PMC-1409
This commit is contained in:
Julio Cesar Laura Avendaño
@@ -211,6 +211,24 @@ class RBAC
|
|||||||
'showDynaformListHistory' => ['PM_CASES'],
|
'showDynaformListHistory' => ['PM_CASES'],
|
||||||
'dynaformChangeLogViewHistory' => ['PM_CASES'],
|
'dynaformChangeLogViewHistory' => ['PM_CASES'],
|
||||||
'historyDynaformGridPreview' => ['PM_CASES'],
|
'historyDynaformGridPreview' => ['PM_CASES'],
|
||||||
|
],
|
||||||
|
'usersAjax.php' => [
|
||||||
|
'countryList' => ['PM_LOGIN'],
|
||||||
|
'stateList' => ['PM_LOGIN'],
|
||||||
|
'locationList' => ['PM_LOGIN'],
|
||||||
|
'usersList' => ['PM_USERS,PM_EDIT_USER_PROFILE_REPLACED_BY'],
|
||||||
|
'availableCalendars' => ['PM_LOGIN'],
|
||||||
|
'rolesList' => ['PM_LOGIN'],
|
||||||
|
'getUserLogedRole' => ['PM_USERS,PM_EDIT_USER_PROFILE_PASSWORD'],
|
||||||
|
'languagesList' => ['PM_LOGIN'],
|
||||||
|
'saveUser' => [], // This action is validated with custom logic in the same page
|
||||||
|
'savePersonalInfo' => [], // This action is validated with custom logic in the same page
|
||||||
|
'userData' => [], // This action is validated with custom logic in the same page
|
||||||
|
'defaultMainMenuOptionList' => ['PM_LOGIN'],
|
||||||
|
'defaultCasesMenuOptionList' => ['PM_LOGIN'],
|
||||||
|
'testPassword' => ['PM_USERS,PM_EDIT_USER_PROFILE_PASSWORD'],
|
||||||
|
'testUsername' => ['PM_USERS,PM_EDIT_USER_PROFILE_USERNAME'],
|
||||||
|
'passwordValidate' => ['PM_USERS,PM_EDIT_USER_PROFILE_PASSWORD'],
|
||||||
]
|
]
|
||||||
];
|
];
|
||||||
$this->aliasPermissions['PM_CASES'] = [self::PM_GUEST_CASE];
|
$this->aliasPermissions['PM_CASES'] = [self::PM_GUEST_CASE];
|
||||||
|
|||||||
@@ -1,5 +1,8 @@
|
|||||||
<?php
|
<?php
|
||||||
|
|
||||||
|
use ProcessMaker\BusinessModel\User as BmUser;
|
||||||
|
|
||||||
|
// Sanitizing the values sent in the global variables
|
||||||
$filter = new InputFilter();
|
$filter = new InputFilter();
|
||||||
$_POST = $filter->xssFilterHard($_POST);
|
$_POST = $filter->xssFilterHard($_POST);
|
||||||
if (isset($_SESSION['USER_LOGGED'])) {
|
if (isset($_SESSION['USER_LOGGED'])) {
|
||||||
@@ -9,40 +12,46 @@ if (isset($_SESSION['USR_USERNAME'])) {
|
|||||||
$_SESSION['USR_USERNAME'] = $filter->xssFilterHard($_SESSION['USR_USERNAME']);
|
$_SESSION['USR_USERNAME'] = $filter->xssFilterHard($_SESSION['USR_USERNAME']);
|
||||||
}
|
}
|
||||||
|
|
||||||
global $RBAC;
|
// Initializing variables
|
||||||
|
$action = $_POST['action'];
|
||||||
$result = new StdClass();
|
$result = new StdClass();
|
||||||
|
|
||||||
switch ($_POST['action']) {
|
// Try to execute the requested action
|
||||||
|
try {
|
||||||
|
// Checking access permissions for the current action
|
||||||
|
global $RBAC;
|
||||||
|
$RBAC->allows(basename(__FILE__), $action);
|
||||||
|
|
||||||
|
// Executing the action
|
||||||
|
switch ($action) {
|
||||||
case 'countryList':
|
case 'countryList':
|
||||||
require_once("classes/model/IsoCountry.php");
|
|
||||||
$c = new Criteria();
|
$c = new Criteria();
|
||||||
$c->add(IsoCountryPeer::IC_UID, null, Criteria::ISNOTNULL);
|
$c->add(IsoCountryPeer::IC_UID, null, Criteria::ISNOTNULL);
|
||||||
$c->addAscendingOrderByColumn(IsoCountryPeer::IC_NAME);
|
$c->addAscendingOrderByColumn(IsoCountryPeer::IC_NAME);
|
||||||
|
|
||||||
$countries = IsoCountryPeer::doSelect($c);
|
$countries = IsoCountryPeer::doSelect($c);
|
||||||
foreach ($countries as $rowid => $row) {
|
|
||||||
$oData[] = array('IC_UID' => $row->getICUid(), 'IC_NAME' => $row->getICName());
|
$data = [];
|
||||||
|
foreach ($countries as $row) {
|
||||||
|
$data[] = ['IC_UID' => $row->getICUid(), 'IC_NAME' => $row->getICName()];
|
||||||
}
|
}
|
||||||
print(G::json_encode($oData));
|
print(G::json_encode($data));
|
||||||
break;
|
break;
|
||||||
case 'stateList':
|
case 'stateList':
|
||||||
require_once("classes/model/IsoSubdivision.php");
|
|
||||||
$c = new Criteria();
|
$c = new Criteria();
|
||||||
$country = $_POST['IC_UID'];
|
$country = $_POST['IC_UID'];
|
||||||
