ($updateRes == 1) {
+        return $this->get($id);
+      }
+      return false;
+    }
+
+    /**
+     * Update order general fields (won't touch lines of order) <b>Warning: Deprecated</b>
+     *
+     * @param int   $id             Id of commande to update
+     * @param array $request_data   Datas   
+     * 
+     * @url	PUT order/{id}
+     * 
+     * @return int 
+     */
+    function put($id, $request_data = NULL) {
+      if(! DolibarrApiAccess::$user->rights->commande->creer) {
+		  	throw new RestException(401);
+		  }
+        
+        $result = $this->commande->fetch($id);
+        if( ! $result ) {
+            throw new RestException(404, 'Commande not found');
+        }
+		
+		if( ! DolibarrApi::_checkAccessToResource('commande',$this->commande->id)) {
+			throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
+		}
+        foreach($request_data as $field => $value) {
+            $this->commande->$field = $value;
+        }
+        
+        if($this->commande->update($id, DolibarrApiAccess::$user,1,'','','update'))
+            return $this->get($id);
+        
+        return false;
+    }
+    
+    /**
+     * Delete order <b>Warning: Deprecated</b>
+     *
+     * @param   int     $id         Order ID
+     * 
+     * @url     DELETE  order/{id}
+     * 
+     * @return  array
+     */
+    function delete($id)
+    {
+        if(! DolibarrApiAccess::$user->rights->commande->supprimer) {
+			throw new RestException(401);
+		}
+        $result = $this->commande->fetch($id);
+        if( ! $result ) {
+            throw new RestException(404, 'Order not found');
+        }
+		
+		if( ! DolibarrApi::_checkAccessToResource('commande',$this->commande->id)) {
+			throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
+		}
+        
+        if( ! $this->commande->delete(DolibarrApiAccess::$user)) {
+            throw new RestException(500, 'Error when delete order : '.$this->commande->error);
+        }
+        
+        return array(
+            'success' => array(
+                'code' => 200,
+                'message' => 'Order deleted'
+            )
+        );
+        
+    }
+    
+    /**
+     * Validate an order <b>Warning: Deprecated</b>
+     * 
+     * @param   int $id             Order ID
+     * @param   int $idwarehouse    Warehouse ID
+     * 
+     * @url GET     order/{id}/validate
+     * @url POST    order/{id}/validate
+     *  
+     * @return  array
+     * 
+     */
+    function validOrder($id, $idwarehouse=0)
+    {
+        if(! DolibarrApiAccess::$user->rights->commande->creer) {
+			throw new RestException(401);
+		}
+        $result = $this->commande->fetch($id);
+        if( ! $result ) {
+            throw new RestException(404, 'Order not found');
+        }
+		
+		if( ! DolibarrApi::_checkAccessToResource('commande',$this->commande->id)) {
+			throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
+		}
+        
+        if( ! $this->commande->valid(DolibarrApiAccess::$user, $idwarehouse)) {
+            throw new RestException(500, 'Error when validate order');
+        }
+        
+        return array(
+            'success' => array(
+                'code' => 200,
+                'message' => 'Order validated'
+            )
+        );
+    }
+    
+    /**
+     * Validate fields before create or update object
+     * 
+     * @param   array           $data   Array with data to verify
+     * @return  array           
+     * @throws  RestException
+     */
+    function _validate($data)
+    {
+        $commande = array();
+        foreach (CommandeApi::$FIELDS as $field) {
+            if (!isset($data[$field]))
+                throw new RestException(400, "$field field missing");
+            $commande[$field] = $data[$field];
+            
+        }
+        return $commande;
+    }
+}

htdocs/compta/facture/class/api_deprecated_invoice.class.php

@@ -0,0 +1,297 @@
+<?php
+/* Copyright (C) 2015   Jean-François Ferry     <jfefe@aternatik.fr>
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program. If not, see <http://www.gnu.org/licenses/>.
+ */
+
+ use Luracast\Restler\RestException;
+
+ require_once DOL_DOCUMENT_ROOT.'/compta/facture/class/facture.class.php';
+
+/**
+ * API class for invoice object
+ *
+ * @smart-auto-routing false
+ * @access protected 
+ * @class  DolibarrApiAccess {@requires user,external}
+ * @deprecated
+ */
+class InvoiceApi extends DolibarrApi
+{
+    /**
+     *
+     * @var array   $FIELDS     Mandatory fields, checked when create and update object 
+     */
+    static $FIELDS = array(
+        'socid'
+    );
+
+    /**
+     * @var Facture $invoice {@type Facture}
+     */
+    public $invoice;
+
+    /**
+     * Constructor <b>Warning: Deprecated</b>
+     *
+     * @url     GET invoice/
+     * 
+     */
+    function __construct()
+    {
+		global $db, $conf;
+		$this->db = $db;
+        $this->invoice = new Facture($this->db);
+    }
+
+    /**
+     * Get properties of a invoice object <b>Warning: Deprecated</b>
+     *
+     * Return an array with invoice informations
+     * 
+     * @param 	int 	$id ID of invoice
+     * @return 	array|mixed data without useless information
+     *
+     * @url	GET invoice/{id}
+     * @throws 	RestException
+     */
+    function get($id)
+    {		
+		if(! DolibarrApiAccess::$user->rights->facture->lire) {
+			throw new RestException(401);
+		}
+			
+        $result = $this->invoice->fetch($id);
+        if( ! $result ) {
+            throw new RestException(404, 'Facture not found');
+        }
+		
+		if( ! DolibarrApi::_checkAccessToResource('facture',$this->invoice->id)) {
+			throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
+		}
+
+		return $this->_cleanObjectDatas($this->invoice);
+    }
+
+    /**
+     * List invoices <b>Warning: Deprecated</b>
+     * 
+     * Get a list of invoices
+     * 
+     * @param int       $socid      Filter list with thirdparty ID
+     * @param string	$mode		Filter by invoice status : draft | unpaid | paid | cancelled
+     * @param string	$sortfield	Sort field
+     * @param string	$sortorder	Sort order
+     * @param int		$limit		Limit for list
+     * @param int		$page		Page number
+     *
+     * @return array Array of invoice objects
+     *
+     * @url	GET invoice/list
+     * @url	GET invoice/list/{mode}
+     * @url GET thirdparty/{socid}/invoice/list
+     * @url GET thirdparty/{socid}/invoice/list/{mode} 
+     */
+    function getList($socid=0, $mode='', $sortfield = "s.rowid", $sortorder = 'ASC', $limit = 0, $page = 0) {
