fernando/luos
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

HOR-4404

Browse Source
This commit is contained in:
Paula Quispe
2017-12-12 15:11:16 -04:00
parent b59026fe51
commit 36c8a38fea
11 changed files with 253 additions and 184 deletions
Download Patch File Download Diff File Expand all files Collapse all files

17
gulliver/system/class.rbac.php
View File

@@ -191,6 +191,15 @@ class RBAC
'save' => ['PM_SETUP'],
'delete' => ['PM_SETUP'],
'rebuild' => ['PM_SETUP']
],
'proxyNewCasesList.php' => [
'todo' => ['PM_CASES'],
'draft' => ['PM_CASES'],
'sent' => ['PM_CASES'],
'paused' => ['PM_CASES'],
'unassigned' => ['PM_CASES'],
'to_reassign' => ['PM_REASSIGNCASE,PM_REASSIGNCASE_SUPERVISOR'],
'to_revise' => ['PM_SUPERVISOR']
]
];
$this->aliasPermissions['PM_CASES'] = [self::PM_GUEST_CASE];
@@ -1959,8 +1968,12 @@ class RBAC
$totalPermissions = count($permissions);
$countAccess = 0;
foreach ($permissions as $key => $value) {
if ($this->userCanAccess($value) == 1) {
$countAccess++;
$atLeastPermission = explode(',', $value);
foreach ($atLeastPermission as $permission) {
if ($this->userCanAccess(trim($permission)) == 1) {
$countAccess++;
break;
}
}
}
//Check if the user has all permissions that needed

70
workflow/engine/classes/model/AppCacheView.php
View File

@@ -448,50 +448,6 @@ class AppCacheView extends BaseAppCacheView
return $this->getUnassigned($userUid, false);
}
public function getProUidSupervisor($userUid)
{
//finding cases PRO_UID where $userUid is supervising
require_once ('classes/model/ProcessUser.php');
require_once ('classes/model/GroupUser.php');
$oCriteria = new Criteria('workflow');
if (!empty($userUid)) {
$oCriteria->add(ProcessUserPeer::USR_UID, $userUid);
}
$oCriteria->add(ProcessUserPeer::PU_TYPE, 'SUPERVISOR');
$oDataset = ProcessUserPeer::doSelectRS($oCriteria);
$oDataset->setFetchmode(ResultSet::FETCHMODE_ASSOC);
$oDataset->next();
$aProcesses = array();
while ($aRow = $oDataset->getRow()) {
$aProcesses[] = $aRow['PRO_UID'];
$oDataset->next();
}
$oCriteria = new Criteria('workflow');
$oCriteria->addSelectColumn(ProcessUserPeer::PRO_UID);
$oCriteria->add(ProcessUserPeer::PU_TYPE, 'GROUP_SUPERVISOR');
$oCriteria->addJoin(ProcessUserPeer::USR_UID, GroupUserPeer::GRP_UID, Criteria::LEFT_JOIN);
if (!empty($userUid)) {
$oCriteria->add(GroupUserPeer::USR_UID, $userUid);
}
$oDataset = ProcessUserPeer::doSelectRS($oCriteria);
$oDataset->setFetchmode(ResultSet::FETCHMODE_ASSOC);
$oDataset->next();
while ($aRow = $oDataset->getRow()) {
$aProcesses[] = $aRow['PRO_UID'];
$oDataset->next();
}
return $aProcesses;
}
/**
* gets the PAUSED cases list criteria
* param $userUid the current userUid
@@ -509,7 +465,8 @@ class AppCacheView extends BaseAppCacheView
$criteria = $this->addPMFieldsToCriteria('paused');
}
$aProcesses = $this->getProUidSupervisor($userUid);
$processUser = new ProcessUser();
$listProcess = $processUser->getProUidSupervisor($userUid);
//add a validation to show the processes of which $userUid is supervisor
//$criteria->add(AppCacheViewPeer::USR_UID, $userUid);
@@ -517,16 +474,16 @@ class AppCacheView extends BaseAppCacheView
if (!empty($userUid)) {
$criterionAux = $criteria->getNewCriterion(AppCacheViewPeer::USR_UID, $userUid, Criteria::EQUAL);
if ($flagSupervisor && !empty($aProcesses)) {
if ($flagSupervisor && !empty($listProcess)) {
$criterionAux = $criterionAux->addOr(
$criteria->getNewCriterion(AppCacheViewPeer::PRO_UID, $aProcesses, Criteria::IN)
$criteria->getNewCriterion(AppCacheViewPeer::PRO_UID, $listProcess, Criteria::IN)
);
}
$criteria->add($criterionAux);
} else {
if ($flagSupervisor && !empty($aProcesses)) {
$criteria->add(AppCacheViewPeer::PRO_UID, $aProcesses, Criteria::IN);
if ($flagSupervisor && !empty($listProcess)) {
$criteria->add(AppCacheViewPeer::PRO_UID, $listProcess, Criteria::IN);
}
}
@@ -576,7 +533,8 @@ class AppCacheView extends BaseAppCacheView
*/
public function getToRevise($userUid, $doCount)
{
$aProcesses = $this->getProUidSupervisor($userUid, $doCount);
$processUser = new ProcessUser();
$listProcess = $processUser->getProUidSupervisor($userUid);
if ($doCount && !isset($this->confCasesList['PMTable']) && !empty($this->confCasesList['PMTable'])) {
$c = new Criteria('workflow');
@@ -584,7 +542,7 @@ class AppCacheView extends BaseAppCacheView
$c = $this->addPMFieldsToCriteria('todo');
}
$c->add(AppCacheViewPeer::PRO_UID, $aProcesses, Criteria::IN);
$c->add(AppCacheViewPeer::PRO_UID, $listProcess, Criteria::IN);
$c->add(AppCacheViewPeer::APP_STATUS, 'TO_DO');
$c->add(AppCacheViewPeer::DEL_FINISH_DATE, null, Criteria::ISNULL);
$c->add(AppCacheViewPeer::APP_THREAD_STATUS, 'OPEN');
@@ -1168,9 +1126,10 @@ class AppCacheView extends BaseAppCacheView
GLOBAL $RBAC;
$aUser = $RBAC->userObj->load( $_SESSION['USER_LOGGED'] );
$aProcesses = $this->getProUidSupervisor($aUser['USR_UID']);
$processUser = new ProcessUser();
$listProcess = $processUser->getProUidSupervisor($aUser['USR_UID']);
$criteria = $this->getToReassign($userUid, true);
$criteria->add(AppCacheViewPeer::PRO_UID, $aProcesses, Criteria::IN);
$criteria->add(AppCacheViewPeer::PRO_UID, $listProcess, Criteria::IN);
return $criteria;
}
@@ -1183,9 +1142,10 @@ class AppCacheView extends BaseAppCacheView
GLOBAL $RBAC;
$aUser = $RBAC->userObj->load( $_SESSION['USER_LOGGED'] );
$aProcesses = $this->getProUidSupervisor($aUser['USR_UID']);
$processUser = new ProcessUser();
$listProcess = $processUser->getProUidSupervisor($aUser['USR_UID']);
$criteria = $this->getToReassign($userUid, false);
$criteria->add(AppCacheViewPeer::PRO_UID, $aProcesses, Criteria::IN);
$criteria->add(AppCacheViewPeer::PRO_UID, $listProcess, Criteria::IN);
return $criteria;
}

