HOR-3925

Create a user guest by default.
2017-09-27 15:35:11 -04:00
parent 799703996f
commit 128e42e71e
3 changed files with 163 additions and 6 deletions
--- a/gulliver/system/class.rbac.php
+++ b/gulliver/system/class.rbac.php
@@ -50,6 +50,13 @@ use ProcessMaker\Exception\RBACException;
 class RBAC
 {
    const SETUPERMISSIONUID= '00000000000000000000000000000002';
+    const PER_SYSTEM = '00000000000000000000000000000002';
+    const PM_GUEST_CASE = 'PM_GUEST_CASE';
+    const PM_GUEST_CASE_UID = '00000000000000000000000000000066';
+    const PROCESSMAKER_GUEST = 'PROCESSMAKER_GUEST';
+    const PROCESSMAKER_GUEST_UID = '00000000000000000000000000000005';
+    const GUEST_USER_UID = '00000000000000000000000000000002';
+
    /**
     *
     * @access private
@@ -396,6 +403,149 @@ class RBAC
        return $permissionsAdmin;
    }

+    /**
+     * Create if not exists GUEST user.
+     *
+     */
+    private function verifyGuestUser(Roles $role)
+    {
+        try {
+            $strRole = $role->getRolCode();
+
+            $arrayData = array();
+            $arrayData["USR_UID"] = self::GUEST_USER_UID;
+            $arrayData["USR_USERNAME"] = 'Guest';
+            $arrayData["USR_PASSWORD"] = '674ba9750749d735ec9787d606170d78';
+            $arrayData["USR_FIRSTNAME"] = 'Guest';
+            $arrayData["USR_LASTNAME"] = '';
+            $arrayData["USR_EMAIL"] = 'guest@processmaker.com';
+            $arrayData["USR_DUE_DATE"] = '2200-01-01';
+            $arrayData["USR_CREATE_DATE"] = date("Y-m-d H:i:s");
+            $arrayData["USR_UPDATE_DATE"] = date("Y-m-d H:i:s");
+            $arrayData["USR_BIRTHDAY"] = '2009-02-01';
+            $arrayData["USR_AUTH_USER_DN"] = "";
+            $arrayData["USR_STATUS"] = 0;
+
+            $rbacUserExists = RbacUsersPeer::retrieveByPK(self::GUEST_USER_UID);
+            if (!$rbacUserExists) {
+                $rbacUser = new RbacUsers();
+                $rbacUser->fromArray($arrayData, BasePeer::TYPE_FIELDNAME);
+                $rbacUser->save();
+
+                $arrayData["USR_UID"] = $rbacUser->getUsrUid();
+                $arrayData["USR_STATUS"] = 'INACTIVE';
+                $arrayData["USR_COUNTRY"] = "";
+                $arrayData["USR_CITY"] = "";
+                $arrayData["USR_LOCATION"] = "";
+                $arrayData["USR_ADDRESS"] = "";
+                $arrayData["USR_PHONE"] = "";
+                $arrayData["USR_ZIP_CODE"] = "";
+                $arrayData["USR_POSITION"] = "";
+                $arrayData["USR_ROLE"] = $strRole;
+
+                $user = new Users();
+                $user->create($arrayData);
+                $this->assignRoleToUser($user->getUsrUid(), $strRole);
+            } elseif(
+                $rbacUserExists
+                && $rbacUserExists->getUserRole($rbacUserExists->getUsrUid())['ROL_CODE']!==self::PROCESSMAKER_GUEST
+            ) {
+                $this->assignRoleToUser($rbacUserExists->getUsrUid(), $strRole);
+            }
+        } catch (Exception $exception) {
+            throw new Exception(
+                "Can not create guest user: ".$exception->getMessage(),
+                0,
+                $exception
+            );
+        }
+    }
+
+    /**
+     * Create if not exists GUEST role.
+     *
+     */
+    private function verifyGuestRole($permissions)
+    {
+        try {
+            $criteria = new Criteria;
+            $criteria->add(RolesPeer::ROL_CODE, self::PROCESSMAKER_GUEST);
+            $roleExists = RolesPeer::doSelectOne($criteria);
+            if ($roleExists) {
+                return $roleExists;
+            }
+            $aData = [
+                'ROL_UID'         => self::PROCESSMAKER_GUEST_UID,
+                'ROL_CODE'        => self::PROCESSMAKER_GUEST,
+                'ROL_SYSTEM'      => self::PER_SYSTEM,
+                'ROL_STATUS'      => 1,
+                'ROL_NAME'        => self::PROCESSMAKER_GUEST,
+                'ROL_CREATE_DATE' => date('Y-m-d H:i:s'),
+                'ROL_UPDATE_DATE' => date('Y-m-d H:i:s'),
+            ];
+            $this->createRole($aData);
+            $role = RolesPeer::doSelectOne($criteria);
+            foreach($permissions as $permission) {
+                $o = new RolesPermissions();
