fernando/luos
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Merged in feature/PMCORE-4147 (pull request #8708)

Browse Source 
PMCORE-4147

Approved-by: Julio Cesar Laura Avendaño
This commit is contained in:
Paula Quispe
2023-04-03 19:20:48 +00:00
committed by Julio Cesar Laura Avendaño
parent 8c3bbfedbf 8af3b1573c
commit 2292767189
6 changed files with 622 additions and 449 deletions
Download Patch File Download Diff File Expand all files Collapse all files

24
database/factories/DashletInstanceFactory.php Normal file
View File

@@ -0,0 +1,24 @@
<?php
namespace Database\Factories;
use App\Factories\Factory;
use G;
class DashletInstanceFactory extends Factory
{
/**
* Define the model's default state.
*
* @return array
*/
public function definition()
{
return [
'DAS_INS_UID' => G::generateUniqueID(),
'DAS_UID' => G::generateUniqueID(),
'DAS_INS_OWNER_TYPE' => 'USER',
'DAS_INS_OWNER_UID' => G::generateUniqueID(),
];
}
}

155
tests/unit/workflow/engine/src/ProcessMaker/BusinessModel/UserTest.php Normal file
View File

@@ -0,0 +1,155 @@
<?php
namespace ProcessMaker\BusinessModel;
use Exception;
use ProcessMaker\BusinessModel\User as BmUser;
use ProcessMaker\Model\DashletInstance;
use ProcessMaker\Model\GroupUser;
use ProcessMaker\Model\Groupwf;
use ProcessMaker\Model\ObjectPermission;
use ProcessMaker\Model\Process;
use ProcessMaker\Model\ProcessUser;
use ProcessMaker\Model\TaskUser;
use RBAC;
use Tests\TestCase;
use ProcessMaker\Model\User;
/**
* Class UserTest
*
* @coversDefaultClass \ProcessMaker\BusinessModel\User
*/
class UserTest extends TestCase
{
/**
* This method is called before the first test of this test class is run.
* @return void
*/
public static function setUpBeforeClass(): void
{
parent::setUpBeforeClass();
self::truncateNonInitialModels();
}
/**
* This get guest value
*
* @covers \ProcessMaker\BusinessModel\User::getGuestUser()
* @test
*/
public function it_test_get_guest_user()
{
$user = new BmUser();
$result = $user->getGuestUser();
$this->assertNotEmpty($result);
}
/**
* This checks the delete case admin
*
* @covers \ProcessMaker\BusinessModel\User::deleteGdpr()
* @test
*/
public function it_test_delete_user_gpdr_exception_when_user_is_admin()
{
$user = new BmUser();
$this->expectException(Exception::class);
$user->deleteGdpr(RBAC::ADMIN_USER_UID);
}
/**
* This checks the delete case guest
*
* @covers \ProcessMaker\BusinessModel\User::deleteGdpr()
* @test
*/
public function it_test_delete_user_gpdr_exception_when_user_is_guest()
{
$user = new BmUser();
$this->expectException(Exception::class);
$user->deleteGdpr(RBAC::GUEST_USER_UID);
}
/**
* This checks the delete case guest
*
* @covers \ProcessMaker\BusinessModel\User::deleteGdpr()
*
* @test
*/
public function it_test_delete_user_gpdr()
{
// Create a user
$user = User::factory()->create();
// Assign the user in a group
$groupwf = Groupwf::factory()->create();
GroupUser::factory()->create([
'GRP_UID' => $groupwf->GRP_UID,
'GRP_ID' => $groupwf->GRP_ID,
'USR_UID' => $user->USR_UID,
]);
// Assign the user in a task
TaskUser::factory()->create([
'USR_UID' => $user->USR_UID,
'TU_RELATION' => 1,
]);
