fernando/luos
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

HOR-4404

Browse Source
This commit is contained in:
Paula Quispe
2017-12-12 15:11:16 -04:00
parent b59026fe51
commit 36c8a38fea
11 changed files with 253 additions and 184 deletions
Download Patch File Download Diff File Expand all files Collapse all files

17
gulliver/system/class.rbac.php
View File

@@ -191,6 +191,15 @@ class RBAC
'save' => ['PM_SETUP'], 'save' => ['PM_SETUP'],
'delete' => ['PM_SETUP'], 'delete' => ['PM_SETUP'],
'rebuild' => ['PM_SETUP'] 'rebuild' => ['PM_SETUP']
],
'proxyNewCasesList.php' => [
'todo' => ['PM_CASES'],
'draft' => ['PM_CASES'],
'sent' => ['PM_CASES'],
'paused' => ['PM_CASES'],
'unassigned' => ['PM_CASES'],
'to_reassign' => ['PM_REASSIGNCASE,PM_REASSIGNCASE_SUPERVISOR'],
'to_revise' => ['PM_SUPERVISOR']
] ]
]; ];
$this->aliasPermissions['PM_CASES'] = [self::PM_GUEST_CASE]; $this->aliasPermissions['PM_CASES'] = [self::PM_GUEST_CASE];
@@ -1959,8 +1968,12 @@ class RBAC
$totalPermissions = count($permissions); $totalPermissions = count($permissions);
$countAccess = 0; $countAccess = 0;
foreach ($permissions as $key => $value) { foreach ($permissions as $key => $value) {
if ($this->userCanAccess($value) == 1) { $atLeastPermission = explode(',', $value);
$countAccess++; foreach ($atLeastPermission as $permission) {
if ($this->userCanAccess(trim($permission)) == 1) {
$countAccess++;
break;
}
} }
} }
//Check if the user has all permissions that needed //Check if the user has all permissions that needed

70
workflow/engine/classes/model/AppCacheView.php
View File

@@ -448,50 +448,6 @@ class AppCacheView extends BaseAppCacheView
return $this->getUnassigned($userUid, false); return $this->getUnassigned($userUid, false);
} }
public function getProUidSupervisor($userUid)
{
//finding cases PRO_UID where $userUid is supervising
require_once ('classes/model/ProcessUser.php');
require_once ('classes/model/GroupUser.php');
$oCriteria = new Criteria('workflow');
if (!empty($userUid)) {
$oCriteria->add(ProcessUserPeer::USR_UID, $userUid);
}
$oCriteria->add(ProcessUserPeer::PU_TYPE, 'SUPERVISOR');
$oDataset = ProcessUserPeer::doSelectRS($oCriteria);
$oDataset->setFetchmode(ResultSet::FETCHMODE_ASSOC);
$oDataset->next();
$aProcesses = array();
while ($aRow = $oDataset->getRow()) {
$aProcesses[] = $aRow['PRO_UID'];
$oDataset->next();
}
$oCriteria = new Criteria('workflow');
$oCriteria->addSelectColumn(ProcessUserPeer::PRO_UID);
$oCriteria->add(ProcessUserPeer::PU_TYPE, 'GROUP_SUPERVISOR');
$oCriteria->addJoin(ProcessUserPeer::USR_UID, GroupUserPeer::GRP_UID, Criteria::LEFT_JOIN);
if (!empty($userUid)) {
$oCriteria->add(GroupUserPeer::USR_UID, $userUid);
}
$oDataset = ProcessUserPeer::doSelectRS($oCriteria);
$oDataset->setFetchmode(ResultSet::FETCHMODE_ASSOC);
$oDataset->next();
while ($aRow = $oDataset->getRow()) {
$aProcesses[] = $aRow['PRO_UID'];
$oDataset->next();
}
return $aProcesses;
}
/** /**
* gets the PAUSED cases list criteria * gets the PAUSED cases list criteria
* param $userUid the current userUid * param $userUid the current userUid
@@ -509,7 +465,8 @@ class AppCacheView extends BaseAppCacheView
$criteria = $this->addPMFieldsToCriteria('paused'); $criteria = $this->addPMFieldsToCriteria('paused');
} }
$aProcesses = $this->getProUidSupervisor($userUid); $processUser = new ProcessUser();
$listProcess = $processUser->getProUidSupervisor($userUid);
//add a validation to show the processes of which $userUid is supervisor //add a validation to show the processes of which $userUid is supervisor
//$criteria->add(AppCacheViewPeer::USR_UID, $userUid); //$criteria->add(AppCacheViewPeer::USR_UID, $userUid);
@@ -517,16 +474,16 @@ class AppCacheView extends BaseAppCacheView
if (!empty($userUid)) { if (!empty($userUid)) {
$criterionAux = $criteria->getNewCriterion(AppCacheViewPeer::USR_UID, $userUid, Criteria::EQUAL); $criterionAux = $criteria->getNewCriterion(AppCacheViewPeer::USR_UID, $userUid, Criteria::EQUAL);
if ($flagSupervisor && !empty($aProcesses)) { if ($flagSupervisor && !empty($listProcess)) {
$criterionAux = $criterionAux->addOr( $criterionAux = $criterionAux->addOr(
$criteria->getNewCriterion(AppCacheViewPeer::PRO_UID, $aProcesses, Criteria::IN) $criteria->getNewCriterion(AppCacheViewPeer::PRO_UID, $listProcess, Criteria::IN)
); );
} }
$criteria->add($criterionAux); $criteria->add($criterionAux);
} else { } else {
if ($flagSupervisor && !empty($aProcesses)) { if ($flagSupervisor && !empty($listProcess)) {
$criteria->add(AppCacheViewPeer::PRO_UID, $aProcesses, Criteria::IN); $criteria->add(AppCacheViewPeer::PRO_UID, $listProcess, Criteria::IN);
} }
} }
@@ -576,7 +533,8 @@ class AppCacheView extends BaseAppCacheView
*/ */
public function getToRevise($userUid, $doCount) public function getToRevise($userUid, $doCount)
{ {
$aProcesses = $this->getProUidSupervisor($userUid, $doCount); $processUser = new ProcessUser();
$listProcess = $processUser->getProUidSupervisor($userUid);
if ($doCount && !isset($this->confCasesList['PMTable']) && !empty($this->confCasesList['PMTable'])) { if ($doCount && !isset($this->confCasesList['PMTable']) && !empty($this->confCasesList['PMTable'])) {
$c = new Criteria('workflow'); $c = new Criteria('workflow');
@@ -584,7 +542,7 @@ class AppCacheView extends BaseAppCacheView
$c = $this->addPMFieldsToCriteria('todo'); $c = $this->addPMFieldsToCriteria('todo');
} }
$c->add(AppCacheViewPeer::PRO_UID, $aProcesses, Criteria::IN); $c->add(AppCacheViewPeer::PRO_UID, $listProcess, Criteria::IN);
$c->add(AppCacheViewPeer::APP_STATUS, 'TO_DO'); $c->add(AppCacheViewPeer::APP_STATUS, 'TO_DO');
$c->add(AppCacheViewPeer::DEL_FINISH_DATE, null, Criteria::ISNULL); $c->add(AppCacheViewPeer::DEL_FINISH_DATE, null, Criteria::ISNULL);
$c->add(AppCacheViewPeer::APP_THREAD_STATUS, 'OPEN'); $c->add(AppCacheViewPeer::APP_THREAD_STATUS, 'OPEN');
@@ -1168,9 +1126,10 @@ class AppCacheView extends BaseAppCacheView
GLOBAL $RBAC; GLOBAL $RBAC;
$aUser = $RBAC->userObj->load( $_SESSION['USER_LOGGED'] ); $aUser = $RBAC->userObj->load( $_SESSION['USER_LOGGED'] );
$aProcesses = $this->getProUidSupervisor($aUser['USR_UID']); $processUser = new ProcessUser();
$listProcess = $processUser->getProUidSupervisor($aUser['USR_UID']);
$criteria = $this->getToReassign($userUid, true); $criteria = $this->getToReassign($userUid, true);
$criteria->add(AppCacheViewPeer::PRO_UID, $aProcesses, Criteria::IN); $criteria->add(AppCacheViewPeer::PRO_UID, $listProcess, Criteria::IN);
return $criteria; return $criteria;
} }
@@ -1183,9 +1142,10 @@ class AppCacheView extends BaseAppCacheView
GLOBAL $RBAC; GLOBAL $RBAC;
$aUser = $RBAC->userObj->load( $_SESSION['USER_LOGGED'] ); $aUser = $RBAC->userObj->load( $_SESSION['USER_LOGGED'] );
$aProcesses = $this->getProUidSupervisor($aUser['USR_UID']); $processUser = new ProcessUser();
$listProcess = $processUser->getProUidSupervisor($aUser['USR_UID']);
$criteria = $this->getToReassign($userUid, false); $criteria = $this->getToReassign($userUid, false);
$criteria->add(AppCacheViewPeer::PRO_UID, $aProcesses, Criteria::IN); $criteria->add(AppCacheViewPeer::PRO_UID, $listProcess, Criteria::IN);
return $criteria; return $criteria;
} }

