From 8a065356eaf669405473e7528f785f249487a81e Mon Sep 17 00:00:00 2001 From: dheeyi william Date: Thu, 19 Jan 2017 10:27:02 -0400 Subject: [PATCH 01/39] HOR-2483 [MANTIS 21846] When output document is set to "Open the file" once click on the generated file link, the downloaded output document have an incorrect name. --- gulliver/system/class.g.php | 14 +++++++++----- 1 file changed, 9 insertions(+), 5 deletions(-) diff --git a/gulliver/system/class.g.php b/gulliver/system/class.g.php index 6b593fb25..39e22b3ff 100644 --- a/gulliver/system/class.g.php +++ b/gulliver/system/class.g.php @@ -1232,8 +1232,10 @@ class G case 'txt': G::sendHeaders( $filename, 'text/html', $download, $downloadFileName ); break; - case 'doc': case 'pdf': + G::sendHeaders( $filename, 'application/pdf', $download, $downloadFileName ); + break; + case 'doc': case 'pm': case 'po': G::sendHeaders( $filename, 'application/octet-stream', $download, $downloadFileName ); @@ -1283,12 +1285,14 @@ class G { if ($download) { if ($downloadFileName == '') { - $aAux = explode( '/', $filename ); - $downloadFileName = $aAux[count( $aAux ) - 1]; + $aAux = explode('/', $filename); + $downloadFileName = $aAux[count($aAux) - 1]; } - header( 'Content-Disposition: attachment; filename="' . $downloadFileName . '"' ); + header('Content-Disposition: attachment; filename="' . $downloadFileName . '"'); + } else { + header('Content-Disposition: inline; filename="' . $downloadFileName . '"'); } - header( 'Content-Type: ' . $contentType ); + header('Content-Type: ' . $contentType); //if userAgent (BROWSER) is MSIE we need special headers to avoid MSIE behaivor. $userAgent = strtolower( $_SERVER['HTTP_USER_AGENT'] ); From 587229cfb9478431ca728523ac9b6c0e2059744c Mon Sep 17 00:00:00 2001 From: qronald Date: Thu, 19 Jan 2017 15:35:04 -0400 Subject: [PATCH 02/39] HOR-2485 --- workflow/engine/classes/class.pmFunctions.php | 18 ++++++++++++++++-- 1 file changed, 16 insertions(+), 2 deletions(-) diff --git a/workflow/engine/classes/class.pmFunctions.php b/workflow/engine/classes/class.pmFunctions.php index 8b31758aa..fe96690b2 100644 --- a/workflow/engine/classes/class.pmFunctions.php +++ b/workflow/engine/classes/class.pmFunctions.php @@ -527,13 +527,27 @@ function WSLogin ($user, $pass, $endpoint = "") function WSOpen ($force = false) { if (isset( $_SESSION["WS_SESSION_ID"] ) || $force) { + $optionsHeaders = array( + "cache_wsdl" => WSDL_CACHE_NONE, + "soap_version" => SOAP_1_1, + "trace" => 1, + "stream_context" => stream_context_create( + array( + 'ssl' => array( + 'verify_peer' => 0, + 'verify_peer_name' => 0 + ) + ) + ) + ); + if (! isset( $_SESSION["WS_END_POINT"] )) { - $defaultEndpoint = "http://" . $_SERVER["SERVER_NAME"] . ":" . $_SERVER["SERVER_PORT"] . "/sys" . SYS_SYS . "/en/classic/services/wsdl2"; + $defaultEndpoint = $_SERVER["REQUEST_SCHEME"] . "://" . $_SERVER["SERVER_NAME"] . ":" . $_SERVER["SERVER_PORT"] . "/sys" . SYS_SYS . "/en/classic/services/wsdl2"; } $endpoint = isset( $_SESSION["WS_END_POINT"] ) ? $_SESSION["WS_END_POINT"] : $defaultEndpoint; - $client = new SoapClient( $endpoint ); + $client = new SoapClient( $endpoint, $optionsHeaders); return $client; } else { From 30b23873f38c07f3ae987e8821c5edc74f5202d8 Mon Sep 17 00:00:00 2001 From: dheeyi william Date: Fri, 20 Jan 2017 14:40:55 -0400 Subject: [PATCH 03/39] HOR-2462 [Zendesk 4018]- Grid is not able to delete data when populated by trigger --- workflow/engine/classes/class.pmDynaform.php | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/workflow/engine/classes/class.pmDynaform.php b/workflow/engine/classes/class.pmDynaform.php index 125166c24..d20c56dc1 100644 --- a/workflow/engine/classes/class.pmDynaform.php +++ b/workflow/engine/classes/class.pmDynaform.php @@ -1909,6 +1909,12 @@ class pmDynaform if ($validatorClass !== null) { $validatorClass->validatePost($post); } + //Clears the data in the appData for grids + if (array_key_exists($json->id, $this->fields) && $json->type === 'grid' && + !array_key_exists($json->id, $post) + ) { + $post[$json->variable] = array(array()); + } } }; $json = G::json_decode($this->record["DYN_CONTENT"]); From 5c1220c055c4822f10b3640ea3b5f046482e41b7 Mon Sep 17 00:00:00 2001 From: qronald Date: Tue, 24 Jan 2017 16:53:53 -0400 Subject: [PATCH 04/39] HOR-2530 --- pmos.conf.example | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pmos.conf.example b/pmos.conf.example index 5c0fac310..a592ed0bc 100644 --- a/pmos.conf.example +++ b/pmos.conf.example @@ -6,7 +6,7 @@ Options Indexes FollowSymLinks MultiViews - AllowOverride None + AllowOverride All Order allow,deny Allow from all Require all granted From 7423148b862b0bc780502a6290608962c31c4105 Mon Sep 17 00:00:00 2001 From: dheeyi william Date: Thu, 26 Jan 2017 11:58:46 -0400 Subject: [PATCH 05/39] HOR-2527 CLONE - Array variable is not working in Mobile --- workflow/engine/classes/class.pmDynaform.php | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/workflow/engine/classes/class.pmDynaform.php b/workflow/engine/classes/class.pmDynaform.php index 125166c24..2ab1441e5 100644 --- a/workflow/engine/classes/class.pmDynaform.php +++ b/workflow/engine/classes/class.pmDynaform.php @@ -27,6 +27,7 @@ class pmDynaform private $context = array(); private $dataSources = null; private $databaseProviders = null; + private $propertyExclude = array(); public function __construct($fields = array()) { @@ -37,6 +38,7 @@ class pmDynaform $this->serverConf = &serverConf::getSingleton(); $this->isRTL = ($this->serverConf->isRtl(SYS_LANG)) ? 'true' : 'false'; $this->fields = $fields; + $this->propertyExclude = array('dataVariable'); $this->getDynaform(); $this->getDynaforms(); $this->synchronizeSubDynaform(); @@ -196,11 +198,13 @@ class pmDynaform if (is_string($value) && in_array(substr($value, 0, 2), $prefixs)) { $triggerValue = substr($value, 2); if (isset($this->fields["APP_DATA"][$triggerValue])) { - if ($key !== "dataVariable") { + if (!in_array($key, $this->propertyExclude)) { $json->{$key} = $this->fields["APP_DATA"][$triggerValue]; } } else { - $json->{$key} = ""; + if (!in_array($key, $this->propertyExclude)) { + $json->{$key} = ""; + } } } //set properties from 'formInstance' variable From a3a1a0c2e93a203c147ab9b47c2cc545460a90c1 Mon Sep 17 00:00:00 2001 From: dheeyi william Date: Thu, 26 Jan 2017 14:29:33 -0400 Subject: [PATCH 06/39] HOR-2527 CLONE - Array variable is not working in Mobile --- workflow/engine/classes/class.pmDynaform.php | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/workflow/engine/classes/class.pmDynaform.php b/workflow/engine/classes/class.pmDynaform.php index 2ab1441e5..1fb8638ab 100644 --- a/workflow/engine/classes/class.pmDynaform.php +++ b/workflow/engine/classes/class.pmDynaform.php @@ -27,7 +27,7 @@ class pmDynaform private $context = array(); private $dataSources = null; private $databaseProviders = null; - private $propertyExclude = array(); + private $propertiesToExclude = array(); public function __construct($fields = array()) { @@ -38,7 +38,7 @@ class pmDynaform $this->serverConf = &serverConf::getSingleton(); $this->isRTL = ($this->serverConf->isRtl(SYS_LANG)) ? 'true' : 'false'; $this->fields = $fields; - $this->propertyExclude = array('dataVariable'); + $this->propertiesToExclude = array('dataVariable'); $this->getDynaform(); $this->getDynaforms(); $this->synchronizeSubDynaform(); @@ -198,11 +198,11 @@ class pmDynaform if (is_string($value) && in_array(substr($value, 0, 2), $prefixs)) { $triggerValue = substr($value, 2); if (isset($this->fields["APP_DATA"][$triggerValue])) { - if (!in_array($key, $this->propertyExclude)) { + if (!in_array($key, $this->propertiesToExclude)) { $json->{$key} = $this->fields["APP_DATA"][$triggerValue]; } } else { - if (!in_array($key, $this->propertyExclude)) { + if (!in_array($key, $this->propertiesToExclude)) { $json->{$key} = ""; } } From 1e7725b41429c729c42377a5d1b1cd7bb06c95c5 Mon Sep 17 00:00:00 2001 From: Rodrigo Quelca Date: Tue, 31 Jan 2017 06:00:18 -0500 Subject: [PATCH 07/39] Update composer lock --- .gitignore | 1 - composer.lock | 6 +++--- 2 files changed, 3 insertions(+), 4 deletions(-) diff --git a/.gitignore b/.gitignore index bb2664051..0c77f18af 100644 --- a/.gitignore +++ b/.gitignore @@ -20,7 +20,6 @@ workflow/public_html/index.html .DS_Store .idea composer.phar -composer.lock vendor/ workflow/engine/config/schema-transformed.xml workflow/engine/config/_databases_.php diff --git a/composer.lock b/composer.lock index 66c0b5002..8a87e5884 100644 --- a/composer.lock +++ b/composer.lock @@ -56,7 +56,7 @@ "source": { "type": "git", "url": "git@bitbucket.org:colosa/michelangelofe.git", - "reference": "7e889f23a7e8397c052a4d9ae6331334b57c9d48" + "reference": "733277aef23c643b094c123043c3dbee975997a4" }, "require": { "colosa/pmui": "release/3.2-dev" @@ -75,7 +75,7 @@ "source": { "type": "git", "url": "git@bitbucket.org:colosa/pmdynaform.git", - "reference": "c2008027bd721ac42e4a7d98cc773f82ac25921e" + "reference": "efb60f8f989ee83f91459f82810f90d8ef7a6d64" }, "type": "library", "description": "JS Library to render ProcessMaker Dynaforms", @@ -91,7 +91,7 @@ "source": { "type": "git", "url": "git@bitbucket.org:colosa/pmui.git", - "reference": "851ee86a1006df111ee8b281bf2b033cdbcc6f0b" + "reference": "462ab5f45a4cce1ca9920fcb854255f10abea1e1" }, "type": "library", "description": "JS UI Library", From 07a6da4e75da585a08719de6a33a25abc3bdc162 Mon Sep 17 00:00:00 2001 From: Rodrigo Quelca Date: Tue, 31 Jan 2017 06:33:57 -0500 Subject: [PATCH 08/39] composer lock file after execute composer update --- composer.lock | 188 +++++++++++++++++++++++++++++++++----------------- 1 file changed, 124 insertions(+), 64 deletions(-) diff --git a/composer.lock b/composer.lock index 8a87e5884..492e7640e 100644 --- a/composer.lock +++ b/composer.lock @@ -4,8 +4,7 @@ "Read more about it at https://getcomposer.org/doc/01-basic-usage.md#composer-lock-the-lock-file", "This file is @generated automatically" ], - "hash": "e94e04e50eb74bdfd3dfedcb1af4e6d0", - "content-hash": "f0b89bffcea74fc73605464d3f0ca520", + "content-hash": "da8938c847b4f778aa2acc95daaeb38c", "packages": [ { "name": "bshaffer/oauth2-server-php", @@ -48,7 +47,7 @@ "oauth", "oauth2" ], - "time": "2013-08-12 16:35:58" + "time": "2013-08-12T16:35:58+00:00" }, { "name": "colosa/MichelangeloFE", @@ -67,7 +66,7 @@ "keywords": [ "js app ProcessMaker" ], - "time": "2016-03-09 20:18:44" + "time": "2017-01-30 20:34:14" }, { "name": "colosa/pmDynaform", @@ -83,7 +82,7 @@ "keywords": [ "js lib ProcessMaker Dynaforms" ], - "time": "2016-03-15 17:46:33" + "time": "2017-02-09 17:03:07" }, { "name": "colosa/pmUI", @@ -99,20 +98,20 @@ "keywords": [ "js lib ProcessMaker UI" ], - "time": "2016-02-26 21:41:50" + "time": "2017-01-30 20:34:06" }, { "name": "dapphp/securimage", - "version": "3.6.4", + "version": "3.6.5", "source": { "type": "git", "url": "https://github.com/dapphp/securimage.git", - "reference": "2ed50264ae5541fec8d8c79e4c9b6235a7cfd506" + "reference": "3f5a84fd80b1a35d58332896c944142713a7e802" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/dapphp/securimage/zipball/2ed50264ae5541fec8d8c79e4c9b6235a7cfd506", - "reference": "2ed50264ae5541fec8d8c79e4c9b6235a7cfd506", + "url": "https://api.github.com/repos/dapphp/securimage/zipball/3f5a84fd80b1a35d58332896c944142713a7e802", + "reference": "3f5a84fd80b1a35d58332896c944142713a7e802", "shasum": "" }, "require": { @@ -130,7 +129,7 @@ "securimage.php" ] }, - "notification-url": "http://packagist.org/downloads/", + "notification-url": "https://packagist.org/downloads/", "license": [ "BSD" ], @@ -146,7 +145,7 @@ "captcha", "security" ], - "time": "2016-03-04 21:08:00" + "time": "2016-12-04T17:45:57+00:00" }, { "name": "google/apiclient", @@ -189,7 +188,7 @@ "keywords": [ "google" ], - "time": "2015-10-16 22:11:08" + "time": "2015-10-16T22:11:08+00:00" }, { "name": "luracast/restler", @@ -197,12 +196,12 @@ "source": { "type": "git", "url": "https://github.com/Luracast/Restler.git", - "reference": "1dcf910c1e1fd1ea565a537b053a66971d818e42" + "reference": "581d8d6dc5d37f439765f89725a92f85e98f1826" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/Luracast/Restler/zipball/1dcf910c1e1fd1ea565a537b053a66971d818e42", - "reference": "1dcf910c1e1fd1ea565a537b053a66971d818e42", + "url": "https://api.github.com/repos/Luracast/Restler/zipball/581d8d6dc5d37f439765f89725a92f85e98f1826", + "reference": "581d8d6dc5d37f439765f89725a92f85e98f1826", "shasum": "" }, "require": { @@ -268,7 +267,7 @@ "rest", "server" ], - "time": "2015-08-04 07:52:49" + "time": "2015-08-04T07:52:49+00:00" }, { "name": "monolog/monolog", @@ -346,7 +345,7 @@ "logging", "psr-3" ], - "time": "2016-04-12 18:29:35" + "time": "2016-04-12T18:29:35+00:00" }, { "name": "psr/log", @@ -384,7 +383,7 @@ "psr", "psr-3" ], - "time": "2012-12-21 11:40:51" + "time": "2012-12-21T11:40:51+00:00" } ], "packages-dev": [ @@ -453,7 +452,7 @@ "Behat", "Symfony2" ], - "time": "2013-06-06 10:46:48" + "time": "2013-06-06T10:46:48+00:00" }, { "name": "behat/gherkin", @@ -514,7 +513,7 @@ "Symfony2", "parser" ], - "time": "2013-03-02 10:38:40" + "time": "2013-03-02T10:38:40+00:00" }, { "name": "guzzle/guzzle", @@ -571,7 +570,7 @@ "type": "library", "extra": { "branch-alias": { - "dev-master": "release/3.2-dev" + "dev-master": "3.1-dev" } }, "autoload": { @@ -607,26 +606,29 @@ "web service" ], "abandoned": "guzzlehttp/guzzle", - "time": "2013-01-28 00:07:40" + "time": "2013-01-28T00:07:40+00:00" }, { "name": "symfony/config", - "version": "v2.8.9", + "version": "v2.8.17", "source": { "type": "git", "url": "https://github.com/symfony/config.git", - "reference": "4275ef5b59f18959df0eee3991e9ca0cc208ffd4" + "reference": "747fa191136cf798409183c501435aa4c16184df" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/symfony/config/zipball/4275ef5b59f18959df0eee3991e9ca0cc208ffd4", - "reference": "4275ef5b59f18959df0eee3991e9ca0cc208ffd4", + "url": "https://api.github.com/repos/symfony/config/zipball/747fa191136cf798409183c501435aa4c16184df", + "reference": "747fa191136cf798409183c501435aa4c16184df", "shasum": "" }, "require": { "php": ">=5.3.9", "symfony/filesystem": "~2.3|~3.0.0" }, + "require-dev": { + "symfony/yaml": "~2.7|~3.0.0" + }, "suggest": { "symfony/yaml": "To use the yaml reference dumper" }, @@ -660,24 +662,25 @@ ], "description": "Symfony Config Component", "homepage": "https://symfony.com", - "time": "2016-07-26 08:02:44" + "time": "2017-02-05T10:11:19+00:00" }, { "name": "symfony/console", - "version": "v2.8.9", + "version": "v2.8.17", "source": { "type": "git", "url": "https://github.com/symfony/console.git", - "reference": "36e62335caca8a6e909c5c5bac4a8128149911c9" + "reference": "f3c234cd8db9f7e520a91d695db7d8bb5daeb7a4" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/symfony/console/zipball/36e62335caca8a6e909c5c5bac4a8128149911c9", - "reference": "36e62335caca8a6e909c5c5bac4a8128149911c9", + "url": "https://api.github.com/repos/symfony/console/zipball/f3c234cd8db9f7e520a91d695db7d8bb5daeb7a4", + "reference": "f3c234cd8db9f7e520a91d695db7d8bb5daeb7a4", "shasum": "" }, "require": { "php": ">=5.3.9", + "symfony/debug": "~2.7,>=2.7.2|~3.0.0", "symfony/polyfill-mbstring": "~1.0" }, "require-dev": { @@ -720,20 +723,77 @@ ], "description": "Symfony Console Component", "homepage": "https://symfony.com", - "time": "2016-07-30 07:20:35" + "time": "2017-02-06T12:04:06+00:00" }, { - "name": "symfony/dependency-injection", - "version": "v2.8.9", + "name": "symfony/debug", + "version": "v3.0.9", "source": { "type": "git", - "url": "https://github.com/symfony/dependency-injection.git", - "reference": "f2b5a00d176f6a201dc430375c0ef37706ea3d12" + "url": "https://github.com/symfony/debug.git", + "reference": "697c527acd9ea1b2d3efac34d9806bf255278b0a" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/symfony/dependency-injection/zipball/f2b5a00d176f6a201dc430375c0ef37706ea3d12", - "reference": "f2b5a00d176f6a201dc430375c0ef37706ea3d12", + "url": "https://api.github.com/repos/symfony/debug/zipball/697c527acd9ea1b2d3efac34d9806bf255278b0a", + "reference": "697c527acd9ea1b2d3efac34d9806bf255278b0a", + "shasum": "" + }, + "require": { + "php": ">=5.5.9", + "psr/log": "~1.0" + }, + "conflict": { + "symfony/http-kernel": ">=2.3,<2.3.24|~2.4.0|>=2.5,<2.5.9|>=2.6,<2.6.2" + }, + "require-dev": { + "symfony/class-loader": "~2.8|~3.0", + "symfony/http-kernel": "~2.8|~3.0" + }, + "type": "library", + "extra": { + "branch-alias": { + "dev-master": "3.0-dev" + } + }, + "autoload": { + "psr-4": { + "Symfony\\Component\\Debug\\": "" + }, + "exclude-from-classmap": [ + "/Tests/" + ] + }, + "notification-url": "https://packagist.org/downloads/", + "license": [ + "MIT" + ], + "authors": [ + { + "name": "Fabien Potencier", + "email": "fabien@symfony.com" + }, + { + "name": "Symfony Community", + "homepage": "https://symfony.com/contributors" + } + ], + "description": "Symfony Debug Component", + "homepage": "https://symfony.com", + "time": "2016-07-30T07:22:48+00:00" + }, + { + "name": "symfony/dependency-injection", + "version": "v2.8.17", + "source": { + "type": "git", + "url": "https://github.com/symfony/dependency-injection.git", + "reference": "1dfbf6a9e30113a9c4e482ab056e969c70c37a19" + }, + "dist": { + "type": "zip", + "url": "https://api.github.com/repos/symfony/dependency-injection/zipball/1dfbf6a9e30113a9c4e482ab056e969c70c37a19", + "reference": "1dfbf6a9e30113a9c4e482ab056e969c70c37a19", "shasum": "" }, "require": { @@ -783,20 +843,20 @@ ], "description": "Symfony DependencyInjection Component", "homepage": "https://symfony.com", - "time": "2016-07-30 07:20:35" + "time": "2017-01-27T23:54:58+00:00" }, { "name": "symfony/event-dispatcher", - "version": "v2.8.9", + "version": "v2.8.17", "source": { "type": "git", "url": "https://github.com/symfony/event-dispatcher.git", - "reference": "889983a79a043dfda68f38c38b6dba092dd49cd8" + "reference": "74877977f90fb9c3e46378d5764217c55f32df34" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/symfony/event-dispatcher/zipball/889983a79a043dfda68f38c38b6dba092dd49cd8", - "reference": "889983a79a043dfda68f38c38b6dba092dd49cd8", + "url": "https://api.github.com/repos/symfony/event-dispatcher/zipball/74877977f90fb9c3e46378d5764217c55f32df34", + "reference": "74877977f90fb9c3e46378d5764217c55f32df34", "shasum": "" }, "require": { @@ -843,7 +903,7 @@ ], "description": "Symfony EventDispatcher Component", "homepage": "https://symfony.com", - "time": "2016-07-28 16:56:28" + "time": "2017-01-02T20:30:24+00:00" }, { "name": "symfony/filesystem", @@ -892,7 +952,7 @@ ], "description": "Symfony Filesystem Component", "homepage": "https://symfony.com", - "time": "2016-07-20 05:43:46" + "time": "2016-07-20T05:43:46+00:00" }, { "name": "symfony/finder", @@ -942,20 +1002,20 @@ ], "description": "Symfony Finder Component", "homepage": "https://symfony.com", - "time": "2016-05-13 14:58:35" + "time": "2016-05-13T14:58:35+00:00" }, { "name": "symfony/polyfill-mbstring", - "version": "v1.2.0", + "version": "v1.3.0", "source": { "type": "git", "url": "https://github.com/symfony/polyfill-mbstring.git", - "reference": "dff51f72b0706335131b00a7f49606168c582594" + "reference": "e79d363049d1c2128f133a2667e4f4190904f7f4" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/symfony/polyfill-mbstring/zipball/dff51f72b0706335131b00a7f49606168c582594", - "reference": "dff51f72b0706335131b00a7f49606168c582594", + "url": "https://api.github.com/repos/symfony/polyfill-mbstring/zipball/e79d363049d1c2128f133a2667e4f4190904f7f4", + "reference": "e79d363049d1c2128f133a2667e4f4190904f7f4", "shasum": "" }, "require": { @@ -967,7 +1027,7 @@ "type": "library", "extra": { "branch-alias": { - "dev-master": "1.2-dev" + "dev-master": "1.3-dev" } }, "autoload": { @@ -978,7 +1038,7 @@ "bootstrap.php" ] }, - "notification-url": "http://packagist.org/downloads/", + "notification-url": "https://packagist.org/downloads/", "license": [ "MIT" ], @@ -1001,20 +1061,20 @@ "portable", "shim" ], - "time": "2016-05-18 14:26:46" + "time": "2016-11-14T01:06:16+00:00" }, { "name": "symfony/translation", - "version": "v2.8.9", + "version": "v2.8.17", "source": { "type": "git", "url": "https://github.com/symfony/translation.git", - "reference": "32b0c824da6df065f43b0c458dc505940e98a7f1" + "reference": "c281ac2b484210bb95106bdb8ae8356e63277725" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/symfony/translation/zipball/32b0c824da6df065f43b0c458dc505940e98a7f1", - "reference": "32b0c824da6df065f43b0c458dc505940e98a7f1", + "url": "https://api.github.com/repos/symfony/translation/zipball/c281ac2b484210bb95106bdb8ae8356e63277725", + "reference": "c281ac2b484210bb95106bdb8ae8356e63277725", "shasum": "" }, "require": { @@ -1065,20 +1125,20 @@ ], "description": "Symfony Translation Component", "homepage": "https://symfony.com", - "time": "2016-07-30 07:20:35" + "time": "2017-01-21T16:59:38+00:00" }, { "name": "symfony/yaml", - "version": "v2.8.9", + "version": "v2.8.17", "source": { "type": "git", "url": "https://github.com/symfony/yaml.git", - "reference": "0ceab136f43ed9d3e97b3eea32a7855dc50c121d" + "reference": "322a8c2dfbca15ad6b1b27e182899f98ec0e0153" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/symfony/yaml/zipball/0ceab136f43ed9d3e97b3eea32a7855dc50c121d", - "reference": "0ceab136f43ed9d3e97b3eea32a7855dc50c121d", + "url": "https://api.github.com/repos/symfony/yaml/zipball/322a8c2dfbca15ad6b1b27e182899f98ec0e0153", + "reference": "322a8c2dfbca15ad6b1b27e182899f98ec0e0153", "shasum": "" }, "require": { @@ -1114,7 +1174,7 @@ ], "description": "Symfony Yaml Component", "homepage": "https://symfony.com", - "time": "2016-07-17 09:06:15" + "time": "2017-01-21T16:40:50+00:00" } ], "aliases": [], From eec8aa5f0843f8a18b91ad78846b91f05e58d385 Mon Sep 17 00:00:00 2001 From: Roly Rudy Gutierrez Pinto Date: Tue, 31 Jan 2017 17:43:50 -0400 Subject: [PATCH 09/39] HOR-2624 --- workflow/engine/classes/class.case.php | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/workflow/engine/classes/class.case.php b/workflow/engine/classes/class.case.php index 8a938d803..6d56a8544 100644 --- a/workflow/engine/classes/class.case.php +++ b/workflow/engine/classes/class.case.php @@ -4433,6 +4433,11 @@ class Cases /*----------------------------------********---------------------------------*/ $this->getExecuteTriggerProcess($sApplicationUID, 'REASSIGNED'); + + //Delete record of the table LIST_UNASSIGNED + $unassigned = new ListUnassigned(); + $unassigned->remove($sApplicationUID, $iDelegation); + return true; } From c2f92115264c292baa1dbf6c85148f67b285e024 Mon Sep 17 00:00:00 2001 From: Roly Rudy Gutierrez Pinto Date: Wed, 1 Feb 2017 12:28:15 -0400 Subject: [PATCH 10/39] HOR-2487 --- workflow/engine/classes/model/AppDelegation.php | 11 ++++++----- workflow/engine/methods/cases/cases_Step.php | 2 +- .../engine/src/ProcessMaker/Core/RoutingScreen.php | 3 +++ 3 files changed, 10 insertions(+), 6 deletions(-) diff --git a/workflow/engine/classes/model/AppDelegation.php