38
workflow/engine/classes/model/ListInbox.php
View File

@@ -2,6 +2,7 @@
require_once 'classes/model/om/BaseListInbox.php';
use ProcessMaker\BusinessModel\Cases as BmCases;
use ProcessMaker\BusinessModel\User as BmUser;
/**
* Skeleton subclass for representing a row from the 'LIST_INBOX' table.
@@ -417,12 +418,24 @@ class ListInbox extends BaseListInbox implements ListInterface
break;
case 'to_revise':
$criteria->add(ListInboxPeer::APP_STATUS, 'TO_DO', Criteria::EQUAL);
$oAppCache = new AppCacheView();
$aProcesses = $oAppCache->getProUidSupervisor($usrUid);
$criteria->add(ListInboxPeer::PRO_UID, $aProcesses, Criteria::IN);
$processUser = new ProcessUser();
$listProcess = $processUser->getProUidSupervisor($usrUid);
$criteria->add(ListInboxPeer::PRO_UID, $listProcess, Criteria::IN);
break;
case 'to_reassign':
global $RBAC;
$criteria->add(ListInboxPeer::APP_STATUS, 'TO_DO', Criteria::EQUAL);
$user = new BmUser();
$listProcess = $user->getProcessToReassign(['PM_REASSIGNCASE','PM_REASSIGNCASE_SUPERVISOR']);
//If is not a supervisor and does not have the permission for view all cases we can not list cases
//If is a supervisor, we can list only his processes
if (
(empty($listProcess) && $RBAC->userCanAccess('PM_REASSIGNCASE') !== 1) ||
(is_array($listProcess) && count($listProcess) > 0)
) {
$criteria->add(ListInboxPeer::PRO_UID, $listProcess, Criteria::IN);
}
if ($usrUid !== '') {
$criteria->add(ListInboxPeer::USR_UID, $usrUid, Criteria::EQUAL);
}
@@ -617,6 +630,15 @@ class ListInbox extends BaseListInbox implements ListInterface
return $data;
}
/**
* This function get the TAS_PRIORITY_VARIABLE related to the task
*
* @param string $taskUid
* @param string $proUid
* @param string $appUid
*
* @return integer
*/
public function getTaskPriority($taskUid, $proUid, $appUid)
{
$criteria = new Criteria();
@@ -639,6 +661,14 @@ class ListInbox extends BaseListInbox implements ListInterface
return $priority != "" ? $priority : 3;
}
/**
* This function get the TAS_PRIORITY_VARIABLE related to the task
*
* @param array $filters
* @param string $fieldName
*
* @return mixed null|string
*/
public function getAppDelegationInfo($filters, $fieldName)
{
$criteria = new Criteria();
@@ -655,8 +685,10 @@ class ListInbox extends BaseListInbox implements ListInterface
/**
* Returns the number of cases of a user
*
* @param string $usrUid
* @param array $filters
*
* @return int
*/
public function getCountList($usrUid, $filters = array())

