| 1 | <?php |
| 2 | /* |
| 3 | +--------------------------------------------------------------------+ |
| 4 | | CiviCRM version 4.5 | |
| 5 | +--------------------------------------------------------------------+ |
| 6 | | Copyright CiviCRM LLC (c) 2004-2014 | |
| 7 | +--------------------------------------------------------------------+ |
| 8 | | This file is a part of CiviCRM. | |
| 9 | | | |
| 10 | | CiviCRM is free software; you can copy, modify, and distribute it | |
| 11 | | under the terms of the GNU Affero General Public License | |
| 12 | | Version 3, 19 November 2007 and the CiviCRM Licensing Exception. | |
| 13 | | | |
| 14 | | CiviCRM is distributed in the hope that it will be useful, but | |
| 15 | | WITHOUT ANY WARRANTY; without even the implied warranty of | |
| 16 | | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. | |
| 17 | | See the GNU Affero General Public License for more details. | |
| 18 | | | |
| 19 | | You should have received a copy of the GNU Affero General Public | |
| 20 | | License and the CiviCRM Licensing Exception along | |
| 21 | | with this program; if not, contact CiviCRM LLC | |
| 22 | | at info[AT]civicrm[DOT]org. If you have questions about the | |
| 23 | | GNU Affero General Public License or the licensing of CiviCRM, | |
| 24 | | see the CiviCRM license FAQ at http://civicrm.org/licensing | |
| 25 | +--------------------------------------------------------------------+ |
| 26 | */ |
| 27 | |
| 28 | /** |
| 29 | * File for CiviCRM APIv3 utilitity functions |
| 30 | * |
| 31 | * @package CiviCRM_APIv3 |
| 32 | * @subpackage API_utils |
| 33 | * |
| 34 | * @copyright CiviCRM LLC (c) 2004-2014 |
| 35 | * @version $Id: utils.php 30879 2010-11-22 15:45:55Z shot $ |
| 36 | * |
| 37 | */ |
| 38 | |
| 39 | /** |
| 40 | * Initialize CiviCRM - should be run at the start of each API function |
| 41 | */ |
| 42 | function _civicrm_api3_initialize() { |
| 43 | require_once 'CRM/Core/ClassLoader.php'; |
| 44 | CRM_Core_ClassLoader::singleton()->register(); |
| 45 | CRM_Core_Config::singleton(); |
| 46 | } |
| 47 | |
| 48 | /** |
| 49 | * Wrapper Function for civicrm_verify_mandatory to make it simple to pass either / or fields for checking |
| 50 | * |
| 51 | * @param array $params array of fields to checkl |
| 52 | * @param array $daoName string DAO to check for required fields (create functions only) |
| 53 | * @param array $keyoptions |
| 54 | * |
| 55 | * @internal param array $keys list of required fields options. One of the options is required |
| 56 | * @return null or throws error if there the required fields not present |
| 57 | * @ |
| 58 | */ |
| 59 | function civicrm_api3_verify_one_mandatory($params, $daoName = NULL, $keyoptions = array( |
| 60 | )) { |
| 61 | $keys = array(array()); |
| 62 | foreach ($keyoptions as $key) { |
| 63 | $keys[0][] = $key; |
| 64 | } |
| 65 | civicrm_api3_verify_mandatory($params, $daoName, $keys); |
| 66 | } |
| 67 | |
| 68 | /** |
| 69 | * Function to check mandatory fields are included |
| 70 | * |
| 71 | * @param array $params array of fields to check |
| 72 | * @param array $daoName string DAO to check for required fields (create functions only) |
| 73 | * @param array $keys list of required fields. A value can be an array denoting that either this or that is required. |
| 74 | * @param bool $verifyDAO |
| 75 | * |
| 76 | * @throws API_Exception |
| 77 | * @return null or throws error if there the required fields not present |
| 78 | * |
| 79 | * @todo see notes on _civicrm_api3_check_required_fields regarding removing $daoName param |
| 80 | */ |
| 81 | function civicrm_api3_verify_mandatory($params, $daoName = NULL, $keys = array(), $verifyDAO = TRUE) { |
| 82 | |
| 83 | $unmatched = array(); |
| 84 | if ($daoName != NULL && $verifyDAO && empty($params['id'])) { |
| 85 | $unmatched = _civicrm_api3_check_required_fields($params, $daoName, TRUE); |
| 86 | if (!is_array($unmatched)) { |
| 87 | $unmatched = array(); |
| 88 | } |
| 89 | } |
| 90 | |
| 91 | if (!empty($params['id'])) { |
| 92 | $keys = array('version'); |
| 93 | } |
| 94 | else { |
| 95 | if (!in_array('version', $keys)) { |
| 96 | // required from v3 onwards |
| 97 | $keys[] = 'version'; |
| 98 | } |
| 99 | } |
| 100 | foreach ($keys as $key) { |
| 101 | if (is_array($key)) { |
| 102 | $match = 0; |
| 103 | $optionset = array(); |
| 104 | foreach ($key as $subkey) { |
| 105 | if (!array_key_exists($subkey, $params) || empty($params[$subkey])) { |
| 106 | $optionset[] = $subkey; |
| 107 | } |
| 108 | else { |
| 109 | // as long as there is one match then we don't need to rtn anything |
| 110 | $match = 1; |
| 111 | } |
| 112 | } |
| 113 | if (empty($match) && !empty($optionset)) { |
| 114 | $unmatched[] = "one of (" . implode(", ", $optionset) . ")"; |
| 115 | } |
| 116 | } |
| 117 | else { |
| 118 | // Disallow empty values except for the number zero. |
| 119 | // TODO: create a utility for this since it's needed in many places |
| 120 | if (!array_key_exists($key, $params) || (empty($params[$key]) && $params[$key] !== 0 && $params[$key] !== '0')) { |
| 121 | $unmatched[] = $key; |
| 122 | } |
| 123 | } |
| 124 | } |
| 125 | if (!empty($unmatched)) { |
| 126 | throw new API_Exception("Mandatory key(s) missing from params array: " . implode(", ", $unmatched),"mandatory_missing",array("fields"=>$unmatched)); |
| 127 | } |
| 128 | } |
| 129 | |
| 130 | /** |
| 131 | * |
| 132 | * @param <type> $data |
| 133 | * @param array $data |
| 134 | * |
| 135 | * @throws API_Exception |
| 136 | * @return array <type> |
| 137 | */ |
| 138 | function civicrm_api3_create_error($msg, $data = array()) { |
| 139 | $data['is_error'] = 1; |
| 140 | $data['error_message'] = $msg; |
| 141 | // we will show sql to privileged user only (not sure of a specific |
| 142 | // security hole here but seems sensible - perhaps should apply to the trace as well?) |
| 143 | if(isset($data['sql']) && CRM_Core_Permission::check('Administer CiviCRM')) { |
| 144 | $data['debug_information'] = $data['sql']; // Isn't this redundant? |
| 145 | } else { |
| 146 | unset($data['sql']); |
| 147 | } |
| 148 | return $data; |
| 149 | } |
| 150 | |
| 151 | /** |
| 152 | * Format array in result output styple |
| 153 | * |
| 154 | * @param array|int $values values generated by API operation (the result) |
| 155 | * @param array $params parameters passed into API call |
| 156 | * @param string $entity the entity being acted on |
| 157 | * @param string $action the action passed to the API |
| 158 | * @param object $dao DAO object to be freed here |
| 159 | * @param array $extraReturnValues additional values to be added to top level of result array( |
| 160 | * - this param is currently used for legacy behaviour support |
| 161 | * |
| 162 | * @return array $result |
| 163 | */ |
| 164 | function civicrm_api3_create_success($values = 1, $params = array(), $entity = NULL, $action = NULL, &$dao = NULL, $extraReturnValues = array()) { |
| 165 | $result = array(); |
| 166 | $result['is_error'] = 0; |
| 167 | //lets set the ['id'] field if it's not set & we know what the entity is |
| 168 | if (is_array($values) && !empty($entity)) { |
| 169 | foreach ($values as $key => $item) { |
| 170 | if (empty($item['id']) && !empty($item[$entity . "_id"])) { |
| 171 | $values[$key]['id'] = $item[$entity . "_id"]; |
| 172 | } |
| 173 | if(!empty($item['financial_type_id'])){ |
| 174 | //4.3 legacy handling |
| 175 | $values[$key]['contribution_type_id'] = $item['financial_type_id']; |
| 176 | } |
| 177 | if(!empty($item['next_sched_contribution_date'])){ |
| 178 | // 4.4 legacy handling |
| 179 | $values[$key]['next_sched_contribution'] = $item['next_sched_contribution_date']; |
| 180 | } |
| 181 | } |
| 182 | } |
| 183 | |
| 184 | if (is_array($params) && !empty($params['debug'])) { |
| 185 | if (is_string($action) && $action != 'getfields') { |
| 186 | $apiFields = civicrm_api($entity, 'getfields', array('version' => 3, 'action' => $action) + $params); |
| 187 | } |
| 188 | elseif ($action != 'getfields') { |
| 189 | $apiFields = civicrm_api($entity, 'getfields', array('version' => 3) + $params); |
| 190 | } |
| 191 | else { |
| 192 | $apiFields = FALSE; |
| 193 | } |
| 194 | |
| 195 | $allFields = array(); |
| 196 | if ($action != 'getfields' && is_array($apiFields) && is_array(CRM_Utils_Array::value('values', $apiFields))) { |
| 197 | $allFields = array_keys($apiFields['values']); |
| 198 | } |
| 199 | $paramFields = array_keys($params); |
| 200 | $undefined = array_diff($paramFields, $allFields, array_keys($_COOKIE), array('action', 'entity', 'debug', 'version', 'check_permissions', 'IDS_request_uri', 'IDS_user_agent', 'return', 'sequential', 'rowCount', 'option_offset', 'option_limit', 'custom', 'option_sort', 'options', 'prettyprint')); |
| 201 | if ($undefined) { |
| 202 | $result['undefined_fields'] = array_merge($undefined); |
| 203 | } |
| 204 | } |
| 205 | if (is_object($dao)) { |
| 206 | $dao->free(); |
| 207 | } |
| 208 | |
| 209 | $result['version'] = 3; |
| 210 | if (is_array($values)) { |
| 211 | $result['count'] = (int) count($values); |
| 212 | |
| 213 | // Convert value-separated strings to array |
| 214 | _civicrm_api3_separate_values($values); |
| 215 | |
| 216 | if ($result['count'] == 1) { |
| 217 | list($result['id']) = array_keys($values); |
| 218 | } |
| 219 | elseif (!empty($values['id']) && is_int($values['id'])) { |
| 220 | $result['id'] = $values['id']; |
| 221 | } |
| 222 | } |
| 223 | else { |
| 224 | $result['count'] = !empty($values) ? 1 : 0; |
| 225 | } |
| 226 | |
| 227 | if (is_array($values) && isset($params['sequential']) && |
