fernando/luos
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Merged in release/3.3.2 (pull request #6749)

Browse Source 
Release/3.3.2

Approved-by: Paula Quispe <paula.quispe@processmaker.com>
This commit is contained in:
Paula Quispe
2019-01-14 15:10:37 +00:00
parent 8afd08ca36 11d896c8a7
commit 2f07f77f3f
15 changed files with 227 additions and 33 deletions
Download Patch File Download Diff File Expand all files Collapse all files

76
gulliver/system/class.rbac.php
View File

@@ -55,7 +55,7 @@ class RBAC
/** /**
* *
* @access private * @access private
* @var $userObj * @var RbacUsers $userObj
*/ */
public $userObj; public $userObj;
public $usersPermissionsObj; public $usersPermissionsObj;
@@ -803,6 +803,80 @@ class RBAC
$this->aUserInfo[$sSystem]['PERMISSIONS'] = $fieldsPermissions; $this->aUserInfo[$sSystem]['PERMISSIONS'] = $fieldsPermissions;
} }
/**
* Verification of a user through the class RBAC_user
* verify if the user has permissions to stay in the application
* -4: expired user
* @access public
* @throws Exception
*/
public function verifyDueDateUserLogged()
{
if (empty($this->userObj)) {
return;
}
$uid = !empty($this->userObj) ? $this->userObj->getUsrUid() : null;
//if the expired user
if ($this->userObj->getUsrDueDate() < date('Y-m-d')) {
$uid = -4;
$errLabel = 'ID_USER_INACTIVE_BY_DATE';
}
if (!isset($uid) || $uid < 0) {
if (!defined('PPP_FAILED_LOGINS')) {
define('PPP_FAILED_LOGINS', 0);
}
//start new session
@session_destroy();
session_start();
session_regenerate_id();
throw new RBACException($errLabel);
}
}
/**
* Destroy all active sessions of a user (browser, soap, oauth)
* @param string $usrUid User uid
*/
public static function destroySessionUser($usrUid)
{
//remove all register of tables related to the token
(new OauthAccessTokens())->removeByUser($usrUid);
(new OauthRefreshTokens())->removeByUser($usrUid);
(new PmoauthUserAccessTokens())->removeByUser($usrUid);
(new OauthAuthorizationCodes())->removeByUser($usrUid);
$loginLog = new LoginLog();
$sessionId = $loginLog->getSessionsIdByUser($usrUid);
if ($sessionId) {
//remove all login log row's of LOGIN_LOG table
$loginLog->removeByUser($usrUid);
//remove all register of tables
(new Session())->removeByUser($usrUid);
// 1. commit session if it's started.
if (session_id()) {
session_commit();
}
// 2. store current session id
session_start();
$currentSessionId = session_id();
session_commit();
// 3. then destroy session specified.
foreach ($sessionId as $sid) {
session_id($sid['LOG_SID']);
session_start();
session_destroy();
session_commit();
}
// 4. restore current session id. If don't restore it, your current session will refer to the session you just destroyed!
session_id($currentSessionId);
session_start();
session_commit();
}
}
/** /**
* verification the register automatic * verification the register automatic
* *

3
workflow/engine/classes/Cases.php
View File

@@ -3512,12 +3512,13 @@ class Cases
$fieldsTrigger = []; $fieldsTrigger = [];
foreach ($triggersList as $trigger) { foreach ($triggersList as $trigger) {
//Scan the code /*----------------------------------********---------------------------------*/
$disabledCode = $this->codeScannerReview($cs, $trigger["TRI_WEBBOT"], $trigger["TRI_TITLE"]); $disabledCode = $this->codeScannerReview($cs, $trigger["TRI_WEBBOT"], $trigger["TRI_TITLE"]);
if (!empty($disabledCode)) { if (!empty($disabledCode)) {
$foundDisabledCode .= $disabledCode; $foundDisabledCode .= $disabledCode;
continue; continue;
} }
/*----------------------------------********---------------------------------*/
$execute = true; $execute = true;
//Check if the trigger has conditions for the execution //Check if the trigger has conditions for the execution