53
workflow/engine/classes/model/ProcessUser.php
View File

@@ -4,9 +4,6 @@
* @package workflow.engine.classes.model
*/
//require_once 'classes/model/om/BaseProcessUser.php';
/**
* Skeleton subclass for representing a row from the 'PROCESS_USER' table.
*
@@ -127,5 +124,55 @@ class ProcessUser extends BaseProcessUser
throw ($oError);
}
}
/**
* Get the list of process where the user is supervisor
* finding cases PRO_UID where $userUid is supervising
*
* @param string $userUid
*
* @return array
* @throws Exception
*/
public function getProUidSupervisor($userUid)
{
try {
$processes = [];
//Get the process when the user is supervisor
$criteria = new Criteria('workflow');
$criteria->add(ProcessUserPeer::PU_TYPE, 'SUPERVISOR');
$criteria->add(ProcessUserPeer::USR_UID, $userUid);
$dataset = ProcessUserPeer::doSelectRS($criteria);
$dataset->setFetchmode(ResultSet::FETCHMODE_ASSOC);
$dataset->next();
while ($row = $dataset->getRow()) {
$processes[] = $row['PRO_UID'];
$dataset->next();
}
//Get the process when the user is assigned into the group supervisor
$criteria = new Criteria('workflow');
$criteria->add(ProcessUserPeer::PU_TYPE, 'GROUP_SUPERVISOR');
$criteria->addSelectColumn(ProcessUserPeer::PRO_UID);
$criteria->addJoin(ProcessUserPeer::USR_UID, GroupUserPeer::GRP_UID, Criteria::LEFT_JOIN);
$criteria->add(GroupUserPeer::USR_UID, $userUid);
$dataset = ProcessUserPeer::doSelectRS($criteria);
$dataset->setFetchmode(ResultSet::FETCHMODE_ASSOC);
$dataset->next();
while ($row = $dataset->getRow()) {
$processes[] = $row['PRO_UID'];
$dataset->next();
}
return $processes;
} catch (Exception $e) {
throw $e;
}
}
}

41
workflow/engine/methods/cases/ajaxListener.php
View File

@@ -1,41 +1,7 @@
<?php
/**
* cases/ajaxListener.php Ajax Listener for Cases rpc requests
*
* ProcessMaker Open Source Edition
* Copyright (C) 2004 - 2008 Colosa Inc.23
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License as
* published by the Free Software Foundation, either version 3 of the
* License, or (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*
* For more information, contact Colosa Inc, 2566 Le Jeune Rd.,
* Coral Gables, FL, 33134, USA, or email info@colosa.com.
*/
use ProcessMaker\Plugins\PluginRegistry;
/**
*
* @author Erik Amaru Ortiz <erik@colosa.com>
* @date Jan 3th, 2010
*/
//require_once 'classes/model/Application.php';
//require_once 'classes/model/Users.php';
//require_once 'classes/model/AppThread.php';
//require_once 'classes/model/AppDelay.php';
//require_once 'classes/model/Process.php';
//require_once 'classes/model/Task.php';
if (!isset($_SESSION['USER_LOGGED'])) {
$responseObject = new stdclass();
$responseObject->error = G::LoadTranslation('ID_LOGIN_AGAIN');
@@ -45,7 +11,6 @@ if (!isset($_SESSION['USER_LOGGED'])) {
die();
}
$filter = new InputFilter();
$_REQUEST = $filter->xssFilterHard($_REQUEST);
$_POST = $filter->xssFilterHard($_POST);
@@ -68,9 +33,9 @@ if(isset($_REQUEST['action']) && $_REQUEST['action'] == "verifySession" ) {
} elseif ($RBAC->userCanAccess('PM_REASSIGNCASE_SUPERVISOR') == 1) {
$response->reassigncase = false;
$response->message = G::LoadTranslation('ID_NOT_ABLE_REASSIGN');
$oAppCache = new AppCacheView();
$aProcesses = $oAppCache->getProUidSupervisor($_SESSION['USER_LOGGED']);
if(in_array($_SESSION['PROCESS'], $aProcesses)){
$processUser = new ProcessUser();
$listProcess = $processUser->getProUidSupervisor($_SESSION['USER_LOGGED']);
if (in_array($_SESSION['PROCESS'], $listProcess)) {
$response->reassigncase = true;
}
}