// Assign the user in a process owner
Process::factory()->create([
'PRO_CREATE_USER' => $user->USR_UID,
]);
// Assign the user in a process permission
ObjectPermission::factory()->create([
'USR_UID' => $user->USR_UID,
'OP_USER_RELATION' => 1,
]);
// Assign the user in a process supervisor
ProcessUser::factory()->create([
'USR_UID' => $user->USR_UID,
'PU_TYPE' => 'SUPERVISOR',
]);
// Assign the user in a dashboard
DashletInstance::factory()->create([
'DAS_INS_OWNER_UID' => $user->USR_UID,
'DAS_INS_OWNER_TYPE' => 'USER',
]);
// Delete user
$usr = new BmUser();
$usr->deleteGdpr($user->USR_UID);
// Check if the user relation with the table are removed
$table = GroupUser::select()->where('USR_UID', $user->USR_UID)->first();
$this->assertEmpty($table);
$table = TaskUser::select()->where('USR_UID', $user->USR_UID)->first();
$this->assertEmpty($table);
$table = Process::select()->where('PRO_CREATE_USER', $user->USR_UID)->first();
$this->assertEmpty($table);
$table = ObjectPermission::select()->where('USR_UID', $user->USR_UID)->first();
$this->assertEmpty($table);
$table = ProcessUser::select()->where('USR_UID', $user->USR_UID)->first();
$this->assertEmpty($table);
$table = DashletInstance::select()->where('DAS_INS_OWNER_UID', $user->USR_UID)->first();
$this->assertEmpty($table);
$table = User::select()->where('USR_UID', $user->USR_UID)->first();
// Set the important fields with an specific value
$this->assertEquals($table->USR_STATUS, 'CLOSED');
$this->assertEquals($table->USR_STATUS_ID, 0);
$this->assertEquals($table->USR_FIRSTNAME, $usr::DELETED_USER);
$this->assertEquals($table->USR_LASTNAME, $usr::DELETED_USER);
// Clean the string fields
$this->assertEmpty($table->USR_USERNAME);
$this->assertEmpty($table->USR_EMAIL);
$this->assertEmpty($table->USR_COUNTRY);
$this->assertEmpty($table->USR_CITY);
$this->assertEmpty($table->USR_LOCATION);
$this->assertEmpty($table->USR_ADDRESS);
$this->assertEmpty($table->USR_PHONE);
$this->assertEmpty($table->USR_FAX);
$this->assertEmpty($table->USR_CELLULAR);
$this->assertEmpty($table->USR_ZIP_CODE);
$this->assertEmpty($table->USR_TIME_ZONE);
$this->assertEquals('{}', $table->USR_EXTENDED_ATTRIBUTES_DATA);
// Clean the date fields
$this->assertEquals($table->USR_BIRTHDAY, '0000-00-00');
$this->assertEquals($table->USR_DUE_DATE, '0000-00-00');
}
}

684
workflow/engine/classes/LdapAdvanced.php
View File

File diff suppressed because it is too large Load Diff

105
workflow/engine/methods/services/ldapadvanced.php
View File

@@ -29,9 +29,10 @@ class ldapadvancedClassCron
public $gCreatedUsers = ""; public $gCreatedUsers = "";
public $gRemovedUsers = ""; public $gRemovedUsers = "";
public $managersHierarchy = array(); public $usersRemovedOu = [];
public $oldManagersHierarchy = array(); public $managersHierarchy = [];
public $managersToClear = array(); public $oldManagersHierarchy = [];
public $managersToClear = [];
public $deletedManager = 0; public $deletedManager = 0;
public function __construct() public function __construct()
@@ -39,9 +40,9 @@ class ldapadvancedClassCron
} }
/** /**
function executed by the cron * function executed by the cron
