fernando/luos
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

PMCORE-490

Browse Source
This commit is contained in:
Paula Quispe
2020-01-06 14:30:41 -04:00
parent 8c4c329abe
commit 26bde68123
12 changed files with 278 additions and 79 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
rbac/engine/data/mysql/insert.sql
View File

@@ -11,7 +11,7 @@ INSERT INTO `RBAC_PERMISSIONS` VALUES
('00000000000000000000000000000010','PM_SETUP_ADVANCE',NULL,NULL,1,'00000000000000000000000000000002'),
('00000000000000000000000000000011','PM_DASHBOARD','2009-02-18 00:00:00','2009-02-18 00:00:00',1,'00000000000000000000000000000002'),
('00000000000000000000000000000012','PM_WEBDAV','2009-08-21 00:00:00','2009-08-21 00:00:00',1,'00000000000000000000000000000002'),
('00000000000000000000000000000013','PM_DELETECASE','2009-10-12 00:00:00',NULL,0,'00000000000000000000000000000002'),
('00000000000000000000000000000013','PM_DELETECASE','2009-10-12 00:00:00',NULL,1,'00000000000000000000000000000002'),
('00000000000000000000000000000014','PM_EDITPERSONALINFO','2009-10-12 00:00:00',NULL,1,'00000000000000000000000000000002'),
('00000000000000000000000000000015','PM_FOLDERS_VIEW','2009-10-12 00:00:00',NULL,1,'00000000000000000000000000000002'),
('00000000000000000000000000000016','PM_FOLDERS_ADD_FOLDER','2009-10-12 00:00:00',NULL,1,'00000000000000000000000000000002'),

80
tests/unit/workflow/engine/src/ProcessMaker/BusinessModel/CasesTest.php Normal file
View File

@@ -0,0 +1,80 @@
<?php
namespace ProcessMaker\BusinessModel;
use Exception;
use G;
use ProcessMaker\Model\Application;
use RBAC;
use Tests\TestCase;
/**
* Class DelegationTest
*
* @coversDefaultClass \ProcessMaker\BusinessModel\Cases
*/
class CasesTest extends TestCase
{
/**
* This checks the delete case
*
* @covers \ProcessMaker\BusinessModel\Cases::deleteCase()
* @test
* @expectedException Exception
*/
public function it_should_not_delete_case_without_permission()
{
// Set the RBAC
global $RBAC;
$_SESSION['USER_LOGGED'] = '00000000000000000000000000000002';
$RBAC = RBAC::getSingleton(PATH_DATA, session_id());
$RBAC->initRBAC();
$application = factory(Application::class)->create();
// Tried to delete case
$case = new Cases();
$case->deleteCase($application->APP_UID, $_SESSION['USER_LOGGED']);
}
/**
* This checks the delete case
*
* @covers \ProcessMaker\BusinessModel\Cases::deleteCase()
* @test
* @expectedException Exception
*/
public function it_should_not_delete_case_in_todo_status()
{
// Set the RBAC
global $RBAC;
$_SESSION['USER_LOGGED'] = '00000000000000000000000000000001';
$RBAC = RBAC::getSingleton(PATH_DATA, session_id());
$RBAC->initRBAC();
$application = factory(Application::class)->create(['APP_STATUS' => 'TO_DO']);
// Tried to delete case
$case = new Cases();
$case->deleteCase($application->APP_UID, $_SESSION['USER_LOGGED']);
}
/**
* This checks the delete case
*
* @covers \ProcessMaker\BusinessModel\Cases::deleteCase()
* @test
* @expectedException Exception
*/
public function it_should_not_delete_case_when_is_not_owner()
{
// Set the RBAC
global $RBAC;
$_SESSION['USER_LOGGED'] = '00000000000000000000000000000001';
$RBAC = RBAC::getSingleton(PATH_DATA, session_id());
$RBAC->initRBAC();
$application = factory(Application::class)->create(['APP_INIT_USER' => '00000000000000000000000000000002']);
// Tried to delete case
$case = new Cases();
$case->deleteCase($application->APP_UID, $_SESSION['USER_LOGGED']);
}
}