$c->add(IsoSubdivisionPeer::IC_UID, $country, Criteria::EQUAL);
|
$c->add(IsoSubdivisionPeer::IC_UID, $country, Criteria::EQUAL);
|
||||||
$c->addAscendingOrderByColumn(IsoSubdivisionPeer::IS_NAME);
|
$c->addAscendingOrderByColumn(IsoSubdivisionPeer::IS_NAME);
|
||||||
$locations = IsoSubdivisionPeer::doSelect($c);
|
$locations = IsoSubdivisionPeer::doSelect($c);
|
||||||
|
|
||||||
$oData = array();
|
$data = [];
|
||||||
foreach ($locations as $rowid => $row) {
|
foreach ($locations as $row) {
|
||||||
if (($row->getISUid() != '') && ($row->getISName() != '')) {
|
if (($row->getISUid() != '') && ($row->getISName() != '')) {
|
||||||
$oData[] = array('IS_UID' => $row->getISUid(), 'IS_NAME' => $row->getISName());
|
$data[] = ['IS_UID' => $row->getISUid(), 'IS_NAME' => $row->getISName()];
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
print(G::json_encode($oData));
|
print(G::json_encode($data));
|
||||||
break;
|
break;
|
||||||
case 'locationList':
|
case 'locationList':
|
||||||
require_once("classes/model/IsoLocation.php");
|
|
||||||
$c = new Criteria();
|
$c = new Criteria();
|
||||||
$country = $_POST['IC_UID'];
|
$country = $_POST['IC_UID'];
|
||||||
$state = $_POST['IS_UID'];
|
$state = $_POST['IS_UID'];
|
||||||
@@ -51,20 +60,20 @@ switch ($_POST['action']) {
|
|||||||
$c->addAscendingOrderByColumn(IsoLocationPeer::IL_NAME);
|
$c->addAscendingOrderByColumn(IsoLocationPeer::IL_NAME);
|
||||||
$locations = IsoLocationPeer::doSelect($c);
|
$locations = IsoLocationPeer::doSelect($c);
|
||||||
|
|
||||||
$oData = array();
|
$data = [];
|
||||||
foreach ($locations as $rowid => $row) {
|
foreach ($locations as $row) {
|
||||||
if (($row->getILUid() != '') && ($row->getILName() != '')) {
|
if (($row->getILUid() != '') && ($row->getILName() != '')) {
|
||||||
$oData[] = array('IL_UID' => $row->getILUid(), 'IL_NAME' => $row->getILName());
|
$data[] = ['IL_UID' => $row->getILUid(), 'IL_NAME' => $row->getILName()];
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
print(G::json_encode($oData));
|
print(G::json_encode($data));
|
||||||
break;
|
break;
|
||||||
case 'usersList':
|
case 'usersList':
|
||||||
$filter = (isset($_POST['filter'])) ? $_POST['filter'] : '';
|
$filter = (isset($_POST['filter'])) ? $_POST['filter'] : '';
|
||||||
|
|
||||||
$arrayUser = [];
|
$arrayUser = [];
|
||||||
|
|
||||||
$user = new \ProcessMaker\BusinessModel\User();
|
$user = new BmUser();
|
||||||
$conf = new Configurations();
|
$conf = new Configurations();
|
||||||
|
|
||||||
$arrayConfFormat = $conf->getFormats();
|
$arrayConfFormat = $conf->getFormats();
|
||||||
@@ -75,9 +84,9 @@ switch ($_POST['action']) {
|
|||||||
$arrayCondition[] = [UsersPeer::USR_UID, $_POST['USR_UID'], Criteria::NOT_EQUAL];
|
$arrayCondition[] = [UsersPeer::USR_UID, $_POST['USR_UID'], Criteria::NOT_EQUAL];
|
||||||
}
|
}
|
||||||
|
|
||||||
$result = $user->getUsers(['condition' => $arrayCondition, 'filter' => $filter], null, null, null, 25);
|
$results = $user->getUsers(['condition' => $arrayCondition, 'filter' => $filter], null, null, null, 25);
|
||||||
|
|
||||||
foreach ($result['data'] as $record) {
|
foreach ($results['data'] as $record) {
|
||||||
$arrayUser[] = [
|
$arrayUser[] = [
|
||||||
'USR_UID' => $record['USR_UID'],
|
'USR_UID' => $record['USR_UID'],
|
||||||
'USER_FULLNAME' => G::getFormatUserList($arrayConfFormat['format'], $record)
|
'USER_FULLNAME' => G::getFormatUserList($arrayConfFormat['format'], $record)
|
||||||
@@ -89,48 +98,49 @@ switch ($_POST['action']) {
|
|||||||
case 'availableCalendars':
|
case 'availableCalendars':
|
||||||
$calendar = new Calendar();
|
$calendar = new Calendar();
|
||||||
$calendarObj = $calendar->getCalendarList(true, true);
|
$calendarObj = $calendar->getCalendarList(true, true);
|
||||||
$oData[] = array('CALENDAR_UID' => '', 'CALENDAR_NAME' => '- ' . G::LoadTranslation('ID_NONE') . ' -');
|
$data = [['CALENDAR_UID' => '', 'CALENDAR_NAME' => '- ' . G::LoadTranslation('ID_NONE') . ' -']];
|
||||||
foreach ($calendarObj['array'] as $rowid => $row) {
