server_user.php 23 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559560561562563564565566567568569570571572573574575576577578579580581582583584585586587588589590591592593594595596597598599600601602603604605606607608609610611612613614615616617618619620621622623624625626627628629630631632633634635636637638639640641642643644645646647648649650651652653654655656657658659660661662663664665666667668669670671672673674675676677678679680681682683684685686687688689690691692693694695696697698699700701702703704705706707708709710711712713714715716717718719720721722723
  1. <?php
  2. /* Copyright (C) 2006-2016 Laurent Destailleur <eldy@users.sourceforge.net>
  3. *
  4. * This program is free software; you can redistribute it and/or modify
  5. * it under the terms of the GNU General Public License as published by
  6. * the Free Software Foundation; either version 3 of the License, or
  7. * (at your option) any later version.
  8. *
  9. * This program is distributed in the hope that it will be useful,
  10. * but WITHOUT ANY WARRANTY; without even the implied warranty of
  11. * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
  12. * GNU General Public License for more details.
  13. *
  14. * You should have received a copy of the GNU General Public License
  15. * along with this program. If not, see <https://www.gnu.org/licenses/>.
  16. */
  17. /**
  18. * \file htdocs/webservices/server_user.php
  19. * \brief File that is entry point to call Dolibarr WebServices
  20. */
  21. if (!defined("NOCSRFCHECK")) {
  22. define("NOCSRFCHECK", '1');
  23. }
  24. require_once '../master.inc.php';
  25. require_once NUSOAP_PATH.'/nusoap.php'; // Include SOAP
  26. require_once DOL_DOCUMENT_ROOT.'/core/lib/ws.lib.php';
  27. require_once DOL_DOCUMENT_ROOT.'/user/class/user.class.php';
  28. require_once DOL_DOCUMENT_ROOT.'/contact/class/contact.class.php';
  29. require_once DOL_DOCUMENT_ROOT.'/core/lib/security2.lib.php';
  30. require_once DOL_DOCUMENT_ROOT.'/core/class/extrafields.class.php';
  31. dol_syslog("Call User webservices interfaces");
  32. $langs->load("main");
  33. // Enable and test if module web services is enabled
  34. if (empty($conf->global->MAIN_MODULE_WEBSERVICES)) {
  35. $langs->load("admin");
  36. dol_syslog("Call Dolibarr webservices interfaces with module webservices disabled");
  37. print $langs->trans("WarningModuleNotActive", 'WebServices').'.<br><br>';
  38. print $langs->trans("ToActivateModule");
  39. exit;
  40. }
  41. // Create the soap Object
  42. $server = new nusoap_server();
  43. $server->soap_defencoding = 'UTF-8';
  44. $server->decode_utf8 = false;
  45. $ns = 'http://www.dolibarr.org/ns/';
  46. $server->configureWSDL('WebServicesDolibarrUser', $ns);
  47. $server->wsdl->schemaTargetNamespace = $ns;
  48. // Define WSDL Authentication object
  49. $server->wsdl->addComplexType(
  50. 'authentication',
  51. 'complexType',
  52. 'struct',
  53. 'all',
  54. '',
  55. array(
  56. 'dolibarrkey' => array('name'=>'dolibarrkey', 'type'=>'xsd:string'),
  57. 'sourceapplication' => array('name'=>'sourceapplication', 'type'=>'xsd:string'),
  58. 'login' => array('name'=>'login', 'type'=>'xsd:string'),
  59. 'password' => array('name'=>'password', 'type'=>'xsd:string'),
  60. 'entity' => array('name'=>'entity', 'type'=>'xsd:string'),
  61. )
  62. );
  63. // Define WSDL Return object
  64. $server->wsdl->addComplexType(
  65. 'result',
  66. 'complexType',
  67. 'struct',
  68. 'all',
  69. '',
  70. array(