+        global $db, $conf;
+        
+        $obj_ret = array();
+        
+        $socid = DolibarrApiAccess::$user->societe_id ? DolibarrApiAccess::$user->societe_id : '';
+            
+        // If the internal user must only see his customers, force searching by him
+        if (! DolibarrApiAccess::$user->rights->societe->client->voir && !$socid) $search_sale = DolibarrApiAccess::$user->id;
+
+        $sql = "SELECT s.rowid";
+        if ((!DolibarrApiAccess::$user->rights->societe->client->voir && !$socid) || $search_sale > 0) $sql .= ", sc.fk_soc, sc.fk_user"; // We need these fields in order to filter by sale (including the case where the user can only see his prospects)
+        $sql.= " FROM ".MAIN_DB_PREFIX."facture as s";
+        
+        if ((!DolibarrApiAccess::$user->rights->societe->client->voir && !$socid) || $search_sale > 0) $sql.= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; // We need this table joined to the select in order to filter by sale
+
+        $sql.= ' WHERE s.entity IN ('.getEntity('facture', 1).')';
+        if ((!DolibarrApiAccess::$user->rights->societe->client->voir && !$socid) || $search_sale > 0) $sql.= " AND s.fk_soc = sc.fk_soc";
+        if ($socid) $sql.= " AND s.fk_soc = ".$socid;
+        if ($search_sale > 0) $sql.= " AND s.rowid = sc.fk_soc";		// Join for the needed table to filter by sale
+        
+        
+		// Example of use $mode
+        if ($mode == 'draft') $sql.= " AND s.fk_statut IN (0)";
+        if ($mode == 'unpaid') $sql.= " AND s.fk_statut IN (1)";
+        if ($mode == 'paid') $sql.= " AND s.fk_statut IN (2)";
+        if ($mode == 'cancelled') $sql.= " AND s.fk_statut IN (3)";
+        
+        // Insert sale filter
+        if ($search_sale > 0)
+        {
+            $sql .= " AND sc.fk_user = ".$search_sale;
+        }
+        
+        $nbtotalofrecords = 0;
+        if (empty($conf->global->MAIN_DISABLE_FULL_SCANLIST))
+        {
+            $result = $db->query($sql);
+            $nbtotalofrecords = $db->num_rows($result);
+        }
+
+        $sql.= $db->order($sortfield, $sortorder);
+        if ($limit)	{
+            if ($page < 0)
+            {
+                $page = 0;
+            }
+            $offset = $limit * $page;
+
+            $sql.= $db->plimit($limit + 1, $offset);
+        }
+
+        $result = $db->query($sql);
+        if ($result)
+        {
+            $num = $db->num_rows($result);
+            while ($i < $num)
+            {
+                $obj = $db->fetch_object($result);
+                $invoice_static = new Facture($db);
+                if($invoice_static->fetch($obj->rowid)) {
+                    $obj_ret[] = parent::_cleanObjectDatas($invoice_static);
+                }
+                $i++;
+            }
+        }
+        else {
+            throw new RestException(503, 'Error when retrieve invoice list');
+        }
+        if( ! count($obj_ret)) {
+            throw new RestException(404, 'No invoice found');
+        }
+		return $obj_ret;
+    }
+    
+    /**
+     * Create invoice object <b>Warning: Deprecated</b>
+     * 
+     * @param array $request_data   Request datas
+     * @return int  ID of invoice
+     *
+     * @url	POST invoice/
+     */
+    function post($request_data = NULL)
+    {
+        if(! DolibarrApiAccess::$user->rights->facture->creer) {
+			throw new RestException(401);
+		}
+        // Check mandatory fields
+        $result = $this->_validate($request_data);
+        
+        foreach($request_data as $field => $value) {
+            $this->invoice->$field = $value;
+        }
+        if(! array_keys($request_data,'date')) {
+            $this->invoice->date = dol_now();
+        }
+        if( ! $this->invoice->create(DolibarrApiAccess::$user)) {
+            throw new RestException(500);
+        }
+        return $this->invoice->id;
+    }
+
+    /**
+     * Update invoice <b>Warning: Deprecated</b>
+     *
+     * @param int   $id             Id of invoice to update
+     * @param array $request_data   Datas   
+     * @return int 
+     * 
+     * @url	PUT invoice/{id}
+     */
+    function put($id, $request_data = NULL)
+    {
+        if(! DolibarrApiAccess::$user->rights->facture->creer) {
+			throw new RestException(401);
+		}
+        
+        $result = $this->invoice->fetch($id);
+        if( ! $result ) {
+            throw new RestException(404, 'Facture not found');
+        }
+		
+		if( ! DolibarrApi::_checkAccessToResource('facture',$this->invoice->id)) {
+			throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
+		}
+
+        foreach($request_data as $field => $value) {
+            $this->invoice->$field = $value;
+        }
+        
+        if($this->invoice->update($id, DolibarrApiAccess::$user))
+            return $this->get ($id);
+        
+        return false;
+    }
+    
+    /**
+     * Delete invoice <b>Warning: Deprecated</b>
+     *
+     * @param int   $id Invoice ID
+     * @return type
+     * 
+     * @url	DELETE invoice/{id} 
+     */
+    function delete($id)
+    {
+        if(! DolibarrApiAccess::$user->rights->facture->supprimer) {
+			throw new RestException(401);
+		}
+        $result = $this->invoice->fetch($id);
+        if( ! $result ) {
+            throw new RestException(404, 'Facture not found');
+        }
+		
+		if( ! DolibarrApi::_checkAccessToResource('facture',$this->facture->id)) {
+			throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
+		}
+        
+        if( !$this->invoice->delete($id))
+        {
+            throw new RestException(500);
+        }
+        
+         return array(
+            'success' => array(
+                'code' => 200,
+                'message' => 'Facture deleted'
+            )
+        );
+        
+    }
+    
+    /**
+     * Validate fields before create or update object
+     * 
+     * @param array $data   Datas to validate
+     * @return array
+     * 
+     * @throws RestException
+     */
+    function _validate($data)
+    {
+        $invoice = array();
+        foreach (InvoiceApi::$FIELDS as $field) {
+            if (!isset($data[$field]))
+                throw new RestException(400, "$field field missing");
+            $invoice[$field] = $data[$field];
+        }
+        return $invoice;
+    }
+}

htdocs/product/class/api_deprecated_product.class.php

@@ -0,0 +1,359 @@
+<?php
+/* Copyright (C) 2015   Jean-François Ferry     <jfefe@aternatik.fr>
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program. If not, see <http://www.gnu.org/licenses/>.