|
foreach ($calendarObj['array'] as $rowId => $row) {
|
||||||
if ($rowid > 0) {
|
if ($rowId > 0) {
|
||||||
$oData[] = array('CALENDAR_UID' => $row['CALENDAR_UID'], 'CALENDAR_NAME' => $row['CALENDAR_NAME']);
|
$data[] = ['CALENDAR_UID' => $row['CALENDAR_UID'], 'CALENDAR_NAME' => $row['CALENDAR_NAME']];
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
print(G::json_encode($oData));
|
print(G::json_encode($data));
|
||||||
break;
|
break;
|
||||||
case 'rolesList':
|
case 'rolesList':
|
||||||
require_once PATH_RBAC . "model/Roles.php";
|
|
||||||
$roles = new Roles();
|
$roles = new Roles();
|
||||||
$rolesData = $roles->getAllRoles();
|
$rolesData = $roles->getAllRoles();
|
||||||
foreach ($rolesData as $rowid => $row) {
|
$data = [];
|
||||||
$oData[] = array('ROL_UID' => $row['ROL_CODE'], 'ROL_CODE' => $row['ROL_NAME']);
|
foreach ($rolesData as $rowId => $row) {
|
||||||
|
$data[] = ['ROL_UID' => $row['ROL_CODE'], 'ROL_CODE' => $row['ROL_NAME']];
|
||||||
}
|
}
|
||||||
print(G::json_encode($oData));
|
print(G::json_encode($data));
|
||||||
break;
|
break;
|
||||||
case 'getUserLogedRole':
|
case 'getUserLogedRole':
|
||||||
require_once 'classes/model/Users.php';
|
$user = new Users();
|
||||||
$oUser = new Users();
|
$userLog = $user->loadDetailed($_SESSION['USER_LOGGED']);
|
||||||
$aUserLog = $oUser->loadDetailed($_SESSION['USER_LOGGED']);
|
print(G::json_encode([
|
||||||
print(G::json_encode(array(
|
'USR_UID' => $userLog['USR_UID'],
|
||||||
'USR_UID' => $aUserLog['USR_UID'],
|
'USR_USERNAME' => $userLog['USR_USERNAME'],
|
||||||
'USR_USERNAME' => $aUserLog['USR_USERNAME'],
|
'USR_ROLE' => $userLog['USR_ROLE']
|
||||||
'USR_ROLE' => $aUserLog['USR_ROLE']
|
]));
|
||||||
)));
|
|
||||||
break;
|
break;
|
||||||
case 'languagesList':
|
case 'languagesList':
|
||||||
$Translations = new Translation();
|
$translations = new Translation();
|
||||||
$langs = $Translations->getTranslationEnvironments();
|
$languages = $translations->getTranslationEnvironments();
|
||||||
$oData[] = array('LAN_ID' => '', 'LAN_NAME' => '- ' . G::LoadTranslation('ID_NONE') . ' -');
|
$data = [['LAN_ID' => '', 'LAN_NAME' => '- ' . G::LoadTranslation('ID_NONE') . ' -']];
|
||||||
foreach ($langs as $lang) {
|
foreach ($languages as $lang) {
|
||||||
$oData[] = array('LAN_ID' => $lang['LOCALE'],'LAN_NAME' => $lang['LANGUAGE']
|
$data[] = [
|
||||||
);
|
'LAN_ID' => $lang['LOCALE'],
|
||||||
|
'LAN_NAME' => $lang['LANGUAGE']
|
||||||
|
];
|
||||||
}
|
}
|
||||||
print(G::json_encode($oData));
|
print(G::json_encode($data));
|
||||||
break;
|
break;
|
||||||
case 'saveUser':
|
case 'saveUser':
|
||||||
case 'savePersonalInfo':
|
case 'savePersonalInfo':
|
||||||
try {
|
try {
|
||||||
verifyCsrfToken($_POST);
|
verifyCsrfToken($_POST);
|
||||||
$user = new \ProcessMaker\BusinessModel\User();
|
$user = new BmUser();
|
||||||
$form = $_POST;
|
$form = $_POST;
|
||||||
$permissionsToSaveData = $user->getPermissionsForEdit();
|
$permissionsToSaveData = $user->getPermissionsForEdit();
|
||||||
$form = $user->checkPermissionForEdit($_SESSION['USER_LOGGED'], $permissionsToSaveData, $form);
|
$form = $user->checkPermissionForEdit($_SESSION['USER_LOGGED'], $permissionsToSaveData, $form);
|
||||||
@@ -138,14 +148,16 @@ switch ($_POST['action']) {
|
|||||||
switch ($_POST['action']) {
|
switch ($_POST['action']) {
|
||||||
case 'saveUser':
|
case 'saveUser':
|
||||||
if (!$user->checkPermission($_SESSION['USER_LOGGED'], 'PM_USERS')) {
|
if (!$user->checkPermission($_SESSION['USER_LOGGED'], 'PM_USERS')) {
|
||||||
throw new Exception(G::LoadTranslation('ID_USER_NOT_HAVE_PERMISSION', [$_SESSION['USER_LOGGED']]));
|
throw new Exception(G::LoadTranslation('ID_USER_NOT_HAVE_PERMISSION',
|
||||||
|
[$_SESSION['USER_LOGGED']]));
|
||||||
}
|
}
|
||||||
break;
|
break;
|
||||||
case 'savePersonalInfo':
|
case 'savePersonalInfo':
|
||||||
if (!$user->checkPermission($_SESSION['USER_LOGGED'], 'PM_USERS') &&
|
if (!$user->checkPermission($_SESSION['USER_LOGGED'], 'PM_USERS') &&