109
workflow/engine/methods/cases/casesList_Ajax.php
View File

@@ -6,28 +6,6 @@ if (!isset($_SESSION['USER_LOGGED'])) {
print G::json_encode($response);
die();
}
/**
* casesList_Ajax.php
*
* ProcessMaker Open Source Edition
* Copyright (C) 2004 - 2008 Colosa Inc.
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License as
* published by the Free Software Foundation, either version 3 of the
* License, or (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*
* For more information, contact Colosa Inc, 2566 Le Jeune Rd.,
* Coral Gables, FL, 33134, USA, or email info@colosa.com.
*/
$actionAjax = isset($_REQUEST['actionAjax']) ? $_REQUEST['actionAjax'] : null;
@@ -39,13 +17,14 @@ function filterUserListArray($users = array(), $filter = '')
$filteredUsers[] = $user;
}
}
return $filteredUsers;
}
//Load the suggest list of users
if ($actionAjax == "userValues") {
$action = isset( $_REQUEST['action'] ) ? $_REQUEST['action'] : null;
$query = isset( $_REQUEST['query'] ) ? $_REQUEST['query'] : null;
$action = isset($_REQUEST['action']) ? $_REQUEST['action'] : null;
$query = isset($_REQUEST['query']) ? $_REQUEST['query'] : null;
$conf = new Configurations();
$confEnvSetting = $conf->getFormats();
@@ -69,8 +48,8 @@ if ($actionAjax == "userValues") {
if (!is_null($query)) {
$filters = $cUsers->getNewCriterion(UsersPeer::USR_FIRSTNAME, '%' . $query . '%', Criteria::LIKE)->addOr(
$cUsers->getNewCriterion(UsersPeer::USR_LASTNAME, '%' . $query . '%', Criteria::LIKE)->addOr(
$cUsers->getNewCriterion(UsersPeer::USR_USERNAME, '%' . $query . '%', Criteria::LIKE)));
$cUsers->addOr($filters);
$cUsers->getNewCriterion(UsersPeer::USR_USERNAME, '%' . $query . '%', Criteria::LIKE)));
$cUsers->addOr($filters);
}
$cUsers->setLimit(20);
$cUsers->addAscendingOrderByColumn(UsersPeer::TABLE_NAME . "." . $conf->userNameFormatGetFirstFieldByUsersTable());
@@ -79,7 +58,8 @@ if ($actionAjax == "userValues") {
while ($oDataset->next()) {
$row = $oDataset->getRow();
$usrFullName = $conf->usersNameFormatBySetParameters($confEnvSetting["format"], $row["USR_USERNAME"], $row["USR_FIRSTNAME"], $row["USR_LASTNAME"]);
$usrFullName = $conf->usersNameFormatBySetParameters($confEnvSetting["format"], $row["USR_USERNAME"],
$row["USR_FIRSTNAME"], $row["USR_LASTNAME"]);
if ($action === 'search') {
//Only for the advanced search we used the USR_ID column
$users[] = array("USR_UID" => $row["USR_ID"], "USR_FULLNAME" => $usrFullName);
@@ -87,6 +67,7 @@ if ($actionAjax == "userValues") {
$users[] = array("USR_UID" => $row["USR_UID"], "USR_FULLNAME" => $usrFullName);
}
}
return print G::json_encode($users);
}
@@ -126,18 +107,18 @@ if ($actionAjax == "processListExtJs") {
$cProcess->addAnd($filters);
}
if ($action==='to_revise') {
$oAppCache = new AppCacheView();
$aProcesses = $oAppCache->getProUidSupervisor($_SESSION['USER_LOGGED']);
$cProcess->add(ProcessPeer::PRO_UID, $aProcesses, Criteria::IN);
if ($action === 'to_revise') {
$processUser = new ProcessUser();
$listProcess = $processUser->getProUidSupervisor($_SESSION['USER_LOGGED']);
$cProcess->add(ProcessPeer::PRO_UID, $listProcess, Criteria::IN);
}
if ($action==='to_reassign') {
if ($action === 'to_reassign') {
if ($RBAC->userCanAccess('PM_REASSIGNCASE') == 1) {
} elseif ($RBAC->userCanAccess('PM_REASSIGNCASE_SUPERVISOR') == 1) {