38
workflow/engine/classes/model/ListInbox.php
View File

@@ -2,6 +2,7 @@
require_once 'classes/model/om/BaseListInbox.php'; require_once 'classes/model/om/BaseListInbox.php';
use ProcessMaker\BusinessModel\Cases as BmCases; use ProcessMaker\BusinessModel\Cases as BmCases;
use ProcessMaker\BusinessModel\User as BmUser;
/** /**
* Skeleton subclass for representing a row from the 'LIST_INBOX' table. * Skeleton subclass for representing a row from the 'LIST_INBOX' table.
@@ -417,12 +418,24 @@ class ListInbox extends BaseListInbox implements ListInterface
break; break;
case 'to_revise': case 'to_revise':
$criteria->add(ListInboxPeer::APP_STATUS, 'TO_DO', Criteria::EQUAL); $criteria->add(ListInboxPeer::APP_STATUS, 'TO_DO', Criteria::EQUAL);
$oAppCache = new AppCacheView(); $processUser = new ProcessUser();
$aProcesses = $oAppCache->getProUidSupervisor($usrUid); $listProcess = $processUser->getProUidSupervisor($usrUid);
$criteria->add(ListInboxPeer::PRO_UID, $aProcesses, Criteria::IN); $criteria->add(ListInboxPeer::PRO_UID, $listProcess, Criteria::IN);
break; break;
case 'to_reassign': case 'to_reassign':
global $RBAC;
$criteria->add(ListInboxPeer::APP_STATUS, 'TO_DO', Criteria::EQUAL); $criteria->add(ListInboxPeer::APP_STATUS, 'TO_DO', Criteria::EQUAL);
$user = new BmUser();
$listProcess = $user->getProcessToReassign(['PM_REASSIGNCASE','PM_REASSIGNCASE_SUPERVISOR']);
//If is not a supervisor and does not have the permission for view all cases we can not list cases
//If is a supervisor, we can list only his processes
if (
(empty($listProcess) && $RBAC->userCanAccess('PM_REASSIGNCASE') !== 1) ||
(is_array($listProcess) && count($listProcess) > 0)
) {
$criteria->add(ListInboxPeer::PRO_UID, $listProcess, Criteria::IN);
}
if ($usrUid !== '') { if ($usrUid !== '') {
$criteria->add(ListInboxPeer::USR_UID, $usrUid, Criteria::EQUAL); $criteria->add(ListInboxPeer::USR_UID, $usrUid, Criteria::EQUAL);
} }
@@ -617,6 +630,15 @@ class ListInbox extends BaseListInbox implements ListInterface
return $data; return $data;
} }
/**
* This function get the TAS_PRIORITY_VARIABLE related to the task
*
* @param string $taskUid
* @param string $proUid
* @param string $appUid
*
* @return integer
*/
public function getTaskPriority($taskUid, $proUid, $appUid) public function getTaskPriority($taskUid, $proUid, $appUid)
{ {
$criteria = new Criteria(); $criteria = new Criteria();
@@ -639,6 +661,14 @@ class ListInbox extends BaseListInbox implements ListInterface
return $priority != "" ? $priority : 3; return $priority != "" ? $priority : 3;
} }
/**
* This function get the TAS_PRIORITY_VARIABLE related to the task
*
* @param array $filters
* @param string $fieldName
*
* @return mixed null|string
*/
public function getAppDelegationInfo($filters, $fieldName) public function getAppDelegationInfo($filters, $fieldName)
{ {
$criteria = new Criteria(); $criteria = new Criteria();
@@ -655,8 +685,10 @@ class ListInbox extends BaseListInbox implements ListInterface
/** /**
* Returns the number of cases of a user * Returns the number of cases of a user
*
* @param string $usrUid * @param string $usrUid
* @param array $filters * @param array $filters
*
* @return int * @return int
*/ */
public function getCountList($usrUid, $filters = array()) public function getCountList($usrUid, $filters = array())