|
||||||
!$user->checkPermission($_SESSION['USER_LOGGED'], 'PM_EDITPERSONALINFO')
|
!$user->checkPermission($_SESSION['USER_LOGGED'], 'PM_EDITPERSONALINFO')
|
||||||
) {
|
) {
|
||||||
throw new Exception(G::LoadTranslation('ID_USER_NOT_HAVE_PERMISSION', [$_SESSION['USER_LOGGED']]));
|
throw new Exception(G::LoadTranslation('ID_USER_NOT_HAVE_PERMISSION',
|
||||||
|
[$_SESSION['USER_LOGGED']]));
|
||||||
}
|
}
|
||||||
break;
|
break;
|
||||||
default:
|
default:
|
||||||
@@ -159,7 +171,7 @@ switch ($_POST['action']) {
|
|||||||
|
|
||||||
$userUid = '';
|
$userUid = '';
|
||||||
$auditLogType = '';
|
$auditLogType = '';
|
||||||
if ($form['USR_UID'] == '') {
|
if (empty($form['USR_UID'])) {
|
||||||
$arrayUserData = $user->create($form);
|
$arrayUserData = $user->create($form);
|
||||||
$userUid = $arrayUserData['USR_UID'];
|
$userUid = $arrayUserData['USR_UID'];
|
||||||
$auditLogType = 'INS';
|
$auditLogType = 'INS';
|
||||||
@@ -168,27 +180,30 @@ switch ($_POST['action']) {
|
|||||||
unset($form['USR_NEW_PASS']);
|
unset($form['USR_NEW_PASS']);
|
||||||
}
|
}
|
||||||
|
|
||||||
$result = $user->update($form['USR_UID'], $form, $_SESSION['USER_LOGGED']);
|
$results = $user->update($form['USR_UID'], $form, $_SESSION['USER_LOGGED']);
|
||||||
$userUid = $form['USR_UID'];
|
$userUid = $form['USR_UID'];
|
||||||
$arrayUserData = $user->getUserRecordByPk($userUid, [], false);
|
$arrayUserData = $user->getUserRecordByPk($userUid, [], false);
|
||||||
$auditLogType = 'UPD';
|
$auditLogType = 'UPD';
|
||||||
}
|
}
|
||||||
|
|
||||||
$user->auditLog($auditLogType, array_merge(['USR_UID' => $userUid, 'USR_USERNAME' => $arrayUserData['USR_USERNAME']], $form));
|
$user->auditLog($auditLogType,
|
||||||
|
array_merge(['USR_UID' => $userUid, 'USR_USERNAME' => $arrayUserData['USR_USERNAME']], $form));
|
||||||
/* Saving preferences */
|
/* Saving preferences */
|
||||||
$def_lang = isset($form['PREF_DEFAULT_LANG']) ? $form['PREF_DEFAULT_LANG'] : '';
|
$def_lang = isset($form['PREF_DEFAULT_LANG']) ? $form['PREF_DEFAULT_LANG'] : '';
|
||||||
$def_menu = isset($form['PREF_DEFAULT_MENUSELECTED']) ? $form['PREF_DEFAULT_MENUSELECTED'] : '';
|
$def_menu = isset($form['PREF_DEFAULT_MENUSELECTED']) ? $form['PREF_DEFAULT_MENUSELECTED'] : '';
|
||||||
$def_cases_menu = isset($form['PREF_DEFAULT_CASES_MENUSELECTED']) ? $form['PREF_DEFAULT_CASES_MENUSELECTED'] : '';
|
$def_cases_menu = isset($form['PREF_DEFAULT_CASES_MENUSELECTED']) ? $form['PREF_DEFAULT_CASES_MENUSELECTED'] : '';
|
||||||
$oConf = new Configurations();
|
$configuration = new Configurations();
|
||||||
$aConf = array('DEFAULT_LANG' => $def_lang, 'DEFAULT_MENU' => $def_menu, 'DEFAULT_CASES_MENU' => $def_cases_menu);
|
$configuration->aConfig = [
|
||||||
$oConf->aConfig = $aConf;
|
'DEFAULT_LANG' => $def_lang,
|
||||||
$oConf->saveConfig('USER_PREFERENCES', '', '', $userUid);
|
'DEFAULT_MENU' => $def_menu,
|
||||||
|
'DEFAULT_CASES_MENU' => $def_cases_menu
|
||||||
|
];
|
||||||
|
$configuration->saveConfig('USER_PREFERENCES', '', '', $userUid);
|
||||||
|
|
||||||
if ($user->checkPermission($userUid, 'PM_EDIT_USER_PROFILE_PHOTO')) {
|
if ($user->checkPermission($userUid, 'PM_EDIT_USER_PROFILE_PHOTO')) {
|
||||||
try {
|
try {
|
||||||
$user->uploadImage($userUid);
|
$user->uploadImage($userUid);
|
||||||
} catch (Exception $e) {
|
} catch (Exception $e) {
|
||||||
$result = new stdClass();
|
|
||||||
$result->success = false;
|
$result->success = false;
|
||||||
$result->fileError = true;
|
$result->fileError = true;
|
||||||
|
|
||||||
@@ -199,62 +214,64 @@ switch ($_POST['action']) {
|
|||||||
|
|
||||||
if ($_SESSION['USER_LOGGED'] == $form['USR_UID']) {
|
if ($_SESSION['USER_LOGGED'] == $form['USR_UID']) {
|
||||||
/* UPDATING SESSION VARIABLES */
|
/* UPDATING SESSION VARIABLES */
|
||||||
$aUser = $RBAC->userObj->load($_SESSION['USER_LOGGED']);
|
$userInfo = $RBAC->userObj->load($_SESSION['USER_LOGGED']);
|
||||||
$_SESSION['USR_FULLNAME'] = $aUser['USR_FIRSTNAME'] . ' ' . $aUser['USR_LASTNAME'];