b/workflow/engine/classes/model/AppDelegation.php index 7feeaa1df..abb930c01 100644 --- a/workflow/engine/classes/model/AppDelegation.php +++ b/workflow/engine/classes/model/AppDelegation.php @@ -442,6 +442,7 @@ class AppDelegation extends BaseAppDelegation //Get Task properties $task = TaskPeer::retrieveByPK( $this->getTasUid() ); + $aData = array(); $aData['TAS_UID'] = $this->getTasUid(); //Added to allow User defined Timing Control at Run time from Derivation screen if (isset( $sNextTasParam['NEXT_TASK']['TAS_TRANSFER_HIDDEN_FLY'] ) && $sNextTasParam['NEXT_TASK']['TAS_TRANSFER_HIDDEN_FLY'] == 'true') { @@ -471,7 +472,7 @@ class AppDelegation extends BaseAppDelegation //Calendar - Use the dates class to calculate dates $calendar = new calendar(); - $arrayCalendarData = array(); + $arrayCalendarData = $calendar->getCalendarData($aCalendarUID); if ($calendar->pmCalendarUid == "") { $calendar->getCalendar(null, $this->getProUid(), $this->getTasUid()); @@ -480,11 +481,11 @@ class AppDelegation extends BaseAppDelegation } //Due date - /*$iDueDate = $calendar->calculateDate( $this->getDelDelegateDate(), $aData['TAS_DURATION'], $aData['TAS_TIMEUNIT'] //hours or days, ( we only accept this two types or maybe weeks - );*/ - $dueDate = $calendar->dashCalculateDate($this->getDelDelegateDate(), $aData["TAS_DURATION"], $aData["TAS_TIMEUNIT"], $arrayCalendarData); + $initDate = $this->getDelDelegateDate(); + $timeZone = \ProcessMaker\Util\DateTime::convertUtcToTimeZone($initDate); + $dueDate = $calendar->dashCalculateDate($timeZone, $aData["TAS_DURATION"], $aData["TAS_TIMEUNIT"], $arrayCalendarData); - //Return + $dueDate = \ProcessMaker\Util\DateTime::convertDataToUtc($dueDate); return $dueDate; } diff --git a/workflow/engine/methods/cases/cases_Step.php b/workflow/engine/methods/cases/cases_Step.php index 8b1b1ff3f..24f085044 100644 --- a/workflow/engine/methods/cases/cases_Step.php +++ b/workflow/engine/methods/cases/cases_Step.php @@ -1009,7 +1009,7 @@ try { $aFields['TASK'][$sKey]['NEXT_TASK']['TAS_TRANSFER_HIDDEN_FLY'] = ""; if ($aValues['NEXT_TASK']['TAS_TRANSFER_FLY'] == 'true') { $aFields['TASK'][$sKey]['NEXT_TASK']['TAS_DURATION'] = ''; - $hoursSelected = $daysSelected = ''; + $hoursSelected = $daysSelected = $minSelected = ''; if ($aFields['TASK'][$sKey]['NEXT_TASK']['TAS_TIMEUNIT'] == 'HOURS') { $hoursSelected = "selected = 'selected'"; } else { diff --git a/workflow/engine/src/ProcessMaker/Core/RoutingScreen.php b/workflow/engine/src/ProcessMaker/Core/RoutingScreen.php index d6dd9c209..dafe61a98 100644 --- a/workflow/engine/src/ProcessMaker/Core/RoutingScreen.php +++ b/workflow/engine/src/ProcessMaker/Core/RoutingScreen.php @@ -65,6 +65,9 @@ class RoutingScreen extends \Derivation } else { $aDataMerged[$key]['NEXT_ROUTING'][] = $post[$i]; } + if (isset($post[$i]['NEXT_TASK'])) { + $aDataMerged[$key]['NEXT_TASK'] = $post[$i]['NEXT_TASK']; + } } } } From a57d975564b2846f92b6aa3e8a3f13b45f602e41 Mon Sep 17 00:00:00 2001 From: dheeyi william Date: Thu, 2 Feb 2017 11:49:09 -0400 Subject: [PATCH 11/39] HOR-2629 Remove the getCounters in the NotificationDevice --- .../ProcessMaker/BusinessModel/Light/NotificationDevice.php | 5 ----- 1 file changed, 5 deletions(-) diff --git a/workflow/engine/src/ProcessMaker/BusinessModel/Light/NotificationDevice.php b/workflow/engine/src/ProcessMaker/BusinessModel/Light/NotificationDevice.php index 13e45a3ff..34422b962 100644 --- a/workflow/engine/src/ProcessMaker/BusinessModel/Light/NotificationDevice.php +++ b/workflow/engine/src/ProcessMaker/BusinessModel/Light/NotificationDevice.php @@ -199,11 +199,6 @@ class NotificationDevice $devices = $oNoti->loadUsersArrayId($userIds); } else { $devices = $oNoti->loadByUsersId($userIds); - $lists = new \ProcessMaker\BusinessModel\Lists(); - $counter = $lists->getCounters($userIds); - $light = new \ProcessMaker\Services\Api\Light(); - $result = $light->parserCountersCases($counter); - $data['counters'] = $result; } $devicesAndroidIds = array(); From 006650b7e9bb8e92557090c4b4391ce7d56baaa9 Mon Sep 17 00:00:00 2001 From: Paula Quispe Date: Thu, 2 Feb 2017 13:57:00 -0400 Subject: [PATCH 12/39] HOR-2631 --- workflow/engine/methods/cases/cases_Ajax.php | 17 +++--- .../engine/methods/cases/cases_Resume.php | 58 +++++++++---------- .../src/ProcessMaker/BusinessModel/Cases.php | 45 ++++++++++++++ 3 files changed, 83 insertions(+), 37 deletions(-) diff --git a/workflow/engine/methods/cases/cases_Ajax.php b/workflow/engine/methods/cases/cases_Ajax.php index 2fc375013..0cec77b67 100644 --- a/workflow/engine/methods/cases/cases_Ajax.php +++ b/workflow/engine/methods/cases/cases_Ajax.php @@ -1019,20 +1019,23 @@ switch (($_POST['action']) ? $_POST['action'] : $_REQUEST['action']) { if (is_array( $aApplication )) { $response['exists'] = true; + $objCase = new \ProcessMaker\BusinessModel\Cases(); + $aUserCanAccess = $objCase->userAuthorization( + $_SESSION['USER_LOGGED'], + $aApplication['PRO_UID'], + $aApplication['APP_UID'], + array('PM_ALLCASES'), + array('SUMMARY_FORM'=>'VIEW') + ); //Check if the user is a supervisor to this Process if(isset($_POST['actionFromList']) && $_POST['actionFromList']==='to_revise'){ - $oAppCache = new AppCacheView(); - $aProcesses = $oAppCache->getProUidSupervisor($_SESSION['USER_LOGGED']); - if(!in_array($aApplication['PRO_UID'], $aProcesses)){ + if(!$aUserCanAccess['supervisor']){ $response['exists'] = false; $response['message'] = G::LoadTranslation('ID_NO_PERMISSION_NO_PARTICIPATED'); } } else {//Check if the user participated in this case - $oParticipated = new ListParticipatedLast(); - $aParticipated = $oParticipated->loadList($_SESSION['USER_LOGGED'], array(), null, $aApplication['APP_UID']); - if(!sizeof($aParticipated)){ - //Check in the selfservice list + if(!$aUserCanAccess['participated'] && !$aUserCanAccess['rolesPermissions']['PM_ALLCASES'] && !$aUserCanAccess['objectPermissions']['SUMMARY_FORM']){ $response['exists'] = false; $response['message'] = G::LoadTranslation('ID_NO_PERMISSION_NO_PARTICIPATED'); } diff --git a/workflow/engine/methods/cases/cases_Resume.php b/workflow/engine/methods/cases/cases_Resume.php index 883dc3a0b..935a4755c 100644 --- a/workflow/engine/methods/cases/cases_Resume.php +++ b/workflow/engine/methods/cases/cases_Resume.php @@ -49,20 +49,24 @@ $G_ID_SUB_MENU_SELECTED = '_'; /* Prepare page before to show */ $oCase = new Cases(); -//$Fields = $oCase->loadCase( $_SESSION['APPLICATION'], $_SESSION['INDEX'] ); + if (isset($_SESSION['ACTION']) && ($_SESSION['ACTION'] == 'jump')) { $Fields = $oCase->loadCase( $_SESSION['APPLICATION'], $_SESSION['INDEX'], $_SESSION['ACTION']); } else { $Fields = $oCase->loadCase( $_SESSION['APPLICATION'], $_SESSION['INDEX']); } -//Check the participated -$participated = $oCase->userParticipatedInCase( $_GET['APP_UID'], $_SESSION['USER_LOGGED'] ); -//Check if is Supervisor -$processUser = new ProcessUser(); -$userAccess = $processUser->validateUserAccess($Fields['PRO_UID'], $_SESSION['USER_LOGGED']); +//Check the authorization +$objCase = new \ProcessMaker\BusinessModel\Cases(); +$aUserCanAccess = $objCase->userAuthorization( + $_SESSION['USER_LOGGED'], + $Fields['PRO_UID'], + $_GET['APP_UID'], + array('PM_ALLCASES'), + array('SUMMARY_FORM'=>'VIEW') +); -if ($RBAC->userCanAccess( 'PM_ALLCASES' ) < 0 && !$participated && !$userAccess) { +if (!$aUserCanAccess['participated'] && !$aUserCanAccess['supervisor'] && !$aUserCanAccess['rolesPermissions']['PM_ALLCASES'] && !$aUserCanAccess['objectPermissions']['SUMMARY_FORM']) { $aMessage['MESSAGE'] = G::LoadTranslation( 'ID_NO_PERMISSION_NO_PARTICIPATED' ); $G_PUBLISH = new Publisher(); $G_PUBLISH->AddContent( 'xmlform', 'xmlform', 'login/showMessage', '', $aMessage ); @@ -133,36 +137,30 @@ if ($nTasksInParallel > 1) { $Fields['TAS_TITLE'] = $aTask['TAS_TITLE']; $objUser = new Users(); - $oHeadPublisher = & headPublisher::getSingleton(); $oHeadPublisher->addScriptFile( '/jscore/cases/core/cases_Step.js' ); $G_PUBLISH = new Publisher(); $G_PUBLISH->AddContent( 'xmlform', 'xmlform', 'cases/cases_Resume.xml', '', $Fields, '' ); if($Fields['APP_STATUS'] != 'COMPLETED'){ - $G_PUBLISH->AddContent( 'xmlform', 'xmlform', 'cases/cases_Resume_Current_Task_Title.xml', '', $Fields, '' ); - $objDel = new AppDelegation(); - $parallel = $objDel->LoadParallel ($Fields['APP_UID'],$_GET['DEL_INDEX']); - $FieldsPar = $Fields; - if(empty($parallel)){ - $G_PUBLISH->AddContent( 'xmlform', 'xmlform', 'cases/cases_Resume_Current_Task.xml', '', $Fields, '' ); - }else{ + $G_PUBLISH->AddContent( 'xmlform', 'xmlform', 'cases/cases_Resume_Current_Task_Title.xml', '', $Fields, '' ); + $objDel = new AppDelegation(); + $parallel = $objDel->LoadParallel($Fields['APP_UID']); + $FieldsPar = $Fields; foreach($parallel as $row){ - $FieldsPar['TAS_UID'] = $row['TAS_UID']; - $aTask = $objTask->load( $row['TAS_UID'] ); - $FieldsPar['TAS_TITLE'] = $aTask['TAS_TITLE']; - $FieldsPar['USR_UID'] = $row['USR_UID']; - if(isset($row['USR_UID']) && !empty($row['USR_UID'])) { - $aUser = $objUser->loadDetails ($row['USR_UID']); - $FieldsPar['CURRENT_USER'] = $aUser['USR_FULLNAME']; - } - $FieldsPar['DEL_DELEGATE_DATE'] = $row['DEL_DELEGATE_DATE']; - $FieldsPar['DEL_INIT_DATE'] = $row['DEL_INIT_DATE']; - $FieldsPar['DEL_TASK_DUE_DATE'] = $row['DEL_TASK_DUE_DATE']; - $FieldsPar['DEL_FINISH_DATE'] = $row['DEL_FINISH_DATE']; - $G_PUBLISH->AddContent( 'xmlform', 'xmlform', 'cases/cases_Resume_Current_Task.xml', '', $FieldsPar, '' ); + $FieldsPar['TAS_UID'] = $row['TAS_UID']; + $aTask = $objTask->load( $row['TAS_UID'] ); + $FieldsPar['TAS_TITLE'] = $aTask['TAS_TITLE']; + $FieldsPar['USR_UID'] = $row['USR_UID']; + if(isset($row['USR_UID']) && !empty($row['USR_UID'])) { + $aUser = $objUser->loadDetails ($row['USR_UID']); + $FieldsPar['CURRENT_USER'] = $aUser['USR_FULLNAME']; + } + $FieldsPar['DEL_DELEGATE_DATE'] = $row['DEL_DELEGATE_DATE']; + $FieldsPar['DEL_INIT_DATE'] = $row['DEL_INIT_DATE']; + $FieldsPar['DEL_TASK_DUE_DATE'] = $row['DEL_TASK_DUE_DATE']; + $FieldsPar['DEL_FINISH_DATE'] = $row['DEL_FINISH_DATE']; + $G_PUBLISH->AddContent( 'xmlform', 'xmlform', 'cases/cases_Resume_Current_Task.xml', '', $FieldsPar); } - } - } G::RenderPage('publish', 'blank'); diff --git a/workflow/engine/src/ProcessMaker/BusinessModel/Cases.php b/workflow/engine/src/ProcessMaker/BusinessModel/Cases.php index 55081fc76..59ed4a651 100644 --- a/workflow/engine/src/ProcessMaker/BusinessModel/Cases.php +++ b/workflow/engine/src/ProcessMaker/BusinessModel/Cases.php @@ -3252,4 +3252,49 @@ class Cases $result = $case->updateCase($applicationUid, $arrayApplicationData); } } + + /** + * Get Permissions, Participate, Access + * + * @param string $usrUid + * @param string $proUid + * @param string $appUid + * @param array $rolesPermissions + * @param array $objectPermissions + * @return array Returns array with all access + */ + public static function userAuthorization($usrUid, $proUid, $appUid, $rolesPermissions=array(), $objectPermissions=array()){ + $arrayAccess = array(); + + //User has participated + $oParticipated = new \ListParticipatedLast(); + $aParticipated = $oParticipated->loadList($usrUid, array(), null, $appUid); + $arrayAccess['participated'] = (!sizeof($aParticipated)) ? false : true; + + //User is supervisor + $oAppCache = new \AppCacheView(); + $aProcesses = $oAppCache->getProUidSupervisor($usrUid); + $arrayAccess['supervisor'] = (!in_array($proUid, $aProcesses)) ? false : true; + + //Roles Permissions + if (sizeof($rolesPermissions)) { + global $RBAC; + foreach ($rolesPermissions as $value) { + $arrayAccess['rolesPermissions'][$value] = ($RBAC->userCanAccess($value) < 0) ? false : true; + } + } + + //Object Permissions + if (sizeof($objectPermissions)) { + $oCase = new \Cases(); + foreach ($objectPermissions as $key => $value) { + $resPermission = $oCase->getAllObjectsFrom($proUid, $appUid, '', $usrUid, $value); + if(isset($resPermission[$key])){ + $arrayAccess['objectPermissions'][$key] = $resPermission[$key]; + } + } + } + + return $arrayAccess; + } } From 9620a7bb34cf7c4a91a7af5cb344bec2fad84113 Mon Sep 17 00:00:00 2001 From: qronald Date: Fri, 3 Feb 2017 12:57:44 -0400 Subject: [PATCH 13/39] HOR-2642 --- workflow/engine/methods/setup/pluginsChange.