| 228 | $params['sequential'] == 1 |
| 229 | ) { |
| 230 | $result['values'] = array_values($values); |
| 231 | } |
| 232 | else { |
| 233 | $result['values'] = $values; |
| 234 | } |
| 235 | if(!empty($params['options']['metadata'])) { |
| 236 | // we've made metadata an array but only supporting 'fields' atm |
| 237 | if(in_array('fields', (array) $params['options']['metadata'])) { |
| 238 | $fields = civicrm_api3($entity, 'getfields', array('action' => substr($action, 0, 3) == 'get' ? 'get' : 'create')); |
| 239 | $result['metadata']['fields'] = $fields['values']; |
| 240 | } |
| 241 | } |
| 242 | return array_merge($result, $extraReturnValues); |
| 243 | } |
| 244 | |
| 245 | /** |
| 246 | * Load the DAO of the entity |
| 247 | */ |
| 248 | function _civicrm_api3_load_DAO($entity) { |
| 249 | $dao = _civicrm_api3_get_DAO($entity); |
| 250 | if (empty($dao)) { |
| 251 | return FALSE; |
| 252 | } |
| 253 | $d = new $dao(); |
| 254 | return $d; |
| 255 | } |
| 256 | |
| 257 | /** |
| 258 | * Function to return the DAO of the function or Entity |
| 259 | * @param String $name either a function of the api (civicrm_{entity}_create or the entity name |
| 260 | * return the DAO name to manipulate this function |
| 261 | * eg. "civicrm_api3_contact_create" or "Contact" will return "CRM_Contact_BAO_Contact" |
| 262 | * @return mixed|string |
| 263 | */ |
| 264 | function _civicrm_api3_get_DAO($name) { |
| 265 | if (strpos($name, 'civicrm_api3') !== FALSE) { |
| 266 | $last = strrpos($name, '_'); |
| 267 | // len ('civicrm_api3_') == 13 |
| 268 | $name = substr($name, 13, $last - 13); |
| 269 | } |
| 270 | |
| 271 | $name = _civicrm_api_get_camel_name($name, 3); |
| 272 | |
| 273 | if ($name == 'Individual' || $name == 'Household' || $name == 'Organization') { |
| 274 | $name = 'Contact'; |
| 275 | } |
| 276 | |
| 277 | // hack to deal with incorrectly named BAO/DAO - see CRM-10859 |
| 278 | |
| 279 | // FIXME: DAO should be renamed CRM_Mailing_DAO_MailingRecipients |
| 280 | // but am not confident mailing_recipients is tested so have not tackled. |
| 281 | if ($name == 'MailingRecipients') { |
| 282 | return 'CRM_Mailing_DAO_Recipients'; |
| 283 | } |
| 284 | // FIXME: DAO should be renamed CRM_Mailing_DAO_MailingComponent |
| 285 | if ($name == 'MailingComponent') { |
| 286 | return 'CRM_Mailing_DAO_Component'; |
| 287 | } |
| 288 | // FIXME: DAO should be renamed CRM_ACL_DAO_AclRole |
| 289 | if ($name == 'AclRole') { |
| 290 | return 'CRM_ACL_DAO_EntityRole'; |
| 291 | } |
| 292 | // FIXME: DAO should be renamed CRM_SMS_DAO_SmsProvider |
| 293 | // But this would impact SMS extensions so need to coordinate |
| 294 | // Probably best approach is to migrate them to use the api and decouple them from core BAOs |
| 295 | if ($name == 'SmsProvider') { |
| 296 | return 'CRM_SMS_DAO_Provider'; |
| 297 | } |
| 298 | // FIXME: DAO names should follow CamelCase convention |
| 299 | if ($name == 'Im' || $name == 'Acl') { |
| 300 | $name = strtoupper($name); |
| 301 | } |
| 302 | $dao = CRM_Core_DAO_AllCoreTables::getFullName($name); |
| 303 | if ($dao || !$name) { |
| 304 | return $dao; |
| 305 | } |
| 306 | |
| 307 | // Really weird apis can declare their own DAO name. Not sure if this is a good idea... |
| 308 | if(file_exists("api/v3/$name.php")) { |
| 309 | include_once "api/v3/$name.php"; |
| 310 | } |
| 311 | $daoFn = "_civicrm_api3_" . _civicrm_api_get_entity_name_from_camel($name) . "_DAO"; |
| 312 | if (function_exists($daoFn)) { |
| 313 | return $daoFn(); |
| 314 | } |
| 315 | |
| 316 | return NULL; |
| 317 | } |
| 318 | |
| 319 | /** |
| 320 | * Function to return the DAO of the function or Entity |
| 321 | * @param String $name is either a function of the api (civicrm_{entity}_create or the entity name |
| 322 | * return the DAO name to manipulate this function |
| 323 | * eg. "civicrm_contact_create" or "Contact" will return "CRM_Contact_BAO_Contact" |
| 324 | * @return mixed |
| 325 | */ |
| 326 | function _civicrm_api3_get_BAO($name) { |
| 327 | // FIXME: DAO should be renamed CRM_Badge_DAO_BadgeLayout |
| 328 | if ($name == 'PrintLabel') { |
| 329 | return 'CRM_Badge_BAO_Layout'; |
| 330 | } |
| 331 | $dao = _civicrm_api3_get_DAO($name); |
| 332 | if (!$dao) { |
| 333 | return NULL; |
| 334 | } |
| 335 | $bao = str_replace("DAO", "BAO", $dao); |
| 336 | $file = strtr($bao, '_', '/') . '.php'; |
| 337 | // Check if this entity actually has a BAO. Fall back on the DAO if not. |
| 338 | return stream_resolve_include_path($file) ? $bao : $dao; |
| 339 | } |
| 340 | |
| 341 | /** |
| 342 | * Recursive function to explode value-separated strings into arrays |
| 343 | * |
| 344 | */ |
| 345 | function _civicrm_api3_separate_values(&$values) { |
| 346 | $sp = CRM_Core_DAO::VALUE_SEPARATOR; |
| 347 | foreach ($values as $key => & $value) { |
| 348 | if (is_array($value)) { |
| 349 | _civicrm_api3_separate_values($value); |
| 350 | } |
| 351 | elseif (is_string($value)) { |
| 352 | if($key == 'case_type_id'){// this is to honor the way case API was originally written |
| 353 | $value = trim(str_replace($sp, ',', $value), ','); |
| 354 | } |
| 355 | elseif (strpos($value, $sp) !== FALSE) { |
| 356 | $value = explode($sp, trim($value, $sp)); |
| 357 | } |
| 358 | } |
| 359 | } |
| 360 | } |
| 361 | |
| 362 | /** |
| 363 | * This is a legacy wrapper for api_store_values which will check the suitable fields using getfields |
| 364 | * rather than DAO->fields |
| 365 | * |
| 366 | * Getfields has handling for how to deal with uniquenames which dao->fields doesn't |
| 367 | * |
| 368 | * Note this is used by BAO type create functions - eg. contribution |
| 369 | * @param string $entity |
| 370 | * @param array $params |
| 371 | * @param array $values |
| 372 | */ |
| 373 | function _civicrm_api3_filter_fields_for_bao($entity, &$params, &$values){ |
| 374 | $fields = civicrm_api($entity,'getfields', array('version' => 3,'action' => 'create')); |
| 375 | $fields = $fields['values']; |
| 376 | _civicrm_api3_store_values($fields, $params, $values); |
| 377 | } |
| 378 | /** |
| 379 | * |
| 380 | * @param array $fields |
| 381 | * @param array $params |
| 382 | * @param array $values |
| 383 | * |
| 384 | * @return Bool $valueFound |
| 385 | */ |
| 386 | function _civicrm_api3_store_values(&$fields, &$params, &$values) { |
| 387 | $valueFound = FALSE; |
| 388 | |
| 389 | $keys = array_intersect_key($params, $fields); |
| 390 | foreach ($keys as $name => $value) { |
| 391 | if ($name !== 'id') { |
| 392 | $values[$name] = $value; |
| 393 | $valueFound = TRUE; |
| 394 | } |
| 395 | } |
| 396 | return $valueFound; |
| 397 | } |
| 398 | |
| 399 | /** |
| 400 | * The API supports 2 types of get requestion. The more complex uses the BAO query object. |
| 401 | * This is a generic function for those functions that call it |
| 402 | * |
| 403 | * At the moment only called by contact we should extend to contribution & |
| 404 | * others that use the query object. Note that this function passes permission information in. |
| 405 | * The others don't |
| 406 | * |
| 407 | * * Ideally this would be merged with _civicrm_get_query_object but we need to resolve differences in what the |
| 408 | * 2 variants call |
| 409 | * @param $entity |
| 410 | * @param array $params as passed into api get or getcount function |
| 411 | * @param array $additional_options |
| 412 | * @param bool $getCount are we just after the count |
| 413 | * |
| 414 | * @return |
| 415 | * @internal param array $options array of options (so we can modify the filter) |
| 416 | */ |
| 417 | function _civicrm_api3_get_using_query_object($entity, $params, $additional_options = array(), $getCount = NULL){ |
| 418 | |
| 419 | // Convert id to e.g. contact_id |
| 420 | if (empty($params[$entity . '_id']) && isset($params['id'])) { |
| 421 | $params[$entity . '_id'] = $params['id']; |
| 422 | } |
| 423 | unset($params['id']); |
| 424 | |
| 425 | $options = _civicrm_api3_get_options_from_params($params, TRUE); |
| 426 | |
| 427 | $inputParams = array_merge( |
| 428 | CRM_Utils_Array::value('input_params', $options, array()), |
| 429 | CRM_Utils_Array::value('input_params', $additional_options, array()) |
| 430 | ); |
| 431 | $returnProperties = array_merge( |
| 432 | CRM_Utils_Array::value('return', $options, array()), |
| 433 | CRM_Utils_Array::value('return', $additional_options, array()) |
| 434 | ); |
| 435 | if(empty($returnProperties)){ |
| 436 | $returnProperties = NULL; |
| 437 | } |
| 438 | if(!empty($params['check_permissions'])){ |
| 439 | // we will filter query object against getfields |
| 440 | $fields = civicrm_api($entity, 'getfields', array('version' => 3, 'action' => 'get')); |
| 441 | // we need to add this in as earlier in this function 'id' was unset in favour of $entity_id |
| 442 | $fields['values'][$entity . '_id'] = array(); |
| 443 | $varsToFilter = array('returnProperties', 'inputParams'); |
| 444 | foreach ($varsToFilter as $varToFilter){ |
| 445 | if(!is_array($$varToFilter)){ |
| 446 | continue; |
| 447 | } |
| 448 | //I was going to throw an exception rather than silently filter out - but |
| 449 | //would need to diff out of exceptions arr other keys like 'options', 'return', 'api. etcetc |
| 450 | //so we are silently ignoring parts of their request |
| 451 | //$exceptionsArr = array_diff(array_keys($$varToFilter), array_keys($fields['values'])); |
| 452 | $$varToFilter = array_intersect_key($$varToFilter, $fields['values']); |
| 453 | } |
| 454 | } |
| 455 | $options = array_merge($options,$additional_options); |
