fernando/luos
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Merge remote-tracking branch 'origin/feature/HOR-3559' into bugfix/HOR-3485-A

Browse Source
This commit is contained in:
hjonathan
2017-08-10 12:29:51 -04:00
parent 7d33ea2a96 1c0fed9062
commit 04d0ef2f41
52 changed files with 1415 additions and 1541 deletions
Download Patch File Download Diff File Expand all files Collapse all files

47
framework/src/Maveriks/Util/Common.php
View File

@@ -52,58 +52,43 @@ class Common
}
$files = glob("$path/$singlePattern", $flags);
$dirs = glob("$path/*", GLOB_MARK|GLOB_ONLYDIR|GLOB_NOSORT);
$dirs = glob("$path/*", GLOB_MARK | GLOB_ONLYDIR | GLOB_NOSORT);
if(is_array($dirs)){
if (is_array($dirs)) {
foreach ($dirs as $dir) {
$files = array_merge($files, self::rglob("$dir/$singlePattern", $flags));
}
}
if ($onlyFiles) {
$files = array_filter($files, function($v) { return is_dir($v) ? false : true;});
$files = array_filter($files, function ($v) {
return is_dir($v) ? false : true;
});
}
return $files;
}
/**
* Returns the last version given a pattern of file name
*
* @param string $pattern a valid pattern for glob(...) native function
* @param int $flag php flags for glob(...) native function
* @return int|string
*
* Example:
* - Given the following files inside a directory:
* /example/path/myApplication-v1.tar
* /example/path/myApplication-v2.tar
* /example/path/myApplication-v3.tar
* /example/path/myApplication-v5.tar
* /example/path/myApplication-v7.tar
*
* $lastVer = ProcessMaker\Util\Common::getLastVersion("/example/path/myApplication-*.tar");
*
* It will returns: 7
* This method get the last version of file when exists a special characters
* @param $pattern
* @param $extension
* @param int $flag
* @return int
*/
public static function getLastVersion($pattern, $flag = 0)
public static function getLastVersionSpecialCharacters($dir, $pattern, $extension, $flag = 0)
{
$files = glob($pattern, $flag);
$files = glob($dir . quotemeta($pattern) . "-*." . $extension, $flag);
$maxVersion = 0;
$pattern = str_replace("*", '([0-9\.]+)', basename($pattern));
$pattern = preg_quote(basename($pattern)) . '-([0-9\.]+)pmx';
foreach ($files as $file) {
$filename = basename($file);
if (preg_match('/'.$pattern.'/', $filename, $match)) {
if (preg_match('/' . $pattern . '/', $filename, $match)) {
if ($maxVersion < $match[1]) {
$maxVersion = $match[1];
}
}
}
return $maxVersion;
}
@@ -141,8 +126,8 @@ class Common
}
while ($parent_folder_path = array_pop($folder_path)) {
if (! @is_dir($parent_folder_path)) {
if (! @mkdir($parent_folder_path, $rights)) {
if (!@is_dir($parent_folder_path)) {
if (!@mkdir($parent_folder_path, $rights)) {
umask($oldumask);
}
}

2
gulliver/bin/gulliver.php
View File

@@ -35,6 +35,8 @@
/**
* require_once pakeFunction.php
*/
require_once( PATH_THIRDPARTY . 'pake' . PATH_SEP . 'pakeFunction.php');
require_once( PATH_THIRDPARTY . 'pake' . PATH_SEP . 'pakeGetopt.class.php');
require_once( PATH_CORE . 'config' . PATH_SEP . 'environments.php');
// trap -V before pake

1
gulliver/bin/tasks/templates/pluginClass.tpl
View File

@@ -83,7 +83,6 @@
$_DBArray['users'] = $aUsers;
$_SESSION['_DBArray'] = $_DBArray;
;
$oCriteria = new Criteria('dbarray');
$oCriteria->setDBArrayTable('users');
$oCriteria->addDescendingOrderByColumn('USR_USERNAME');

1
gulliver/bin/tasks/templates/pluginMainFile.tpl
View File

@@ -1,5 +1,4 @@
<?php
;
class {className}Plugin extends PMPlugin
{

2
gulliver/bin/tasks/templates/pluginOnTransitList.php.tpl
View File

@@ -8,8 +8,6 @@
//if (($RBAC_Response = $RBAC->userCanAccess("PM_CASES"))!=1) return $RBAC_Response;
/* Includes */
;
;
/* GET , POST & $_SESSION Vars */
$conf = new Configurations();

1
gulliver/bin/tasks/templates/pluginStep.tpl
View File

@@ -1,5 +1,4 @@
<?php
;
print "this is a default step for {className}";
krumo::session ();

2
gulliver/bin/tasks/templates/pluginStepApplicationAjax.php.tpl
View File

@@ -1,7 +1,5 @@
<?php
;
try {
//SYS_SYS //Workspace name
//PROCESS //Process UID

1
gulliver/bin/tasks/templates/pluginWelcome.php.tpl
View File

@@ -23,7 +23,6 @@ $_DBArray['user'] = $rows;
$_SESSION['_DBArray'] = $_DBArray;
//krumo ( $_DBArray );
;
$c = new Criteria ('dbarray');
$c->setDBArrayTable('user');
//$c->add ( 'user.age', 122 , Criteria::GREATER_EQUAL );

2
gulliver/bin/tasks/templates/skinPluginMainClass.tpl
View File

@@ -4,8 +4,6 @@
*
*/
;
class {className}Plugin extends PMPlugin {
function {className}Plugin($sNamespace, $sFilename = null) {

2
gulliver/bin/tasks/templates/sysGeneric.php.tpl
View File

@@ -198,7 +198,7 @@ $docuroot = explode ( PATH_SEP , $_SERVER['DOCUMENT_ROOT'] );
//***************** Plugins **************************
;
// //here we are loading all plugins registered
// //the singleton has a list of enabled plugins

2
gulliver/bin/tasks/templates/usersList.php.tpl
View File

@@ -21,7 +21,7 @@ $G_ID_SUB_MENU_SELECTED = 'USERS';
$_DBArray['user'] = $rows;
$_SESSION['_DBArray'] = $_DBArray;
;
$c = new Criteria ('dbarray');
$c->setDBArrayTable('user');

1
gulliver/bin/tasks/templates/welcome.php.tpl
View File

@@ -23,7 +23,6 @@ $_DBArray['user'] = $rows;
$_SESSION['_DBArray'] = $_DBArray;
//krumo ( $_DBArray );
;
$c = new Criteria ('dbarray');
$c->setDBArrayTable('user');
//$c->add ( 'user.age', 122 , Criteria::GREATER_EQUAL );

1
gulliver/js/grid/core/grid.js
View File

@@ -563,6 +563,7 @@ var G_Grid = function(oForm, sGridName){
case 'textarea': //TEXTAREA
aObjects = oNewRow.getElementsByTagName('td')[i].getElementsByTagName('textarea');
if (aObjects){
aObjects[0].value = '';
aObjects[0].className = "module_app_input___gray";
newID = aObjects[0].id.replace(/\[1\]/g, '\[' + currentRow + '\]');

2
gulliver/methods/errors/block.php
View File

@@ -3,7 +3,7 @@ if (function_exists("http_response_code")) {
http_response_code(200);
}
$http = (isset($_SERVER["HTTPS"]) && $_SERVER["HTTPS"] == "on") ? "https" : "http";
$http = G::is_https() ? "https" : "http";
$host = $_SERVER["SERVER_NAME"] . (($_SERVER["SERVER_PORT"] != "80") ? ":" . $_SERVER["SERVER_PORT"] : "");
$urlLogin = $http . "://" . $host . "/sys/en/neoclassic/login/login";

2
gulliver/methods/errors/error403.php
View File

@@ -1,6 +1,6 @@
<?php
$http = (isset($_SERVER["HTTPS"]) && $_SERVER["HTTPS"] == "on")? "https" : "http";
$http = G::is_https() ? "https" : "http";
$host = $_SERVER["SERVER_NAME"] . (($_SERVER["SERVER_PORT"] != "80")? ":" . $_SERVER["SERVER_PORT"] : "");
$urlLogin = $http . "://" . $host . "/sys/en/neoclassic/login/login";

14
gulliver/system/class.database_mysql.php
View File

@@ -207,12 +207,16 @@ class database extends database_base
}
}
if (isset( $aParameters['AutoIncrement'] ) && $aParameters['AutoIncrement']) {
$sSQL .= ' AUTO_INCREMENT PRIMARY KEY';
$sSQL .= ' AUTO_INCREMENT';
}
/*if ($aParameters['Key'] == 'PRI') {
$sKeys .= 'ALTER TABLE ' . $this->sQuoteCharacter . $sTable . $this->sQuoteCharacter .
' ADD PRIMARY KEY (' . $this->sQuoteCharacter . $sColumn . $this->sQuoteCharacter . ')' . $this->sEndLine;
}*/
if (isset( $aParameters['PrimaryKey'] ) && $aParameters['PrimaryKey']) {
$sSQL .= ' PRIMARY KEY';
}
if (isset( $aParameters['Unique'] ) && $aParameters['Unique']) {
$sSQL .= ' UNIQUE';
}
//we need to check the property AI
if (isset( $aParameters['AI'] )) {
if ($aParameters['AI'] == 1) {
$sSQL .= ' AUTO_INCREMENT';

63
gulliver/system/class.dbMaintenance.php
View File

@@ -49,6 +49,7 @@ class DataBaseMaintenance
protected $tmpDir;
protected $outfile;
protected $infile;
protected $isWindows;
/**
* __construct
@@ -64,7 +65,7 @@ class DataBaseMaintenance
$this->tmpDir = './';
$this->link = null;
$this->dbName = null;
$this->isWindows = strtoupper(substr(PHP_OS, 0, 3)) === 'WIN';
if (isset( $host ) && isset( $user ) && isset( $passwd )) {
$this->host = $host;
$this->user = $user;
@@ -399,13 +400,22 @@ class DataBaseMaintenance
*/
function backupDataBase ($outfile)
{
$password = escapeshellarg($this->passwd);
//On Windows, escapeshellarg() instead replaces percent signs, exclamation
//marks (delayed variable substitution) and double quotes with spaces and
//adds double quotes around the string.
//See: http://php.net/manual/en/function.escapeshellarg.php
if ($this->isWindows) {
$password = $this->escapeshellargCustom($this->passwd);
}
$aHost = explode(':', $this->host);
$dbHost = $aHost[0];
if (isset($aHost[1])) {
$dbPort = $aHost[1];
$command = 'mysqldump'
. ' --user=' . $this->user
. ' --password=' . escapeshellarg($this->passwd)
. ' --password=' . $password
. ' --host=' . $dbHost
. ' --port=' . $dbPort
. ' --opt'
@@ -418,13 +428,60 @@ class DataBaseMaintenance
. ' --user=' . $this->user
. ' --opt'
. ' --skip-comments'
. ' --password=' . escapeshellarg($this->passwd)
. ' --password=' . $password
. ' ' . $this->dbName
. ' > ' . $outfile;
}
shell_exec($command);
}
/**
* string escapeshellargCustom ( string $arg , character $quotes)
*
* escapeshellarg() adds single quotes around a string and quotes/escapes any
* existing single quotes allowing you to pass a string directly to a shell
* function and having it be treated as a single safe argument. This function
* should be used to escape individual arguments to shell functions coming
* from user input. The shell functions include exec(), system() and the
* backtick operator.
*
* On Windows, escapeshellarg() instead replaces percent signs, exclamation
* marks (delayed variable substitution) and double quotes with spaces and
* adds double quotes around the string.
*/
private function escapeshellargCustom($string, $quotes = "")
{
if ($quotes === "") {
$quotes = $this->isWindows ? "\"" : "'";
}
$n = strlen($string);
$special = ["!", "%", "\""];
$substring = "";
$result1 = [];
$result2 = [];
for ($i = 0; $i < $n; $i++) {
if (in_array($string[$i], $special, true)) {
$result2[] = $string[$i];
$result1[] = $substring;
$substring = "";
} else {
$substring = $substring . $string[$i];
}
}
$result1[] = $substring;
//Rebuild the password string
$n = count($result1);
for ($i = 0; $i < $n; $i++) {
$result1[$i] = trim(escapeshellarg($result1[$i]), $quotes);
if (isset($result2[$i])) {
$result1[$i] = $result1[$i] . $result2[$i];
}
}
//add simple quotes, see escapeshellarg function
$newString = $quotes . implode("", $result1) . $quotes;
return $newString;
}
/**
* restoreFromSql
*