this function will synchronize users from ldap/active directory to PM users tables * this function will synchronize users from ldap/active directory to PM users tables
@return void * @return void
*/ */
public function executeCron($debug) public function executeCron($debug)
{ {
@@ -64,7 +65,6 @@ class ldapadvancedClassCron
$aGroups = $plugin->getGroups(); $aGroups = $plugin->getGroups();
$plugin->frontEndShow("START"); $plugin->frontEndShow("START");
$plugin->debugLog("START"); $plugin->debugLog("START");
$plugin->stdLog(null, "cron execution started"); $plugin->stdLog(null, "cron execution started");
@@ -77,45 +77,37 @@ class ldapadvancedClassCron
$plugin->sAuthSource = $arrayAuthenticationSourceData["AUTH_SOURCE_UID"]; $plugin->sAuthSource = $arrayAuthenticationSourceData["AUTH_SOURCE_UID"];
$plugin->ldapcnn = null; $plugin->ldapcnn = null;
$plugin->setArrayDepartmentUserSynchronizedChecked(array()); $plugin->setArrayDepartmentUserSynchronizedChecked([]);
$plugin->setArrayUserUpdateChecked(array()); $plugin->setArrayUserUpdateChecked([]);
//Get all User (USR_UID, USR_USERNAME, USR_AUTH_USER_DN) registered in RBAC with this Authentication Source // Get all User (USR_UID, USR_USERNAME, USR_AUTH_USER_DN) registered in RBAC with this Authentication Source
$plugin->setArrayAuthenticationSourceUsers($arrayAuthenticationSourceData["AUTH_SOURCE_UID"]); //INITIALIZE DATA $plugin->setArrayAuthenticationSourceUsers($arrayAuthenticationSourceData["AUTH_SOURCE_UID"]); //INITIALIZE DATA
// Set some logs to show
$plugin->frontEndShow("TEXT", "Authentication Source: " . $arrayAuthenticationSourceData["AUTH_SOURCE_NAME"]); $plugin->frontEndShow("TEXT", "Authentication Source: " . $arrayAuthenticationSourceData["AUTH_SOURCE_NAME"]);
$plugin->log(null, "Executing cron for Authentication Source: " . $arrayAuthenticationSourceData["AUTH_SOURCE_NAME"]); $plugin->log(null, "Executing cron for Authentication Source: " . $arrayAuthenticationSourceData["AUTH_SOURCE_NAME"]);
$context = [ $plugin->stdLog(null, "authentication source", ["AUTH_SOURCE_NAME" => $arrayAuthenticationSourceData["AUTH_SOURCE_NAME"]]);
"AUTH_SOURCE_NAME" => $arrayAuthenticationSourceData["AUTH_SOURCE_NAME"]
];
$plugin->stdLog(null, "authentication source", $context);
//Get all departments from Ldap/ActiveDirectory and build a hierarchy using dn (ou->ou parent) // Get all departments from Ldap/ActiveDirectory and build a hierarchy using dn (ou->ou parent)
$aLdapDepts = $plugin->searchDepartments(); $aLdapDepts = $plugin->searchDepartments();
// Obtain all departments from PM with a valid department in LDAP/ActiveDirectory
//Obtain all departments from PM with a valid department in LDAP/ActiveDirectory
$aRegisteredDepts = $plugin->getRegisteredDepartments($aLdapDepts, $aDepartments); $aRegisteredDepts = $plugin->getRegisteredDepartments($aLdapDepts, $aDepartments);
// Set some logs to show
$plugin->debugLog("ldapadvanced.php > function executeCron() > foreach > \$aRegisteredDepts ---->\n" . print_r($aRegisteredDepts, true)); $plugin->debugLog("ldapadvanced.php > function executeCron() > foreach > \$aRegisteredDepts ---->\n" . print_r($aRegisteredDepts, true));