| 456 | $sort = CRM_Utils_Array::value('sort', $options, NULL); |
| 457 | $offset = CRM_Utils_Array::value('offset', $options, NULL); |
| 458 | $limit = CRM_Utils_Array::value('limit', $options, NULL); |
| 459 | $smartGroupCache = CRM_Utils_Array::value('smartGroupCache', $params); |
| 460 | |
| 461 | if($getCount){ |
| 462 | $limit = NULL; |
| 463 | $returnProperties = NULL; |
| 464 | } |
| 465 | |
| 466 | $newParams = CRM_Contact_BAO_Query::convertFormValues($inputParams); |
| 467 | foreach ($newParams as &$newParam) { |
| 468 | if($newParam[1] == '=' && is_array($newParam[2])) { |
| 469 | // we may be looking at an attempt to use the 'IN' style syntax |
| 470 | // @todo at time of writing only 'IN' & 'NOT IN' are supported for the array style syntax |
| 471 | $sqlFilter = CRM_Core_DAO::createSqlFilter($newParam[0], $params[$newParam[0]], 'String', NULL, TRUE); |
| 472 | if($sqlFilter) { |
| 473 | $newParam[1] = key($newParam[2]); |
| 474 | $newParam[2] = $sqlFilter; |
| 475 | } |
| 476 | } |
| 477 | |
| 478 | } |
| 479 | |
| 480 | $skipPermissions = !empty($params['check_permissions']) ? 0 :1; |
| 481 | |
| 482 | list($entities, $options) = CRM_Contact_BAO_Query::apiQuery( |
| 483 | $newParams, |
| 484 | $returnProperties, |
| 485 | NULL, |
| 486 | $sort, |
| 487 | $offset , |
| 488 | $limit, |
| 489 | $smartGroupCache, |
| 490 | $getCount, |
| 491 | $skipPermissions |
| 492 | ); |
| 493 | if ($getCount) { // only return the count of contacts |
| 494 | return $entities; |
| 495 | } |
| 496 | |
| 497 | return $entities; |
| 498 | } |
| 499 | |
| 500 | /** |
| 501 | * get dao query object based on input params |
| 502 | * Ideally this would be merged with _civicrm_get_using_query_object but we need to resolve differences in what the |
| 503 | * 2 variants call |
| 504 | * |
| 505 | * @param array $params |
| 506 | * @param string $mode |
| 507 | * @param string $entity |
| 508 | * @return CRM_Core_DAO query object |
| 509 | */ |
| 510 | function _civicrm_api3_get_query_object($params, $mode, $entity) { |
| 511 | $options = _civicrm_api3_get_options_from_params($params, TRUE, $entity, 'get'); |
| 512 | $sort = CRM_Utils_Array::value('sort', $options, NULL); |
| 513 | $offset = CRM_Utils_Array::value('offset', $options); |
| 514 | $rowCount = CRM_Utils_Array::value('limit', $options); |
| 515 | $inputParams = CRM_Utils_Array::value('input_params', $options, array()); |
| 516 | $returnProperties = CRM_Utils_Array::value('return', $options, NULL); |
| 517 | if (empty($returnProperties)) { |
| 518 | $returnProperties = CRM_Contribute_BAO_Query::defaultReturnProperties($mode); |
| 519 | } |
| 520 | |
| 521 | $newParams = CRM_Contact_BAO_Query::convertFormValues($inputParams); |
| 522 | $query = new CRM_Contact_BAO_Query($newParams, $returnProperties, NULL, |
| 523 | FALSE, FALSE, $mode |
| 524 | ); |
| 525 | list($select, $from, $where, $having) = $query->query(); |
| 526 | |
| 527 | $sql = "$select $from $where $having"; |
| 528 | |
| 529 | if (!empty($sort)) { |
| 530 | $sql .= " ORDER BY $sort "; |
| 531 | } |
| 532 | if(!empty($rowCount)) { |
| 533 | $sql .= " LIMIT $offset, $rowCount "; |
| 534 | } |
| 535 | $dao = CRM_Core_DAO::executeQuery($sql); |
| 536 | return array($dao, $query); |
| 537 | } |
| 538 | |
| 539 | /** |
| 540 | * Function transfers the filters being passed into the DAO onto the params object |
| 541 | */ |
| 542 | function _civicrm_api3_dao_set_filter(&$dao, $params, $unique = TRUE, $entity) { |
| 543 | $entity = substr($dao->__table, 8); |
| 544 | |
| 545 | $allfields = _civicrm_api3_build_fields_array($dao, $unique); |
| 546 | |
| 547 | $fields = array_intersect(array_keys($allfields), array_keys($params)); |
| 548 | if (isset($params[$entity . "_id"])) { |
| 549 | //if entity_id is set then treat it as ID (will be overridden by id if set) |
| 550 | $dao->id = $params[$entity . "_id"]; |
| 551 | } |
| 552 | |
| 553 | $options = _civicrm_api3_get_options_from_params($params); |
| 554 | //apply options like sort |
| 555 | _civicrm_api3_apply_options_to_dao($params, $dao, $entity); |
| 556 | |
| 557 | //accept filters like filter.activity_date_time_high |
| 558 | // std is now 'filters' => .. |
| 559 | if (strstr(implode(',', array_keys($params)), 'filter')) { |
| 560 | if (isset($params['filters']) && is_array($params['filters'])) { |
| 561 | foreach ($params['filters'] as $paramkey => $paramvalue) { |
| 562 | _civicrm_api3_apply_filters_to_dao($paramkey, $paramvalue, $dao); |
| 563 | } |
| 564 | } |
| 565 | else { |
| 566 | foreach ($params as $paramkey => $paramvalue) { |
| 567 | if (strstr($paramkey, 'filter')) { |
| 568 | _civicrm_api3_apply_filters_to_dao(substr($paramkey, 7), $paramvalue, $dao); |
| 569 | } |
| 570 | } |
| 571 | } |
| 572 | } |
| 573 | if (!$fields) { |
| 574 | $fields = array(); |
| 575 | } |
| 576 | |
| 577 | foreach ($fields as $field) { |
| 578 | if (is_array($params[$field])) { |
| 579 | //get the actual fieldname from db |
| 580 | $fieldName = $allfields[$field]['name']; |
| 581 | $where = CRM_Core_DAO::createSqlFilter($fieldName, $params[$field], 'String'); |
| 582 | if(!empty($where)) { |
| 583 | $dao->whereAdd($where); |
| 584 | } |
| 585 | } |
| 586 | else { |
| 587 | if ($unique) { |
| 588 | $daoFieldName = $allfields[$field]['name']; |
| 589 | if (empty($daoFieldName)) { |
| 590 | throw new API_Exception("Failed to determine field name for \"$field\""); |
| 591 | } |
| 592 | $dao->{$daoFieldName} = $params[$field]; |
| 593 | } |
| 594 | else { |
| 595 | $dao->$field = $params[$field]; |
| 596 | } |
| 597 | } |
| 598 | } |
| 599 | if (!empty($options['return']) && is_array($options['return']) && empty($options['is_count'])) { |
| 600 | $dao->selectAdd(); |
| 601 | $options['return']['id'] = TRUE;// ensure 'id' is included |
| 602 | $allfields = _civicrm_api3_get_unique_name_array($dao); |
| 603 | $returnMatched = array_intersect(array_keys($options['return']), $allfields); |
| 604 | foreach ($returnMatched as $returnValue) { |
| 605 | $dao->selectAdd($returnValue); |
| 606 | } |
| 607 | |
| 608 | $unmatchedFields = array_diff(// not already matched on the field names |
| 609 | array_keys($options['return']), |
| 610 | $returnMatched |
| 611 | ); |
| 612 | |
| 613 | $returnUniqueMatched = array_intersect( |
| 614 | $unmatchedFields, |
| 615 | array_flip($allfields)// but a match for the field keys |
| 616 | ); |
| 617 | foreach ($returnUniqueMatched as $uniqueVal){ |
| 618 | $dao->selectAdd($allfields[$uniqueVal]); |
| 619 | } |
| 620 | } |
| 621 | $dao->setApiFilter($params); |
| 622 | } |
| 623 | |
| 624 | /** |
| 625 | * Apply filters (e.g. high, low) to DAO object (prior to find) |
| 626 | * @param string $filterField field name of filter |
| 627 | * @param string $filterValue field value of filter |
| 628 | * @param object $dao DAO object |
| 629 | */ |
| 630 | function _civicrm_api3_apply_filters_to_dao($filterField, $filterValue, &$dao) { |
| 631 | if (strstr($filterField, 'high')) { |
| 632 | $fieldName = substr($filterField, 0, -5); |
| 633 | $dao->whereAdd("($fieldName <= $filterValue )"); |
| 634 | } |
| 635 | if (strstr($filterField, 'low')) { |
| 636 | $fieldName = substr($filterField, 0, -4); |
| 637 | $dao->whereAdd("($fieldName >= $filterValue )"); |
| 638 | } |
| 639 | if($filterField == 'is_current' && $filterValue == 1){ |
| 640 | $todayStart = date('Ymd000000', strtotime('now')); |
| 641 | $todayEnd = date('Ymd235959', strtotime('now')); |
| 642 | $dao->whereAdd("(start_date <= '$todayStart' OR start_date IS NULL) AND (end_date >= '$todayEnd' OR end_date IS NULL)"); |
| 643 | if(property_exists($dao, 'is_active')){ |
| 644 | $dao->whereAdd('is_active = 1'); |
| 645 | } |
| 646 | } |
| 647 | } |
| 648 | |
| 649 | /** |
| 650 | * Get sort, limit etc options from the params - supporting old & new formats. |
| 651 | * get returnproperties for legacy |
| 652 | * |
| 653 | * @param array $params params array as passed into civicrm_api |
| 654 | * @param bool $queryObject - is this supporting a queryobject api (e.g contact) - if so we support more options |
| 655 | * for legacy report & return a unique fields array |
| 656 | * |
| 657 | * @param string $entity |
| 658 | * @param string $action |
| 659 | * |
| 660 | * @throws API_Exception |
| 661 | * @return array $options options extracted from params |
| 662 | */ |
| 663 | function _civicrm_api3_get_options_from_params(&$params, $queryObject = FALSE, $entity = '', $action = '') { |
| 664 | $is_count = FALSE; |
| 665 | $sort = CRM_Utils_Array::value('sort', $params, 0); |
| 666 | $sort = CRM_Utils_Array::value('option.sort', $params, $sort); |
| 667 | $sort = CRM_Utils_Array::value('option_sort', $params, $sort); |
| 668 | |
| 669 | $offset = CRM_Utils_Array::value('offset', $params, 0); |
| 670 | $offset = CRM_Utils_Array::value('option.offset', $params, $offset); |
| 671 | // dear PHP thought it would be a good idea to transform a.b into a_b in the get/post |
| 672 | $offset = CRM_Utils_Array::value('option_offset', $params, $offset); |
| 673 | |
| 674 | $limit = CRM_Utils_Array::value('rowCount', $params, 25); |
| 675 | $limit = CRM_Utils_Array::value('option.limit', $params, $limit); |
| 676 | $limit = CRM_Utils_Array::value('option_limit', $params, $limit); |
| 677 | |
| 678 | if (is_array(CRM_Utils_Array::value('options', $params))) { |
| 679 | // is count is set by generic getcount not user |
| 680 | $is_count = CRM_Utils_Array::value('is_count', $params['options']); |
| 681 | $offset = CRM_Utils_Array::value('offset', $params['options'], $offset); |
| 682 | $limit = CRM_Utils_Array::value('limit', $params['options'], $limit); |