48
tests/unit/workflow/engine/src/ProcessMaker/Model/ApplicationTest.php Normal file
View File

@@ -0,0 +1,48 @@
<?php
namespace Tests\unit\workflow\engine\src\ProcessMaker\Model;
use Illuminate\Foundation\Testing\DatabaseTransactions;
use ProcessMaker\Model\Application;
use ProcessMaker\Model\Process;
use Tests\TestCase;
/**
* Class DelegationTest
*
* @coversDefaultClass \ProcessMaker\Model\Application
*/
class ApplicationTest extends TestCase
{
use DatabaseTransactions;
/**
* This checks if return the columns used
*
* @covers \ProcessMaker\Model\Application::getByProUid()
* @test
*/
public function it_return_cases_by_process()
{
$process = factory(Process::class)->create();
factory(Application::class, 5)->create(['PRO_UID' => $process->PRO_UID]);
$cases = Application::getByProUid($process->PRO_UID);
foreach ($cases as $case) {
$this->assertEquals($case->PRO_UID, $process->PRO_UID);
}
}
/**
* This checks if return the columns used
*
* @covers \ProcessMaker\Model\Application::getCase()
* @test
*/
public function it_return_case_information()
{
$application = factory(Application::class)->create();
$result = Application::getCase($application->APP_UID);
$this->assertArrayHasKey('APP_STATUS', $result);
$this->assertArrayHasKey('APP_INIT_USER', $result);
}
}

24
workflow/engine/content/translations/english/processmaker.en.po
View File

@@ -3341,6 +3341,12 @@ msgstr "No actions available for this case."
msgid "Case Demo"
msgstr "Case Demo"
# TRANSLATION
# LABEL/ID_CASE_DELETE_SUCCESFULLY
#: LABEL/ID_CASE_DELETE_SUCCESFULLY
msgid "The Case was deleted successfully."
msgstr "The Case was deleted successfully."
# TRANSLATION
# LABEL/ID_CASES
#: LABEL/ID_CASES
@@ -3353,6 +3359,12 @@ msgstr "HOME"
msgid "[LABEL/ID_CASES1] Cases"
msgstr "Cases"
# TRANSLATION
# LABEL/ID_CASES_DELETE_SUCCESFULLY
#: LABEL/ID_CASES_DELETE_SUCCESFULLY
msgid "All Cases were deleted successfully."
msgstr "All Cases were deleted successfully."
# TRANSLATION
# LABEL/ID_CASESLIST_APP_CURRENT_USER
#: LABEL/ID_CASESLIST_APP_CURRENT_USER
@@ -5741,6 +5753,12 @@ msgstr "Deleted"
msgid "Deleted Successfully"
msgstr "Deleted Successfully"
# TRANSLATION
# LABEL/ID_DELETE_ACTION
#: LABEL/ID_DELETE_ACTION
msgid "Delete case"
msgstr "Delete case"
# TRANSLATION
# LABEL/ID_DELETE_ALL_FIELDS
#: LABEL/ID_DELETE_ALL_FIELDS
@@ -19697,6 +19715,12 @@ msgstr "After routing notify the next assigned user(s)"
msgid "Notify users of case"
msgstr "Notify users of case"
# TRANSLATION
# LABEL/ID_NOT_ABLE_DELETE_CASES
#: LABEL/ID_NOT_ABLE_DELETE_CASES
msgid "You are not allowed to delete cases, please contact your System Administrator."
msgstr "You are not allowed to delete cases, please contact your System Administrator."
# TRANSLATION
# LABEL/ID_NOT_ABLE_REASSIGN
#: LABEL/ID_NOT_ABLE_REASSIGN