53
workflow/engine/classes/model/ProcessUser.php
View File

@@ -4,9 +4,6 @@
* @package workflow.engine.classes.model * @package workflow.engine.classes.model
*/ */
//require_once 'classes/model/om/BaseProcessUser.php';
/** /**
* Skeleton subclass for representing a row from the 'PROCESS_USER' table. * Skeleton subclass for representing a row from the 'PROCESS_USER' table.
* *
@@ -127,5 +124,55 @@ class ProcessUser extends BaseProcessUser
throw ($oError); throw ($oError);
} }
} }
/**
* Get the list of process where the user is supervisor
* finding cases PRO_UID where $userUid is supervising
*
* @param string $userUid
*
* @return array
* @throws Exception
*/
public function getProUidSupervisor($userUid)
{
try {
$processes = [];
//Get the process when the user is supervisor
$criteria = new Criteria('workflow');
$criteria->add(ProcessUserPeer::PU_TYPE, 'SUPERVISOR');
$criteria->add(ProcessUserPeer::USR_UID, $userUid);
$dataset = ProcessUserPeer::doSelectRS($criteria);
$dataset->setFetchmode(ResultSet::FETCHMODE_ASSOC);
$dataset->next();
while ($row = $dataset->getRow()) {
$processes[] = $row['PRO_UID'];
$dataset->next();
}
//Get the process when the user is assigned into the group supervisor
$criteria = new Criteria('workflow');
$criteria->add(ProcessUserPeer::PU_TYPE, 'GROUP_SUPERVISOR');
$criteria->addSelectColumn(ProcessUserPeer::PRO_UID);
$criteria->addJoin(ProcessUserPeer::USR_UID, GroupUserPeer::GRP_UID, Criteria::LEFT_JOIN);
$criteria->add(GroupUserPeer::USR_UID, $userUid);
$dataset = ProcessUserPeer::doSelectRS($criteria);
$dataset->setFetchmode(ResultSet::FETCHMODE_ASSOC);
$dataset->next();
while ($row = $dataset->getRow()) {
$processes[] = $row['PRO_UID'];
$dataset->next();
}
return $processes;
} catch (Exception $e) {
throw $e;
}
}
} }

41
workflow/engine/methods/cases/ajaxListener.php
View File

@@ -1,41 +1,7 @@
<?php <?php
/**
* cases/ajaxListener.php Ajax Listener for Cases rpc requests
*
* ProcessMaker Open Source Edition
* Copyright (C) 2004 - 2008 Colosa Inc.23
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License as
* published by the Free Software Foundation, either version 3 of the
* License, or (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*
* For more information, contact Colosa Inc, 2566 Le Jeune Rd.,
* Coral Gables, FL, 33134, USA, or email info@colosa.com.
*/
use ProcessMaker\Plugins\PluginRegistry; use ProcessMaker\Plugins\PluginRegistry;
/**
*
* @author Erik Amaru Ortiz <erik@colosa.com>
* @date Jan 3th, 2010
*/
//require_once 'classes/model/Application.php';
//require_once 'classes/model/Users.php';
//require_once 'classes/model/AppThread.php';
//require_once 'classes/model/AppDelay.php';
//require_once 'classes/model/Process.php';
//require_once 'classes/model/Task.php';
if (!isset($_SESSION['USER_LOGGED'])) { if (!isset($_SESSION['USER_LOGGED'])) {
$responseObject = new stdclass(); $responseObject = new stdclass();
$responseObject->error = G::LoadTranslation('ID_LOGIN_AGAIN'); $responseObject->error = G::LoadTranslation('ID_LOGIN_AGAIN');
@@ -45,7 +11,6 @@ if (!isset($_SESSION['USER_LOGGED'])) {
die(); die();
} }
$filter = new InputFilter(); $filter = new InputFilter();
$_REQUEST = $filter->xssFilterHard($_REQUEST); $_REQUEST = $filter->xssFilterHard($_REQUEST);
$_POST = $filter->xssFilterHard($_POST); $_POST = $filter->xssFilterHard($_POST);
@@ -68,9 +33,9 @@ if(isset($_REQUEST['action']) && $_REQUEST['action'] == "verifySession" ) {
} elseif ($RBAC->userCanAccess('PM_REASSIGNCASE_SUPERVISOR') == 1) { } elseif ($RBAC->userCanAccess('PM_REASSIGNCASE_SUPERVISOR') == 1) {
$response->reassigncase = false; $response->reassigncase = false;
$response->message = G::LoadTranslation('ID_NOT_ABLE_REASSIGN'); $response->message = G::LoadTranslation('ID_NOT_ABLE_REASSIGN');
$oAppCache = new AppCacheView(); $processUser = new ProcessUser();
$aProcesses = $oAppCache->getProUidSupervisor($_SESSION['USER_LOGGED']); $listProcess = $processUser->getProUidSupervisor($_SESSION['USER_LOGGED']);
if(in_array($_SESSION['PROCESS'], $aProcesses)){ if (in_array($_SESSION['PROCESS'], $listProcess)) {
$response->reassigncase = true; $response->reassigncase = true;
} }
} }

