fernando/luos
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

HOR-4527

Browse Source
This commit is contained in:
Marco Antonio Nina Mena
2017-12-04 13:25:35 +00:00
committed by Julio Cesar Laura Avendaño
parent abe71a6ffe
commit 0d533e19d9
363 changed files with 23948 additions and 44623 deletions
Download Patch File Download Diff File Expand all files Collapse all files

88
gulliver/system/class.rbac.php
View File

@@ -204,7 +204,6 @@ class RBAC
];
$this->aliasPermissions['PM_CASES'] = [self::PM_GUEST_CASE];
$this->aliasPermissions['PM_LOGIN'] = [self::PM_GUEST_CASE];
}
/**
@@ -231,37 +230,30 @@ class RBAC
public function initRBAC()
{
if (is_null($this->userObj)) {
$this->userObj = new RbacUsers();
}
if (is_null($this->systemObj)) {
$this->systemObj = new Systems();
}
if (is_null($this->usersRolesObj)) {
$this->usersRolesObj = new UsersRoles();
}
if (is_null($this->rolesObj)) {
$this->rolesObj = new Roles();
}
if (is_null($this->permissionsObj)) {
$this->permissionsObj = new Permissions();
}
if (is_null($this->rolesPermissionsObj)) {
$this->rolesPermissionsObj = new RolesPermissions();
}
if (is_null($this->authSourcesObj)) {
$this->authSourcesObj = new AuthenticationSource();
}
//hook for RBAC plugins
@@ -269,13 +261,11 @@ class RBAC
if (is_dir($pathPlugins)) {
if ($handle = opendir($pathPlugins)) {
while (false !== ($file = readdir($handle))) {
if (strpos($file, '.php', 1) && is_file($pathPlugins . PATH_SEP . $file) && substr($file, 0,
6) == 'class.' && substr($file, -4) == '.php') {
if (strpos($file, '.php', 1) && is_file($pathPlugins . PATH_SEP . $file) &&
substr($file, 0, 6) === 'class.' && substr($file, -4) === '.php') {
$className = substr($file, 6, strlen($file) - 10);
require_once($pathPlugins . PATH_SEP . $file);
$this->aRbacPlugins[] = $className;
}
}
}
@@ -873,9 +863,9 @@ class RBAC
*/
public function VerifyWithOtherAuthenticationSource($authType, $userFields, $strPass)
{
if ($authType == '' || $authType == 'MYSQL') {
if ($authType === '' || $authType === 'MYSQL') {
//check if the user is active
if ($userFields['USR_STATUS'] != 1) {
if ($userFields['USR_STATUS'] !== 1) {
return -3; //inactive user
}
@@ -886,13 +876,12 @@ class RBAC
}
foreach ($this->aRbacPlugins as $className) {
if (strtolower($className) == strtolower($authType)) {
if (strtolower($className) === strtolower($authType)) {
$plugin = new $className();
$plugin->sAuthSource = $userFields["UID_AUTH_SOURCE"];
$plugin->sAuthSource = $userFields['UID_AUTH_SOURCE'];
$plugin->sSystem = $this->sSystem;
$bValidUser = false;
$bValidUser = $plugin->VerifyLogin($userFields["USR_AUTH_USER_DN"], $strPass);
$bValidUser = $plugin->VerifyLogin($userFields['USR_AUTH_USER_DN'], $strPass);
if ($bValidUser === true) {
return ($userFields['USR_UID']);
} else {
@@ -924,14 +913,16 @@ class RBAC
{
/*----------------------------------********---------------------------------*/
$licenseManager =& PmLicenseManager::getSingleton();
if (in_array(G::encryptOld($licenseManager->result),
array('38afd7ae34bd5e3e6fc170d8b09178a3', 'ba2b45bdc11e2a4a6e86aab2ac693cbb'))) {
$licenseManager = PmLicenseManager::getSingleton();
if (in_array(
G::encryptOld($licenseManager->result),
['38afd7ae34bd5e3e6fc170d8b09178a3', 'ba2b45bdc11e2a4a6e86aab2ac693cbb']
)) {
return -7;
}
/*----------------------------------********---------------------------------*/
if (strlen($strPass) == 0) {
if (strlen($strPass) === 0) {
return -2;
}
//check if the user exists in the table RB_WORKFLOW.USERS
@@ -955,12 +946,10 @@ class RBAC
//Hook for RBAC plugins
if ($authType != "mysql" && $authType != "") {
$res = $this->VerifyWithOtherAuthenticationSource($authType, $this->userObj->fields, $strPass);