$oAppCache = new AppCacheView();
$aProcesses = $oAppCache->getProUidSupervisor($_SESSION['USER_LOGGED']);
$cProcess->add(ProcessPeer::PRO_UID, $aProcesses, Criteria::IN);
$processUser = new ProcessUser();
$listProcess = $processUser->getProUidSupervisor($_SESSION['USER_LOGGED']);
$cProcess->add(ProcessPeer::PRO_UID, $listProcess, Criteria::IN);
}
}
@@ -153,6 +134,7 @@ if ($actionAjax == "processListExtJs") {
}
$processes[] = $aRow;
}
return print G::json_encode($processes);
}
@@ -161,7 +143,7 @@ if ($actionAjax == "verifySession") {
$response = new stdclass();
$response->message = G::LoadTranslation('ID_LOGIN_AGAIN');
$response->lostSession = true;
print G::json_encode( $response );
print G::json_encode($response);
die();
} else {
$response = new stdclass();
@@ -174,32 +156,33 @@ if ($actionAjax == "verifySession") {
} elseif ($RBAC->userCanAccess('PM_REASSIGNCASE_SUPERVISOR') == 1) {
$response->reassigncase = true;
$response->message = G::LoadTranslation('ID_NOT_ABLE_REASSIGN');
$oAppCache = new AppCacheView();
$aProcesses = $oAppCache->getProUidSupervisor($_SESSION['USER_LOGGED']);
$response->processeslist = G::json_encode( $aProcesses );
$processUser = new ProcessUser();
$listProcess = $processUser->getProUidSupervisor($_SESSION['USER_LOGGED']);
$response->processeslist = G::json_encode($listProcess);
}
print G::json_encode( $response );
print G::json_encode($response);
die();
}
}
if ($actionAjax == "getUsersToReassign") {
$taskUid = $_POST['taskUid'];
$search = $_POST['search'];
$taskUid = $_POST['taskUid'];
$search = $_POST['search'];
$pageSize = $_POST['pageSize'];
$sortField = (isset($_POST['sort']))? $_POST['sort'] : '';
$sortDir = (isset($_POST['dir']))? $_POST['dir'] : '';
$start = (isset($_POST['start']))? $_POST['start'] : 0;
$limit = (isset($_POST['limit']))? $_POST['limit'] : $pageSize;
$sortField = (isset($_POST['sort'])) ? $_POST['sort'] : '';
$sortDir = (isset($_POST['dir'])) ? $_POST['dir'] : '';
$start = (isset($_POST['start'])) ? $_POST['start'] : 0;
$limit = (isset($_POST['limit'])) ? $_POST['limit'] : $pageSize;
$response = [];
try {
$case = new \ProcessMaker\BusinessModel\Cases();
$result = $case->getUsersToReassign($_SESSION['USER_LOGGED'], $taskUid, ['filter' => $search], $sortField, $sortDir, $start, $limit);
$result = $case->getUsersToReassign($_SESSION['USER_LOGGED'], $taskUid, ['filter' => $search], $sortField,
$sortDir, $start, $limit);
$response['status'] = 'OK';
$response['success'] = true;
@@ -232,9 +215,9 @@ if ($actionAjax == 'reassignCase') {
//Current users of OPEN DEL_INDEX thread
$aCurUser = $oAppDel->getCurrentUsers($APP_UID, $DEL_INDEX);
$flagReassign = true;
if(!empty($aCurUser)){
if (!empty($aCurUser)) {
foreach ($aCurUser as $key => $value) {
if($value === $TO_USR_UID){
if ($value === $TO_USR_UID) {
$flagReassign = false;
}
}
@@ -244,7 +227,7 @@ if ($actionAjax == 'reassignCase') {
}
//If the currentUser is diferent to nextUser, create the thread
if($flagReassign){
if ($flagReassign) {
$cases->reassignCase($_SESSION['APPLICATION'], $_SESSION['INDEX'], $_SESSION['USER_LOGGED'], $TO_USR_UID);
}
@@ -258,11 +241,12 @@ if ($actionAjax == 'reassignCase') {
// Save the note reassign reason
if (isset($_POST['NOTE_REASON']) && $_POST['NOTE_REASON'] !== '') {