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/workflow/engine/methods/setup/pluginsChange.php b/workflow/engine/methods/setup/pluginsChange.php index 9d5453157..a9b6c472c 100644 --- a/workflow/engine/methods/setup/pluginsChange.php +++ b/workflow/engine/methods/setup/pluginsChange.php @@ -93,8 +93,8 @@ if ($handle = opendir( PATH_PLUGINS )) { * Calls PMExtensionClass Builder to include Plugins changes. */ $config = Bootstrap::getSystemConfiguration(); - - if (!empty($config['experimental_features'])) { + $activeExperimentalFeatures = isset($config['experimental_features']) ? $config['experimental_features'] : true; + if ($activeExperimentalFeatures) { $phpBuilder = new ProcessMakerPhpBuilderHelper(); $phpBuilder->enabledExtensions = $oPluginRegistry->getEnabledPlugins(); if (!empty($phpBuilder->enabledExtensions)) { From 76e82877e61ac413717eca8e2ad5349848e139a7 Mon Sep 17 00:00:00 2001 From: dheeyi william Date: Mon, 6 Feb 2017 10:52:47 -0400 Subject: [PATCH 14/39] HOR-2636 [Zendesk 4094] - Auto Suggest/Combo Box feature when reassigning. --- .../engine/methods/cases/casesList_Ajax.php | 24 +++++++++++++++++++ workflow/engine/templates/cases/casesList.js | 3 ++- 2 files changed, 26 insertions(+), 1 deletion(-) diff --git a/workflow/engine/methods/cases/casesList_Ajax.php b/workflow/engine/methods/cases/casesList_Ajax.php index 2612aea43..20f208433 100644 --- a/workflow/engine/methods/cases/casesList_Ajax.php +++ b/workflow/engine/methods/cases/casesList_Ajax.php @@ -64,6 +64,30 @@ if ($actionAjax == "userValues") { $users = filterUserListArray($users, $query); //now get users, just for the Search action switch ($action) { + case 'to_reassign': + $cUsers = $oAppCache->getToReassignListCriteria(null); + $cUsers->addSelectColumn(AppCacheViewPeer::USR_UID); + + if (g::MySQLSintaxis()) { + $cUsers->addGroupByColumn(AppCacheViewPeer::USR_UID); + } + + if (!is_null($query)) { + $filters = $cUsers->getNewCriterion(UsersPeer::USR_FIRSTNAME, '%' . $query . '%', Criteria::LIKE)->addOr( + $cUsers->getNewCriterion(UsersPeer::USR_LASTNAME, '%' . $query . '%', Criteria::LIKE)->addOr( + $cUsers->getNewCriterion(UsersPeer::USR_USERNAME, '%' . $query . '%', Criteria::LIKE))); + $cUsers->addAnd($filters); + } + $cUsers->setLimit(20); + $cUsers->addAscendingOrderByColumn(AppCacheViewPeer::APP_CURRENT_USER); + $oDataset = AppCacheViewPeer::doSelectRS($cUsers, Propel::getDbConnection('workflow_ro')); + $oDataset->setFetchmode(ResultSet::FETCHMODE_ASSOC); + $oDataset->next(); + while ($aRow = $oDataset->getRow()) { + $users[] = array("USR_UID" => $aRow['USR_UID'], "USR_FULLNAME" => $aRow['APP_CURRENT_USER']); + $oDataset->next(); + } + break; case 'search_simple': case 'search': G::LoadClass("configuration"); diff --git a/workflow/engine/templates/cases/casesList.js b/workflow/engine/templates/cases/casesList.js index 9331c55ef..f1469952b 100644 --- a/workflow/engine/templates/cases/casesList.js +++ b/workflow/engine/templates/cases/casesList.js @@ -2050,7 +2050,8 @@ Ext.onReady ( function() { btnReassign, "->", _("ID_USER"), - comboAllUsers, + suggestUser, + resetSuggestButton, "-", _("ID_CATEGORY"), comboCategory, From 03b6f0ef30a254b64424afb463b0b33a08bc5594 Mon Sep 17 00:00:00 2001 From: dheeyi william Date: Mon, 6 Feb 2017 11:15:10 -0400 Subject: [PATCH 15/39] HOR-2634 CLONE 3.2- Remove the autoload in reassignList.js --- workflow/engine/templates/cases/reassignList.js | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/workflow/engine/templates/cases/reassignList.js b/workflow/engine/templates/cases/reassignList.js index f666d6f7b..08e8d1228 100644 --- a/workflow/engine/templates/cases/reassignList.js +++ b/workflow/engine/templates/cases/reassignList.js @@ -32,7 +32,7 @@ var storeUsersToReassign = new Ext.data.Store({ remoteSort: false, - autoLoad:true, + autoLoad:false, proxy : proxyUsersToReassignList, reader: readerUsersToReassignList, writer: writerUsersToReassignList, // <-- plug a DataWriter into the store just as you would a Reader From fc7c3b6a2bacf5bc0a45c6f0745678d9f9b1366f Mon Sep 17 00:00:00 2001 From: qronald Date: Mon, 6 Feb 2017 13:37:20 -0400 Subject: [PATCH 16/39] up observations --- workflow/engine/methods/setup/pluginsChange.php | 14 +++++--------- 1 file changed, 5 insertions(+), 9 deletions(-) diff --git a/workflow/engine/methods/setup/pluginsChange.php b/workflow/engine/methods/setup/pluginsChange.php index a9b6c472c..687fa4ef8 100644 --- a/workflow/engine/methods/setup/pluginsChange.php +++ b/workflow/engine/methods/setup/pluginsChange.php @@ -92,16 +92,12 @@ if ($handle = opendir( PATH_PLUGINS )) { /** * Calls PMExtensionClass Builder to include Plugins changes. */ - $config = Bootstrap::getSystemConfiguration(); - $activeExperimentalFeatures = isset($config['experimental_features']) ? $config['experimental_features'] : true; - if ($activeExperimentalFeatures) { - $phpBuilder = new ProcessMakerPhpBuilderHelper(); - $phpBuilder->enabledExtensions = $oPluginRegistry->getEnabledPlugins(); - if (!empty($phpBuilder->enabledExtensions)) { - $phpBuilder->extension = true; - } - $phpBuilder->buildAll(); + $phpBuilder = new ProcessMakerPhpBuilderHelper(); + $phpBuilder->enabledExtensions = $oPluginRegistry->getEnabledPlugins(); + if (!empty($phpBuilder->enabledExtensions)) { + $phpBuilder->extension = true; } + $phpBuilder->buildAll(); } //$oPluginRegistry->showArrays(); From aaaa2d35fb8bc83640e44623ad5af550d65ad172 Mon Sep 17 00:00:00 2001 From: dheeyi william Date: Mon, 6 Feb 2017 14:48:14 -0400 Subject: [PATCH 17/39] HOR-2630 Remove the casesMenuLoader?action=getProcess in the main.js --- .../engine/methods/cases/casesMenuLoader.php | 61 ------------------- workflow/engine/templates/cases/main.js | 52 +--------------- 2 files changed, 2 insertions(+), 111 deletions(-) diff --git a/workflow/engine/methods/cases/casesMenuLoader.php b/workflow/engine/methods/cases/casesMenuLoader.php index ddb50e00c..d45138fe7 100644 --- a/workflow/engine/methods/cases/casesMenuLoader.php +++ b/workflow/engine/methods/cases/casesMenuLoader.php @@ -9,9 +9,6 @@ switch ($action) { case 'getAllCounters': getAllCounters(); break; - case 'getProcess': - getProcess(); - break; /*----------------------------------********---------------------------------*/ case 'getAllCountersEnterprise': getAllCountersEnterprise(); @@ -218,64 +215,6 @@ function getLoadTreeMenuData () print $xml;*/ } -// get the process summary of specific case list type, -function getProcess () -{ - global $G_TMP_MENU; - global $userId; - if (! isset( $_GET['item'] )) { - die(); - } - - $oMenu = new Menu(); - $oMenu->load( 'cases' ); - $type = $_GET['item']; - $oCases = new AppCacheView(); - - $aTypesID = array (); - $aTypesID['CASES_INBOX'] = 'to_do'; - $aTypesID['CASES_DRAFT'] = 'draft'; - $aTypesID['CASES_CANCELLED'] = 'cancelled'; - $aTypesID['CASES_SENT'] = 'sent'; - $aTypesID['CASES_PAUSED'] = 'paused'; - $aTypesID['CASES_COMPLETED'] = 'completed'; - $aTypesID['CASES_SELFSERVICE'] = 'selfservice'; - //$aTypesID['CASES_TO_REVISE'] = 'to_revise'; - //$aTypesID['CASES_TO_REASSIGN'] = 'to_reassign'; - $aTypesID = Array ('CASES_INBOX' => 'to_do','CASES_DRAFT' => 'draft','CASES_CANCELLED' => 'cancelled','CASES_SENT' => 'sent','CASES_PAUSED' => 'paused','CASES_COMPLETED' => 'completed','CASES_SELFSERVICE' => 'selfservice','CASES_TO_REVISE' => 'to_revise','CASES_TO_REASSIGN' => 'to_reassign'); - - $aCount = $oCases->getAllCounters( Array ($aTypesID[$type] - ), $userId, true ); - - $response = Array (); - //disabling the summary... - /* - $i=0; - foreach($aCount[$aTypesID[$type]]['sumary'] as $PRO_UID=>$process){ - //{"text":"state","id":"src\/state","cls":"folder", loaded:true}, - $response[$i] = new stdClass(); - $response[$i]->text = $process['name'] . ' ('.$process['count'].')'; - $response[$i]->id = $process['name']; - $response[$i]->cls = 'folder'; - $response[$i]->loaded = true; - $i++; - } - */ - //ordering - /*for($i=0; $i<=count($response)-1; $i++){ - for($j=$i+1; $j<=count($response); $j++){ - - echo $response[$j]->text .'<'. $response[$i]->text; - if($response[$j]->text[0] < $response[$i]->text[0]){ - $x = $response[$i]; - $response[$i] = $response[$j]; - $response[$j] = $x; - } - } - }*/ - echo G::json_encode( $response ); -} - /*----------------------------------********---------------------------------*/ function getAllCountersEnterprise() { diff --git a/workflow/engine/templates/cases/main.js b/workflow/engine/templates/cases/main.js index a8b4b9b4c..cee5b829a 100644 --- a/workflow/engine/templates/cases/main.js +++ b/workflow/engine/templates/cases/main.js @@ -16,7 +16,6 @@ var propStore; var triggerStore; var debugVariablesFilter; -var ReloadTreeMenuItemDetail; var NOTIFIER_FLAG = false; var result; var _action = ''; @@ -258,39 +257,6 @@ Ext.onReady(function(){ } }); - - - var treeMenuItemDetail = new Ext.tree.TreePanel({ - id: 'tree_menuItem_detail', - region: 'south', - animate:true, - autoScroll:true, - loader: new Ext.tree.TreeLoader({ - dataUrl:'casesMenuLoader?action=getProcess' - }), - enableDD:true, - containerScroll: true, - border: false, - width: 250, - height: 120, - dropConfig: {appendOnly:true}, - collapsible: true, - split: true, - margins: '0 2 2 2', - cmargins: '2 2 2 2', - rootVisible: false, - root: new Ext.tree.AsyncTreeNode()/*, - tbar: [{ - text: 'reload', - handler: ReloadTreeMenuItemDetail - }]*/ - }); - - ReloadTreeMenuItemDetail = function(params){ - treeMenuItemDetail.loader.dataUrl = 'casesMenuLoader?action=getProcess&item='+params.item; - treeMenuItemDetail.root.reload(); - } - // set the root node var root = new Ext.tree.AsyncTreeNode({ text: 'Ext JS', @@ -300,8 +266,6 @@ Ext.onReady(function(){ expanded:true }); - treeMenuItemDetail.setRootNode(root); - mainMenu = new Ext.Panel({ id:'menuTreePanel', title: '', @@ -317,8 +281,7 @@ Ext.onReady(function(){ margins: '0 0 0 2', items: [ - treeMenuItems, - treeMenuItemDetail + treeMenuItems ] }); mainMenu.setTitle("