return $res;
} else {
$this->userObj->reuseUserFields = true;
$res = $this->userObj->VerifyLogin($strUser, $strPass);
return $res;
}
}
@@ -976,7 +965,6 @@ class RBAC
public function verifyUser($strUser)
{
$res = $this->userObj->verifyUser($strUser);
return $res;
}
@@ -990,7 +978,6 @@ class RBAC
public function verifyUserId($strUserId)
{
$res = $this->userObj->verifyUserId($strUserId);
return $res;
}
@@ -1051,24 +1038,24 @@ class RBAC
*/
public function createUser($dataCase = [], $rolCode = '')
{
if ($dataCase["USR_STATUS"] . "" == "1") {
$dataCase["USR_STATUS"] = "ACTIVE";
if ($dataCase['USR_STATUS'] . '' === '1') {
$dataCase['USR_STATUS'] = 'ACTIVE';
}
if ($dataCase["USR_STATUS"] . "" == "0") {
$dataCase["USR_STATUS"] = "INACTIVE";
if ($dataCase['USR_STATUS'] . '' === '0') {
$dataCase['USR_STATUS'] = 'INACTIVE';
}
if ($dataCase['USR_STATUS'] == 'ACTIVE') {
if ($dataCase['USR_STATUS'] === 'ACTIVE') {
$dataCase['USR_STATUS'] = 1;
}
if ($dataCase['USR_STATUS'] == 'INACTIVE') {
if ($dataCase['USR_STATUS'] === 'INACTIVE') {
$dataCase['USR_STATUS'] = 0;
}
$userUid = $this->userObj->create($dataCase);
if ($rolCode != '') {
if ($rolCode !== '') {
$this->assignRoleToUser($userUid, $rolCode);
}
@@ -1086,7 +1073,7 @@ class RBAC
public function updateUser($dataCase = [], $rolCode = '')
{
if (isset($dataCase['USR_STATUS'])) {
if ($dataCase['USR_STATUS'] == 'ACTIVE') {
if ($dataCase['USR_STATUS'] === 'ACTIVE') {
$dataCase['USR_STATUS'] = 1;
}
}
@@ -1141,9 +1128,9 @@ class RBAC
$userStatus = 1;
}
$aFields = $this->userObj->load($userUid);
$aFields['USR_STATUS'] = $userStatus;
$this->userObj->update($aFields);
$fields = $this->userObj->load($userUid);
$fields['USR_STATUS'] = $userStatus;
$this->userObj->update($fields);
}
/**
@@ -1194,7 +1181,7 @@ class RBAC
*/
public function createPermision($code)
{
return $this->permissionsObj->create(array('PER_CODE' => $code));
return $this->permissionsObj->create(['PER_CODE' => $code]);
}
/**
@@ -1650,8 +1637,10 @@ class RBAC
*/
public function createAuthSource($dataCase)
{
$dataCase['AUTH_SOURCE_PASSWORD'] = G::encrypt($dataCase['AUTH_SOURCE_PASSWORD'],
$dataCase['AUTH_SOURCE_SERVER_NAME']) . "_2NnV3ujj3w";
$dataCase['AUTH_SOURCE_PASSWORD'] = G::encrypt(
$dataCase['AUTH_SOURCE_PASSWORD'],
$dataCase['AUTH_SOURCE_SERVER_NAME']
) . "_2NnV3ujj3w";
$this->authSourcesObj->create($dataCase);
}
@@ -1666,8 +1655,10 @@ class RBAC
*/
public function updateAuthSource($dataCase)
{
$dataCase['AUTH_SOURCE_PASSWORD'] = G::encrypt($dataCase['AUTH_SOURCE_PASSWORD'],
$dataCase['AUTH_SOURCE_SERVER_NAME']) . "_2NnV3ujj3w";
$dataCase['AUTH_SOURCE_PASSWORD'] = G::encrypt(
$dataCase['AUTH_SOURCE_PASSWORD'],
$dataCase['AUTH_SOURCE_SERVER_NAME']
) . "_2NnV3ujj3w";
$this->authSourcesObj->update($dataCase);
}
@@ -1928,14 +1919,18 @@ class RBAC
$isAssignedNewpermissions = $this->getPermissionAssignedRole($aRow['ROL_UID'], $item['PER_UID']);
$assignPermissions = true;
if (!$isAssignedNewpermissions) {
if ($aRow['ROL_CODE'] == 'PROCESSMAKER_OPERATOR' && in_array($item['PER_CODE'],
$permissionsForOperator)) {
if ($aRow['ROL_CODE'] == 'PROCESSMAKER_OPERATOR' && in_array(
$item['PER_CODE'],
$permissionsForOperator
)) {
$assignPermissions = false;
}
if (!in_array($aRow['ROL_CODE'], $perCodePM)) {
$assignPermissions = false;
$checkPermisionEdit = $this->getPermissionAssignedRole($aRow['ROL_UID'],
'00000000000000000000000000000014');
$checkPermisionEdit = $this->getPermissionAssignedRole(
$aRow['ROL_UID'],
'00000000000000000000000000000014'
);
if ($checkPermisionEdit && !in_array($item['PER_CODE'], $permissionsForOperator)) {
$assignPermissions = true;
}
@@ -2025,4 +2020,3 @@ class RBAC
return self::GUEST_USER_UID === $usrUid;
}
}