luos/workflow/engine/src/ProcessMaker/Services/Api/User.php

<?php
namespace ProcessMaker\Services\Api;

use \ProcessMaker\Services\Api;
use \Luracast\Restler\RestException;

/**
 * User Api Controller
 *
 * @protected
 */
class User extends Api
{
    /**
     * Constructor of the class
     *
     * return void
     */
    public function __construct()
    {
        try {
            $user = new \ProcessMaker\BusinessModel\User();

            $usrUid = $this->getUserId();

            if (!$user->checkPermission($usrUid, "PM_USERS")) {
                throw new \Exception(\G::LoadTranslation("ID_USER_NOT_HAVE_PERMISSION", array($usrUid)));
            }
        } catch (\Exception $e) {
            throw new RestException(Api::STAT_APP_EXCEPTION, $e->getMessage());
        }
    }

    /**
     * @url GET
     * @param string $filter
     * @param int $start
     * @param int $limit
     */
    public function doGetUsers($filter = '', $start = null, $limit = null)
    {
        try {
            $user = new \ProcessMaker\BusinessModel\User();
            $response = $user->getUsers($filter, $start, $limit);
            return $response;
        } catch (\Exception $e) {
            throw (new RestException(Api::STAT_APP_EXCEPTION, $e->getMessage()));
        }
    }

    /**
     * @url GET /:usr_uid
     *
     * @param string $usr_uid {@min 32}{@max 32}
     */
    public function doGetUser($usr_uid)
    {
        try {
            $user = new \ProcessMaker\BusinessModel\User();
            $response = $user->getUser($usr_uid);
            return $response;
        } catch (\Exception $e) {
            throw (new RestException(Api::STAT_APP_EXCEPTION, $e->getMessage()));
        }
    }

    /**
     * @url POST
     *
     * @param array $request_data
     *
     * @status 201
     */
    public function doPostUser($request_data)
    {
        try {
            $user = new \ProcessMaker\BusinessModel\User();
            $arrayData = $user->create($request_data);
            $response = $arrayData;
            return $response;
        } catch (\Exception $e) {
            throw (new RestException(Api::STAT_APP_EXCEPTION, $e->getMessage()));
        }
    }

    /**
     * @url PUT /:usr_uid
     *
     * @param string $usr_uid      {@min 32}{@max 32}
     * @param array  $request_data
     */
    public function doPutUser($usr_uid, $request_data)
    {
        try {
            $userLoggedUid = $this->getUserId();
            $user = new \ProcessMaker\BusinessModel\User();
            $arrayData = $user->update($usr_uid, $request_data, $userLoggedUid);
        } catch (\Exception $e) {
            throw (new RestException(Api::STAT_APP_EXCEPTION, $e->getMessage()));
        }
    }

    /**
     * @url DELETE /:usr_uid
     *
     * @param string $usr_uid {@min 32}{@max 32}
     */
    public function doDeleteUser($usr_uid)
    {
        try {
            $user = new \ProcessMaker\BusinessModel\User();
            $user->delete($usr_uid);
        } catch (\Exception $e) {
            throw (new RestException(Api::STAT_APP_EXCEPTION, $e->getMessage()));
        }
    }

    /**
     * @param string $usr_uid {@min 32} {@max 32}
     *
     * @url POST /:usr_uid/image-upload
     */
    public function doPostUserImageUpload($usr_uid)
    {
        try {
            $user = new \ProcessMaker\BusinessModel\User();
            $user->uploadImage($usr_uid);
        } catch (\Exception $e) {
            //response
            throw new RestException(Api::STAT_APP_EXCEPTION, $e->getMessage());
        }
    }
}
Se agrega metodo DELETE para FILES MANAGER. Se agregan validaciones en PROJECT USERS. se agrega la clase USER. 2014-01-31 13:09:16 -04:00			`<?php`
Refactoring of classes that where in workflow/engine/src , now all of them have a unique parent namespace \ProcessMaker 2014-04-02 17:02:02 -04:00			`namespace ProcessMaker\Services\Api;`
Se agrega metodo DELETE para FILES MANAGER. Se agregan validaciones en PROJECT USERS. se agrega la clase USER. 2014-01-31 13:09:16 -04:00
			`use \ProcessMaker\Services\Api;`
			`use \Luracast\Restler\RestException;`