| 683 | $sort = CRM_Utils_Array::value('sort', $params['options'], $sort); |
| 684 | } |
| 685 | |
| 686 | $returnProperties = array(); |
| 687 | // handle the format return =sort_name,display_name... |
| 688 | if (array_key_exists('return', $params)) { |
| 689 | if (is_array($params['return'])) { |
| 690 | $returnProperties = array_fill_keys($params['return'], 1); |
| 691 | } |
| 692 | else { |
| 693 | $returnProperties = explode(',', str_replace(' ', '', $params['return'])); |
| 694 | $returnProperties = array_fill_keys($returnProperties, 1); |
| 695 | } |
| 696 | } |
| 697 | if ($entity && $action =='get') { |
| 698 | if (!empty($returnProperties['id'])) { |
| 699 | $returnProperties[$entity . '_id'] = 1; |
| 700 | unset($returnProperties['id']); |
| 701 | } |
| 702 | switch (trim(strtolower($sort))){ |
| 703 | case 'id': |
| 704 | case 'id desc': |
| 705 | case 'id asc': |
| 706 | $sort = str_replace('id', $entity . '_id',$sort); |
| 707 | } |
| 708 | } |
| 709 | |
| 710 | $options = array( |
| 711 | 'offset' => CRM_Utils_Rule::integer($offset) ? $offset : NULL, |
| 712 | 'sort' => CRM_Utils_Rule::string($sort) ? $sort : NULL, |
| 713 | 'limit' => CRM_Utils_Rule::integer($limit) ? $limit : NULL, |
| 714 | 'is_count' => $is_count, |
| 715 | 'return' => !empty($returnProperties) ? $returnProperties : array(), |
| 716 | ); |
| 717 | |
| 718 | if ($options['sort'] && stristr($options['sort'], 'SELECT')) { |
| 719 | throw new API_Exception('invalid string in sort options'); |
| 720 | } |
| 721 | |
| 722 | if (!$queryObject) { |
| 723 | return $options; |
| 724 | } |
| 725 | //here comes the legacy support for $returnProperties, $inputParams e.g for contat_get |
| 726 | // if the queryobject is being used this should be used |
| 727 | $inputParams = array(); |
| 728 | $legacyreturnProperties = array(); |
| 729 | $otherVars = array( |
| 730 | 'sort', 'offset', 'rowCount', 'options','return', |
| 731 | ); |
| 732 | foreach ($params as $n => $v) { |
| 733 | if (substr($n, 0, 7) == 'return.') { |
| 734 | $legacyreturnProperties[substr($n, 7)] = $v; |
| 735 | } |
| 736 | elseif ($n == 'id') { |
| 737 | $inputParams[$entity. '_id'] = $v; |
| 738 | } |
| 739 | elseif (in_array($n, $otherVars)) {} |
| 740 | else { |
| 741 | $inputParams[$n] = $v; |
| 742 | if ($v && !is_array($v) && stristr($v, 'SELECT')) { |
| 743 | throw new API_Exception('invalid string'); |
| 744 | } |
| 745 | } |
| 746 | } |
| 747 | $options['return'] = array_merge($returnProperties, $legacyreturnProperties); |
| 748 | $options['input_params'] = $inputParams; |
| 749 | return $options; |
| 750 | } |
| 751 | |
| 752 | /** |
| 753 | * Apply options (e.g. sort, limit, order by) to DAO object (prior to find) |
| 754 | * |
| 755 | * @param array $params params array as passed into civicrm_api |
| 756 | * @param object $dao DAO object |
| 757 | * @param $entity |
| 758 | */ |
| 759 | function _civicrm_api3_apply_options_to_dao(&$params, &$dao, $entity) { |
| 760 | |
| 761 | $options = _civicrm_api3_get_options_from_params($params,FALSE,$entity); |
| 762 | if(!$options['is_count']) { |
| 763 | if(!empty($options['limit'])) { |
| 764 | $dao->limit((int)$options['offset'], (int)$options['limit']); |
| 765 | } |
| 766 | if (!empty($options['sort'])) { |
| 767 | $dao->orderBy($options['sort']); |
| 768 | } |
| 769 | } |
| 770 | } |
| 771 | |
| 772 | /** |
| 773 | * build fields array. This is the array of fields as it relates to the given DAO |
| 774 | * returns unique fields as keys by default but if set but can return by DB fields |
| 775 | */ |
| 776 | function _civicrm_api3_build_fields_array(&$bao, $unique = TRUE) { |
| 777 | $fields = $bao->fields(); |
| 778 | if ($unique) { |
| 779 | if (empty($fields['id'])){ |
| 780 | $entity = _civicrm_api_get_entity_name_from_dao($bao); |
| 781 | $fields['id'] = $fields[$entity . '_id']; |
| 782 | unset($fields[$entity . '_id']); |
| 783 | } |
| 784 | return $fields; |
| 785 | } |
| 786 | |
| 787 | foreach ($fields as $field) { |
| 788 | $dbFields[$field['name']] = $field; |
| 789 | } |
| 790 | return $dbFields; |
| 791 | } |
| 792 | |
| 793 | /** |
| 794 | * build fields array. This is the array of fields as it relates to the given DAO |
| 795 | * returns unique fields as keys by default but if set but can return by DB fields |
| 796 | */ |
| 797 | function _civicrm_api3_get_unique_name_array(&$bao) { |
| 798 | $fields = $bao->fields(); |
| 799 | foreach ($fields as $field => $values) { |
| 800 | $uniqueFields[$field] = CRM_Utils_Array::value('name',$values, $field); |
| 801 | } |
| 802 | return $uniqueFields; |
| 803 | } |
| 804 | |
| 805 | /** |
| 806 | * Converts an DAO object to an array |
| 807 | * |
| 808 | * @param object $dao (reference )object to convert |
| 809 | * @param null $params |
| 810 | * @param bool $uniqueFields |
| 811 | * @param string $entity |
| 812 | * |
| 813 | * @param bool $autoFind |
| 814 | * |
| 815 | * @return array |
| 816 | * |
| 817 | * @params array of arrays (key = id) of array of fields |
| 818 | * |
| 819 | * @static void |
| 820 | * @access public |
| 821 | */ |
| 822 | function _civicrm_api3_dao_to_array($dao, $params = NULL, $uniqueFields = TRUE, $entity = "", $autoFind = TRUE) { |
| 823 | $result = array(); |
| 824 | if(isset($params['options']) && !empty($params['options']['is_count'])) { |
| 825 | return $dao->count(); |
| 826 | } |
| 827 | if (empty($dao)) { |
| 828 | return array(); |
| 829 | } |
| 830 | if ($autoFind && !$dao->find()) { |
| 831 | return array(); |
| 832 | } |
| 833 | |
| 834 | if(isset($dao->count)) { |
| 835 | return $dao->count; |
| 836 | } |
| 837 | |
| 838 | $fields = array_keys(_civicrm_api3_build_fields_array($dao, $uniqueFields)); |
| 839 | |
| 840 | while ($dao->fetch()) { |
| 841 | $tmp = array(); |
| 842 | foreach ($fields as $key) { |
| 843 | if (array_key_exists($key, $dao)) { |
| 844 | // not sure on that one |
| 845 | if ($dao->$key !== NULL) { |
| 846 | $tmp[$key] = $dao->$key; |
| 847 | } |
| 848 | } |
| 849 | } |
| 850 | $result[$dao->id] = $tmp; |
| 851 | |
| 852 | if(_civicrm_api3_custom_fields_are_required($entity, $params)) { |
| 853 | _civicrm_api3_custom_data_get($result[$dao->id], $entity, $dao->id); |
| 854 | } |
| 855 | } |
| 856 | |
| 857 | |
| 858 | return $result; |
| 859 | } |
| 860 | |
| 861 | /** |
| 862 | * We currently retrieve all custom fields or none at this level so if we know the entity |
| 863 | * && it can take custom fields & there is the string 'custom' in their return request we get them all, they are filtered on the way out |
| 864 | * @todo filter so only required fields are queried |
| 865 | * |
| 866 | * @param $params |
| 867 | * @param string $entity - entity name in CamelCase |
| 868 | * |
| 869 | * @return bool |
| 870 | */ |
| 871 | function _civicrm_api3_custom_fields_are_required($entity, $params) { |
| 872 | if (!array_key_exists($entity, CRM_Core_BAO_CustomQuery::$extendsMap)) { |
| 873 | return FALSE; |
| 874 | } |
| 875 | $options = _civicrm_api3_get_options_from_params($params); |
| 876 | //we check for possibility of 'custom' => 1 as well as specific custom fields |
| 877 | $returnString = implode('', $options['return']) . implode('', array_keys($options['return'])); |
| 878 | if(stristr($returnString, 'custom')) { |
| 879 | return TRUE; |
| 880 | } |
| 881 | } |
| 882 | /** |
| 883 | * Converts an object to an array |
| 884 | * |
| 885 | * @param object $dao (reference) object to convert |
| 886 | * @param array $values (reference) array |
| 887 | * @param array|bool $uniqueFields |
| 888 | * |
| 889 | * @return array |
| 890 | * @static void |
| 891 | * @access public |
| 892 | */ |
| 893 | function _civicrm_api3_object_to_array(&$dao, &$values, $uniqueFields = FALSE) { |
| 894 | |
| 895 | $fields = _civicrm_api3_build_fields_array($dao, $uniqueFields); |
| 896 | foreach ($fields as $key => $value) { |
| 897 | if (array_key_exists($key, $dao)) { |
| 898 | $values[$key] = $dao->$key; |
| 899 | } |
| 900 | } |
| 901 | } |
| 902 | |
| 903 | /** |
| 904 | * Wrapper for _civicrm_object_to_array when api supports unique fields |
| 905 | */ |
| 906 | function _civicrm_api3_object_to_array_unique_fields(&$dao, &$values) { |
| 907 | return _civicrm_api3_object_to_array($dao, $values, TRUE); |
| 908 | } |
| 909 | |
| 910 | /** |
| 911 | * |
| 912 | * @param array $params |
| 913 | * @param array $values |
| 914 | * @param string $extends entity that this custom field extends (e.g. contribution, event, contact) |
| 915 | * @param string $entityId ID of entity per $extends |
| 916 | */ |
| 917 | function _civicrm_api3_custom_format_params($params, &$values, $extends, $entityId = NULL) { |
| 918 | $values['custom'] = array(); |
| 919 | foreach ($params as $key => $value) { |
| 920 | list($customFieldID, $customValueID) = CRM_Core_BAO_CustomField::getKeyID($key, TRUE); |
| 921 | if ($customFieldID && (!IS_NULL($value))) { |
| 922 | CRM_Core_BAO_CustomField::formatCustomField($customFieldID, $values['custom'], |
| 923 | $value, $extends, $customValueID, $entityId, FALSE, FALSE |
| 924 | ); |
| 925 | } |
| 926 | } |
| 927 | } |
| 928 | |
| 929 | /** |
| 930 | * @param $params |
| 931 | * @param $entity |
| 932 | */ |
| 933 | function _civicrm_api3_format_params_for_create(&$params, $entity) { |
| 934 | $nonGenericEntities = array('Contact', 'Individual', 'Household', 'Organization'); |
| 935 | |
| 936 | $customFieldEntities = array_diff_key(CRM_Core_BAO_CustomQuery::$extendsMap, array_fill_keys($nonGenericEntities, 1)); |
| 937 | if(!array_key_exists($entity, $customFieldEntities)) { |
