diff --git a/gulliver/system/class.rbac.php b/gulliver/system/class.rbac.php
index 2f79824ea..c4749221e 100644
--- a/gulliver/system/class.rbac.php
+++ b/gulliver/system/class.rbac.php
@@ -110,11 +110,11 @@ class RBAC
'downloadFileHash' => array('PM_FACTORY')
),
'processProxy.php' => array(
- 'categoriesList' => array(),
- 'getCategoriesList' => array(),
+ 'categoriesList' => array('PM_SETUP_PROCESS_CATEGORIES'),
+ 'getCategoriesList' => array('PM_FACTORY'),
'saveProcess' => array('PM_FACTORY'),
- 'changeStatus' => array(),
- 'changeDebugMode' => array(),
+ 'changeStatus' => array('PM_FACTORY'),
+ 'changeDebugMode' => array('PM_FACTORY'),
'getUsers' => array(),
'getGroups' => array(),
'assignActorsTask' => array(),
@@ -125,7 +125,7 @@ class RBAC
'saveProperties' => array(),
'getCaledarList' => array(),
'getPMVariables' => array(),
- 'generateBpmn' => array()
+ 'generateBpmn' => array('PM_FACTORY')
),
'home.php' => array(
'login' => array('PM_LOGIN'),
@@ -144,6 +144,9 @@ class RBAC
'getProcessArray' => array('PM_ALLCASES'),
'getProcesses' => array('PM_ALLCASES'),
'getUsers' => array('PM_ALLCASES')
+ ),
+ 'newSite.php' => array(
+ 'newSite.php' => array('PM_SETUP_ADVANCE')
)
);
diff --git a/workflow/engine/classes/class.case.php b/workflow/engine/classes/class.case.php
index 4feec1018..a53bef2f5 100644
--- a/workflow/engine/classes/class.case.php
+++ b/workflow/engine/classes/class.case.php
@@ -5788,8 +5788,8 @@ class Cases
* @param string $tasUid
* @param string $usrUid
* @param string $action some action [VIEW, BLOCK, RESEND]
- * @param string $delIndex
- * @return Array within all user permitions all objects' types
+ * @param integer $delIndex
+ * @return array within all user permissions all objects' types
*/
public function getAllObjectsFrom($proUid, $appUid, $tasUid = '', $usrUid = '', $action = '', $delIndex = 0)
{
@@ -5808,6 +5808,7 @@ class Cases
$result = array(
"DYNAFORM" => array(),
"INPUT" => array(),
+ "ATTACHMENT" => array(),
"OUTPUT" => array(),
"CASES_NOTES" => 0,
"MSGS_HISTORY" => array()
@@ -5878,6 +5879,15 @@ class Cases
$opObjUid,
$aCase['APP_STATUS']
);
+ //For Attachment
+ $result['ATTACHMENT'] = $oObjectPermission->objectPermissionByOutputInput(
+ $appUid,
+ $proUid,
+ $opTaskSource,
+ 'ATTACHED',
+ $opObjUid,
+ $aCase['APP_STATUS']
+ );
$result['CASES_NOTES'] = 1;
/*----------------------------------********---------------------------------*/
@@ -5914,6 +5924,16 @@ class Cases
$aCase['APP_STATUS']
);
break;
+ case 'ATTACHMENT':
+ $result['ATTACHMENT'] = $oObjectPermission->objectPermissionByOutputInput(
+ $appUid,
+ $proUid,
+ $opTaskSource,
+ 'ATTACHED',
+ $opObjUid,
+ $aCase['APP_STATUS']
+ );
+ break;
case 'OUTPUT':
$result['OUTPUT'] = $oObjectPermission->objectPermissionByOutputInput(
$appUid,
@@ -5948,9 +5968,10 @@ class Cases
}
}
- return Array(
+ return array(
"DYNAFORMS" => $result['DYNAFORM'],
"INPUT_DOCUMENTS" => $result['INPUT'],
+ "ATTACHMENTS" => $result['ATTACHMENT'],
"OUTPUT_DOCUMENTS" => $result['OUTPUT'],
"CASES_NOTES" => $result['CASES_NOTES'],
"MSGS_HISTORY" => $result['MSGS_HISTORY']
diff --git a/workflow/engine/classes/model/AppDocument.php b/workflow/engine/classes/model/AppDocument.php