			`/**`
			`* User Api Controller`
			`*`
			`* @protected`
			`*/`
			`class User extends Api`
			`{`
PM-3376 "REST endpoint PUT users, groups,..." SOLVED > Code Isuue: 0018011: Security hole:REST endpoints for users,groups,departments & roles do not check if logged-in user has PM_USERS permission in role > Solution: Se agrega validacion en el siguiente Endpoint cuando se utiliza el servicio REST, el mismo mostrara un mensaje indicando que el usuario no esta autorizado para realizar la accion. 2015-09-04 16:51:19 -04:00			`/**`
			`* Constructor of the class`
			`*`
			`* return void`
			`*/`
			`public function __construct()`
			`{`
			`try {`
			`$user = new \ProcessMaker\BusinessModel\User();`

			`$usrUid = $this->getUserId();`

			`if (!$user->checkPermission($usrUid, "PM_USERS")) {`
			`throw new \Exception(\G::LoadTranslation("ID_USER_NOT_HAVE_PERMISSION", array($usrUid)));`
			`}`
			`} catch (\Exception $e) {`
			`throw new RestException(Api::STAT_APP_EXCEPTION, $e->getMessage());`
			`}`
			`}`

Se agrega metodo DELETE para FILES MANAGER. Se agregan validaciones en PROJECT USERS. se agrega la clase USER. 2014-01-31 13:09:16 -04:00			`/**`
			`* @url GET`
Se adicionan validaciones a PMUSER 2014-02-14 17:00:03 -04:00			`* @param string $filter`
			`* @param int $start`
			`* @param int $limit`
Se agrega metodo DELETE para FILES MANAGER. Se agregan validaciones en PROJECT USERS. se agrega la clase USER. 2014-01-31 13:09:16 -04:00			`*/`
Se arreglan validaciones en OUTPUTDOCUMENT y se agregan validaciones en PM USER. 2014-02-07 15:29:23 -04:00			`public function doGetUsers($filter = '', $start = null, $limit = null)`
Se agrega metodo DELETE para FILES MANAGER. Se agregan validaciones en PROJECT USERS. se agrega la clase USER. 2014-01-31 13:09:16 -04:00			`{`
			`try {`
Refactoring of classes that where in workflow/engine/src , now all of them have a unique parent namespace \ProcessMaker 2014-04-02 17:02:02 -04:00			`$user = new \ProcessMaker\BusinessModel\User();`
Fix limit en PM USER 2014-02-13 15:56:26 -04:00			`$response = $user->getUsers($filter, $start, $limit);`
Se agrega metodo DELETE para FILES MANAGER. Se agregan validaciones en PROJECT USERS. se agrega la clase USER. 2014-01-31 13:09:16 -04:00			`return $response;`
			`} catch (\Exception $e) {`
			`throw (new RestException(Api::STAT_APP_EXCEPTION, $e->getMessage()));`
			`}`
			`}`

			`/**`
			`* @url GET /:usr_uid`
			`*`
			`* @param string $usr_uid {@min 32}{@max 32}`
			`*/`
Se arreglan validaciones en OUTPUTDOCUMENT y se agregan validaciones en PM USER. 2014-02-07 15:29:23 -04:00			`public function doGetUser($usr_uid)`
Se agrega metodo DELETE para FILES MANAGER. Se agregan validaciones en PROJECT USERS. se agrega la clase USER. 2014-01-31 13:09:16 -04:00			`{`
			`try {`
Refactoring of classes that where in workflow/engine/src , now all of them have a unique parent namespace \ProcessMaker 2014-04-02 17:02:02 -04:00			`$user = new \ProcessMaker\BusinessModel\User();`
Se agrega metodo DELETE para FILES MANAGER. Se agregan validaciones en PROJECT USERS. se agrega la clase USER. 2014-01-31 13:09:16 -04:00			`$response = $user->getUser($usr_uid);`
			`return $response;`
			`} catch (\Exception $e) {`
			`throw (new RestException(Api::STAT_APP_EXCEPTION, $e->getMessage()));`
			`}`
			`}`