$plugin->stdLog(null, "RegisteredDepartments", ["result" => $aRegisteredDepts]); $plugin->stdLog(null, "RegisteredDepartments", ["result" => $aRegisteredDepts]);
// Get all group from Ldap/ActiveDirectory
//Get all group from Ldap/ActiveDirectory
$aLdapGroups = $plugin->searchGroups(); $aLdapGroups = $plugin->searchGroups();
// Obtain all groups from PM with a valid group in LDAP/ActiveDirectory
//Obtain all groups from PM with a valid group in LDAP/ActiveDirectory
$aRegisteredGroups = $plugin->getRegisteredGroups($aLdapGroups, $aGroups); $aRegisteredGroups = $plugin->getRegisteredGroups($aLdapGroups, $aGroups);
// Set some logs to show
$plugin->debugLog("ldapadvanced.php > function executeCron() > foreach > \$aRegisteredGroups ---->\n" . print_r($aRegisteredGroups, true)); $plugin->debugLog("ldapadvanced.php > function executeCron() > foreach > \$aRegisteredGroups ---->\n" . print_r($aRegisteredGroups, true));
$plugin->stdLog(null, "RegisteredGroups", ["result" => $aRegisteredGroups]); $plugin->stdLog(null, "RegisteredGroups", ["result" => $aRegisteredGroups]);
// Get all users from Removed OU
//Get all users from Removed OU
$this->usersRemovedOu = $plugin->getUsersFromRemovedOu($arrayAuthenticationSourceData); $this->usersRemovedOu = $plugin->getUsersFromRemovedOu($arrayAuthenticationSourceData);
//Variables // Variables
$this->deletedRemoved = count($this->usersRemovedOu); $this->deletedRemoved = count($this->usersRemovedOu);
$this->deletedRemovedUsers = ""; $this->deletedRemovedUsers = "";
// Variables related to the department
$this->dAlready = 0; $this->dAlready = 0;
$this->dMoved = 0; $this->dMoved = 0;
$this->dImpossible = 0; $this->dImpossible = 0;
@@ -126,7 +118,7 @@ class ldapadvancedClassCron
$this->dImpossibleUsers = ""; $this->dImpossibleUsers = "";
$this->dCreatedUsers = ""; $this->dCreatedUsers = "";
$this->dRemovedUsers = ""; $this->dRemovedUsers = "";
// Variables related to the group
$this->gAlready = 0; $this->gAlready = 0;
$this->gMoved = 0; $this->gMoved = 0;
$this->gImpossible = 0; $this->gImpossible = 0;
@@ -161,7 +153,6 @@ class ldapadvancedClassCron
); );
$plugin->frontEndShow("TEXT", $logResults); $plugin->frontEndShow("TEXT", $logResults);
$plugin->log(null, $logResults); $plugin->log(null, $logResults);
$context = [ $context = [
"existingUsers" => $this->dAlready, "existingUsers" => $this->dAlready,
@@ -171,8 +162,7 @@ class ldapadvancedClassCron
"removed" => $this->dRemoved "removed" => $this->dRemoved
]; ];
$plugin->stdLog(null, "departments", $context); $plugin->stdLog(null, "departments", $context);
// Group - Synchronize Users
//Group - Synchronize Users
$numGroups = count($aRegisteredGroups); $numGroups = count($aRegisteredGroups);
$count = 0; $count = 0;
@@ -184,7 +174,7 @@ class ldapadvancedClassCron
$arrayAux = $this->groupSynchronizeUsers($plugin, $numGroups, $count, $registeredGroup); $arrayAux = $this->groupSynchronizeUsers($plugin, $numGroups, $count, $registeredGroup);
} }
//Group - Print log // Group - Print log
$logResults = sprintf( $logResults = sprintf(
"- Groups -> Existing users: %d, moved: %d, impossible: %d, created: %d, removed: %d", "- Groups -> Existing users: %d, moved: %d, impossible: %d, created: %d, removed: %d",
