Merged in feature/HOR-3615 (pull request #5857)
HOR-3615 Approved-by: Julio Cesar Laura Avendaño <contact@julio-laura.com>
This commit is contained in:
Marco Antonio Nina Mena
committed by
Julio Cesar Laura Avendaño
Julio Cesar Laura Avendaño
commit
044ab74a9c
@@ -7,11 +7,16 @@
|
|||||||
* @access public
|
* @access public
|
||||||
*/
|
*/
|
||||||
|
|
||||||
|
use Maveriks\Util\ClassLoader;
|
||||||
|
use \OAuth2\Request;
|
||||||
|
use \ProcessMaker\BusinessModel\Light\Tracker;
|
||||||
|
use \ProcessMaker\Services\OAuth2\Server;
|
||||||
|
|
||||||
class Designer extends Controller
|
class Designer extends Controller
|
||||||
{
|
{
|
||||||
protected $clientId = 'x-pm-local-client';
|
protected $clientId = 'x-pm-local-client';
|
||||||
|
|
||||||
public function __construct ()
|
public function __construct()
|
||||||
{
|
{
|
||||||
|
|
||||||
}
|
}
|
||||||
@@ -26,57 +31,16 @@ class Designer extends Controller
|
|||||||
$proUid = isset($httpData->prj_uid) ? $httpData->prj_uid : '';
|
$proUid = isset($httpData->prj_uid) ? $httpData->prj_uid : '';
|
||||||
$appUid = isset($httpData->app_uid) ? $httpData->app_uid : '';
|
$appUid = isset($httpData->app_uid) ? $httpData->app_uid : '';
|
||||||
$proReadOnly = isset($httpData->prj_readonly) ? $httpData->prj_readonly : 'false';
|
$proReadOnly = isset($httpData->prj_readonly) ? $httpData->prj_readonly : 'false';
|
||||||
$client = $this->getClientCredentials();
|
|
||||||
|
|
||||||
if (isset($httpData->tracker_designer) && $httpData->tracker_designer == 1) {
|
$clientToken = $this->getCredentials($httpData);
|
||||||
try {
|
|
||||||
if (!isset($_SESSION['CASE']) && !isset($_SESSION['PIN'])) {
|
|
||||||
throw (new \Exception(
|
|
||||||
\G::LoadTranslation('ID_CASE_NOT_EXISTS') . "\n" . \G::LoadTranslation('ID_PIN_INVALID')
|
|
||||||
));
|
|
||||||
}
|
|
||||||
\ProcessMaker\BusinessModel\Light\Tracker::authentication($_SESSION['CASE'], $_SESSION['PIN']);
|
|
||||||
} catch (\Exception $e) {
|
|
||||||
Bootstrap::registerMonolog('CaseTracker', 400, $e->getMessage(), [], SYS_SYS, 'processmaker.log');
|
|
||||||
\G::header('Location: /errors/error403.php');
|
|
||||||
die();
|
|
||||||
}
|
|
||||||
$client["tracker_designer"] = 1;
|
|
||||||
}
|
|
||||||
|
|
||||||
$authCode = $this->getAuthorizationCode($client);
|
|
||||||
$debug = false; //System::isDebugMode();
|
$debug = false; //System::isDebugMode();
|
||||||
|
|
||||||
$loader = Maveriks\Util\ClassLoader::getInstance();
|
|
||||||
$loader->add(PATH_TRUNK . 'vendor/bshaffer/oauth2-server-php/src/', "OAuth2");
|
|
||||||
|
|
||||||
$request = array(
|
|
||||||
'grant_type' => 'authorization_code',
|
|
||||||
'code' => $authCode
|
|
||||||
);
|
|
||||||
$server = array(
|
|
||||||
'REQUEST_METHOD' => 'POST'
|
|
||||||
);
|
|
||||||
$headers = array(
|
|
||||||
"PHP_AUTH_USER" => $client['CLIENT_ID'],
|
|
||||||
"PHP_AUTH_PW" => $client['CLIENT_SECRET'],
|
|
||||||
"Content-Type" => "multipart/form-data;",
|
|
||||||
"Authorization" => "Basic " . base64_encode($client['CLIENT_ID'] . ":" . $client['CLIENT_SECRET'])
|
|
||||||
);
|
|
||||||
|
|
||||||
$request = new \OAuth2\Request(array(), $request, array(), array(), array(), $server, null, $headers);