2
workflow/engine/classes/WsBase.php
View File

@@ -1333,6 +1333,8 @@ class WsBase
$result = new WsResponse(-1, G::LoadTranslation("ID_INVALID_DATA") . " $status"); $result = new WsResponse(-1, G::LoadTranslation("ID_INVALID_DATA") . " $status");
return $result; return $result;
} else {
$status == 'INACTIVE' ? $RBAC->destroySessionUser($userUid) : null;
} }
} }

38
workflow/engine/classes/model/LoginLog.php
View File

@@ -130,5 +130,43 @@ class LoginLog extends BaseLoginLog
} }
return $aRows; return $aRows;
} }
/**
* Returns the last session id of a user
* @param string $userUid User uid
* @return array All session id of php
* @throws PropelException
* @throws SQLException
*/
public function getSessionsIdByUser($userUid)
{
$criteria = new Criteria();
$criteria->addSelectColumn('LOG_SID');
$criteria->add(LoginLogPeer::USR_UID, $userUid);
$criteria->add(LoginLogPeer::LOG_STATUS, 'ACTIVE');
$criteria->setDistinct();
$criteria->addDescendingOrderByColumn(LoginLogPeer::LOG_INIT_DATE);
$resultSet = LoginLogPeer::doSelectRS($criteria);
$resultSet->setFetchmode(ResultSet::FETCHMODE_ASSOC);
$row = [];
while($resultSet->next()) {
$row[] = $resultSet->getRow();
}
return $row;
}
/**
* Delete all records related to a user uid
* @param string $userUid User uid
* @return int
* @throws PropelException
*/
public function removeByUser($userUid)
{
$criteria = new Criteria();
$criteria->add(LoginLogPeer::USR_UID, $userUid);
$resultSet = LoginLogPeer::doDelete($criteria);
return $resultSet;
}
} }

14
workflow/engine/classes/model/OauthAccessTokens.php
View File

@@ -173,6 +173,20 @@ class OauthAccessTokens extends BaseOauthAccessTokens
return array("numRecTotal" => $numRecTotal, "data" => $arrayData); return array("numRecTotal" => $numRecTotal, "data" => $arrayData);
} }
/**
* Delete all records related to a user uid
* @param string $userUid User uid
* @return int
* @throws PropelException
*/
public function removeByUser($userUid)
{
$criteria = new Criteria();
$criteria->add(OauthAccessTokensPeer::USER_ID, $userUid);
$resultSet = OauthAccessTokensPeer::doDelete($criteria);
return $resultSet;
}
} }
// OauthAccessTokens // OauthAccessTokens

17
workflow/engine/classes/model/OauthAuthorizationCodes.php
View File

@@ -14,6 +14,19 @@ require_once 'classes/model/om/BaseOauthAuthorizationCodes.php';
* *
* @package classes.model * @package classes.model
*/ */
class OauthAuthorizationCodes extends BaseOauthAuthorizationCodes { class OauthAuthorizationCodes extends BaseOauthAuthorizationCodes
{
/**
* Delete all records related to a user uid
* @param string $userUid User uid
* @return int
* @throws PropelException
*/
public function removeByUser($userUid)
{
$criteria = new Criteria();
$criteria->add(OauthAuthorizationCodesPeer::USER_ID, $userUid);
$resultSet = OauthAuthorizationCodesPeer::doDelete($criteria);
return $resultSet;
}
} // OauthAuthorizationCodes } // OauthAuthorizationCodes

13
workflow/engine/classes/model/OauthClients.php
View File

@@ -209,6 +209,19 @@ class OauthClients extends BaseOauthClients
return array("numRecTotal" => $numRecTotal, "data" => $arrayData); return array("numRecTotal" => $numRecTotal, "data" => $arrayData);
} }
/**
* Delete all records related to a user uid
* @param string $userUid User uid
* @return int
* @throws PropelException
*/
public function removeByUser($userUid)
{
$criteria = new Criteria();
$criteria->add(OauthClientsPeer::USR_UID, $userUid);
$resultSet = OauthClientsPeer::doDelete($criteria);
return $resultSet;
}
} }
// OauthClients // OauthClients

