From 4683f5b59d37c0660cfd73c953f629ec5811988f Mon Sep 17 00:00:00 2001
From: "Marco A. Nina Mena" <marco.antonio.nina@processmaker.coma>
Date: Thu, 10 Aug 2017 14:30:37 -0400
Subject: [PATCH] Add functionality in rbac for enable or disable compatibility
 with soap login

---
 gulliver/system/class.bootstrap.php        | 31 +++++++++++++++++----
 gulliver/system/class.rbac.php             | 32 ++++++++++++++++++++++
 workflow/engine/bin/cron.php               |  1 +
 workflow/engine/bin/cron_single.php        |  1 +
 workflow/engine/classes/class.wsBase.php   | 11 ++++----
 workflow/engine/methods/services/soap2.php |  1 +
 6 files changed, 66 insertions(+), 11 deletions(-)

diff --git a/gulliver/system/class.bootstrap.php b/gulliver/system/class.bootstrap.php
index b5b47209d..ed98a7616 100644
--- a/gulliver/system/class.bootstrap.php
+++ b/gulliver/system/class.bootstrap.php
@@ -2577,18 +2577,37 @@ class Bootstrap
         return $var;
     }
 
+    /**
+     * Verify Hash password with password entered
+     *
+     * @param string $pass password
+     * @param string $userPass hash of password
+     * @return bool true or false
+     */
     public function verifyHashPassword ($pass, $userPass)
     {
+        global $RBAC;
         $passwordHashConfig = Bootstrap::getPasswordHashConfig();
         $hashTypeCurrent = $passwordHashConfig['current'];
         $hashTypePrevious = $passwordHashConfig['previous'];
-        if (Bootstrap::hashPassword($pass, $hashTypeCurrent) == $userPass) {
-            return true;
+        $acceptance = false;
+
+        if ($RBAC->getStatusLoginHash()) {
+            //To enable compatibility with soap login
+            if ($pass === $hashTypeCurrent . ':' . $userPass) {
+                $acceptance = true;
+            } else if ($pass === $hashTypePrevious . ':' . $userPass) {
+                $acceptance = true;
+            }
+        } else {
+            if (Bootstrap::hashPassword($pass, $hashTypeCurrent) == $userPass) {
+                $acceptance = true;
+            } else if (Bootstrap::hashPassword($pass, $hashTypePrevious) == $userPass) {
+                $acceptance = true;
+            }
         }
-        if (Bootstrap::hashPassword($pass, $hashTypePrevious) == $userPass) {
-            return true;
-        }
-        return false;
+
+        return $acceptance;
     }
 
     /**
diff --git a/gulliver/system/class.rbac.php b/gulliver/system/class.rbac.php
index 253ff34b8..66388a0d6 100644
--- a/gulliver/system/class.rbac.php
+++ b/gulliver/system/class.rbac.php
@@ -75,6 +75,12 @@ class RBAC
     private static $instance = null;
     public $authorizedActions = array();
 
+    /**
+     * To enable compatibility with soap login.
+     * @var bool
+     */
+    private $enableLoginHash = false;
+
     public function __construct ()
     {
         $this->authorizedActions = array(
@@ -1572,5 +1578,31 @@ class RBAC
             throw new RBACException('ID_ACCESS_DENIED', 403);
         }
     }
+
+    /**
+     * Enable compatibility with soap login
+     */
+    public function enableLoginSoapWithHash()
+    {
+        $this->enableLoginHash = true;
+    }
+
+    /**
+     * Disable compatibility with soap login
+     */
+    public function disableLoginSoapWithHash ()
+    {
+        $this->enableLoginHash = false;
+    }
+
+    /**
+     * Return status login with soap
+     *
+     * @return bool
+     */
+    public function getStatusLoginHash ()
+    {
+        return $this->enableLoginHash;
+    }
 }
 
diff --git a/workflow/engine/bin/cron.php b/workflow/engine/bin/cron.php
index 8db5a180c..34ca20fc8 100644
--- a/workflow/engine/bin/cron.php
+++ b/workflow/engine/bin/cron.php
@@ -1,4 +1,5 @@
 <?php
+require_once(__DIR__ . '/../../../bootstrap/autoload.php');
 try {
     //Set variables
     $cronName = pathinfo($_SERVER['SCRIPT_FILENAME'], PATHINFO_FILENAME);
diff --git a/workflow/engine/bin/cron_single.php b/workflow/engine/bin/cron_single.php
index 1aa83d9cd..c4fc3e8e5 100644
--- a/workflow/engine/bin/cron_single.php
+++ b/workflow/engine/bin/cron_single.php
@@ -1,4 +1,5 @@
 <?php
+require_once(__DIR__ . '/../../../bootstrap/autoload.php');
 register_shutdown_function(
     create_function(
         '',
diff --git a/workflow/engine/classes/class.wsBase.php b/workflow/engine/classes/class.wsBase.php
index 6b93e4f56..2d303b015 100644
--- a/workflow/engine/classes/class.wsBase.php
+++ b/workflow/engine/classes/class.wsBase.php
@@ -65,6 +65,8 @@ class wsBase
         global $RBAC;
 
         try {
+            //To enable compatibility with soap login, method Enable.
+            $RBAC->enableLoginSoapWithHash();
             $uid = $RBAC->VerifyLogin( $userid, $password );
 
             switch ($uid) {
@@ -113,14 +115,13 @@ class wsBase
             $session->Save();
 
             //save the session in DataBase
-
-
-            return $wsResponse;
         } catch (Exception $e) {
             $wsResponse = unserialize( $e->getMessage() );
-
-            return $wsResponse;
         }
+
+        //To enable compatibility with soap login, method disable.
+        $RBAC->disableLoginSoapWithHash();
+        return $wsResponse;
     }
 
     /**
diff --git a/workflow/engine/methods/services/soap2.php b/workflow/engine/methods/services/soap2.php
index 758c21e2a..75a61177a 100644
--- a/workflow/engine/methods/services/soap2.php
+++ b/workflow/engine/methods/services/soap2.php
@@ -1,6 +1,7 @@
 <?php
 ini_set("soap.wsdl_cache_enabled", 0); //disabling WSDL cache
 
+use ProcessMaker\Util\ParseSoapVariableName;
 
 define( 'WEB_SERVICE_VERSION', '2.0' );