+ */
+
+ use Luracast\Restler\RestException;
+ 
+ require_once DOL_DOCUMENT_ROOT.'/product/class/product.class.php';
+ require_once DOL_DOCUMENT_ROOT.'/categories/class/categorie.class.php';
+
+/**
+ * API class for product object
+ *
+ * @smart-auto-routing false
+ * @access protected 
+ * @class  DolibarrApiAccess {@requires user,external}
+ * @deprecated
+ */
+class ProductApi extends DolibarrApi
+{
+    /**
+     * @var array   $FIELDS     Mandatory fields, checked when create and update object 
+     */
+    static $FIELDS = array(
+        'ref',
+        'label' 
+    );
+
+    /**
+     * @var Product $product {@type Product}
+     */
+    public $product;
+
+    /**
+     * Constructor <b>Warning: Deprecated</b>
+     *
+     * @url	product/
+     * 
+     */
+    function __construct()
+    {
+		global $db, $conf;
+		$this->db = $db;
+        $this->product = new Product($this->db);
+    }
+
+    /**
+     * Get properties of a product object <b>Warning: Deprecated</b>
+     *
+     * Return an array with product informations
+     *
+     * @param 	int 	$id     ID of product
+     * @param   string  $ref    Product ref
+     * @param   string  $ref_ext    Product ref ext
+     * @return 	array|mixed data without useless information
+	 * 
+     * @url	GET product/{id}
+     * @throws 	RestException
+     */
+    function get($id='', $ref='', $ref_ext='')
+    {		
+		if(! DolibarrApiAccess::$user->rights->produit->lire) {
+			throw new RestException(401);
+		}
+			
+        $result = $this->product->fetch($id,$ref,$ref_ext);
+        if( ! $result ) {
+            throw new RestException(404, 'Product not found');
+        }
+		
+		if( ! DolibarrApi::_checkAccessToResource('product',$this->product->id)) {
+			throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
+		}
+        
+        $this->product->load_stock();
+
+		return $this->_cleanObjectDatas($this->product);
+    }
+
+    /**
+     * List products <b>Warning: Deprecated</b>
+     * 
+     * Get a list of products
+     * 
+     * @param int		$mode		Use this param to filter list (0 for all, 1 for only product, 2 for only service)
+     * @param mixed     $to_sell    Filter products to sell (1) or not to sell (0)  
+     * @param mixed     $to_buy     Filter products to nuy (1) or not to buy (0)  
+     * @param string	$sortfield	Sort field
+     * @param string	$sortorder	Sort order
+     * @param int		$limit		Limit for list
+     * @param int		$page		Page number
+     *
+     * @return array Array of product objects
+     *
+     * @url	GET /product/list
+     */
+    function getList($mode=0, $to_sell='', $to_buy='', $sortfield = "p.ref", $sortorder = 'ASC', $limit = 0, $page = 0) {
+        global $db, $conf;
+        
+        $obj_ret = array();
+        
+        $socid = DolibarrApiAccess::$user->societe_id ? DolibarrApiAccess::$user->societe_id : '';
+
+        $sql ="SELECT rowid, ref, ref_ext";
+        $sql.= " FROM ".MAIN_DB_PREFIX."product as p";
+        $sql.= ' WHERE p.entity IN ('.getEntity('product', 1).')';
+		
+        // Show products
+        if ($mode == 1) $sql.= " AND p.fk_product_type = 0";
+        // Show services
+        if ($mode == 2) $sql.= " AND p.fk_product_type = 1";
+        // Show product on sell
+        if ($to_sell) $sql.= " AND p.to_sell = ".$db->escape($to_sell);
+        // Show product on buy
+        if ($to_buy) $sql.= " AND p.to_nuy = ".$db->escape($to_nuy);
+
+        $nbtotalofrecords = 0;
+        if (empty($conf->global->MAIN_DISABLE_FULL_SCANLIST))
+        {
+            $result = $db->query($sql);
+            $nbtotalofrecords = $db->num_rows($result);
+        }
+
+        $sql.= $db->order($sortfield, $sortorder);
+        if ($limit)	{
+            if ($page < 0)
+            {
+                $page = 0;
+            }
+            $offset = $limit * $page;
+
+            $sql.= $db->plimit($limit + 1, $offset);
+        }
+
+        $result = $db->query($sql);
+        if ($result)
+        {
+            $num = $db->num_rows($result);
+            while ($i < $num)
+            {
+                $obj = $db->fetch_object($result);
+                $product_static = new Product($db);
+                if($product_static->fetch($obj->rowid)) {
+                    $obj_ret[] = parent::_cleanObjectDatas($product_static);
+                }
+                $i++;
+            }
+        }
+        else {
+            throw new RestException(503, 'Error when retrieve product list');
+        }
+        if( ! count($obj_ret)) {
+            throw new RestException(404, 'No product found');
+        }
+		return $obj_ret;
+    }
+
+
+    /**
+     * List products in a category <b>Warning: Deprecated</b>
+     * 
+     * Get a list of products
+     * 
+     * @param int		$mode		Use this param to filter list (0 for all, 1 for only product, 2 for only service)
+     * @param int		$category		Use this param to filter list by category
+     * @param mixed     $to_sell    Filter products to sell (1) or not to sell (0)  
+     * @param mixed     $to_buy     Filter products to nuy (1) or not to buy (0)  
+     * @param string	$sortfield	Sort field
+     * @param string	$sortorder	Sort order
+     * @param int		$limit		Limit for list
+     * @param int		$page		Page number
+     *
+     * @return array Array of product objects
+     *
+     * @url	GET /product/list/category/{category}
+     */
+    function getByCategory($mode=0, $category=0, $to_sell='', $to_buy='', $sortfield = "p.ref", $sortorder = 'ASC', $limit = 0, $page = 0) {
+        global $db, $conf;
+        
+        $obj_ret = array();
+        
+        $socid = DolibarrApiAccess::$user->societe_id ? DolibarrApiAccess::$user->societe_id : '';
+
+        $sql = "SELECT rowid, ref, ref_ext";
+        $sql.= " FROM ".MAIN_DB_PREFIX."product as p, ";
+        $sql.= MAIN_DB_PREFIX."categorie_product as c";
+        $sql.= ' WHERE p.entity IN ('.getEntity('product', 1).')';
+
+        // Select products of given category
+        $sql.= " AND c.fk_categorie = ".$db->escape($category);
+        $sql.= " AND c.fk_product = p.rowid ";