85
gulliver/system/class.g.php
View File

@@ -187,7 +187,7 @@ class G
* @param string $symbol
* @return string
*/
public function generate_password($length = 15, $availableSets = "luns", $symbol = "_-+=!@#$%*&,.")
public function generate_password($length = 15, $availableSets = "luns", $symbol = "_-$!")
{
$chars = "";
if (strpos($availableSets, "l") !== false) {
@@ -638,7 +638,7 @@ class G
* @param string $strSkin
* @return void
*/
public function RenderPage ($strTemplate = "default", $strSkin = SYS_SKIN, $objContent = null, $layout = '')
public static function RenderPage ($strTemplate = "default", $strSkin = SYS_SKIN, $objContent = null, $layout = '')
{
global $G_CONTENT;
global $G_TEMPLATE;
@@ -1825,6 +1825,14 @@ class G
$arrayGrid = array_unique($arrayGrid);
//Given the set: 'valueOne', 'valueOneTwo', where the second string
//contains the first string, this causes the larger string to take
//the second, resulting in a delimitation error, to avoid this problem
//we first search the string larger size.
usort($arrayGrid, function($a, $b) {
return strlen($b) - strlen($a);
});
foreach ($arrayGrid as $index => $value) {
if($value !== "") {
$grdName = $value;
@@ -1981,7 +1989,7 @@ class G
*
* @return void
*/
public function SendTemporalMessage ($msgID, $strType, $sType = 'LABEL', $time = null, $width = null, $customLabels = null)
public static function SendTemporalMessage ($msgID, $strType, $sType = 'LABEL', $time = null, $width = null, $customLabels = null)
{
if (isset( $width )) {
$_SESSION['G_MESSAGE_WIDTH'] = $width;
@@ -2912,6 +2920,16 @@ class G
return (bool) preg_match( '/^[0-9A-Za-z]{14,}/', $uid );
}
/**
* Verify if the input string is a valid UID of size 32
* @param string $uid
* @return boolean
*/
public static function verifyUniqueID32($uid)
{
return (bool) preg_match('/^[0-9A-Za-z]{32,32}$/', $uid);
}
/**
* is_utf8
*
@@ -2921,11 +2939,10 @@ class G
*/
public function is_utf8 ($string)
{
if (is_array( $string )) {
$enc = implode( '', $string );
return @! ((ord( $enc[0] ) != 239) && (ord( $enc[1] ) != 187) && (ord( $enc[2] ) != 191));
if (preg_match('//u', $string)) {
return true;
} else {
return (utf8_encode( utf8_decode( $string ) ) == $string);
return false;
}
}
@@ -3221,20 +3238,34 @@ class G
* @param (array) additional characteres map
*
*/
public function inflect ($string, $replacement = '_', $map = array())
public function inflect($string, $replacement = '_', $map = array())
{
if (is_array( $replacement )) {
if (is_array($replacement)) {
$map = $replacement;
$replacement = '_';
}
$quotedReplacement = preg_quote( $replacement, '/' );
$quotedReplacement = preg_quote($replacement, '/');
$default = array ('/à|á|å|â/' => 'a','/è|é|ê|ẽ|ë/' => 'e','/ì|í|î/' => 'i','/ò|ó|ô|ø/' => 'o','/ù|ú|ů|û/' => 'u','/ç/' => 'c','/ñ/' => 'n','/ä|æ/' => 'ae','/ö/' => 'oe','/ü/' => 'ue','/Ä/' => 'Ae','/Ü/' => 'Ue','/Ö/' => 'Oe','/ß/' => 'ss','/\.|\,|\:|\-|\\|\//' => " ",'/\\s+/' => $replacement
);
$default = array('/à|á|å|â/' => 'a',
'/è|é|ê|ẽ|ë/' => 'e',
'/ì|í|î/' => 'i',
'/ò|ó|ô|ø/' => 'o',
'/ù|ú|ů|û/' => 'u',
'/ç/' => 'c',
'/ñ/' => 'n',
'/ä|æ/' => 'ae',
'/ö/' => 'oe',
'/ü/' => 'ue',
'/Ä/' => 'Ae',
'/Ü/' => 'Ue',
'/Ö/' => 'Oe',
'/ß/' => 'ss',
'/[\.|\,|\+|\"|\:|\;|\-|\\|\/]/' => " ",
'/\\s+/' => $replacement);
$map = array_merge( $default, $map );
return preg_replace( array_keys( $map ), array_values( $map ), $string );
$map = array_merge($default, $map);
return preg_replace(array_keys($map), array_values($map), $string);
}
/**
@@ -5408,6 +5439,12 @@ class G
}
/**
* This function save history about some actions in the file audit.log
* The data is used in the Audit Log functionality
*
* @param string $actionToLog
* @param string $valueToLog
* @return void
*/
public static function auditLog($actionToLog, $valueToLog = "")
{
@@ -5416,13 +5453,25 @@ class G
$sflag = $conf->getConfiguration('AUDIT_LOG', 'log');
$sflagAudit = $sflag == 'true' ? true : false;
$ipClient = G::getIpAddress();
$userUid = 'Unknow User';
$fullName = '-';
/*----------------------------------********---------------------------------*/
$licensedFeatures = PMLicensedFeatures::getSingleton();
if ($sflagAudit && $licensedFeatures->verifyfeature('vtSeHNhT0JnSmo1bTluUVlTYUxUbUFSVStEeXVqc1pEUG5EeXc0MGd2Q3ErYz0=')) {
$username = isset($_SESSION['USER_LOGGED']) && $_SESSION['USER_LOGGED'] != '' ? $_SESSION['USER_LOGGED'] : 'Unknow User';
$fullname = isset($_SESSION['USR_FULLNAME']) && $_SESSION['USR_FULLNAME'] != '' ? $_SESSION['USR_FULLNAME'] : '-';
G::log("|". $workspace ."|". $ipClient ."|". $username . "|" . $fullname ."|" . $actionToLog . "|" . $valueToLog, PATH_DATA, "audit.log");
if (isset($_SESSION['USER_LOGGED']) && $_SESSION['USER_LOGGED'] != '') {
$userUid = $_SESSION['USER_LOGGED'];
} else {
//Get the usrUid related to the accessToken
$userUid = \ProcessMaker\Services\OAuth2\Server::getUserId();
if (!empty($userUid)) {
$oUserLogged = new \Users();
$user = $oUserLogged->loadDetails($userUid);
$fullName = $user['USR_FULLNAME'];
}
}
$fullName = isset($_SESSION['USR_FULLNAME']) && $_SESSION['USR_FULLNAME'] != '' ? $_SESSION['USR_FULLNAME'] : $fullName;
G::log("|". $workspace ."|". $ipClient ."|". $userUid . "|" . $fullName ."|" . $actionToLog . "|" . $valueToLog, PATH_DATA, "audit.log");
}
/*----------------------------------********---------------------------------*/
}
@@ -5701,7 +5750,7 @@ class G
*
* @return showRes($string)
*/
public function outRes ($sInfVar)
public static function outRes ($sInfVar)
{
echo $sInfVar;
}

2
gulliver/system/class.menu.php
View File

@@ -283,7 +283,7 @@ class Menu
*/
public function DisableOptionId($id)
{
if (array_search($id, $this->Id)) {
if (array_search($id, $this->Id) !== FALSE) {
$this->Enabled[array_search($id, $this->Id)] = 0;
}
}

2
gulliver/system/class.monologProvider.php
View File

@@ -106,11 +106,13 @@ class MonologProvider
break;
case 400://ERROR
$this->registerLogger->addError($message, $context);
break;
case 500://CRITICAL
$this->registerLogger->addCritical($message, $context);
break;
case 550://ALERT
$this->registerLogger->addAlert($message, $context);
break;
case 600://EMERGENCY
$this->registerLogger->addEmergency($message, $context);
break;

2
gulliver/system/class.pmException.php
View File

@@ -20,7 +20,7 @@ class PMException extends Exception
return __CLASS__ . ": [{$this->code}]: {$this->message}\n";
}
public function registerErrorLog($error, $token){
public static function registerErrorLog($error, $token){
$ws = (defined("SYS_SYS"))? SYS_SYS : "Wokspace Undefined";
Bootstrap::registerMonolog('ExceptionCron', 400, $error->getMessage(), array('token'=>$token), $ws, 'processmaker.log');
}

29
gulliver/system/class.rbac.php
View File

@@ -25,6 +25,9 @@
* Coral Gables, FL, 33134, USA, or email info@colosa.com.
*
*/
use ProcessMaker\Exception\RBACException;
/**
* File: $Id$
*
@@ -70,6 +73,7 @@ class RBAC
public $singleSignOn = false;
private static $instance = null;
public $authorizedActions = array();
public function __construct ()
{
@@ -147,8 +151,28 @@ class RBAC
),
'newSite.php' => array(
'newSite.php' => array('PM_SETUP_ADVANCE')
),
'emailsAjax.php' => array(
'MessageList' => array('PM_SETUP', 'PM_SETUP_LOGS'),
'updateStatusMessage' => array('PM_SETUP', 'PM_SETUP_LOGS'),
),
'processCategory_Ajax.php' => array(
'processCategoryList' => array('PM_SETUP', 'PM_SETUP_PROCESS_CATEGORIES'),
'updatePageSize' => array('PM_SETUP', 'PM_SETUP_PROCESS_CATEGORIES'),
'checkCategoryName' => array('PM_SETUP', 'PM_SETUP_PROCESS_CATEGORIES'),
'saveNewCategory' => array('PM_SETUP', 'PM_SETUP_PROCESS_CATEGORIES'),
'checkEditCategoryName' => array('PM_SETUP', 'PM_SETUP_PROCESS_CATEGORIES'),
'updateCategory' => array('PM_SETUP', 'PM_SETUP_PROCESS_CATEGORIES'),
'canDeleteCategory' => array('PM_SETUP', 'PM_SETUP_PROCESS_CATEGORIES'),
'deleteCategory' => array('PM_SETUP', 'PM_SETUP_PROCESS_CATEGORIES')
),
'emailServerAjax.php' => array(
'INS' => array('PM_SETUP'),
'UPD' => array('PM_SETUP'),
'DEL' => array('PM_SETUP'),
'LST' => array('PM_SETUP'),
'TEST' => array('PM_SETUP')
)
);
}
@@ -1545,8 +1569,7 @@ class RBAC
}
if (!$access) {
G::header('Location: /errors/error403.php');
die();
throw new RBACException('ID_ACCESS_DENIED', 403);
}
}
}

22
rbac/engine/classes/model/RbacUsers.php
View File

@@ -75,12 +75,13 @@ class RbacUsers extends BaseRbacUsers
try {
$c = new Criteria('rbac');
$c->add(RbacUsersPeer::USR_USERNAME, $sUsername);
/* @var $rs RbacUsers[] */
$rs = RbacUsersPeer::doSelect($c, Propel::getDbConnection('rbac_ro'));
if (is_array($rs) && isset($rs[0]) && is_object($rs[0]) && get_class($rs[0]) == 'RbacUsers') {
$aFields = $rs[0]->toArray(BasePeer::TYPE_FIELDNAME);
//verify password with md5, and md5 format
if (mb_strtoupper($sUsername, 'utf-8') === mb_strtoupper($aFields['USR_USERNAME'], 'utf-8')) {
if( Bootstrap::verifyHashPassword($sPassword, $aFields['USR_PASSWORD']) ) {
if( Bootstrap::verifyHashPassword($sPassword, $rs[0]->getUsrPassword()) ) {
if ($aFields['USR_DUE_DATE'] < date('Y-m-d')) {
return -4;
}
@@ -317,6 +318,25 @@ class RbacUsers extends BaseRbacUsers
throw($oError);
}
}
/**
* {@inheritdoc} except USR_PASSWORD, for security reasons.
*
* @param string $keyType One of the class type constants TYPE_PHPNAME,
* TYPE_COLNAME, TYPE_FIELDNAME, TYPE_NUM
* @return an associative array containing the field names (as keys) and field values
*/
public function toArray($keyType = BasePeer::TYPE_PHPNAME)
{
$key = RbacUsersPeer::translateFieldName(
RbacUsersPeer::USR_PASSWORD,
BasePeer::TYPE_COLNAME,
$keyType
);
$array = parent::toArray($keyType);
unset($array[$key]);
return $array;
}
}
// Users

2
workflow/engine/classes/Calendar.php
View File

@@ -828,7 +828,7 @@ class Calendar extends CalendarDefinition
$newDate = $onlyDate;
$hoursDuration -= (float)($secondRes/3600);
} else {
$newDate = date('Y-m-d H:i:s', strtotime('+' . (((float)$hoursDuration)*3600) . ' seconds', strtotime($newDate)));
$newDate = date('Y-m-d H:i:s', strtotime('+' . round((((float)$hoursDuration)*3600), 5) . ' seconds', strtotime($newDate)));
$hoursDuration = 0;
}
}

53
workflow/engine/classes/model/ListParticipatedLast.php
View File

@@ -49,19 +49,24 @@ class ListParticipatedLast extends BaseListParticipatedLast
$data['DEL_CURRENT_USR_FIRSTNAME'] = $aRow['USR_FIRSTNAME'];
$data['DEL_CURRENT_USR_LASTNAME'] = $aRow['USR_LASTNAME'];
$data['DEL_CURRENT_TAS_TITLE'] = $data['APP_TAS_TITLE'];
$currentInformation = array(
'DEL_CURRENT_USR_USERNAME' => $data['DEL_CURRENT_USR_USERNAME'],
'DEL_CURRENT_USR_FIRSTNAME' => $data['DEL_CURRENT_USR_FIRSTNAME'],
'DEL_CURRENT_USR_LASTNAME' => $data['DEL_CURRENT_USR_LASTNAME'],
'DEL_CURRENT_TAS_TITLE' => $data['APP_TAS_TITLE']
);
}
} else {
$getData['USR_UID'] = $data['USR_UID_CURRENT'];
$getData['APP_UID'] = $data['APP_UID'];
$row = $this->getRowFromList($getData);
if (is_array($row) && sizeof($row)) {
$set = array(
$currentInformation = array(
'DEL_CURRENT_USR_USERNAME' => '',
'DEL_CURRENT_USR_FIRSTNAME' => '',
'DEL_CURRENT_USR_LASTNAME' => '',
'APP_TAS_TITLE' => $data['APP_TAS_TITLE'],
'DEL_CURRENT_TAS_TITLE' => $data['APP_TAS_TITLE'], );
$this->updateCurrentUser($row, $set);
'DEL_CURRENT_TAS_TITLE' => $data['APP_TAS_TITLE']
);
}
}
@@ -84,6 +89,9 @@ class ListParticipatedLast extends BaseListParticipatedLast
if (!empty($data['APP_STATUS'])) {
$data['APP_STATUS_ID'] = Application::$app_status_values[$data['APP_STATUS']];
}
//We will update the current information
$this->updateCurrentInfoByAppUid($data['APP_UID'], $currentInformation);
$con = Propel::getConnection(ListParticipatedLastPeer::DATABASE_NAME);
try {
$this->fromArray($data, BasePeer::TYPE_FIELDNAME);
@@ -103,6 +111,27 @@ class ListParticipatedLast extends BaseListParticipatedLast
}
}
/**
* This function update the row related to the appUid with the current information
* @param string $appUid
* @param array $currentInformation
* @return void
*/
private function updateCurrentInfoByAppUid($appUid, $currentInformation)
{
//Update - WHERE
$criteriaWhere = new Criteria('workflow');
$criteriaWhere->add(ListParticipatedLastPeer::APP_UID, $appUid, Criteria::EQUAL);
//Update - SET
$criteriaSet = new Criteria('workflow');
$criteriaSet->add(ListParticipatedLastPeer::DEL_CURRENT_USR_USERNAME, $currentInformation['DEL_CURRENT_USR_USERNAME']);
$criteriaSet->add(ListParticipatedLastPeer::DEL_CURRENT_USR_FIRSTNAME, $currentInformation['DEL_CURRENT_USR_FIRSTNAME']);
$criteriaSet->add(ListParticipatedLastPeer::DEL_CURRENT_USR_LASTNAME, $currentInformation['DEL_CURRENT_USR_LASTNAME']);
$criteriaSet->add(ListParticipatedLastPeer::DEL_CURRENT_TAS_TITLE, $currentInformation['DEL_CURRENT_TAS_TITLE']);
BasePeer::doUpdate($criteriaWhere, $criteriaSet, Propel::getConnection('workflow'));
}
/**
* Update List Participated History Table.
*
@@ -448,22 +477,6 @@ class ListParticipatedLast extends BaseListParticipatedLast
return false;
}
public function updateCurrentUser($where, $set)
{
$con = Propel::getConnection('workflow');
//Update - WHERE
$criteriaWhere = new Criteria('workflow');
$criteriaWhere->add(ListParticipatedLastPeer::APP_UID, $where['APP_UID'], Criteria::EQUAL);
$criteriaWhere->add(ListParticipatedLastPeer::USR_UID, $where['USR_UID'], Criteria::EQUAL);
$criteriaWhere->add(ListParticipatedLastPeer::DEL_INDEX, $where['DEL_INDEX'], Criteria::EQUAL);
//Update - SET
$criteriaSet = new Criteria('workflow');
foreach ($set as $k => $v) {
eval('$criteriaSet->add( ListParticipatedLastPeer::'.$k.',$v, Criteria::EQUAL);');
}
BasePeer::doUpdate($criteriaWhere, $criteriaSet, $con);
}
/**
* Returns the number of cases of a user.
*

19
workflow/engine/classes/model/Users.php
View File

@@ -490,4 +490,23 @@ class Users extends BaseUsers
$criteria->add(UsersPeer::USR_ID, $id);
return UsersPeer::doSelect($criteria)[0];
}
/**
* {@inheritdoc} except USR_PASSWORD, for security reasons.
*
* @param string $keyType One of the class type constants TYPE_PHPNAME,
* TYPE_COLNAME, TYPE_FIELDNAME, TYPE_NUM
* @return an associative array containing the field names (as keys) and field values
*/
public function toArray($keyType = BasePeer::TYPE_PHPNAME)
{
$key = UsersPeer::translateFieldName(
UsersPeer::USR_PASSWORD,
BasePeer::TYPE_COLNAME,
$keyType
);
$array = parent::toArray($keyType);
unset($array[$key]);
return $array;
}
}

32
workflow/engine/controllers/pmTables.php
View File

@@ -152,6 +152,11 @@ class pmTables extends Controller
$sFileName = $httpData->f;
$realPath = $PUBLIC_ROOT_PATH . $sFileName;
if ($this->isValidFileToBeStreamed($sFileName) === false) {
throw new Exception("You are trying to access an unauthorized resource.");
}
G::streamFile( $realPath, true );
unlink( $realPath );
}
@@ -206,5 +211,32 @@ class pmTables extends Controller
$tableSize = $tableSize - 8; // Prefix PMT_
return $tableSize;
}
/**
* Validates if the file with the $fileName is a valid one,
* that is, it must be a file without relative references that
* can open a door to get some unauthorized system file and
* must have one of the valid file extensions.
*
* @param $fileName, emporal file name that will be streamed
* @return bool
*/
private function isValidFileToBeStreamed($fileName)
{
$result = true;
$validExtensionsForExporting = ['csv', 'pmt'];
$pathInfo = pathinfo($fileName);
if ($pathInfo['dirname'] !== '.') {
$result = false;
}
if (!in_array($pathInfo['extension'], $validExtensionsForExporting)) {
$result = false;
}
return $result;
}
}