$this->gAlready, $this->gAlready,
@@ -206,7 +196,7 @@ class ldapadvancedClassCron
]; ];
$plugin->stdLog(null, "groups", $context); $plugin->stdLog(null, "groups", $context);
//Manager // Manager
$plugin->clearManager($this->managersToClear); $plugin->clearManager($this->managersToClear);
if (isset($arrayAuthenticationSourceData["AUTH_SOURCE_DATA"]["DEPARTMENTS_TO_UNASSIGN"])) { if (isset($arrayAuthenticationSourceData["AUTH_SOURCE_DATA"]["DEPARTMENTS_TO_UNASSIGN"])) {
@@ -244,7 +234,7 @@ class ldapadvancedClassCron
$dataset = UsersPeer::doSelectRS($criteria); $dataset = UsersPeer::doSelectRS($criteria);
$dataset->setFetchmode(ResultSet::FETCHMODE_ASSOC); $dataset->setFetchmode(ResultSet::FETCHMODE_ASSOC);
$dataset->next(); $dataset->next();
$users = array(); $users = [];
while ($row = $dataset->getRow()) { while ($row = $dataset->getRow()) {
$users[] = $row["USR_UID"]; $users[] = $row["USR_UID"];
@@ -279,7 +269,7 @@ class ldapadvancedClassCron
$dataset = RbacUsersPeer::doSelectRS($criteria); $dataset = RbacUsersPeer::doSelectRS($criteria);
$dataset->setFetchmode(ResultSet::FETCHMODE_ASSOC); $dataset->setFetchmode(ResultSet::FETCHMODE_ASSOC);
$dataset->next(); $dataset->next();
$existingUsers = array(); $existingUsers = [];
while ($row = $dataset->getRow()) { while ($row = $dataset->getRow()) {
$existingUsers[] = $row["USR_AUTH_USER_DN"]; $existingUsers[] = $row["USR_AUTH_USER_DN"];
@@ -297,9 +287,9 @@ class ldapadvancedClassCron
$deletedManagersAssignments = self::array_diff_assoc_recursive($this->oldManagersHierarchy, $this->managersHierarchy); $deletedManagersAssignments = self::array_diff_assoc_recursive($this->oldManagersHierarchy, $this->managersHierarchy);
$newManagersAssignments = self::array_diff_assoc_recursive($this->managersHierarchy, $this->oldManagersHierarchy); $newManagersAssignments = self::array_diff_assoc_recursive($this->managersHierarchy, $this->oldManagersHierarchy);
$deletedManagers = array(); $deletedManagers = [];
$newManagers = array(); $newManagers = [];
$movedManagers = array(); $movedManagers = [];
if (is_array($deletedManagersAssignments)) { if (is_array($deletedManagersAssignments)) {
foreach ($deletedManagersAssignments as $dn1 => $subordinates1) { foreach ($deletedManagersAssignments as $dn1 => $subordinates1) {
@@ -334,10 +324,9 @@ class ldapadvancedClassCron
} }
} }
} }
//Print and log the users's information //Print and log the users's information
//Deleted/Removed Users //Retired/Deactivated Users
$logResults = sprintf("- Deleted/Removed Users: %d", $this->deletedRemoved); $logResults = sprintf("- Retired/Deactivated Users: %d", $this->deletedRemoved);
$plugin->frontEndShow("TEXT", $logResults); $plugin->frontEndShow("TEXT", $logResults);
@@ -345,15 +334,15 @@ class ldapadvancedClassCron
$context = [ $context = [
"deletedRemoved" => $this->deletedRemoved "deletedRemoved" => $this->deletedRemoved
]; ];
$plugin->stdLog(null, "deleted/removed users", $context); $plugin->stdLog(null, "retired/deactivated users", $context);
if ($this->deletedRemoved > 0) { if ($this->deletedRemoved > 0) {
