Skip to content
GitLab
Explore
Sign in
Primary navigation
Search or go to…
Project
D
dolibarr
Manage
Activity
Members
Code
Repository
Branches
Commits
Tags
Repository graph
Compare revisions
Deploy
Releases
Container registry
Model registry
Analyze
Contributor analytics
Repository analytics
Model experiments
Help
Help
Support
GitLab documentation
Compare GitLab plans
Community forum
Contribute to GitLab
Provide feedback
Keyboard shortcuts
?
Snippets
Groups
Projects
Show more breadcrumbs
Software_Artifact_Infrastructure_Repository
dolibarr
Commits
60382f4b
Commit
60382f4b
authored
12 years ago
by
Jean-François Ferry
Browse files
Options
Downloads
Patches
Plain Diff
New webservice to retrieve a document (work on invoice, propal, order and generic)
parent
31ce3d67
Branches
Branches containing commit
Tags
Tags containing commit
No related merge requests found
Changes
1
Show whitespace changes
Inline
Side-by-side
Showing
1 changed file
htdocs/webservices/server_other.php
+211
-1
211 additions, 1 deletion
htdocs/webservices/server_other.php
with
211 additions
and
1 deletion
htdocs/webservices/server_other.php
+
211
−
1
View file @
60382f4b
...
...
@@ -27,7 +27,7 @@ require_once '../master.inc.php';
require_once
NUSOAP_PATH
.
'/nusoap.php'
;
// Include SOAP
require_once
DOL_DOCUMENT_ROOT
.
'/core/lib/ws.lib.php'
;
require_once
DOL_DOCUMENT_ROOT
.
'/user/class/user.class.php'
;
require_once
DOL_DOCUMENT_ROOT
.
'/core/lib/files.lib.php'
;
require_once
DOL_DOCUMENT_ROOT
.
'/core/lib/functions2.lib.php'
;
...
...
@@ -82,6 +82,21 @@ $server->wsdl->addComplexType(
)
);
// Define WSDL Return object for document
$server
->
wsdl
->
addComplexType
(
'document'
,
'complexType'
,
'struct'
,
'all'
,
''
,
array
(
'filename'
=>
array
(
'name'
=>
'filename'
,
'type'
=>
'xsd:string'
),
'mimetype'
=>
array
(
'name'
=>
'mimetype'
,
'type'
=>
'xsd:string'
),
'content'
=>
array
(
'name'
=>
'content'
,
'type'
=>
'xsd:string'
),
'length'
=>
array
(
'name'
=>
'length'
,
'type'
=>
'xsd:string'
)
)
);
// Define other specific objects
// None
...
...
@@ -107,6 +122,20 @@ $server->register(
'WS to get Versions'
);
// Register WSDL
$server
->
register
(
'getDocument'
,
// Entry values
array
(
'authentication'
=>
'tns:authentication'
,
'modulepart'
=>
'xsd:string'
,
'file'
=>
'xsd:string'
),
// Exit values
array
(
'result'
=>
'tns:result'
,
'document'
=>
'tns:document'
),
$ns
,
$ns
.
'#getDocument'
,
$styledoc
,
$styleuse
,
'WS to get document'
);
// Full methods code
...
...
@@ -144,6 +173,187 @@ function getVersions($authentication)
}
/*
* Method to get a document by webservice
* \param authentication array
* \param modulepart array Properties of document
*
*/
function
getDocument
(
$authentication
,
$modulepart
,
$file
)
{
global
$db
,
$conf
,
$langs
,
$mysoc
;
dol_syslog
(
"Function: getDocument login="
.
$authentication
[
'login'
]
.
' - modulepart='
.
$modulepart
.
' - file='
.
$file
);
if
(
$authentication
[
'entity'
])
$conf
->
entity
=
$authentication
[
'entity'
];
$objectresp
=
array
();
$errorcode
=
''
;
$errorlabel
=
''
;
$error
=
0
;
// Properties of doc
$original_file
=
$file
;
$type
=
dol_mimetype
(
$original_file
);
$relativefilepath
=
$ref
.
"/"
;
$relativepath
=
$relativefilepath
.
$ref
.
'.pdf'
;
$accessallowed
=
0
;
$fuser
=
check_authentication
(
$authentication
,
$error
,
$errorcode
,
$errorlabel
);
if
(
$fuser
->
societe_id
)
$socid
=
$fuser
->
societe_id
;
// Check parameters
if
(
!
$error
&&
(
!
$file
||
!
$modulepart
)
)
{
$error
++
;
$errorcode
=
'BAD_PARAMETERS'
;
$errorlabel
=
"Parameter file and modulepart must be both provided."
;
}
if
(
!
$error
)
{
$fuser
->
getrights
();
// Suppression de la chaine de caractere ../ dans $original_file
$original_file
=
str_replace
(
"../"
,
"/"
,
$original_file
);
// find the subdirectory name as the reference
$refname
=
basename
(
dirname
(
$original_file
)
.