2
workflow/engine/methods/emailServer/emailServerAjax.php
View File

@@ -1,8 +1,8 @@
<?php
$option = (isset($_POST["option"]))? $_POST["option"] : "";
$response = array();
$RBAC->allows(basename(__FILE__), $option);
switch ($option) {
case "INS":
$arrayData = array();

21
workflow/engine/methods/login/login.php
View File

@@ -33,10 +33,23 @@ if ($browserSupported==false){
/*----------------------------------********---------------------------------*/
$aFields = array();
if (!isset($_GET['u'])) {
$aFields['URL'] = '';
} else {
$aFields['URL'] = htmlspecialchars(addslashes(stripslashes(strip_tags(trim(urldecode($_GET['u']))))));
//Validated redirect url
$aFields['URL'] = '';
if (!empty($_GET['u'])) {
//clean url with protocols
$flagUrl = true;
//Most used protocols
$protocols = ['https://', 'http://', 'ftp://', 'sftp://','smb://', 'file:', 'mailto:'];
foreach ($protocols as $protocol) {
if (strpos($_GET['u'], $protocol) !== false) {
$_GET['u'] = '';
$flagUrl = false;
break;
}
}
if ($flagUrl) {
$aFields['URL'] = htmlspecialchars(addslashes(stripslashes(strip_tags(trim(urldecode($_GET['u']))))));
}
}
if (!isset($_SESSION['G_MESSAGE'])) {

147
workflow/engine/methods/mails/emailsAjax.php
View File

@@ -1,23 +1,33 @@
<?php
$req = (isset($_POST['request']))? $_POST['request']:((isset($_REQUEST['request']))? $_REQUEST['request'] : 'No hayyy tal');
require_once 'classes/model/Content.php';
require_once 'classes/model/AppMessage.php';
require_once 'classes/model/AppDelegation.php';
require_once 'classes/model/Application.php';
use ProcessMaker\Exception\RBACException;
switch($req){
$req = (isset($_REQUEST['request']) ? $_REQUEST['request'] : '');
/** @var RBAC $RBAC */
global $RBAC;
switch ($RBAC->userCanAccess('PM_LOGIN')) {
case -2:
throw new RBACException('ID_USER_HAVENT_RIGHTS_SYSTEM', -2);
break;
case -1:
throw new RBACException('ID_USER_HAVENT_RIGHTS_PAGE', -1);
break;
}
$RBAC->allows(basename(__FILE__), $req);
switch ($req) {
case 'MessageList':
$start = (isset($_REQUEST['start']))? $_REQUEST['start'] : '0';
$limit = (isset($_REQUEST['limit']))? $_REQUEST['limit'] : '25';
$proUid = (isset($_REQUEST['process']))? $_REQUEST['process'] : '';
$eventype = (isset($_REQUEST['type']))? $_REQUEST['type'] : '';
$emailStatus = (isset($_REQUEST['status']))? $_REQUEST['status'] : '';
$sort = isset($_REQUEST['sort']) ? $_REQUEST['sort'] : '';
$dir = isset($_REQUEST['dir']) ? $_REQUEST['dir'] : 'ASC';
$dateFrom = isset( $_POST["dateFrom"] ) ? substr( $_POST["dateFrom"], 0, 10 ) : "";
$dateTo = isset( $_POST["dateTo"] ) ? substr( $_POST["dateTo"], 0, 10 ) : "";
$filterBy = (isset($_REQUEST['filterBy']))? $_REQUEST['filterBy'] : 'ALL';
$start = (isset($_REQUEST['start'])) ? $_REQUEST['start'] : '0';
$limit = (isset($_REQUEST['limit'])) ? $_REQUEST['limit'] : '25';
$proUid = (isset($_REQUEST['process'])) ? $_REQUEST['process'] : '';
$eventype = (isset($_REQUEST['type'])) ? $_REQUEST['type'] : '';
$emailStatus = (isset($_REQUEST['status'])) ? $_REQUEST['status'] : '';
$sort = isset($_REQUEST['sort']) ? $_REQUEST['sort'] : '';
$dir = isset($_REQUEST['dir']) ? $_REQUEST['dir'] : 'ASC';
$dateFrom = isset($_POST["dateFrom"]) ? substr($_POST["dateFrom"], 0, 10) : "";
$dateTo = isset($_POST["dateTo"]) ? substr($_POST["dateTo"], 0, 10) : "";
$filterBy = (isset($_REQUEST['filterBy'])) ? $_REQUEST['filterBy'] : 'ALL';
$response = new stdclass();
$response->status = 'OK';
@@ -28,10 +38,10 @@ switch($req){
$criteria->addJoin(AppMessagePeer::APP_UID, ApplicationPeer::APP_UID, Criteria::LEFT_JOIN);
if ($emailStatus != '') {
$criteria->add( AppMessagePeer::APP_MSG_STATUS, $emailStatus);
$criteria->add(AppMessagePeer::APP_MSG_STATUS, $emailStatus);
}
if ($proUid != '') {
$criteria->add( ApplicationPeer::PRO_UID, $proUid);
$criteria->add(ApplicationPeer::PRO_UID, $proUid);
}
$arrayType = [];
@@ -39,7 +49,7 @@ switch($req){
$pluginRegistry = PMPluginRegistry::getSingleton();
$statusEr = $pluginRegistry->getStatusPlugin('externalRegistration');
$flagEr = (preg_match('/^enabled$/', $statusEr))? 1 : 0;
$flagEr = (preg_match('/^enabled$/', $statusEr)) ? 1 : 0;
if ($flagEr == 0) {
$arrayType[] = 'EXTERNAL_REGISTRATION';
@@ -73,14 +83,14 @@ switch($req){
$dateTo = $dateTo . " 23:59:59";
}
$criteria->add( $criteria->getNewCriterion( AppMessagePeer::APP_MSG_DATE, $dateFrom, Criteria::GREATER_EQUAL )->addAnd( $criteria->getNewCriterion( AppMessagePeer::APP_MSG_DATE, $dateTo, Criteria::LESS_EQUAL ) ) );
$criteria->add($criteria->getNewCriterion(AppMessagePeer::APP_MSG_DATE, $dateFrom, Criteria::GREATER_EQUAL)->addAnd($criteria->getNewCriterion(AppMessagePeer::APP_MSG_DATE, $dateTo, Criteria::LESS_EQUAL)));
} else {
$dateFrom = $dateFrom . " 00:00:00";
$criteria->add( AppMessagePeer::APP_MSG_DATE, $dateFrom, Criteria::GREATER_EQUAL );
$criteria->add(AppMessagePeer::APP_MSG_DATE, $dateFrom, Criteria::GREATER_EQUAL);
}
} elseif ($dateTo != "") {
$dateTo = $dateTo . " 23:59:59";
$criteria->add( AppMessagePeer::APP_MSG_DATE, $dateTo, Criteria::LESS_EQUAL );
$criteria->add(AppMessagePeer::APP_MSG_DATE, $dateTo, Criteria::LESS_EQUAL);
}
//Number records total
@@ -118,10 +128,10 @@ switch($req){
$criteria->addSelectColumn(ProcessPeer::PRO_TITLE);
if ($emailStatus != '') {
$criteria->add( AppMessagePeer::APP_MSG_STATUS, $emailStatus);
$criteria->add(AppMessagePeer::APP_MSG_STATUS, $emailStatus);
}
if ($proUid != '') {
$criteria->add( ApplicationPeer::PRO_UID, $proUid);
$criteria->add(ApplicationPeer::PRO_UID, $proUid);
}
switch ($filterBy) {
@@ -152,24 +162,27 @@ switch($req){
$dateTo = $dateTo . " 23:59:59";
}
$criteria->add( $criteria->getNewCriterion( AppMessagePeer::APP_MSG_DATE, $dateFrom, Criteria::GREATER_EQUAL )->addAnd( $criteria->getNewCriterion( AppMessagePeer::APP_MSG_DATE, $dateTo, Criteria::LESS_EQUAL ) ) );
$criteria->add($criteria->getNewCriterion(AppMessagePeer::APP_MSG_DATE, $dateFrom, Criteria::GREATER_EQUAL)->addAnd($criteria->getNewCriterion(AppMessagePeer::APP_MSG_DATE, $dateTo, Criteria::LESS_EQUAL)));
} else {
$dateFrom = $dateFrom . " 00:00:00";
$criteria->add( AppMessagePeer::APP_MSG_DATE, $dateFrom, Criteria::GREATER_EQUAL );
$criteria->add(AppMessagePeer::APP_MSG_DATE, $dateFrom, Criteria::GREATER_EQUAL);
}
} elseif ($dateTo != "") {
$dateTo = $dateTo . " 23:59:59";
$criteria->add( AppMessagePeer::APP_MSG_DATE, $dateTo, Criteria::LESS_EQUAL );
$criteria->add(AppMessagePeer::APP_MSG_DATE, $dateTo, Criteria::LESS_EQUAL);
}
if ($sort != '') {
if (!in_array($sort, AppMessagePeer::getFieldNames(BasePeer::TYPE_FIELDNAME))) {
throw new Exception(G::LoadTranslation('ID_INVALID_VALUE_FOR', array('$sort')));
}
if ($dir == 'ASC') {
$criteria->addAscendingOrderByColumn($sort);
} else {
$criteria->addDescendingOrderByColumn($sort);
}
} else {
$oCriteria->addDescendingOrderByColumn(AppMessagePeer::APP_MSG_SEND_DATE );
$oCriteria->addDescendingOrderByColumn(AppMessagePeer::APP_MSG_SEND_DATE);
}
if ($limit != '') {
$criteria->setLimit($limit);
@@ -187,60 +200,60 @@ switch($req){
$index = 1;
$content = new Content();
$tasTitleDefault = G::LoadTranslation('ID_TASK_NOT_RELATED');
while ( $result->next() ) {
while ($result->next()) {
$row = $result->getRow();
$row['APP_MSG_FROM'] =htmlentities($row['APP_MSG_FROM'], ENT_QUOTES, "UTF-8");
$row['APP_MSG_STATUS'] = ucfirst ( $row['APP_MSG_STATUS']);
$row['APP_MSG_FROM'] = htmlentities($row['APP_MSG_FROM'], ENT_QUOTES, "UTF-8");
$row['APP_MSG_STATUS'] = ucfirst($row['APP_MSG_STATUS']);
switch ($filterBy) {
case 'CASES':
if ($row['DEL_INDEX'] != 0) {
$index = $row['DEL_INDEX'];
}
case 'CASES':
if ($row['DEL_INDEX'] != 0) {
$index = $row['DEL_INDEX'];
}
$criteria = new Criteria();
$criteria = new Criteria();
$criteria->addSelectColumn(AppCacheViewPeer::APP_TITLE);
$criteria->addSelectColumn(AppCacheViewPeer::APP_TAS_TITLE);
$criteria->add(AppCacheViewPeer::APP_UID, $row['APP_UID'], Criteria::EQUAL);
$criteria->add(AppCacheViewPeer::DEL_INDEX, $index, Criteria::EQUAL);
$criteria->addSelectColumn(AppCacheViewPeer::APP_TITLE);
$criteria->addSelectColumn(AppCacheViewPeer::APP_TAS_TITLE);
$criteria->add(AppCacheViewPeer::APP_UID, $row['APP_UID'], Criteria::EQUAL);
$criteria->add(AppCacheViewPeer::DEL_INDEX, $index, Criteria::EQUAL);
$resultCacheView = AppCacheViewPeer::doSelectRS($criteria);
$resultCacheView->setFetchmode(ResultSet::FETCHMODE_ASSOC);
$resultCacheView = AppCacheViewPeer::doSelectRS($criteria);
$resultCacheView->setFetchmode(ResultSet::FETCHMODE_ASSOC);
$row['APP_TITLE'] = '-';
$row['APP_TITLE'] = '-';
while ($resultCacheView->next()) {
$rowCacheView = $resultCacheView->getRow();
$row['APP_TITLE'] = $rowCacheView['APP_TITLE'];
$row['TAS_TITLE'] = $rowCacheView['APP_TAS_TITLE'];
}
while ($resultCacheView->next()) {
$rowCacheView = $resultCacheView->getRow();
$row['APP_TITLE'] = $rowCacheView['APP_TITLE'];
$row['TAS_TITLE'] = $rowCacheView['APP_TAS_TITLE'];
}
if ($row['DEL_INDEX'] == 0) {
$row['TAS_TITLE'] = $tasTitleDefault;
}
break;
case 'TEST':
$row['PRO_UID'] = '';
$row['APP_NUMBER'] = '';
$row['PRO_TITLE'] = '';
$row['APP_TITLE'] = '';
$row['TAS_TITLE'] = '';
break;
case 'EXTERNAL-REGISTRATION':
$row['PRO_UID'] = '';
$row['APP_NUMBER'] = '';
$row['PRO_TITLE'] = '';
$row['APP_TITLE'] = '';
$row['TAS_TITLE'] = '';
break;
if ($row['DEL_INDEX'] == 0) {
$row['TAS_TITLE'] = $tasTitleDefault;
}
break;
case 'TEST':
$row['PRO_UID'] = '';
$row['APP_NUMBER'] = '';
$row['PRO_TITLE'] = '';
$row['APP_TITLE'] = '';
$row['TAS_TITLE'] = '';
break;
case 'EXTERNAL-REGISTRATION':
$row['PRO_UID'] = '';
$row['APP_NUMBER'] = '';
$row['PRO_TITLE'] = '';
$row['APP_TITLE'] = '';
$row['TAS_TITLE'] = '';
break;
}
$data[] = $row;
}
$response = array();
$response['totalCount'] = $totalCount;
$response['data'] = $data;
$response['data'] = $data;
die(G::json_encode($response));
break;
case 'updateStatusMessage':

26
workflow/engine/methods/processCategory/processCategoryList.php
View File

@@ -21,14 +21,18 @@
* For more information, contact Colosa Inc, 2566 Le Jeune Rd.,
* Coral Gables, FL, 33134, USA, or email info@colosa.com.
*/
if ($RBAC->userCanAccess( 'PM_SETUP' ) != 1 && $RBAC->userCanAccess( 'PM_SETUP_ADVANCE' ) != 1) {
G::SendTemporalMessage( 'krlos', 'error', 'labels' );
die();
use ProcessMaker\Exception\RBACException;
/** @var RBAC $RBAC */
global $RBAC;
if ($RBAC->userCanAccess('PM_SETUP') != 1 && $RBAC->userCanAccess('PM_SETUP_PROCESS_CATEGORIES') != 1) {
throw new RBACException('ID_USER_HAVENT_RIGHTS_PAGE', -1);
}
$c = new Configurations();
$configPage = $c->getConfiguration( 'processCategoryList', 'pageSize', '', $_SESSION['USER_LOGGED'] );
$Config['pageSize'] = isset( $configPage['pageSize'] ) ? $configPage['pageSize'] : 20;
$configPage = $c->getConfiguration('processCategoryList', 'pageSize', '', $_SESSION['USER_LOGGED']);
$Config['pageSize'] = isset($configPage['pageSize']) ? $configPage['pageSize'] : 20;
$G_MAIN_MENU = 'workflow';
$G_SUB_MENU = 'processCategory';
@@ -37,9 +41,9 @@ $G_ID_SUB_MENU_SELECTED = '';
$G_PUBLISH = new Publisher();
$oHeadPublisher = & headPublisher::getSingleton();
$oHeadPublisher->addExtJsScript( 'processCategory/processCategoryList', false ); //adding a javascript file .js
$oHeadPublisher->addContent( 'processCategory/processCategoryList' ); //adding a html file .html.
$oHeadPublisher->assign( 'FORMATS', $c->getFormats() );
$oHeadPublisher->assign( 'CONFIG', $Config );
G::RenderPage( 'publish', 'extJs' );
$oHeadPublisher = &headPublisher::getSingleton();
$oHeadPublisher->addExtJsScript('processCategory/processCategoryList', false); //adding a javascript file .js
$oHeadPublisher->addContent('processCategory/processCategoryList'); //adding a html file .html.
$oHeadPublisher->assign('FORMATS', $c->getFormats());
$oHeadPublisher->assign('CONFIG', $Config);
G::RenderPage('publish', 'extJs');

