diff --git a/htdocs/api/class/api_access.class.php b/htdocs/api/class/api_access.class.php
index 9d29c60e26ae0b671cc8a843e11a3c718f94907d..67f8c710bb77a7182589d1fc5142ed05340e3974 100644
--- a/htdocs/api/class/api_access.class.php
+++ b/htdocs/api/class/api_access.class.php
@@ -116,16 +116,13 @@ class DolibarrApiAccess implements iAuthenticate
 		else
 		{
 		    throw new RestException(401, "Failed to login to API. No parameter 'api_key' provided");
-		    //dol_syslog("Failed to login to API. No parameter key provided", LOG_DEBUG);
-			//return false;
 		}
 
-        $userClass::setCacheIdentifier(static::$role);
-        Resources::$accessControlFunction = 'DolibarrApiAccess::verifyAccess';
-        
-        $requirefortest = static::$requires;
-        if (! is_array($requirefortest)) $requirefortest=explode(',',$requirefortest);
-        return in_array(static::$role, (array) static::$requirefortest) || static::$role == 'admin';
+    $userClass::setCacheIdentifier(static::$role);
+    Resources::$accessControlFunction = 'DolibarrApiAccess::verifyAccess';
+    $requirefortest = static::$requires;
+    if (! is_array($requirefortest)) $requirefortest=explode(',',$requirefortest);
+    return in_array(static::$role, (array) $requirefortest) || static::$role == 'admin';
 	}
 
 	/**
diff --git a/htdocs/commande/class/api_commande.class.php b/htdocs/commande/class/api_commande.class.php
index 04d78f30a1da5e8b0107c234f1b513580cc101b8..d6a2a3d0f82fa281b9a9e4464924f58c441c4bae 100644
--- a/htdocs/commande/class/api_commande.class.php
+++ b/htdocs/commande/class/api_commande.class.php
@@ -207,9 +207,9 @@ class CommandeApi extends DolibarrApi
      */
     function post($request_data = NULL)
     {
-        if(! DolibarrApiAccess::$user->rights->commande->creer) {
-			throw new RestException(401);
-		}
+      if(! DolibarrApiAccess::$user->rights->commande->creer) {
+			  throw new RestException(401, "Insuffisant rights");
+		  }
         // Check mandatory fields
         $result = $this->_validate($request_data);
 
@@ -224,7 +224,7 @@ class CommandeApi extends DolibarrApi
           $this->commande->lines = $lines;
         }
         if(! $this->commande->create(DolibarrApiAccess::$user) ) {
-            throw new RestException(401);
+            throw new RestException(500, "Error while creating order");
         }
         
         return $this->commande->id;
diff --git a/htdocs/product/class/api_product.class.php b/htdocs/product/class/api_product.class.php
index 1ce63411cd31eeb17e845fa0dc04601f1f321e21..1e485fd6733d76219a26f4c38b09f01e70d86eff 100644
--- a/htdocs/product/class/api_product.class.php
+++ b/htdocs/product/class/api_product.class.php
@@ -18,6 +18,7 @@
  use Luracast\Restler\RestException;
  
  require_once DOL_DOCUMENT_ROOT.'/product/class/product.class.php';
+ require_once DOL_DOCUMENT_ROOT.'/categories/class/categorie.class.php';
 