| 938 | return; |
| 939 | } |
| 940 | $values = array(); |
| 941 | _civicrm_api3_custom_format_params($params, $values, $entity); |
| 942 | $params = array_merge($params, $values); |
| 943 | } |
| 944 | |
| 945 | /** |
| 946 | * @deprecated |
| 947 | * This function ensures that we have the right input parameters |
| 948 | * |
| 949 | * This function is only called when $dao is passed into verify_mandatory. |
| 950 | * The practice of passing $dao into verify_mandatory turned out to be |
| 951 | * unsatisfactory as the required fields @ the dao level is so diffent to the abstract |
| 952 | * api level. Hence the intention is to remove this function |
| 953 | * & the associated param from viery_mandatory |
| 954 | * |
| 955 | * @param array $params Associative array of property name/value |
| 956 | * pairs to insert in new history. |
| 957 | * @param $daoName |
| 958 | * @param bool $return |
| 959 | * |
| 960 | * @daoName string DAO to check params agains |
| 961 | * |
| 962 | * @return bool should the missing fields be returned as an array (core error created as default) |
| 963 | * |
| 964 | * @return bool true if all fields present, depending on $result a core error is created of an array of missing fields is returned |
| 965 | * @access public |
| 966 | */ |
| 967 | function _civicrm_api3_check_required_fields($params, $daoName, $return = FALSE) { |
| 968 | //@deprecated - see notes |
| 969 | if (isset($params['extends'])) { |
| 970 | if (($params['extends'] == 'Activity' || |
| 971 | $params['extends'] == 'Phonecall' || |
| 972 | $params['extends'] == 'Meeting' || |
| 973 | $params['extends'] == 'Group' || |
| 974 | $params['extends'] == 'Contribution' |
| 975 | ) && |
| 976 | ($params['style'] == 'Tab') |
| 977 | ) { |
| 978 | return civicrm_api3_create_error(ts("Can not create Custom Group in Tab for " . $params['extends'])); |
| 979 | } |
| 980 | } |
| 981 | |
| 982 | $dao = new $daoName(); |
| 983 | $fields = $dao->fields(); |
| 984 | |
| 985 | $missing = array(); |
| 986 | foreach ($fields as $k => $v) { |
| 987 | if ($v['name'] == 'id') { |
| 988 | continue; |
| 989 | } |
| 990 | |
| 991 | if (!empty($v['required'])) { |
| 992 | // 0 is a valid input for numbers, CRM-8122 |
| 993 | if (!isset($params[$k]) || (empty($params[$k]) && !($params[$k] === 0))) { |
| 994 | $missing[] = $k; |
| 995 | } |
| 996 | } |
| 997 | } |
| 998 | |
| 999 | if (!empty($missing)) { |
| 1000 | if (!empty($return)) { |
| 1001 | return $missing; |
| 1002 | } |
| 1003 | else { |
| 1004 | return civicrm_api3_create_error(ts("Required fields " . implode(',', $missing) . " for $daoName are not present")); |
| 1005 | } |
| 1006 | } |
| 1007 | |
| 1008 | return TRUE; |
| 1009 | } |
| 1010 | |
| 1011 | /** |
| 1012 | * Function to do a 'standard' api get - when the api is only doing a $bao->find then use this |
| 1013 | * |
| 1014 | * @param string $bao_name name of BAO |
| 1015 | * @param array $params params from api |
| 1016 | * @param bool $returnAsSuccess return in api success format |
| 1017 | * @param string $entity |
| 1018 | * |
| 1019 | * @return array |
| 1020 | */ |
| 1021 | function _civicrm_api3_basic_get($bao_name, &$params, $returnAsSuccess = TRUE, $entity = "") { |
| 1022 | $bao = new $bao_name(); |
| 1023 | _civicrm_api3_dao_set_filter($bao, $params, TRUE, $entity); |
| 1024 | if ($returnAsSuccess) { |
| 1025 | return civicrm_api3_create_success(_civicrm_api3_dao_to_array($bao, $params, FALSE, $entity), $params, $entity, 'get'); |
| 1026 | } |
| 1027 | else { |
| 1028 | return _civicrm_api3_dao_to_array($bao, $params, FALSE, $entity, 'get'); |
| 1029 | } |
| 1030 | } |
| 1031 | |
| 1032 | /** |
| 1033 | * Function to do a 'standard' api create - when the api is only doing a $bao::create then use this |
| 1034 | * |
| 1035 | * @param string $bao_name Name of BAO Class |
| 1036 | * @param array $params parameters passed into the api call |
| 1037 | * @param string $entity Entity - pass in if entity is non-standard & required $ids array |
| 1038 | * |
| 1039 | * @throws API_Exception |
| 1040 | * @return array |
| 1041 | */ |
| 1042 | function _civicrm_api3_basic_create($bao_name, &$params, $entity = NULL) { |
| 1043 | _civicrm_api3_format_params_for_create($params, $entity); |
| 1044 | $args = array(&$params); |
| 1045 | if (!empty($entity)) { |
| 1046 | $ids = array($entity => CRM_Utils_Array::value('id', $params)); |
| 1047 | $args[] = &$ids; |
| 1048 | } |
| 1049 | |
| 1050 | if (method_exists($bao_name, 'create')) { |
| 1051 | $fct = 'create'; |
| 1052 | $fct_name = $bao_name . '::' . $fct; |
| 1053 | $bao = call_user_func_array(array($bao_name, $fct), $args); |
| 1054 | } |
| 1055 | elseif (method_exists($bao_name, 'add')) { |
| 1056 | $fct = 'add'; |
| 1057 | $fct_name = $bao_name . '::' . $fct; |
| 1058 | $bao = call_user_func_array(array($bao_name, $fct), $args); |
| 1059 | } |
| 1060 | else { |
| 1061 | $fct_name = '_civicrm_api3_basic_create_fallback'; |
| 1062 | $bao = _civicrm_api3_basic_create_fallback($bao_name, $params); |
| 1063 | } |
| 1064 | |
| 1065 | if (is_null($bao)) { |
| 1066 | return civicrm_api3_create_error('Entity not created (' . $fct_name . ')'); |
| 1067 | } |
| 1068 | elseif (is_a($bao, 'CRM_Core_Error')) { |
| 1069 | //some wierd circular thing means the error takes itself as an argument |
| 1070 | $msg = $bao->getMessages($bao); |
| 1071 | // the api deals with entities on a one-by-one basis. However, the contribution bao pushes entities |
| 1072 | // onto the error object - presumably because the contribution import is not handling multiple errors correctly |
| 1073 | // so we need to reset the error object here to avoid getting concatenated errors |
| 1074 | //@todo - the mulitple error handling should be moved out of the contribution object to the import / multiple entity processes |
| 1075 | CRM_Core_Error::singleton()->reset(); |
| 1076 | throw new API_Exception($msg); |
| 1077 | } |
| 1078 | else { |
| 1079 | $values = array(); |
| 1080 | _civicrm_api3_object_to_array($bao, $values[$bao->id]); |
| 1081 | return civicrm_api3_create_success($values, $params, $entity, 'create', $bao); |
| 1082 | } |
| 1083 | } |
| 1084 | |
| 1085 | /** |
| 1086 | * For BAO's which don't have a create() or add() functions, use this fallback implementation. |
| 1087 | * |
| 1088 | * @fixme There's an intuitive sense that this behavior should be defined somehow in the BAO/DAO class |
| 1089 | * structure. In practice, that requires a fair amount of refactoring and/or kludgery. |
| 1090 | * |
| 1091 | * @param string $bao_name |
| 1092 | * @param array $params |
| 1093 | * |
| 1094 | * @throws API_Exception |
| 1095 | * @return CRM_Core_DAO|NULL an instance of the BAO |
| 1096 | */ |
| 1097 | function _civicrm_api3_basic_create_fallback($bao_name, &$params) { |
| 1098 | $dao_name = get_parent_class($bao_name); |
| 1099 | if ($dao_name === 'CRM_Core_DAO' || !$dao_name) { |
| 1100 | $dao_name = $bao_name; |
| 1101 | } |
| 1102 | $entityName = CRM_Core_DAO_AllCoreTables::getBriefName($dao_name); |
| 1103 | if (empty($entityName)) { |
| 1104 | throw new API_Exception("Class \"$bao_name\" does not map to an entity name", "unmapped_class_to_entity", array( |
| 1105 | 'class_name' => $bao_name, |
| 1106 | )); |
| 1107 | } |
| 1108 | $hook = empty($params['id']) ? 'create' : 'edit'; |
| 1109 | |
| 1110 | CRM_Utils_Hook::pre($hook, $entityName, CRM_Utils_Array::value('id', $params), $params); |
| 1111 | $instance = new $dao_name(); |
| 1112 | $instance->copyValues($params); |
| 1113 | $instance->save(); |
| 1114 | CRM_Utils_Hook::post($hook, $entityName, $instance->id, $instance); |
| 1115 | |
| 1116 | return $instance; |
| 1117 | } |
| 1118 | |
| 1119 | /** |
| 1120 | * Function to do a 'standard' api del - when the api is only doing a $bao::del then use this |
| 1121 | * if api::del doesn't exist it will try DAO delete method |
| 1122 | * |
| 1123 | * @param $bao_name |
| 1124 | * @param $params |
| 1125 | * |
| 1126 | * @return array API result array |
| 1127 | * @throws API_Exception |
| 1128 | */ |
| 1129 | function _civicrm_api3_basic_delete($bao_name, &$params) { |
| 1130 | |
| 1131 | civicrm_api3_verify_mandatory($params, NULL, array('id')); |
| 1132 | $args = array(&$params['id']); |
| 1133 | if (method_exists($bao_name, 'del')) { |
| 1134 | $bao = call_user_func_array(array($bao_name, 'del'), $args); |
| 1135 | if ($bao !== FALSE) { |
| 1136 | return civicrm_api3_create_success(TRUE); |
| 1137 | } |
| 1138 | throw new API_Exception('Could not delete entity id ' . $params['id']); |
| 1139 | } |
| 1140 | elseif (method_exists($bao_name, 'delete')) { |
| 1141 | $dao = new $bao_name(); |
| 1142 | $dao->id = $params['id']; |
| 1143 | if ($dao->find()) { |
| 1144 | while ($dao->fetch()) { |
| 1145 | $dao->delete(); |
| 1146 | return civicrm_api3_create_success(); |
| 1147 | } |
| 1148 | } |
| 1149 | else { |
| 1150 | throw new API_Exception('Could not delete entity id ' . $params['id']); |
| 1151 | } |
| 1152 | } |
| 1153 | |
| 1154 | throw new API_Exception('no delete method found'); |
| 1155 | } |
| 1156 | |
| 1157 | /** |
| 1158 | * Get custom data for the given entity & Add it to the returnArray as 'custom_123' = 'custom string' AND 'custom_123_1' = 'custom string' |
| 1159 | * Where 123 is field value & 1 is the id within the custom group data table (value ID) |
| 1160 | * |
| 1161 | * @param array $returnArray - array to append custom data too - generally $result[4] where 4 is the entity id. |
| 1162 | * @param string $entity e.g membership, event |
| 1163 | * @param $entity_id |