149
workflow/engine/methods/processCategory/processCategory_Ajax.php
View File

@@ -22,158 +22,171 @@
* Coral Gables, FL, 33134, USA, or email info@colosa.com.
*/
if (isset( $_REQUEST['action'] )) {
use ProcessMaker\Exception\RBACException;
/** @var RBAC $RBAC */
global $RBAC;
switch ($RBAC->userCanAccess('PM_LOGIN')) {
case -2:
throw new RBACException('ID_USER_HAVENT_RIGHTS_SYSTEM', -2);
break;
case -1:
throw new RBACException('ID_USER_HAVENT_RIGHTS_PAGE', -1);
break;
}
$RBAC->allows(basename(__FILE__), $_REQUEST['action']);
if (isset($_REQUEST['action'])) {
switch ($_REQUEST['action']) {
case 'processCategoryList':
$co = new Configurations();
$config = $co->getConfiguration( 'processCategoryList', 'pageSize', '', $_SESSION['USER_LOGGED'] );
$limit_size = isset( $config['pageSize'] ) ? $config['pageSize'] : 20;
$config = $co->getConfiguration('processCategoryList', 'pageSize', '', $_SESSION['USER_LOGGED']);
$limit_size = isset($config['pageSize']) ? $config['pageSize'] : 20;
$start = isset( $_POST['start'] ) ? $_POST['start'] : 0;
$limit = isset( $_POST['limit'] ) ? $_POST['limit'] : $limit_size;
$filter = isset( $_REQUEST['textFilter'] ) ? $_REQUEST['textFilter'] : '';
$dir = isset( $_POST['dir'] ) ? $_POST['dir'] : 'ASC';
$sort = isset( $_POST['sort'] ) ? $_POST['sort'] : 'CATEGORY_NAME';
$start = isset($_POST['start']) ? $_POST['start'] : 0;
$limit = isset($_POST['limit']) ? $_POST['limit'] : $limit_size;
$filter = isset($_REQUEST['textFilter']) ? $_REQUEST['textFilter'] : '';
$dir = isset($_POST['dir']) ? $_POST['dir'] : 'ASC';
$sort = isset($_POST['sort']) ? $_POST['sort'] : 'CATEGORY_NAME';
$oCriteria = new Criteria( 'workflow' );
$oCriteria->addSelectColumn( 'COUNT(*) AS CNT' );
$oCriteria->add( ProcessCategoryPeer::CATEGORY_UID, '', Criteria::NOT_EQUAL );
$oCriteria = new Criteria('workflow');
$oCriteria->addSelectColumn('COUNT(*) AS CNT');
$oCriteria->add(ProcessCategoryPeer::CATEGORY_UID, '', Criteria::NOT_EQUAL);
if ($filter != '') {
$oCriteria->add( ProcessCategoryPeer::CATEGORY_NAME, '%' . $filter . '%', Criteria::LIKE );
$oCriteria->add(ProcessCategoryPeer::CATEGORY_NAME, '%' . $filter . '%', Criteria::LIKE);
}
$oDat = ProcessCategoryPeer::doSelectRS( $oCriteria );
$oDat->setFetchmode( ResultSet::FETCHMODE_ASSOC );
$oDat = ProcessCategoryPeer::doSelectRS($oCriteria);
$oDat->setFetchmode(ResultSet::FETCHMODE_ASSOC);
$oDat->next();
$row = $oDat->getRow();
$total_categories = $row['CNT'];
$oCriteria->clear();
$oCriteria->addSelectColumn( ProcessCategoryPeer::CATEGORY_UID );
$oCriteria->addSelectColumn( ProcessCategoryPeer::CATEGORY_NAME );
$oCriteria->add( ProcessCategoryPeer::CATEGORY_UID, '', Criteria::NOT_EQUAL );
$oCriteria->addSelectColumn(ProcessCategoryPeer::CATEGORY_UID);
$oCriteria->addSelectColumn(ProcessCategoryPeer::CATEGORY_NAME);
$oCriteria->add(ProcessCategoryPeer::CATEGORY_UID, '', Criteria::NOT_EQUAL);
if ($filter != '') {
$oCriteria->add( ProcessCategoryPeer::CATEGORY_NAME, '%' . $filter . '%', Criteria::LIKE );
$oCriteria->add(ProcessCategoryPeer::CATEGORY_NAME, '%' . $filter . '%', Criteria::LIKE);
}
//SQL Injection via 'sort' parameter
if (!in_array($sort, array_merge(ProcessCategoryPeer::getFieldNames(BasePeer::TYPE_FIELDNAME), ['TOTAL_PROCESSES']))) {
throw new Exception(G::LoadTranslation('ID_INVALID_VALUE_FOR', array('$sort')));
}
if ($dir == "DESC") {
$oCriteria->addDescendingOrderByColumn($sort);
} else {
$oCriteria->addAscendingOrderByColumn($sort);
}
$oCriteria->setLimit( $limit );
$oCriteria->setOffset( $start );
$oDataset = ProcessCategoryPeer::doSelectRS( $oCriteria );
$oDataset->setFetchmode( ResultSet::FETCHMODE_ASSOC );
$oCriteria->setLimit($limit);
$oCriteria->setOffset($start);
$oDataset = ProcessCategoryPeer::doSelectRS($oCriteria);
$oDataset->setFetchmode(ResultSet::FETCHMODE_ASSOC);
$proc = new Process();
$aProcess = $proc->getAllProcessesByCategory();
$result = "";
$aCat = array ();
$result = [];
$aCat = array();
while ($oDataset->next()) {
$aCat[] = $oDataset->getRow();
$index = sizeof( $aCat ) - 1;
$aCat[$index]['TOTAL_PROCESSES'] = isset( $aProcess[$aCat[$index]['CATEGORY_UID']] ) ? $aProcess[$aCat[$index]['CATEGORY_UID']] : 0;
$index = sizeof($aCat) - 1;
$aCat[$index]['TOTAL_PROCESSES'] = isset($aProcess[$aCat[$index]['CATEGORY_UID']]) ? $aProcess[$aCat[$index]['CATEGORY_UID']] : 0;
}
$result['data'] = $aCat;
$result['totalCount'] = $total_categories;
echo G::json_encode( $result );
echo G::json_encode($result);
break;
case 'updatePageSize':
$c = new Configurations();
$arr['pageSize'] = $_REQUEST['size'];
$arr['dateSave'] = date( 'Y-m-d H:i:s' );
$config = Array ();
$arr['dateSave'] = date('Y-m-d H:i:s');
$config = Array();
$config[] = $arr;
$c->aConfig = $config;
$c->saveConfig( 'processCategoryList', 'pageSize', '', $_SESSION['USER_LOGGED'] );
$c->saveConfig('processCategoryList', 'pageSize', '', $_SESSION['USER_LOGGED']);
echo '{success: true}';
break;
case 'checkCategoryName':
require_once 'classes/model/ProcessCategory.php';
$catName = $_REQUEST['cat_name'];
$oCriteria = new Criteria( 'workflow' );
$oCriteria->addSelectColumn( ProcessCategoryPeer::CATEGORY_NAME );
$oCriteria->add( ProcessCategoryPeer::CATEGORY_NAME, $catName );
$oDataset = ProcessCategoryPeer::doSelectRS( $oCriteria );
$oDataset->setFetchmode( ResultSet::FETCHMODE_ASSOC );
$oCriteria = new Criteria('workflow');
$oCriteria->addSelectColumn(ProcessCategoryPeer::CATEGORY_NAME);
$oCriteria->add(ProcessCategoryPeer::CATEGORY_NAME, $catName);
$oDataset = ProcessCategoryPeer::doSelectRS($oCriteria);
$oDataset->setFetchmode(ResultSet::FETCHMODE_ASSOC);
$oDataset->next();
$row = $oDataset->getRow();
$response = isset( $row['CATEGORY_NAME'] ) ? 'false' : 'true';
$response = isset($row['CATEGORY_NAME']) ? 'false' : 'true';
echo $response;
break;
case 'saveNewCategory':
try {
require_once 'classes/model/ProcessCategory.php';
$catName = trim( $_REQUEST['category'] );
$catName = trim($_REQUEST['category']);
$pcat = new ProcessCategory();
$pcat->setNew( true );
$pcat->setCategoryUid( G::GenerateUniqueID() );
$pcat->setCategoryName( $catName );
$pcat->setNew(true);
$pcat->setCategoryUid(G::GenerateUniqueID());
$pcat->setCategoryName($catName);
$pcat->save();
G::auditLog("CreateCategory", "Category Name: ".$catName);
G::auditLog("CreateCategory", "Category Name: " . $catName);
echo '{success: true}';
} catch (Exception $ex) {
$varEcho = '{success: false, error: ' . $ex->getMessage() . '}';
G::outRes( $varEcho );
G::outRes($varEcho);
}
break;
case 'checkEditCategoryName':
require_once 'classes/model/ProcessCategory.php';
$catUID = $_REQUEST['cat_uid'];
$catName = $_REQUEST['cat_name'];
$oCriteria = new Criteria( 'workflow' );
$oCriteria->addSelectColumn( ProcessCategoryPeer::CATEGORY_NAME );
$oCriteria->add( ProcessCategoryPeer::CATEGORY_NAME, $catName );
$oCriteria->add( ProcessCategoryPeer::CATEGORY_UID, $catUID, Criteria::NOT_EQUAL );
$oDataset = ProcessCategoryPeer::doSelectRS( $oCriteria );
$oDataset->setFetchmode( ResultSet::FETCHMODE_ASSOC );
$oCriteria = new Criteria('workflow');
$oCriteria->addSelectColumn(ProcessCategoryPeer::CATEGORY_NAME);
$oCriteria->add(ProcessCategoryPeer::CATEGORY_NAME, $catName);
$oCriteria->add(ProcessCategoryPeer::CATEGORY_UID, $catUID, Criteria::NOT_EQUAL);
$oDataset = ProcessCategoryPeer::doSelectRS($oCriteria);
$oDataset->setFetchmode(ResultSet::FETCHMODE_ASSOC);
$oDataset->next();
$row = $oDataset->getRow();
$response = isset( $row['CATEGORY_NAME'] ) ? 'false' : 'true';
$response = isset($row['CATEGORY_NAME']) ? 'false' : 'true';
echo $response;
break;
case 'updateCategory':
try {
require_once 'classes/model/ProcessCategory.php';
$catUID = $_REQUEST['cat_uid'];
$catName = trim( $_REQUEST['category'] );
$catName = trim($_REQUEST['category']);
$pcat = new ProcessCategory();
$pcat->setNew( false );
$pcat->setCategoryUid( $catUID );
$pcat->setCategoryName( $catName );
$pcat->setNew(false);
$pcat->setCategoryUid($catUID);
$pcat->setCategoryName($catName);
$pcat->save();
g::auditLog("UpdateCategory", "Category Name: ".$catName." Category ID: (".$catUID.") ");
g::auditLog("UpdateCategory", "Category Name: " . $catName . " Category ID: (" . $catUID . ") ");
echo '{success: true}';
} catch (Exception $ex) {
$varEcho = '{success: false, error: ' . $ex->getMessage() . '}';
G::outRes( $varEcho );
G::outRes($varEcho);
}
break;
case 'canDeleteCategory':
require_once 'classes/model/Process.php';
$proc = new Process();
$aProcess = $proc->getAllProcessesByCategory();
$catUID = $_REQUEST['CAT_UID'];
$response = isset( $aProcess[$catUID] ) ? 'false' : 'true';
$response = isset($aProcess[$catUID]) ? 'false' : 'true';
echo $response;
break;
case 'deleteCategory':
try {
require_once 'classes/model/ProcessCategory.php';
$catUID = $_REQUEST['cat_uid'];
$cat = new ProcessCategory();
$cat->setCategoryUid( $catUID );
$catName = $cat->loadByCategoryId( $catUID );
$cat->setCategoryUid($catUID);
$catName = $cat->loadByCategoryId($catUID);
$cat->delete();
G::auditLog("DeleteCategory", "Category Name: ".$catName." Category ID: (".$catUID.") ");
G::auditLog("DeleteCategory", "Category Name: " . $catName . " Category ID: (" . $catUID . ") ");
$varEcho = '{success: true}';
G::outRes( $varEcho );
G::outRes($varEcho);
} catch (Exception $ex) {
$token = strtotime("now");
PMException::registerErrorLog($ex, $token);
$resJson = '{success: false, error: ' . G::LoadTranslation("ID_EXCEPTION_LOG_INTERFAZ", array($token)) . '}';
G::outRes( $resJson );
G::outRes($resJson);
}
break;
default:

3
workflow/engine/methods/processes/processes_Export.php
View File

@@ -21,6 +21,7 @@
* For more information, contact Colosa Inc, 2566 Le Jeune Rd.,
* Coral Gables, FL, 33134, USA, or email info@colosa.com.
*/
use ProcessMaker\Util\Common;
$response = new StdClass();
$outputDir = PATH_DATA . "sites" . PATH_SEP . SYS_SYS . PATH_SEP . "files" . PATH_SEP . "output" . PATH_SEP;
@@ -42,7 +43,7 @@ try {
$projectName = $exporter->getProjectName();
$getProjectName = $exporter->truncateName($projectName, false);
$version = ProcessMaker\Util\Common::getLastVersion($outputDir . $getProjectName . "-*.pmx") + 1;
$version = Common::getLastVersionSpecialCharacters($outputDir, $getProjectName, "pmx") + 1;
$outputFilename = sprintf("%s-%s.%s", str_replace(" ", "_", $getProjectName), $version, "pmx");
$outputFilename = $exporter->saveExport($outputDir . $outputFilename);
/*----------------------------------********---------------------------------*/