|
$_SESSION['USR_FULLNAME'] = $userInfo['USR_FIRSTNAME'] . ' ' . $userInfo['USR_LASTNAME'];
|
||||||
}
|
}
|
||||||
|
|
||||||
$result = new stdClass();
|
|
||||||
$result->success = true;
|
$result->success = true;
|
||||||
print(G::json_encode($result));
|
print(G::json_encode($result));
|
||||||
} catch (Exception $e) {
|
} catch (Exception $e) {
|
||||||
$result = new stdClass();
|
|
||||||
$result->success = false;
|
$result->success = false;
|
||||||
$result->error = $e->getMessage();
|
$result->error = $e->getMessage();
|
||||||
print(G::json_encode($result));
|
print(G::json_encode($result));
|
||||||
}
|
}
|
||||||
break;
|
break;
|
||||||
case 'userData':
|
case 'userData':
|
||||||
require_once 'classes/model/Users.php';
|
// Check if the user logged has the correct permission
|
||||||
|
if (($_POST['USR_UID'] !== $_SESSION['USER_LOGGED']) && ($RBAC->userCanAccess('PM_USERS') !== 1)) {
|
||||||
|
throw new Exception(G::LoadTranslation('ID_USER_NOT_HAVE_PERMISSION', [$_SESSION['USER_LOGGED']]));
|
||||||
|
}
|
||||||
|
|
||||||
$_SESSION['CURRENT_USER'] = $_POST['USR_UID'];
|
$_SESSION['CURRENT_USER'] = $_POST['USR_UID'];
|
||||||
$oUser = new Users();
|
$user = new Users();
|
||||||
$aFields = $oUser->loadDetailed($_POST['USR_UID']);
|
$fields = $user->loadDetailed($_POST['USR_UID']);
|
||||||
|
|
||||||
//Load Calendar options and falue for this user
|
//Load Calendar options and falue for this user
|
||||||
$calendar = new Calendar();
|
$calendar = new Calendar();
|
||||||
$calendarInfo = $calendar->getCalendarFor($_POST['USR_UID'], $_POST['USR_UID'], $_POST['USR_UID']);
|
$calendarInfo = $calendar->getCalendarFor($_POST['USR_UID'], $_POST['USR_UID'], $_POST['USR_UID']);
|
||||||
//If the function returns a DEFAULT calendar it means that this object doesn't have assigned any calendar
|
//If the function returns a DEFAULT calendar it means that this object doesn't have assigned any calendar
|
||||||
$aFields['USR_CALENDAR'] = $calendarInfo['CALENDAR_APPLIED'] != 'DEFAULT' ? $calendarInfo['CALENDAR_UID'] : "";
|
$fields['USR_CALENDAR'] = $calendarInfo['CALENDAR_APPLIED'] != 'DEFAULT' ? $calendarInfo['CALENDAR_UID'] : "";
|
||||||
$aFields['CALENDAR_NAME'] = $calendarInfo['CALENDAR_NAME'];
|
$fields['CALENDAR_NAME'] = $calendarInfo['CALENDAR_NAME'];
|
||||||
|
|
||||||
#verifying if it has any preferences on the configurations table
|
//verifying if it has any preferences on the configurations table
|
||||||
$oConf = new Configurations();
|
$configuration = new Configurations();
|
||||||
$oConf->loadConfig($x, 'USER_PREFERENCES', '', '', $aFields['USR_UID'], '');
|
$configuration->loadConfig($x, 'USER_PREFERENCES', '', '', $fields['USR_UID'], '');
|
||||||
|
|
||||||
$aFields['PREF_DEFAULT_MENUSELECTED'] = '';
|
$fields['PREF_DEFAULT_MENUSELECTED'] = '';
|
||||||
$aFields['PREF_DEFAULT_CASES_MENUSELECTED'] = '';
|
$fields['PREF_DEFAULT_CASES_MENUSELECTED'] = '';
|
||||||
$aFields['PREF_DEFAULT_LANG'] = isset($oConf->aConfig['DEFAULT_LANG']) ? $oConf->aConfig['DEFAULT_LANG'] : SYS_LANG;
|
$fields['PREF_DEFAULT_LANG'] = isset($configuration->aConfig['DEFAULT_LANG']) ? $configuration->aConfig['DEFAULT_LANG'] : SYS_LANG;
|
||||||
|
|
||||||
if (isset($oConf->aConfig['DEFAULT_MENU'])) {
|
if (isset($configuration->aConfig['DEFAULT_MENU'])) {
|
||||||
$aFields['PREF_DEFAULT_MENUSELECTED'] = $oConf->aConfig['DEFAULT_MENU'];
|
$fields['PREF_DEFAULT_MENUSELECTED'] = $configuration->aConfig['DEFAULT_MENU'];
|
||||||
} else {
|
} else {
|
||||||
switch ($RBAC->aUserInfo['PROCESSMAKER']['ROLE']['ROL_CODE']) {
|
switch ($RBAC->aUserInfo['PROCESSMAKER']['ROLE']['ROL_CODE']) {
|
||||||
case 'PROCESSMAKER_ADMIN':
|
case 'PROCESSMAKER_ADMIN':
|
||||||
$aFields['PREF_DEFAULT_MENUSELECTED'] = 'PM_SETUP';
|
$fields['PREF_DEFAULT_MENUSELECTED'] = 'PM_SETUP';
|
||||||
break;
|
break;
|
||||||
case 'PROCESSMAKER_OPERATOR':
|
case 'PROCESSMAKER_OPERATOR':
|
||||||
$aFields['PREF_DEFAULT_MENUSELECTED'] = 'PM_CASES';