| 1164 | * @param int $groupID - per CRM_Core_BAO_CustomGroup::getTree |
| 1165 | * @param int $subType e.g. membership_type_id where custom data doesn't apply to all membership types |
| 1166 | * @param string $subName - Subtype of entity |
| 1167 | */ |
| 1168 | function _civicrm_api3_custom_data_get(&$returnArray, $entity, $entity_id, $groupID = NULL, $subType = NULL, $subName = NULL) { |
| 1169 | $groupTree = CRM_Core_BAO_CustomGroup::getTree($entity, |
| 1170 | CRM_Core_DAO::$_nullObject, |
| 1171 | $entity_id, |
| 1172 | $groupID, |
| 1173 | $subType, |
| 1174 | $subName |
| 1175 | ); |
| 1176 | $groupTree = CRM_Core_BAO_CustomGroup::formatGroupTree($groupTree, 1, CRM_Core_DAO::$_nullObject); |
| 1177 | $customValues = array(); |
| 1178 | CRM_Core_BAO_CustomGroup::setDefaults($groupTree, $customValues); |
| 1179 | $fieldInfo = array(); |
| 1180 | foreach ($groupTree as $set) { |
| 1181 | $fieldInfo += $set['fields']; |
| 1182 | } |
| 1183 | if (!empty($customValues)) { |
| 1184 | foreach ($customValues as $key => $val) { |
| 1185 | // per standard - return custom_fieldID |
| 1186 | $id = CRM_Core_BAO_CustomField::getKeyID($key); |
| 1187 | $returnArray['custom_' . $id] = $val; |
| 1188 | |
| 1189 | //not standard - but some api did this so guess we should keep - cheap as chips |
| 1190 | $returnArray[$key] = $val; |
| 1191 | |
| 1192 | // Shim to restore legacy behavior of ContactReference custom fields |
| 1193 | if (!empty($fieldInfo[$id]) && $fieldInfo[$id]['data_type'] == 'ContactReference') { |
| 1194 | $returnArray['custom_' . $id . '_id'] = $returnArray[$key . '_id'] = $val; |
| 1195 | $returnArray['custom_' . $id] = $returnArray[$key] = CRM_Core_DAO::getFieldValue('CRM_Contact_DAO_Contact', $val, 'sort_name'); |
| 1196 | } |
| 1197 | } |
| 1198 | } |
| 1199 | } |
| 1200 | |
| 1201 | /** |
| 1202 | * Validate fields being passed into API. This function relies on the getFields function working accurately |
| 1203 | * for the given API. If error mode is set to TRUE then it will also check |
| 1204 | * foreign keys |
| 1205 | * |
| 1206 | * As of writing only date was implemented. |
| 1207 | * @param string $entity |
| 1208 | * @param string $action |
| 1209 | * @param array $params - |
| 1210 | * @param array $fields response from getfields all variables are the same as per civicrm_api |
| 1211 | * @param bool $errorMode errorMode do intensive post fail checks? |
| 1212 | * @throws Exception |
| 1213 | */ |
| 1214 | function _civicrm_api3_validate_fields($entity, $action, &$params, $fields, $errorMode = False) { |
| 1215 | $fields = array_intersect_key($fields, $params); |
| 1216 | foreach ($fields as $fieldName => $fieldInfo) { |
| 1217 | switch (CRM_Utils_Array::value('type', $fieldInfo)) { |
| 1218 | case CRM_Utils_Type::T_INT: |
| 1219 | //field is of type integer |
| 1220 | _civicrm_api3_validate_integer($params, $fieldName, $fieldInfo, $entity); |
| 1221 | break; |
| 1222 | |
| 1223 | case 4: |
| 1224 | case 12: |
| 1225 | //field is of type date or datetime |
| 1226 | _civicrm_api3_validate_date($params, $fieldName, $fieldInfo); |
| 1227 | break; |
| 1228 | |
| 1229 | case 32://blob |
| 1230 | _civicrm_api3_validate_html($params, $fieldName, $fieldInfo); |
| 1231 | break; |
| 1232 | |
| 1233 | case CRM_Utils_Type::T_STRING: |
| 1234 | _civicrm_api3_validate_string($params, $fieldName, $fieldInfo, $entity); |
| 1235 | break; |
| 1236 | |
| 1237 | case CRM_Utils_Type::T_MONEY: |
| 1238 | if (!CRM_Utils_Rule::money($params[$fieldName]) && !empty($params[$fieldName])) { |
| 1239 | throw new Exception($fieldName . " is not a valid amount: " . $params[$fieldName]); |
| 1240 | } |
| 1241 | } |
| 1242 | |
| 1243 | // intensive checks - usually only called after DB level fail |
| 1244 | if (!empty($errorMode) && strtolower($action) == 'create') { |
| 1245 | if (!empty($fieldInfo['FKClassName'])) { |
| 1246 | if (!empty($params[$fieldName])) { |
| 1247 | _civicrm_api3_validate_constraint($params, $fieldName, $fieldInfo); |
| 1248 | } |
| 1249 | elseif (!empty($fieldInfo['required'])) { |
| 1250 | throw new Exception("DB Constraint Violation - possibly $fieldName should possibly be marked as mandatory for this API. If so, please raise a bug report"); |
| 1251 | } |
| 1252 | } |
| 1253 | if (!empty($fieldInfo['api.unique'])) { |
| 1254 | $params['entity'] = $entity; |
| 1255 | _civicrm_api3_validate_uniquekey($params, $fieldName, $fieldInfo); |
| 1256 | } |
| 1257 | } |
| 1258 | } |
| 1259 | } |
| 1260 | |
| 1261 | /** |
| 1262 | * Validate date fields being passed into API. |
| 1263 | * It currently converts both unique fields and DB field names to a mysql date. |
| 1264 | * @todo - probably the unique field handling & the if exists handling is now done before this |
| 1265 | * function is reached in the wrapper - can reduce this code down to assume we |
| 1266 | * are only checking the passed in field |
| 1267 | * |
| 1268 | * It also checks against the RULE:date function. This is a centralisation of code that was scattered and |
| 1269 | * may not be the best thing to do. There is no code level documentation on the existing functions to work off |
| 1270 | * |
| 1271 | * @param array $params params from civicrm_api |
| 1272 | * @param string $fieldName uniquename of field being checked |
| 1273 | * @param $fieldInfo |
| 1274 | * @throws Exception |
| 1275 | * @internal param array $fieldinfo array of fields from getfields function |
| 1276 | */ |
| 1277 | function _civicrm_api3_validate_date(&$params, &$fieldName, &$fieldInfo) { |
| 1278 | //should we check first to prevent it from being copied if they have passed in sql friendly format? |
| 1279 | if (!empty($params[$fieldInfo['name']])) { |
| 1280 | //accept 'whatever strtotime accepts |
| 1281 | if (strtotime($params[$fieldInfo['name']]) === FALSE) { |
| 1282 | throw new Exception($fieldInfo['name'] . " is not a valid date: " . $params[$fieldInfo['name']]); |
| 1283 | } |
| 1284 | $format = ($fieldInfo['type'] == CRM_Utils_Type::T_DATE) ? 'Ymd000000' : 'YmdHis'; |
| 1285 | $params[$fieldInfo['name']] = CRM_Utils_Date::processDate($params[$fieldInfo['name']], NULL, FALSE, $format); |
| 1286 | } |
| 1287 | if ((CRM_Utils_Array::value('name', $fieldInfo) != $fieldName) && !empty($params[$fieldName])) { |
| 1288 | //If the unique field name differs from the db name & is set handle it here |
| 1289 | if (strtotime($params[$fieldName]) === FALSE) { |
| 1290 | throw new Exception($fieldName . " is not a valid date: " . $params[$fieldName]); |
| 1291 | } |
| 1292 | $params[$fieldName] = CRM_Utils_Date::processDate($params[$fieldName]); |
| 1293 | } |
| 1294 | } |
| 1295 | |
| 1296 | /** |
| 1297 | * Validate foreign constraint fields being passed into API. |
| 1298 | * |
| 1299 | * @param array $params params from civicrm_api |
| 1300 | * @param string $fieldName uniquename of field being checked |
| 1301 | * @param $fieldInfo |
| 1302 | * @throws Exception |
| 1303 | * @internal param array $fieldinfo array of fields from getfields function |
| 1304 | */ |
| 1305 | function _civicrm_api3_validate_constraint(&$params, &$fieldName, &$fieldInfo) { |
| 1306 | $dao = new $fieldInfo['FKClassName']; |
| 1307 | $dao->id = $params[$fieldName]; |
| 1308 | $dao->selectAdd(); |
| 1309 | $dao->selectAdd('id'); |
| 1310 | if (!$dao->find()) { |
| 1311 | throw new Exception("$fieldName is not valid : " . $params[$fieldName]); |
| 1312 | } |
| 1313 | } |
| 1314 | |
| 1315 | /** |
| 1316 | * Validate foreign constraint fields being passed into API. |
| 1317 | * |
| 1318 | * @param array $params params from civicrm_api |
| 1319 | * @param string $fieldName uniquename of field being checked |
| 1320 | * @param $fieldInfo |
| 1321 | * @throws Exception |
| 1322 | * @internal param array $fieldinfo array of fields from getfields function |
| 1323 | */ |
| 1324 | function _civicrm_api3_validate_uniquekey(&$params, &$fieldName, &$fieldInfo) { |
| 1325 | $existing = civicrm_api($params['entity'], 'get', array( |
| 1326 | 'version' => $params['version'], |
| 1327 | $fieldName => $params[$fieldName], |
| 1328 | )); |
| 1329 | // an entry already exists for this unique field |
| 1330 | if ($existing['count'] == 1) { |
| 1331 | // question - could this ever be a security issue? |
| 1332 | throw new API_Exception("Field: `$fieldName` must be unique. An conflicting entity already exists - id: " . $existing['id']); |
| 1333 | } |
| 1334 | } |
| 1335 | |
| 1336 | /** |
| 1337 | * Generic implementation of the "replace" action. |
| 1338 | * |
| 1339 | * Replace the old set of entities (matching some given keys) with a new set of |
| 1340 | * entities (matching the same keys). |
| 1341 | * |
| 1342 | * Note: This will verify that 'values' is present, but it does not directly verify |
| 1343 | * any other parameters. |
| 1344 | * |
| 1345 | * @param string $entity entity name |
| 1346 | * @param array $params params from civicrm_api, including: |
| 1347 | * - 'values': an array of records to save |
| 1348 | * - all other items: keys which identify new/pre-existing records |
| 1349 | * @return array|int |
| 1350 | */ |
| 1351 | function _civicrm_api3_generic_replace($entity, $params) { |
| 1352 | |
| 1353 | $transaction = new CRM_Core_Transaction(); |
| 1354 | try { |
| 1355 | if (!is_array($params['values'])) { |
| 1356 | throw new Exception("Mandatory key(s) missing from params array: values"); |
| 1357 | } |
| 1358 | |
| 1359 | // Extract the keys -- somewhat scary, don't think too hard about it |
| 1360 | $baseParams = _civicrm_api3_generic_replace_base_params($params); |
| 1361 | |
| 1362 | // Lookup pre-existing records |
