From e346e42f9e2eea2d13af4e91b1987b0c3d78b944 Mon Sep 17 00:00:00 2001
From: rGaillard <remi.gaillard@prestashop.com>
Date: Thu, 9 Aug 2012 15:15:59 +0000
Subject: [PATCH] [-] WS: Fix webservices on some entities with multishop
 #PSCFV-3460

---
 classes/ObjectModel.php                  | 22 ++++++++++++++--------
 classes/webservice/WebserviceRequest.php | 19 +++++++++----------
 2 files changed, 23 insertions(+), 18 deletions(-)

diff --git a/classes/ObjectModel.php b/classes/ObjectModel.php
index d7a96b321..2cbd1baff 100644
--- a/classes/ObjectModel.php
+++ b/classes/ObjectModel.php
@@ -1015,18 +1015,24 @@ abstract class ObjectModelCore
 	public function getWebserviceObjectList($sql_join, $sql_filter, $sql_sort, $sql_limit)
 	{
 		$assoc = Shop::getAssoTable($this->def['table']);
-		if ($assoc !== false)
+		$class_name = WebserviceRequest::$ws_current_classname;
+		$vars = get_class_vars($class_name);
+		if ($assoc !== false && $assoc['type'] !== 'fk_shop')
 		{
 			$multi_shop_join = ' LEFT JOIN `'._DB_PREFIX_.bqSQL($this->def['table']).'_'.bqSQL($assoc['type']).'`
-									AS multi_shop_'.bqSQL($this->def['table']).'
-									ON (main.'.bqSQL($this->def['primary']).' = multi_shop_'.bqSQL($this->def['table']).'.'.bqSQL($this->def['primary']).')';
-			$class_name = WebserviceRequest::$ws_current_classname;
+									AS `multi_shop_'.bqSQL($this->def['table']).'`
+									ON (main.`'.bqSQL($this->def['primary']).'` = `multi_shop_'.bqSQL($this->def['table']).'`.`'.bqSQL($this->def['primary']).'`)';
+			foreach ($vars['shopIDs'] as $id_shop)
+				$or[] = ' `multi_shop_'.bqSQL($this->def['table']).'`.id_shop = '.(int)$id_shop.' ';
+			$sql_filter = ' AND ('.implode('OR', $or).') '.$sql_filter;
+			$sql_join = $multi_shop_join.' '.$sql_join;
+		}
+		else
+		{
 			$vars = get_class_vars($class_name);
 			foreach ($vars['shopIDs'] as $id_shop)
-				$or[] = ' multi_shop_'.bqSQL($this->def['table']).'.id_shop = '.(int)$id_shop.' ';
-			$multi_shop_filter = ' AND ('.implode('OR', $or).') ';
-			$sql_filter = $multi_shop_filter.' '.$sql_filter;
-			$sql_join = $multi_shop_join.' '.$sql_join;
+				$or[] = ' main.id_shop = '.(int)$id_shop.' ';
+			$sql_filter = ' AND ('.implode('OR', $or).') '.$sql_filter;
 		}
 		$query = '
 		SELECT DISTINCT main.`'.bqSQL($this->def['primary']).'` FROM `'._DB_PREFIX_.bqSQL($this->def['table']).'` AS main
diff --git a/classes/webservice/WebserviceRequest.php b/classes/webservice/WebserviceRequest.php
index 15cedf246..ee122bd0e 100644
--- a/classes/webservice/WebserviceRequest.php
+++ b/classes/webservice/WebserviceRequest.php
@@ -269,7 +269,7 @@ class WebserviceRequestCore
 			'stock_movement_reasons' => array('description' => 'Stock movement reason', 'class' => 'StockMvtReason'),
 			'warehouses' => array('description' => 'Warehouses', 'class' => 'Warehouse', 'forbidden_method' => array('DELETE')),
 			'stocks' => array('description' => 'Stocks', 'class' => 'Stock', 'forbidden_method' => array('PUT', 'POST', 'DELETE')),
-			'available_quantities' => array('description' => 'Available quantities', 'class' => 'StockAvailable', 'forbidden_method' => array('PUT', 'POST', 'DELETE')),
+			'stock_availables' => array('description' => 'Available quantities', 'class' => 'StockAvailable', 'forbidden_method' => array('PUT', 'POST', 'DELETE')),
 			'warehouse_product_locations' => array('description' => 'Location of products in warehouses', 'class' => 'WarehouseProductLocation', 'forbidden_method' => array('PUT', 'POST', 'DELETE')),
 			'supply_orders' => array('description' => 'Supply Orders', 'class' => 'SupplyOrder', 'forbidden_method' => array('PUT', 'POST', 'DELETE')),
 			'supply_order_details' => array('description' => 'Supply Order Details', 'class' => 'SupplyOrderDetail', 'forbidden_method' => array('PUT', 'POST', 'DELETE')),
@@ -1217,13 +1217,19 @@ class WebserviceRequestCore
 		if ($assoc !== false)
 		{
 			$sql = 'SELECT 1
-					FROM '.bqSQL(_DB_PREFIX_.$this->resourceConfiguration['retrieveData']['table'].'_'.$assoc['type']).' ';
+ 						FROM `'.bqSQL(_DB_PREFIX_.$this->resourceConfiguration['retrieveData']['table']);
+			if ($assoc['type'] != 'fk_shop')
+				$sql .= '_'.$assoc['type'];
+			$sql .= '`';
+
 			foreach (self::$shopIDs as $id_shop)
 				$OR[] = ' id_shop = '.(int)$id_shop.' ';
-			$check = ' WHERE ('.implode('OR', $OR).') AND '.bqSQL($this->resourceConfiguration['fields']['id']['sqlId']).' = '.(int)$this->urlSegment[1];
+
+			$check = ' WHERE ('.implode('OR', $OR).') AND `'.bqSQL($this->resourceConfiguration['fields']['id']['sqlId']).'` = '.(int)$this->urlSegment[1];
 			if (!Db::getInstance()->getValue($sql.$check))
 				$this->setError(403, 'Bad id_shop : You are not allowed to access this '.$this->resourceConfiguration['retrieveData']['className'].' ('.(int)$this->urlSegment[1].')', 131);
 		}
+
 		//get entity details
 		$object = new $this->resourceConfiguration['retrieveData']['className']((int)$this->urlSegment[1]);
 		if ($object->id)
@@ -1325,7 +1331,6 @@ class WebserviceRequestCore
 		}
 		else
 		{
-			$assoc = Shop::getAssoTables();
 			foreach ($objects as $object)
 			{
 				if (isset($this->resourceConfiguration['objectMethods']) && isset($this->resourceConfiguration['objectMethods']['delete']))
@@ -1335,12 +1340,6 @@ class WebserviceRequestCore
 
 				if (!$result)
 					$arr_avoid_id[] = $object->id;
-				elseif (array_key_exists($this->resourceConfiguration['retrieveData']['table'] ,$assoc))
-				{
-					$sql = 'DELETE FROM `'._DB_PREFIX_.$this->resourceConfiguration['retrieveData']['table'].'_'.$assoc[$this->resourceConfiguration['retrieveData']['table']]['type'].'`
-							WHERE '.$this->resourceConfiguration['fields']['id']['sqlId'].' = '.$object->id;
-					Db::getInstance()->execute($sql);
-				}
 			}
 			if (!empty($arr_avoid_id))
 			{