require_once ("classes/model/AppNotes.php");
require_once("classes/model/AppNotes.php");
$appNotes = new AppNotes();
$noteContent = addslashes($_POST['NOTE_REASON']);
$notifyReassign = $_POST['NOTIFY_REASSIGN'] === 'true' ? true: false;
$res = $appNotes->postNewNote($_SESSION['APPLICATION'], $_SESSION['USER_LOGGED'], $noteContent, $notifyReassign);
$notifyReassign = $_POST['NOTIFY_REASSIGN'] === 'true' ? true : false;
$res = $appNotes->postNewNote($_SESSION['APPLICATION'], $_SESSION['USER_LOGGED'], $noteContent,
$notifyReassign);
}
} catch (Exception $e) {
$result->status = 1;
@@ -294,10 +278,12 @@ if ($actionAjax == 'showHistoryMessage') {
leimnud.browser = {};
leimnud.browser.isIphone = "";
leimnud.iphone = {};
leimnud.iphone.make = function(){
leimnud.iphone.make = function() {
};
function ajax_function(ajax_server, funcion, parameters, method) {
}
//!
</script>
<?php
@@ -310,7 +296,8 @@ if ($actionAjax == 'showHistoryMessage') {
$G_PUBLISH = new Publisher();
$oCase = new Cases();
$G_PUBLISH->AddContent('xmlform', 'xmlform', 'cases/cases_MessagesView', '', $oCase->getHistoryMessagesTrackerView($_POST['APP_UID'], $_POST['APP_MSG_UID']));
$G_PUBLISH->AddContent('xmlform', 'xmlform', 'cases/cases_MessagesView', '',
$oCase->getHistoryMessagesTrackerView($_POST['APP_UID'], $_POST['APP_MSG_UID']));
?>
@@ -320,7 +307,7 @@ if ($actionAjax == 'showHistoryMessage') {
<?php
global $G_FORM;
?>
function loadForm_<?php echo $G_FORM->id;?>(parametro1){
function loadForm_<?php echo $G_FORM->id;?>(parametro1) {
}
</script>
<?php
@@ -342,6 +329,7 @@ if ($actionAjax == 'showDynaformListHistory') {
html {
color: black !important;
}
body {
color: black !important;
}
@@ -351,6 +339,7 @@ if ($actionAjax == 'showDynaformListHistory') {
raw = raw || false;
hexcase = hexcase || false;
chrsz = chrsz || 8;
function safe_add(x, y) {
var lsw = (x & 0xFFFF) + (y & 0xFFFF);
var msw = (x >> 16) + (y >> 16) + (lsw >> 16);
@@ -505,6 +494,7 @@ if ($actionAjax == 'showDynaformListHistory') {
leimnud.iphone = {};
leimnud.iphone.make = function () {
};
function ajax_function(ajax_server, funcion, parameters, method) {
}
@@ -534,6 +524,7 @@ if ($actionAjax == 'showDynaformListHistory') {
showDynaformHistoryGlobal.tablename = '';
showDynaformHistoryGlobal.dynDate = '';
showDynaformHistoryGlobal.dynTitle = '';
function showDynaformHistory(dynUID, tablename, dynDate, dynTitle) {
showDynaformHistoryGlobal.dynUID = dynUID;
showDynaformHistoryGlobal.tablename = tablename;
@@ -591,8 +582,10 @@ if ($actionAjax == 'dynaformChangeLogViewHistory') {
leimnud.iphone = {};
leimnud.iphone.make = function () {
};
function ajax_function(ajax_server, funcion, parameters, method) {
}
//!
</script>
<?php
@@ -647,8 +640,10 @@ if ($actionAjax == 'historyDynaformGridPreview') {
leimnud.iphone = {};
leimnud.iphone.make = function () {
};
function ajax_function(ajax_server, funcion, parameters, method) {
}
//!
</script>
<?php
@@ -666,7 +661,7 @@ if ($actionAjax == 'historyDynaformGridPreview') {
$Fields['APP_DATA']['__DYNAFORM_OPTIONS']['NEXT_ACTION'] = 'return false;';
$_SESSION['DYN_UID_PRINT'] = $_POST['DYN_UID'];
$G_PUBLISH->AddContent('dynaform', 'xmlform', $_SESSION['PROCESS'] . '/' . $_POST['DYN_UID'], '',
$Fields['APP_DATA'],
$Fields['APP_DATA'],
'', '', 'view');
?>