| 1363 | $preexisting = civicrm_api($entity, 'get', $baseParams, $params); |
| 1364 | if (civicrm_error($preexisting)) { |
| 1365 | $transaction->rollback(); |
| 1366 | return $preexisting; |
| 1367 | } |
| 1368 | |
| 1369 | // Save the new/updated records |
| 1370 | $creates = array(); |
| 1371 | foreach ($params['values'] as $replacement) { |
| 1372 | // Sugar: Don't force clients to duplicate the 'key' data |
| 1373 | $replacement = array_merge($baseParams, $replacement); |
| 1374 | $action = (isset($replacement['id']) || isset($replacement[$entity . '_id'])) ? 'update' : 'create'; |
| 1375 | $create = civicrm_api($entity, $action, $replacement); |
| 1376 | if (civicrm_error($create)) { |
| 1377 | $transaction->rollback(); |
| 1378 | return $create; |
| 1379 | } |
| 1380 | foreach ($create['values'] as $entity_id => $entity_value) { |
| 1381 | $creates[$entity_id] = $entity_value; |
| 1382 | } |
| 1383 | } |
| 1384 | |
| 1385 | // Remove stale records |
| 1386 | $staleIDs = array_diff( |
| 1387 | array_keys($preexisting['values']), |
| 1388 | array_keys($creates) |
| 1389 | ); |
| 1390 | foreach ($staleIDs as $staleID) { |
| 1391 | $delete = civicrm_api($entity, 'delete', array( |
| 1392 | 'version' => $params['version'], |
| 1393 | 'id' => $staleID, |
| 1394 | )); |
| 1395 | if (civicrm_error($delete)) { |
| 1396 | $transaction->rollback(); |
| 1397 | return $delete; |
| 1398 | } |
| 1399 | } |
| 1400 | |
| 1401 | return civicrm_api3_create_success($creates, $params); |
| 1402 | } |
| 1403 | catch(PEAR_Exception $e) { |
| 1404 | $transaction->rollback(); |
| 1405 | return civicrm_api3_create_error($e->getMessage()); |
| 1406 | } |
| 1407 | catch(Exception $e) { |
| 1408 | $transaction->rollback(); |
| 1409 | return civicrm_api3_create_error($e->getMessage()); |
| 1410 | } |
| 1411 | } |
| 1412 | |
| 1413 | /** |
| 1414 | * @param $params |
| 1415 | * |
| 1416 | * @return mixed |
| 1417 | */ |
| 1418 | function _civicrm_api3_generic_replace_base_params($params) { |
| 1419 | $baseParams = $params; |
| 1420 | unset($baseParams['values']); |
| 1421 | unset($baseParams['sequential']); |
| 1422 | unset($baseParams['options']); |
| 1423 | return $baseParams; |
| 1424 | } |
| 1425 | |
| 1426 | /** |
| 1427 | * returns fields allowable by api |
| 1428 | * |
| 1429 | * @param $entity string Entity to query |
| 1430 | * @param bool $unique index by unique fields? |
| 1431 | * @param array $params |
| 1432 | * |
| 1433 | * @return array |
| 1434 | */ |
| 1435 | function _civicrm_api_get_fields($entity, $unique = FALSE, &$params = array()) { |
| 1436 | $unsetIfEmpty = array('dataPattern', 'headerPattern', 'default', 'export', 'import'); |
| 1437 | $dao = _civicrm_api3_get_DAO($entity); |
| 1438 | if (empty($dao)) { |
| 1439 | return array(); |
| 1440 | } |
| 1441 | $d = new $dao(); |
| 1442 | $fields = $d->fields(); |
| 1443 | // replace uniqueNames by the normal names as the key |
| 1444 | if (empty($unique)) { |
| 1445 | foreach ($fields as $name => & $field) { |
| 1446 | //getting rid of unused attributes |
| 1447 | foreach ($unsetIfEmpty as $attr) { |
| 1448 | if (empty($field[$attr])) { |
| 1449 | unset($field[$attr]); |
| 1450 | } |
| 1451 | } |
| 1452 | if ($name == $field['name']) { |
| 1453 | continue; |
| 1454 | } |
| 1455 | if (array_key_exists($field['name'], $fields)) { |
| 1456 | $field['error'] = 'name conflict'; |
| 1457 | // it should never happen, but better safe than sorry |
| 1458 | continue; |
| 1459 | } |
| 1460 | $fields[$field['name']] = $field; |
| 1461 | $fields[$field['name']]['uniqueName'] = $name; |
| 1462 | unset($fields[$name]); |
| 1463 | } |
| 1464 | } |
| 1465 | $fields += _civicrm_api_get_custom_fields($entity, $params); |
| 1466 | return $fields; |
| 1467 | } |
| 1468 | |
| 1469 | /** |
| 1470 | * Return an array of fields for a given entity - this is the same as the BAO function but |
| 1471 | * fields are prefixed with 'custom_' to represent api params |
| 1472 | */ |
| 1473 | function _civicrm_api_get_custom_fields($entity, &$params) { |
| 1474 | $customfields = array(); |
| 1475 | $entity = _civicrm_api_get_camel_name($entity); |
| 1476 | if (strtolower($entity) == 'contact') { |
| 1477 | // Use sub-type if available, otherwise stick with 'Contact' |
| 1478 | $entity = CRM_Utils_Array::value('contact_type', $params); |
| 1479 | } |
| 1480 | $retrieveOnlyParent = FALSE; |
| 1481 | // we could / should probably test for other subtypes here - e.g. activity_type_id |
| 1482 | if($entity == 'Contact'){ |
| 1483 | empty($params['contact_sub_type']); |
| 1484 | } |
| 1485 | $customfields = CRM_Core_BAO_CustomField::getFields($entity, |
| 1486 | FALSE, |
| 1487 | FALSE, |
| 1488 | CRM_Utils_Array::value('contact_sub_type', $params, FALSE), |
| 1489 | NULL, |
| 1490 | $retrieveOnlyParent, |
| 1491 | FALSE, |
| 1492 | FALSE |
| 1493 | ); |
| 1494 | |
| 1495 | $ret = array(); |
| 1496 | |
| 1497 | foreach ($customfields as $key => $value) { |
| 1498 | // Regular fields have a 'name' property |
| 1499 | $value['name'] = 'custom_' . $key; |
| 1500 | $value['title'] = $value['label']; |
| 1501 | $value['type'] = _getStandardTypeFromCustomDataType($value['data_type']); |
| 1502 | $ret['custom_' . $key] = $value; |
| 1503 | } |
| 1504 | return $ret; |
| 1505 | } |
| 1506 | /** |
| 1507 | * Translate the custom field data_type attribute into a std 'type' |
| 1508 | */ |
| 1509 | function _getStandardTypeFromCustomDataType($dataType) { |
| 1510 | $mapping = array( |
| 1511 | 'String' => CRM_Utils_Type::T_STRING, |
| 1512 | 'Int' => CRM_Utils_Type::T_INT, |
| 1513 | 'Money' => CRM_Utils_Type::T_MONEY, |
| 1514 | 'Memo' => CRM_Utils_Type::T_LONGTEXT, |
| 1515 | 'Float' => CRM_Utils_Type::T_FLOAT, |
| 1516 | 'Date' => CRM_Utils_Type::T_DATE, |
| 1517 | 'Boolean' => CRM_Utils_Type::T_BOOLEAN, |
| 1518 | 'StateProvince' => CRM_Utils_Type::T_INT, |
| 1519 | 'File' => CRM_Utils_Type::T_STRING, |
| 1520 | 'Link' => CRM_Utils_Type::T_STRING, |
| 1521 | 'ContactReference' => CRM_Utils_Type::T_INT, |
| 1522 | 'Country' => CRM_Utils_Type::T_INT, |
| 1523 | ); |
| 1524 | return $mapping[$dataType]; |
| 1525 | } |
| 1526 | |
| 1527 | |
| 1528 | /** |
| 1529 | * Fill params array with alternate (alias) values where a field has an alias and that is filled & the main field isn't |
| 1530 | * If multiple aliases the last takes precedence |
| 1531 | * |
| 1532 | * Function also swaps unique fields for non-unique fields & vice versa. |
| 1533 | */ |
| 1534 | function _civicrm_api3_swap_out_aliases(&$apiRequest, $fields) { |
| 1535 | foreach ($fields as $field => $values) { |
| 1536 | $uniqueName = CRM_Utils_Array::value('uniqueName', $values); |
| 1537 | if (!empty($values['api.aliases'])) { |
| 1538 | // if aliased field is not set we try to use field alias |
| 1539 | if (!isset($apiRequest['params'][$field])) { |
| 1540 | foreach ($values['api.aliases'] as $alias) { |
| 1541 | if (isset($apiRequest['params'][$alias])) { |
| 1542 | $apiRequest['params'][$field] = $apiRequest['params'][$alias]; |
| 1543 | } |
| 1544 | //unset original field nb - need to be careful with this as it may bring inconsistencies |
| 1545 | // out of the woodwork but will be implementing only as _spec function extended |
| 1546 | unset($apiRequest['params'][$alias]); |
| 1547 | } |
| 1548 | } |
| 1549 | } |
| 1550 | if (!isset($apiRequest['params'][$field]) && !empty($values['name']) && $field != $values['name'] |
| 1551 | && isset($apiRequest['params'][$values['name']]) |
| 1552 | ) { |
| 1553 | $apiRequest['params'][$field] = $apiRequest['params'][$values['name']]; |
| 1554 | // note that it would make sense to unset the original field here but tests need to be in place first |
| 1555 | } |
| 1556 | if (!isset($apiRequest['params'][$field]) |
| 1557 | && $uniqueName |
| 1558 | && $field != $uniqueName |
| 1559 | && array_key_exists($uniqueName, $apiRequest['params']) |
| 1560 | ) |
| 1561 | { |
| 1562 | $apiRequest['params'][$field] = CRM_Utils_Array::value($values['uniqueName'], $apiRequest['params']); |
| 1563 | // note that it would make sense to unset the original field here but tests need to be in place first |
| 1564 | } |
| 1565 | } |
| 1566 | |
| 1567 | } |
| 1568 | |
| 1569 | /** |
| 1570 | * Validate integer fields being passed into API. |
| 1571 | * It currently converts the incoming value 'user_contact_id' into the id of the currenty logged in user |
| 1572 | * |
| 1573 | * @param array $params params from civicrm_api |
| 1574 | * @param string $fieldName uniquename of field being checked |
| 1575 | * @param $fieldInfo |
| 1576 | * @param $entity |
| 1577 | * @throws API_Exception |
| 1578 | * @internal param array $fieldinfo array of fields from getfields function |
| 1579 | */ |
| 1580 | function _civicrm_api3_validate_integer(&$params, &$fieldName, &$fieldInfo, $entity) { |
| 1581 | if (!empty($params[$fieldName])) { |
| 1582 | // if value = 'user_contact_id' (or similar), replace value with contact id |
| 1583 | if (!is_numeric($params[$fieldName]) && is_scalar($params[$fieldName])) { |
| 1584 | $realContactId = _civicrm_api3_resolve_contactID($params[$fieldName]); |
| 1585 | if ('unknown-user' === $realContactId) { |
| 1586 | throw new API_Exception("\"$fieldName\" \"{$params[$fieldName]}\" cannot be resolved to a contact ID", 2002, array('error_field' => $fieldName,"type"=>"integer")); |
| 1587 | } elseif (is_numeric($realContactId)) { |
| 1588 | $params[$fieldName] = $realContactId; |
| 1589 | } |
| 1590 | } |
| 1591 | if (!empty($fieldInfo['pseudoconstant']) || !empty($fieldInfo['options'])) { |