$plugin->log(null, "Deleted/Removed Users: "); $plugin->log(null, "Retired/Deactivated Users: ");
$plugin->log(null, $this->deletedRemovedUsers); $plugin->log(null, $this->deletedRemovedUsers);
$context = [ $context = [
"deletedRemovedUsers" => $this->deletedRemovedUsers "deletedRemovedUsers" => $this->deletedRemovedUsers
]; ];
$plugin->stdLog(null, "deleted/removed users", $context); $plugin->stdLog(null, "retired/deactivated users", $context);
} }
if ($this->dAlready + $this->gAlready > 0) { if ($this->dAlready + $this->gAlready > 0) {
@@ -424,8 +413,14 @@ class ldapadvancedClassCron
]; ];
$plugin->stdLog(null, "managers assignments", $context); $plugin->stdLog(null, "managers assignments", $context);
//Update Users data based on the LDAP Server // Update Users data based on the LDAP Server
$plugin->usersUpdateData($arrayAuthenticationSourceData["AUTH_SOURCE_UID"]); $plugin->stdLog(null, "usersUpdateData", [$arrayAuthenticationSourceData["AUTH_SOURCE_UID"]]);
$result = $plugin->usersUpdateData($arrayAuthenticationSourceData["AUTH_SOURCE_UID"]);
$logResults = sprintf("- Deleted/Removed Users: %d", $result['countUserDeleted']);
$plugin->frontEndShow("TEXT", $logResults);
$plugin->log(null, $logResults);
// Deactive Users
$plugin->stdLog(null, "deactiveArrayOfUsers", [$this->usersRemovedOu]);
$plugin->deactiveArrayOfUsers($this->usersRemovedOu); $plugin->deactiveArrayOfUsers($this->usersRemovedOu);
} catch (Exception $e) { } catch (Exception $e) {
$plugin = new LdapAdvanced(); $plugin = new LdapAdvanced();
@@ -468,7 +463,7 @@ class ldapadvancedClassCron
} }
} }
return (!isset($difference))? array() : $difference; return (!isset($difference))? [] : $difference;
} }
public function departmentRemoveUsers($departmentUid, array $arrayUserUid) public function departmentRemoveUsers($departmentUid, array $arrayUserUid)
@@ -534,7 +529,7 @@ class ldapadvancedClassCron
$ldapAdvanced->setArrayDepartmentUsers($arrayDepartmentData["DEP_UID"]); //INITIALIZE DATA $ldapAdvanced->setArrayDepartmentUsers($arrayDepartmentData["DEP_UID"]); //INITIALIZE DATA
//Clear the manager assignments //Clear the manager assignments
$arrayUserUid = array(); $arrayUserUid = [];
foreach ($ldapAdvanced->arrayDepartmentUsersByUid as $key => $user) { foreach ($ldapAdvanced->arrayDepartmentUsersByUid as $key => $user) {
$arrayUserUid[] = $user["USR_UID"]; $arrayUserUid[] = $user["USR_UID"];
@@ -544,7 +539,7 @@ class ldapadvancedClassCron
if ($dn != "") { if ($dn != "") {
if (!isset($this->oldManagersHierarchy[$dn])) { if (!isset($this->oldManagersHierarchy[$dn])) {
$this->oldManagersHierarchy[$dn] = array(); $this->oldManagersHierarchy[$dn] = [];
} }
$this->oldManagersHierarchy[$dn][$user["USR_UID"]] = $user["USR_UID"]; $this->oldManagersHierarchy[$dn][$user["USR_UID"]] = $user["USR_UID"];
@@ -567,7 +562,7 @@ class ldapadvancedClassCron
"createdUsers" => $this->dCreatedUsers, "createdUsers" => $this->dCreatedUsers,
"managersHierarchy" => $this->managersHierarchy, "managersHierarchy" => $this->managersHierarchy,
"arrayUserUid" => array(), "arrayUserUid" => [],
"n" => $numDepartments, "n" => $numDepartments,