  71. 'result_code' => array('name'=>'result_code', 'type'=>'xsd:string'),
  72. 'result_label' => array('name'=>'result_label', 'type'=>'xsd:string'),
  73. )
  74. );
  75. // Define other specific objects
  76. $server->wsdl->addComplexType(
  77. 'user',
  78. 'complexType',
  79. 'struct',
  80. 'all',
  81. '',
  82. array(
  83. 'element' => array('name'=>'element', 'type'=>'xsd:string'),
  84. 'id' => array('name'=>'id', 'type'=>'xsd:string'),
  85. 'lastname' => array('name'=>'lastname', 'type'=>'xsd:string'),
  86. 'firstname' => array('name'=>'firstname', 'type'=>'xsd:string'),
  87. 'note' => array('name'=>'note', 'type'=>'xsd:string'),
  88. 'email' => array('name'=>'email', 'type'=>'xsd:string'),
  89. 'signature' => array('name'=>'signature', 'type'=>'xsd:string'),
  90. 'office_phone' => array('name'=>'office_phone', 'type'=>'xsd:string'),
  91. 'office_fax' => array('name'=>'office_fax', 'type'=>'xsd:string'),
  92. 'user_mobile' => array('name'=>'user_mobile', 'type'=>'xsd:string'),
  93. 'admin' => array('name'=>'admin', 'type'=>'xsd:string'),
  94. 'login' => array('name'=>'login', 'type'=>'xsd:string'),
  95. 'entity' => array('name'=>'entity', 'type'=>'xsd:string'),
  96. 'pass_indatabase' => array('name'=>'pass_indatabase', 'type'=>'xsd:string'),
  97. 'pass_indatabase_crypted' => array('name'=>'pass_indatabase_crypted', 'type'=>'xsd:string'),
  98. 'datec' => array('name'=>'datec', 'type'=>'xsd:dateTime'),
  99. 'datem' => array('name'=>'datem', 'type'=>'xsd:dateTime'),
  100. 'fk_thirdparty' => array('name'=>'fk_thirdparty', 'type'=>'xsd:string'),
  101. 'fk_contact' => array('name'=>'fk_contact', 'type'=>'xsd:string'),
  102. 'fk_member' => array('name'=>'fk_member', 'type'=>'xsd:string'),
  103. 'datelastlogin' => array('name'=>'datelastlogin', 'type'=>'xsd:dateTime'),
  104. 'datepreviouslogin' => array('name'=>'datepreviouslogin', 'type'=>'xsd:dateTime'),
  105. 'statut' => array('name'=>'statut', 'type'=>'xsd:string'),
  106. 'photo' => array('name'=>'photo', 'type'=>'xsd:string'),
  107. 'lang' => array('name'=>'lang', 'type'=>'xsd:string'),
  108. 'entrepots' => array('name'=>'entrepots', 'type'=>'xsd:string'),
  109. //'rights' => array('name'=>'rights','type'=>'xsd:string'),
  110. 'canvas' => array('name'=>'canvas', 'type'=>'xsd:string')
  111. )
  112. );
  113. // Define other specific objects
  114. $server->wsdl->addComplexType(
  115. 'group',
  116. 'complexType',
  117. 'struct',
  118. 'all',
  119. '',
  120. array(
  121. 'name' => array('name'=>'name', 'type'=>'xsd:string'),
  122. 'id' => array('name'=>'id', 'type'=>'xsd:string'),
  123. 'datec' => array('name'=>'datec', 'type'=>'xsd:string'),
  124. 'nb' => array('name'=>'nb', 'type'=>'xsd:string')
  125. )
  126. );
  127. $server->wsdl->addComplexType(
  128. 'GroupsArray',
  129. 'complexType',
  130. 'array',
  131. '',
  132. 'SOAP-ENC:Array',
  133. array(),
  134. array(
  135. array('ref'=>'SOAP-ENC:arrayType', 'wsdl:arrayType'=>'tns:group[]')
  136. ),
  137. 'tns:group'
  138. );
  139. $thirdpartywithuser_fields = array(
  140. // For thirdparty and contact
  141. 'name' => array('name'=>'name', 'type'=>'xsd:string'),
  142. 'firstname' => array('name'=>'firstname', 'type'=>'xsd:string'),
  143. 'name_thirdparty' => array('name'=>'name_thirdparty', 'type'=>'xsd:string'),
  144. 'ref_ext' => array('name'=>'ref_ext', 'type'=>'xsd:string'),
  145. 'client' => array('name'=>'client', 'type'=>'xsd:string'),
  146. 'fournisseur' => array('name'=>'fournisseur', 'type'=>'xsd:string'),