|
$fields['PREF_DEFAULT_MENUSELECTED'] = 'PM_CASES';
|
||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
$aFields['PREF_DEFAULT_CASES_MENUSELECTED'] = isset($oConf->aConfig['DEFAULT_CASES_MENU']) ? $oConf->aConfig['DEFAULT_CASES_MENU'] : '';
|
$fields['PREF_DEFAULT_CASES_MENUSELECTED'] = isset($configuration->aConfig['DEFAULT_CASES_MENU']) ? $configuration->aConfig['DEFAULT_CASES_MENU'] : '';
|
||||||
|
|
||||||
if ($aFields['USR_REPLACED_BY'] != '') {
|
if ($fields['USR_REPLACED_BY'] != '') {
|
||||||
$user = new Users();
|
$user = new Users();
|
||||||
$u = $user->load($aFields['USR_REPLACED_BY']);
|
$u = $user->load($fields['USR_REPLACED_BY']);
|
||||||
if ($u['USR_STATUS'] == 'CLOSED') {
|
if ($u['USR_STATUS'] == 'CLOSED') {
|
||||||
$replaced_by = '';
|
$replaced_by = '';
|
||||||
$aFields['USR_REPLACED_BY'] = '';
|
$fields['USR_REPLACED_BY'] = '';
|
||||||
} else {
|
} else {
|
||||||
$c = new Configurations();
|
$c = new Configurations();
|
||||||
$arrayConfFormat = $c->getFormats();
|
$arrayConfFormat = $c->getFormats();
|
||||||
@@ -265,13 +282,13 @@ switch ($_POST['action']) {
|
|||||||
$replaced_by = '';
|
$replaced_by = '';
|
||||||
}
|
}
|
||||||
|
|
||||||
$aFields['REPLACED_NAME'] = $replaced_by;
|
$fields['REPLACED_NAME'] = $replaced_by;
|
||||||
|
|
||||||
$menuSelected = '';
|
$menuSelected = '';
|
||||||
|
|
||||||
if ($aFields['PREF_DEFAULT_MENUSELECTED'] != '') {
|
if ($fields['PREF_DEFAULT_MENUSELECTED'] != '') {
|
||||||
foreach ($RBAC->aUserInfo['PROCESSMAKER']['PERMISSIONS'] as $permission) {
|
foreach ($RBAC->aUserInfo['PROCESSMAKER']['PERMISSIONS'] as $permission) {
|
||||||
if ($aFields['PREF_DEFAULT_MENUSELECTED'] == $permission['PER_CODE']) {
|
if ($fields['PREF_DEFAULT_MENUSELECTED'] == $permission['PER_CODE']) {
|
||||||
switch ($permission['PER_CODE']) {
|
switch ($permission['PER_CODE']) {
|
||||||
case 'PM_USERS':
|
case 'PM_USERS':
|
||||||
case 'PM_SETUP':
|
case 'PM_SETUP':
|
||||||
@@ -288,78 +305,88 @@ switch ($_POST['action']) {
|
|||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
} else {
|
} else {
|
||||||
if ($aFields['PREF_DEFAULT_MENUSELECTED'] == 'PM_STRATEGIC_DASHBOARD') {
|
if ($fields['PREF_DEFAULT_MENUSELECTED'] == 'PM_STRATEGIC_DASHBOARD') {
|
||||||
$menuSelected = strtoupper(G::LoadTranslation('ID_STRATEGIC_DASHBOARD'));
|
$menuSelected = strtoupper(G::LoadTranslation('ID_STRATEGIC_DASHBOARD'));
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
$aFields['MENUSELECTED_NAME'] = $menuSelected;
|
$fields['MENUSELECTED_NAME'] = $menuSelected;
|
||||||
|
|
||||||
$oMenu = new Menu();
|
$menu = new Menu();
|
||||||
$oMenu->load('cases');
|
$menu->load('cases');
|
||||||
$casesMenuSelected = '';
|
$casesMenuSelected = '';
|
||||||
|
|
||||||
if ($aFields['PREF_DEFAULT_CASES_MENUSELECTED'] != '') {
|
if ($fields['PREF_DEFAULT_CASES_MENUSELECTED'] != '') {
|
||||||
foreach ($oMenu->Id as $i => $item) {
|
foreach ($menu->Id as $i => $item) {
|
||||||
if ($aFields['PREF_DEFAULT_CASES_MENUSELECTED'] == $item) {
|
if ($fields['PREF_DEFAULT_CASES_MENUSELECTED'] == $item) {
|
||||||
$casesMenuSelected = $oMenu->Labels[$i];
|
$casesMenuSelected = $menu->Labels[$i];
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
require_once 'classes/model/Users.php';
|
$user = new Users();
|
||||||
$oUser = new Users();
|
$userLog = $user->loadDetailed($_SESSION['USER_LOGGED']);
|
||||||
$aUserLog = $oUser->loadDetailed($_SESSION['USER_LOGGED']);
|
$fields['USER_LOGGED_NAME'] = $userLog['USR_USERNAME'];
|
||||||
$aFields['USER_LOGGED_NAME'] = $aUserLog['USR_USERNAME'];
|
$fields['USER_LOGGED_ROLE'] = $userLog['USR_ROLE'];
|
||||||
$aFields['USER_LOGGED_ROLE'] = $aUserLog['USR_ROLE'];
|
|
||||||
|
|
||||||
$aFields['CASES_MENUSELECTED_NAME'] = $casesMenuSelected;
|
$fields['CASES_MENUSELECTED_NAME'] = $casesMenuSelected;
|
||||||
|
|
||||||
require_once 'classes/model/UsersProperties.php';
|
$userProperties = new UsersProperties();
|
||||||
$oUserProperty = new UsersProperties();
|