|
|
||||||
$oauthServer = new \ProcessMaker\Services\OAuth2\Server();
|
|
||||||
$response = $oauthServer->postToken($request, true);
|
|
||||||
$clientToken = $response->getParameters();
|
|
||||||
$clientToken["client_id"] = $client['CLIENT_ID'];
|
|
||||||
$clientToken["client_secret"] = $client['CLIENT_SECRET'];
|
|
||||||
|
|
||||||
$consolidated = 0;
|
$consolidated = 0;
|
||||||
$enterprise = 0;
|
$enterprise = 0;
|
||||||
$distribution = 0;
|
$distribution = 0;
|
||||||
|
|
||||||
/*----------------------------------********---------------------------------*/
|
/*----------------------------------********---------------------------------*/
|
||||||
$licensedFeatures = & PMLicensedFeatures::getSingleton();
|
$licensedFeatures = &PMLicensedFeatures::getSingleton();
|
||||||
if ($licensedFeatures->verifyfeature('7TTeDBQeWRoZTZKYjh4eFpYUlRDUUEyVERPU3FxellWank=')) {
|
if ($licensedFeatures->verifyfeature('7TTeDBQeWRoZTZKYjh4eFpYUlRDUUEyVERPU3FxellWank=')) {
|
||||||
$consolidated = 1;
|
$consolidated = 1;
|
||||||
}
|
}
|
||||||
@@ -101,10 +65,10 @@ class Designer extends Controller
|
|||||||
$this->setVar('HTTP_SERVER_HOSTNAME', PmSystem::getHttpServerHostnameRequestsFrontEnd());
|
$this->setVar('HTTP_SERVER_HOSTNAME', PmSystem::getHttpServerHostnameRequestsFrontEnd());
|
||||||
|
|
||||||
if ($debug) {
|
if ($debug) {
|
||||||
if (! file_exists(PATH_HTML . "lib-dev/pmUI/build.cache")) {
|
if (!file_exists(PATH_HTML . "lib-dev/pmUI/build.cache")) {
|
||||||
throw new RuntimeException("Development JS Files were are not generated!.\nPlease execute: \$>rake pmBuildDebug in pmUI project");
|
throw new RuntimeException("Development JS Files were are not generated!.\nPlease execute: \$>rake pmBuildDebug in pmUI project");
|
||||||
}
|
}
|
||||||
if (! file_exists(PATH_HTML . "lib-dev/mafe/build.cache")) {
|
if (!file_exists(PATH_HTML . "lib-dev/mafe/build.cache")) {
|
||||||
throw new RuntimeException("Development JS Files were are not generated!.\nPlease execute: \$>rake pmBuildDebug in MichelangeloFE project");
|
throw new RuntimeException("Development JS Files were are not generated!.\nPlease execute: \$>rake pmBuildDebug in MichelangeloFE project");
|
||||||
}
|
}
|
||||||
|
|
||||||
@@ -128,7 +92,7 @@ class Designer extends Controller
|
|||||||
$this->setVar('mafeCssFiles', $mafeCssFiles);
|
$this->setVar('mafeCssFiles', $mafeCssFiles);
|
||||||
} else {
|
} else {
|
||||||
$buildhashFile = PATH_HTML . "lib/buildhash";
|
$buildhashFile = PATH_HTML . "lib/buildhash";
|
||||||
if (! file_exists($buildhashFile)) {
|
if (!file_exists($buildhashFile)) {
|
||||||
throw new RuntimeException("CSS and JS Files were are not generated!.\nPlease review install process");
|
throw new RuntimeException("CSS and JS Files were are not generated!.\nPlease review install process");
|
||||||
}
|
}
|
||||||
$buildhash = file_get_contents($buildhashFile);
|
$buildhash = file_get_contents($buildhashFile);
|
||||||
@@ -137,7 +101,7 @@ class Designer extends Controller
|
|||||||
|
|
||||||
$translationMafe = "/translations/translationsMafe.js";
|