index 7e9eb6075..b9f9ece1a 100644
--- a/workflow/engine/classes/model/AppDocument.php
+++ b/workflow/engine/classes/model/AppDocument.php
@@ -530,10 +530,16 @@ class AppDocument extends BaseAppDocument
return $documents;
}
- public function exists ($sAppDocUid, $iVersion)
+ /**
+ * This function check if exist a document
+ * @param string $appDocUid, Uid of the document
+ * @param integer $version,
+ * @return object
+ */
+ public function exists ($appDocUid, $version = 1)
{
- $oAppDocument = AppDocumentPeer::retrieveByPK( $sAppDocUid, $iVersion );
- return (is_object( $oAppDocument ) && get_class( $oAppDocument ) == 'AppDocument');
+ $oAppDocument = AppDocumentPeer::retrieveByPK($appDocUid, $version);
+ return (is_object($oAppDocument) && get_class($oAppDocument) == 'AppDocument');
}
/**
@@ -547,6 +553,7 @@ class AppDocument extends BaseAppDocument
*/
public function canDownloadInput($user, $appDocUid, $version)
{
+ //Check if the the requester is the owner in the file
$oCriteria = new Criteria('workflow');
$oCriteria->addSelectColumn(AppDocumentPeer::APP_UID);
$oCriteria->addJoin(AppDocumentPeer::DOC_UID, InputDocumentPeer::INP_DOC_UID, Criteria::LEFT_JOIN);
@@ -560,11 +567,11 @@ class AppDocument extends BaseAppDocument
if ($dataset->getRow()) {
return true;
} else {
+ //Review if is a INPUT or ATTACHED
$oCriteria = new Criteria("workflow");
$oCriteria->addSelectColumn(AppDocumentPeer::APP_UID);
$oCriteria->addSelectColumn(AppDocumentPeer::DOC_UID);
- $oCriteria->addSelectColumn(InputDocumentPeer::PRO_UID);
- $oCriteria->addJoin(AppDocumentPeer::DOC_UID, InputDocumentPeer::INP_DOC_UID, Criteria::LEFT_JOIN);
+ $oCriteria->addSelectColumn(AppDocumentPeer::APP_DOC_TYPE);
$oCriteria->add(AppDocumentPeer::APP_DOC_UID, $appDocUid);
$oCriteria->add(AppDocumentPeer::DOC_VERSION, $version);
$oCriteria->setLimit(1);
@@ -572,28 +579,56 @@ class AppDocument extends BaseAppDocument
$dataset->setFetchmode(ResultSet::FETCHMODE_ASSOC);
$dataset->next();
$row = $dataset->getRow();
- $cases = new \ProcessMaker\BusinessModel\Cases();
- $userAuthorization = $cases->userAuthorization(
- $user,
- $row['PRO_UID'],
- $row['APP_UID'],
- array(),
- array('INPUT_DOCUMENTS' => 'VIEW')
- );
-
- if (in_array($appDocUid, $userAuthorization['objectPermissions']['INPUT_DOCUMENTS'])) {
- return true;
- }
-
- if ($userAuthorization['supervisor']) {
- $criteria = new Criteria("workflow");
- $criteria->addSelectColumn(StepSupervisorPeer::STEP_UID);
- $criteria->add(StepSupervisorPeer::STEP_TYPE_OBJ, "INPUT_DOCUMENT", \Criteria::EQUAL);
- $criteria->add(StepSupervisorPeer::STEP_UID_OBJ, $row['DOC_UID'], \Criteria::EQUAL);
- $rsCriteria = StepSupervisorPeer::doSelectRS($criteria);
- if ($rsCriteria->next()) {
+ if ($row['DOC_UID'] == '-1') {
+ //If is an attached we only verify if is a supervisor in the process
+ $appUid = $row['APP_UID'];
+ $oApplication = new Application();
+ $aColumns = $oApplication->Load($appUid);
+ $cases = new \ProcessMaker\BusinessModel\Cases();
+ $userAuthorization = $cases->userAuthorization(
+ $user,
+ $aColumns['PRO_UID'],
+ $appUid,
+ array(),
+ array('ATTACHMENTS' => 'VIEW')
+ );
+ //Has permissions?