  147. 'address' => array('name'=>'address', 'type'=>'xsd:string'),
  148. 'zip' => array('name'=>'zip', 'type'=>'xsd:string'),
  149. 'town' => array('name'=>'town', 'type'=>'xsd:string'),
  150. 'country_id' => array('name'=>'country_id', 'type'=>'xsd:string'),
  151. 'country_code' => array('name'=>'country_code', 'type'=>'xsd:string'),
  152. 'phone' => array('name'=>'phone', 'type'=>'xsd:string'),
  153. 'phone_mobile' => array('name'=>'phone_mobile', 'type'=>'xsd:string'),
  154. 'fax' => array('name'=>'fax', 'type'=>'xsd:string'),
  155. 'email' => array('name'=>'email', 'type'=>'xsd:string'),
  156. 'url' => array('name'=>'url', 'type'=>'xsd:string'),
  157. 'profid1' => array('name'=>'profid1', 'type'=>'xsd:string'),
  158. 'profid2' => array('name'=>'profid2', 'type'=>'xsd:string'),
  159. 'profid3' => array('name'=>'profid3', 'type'=>'xsd:string'),
  160. 'profid4' => array('name'=>'profid4', 'type'=>'xsd:string'),
  161. 'profid5' => array('name'=>'profid5', 'type'=>'xsd:string'),
  162. 'profid6' => array('name'=>'profid6', 'type'=>'xsd:string'),
  163. 'capital' => array('name'=>'capital', 'type'=>'xsd:string'),
  164. 'tva_assuj' => array('name'=>'tva_assuj', 'type'=>'xsd:string'),
  165. 'tva_intra' => array('name'=>'tva_intra', 'type'=>'xsd:string'),
  166. // For user
  167. 'login' => array('name'=>'login', 'type'=>'xsd:string'),
  168. 'password' => array('name'=>'password', 'type'=>'xsd:string'),
  169. 'group_id' => array('name'=>'group_id', 'type'=>'xsd:string')
  170. );
  171. $elementtype = 'socpeople';
  172. //Retrieve all extrafield for contact
  173. // fetch optionals attributes and labels
  174. $extrafields = new ExtraFields($db);
  175. $extrafields->fetch_name_optionals_label($elementtype, true);
  176. $extrafield_array = null;
  177. if (is_array($extrafields) && count($extrafields) > 0) {
  178. $extrafield_array = array();
  179. }
  180. if (isset($extrafields->attributes[$elementtype]['label']) && is_array($extrafields->attributes[$elementtype]['label']) && count($extrafields->attributes[$elementtype]['label'])) {
  181. foreach ($extrafields->attributes[$elementtype]['label'] as $key => $label) {
  182. $type = $extrafields->attributes[$elementtype]['type'][$key];
  183. if ($type == 'date' || $type == 'datetime') {
  184. $type = 'xsd:dateTime';
  185. } else {
  186. $type = 'xsd:string';
  187. }
  188. $extrafield_array['contact_options_'.$key] = array('name'=>'contact_options_'.$key, 'type'=>$type);
  189. }
  190. }
  191. if (is_array($extrafield_array)) {
  192. $thirdpartywithuser_fields = array_merge($thirdpartywithuser_fields, $extrafield_array);
  193. }
  194. $server->wsdl->addComplexType(
  195. 'thirdpartywithuser',
  196. 'complexType',
  197. 'struct',
  198. 'all',
  199. '',
  200. $thirdpartywithuser_fields
  201. );
  202. // Define WSDL user short object
  203. $server->wsdl->addComplexType(
  204. 'shortuser',
  205. 'complexType',
  206. 'struct',
  207. 'all',
  208. '',
  209. array(
  210. 'login' => array('name'=>'login', 'type'=>'xsd:string'),
  211. 'password' => array('name'=>'password', 'type'=>'xsd:string'),
  212. 'entity' => array('name'=>'entity', 'type'=>'xsd:string'),
  213. )
  214. );
  215. // 5 styles: RPC/encoded, RPC/literal, Document/encoded (not WS-I compliant), Document/literal, Document/literal wrapped
  216. // Style merely dictates how to translate a WSDL binding to a SOAP message. Nothing more. You can use either style with any programming model.
