Merged in bugfix/PMCORE-1254-A (pull request #7326)

PMCORE-1254 Approved-by: Julio Cesar Laura Avendaño <contact@julio-laura.com>
2020-04-23 13:52:09 +00:00
parent c72026912f deae7d3b59
commit 0f6356a916
1 changed files with 14 additions and 14 deletions
--- a/workflow/engine/src/ProcessMaker/BusinessModel/Cases.php
+++ b/workflow/engine/src/ProcessMaker/BusinessModel/Cases.php
@@ -1126,27 +1126,27 @@ class Cases
        Validator::isString($appUid, '$app_uid');
        Validator::appUid($appUid, '$app_uid');

-        // Review the permission for delete case
+        // Review the status and owner
+        $caseInfo = ModelApplication::getCase($appUid);
+        if (!empty($caseInfo)) {
+            // Check if the requester is the owner
+            if ($caseInfo['APP_INIT_USER'] !== $usrUid) {
                global $RBAC;
+                // If no we need to review if have the permission
                if ($RBAC->userCanAccess('PM_DELETECASE') != 1) {
                    throw new Exception(G::LoadTranslation('ID_NOT_ABLE_DELETE_CASES'));
                }
-        // Review the status and user
-        $caseInfo = ModelApplication::getCase($appUid);
-        if (!empty($caseInfo)){
+            }
+
            // Review the status
            if ($caseInfo['APP_STATUS'] != 'DRAFT') {
                throw new Exception(G::LoadTranslation("ID_DELETE_CASE_NO_STATUS"));
            }
-            // Review the user requester
-            if ($caseInfo['APP_INIT_USER'] != $usrUid) {
-                throw new Exception(G::LoadTranslation("ID_DELETE_CASE_NO_OWNER"));
-            }
-        }

            $case = new ClassesCases();
            $case->removeCase($appUid);
        }
+    }

    /**
     * Route Case