"); @@ -530,15 +493,6 @@ Ext.onReady(function(){ menuPanelC.hide(); menuPanelC.ownerCt.doLayout(); - /**show*/ - //w.show(); - //w.ownerCt.doLayout(); - //w.expand(); - - var menuPanelDetail = Ext.getCmp('tree_menuItem_detail'); - menuPanelDetail.hide(); - menuPanelDetail.ownerCt.doLayout(); - //FORMATS.casesListRefreshTime is in seconds setTimeout("timer()", parseInt(FORMATS.casesListRefreshTime) * 1000); }); @@ -571,9 +525,7 @@ function updateCasesTree() { document.getElementById('refreshNotifiers').src = '/images/ext/default/grid/loading.gif'; itemsTypes = Array('CASES_INBOX', 'CASES_DRAFT', 'CASES_CANCELLED', 'CASES_SENT', 'CASES_PAUSED', 'CASES_COMPLETED', 'CASES_SELFSERVICE'); - if (currentSelectedTreeMenuItem) { - ReloadTreeMenuItemDetail({item: currentSelectedTreeMenuItem}); - } + Ext.Ajax.request({ url: urlProxy + Math.random(), success: function (response) { From 88f31578f33c9dc84e9ab232073f46d4e561ecb7 Mon Sep 17 00:00:00 2001 From: Taylor Dondich Date: Mon, 6 Feb 2017 15:01:52 -0800 Subject: [PATCH 18/39] Add initial Jenkinsfile. --- Jenkinsfile | 96 +++++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 96 insertions(+) create mode 100644 Jenkinsfile diff --git a/Jenkinsfile b/Jenkinsfile new file mode 100644 index 000000000..b567a76c9 --- /dev/null +++ b/Jenkinsfile @@ -0,0 +1,96 @@ +#!groovy +node { + /** + * Branch should be in gitflow format. If not, then we'll abort. + */ + + if(!env.BRANCH_NAME.matches(/(feature|hotfix|release)\/.+/)) { + hipchatSend message: "${env.BRANCH_NAME} Build: Does not match gitflow naming. Aborted", room: 'engineering' + error "Job does not follow gitflow naming format." + } + // Parse out our short name and potential jira ticket. Null if not associated. If null, then for now we won't notify + // on jira ticket + def jiraTicket = env.BRANCH_NAME.find(/HOR-\d+/) + + def shortname = env.BRANCH_NAME.replace('/', '-').toLowerCase() + def dbSuffix = shortname.replace('-', '') + + echo "Building for ${env.BRANCH_NAME}" + + // Checkout source + checkout scm + + try { + stage('Start Notification') { + if(jiraTicket) { + jiraComment issueKey: jiraTicket, body: "Build ${env.BUILD_NUMBER} Starting.\nTicket will be updated once build is completed.\n\n${env.BUILD_URL}" + } + hipchatSend message: "${env.BRANCH_NAME} Build: ${env.BUILD_NUMBER} Starting.\n${env.BUILD_URL}", room: 'engineering' + } + + stage('Dependencies') { + echo "Running Composer" + sh 'composer install' + echo "Running rake" + sh 'rake' + } + + stage('Generate QA MySQL Databases') { + withCredentials([string(credentialsId: 'qa-rds-hostname', variable: 'rdsHostname'), usernamePassword(credentialsId: 'qa-rds-credentials', passwordVariable: 'rdsPassword', usernameVariable: 'rdsUsername')]) { + echo 'Dropping existing database and recreating.' + sh "mysql -h ${rdsHostname} -u ${rdsUsername} -p${rdsPassword} -e 'drop database if exists qa205${dbSuffix}; create database qa205${dbSuffix}'" + sh "mysql -h ${rdsHostname} -u ${rdsUsername} -p${rdsPassword} -e 'drop database if exists qa300${dbSuffix}; create database qa300${dbSuffix}'" + } + } + + stage('Publish to QA-205') { + sshagent(['processmaker-deploy']) { + echo 'Dropping existing files and recreating' + sh "ssh processmaker@build-qa205.processmaker.net 'rm -Rf /home/processmaker/${shortname}'" + sh "scp -r ./ processmaker@build-qa205.processmaker.net:~/${shortname}" + echo 'Creating necessary directories' + sh "ssh processmaker@build-qa205.processmaker.net 'mkdir -p /home/processmaker/${shortname}/workflow/engine/js/labels'" + sh "ssh processmaker@build-qa205.processmaker.net 'mkdir -p /home/processmaker/${shortname}/workflow/public_html/translations'" + } + } + + stage('Publish to QA-300') { + sshagent(['processmaker-deploy']) { + echo 'Dropping existing files and recreating' + sh "ssh processmaker@build-qa300.processmaker.net 'rm -Rf /home/processmaker/${shortname}'" + sh "scp -r ./ processmaker@build-qa300.processmaker.net:~/${shortname}" + echo 'Creating necessary directories' + sh "ssh processmaker@build-qa300.processmaker.net 'mkdir -p /home/processmaker/${shortname}/workflow/engine/js/labels'" + sh "ssh processmaker@build-qa300.processmaker.net 'mkdir -p /home/processmaker/${shortname}/workflow/public_html/translations'" + } + } + + stage('Success Notification') { + withCredentials([string(credentialsId: 'qa-rds-hostname', variable: 'rdsHostname'), usernamePassword(credentialsId: 'qa-rds-credentials', passwordVariable: 'rdsPassword', usernameVariable: 'rdsUsername')]) { + if(jiraTicket) { + jiraComment issueKey: jiraTicket, body: "" + + "Build ${env.BUILD_NUMBER} Completed.\n" + + "5.6 Build: https://${shortname}.qa205.processmaker.net\n" + + "Database Host: ${rdsHostname}\n" + + "Username: ${rdsUsername}\n" + + "Password: ${rdsPassword}\n" + + "Database: qa205${dbSuffix}\n\n" + + "7.0 Build: https://${shortname}.qa300.processmaker.net\n" + + "Database Host: ${rdsHostname}\n" + + "Username: ${rdsUsername}\n" + + "Password: ${rdsPassword}\n" + + "Database: qa300${dbSuffix}\n\n" + + "${env.BUILD_URL}" + } + hipchatSend room: 'engineering', message: "" + + "${env.BRANCH_NAME} Build: ${env.BUILD_NUMBER} Completed.\n" + + "${env.BUILD_URL}" + } + } + } catch(error) { + if(jiraTicket) { + jiraComment issueKey: jiraTicket, body: "Build ${env.BUILD_NUMBER} Failed: ${error}\n\n${env.BUILD_URL}" + } + hipchatSend message: "${env.BRANCH_NAME} Build: ${env.BUILD_NUMBER} Failed: ${error}\n${env.BUILD_URL}", room: 'engineering' + } +} \ No newline at end of file From b8ff3add6b77c7e83f63e6bfa8c60ab0b8e81b5b Mon Sep 17 00:00:00 2001 From: Taylor Dondich Date: Mon, 6 Feb 2017 15:05:42 -0800 Subject: [PATCH 19/39] Update Jenkins file to replace periods with dashes in shortname and dbsuffix naming. --- Jenkinsfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Jenkinsfile b/Jenkinsfile index b567a76c9..170ca59a7 100644 --- a/Jenkinsfile +++ b/Jenkinsfile @@ -13,7 +13,7 @@ node { def jiraTicket = env.BRANCH_NAME.find(/HOR-\d+/) def shortname = env.BRANCH_NAME.replace('/', '-').toLowerCase() - def dbSuffix = shortname.replace('-', '') + def dbSuffix = shortname.replace('-', '').replace('.', '') echo "Building for ${env.BRANCH_NAME}" From db66e03953b84ccc7149652898619f64c24e5667 Mon Sep 17 00:00:00 2001 From: Taylor Dondich Date: Mon, 6 Feb 2017 15:15:01 -0800 Subject: [PATCH 20/39] Fix for the right place to add dashes. --- Jenkinsfile | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/Jenkinsfile b/Jenkinsfile index 170ca59a7..b10158ce7 100644 --- a/Jenkinsfile +++ b/Jenkinsfile @@ -12,8 +12,8 @@ node { // on jira ticket def jiraTicket = env.BRANCH_NAME.find(/HOR-\d+/) - def shortname = env.BRANCH_NAME.replace('/', '-').toLowerCase() - def dbSuffix = shortname.replace('-', '').replace('.', '') + def shortname = env.BRANCH_NAME.replace('/', '-').replace('.', '-').toLowerCase() + def dbSuffix = shortname.replace('-', '') echo "Building for ${env.BRANCH_NAME}" From a1de462bae3f00cc2bc7165d76995bdf9db0bf54 Mon Sep 17 00:00:00 2001 From: Paula Quispe Date: Tue, 7 Feb 2017 12:25:21 -0400 Subject: [PATCH 21/39] psr2 --- workflow/engine/methods/cases/cases_Ajax.php | 6 +++--- workflow/engine/methods/cases/cases_Resume.php | 10 +++++----- .../engine/src/ProcessMaker/BusinessModel/Cases.php | 8 ++++---- 3 files changed, 12 insertions(+), 12 deletions(-) diff --git a/workflow/engine/methods/cases/cases_Ajax.php b/workflow/engine/methods/cases/cases_Ajax.php index 0cec77b67..760cd964e 100644 --- a/workflow/engine/methods/cases/cases_Ajax.php +++ b/workflow/engine/methods/cases/cases_Ajax.php @@ -1029,13 +1029,13 @@ switch (($_POST['action']) ? $_POST['action'] : $_REQUEST['action']) { ); //Check if the user is a supervisor to this Process - if(isset($_POST['actionFromList']) && $_POST['actionFromList']==='to_revise'){ - if(!$aUserCanAccess['supervisor']){ + if (isset($_POST['actionFromList']) && $_POST['actionFromList']==='to_revise') { + if (!$aUserCanAccess['supervisor']) { $response['exists'] = false; $response['message'] = G::LoadTranslation('ID_NO_PERMISSION_NO_PARTICIPATED'); } } else {//Check if the user participated in this case - if(!$aUserCanAccess['participated'] && !$aUserCanAccess['rolesPermissions']['PM_ALLCASES'] && !$aUserCanAccess['objectPermissions']['SUMMARY_FORM']){ + if (!$aUserCanAccess['participated'] && !$aUserCanAccess['rolesPermissions']['PM_ALLCASES'] && !$aUserCanAccess['objectPermissions']['SUMMARY_FORM']) { $response['exists'] = false; $response['message'] = G::LoadTranslation('ID_NO_PERMISSION_NO_PARTICIPATED'); } diff --git a/workflow/engine/methods/cases/cases_Resume.php b/workflow/engine/methods/cases/cases_Resume.php index 935a4755c..e7692ce77 100644 --- a/workflow/engine/methods/cases/cases_Resume.php +++ b/workflow/engine/methods/cases/cases_Resume.php @@ -141,19 +141,19 @@ $oHeadPublisher = & headPublisher::getSingleton(); $oHeadPublisher->addScriptFile( '/jscore/cases/core/cases_Step.js' ); $G_PUBLISH = new Publisher(); $G_PUBLISH->AddContent( 'xmlform', 'xmlform', 'cases/cases_Resume.xml', '', $Fields, '' ); -if($Fields['APP_STATUS'] != 'COMPLETED'){ +if ($Fields['APP_STATUS'] != 'COMPLETED') { $G_PUBLISH->AddContent( 'xmlform', 'xmlform', 'cases/cases_Resume_Current_Task_Title.xml', '', $Fields, '' ); $objDel = new AppDelegation(); $parallel = $objDel->LoadParallel($Fields['APP_UID']); $FieldsPar = $Fields; - foreach($parallel as $row){ + foreach ($parallel as $row) { $FieldsPar['TAS_UID'] = $row['TAS_UID']; $aTask = $objTask->load( $row['TAS_UID'] ); $FieldsPar['TAS_TITLE'] = $aTask['TAS_TITLE']; $FieldsPar['USR_UID'] = $row['USR_UID']; - if(isset($row['USR_UID']) && !empty($row['USR_UID'])) { - $aUser = $objUser->loadDetails ($row['USR_UID']); - $FieldsPar['CURRENT_USER'] = $aUser['USR_FULLNAME']; + if (isset($row['USR_UID']) && !empty($row['USR_UID'])) { + $aUser = $objUser->loadDetails ($row['USR_UID']); + $FieldsPar['CURRENT_USER'] = $aUser['USR_FULLNAME']; } $FieldsPar['DEL_DELEGATE_DATE'] = $row['DEL_DELEGATE_DATE']; $FieldsPar['DEL_INIT_DATE'] = $row['DEL_INIT_DATE']; diff --git a/workflow/engine/src/ProcessMaker/BusinessModel/Cases.php b/workflow/engine/src/ProcessMaker/BusinessModel/Cases.php index 59ed4a651..e3502bc61 100644 --- a/workflow/engine/src/ProcessMaker/BusinessModel/Cases.php +++ b/workflow/engine/src/ProcessMaker/BusinessModel/Cases.php @@ -3263,7 +3263,7 @@ class Cases * @param array $objectPermissions * @return array Returns array with all access */ - public static function userAuthorization($usrUid, $proUid, $appUid, $rolesPermissions=array(), $objectPermissions=array()){ + public function userAuthorization($usrUid, $proUid, $appUid, $rolesPermissions=array(), $objectPermissions=array()){ $arrayAccess = array(); //User has participated @@ -3277,7 +3277,7 @@ class Cases $arrayAccess['supervisor'] = (!in_array($proUid, $aProcesses)) ? false : true; //Roles Permissions - if (sizeof($rolesPermissions)) { + if (count($rolesPermissions)>0) { global $RBAC; foreach ($rolesPermissions as $value) { $arrayAccess['rolesPermissions'][$value] = ($RBAC->userCanAccess($value) < 0) ? false : true; @@ -3285,11 +3285,11 @@ class Cases } //Object Permissions - if (sizeof($objectPermissions)) { + if (count($objectPermissions) > 0) { $oCase = new \Cases(); foreach ($objectPermissions as $key => $value) { $resPermission = $oCase->getAllObjectsFrom($proUid, $appUid, '', $usrUid, $value); - if(isset($resPermission[$key])){ + if (isset($resPermission[$key])) { $arrayAccess['objectPermissions'][$key] = $resPermission[$key]; } } From b846ec094b56447eed899706a3b6177eb153a69d Mon Sep 17 00:00:00 2001 From: Roly Rudy Gutierrez Pinto Date: Tue, 7 Feb 2017 12:29:35 -0400 Subject: [PATCH 22/39] HOR-2638 --- workflow/public_html/sysGeneric.php | 29 ++++++----------------------- 1 file changed, 6 insertions(+), 23 deletions(-) diff --git a/workflow/public_html/sysGeneric.php b/workflow/public_html/sysGeneric.php index 0b32f04eb..de5fc8085 100644 --- a/workflow/public_html/sysGeneric.php +++ b/workflow/public_html/sysGeneric.php @@ -307,20 +307,11 @@ if (!