  217. // http://www.ibm.com/developerworks/webservices/library/ws-whichwsdl/
  218. $styledoc = 'rpc'; // rpc/document (document is an extend into SOAP 1.0 to support unstructured messages)
  219. $styleuse = 'encoded'; // encoded/literal/literal wrapped
  220. // Better choice is document/literal wrapped but literal wrapped not supported by nusoap.
  221. // Register WSDL
  222. $server->register(
  223. 'getUser',
  224. // Entry values
  225. array('authentication'=>'tns:authentication', 'id'=>'xsd:string', 'ref'=>'xsd:string', 'ref_ext'=>'xsd:string'),
  226. // Exit values
  227. array('result'=>'tns:result', 'user'=>'tns:user'),
  228. $ns,
  229. $ns.'#getUser',
  230. $styledoc,
  231. $styleuse,
  232. 'WS to get user'
  233. );
  234. $server->register(
  235. 'getListOfGroups',
  236. // Entry values
  237. array('authentication'=>'tns:authentication'),
  238. // Exit values
  239. array('result'=>'tns:result', 'groups'=>'tns:GroupsArray'),
  240. $ns,
  241. $ns.'#getListOfGroups',
  242. $styledoc,
  243. $styleuse,
  244. 'WS to get list of groups'
  245. );
  246. $server->register(
  247. 'createUserFromThirdparty',
  248. // Entry values
  249. array('authentication'=>'tns:authentication', 'thirdpartywithuser'=>'tns:thirdpartywithuser'),
  250. // Exit values
  251. array('result'=>'tns:result', 'id'=>'xsd:string'),
  252. $ns,
  253. $ns.'#createUserFromThirdparty',
  254. $styledoc,
  255. $styleuse,
  256. 'WS to create an external user with thirdparty and contact'
  257. );
  258. $server->register(
  259. 'setUserPassword',
  260. // Entry values
  261. array('authentication'=>'tns:authentication', 'shortuser'=>'tns:shortuser'),
  262. // Exit values
  263. array('result'=>'tns:result', 'id'=>'xsd:string'),
  264. $ns,
  265. $ns.'#setUserPassword',
  266. $styledoc,
  267. $styleuse,
  268. 'WS to change password of an user'
  269. );
  270. /**
  271. * Get produt or service
  272. *
  273. * @param array $authentication Array of authentication information
  274. * @param int $id Id of object
  275. * @param string $ref Ref of object
  276. * @param string $ref_ext Ref external of object
  277. * @return mixed
  278. */
  279. function getUser($authentication, $id, $ref = '', $ref_ext = '')
  280. {
  281. global $db, $conf;
  282. dol_syslog("Function: getUser login=".$authentication['login']." id=".$id." ref=".$ref." ref_ext=".$ref_ext);
  283. if ($authentication['entity']) {
  284. $conf->entity = $authentication['entity'];
  285. }
  286. // Init and check authentication
  287. $objectresp = array();
  288. $errorcode = ''; $errorlabel = '';
  289. $error = 0;
  290. $fuser = check_authentication($authentication, $error, $errorcode, $errorlabel);
  291. // Check parameters
  292. if (!$error && (($id && $ref) || ($id && $ref_ext) || ($ref && $ref_ext))) {
  293. $error++;
  294. $errorcode = 'BAD_PARAMETERS'; $errorlabel = "Parameter id, ref and ref_ext can't be both provided. You must choose one or other but not both.";
  295. }
  296. if (!$error) {
  297. $fuser->getrights();
  298. if ($fuser->rights->user->user->lire
  299. || ($fuser->rights->user->self->creer && $id && $id == $fuser->id)
  300. || ($fuser->rights->user->self->creer && $ref && $ref == $fuser->login)