109
workflow/engine/methods/cases/casesList_Ajax.php
View File

@@ -6,28 +6,6 @@ if (!isset($_SESSION['USER_LOGGED'])) {
print G::json_encode($response); print G::json_encode($response);
die(); die();
} }
/**
* casesList_Ajax.php
*
* ProcessMaker Open Source Edition
* Copyright (C) 2004 - 2008 Colosa Inc.
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License as
* published by the Free Software Foundation, either version 3 of the
* License, or (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*
* For more information, contact Colosa Inc, 2566 Le Jeune Rd.,
* Coral Gables, FL, 33134, USA, or email info@colosa.com.
*/
$actionAjax = isset($_REQUEST['actionAjax']) ? $_REQUEST['actionAjax'] : null; $actionAjax = isset($_REQUEST['actionAjax']) ? $_REQUEST['actionAjax'] : null;
@@ -39,13 +17,14 @@ function filterUserListArray($users = array(), $filter = '')
$filteredUsers[] = $user; $filteredUsers[] = $user;
} }
} }
return $filteredUsers; return $filteredUsers;
} }
//Load the suggest list of users //Load the suggest list of users
if ($actionAjax == "userValues") { if ($actionAjax == "userValues") {
$action = isset( $_REQUEST['action'] ) ? $_REQUEST['action'] : null; $action = isset($_REQUEST['action']) ? $_REQUEST['action'] : null;
$query = isset( $_REQUEST['query'] ) ? $_REQUEST['query'] : null; $query = isset($_REQUEST['query']) ? $_REQUEST['query'] : null;
$conf = new Configurations(); $conf = new Configurations();
$confEnvSetting = $conf->getFormats(); $confEnvSetting = $conf->getFormats();
@@ -69,8 +48,8 @@ if ($actionAjax == "userValues") {
if (!is_null($query)) { if (!is_null($query)) {
$filters = $cUsers->getNewCriterion(UsersPeer::USR_FIRSTNAME, '%' . $query . '%', Criteria::LIKE)->addOr( $filters = $cUsers->getNewCriterion(UsersPeer::USR_FIRSTNAME, '%' . $query . '%', Criteria::LIKE)->addOr(
$cUsers->getNewCriterion(UsersPeer::USR_LASTNAME, '%' . $query . '%', Criteria::LIKE)->addOr( $cUsers->getNewCriterion(UsersPeer::USR_LASTNAME, '%' . $query . '%', Criteria::LIKE)->addOr(
$cUsers->getNewCriterion(UsersPeer::USR_USERNAME, '%' . $query . '%', Criteria::LIKE))); $cUsers->getNewCriterion(UsersPeer::USR_USERNAME, '%' . $query . '%', Criteria::LIKE)));
$cUsers->addOr($filters); $cUsers->addOr($filters);
} }
$cUsers->setLimit(20); $cUsers->setLimit(20);
$cUsers->addAscendingOrderByColumn(UsersPeer::TABLE_NAME . "." . $conf->userNameFormatGetFirstFieldByUsersTable()); $cUsers->addAscendingOrderByColumn(UsersPeer::TABLE_NAME . "." . $conf->userNameFormatGetFirstFieldByUsersTable());
@@ -79,7 +58,8 @@ if ($actionAjax == "userValues") {
while ($oDataset->next()) { while ($oDataset->next()) {
$row = $oDataset->getRow(); $row = $oDataset->getRow();
$usrFullName = $conf->usersNameFormatBySetParameters($confEnvSetting["format"], $row["USR_USERNAME"], $row["USR_FIRSTNAME"], $row["USR_LASTNAME"]); $usrFullName = $conf->usersNameFormatBySetParameters($confEnvSetting["format"], $row["USR_USERNAME"],
$row["USR_FIRSTNAME"], $row["USR_LASTNAME"]);
if ($action === 'search') { if ($action === 'search') {
//Only for the advanced search we used the USR_ID column //Only for the advanced search we used the USR_ID column
$users[] = array("USR_UID" => $row["USR_ID"], "USR_FULLNAME" => $usrFullName); $users[] = array("USR_UID" => $row["USR_ID"], "USR_FULLNAME" => $usrFullName);
@@ -87,6 +67,7 @@ if ($actionAjax == "userValues") {
$users[] = array("USR_UID" => $row["USR_UID"], "USR_FULLNAME" => $usrFullName); $users[] = array("USR_UID" => $row["USR_UID"], "USR_FULLNAME" => $usrFullName);
} }
} }
return print G::json_encode($users); return print G::json_encode($users);
} }
@@ -126,18 +107,18 @@ if ($actionAjax == "processListExtJs") {
$cProcess->addAnd($filters); $cProcess->addAnd($filters);
} }
if ($action==='to_revise') { if ($action === 'to_revise') {
$oAppCache = new AppCacheView(); $processUser = new ProcessUser();
$aProcesses = $oAppCache->getProUidSupervisor($_SESSION['USER_LOGGED']); $listProcess = $processUser->getProUidSupervisor($_SESSION['USER_LOGGED']);
$cProcess->add(ProcessPeer::PRO_UID, $aProcesses, Criteria::IN); $cProcess->add(ProcessPeer::PRO_UID, $listProcess, Criteria::IN);
} }
if ($action==='to_reassign') { if ($action === 'to_reassign') {
if ($RBAC->userCanAccess('PM_REASSIGNCASE') == 1) { if ($RBAC->userCanAccess('PM_REASSIGNCASE') == 1) {
} elseif ($RBAC->userCanAccess('PM_REASSIGNCASE_SUPERVISOR') == 1) { } elseif ($RBAC->userCanAccess('PM_REASSIGNCASE_SUPERVISOR') == 1) {
$oAppCache = new AppCacheView(); $processUser = new ProcessUser();