17
workflow/engine/classes/model/OauthRefreshTokens.php
View File

@@ -14,6 +14,19 @@ require_once 'classes/model/om/BaseOauthRefreshTokens.php';
* *
* @package classes.model * @package classes.model
*/ */
class OauthRefreshTokens extends BaseOauthRefreshTokens { class OauthRefreshTokens extends BaseOauthRefreshTokens
{
/**
* Delete all records related to a user uid
* @param string $userUid User uid
* @return int
* @throws PropelException
*/
public function removeByUser($userUid)
{
$criteria = new Criteria();
$criteria->add(OauthRefreshTokensPeer::USER_ID, $userUid);
$resultSet = OauthRefreshTokensPeer::doDelete($criteria);
return $resultSet;
}
} // OauthRefreshTokens } // OauthRefreshTokens

16
workflow/engine/classes/model/PmoauthUserAccessTokens.php
View File

@@ -29,4 +29,20 @@ class PmoauthUserAccessTokens extends BasePmoauthUserAccessTokens
return (is_array($result) && empty($result)) ? false : $result[0]; return (is_array($result) && empty($result)) ? false : $result[0];
} }
/**
* Delete all records related to a user uid
*
* @param string $userUid User uid
*
* @return int
*/
public function removeByUser($userUid)
{
$criteria = new Criteria();
$criteria->add(PmoauthUserAccessTokensPeer::USER_ID, $userUid);
$resultSet = PmoauthUserAccessTokensPeer::doDelete($criteria);
return $resultSet;
}
} // PmoauthUserAccessTokens } // PmoauthUserAccessTokens

13
workflow/engine/classes/model/Session.php
View File

@@ -20,5 +20,18 @@ require_once 'classes/model/om/BaseSession.php';
*/ */
class Session extends BaseSession class Session extends BaseSession
{ {
/**
* Delete all records related to a user uid
* @param string $userUid User uid
* @return int
* @throws PropelException
*/
public function removeByUser($userUid)
{
$criteria = new Criteria();
$criteria->add(SessionPeer::USR_UID, $userUid);
$resultSet = SessionPeer::doDelete($criteria);
return $resultSet;
}
} }

27
workflow/engine/methods/cases/cases_CatchSelfService.php
View File

@@ -1,27 +1,7 @@
<?php <?php
/**
* cases_Resume.php use ProcessMaker\Util\DateTime;
*
* ProcessMaker Open Source Edition
* Copyright (C) 2004 - 2008 Colosa Inc.23
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License as
* published by the Free Software Foundation, either version 3 of the
* License, or (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*
* For more information, contact Colosa Inc, 2566 Le Jeune Rd.,
* Coral Gables, FL, 33134, USA, or email info@colosa.com.
*/
/* Permissions */
switch ($RBAC->userCanAccess('PM_CASES')) { switch ($RBAC->userCanAccess('PM_CASES')) {
case - 2: case - 2:
G::SendTemporalMessage('ID_USER_HAVENT_RIGHTS_SYSTEM', 'error', 'labels'); G::SendTemporalMessage('ID_USER_HAVENT_RIGHTS_SYSTEM', 'error', 'labels');
@@ -99,5 +79,6 @@ $oHeadPublisher->addScriptFile('/jscore/cases/core/cases_Step.js');
$Fields['isIE'] = Bootstrap::isIE(); $Fields['isIE'] = Bootstrap::isIE();
$G_PUBLISH = new Publisher(); $G_PUBLISH = new Publisher();
$Fields = DateTime::convertUtcToTimeZone($Fields);
$G_PUBLISH->AddContent('xmlform', 'xmlform', 'cases/cases_CatchSelfService.xml', '', $Fields, 'cases_CatchExecute'); $G_PUBLISH->AddContent('xmlform', 'xmlform', 'cases/cases_CatchSelfService.xml', '', $Fields, 'cases_CatchExecute');
G::RenderPage('publish', 'blank'); G::RenderPage('publish', 'blank');