  301. || ($fuser->rights->user->self->creer && $ref_ext && $ref_ext == $fuser->ref_ext)) {
  302. $user = new User($db);
  303. $result = $user->fetch($id, $ref, $ref_ext);
  304. if ($result > 0) {
  305. // Create
  306. $objectresp = array(
  307. 'result'=>array('result_code'=>'OK', 'result_label'=>''),
  308. 'user'=>array(
  309. 'id' => $user->id,
  310. 'lastname' => $user->lastname,
  311. 'firstname' => $user->firstname,
  312. 'note' => $user->note,
  313. 'email' => $user->email,
  314. 'signature' => $user->signature,
  315. 'office_phone' => $user->office_phone,
  316. 'office_fax' => $user->office_fax,
  317. 'user_mobile' => $user->user_mobile,
  318. 'admin' => $user->admin,
  319. 'login' => $user->login,
  320. 'entity' => $user->entity,
  321. 'pass_indatabase' => $user->pass_indatabase,
  322. 'pass_indatabase_crypted' => $user->pass_indatabase_crypted,
  323. 'datec' => dol_print_date($user->datec, 'dayhourrfc'),
  324. 'datem' => dol_print_date($user->datem, 'dayhourrfc'),
  325. 'fk_thirdparty' => $user->socid,
  326. 'fk_contact' => $user->contact_id,
  327. 'fk_member' => $user->fk_member,
  328. 'datelastlogin' => dol_print_date($user->datelastlogin, 'dayhourrfc'),
  329. 'datepreviouslogin' => dol_print_date($user->datepreviouslogin, 'dayhourrfc'),
  330. 'statut' => $user->statut,
  331. 'photo' => $user->photo,
  332. 'lang' => $user->lang,
  333. //'rights' => $user->rights,
  334. 'canvas' => $user->canvas
  335. )
  336. );
  337. } else {
  338. $error++;
  339. $errorcode = 'NOT_FOUND'; $errorlabel = 'Object not found for id='.$id.' nor ref='.$ref.' nor ref_ext='.$ref_ext;
  340. }
  341. } else {
  342. $error++;
  343. $errorcode = 'PERMISSION_DENIED'; $errorlabel = 'User does not have permission for this request';
  344. }
  345. }
  346. if ($error) {
  347. $objectresp = array('result'=>array('result_code' => $errorcode, 'result_label' => $errorlabel));
  348. }
  349. return $objectresp;
  350. }
  351. /**
  352. * getListOfGroups
  353. *
  354. * @param array $authentication Array of authentication information
  355. * @return array Array result
  356. */
  357. function getListOfGroups($authentication)
  358. {
  359. global $db, $conf;
  360. dol_syslog("Function: getListOfGroups login=".$authentication['login']);
  361. if ($authentication['entity']) {
  362. $conf->entity = $authentication['entity'];
  363. }
  364. // Init and check authentication
  365. $objectresp = array();
  366. $arraygroups = array();
  367. $errorcode = ''; $errorlabel = '';
  368. $error = 0;
  369. $fuser = check_authentication($authentication, $error, $errorcode, $errorlabel);
  370. // Check parameters
  371. if (!$error) {
  372. $sql = "SELECT g.rowid, g.nom as name, g.entity, g.datec, COUNT(DISTINCT ugu.fk_user) as nb";
  373. $sql .= " FROM ".MAIN_DB_PREFIX."usergroup as g";
  374. $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."usergroup_user as ugu ON ugu.fk_usergroup = g.rowid";
  375. if (!empty($conf->multicompany->enabled) && $conf->entity == 1 && ($conf->global->MULTICOMPANY_TRANSVERSE_MODE || ($fuser->admin && !$fuser->entity))) {
  376. $sql .= " WHERE g.entity IS NOT NULL";
  377. } else {
  378. $sql .= " WHERE g.entity IN (0,".$conf->entity.")";
  379. }