3
workflow/engine/methods/cases/proxyNewCasesList.php
View File

@@ -30,6 +30,9 @@ try {
$filters['sort'] = G::toUpper($filters['sort']);
$openApplicationUid = (isset($_REQUEST['openApplicationUid']) && $_REQUEST['openApplicationUid'] != '') ? $_REQUEST['openApplicationUid'] : null;
global $RBAC;
$RBAC->allows(basename(__FILE__), $filters['action']);
//Define user when is reassign
if ($filters['action'] == 'to_reassign') {
if ($filters['user'] == '' ) {

23
workflow/engine/src/ProcessMaker/BusinessModel/Cases.php
View File

@@ -27,6 +27,7 @@ use Exception;
use EntitySolrRequestData;
use G;
use Groups;
use GroupUserPeer;
use InvalidIndexSearchTextException;
use ListParticipatedLast;
use PmDynaform;
@@ -36,6 +37,7 @@ use ProcessMaker\BusinessModel\ProcessSupervisor as BmProcessSupervisor;
use ProcessMaker\Core\System;
use ProcessMaker\Plugins\PluginRegistry;
use ProcessMaker\Services\OAuth2\Server;
use ProcessUser;
use ProcessUserPeer;
use ProcessPeer;
use RBAC;
@@ -876,9 +878,8 @@ class Cases
throw (new Exception(G::LoadTranslation("ID_CASE_ALREADY_CANCELED", array($app_uid))));
}
$appCacheView = new AppCacheView();
$arrayProcess = $appCacheView->getProUidSupervisor($usr_uid);
$processUser = new ProcessUser();
$arrayProcess = $processUser->getProUidSupervisor($usr_uid);
$criteria = new Criteria("workflow");
@@ -937,9 +938,8 @@ class Cases
throw (new Exception(G::LoadTranslation("ID_CASE_PAUSED", array($app_uid))));
}
$appCacheView = new AppCacheView();
$arrayProcess = $appCacheView->getProUidSupervisor($usr_uid);
$processUser = new ProcessUser();
$arrayProcess = $processUser->getProUidSupervisor($usr_uid);
$criteria = new Criteria("workflow");
@@ -996,9 +996,8 @@ class Cases
throw (new Exception(G::LoadTranslation("ID_CASE_NOT_PAUSED", array($app_uid))));
}
$appCacheView = new AppCacheView();
$arrayProcess = $appCacheView->getProUidSupervisor($usr_uid);
$processUser = new ProcessUser();
$arrayProcess = $processUser->getProUidSupervisor($usr_uid);
$criteria = new Criteria("workflow");
$criteria->addSelectColumn(AppDelegationPeer::APP_UID);
@@ -1844,15 +1843,15 @@ class Cases
throw new Exception(G::LoadTranslation("ID_CASE_IS_COMPLETED", array($app_uid)));
}
$appCacheView = new AppCacheView();
$isProcessSupervisor = $appCacheView->getProUidSupervisor($usr_uid);
$processUser = new ProcessUser();
$listProcess = $processUser->getProUidSupervisor($usr_uid);
$criteria = new Criteria("workflow");
$criteria->addSelectColumn(AppDelegationPeer::APP_UID);
$criteria->add(AppDelegationPeer::APP_UID, $app_uid, Criteria::EQUAL);
$criteria->add(AppDelegationPeer::USR_UID, $usr_uid, Criteria::EQUAL);
$criteria->add(
$criteria->getNewCriterion(AppDelegationPeer::USR_UID, $usr_uid, Criteria::EQUAL)->addOr(
$criteria->getNewCriterion(AppDelegationPeer::PRO_UID, $isProcessSupervisor, Criteria::IN))
$criteria->getNewCriterion(AppDelegationPeer::PRO_UID, $listProcess, Criteria::IN))
);
$rsCriteria = AppDelegationPeer::doSelectRS($criteria);

6
workflow/engine/src/ProcessMaker/BusinessModel/ProcessSupervisor.php
View File

@@ -1,12 +1,14 @@
<?php
namespace ProcessMaker\BusinessModel;
use G;
use Criteria;
use DynaformPeer;
use Exception;
use G;
use GroupUserPeer;
use ProcessUserPeer;
use ResultSet;
use StepSupervisorPeer;
use Exception;
class ProcessSupervisor
{