24
workflow/engine/controllers/adhocUserProxy.php
View File

@@ -1,5 +1,7 @@
<?php
use \ProcessMaker\BusinessModel\Cases;
class adhocUserProxy extends HttpProxyController
{
//list of users into adhoc option
@@ -46,21 +48,27 @@ class adhocUserProxy extends HttpProxyController
$cases->reassignCase( $_SESSION['APPLICATION'], $_SESSION['INDEX'], $_SESSION['USER_LOGGED'], $_POST['USR_UID'], $_POST['THETYPE'] );
$this->success = true;
}
//delete case adhoc
function deleteCase ($params)
/**
* Delete case from the actions menu
*
* @link https://wiki.processmaker.com/3.3/Cases/Actions#Delete
*/
function deleteCase($params)
{
$ainfoCase = array ();
try {
$applicationUID = (isset( $_POST['APP_UID'] )) ? $_POST['APP_UID'] : $_SESSION['APPLICATION'];
$appUid = (isset($_POST['APP_UID'])) ? $_POST['APP_UID'] : $_SESSION['APPLICATION'];
// Load case information for get appNumber
$data = [];
$app = new Application();
$caseData = $app->load( $applicationUID );
$caseData = $app->load($appUid);
$data['APP_NUMBER'] = $caseData['APP_NUMBER'];
$oCase = new Cases();
$oCase->removeCase( $applicationUID );
$case = new Cases();
$case->deleteCase($appUid, $_SESSION['USER_LOGGED']);
// Result successfully
$this->success = true;
$this->msg = G::LoadTranslation( 'ID_CASE_DELETED_SUCCESSFULLY', SYS_LANG, $data );
$this->msg = G::LoadTranslation('ID_CASE_DELETED_SUCCESSFULLY', SYS_LANG, $data);
} catch (Exception $e) {
$this->success = false;
$this->msg = $e->getMessage();

4
workflow/engine/data/mysql/insert.sql
View File

@@ -57360,8 +57360,10 @@ INSERT INTO TRANSLATION (TRN_CATEGORY,TRN_ID,TRN_LANG,TRN_VALUE,TRN_UPDATE_DATE
( 'LABEL','ID_CASE','en','Case','2014-01-15') ,
( 'LABEL','ID_CASECANCEL','en','No actions available for this case.','2014-01-15') ,
( 'LABEL','ID_CASEDEMO','en','Case Demo','2014-01-15') ,
( 'LABEL','ID_CASE_DELETE_SUCCESFULLY','en','The Case was deleted successfully.','2020-01-08') ,
( 'LABEL','ID_CASES','en','HOME','2014-01-15') ,
( 'LABEL','ID_CASES1','en','Cases','2015-12-15') ,
( 'LABEL','ID_CASES_DELETE_SUCCESFULLY','en','All Cases were deleted successfully.','2020-01-08') ,
( 'LABEL','ID_CASESLIST_APP_CURRENT_USER','en','Current User','2014-01-15') ,
( 'LABEL','ID_CASESLIST_APP_DEL_INDEX','en','Del Index','2014-01-15') ,
( 'LABEL','ID_CASESLIST_APP_DEL_PREVIOUS_USER','en','Sent by','2014-01-15') ,
@@ -57770,6 +57772,7 @@ INSERT INTO TRANSLATION (TRN_CATEGORY,TRN_ID,TRN_LANG,TRN_VALUE,TRN_UPDATE_DATE
( 'LABEL','ID_DELETE','en','Delete','2014-01-15') ,
( 'LABEL','ID_DELETED','en','Deleted','2014-01-15') ,
( 'LABEL','ID_DELETED_SUCCESSFULLY','en','Deleted Successfully','2014-01-15') ,
( 'LABEL','ID_DELETE_ACTION','en','Delete case','2020-01-15') ,
( 'LABEL','ID_DELETE_ALL_FIELDS','en','Do you want to delete all fields?','2014-01-15') ,
( 'LABEL','ID_DELETE_ALL_REPORT_TABLE','en','Do you want to delete all report tables?','2014-01-15') ,
( 'LABEL','ID_DELETE_AUTH_SOURCE','en','Delete Authentication Source','2014-10-13') ,
@@ -60149,6 +60152,7 @@ INSERT INTO TRANSLATION (TRN_CATEGORY,TRN_ID,TRN_LANG,TRN_VALUE,TRN_UPDATE_DATE
( 'LABEL','ID_NOTIFY','en','Notify','2016-10-20') ,
( 'LABEL','ID_NOTIFY_USERS_AFTER_ASSIGN','en','After routing notify the next assigned user(s)','2014-01-15') ,
( 'LABEL','ID_NOTIFY_USERS_CASE','en','Notify users of case','2014-01-15') ,
( 'LABEL','ID_NOT_ABLE_DELETE_CASES','en','You are not allowed to delete cases, please contact your System Administrator.','2020-01-08') ,
( 'LABEL','ID_NOT_ABLE_REASSIGN','en','You are not able to reassign cases of this process.','2018-05-15') ,
( 'LABEL','ID_NOT_AVAILABLE_DATABASE','en','Not available.','2015-04-21') ,
( 'LABEL','ID_NOT_CREATE_TABLE','en','Could not create the table with the name','2014-01-15') ,