  380. $sql .= " GROUP BY g.rowid, g.nom, g.entity, g.datec";
  381. $resql = $db->query($sql);
  382. if ($resql) {
  383. $num = $db->num_rows($resql);
  384. $i = 0;
  385. while ($i < $num) {
  386. $obj = $db->fetch_object($resql);
  387. $arraygroups[] = array('id'=>$obj->rowid, 'name'=>$obj->name, 'datec'=>$obj->datec, 'nb'=>$obj->nb);
  388. $i++;
  389. }
  390. } else {
  391. $error++;
  392. $errorcode = $db->lasterrno();
  393. $errorlabel = $db->lasterror();
  394. }
  395. }
  396. if ($error) {
  397. $objectresp = array(
  398. 'result'=>array('result_code' => $errorcode, 'result_label' => $errorlabel),
  399. 'groups'=>$arraygroups
  400. );
  401. } else {
  402. $objectresp = array(
  403. 'result'=>array('result_code' => 'OK', 'result_label' => ''),
  404. 'groups'=>$arraygroups
  405. );
  406. }
  407. return $objectresp;
  408. }
  409. /**
  410. * Create an external user with thirdparty and contact
  411. *
  412. * @param array $authentication Array of authentication information
  413. * @param array $thirdpartywithuser Datas
  414. * @return mixed
  415. */
  416. function createUserFromThirdparty($authentication, $thirdpartywithuser)
  417. {
  418. global $db, $conf, $langs;
  419. dol_syslog("Function: createUserFromThirdparty login=".$authentication['login']);
  420. if ($authentication['entity']) {
  421. $conf->entity = $authentication['entity'];
  422. }
  423. $objectresp = array();
  424. $errorcode = ''; $errorlabel = '';
  425. $error = 0;
  426. $fuser = check_authentication($authentication, $error, $errorcode, $errorlabel);
  427. if ($fuser->socid) {
  428. $socid = $fuser->socid;
  429. }
  430. if (!$error && !$thirdpartywithuser) {
  431. $error++;
  432. $errorcode = 'BAD_PARAMETERS'; $errorlabel = "Parameter thirdparty must be provided.";
  433. }
  434. if (!$error) {
  435. $fuser->getrights();
  436. if ($fuser->rights->societe->creer) {
  437. $thirdparty = new Societe($db);
  438. // If a contact / company already exists with the email, return the corresponding socid
  439. $sql = "SELECT s.rowid as socid FROM ".MAIN_DB_PREFIX."societe as s";
  440. $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."socpeople as sp ON sp.fk_soc = s.rowid";
  441. $sql .= " WHERE s.entity=".$conf->entity;
  442. $sql .= " AND s.email='".$db->escape($thirdpartywithuser['email'])."'";
  443. $sql .= " OR sp.email='".$db->escape($thirdpartywithuser['email'])."'";
  444. $sql .= $db->plimit(1);
  445. $resql = $db->query($sql);
  446. if ($resql) {
  447. // If a company or contact is found with the same email we return an error
  448. $row = $db->fetch_object($resql);
  449. if ($row) {
  450. $error++;
  451. $errorcode = 'ALREADY_EXIST'; $errorlabel = 'Object not create : company or contact exists '.$thirdpartywithuser['email'];
  452. } else {
  453. $db->begin();
  454. /*
  455. * Company creation
  456. */
  457. $thirdparty->name = $thirdpartywithuser['name_thirdparty'];
  458. $thirdparty->ref_ext = $thirdpartywithuser['ref_ext'];
  459. $thirdparty->address = $thirdpartywithuser['address'];
  460. $thirdparty->zip = $thirdpartywithuser['zip'];
  461. $thirdparty->town = $thirdpartywithuser['town'];
  462. $thirdparty->country_id = $thirdpartywithuser['country_id'];