+ if (in_array($appDocUid, $userAuthorization['objectPermissions']['ATTACHMENTS'])) {
return true;
}
+ //Is supervisor?
+ if ($userAuthorization['supervisor']) {
+ return true;
+ }
+ } else {
+ //If is an file related an input document, we will check if the user is a supervisor or has permissions
+ $appUid = $row['APP_UID'];
+ $oInputDoc = new InputDocument();
+ $aColumns = $oInputDoc->Load($row['DOC_UID']);
+ $cases = new \ProcessMaker\BusinessModel\Cases();
+ $userAuthorization = $cases->userAuthorization(
+ $user,
+ $aColumns['PRO_UID'],
+ $appUid,
+ array(),
+ array('INPUT_DOCUMENTS' => 'VIEW')
+ );
+ //Has permissions?
+ if (in_array($appDocUid, $userAuthorization['objectPermissions']['INPUT_DOCUMENTS'])) {
+ return true;
+ }
+ //Is supervisor?
+ if ($userAuthorization['supervisor']) {
+ //Review if the supervisor has assigned the object input document
+ $criteria = new Criteria("workflow");
+ $criteria->addSelectColumn(StepSupervisorPeer::STEP_UID);
+ $criteria->add(StepSupervisorPeer::STEP_TYPE_OBJ, "INPUT_DOCUMENT", \Criteria::EQUAL);
+ $criteria->add(StepSupervisorPeer::STEP_UID_OBJ, $row['DOC_UID'], \Criteria::EQUAL);
+ $rsCriteria = StepSupervisorPeer::doSelectRS($criteria);
+ if ($rsCriteria->next()) {
+ return true;
+ }
+ }
}
}
return false;
diff --git a/workflow/engine/classes/model/ObjectPermission.php b/workflow/engine/classes/model/ObjectPermission.php
index f50a77b04..04af9b9fe 100644
--- a/workflow/engine/classes/model/ObjectPermission.php
+++ b/workflow/engine/classes/model/ObjectPermission.php
@@ -383,10 +383,10 @@ class ObjectPermission extends BaseObjectPermission
}
switch ($obType) {
case 'INPUT':
- $oCriteria->add(
- $oCriteria->getNewCriterion(AppDocumentPeer::APP_DOC_TYPE, 'INPUT')->
- addOr($oCriteria->getNewCriterion(AppDocumentPeer::APP_DOC_TYPE, 'ATTACHED'))
- );
+ $oCriteria->add(AppDocumentPeer::APP_DOC_TYPE, 'INPUT');
+ break;
+ case 'ATTACHED':
+ $oCriteria->add(AppDocumentPeer::APP_DOC_TYPE, 'ATTACHED');
break;
case 'OUTPUT':
$oCriteria->add(AppDocumentPeer::APP_DOC_TYPE, 'OUTPUT');
@@ -399,9 +399,6 @@ class ObjectPermission extends BaseObjectPermission
$result = array();
while ($oDataset->next()) {
$aRow = $oDataset->getRow();
- if ($aRow['APP_DOC_TYPE'] == "ATTACHED") {
- $aRow['APP_DOC_TYPE'] = "INPUT";
- }
if (!in_array($aRow['APP_DOC_UID'], $result)) {
array_push($result, $aRow['APP_DOC_UID']);
}
diff --git a/workflow/engine/classes/model/map/EmailEventMapBuilder.php b/workflow/engine/classes/model/map/EmailEventMapBuilder.php
index 1553782ae..70c4433c3 100644
--- a/workflow/engine/classes/model/map/EmailEventMapBuilder.php
+++ b/workflow/engine/classes/model/map/EmailEventMapBuilder.php
@@ -75,7 +75,7 @@ class EmailEventMapBuilder
$tMap->addColumn('EMAIL_EVENT_TO', 'EmailEventTo', 'string', CreoleTypes::LONGVARCHAR, true, null);
- $tMap->addColumn('EMAIL_EVENT_SUBJECT', 'EmailEventSubject', 'string', CreoleTypes::VARCHAR, false, 150);