413
workflow/engine/methods/services/soap.php
View File

@@ -1,413 +0,0 @@
<?php
ini_set( "soap.wsdl_cache_enabled", "0" ); // disabling WSDL cache
$wsdl = PATH_METHODS . "services" . PATH_SEP . "pmos.wsdl";
function login ($params)
{
$ws = new wsBase();
$res = $ws->login( $params->userid, $params->password );
return $res->getPayloadArray();
}
function ProcessList ($params)
{
$x = ifPermission( $params->sessionId, 'PM_FACTORY' );
//if you are not an admin user, then this function will return only
//your valid process
if ($x == 0) {
$oSessions = new Sessions();
$session = $oSessions->getSessionUser( $params->sessionId );
$userId = $session['USR_UID'];
$ws = new wsBase();
$res = $ws->processListVerified( $userId );
return $res;
}
$ws = new wsBase();
$res = $ws->processList();
return array ("processes" => $res
);
}
function RoleList ($params)
{
$x = ifPermission( $params->sessionId, 'PM_USERS' );
if ($x == 0) {
$result[] = array ('guid' => 24,'name' => G::LoadTranslation('ID_NOT_PRIVILEGES'));
return $result;
}
$ws = new wsBase();
$res = $ws->roleList();
return array ("roles" => $res
);
}
function GroupList ($params)
{
$x = ifPermission( $params->sessionId, 'PM_USERS' );
if ($x == 0) {
$result[] = array ('guid' => 24,'name' => G::LoadTranslation('ID_NOT_PRIVILEGES'));
return $result;
}
$ws = new wsBase();
$res = $ws->groupList();
return array ("groups" => $res
);
}
function CaseList ($params)
{
ifSessionExpiredBreakThis( $params->sessionId );
$x = ifPermission( $params->sessionId, 'PM_CASES' );
if ($x == 0) {
return new wsResponse( 9, G::LoadTranslation('ID_SESSION_EXPIRED') );
}
$oSessions = new Sessions();
$session = $oSessions->getSessionUser( $params->sessionId );
$userId = $session['USR_UID'];
$ws = new wsBase();
$res = $ws->caseList( $userId );
return array ("cases" => $res
);
}
function UserList ($params)
{
$x = ifPermission( $params->sessionId, 'PM_USERS' );
if ($x == 0) {
$result[] = array ('guid' => 24,'name' => G::LoadTranslation('ID_NOT_PRIVILEGES') );
return $result;
}
$ws = new wsBase();
$res = $ws->userList();
return array ("users" => $res
);
}
function SendMessage ($params)
{
ifSessionExpiredBreakThis( $params->sessionId );
$x = ifPermission( $params->sessionId, 'PM_CASES' );
if ($x == 0) {
$result = new wsResponse( 24, G::LoadTranslation('ID_NOT_PRIVILEGES') );
return $result;
}
$ws = new wsBase();
$res = $ws->sendMessage( $params->caseId, $params->from, $params->to, $params->cc, $params->bcc, $params->subject, $params->template );
return $res->getPayloadArray();
}
function getCaseInfo ($params)
{
ifSessionExpiredBreakThis( $params->sessionId );
$x = ifPermission( $params->sessionId, 'PM_CASES' );
if ($x == 0) {
$result = new wsResponse( 24, "You do not have privileges" );
return $result;
}
$ws = new wsBase();
$res = $ws->getCaseInfo( $params->caseId, $params->delIndex );
return $res;
}
function SendVariables ($params)
{
$filter = new InputFilter();
ifSessionExpiredBreakThis( $params->sessionId );
$x = ifPermission( $params->sessionId, 'PM_CASES' );
if ($x == 0) {
$result = new wsResponse( 24, G::LoadTranslation('ID_NOT_PRIVILEGES') );
return $result;
}
$ws = new wsBase();
$variables = $params->variables;
if (is_object( $variables )) {
$Fields[$variables->name] = $variables->value;
}
if (is_array( $variables )) {
foreach ($variables as $key => $val) {
$name = $val->name;
$value = $val->value;
$val->name = $filter->validateInput($val->name);
$val->value = $filter->validateInput($val->value);
eval( '$Fields[ ' . $val->name . ' ]= $val->value ;' );
}
}
$params->variables = $Fields;
$res = $ws->sendVariables( $params->caseId, $params->variables );
return $res->getPayloadArray();
}
function GetVariables ($params)
{
ifSessionExpiredBreakThis( $params->sessionId );
$x = ifPermission( $params->sessionId, 'PM_CASES' );
if ($x == 0) {
$result = new wsResponse( 24, G::LoadTranslation('ID_NOT_PRIVILEGES') );
return $result;
}
$ws = new wsBase();
$res = $ws->getVariables( $params->caseId, $params->variables );
return array ("variables" => $res
);
}
function DerivateCase ($params)
{
ifSessionExpiredBreakThis( $params->sessionId );
$x = ifPermission( $params->sessionId, 'PM_CASES' );
if ($x == 0) {
$result = new wsResponse( 24, G::LoadTranslation('ID_NOT_PRIVILEGES') );
return $result;
}
$oSession = new Sessions();
$user = $oSession->getSessionUser( $params->sessionId );
$ws = new wsBase();
$res = $ws->derivateCase( $user['USR_UID'], $params->caseId, $params->delIndex );
return $res;
//return $res->getPayloadArray ( );
}
function executeTrigger ($params)
{
ifSessionExpiredBreakThis( $params->sessionId );
$x = ifPermission( $params->sessionId, 'PM_CASES' );
if ($x == 0) {
$result = new wsResponse( 24, G::LoadTranslation('ID_NOT_PRIVILEGES') );
return $result;
}
$oSession = new Sessions();
$user = $oSession->getSessionUser( $params->sessionId );
$ws = new wsBase();
$delIndex = (isset( $params->delIndex )) ? $params->delIndex : 1;
$res = $ws->executeTrigger( $user['USR_UID'], $params->caseId, $params->triggerIndex, $delIndex );
return $res->getPayloadArray();
}
function NewCaseImpersonate ($params)
{
$filter = new InputFilter();
ifSessionExpiredBreakThis( $params->sessionId );
$x = ifPermission( $params->sessionId, 'PM_CASES' );
if ($x == 0) {
$result = new wsResponse( 24, G::LoadTranslation('ID_NOT_PRIVILEGES') );
return $result;
}
$ws = new wsBase();
$variables = $params->variables;
foreach ($variables as $key => $val) {
$name = $val->name;
$value = $val->value;
$val->name = $filter->validateInput($val->name);
$val->value = $filter->validateInput($val->value);
eval( '$Fields[ ' . $val->name . ' ]= $val->value ;' );
}
$params->variables = $Fields;
$res = $ws->newCaseImpersonate( $params->processId, $params->userId, $params->variables );
return $res->getPayloadArray();
}
function NewCase ($params)
{
$filter = new InputFilter();
ifSessionExpiredBreakThis( $params->sessionId );
$x = ifPermission( $params->sessionId, 'PM_CASES' );
if ($x == 0) {
$result = new wsResponse( 24, G::LoadTranslation('ID_NOT_PRIVILEGES') );
return $result;
}
$oSessions = new Sessions();
$session = $oSessions->getSessionUser( $params->sessionId );
$userId = $session['USR_UID'];
$variables = $params->variables;
if (! isset( $params->variables )) {
$variables = array ();
$Fields = array ();
} else {
if (is_object( $variables )) {
/*foreach ( $variables as $key=>$val ) {
$name = $val->name;
$value = $val->value;
$Fields[ $val->name ]= $val->value ;
}*/
$Fields[$variables->name] = $variables->value;
}
if (is_array( $variables )) {
foreach ($variables as $key => $val) {
$name = $val->name;
$value = $val->value;
if (! is_object( $val->value )) {
$val->name = $filter->validateInput($val->name);
$val->value = $filter->validateInput($val->value);
eval( '$Fields[ ' . $val->name . ' ]= $val->value ;' );
} else {
if (is_array( $val->value->item )) {
$i = 1;
foreach ($val->value->item as $key1 => $val1) {
if (isset( $val1->value )) {
if (is_array( $val1->value->item )) {
foreach ($val1->value->item as $key2 => $val2) {
$Fields[$val->name][$i][$val2->key] = $val2->value;
}
}
}
$i ++;
}
}
}
}
}
}
$params->variables = $Fields;
//$result = new wsResponse (900, print_r($params->variables,1));
//return $result;
$ws = new wsBase();
$res = $ws->newCase( $params->processId, $userId, $params->taskId, $params->variables );
return $res;
}
function AssignUserToGroup ($params)
{
ifSessionExpiredBreakThis( $params->sessionId );
$x = ifPermission( $params->sessionId, 'PM_USERS' );
if ($x == 0) {
$result = new wsResponse( 24, G::LoadTranslation('ID_NOT_PRIVILEGES') );
return $result;
}
$sessions = new Sessions();
$user = $sessions->getSessionUser( $params->sessionId );
if (! is_array( $user )) {
return new wsResponse( 3, G::LoadTranslation('ID_USER_NOT_REGISTERED_SYSTEM') );
}
$ws = new wsBase();
$res = $ws->assignUserToGroup( $params->userId, $params->groupId );
return $res->getPayloadArray();
}
function CreateUser ($params)
{
ifSessionExpiredBreakThis( $params->sessionId );
$x = ifPermission( $params->sessionId, 'PM_USERS' );
if ($x == 0) {
$result = new wsResponse( 24, G::LoadTranslation('ID_NOT_PRIVILEGES') );
return $result;
}
$ws = new wsBase();
$res = $ws->createUser( $params->userId, $params->firstname, $params->lastname, $params->email, $params->role, $params->password );
return $res->getPayloadArray();
}
function TaskList ($params)
{
$x = ifPermission( $params->sessionId, 'PM_CASES' );
if ($x == 0) {
$result[] = array ('guid' => 24,'name' => G::LoadTranslation('ID_NOT_PRIVILEGES') );
return $result;
}
$ws = new wsBase();
$oSessions = new Sessions();
$session = $oSessions->getSessionUser( $params->sessionId );
$userId = $session['USR_UID'];
$res = $ws->taskList( $userId );
return array ("tasks" => $res
);
}
function TaskCase ($params)
{
ifSessionExpiredBreakThis( $params->sessionId );
$x = ifPermission( $params->sessionId, 'PM_CASES' );
if ($x == 0) {
$result[] = array ('guid' => 24,'name' => G::LoadTranslation('ID_NOT_PRIVILEGES') );
return $result;
}
$ws = new wsBase();
$res = $ws->taskCase( $params->caseId );
return array ("taskCases" => $res
);
}
function ReassignCase ($params)
{
ifSessionExpiredBreakThis( $params->sessionId );
$ws = new wsBase();
$res = $ws->reassignCase( $params->sessionId, $params->caseId, $params->delIndex, $params->userIdSource, $params->userIdTarget );
return $res;
}
function ifSessionExpiredBreakThis ($sessionId)
{ #added By Erik AO <erik@colosa.com> in datetime 26.06.2008 10:00:00
$oSessions = new Sessions();
$session = $oSessions->verifySession( $sessionId );
if ($session == '') {
return new wsResponse( 9, G::LoadTranslation('ID_SESSION_EXPIRED') );
}
}
function ifPermission ($sessionId, $permission)
{
global $RBAC;
$RBAC->initRBAC();
$oSession = new Sessions();
$user = $oSession->getSessionUser( $sessionId );
$oRBAC = RBAC::getSingleton();
$oRBAC->loadUserRolePermission( $oRBAC->sSystem, $user['USR_UID'] );
$aPermissions = $oRBAC->aUserInfo[$oRBAC->sSystem]['PERMISSIONS'];
$sw = 0;
foreach ($aPermissions as $aPermission) {
if ($aPermission['PER_CODE'] == $permission) {
$sw = 1;
}
}
return $sw;
}
$server = new SoapServer( $wsdl );
$server->addFunction( "Login" );
$server->addFunction( "ProcessList" );
$server->addFunction( "CaseList" );
$server->addFunction( "RoleList" );
$server->addFunction( "GroupList" );
$server->addFunction( "UserList" );
$server->addFunction( "SendMessage" );
$server->addFunction( "SendVariables" );
$server->addFunction( "GetVariables" );
$server->addFunction( "DerivateCase" );
$server->addFunction( "executeTrigger" );
$server->addFunction( "NewCaseImpersonate" );
$server->addFunction( "NewCase" );
$server->addFunction( "AssignUserToGroup" );
$server->addFunction( "CreateUser" );
$server->addFunction( "getCaseInfo" );
$server->addFunction( "TaskList" );
$server->addFunction( "TaskCase" );
$server->addFunction( "ReassignCase" );
$server->handle();

88
workflow/engine/methods/services/soap2.php
View File

@@ -654,83 +654,57 @@ function NewCaseImpersonate ($params)
return $res;
}
function NewCase ($params)
/**
* Begins a new case under the name of the logged-in user.
* Where the parameter value is:
* - string sessionId: The ID of the session, which is obtained during login.
* - string processId: The ID of the process where the case should start, which
* can be obtained with processList().
* - string taskId: The ID of the task where the case should start. This will
* generally be the first task in a process, which can be obtained with taskList().
* - array variables: An array of variableStruct objects which contain information
* to start the case. This array has the following format.
*
* @param object $params
*
* @return object
*/
function NewCase($params)
{
$filter = new InputFilter();
$parseSoapVariableVame = new ParseSoapVariableName();
$vsResult = isValidSession( $params->sessionId );
$vsResult = isValidSession($params->sessionId);
if ($vsResult->status_code !== 0) {
return $vsResult;
}
if (ifPermission( $params->sessionId, "PM_CASES" ) == 0) {
$result = new wsResponse( 2, G::LoadTranslation('ID_NOT_PRIVILEGES') );
if (ifPermission($params->sessionId, 'PM_CASES') == 0) {
$result = new wsResponse(2, G::LoadTranslation('ID_NOT_PRIVILEGES'));
return $result;
}
$oSession = new Sessions();
$session = $oSession->getSessionUser( $params->sessionId );
$userId = $session["USR_UID"];
$session = $oSession->getSessionUser($params->sessionId);
$userId = $session['USR_UID'];
$variables = $params->variables;
/* this code is for previous version of ws, and apparently this will work for grids inside the variables..
if (!isset($params->variables) ) {
$variables = array();
$field = array();
}
else {
if ( is_object ($variables) ) {
$field[ $variables->name ]= $variables->value ;
}
$field = array();
if ( is_array ( $variables) ) {
foreach ( $variables as $key=>$val ) {
$name = $val->name;
$value = $val->value;
if (!is_object($val->value))
{
eval('$field[ ' . $val->name . ' ]= $val->value ;');
}
else
{
if (is_array($val->value->item)) {
$i = 1;
foreach ($val->value->item as $key1 => $val1) {
if (isset($val1->value)) {
if (is_array($val1->value->item)) {
foreach ($val1->value->item as $key2 => $val2) {
$field[$val->name][$i][$val2->key] = $val2->value;
}
}
}
$i++;
}
}
}
}
}
}
*/
$variables = $params->variables;
$field = array ();
if ($variables->name === "__POST_VARIABLES__") {
if (is_object($variables) && $variables->name === '__POST_VARIABLES__') {
$field = G::json_decode($variables->value, true);
$variables = null;
}
if (is_object( $variables )) {
if (is_object($variables)) {
$field[$variables->name] = $variables->value;
}
if (is_array( $variables )) {
foreach ($variables as $key => $val) {
if (! is_object( $val->value )) {
@eval( "\$field[" . $val->name . "]= \$val->value;" );
if (is_array($variables)) {
foreach ($variables as $val) {
if (!is_object($val->value)) {
$parseSoapVariableVame->buildVariableName($field, $val->name, $val->value);
}
}
}
@@ -739,10 +713,10 @@ function NewCase ($params)
$ws = new wsBase();
$res = $ws->newCase($params->processId, $userId, $params->taskId, $params->variables, (isset($params->executeTriggers))? (int)($params->executeTriggers) : 0);
$res = $ws->newCase($params->processId, $userId, $params->taskId, $params->variables, (isset($params->executeTriggers)) ? (int) ($params->executeTriggers) : 0);
// we need to register the case id for a stored session variable. like a normal Session.
$oSession->registerGlobal( "APPLICATION", $res->caseId );
$oSession->registerGlobal('APPLICATION', $res->caseId);
return $res;
}

13
workflow/engine/methods/services/wsdl.php
View File

@@ -1,13 +0,0 @@
<?php
$filewsdl = PATH_METHODS . 'services' . PATH_SEP . 'pmos.wsdl';
$content = file_get_contents( $filewsdl );
$lang = defined( 'SYS_LANG' ) ? SYS_LANG : 'en';
$endpoint = 'http://' . $_SERVER['SERVER_NAME'] . ':' . $_SERVER['SERVER_PORT'] . '/sys' . SYS_SYS . '/' . $lang . '/classic/services/soap';
//print $endpoint; die;
$content = str_replace( "___SOAP_ADDRESS___", $endpoint, $content );
header( "Content-Type: application/xml;" );
print $content;