  463. $thirdparty->country_code = $thirdpartywithuser['country_code'];
  464. // find the country id by code
  465. $langs->load("dict");
  466. $sql = "SELECT rowid";
  467. $sql .= " FROM ".MAIN_DB_PREFIX."c_country";
  468. $sql .= " WHERE active = 1";
  469. $sql .= " AND code='".$db->escape($thirdparty->country_code)."'";
  470. $resql = $db->query($sql);
  471. if ($resql) {
  472. $num = $db->num_rows($resql);
  473. if ($num) {
  474. $obj = $db->fetch_object($resql);
  475. $thirdparty->country_id = $obj->rowid;
  476. }
  477. }
  478. $thirdparty->phone = $thirdpartywithuser['phone'];
  479. $thirdparty->fax = $thirdpartywithuser['fax'];
  480. $thirdparty->email = $thirdpartywithuser['email'];
  481. $thirdparty->url = $thirdpartywithuser['url'];
  482. $thirdparty->ape = $thirdpartywithuser['ape'];
  483. $thirdparty->idprof1 = $thirdpartywithuser['prof1'];
  484. $thirdparty->idprof2 = $thirdpartywithuser['prof2'];
  485. $thirdparty->idprof3 = $thirdpartywithuser['prof3'];
  486. $thirdparty->idprof4 = $thirdpartywithuser['prof4'];
  487. $thirdparty->idprof5 = $thirdpartywithuser['prof5'];
  488. $thirdparty->idprof6 = $thirdpartywithuser['prof6'];
  489. $thirdparty->client = $thirdpartywithuser['client'];
  490. $thirdparty->fournisseur = $thirdpartywithuser['fournisseur'];
  491. $socid_return = $thirdparty->create($fuser);
  492. if ($socid_return > 0) {
  493. $thirdparty->fetch($socid_return);
  494. /*
  495. * Contact creation
  496. *
  497. */
  498. $contact = new Contact($db);
  499. $contact->socid = $thirdparty->id;
  500. $contact->lastname = $thirdpartywithuser['name'];
  501. $contact->firstname = $thirdpartywithuser['firstname'];
  502. $contact->civility_id = $thirdparty->civility_id;
  503. $contact->address = $thirdparty->address;
  504. $contact->zip = $thirdparty->zip;
  505. $contact->town = $thirdparty->town;
  506. $contact->email = $thirdparty->email;
  507. $contact->phone_pro = $thirdparty->phone;
  508. $contact->phone_mobile = $thirdpartywithuser['phone_mobile'];
  509. $contact->fax = $thirdparty->fax;
  510. $contact->statut = 1;
  511. $contact->country_id = $thirdparty->country_id;
  512. $contact->country_code = $thirdparty->country_code;
  513. $elementtype = 'socpeople';
  514. //Retrieve all extrafield for thirdsparty
  515. // fetch optionals attributes and labels
  516. $extrafields = new ExtraFields($db);
  517. $extrafields->fetch_name_optionals_label($elementtype, true);
  518. if (isset($extrafields->attributes[$elementtype]['label']) && is_array($extrafields->attributes[$elementtype]['label']) && count($extrafields->attributes[$elementtype]['label'])) {
  519. foreach ($extrafields->attributes[$elementtype]['label'] as $key => $label) {
  520. $key = 'contact_options_'.$key;
  521. $key = substr($key, 8); // Remove 'contact_' prefix
  522. $contact->array_options[$key] = $thirdpartywithuser[$key];
  523. }
  524. }
  525. $contact_id = $contact->create($fuser);
  526. if ($contact_id > 0) {
  527. /*
  528. * User creation
  529. *
  530. */
  531. $edituser = new User($db);
  532. $id = $edituser->create_from_contact($contact, $thirdpartywithuser["login"]);
  533. if ($id > 0) {
  534. $edituser->setPassword($fuser, trim($thirdpartywithuser['password']));