$translationMafe = "/translations/translationsMafe.js";
|
||||||
$this->setVar('translationMafe', $translationMafe);
|
$this->setVar('translationMafe', $translationMafe);
|
||||||
if (!file_exists(PATH_HTML . "translations" . PATH_SEP. 'translationsMafe' . ".js")) {
|
if (!file_exists(PATH_HTML . "translations" . PATH_SEP . 'translationsMafe' . ".js")) {
|
||||||
$translation = new Translation();
|
$translation = new Translation();
|
||||||
$translation->generateFileTranslationMafe();
|
$translation->generateFileTranslationMafe();
|
||||||
}
|
}
|
||||||
@@ -197,10 +161,10 @@ class Designer extends Controller
|
|||||||
|
|
||||||
protected function getAuthorizationCode($client)
|
protected function getAuthorizationCode($client)
|
||||||
{
|
{
|
||||||
\ProcessMaker\Services\OAuth2\Server::setDatabaseSource($this->getDsn());
|
Server::setDatabaseSource($this->getDsn());
|
||||||
\ProcessMaker\Services\OAuth2\Server::setPmClientId($client['CLIENT_ID']);
|
Server::setPmClientId($client['CLIENT_ID']);
|
||||||
|
|
||||||
$oauthServer = new \ProcessMaker\Services\OAuth2\Server();
|
$oauthServer = new Server();
|
||||||
|
|
||||||
if (isset($client["tracker_designer"]) && $client["tracker_designer"] == 1) {
|
if (isset($client["tracker_designer"]) && $client["tracker_designer"] == 1) {
|
||||||
$_SESSION["USER_LOGGED"] = "00000000000000000000000000000001";
|
$_SESSION["USER_LOGGED"] = "00000000000000000000000000000001";
|
||||||
@@ -215,7 +179,7 @@ class Designer extends Controller
|
|||||||
));
|
));
|
||||||
|
|
||||||
$response = $oauthServer->postAuthorize($authorize, $userId, true);
|
$response = $oauthServer->postAuthorize($authorize, $userId, true);
|
||||||
$code = substr($response->getHttpHeader('Location'), strpos($response->getHttpHeader('Location'), 'code=')+5, 40);
|
$code = substr($response->getHttpHeader('Location'), strpos($response->getHttpHeader('Location'), 'code=') + 5, 40);
|
||||||
|
|
||||||
if (isset($client["tracker_designer"]) && $client["tracker_designer"] == 1) {
|
if (isset($client["tracker_designer"]) && $client["tracker_designer"] == 1) {
|
||||||
unset($_SESSION["USER_LOGGED"]);
|
unset($_SESSION["USER_LOGGED"]);
|
||||||
@@ -228,8 +192,63 @@ class Designer extends Controller
|
|||||||
{
|
{
|
||||||
list($host, $port) = strpos(DB_HOST, ':') !== false ? explode(':', DB_HOST) : array(DB_HOST, '');
|
list($host, $port) = strpos(DB_HOST, ':') !== false ? explode(':', DB_HOST) : array(DB_HOST, '');
|
||||||
$port = empty($port) ? '' : ";port=$port";
|
$port = empty($port) ? '' : ";port=$port";
|
||||||
$dsn = DB_ADAPTER.':host='.$host.';dbname='.DB_NAME.$port;
|
$dsn = DB_ADAPTER . ':host=' . $host . ';dbname=' . DB_NAME . $port;
|
||||||
|
|
||||||
return array('dsn' => $dsn, 'username' => DB_USER, 'password' => DB_PASS);
|
return array('dsn' => $dsn, 'username' => DB_USER, 'password' => DB_PASS);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Return credentials oauth2
|
||||||
|
*
|
||||||
|
* @param object $httpData
|
||||||
|
* @return array credentials
|
||||||
|
*/
|
||||||
|
public function getCredentials($httpData = null)
|
||||||
|
{
|
||||||
|
$client = $this->getClientCredentials();
|
||||||