"/"
);
// Wrapping for invoices
if
(
$modulepart
==
'facture'
)
{
if
(
$fuser
->
rights
->
facture
->
lire
||
preg_match
(
'/^specimen/i'
,
$original_file
))
{
$accessallowed
=
1
;
}
$original_file
=
$conf
->
facture
->
dir_output
.
'/'
.
$original_file
;
$sqlprotectagainstexternals
=
"SELECT fk_soc as fk_soc FROM "
.
MAIN_DB_PREFIX
.
"facture WHERE ref='"
.
$refname
.
"' AND entity="
.
$conf
->
entity
;
}
// Wrapping pour les propales
else
if
(
$modulepart
==
'propal'
)
{
if
(
$fuser
->
rights
->
propal
->
lire
||
preg_match
(
'/^specimen/i'
,
$original_file
))
{
$accessallowed
=
1
;
}
$original_file
=
$conf
->
propal
->
dir_output
.
'/'
.
$original_file
;
$sqlprotectagainstexternals
=
"SELECT fk_soc as fk_soc FROM "
.
MAIN_DB_PREFIX
.
"propal WHERE ref='"
.
$refname
.
"' AND entity="
.
$conf
->
entity
;
}
// Wrapping pour les commandes
else
if
(
$modulepart
==
'commande'
)
{
if
(
$fuser
->
rights
->
commande
->
lire
||
preg_match
(
'/^specimen/i'
,
$original_file
))
{
$accessallowed
=
1
;
}
$original_file
=
$conf
->
commande
->
dir_output
.
'/'
.
$original_file
;
$sqlprotectagainstexternals
=
"SELECT fk_soc as fk_soc FROM "
.
MAIN_DB_PREFIX
.
"commande WHERE ref='"
.
$refname
.
"' AND entity="
.
$conf
->
entity
;
}
// Wrapping pour generic module
else
{
if
(
$fuser
->
rights
->
$modulepart
->
read
||
preg_match
(
'/^specimen/i'
,
$original_file
))
{
$accessallowed
=
1
;
}
$original_file
=
$conf
->
$modulepart
->
dir_output
.
'/'
.
$original_file
;
// TODO
//$sqlprotectagainstexternals = "SELECT fk_soc as fk_soc FROM ".MAIN_DB_PREFIX."registration WHERE ref='".$refname."' AND entity=".$conf->entity;
}
// Basic protection (against external users only)
if
(
$fuser
->
societe_id
>
0
)
{
if
(
$sqlprotectagainstexternals
)
{
$resql
=
$db
->
query
(
$sqlprotectagainstexternals
);
if
(
$resql
)
{
$num
=
$db
->
num_rows
(
$resql
);
$i
=
0
;
while
(
$i
<
$num
)
{
$obj
=
$db
->
fetch_object
(
$resql
);
if
(
$fuser
->
societe_id
!=
$obj
->
fk_soc
)
{
$accessallowed
=
0
;
break
;
}
$i
++
;
}
}
}
}
// Security:
// Limite acces si droits non corrects
if
(
!
$accessallowed
)
{
$errorcode
=
'NOT_PERMITTED'
;
$errorlabel
=
'Access not allowed'
;
$error
++
;
}
// Security:
// On interdit les remontees de repertoire ainsi que les pipe dans
// les noms de fichiers.
if
(
preg_match
(
'/\.\./'
,
$original_file
)
||
preg_match
(
'/[<>|]/'
,
$original_file
))
{
dol_syslog
(
"Refused to deliver file "
.
$original_file
);
$errorcode
=
'REFUSED'
;
$errorlabel
=
''
;
$error
++
;
}
clearstatcache
();
if
(
!
$error
)
{
if
(
file_exists
(
$original_file
))
{
dol_syslog
(
"Function: getDocument
$original_file
$filename
content-type=
$type
"
);
$file
=
$fileparams
[
'fullname'
];
$filename
=
basename
(
$file
);
$f
=
fopen
(
$original_file
,
'r'
);
$content_file
=
fread
(
$f
,
filesize
(
$original_file
));
$objectret
=
array
(
'filename'
=>
basename
(
$original_file
),
'mimetype'
=>
dol_mimetype
(
$original_file
),
'content'
=>
base64_encode
(
$content_file
),
'length'
=>
filesize
(
$original_file
)
);
// Create return object
$objectresp
=
array
(
'result'
=>
array
(
'result_code'
=>
'OK'
,
'result_label'
=>
''
),
'document'
=>
$objectret
);
}
else
{
dol_syslog
(
"File doesn't exist "
.
$original_file
);
$errorcode
=
'NOT_FOUND'
;
$errorlabel
=
''
;
$error
++
;
}
}
}
if
(
$error
)
{
$objectresp
=
array
(
'result'
=>
array
(
'result_code'
=>
$errorcode
,
'result_label'
=>
$errorlabel
)
);
}
return
$objectresp
;
}
// Return the results.
$server
->
service
(
$HTTP_RAW_POST_DATA
);
...
...
This diff is collapsed.
Click to expand it.
Preview
0%
Loading
Try again
or
attach a new file
.
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Save comment
Cancel
Please
register
or
sign in
to comment