+ $tMap->addColumn('EMAIL_EVENT_SUBJECT', 'EmailEventSubject', 'string', CreoleTypes::VARCHAR, false, 255);
$tMap->addColumn('PRF_UID', 'PrfUid', 'string', CreoleTypes::VARCHAR, false, 32);
diff --git a/workflow/engine/config/schema.xml b/workflow/engine/config/schema.xml
index 107dcce24..8fde24211 100644
--- a/workflow/engine/config/schema.xml
+++ b/workflow/engine/config/schema.xml
@@ -5537,7 +5537,7 @@
-
+
diff --git a/workflow/engine/content/translations/english/processmaker.en.po b/workflow/engine/content/translations/english/processmaker.en.po
index bc88ba754..258f0b0d9 100644
--- a/workflow/engine/content/translations/english/processmaker.en.po
+++ b/workflow/engine/content/translations/english/processmaker.en.po
@@ -9326,6 +9326,12 @@ msgstr "Web Entry deleted correctly"
msgid "[LABEL/ID_PASSWORD] Password"
msgstr "Password"
+# TRANSLATION
+# LABEL/ID_PASSWORD_CONFIRM
+#: LABEL/ID_PASSWORD_CONFIRM
+msgid "[LABEL/ID_PASSWORD_CONFIRM] Confirm Password"
+msgstr "Confirm Password"
+
# TRANSLATION
# LABEL/ID_NOT_DEFINED
#: LABEL/ID_NOT_DEFINED
diff --git a/workflow/engine/controllers/designer.php b/workflow/engine/controllers/designer.php
index 089582cdc..d4cfa409b 100644
--- a/workflow/engine/controllers/designer.php
+++ b/workflow/engine/controllers/designer.php
@@ -7,11 +7,16 @@
* @access public
*/
+use Maveriks\Util\ClassLoader;
+use \OAuth2\Request;
+use \ProcessMaker\BusinessModel\Light\Tracker;
+use \ProcessMaker\Services\OAuth2\Server;
+
class Designer extends Controller
{
protected $clientId = 'x-pm-local-client';
- public function __construct ()
+ public function __construct()
{
}
@@ -26,57 +31,16 @@ class Designer extends Controller
$proUid = isset($httpData->prj_uid) ? $httpData->prj_uid : '';
$appUid = isset($httpData->app_uid) ? $httpData->app_uid : '';
$proReadOnly = isset($httpData->prj_readonly) ? $httpData->prj_readonly : 'false';
- $client = $this->getClientCredentials();
- if (isset($httpData->tracker_designer) && $httpData->tracker_designer == 1) {
- try {
- if (!isset($_SESSION['CASE']) && !isset($_SESSION['PIN'])) {
- throw (new \Exception(
- \G::LoadTranslation('ID_CASE_NOT_EXISTS') . "\n" . \G::LoadTranslation('ID_PIN_INVALID')
- ));
- }
- \ProcessMaker\BusinessModel\Light\Tracker::authentication($_SESSION['CASE'], $_SESSION['PIN']);
- } catch (\Exception $e) {
- Bootstrap::registerMonolog('CaseTracker', 400, $e->getMessage(), [], SYS_SYS, 'processmaker.log');
- \G::header('Location: /errors/error403.php');
- die();
- }
- $client["tracker_designer"] = 1;
- }
-
- $authCode = $this->getAuthorizationCode($client);
+ $clientToken = $this->getCredentials($httpData);
$debug = false; //System::isDebugMode();
- $loader = Maveriks\Util\ClassLoader::getInstance();
- $loader->add(PATH_TRUNK . 'vendor/bshaffer/oauth2-server-php/src/', "OAuth2");
-
- $request = array(