158
workflow/engine/methods/setup/webServices.php
View File

@@ -1,158 +0,0 @@
<?php
/**
* control.php
*
* ProcessMaker Open Source Edition
* Copyright (C) 2004 - 2008 Colosa Inc.23
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License as
* published by the Free Software Foundation, either version 3 of the
* License, or (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*
* For more information, contact Colosa Inc, 2566 Le Jeune Rd.,
* Coral Gables, FL, 33134, USA, or email info@colosa.com.
*/
if ($RBAC->userCanAccess( 'PM_SETUP' ) != 1 && $RBAC->userCanAccess( 'PM_FACTORY' ) != 1) {
G::SendTemporalMessage( 'ID_USER_HAVENT_RIGHTS_PAGE', 'error', 'labels' );
//G::header('location: ../login/login');
die();
}
$G_MAIN_MENU = 'processmaker';
//$G_SUB_MENU = 'setup';
$G_ID_MENU_SELECTED = 'SETUP';
//$G_ID_SUB_MENU_SELECTED = 'WEBSERVICES';
if (! extension_loaded( 'soap' )) {
$G_PUBLISH = new Publisher();
$G_PUBLISH->AddContent( 'xmlform', 'xmlform', 'setup/wsMessage' );
G::RenderPage( "publish" );
} else {
$G_PUBLISH = new Publisher();
$G_PUBLISH->AddContent( 'view', 'setup/webServicesTree' );
$G_PUBLISH->AddContent( 'smarty', 'groups/groups_usersList', '', '', array () );
G::RenderPage( "publish-treeview", 'blank' );
}
$link_Edit = G::encryptlink( 'webServicesSetup' );
$link_List = G::encryptlink( 'webServicesList' );
?>
<script>
document.body.style.backgroundColor="#fff";
var oAux = document.getElementById("publisherContent[0]");
oAux.id = "publisherContent[666]";
var currentGroup=false;
function webServicesSetup(){
popupWindow('' , '<?php echo $link_Edit ?>' , 500 , 225 );
}
function showFormWS( uid, element ){
currentGroup = uid;
var oRPC = new leimnud.module.rpc.xmlhttp({
url : '../setup/webServicesAjax',
async : false,
method: 'POST',
args : 'action=showForm&wsID=' + uid
});
oRPC.make();
document.getElementById('spanUsersList').innerHTML = oRPC.xmlhttp.responseText;
if ((uid == 'NewCase') || (uid == 'NewCaseImpersonate')) {
var scs=oRPC.xmlhttp.responseText.extractScript();scs.evalScript();
}
}
function execWebService( uid) {
var oRPC = new leimnud.module.rpc.xmlhttp({
url : '../setup/webServicesAjax',
async : true,
method: 'POST',
args : 'action=execWebService&wsID=' + uid
});
oRPC.callback = function(rpc) {
var scs = rpc.xmlhttp.responseText.extractScript();
document.getElementById('spanUsersList').innerHTML = rpc.xmlhttp.responseText;
scs.evalScript();
}.extend(this);
oRPC.make();
}
submitThisForm = function(oForm) {
var oAux;
var bContinue = true;
if(bContinue) {
result = ajax_post(oForm.action, oForm, 'POST', function(response){
var scs = response.extractScript();
document.getElementById('spanUsersList').innerHTML = response;
scs.evalScript();
});
refreshTree();
}
};
function callbackWebService( ) {
/*
var oRPC = new leimnud.module.rpc.xmlhttp({
url : '../setup/webServicesAjax',
async : false,
method: 'POST',
args : 'action=execWebService&wsID=' + uid
});
oRPC.make();
document.getElementById('spanUsersList').innerHTML = oRPC.xmlhttp.responseText;
*/
document.getElementById('spanUsersList').innerHTML = 'hola';
}
function saveGroup( form ) {
ajax_post( form.action, form, 'POST' );
currentPopupWindow.remove();
refreshTree();
}
function refreshTree(){
tree.refresh( document.getElementById("publisherContent[666]") , '<?php echo $link_List ?>');
}
function showDetails(){
var oRPC = new leimnud.module.rpc.xmlhttp({
url : '../setup/webServicesAjax',
async : false,
method: 'POST',
args : 'action=showDetails'
});
oRPC.make();
document.getElementById('spanUsersList').innerHTML = oRPC.xmlhttp.responseText;
}
showDetails();
function showUploadFilesForm(){
oIFrame = window.document.createElement('iframe');
oIFrame.style.border = '0';
oIFrame.style.width = '700px';
oIFrame.style.height = '400px';
oIFrame.src = 'webServicesAjax?action=showUploadFilesForm&';
document.getElementById('spanUsersList').innerHTML = '';
document.getElementById('spanUsersList').appendChild(oIFrame);
}
</script>

36
workflow/engine/methods/setup/webServicesList.php
View File

@@ -1,36 +0,0 @@
<?php
/**
* webServicesList.php
*
* ProcessMaker Open Source Edition
* Copyright (C) 2004 - 2008 Colosa Inc.23
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License as
* published by the Free Software Foundation, either version 3 of the
* License, or (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*
* For more information, contact Colosa Inc, 2566 Le Jeune Rd.,
* Coral Gables, FL, 33134, USA, or email info@colosa.com.
*/
if ($RBAC->userCanAccess( 'PM_SETUP' ) != 1 && $RBAC->userCanAccess( 'PM_FACTORY' ) != 1) {
G::SendTemporalMessage( 'ID_USER_HAVENT_RIGHTS_PAGE', 'error', 'labels' );
//G::header('location: ../login/login');
die();
}
//G::genericForceLogin( 'WF_MYINFO' , 'login/noViewPage', $urlLogin = 'login/login' );
$G_PUBLISH = new Publisher();
$G_PUBLISH->AddContent( 'view', 'setup/webServicesTree' );
G::RenderPage( "publish-raw", "raw" );

2
workflow/engine/methods/users/usersAjax.php
View File

@@ -318,7 +318,7 @@ switch ($_POST['action']) {
require_once 'classes/model/UsersProperties.php';
$oUserProperty = new UsersProperties();
$aUserProperty = $oUserProperty->loadOrCreateIfNotExists($aFields['USR_UID'], array('USR_PASSWORD_HISTORY' => serialize(array($aFields['USR_PASSWORD']))));
$aUserProperty = $oUserProperty->loadOrCreateIfNotExists($aFields['USR_UID'], array('USR_PASSWORD_HISTORY' => serialize(array($oUser->getUsrPassword()))));
$aFields['USR_LOGGED_NEXT_TIME'] = $aUserProperty['USR_LOGGED_NEXT_TIME'];
if (array_key_exists('USR_PASSWORD', $aFields)) {