$properties = $userProperties->loadOrCreateIfNotExists($fields['USR_UID'],
|
||||||
$aUserProperty = $oUserProperty->loadOrCreateIfNotExists($aFields['USR_UID'], array('USR_PASSWORD_HISTORY' => serialize(array($oUser->getUsrPassword()))));
|
['USR_PASSWORD_HISTORY' => serialize([$user->getUsrPassword()])]);
|
||||||
$aFields['USR_LOGGED_NEXT_TIME'] = $aUserProperty['USR_LOGGED_NEXT_TIME'];
|
$fields['USR_LOGGED_NEXT_TIME'] = $properties['USR_LOGGED_NEXT_TIME'];
|
||||||
|
|
||||||
if (array_key_exists('USR_PASSWORD', $aFields)) {
|
if (array_key_exists('USR_PASSWORD', $fields)) {
|
||||||
unset($aFields['USR_PASSWORD']);
|
unset($fields['USR_PASSWORD']);
|
||||||
}
|
}
|
||||||
|
|
||||||
$userPermissions = new \ProcessMaker\BusinessModel\User();
|
$userPermissions = new BmUser();
|
||||||
$permissions = $userPermissions->loadDetailedPermissions($aFields);
|
$permissions = $userPermissions->loadDetailedPermissions($fields);
|
||||||
|
|
||||||
$result->success = true;
|
$result->success = true;
|
||||||
$result->user = $aFields;
|
$result->user = $fields;
|
||||||
$result->permission = $permissions;
|
$result->permission = $permissions;
|
||||||
|
|
||||||
print(G::json_encode($result));
|
print(G::json_encode($result));
|
||||||
break;
|
break;
|
||||||
case 'defaultMainMenuOptionList':
|
case 'defaultMainMenuOptionList':
|
||||||
|
$rows = [];
|
||||||
foreach ($RBAC->aUserInfo['PROCESSMAKER']['PERMISSIONS'] as $permission) {
|
foreach ($RBAC->aUserInfo['PROCESSMAKER']['PERMISSIONS'] as $permission) {
|
||||||
switch ($permission['PER_CODE']) {
|
switch ($permission['PER_CODE']) {
|
||||||
case 'PM_USERS':
|
case 'PM_USERS':
|
||||||
case 'PM_SETUP':
|
case 'PM_SETUP':
|
||||||
$rows[] = array('id' => 'PM_SETUP', 'name' => strtoupper(G::LoadTranslation('ID_SETUP'))
|
$rows[] = [
|
||||||
);
|
'id' => 'PM_SETUP',
|
||||||
|
'name' => strtoupper(G::LoadTranslation('ID_SETUP'))
|
||||||
|
];
|
||||||
break;
|
break;
|
||||||
case 'PM_CASES':
|
case 'PM_CASES':
|
||||||
$rows[] = array('id' => 'PM_CASES', 'name' => strtoupper(G::LoadTranslation('ID_CASES'))
|
$rows[] = [
|
||||||
);
|
'id' => 'PM_CASES',
|
||||||
|
'name' => strtoupper(G::LoadTranslation('ID_CASES'))
|
||||||
|
];
|
||||||
break;
|
break;
|
||||||
case 'PM_FACTORY':
|
case 'PM_FACTORY':
|
||||||
$rows[] = array('id' => 'PM_FACTORY', 'name' => strtoupper(G::LoadTranslation('ID_APPLICATIONS'))
|
$rows[] = [
|
||||||
);
|
'id' => 'PM_FACTORY',
|
||||||
|
'name' => strtoupper(G::LoadTranslation('ID_APPLICATIONS'))
|
||||||
|
];
|
||||||
break;
|
break;
|
||||||
case 'PM_DASHBOARD':
|
case 'PM_DASHBOARD':
|
||||||
$rows[] = array('id' => 'PM_DASHBOARD', 'name' => strtoupper(G::LoadTranslation('ID_DASHBOARD'))
|
$rows[] = [
|
||||||
);
|
'id' => 'PM_DASHBOARD',
|
||||||
|
'name' => strtoupper(G::LoadTranslation('ID_DASHBOARD'))
|
||||||
|
];
|
||||||
/*----------------------------------********---------------------------------*/
|
/*----------------------------------********---------------------------------*/
|
||||||
// NEW DASHBOARD MODULE
|
// NEW DASHBOARD MODULE
|
||||||
$licensedFeatures = PMLicensedFeatures::getSingleton();
|
$licensedFeatures = PMLicensedFeatures::getSingleton();
|
||||||
if ($licensedFeatures->verifyfeature('r19Vm5DK1UrT09MenlLYjZxejlhNUZ1b1NhV0JHWjBsZEJ6dnpJa3dTeWVLVT0=')) {
|
if ($licensedFeatures->verifyfeature('r19Vm5DK1UrT09MenlLYjZxejlhNUZ1b1NhV0JHWjBsZEJ6dnpJa3dTeWVLVT0=')) {
|
||||||
$rows[] = array('id' => 'PM_STRATEGIC_DASHBOARD', 'name' => strtoupper(G::LoadTranslation('ID_STRATEGIC_DASHBOARD'))
|
$rows[] = [
|
||||||
);
|
'id' => 'PM_STRATEGIC_DASHBOARD',
|
||||||
|
'name' => strtoupper(G::LoadTranslation('ID_STRATEGIC_DASHBOARD'))
|
||||||
|
];
|
||||||
}
|
}
|
||||||
/*----------------------------------********---------------------------------*/
|
/*----------------------------------********---------------------------------*/
|
||||||
break;
|
break;
|
||||||
@@ -368,19 +395,17 @@ switch ($_POST['action']) {
|
|||||||
print(G::json_encode($rows));