			`/**`
			`* @url POST`
			`*`
Se agrega metodo DELETE y POST para PM USERS. Se agregan validaciones en PROJECT USERS. 2014-02-04 16:25:34 -04:00			`* @param array $request_data`
Se agrega metodo DELETE para FILES MANAGER. Se agregan validaciones en PROJECT USERS. se agrega la clase USER. 2014-01-31 13:09:16 -04:00			`*`
			`* @status 201`
			`*/`
Fix code style CASESCHEDULER, FILESMANAGER, PROJECTUSER, ASSIGNEE, PMUSER 2014-02-14 09:39:24 -04:00			`public function doPostUser($request_data)`
			`{`
Se agrega metodo DELETE para FILES MANAGER. Se agregan validaciones en PROJECT USERS. se agrega la clase USER. 2014-01-31 13:09:16 -04:00			`try {`
Refactoring of classes that where in workflow/engine/src , now all of them have a unique parent namespace \ProcessMaker 2014-04-02 17:02:02 -04:00			`$user = new \ProcessMaker\BusinessModel\User();`
Se agrega metodo DELETE y POST para PM USERS. Se agregan validaciones en PROJECT USERS. 2014-02-04 16:25:34 -04:00			`$arrayData = $user->create($request_data);`
Se agrega metodo DELETE para FILES MANAGER. Se agregan validaciones en PROJECT USERS. se agrega la clase USER. 2014-01-31 13:09:16 -04:00			`$response = $arrayData;`
			`return $response;`
			`} catch (\Exception $e) {`
			`throw (new RestException(Api::STAT_APP_EXCEPTION, $e->getMessage()));`
			`}`
			`}`

			`/**`
Se agrega metodo DELETE y POST para PM USERS. Se agregan validaciones en PROJECT USERS. 2014-02-04 16:25:34 -04:00			`* @url PUT /:usr_uid`
Se agrega metodo DELETE para FILES MANAGER. Se agregan validaciones en PROJECT USERS. se agrega la clase USER. 2014-01-31 13:09:16 -04:00			`*`
Se agrega metodo DELETE y POST para PM USERS. Se agregan validaciones en PROJECT USERS. 2014-02-04 16:25:34 -04:00			`* @param string $usr_uid {@min 32}{@max 32}`
Se agrega metodo DELETE para FILES MANAGER. Se agregan validaciones en PROJECT USERS. se agrega la clase USER. 2014-01-31 13:09:16 -04:00			`* @param array $request_data`
			`*/`
Fix code style CASESCHEDULER, FILESMANAGER, PROJECTUSER, ASSIGNEE, PMUSER 2014-02-14 09:39:24 -04:00			`public function doPutUser($usr_uid, $request_data)`
			`{`
Se agrega metodo DELETE para FILES MANAGER. Se agregan validaciones en PROJECT USERS. se agrega la clase USER. 2014-01-31 13:09:16 -04:00			`try {`
Se agregan validaciones en PROJECT USER. Se agrega el metodo PUT para PM USER 2014-02-05 17:03:53 -04:00			`$userLoggedUid = $this->getUserId();`
Refactoring of classes that where in workflow/engine/src , now all of them have a unique parent namespace \ProcessMaker 2014-04-02 17:02:02 -04:00			`$user = new \ProcessMaker\BusinessModel\User();`
Se agregan validaciones en PROJECT USER. Se agrega el metodo PUT para PM USER 2014-02-05 17:03:53 -04:00			`$arrayData = $user->update($usr_uid, $request_data, $userLoggedUid);`
Se agrega metodo DELETE para FILES MANAGER. Se agregan validaciones en PROJECT USERS. se agrega la clase USER. 2014-01-31 13:09:16 -04:00			`} catch (\Exception $e) {`
			`throw (new RestException(Api::STAT_APP_EXCEPTION, $e->getMessage()));`
			`}`
			`}`