+		
+        // Show products
+        if ($mode == 1) $sql.= " AND p.fk_product_type = 0";
+        // Show services
+        if ($mode == 2) $sql.= " AND p.fk_product_type = 1";
+        // Show product on sell
+        if ($to_sell) $sql.= " AND p.to_sell = ".$db->escape($to_sell);
+        // Show product on buy
+        if ($to_buy) $sql.= " AND p.to_nuy = ".$db->escape($to_nuy);
+
+        $nbtotalofrecords = 0;
+        if (empty($conf->global->MAIN_DISABLE_FULL_SCANLIST))
+        {
+            $result = $db->query($sql);
+            $nbtotalofrecords = $db->num_rows($result);
+        }
+
+        $sql.= $db->order($sortfield, $sortorder);
+        if ($limit)	{
+            if ($page < 0)
+            {
+                $page = 0;
+            }
+            $offset = $limit * $page;
+
+            $sql.= $db->plimit($limit + 1, $offset);
+        }
+
+        $result = $db->query($sql);
+        if ($result)
+        {
+            $num = $db->num_rows($result);
+            while ($i < $num)
+            {
+                $obj = $db->fetch_object($result);
+                $product_static = new Product($db);
+                if($product_static->fetch($obj->rowid)) {
+                    $obj_ret[] = parent::_cleanObjectDatas($product_static);
+                }
+                $i++;
+            }
+        }
+        else {
+            throw new RestException(503, 'Error when retrieve product list');
+        }
+        if( ! count($obj_ret)) {
+            throw new RestException(404, 'No product found');
+        }
+        return $obj_ret;
+    }
+    
+    /**
+     * Create product object <b>Warning: Deprecated</b>
+     * 
+     * @param   array   $request_data   Request data
+     * @return  int     ID of product
+     *
+     * @url     POST product/
+     */
+    function post($request_data = NULL)
+    {
+        if(! DolibarrApiAccess::$user->rights->produit->creer) {
+			throw new RestException(401);
+		}
+        // Check mandatory fields
+        $result = $this->_validate($request_data);
+        
+        foreach($request_data as $field => $value) {
+            $this->product->$field = $value;
+        }
+        $result = $this->product->create(DolibarrApiAccess::$user);
+        if($result < 0) {
+            throw new RestException(503,'Error when creating product : '.$this->product->error);
+        }
+        
+        return $this->product->id;
+        
+    }
+
+    /**
+     * Update product <b>Warning: Deprecated</b>
+     * 
+     * @param int   $id             Id of product to update
+     * @param array $request_data   Datas   
+     * @return int 
+     *
+     * @url	PUT product/{id}
+     */
+    function put($id, $request_data = NULL)
+    {
+        if(! DolibarrApiAccess::$user->rights->produit->creer) {
+			throw new RestException(401);
+		}
+        
+        $result = $this->product->fetch($id);
+        if( ! $result ) {
+            throw new RestException(404, 'Product not found');
+        }
+		
+		if( ! DolibarrApi::_checkAccessToResource('product',$this->product->id)) {
+			throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
+		}
+
+        foreach($request_data as $field => $value) {
+            $this->product->$field = $value;
+        }
+        
+        if($this->product->update($id, DolibarrApiAccess::$user,1,'','','update'))
+            return $this->get ($id);
+        
+        return false;
+    }
+    
+    /**
+     * Delete product <b>Warning: Deprecated</b>
+     * 
+     * @param   int     $id   Product ID
+     * @return  array
+     *
+     * @url	DELETE product/{id}
+     */
+    function delete($id)
+    {
+        if(! DolibarrApiAccess::$user->rights->product->supprimer) {
+			throw new RestException(401);
+		}
+        $result = $this->product->fetch($id);
+        if( ! $result ) {
+            throw new RestException(404, 'Product not found');
+        }
+		
+		if( ! DolibarrApi::_checkAccessToResource('product',$this->product->id)) {
+			throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
+		}
+        
+        return $this->product->delete($id);
+    }
+    
+    /**
+     * Validate fields before create or update object
+     * 
+     * @param array $data   Datas to validate
+     * @return array
+     * @throws RestException
+     */
+    function _validate($data)
+    {
+        $product = array();
+        foreach (ProductApi::$FIELDS as $field) {
+            if (!isset($data[$field]))
+                throw new RestException(400, "$field field missing");
+            $product[$field] = $data[$field];
+        }
+        return $product;
+    }
+}

htdocs/societe/class/api_deprecated_contact.class.php

@@ -0,0 +1,293 @@
+<?php
+/* Copyright (C) 2015   Jean-François Ferry     <jfefe@aternatik.fr>
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program. If not, see <http://www.gnu.org/licenses/>.
+ */
+
+use Luracast\Restler\RestException;
+
+//require_once DOL_DOCUMENT_ROOT . '/contact/class/contact.class.php';
+
+/**
+ * API class for contact object
+ *
+ * @smart-auto-routing false
+ * @access protected 
+ * @class  DolibarrApiAccess {@requires user,external}
+ * @deprecated
+ */
+class ContactApi extends DolibarrApi
+{
+	/**
+	 *
+	 * @var array   $FIELDS     Mandatory fields, checked when create and update object 
+	 */
+	static $FIELDS = array(
+		'lastname'
+	);
+
+	/**
+	 * @var Contact $contact {@type Contact}
+	 */
+	public $contact;
+
+	/**
+	 * Constructor <b>Warning: Deprecated</b>
+	 *
+	 * @url	contact/
+	 * 
+	 */
+	function __construct() {
+		global $db, $conf;
+		$this->db = $db;
+		$this->contact = new Contact($this->db);
+	}
+
+	/**
+	 * Get properties of a contact object <b>Warning: Deprecated</b>
+	 *
+	 * Return an array with contact informations
+	 *
+	 * @param 	int 	$id ID of contact
+	 * @return 	array|mixed data without useless information
+	 * 
+	 * @url	GET contact/{id}
+	 * @throws 	RestException
+	 */
+	function get($id) {
+		if (!DolibarrApiAccess::$user->rights->societe->contact->lire)
+		{
+			throw new RestException(401);
+		}
+