$aProcesses = $oAppCache->getProUidSupervisor($_SESSION['USER_LOGGED']); $listProcess = $processUser->getProUidSupervisor($_SESSION['USER_LOGGED']);
$cProcess->add(ProcessPeer::PRO_UID, $aProcesses, Criteria::IN); $cProcess->add(ProcessPeer::PRO_UID, $listProcess, Criteria::IN);
} }
} }
@@ -153,6 +134,7 @@ if ($actionAjax == "processListExtJs") {
} }
$processes[] = $aRow; $processes[] = $aRow;
} }
return print G::json_encode($processes); return print G::json_encode($processes);
} }
@@ -161,7 +143,7 @@ if ($actionAjax == "verifySession") {
$response = new stdclass(); $response = new stdclass();
$response->message = G::LoadTranslation('ID_LOGIN_AGAIN'); $response->message = G::LoadTranslation('ID_LOGIN_AGAIN');
$response->lostSession = true; $response->lostSession = true;
print G::json_encode( $response ); print G::json_encode($response);
die(); die();
} else { } else {
$response = new stdclass(); $response = new stdclass();
@@ -174,32 +156,33 @@ if ($actionAjax == "verifySession") {
} elseif ($RBAC->userCanAccess('PM_REASSIGNCASE_SUPERVISOR') == 1) { } elseif ($RBAC->userCanAccess('PM_REASSIGNCASE_SUPERVISOR') == 1) {
$response->reassigncase = true; $response->reassigncase = true;
$response->message = G::LoadTranslation('ID_NOT_ABLE_REASSIGN'); $response->message = G::LoadTranslation('ID_NOT_ABLE_REASSIGN');
$oAppCache = new AppCacheView(); $processUser = new ProcessUser();
$aProcesses = $oAppCache->getProUidSupervisor($_SESSION['USER_LOGGED']); $listProcess = $processUser->getProUidSupervisor($_SESSION['USER_LOGGED']);
$response->processeslist = G::json_encode( $aProcesses ); $response->processeslist = G::json_encode($listProcess);
} }
print G::json_encode( $response ); print G::json_encode($response);
die(); die();
} }
} }
if ($actionAjax == "getUsersToReassign") { if ($actionAjax == "getUsersToReassign") {
$taskUid = $_POST['taskUid']; $taskUid = $_POST['taskUid'];
$search = $_POST['search']; $search = $_POST['search'];
$pageSize = $_POST['pageSize']; $pageSize = $_POST['pageSize'];
$sortField = (isset($_POST['sort']))? $_POST['sort'] : ''; $sortField = (isset($_POST['sort'])) ? $_POST['sort'] : '';
$sortDir = (isset($_POST['dir']))? $_POST['dir'] : ''; $sortDir = (isset($_POST['dir'])) ? $_POST['dir'] : '';
$start = (isset($_POST['start']))? $_POST['start'] : 0; $start = (isset($_POST['start'])) ? $_POST['start'] : 0;
$limit = (isset($_POST['limit']))? $_POST['limit'] : $pageSize; $limit = (isset($_POST['limit'])) ? $_POST['limit'] : $pageSize;
$response = []; $response = [];
try { try {
$case = new \ProcessMaker\BusinessModel\Cases(); $case = new \ProcessMaker\BusinessModel\Cases();
$result = $case->getUsersToReassign($_SESSION['USER_LOGGED'], $taskUid, ['filter' => $search], $sortField, $sortDir, $start, $limit); $result = $case->getUsersToReassign($_SESSION['USER_LOGGED'], $taskUid, ['filter' => $search], $sortField,
$sortDir, $start, $limit);
$response['status'] = 'OK'; $response['status'] = 'OK';
$response['success'] = true; $response['success'] = true;
@@ -232,9 +215,9 @@ if ($actionAjax == 'reassignCase') {
//Current users of OPEN DEL_INDEX thread //Current users of OPEN DEL_INDEX thread
$aCurUser = $oAppDel->getCurrentUsers($APP_UID, $DEL_INDEX); $aCurUser = $oAppDel->getCurrentUsers($APP_UID, $DEL_INDEX);
$flagReassign = true; $flagReassign = true;
if(!empty($aCurUser)){ if (!empty($aCurUser)) {
foreach ($aCurUser as $key => $value) { foreach ($aCurUser as $key => $value) {
if($value === $TO_USR_UID){ if ($value === $TO_USR_UID) {
$flagReassign = false; $flagReassign = false;
} }
} }
@@ -244,7 +227,7 @@ if ($actionAjax == 'reassignCase') {
} }
//If the currentUser is diferent to nextUser, create the thread //If the currentUser is diferent to nextUser, create the thread
if($flagReassign){ if ($flagReassign) {
$cases->reassignCase($_SESSION['APPLICATION'], $_SESSION['INDEX'], $_SESSION['USER_LOGGED'], $TO_USR_UID); $cases->reassignCase($_SESSION['APPLICATION'], $_SESSION['INDEX'], $_SESSION['USER_LOGGED'], $TO_USR_UID);
} }
@@ -258,11 +241,12 @@ if ($actionAjax == 'reassignCase') {
// Save the note reassign reason // Save the note reassign reason
if (isset($_POST['NOTE_REASON']) && $_POST['NOTE_REASON'] !== '') { if (isset($_POST['NOTE_REASON']) && $_POST['NOTE_REASON'] !== '') {
require_once ("classes/model/AppNotes.php"); require_once("classes/model/AppNotes.php");
$appNotes = new AppNotes(); $appNotes = new AppNotes();
$noteContent = addslashes($_POST['NOTE_REASON']); $noteContent = addslashes($_POST['NOTE_REASON']);