- 'grant_type' => 'authorization_code',
- 'code' => $authCode
- );
- $server = array(
- 'REQUEST_METHOD' => 'POST'
- );
- $headers = array(
- "PHP_AUTH_USER" => $client['CLIENT_ID'],
- "PHP_AUTH_PW" => $client['CLIENT_SECRET'],
- "Content-Type" => "multipart/form-data;",
- "Authorization" => "Basic " . base64_encode($client['CLIENT_ID'] . ":" . $client['CLIENT_SECRET'])
- );
-
- $request = new \OAuth2\Request(array(), $request, array(), array(), array(), $server, null, $headers);
- $oauthServer = new \ProcessMaker\Services\OAuth2\Server();
- $response = $oauthServer->postToken($request, true);
- $clientToken = $response->getParameters();
- $clientToken["client_id"] = $client['CLIENT_ID'];
- $clientToken["client_secret"] = $client['CLIENT_SECRET'];
-
$consolidated = 0;
$enterprise = 0;
$distribution = 0;
/*----------------------------------********---------------------------------*/
- $licensedFeatures = & PMLicensedFeatures::getSingleton();
+ $licensedFeatures = &PMLicensedFeatures::getSingleton();
if ($licensedFeatures->verifyfeature('7TTeDBQeWRoZTZKYjh4eFpYUlRDUUEyVERPU3FxellWank=')) {
$consolidated = 1;
}
@@ -101,10 +65,10 @@ class Designer extends Controller
$this->setVar('HTTP_SERVER_HOSTNAME', PmSystem::getHttpServerHostnameRequestsFrontEnd());
if ($debug) {
- if (! file_exists(PATH_HTML . "lib-dev/pmUI/build.cache")) {
+ if (!file_exists(PATH_HTML . "lib-dev/pmUI/build.cache")) {
throw new RuntimeException("Development JS Files were are not generated!.\nPlease execute: \$>rake pmBuildDebug in pmUI project");
}
- if (! file_exists(PATH_HTML . "lib-dev/mafe/build.cache")) {
+ if (!file_exists(PATH_HTML . "lib-dev/mafe/build.cache")) {
throw new RuntimeException("Development JS Files were are not generated!.\nPlease execute: \$>rake pmBuildDebug in MichelangeloFE project");
}
@@ -128,7 +92,7 @@ class Designer extends Controller
$this->setVar('mafeCssFiles', $mafeCssFiles);
} else {
$buildhashFile = PATH_HTML . "lib/buildhash";
- if (! file_exists($buildhashFile)) {
+ if (!file_exists($buildhashFile)) {
throw new RuntimeException("CSS and JS Files were are not generated!.\nPlease review install process");
}
$buildhash = file_get_contents($buildhashFile);
@@ -137,7 +101,7 @@ class Designer extends Controller
$translationMafe = "/translations/translationsMafe.js";
$this->setVar('translationMafe', $translationMafe);
- if (!file_exists(PATH_HTML . "translations" . PATH_SEP. 'translationsMafe' . ".js")) {
+ if (!file_exists(PATH_HTML . "translations" . PATH_SEP . 'translationsMafe' . ".js")) {
$translation = new Translation();
$translation->generateFileTranslationMafe();
}
@@ -197,10 +161,10 @@ class Designer extends Controller
protected function getAuthorizationCode($client)
{
- \ProcessMaker\Services\OAuth2\Server::setDatabaseSource($this->getDsn());
- \ProcessMaker\Services\OAuth2\Server::setPmClientId($client['CLIENT_ID']);
