From 62997d39bce4466a094eda771abd2ac9fa3e6c40 Mon Sep 17 00:00:00 2001
From: Bernd Bestel <bernd@berrnd.de>
Date: Sat, 14 Nov 2020 11:27:13 +0100
Subject: [PATCH] Removde the /objects/{entity}/search API endpoint, added the
 new filter capabilities to /objects/{entity} (references #985)

---
 changelog/60_UNRELEASED_2020-xx-xx.md      |  6 +-
 controllers/GenericEntityApiController.php | 21 +-----
 grocy.openapi.json                         | 75 ----------------------
 public/viewjs/purchase.js                  |  2 +-
 routes.php                                 |  1 -
 5 files changed, 6 insertions(+), 99 deletions(-)

diff --git a/changelog/60_UNRELEASED_2020-xx-xx.md b/changelog/60_UNRELEASED_2020-xx-xx.md
index b58175b9..f29c69c5 100644
--- a/changelog/60_UNRELEASED_2020-xx-xx.md
+++ b/changelog/60_UNRELEASED_2020-xx-xx.md
@@ -132,11 +132,13 @@ _- (Because the stock quantity unit is now the base for everything, it cannot be
   - All prices are now related to the products stock quantity unit (instead of the products purchase QU)
   - All (product) amounts are now related to the products stock quantity unit (was related to the products purchase QU for the shopping list before)
   - The product object no longer has a field `barcodes` with a comma separated barcode list, instead barcodes are now stored in a separate table/entity `product_barcodes` (use the existing "Generic entity interactions" endpoints to access them)
+  - The endpoint `/objects/{entity}/search` was removed (use the existing `/objects/{entity}` endpoint with new new filter capabilities mentioned below)
+  - The output / field names of `ProductDetailsResponse` have slightly changed (endpoint `/stock/products/{productId}`)
 - For better integration (apps), it's now possible to show a QR-Code for API keys (thanks @fipwmaqzufheoxq92ebc)
   - New QR-Code button on the "Manage API keys"-page (top right corner settings menu), the QR-Codes contains `<API-Url>|<API-Key>`
   - And on the calendar page when using the button "Share/Integrate calendar (iCal)", there the QR-Codes contains the Share-URL (which is displayed in the textbox above)
-- The output of the following endpoints can now be filtered (by any field), ordered and paginated (thanks @fipwmaqzufheoxq92ebc)
-  - `/objects/{entity}/search`
+- The output of the following endpoints can now be filtered (by any field), ordered and paginated (thanks for the initial work on this @fipwmaqzufheoxq92ebc)
+  - `/objects/{entity}`
   - `/stock/products/{productId}/entries`
   - `/stock/products/{productId}/locations`
   - `/recipes/fulfillment`
diff --git a/controllers/GenericEntityApiController.php b/controllers/GenericEntityApiController.php
index 42483342..06546e59 100644
--- a/controllers/GenericEntityApiController.php
+++ b/controllers/GenericEntityApiController.php
@@ -135,7 +135,7 @@ class GenericEntityApiController extends BaseApiController
 
 	public function GetObjects(\Psr\Http\Message\ServerRequestInterface $request, \Psr\Http\Message\ResponseInterface $response, array $args)
 	{
-		$objects = $this->getDatabase()->{$args['entity']}();
+		$objects = $this->queryData($this->getDatabase()->{$args['entity']}(), $request->getQueryParams());
 		$allUserfields = $this->getUserfieldsService()->GetAllValues($args['entity']);
 
 		foreach ($objects as $object)
@@ -176,25 +176,6 @@ class GenericEntityApiController extends BaseApiController
 		}
 	}
 
