fernando/luos
1
0
Fork 0
Code Releases Activity

Merge pull request #1944 from hector-cortez/BUG-12374

Browse Source 
BUG 12374 Un usuario NO Administrador pero con permisos de PM_USERS... SOLVED
This commit is contained in:
julceslauhub
2013-07-31 13:09:19 -07:00
parent a91e0f3727 6517c3ff08
commit 38a9ed98ba
2 changed files with 69 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

16
workflow/engine/methods/users/usersAjax.php Normal file → Executable file
View File

@@ -101,6 +101,16 @@ switch ($_POST['action']) {
} }
print (G::json_encode($oData)); print (G::json_encode($oData));
break; break;
case 'getUserLogedRole':
require_once 'classes/model/Users.php';
$oUser = new Users();
$aUserLog = $oUser->loadDetailed($_SESSION['USER_LOGGED']);
print (G::json_encode(array(
'USR_UID' => $aUserLog['USR_UID'],
'USR_USERNAME' => $aUserLog['USR_USERNAME'],
'USR_ROLE' => $aUserLog['USR_ROLE']
)));
break;
case 'saveUser': case 'saveUser':
try { try {
$form = $_POST; $form = $_POST;
@@ -478,6 +488,12 @@ switch ($_POST['action']) {
} }
} }
require_once 'classes/model/Users.php';
$oUser = new Users();
$aUserLog = $oUser->loadDetailed($_SESSION['USER_LOGGED']);
$aFields['USER_LOGGED_NAME'] = $aUserLog['USR_USERNAME'];
$aFields['USER_LOGGED_ROLE'] = $aUserLog['USR_ROLE'];
$aFields['CASES_MENUSELECTED_NAME'] = $casesMenuSelected; $aFields['CASES_MENUSELECTED_NAME'] = $casesMenuSelected;
$result->success = true; $result->success = true;

52
workflow/engine/templates/users/users.js Normal file → Executable file
View File

@@ -33,6 +33,9 @@ var canEdit = true;
var flagPoliciesPassword = false; var flagPoliciesPassword = false;
var flagValidateUsername = false; var flagValidateUsername = false;
//var rendeToPage='document.body'; //var rendeToPage='document.body';
var userRoleLoad = '';
var PROCESSMAKER_ADMIN = 'PROCESSMAKER_ADMIN';
global.IC_UID = ''; global.IC_UID = '';
global.IS_UID = ''; global.IS_UID = '';
@@ -1079,6 +1082,7 @@ function userFrmEditSubmit()
}); });
} }
function saveUser() function saveUser()
{ {
if (Ext.getCmp('USR_USERNAME').getValue() != '') { if (Ext.getCmp('USR_USERNAME').getValue() != '') {
@@ -1097,7 +1101,7 @@ function saveUser()
} }
if (USR_UID == '00000000000000000000000000000001') { if (USR_UID == '00000000000000000000000000000001') {
if (Ext.getCmp('USR_ROLE').getValue() != 'PROCESSMAKER_ADMIN') { if (Ext.getCmp('USR_ROLE').getValue() != PROCESSMAKER_ADMIN) {
Ext.Msg.alert( _('ID_ERROR'), _('ID_ADMINISTRATOR_ROLE_CANT_CHANGED')); Ext.Msg.alert( _('ID_ERROR'), _('ID_ADMINISTRATOR_ROLE_CANT_CHANGED'));
return false; return false;
} }
@@ -1138,7 +1142,29 @@ function saveUser()
var dataRespuesta = Ext.util.JSON.decode(response.responseText); var dataRespuesta = Ext.util.JSON.decode(response.responseText);
if (dataRespuesta.result == "OK") { if (dataRespuesta.result == "OK") {
Ext.Ajax.request({
url: "usersAjax",
method: "POST",
params: {
action: "getUserLogedRole"
},
success: function (response, opts) {
var dataRetval = Ext.util.JSON.decode(response.responseText);
if (typeof(userRoleLoad) != 'undefined') {
if (Ext.getCmp('USR_ROLE').getValue() != userRoleLoad ) {
if (dataRetval.USR_ROLE != PROCESSMAKER_ADMIN && Ext.getCmp('USR_ROLE').getValue() == PROCESSMAKER_ADMIN) {
Ext.Msg.alert( _('ID_ERROR'), dataRetval.USR_USERNAME + ' ' + _('ID_USER_ROLE_CANT_CHANGED_TO_ADMINISTRATOR'));
return false;
} else {
userFrmEditSubmit(); userFrmEditSubmit();
}
}
}
},
failure: function (response, opts) {
}
});
} else { } else {
Ext.MessageBox.alert(_("ID_ERROR"), _("ID_PASSWORD_CURRENT_INCORRECT")); Ext.MessageBox.alert(_("ID_ERROR"), _("ID_PASSWORD_CURRENT_INCORRECT"));
} }
@@ -1150,9 +1176,30 @@ function saveUser()
} else { } else {
Ext.MessageBox.alert(_("ID_ERROR"), _("ID_PASSWORD_CURRENT_ENTER")); Ext.MessageBox.alert(_("ID_ERROR"), _("ID_PASSWORD_CURRENT_ENTER"));
} }
} else {
Ext.Ajax.request({
url: "usersAjax",
method: "POST",
params: {
action: "getUserLogedRole"
},
success: function (response, opts) {
var dataRetval = Ext.util.JSON.decode(response.responseText);
if (typeof(userRoleLoad) != 'undefined') {
if (Ext.getCmp('USR_ROLE').getValue() != userRoleLoad ) {
if (dataRetval.USR_ROLE != PROCESSMAKER_ADMIN && Ext.getCmp('USR_ROLE').getValue() == PROCESSMAKER_ADMIN) {
Ext.Msg.alert( _('ID_ERROR'), dataRetval.USR_USERNAME + ' ' + _('ID_USER_ROLE_CANT_CHANGED_TO_ADMINISTRATOR'));
return false;
} else { } else {
userFrmEditSubmit(); userFrmEditSubmit();
} }
}
}
},
failure: function (response, opts) {
}
});
}
} else { } else {
Ext.Msg.alert(_('ID_ERROR'), _('ID_PASSWORDS_DONT_MATCH')); Ext.Msg.alert(_('ID_ERROR'), _('ID_PASSWORDS_DONT_MATCH'));
@@ -1162,6 +1209,7 @@ function saveUser()
//Load data //Load data
function loadData() function loadData()
{ {
comboCountry.store.load(); comboCountry.store.load();
@@ -1250,6 +1298,8 @@ function loadUserData()
// //
} }
userRoleLoad = data.user.USR_ROLE;
comboCountry.store.on("load", function(store) { comboCountry.store.on("load", function(store) {
comboCountry.setValue(data.user.USR_COUNTRY); comboCountry.setValue(data.user.USR_COUNTRY);
}); });