+		$result = $this->contact->fetch($id);
+		if (!$result)
+		{
+			throw new RestException(404, 'Contact not found');
+		}
+
+		if (!DolibarrApi::_checkAccessToResource('contact', $this->contact->id, 'socpeople&societe'))
+		{
+			throw new RestException(401, 'Access not allowed for login ' . DolibarrApiAccess::$user->login);
+		}
+
+		return $this->_cleanObjectDatas($this->contact);
+	}
+
+	/**
+	 * List contacts <b>Warning: Deprecated</b>
+	 * 
+	 * Get a list of contacts
+	 * 
+	 * @param int		$socid		ID of thirdparty to filter list
+	 * @param string	$sortfield	Sort field
+	 * @param string	$sortorder	Sort order
+	 * @param int		$limit		Limit for list
+	 * @param int		$page		Page number
+	 * @return array Array of contact objects
+	 *
+	 * @url	GET /contact/list
+	 * @url	GET /contact/list/{socid}
+	 * @url	GET	/thirdparty/{socid}/contacts
+	 * @url	GET	/customer/{socid}/contacts
+     * 
+	 * @throws RestException
+	 */
+	function getList($socid = 0, $sortfield = "c.rowid", $sortorder = 'ASC', $limit = 0, $page = 0) {
+		global $db, $conf;
+
+		$obj_ret = array();
+
+		if (!$socid)
+		{
+			$socid = DolibarrApiAccess::$user->societe_id ? DolibarrApiAccess::$user->societe_id : '';
+		}
+
+		// If the internal user must only see his customers, force searching by him
+		if (!DolibarrApiAccess::$user->rights->societe->client->voir && !$socid)
+			$search_sale = DolibarrApiAccess::$user->id;
+
+		$sql = "SELECT c.rowid";
+		$sql.= " FROM " . MAIN_DB_PREFIX . "socpeople as c";
+		if ((!DolibarrApiAccess::$user->rights->societe->client->voir && !$socid) || $search_sale > 0) {
+			// We need this table joined to the select in order to filter by sale
+			$sql.= ", " . MAIN_DB_PREFIX . "societe_commerciaux as sc"; 
+		}
+		$sql.= " LEFT JOIN " . MAIN_DB_PREFIX . "societe as s ON c.fk_soc = s.rowid";
+		$sql.= ' WHERE  c.entity IN (' . getEntity('contact', 1) . ')';
+		if ($socid)
+			$sql.= " AND c.fk_soc = " . $socid;
+
+		if ((!DolibarrApiAccess::$user->rights->societe->client->voir && !$socid) || $search_sale > 0)
+			$sql.= " AND c.fk_soc = sc.fk_soc";
+		if ($search_sale > 0)
+			$sql.= " AND s.rowid = sc.fk_soc";  // Join for the needed table to filter by sale
+
+
+			
+		// Insert sale filter
+		if ($search_sale > 0)
+		{
+			$sql .= " AND sc.fk_user = " . $search_sale;
+		}
+
+		$nbtotalofrecords = 0;
+		if (empty($conf->global->MAIN_DISABLE_FULL_SCANLIST))
+		{
+			$result = $db->query($sql);
+			$nbtotalofrecords = $db->num_rows($result);
+		}
+
+		$sql.= $db->order($sortfield, $sortorder);
+
+		if ($limit)
+		{
+			if ($page < 0)
+			{
+				$page = 0;
+			}
+			$offset = $limit * $page;
+
+			$sql.= $db->plimit($limit + 1, $offset);
+		}
+		$result = $db->query($sql);
+		if ($result)
+		{
+			$num = $db->num_rows($result);
+			while ($i < $num)
+			{
+				$obj = $db->fetch_object($result);
+				$contact_static = new Contact($db);
+				if ($contact_static->fetch($obj->rowid))
+				{
+					$obj_ret[] = parent::_cleanObjectDatas($contact_static);
+				}
+				$i++;
+			}
+		} 
+		else {
+			throw new RestException(503, 'Error when retreive contacts : ' . $sql);
+		}
+		if (!count($obj_ret))
+		{
+			throw new RestException(404, 'Contacts not found');
+		}
+		return $obj_ret;
+	}
+
+	/**
+	 * Create contact object <b>Warning: Deprecated</b>
+	 *
+	 * @param   array   $request_data   Request datas
+	 * @return  int     ID of contact
+     * 
+	 * @url	POST contact/
+	 */
+	function post($request_data = NULL) {
+		if (!DolibarrApiAccess::$user->rights->societe->contact->creer)
+		{
+			throw new RestException(401);
+		}
+		// Check mandatory fields
+		$result = $this->_validate($request_data);
+
+		foreach ($request_data as $field => $value)
+		{
+			$this->contact->$field = $value;
+		}
+		return $this->contact->create(DolibarrApiAccess::$user);
+	}
+
+	/**
+	 * Update contact <b>Warning: Deprecated</b>
+	 *
+	 * @param int   $id             Id of contact to update
+	 * @param array $request_data   Datas   
+	 * @return int 
+     * 
+	 * @url	PUT contact/{id}
+	 */
+	function put($id, $request_data = NULL) {
+		if (!DolibarrApiAccess::$user->rights->societe->contact->creer)
+		{
+			throw new RestException(401);
+		}
+
+		$result = $this->contact->fetch($id);
+		if (!$result)
+		{
+			throw new RestException(404, 'Contact not found');
+		}
+
+		if (!DolibarrApi::_checkAccessToResource('contact', $this->contact->id, 'socpeople&societe'))
+		{
+			throw new RestException(401, 'Access not allowed for login ' . DolibarrApiAccess::$user->login);
+		}
+
+		foreach ($request_data as $field => $value)
+		{
+			$this->contact->$field = $value;
+		}
+
+		if ($this->contact->update($id, DolibarrApiAccess::$user, 1, '', '', 'update'))
+			return $this->get($id);
+
+		return false;
+	}
+
+	/**
+	 * Delete contact <b>Warning: Deprecated</b>
+	 *
+	 * @param   int     $id Contact ID
+	 * @return  integer
+   * 
+	 * @url	DELETE contact/{id}
+	 */
+	function delete($id) {
+		if (!DolibarrApiAccess::$user->rights->contact->supprimer)
+		{
+			throw new RestException(401);
+		}
+		$result = $this->contact->fetch($id);
+		if (!$result)
+		{
+			throw new RestException(404, 'Contact not found');
+		}
+
+		if (!DolibarrApi::_checkAccessToResource('contact', $this->contact->id, 'socpeople&societe'))
+		{
+			throw new RestException(401, 'Access not allowed for login ' . DolibarrApiAccess::$user->login);
+		}
+
+		return $this->contact->delete($id);
+	}
+
+	/**
+	 * Validate fields before create or update object
+     * 
+	 * @param   array $data Data to validate
+	 * @return  array
+	 * @throws RestException
+	 */
+	function _validate($data) {
+		$contact = array();
+		foreach (ContactApi::$FIELDS as $field)
+		{
+			if (!isset($data[$field]))
+				throw new RestException(400, "$field field missing");
+			$contact[$field] = $data[$field];
+		}
+		return $contact;
+	}
+}

htdocs/societe/class/api_deprecated_thirdparty.class.php

@@ -0,0 +1,411 @@
+<?php
+/* Copyright (C) 2015   Jean-François Ferry     <jfefe@aternatik.fr>
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program. If not, see <http://www.gnu.org/licenses/>.