  535. if ($thirdpartywithuser['group_id'] > 0) {
  536. $edituser->SetInGroup($thirdpartywithuser['group_id'], $conf->entity);
  537. }
  538. } else {
  539. $error++;
  540. $errorcode = 'NOT_CREATE'; $errorlabel = 'Object not create : '.$edituser->error;
  541. }
  542. } else {
  543. $error++;
  544. $errorcode = 'NOT_CREATE'; $errorlabel = 'Object not create : '.$contact->error;
  545. }
  546. if (!$error) {
  547. $db->commit();
  548. $objectresp = array('result'=>array('result_code'=>'OK', 'result_label'=>'SUCCESS'), 'id'=>$socid_return);
  549. $error = 0;
  550. }
  551. } else {
  552. $error++;
  553. $errorcode = join(', ', ($thirdparty->error ? array($thirdparty->error) : $thirdparty->errors));
  554. }
  555. }
  556. } else {
  557. // retour creation KO
  558. $error++;
  559. $errorcode = 'NOT_CREATE'; $errorlabel = 'Object not create';
  560. }
  561. } else {
  562. $error++;
  563. $errorcode = 'PERMISSION_DENIED'; $errorlabel = 'User does not have permission for this request';
  564. }
  565. }
  566. if ($error) {
  567. $db->rollback();
  568. $objectresp = array(
  569. 'result'=>array('result_code' => $errorcode, 'result_label' => $errorlabel)
  570. );
  571. }
  572. return $objectresp;
  573. }
  574. /**
  575. * Set password of an user
  576. *
  577. * @param array $authentication Array of authentication information
  578. * @param array $shortuser Array of login/password info
  579. * @return mixed
  580. */
  581. function setUserPassword($authentication, $shortuser)
  582. {
  583. global $db, $conf;
  584. dol_syslog("Function: setUserPassword login=".$authentication['login']);
  585. if ($authentication['entity']) {
  586. $conf->entity = $authentication['entity'];
  587. }
  588. $objectresp = array();
  589. $errorcode = ''; $errorlabel = '';
  590. $error = 0;
  591. $fuser = check_authentication($authentication, $error, $errorcode, $errorlabel);
  592. if ($fuser->socid) {
  593. $socid = $fuser->socid;
  594. }
  595. if (!$error && !$shortuser) {
  596. $error++;
  597. $errorcode = 'BAD_PARAMETERS'; $errorlabel = "Parameter shortuser must be provided.";
  598. }
  599. if (!$error) {
  600. $fuser->getrights();
  601. if ($fuser->rights->user->user->password || $fuser->rights->user->self->password) {
  602. $userstat = new User($db);
  603. $res = $userstat->fetch('', $shortuser['login']);
  604. if ($res) {
  605. $res = $userstat->setPassword($userstat, $shortuser['password']);
  606. if ($res) {
  607. $objectresp = array(
  608. 'result'=>array('result_code' => 'OK', 'result_label' => ''),
  609. );
  610. } else {
  611. $error++;
  612. $errorcode = 'NOT_MODIFIED'; $errorlabel = 'Error when changing password';
  613. }
  614. } else {
  615. $error++;
  616. $errorcode = 'NOT_FOUND'; $errorlabel = 'User not found';
  617. }
  618. } else {
  619. $error++;
  620. $errorcode = 'PERMISSION_DENIED'; $errorlabel = 'User does not have permission for this request';
  621. }
  622. }
  623. if ($error) {
  624. $objectresp = array(
  625. 'result'=>array('result_code' => $errorcode, 'result_label' => $errorlabel)
  626. );
  627. }
  628. return $objectresp;
  629. }
  630. // Return the results.
  631. $server->service(file_get_contents("php://input"));