(array_key_exists('REMOTE_USER', $_SERVER) && (string)($_SERVER['REMOTE_USE ini_set('session.cookie_httponly', 1); ini_set('session.cookie_secure', 1); } - //$e_all = defined( 'E_DEPRECATED' ) ? E_ALL & ~ E_DEPRECATED : E_ALL; //$e_all = defined( 'E_STRICT' ) ? $e_all & ~ E_STRICT : $e_all; //$e_all = $config['debug'] ? $e_all : $e_all & ~ E_NOTICE; //$e_all = E_ALL & ~ E_DEPRECATED & ~ E_STRICT & ~ E_NOTICE & ~E_WARNING; -G::LoadSystem('inputfilter'); -$filter = new InputFilter(); -$config['display_errors'] = $filter->validateInput($config['display_errors']); -$config['error_reporting'] = $filter->validateInput($config['error_reporting']); -$config['memory_limit'] = $filter->validateInput($config['memory_limit']); -$config['wsdl_cache'] = $filter->validateInput($config['wsdl_cache'],'int'); -$config['time_zone'] = $filter->validateInput($config['time_zone']); - // Do not change any of these settings directly, use env.ini instead ini_set( 'display_errors', $config['display_errors']); ini_set( 'error_reporting', $config['error_reporting']); @@ -515,7 +506,6 @@ if (defined( 'PATH_DATA' ) && file_exists( PATH_DATA )) { $oServerConf = & serverConf::getSingleton(); } $pathFile = PATH_THIRDPARTY . '/pear/PEAR.php'; -$pathFile = $filter->validateInput($pathFile,'path'); require_once $pathFile; //Bootstrap::LoadSystem( 'pmException' ); @@ -531,7 +521,6 @@ if (! defined( 'PATH_DATA' ) || ! file_exists( PATH_DATA )) { //NewRelic Snippet - By JHL transactionLog(PATH_CONTROLLERS.'installer.php'); $pathFile = PATH_CONTROLLERS . 'installer.php'; - $pathFile = $filter->validateInput($pathFile,'path'); require_once ($pathFile); $controller = 'Installer'; @@ -578,7 +567,6 @@ if ($oServerConf->isWSDisabled( SYS_TEMP )) { if (defined( 'SYS_TEMP' ) && SYS_TEMP != '') { //this is the default, the workspace db.php file is in /shared/workflow/sites/SYS_SYS $pathFile = PATH_DB . SYS_TEMP . '/db.php'; - $pathFile = $filter->validateInput($pathFile,'path'); if (file_exists( $pathFile )) { require_once ($pathFile); define( 'SYS_SYS', SYS_TEMP ); @@ -600,7 +588,6 @@ if (defined( 'SYS_TEMP' ) && SYS_TEMP != '') { } else { //when we are in global pages, outside any valid workspace if (SYS_TARGET === 'newSite') { $phpFile = G::ExpandPath( 'methods' ) . SYS_COLLECTION . "/" . SYS_TARGET . '.php'; - $phpFile = $filter->validateInput($phpFile,'path'); //NewRelic Snippet - By JHL transactionLog($phpFile); require_once ($phpFile); @@ -608,12 +595,11 @@ if (defined( 'SYS_TEMP' ) && SYS_TEMP != '') { } else { if (SYS_TARGET == "dbInfo") { //Show dbInfo when no SYS_SYS $pathFile = PATH_METHODS . "login/dbInfo.php"; - $pathFile = $filter->validateInput($pathFile,'path'); require_once ($pathFile); } else { if (substr( SYS_SKIN, 0, 2 ) === 'ux' && SYS_TARGET != 'sysLoginVerify') { // new ux sysLogin - extjs based form - $pathFile = $filter->validateInput(PATH_CONTROLLERS . 'main.php','path'); + $pathFile = PATH_CONTROLLERS . 'main.php'; require_once $pathFile; $controllerClass = 'Main'; $controllerAction = SYS_TARGET == 'sysLoginVerify' ? SYS_TARGET : 'sysLogin'; @@ -625,7 +611,7 @@ if (defined( 'SYS_TEMP' ) && SYS_TEMP != '') { $controller->call( $controllerAction ); } } else { // classic sysLogin interface - $pathFile = $filter->validateInput(PATH_METHODS . "login/sysLogin.php",'path'); + $pathFile = PATH_METHODS . "login/sysLogin.php"; require_once ($pathFile); die(); } @@ -710,9 +696,7 @@ if (defined( 'DEBUG_SQL_LOG' ) && DEBUG_SQL_LOG) { //Set Time Zone /*----------------------------------********---------------------------------*/ -if (PMLicensedFeatures::getSingleton()->verifyfeature('oq3S29xemxEZXJpZEIzN01qenJUaStSekY4cTdJVm5vbWtVM0d4S2lJSS9qUT0=')) { - $_SESSION['__SYSTEM_UTC_TIME_ZONE__'] = (int)($config['system_utc_time_zone']) == 1; -} +$_SESSION['__SYSTEM_UTC_TIME_ZONE__'] = (int)($config['system_utc_time_zone']) == 1; /*----------------------------------********---------------------------------*/ ini_set('date.timezone', (isset($_SESSION['__SYSTEM_UTC_TIME_ZONE__']) && $_SESSION['__SYSTEM_UTC_TIME_ZONE__'])? 'UTC' : $config['time_zone']); //Set Time Zone @@ -737,7 +721,7 @@ ob_start(); // Rebuild the base Workflow translations if not exists if (! is_file( PATH_LANGUAGECONT . 'translation.en' )) { - $pathFile = $filter->validateInput(PATH_CLASSES . "model" . PATH_SEP . "Translation.php", "path"); + $pathFile = PATH_CLASSES . "model" . PATH_SEP . "Translation.php"; require_once ($pathFile); @@ -747,7 +731,7 @@ if (! is_file( PATH_LANGUAGECONT . 'translation.en' )) { // TODO: Verify if the language set into url is defined in translations env. if (SYS_LANG != 'en' && ! is_file( PATH_LANGUAGECONT . 'translation.' . SYS_LANG )) { - $pathFile = $filter->validateInput(PATH_CLASSES . "model" . PATH_SEP . "Translation.php", "path"); + $pathFile = PATH_CLASSES . "model" . PATH_SEP . "Translation.php"; require_once ($pathFile); @@ -821,7 +805,7 @@ if (substr( SYS_COLLECTION, 0, 8 ) === 'gulliver') { //erik: verify if it is a Controller Class or httpProxyController Class if (is_file( PATH_CONTROLLERS . SYS_COLLECTION . '.php' )) { Bootstrap::LoadSystem( 'controller' ); - $pathFile = $filter->validateInput(PATH_CONTROLLERS . SYS_COLLECTION . '.php','path'); + $pathFile = PATH_CONTROLLERS . SYS_COLLECTION . '.php'; require_once $pathFile; $controllerClass = SYS_COLLECTION; //if the method name is empty set default to index method @@ -854,7 +838,6 @@ if (substr( SYS_COLLECTION, 0, 8 ) === 'gulliver') { $pluginControllerPath = PATH_PLUGINS . $pluginName . PATH_SEP . 'controllers' . PATH_SEP; $pathFile = $pluginControllerPath. $controllerClass . '.php'; - $pathFile = $filter->validateInput($pathFile,'path'); if (is_file($pathFile)) { require_once $pathFile; } elseif (is_file($pluginControllerPath. ucfirst($controllerClass) . '.php')) { From a953260ee838c5b1a824bfbd8f430d2688521f73 Mon Sep 17 00:00:00 2001 From: Taylor Dondich Date: Tue, 7 Feb 2017 08:37:46 -0800 Subject: [PATCH 23/39] Update Jenkinsfile to support bugfix branches and pull requests. --- Jenkinsfile | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/Jenkinsfile b/Jenkinsfile index b10158ce7..aa54badf8 100644 --- a/Jenkinsfile +++ b/Jenkinsfile @@ -3,8 +3,7 @@ node { /** * Branch should be in gitflow format. If not, then we'll abort. */ - - if(!env.BRANCH_NAME.matches(/(feature|hotfix|release)\/.+/)) { + if(!env.BRANCH_NAME.matches(/(feature|hotfix|bugfix|release)\/.+/) && !test.matches(/^PR-.*$/)) { hipchatSend message: "${env.BRANCH_NAME} Build: Does not match gitflow naming. Aborted", room: 'engineering' error "Job does not follow gitflow naming format." } From c2d263f99dfbcb42dc60a102d4f2908312cfbe2b Mon Sep 17 00:00:00 2001 From: qronald Date: Tue, 7 Feb 2017 13:21:34 -0400 Subject: [PATCH 24/39] HOR-2652 --- .../src/ProcessMaker/Services/Api/Light.php | 31 +++++++++++++++++++ 1 file changed, 31 insertions(+) diff --git a/workflow/engine/src/ProcessMaker/Services/Api/Light.php b/workflow/engine/src/ProcessMaker/Services/Api/Light.php index 80f288b49..cf6b07266 100644 --- a/workflow/engine/src/ProcessMaker/Services/Api/Light.php +++ b/workflow/engine/src/ProcessMaker/Services/Api/Light.php @@ -30,6 +30,35 @@ class Light extends Api 'delRiskDate' ]; + public function __isAllowed() + { + try { + $methodName = $this->restler->apiMethodInfo->methodName; + $arrayArgs = $this->restler->apiMethodInfo->arguments; + switch ($methodName) { + case 'doIfAlreadyRoute': + $applicationUid = $this->parameters[$arrayArgs['app_uid']]; + $delIndex = $this->parameters[$arrayArgs['cas_index']]; + $userUid = $this->getUserId(); + //Check if the user has the case + $appDelegation = new \AppDelegation(); + $aCurUser = $appDelegation->getCurrentUsers($applicationUid, $delIndex); + if (!empty($aCurUser)) { + foreach ($aCurUser as $key => $value) { + if ($value === $userUid) { + return true; + } + } + } + return false; + break; + } + return false; + } catch (\Exception $e) { + throw new RestException(Api::STAT_APP_EXCEPTION, $e->getMessage()); + } + } + /** * Constructor of the class * @@ -793,6 +822,8 @@ class Light extends Api /** * Get Already Route * + * @access protected + * @class AccessControl {@className \ProcessMaker\Services\Api\Light} * @param string $app_uid {@min 1}{@max 32} * @param int $cas_index * From 1fe070673581f025a5d8e767fb6eb8d32de5b686 Mon Sep 17 00:00:00 2001 From: Paula Quispe Date: Tue, 7 Feb 2017 14:11:36 -0400 Subject: [PATCH 25/39] psr2 --- workflow/engine/src/ProcessMaker/BusinessModel/Cases.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/workflow/engine/src/ProcessMaker/BusinessModel/Cases.php b/workflow/engine/src/ProcessMaker/BusinessModel/Cases.php index e3502bc61..245fb91d5 100644 --- a/workflow/engine/src/ProcessMaker/BusinessModel/Cases.php +++ b/workflow/engine/src/ProcessMaker/BusinessModel/Cases.php @@ -3263,7 +3263,7 @@ class Cases * @param array $objectPermissions * @return array Returns array with all access */ - public function userAuthorization($usrUid, $proUid, $appUid, $rolesPermissions=array(), $objectPermissions=array()){ + public function userAuthorization($usrUid, $proUid, $appUid, $rolesPermissions = array(), $objectPermissions = array()) { $arrayAccess = array(); //User has participated From a0ed8fa873b0c5d2051a9b42bcdee143e0236d16 Mon Sep 17 00:00:00 2001 From: dheeyi william Date: Tue, 7 Feb 2017 16:18:17 -0400 Subject: [PATCH 26/39] HOR-2655 (Unassigned) It displays an error if we have unassigned rule after a notification --- workflow/engine/classes/class.case.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/workflow/engine/classes/class.case.php b/workflow/engine/classes/class.case.php index 6d56a8544..fd49b293b 100644 --- a/workflow/engine/classes/class.case.php +++ b/workflow/engine/classes/class.case.php @@ -5230,7 +5230,7 @@ class Cases $dataLastEmail['configuration'] = $aConfiguration; $dataLastEmail['subject'] = $sSubject; $dataLastEmail['pathEmail'] = $pathEmail; - $dataLastEmail['swtplDeafault'] = $swtplDefault; + $dataLastEmail['swtplDefault'] = $swtplDefault; $dataLastEmail['body'] = $sBody; $dataLastEmail['from'] = $from; break; @@ -5298,7 +5298,7 @@ class Cases $dataLastEmail['configuration'] = $aConfiguration; $dataLastEmail['subject'] = $sSubject; $dataLastEmail['pathEmail'] = $pathEmail; - $dataLastEmail['swtplDeafault'] = $swtplDefault; + $dataLastEmail['swtplDefault'] = $swtplDefault; $dataLastEmail['body'] = $sBody; $dataLastEmail['from'] = $from; break; From 580b0958b2bc71d03e5d98c0d44cca0d941ccc89 Mon Sep 17 00:00:00 2001 From: qronald Date: Wed, 8 Feb 2017 08:14:05 -0400 Subject: [PATCH 27/39] up observations --- workflow/engine/src/ProcessMaker/Services/Api/Light.php | 8 ++------ 1 file changed, 2 insertions(+), 6 deletions(-) diff --git a/workflow/engine/src/ProcessMaker/Services/Api/Light.php b/workflow/engine/src/ProcessMaker/Services/Api/Light.php index cf6b07266..32757d56a 100644 --- a/workflow/engine/src/ProcessMaker/Services/Api/Light.php +++ b/workflow/engine/src/ProcessMaker/Services/Api/Light.php @@ -43,12 +43,8 @@ class Light extends Api //Check if the user has the case $appDelegation = new \AppDelegation(); $aCurUser = $appDelegation->getCurrentUsers($applicationUid, $delIndex); - if (!empty($aCurUser)) { - foreach ($aCurUser as $key => $value) { - if ($value === $userUid) { - return true; - } - } + if (!empty($aCurUser) && in_array($userUid, $aCurUser)) { + return true; } return false; break; From dacc02724a9c13777c94f8b1ddbb3d5033a6dcc7 Mon Sep 17 00:00:00 2001 From: Taylor Dondich Date: Wed, 8 Feb 2017 11:04:43 -0800 Subject: [PATCH 28/39] Update Jenkinsfile to evaluate proper variable for PR matching. --- Jenkinsfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Jenkinsfile b/Jenkinsfile index aa54badf8..7d9279ade 100644 --- a/Jenkinsfile +++ b/Jenkinsfile @@ -3,7 +3,7 @@ node { /** * Branch should be in gitflow format. If not, then we'll abort. */ - if(!env.BRANCH_NAME.matches(/(feature|hotfix|bugfix|release)\/.