|
print(G::json_encode($rows));
|
||||||
break;
|
break;
|
||||||
case 'defaultCasesMenuOptionList':
|
case 'defaultCasesMenuOptionList':
|
||||||
|
$menu = new Menu();
|
||||||
|
$menu->load('cases');
|
||||||
|
|
||||||
$oMenu = new Menu();
|
foreach ($menu->Id as $i => $item) {
|
||||||
$oMenu->load('cases');
|
if ($menu->Types[$i] != 'blockHeader') {
|
||||||
|
$rowsCasesMenu[] = ['id' => $item, 'name' => $menu->Labels[$i]];
|
||||||
foreach ($oMenu->Id as $i => $item) {
|
|
||||||
if ($oMenu->Types[$i] != 'blockHeader') {
|
|
||||||
$rowsCasesMenu[] = array('id' => $item, 'name' => $oMenu->Labels[$i]);
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
print(G::json_encode($rowsCasesMenu));
|
print(G::json_encode($rowsCasesMenu));
|
||||||
break;
|
break;
|
||||||
case 'testPassword':
|
case 'testPassword':
|
||||||
require_once 'classes/model/UsersProperties.php';
|
|
||||||
$userProperty = new UsersProperties();
|
$userProperty = new UsersProperties();
|
||||||
|
|
||||||
$fields = [];
|
$fields = [];
|
||||||
@@ -409,28 +434,27 @@ switch ($_POST['action']) {
|
|||||||
print(G::json_encode($fields));
|
print(G::json_encode($fields));
|
||||||
break;
|
break;
|
||||||
case 'testUsername':
|
case 'testUsername':
|
||||||
require_once 'classes/model/Users.php';
|
|
||||||
$_POST['NEW_USERNAME'] = trim($_POST['NEW_USERNAME']);
|
$_POST['NEW_USERNAME'] = trim($_POST['NEW_USERNAME']);
|
||||||
$USR_UID = isset($_POST['USR_UID']) ? $_POST['USR_UID'] : '';
|
$usrUid = isset($_POST['USR_UID']) ? $_POST['USR_UID'] : '';
|
||||||
|
|
||||||
$response = array("success" => true);
|
$response = ["success" => true];
|
||||||
|
|
||||||
$oCriteria = new Criteria();
|
$criteria = new Criteria();
|
||||||
$oCriteria->addSelectColumn(UsersPeer::USR_USERNAME);
|
$criteria->addSelectColumn(UsersPeer::USR_USERNAME);
|
||||||
|
|
||||||
$oCriteria->add(UsersPeer::USR_USERNAME, utf8_encode($_POST['NEW_USERNAME']));
|
$criteria->add(UsersPeer::USR_USERNAME, utf8_encode($_POST['NEW_USERNAME']));
|
||||||
if ($USR_UID != '') {
|
if ($usrUid != '') {
|
||||||
$oCriteria->add(UsersPeer::USR_UID, array($_POST['USR_UID']), Criteria::NOT_IN);
|
$criteria->add(UsersPeer::USR_UID, [$_POST['USR_UID']], Criteria::NOT_IN);
|
||||||
}
|
}
|
||||||
$oDataset = UsersPeer::doSelectRS($oCriteria);
|
$dataSet = UsersPeer::doSelectRS($criteria);
|
||||||
$oDataset->setFetchmode(ResultSet::FETCHMODE_ASSOC);
|
$dataSet->setFetchmode(ResultSet::FETCHMODE_ASSOC);
|
||||||
$oDataset->next();
|
$dataSet->next();
|
||||||
$aRow = $oDataset->getRow();
|
$row = $dataSet->getRow();
|
||||||
|
|
||||||
if (is_array($aRow) || $_POST['NEW_USERNAME'] == '') {
|
if (is_array($row) || $_POST['NEW_USERNAME'] == '') {
|
||||||
$color = 'red';
|
$color = 'red';
|
||||||
$img = '/images/delete.png';
|
$img = '/images/delete.png';
|
||||||
$dataVar['USER_ID'] = $_POST['NEW_USERNAME'];
|
$dataVar = ['USER_ID' => $_POST['NEW_USERNAME']];
|
||||||
$text = G::LoadTranslation('ID_USERNAME_ALREADY_EXISTS', $dataVar);
|
$text = G::LoadTranslation('ID_USERNAME_ALREADY_EXISTS', $dataVar);
|
||||||
$text = ($_POST['NEW_USERNAME'] == '') ? G::LoadTranslation('ID_MSG_ERROR_USR_USERNAME') : $text;
|
$text = ($_POST['NEW_USERNAME'] == '') ? G::LoadTranslation('ID_MSG_ERROR_USR_USERNAME') : $text;
|
||||||
$response['exists'] = true;
|
$response['exists'] = true;
|
||||||
@@ -457,8 +481,13 @@ switch ($_POST['action']) {
|
|||||||
$messageResultLogin = "ERROR";
|
$messageResultLogin = "ERROR";
|
||||||
}
|
}
|
||||||
|
|
||||||
$response = array();
|
$response = [];
|
||||||
$response["result"] = $messageResultLogin;
|
$response["result"] = $messageResultLogin;
|
||||||
echo G::json_encode($response);
|
echo G::json_encode($response);
|
||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
|
} catch (Exception $e) {
|
||||||
|
$result->success = false;
|
||||||
|
$result->error = $e->getMessage();
|
||||||
|
echo G::json_encode($result);
|
||||||
|
}
|
||||||
|
|||||||
Reference in New Issue
Block a user