-	public function SearchObjects(\Psr\Http\Message\ServerRequestInterface $request, \Psr\Http\Message\ResponseInterface $response, array $args)
-	{
-		if ($this->IsValidEntity($args['entity']) && !$this->IsEntityWithPreventedListing($args['entity']))
-		{
-			try
-			{
-				return $this->FilteredApiResponse($response, $this->getDatabase()->{$args['entity']}(), $request->getQueryParams());
-			}
-			catch (\PDOException $ex)
-			{
-				throw new HttpBadRequestException($request, $ex->getMessage(), $ex);
-			}
-		}
-		else
-		{
-			return $this->GenericErrorResponse($response, 'Entity does not exist or is not exposed');
-		}
-	}
-
 	public function SetUserfields(\Psr\Http\Message\ServerRequestInterface $request, \Psr\Http\Message\ResponseInterface $response, array $args)
 	{
 		User::checkPermission($request, User::PERMISSION_MASTER_DATA_EDIT);
diff --git a/grocy.openapi.json b/grocy.openapi.json
index 0745ca2d..8acc58fe 100644
--- a/grocy.openapi.json
+++ b/grocy.openapi.json
@@ -524,81 +524,6 @@
 				}
 			}
 		},
-		"/objects/{entity}/search/{searchString}": {
-			"get": {
-				"summary": "Returns all objects of the given entity where the field \"name\" contains the search string (so only works for entities which have that field)",
-				"tags": [
-					"Generic entity interactions"
-				],
-				"parameters": [
-					{
-						"in": "path",
-						"name": "entity",
-						"required": true,
-						"description": "A valid entity name",
-						"schema": {
-							"$ref": "#/components/internalSchemas/ExposedEntity"
-						}
-					},
-					{
-						"in": "path",
-						"name": "searchString",
-						"required": true,
-						"description": "The search string",
-						"schema": {
-							"type": "string"
-						}
-					}
-				],
-				"responses": {
-					"200": {
-						"description": "An entity object",
-						"content": {
-							"application/json": {
-								"schema": {
-									"type": "array",
-									"items": {
-										"oneOf": [
-											{
-												"$ref": "#/components/schemas/Product"
-											},
-											{
-												"$ref": "#/components/schemas/Chore"
-											},
-											{
-												"$ref": "#/components/schemas/Battery"
-											},
-											{
-												"$ref": "#/components/schemas/Location"
-											},
-											{
-												"$ref": "#/components/schemas/QuantityUnit"
-											},
-											{
-												"$ref": "#/components/schemas/ShoppingListItem"
-											},
-											{
-												"$ref": "#/components/schemas/StockEntry"
-											}
-										]
-									}
-								}
-							}
-						}
-					},
-					"400": {
-						"description": "The operation was not successful",
-						"content": {
-							"application/json": {
-								"schema": {
-									"$ref": "#/components/schemas/GenericErrorResponse"
-								}
-							}
-						}
-					}
-				}
-			}
-		},
 		"/userfields/{entity}/{objectId}": {
 			"get": {
 				"summary": "Returns all userfields with their values of the given object of the given entity",
diff --git a/public/viewjs/purchase.js b/public/viewjs/purchase.js
index 92714cf7..008de4d7 100644
--- a/public/viewjs/purchase.js
+++ b/public/viewjs/purchase.js
@@ -271,7 +271,7 @@ if (Grocy.Components.ProductPicker !== undefined)
 
 					if (document.getElementById("product_id").getAttribute("barcode") != "null")
 					{
-						Grocy.Api.Get('objects/product_barcodes/search/?query[]=barcode=' + document.getElementById("product_id").getAttribute("barcode"),
+						Grocy.Api.Get('objects/product_barcodes?query[]=barcode=' + document.getElementById("product_id").getAttribute("barcode"),
 							function(barcodeResult)
 							{
 								if (barcodeResult != null)
diff --git a/routes.php b/routes.php
index abcbddf9..fabd6a65 100644
--- a/routes.php
+++ b/routes.php
@@ -150,7 +150,6 @@ $app->group('/api', function (RouteCollectorProxy $group) {
 	// Generic entity interaction
 	$group->get('/objects/{entity}', '\Grocy\Controllers\GenericEntityApiController:GetObjects');
 	$group->get('/objects/{entity}/{objectId}', '\Grocy\Controllers\GenericEntityApiController:GetObject');
-	$group->get('/objects/{entity}/search/{searchString:.*}', '\Grocy\Controllers\GenericEntityApiController:SearchObjects');
 	$group->post('/objects/{entity}', '\Grocy\Controllers\GenericEntityApiController:AddObject');
 	$group->put('/objects/{entity}/{objectId}', '\Grocy\Controllers\GenericEntityApiController:EditObject');
 	$group->delete('/objects/{entity}/{objectId}', '\Grocy\Controllers\GenericEntityApiController:DeleteObject');