"i" => $count "i" => $count
@@ -624,7 +619,7 @@ class ldapadvancedClassCron
$ldapAdvanced->setArrayGroupUsers($arrayGroupData["GRP_UID"]); //INITIALIZE DATA $ldapAdvanced->setArrayGroupUsers($arrayGroupData["GRP_UID"]); //INITIALIZE DATA
//Clear the manager assignments //Clear the manager assignments
$arrayUserUid = array(); $arrayUserUid = [];
foreach ($ldapAdvanced->arrayGroupUsersByUid as $key => $user) { foreach ($ldapAdvanced->arrayGroupUsersByUid as $key => $user) {
$arrayUserUid[] = $user["USR_UID"]; $arrayUserUid[] = $user["USR_UID"];
@@ -634,7 +629,7 @@ class ldapadvancedClassCron
if ($dn != "") { if ($dn != "") {
if (!isset($this->oldManagersHierarchy[$dn])) { if (!isset($this->oldManagersHierarchy[$dn])) {
$this->oldManagersHierarchy[$dn] = array(); $this->oldManagersHierarchy[$dn] = [];
} }
$this->oldManagersHierarchy[$dn][$user["USR_UID"]] = $user["USR_UID"]; $this->oldManagersHierarchy[$dn][$user["USR_UID"]] = $user["USR_UID"];
@@ -657,7 +652,7 @@ class ldapadvancedClassCron
"createdUsers" => $this->gCreatedUsers, "createdUsers" => $this->gCreatedUsers,
"managersHierarchy" => $this->managersHierarchy, "managersHierarchy" => $this->managersHierarchy,
"arrayUserUid" => array(), "arrayUserUid" => [],
"n" => $numGroups, "n" => $numGroups,
"i" => $count "i" => $count

85
workflow/engine/src/ProcessMaker/BusinessModel/User.php
View File

@@ -24,6 +24,14 @@ use ListParticipatedLast;
use OauthClients; use OauthClients;
use PMmemcached; use PMmemcached;
use ProcessMaker\BusinessModel\ProcessSupervisor as BmProcessSupervisor; use ProcessMaker\BusinessModel\ProcessSupervisor as BmProcessSupervisor;
use ProcessMaker\Model\DashletInstance;
use ProcessMaker\Model\GroupUser;
use ProcessMaker\Model\ObjectPermission;
use ProcessMaker\Model\Process as ModelProcess;
use ProcessMaker\Model\ProcessUser as ModelProcessUser;
use ProcessMaker\Model\RbacUsers as ModelRbacUsers;
use ProcessMaker\Model\TaskUser;
use ProcessMaker\Model\User as ModelUser;
use ProcessMaker\Plugins\PluginRegistry; use ProcessMaker\Plugins\PluginRegistry;
use ProcessMaker\Util\DateTime; use ProcessMaker\Util\DateTime;
use ProcessMaker\Util\System; use ProcessMaker\Util\System;
@@ -45,6 +53,7 @@ use UsersRolesPeer;
class User class User
{ {
const DELETED_USER = 'unknown';
private $arrayFieldDefinition = array( private $arrayFieldDefinition = array(
"USR_UID" => array( "USR_UID" => array(
"type" => "string", "type" => "string",
@@ -1210,11 +1219,11 @@ class User
* @access public * @access public
* *
* @param array $userData * @param array $userData
* @param string $sRolCode * @param string $rolCode
* *
* @return void * @return void
*/ */
public function updateUser($userData = array(), $sRolCode = '') public function updateUser($userData = [], $rolCode = '')
{ {
$this->userObj = new RbacUsers(); $this->userObj = new RbacUsers();
if (isset($userData['USR_STATUS'])) { if (isset($userData['USR_STATUS'])) {
@@ -1223,9 +1232,9 @@ class User
} }
} }
$this->userObj->update($userData); $this->userObj->update($userData);
if ($sRolCode != '') { if (!empty($rolCode)) {
$this->removeRolesFromUser($userData['USR_UID']); $this->removeRolesFromUser($userData['USR_UID']);