| 1592 | _civicrm_api3_api_match_pseudoconstant($params, $entity, $fieldName, $fieldInfo); |
| 1593 | } |
| 1594 | |
| 1595 | // After swapping options, ensure we have an integer(s) |
| 1596 | foreach ((array) ($params[$fieldName]) as $value) { |
| 1597 | if ($value && !is_numeric($value) && $value !== 'null' && !is_array($value)) { |
| 1598 | throw new API_Exception("$fieldName is not a valid integer", 2001, array('error_field' => $fieldName, "type" => "integer")); |
| 1599 | } |
| 1600 | } |
| 1601 | |
| 1602 | // Check our field length |
| 1603 | if(is_string($params[$fieldName]) && !empty($fieldInfo['maxlength']) && strlen($params[$fieldName]) > $fieldInfo['maxlength'] |
| 1604 | ){ |
| 1605 | throw new API_Exception( $params[$fieldName] . " is " . strlen($params[$fieldName]) . " characters - longer than $fieldName length" . $fieldInfo['maxlength'] . ' characters', |
| 1606 | 2100, array('field' => $fieldName, "max_length"=>$fieldInfo['maxlength']) |
| 1607 | ); |
| 1608 | } |
| 1609 | } |
| 1610 | } |
| 1611 | |
| 1612 | /** |
| 1613 | * Determine a contact ID using a string expression |
| 1614 | * |
| 1615 | * @param string $contactIdExpr e.g. "user_contact_id" or "@user:username" |
| 1616 | * @return int|NULL|'unknown-user' |
| 1617 | */ |
| 1618 | function _civicrm_api3_resolve_contactID($contactIdExpr) { |
| 1619 | //if value = 'user_contact_id' replace value with logged in user id |
| 1620 | if ($contactIdExpr == "user_contact_id") { |
| 1621 | return CRM_Core_Session::getLoggedInContactID(); |
| 1622 | } |
| 1623 | elseif (preg_match('/^@user:(.*)$/', $contactIdExpr, $matches)) { |
| 1624 | $config = CRM_Core_Config::singleton(); |
| 1625 | |
| 1626 | $ufID = $config->userSystem->getUfId($matches[1]); |
| 1627 | if (!$ufID) { |
| 1628 | return 'unknown-user'; |
| 1629 | } |
| 1630 | |
| 1631 | $contactID = CRM_Core_BAO_UFMatch::getContactId($ufID); |
| 1632 | if (!$contactID) { |
| 1633 | return 'unknown-user'; |
| 1634 | } |
| 1635 | |
| 1636 | return $contactID; |
| 1637 | } |
| 1638 | return NULL; |
| 1639 | } |
| 1640 | |
| 1641 | /** |
| 1642 | * Validate html (check for scripting attack) |
| 1643 | * @param $params |
| 1644 | * @param $fieldName |
| 1645 | * @param $fieldInfo |
| 1646 | * |
| 1647 | * @throws API_Exception |
| 1648 | */ |
| 1649 | function _civicrm_api3_validate_html(&$params, &$fieldName, &$fieldInfo) { |
| 1650 | if ($value = CRM_Utils_Array::value($fieldName, $params)) { |
| 1651 | if (!CRM_Utils_Rule::xssString($value)) { |
| 1652 | throw new API_Exception('Illegal characters in input (potential scripting attack)', array("field"=>$fieldName,"error_code"=>"xss")); |
| 1653 | } |
| 1654 | } |
| 1655 | } |
| 1656 | |
| 1657 | /** |
| 1658 | * Validate string fields being passed into API. |
| 1659 | * @param array $params params from civicrm_api |
| 1660 | * @param string $fieldName uniquename of field being checked |
| 1661 | * @param $fieldInfo |
| 1662 | * @param $entity |
| 1663 | * @throws API_Exception |
| 1664 | * @throws Exception |
| 1665 | * @internal param array $fieldinfo array of fields from getfields function |
| 1666 | */ |
| 1667 | function _civicrm_api3_validate_string(&$params, &$fieldName, &$fieldInfo, $entity) { |
| 1668 | // If fieldname exists in params |
| 1669 | $value = CRM_Utils_Array::value($fieldName, $params, ''); |
| 1670 | if(!is_array($value)){ |
| 1671 | $value = (string) $value; |
| 1672 | } |
| 1673 | else{ |
| 1674 | //@todo what do we do about passed in arrays. For many of these fields |
| 1675 | // the missing piece of functionality is separating them to a separated string |
| 1676 | // & many save incorrectly. But can we change them wholesale? |
| 1677 | } |
| 1678 | if ($value ) { |
| 1679 | if (!CRM_Utils_Rule::xssString($value)) { |
| 1680 | throw new Exception('Illegal characters in input (potential scripting attack)'); |
| 1681 | } |
| 1682 | if ($fieldName == 'currency') { |
| 1683 | if (!CRM_Utils_Rule::currencyCode($value)) { |
| 1684 | throw new Exception("Currency not a valid code: $value"); |
| 1685 | } |
| 1686 | } |
| 1687 | if (!empty($fieldInfo['pseudoconstant']) || !empty($fieldInfo['options'])) { |
| 1688 | _civicrm_api3_api_match_pseudoconstant($params, $entity, $fieldName, $fieldInfo); |
| 1689 | } |
| 1690 | // Check our field length |
| 1691 | elseif (is_string($value) && !empty($fieldInfo['maxlength']) && strlen($value) > $fieldInfo['maxlength']) { |
| 1692 | throw new API_Exception("Value for $fieldName is " . strlen($value) . " characters - This field has a maxlength of {$fieldInfo['maxlength']} characters.", |
| 1693 | 2100, array('field' => $fieldName) |
| 1694 | ); |
| 1695 | } |
| 1696 | } |
| 1697 | } |
| 1698 | |
| 1699 | /** |
| 1700 | * Validate & swap out any pseudoconstants / options |
| 1701 | * |
| 1702 | * @param $params: api parameters |
| 1703 | * @param $entity: api entity name |
| 1704 | * @param $fieldName: field name used in api call (not necessarily the canonical name) |
| 1705 | * @param $fieldInfo: getfields meta-data |
| 1706 | */ |
| 1707 | function _civicrm_api3_api_match_pseudoconstant(&$params, $entity, $fieldName, $fieldInfo) { |
| 1708 | $options = CRM_Utils_Array::value('options', $fieldInfo); |
| 1709 | if (!$options) { |
| 1710 | if(strtolower($entity) == 'profile' && !empty($fieldInfo['entity'])) { |
| 1711 | // we need to get the options from the entity the field relates to |
| 1712 | $entity = $fieldInfo['entity']; |
| 1713 | } |
| 1714 | $options = civicrm_api($entity, 'getoptions', array('version' => 3, 'field' => $fieldInfo['name'], 'context' => 'validate')); |
| 1715 | $options = CRM_Utils_Array::value('values', $options, array()); |
| 1716 | } |
| 1717 | |
| 1718 | // If passed a value-separated string, explode to an array, then re-implode after matching values |
| 1719 | $implode = FALSE; |
| 1720 | if (is_string($params[$fieldName]) && strpos($params[$fieldName], CRM_Core_DAO::VALUE_SEPARATOR) !== FALSE) { |
| 1721 | $params[$fieldName] = CRM_Utils_Array::explodePadded($params[$fieldName]); |
| 1722 | $implode = TRUE; |
| 1723 | } |
| 1724 | // If passed multiple options, validate each |
| 1725 | if (is_array($params[$fieldName])) { |
| 1726 | foreach ($params[$fieldName] as &$value) { |
| 1727 | if (!is_array($value)) { |
| 1728 | _civicrm_api3_api_match_pseudoconstant_value($value, $options, $fieldName); |
| 1729 | } |
| 1730 | } |
| 1731 | // TODO: unwrap the call to implodePadded from the conditional and do it always |
| 1732 | // need to verify that this is safe and doesn't break anything though. |
| 1733 | // Better yet would be to leave it as an array and ensure that every dao/bao can handle array input |
| 1734 | if ($implode) { |
| 1735 | CRM_Utils_Array::implodePadded($params[$fieldName]); |
| 1736 | } |
| 1737 | } |
| 1738 | else { |
| 1739 | _civicrm_api3_api_match_pseudoconstant_value($params[$fieldName], $options, $fieldName); |
| 1740 | } |
| 1741 | } |
| 1742 | |
| 1743 | /** |
| 1744 | * Validate & swap a single option value for a field |
| 1745 | * |
| 1746 | * @param $value: field value |
| 1747 | * @param $options: array of options for this field |
| 1748 | * @param $fieldName: field name used in api call (not necessarily the canonical name) |
| 1749 | * @throws API_Exception |
| 1750 | */ |
| 1751 | function _civicrm_api3_api_match_pseudoconstant_value(&$value, $options, $fieldName) { |
| 1752 | // If option is a key, no need to translate |
| 1753 | if (array_key_exists($value, $options)) { |
| 1754 | return; |
| 1755 | } |
| 1756 | |
| 1757 | // Translate value into key |
| 1758 | $newValue = array_search($value, $options); |
| 1759 | if ($newValue !== FALSE) { |
| 1760 | $value = $newValue; |
| 1761 | return; |
| 1762 | } |
| 1763 | // Case-insensitive matching |
| 1764 | $newValue = strtolower($value); |
| 1765 | $options = array_map("strtolower", $options); |
| 1766 | $newValue = array_search($newValue, $options); |
| 1767 | if ($newValue === FALSE) { |
| 1768 | throw new API_Exception("'$value' is not a valid option for field $fieldName", 2001, array('error_field' => $fieldName)); |
| 1769 | } |
| 1770 | $value = $newValue; |
| 1771 | } |
| 1772 | |
| 1773 | /** |
| 1774 | * Returns the canonical name of a field |
| 1775 | * |
| 1776 | * @param $entity : api entity name (string should already be standardized - no camelCase) |
| 1777 | * @param $fieldName : any variation of a field's name (name, unique_name, api.alias) |
| 1778 | * |
| 1779 | * @return bool|string (string|bool) fieldName or FALSE if the field does not exist |
| 1780 | */ |
| 1781 | function _civicrm_api3_api_resolve_alias($entity, $fieldName) { |
| 1782 | if (strpos($fieldName, 'custom_') === 0 && is_numeric($fieldName[7])) { |
| 1783 | return $fieldName; |
| 1784 | } |
| 1785 | if ($fieldName == "{$entity}_id") { |
| 1786 | return 'id'; |
| 1787 | } |
| 1788 | $result = civicrm_api($entity, 'getfields', array( |
| 1789 | 'version' => 3, |
| 1790 | 'action' => 'create', |
| 1791 | )); |
| 1792 | $meta = $result['values']; |
| 1793 | if (!isset($meta[$fieldName]['name']) && isset($meta[$fieldName . '_id'])) { |
| 1794 | $fieldName = $fieldName . '_id'; |
| 1795 | } |
| 1796 | if (isset($meta[$fieldName])) { |
| 1797 | return $meta[$fieldName]['name']; |
| 1798 | } |
| 1799 | foreach ($meta as $info) { |
| 1800 | if ($fieldName == CRM_Utils_Array::value('uniqueName', $info)) { |
| 1801 | return $info['name']; |
| 1802 | } |
| 1803 | if (array_search($fieldName, CRM_Utils_Array::value('api.aliases', $info, array())) !== FALSE) { |
| 1804 | return $info['name']; |
| 1805 | } |
| 1806 | } |
| 1807 | return FALSE; |
| 1808 | } |