+/) && !test.matches(/^PR-.*$/)) { + if(!env.BRANCH_NAME.matches(/(feature|hotfix|bugfix|release)\/.+/) && !env.BRANCH_NAME.matches(/^PR-.*$/)) { hipchatSend message: "${env.BRANCH_NAME} Build: Does not match gitflow naming. Aborted", room: 'engineering' error "Job does not follow gitflow naming format." } From 1f6cac8a94f4902398df5d1900977ed296cbe7d0 Mon Sep 17 00:00:00 2001 From: Roly Rudy Gutierrez Pinto Date: Wed, 8 Feb 2017 16:01:52 -0400 Subject: [PATCH 29/39] HOR-2533 --- framework/src/Maveriks/WebApplication.php | 1 + gulliver/system/class.bootstrap.php | 35 +++++++++++++++++++ gulliver/system/class.g.php | 25 ++++++++++--- workflow/engine/classes/class.system.php | 3 +- .../translations/english/processmaker.en.po | 12 +++++++ .../methods/appFolder/appFolderAjax.php | 12 +++++++ .../BusinessModel/Cases/InputDocument.php | 10 ++++++ .../BusinessModel/FilesManager.php | 5 +++ .../src/ProcessMaker/BusinessModel/Light.php | 10 ++++++ workflow/public_html/sysGeneric.php | 12 +++++++ 10 files changed, 119 insertions(+), 6 deletions(-) diff --git a/framework/src/Maveriks/WebApplication.php b/framework/src/Maveriks/WebApplication.php index e4f26c85f..21c9473e1 100644 --- a/framework/src/Maveriks/WebApplication.php +++ b/framework/src/Maveriks/WebApplication.php @@ -533,6 +533,7 @@ class WebApplication define("PATH_DYNAFORM", PATH_DATA_SITE . "xmlForms/"); define("PATH_IMAGES_ENVIRONMENT_FILES", PATH_DATA_SITE . "usersFiles" . PATH_SEP); define("PATH_IMAGES_ENVIRONMENT_USERS", PATH_DATA_SITE . "usersPhotographies" . PATH_SEP); + define('DISABLE_PHP_UPLOAD_EXECUTION', $arraySystemConfiguration['disable_php_upload_execution']); /** * Global definitions, before it was the defines.php file diff --git a/gulliver/system/class.bootstrap.php b/gulliver/system/class.bootstrap.php index ce6c4b9d1..bbf34e800 100644 --- a/gulliver/system/class.bootstrap.php +++ b/gulliver/system/class.bootstrap.php @@ -2964,5 +2964,40 @@ class Bootstrap ); return $aContext; } + + /** + * get DISABLE_PHP_UPLOAD_EXECUTION value defined in env.ini + * @return int + */ + public static function getDisablePhpUploadExecution() + { + $disablePhpUploadExecution = 0; + if (defined("DISABLE_PHP_UPLOAD_EXECUTION")) { + $disablePhpUploadExecution = (int) DISABLE_PHP_UPLOAD_EXECUTION; + } + return $disablePhpUploadExecution; + } + + /** + * Record the action of executing a php file or attempting to upload a php + * file in server. + * @param type $channel + * @param type $level + * @param type $message + * @param type $fileName + */ + public static function registerMonologPhpUploadExecution($channel, $level, $message, $fileName) + { + $context = \Bootstrap::getDefaultContextLog(); + $context['action'] = $channel; + $context['filename'] = $fileName; + if (defined("SYS_CURRENT_URI") && defined("SYS_CURRENT_PARMS")) { + $context['url'] = SYS_CURRENT_URI . '?' . SYS_CURRENT_PARMS; + } + $context['usrUid'] = isset($_SESSION['USER_LOGGED']) ? $_SESSION['USER_LOGGED'] : ''; + $sysSys = defined("SYS_SYS") ? SYS_SYS : "Undefined"; + \Bootstrap::registerMonolog($channel, $level, $message, $context, $sysSys, 'processmaker.log'); + } + } diff --git a/gulliver/system/class.g.php b/gulliver/system/class.g.php index 6b593fb25..4501720a9 100644 --- a/gulliver/system/class.g.php +++ b/gulliver/system/class.g.php @@ -1242,7 +1242,14 @@ class G if ($download) { G::sendHeaders( $filename, 'text/plain', $download, $downloadFileName ); } else { - require_once ($filename); + if (\Bootstrap::getDisablePhpUploadExecution() === 0) { + \Bootstrap::registerMonologPhpUploadExecution('phpExecution', 200, 'Php Execution', $filename); + require_once ($filename); + } else { + $message = G::LoadTranslation('THE_PHP_FILES_EXECUTION_WAS_DISABLED'); + \Bootstrap::registerMonologPhpUploadExecution('phpExecution', 550, $message, $filename); + echo $message; + } return; } break; @@ -5538,16 +5545,24 @@ class G $res->status = false; $allowedTypes = array_map('G::getRealExtension', explode(',', $InpDocAllowedFiles)); + // Get the file extension + $aux = pathinfo($fileName); + $fileExtension = isset($aux['extension']) ? strtolower($aux['extension']) : ''; + + if (\Bootstrap::getDisablePhpUploadExecution() === 1 && $fileExtension === 'php') { + $message = \G::LoadTranslation('THE_UPLOAD_OF_PHP_FILES_WAS_DISABLED'); + \Bootstrap::registerMonologPhpUploadExecution('phpUpload', 550, $message, $fileName); + $res->status = false; + $res->message = $message; + return $res; + } + // If required extension is *.* don't validate if (in_array('*', $allowedTypes)) { $res->status = true; return $res; } - // Get the file extension - $aux = pathinfo($fileName); - $fileExtension = isset($aux['extension']) ? strtolower($aux['extension']) : ''; - // If no valid extension finish (unnecesary check file content) $validExtension = in_array($fileExtension, $allowedTypes); if (!$validExtension) { diff --git a/workflow/engine/classes/class.system.php b/workflow/engine/classes/class.system.php index beaa5196c..973c5642e 100644 --- a/workflow/engine/classes/class.system.php +++ b/workflow/engine/classes/class.system.php @@ -78,7 +78,8 @@ class System 'leave_case_warning' => 0, 'server_hostname_requests_frontend' => '', 'load_headers_ie' => 0, - 'redirect_to_mobile' => 0 + 'redirect_to_mobile' => 0, + 'disable_php_upload_execution' => 0 ); /** diff --git a/workflow/engine/content/translations/english/processmaker.en.po b/workflow/engine/content/translations/english/processmaker.en.po index 1872d7e25..3348bc83e 100644 --- a/workflow/engine/content/translations/english/processmaker.en.po +++ b/workflow/engine/content/translations/english/processmaker.en.po @@ -27419,6 +27419,18 @@ msgstr "External Registration" msgid "Filter By" msgstr "Filter By" +# TRANSLATION +# LABEL/THE_UPLOAD_OF_PHP_FILES_WAS_DISABLED +#: LABEL/THE_UPLOAD_OF_PHP_FILES_WAS_DISABLED +msgid "The upload of PHP files was disabled please contact the system administrator." +msgstr "The upload of PHP files was disabled please contact the system administrator." + +# TRANSLATION +# LABEL/THE_PHP_FILES_EXECUTION_WAS_DISABLED +#: LABEL/THE_PHP_FILES_EXECUTION_WAS_DISABLED +msgid "The PHP files execution was disabled please contact the system administrator." +msgstr "The PHP files execution was disabled please contact the system administrator." + # TRANSLATION # LABEL/ID_MAFE_cae0206c31eaa305dd0e847330c5e837 #: LABEL/ID_MAFE_cae0206c31eaa305dd0e847330c5e837 diff --git a/workflow/engine/methods/appFolder/appFolderAjax.php b/workflow/engine/methods/appFolder/appFolderAjax.php index 72926ee81..f1c7f68d7 100644 --- a/workflow/engine/methods/appFolder/appFolderAjax.php +++ b/workflow/engine/methods/appFolder/appFolderAjax.php @@ -1534,6 +1534,18 @@ function uploadExternalDocument() //Read. Instance Document classes if (!empty($quequeUpload)) { + foreach ($quequeUpload as $key => $fileObj) { + $extension = pathinfo($fileObj['fileName'], PATHINFO_EXTENSION); + if (\Bootstrap::getDisablePhpUploadExecution() === 1 && $extension === 'php') { + $message = \G::LoadTranslation('THE_UPLOAD_OF_PHP_FILES_WAS_DISABLED'); + \Bootstrap::registerMonologPhpUploadExecution('phpUpload', 550, $message, $fileObj['fileName']); + $response['error'] = $message; + $response['message'] = $message; + $response['success'] = false; + print_r(G::json_encode($response)); + exit(); + } + } $docUid=$_POST['docUid']; $appDocUid=isset($_POST['APP_DOC_UID'])?$_POST['APP_DOC_UID']:""; $docVersion=isset($_POST['docVersion'])?$_POST['docVersion']:""; diff --git a/workflow/engine/src/ProcessMaker/BusinessModel/Cases/InputDocument.php b/workflow/engine/src/ProcessMaker/BusinessModel/Cases/InputDocument.php index 53ca8677f..0426def6b 100644 --- a/workflow/engine/src/ProcessMaker/BusinessModel/Cases/InputDocument.php +++ b/workflow/engine/src/ProcessMaker/BusinessModel/Cases/InputDocument.php @@ -971,6 +971,16 @@ class InputDocument $aFields = array("APP_UID" => $appUid, "DEL_INDEX" => $delIndex, "USR_UID" => $userUid, "DOC_UID" => -1, "APP_DOC_TYPE" => "ATTACHED", "APP_DOC_CREATE_DATE" => date("Y-m-d H:i:s"), "APP_DOC_COMMENT" => "", "APP_DOC_TITLE" => "", "APP_DOC_FILENAME" => $arrayFileName[$i], "APP_DOC_FIELDNAME" => $fieldName); } + $sExtension = pathinfo($aFields["APP_DOC_FILENAME"]); + if (\Bootstrap::getDisablePhpUploadExecution() === 1 && $sExtension["extension"] === 'php') { + $message = \G::LoadTranslation('THE_UPLOAD_OF_PHP_FILES_WAS_DISABLED'); + \Bootstrap::registerMonologPhpUploadExecution('phpUpload', 550, $message, $sFileName); + \G::SendMessageText($message, "ERROR"); + $backUrlObj = explode("sys" . SYS_SYS, $_SERVER['HTTP_REFERER']); + \G::header("location: " . "/sys" . SYS_SYS . $backUrlObj[1]); + die(); + } + $oAppDocument = new \AppDocument(); $oAppDocument->create($aFields); diff --git a/workflow/engine/src/ProcessMaker/BusinessModel/FilesManager.php b/workflow/engine/src/ProcessMaker/BusinessModel/FilesManager.php index aa8cd56a1..a949ce0a5 100644 --- a/workflow/engine/src/ProcessMaker/BusinessModel/FilesManager.php +++ b/workflow/engine/src/ProcessMaker/BusinessModel/FilesManager.php @@ -187,6 +187,11 @@ class FilesManager if ($extention == '.exe') { throw new \Exception(\G::LoadTranslation('ID_FILE_UPLOAD_INCORRECT_EXTENSION')); } + if (\Bootstrap::getDisablePhpUploadExecution() === 1 && $extention === '.php') { + $message = \G::LoadTranslation('THE_UPLOAD_OF_PHP_FILES_WAS_DISABLED'); + \Bootstrap::registerMonologPhpUploadExecution('phpUpload', 550, $message, $aData['prf_filename']); + throw new \Exception($message); + } break; default: $sDirectory = PATH_DATA_MAILTEMPLATES . $sProcessUID . PATH_SEP . $sSubDirectory . $aData['prf_filename']; diff --git a/workflow/engine/src/ProcessMaker/BusinessModel/Light.php b/workflow/engine/src/ProcessMaker/BusinessModel/Light.php index e739eb485..d33c85488 100644 --- a/workflow/engine/src/ProcessMaker/BusinessModel/Light.php +++ b/workflow/engine/src/ProcessMaker/BusinessModel/Light.php @@ -902,6 +902,16 @@ class Light $response = array(); if (is_array($request_data)) { foreach ($request_data as $k => $file) { + $ext = pathinfo($file['name'], PATHINFO_EXTENSION); + if (\Bootstrap::getDisablePhpUploadExecution() === 1 && $ext === 'php') { + $message = \G::LoadTranslation('THE_UPLOAD_OF_PHP_FILES_WAS_DISABLED'); + \Bootstrap::registerMonologPhpUploadExecution('phpUpload', 550, $message, $file['name']); + $response[$k]['error'] = array( + "code" => "400", + "message" => $message + ); + continue; + } $oCase = new \Cases(); $delIndex = $oCase->getCurrentDelegation($app_uid, $userUid); $docUid = !empty($file['docUid']) ? $file['docUid'] : -1; diff --git a/workflow/public_html/sysGeneric.php b/workflow/public_html/sysGeneric.php index 0b32f04eb..2e07667f6 100644 --- a/workflow/public_html/sysGeneric.php +++ b/workflow/public_html/sysGeneric.php @@ -342,6 +342,7 @@ define ('WS_IN_LOGIN', isset($config['WS_IN_LOGIN']) ? $config['WS_IN_LOGIN'] : define('LOAD_HEADERS_IE', $config['load_headers_ie']); define('LEAVE_CASE_WARNING', $config['leave_case_warning']); define('REDIRECT_TO_MOBILE', $config['redirect_to_mobile']); +define('DISABLE_PHP_UPLOAD_EXECUTION', $config['disable_php_upload_execution']); // IIS Compatibility, SERVER_ADDR doesn't exist on that env, so we need to define it. $_SERVER['SERVER_ADDR'] = isset( $_SERVER['SERVER_ADDR'] ) ? $_SERVER['SERVER_ADDR'] : $_SERVER['SERVER_NAME']; @@ -813,6 +814,17 @@ if (substr( SYS_COLLECTION, 0, 8 ) === 'gulliver') { die(); } + Bootstrap::initVendors(); + Bootstrap::LoadSystem( 'monologProvider' ); + if (\Bootstrap::getDisablePhpUploadExecution() === 1) { + $message = \G::LoadTranslation('THE_PHP_FILES_EXECUTION_WAS_DISABLED'); + \Bootstrap::registerMonologPhpUploadExecution('phpExecution', 550, $message, $phpFile); + echo $message; + die(); + } else { + \Bootstrap::registerMonologPhpUploadExecution('phpExecution', 200, 'Php Execution', $phpFile); + } + $avoidChangedWorkspaceValidation = true; $bWE = true; //$phpFile = PATH_DATA_SITE . 