+ Server::setDatabaseSource($this->getDsn());
+ Server::setPmClientId($client['CLIENT_ID']);
- $oauthServer = new \ProcessMaker\Services\OAuth2\Server();
+ $oauthServer = new Server();
if (isset($client["tracker_designer"]) && $client["tracker_designer"] == 1) {
$_SESSION["USER_LOGGED"] = "00000000000000000000000000000001";
@@ -215,7 +179,7 @@ class Designer extends Controller
));
$response = $oauthServer->postAuthorize($authorize, $userId, true);
- $code = substr($response->getHttpHeader('Location'), strpos($response->getHttpHeader('Location'), 'code=')+5, 40);
+ $code = substr($response->getHttpHeader('Location'), strpos($response->getHttpHeader('Location'), 'code=') + 5, 40);
if (isset($client["tracker_designer"]) && $client["tracker_designer"] == 1) {
unset($_SESSION["USER_LOGGED"]);
@@ -228,8 +192,63 @@ class Designer extends Controller
{
list($host, $port) = strpos(DB_HOST, ':') !== false ? explode(':', DB_HOST) : array(DB_HOST, '');
$port = empty($port) ? '' : ";port=$port";
- $dsn = DB_ADAPTER.':host='.$host.';dbname='.DB_NAME.$port;
+ $dsn = DB_ADAPTER . ':host=' . $host . ';dbname=' . DB_NAME . $port;
return array('dsn' => $dsn, 'username' => DB_USER, 'password' => DB_PASS);
}
+
+ /**
+ * Return credentials oauth2
+ *
+ * @param object $httpData
+ * @return array credentials
+ */
+ public function getCredentials($httpData = null)
+ {
+ $client = $this->getClientCredentials();
+
+ if (!empty($httpData->tracker_designer) && $httpData->tracker_designer == 1) {
+ try {
+ if (!isset($_SESSION['CASE']) && !isset($_SESSION['PIN'])) {
+ throw (new \Exception(
+ \G::LoadTranslation('ID_CASE_NOT_EXISTS') . "\n" . \G::LoadTranslation('ID_PIN_INVALID')
+ ));
+ }
+ Tracker::authentication($_SESSION['CASE'], $_SESSION['PIN']);
+ } catch (\Exception $e) {
+ Bootstrap::registerMonolog('CaseTracker', 400, $e->getMessage(), [], SYS_SYS, 'processmaker.log');
+ \G::header('Location: /errors/error403.php');
+ die();
+ }
+ $client["tracker_designer"] = 1;
+ }
+
+ $authCode = $this->getAuthorizationCode($client);
+
+ $loader = ClassLoader::getInstance();
+ $loader->add(PATH_TRUNK . 'vendor/bshaffer/oauth2-server-php/src/', "OAuth2");
+
+ $request = array(
+ 'grant_type' => 'authorization_code',
+ 'code' => $authCode
+ );
+ $server = array(
+ 'REQUEST_METHOD' => 'POST'
+ );
+ $headers = array(
+ "PHP_AUTH_USER" => $client['CLIENT_ID'],
+ "PHP_AUTH_PW" => $client['CLIENT_SECRET'],
+ "Content-Type" => "multipart/form-data;",
+ "Authorization" => "Basic " . base64_encode($client['CLIENT_ID'] . ":" . $client['CLIENT_SECRET'])
+ );
+
+ $request = new Request(array(), $request, array(), array(), array(), $server, null, $headers);
+ $oauthServer = new Server();
+ $response = $oauthServer->postToken($request, true);
+ $clientToken = $response->getParameters();
+ $clientToken["client_id"] = $client['CLIENT_ID'];
+ $clientToken["client_secret"] = $client['CLIENT_SECRET'];