8
workflow/engine/methods/cases/ajaxListener.php
View File

@@ -200,9 +200,11 @@ class Ajax
} else {
$options[] = ['text' => G::LoadTranslation('ID_UNPAUSE'), 'fn' => 'unpauseCase'];
}
$options[] = ['text' => G::LoadTranslation('ID_DELETE'), 'fn' => 'deleteCase'];
// Check if the user has the permission for the action Delete Case
if ($RBAC->userCanAccess('PM_DELETECASE') == 1) {
$options[] = ['text' => G::LoadTranslation('ID_DELETE'), 'fn' => 'deleteCase'];
}
// Check if the user has the permission for the action Reassign Case
if ($RBAC->userCanAccess('PM_REASSIGNCASE') == 1 || $RBAC->userCanAccess('PM_REASSIGNCASE_SUPERVISOR') == 1) {
if (!AppDelay::isPaused($appUid, $index)) {
$options[] = ['text' => G::LoadTranslation('ID_REASSIGN'), 'fn' => 'getUsersToReassign'];

3
workflow/engine/methods/cases/casesListExtJs.php
View File

@@ -188,6 +188,9 @@ $reassignCaseSup = ($RBAC->userCanAccess('PM_REASSIGNCASE_SUPERVISOR') == 1) ? '
$headPublisher->assign('varReassignCase', $reassignCase);
$headPublisher->assign('varReassignCaseSupervisor', $reassignCaseSup);
$deleteCase = ($RBAC->userCanAccess('PM_DELETECASE') == 1) ? 'true' : 'false';
$headPublisher->assign('varDeleteCase', $deleteCase);
$c = new Configurations();
$headPublisher->addExtJsScript('app/main', true);
$headPublisher->addExtJsScript('cases/casesList', false); //adding a javascript file .js