$notifyReassign = $_POST['NOTIFY_REASSIGN'] === 'true' ? true: false; $notifyReassign = $_POST['NOTIFY_REASSIGN'] === 'true' ? true : false;
$res = $appNotes->postNewNote($_SESSION['APPLICATION'], $_SESSION['USER_LOGGED'], $noteContent, $notifyReassign); $res = $appNotes->postNewNote($_SESSION['APPLICATION'], $_SESSION['USER_LOGGED'], $noteContent,
$notifyReassign);
} }
} catch (Exception $e) { } catch (Exception $e) {
$result->status = 1; $result->status = 1;
@@ -294,10 +278,12 @@ if ($actionAjax == 'showHistoryMessage') {
leimnud.browser = {}; leimnud.browser = {};
leimnud.browser.isIphone = ""; leimnud.browser.isIphone = "";
leimnud.iphone = {}; leimnud.iphone = {};
leimnud.iphone.make = function(){ leimnud.iphone.make = function() {
}; };
function ajax_function(ajax_server, funcion, parameters, method) { function ajax_function(ajax_server, funcion, parameters, method) {
} }
//! //!
</script> </script>
<?php <?php
@@ -310,7 +296,8 @@ if ($actionAjax == 'showHistoryMessage') {
$G_PUBLISH = new Publisher(); $G_PUBLISH = new Publisher();
$oCase = new Cases(); $oCase = new Cases();
$G_PUBLISH->AddContent('xmlform', 'xmlform', 'cases/cases_MessagesView', '', $oCase->getHistoryMessagesTrackerView($_POST['APP_UID'], $_POST['APP_MSG_UID'])); $G_PUBLISH->AddContent('xmlform', 'xmlform', 'cases/cases_MessagesView', '',
$oCase->getHistoryMessagesTrackerView($_POST['APP_UID'], $_POST['APP_MSG_UID']));
?> ?>
@@ -320,7 +307,7 @@ if ($actionAjax == 'showHistoryMessage') {
<?php <?php
global $G_FORM; global $G_FORM;
?> ?>
function loadForm_<?php echo $G_FORM->id;?>(parametro1){ function loadForm_<?php echo $G_FORM->id;?>(parametro1) {
} }
</script> </script>
<?php <?php
@@ -342,6 +329,7 @@ if ($actionAjax == 'showDynaformListHistory') {
html { html {
color: black !important; color: black !important;
} }
body { body {
color: black !important; color: black !important;
} }
@@ -351,6 +339,7 @@ if ($actionAjax == 'showDynaformListHistory') {
raw = raw || false; raw = raw || false;
hexcase = hexcase || false; hexcase = hexcase || false;
chrsz = chrsz || 8; chrsz = chrsz || 8;
function safe_add(x, y) { function safe_add(x, y) {
var lsw = (x & 0xFFFF) + (y & 0xFFFF); var lsw = (x & 0xFFFF) + (y & 0xFFFF);
var msw = (x >> 16) + (y >> 16) + (lsw >> 16); var msw = (x >> 16) + (y >> 16) + (lsw >> 16);
@@ -505,6 +494,7 @@ if ($actionAjax == 'showDynaformListHistory') {
leimnud.iphone = {}; leimnud.iphone = {};
leimnud.iphone.make = function () { leimnud.iphone.make = function () {
}; };
function ajax_function(ajax_server, funcion, parameters, method) { function ajax_function(ajax_server, funcion, parameters, method) {
} }
@@ -534,6 +524,7 @@ if ($actionAjax == 'showDynaformListHistory') {
showDynaformHistoryGlobal.tablename = ''; showDynaformHistoryGlobal.tablename = '';
showDynaformHistoryGlobal.dynDate = ''; showDynaformHistoryGlobal.dynDate = '';
showDynaformHistoryGlobal.dynTitle = ''; showDynaformHistoryGlobal.dynTitle = '';
function showDynaformHistory(dynUID, tablename, dynDate, dynTitle) { function showDynaformHistory(dynUID, tablename, dynDate, dynTitle) {
showDynaformHistoryGlobal.dynUID = dynUID; showDynaformHistoryGlobal.dynUID = dynUID;
showDynaformHistoryGlobal.tablename = tablename; showDynaformHistoryGlobal.tablename = tablename;
@@ -591,8 +582,10 @@ if ($actionAjax == 'dynaformChangeLogViewHistory') {
leimnud.iphone = {}; leimnud.iphone = {};
leimnud.iphone.make = function () { leimnud.iphone.make = function () {
}; };
function ajax_function(ajax_server, funcion, parameters, method) { function ajax_function(ajax_server, funcion, parameters, method) {
} }
//! //!
</script> </script>
<?php <?php
@@ -647,8 +640,10 @@ if ($actionAjax == 'historyDynaformGridPreview') {
leimnud.iphone = {}; leimnud.iphone = {};
leimnud.iphone.make = function () { leimnud.iphone.make = function () {
}; };
function ajax_function(ajax_server, funcion, parameters, method) { function ajax_function(ajax_server, funcion, parameters, method) {
} }
//! //!
</script> </script>
<?php <?php
@@ -666,7 +661,7 @@ if ($actionAjax == 'historyDynaformGridPreview') {
$Fields['APP_DATA']['__DYNAFORM_OPTIONS']['NEXT_ACTION'] = 'return false;'; $Fields['APP_DATA']['__DYNAFORM_OPTIONS']['NEXT_ACTION'] = 'return false;';
$_SESSION['DYN_UID_PRINT'] = $_POST['DYN_UID']; $_SESSION['DYN_UID_PRINT'] = $_POST['DYN_UID'];
$G_PUBLISH->AddContent('dynaform', 'xmlform', $_SESSION['PROCESS'] . '/' . $_POST['DYN_UID'], '', $G_PUBLISH->AddContent('dynaform', 'xmlform', $_SESSION['PROCESS'] . '/' . $_POST['DYN_UID'], '',
$Fields['APP_DATA'], $Fields['APP_DATA'],
'', '', 'view'); '', '', 'view');
?> ?>