			`/**`
Se agrega metodo DELETE y POST para PM USERS. Se agregan validaciones en PROJECT USERS. 2014-02-04 16:25:34 -04:00			`* @url DELETE /:usr_uid`
Se agrega metodo DELETE para FILES MANAGER. Se agregan validaciones en PROJECT USERS. se agrega la clase USER. 2014-01-31 13:09:16 -04:00			`*`
Se agrega metodo DELETE y POST para PM USERS. Se agregan validaciones en PROJECT USERS. 2014-02-04 16:25:34 -04:00			`* @param string $usr_uid {@min 32}{@max 32}`
Se agrega metodo DELETE para FILES MANAGER. Se agregan validaciones en PROJECT USERS. se agrega la clase USER. 2014-01-31 13:09:16 -04:00			`*/`
Se arreglan validaciones en OUTPUTDOCUMENT y se agregan validaciones en PM USER. 2014-02-07 15:29:23 -04:00			`public function doDeleteUser($usr_uid)`
Se agrega metodo DELETE para FILES MANAGER. Se agregan validaciones en PROJECT USERS. se agrega la clase USER. 2014-01-31 13:09:16 -04:00			`{`
			`try {`
Refactoring of classes that where in workflow/engine/src , now all of them have a unique parent namespace \ProcessMaker 2014-04-02 17:02:02 -04:00			`$user = new \ProcessMaker\BusinessModel\User();`
Se agrega metodo DELETE y POST para PM USERS. Se agregan validaciones en PROJECT USERS. 2014-02-04 16:25:34 -04:00			`$user->delete($usr_uid);`
Se agrega metodo DELETE para FILES MANAGER. Se agregan validaciones en PROJECT USERS. se agrega la clase USER. 2014-01-31 13:09:16 -04:00			`} catch (\Exception $e) {`
			`throw (new RestException(Api::STAT_APP_EXCEPTION, $e->getMessage()));`
			`}`
			`}`
Se adiciona el filtro 'type' para assignee y adhoc. Se modifica updload image en PMUSER. Se modifica upload (incompleto) para FILESMANAGER 2014-02-18 16:13:57 -04:00
			`/**`
			`* @param string $usr_uid {@min 32} {@max 32}`
			`*`
Se modifica url de upload fotos para USER 2014-02-20 12:36:01 -04:00			`* @url POST /:usr_uid/image-upload`
Se adiciona el filtro 'type' para assignee y adhoc. Se modifica updload image en PMUSER. Se modifica upload (incompleto) para FILESMANAGER 2014-02-18 16:13:57 -04:00			`*/`
			`public function doPostUserImageUpload($usr_uid)`
			`{`
			`try {`
Refactoring of classes that where in workflow/engine/src , now all of them have a unique parent namespace \ProcessMaker 2014-04-02 17:02:02 -04:00			`$user = new \ProcessMaker\BusinessModel\User();`
Se adiciona el filtro 'type' para assignee y adhoc. Se modifica updload image en PMUSER. Se modifica upload (incompleto) para FILESMANAGER 2014-02-18 16:13:57 -04:00			`$user->uploadImage($usr_uid);`
			`} catch (\Exception $e) {`
			`//response`
			`throw new RestException(Api::STAT_APP_EXCEPTION, $e->getMessage());`
			`}`
			`}`
Se agrega metodo DELETE para FILES MANAGER. Se agregan validaciones en PROJECT USERS. se agrega la clase USER. 2014-01-31 13:09:16 -04:00			`}`