diff --git a/workflow/engine/src/ProcessMaker/BusinessModel/Group.php b/workflow/engine/src/ProcessMaker/BusinessModel/Group.php index d58127b0c..9eb0cb5a3 100644 --- a/workflow/engine/src/ProcessMaker/BusinessModel/Group.php +++ b/workflow/engine/src/ProcessMaker/BusinessModel/Group.php @@ -634,6 +634,29 @@ class Group } } + /** + * return permissions of user + */ + public function loadUserRolePermission ($sSystem, $sUser) + { + require_once (PATH_RBAC_HOME . "engine" . PATH_SEP . "classes" . PATH_SEP . "model" . PATH_SEP . "UsersRoles.php"); + require_once (PATH_RBAC_HOME . "engine" . PATH_SEP . "classes" . PATH_SEP . "model" . PATH_SEP . "Systems.php"); + require_once (PATH_RBAC_HOME . "engine" . PATH_SEP . "classes" . PATH_SEP . "model" . PATH_SEP . "RbacUsers.php"); + require_once (PATH_RBAC_HOME . "engine" . PATH_SEP . "classes" . PATH_SEP . "model" . PATH_SEP . "RolesPeer.php"); + $this->sSystem = $sSystem; + $this->usersRolesObj = new \UsersRoles(); + $this->systemObj = new \Systems(); + $fieldsSystem = $this->systemObj->loadByCode( $sSystem ); + $fieldsRoles = $this->usersRolesObj->getRolesBySystem( $fieldsSystem['SYS_UID'], $sUser ); + $fieldsPermissions = $this->usersRolesObj->getAllPermissions( $fieldsRoles['ROL_UID'], $sUser ); + $this->userObj = new \RbacUsers(); + $this->aUserInfo['USER_INFO'] = $this->userObj->load( $sUser ); + $this->aUserInfo[$sSystem]['SYS_UID'] = $fieldsSystem['SYS_UID']; + $this->aUserInfo[$sSystem]['ROLE'] = $fieldsRoles; + $this->aUserInfo[$sSystem]['PERMISSIONS'] = $fieldsPermissions; + return $fieldsPermissions; + } + /** * Get all Users of a Group * @@ -666,6 +689,11 @@ class Group //SQL switch ($option) { + case "SUPERVISOR": + $flagPermission = true; + //Criteria for Supervisor + $criteria = $this->getUserCriteria($groupUid, $arrayFilterData); + break; case "USERS": //Criteria $criteria = $this->getUserCriteria($groupUid, $arrayFilterData); @@ -720,12 +748,30 @@ class Group $rsCriteria = \UsersPeer::doSelectRS($criteria); $rsCriteria->setFetchmode(\ResultSet::FETCHMODE_ASSOC); - while ($rsCriteria->next()) { - $row = $rsCriteria->getRow(); + if (isset($flagPermission) && $flagPermission){ + \G::LoadSystem('rbac'); + while ($rsCriteria->next()) { + $row = $rsCriteria->getRow(); + + $aPermissions = $this->loadUserRolePermission("PROCESSMAKER", $row['USR_UID']); + $bInclude = false; - $arrayUser[] = $this->getUserDataFromRecord($row); + foreach ($aPermissions as $aPermission) { + if ($aPermission['PER_CODE'] == 'PM_SUPERVISOR') { + $bInclude = true; + } + } + if ($bInclude) { + $arrayUser[] = $this->getUserDataFromRecord($row); + } + } + } else { + while ($rsCriteria->next()) { + $row = $rsCriteria->getRow(); + + $arrayUser[] = $this->getUserDataFromRecord($row); + } } - //Return return $arrayUser; } catch (\Exception $e) { diff --git a/workflow/engine/src/ProcessMaker/Services/Api/Group.php b/workflow/engine/src/ProcessMaker/Services/Api/Group.php index 5d370e16c..43b66d0d5 100644 --- a/workflow/engine/src/ProcessMaker/Services/Api/Group.php +++ b/workflow/engine/src/ProcessMaker/Services/Api/Group.php @@ -142,5 +142,24 @@ class Group extends Api throw (new RestException(Api::STAT_APP_EXCEPTION, $e->getMessage())); } } + + /** + * @url GET /:grp_uid/supervisor-users + * + * @param string $grp_uid {@min 32}{@max 32} + */ + public function doGetSupervisorUsers($grp_uid, $filter = null, $start = null, $limit = null) + { + try { + $group = new \ProcessMaker\BusinessModel\Group(); + $group->setFormatFieldNameInUppercase(false); + + $response = $group->getUsers("SUPERVISOR", $grp_uid, array("filter" => $filter), null, null, $start, $limit); + + return $response; + } catch (\Exception $e) { + throw (new RestException(Api::STAT_APP_EXCEPTION, $e->getMessage())); + } + } }