3
workflow/engine/methods/cases/proxyNewCasesList.php
View File

@@ -30,6 +30,9 @@ try {
$filters['sort'] = G::toUpper($filters['sort']); $filters['sort'] = G::toUpper($filters['sort']);
$openApplicationUid = (isset($_REQUEST['openApplicationUid']) && $_REQUEST['openApplicationUid'] != '') ? $_REQUEST['openApplicationUid'] : null; $openApplicationUid = (isset($_REQUEST['openApplicationUid']) && $_REQUEST['openApplicationUid'] != '') ? $_REQUEST['openApplicationUid'] : null;
global $RBAC;
$RBAC->allows(basename(__FILE__), $filters['action']);
//Define user when is reassign //Define user when is reassign
if ($filters['action'] == 'to_reassign') { if ($filters['action'] == 'to_reassign') {
if ($filters['user'] == '' ) { if ($filters['user'] == '' ) {

23
workflow/engine/src/ProcessMaker/BusinessModel/Cases.php
View File

@@ -27,6 +27,7 @@ use Exception;
use EntitySolrRequestData; use EntitySolrRequestData;
use G; use G;
use Groups; use Groups;
use GroupUserPeer;
use InvalidIndexSearchTextException; use InvalidIndexSearchTextException;
use ListParticipatedLast; use ListParticipatedLast;
use PmDynaform; use PmDynaform;
@@ -36,6 +37,7 @@ use ProcessMaker\BusinessModel\ProcessSupervisor as BmProcessSupervisor;
use ProcessMaker\Core\System; use ProcessMaker\Core\System;
use ProcessMaker\Plugins\PluginRegistry; use ProcessMaker\Plugins\PluginRegistry;
use ProcessMaker\Services\OAuth2\Server; use ProcessMaker\Services\OAuth2\Server;
use ProcessUser;
use ProcessUserPeer; use ProcessUserPeer;
use ProcessPeer; use ProcessPeer;
use RBAC; use RBAC;
@@ -876,9 +878,8 @@ class Cases
throw (new Exception(G::LoadTranslation("ID_CASE_ALREADY_CANCELED", array($app_uid)))); throw (new Exception(G::LoadTranslation("ID_CASE_ALREADY_CANCELED", array($app_uid))));
} }
$appCacheView = new AppCacheView(); $processUser = new ProcessUser();
$arrayProcess = $processUser->getProUidSupervisor($usr_uid);
$arrayProcess = $appCacheView->getProUidSupervisor($usr_uid);
$criteria = new Criteria("workflow"); $criteria = new Criteria("workflow");
@@ -937,9 +938,8 @@ class Cases
throw (new Exception(G::LoadTranslation("ID_CASE_PAUSED", array($app_uid)))); throw (new Exception(G::LoadTranslation("ID_CASE_PAUSED", array($app_uid))));
} }
$appCacheView = new AppCacheView(); $processUser = new ProcessUser();
$arrayProcess = $processUser->getProUidSupervisor($usr_uid);
$arrayProcess = $appCacheView->getProUidSupervisor($usr_uid);
$criteria = new Criteria("workflow"); $criteria = new Criteria("workflow");
@@ -996,9 +996,8 @@ class Cases
throw (new Exception(G::LoadTranslation("ID_CASE_NOT_PAUSED", array($app_uid)))); throw (new Exception(G::LoadTranslation("ID_CASE_NOT_PAUSED", array($app_uid))));
} }
$appCacheView = new AppCacheView(); $processUser = new ProcessUser();
$arrayProcess = $processUser->getProUidSupervisor($usr_uid);
$arrayProcess = $appCacheView->getProUidSupervisor($usr_uid);
$criteria = new Criteria("workflow"); $criteria = new Criteria("workflow");
$criteria->addSelectColumn(AppDelegationPeer::APP_UID); $criteria->addSelectColumn(AppDelegationPeer::APP_UID);
@@ -1844,15 +1843,15 @@ class Cases
throw new Exception(G::LoadTranslation("ID_CASE_IS_COMPLETED", array($app_uid))); throw new Exception(G::LoadTranslation("ID_CASE_IS_COMPLETED", array($app_uid)));
} }
$appCacheView = new AppCacheView(); $processUser = new ProcessUser();
$isProcessSupervisor = $appCacheView->getProUidSupervisor($usr_uid); $listProcess = $processUser->getProUidSupervisor($usr_uid);
$criteria = new Criteria("workflow"); $criteria = new Criteria("workflow");
$criteria->addSelectColumn(AppDelegationPeer::APP_UID); $criteria->addSelectColumn(AppDelegationPeer::APP_UID);
$criteria->add(AppDelegationPeer::APP_UID, $app_uid, Criteria::EQUAL); $criteria->add(AppDelegationPeer::APP_UID, $app_uid, Criteria::EQUAL);
$criteria->add(AppDelegationPeer::USR_UID, $usr_uid, Criteria::EQUAL); $criteria->add(AppDelegationPeer::USR_UID, $usr_uid, Criteria::EQUAL);
$criteria->add( $criteria->add(
$criteria->getNewCriterion(AppDelegationPeer::USR_UID, $usr_uid, Criteria::EQUAL)->addOr( $criteria->getNewCriterion(AppDelegationPeer::USR_UID, $usr_uid, Criteria::EQUAL)->addOr(
$criteria->getNewCriterion(AppDelegationPeer::PRO_UID, $isProcessSupervisor, Criteria::IN)) $criteria->getNewCriterion(AppDelegationPeer::PRO_UID, $listProcess, Criteria::IN))
); );
$rsCriteria = AppDelegationPeer::doSelectRS($criteria); $rsCriteria = AppDelegationPeer::doSelectRS($criteria);