+ */
+
+ use Luracast\Restler\RestException;
+
+
+/**
+ * API class for thirdparty object
+ *
+ * @smart-auto-routing false
+ * @access protected 
+ * @class  DolibarrApiAccess {@requires user,external}
+ * @deprecated
+ */
+class ThirdpartyApi extends DolibarrApi
+{
+    /**
+     *
+     * @var array   $FIELDS     Mandatory fields, checked when create and update object 
+     */
+    static $FIELDS = array(
+        'name'
+    );
+
+    /**
+     * @var Societe $company {@type Societe}
+     */
+    public $company;
+    /**
+     * @var Customer $customer {@type Client}
+     */
+    public $customer;
+
+    /**
+     * Constructor <b>Warning: Deprecated</b>
+     *
+     * @url	thirdparty/
+     * 
+     */
+    function __construct()
+    {
+		global $db, $conf;
+		$this->db = $db;
+        $this->company = new Societe($this->db);
+        $this->customer = new Client($this->db);
+        
+        if (! empty($conf->global->SOCIETE_MAIL_REQUIRED)) {
+            static::$FIELDS[] = 'email';
+        }
+    }
+
+  /**
+   * Get properties of a customer object <b>Warning: Deprecated</b>
+   *
+   * Return an array with customer informations
+   *
+   * @param 	int 	$id ID of customer
+   * @return 	array|mixed data without useless information
+	 * 
+   * @url	GET customer/{id}
+   * @throws 	RestException
+   */
+    function getCustomer($id)
+    {		
+      if(! DolibarrApiAccess::$user->rights->societe->lire) {
+        throw new RestException(401);
+      }
+			
+      $result = $this->customer->fetch($id);
+      if( ! $result ) {
+          throw new RestException(404, 'Customer not found');
+      }
+		
+      if( ! DolibarrApi::_checkAccessToResource('societe',$this->customer->id)) {
+        throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
+      }
+
+		  return $this->_cleanObjectDatas($this->customer);
+    }
+
+    /**
+     * Search customer by email <b>Warning: Deprecated</b>
+     * 
+     * @param   string  $email      email id
+     *
+     * @return object    client with given email
+     * 
+     * @url GET customer/byemail/{email}
+     */
+    function getByEmail($email) {
+      $res = $this->getList(1,$email);
+      if (count($res) == 1) {
+        $customer = $res[0];
+        return $customer;
+      }
+      return $res;
+    }
+
+  /**
+   * Get properties of a thirdparty object <b>Warning: Deprecated</b>
+   *
+   * Return an array with thirdparty informations
+   *
+   * @param 	int 	$id ID of thirdparty
+   * @return 	array|mixed data without useless information
+	 * 
+   * @url	GET thirdparty/{id}
+   * @throws 	RestException
+   */
+    function get($id)
+    {		
+      if(! DolibarrApiAccess::$user->rights->societe->lire) {
+        throw new RestException(401);
+      }
+			
+      $result = $this->company->fetch($id);
+      if( ! $result ) {
+          throw new RestException(404, 'Thirdparty not found');
+      }
+		
+      if( ! DolibarrApi::_checkAccessToResource('societe',$this->company->id)) {
+        throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
+      }
+
+		  return $this->_cleanObjectDatas($this->company);
+    }
+
+    /**
+     * List thirdparties <b>Warning: Deprecated</b>
+     * 
+     * Get a list of thirdparties
+     * 
+     * @param   int     $mode       Set to 1 to show only customers 
+     *                              Set to 2 to show only prospects
+     *                              Set to 3 to show only those are not customer neither prospect
+     * @param   Text  $email      Search by email filter
+     * @param   string  $sortfield  Sort field
+     * @param   string  $sortorder  Sort order
+     * @param   int     $limit      Limit for list
+     * @param   int     $page       Page number
+     * @return array Array of thirdparty objects
+     * 
+     * @url	GET /thirdparty/list
+     *
+     */
+    function getList($mode=0, $email=NULL, $sortfield = "s.rowid", $sortorder = 'ASC', $limit = 0, $page = 0) {
+        global $db, $conf;
+        
+        $obj_ret = array();
+        
+        $socid = DolibarrApiAccess::$user->societe_id ? DolibarrApiAccess::$user->societe_id : '';
+            
+        // If the internal user must only see his customers, force searching by him
+        if (! DolibarrApiAccess::$user->rights->societe->client->voir && !$socid) $search_sale = DolibarrApiAccess::$user->id;
+
+        $sql = "SELECT s.rowid";
+        if ((!DolibarrApiAccess::$user->rights->societe->client->voir && !$socid) || $search_sale > 0) $sql .= ", sc.fk_soc, sc.fk_user"; // We need these fields in order to filter by sale (including the case where the user can only see his prospects)
+        $sql.= " FROM ".MAIN_DB_PREFIX."societe as s";
+        
+        if ((!DolibarrApiAccess::$user->rights->societe->client->voir && !$socid) || $search_sale > 0) $sql.= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; // We need this table joined to the select in order to filter by sale
+        $sql.= ", ".MAIN_DB_PREFIX."c_stcomm as st";
+        $sql.= " WHERE s.fk_stcomm = st.id";
+        if ($mode == 1) $sql.= " AND s.client IN (1, 3)";
+        if ($mode == 2) $sql.= " AND s.client IN (2, 3)";
+        if ($mode == 3) $sql.= " AND s.client IN (0)";
+        $sql.= ' AND s.entity IN ('.getEntity('societe', 1).')';
+        if ((!DolibarrApiAccess::$user->rights->societe->client->voir && !$socid) || $search_sale > 0) $sql.= " AND s.rowid = sc.fk_soc";
+        if ($email != NULL) $sql.= " AND s.email = \"".$email."\"";
+        if ($socid) $sql.= " AND s.rowid = ".$socid;
+        if ($search_sale > 0) $sql.= " AND s.rowid = sc.fk_soc";		// Join for the needed table to filter by sale
+        
+        // Insert sale filter
+        if ($search_sale > 0)
+        {
+            $sql .= " AND sc.fk_user = ".$search_sale;
+        }
+        
+        $nbtotalofrecords = 0;
+        if (empty($conf->global->MAIN_DISABLE_FULL_SCANLIST))
+        {
+            $result = $db->query($sql);
+            $nbtotalofrecords = $db->num_rows($result);
+        }
+
+        $sql.= $db->order($sortfield, $sortorder);
+
+        if ($limit) {
+            if ($page < 0)
+            {
+                $page = 0;