 /**
  * API class for product object
@@ -165,6 +166,91 @@ class ProductApi extends DolibarrApi
         }
 		return $obj_ret;
     }
+
+
+    /**
+     * List products in a category
+     * 
+     * Get a list of products
+     * 
+     * @param int		$mode		Use this param to filter list (0 for all, 1 for only product, 2 for only service)
+     * @param int		$category		Use this param to filter list by category
+     * @param mixed     $to_sell    Filter products to sell (1) or not to sell (0)  
+     * @param mixed     $to_buy     Filter products to nuy (1) or not to buy (0)  
+     * @param string	$sortfield	Sort field
+     * @param string	$sortorder	Sort order
+     * @param int		$limit		Limit for list
+     * @param int		$page		Page number
+     *
+     * @return array Array of product objects
+     *
+     * @url	GET /product/list/category/{category}
+     */
+    function getByCategory($mode=0, $category=0, $to_sell='', $to_buy='', $sortfield = "p.ref", $sortorder = 'ASC', $limit = 0, $page = 0) {
+        global $db, $conf;
+        
+        $obj_ret = array();
+        
+        $socid = DolibarrApiAccess::$user->societe_id ? DolibarrApiAccess::$user->societe_id : '';
+
+        $sql = "SELECT rowid, ref, ref_ext";
+        $sql.= " FROM ".MAIN_DB_PREFIX."product as p, ";
+        $sql.= MAIN_DB_PREFIX."categorie_product as c";
+        $sql.= ' WHERE p.entity IN ('.getEntity('product', 1).')';
+
+        // Select products of given category
+        $sql.= " AND c.fk_categorie = ".$db->escape($category);
+        $sql.= " AND c.fk_product = p.rowid ";
+		
+        // Show products
+        if ($mode == 1) $sql.= " AND p.fk_product_type = 0";
+        // Show services
+        if ($mode == 2) $sql.= " AND p.fk_product_type = 1";
+        // Show product on sell
+        if ($to_sell) $sql.= " AND p.to_sell = ".$db->escape($to_sell);
+        // Show product on buy
+        if ($to_buy) $sql.= " AND p.to_nuy = ".$db->escape($to_nuy);
+
+        $nbtotalofrecords = 0;
+        if (empty($conf->global->MAIN_DISABLE_FULL_SCANLIST))
+        {
+            $result = $db->query($sql);
+            $nbtotalofrecords = $db->num_rows($result);
+        }
+
+        $sql.= $db->order($sortfield, $sortorder);
+        if ($limit)	{
+            if ($page < 0)
+            {
+                $page = 0;
+            }
+            $offset = $limit * $page;
+
+            $sql.= $db->plimit($limit + 1, $offset);
+        }
+
+        $result = $db->query($sql);
+        if ($result)
+        {
+            $num = $db->num_rows($result);
+            while ($i < $num)
+            {
+                $obj = $db->fetch_object($result);
+                $product_static = new Product($db);
+                if($product_static->fetch($obj->rowid)) {
+                    $obj_ret[] = parent::_cleanObjectDatas($product_static);
+                }
+                $i++;
+            }
+        }
+        else {
+            throw new RestException(503, 'Error when retrieve product list');
+        }
+        if( ! count($obj_ret)) {
+            throw new RestException(404, 'No product found');
+        }
+        return $obj_ret;
+    }
     
     /**
      * Create product object
diff --git a/htdocs/societe/class/api_contact.class.php b/htdocs/societe/class/api_contact.class.php
index ba7c0d4a2119dfae640ac9111dcc33f2f06e4695..5144c000b4d634ba9aa2ba21bf0b574b89432a1a 100644
--- a/htdocs/societe/class/api_contact.class.php
+++ b/htdocs/societe/class/api_contact.class.php
@@ -251,7 +251,7 @@ class ContactApi extends DolibarrApi
 	 *
 	 * @param   int     $id Contact ID
 	 * @return  integer
-     * 
+   * 
 	 * @url	DELETE contact/{id}
 	 */
 	function delete($id) {
diff --git a/htdocs/user/class/api_user.class.php b/htdocs/user/class/api_user.class.php
index d09785d3ccb0e805c246f0f02ee06c44e1e826b0..af0db5bfb2db1bd18862333d8304d752a67b70e1 100644
--- a/htdocs/user/class/api_user.class.php
+++ b/htdocs/user/class/api_user.class.php
@@ -159,8 +159,35 @@ class UserApi extends DolibarrApi
 		if ($this->useraccount->update($id, DolibarrApiAccess::$user, 1, '', '', 'update'))
 			return $this->get($id);
 
-		return false;
-	}
+    return false;
+  }
+
+  /**
+	 * add user to group
+	 *
+	 * @param   int     $id User ID
+	 * @param   int     $group Group ID
+	 * @return  int
+     * 
+	 * @url	GET user/{id}/setGroup/{group}
+	 */
+	function setGroup($id,$group) {
+		//if (!DolibarrApiAccess::$user->rights->user->user->supprimer) {
+			//throw new RestException(401);
+		//}
+    $result = $this->useraccount->fetch($id);
+    if (!$result)
+    {
+      throw new RestException(404, 'User not found');
+    }
+
+    if (!DolibarrApi::_checkAccessToResource('user', $this->useraccount->id, 'user'))
+    {
+      throw new RestException(401, 'Access not allowed for login ' . DolibarrApiAccess::$user->login);
+    }
+
+    return $this->useraccount->SetInGroup($group,1);
+  }
 
 	/**
 	 * Delete account