10
workflow/engine/methods/cases/cases_Resume.php
View File

@@ -1,6 +1,7 @@
<?php <?php
use ProcessMaker\BusinessModel\Task as BusinessModelTask; use ProcessMaker\BusinessModel\Task as BusinessModelTask;
use ProcessMaker\Util\DateTime;
/* Permissions */ /* Permissions */
switch ($RBAC->userCanAccess('PM_CASES')) { switch ($RBAC->userCanAccess('PM_CASES')) {
@@ -123,6 +124,7 @@ if ($nTasksInParallel > 1) {
} }
$Fields['TAS_TITLE'] = $aTask['TAS_TITLE']; $Fields['TAS_TITLE'] = $aTask['TAS_TITLE'];
$Fields = DateTime::convertUtcToTimeZone($Fields);
$objUser = new Users(); $objUser = new Users();
$oHeadPublisher = headPublisher::getSingleton(); $oHeadPublisher = headPublisher::getSingleton();
@@ -150,10 +152,10 @@ if ($Fields['APP_STATUS'] != 'COMPLETED') {
$FieldsPar['CURRENT_USER'] = ''; $FieldsPar['CURRENT_USER'] = '';
} }
} }
$FieldsPar['DEL_DELEGATE_DATE'] = $row['DEL_DELEGATE_DATE']; $FieldsPar['DEL_DELEGATE_DATE'] = DateTime::convertUtcToTimeZone($row['DEL_DELEGATE_DATE']);
$FieldsPar['DEL_INIT_DATE'] = $row['DEL_INIT_DATE']; $FieldsPar['DEL_INIT_DATE'] = DateTime::convertUtcToTimeZone($row['DEL_INIT_DATE']);
$FieldsPar['DEL_TASK_DUE_DATE'] = $row['DEL_TASK_DUE_DATE']; $FieldsPar['DEL_TASK_DUE_DATE'] = DateTime::convertUtcToTimeZone($row['DEL_TASK_DUE_DATE']);
$FieldsPar['DEL_FINISH_DATE'] = $row['DEL_FINISH_DATE']; $FieldsPar['DEL_FINISH_DATE'] = DateTime::convertUtcToTimeZone($row['DEL_FINISH_DATE']);
$G_PUBLISH->AddContent('xmlform', 'xmlform', 'cases/cases_Resume_Current_Task.xml', '', $FieldsPar); $G_PUBLISH->AddContent('xmlform', 'xmlform', 'cases/cases_Resume_Current_Task.xml', '', $FieldsPar);
} }
} }