+            }
+            $offset = $limit * $page;
+
+            $sql.= $db->plimit($limit + 1, $offset);
+        }
+
+		$result = $db->query($sql);
+        if ($result)
+        {
+            $num = $db->num_rows($result);
+            while ($i < $num)
+            {
+                $obj = $db->fetch_object($result);
+                $soc_static = new Societe($db);
+                if($soc_static->fetch($obj->rowid)) {
+                    $obj_ret[] = parent::_cleanObjectDatas($soc_static);
+                }
+                $i++;
+            }
+        }
+        else {
+            throw new RestException(503, 'Error when retrieve thirdparties : ' . $sql);
+        }
+        if( ! count($obj_ret)) {
+            throw new RestException(404, 'Thirdparties not found');
+        }
+		return $obj_ret;
+    }
+    
+    /**
+     * Show customers <b>Warning: Deprecated</b>
+     * 
+     * @return array    List of customers
+     * 
+     * @url GET /thirdparty/list/customers
+     * @url GET /customer/list
+     */
+    function getListCustomers() {
+        return $this->getList(1);
+    }
+    
+    /**
+     * Show prospects <b>Warning: Deprecated</b>
+     * 
+     * @return array    List of prospects
+     * 
+     * @url GET /thirdparty/list/prospects
+     */
+    function getListProspects() {
+        return $this->getList(2);
+    }
+    
+     /**
+     * Show other <b>Warning: Deprecated</b>
+     * 
+     * @return array    List of thirpdparties who are not customer neither prospect
+     * 
+     * @url GET /thirdparty/list/others
+     */
+    function getListOthers() {
+        return $this->getList(3);
+    }
+    
+    /**
+     * Create thirdparty object <b>Warning: Deprecated</b>
+     *
+     * @param array $request_data   Request datas
+     * @return int  ID of thirdparty
+     * 
+     * @url	POST thirdparty/
+     */
+    function post($request_data = NULL)
+    {
+      if(! DolibarrApiAccess::$user->rights->societe->creer) {
+        throw new RestException(401);
+      }
+      // Check mandatory fields
+      $result = $this->_validate($request_data);
+      
+      foreach($request_data as $field => $value) {
+          $this->company->$field = $value;
+      }
+      return $this->company->create(DolibarrApiAccess::$user);
+    }
+
+
+    /**
+     * Create customer object <b>Warning: Deprecated</b>
+     *
+     * @param array $request_data   Request datas
+     * @return int  ID of thirdparty
+     * 
+     * @url	POST customer/
+     */
+    function postCustomer($request_data) {
+      $this->post($request_data);
+      $this->company->set_as_client();
+      return $this->company->id;
+    }
+
+    /**
+     * Update thirdparty <b>Warning: Deprecated</b>
+     *
+     * @param int   $id             Id of thirdparty to update
+     * @param array $request_data   Datas   
+     * @return int 
+     * 
+     * @url	PUT thirdparty/{id}
+     */
+    function put($id, $request_data = NULL)
+    {
+        if(! DolibarrApiAccess::$user->rights->societe->creer) {
+			throw new RestException(401);
+		}
+        
+        $result = $this->company->fetch($id);
+        if( ! $result ) {
+            throw new RestException(404, 'Thirdparty not found');
+        }
+		
+		if( ! DolibarrApi::_checkAccessToResource('societe',$this->company->id)) {
+			throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
+		}
+
+        foreach($request_data as $field => $value) {
+            $this->company->$field = $value;
+        }
+        
+        if($this->company->update($id, DolibarrApiAccess::$user,1,'','','update'))
+            return $this->get ($id);
+        
+        return false;
+    }
+    /**
+     * Update customer <b>Warning: Deprecated</b>
+     *
+     * @param int   $id             Id of thirdparty to update
+     * @param array $request_data   Datas   
+     * @return int 
+     * 
+     * @url	PUT customer/{id}
+     */
+    function putClient($id, $request_data = NULL) {
+      if(! DolibarrApiAccess::$user->rights->societe->creer) {
+		  	throw new RestException(401);
+      }
+      $result = $this->customer->fetch($id);
+      if( ! $result ) {
+          throw new RestException(404, 'Customer not found');
+      }
+      if( ! DolibarrApi::_checkAccessToResource('societe',$this->customer->id)) {
+        throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
+      }
+
+      foreach($request_data as $field => $value) {
+          $this->customer->$field = $value;
+      }
+      
+      if($this->customer->update($id, DolibarrApiAccess::$user,1,'','','update'))
+          return $this->get ($id);
+      
+      return false;
+    }
+    
+    /**
+     * Delete thirdparty <b>Warning: Deprecated</b>
+     *
+     * @param int $id   Thirparty ID
+     * @return integer
+     * 
+     * @url	DELETE thirdparty/{id}
+     * @url	DELETE customer/{id}
+     */
+    function delete($id)
+    {
+      if(! DolibarrApiAccess::$user->rights->societe->supprimer) {
+        throw new RestException(401);
+      }
+      $result = $this->company->fetch($id);
+      if( ! $result ) {
+          throw new RestException(404, 'Thirdparty not found');
+      }
+      if( ! DolibarrApi::_checkAccessToResource('societe',$this->company->id)) {
+        throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
+      }
+      return $this->company->delete($id);
+    }
+    
+    /**
+     * Validate fields before create or update object
+     * 
+     * @param array $data   Datas to validate
+     * @return array
+     * 
+     * @throws RestException
+     */
+    function _validate($data)
+    {
+        $thirdparty = array();
+        foreach (ThirdpartyApi::$FIELDS as $field) {
+            if (!isset($data[$field]))
+                throw new RestException(400, "$field field missing");
+            $thirdparty[$field] = $data[$field];
+        }
+        return $thirdparty;
+    }
+}

htdocs/user/class/api_deprecated_user.class.php

@@ -0,0 +1,273 @@
+<?php
+/* Copyright (C) 2015   Jean-François Ferry     <jfefe@aternatik.fr>
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program. If not, see <http://www.gnu.org/licenses/>.