+
+ return $clientToken;
+ }
}
diff --git a/workflow/engine/data/mysql/insert.sql b/workflow/engine/data/mysql/insert.sql
index 7354b4f58..8bcd5a6e7 100644
--- a/workflow/engine/data/mysql/insert.sql
+++ b/workflow/engine/data/mysql/insert.sql
@@ -3025,6 +3025,7 @@ INSERT INTO TRANSLATION (TRN_CATEGORY,TRN_ID,TRN_LANG,TRN_VALUE,TRN_UPDATE_DATE
( 'LABEL','ID_CONFIRM_DELETE_WEB_ENTRY','en','Do you want to delete current web entry?','2014-01-15') ,
( 'LABEL','ID_WEB_ENTRY_SUCCESS_DELETE','en','Web Entry deleted correctly','2014-01-15') ,
( 'LABEL','ID_PASSWORD','en','Password','2014-01-15') ,
+( 'LABEL','ID_PASSWORD_CONFIRM','en','Confirm Password','2017-07-25') ,
( 'LABEL','ID_NOT_DEFINED','en','Not defined','2014-01-15') ,
( 'LABEL','ID_WEB_ENTRY_SUCCESS_NEW','en','Web Entry has been created correctly.','2014-01-15') ,
( 'LABEL','ID_REMOVE_ALL_BUTTON_FACE','en','<<','2014-01-15') ,
diff --git a/workflow/engine/data/mysql/schema.sql b/workflow/engine/data/mysql/schema.sql
index 39d14e01d..0c0898e37 100644
--- a/workflow/engine/data/mysql/schema.sql
+++ b/workflow/engine/data/mysql/schema.sql
@@ -3068,7 +3068,7 @@ CREATE TABLE `EMAIL_EVENT`
`EVN_UID` VARCHAR(32) NOT NULL,
`EMAIL_EVENT_FROM` VARCHAR(100) default '' NOT NULL,
`EMAIL_EVENT_TO` MEDIUMTEXT NOT NULL,
- `EMAIL_EVENT_SUBJECT` VARCHAR(150) default '',
+ `EMAIL_EVENT_SUBJECT` VARCHAR(255) default '',
`PRF_UID` VARCHAR(32) default '',
`EMAIL_SERVER_UID` VARCHAR(32) default '',
PRIMARY KEY (`EMAIL_EVENT_UID`)
diff --git a/workflow/engine/methods/processes/mainInit.php b/workflow/engine/methods/processes/mainInit.php
index 64a525ac9..fc8534961 100644
--- a/workflow/engine/methods/processes/mainInit.php
+++ b/workflow/engine/methods/processes/mainInit.php
@@ -88,6 +88,13 @@ $oHeadPublisher->assign("arrayMenuNewOptionPlugin", $arrayMenuNewOptionPlugin);
$oHeadPublisher->assign("arrayContextMenuOptionPlugin", $arrayContextMenuOptionPlugin);
$oHeadPublisher->assign('extJsViewState', $oHeadPublisher->getExtJsViewState());
+$designer = new Designer();
+$oHeadPublisher->assign('SYS_SYS', SYS_SYS);
+$oHeadPublisher->assign('SYS_LANG', SYS_LANG);
+$oHeadPublisher->assign('SYS_SKIN', SYS_SKIN);
+$oHeadPublisher->assign('HTTP_SERVER_HOSTNAME', PmSystem::getHttpServerHostnameRequestsFrontEnd());
+$oHeadPublisher->assign('credentials', base64_encode(G::json_encode($designer->getCredentials())));
+
$deleteCasesFlag = false;
global $RBAC;
if($RBAC->userCanAccess('PM_DELETE_PROCESS_CASES') === 1) {
diff --git a/workflow/engine/src/ProcessMaker/BusinessModel/ProcessPermissions.php b/workflow/engine/src/ProcessMaker/BusinessModel/ProcessPermissions.php
index a5de78aa1..0a61b4eb4 100644
--- a/workflow/engine/src/ProcessMaker/BusinessModel/ProcessPermissions.php
+++ b/workflow/engine/src/ProcessMaker/BusinessModel/ProcessPermissions.php
@@ -1,6 +1,7 @@
- * @copyright Colosa - Bolivia
