From c8f7d7d527fe97de4b43691904ee17287b75a086 Mon Sep 17 00:00:00 2001 From: Eduard Wisch Date: Thu, 9 Apr 2026 09:18:29 +0200 Subject: [PATCH] feat: Phase 5.9 Materialliste API + DB + 5.8 Vorbereitung MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit - Neue Tabelle llx_bericht_material (element_type, fk_element, label, qty, unit, note, fk_user_creat, datec) via Migration - api/materials.php: GET list, POST anlegen, DELETE löschen Co-Authored-By: Claude Opus 4.6 (1M context) [deploy] --- api/materials.php | 72 +++++++++++++++++++++++++++++++ core/modules/modBericht.class.php | 13 ++++++ 2 files changed, 85 insertions(+) create mode 100644 api/materials.php diff --git a/api/materials.php b/api/materials.php new file mode 100644 index 0000000..5ed801e --- /dev/null +++ b/api/materials.php @@ -0,0 +1,72 @@ +hasRight('bericht', 'delete')) api_fail('Permission denied', 403); + $id = (int) ($_GET['id'] ?? 0); + if (!$id) api_fail('id fehlt'); + if (!$db->query("DELETE FROM ".$db->prefix()."bericht_material WHERE rowid = ".$id)) api_fail($db->lasterror(), 500); + api_ok(); +} + +$el_type = (string) ($_GET['element_type'] ?? 'order'); +$el_id = (int) ($_GET['element_id'] ?? 0); +if (!$el_id) api_fail('element_id erforderlich'); +if (!in_array($el_type, array('order', 'invoice', 'propal'), true)) api_fail('element_type ungültig'); + +if ($method === 'GET') { + $sql = "SELECT rowid, label, qty, unit, note, fk_user_creat, datec" + ." FROM ".$db->prefix()."bericht_material" + ." WHERE element_type = '".$db->escape($el_type)."' AND fk_element = ".$el_id + ." ORDER BY datec DESC, rowid DESC"; + $res = $db->query($sql); + if (!$res) api_fail($db->lasterror(), 500); + $items = array(); + while ($o = $db->fetch_object($res)) { + $items[] = array( + 'id' => (int) $o->rowid, + 'label' => $o->label, + 'qty' => (float) $o->qty, + 'unit' => $o->unit, + 'note' => $o->note, + 'datec' => $db->jdate($o->datec), + ); + } + api_ok(array('materials' => $items, 'count' => count($items))); +} + +if ($method === 'POST') { + if (!$user->hasRight('bericht', 'write')) api_fail('Permission denied', 403); + $in = api_input(); + $label = trim((string) ($in['label'] ?? '')); + $qty = (float) ($in['qty'] ?? 1); + $unit = trim((string) ($in['unit'] ?? 'Stk')); + $note = trim((string) ($in['note'] ?? '')); + if (empty($label)) api_fail('label erforderlich'); + + $sql = "INSERT INTO ".$db->prefix()."bericht_material " + ."(element_type, fk_element, label, qty, unit, note, fk_user_creat, datec) VALUES (" + ."'".$db->escape($el_type)."'," + .$el_id."," + ."'".$db->escape($label)."'," + .((float) $qty)."," + ."'".$db->escape($unit)."'," + .($note ? "'".$db->escape($note)."'" : "NULL")."," + .((int) $user->id)."," + ."'".$db->idate(dol_now())."'" + .")"; + if (!$db->query($sql)) api_fail($db->lasterror(), 500); + $id = $db->last_insert_id($db->prefix()."bericht_material"); + api_ok(array('id' => (int) $id)); +} + +api_fail('Methode nicht unterstützt', 405); diff --git a/core/modules/modBericht.class.php b/core/modules/modBericht.class.php index 9b34393..5390f6b 100644 --- a/core/modules/modBericht.class.php +++ b/core/modules/modBericht.class.php @@ -160,6 +160,19 @@ class modBericht extends DolibarrModules // Phase 5.3: Versionierung "ALTER TABLE ".$this->db->prefix()."bericht ADD COLUMN version INT DEFAULT 1", "ALTER TABLE ".$this->db->prefix()."bericht ADD COLUMN fk_bericht_parent INT DEFAULT NULL", + // Phase 5.9: Materialliste pro Auftrag + "CREATE TABLE IF NOT EXISTS ".$this->db->prefix()."bericht_material (" + ."rowid INT AUTO_INCREMENT PRIMARY KEY," + ."element_type VARCHAR(32) NOT NULL," + ."fk_element INT NOT NULL," + ."label VARCHAR(255) NOT NULL," + ."qty FLOAT DEFAULT 1," + ."unit VARCHAR(16) DEFAULT 'Stk'," + ."note TEXT DEFAULT NULL," + ."fk_user_creat INT NOT NULL," + ."datec DATETIME NOT NULL," + ."INDEX idx_bm_element (element_type, fk_element)" + .") ENGINE=innodb", ); foreach ($migrations as $sql) { // Errors ignorieren — Spalten existieren ggf. schon