diff --git a/workflow/engine/classes/class.case.php b/workflow/engine/classes/class.case.php index 4feec1018..a53bef2f5 100644 --- a/workflow/engine/classes/class.case.php +++ b/workflow/engine/classes/class.case.php @@ -5788,8 +5788,8 @@ class Cases * @param string $tasUid * @param string $usrUid * @param string $action some action [VIEW, BLOCK, RESEND] - * @param string $delIndex - * @return Array within all user permitions all objects' types + * @param integer $delIndex + * @return array within all user permissions all objects' types */ public function getAllObjectsFrom($proUid, $appUid, $tasUid = '', $usrUid = '', $action = '', $delIndex = 0) { @@ -5808,6 +5808,7 @@ class Cases $result = array( "DYNAFORM" => array(), "INPUT" => array(), + "ATTACHMENT" => array(), "OUTPUT" => array(), "CASES_NOTES" => 0, "MSGS_HISTORY" => array() @@ -5878,6 +5879,15 @@ class Cases $opObjUid, $aCase['APP_STATUS'] ); + //For Attachment + $result['ATTACHMENT'] = $oObjectPermission->objectPermissionByOutputInput( + $appUid, + $proUid, + $opTaskSource, + 'ATTACHED', + $opObjUid, + $aCase['APP_STATUS'] + ); $result['CASES_NOTES'] = 1; /*----------------------------------********---------------------------------*/ @@ -5914,6 +5924,16 @@ class Cases $aCase['APP_STATUS'] ); break; + case 'ATTACHMENT': + $result['ATTACHMENT'] = $oObjectPermission->objectPermissionByOutputInput( + $appUid, + $proUid, + $opTaskSource, + 'ATTACHED', + $opObjUid, + $aCase['APP_STATUS'] + ); + break; case 'OUTPUT': $result['OUTPUT'] = $oObjectPermission->objectPermissionByOutputInput( $appUid, @@ -5948,9 +5968,10 @@ class Cases } } - return Array( + return array( "DYNAFORMS" => $result['DYNAFORM'], "INPUT_DOCUMENTS" => $result['INPUT'], + "ATTACHMENTS" => $result['ATTACHMENT'], "OUTPUT_DOCUMENTS" => $result['OUTPUT'], "CASES_NOTES" => $result['CASES_NOTES'], "MSGS_HISTORY" => $result['MSGS_HISTORY'] diff --git a/workflow/engine/classes/model/AppDocument.php b/workflow/engine/classes/model/AppDocument.php index 7e9eb6075..0ab9ce0a1 100644 --- a/workflow/engine/classes/model/AppDocument.php +++ b/workflow/engine/classes/model/AppDocument.php @@ -547,6 +547,7 @@ class AppDocument extends BaseAppDocument */ public function canDownloadInput($user, $appDocUid, $version) { + //Check if the the requester is the owner in the file $oCriteria = new Criteria('workflow'); $oCriteria->addSelectColumn(AppDocumentPeer::APP_UID); $oCriteria->addJoin(AppDocumentPeer::DOC_UID, InputDocumentPeer::INP_DOC_UID, Criteria::LEFT_JOIN); @@ -560,11 +561,11 @@ class AppDocument extends BaseAppDocument if ($dataset->getRow()) { return true; } else { + //Review if is a INPUT or ATTACHED $oCriteria = new Criteria("workflow"); $oCriteria->addSelectColumn(AppDocumentPeer::APP_UID); $oCriteria->addSelectColumn(AppDocumentPeer::DOC_UID); - $oCriteria->addSelectColumn(InputDocumentPeer::PRO_UID); - $oCriteria->addJoin(AppDocumentPeer::DOC_UID, InputDocumentPeer::INP_DOC_UID, Criteria::LEFT_JOIN); + $oCriteria->addSelectColumn(AppDocumentPeer::APP_DOC_TYPE); $oCriteria->add(AppDocumentPeer::APP_DOC_UID, $appDocUid); $oCriteria->add(AppDocumentPeer::DOC_VERSION, $version); $oCriteria->setLimit(1); @@ -572,28 +573,56 @@ class AppDocument extends BaseAppDocument $dataset->setFetchmode(ResultSet::FETCHMODE_ASSOC); $dataset->next(); $row = $dataset->getRow(); - $cases = new \ProcessMaker\BusinessModel\Cases(); - $userAuthorization = $cases->userAuthorization( - $user, - $row['PRO_UID'], - $row['APP_UID'], - array(), - array('INPUT_DOCUMENTS' => 'VIEW') - ); - - if (in_array($appDocUid, $userAuthorization['objectPermissions']['INPUT_DOCUMENTS'])) { - return true; - } - - if ($userAuthorization['supervisor']) { - $criteria = new Criteria("workflow"); - $criteria->addSelectColumn(StepSupervisorPeer::STEP_UID); - $criteria->add(StepSupervisorPeer::STEP_TYPE_OBJ, "INPUT_DOCUMENT", \Criteria::EQUAL); - $criteria->add(StepSupervisorPeer::STEP_UID_OBJ, $row['DOC_UID'], \Criteria::EQUAL); - $rsCriteria = StepSupervisorPeer::doSelectRS($criteria); - if ($rsCriteria->next()) { + if ($row['DOC_UID'] == '-1') { + //If is an attached we only verify if is a supervisor in the process + $appUid = $row['APP_UID']; + $oApplication = new Application(); + $aColumns = $oApplication->Load($appUid); + $cases = new \ProcessMaker\BusinessModel\Cases(); + $userAuthorization = $cases->userAuthorization( + $user, + $aColumns['PRO_UID'], + $appUid, + array(), + array('ATTACHMENTS' => 'VIEW') + ); + //Has permissions? + if (in_array($appDocUid, $userAuthorization['objectPermissions']['ATTACHMENTS'])) { return true; } + //Is supervisor? + if ($userAuthorization['supervisor']) { + return true; + } + } else { + //If is an file related an input document, we will check if the user is a supervisor or has permissions + $appUid = $row['APP_UID']; + $oInputDoc = new InputDocument(); + $aColumns = $oInputDoc->Load($row['DOC_UID']); + $cases = new \ProcessMaker\BusinessModel\Cases(); + $userAuthorization = $cases->userAuthorization( + $user, + $aColumns['PRO_UID'], + $appUid, + array(), + array('INPUT_DOCUMENTS' => 'VIEW') + ); + //Has permissions? + if (in_array($appDocUid, $userAuthorization['objectPermissions']['INPUT_DOCUMENTS'])) { + return true; + } + //Is supervisor? + if ($userAuthorization['supervisor']) { + //Review if the supervisor has assigned the object input document + $criteria = new Criteria("workflow"); + $criteria->addSelectColumn(StepSupervisorPeer::STEP_UID); + $criteria->add(StepSupervisorPeer::STEP_TYPE_OBJ, "INPUT_DOCUMENT", \Criteria::EQUAL); + $criteria->add(StepSupervisorPeer::STEP_UID_OBJ, $row['DOC_UID'], \Criteria::EQUAL); + $rsCriteria = StepSupervisorPeer::doSelectRS($criteria); + if ($rsCriteria->next()) { + return true; + } + } } } return false; diff --git a/workflow/engine/classes/model/ObjectPermission.php b/workflow/engine/classes/model/ObjectPermission.php index f50a77b04..04af9b9fe 100644 --- a/workflow/engine/classes/model/ObjectPermission.php +++ b/workflow/engine/classes/model/ObjectPermission.php @@ -383,10 +383,10 @@ class ObjectPermission extends BaseObjectPermission } switch ($obType) { case 'INPUT': - $oCriteria->add( - $oCriteria->getNewCriterion(AppDocumentPeer::APP_DOC_TYPE, 'INPUT')-> - addOr($oCriteria->getNewCriterion(AppDocumentPeer::APP_DOC_TYPE, 'ATTACHED')) - ); + $oCriteria->add(AppDocumentPeer::APP_DOC_TYPE, 'INPUT'); + break; + case 'ATTACHED': + $oCriteria->add(AppDocumentPeer::APP_DOC_TYPE, 'ATTACHED'); break; case 'OUTPUT': $oCriteria->add(AppDocumentPeer::APP_DOC_TYPE, 'OUTPUT'); @@ -399,9 +399,6 @@ class ObjectPermission extends BaseObjectPermission $result = array(); while ($oDataset->next()) { $aRow = $oDataset->getRow(); - if ($aRow['APP_DOC_TYPE'] == "ATTACHED") { - $aRow['APP_DOC_TYPE'] = "INPUT"; - } if (!in_array($aRow['APP_DOC_UID'], $result)) { array_push($result, $aRow['APP_DOC_UID']); } diff --git a/workflow/engine/src/ProcessMaker/BusinessModel/ProcessPermissions.php b/workflow/engine/src/ProcessMaker/BusinessModel/ProcessPermissions.php index a5de78aa1..0a61b4eb4 100644 --- a/workflow/engine/src/ProcessMaker/BusinessModel/ProcessPermissions.php +++ b/workflow/engine/src/ProcessMaker/BusinessModel/ProcessPermissions.php @@ -1,6 +1,7 @@ - * @copyright Colosa - Bolivia * * @return void + * @throws Exception */ - - public function saveProcessPermission($data, $op_uid = '') + public function saveProcessPermission($data, $opUid = '') { try { $data = array_change_key_case($data, CASE_UPPER); $this->validateProUid($data['PRO_UID']); - if ($op_uid != '') { - $op_uid = $this->validateOpUid($op_uid); + if ($opUid != '') { + $opUid = $this->validateOpUid($opUid); } if ($data['OP_USER_RELATION'] == "1") { $this->validateUsrUid($data['USR_UID']); @@ -257,6 +256,9 @@ class ProcessPermissions } $sObjectUID = $data['DYNAFORMS']; break; + case 'ATTACHED': + $sObjectUID = ''; + break; case 'INPUT': $data['INPUTS'] = $data['INPUTS'] == 0 ? '': $data['INPUTS']; if ($data['INPUTS'] != '') { @@ -273,11 +275,11 @@ class ProcessPermissions break; } $oOP = new \ObjectPermission(); - $permissionUid = ($op_uid != '') ? $op_uid : G::generateUniqueID(); + $permissionUid = ($opUid != '') ? $opUid : G::generateUniqueID(); $data['OP_UID'] = $permissionUid; $data['OP_OBJ_UID'] = $sObjectUID; - if ($op_uid == '') { + if ($opUid == '') { $oOP->fromArray( $data, \BasePeer::TYPE_FIELDNAME ); $oOP->save(); $daraRes = $oOP->load($permissionUid); diff --git a/workflow/engine/src/ProcessMaker/Services/Api/Project/ProcessPermissions.php b/workflow/engine/src/ProcessMaker/Services/Api/Project/ProcessPermissions.php index e73247e51..974f18116 100644 --- a/workflow/engine/src/ProcessMaker/Services/Api/Project/ProcessPermissions.php +++ b/workflow/engine/src/ProcessMaker/Services/Api/Project/ProcessPermissions.php @@ -65,7 +65,7 @@ class ProcessPermissions extends Api * @param string $op_user_relation {@from body} {@choice 1,2} * @param string $op_case_status {@from body} {@choice ALL,DRAFT,TO_DO,PAUSED,COMPLETED} * @param string $op_participate {@from body} {@choice 0,1} - * @param string $op_obj_type {@from body} {@choice ANY,DYNAFORM,INPUT,OUTPUT,CASES_NOTES,MSGS_HISTORY,SUMMARY_FORM} + * @param string $op_obj_type {@from body} {@choice ANY,DYNAFORM,ATTACHMENT,INPUT,OUTPUT,CASES_NOTES,MSGS_HISTORY,SUMMARY_FORM} * @param string $op_action {@from body} {@choice VIEW,BLOCK,DELETE,RESEND} * @param string $tas_uid {@from body} * @param string $op_task_source {@from body} @@ -123,7 +123,7 @@ class ProcessPermissions extends Api * @param string $op_user_relation {@from body} {@choice 1,2} * @param string $op_case_status {@from body} {@choice ALL,DRAFT,TO_DO,PAUSED,COMPLETED} * @param string $op_participate {@from body} {@choice 0,1} - * @param string $op_obj_type {@from body} {@choice ANY,DYNAFORM,INPUT,OUTPUT,CASES_NOTES,MSGS_HISTORY,SUMMARY_FORM} + * @param string $op_obj_type {@from body} {@choice ANY,DYNAFORM,ATTACHMENT,INPUT,OUTPUT,CASES_NOTES,MSGS_HISTORY,SUMMARY_FORM} * @param string $op_action {@from body} {@choice VIEW,BLOCK,DELETE,RESEND} * @param string $tas_uid {@from body} * @param string $op_task_source {@from body}