$this->assignRoleToUser($userData['USR_UID'], $sRolCode); $this->assignRoleToUser($userData['USR_UID'], $rolCode);
} }
} }
@@ -1285,7 +1294,7 @@ class User
public function delete($usrUid) public function delete($usrUid)
{ {
try { try {
//Verify data // Verify data
$this->throwExceptionIfNotExistsUser($usrUid, $this->arrayFieldNameForException["usrUid"]); $this->throwExceptionIfNotExistsUser($usrUid, $this->arrayFieldNameForException["usrUid"]);
// Check user admin // Check user admin
if (RBAC::isAdminUserUid($usrUid)) { if (RBAC::isAdminUserUid($usrUid)) {
@@ -1340,6 +1349,72 @@ class User
} }
} }
/**
* Delete User
*
* @param string $usrUid Unique id of User
*
* @throws Exception
*/
public function deleteGdpr($usrUid)
{
try {
// Verify data
$this->throwExceptionIfNotExistsUser($usrUid, $this->arrayFieldNameForException["usrUid"]);
// Check user admin or guest
if (RBAC::isAdminUserUid($usrUid) || RBAC::isGuestUserUid($usrUid)) {
throw new Exception(G::LoadTranslation("ID_MSG_CANNOT_DELETE_USER", [$usrUid]));
}
// Remove the user from groups
GroupUser::where('USR_UID', $usrUid)->delete();
// Remove the user from tasks assigment
TaskUser::where('USR_UID', $usrUid)->where('TU_RELATION', 1)->delete();
// Remove the user from process owner and assign to admin
ModelProcess::where('PRO_CREATE_USER', $usrUid)
->update(['PRO_CREATE_USER' => RBAC::ADMIN_USER_UID]);
// Remove the user from process permission
ObjectPermission::where('USR_UID', $usrUid)->where('OP_USER_RELATION', 1)->delete();
// Remove the user from process supervisor
ModelProcessUser::where('USR_UID', $usrUid)->where('PU_TYPE', 'SUPERVISOR')->delete();
// Mark the user with the deleted status
$fields = [
'USR_STATUS' => 'CLOSED',
'USR_USERNAME' => '',
'USR_FIRSTNAME' => self::DELETED_USER,
'USR_LASTNAME' => self::DELETED_USER,
'USR_EMAIL' => '',
'USR_DUE_DATE' => '0000-00-00',
'USR_CREATE_DATE' => '0000-00-00',
'USR_UPDATE_DATE' => '0000-00-00',
];
ModelRbacUsers::where('USR_UID', $usrUid)->update($fields);
$fields = array_merge(
$fields, [
'USR_STATUS_ID' => 0,
'USR_COUNTRY' => '',
'USR_CITY' => '',
'USR_LOCATION' => '',
'USR_ADDRESS' => '',
'USR_PHONE' => '',
'USR_FAX' => '',
'USR_CELLULAR' => '',
'USR_ZIP_CODE' => '',
'USR_BIRTHDAY' => '0000-00-00',
'USR_TIME_ZONE' => '',
'USR_EXTENDED_ATTRIBUTES_DATA' => '{}',
]
);
ModelUser::where('USR_UID', $usrUid)->update($fields);
// Delete Dashboard
DashletInstance::where('DAS_INS_OWNER_UID', $usrUid)->where('DAS_INS_OWNER_TYPE', 'USER')->delete();
// Destroy session after delete user
RBAC::destroySessionUser($usrUid);
(new OauthClients())->removeByUser($usrUid);
} catch (Exception $e) {
throw $e;
}
}
/** /**
* Get all Users * Get all Users
* *

18
workflow/engine/src/ProcessMaker/Model/DashletInstance.php Normal file
View File

@@ -0,0 +1,18 @@
<?php
namespace ProcessMaker\Model;
use App\Factories\HasFactory;
use Illuminate\Database\Eloquent\Model;
class DashletInstance extends Model
{
use HasFactory;
// Set our table name
protected $table = "DASHLET_INSTANCE";
// Set the PK
protected $primaryKey = 'DAS_INS_UID';
// No timestamps
public $timestamps = false;
}