293
workflow/engine/src/ProcessMaker/BusinessModel/EmailServer.php
View File

@@ -1,5 +1,8 @@
<?php
namespace ProcessMaker\BusinessModel;
use \G;
use \Exception;
use \Bootstrap;
class EmailServer
{
@@ -19,6 +22,8 @@ class EmailServer
"MESS_DEFAULT" => array("type" => "int", "required" => false, "empty" => false, "defaultValues" => array(0, 1), "fieldNameAux" => "emailServerDefault")
);
private $contextLog = array();
private $formatFieldNameInUppercase = true;
private $arrayFieldNameForException = array(
@@ -37,17 +42,51 @@ class EmailServer
foreach ($this->arrayFieldDefinition as $key => $value) {
$this->arrayFieldNameForException[$value["fieldNameAux"]] = $key;
}
} catch (\Exception $e) {
//Define the variables for the logging
global $RBAC;
$currentUser = $RBAC->aUserInfo['USER_INFO'];
$info = array(
'ip' => G::getIpAddress(),
'workspace' => (defined("SYS_SYS"))? SYS_SYS : "Workspace undefined",
'usrUid' => $currentUser['USR_UID']
);
$this->setContextLog($info);
} catch (Exception $e) {
throw $e;
}
}
/**
* Get the $contextLog value.
*
* @return string
*/
public function getContextLog()
{
return $this->contextLog;
}
/**
* Set the value of $contextLog.
*
* @param array $k
* @return void
*/
public function setContextLog($k)
{
$this->contextLog = array_merge($this->contextLog, $k);
}
/**
* Set the format of the fields name (uppercase, lowercase)
*
* @param bool $flag Value that set the format
*
* return void
* @return void
* @throws Exception
*/
public function setFormatFieldNameInUppercase($flag)
{
@@ -55,7 +94,7 @@ class EmailServer
$this->formatFieldNameInUppercase = $flag;
$this->setArrayFieldNameForException($this->arrayFieldNameForException);
} catch (\Exception $e) {
} catch (Exception $e) {
throw $e;
}
}
@@ -65,7 +104,8 @@ class EmailServer
*
* @param array $arrayData Data with the fields
*
* return void
* @return void
* @throws Exception
*/
public function setArrayFieldNameForException(array $arrayData)
{
@@ -73,7 +113,7 @@ class EmailServer
foreach ($arrayData as $key => $value) {
$this->arrayFieldNameForException[$key] = $this->getFieldNameByFormatFieldName($value);
}
} catch (\Exception $e) {
} catch (Exception $e) {
throw $e;
}
}
@@ -83,13 +123,14 @@ class EmailServer
*
* @param string $fieldName Field name
*
* return string Return the field name according the format
* @return string, return the field name according the format
* @throws Exception
*/
public function getFieldNameByFormatFieldName($fieldName)
{
try {
return ($this->formatFieldNameInUppercase)? strtoupper($fieldName) : strtolower($fieldName);
} catch (\Exception $e) {
} catch (Exception $e) {
throw $e;
}
}
@@ -99,7 +140,8 @@ class EmailServer
*
* @param array $arrayData Data
*
* return array Return array with result of send test mail
* @return array, return array with result of send test mail
* @throws Exception
*/
public function sendTestMail(array $arrayData)
{
@@ -117,20 +159,20 @@ class EmailServer
"SMTPSecure" => (isset($arrayData["SMTPSecure"]))? $arrayData["SMTPSecure"] : "none"
);
$sFrom = \G::buildFrom($aConfiguration);
$sFrom = G::buildFrom($aConfiguration);
$sSubject = \G::LoadTranslation("ID_MESS_TEST_SUBJECT");
$msg = \G::LoadTranslation("ID_MESS_TEST_BODY");
$sSubject = G::LoadTranslation("ID_MESS_TEST_SUBJECT");
$msg = G::LoadTranslation("ID_MESS_TEST_BODY");
switch ($arrayData["MESS_ENGINE"]) {
case "MAIL":
$engine = \G::LoadTranslation("ID_MESS_ENGINE_TYPE_1");
$engine = G::LoadTranslation("ID_MESS_ENGINE_TYPE_1");
break;
case "PHPMAILER":
$engine = \G::LoadTranslation("ID_MESS_ENGINE_TYPE_2");
$engine = G::LoadTranslation("ID_MESS_ENGINE_TYPE_2");
break;
case "OPENMAIL":
$engine = \G::LoadTranslation("ID_MESS_ENGINE_TYPE_3");
$engine = G::LoadTranslation("ID_MESS_ENGINE_TYPE_3");
break;
}
@@ -175,7 +217,7 @@ class EmailServer
if ($oSpool->status == "sent") {
$arrayTestMailResult["status"] = true;
$arrayTestMailResult["success"] = true;
$arrayTestMailResult["msg"] = \G::LoadTranslation("ID_MAIL_TEST_SUCCESS");
$arrayTestMailResult["msg"] = G::LoadTranslation("ID_MAIL_TEST_SUCCESS");
} else {
$arrayTestMailResult["status"] = false;
$arrayTestMailResult["success"] = false;
@@ -183,7 +225,7 @@ class EmailServer
}
return $arrayTestMailResult;
} catch (\Exception $e) {
} catch (Exception $e) {
throw $e;
}
}
@@ -194,7 +236,8 @@ class EmailServer
* @param array $arrayData Data
* @param int $step Step
*
* return array Return array with result of test connection by step
* @return array, return array with result of test connection by step
* @throws Exception
*/
public function testConnectionByStep(array $arrayData, $step = 0)
{
@@ -208,7 +251,7 @@ class EmailServer
$eregMail = "/^[0-9a-zA-Z]+(?:[._][0-9a-zA-Z]+)*@[0-9a-zA-Z]+(?:[._-][0-9a-zA-Z]+)*\.[0-9a-zA-Z]{2,3}$/";
$arrayDataMail["FROM_EMAIL"] = ($arrayData["MESS_FROM_MAIL"] != "" && preg_match($eregMail, $arrayData["MESS_FROM_MAIL"]))? $arrayData["MESS_FROM_MAIL"] : "";
$arrayDataMail["FROM_NAME"] = ($arrayData["MESS_FROM_NAME"] != "")? $arrayData["MESS_FROM_NAME"] : \G::LoadTranslation("ID_MESS_TEST_BODY");
$arrayDataMail["FROM_NAME"] = ($arrayData["MESS_FROM_NAME"] != "")? $arrayData["MESS_FROM_NAME"] : G::LoadTranslation("ID_MESS_TEST_BODY");
$arrayDataMail["MESS_ENGINE"] = "MAIL";
$arrayDataMail["MESS_SERVER"] = "localhost";
$arrayDataMail["MESS_PORT"] = 25;
@@ -233,7 +276,7 @@ class EmailServer
);
if ($arrayTestMailResult["status"] == false) {
$arrayResult["message"] = \G::LoadTranslation("ID_SENDMAIL_NOT_INSTALLED");
$arrayResult["message"] = G::LoadTranslation("ID_SENDMAIL_NOT_INSTALLED");
}
//Return
@@ -252,7 +295,7 @@ class EmailServer
$passwdHide = "";
}
$passwdDec = \G::decrypt($passwd,"EMAILENCRYPT");
$passwdDec = G::decrypt($passwd,"EMAILENCRYPT");
$auxPass = explode("hash:", $passwdDec);
if (count($auxPass) > 1) {
@@ -378,7 +421,7 @@ class EmailServer
$eregMail = "/^[0-9a-zA-Z]+(?:[._][0-9a-zA-Z]+)*@[0-9a-zA-Z]+(?:[._-][0-9a-zA-Z]+)*\.[0-9a-zA-Z]{2,3}$/";
$arrayDataPhpMailer["FROM_EMAIL"] = ($fromMail != "" && preg_match($eregMail, $fromMail))? $fromMail : "";
$arrayDataPhpMailer["FROM_NAME"] = $arrayData["MESS_FROM_NAME"] != "" ? $arrayData["MESS_FROM_NAME"] : \G::LoadTranslation("ID_MESS_TEST_BODY");
$arrayDataPhpMailer["FROM_NAME"] = $arrayData["MESS_FROM_NAME"] != "" ? $arrayData["MESS_FROM_NAME"] : G::LoadTranslation("ID_MESS_TEST_BODY");
$arrayDataPhpMailer["MESS_ENGINE"] = "PHPMAILER";
$arrayDataPhpMailer["MESS_SERVER"] = $server;
$arrayDataPhpMailer["MESS_PORT"] = $port;
@@ -421,7 +464,7 @@ class EmailServer
//Return
return $arrayResult;
} catch (\Exception $e) {
} catch (Exception $e) {
$arrayResult = array();
$arrayResult["result"] = false;
@@ -437,7 +480,8 @@ class EmailServer
*
* @param array $arrayData Data
*
* return array Return array with result of test connection
* @return array, return array with result of test connection
* @throws Exception
*/
public function testConnection(array $arrayData)
{
@@ -467,11 +511,11 @@ class EmailServer
$arrayDataAux["MAIL_TO"] = "admin@processmaker.com";
$arrayResult[$arrayMailTestName[1]] = $this->testConnectionByStep($arrayDataAux);
$arrayResult[$arrayMailTestName[1]]["title"] = \G::LoadTranslation("ID_EMAIL_SERVER_TEST_CONNECTION_VERIFYING_MAIL");
$arrayResult[$arrayMailTestName[1]]["title"] = G::LoadTranslation("ID_EMAIL_SERVER_TEST_CONNECTION_VERIFYING_MAIL");
if ((int)($arrayData["MESS_TRY_SEND_INMEDIATLY"]) == 1 && $arrayData['MAIL_TO'] != '') {
$arrayResult[$arrayMailTestName[2]] = $this->testConnectionByStep($arrayData);
$arrayResult[$arrayMailTestName[2]]["title"] = \G::LoadTranslation("ID_EMAIL_SERVER_TEST_CONNECTION_SENDING_EMAIL", array($arrayData["MAIL_TO"]));
$arrayResult[$arrayMailTestName[2]]["title"] = G::LoadTranslation("ID_EMAIL_SERVER_TEST_CONNECTION_SENDING_EMAIL", array($arrayData["MAIL_TO"]));
}
break;
case "PHPMAILER":
@@ -482,19 +526,19 @@ class EmailServer
switch ($step) {
case 1:
$arrayResult[$arrayPhpMailerTestName[$step]]["title"] = \G::LoadTranslation("ID_EMAIL_SERVER_TEST_CONNECTION_RESOLVING_NAME", array($arrayData["MESS_SERVER"]));
$arrayResult[$arrayPhpMailerTestName[$step]]["title"] = G::LoadTranslation("ID_EMAIL_SERVER_TEST_CONNECTION_RESOLVING_NAME", array($arrayData["MESS_SERVER"]));
break;
case 2:
$arrayResult[$arrayPhpMailerTestName[$step]]["title"] = \G::LoadTranslation("ID_EMAIL_SERVER_TEST_CONNECTION_CHECK_PORT", array($arrayData["MESS_PORT"]));
$arrayResult[$arrayPhpMailerTestName[$step]]["title"] = G::LoadTranslation("ID_EMAIL_SERVER_TEST_CONNECTION_CHECK_PORT", array($arrayData["MESS_PORT"]));
break;
case 3:
$arrayResult[$arrayPhpMailerTestName[$step]]["title"] = \G::LoadTranslation("ID_EMAIL_SERVER_TEST_CONNECTION_ESTABLISHING_CON_HOST", array($arrayData["MESS_SERVER"] . ":" . $arrayData["MESS_PORT"]));
$arrayResult[$arrayPhpMailerTestName[$step]]["title"] = G::LoadTranslation("ID_EMAIL_SERVER_TEST_CONNECTION_ESTABLISHING_CON_HOST", array($arrayData["MESS_SERVER"] . ":" . $arrayData["MESS_PORT"]));
break;
case 4:
$arrayResult[$arrayPhpMailerTestName[$step]]["title"] = \G::LoadTranslation("ID_EMAIL_SERVER_TEST_CONNECTION_LOGIN", array($arrayData["MESS_ACCOUNT"], $arrayData["MESS_SERVER"]));
$arrayResult[$arrayPhpMailerTestName[$step]]["title"] = G::LoadTranslation("ID_EMAIL_SERVER_TEST_CONNECTION_LOGIN", array($arrayData["MESS_ACCOUNT"], $arrayData["MESS_SERVER"]));
break;
case 5:
$arrayResult[$arrayPhpMailerTestName[$step]]["title"] = \G::LoadTranslation("ID_EMAIL_SERVER_TEST_CONNECTION_SENDING_EMAIL", array($arrayData["MAIL_TO"]));
$arrayResult[$arrayPhpMailerTestName[$step]]["title"] = G::LoadTranslation("ID_EMAIL_SERVER_TEST_CONNECTION_SENDING_EMAIL", array($arrayData["MAIL_TO"]));
break;
}
}
@@ -503,7 +547,7 @@ class EmailServer
//Result
return $arrayResult;
} catch (\Exception $e) {
} catch (Exception $e) {
throw $e;
}
}
@@ -513,7 +557,8 @@ class EmailServer
*
* @param string $emailServerUid Unique id of Email Server
*
* return bool Return true if is default Email Server, false otherwise
* @return bool, return true if is default Email Server, false otherwise
* @throws Exception
*/
public function checkIfIsDefault($emailServerUid)
{
@@ -530,7 +575,7 @@ class EmailServer
} else {
return false;
}
} catch (\Exception $e) {
} catch (Exception $e) {
throw $e;
}
}
@@ -541,7 +586,8 @@ class EmailServer
* @param string $emailServerUid Unique id of Email Server
* @param array $arrayData Data
*
* return void Throw exception if data has an invalid value
* @return void Throw exception if data has an invalid value
* @throws Exception
*/
public function throwExceptionIfDataIsInvalid($emailServerUid, array $arrayData)
{
@@ -609,10 +655,10 @@ class EmailServer
}
if ($msg != "") {
throw new \Exception($msg);
throw new Exception($msg);
}
}
} catch (\Exception $e) {
} catch (Exception $e) {
throw $e;
}
}
@@ -623,7 +669,8 @@ class EmailServer
* @param string $emailServerUid Unique id of Email Server
* @param string $fieldNameForException Field name for the exception
*
* return void Throw exception if does not exist the Email Server in table EMAIL_SERVER
* @return void Throw exception if does not exist the Email Server in table EMAIL_SERVER
* @throws Exception
*/
public function throwExceptionIfNotExistsEmailServer($emailServerUid, $fieldNameForException)
{
@@ -631,9 +678,9 @@ class EmailServer
$obj = \EmailServerPeer::retrieveByPK($emailServerUid);
if (is_null($obj)) {
throw new \Exception(\G::LoadTranslation("ID_EMAIL_SERVER_DOES_NOT_EXIST", array($fieldNameForException, $emailServerUid)));
throw new Exception(G::LoadTranslation("ID_EMAIL_SERVER_DOES_NOT_EXIST", array($fieldNameForException, $emailServerUid)));
}
} catch (\Exception $e) {
} catch (Exception $e) {
throw $e;
}
}
@@ -644,15 +691,16 @@ class EmailServer
* @param string $emailServerUid Unique id of Email Server
* @param string $fieldNameForException Field name for the exception
*
* return void Throw exception if is default Email Server
* @return void Throw exception if is default Email Server
* @throws Exception
*/
public function throwExceptionIfIsDefault($emailServerUid, $fieldNameForException)
{
try {
if ($this->checkIfIsDefault($emailServerUid)) {
throw new \Exception(\G::LoadTranslation("ID_EMAIL_SERVER_IS_DEFAULT", array($fieldNameForException, $emailServerUid)));
throw new Exception(G::LoadTranslation("ID_EMAIL_SERVER_IS_DEFAULT", array($fieldNameForException, $emailServerUid)));
}
} catch (\Exception $e) {
} catch (Exception $e) {
throw $e;
}
}
@@ -662,7 +710,8 @@ class EmailServer
*
* @param string $emailServerUid Unique id of Email Server
*
* return void
* @return void
* @throws Exception
*/
public function setEmailServerDefaultByUid($emailServerUid)
{
@@ -703,7 +752,8 @@ class EmailServer
*
* @param array $arrayData Data
*
* return array Return data of the new Email Server created
* @return array, data of the new Email Server created
* @throws Exception
*/
public function create(array $arrayData)
{
@@ -729,7 +779,7 @@ class EmailServer
$emailServer = new \EmailServer();
$passwd = $arrayData["MESS_PASSWORD"];
$passwdDec = \G::decrypt($passwd, "EMAILENCRYPT");
$passwdDec = G::decrypt($passwd, "EMAILENCRYPT");
$auxPass = explode("hash:", $passwdDec);
if (count($auxPass) > 1) {
@@ -745,7 +795,7 @@ class EmailServer
if ($arrayData["MESS_PASSWORD"] != "") {
$arrayData["MESS_PASSWORD"] = "hash:" . $arrayData["MESS_PASSWORD"];
$arrayData["MESS_PASSWORD"] = \G::encrypt($arrayData["MESS_PASSWORD"], "EMAILENCRYPT");
$arrayData["MESS_PASSWORD"] = G::encrypt($arrayData["MESS_PASSWORD"], "EMAILENCRYPT");
}
$emailServer->fromArray($arrayData, \BasePeer::TYPE_FIELDNAME);
@@ -765,7 +815,28 @@ class EmailServer
$this->setEmailServerDefaultByUid($emailServerUid);
}
//Return
//Logging the create action
$info = array(
'action' => 'Create email server',
'messUid'=> $emailServerUid,
'engine'=> $arrayData["MESS_ENGINE"],
'server' => $arrayData["MESS_SERVER"],
'port' => $arrayData["MESS_PORT"],
'requireAuthentication' => $arrayData["MESS_RAUTH"],
'account' => $arrayData["MESS_ACCOUNT"],
'senderEmail' => $arrayData["MESS_FROM_MAIL"],
'senderName' => $arrayData["MESS_FROM_NAME"],
'useSecureConnection' => $arrayData["SMTPSECURE"],
'sendTestEmail' => $arrayData["MESS_TRY_SEND_INMEDIATLY"],
'setAsDefaultConfiguration' => $arrayData["MESS_DEFAULT"]
);
$this->setContextLog($info);
$this->syslog(
'CreateEmailServer',
200,
'New email server was created',
$this->getContextLog()
);
return $this->getEmailServer($emailServerUid);
} else {
$msg = "";
@@ -774,14 +845,14 @@ class EmailServer
$msg = $msg . (($msg != "")? "\n" : "") . $validationFailure->getMessage();
}
throw new \Exception(\G::LoadTranslation("ID_RECORD_CANNOT_BE_CREATED") . (($msg != "")? "\n" . $msg : ""));
throw new Exception(G::LoadTranslation("ID_RECORD_CANNOT_BE_CREATED") . (($msg != "")? "\n" . $msg : ""));
}
} catch (\Exception $e) {
} catch (Exception $e) {
$cnn->rollback();
throw $e;
}
} catch (\Exception $e) {
} catch (Exception $e) {
throw $e;
}
}
@@ -791,7 +862,8 @@ class EmailServer
*
* @param array $arrayData Data
*
* return array Return data of the new Email Server created
* @return array, return data of the new Email Server created
* @throws Exception
*/
public function create2(array $arrayData)
{
@@ -828,14 +900,14 @@ class EmailServer
$msg = $msg . (($msg != "")? "\n" : "") . $validationFailure->getMessage();
}
throw new \Exception(\G::LoadTranslation("ID_RECORD_CANNOT_BE_CREATED") . (($msg != "")? "\n" . $msg : ""));
throw new Exception(G::LoadTranslation("ID_RECORD_CANNOT_BE_CREATED") . (($msg != "")? "\n" . $msg : ""));
}
} catch (\Exception $e) {
} catch (Exception $e) {
$cnn->rollback();
throw $e;
}
} catch (\Exception $e) {
} catch (Exception $e) {
throw $e;
}
}
@@ -846,7 +918,8 @@ class EmailServer
* @param string $emailServerUid Unique id of Group
* @param array $arrayData Data
*
* return array Return data of the Email Server updated
* @return array Return data of the Email Server updated
* @throws Exception
*/
public function update($emailServerUid, $arrayData)
{
@@ -874,7 +947,7 @@ class EmailServer
if (isset($arrayData['MESS_PASSWORD'])) {
$passwd = $arrayData['MESS_PASSWORD'];
$passwdDec = \G::decrypt($passwd, 'EMAILENCRYPT');
$passwdDec = G::decrypt($passwd, 'EMAILENCRYPT');
$auxPass = explode('hash:', $passwdDec);
if (count($auxPass) > 1) {
@@ -890,7 +963,7 @@ class EmailServer
if ($arrayData['MESS_PASSWORD'] != '') {
$arrayData['MESS_PASSWORD'] = 'hash:' . $arrayData['MESS_PASSWORD'];
$arrayData['MESS_PASSWORD'] = \G::encrypt($arrayData['MESS_PASSWORD'], 'EMAILENCRYPT');
$arrayData['MESS_PASSWORD'] = G::encrypt($arrayData['MESS_PASSWORD'], 'EMAILENCRYPT');
}
}
@@ -912,6 +985,29 @@ class EmailServer
$arrayData = array_change_key_case($arrayData, CASE_LOWER);
}
//Logging the update action
$info = array(
'action' => 'Update email server',
'messUid' => $emailServerUid,
'engine' => $arrayData["MESS_ENGINE"],
'server' => $arrayData["MESS_SERVER"],
'port' => $arrayData["MESS_PORT"],
'requireAuthentication' => $arrayData["MESS_RAUTH"],
'account' => $arrayData["MESS_ACCOUNT"],
'senderEmail' => $arrayData["MESS_FROM_MAIL"],
'senderName' => $arrayData["MESS_FROM_NAME"],
'useSecureConnection' => $arrayData["SMTPSECURE"],
'sendTestEmail' => $arrayData["MESS_TRY_SEND_INMEDIATLY"],
'setAsDefaultConfiguration' => $arrayData["MESS_DEFAULT"]
);
$this->setContextLog($info);
$this->syslog(
'UpdateEmailServer',
200,
'The email server was updated',
$this->getContextLog()
);
return $arrayData;
} else {
$msg = "";
@@ -920,14 +1016,14 @@ class EmailServer
$msg = $msg . (($msg != "")? "\n" : "") . $validationFailure->getMessage();
}
throw new \Exception(\G::LoadTranslation("ID_RECORD_CANNOT_BE_CREATED") . (($msg != "")? "\n" . $msg : ""));
throw new Exception(G::LoadTranslation("ID_RECORD_CANNOT_BE_CREATED") . (($msg != "")? "\n" . $msg : ""));
}
} catch (\Exception $e) {
} catch (Exception $e) {
$cnn->rollback();
throw $e;
}
} catch (\Exception $e) {
} catch (Exception $e) {
throw $e;
}
}
@@ -937,22 +1033,32 @@ class EmailServer
*
* @param string $emailServerUid Unique id of Email Server
*
* return void
* @return void
* @throws Exception
*/
public function delete($emailServerUid)
{
try {
//Verify data
$this->throwExceptionIfNotExistsEmailServer($emailServerUid, $this->arrayFieldNameForException["emailServerUid"]);
$this->throwExceptionIfIsDefault($emailServerUid, $this->arrayFieldNameForException["emailServerUid"]);
$criteria = $this->getEmailServerCriteria();
$criteria->add(\EmailServerPeer::MESS_UID, $emailServerUid, \Criteria::EQUAL);
\EmailServerPeer::doDelete($criteria);
} catch (\Exception $e) {
//Logging the delete action
$info = array(
'action' => 'Delete email server',
'messUid' => $emailServerUid
);
$this->setContextLog($info);
$this->syslog(
'DeleteEmailServer',
200,
'The email server was deleted',
$this->getContextLog()
);
} catch (Exception $e) {
throw $e;
}
}
@@ -982,7 +1088,7 @@ class EmailServer
$criteria->addSelectColumn(\EmailServerPeer::MESS_DEFAULT);
return $criteria;
} catch (\Exception $e) {
} catch (Exception $e) {
throw $e;
}
}
@@ -992,7 +1098,8 @@ class EmailServer
*
* @param array $record Record
*
* return array Return an array with data Email Server
* @return array, return an array with data Email Server
* @throws Exception
*/
public function getEmailServerDataFromRecord(array $record)
{
@@ -1016,7 +1123,7 @@ class EmailServer
$this->getFieldNameByFormatFieldName("MESS_EXECUTE_EVERY") => '',
$this->getFieldNameByFormatFieldName("MESS_SEND_MAX") => ''
);
} catch (\Exception $e) {
} catch (Exception $e) {
throw $e;
}
}
@@ -1064,7 +1171,7 @@ class EmailServer
//Return
return $arrayData;
} catch (\Exception $e) {
} catch (Exception $e) {
throw $e;
}
}
@@ -1078,7 +1185,8 @@ class EmailServer
* @param int $start Start
* @param int $limit Limit
*
* return array Return an array with all Email Servers
* @return array, return an array with all Email Servers
* @throws Exception
*/
public function getEmailServers($arrayFilterData = null, $sortField = null, $sortDir = null, $start = null, $limit = null)
{
@@ -1101,10 +1209,10 @@ class EmailServer
if (!is_null($arrayFilterData) && is_array($arrayFilterData) && isset($arrayFilterData["filter"]) && trim($arrayFilterData["filter"]) != "") {
$criteria->add(
$criteria->getNewCriterion(\EmailServerPeer::MESS_ENGINE, "%" . $arrayFilterData["filter"] . "%", \Criteria::LIKE)->addOr(
$criteria->getNewCriterion(\EmailServerPeer::MESS_SERVER, "%" . $arrayFilterData["filter"] . "%", \Criteria::LIKE))->addOr(
$criteria->getNewCriterion(\EmailServerPeer::MESS_ACCOUNT, "%" . $arrayFilterData["filter"] . "%", \Criteria::LIKE))->addOr(
$criteria->getNewCriterion(\EmailServerPeer::MESS_FROM_NAME, "%" . $arrayFilterData["filter"] . "%", \Criteria::LIKE))->addOr(
$criteria->getNewCriterion(\EmailServerPeer::SMTPSECURE, "%" . $arrayFilterData["filter"] . "%", \Criteria::LIKE))
$criteria->getNewCriterion(\EmailServerPeer::MESS_SERVER, "%" . $arrayFilterData["filter"] . "%", \Criteria::LIKE))->addOr(
$criteria->getNewCriterion(\EmailServerPeer::MESS_ACCOUNT, "%" . $arrayFilterData["filter"] . "%", \Criteria::LIKE))->addOr(
$criteria->getNewCriterion(\EmailServerPeer::MESS_FROM_NAME, "%" . $arrayFilterData["filter"] . "%", \Criteria::LIKE))->addOr(
$criteria->getNewCriterion(\EmailServerPeer::SMTPSECURE, "%" . $arrayFilterData["filter"] . "%", \Criteria::LIKE))
);
}
@@ -1156,7 +1264,7 @@ class EmailServer
$row = $rsCriteria->getRow();
$passwd = $row["MESS_PASSWORD"];
$passwdDec = \G::decrypt($passwd, "EMAILENCRYPT");
$passwdDec = G::decrypt($passwd, "EMAILENCRYPT");
$auxPass = explode("hash:", $passwdDec);
if (count($auxPass) > 1) {
@@ -1181,7 +1289,7 @@ class EmailServer
"filter" => (!is_null($arrayFilterData) && is_array($arrayFilterData) && isset($arrayFilterData["filter"]))? $arrayFilterData["filter"] : "",
"data" => $arrayEmailServer
);
} catch (\Exception $e) {
} catch (Exception $e) {
throw $e;
}
}
@@ -1192,7 +1300,8 @@ class EmailServer
* @param string $emailServerUid Unique id of Email Server
* @param bool $flagGetRecord Value that set the getting
*
* return array Return an array with data of a Email Server
* @return array, return an array with data of a Email Server
* @throws Exception
*/
public function getEmailServer($emailServerUid, $flagGetRecord = false)
{
@@ -1224,7 +1333,7 @@ class EmailServer
//Return
return (!$flagGetRecord)? $this->getEmailServerDataFromRecord($row) : $row;
} catch (\Exception $e) {
} catch (Exception $e) {
throw $e;
}
}
@@ -1246,5 +1355,31 @@ class EmailServer
$rsCriteria->next();
return $rsCriteria->getRow();
}
/**
* Logging information related to the email server
* When the user create, update, delete the email server
*
* @param string $channel
* @param string $level
* @param string $message
* @param array $context
*
* @return void
* @throws Exception
*/
private function syslog(
$channel,
$level,
$message,
$context = array()
)
{
try {
Bootstrap::registerMonolog($channel, $level, $message, $context, $context['workspace'], 'processmaker.log');
} catch (Exception $e) {
throw $e;
}
}
}