+                $o->setPerUid($permission->getPerUid());
+                $o->setPermissionName('Guest case');
+                $o->setRolUid($role->getRolUid());
+                $o->save();
+            }
+            return $role;
+        } catch (Exception $exception) {
+            throw new Exception(
+                "Can not create guest role: " . $exception->getMessage(),
+                0,
+                $exception
+            );
+        }
+    }
+
+    /**
+     * Create if not exists GUEST permissions.
+     *
+     */
+    private function verifyGuestPermissions()
+    {
+        try {
+            $criteria = new Criteria();
+            $criteria->add(PermissionsPeer::PER_CODE, self::PM_GUEST_CASE);
+            $perm = PermissionsPeer::doSelectOne($criteria);
+            if ($perm) {
+                return [$perm];
+            }
+            $permission = new Permissions();
+            $permission->setPerUid(self::PM_GUEST_CASE_UID);
+            $permission->setPerCode(self::PM_GUEST_CASE);
+            $permission->setPerCreateDate(date('Y-m-d H:i:s'));
+            $permission->setPerUpdateDate(date('Y-m-d H:i:s'));
+            $permission->setPerStatus(1);
+            $permission->setPerSystem(self::PER_SYSTEM);
+            $permission->save();
+            return [$permission];
+        } catch (Exception $exception) {
+            throw new Exception(
+                "Can not set guest permissions: " . $exception->getMessage(),
+                0,
+                $exception
+            );
+        }
+    }
+
+    /**
+     * Create if not exists GUEST user.
+     * Create if not exists GUEST role.
+     * Create if not exists GUEST permissions.
+     *
+     */
+    private function verifyGuestUserRolePermission()
+    {
+        $permissions = $this->verifyGuestPermissions();
+        $role = $this->verifyGuestRole($permissions);
+        $this->verifyGuestUser($role);
+    }
+
    /**
     * Gets the roles and permission for one RBAC_user
     *
@@ -1444,6 +1594,7 @@ class RBAC
    public function verifyPermissions()
    {
        $message = array();
+        $this->verifyGuestUserRolePermission();
        $listPermissions = $this->loadPermissionAdmin();
        $criteria = new Criteria('rbac');
        $dataset = PermissionsPeer::doSelectRS($criteria);
--- a/rbac/engine/data/mysql/insert.sql
+++ b/rbac/engine/data/mysql/insert.sql
@@ -63,13 +63,15 @@ INSERT INTO `RBAC_PERMISSIONS` VALUES
 ('00000000000000000000000000000062','PM_EDIT_USER_PROFILE_DEFAULT_MAIN_MENU_OPTIONS','2016-07-18 00:00:00','2016-07-18 00:00:00',1,'00000000000000000000000000000002'),
 ('00000000000000000000000000000063','PM_EDIT_USER_PROFILE_DEFAULT_CASES_MENU_OPTIONS','2016-07-18 00:00:00','2016-07-18 00:00:00',1,'00000000000000000000000000000002'),
 ('00000000000000000000000000000064','PM_REASSIGNCASE_SUPERVISOR','2016-09-01 00:00:00','2016-09-01 00:00:00',1,'00000000000000000000000000000002'),
-('00000000000000000000000000000065','PM_SETUP_CUSTOM_CASES_LIST','2017-03-27 00:00:00','2017-03-27 00:00:00',1,'00000000000000000000000000000002');
+('00000000000000000000000000000065','PM_SETUP_CUSTOM_CASES_LIST','2017-03-27 00:00:00','2017-03-27 00:00:00',1,'00000000000000000000000000000002'),
+('00000000000000000000000000000066','PM_GUEST_CASE','2017-03-27 00:00:00','2017-03-27 00:00:00',1,'00000000000000000000000000000002');

 INSERT INTO `RBAC_ROLES` VALUES
 ('00000000000000000000000000000001','','00000000000000000000000000000001','RBAC_ADMIN','2007-07-31 19:10:22','2007-08-03 12:24:36',1),
 ('00000000000000000000000000000002','','00000000000000000000000000000002','PROCESSMAKER_ADMIN','2007-07-31 19:10:22','2007-08-03 12:24:36',1),
 ('00000000000000000000000000000003','','00000000000000000000000000000002','PROCESSMAKER_OPERATOR','2007-07-31 19:10:22','2007-08-03 12:24:36',1),
-('00000000000000000000000000000004', '', '00000000000000000000000000000002', 'PROCESSMAKER_MANAGER', '2010-03-29 09:14:15', '2010-03-29 09:19:53', 1);
+('00000000000000000000000000000004', '', '00000000000000000000000000000002', 'PROCESSMAKER_MANAGER', '2010-03-29 09:14:15', '2010-03-29 09:19:53', 1),
+('00000000000000000000000000000005', '', '00000000000000000000000000000002', 'PROCESSMAKER_GUEST', '2009-02-01 12:24:36', '2009-02-01 12:24:36', 1);