6
workflow/engine/src/ProcessMaker/BusinessModel/ProcessSupervisor.php
View File

@@ -1,12 +1,14 @@
<?php <?php
namespace ProcessMaker\BusinessModel; namespace ProcessMaker\BusinessModel;
use G;
use Criteria; use Criteria;
use DynaformPeer; use DynaformPeer;
use Exception;
use G;
use GroupUserPeer;
use ProcessUserPeer;
use ResultSet; use ResultSet;
use StepSupervisorPeer; use StepSupervisorPeer;
use Exception;
class ProcessSupervisor class ProcessSupervisor
{ {

51
workflow/engine/src/ProcessMaker/BusinessModel/User.php
View File

@@ -22,9 +22,11 @@ use IsoLocationPeer;
use IsoSubdivisionPeer; use IsoSubdivisionPeer;
use ListParticipatedLast; use ListParticipatedLast;
use PMmemcached; use PMmemcached;
use ProcessMaker\BusinessModel\ProcessSupervisor as BmProcessSupervisor;
use ProcessMaker\Plugins\PluginRegistry; use ProcessMaker\Plugins\PluginRegistry;
use ProcessMaker\Util\DateTime; use ProcessMaker\Util\DateTime;
use ProcessMaker\Util\System; use ProcessMaker\Util\System;
use ProcessUser;
use Propel; use Propel;
use RBAC; use RBAC;
use RbacUsers; use RbacUsers;
@@ -1713,4 +1715,53 @@ class User
return $dataUsers; return $dataUsers;
} }
/**
* This function get the list of process that the user can reassign
* If the user has the permission PM_REASSIGNCASE can reassign any process
* If the user has the permission PM_REASSIGNCASE_SUPERVISOR can reassign only their processes
*
* @param array $listPermissions
*
* @return mixed array|null where:
* Array empty if he can reassign any process
* List of processes that he can reassign
* Will be return null if can not reassign
*/
public function getProcessToReassign($listPermissions = [])
{
global $RBAC;
$processes = [];
if (in_array('PM_REASSIGNCASE', $listPermissions) && $RBAC->userCanAccess('PM_REASSIGNCASE') === 1){
//The user can reassign any process
return $processes;
} elseif (in_array('PM_REASSIGNCASE_SUPERVISOR', $listPermissions) && $RBAC->userCanAccess('PM_REASSIGNCASE_SUPERVISOR') === 1){
$userLogged = $RBAC->aUserInfo['USER_INFO']['USR_UID'];
$processUser = new ProcessUser();
$processes = $processUser->getProUidSupervisor($userLogged);
//The user can reassign only their processes
return $processes;
} else {
return null;
}
}
/**
* This function review if the user can reassign cases
*
* @param string $usrUid
* @param string $proUid
*
* @return boolean
*/
public function userCanReassign($usrUid, $proUid)
{
if ($this->checkPermission($usrUid, 'PM_REASSIGNCASE')) {
return true;
} elseif ($this->checkPermission($usrUid, 'PM_REASSIGNCASE_SUPERVISOR')) {
$processSupervisor = new BmProcessSupervisor();
$isSupervisor = $processSupervisor->isUserProcessSupervisor($proUid, $usrUid);
return $isSupervisor;
}
}
} }

26
workflow/engine/src/ProcessMaker/Services/Api/Cases.php
View File

@@ -92,22 +92,15 @@ class Cases extends Api
//Check if the user is supervisor process //Check if the user is supervisor process
$case = new BmCases(); $case = new BmCases();
$user = new BmUser(); $user = new BmUser();
$count = 0; $count = 0;
foreach ($arrayParameters as $value) { foreach ($arrayParameters as $value) {
$arrayApplicationData = $case->getApplicationRecordByPk($value['APP_UID'], [], false); $arrayApplicationData = $case->getApplicationRecordByPk($value['APP_UID'], [], false);
if (!empty($arrayApplicationData)) { if (!empty($arrayApplicationData)) {
if (!$user->checkPermission($usrUid, 'PM_REASSIGNCASE')) { $canReassign = $user->userCanReassign($usrUid, $arrayApplicationData['PRO_UID']);
if ($user->checkPermission($usrUid, 'PM_REASSIGNCASE_SUPERVISOR')) { if (!$canReassign) {
$supervisor = new BmProcessSupervisor(); //We count when the user is not supervisor to the process
$flagps = $supervisor->isUserProcessSupervisor($arrayApplicationData['PRO_UID'], $usrUid); $count = $count + 1;
if (!$flagps) {
$count = $count + 1;
}
}
} }
} }
} }
@@ -116,6 +109,15 @@ class Cases extends Api
return true; return true;
} }
break; break;
case 'doPutReassignCase':
$appUid = $this->parameters[$arrayArgs['app_uid']];
$usrUid = $this->getUserId();
$case = new BmCases();
$user = new BmUser();
$arrayApplicationData = $case->getApplicationRecordByPk($appUid, [], false);
return $user->userCanReassign($usrUid, $arrayApplicationData['PRO_UID']);
break;
case "doGetCaseInfo" : case "doGetCaseInfo" :
$appUid = $this->parameters[$arrayArgs['app_uid']]; $appUid = $this->parameters[$arrayArgs['app_uid']];
$usrUid = $this->getUserId(); $usrUid = $this->getUserId();
@@ -838,7 +840,7 @@ class Cases extends Api
* @throws RestException * @throws RestException
* *
* @access protected * @access protected
* @class AccessControl {@permission PM_REASSIGNCASE,PM_REASSIGNCASE_SUPERVISOR} * @class AccessControl {@className \ProcessMaker\Services\Api\Cases}
*/ */
public function doPutReassignCase($app_uid, $usr_uid_source, $usr_uid_target, $del_index = null) public function doPutReassignCase($app_uid, $usr_uid_source, $usr_uid_target, $del_index = null)
{ {