6
workflow/engine/methods/users/users_Ajax.php
View File

@@ -149,6 +149,10 @@ try {
$criteria->add(ProcessUserPeer::USR_UID, $usrUid, Criteria::EQUAL); $criteria->add(ProcessUserPeer::USR_UID, $usrUid, Criteria::EQUAL);
$criteria->add(ProcessUserPeer::PU_TYPE, "SUPERVISOR", Criteria::EQUAL); $criteria->add(ProcessUserPeer::PU_TYPE, "SUPERVISOR", Criteria::EQUAL);
ProcessUserPeer::doDelete($criteria); ProcessUserPeer::doDelete($criteria);
//Destroy session after delete user
$RBAC->destroySessionUser($usrUid);
(new OauthClients())->removeByUser($usrUid);
G::auditLog("DeleteUser", "User Name: ". $userName." User ID: (".$usrUid.") "); G::auditLog("DeleteUser", "User Name: ". $userName." User ID: (".$usrUid.") ");
break; break;
case 'changeUserStatus': case 'changeUserStatus':
@@ -160,6 +164,8 @@ try {
$userData = $userInstance->load($_REQUEST['USR_UID']); $userData = $userInstance->load($_REQUEST['USR_UID']);
$userData['USR_STATUS'] = $_REQUEST['NEW_USR_STATUS']; $userData['USR_STATUS'] = $_REQUEST['NEW_USR_STATUS'];
$userInstance->update($userData); $userInstance->update($userData);
//Destroy session after inactive user
$_REQUEST['NEW_USR_STATUS'] == 'INACTIVE' ? $RBAC->destroySessionUser($_REQUEST['USR_UID']) : null;
$msg = $_REQUEST['NEW_USR_STATUS'] == 'ACTIVE'? "EnableUser" : "DisableUser"; $msg = $_REQUEST['NEW_USR_STATUS'] == 'ACTIVE'? "EnableUser" : "DisableUser";
G::auditLog($msg, "User Name: ".$userData['USR_USERNAME']." User ID: (".$userData['USR_UID'].") "); G::auditLog($msg, "User Name: ".$userData['USR_USERNAME']." User ID: (".$userData['USR_UID'].") ");

7
workflow/engine/src/ProcessMaker/BusinessModel/User.php
View File

@@ -21,6 +21,7 @@ use IsoCountryPeer;
use IsoLocationPeer; use IsoLocationPeer;
use IsoSubdivisionPeer; use IsoSubdivisionPeer;
use ListParticipatedLast; use ListParticipatedLast;
use OauthClients;
use PMmemcached; use PMmemcached;
use ProcessMaker\BusinessModel\ProcessSupervisor as BmProcessSupervisor; use ProcessMaker\BusinessModel\ProcessSupervisor as BmProcessSupervisor;
use ProcessMaker\Plugins\PluginRegistry; use ProcessMaker\Plugins\PluginRegistry;
@@ -1023,6 +1024,9 @@ class User
//Update in workflow //Update in workflow
$result = $user->update($arrayData); $result = $user->update($arrayData);
if (isset($arrayData['USR_STATUS'])) {
$arrayData['USR_STATUS'] == 'INACTIVE' ? RBAC::destroySessionUser($userUid) : null;
}
//Save Calendar assigment //Save Calendar assigment
if (isset($arrayData["USR_CALENDAR"])) { if (isset($arrayData["USR_CALENDAR"])) {
@@ -1330,6 +1334,9 @@ class User
$criteria->add(DashletInstancePeer::DAS_INS_OWNER_UID, $UID); $criteria->add(DashletInstancePeer::DAS_INS_OWNER_UID, $UID);
$criteria->add(DashletInstancePeer::DAS_INS_OWNER_TYPE, 'USER'); $criteria->add(DashletInstancePeer::DAS_INS_OWNER_TYPE, 'USER');
DashletInstancePeer::doDelete($criteria); DashletInstancePeer::doDelete($criteria);
//Destroy session after delete user
RBAC::destroySessionUser($usrUid);
(new OauthClients())->removeByUser($usrUid);
} }
} catch (Exception $e) { } catch (Exception $e) {
throw $e; throw $e;

1
workflow/public_html/sysGeneric.php
View File

@@ -937,6 +937,7 @@ if (!defined('EXECUTE_BY_CRON')) {
$memKey = 'rbacSession' . session_id(); $memKey = 'rbacSession' . session_id();
if (($RBAC->aUserInfo = $memcache->get($memKey)) === false) { if (($RBAC->aUserInfo = $memcache->get($memKey)) === false) {
$RBAC->loadUserRolePermission($RBAC->sSystem, $_SESSION['USER_LOGGED']); $RBAC->loadUserRolePermission($RBAC->sSystem, $_SESSION['USER_LOGGED']);
$RBAC->verifyDueDateUserLogged();
$memcache->set($memKey, $RBAC->aUserInfo, PMmemcached::EIGHT_HOURS); $memcache->set($memKey, $RBAC->aUserInfo, PMmemcached::EIGHT_HOURS);
} }
} else { } else {