 INSERT INTO `RBAC_ROLES_PERMISSIONS` VALUES
@@ -213,8 +215,11 @@ INSERT INTO `RBAC_ROLES_PERMISSIONS` VALUES
 ('00000000000000000000000000000004','00000000000000000000000000000060'),
 ('00000000000000000000000000000004','00000000000000000000000000000061'),
 ('00000000000000000000000000000004','00000000000000000000000000000062'),
-('00000000000000000000000000000004','00000000000000000000000000000063');
+('00000000000000000000000000000004','00000000000000000000000000000063'),
+('00000000000000000000000000000005','00000000000000000000000000000066');

 INSERT INTO `RBAC_SYSTEMS` VALUES ('00000000000000000000000000000001','RBAC','2007-07-31 19:10:22','2007-08-03 12:24:36',1),('00000000000000000000000000000002','PROCESSMAKER','2007-07-31 19:10:22','2007-08-03 12:24:36',1);
-INSERT INTO `RBAC_USERS` VALUES ('00000000000000000000000000000001','admin','21232f297a57a5a743894a0e4a801fc3','Administrator','','admin@processmaker.com','2020-01-01','2007-08-03 12:24:36','2008-02-13 07:24:07',1,'MYSQL','00000000000000000000000000000000','','');
-INSERT INTO `RBAC_USERS_ROLES` VALUES ('00000000000000000000000000000001','00000000000000000000000000000002');
+INSERT INTO `RBAC_USERS` VALUES ('00000000000000000000000000000001','admin','21232f297a57a5a743894a0e4a801fc3','Administrator','','admin@processmaker.com','2020-01-01','2007-08-03 12:24:36','2008-02-13 07:24:07',1,'MYSQL','00000000000000000000000000000000','',''),
+('00000000000000000000000000000002','guest','674ba9750749d735ec9787d606170d78','Guest','','guest@processmaker.com','2200-01-01','2009-02-01 12:24:36','2009-02-01 12:24:36',0,'MYSQL','00000000000000000000000000000000','','');
+INSERT INTO `RBAC_USERS_ROLES` VALUES ('00000000000000000000000000000001','00000000000000000000000000000002'),
+('00000000000000000000000000000002','00000000000000000000000000000005');
--- a/workflow/engine/data/mysql/insert.sql
+++ b/workflow/engine/data/mysql/insert.sql
@@ -1,5 +1,6 @@
 INSERT INTO USERS (USR_UID,USR_USERNAME,USR_PASSWORD,USR_FIRSTNAME,USR_LASTNAME,USR_EMAIL,USR_DUE_DATE,USR_CREATE_DATE,USR_UPDATE_DATE,USR_STATUS,USR_COUNTRY,USR_CITY,USR_LOCATION,USR_ADDRESS,USR_PHONE,USR_FAX,USR_CELLULAR,USR_ZIP_CODE,DEP_UID,USR_POSITION,USR_RESUME,USR_BIRTHDAY,USR_ROLE,USR_REPORTS_TO,USR_REPLACED_BY ) VALUES 
-('00000000000000000000000000000001','admin','21232f297a57a5a743894a0e4a801fc3','Administrator',' ',  'admin@processmaker.com','2020-01-01','1999-11-30 00:00:00','2008-05-23 18:36:19','ACTIVE',  'US','FL','MMK','','',  '1-305-402-0282','1-305-675-1400','','','Administrator',  '','1999-02-25','PROCESSMAKER_ADMIN','','');
+('00000000000000000000000000000001','admin','21232f297a57a5a743894a0e4a801fc3','Administrator',' ',  'admin@processmaker.com','2020-01-01','1999-11-30 00:00:00','2008-05-23 18:36:19','ACTIVE',  'US','FL','MMK','','',  '1-305-402-0282','1-305-675-1400','','','Administrator',  '','1999-02-25','PROCESSMAKER_ADMIN','',''),
+('00000000000000000000000000000002','admin','674ba9750749d735ec9787d606170d78','Guest',' ',  'admin@processmaker.com','2200-01-01','2009-02-01 12:24:36','2009-02-01 12:24:36','INACTIVE',  'US','FL','MMK','','',  '1-305-402-0282','1-305-675-1400','','','Guest',  '','2009-02-01','PROCESSMAKER_GUEST','','');

 INSERT INTO CONTENT (CON_CATEGORY,CON_PARENT,CON_ID,CON_LANG,CON_VALUE) VALUES
 ('ROL_NAME','','00000000000000000000000000000002','en','System Administrator'),