43
workflow/engine/methods/cases/cases_Delete.php
View File

@@ -2,26 +2,13 @@
/**
* cases_Delete.php
*
* ProcessMaker Open Source Edition
* Copyright (C) 2004 - 2008 Colosa Inc.23
* Delete case from the cases List option
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License as
* published by the Free Software Foundation, either version 3 of the
* License, or (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*
* For more information, contact Colosa Inc, 2566 Le Jeune Rd.,
* Coral Gables, FL, 33134, USA, or email info@colosa.com.
* @link https://wiki.processmaker.com/3.3/Roles#PM_DELETECASE
*/
/* Permissions */
use ProcessMaker\BusinessModel\Cases;
switch ($RBAC->userCanAccess( 'PM_CASES' )) {
case - 2:
G::SendTemporalMessage( 'ID_USER_HAVENT_RIGHTS_SYSTEM', 'error', 'labels' );
@@ -35,23 +22,23 @@ switch ($RBAC->userCanAccess( 'PM_CASES' )) {
break;
}
/* Process the info */
try {
$oCase = new Cases();
if (isset( $_POST['APP_UIDS'] )) {
$ids = explode( ',', $_POST['APP_UIDS'] );
foreach ($ids as $id) {
$oCase->removeCase( $id );
if (isset($_POST['APP_UIDS'])) {
$cases = explode(',', $_POST['APP_UIDS']);
foreach ($cases as $appUid) {
$case = new Cases();
$case->deleteCase($appUid, $_SESSION['USER_LOGGED']);
}
if (count( $_POST['APP_UIDS'] ) > 1) {
echo 'The Case was deleted successfully';
// Prepare the response successfully
if (count($cases) == 1) {
G::outRes(G::outRes(G::LoadTranslation('ID_CASE_DELETE_SUCCESFULLY')));
} else {
echo 'All Cases were deleted successfully';
G::outRes(G::outRes(G::LoadTranslation('ID_CASES_DELETE_SUCCESFULLY')));
}
}
} catch (Exception $e) {
$token = strtotime("now");
PMException::registerErrorLog($e, $token);
G::outRes( G::LoadTranslation("ID_EXCEPTION_LOG_INTERFAZ", array($token)) );
G::outRes($e->getMessage());
}

41
workflow/engine/src/ProcessMaker/BusinessModel/Cases.php
View File

@@ -40,6 +40,7 @@ use ProcessMaker\BusinessModel\Task as BmTask;
use ProcessMaker\BusinessModel\User as BmUser;
use ProcessMaker\Core\System;
use ProcessMaker\Exception\UploadException;
use ProcessMaker\Model\Application as ModelApplication;
use ProcessMaker\Model\Delegation;
use ProcessMaker\Plugins\PluginRegistry;
use ProcessMaker\Services\OAuth2\Server;
@@ -1114,35 +1115,37 @@ class Cases
* Delete case
*
* @access public
* @param string $app_uid, Uid for case
* @param string $usr_uid, Uid user
* @param string $appUid, Uid for case
* @param string $usrUid, Uid user
*
* @return void
* @throws Exception
*/
public function deleteCase($app_uid, $usr_uid)
public function deleteCase($appUid, $usrUid)
{
Validator::isString($app_uid, '$app_uid');
Validator::appUid($app_uid, '$app_uid');
Validator::isString($appUid, '$app_uid');
Validator::appUid($appUid, '$app_uid');
$criteria = new Criteria();
$criteria->addSelectColumn(ApplicationPeer::APP_STATUS);
$criteria->addSelectColumn(ApplicationPeer::APP_INIT_USER);
$criteria->add(ApplicationPeer::APP_UID, $app_uid, Criteria::EQUAL);
$dataset = ApplicationPeer::doSelectRS($criteria);
$dataset->setFetchmode(ResultSet::FETCHMODE_ASSOC);
$dataset->next();
$aRow = $dataset->getRow();
if ($aRow['APP_STATUS'] != 'DRAFT') {
throw (new Exception(G::LoadTranslation("ID_DELETE_CASE_NO_STATUS")));
// Review the permission for delete case
global $RBAC;
if ($RBAC->userCanAccess('PM_DELETECASE') != 1) {
throw new Exception(G::LoadTranslation('ID_NOT_ABLE_DELETE_CASES'));
}
if ($aRow['APP_INIT_USER'] != $usr_uid) {
throw (new Exception(G::LoadTranslation("ID_DELETE_CASE_NO_OWNER")));
// Review the status and user
$caseInfo = ModelApplication::getCase($appUid);
if (!empty($caseInfo)){
// Review the status
if ($caseInfo['APP_STATUS'] != 'DRAFT') {
throw new Exception(G::LoadTranslation("ID_DELETE_CASE_NO_STATUS"));
}
// Review the user requester
if ($caseInfo['APP_INIT_USER'] != $usrUid) {
throw new Exception(G::LoadTranslation("ID_DELETE_CASE_NO_OWNER"));
}
}
$case = new ClassesCases();
$case->removeCase($app_uid);
$case->removeCase($appUid);
}
/**