51
workflow/engine/src/ProcessMaker/BusinessModel/User.php
View File

@@ -22,9 +22,11 @@ use IsoLocationPeer;
use IsoSubdivisionPeer;
use ListParticipatedLast;
use PMmemcached;
use ProcessMaker\BusinessModel\ProcessSupervisor as BmProcessSupervisor;
use ProcessMaker\Plugins\PluginRegistry;
use ProcessMaker\Util\DateTime;
use ProcessMaker\Util\System;
use ProcessUser;
use Propel;
use RBAC;
use RbacUsers;
@@ -1713,4 +1715,53 @@ class User
return $dataUsers;
}
/**
* This function get the list of process that the user can reassign
* If the user has the permission PM_REASSIGNCASE can reassign any process
* If the user has the permission PM_REASSIGNCASE_SUPERVISOR can reassign only their processes
*
* @param array $listPermissions
*
* @return mixed array|null where:
* Array empty if he can reassign any process
* List of processes that he can reassign
* Will be return null if can not reassign
*/
public function getProcessToReassign($listPermissions = [])
{
global $RBAC;
$processes = [];
if (in_array('PM_REASSIGNCASE', $listPermissions) && $RBAC->userCanAccess('PM_REASSIGNCASE') === 1){
//The user can reassign any process
return $processes;
} elseif (in_array('PM_REASSIGNCASE_SUPERVISOR', $listPermissions) && $RBAC->userCanAccess('PM_REASSIGNCASE_SUPERVISOR') === 1){
$userLogged = $RBAC->aUserInfo['USER_INFO']['USR_UID'];
$processUser = new ProcessUser();
$processes = $processUser->getProUidSupervisor($userLogged);
//The user can reassign only their processes
return $processes;
} else {
return null;
}
}
/**
* This function review if the user can reassign cases
*
* @param string $usrUid
* @param string $proUid
*
* @return boolean
*/
public function userCanReassign($usrUid, $proUid)
{
if ($this->checkPermission($usrUid, 'PM_REASSIGNCASE')) {
return true;
} elseif ($this->checkPermission($usrUid, 'PM_REASSIGNCASE_SUPERVISOR')) {
$processSupervisor = new BmProcessSupervisor();
$isSupervisor = $processSupervisor->isUserProcessSupervisor($proUid, $usrUid);
return $isSupervisor;
}
}
}

26
workflow/engine/src/ProcessMaker/Services/Api/Cases.php
View File

@@ -92,22 +92,15 @@ class Cases extends Api
//Check if the user is supervisor process
$case = new BmCases();
$user = new BmUser();
$count = 0;
foreach ($arrayParameters as $value) {
$arrayApplicationData = $case->getApplicationRecordByPk($value['APP_UID'], [], false);
if (!empty($arrayApplicationData)) {
if (!$user->checkPermission($usrUid, 'PM_REASSIGNCASE')) {
if ($user->checkPermission($usrUid, 'PM_REASSIGNCASE_SUPERVISOR')) {
$supervisor = new BmProcessSupervisor();
$flagps = $supervisor->isUserProcessSupervisor($arrayApplicationData['PRO_UID'], $usrUid);
if (!$flagps) {
$count = $count + 1;
}
}
$canReassign = $user->userCanReassign($usrUid, $arrayApplicationData['PRO_UID']);
if (!$canReassign) {
//We count when the user is not supervisor to the process
$count = $count + 1;
}
}
}
@@ -116,6 +109,15 @@ class Cases extends Api
return true;
}
break;
case 'doPutReassignCase':
$appUid = $this->parameters[$arrayArgs['app_uid']];
$usrUid = $this->getUserId();
$case = new BmCases();
$user = new BmUser();
$arrayApplicationData = $case->getApplicationRecordByPk($appUid, [], false);
return $user->userCanReassign($usrUid, $arrayApplicationData['PRO_UID']);
break;
case "doGetCaseInfo" :
$appUid = $this->parameters[$arrayArgs['app_uid']];
$usrUid = $this->getUserId();
@@ -838,7 +840,7 @@ class Cases extends Api
* @throws RestException
*
* @access protected
* @class AccessControl {@permission PM_REASSIGNCASE,PM_REASSIGNCASE_SUPERVISOR}
* @class AccessControl {@className \ProcessMaker\Services\Api\Cases}
*/
public function doPutReassignCase($app_uid, $usr_uid_source, $usr_uid_target, $del_index = null)
{