*
* @return void
+ * @throws Exception
*/
-
- public function saveProcessPermission($data, $op_uid = '')
+ public function saveProcessPermission($data, $opUid = '')
{
try {
$data = array_change_key_case($data, CASE_UPPER);
$this->validateProUid($data['PRO_UID']);
- if ($op_uid != '') {
- $op_uid = $this->validateOpUid($op_uid);
+ if ($opUid != '') {
+ $opUid = $this->validateOpUid($opUid);
}
if ($data['OP_USER_RELATION'] == "1") {
$this->validateUsrUid($data['USR_UID']);
@@ -257,6 +256,9 @@ class ProcessPermissions
}
$sObjectUID = $data['DYNAFORMS'];
break;
+ case 'ATTACHED':
+ $sObjectUID = '';
+ break;
case 'INPUT':
$data['INPUTS'] = $data['INPUTS'] == 0 ? '': $data['INPUTS'];
if ($data['INPUTS'] != '') {
@@ -273,11 +275,11 @@ class ProcessPermissions
break;
}
$oOP = new \ObjectPermission();
- $permissionUid = ($op_uid != '') ? $op_uid : G::generateUniqueID();
+ $permissionUid = ($opUid != '') ? $opUid : G::generateUniqueID();
$data['OP_UID'] = $permissionUid;
$data['OP_OBJ_UID'] = $sObjectUID;
- if ($op_uid == '') {
+ if ($opUid == '') {
$oOP->fromArray( $data, \BasePeer::TYPE_FIELDNAME );
$oOP->save();
$daraRes = $oOP->load($permissionUid);
diff --git a/workflow/engine/src/ProcessMaker/Services/Api/Project/ProcessPermissions.php b/workflow/engine/src/ProcessMaker/Services/Api/Project/ProcessPermissions.php
index e73247e51..974f18116 100644
--- a/workflow/engine/src/ProcessMaker/Services/Api/Project/ProcessPermissions.php
+++ b/workflow/engine/src/ProcessMaker/Services/Api/Project/ProcessPermissions.php
@@ -65,7 +65,7 @@ class ProcessPermissions extends Api
* @param string $op_user_relation {@from body} {@choice 1,2}
* @param string $op_case_status {@from body} {@choice ALL,DRAFT,TO_DO,PAUSED,COMPLETED}
* @param string $op_participate {@from body} {@choice 0,1}
- * @param string $op_obj_type {@from body} {@choice ANY,DYNAFORM,INPUT,OUTPUT,CASES_NOTES,MSGS_HISTORY,SUMMARY_FORM}
+ * @param string $op_obj_type {@from body} {@choice ANY,DYNAFORM,ATTACHMENT,INPUT,OUTPUT,CASES_NOTES,MSGS_HISTORY,SUMMARY_FORM}
* @param string $op_action {@from body} {@choice VIEW,BLOCK,DELETE,RESEND}
* @param string $tas_uid {@from body}
* @param string $op_task_source {@from body}
@@ -123,7 +123,7 @@ class ProcessPermissions extends Api
* @param string $op_user_relation {@from body} {@choice 1,2}
* @param string $op_case_status {@from body} {@choice ALL,DRAFT,TO_DO,PAUSED,COMPLETED}
* @param string $op_participate {@from body} {@choice 0,1}
- * @param string $op_obj_type {@from body} {@choice ANY,DYNAFORM,INPUT,OUTPUT,CASES_NOTES,MSGS_HISTORY,SUMMARY_FORM}
+ * @param string $op_obj_type {@from body} {@choice ANY,DYNAFORM,ATTACHMENT,INPUT,OUTPUT,CASES_NOTES,MSGS_HISTORY,SUMMARY_FORM}
* @param string $op_action {@from body} {@choice VIEW,BLOCK,DELETE,RESEND}
* @param string $tas_uid {@from body}
* @param string $op_task_source {@from body}