+ */
+
+use Luracast\Restler\RestException;
+
+//require_once DOL_DOCUMENT_ROOT . '/contact/class/contact.class.php';
+
+/**
+ * API class for user object
+ *
+ * @smart-auto-routing false
+ * @access protected 
+ * @class  DolibarrApiAccess {@requires user,external}
+ * @deprecated
+ */
+class UserApi extends DolibarrApi
+{
+	/**
+	 *
+	 * @var array   $FIELDS     Mandatory fields, checked when create and update object 
+	 */
+	static $FIELDS = array(
+		'login'
+	);
+
+	/**
+	 * @var User $user {@type User}
+	 */
+	public $useraccount;
+
+	/**
+	 * Constructor <b>Warning: Deprecated</b>
+	 *
+	 * @url	user/
+	 * 
+	 */
+	function __construct() {
+		global $db, $conf;
+		$this->db = $db;
+		$this->useraccount = new User($this->db);
+	}
+
+	/**
+	 * Get properties of an user object <b>Warning: Deprecated</b>
+	 *
+	 * Return an array with user informations
+	 *
+	 * @param 	int 	$id ID of user
+	 * @return 	array|mixed data without useless information
+	 * 
+	 * @url	GET user/{id}
+	 * @throws 	RestException
+	 */
+	function get($id) {
+		//if (!DolibarrApiAccess::$user->rights->user->user->lire) {
+			//throw new RestException(401);
+		//}
+
+		$result = $this->useraccount->fetch($id);
+		if (!$result)
+		{
+			throw new RestException(404, 'User not found');
+		}
+
+		if (!DolibarrApi::_checkAccessToResource('user', $this->useraccount->id, 'user'))
+		{
+			throw new RestException(401, 'Access not allowed for login ' . DolibarrApiAccess::$user->login);
+		}
+
+		return $this->_cleanObjectDatas($this->useraccount);
+	}
+
+	/**
+	 * Create useraccount object from contact <b>Warning: Deprecated</b>
+	 *
+	 * @param   int   $contactid   Id of contact
+	 * @param   array   $request_data   Request datas
+	 * @return  int     ID of user
+     * 
+	 * @url	POST /contact/{contactid}/createUser
+	 */
+	function createFromContact($contactid, $request_data = NULL) {
+		//if (!DolibarrApiAccess::$user->rights->user->user->creer) {
+			//throw new RestException(401);
+        //}
+        
+        if (!isset($request_data["login"]))
+    				throw new RestException(400, "login field missing");
+        if (!isset($request_data["password"]))
+    				throw new RestException(400, "password field missing");
+        if (!DolibarrApiAccess::$user->rights->societe->contact->lire) {
+          throw new RestException(401);
+        }
+    		$contact = new Contact($this->db);
+        $contact->fetch($contactid);
+        if ($contact->id <= 0) {
+          throw new RestException(404, 'Contact not found');
+        }
+    
+        if (!DolibarrApi::_checkAccessToResource('contact', $contact->id, 'socpeople&societe')) {
+          throw new RestException(401, 'Access not allowed for login ' . DolibarrApiAccess::$user->login);
+        }
+        // Check mandatory fields
+        $login = $request_data["login"];
+        $password = $request_data["password"];
+        $result = $this->useraccount->create_from_contact($contact,$login,$password);
+        if ($result <= 0) {
+          throw new RestException(500, "User not created");
+        }
+        // password parameter not used in create_from_contact
+        $this->useraccount->setPassword($this->useraccount,$password);
+        
+        return $result;
+	}
+	
+	
+	/**
+	 * Create user account <b>Warning: Deprecated</b>
+	 *
+	 * @param array $request_data New user data
+	 * @return int
+	 *
+	 * @url POST user/
+	 */
+	function post($request_data = NULL) {
+	    // check user authorization
+	    //if(! DolibarrApiAccess::$user->rights->user->creer) {
+	    //   throw new RestException(401, "User creation not allowed");
+	    //}
+	    // check mandatory fields
+	    /*if (!isset($request_data["login"]))
+	        throw new RestException(400, "login field missing");
+	    if (!isset($request_data["password"]))
+	        throw new RestException(400, "password field missing");
+	    if (!isset($request_data["lastname"]))
+	         throw new RestException(400, "lastname field missing");*/
+	    //assign field values
+        $xxx=var_export($request_data, true);
+        dol_syslog("xxx=".$xxx);
+        foreach ($request_data as $field => $value)
+	    {
+	          $this->useraccount->$field = $value;
+	    }
+	    
+        $result = $this->useraccount->create(DolibarrApiAccess::$user);
+	    if ($result <=0) {
+	         throw new RestException(500, "User not created : ".$this->useraccount->error);
+	    }
+	    return array('id'=>$result);
+    }                
+	
+    
+	/**
+	 * Update account <b>Warning: Deprecated</b>
+	 *
+	 * @param int   $id             Id of account to update
+	 * @param array $request_data   Datas   
+	 * @return int 
+     * 
+	 * @url	PUT user/{id}
+	 */
+	function put($id, $request_data = NULL) {
+		//if (!DolibarrApiAccess::$user->rights->user->user->creer) {
+			//throw new RestException(401);
+		//}
+
+		$result = $this->useraccount->fetch($id);
+		if (!$result)
+		{
+			throw new RestException(404, 'Account not found');
+		}
+
+		if (!DolibarrApi::_checkAccessToResource('user', $this->useraccount->id, 'user'))
+		{
+			throw new RestException(401, 'Access not allowed for login ' . DolibarrApiAccess::$user->login);
+		}
+
+		foreach ($request_data as $field => $value)
+		{
+			$this->useraccount->$field = $value;
+		}
+
+		if ($this->useraccount->update($id, DolibarrApiAccess::$user, 1, '', '', 'update'))
+			return $this->get($id);
+
+        return false;
+    }
+
+    /**
+	 * add user to group <b>Warning: Deprecated</b>
+	 *
+	 * @param   int     $id User ID
+	 * @param   int     $group Group ID
+	 * @return  int
+     * 
+	 * @url	GET user/{id}/setGroup/{group}
+	 */
+	function setGroup($id,$group) {
+		//if (!DolibarrApiAccess::$user->rights->user->user->supprimer) {
+			//throw new RestException(401);
+		//}
+        $result = $this->useraccount->fetch($id);
+        if (!$result)
+        {
+          throw new RestException(404, 'User not found');
+        }
+    
+        if (!DolibarrApi::_checkAccessToResource('user', $this->useraccount->id, 'user'))
+        {
+          throw new RestException(401, 'Access not allowed for login ' . DolibarrApiAccess::$user->login);
+        }
+    
+        return $this->useraccount->SetInGroup($group,1);
+    }
+
+	/**
+	 * Delete account <b>Warning: Deprecated</b>
+	 *
+	 * @param   int     $id Account ID
+	 * @return  array
+     * 
+	 * @url	DELETE user/{id}
+	 */
+	function delete($id) {
+		//if (!DolibarrApiAccess::$user->rights->user->user->supprimer) {
+			//throw new RestException(401);
+		//}
+		$result = $this->useraccount->fetch($id);
+		if (!$result)
+		{
+			throw new RestException(404, 'User not found');
+		}
+
+		if (!DolibarrApi::_checkAccessToResource('user', $this->useraccount->id, 'user'))
+		{
+			throw new RestException(401, 'Access not allowed for login ' . DolibarrApiAccess::$user->login);
+		}
+
+		return $this->useraccount->delete($id);
+	}
+
+	/**
+	 * Validate fields before create or update object
+     * 
+	 * @param   array $data Data to validate
+	 * @return  array
+	 * @throws RestException
+	 */
+	function _validate($data) {
+		$account = array();
+		foreach (UserApi::$FIELDS as $field)
+		{
+			if (!isset($data[$field]))
+				throw new RestException(400, "$field field missing");
+			$account[$field] = $data[$field];
+		}
+		return $account;
+	}
+}