fernando/luos
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

PMCORE-3693

Browse Source
This commit is contained in:
Paula Quispe
2022-03-18 10:44:41 -04:00
parent 659e5c322a
commit 0da093d03a
3 changed files with 30 additions and 16 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
gulliver/system/class.rbac.php
View File

@@ -2150,4 +2150,16 @@ class RBAC
{
return self::GUEST_USER_UID === $usrUid;
}
/**
* Returns true in case the parameter corresponds to the admin user,
* otherwise it returns false.
*
* @param string $usrUid
* @return boolean
*/
public static function isAdminUserUid($usrUid)
{
return self::ADMIN_USER_UID === $usrUid;
}
}

2
workflow/engine/src/ProcessMaker/BusinessModel/Role/User.php
View File

@@ -210,7 +210,7 @@ class User
$this->throwExceptionIfNotItsAssignedUserToRole($roleUid, $userUid, $this->arrayFieldNameForException["userUid"]);
if ($userUid == "00000000000000000000000000000001") {
if (RBAC::isAdminUserUid($userUid)) {
throw new Exception(G::LoadTranslation("ID_ADMINISTRATOR_ROLE_CANT_CHANGED"));
}

28
workflow/engine/src/ProcessMaker/BusinessModel/User.php
View File

@@ -1287,27 +1287,29 @@ class User
try {
//Verify data
$this->throwExceptionIfNotExistsUser($usrUid, $this->arrayFieldNameForException["usrUid"]);
// Check user admin
if (RBAC::isAdminUserUid($usrUid)) {
throw new Exception(G::LoadTranslation("ID_MSG_CANNOT_DELETE_USER", [$usrUid]));
}
// Check user guest
if (RBAC::isGuestUserUid($usrUid)) {
throw new Exception(G::LoadTranslation("ID_MSG_CANNOT_DELETE_USER", [$usrUid]));
}
// Check if the user has cases
$oProcessMap = new ClassesCases();
$USR_UID = $usrUid;
$total = 0;
$history = 0;
$c = $oProcessMap->getCriteriaUsersCases('TO_DO', $USR_UID);
$c = $oProcessMap->getCriteriaUsersCases('TO_DO', $usrUid);
$total += ApplicationPeer::doCount($c);
$c = $oProcessMap->getCriteriaUsersCases('DRAFT', $USR_UID);
$c = $oProcessMap->getCriteriaUsersCases('DRAFT', $usrUid);
$total += ApplicationPeer::doCount($c);
$c = $oProcessMap->getCriteriaUsersCases('COMPLETED', $USR_UID);
$c = $oProcessMap->getCriteriaUsersCases('COMPLETED', $usrUid);
$history += ApplicationPeer::doCount($c);
$c = $oProcessMap->getCriteriaUsersCases('CANCELLED', $USR_UID);
$c = $oProcessMap->getCriteriaUsersCases('CANCELLED', $usrUid);
$history += ApplicationPeer::doCount($c);
//check user guest
if (RBAC::isGuestUserUid($usrUid)) {
throw new Exception(G::LoadTranslation("ID_MSG_CANNOT_DELETE_USER", array($USR_UID)));
}
if ($total > 0) {
throw new Exception(G::LoadTranslation("ID_USER_CAN_NOT_BE_DELETED", array($USR_UID)));
throw new Exception(G::LoadTranslation("ID_USER_CAN_NOT_BE_DELETED", [$usrUid]));
} else {
$UID = $usrUid;
$oTasks = new Tasks();
@@ -1316,7 +1318,7 @@ class User
$oGroups->removeUserOfAllGroups($UID);
$this->changeUserStatus($UID, 'CLOSED');
$_GET['USR_USERNAME'] = '';
$this->updateUser(array('USR_UID' => $UID, 'USR_USERNAME' => $_GET['USR_USERNAME']), '');
$this->updateUser(['USR_UID' => $UID, 'USR_USERNAME' => $_GET['USR_USERNAME']], '');
require_once(PATH_TRUNK . "workflow" . PATH_SEP . "engine" . PATH_SEP . "classes" . PATH_SEP . "model" . PATH_SEP . "Users.php");
$oUser = new Users();
$aFields = $oUser->load($UID);