3
workflow/engine/src/ProcessMaker/BusinessModel/Migrator/GranularExporter.php
View File

@@ -3,6 +3,7 @@
namespace ProcessMaker\BusinessModel\Migrator;
use ProcessMaker\Project;
use ProcessMaker\Util\Common;
class GranularExporter
{
@@ -64,7 +65,7 @@ class GranularExporter
$this->prjName = $projectData['PRJ_NAME'];
$getProjectName = $this->publisher->truncateName($projectData['PRJ_NAME'], false);
$outputDir = PATH_DATA . "sites" . PATH_SEP . SYS_SYS . PATH_SEP . "files" . PATH_SEP . "output" . PATH_SEP;
$version = \ProcessMaker\Util\Common::getLastVersion($outputDir . $getProjectName . "-*.pmx2") + 1;
$version = Common::getLastVersionSpecialCharacters($outputDir, $getProjectName, "pmx2") + 1;
$outputFilename = $outputDir . sprintf("%s-%s.%s", str_replace(" ", "_", $getProjectName), $version, "pmx2");
$bpnmDefinition = array(

7
workflow/engine/src/ProcessMaker/BusinessModel/Task.php
View File

@@ -1894,7 +1894,12 @@ class Task
}
}
public function getValidateSelfService($data)
/**
* This method verify if an activity has cases
* @param $data
* @return \stdclass
*/
public function hasPendingCases($data)
{
$paused = false;
$data = array_change_key_case($data, CASE_LOWER);

965
workflow/engine/src/ProcessMaker/BusinessModel/User.php
View File

File diff suppressed because it is too large Load Diff

2
workflow/engine/src/ProcessMaker/BusinessModel/WebEntry.php
View File

@@ -382,7 +382,7 @@ class WebEntry
$arrayUserData = $user->load($arrayWebEntryData["USR_UID"]);
$usrUsername = $arrayUserData["USR_USERNAME"];
$usrPassword = $arrayUserData["USR_PASSWORD"];
$usrPassword = $user->getUsrPassword();
$dynaForm = new \Dynaform();

2
workflow/engine/src/ProcessMaker/Exception/ProjectNotFound.php
View File

@@ -5,7 +5,7 @@ use ProcessMaker\Project;
class ProjectNotFound extends \RuntimeException
{
const EXCEPTION_CODE = 20;
const EXCEPTION_CODE = 400;
public function __construct(Project\Handler $obj, $uid, $message = "", \Exception $previous = null) {
$message = empty($message) ? sprintf("Project \"%s\" with UID: %s, does not exist.", get_class($obj), $uid) : $message;

59
workflow/engine/src/ProcessMaker/Exception/RBACException.php Normal file
View File

@@ -0,0 +1,59 @@
<?php
namespace ProcessMaker\Exception;
use G;
/**
* Class PMException
* @package ProcessMaker\Exception
*/
class RBACException extends \Exception
{
const PM_LOGIN = '../login/login';
const PM_403 = '/errors/error403.php';
/**
* RBACException constructor.
* @param string $message
* @param null $code
*/
public function __construct($message, $code=NULL)
{
parent::__construct($message, $code);
}
/**
* Displays the entire exception as a string
* @return string
*/
public function __toString()
{
switch ($this->getCode()) {
case -1:
G::SendTemporalMessage($this->getMessage(), 'error', 'labels');
$message = self::PM_LOGIN;
break;
case -2:
G::SendTemporalMessage($this->getMessage(), 'error', 'labels');
$message = self::PM_LOGIN;
break;
case 403:
$message = self::PM_403;
break;
default:
$message = self::PM_LOGIN;
break;
}
return $message;
}
/**
* Returns the path to which to redirect
* @return $this
*/
public function getPath()
{
return $this;
}
}

3
workflow/engine/src/ProcessMaker/Importer/Importer.php
View File

@@ -6,6 +6,7 @@ use ProcessMaker\Project;
use ProcessMaker\Project\Adapter;
use ProcessMaker\BusinessModel\Migrator;
use ProcessMaker\BusinessModel\Migrator\ImportException;
use ProcessMaker\Util\Common;
abstract class Importer
{
@@ -771,7 +772,7 @@ abstract class Importer
$getProjectName = $exporter->truncateName($exporter->getProjectName(), false);
$outputDir = PATH_DATA . "sites" . PATH_SEP . SYS_SYS . PATH_SEP . "files" . PATH_SEP . "output" . PATH_SEP;
$version = \ProcessMaker\Util\Common::getLastVersion($outputDir . $getProjectName . "-*.pmx") + 1;
$version = Common::getLastVersionSpecialCharacters($outputDir, $getProjectName, "pmx") + 1;
$outputFilename = $outputDir . sprintf("%s-%s.%s", str_replace(" ", "_", $getProjectName), $version, "pmx");
$exporter->setMetadata("export_version", $version);

52
workflow/engine/src/ProcessMaker/Project/Bpmn.php
View File

@@ -1,39 +1,36 @@
<?php
namespace ProcessMaker\Project;
use \BpmnProject as Project;
use \BpmnProcess as Process;
use \BpmnDiagram as Diagram;
use \BasePeer;
use \BpmnActivity as Activity;
use \BpmnBound as Bound;
use \BpmnEvent as Event;
use \BpmnGateway as Gateway;
use \BpmnFlow as Flow;
use \BpmnArtifact as Artifact;
use \BpmnProjectPeer as ProjectPeer;
use \BpmnProcessPeer as ProcessPeer;
use \BpmnDiagramPeer as DiagramPeer;
use \BpmnActivityPeer as ActivityPeer;
use \BpmnBoundPeer as BoundPeer;
use \BpmnEventPeer as EventPeer;
use \BpmnGatewayPeer as GatewayPeer;
use \BpmnFlowPeer as FlowPeer;
use \BpmnArtifactPeer as ArtifactPeer;
use \BpmnParticipant as Participant;
use \BpmnParticipantPeer as ParticipantPeer;
use \BpmnBound as Bound;
use \BpmnBoundPeer as BoundPeer;
use \BpmnDiagram as Diagram;
use \BpmnDiagramPeer as DiagramPeer;
use \BpmnEvent as Event;
use \BpmnEventPeer as EventPeer;
use \BpmnFlow as Flow;
use \BpmnFlowPeer as FlowPeer;
use \BpmnGateway as Gateway;
use \BpmnGatewayPeer as GatewayPeer;
use \BpmnLaneset as Laneset;
use \BpmnLanesetPeer as LanesetPeer;
use \BpmnLane as Lane;
use \BpmnLanePeer as LanePeer;
use \BasePeer;
use \BpmnParticipant as Participant;
use \BpmnParticipantPeer as ParticipantPeer;
use \BpmnProject as Project;
use \BpmnProcess as Process;
use \BpmnProjectPeer as ProjectPeer;
use \BpmnProcessPeer as ProcessPeer;
use \Criteria as Criteria;
use \Exception;
use \G;
use \ResultSet as ResultSet;
use ProcessMaker\Util\Common;
use ProcessMaker\Exception;
use \ProcessMaker\Util\Common;
/**
* Class Bpmn
@@ -428,9 +425,12 @@ class Bpmn extends Handler
self::log("Remove Activity: $actUid");
$activity = ActivityPeer::retrieveByPK($actUid);
$activity->delete();
//TODO if the activity was removed, the related flows to that activity must be removed
if (isset($activity)) {
$activity->delete();
Flow::removeAllRelated($actUid);
} else {
throw new Exception(G::LoadTranslation("ID_ACTIVITY_DOES_NOT_EXIST", array("act_uid", $actUid)));
}
self::log("Remove Activity Success!");
} catch (\Exception $e) {
self::log("Exception: ", $e->getMessage(), "Trace: ", $e->getTraceAsString());

3
workflow/engine/src/ProcessMaker/Services/Api/Project.php
View File

@@ -10,6 +10,7 @@ use \ProcessMaker\BusinessModel\Validator;
use \ProcessMaker\BusinessModel\Migrator\GranularExporter;
use \ProcessMaker\BusinessModel\Migrator\ExportObjects;
use \ProcessMaker\Util\IO\HttpStream;
use \ProcessMaker\Util\Common;
/**
* Class Project
@@ -182,7 +183,7 @@ class Project extends Api
$getProjectName = $exporter->truncateName($exporter->getProjectName(), false);
$outputDir = PATH_DATA . "sites" . PATH_SEP . SYS_SYS . PATH_SEP . "files" . PATH_SEP . "output" . PATH_SEP;
$version = \ProcessMaker\Util\Common::getLastVersion($outputDir . $getProjectName . "-*.pmx") + 1;
$version = Common::getLastVersionSpecialCharacters($outputDir, $getProjectName, "pmx") + 1;
$outputFilename = $outputDir . sprintf("%s-%s.%s", str_replace(" ", "_", $getProjectName), $version, "pmx");
$exporter->setMetadata("export_version", $version);

33
workflow/engine/src/ProcessMaker/Services/Api/Project/Activity.php
View File

@@ -1,8 +1,11 @@
<?php
namespace ProcessMaker\Services\Api\Project;
use \ProcessMaker\Services\Api;
use \Exception;
use \Luracast\Restler\RestException;
use \ProcessMaker\BusinessModel\Task;
use \ProcessMaker\Project\Adapter\BpmnWorkflow;
use \ProcessMaker\Services\Api;
/**
* Project\Activity Api Controller
@@ -136,22 +139,32 @@ class Activity extends Api
/**
* This method remove an activity and all related components
* @param string $prj_uid {@min 32} {@max 32}
* @param string $act_uid {@min 32} {@max 32}
*
* @author Brayan Pereyra (Cochalo) <brayan@colosa.com>
* @copyright Colosa - Bolivia
* @return array
*
* @access protected
* @class AccessControl {@permission PM_FACTORY}
* @url DELETE /:prj_uid/activity/:act_uid
*/
public function doDeleteProjectActivity($prj_uid, $act_uid)
{
try {
$task = new \ProcessMaker\BusinessModel\Task();
$task->deleteTask($prj_uid, $act_uid);
} catch (\Exception $e) {
throw new RestException(Api::STAT_APP_EXCEPTION, $e->getMessage());
$task = new Task();
$task->setFormatFieldNameInUppercase(false);
$task->setArrayParamException(array("taskUid" => "act_uid"));
$response = $task->hasPendingCases(array("act_uid" => $act_uid, "case_type" => "assigned"));
if ($response->result !== false) {
$project = new BpmnWorkflow();
$prj = $project->load($prj_uid);
$prj->removeActivity($act_uid);
} else {
throw new RestException(403, $response->message);
}
} catch (Exception $e) {
$resCode = $e->getCode() == 0 ? Api::STAT_APP_EXCEPTION : $e->getCode();
throw new RestException($resCode, $e->getMessage());
}
}
@@ -215,7 +228,7 @@ class Activity extends Api
$task->setFormatFieldNameInUppercase(false);
$task->setArrayParamException(array("taskUid" => "act_uid"));
$response = $task->getValidateSelfService($request_data);
$response = $task->hasPendingCases($request_data);
return $response;
} catch (\Exception $e) {

80
workflow/engine/src/ProcessMaker/Util/ParseSoapVariableName.php Normal file
View File

@@ -0,0 +1,80 @@
<?php
namespace ProcessMaker\Util;
/**
* Constructs the name of the variable starting from a string representing the
* depth of the array.
*/
class ParseSoapVariableName
{
/**
* Constructs the name of the variable starting from a string representing
* the depth of the array.
*
* @param array $field
* @param string $name
* @param object $value
* @return void
*/
public function buildVariableName(&$field, $name, $value)
{
if (!$this->isValidVariableName($name)) {
$context = \Bootstrap::getDefaultContextLog();
$context['action'] = 'soap2';
$context['exception'] = 'Invalid param: '.G::json_encode($name);
\Bootstrap::registerMonolog('soap2', 400, 'NewCase', $context, $context['workspace'], 'processmaker.log');
return;
}
$brackets = $this->searchBrackets($name);
if (empty($brackets)) {
$field[$name] = $value;
} else {
$current = &$field;
foreach ($brackets as $extension) {
if (!isset($current[$extension])) {
$current[$extension] = [];
}
$current = &$current[$extension];
}
$current = $value;
}
}
/**
* Analysis of string representing the depth of the array, represented by a
* valid index name and brackets as separators.
*
* @param type $string
*
* @return array
*/
private function searchBrackets($string)
{
$stringClean = str_replace(' ', '', $string);
$explode = explode('][', $stringClean);
return $explode;
}
/**
* Verify if the index name of the array is valid.
*
* @param string $name
*
* @return bool
*/
public function isValidVariableName($name)
{
if (is_string($name) === true) {
if (preg_match("/^[0-9a-zA-Z\_\[\]]+$/", $name)) {
return true;
}
}
return false;
}
}

2
workflow/public_html/app.php
View File

@@ -53,6 +53,8 @@ try {
break;
}
} catch (ProcessMaker\Exception\RBACException $e) {
G::header('location: ' . $e->getPath());
} catch (Exception $e) {
$view = new Maveriks\Pattern\Mvc\PhtmlView($rootDir . "framework/src/templates/Exception.phtml");
$view->set("message", $e->getMessage());