53
workflow/engine/src/ProcessMaker/Model/Application.php
View File

@@ -27,24 +27,23 @@ class Application extends Model
}
/**
* Get Applications by PRO_UID, ordered by APP_NUMBER.
* @param string $proUid
* @return object
* @see ReportTables->populateTable()
* Scope for query to get the application by APP_UID.
* @param \Illuminate\Database\Eloquent\Builder $query
* @param string $appUid
* @return \Illuminate\Database\Eloquent\Builder
*/
public static function getByProUid($proUid)
public function scopeAppUid($query, $appUid)
{
$query = Application::query()
->select()
->proUid($proUid)
->orderBy('APP_NUMBER', 'ASC');
return $query->get();
$result = $query->where('APP_UID', '=', $appUid);
return $result;
}
/**
* Scope for query to get the applications by PRO_UID.
*
* @param \Illuminate\Database\Eloquent\Builder $query
* @param string $proUid
*
* @return \Illuminate\Database\Eloquent\Builder
*/
public function scopeProUid($query, $proUid)
@@ -52,4 +51,38 @@ class Application extends Model
$result = $query->where('PRO_UID', '=', $proUid);
return $result;
}
/**
* Get Applications by PRO_UID, ordered by APP_NUMBER.
*
* @param string $proUid
*
* @return object
* @see ReportTables->populateTable()
*/
public static function getByProUid($proUid)
{
$query = Application::query()
->select()
->proUid($proUid)
->orderBy('APP_NUMBER', 'ASC');
return $query->get();
}
/**
* Get information related to the created case
*
* @param string $appUid
*
* @return array|bool
*/
public static function getCase($appUid)
{
$query = Application::query()->select(['APP_STATUS', 'APP_INIT_USER']);
$query->appUid($appUid);
$result = $query->get()->toArray();
$firstElement = head($result);
return $firstElement;
}
}

27
workflow/engine/templates/cases/casesList.js
View File

@@ -218,26 +218,31 @@ function deleteCase() {
_('ID_CONFIRM'),
(rows.length == 1) ? _('ID_MSG_CONFIRM_DELETE_CASE') : _('ID_MSG_CONFIRM_DELETE_CASES'),
function(btn, text){
if ( btn == 'yes' ) {
Ext.MessageBox.show({ msg: _('ID_DELETING_ELEMENTS'), wait:true,waitConfig: {interval:200} });
if (btn == 'yes') {
Ext.MessageBox.show({
msg: _('ID_DELETING_ELEMENTS'),
wait: true,
waitConfig: {interval: 200}
});
Ext.Ajax.request({
url: 'cases_Delete',
success: function(response) {
success: function (response) {
try {
parent.updateCasesView(true);
}
catch (e) {
} catch (e) {
// Nothing to do
}
Ext.MessageBox.hide();
try {
parent.updateCasesTree();
}
catch (e) {
} catch (e) {
// Nothing to do
}
if (typeof (response.responseText) != 'undefined') {
Ext.MessageBox.alert(_('ID_INFO'), response.responseText);
}
},
params: {APP_UIDS:APP_UIDS}
params: {APP_UIDS: APP_UIDS}
});
}
}
@@ -1899,10 +1904,12 @@ Ext.onReady ( function() {
case 'draft':
menuItems = [optionMenuPause, optionMenuSummary, optionMenuNotes];
if( varReassignCase == 'true' || varReassignCaseSupervisor == 'true'){
if (varReassignCase == 'true' || varReassignCaseSupervisor == 'true') {
menuItems.push(optionMenuReassign);
}
menuItems.push(optionMenuDelete);
if (varDeleteCase == 'true') {
menuItems.push(optionMenuDelete);
}
break;