|
|
||||||
|
if (!empty($httpData->tracker_designer) && $httpData->tracker_designer == 1) {
|
||||||
|
try {
|
||||||
|
if (!isset($_SESSION['CASE']) && !isset($_SESSION['PIN'])) {
|
||||||
|
throw (new \Exception(
|
||||||
|
\G::LoadTranslation('ID_CASE_NOT_EXISTS') . "\n" . \G::LoadTranslation('ID_PIN_INVALID')
|
||||||
|
));
|
||||||
|
}
|
||||||
|
Tracker::authentication($_SESSION['CASE'], $_SESSION['PIN']);
|
||||||
|
} catch (\Exception $e) {
|
||||||
|
Bootstrap::registerMonolog('CaseTracker', 400, $e->getMessage(), [], SYS_SYS, 'processmaker.log');
|
||||||
|
\G::header('Location: /errors/error403.php');
|
||||||
|
die();
|
||||||
|
}
|
||||||
|
$client["tracker_designer"] = 1;
|
||||||
|
}
|
||||||
|
|
||||||
|
$authCode = $this->getAuthorizationCode($client);
|
||||||
|
|
||||||
|
$loader = ClassLoader::getInstance();
|
||||||
|
$loader->add(PATH_TRUNK . 'vendor/bshaffer/oauth2-server-php/src/', "OAuth2");
|
||||||
|
|
||||||
|
$request = array(
|
||||||
|
'grant_type' => 'authorization_code',
|
||||||
|
'code' => $authCode
|
||||||
|
);
|
||||||
|
$server = array(
|
||||||
|
'REQUEST_METHOD' => 'POST'
|
||||||
|
);
|
||||||
|
$headers = array(
|
||||||
|
"PHP_AUTH_USER" => $client['CLIENT_ID'],
|
||||||
|
"PHP_AUTH_PW" => $client['CLIENT_SECRET'],
|
||||||
|
"Content-Type" => "multipart/form-data;",
|
||||||
|
"Authorization" => "Basic " . base64_encode($client['CLIENT_ID'] . ":" . $client['CLIENT_SECRET'])
|
||||||
|
);
|
||||||
|
|
||||||
|
$request = new Request(array(), $request, array(), array(), array(), $server, null, $headers);
|
||||||
|
$oauthServer = new Server();
|
||||||
|
$response = $oauthServer->postToken($request, true);
|
||||||
|
$clientToken = $response->getParameters();
|
||||||
|
$clientToken["client_id"] = $client['CLIENT_ID'];
|
||||||
|
$clientToken["client_secret"] = $client['CLIENT_SECRET'];
|
||||||
|
|
||||||
|
return $clientToken;
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -88,6 +88,13 @@ $oHeadPublisher->assign("arrayMenuNewOptionPlugin", $arrayMenuNewOptionPlugin);
|
|||||||
$oHeadPublisher->assign("arrayContextMenuOptionPlugin", $arrayContextMenuOptionPlugin);
|
$oHeadPublisher->assign("arrayContextMenuOptionPlugin", $arrayContextMenuOptionPlugin);
|
||||||
$oHeadPublisher->assign('extJsViewState', $oHeadPublisher->getExtJsViewState());
|
$oHeadPublisher->assign('extJsViewState', $oHeadPublisher->getExtJsViewState());
|
||||||
|
|
||||||
|
$designer = new Designer();
|
||||||
|
$oHeadPublisher->assign('SYS_SYS', SYS_SYS);
|
||||||
|
$oHeadPublisher->assign('SYS_LANG', SYS_LANG);
|
||||||
|
$oHeadPublisher->assign('SYS_SKIN', SYS_SKIN);
|
||||||
|
$oHeadPublisher->assign('HTTP_SERVER_HOSTNAME', PmSystem::getHttpServerHostnameRequestsFrontEnd());
|
||||||
|
$oHeadPublisher->assign('credentials', base64_encode(G::json_encode($designer->getCredentials())));
|
||||||
|
|
||||||
$deleteCasesFlag = false;
|
$deleteCasesFlag = false;
|
||||||
global $RBAC;
|
global $RBAC;
|
||||||
if($RBAC->userCanAccess('PM_DELETE_PROCESS_CASES') === 1) {
|
if($RBAC->userCanAccess('PM_DELETE_PROCESS_CASES') === 1) {
|
||||||
|
|||||||
Reference in New Issue
Block a user