'public' . PATH_SEP . SYS_COLLECTION . PATH_SEP . $auxPart[ count($auxPart)-1]; From 32fe0216fb25b88f99b8518f440be1fb0bc73fbe Mon Sep 17 00:00:00 2001 From: Roly Rudy Gutierrez Pinto Date: Wed, 8 Feb 2017 17:03:11 -0400 Subject: [PATCH 30/39] HOR-2637 --- workflow/engine/methods/cases/proxyNewCasesList.php | 5 ----- 1 file changed, 5 deletions(-) diff --git a/workflow/engine/methods/cases/proxyNewCasesList.php b/workflow/engine/methods/cases/proxyNewCasesList.php index f7d38e4bd..47fba12a7 100644 --- a/workflow/engine/methods/cases/proxyNewCasesList.php +++ b/workflow/engine/methods/cases/proxyNewCasesList.php @@ -10,9 +10,6 @@ if (!isset($_SESSION['USER_LOGGED'])) { G::LoadSystem('inputfilter'); $filter = new InputFilter(); -$_GET = $filter->xssFilterHard($_GET); -$_REQUEST = $filter->xssFilterHard($_REQUEST); -$_SESSION['USER_LOGGED'] = $filter->xssFilterHard($_SESSION['USER_LOGGED']); try { $userUid = $_SESSION['USER_LOGGED']; @@ -195,8 +192,6 @@ try { $response['filters'] = $filtersData; $response['totalCount'] = $list->countTotal($userUid, $filtersData); - $response = $filter->xssFilterHard($response); - $response['data'] = \ProcessMaker\Util\DateTime::convertUtcToTimeZone($result); echo G::json_encode($response); From f9df51c340a1c1a712bd0b2d1b669d7f7673625f Mon Sep 17 00:00:00 2001 From: dheeyi william Date: Thu, 9 Feb 2017 11:30:16 -0400 Subject: [PATCH 31/39] HOR-2643 Unassigned: the last task label is not shown when we finish a self service case --- workflow/engine/methods/cases/proxyNewCasesList.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/workflow/engine/methods/cases/proxyNewCasesList.php b/workflow/engine/methods/cases/proxyNewCasesList.php index f7d38e4bd..3f15b4e87 100644 --- a/workflow/engine/methods/cases/proxyNewCasesList.php +++ b/workflow/engine/methods/cases/proxyNewCasesList.php @@ -162,7 +162,7 @@ try { $record["APP_UPDATE_DATE"] = $record["DEL_DELEGATE_DATE"]; } - if (isset($record['DEL_CURRENT_TAS_TITLE'])) { + if (isset($record['DEL_CURRENT_TAS_TITLE']) && $record['DEL_CURRENT_TAS_TITLE'] != '') { $record['APP_TAS_TITLE'] = $record['DEL_CURRENT_TAS_TITLE']; } From ae1a8e4c5dd56e7578c6eb2c623ab18da5403b01 Mon Sep 17 00:00:00 2001 From: Paula Quispe Date: Thu, 9 Feb 2017 12:29:59 -0400 Subject: [PATCH 32/39] psr2 --- .../engine/src/ProcessMaker/BusinessModel/Cases.php | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/workflow/engine/src/ProcessMaker/BusinessModel/Cases.php b/workflow/engine/src/ProcessMaker/BusinessModel/Cases.php index 245fb91d5..b99d7928d 100644 --- a/workflow/engine/src/ProcessMaker/BusinessModel/Cases.php +++ b/workflow/engine/src/ProcessMaker/BusinessModel/Cases.php @@ -3269,15 +3269,15 @@ class Cases //User has participated $oParticipated = new \ListParticipatedLast(); $aParticipated = $oParticipated->loadList($usrUid, array(), null, $appUid); - $arrayAccess['participated'] = (!sizeof($aParticipated)) ? false : true; + $arrayAccess['participated'] = (count($aParticipated) == 0) ? false : true; //User is supervisor - $oAppCache = new \AppCacheView(); - $aProcesses = $oAppCache->getProUidSupervisor($usrUid); - $arrayAccess['supervisor'] = (!in_array($proUid, $aProcesses)) ? false : true; + $supervisor = new \ProcessMaker\BusinessModel\ProcessSupervisor(); + $isSupervisor = $supervisor->isUserProcessSupervisor($proUid, $usrUid); + $arrayAccess['supervisor'] = (!$isSupervisor) ? false : true; //Roles Permissions - if (count($rolesPermissions)>0) { + if (count($rolesPermissions) > 0) { global $RBAC; foreach ($rolesPermissions as $value) { $arrayAccess['rolesPermissions'][$value] = ($RBAC->userCanAccess($value) < 0) ? false : true; From 28369c6406809ccc020cbe62a46f546f8abd12f2 Mon Sep 17 00:00:00 2001 From: Paula Quispe Date: Thu, 9 Feb 2017 12:31:32 -0400 Subject: [PATCH 33/39] psr2 --- workflow/engine/src/ProcessMaker/BusinessModel/Cases.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/workflow/engine/src/ProcessMaker/BusinessModel/Cases.php b/workflow/engine/src/ProcessMaker/BusinessModel/Cases.php index b99d7928d..93c38834f 100644 --- a/workflow/engine/src/ProcessMaker/BusinessModel/Cases.php +++ b/workflow/engine/src/ProcessMaker/BusinessModel/Cases.php @@ -3274,7 +3274,7 @@ class Cases //User is supervisor $supervisor = new \ProcessMaker\BusinessModel\ProcessSupervisor(); $isSupervisor = $supervisor->isUserProcessSupervisor($proUid, $usrUid); - $arrayAccess['supervisor'] = (!$isSupervisor) ? false : true; + $arrayAccess['supervisor'] = ($isSupervisor) ? true : false; //Roles Permissions if (count($rolesPermissions) > 0) { From e8dc039a252a9a3a9558d7b92ac0527fc529b3fc Mon Sep 17 00:00:00 2001 From: Roly Rudy Gutierrez Pinto Date: Thu, 9 Feb 2017 17:55:37 -0400 Subject: [PATCH 34/39] HOR-2604 --- workflow/public_html/.htaccess | 2 +- workflow/public_html/sysGeneric.php | 4 ++++ 2 files changed, 5 insertions(+), 1 deletion(-) diff --git a/workflow/public_html/.htaccess b/workflow/public_html/.htaccess index 458bcdada..5d0e4c170 100644 --- a/workflow/public_html/.htaccess +++ b/workflow/public_html/.htaccess @@ -3,7 +3,7 @@ Deny from all - + Order Allow,Deny Allow from All \ No newline at end of file diff --git a/workflow/public_html/sysGeneric.php b/workflow/public_html/sysGeneric.php index 0b32f04eb..4f79e9bb1 100644 --- a/workflow/public_html/sysGeneric.php +++ b/workflow/public_html/sysGeneric.php @@ -117,6 +117,10 @@ if (file_exists($requestFile)) { header( "location: /errors/error404.php?url=" . urlencode( $_SERVER['REQUEST_URI'] ) ); die; } + if ($request === "app.php" || $request === "sysGeneric.php") { + //HTTP/1.0 403 Forbidden + http_response_code(403); + } $pos = strripos($request, ".") + 1; $size = strlen($request); if($pos < $size) { From b9941b27213b01cf6accd3e847597e495abdabb0 Mon Sep 17 00:00:00 2001 From: dheeyi william Date: Fri, 10 Feb 2017 10:21:19 -0400 Subject: [PATCH 35/39] HOR-2657 [Mantis 22040] Intermediate email event after Gateway (Inclusive) is blocking cancel case option in the Action tab --- workflow/engine/classes/class.derivation.php | 13 +++++++++++++ 1 file changed, 13 insertions(+) diff --git a/workflow/engine/classes/class.derivation.php b/workflow/engine/classes/class.derivation.php index 49791a13e..9b6975e59 100644 --- a/workflow/engine/classes/class.derivation.php +++ b/workflow/engine/classes/class.derivation.php @@ -1211,6 +1211,19 @@ class Derivation $this->case->closeAppThread( $currentDelegation['APP_UID'], $iAppThreadIndex ); break; default: + if ($nextDel['ROU_PREVIOUS_TYPE'] == 'SEC-JOIN') { + $criteria = new Criteria('workflow'); + $criteria->clearSelectColumns(); + $criteria->addSelectColumn(AppThreadPeer::APP_THREAD_PARENT); + $criteria->add(AppThreadPeer::APP_UID, $appFields['APP_UID']); + $criteria->add(AppThreadPeer::APP_THREAD_STATUS, 'OPEN'); + $criteria->add(AppThreadPeer::APP_THREAD_INDEX, $iAppThreadIndex); + $rsCriteria = AppThreadPeer::doSelectRS($criteria); + $rsCriteria->setFetchmode(ResultSet::FETCHMODE_ASSOC); + if ($rsCriteria->next()) { + $this->case->closeAppThread($currentDelegation['APP_UID'], $iAppThreadIndex); + } + } if ($currentDelegation['TAS_ASSIGN_TYPE'] == 'STATIC_MI' || $currentDelegation['TAS_ASSIGN_TYPE'] == 'CANCEL_MI') { $this->case->closeAppThread( $currentDelegation['APP_UID'], $iAppThreadIndex ); } From e332e5c59aea731b68101e85e4dc6348a96ef1d6 Mon Sep 17 00:00:00 2001 From: dheeyi william Date: Wed, 8 Feb 2017 18:54:29 -0400 Subject: [PATCH 36/39] HOR-2646 Can not assign Supervisors, endpoint error --- .../BusinessModel/ProcessSupervisor.php | 26 +++++++++---------- 1 file changed, 13 insertions(+), 13 deletions(-) diff --git a/workflow/engine/src/ProcessMaker/BusinessModel/ProcessSupervisor.php b/workflow/engine/src/ProcessMaker/BusinessModel/ProcessSupervisor.php index 21807d68b..aa0ca4815 100644 --- a/workflow/engine/src/ProcessMaker/BusinessModel/ProcessSupervisor.php +++ b/workflow/engine/src/ProcessMaker/BusinessModel/ProcessSupervisor.php @@ -129,14 +129,14 @@ class ProcessSupervisor $sql = " SELECT DISTINCT " . \GroupUserPeer::GRP_UID . " FROM " . \GroupUserPeer::TABLE_NAME . ", " . \UsersPeer::TABLE_NAME . ", - " . \UsersRolesPeer::TABLE_NAME . ", " . \RolesPermissionsPeer::TABLE_NAME . ", " . \PermissionsPeer::TABLE_NAME . " + " . DB_RBAC_NAME . '.' . \UsersRolesPeer::TABLE_NAME . ", " . DB_RBAC_NAME . '.' . \RolesPermissionsPeer::TABLE_NAME . ", " . DB_RBAC_NAME . '.' . \PermissionsPeer::TABLE_NAME . " WHERE " . \GroupUserPeer::GRP_UID . " = " . \GroupwfPeer::GRP_UID . " AND " . \GroupUserPeer::USR_UID . " = " . \UsersPeer::USR_UID . " AND " . \UsersPeer::USR_STATUS . " = " . $delimiter . "ACTIVE" . $delimiter . " AND - " . \UsersPeer::USR_UID . " = " . \UsersRolesPeer::USR_UID . " AND - " . \UsersRolesPeer::ROL_UID . " = " . \RolesPermissionsPeer::ROL_UID . " AND - " . \RolesPermissionsPeer::PER_UID . " = " . \PermissionsPeer::PER_UID . " AND - " . \PermissionsPeer::PER_CODE . " = " . $delimiter . "PM_SUPERVISOR" . $delimiter . " AND - " . \PermissionsPeer::PER_SYSTEM . " = " . $delimiter . $arrayRbacSystemData["SYS_CODE"] . $delimiter . " + " . \UsersPeer::USR_UID . " = " . DB_RBAC_NAME . '.' . \UsersRolesPeer::USR_UID . " AND + " . DB_RBAC_NAME . '.'. \UsersRolesPeer::ROL_UID . " = " . DB_RBAC_NAME . '.'. \RolesPermissionsPeer::ROL_UID . " AND + " . DB_RBAC_NAME . '.'. \RolesPermissionsPeer::PER_UID . " = " . DB_RBAC_NAME . '.'. \PermissionsPeer::PER_UID . " AND + " . DB_RBAC_NAME . '.'. \PermissionsPeer::PER_CODE . " = " . $delimiter . "PM_SUPERVISOR" . $delimiter . " AND + " . DB_RBAC_NAME . '.'. \PermissionsPeer::PER_SYSTEM . " = " . $delimiter . $arrayRbacSystemData["SYS_CODE"] . $delimiter . " "; $criteriaGroup->add( @@ -209,13 +209,13 @@ class ProcessSupervisor break; case "AVAILABLE": $sql = " - SELECT DISTINCT " . \UsersRolesPeer::USR_UID . " - FROM " . \UsersRolesPeer::TABLE_NAME . ", " . \RolesPermissionsPeer::TABLE_NAME . ", " . \PermissionsPeer::TABLE_NAME . " - WHERE " . \UsersRolesPeer::USR_UID . " = " . \UsersPeer::USR_UID . " AND - " . \UsersRolesPeer::ROL_UID . " = " . \RolesPermissionsPeer::ROL_UID . " AND - " . \RolesPermissionsPeer::PER_UID . " = " . \PermissionsPeer::PER_UID . " AND - " . \PermissionsPeer::PER_CODE . " = " . $delimiter . "PM_SUPERVISOR" . $delimiter . " AND - " . \PermissionsPeer::PER_SYSTEM . " = " . $delimiter . $arrayRbacSystemData["SYS_CODE"] . $delimiter . " + SELECT DISTINCT " . DB_RBAC_NAME . '.'. \UsersRolesPeer::USR_UID . " + FROM " . DB_RBAC_NAME . '.'.\UsersRolesPeer::TABLE_NAME . ", " . DB_RBAC_NAME . '.'. \RolesPermissionsPeer::TABLE_NAME . ", " . DB_RBAC_NAME . '.'. \PermissionsPeer::TABLE_NAME . " + WHERE " . DB_RBAC_NAME . '.'.\UsersRolesPeer::USR_UID . " = " . \UsersPeer::USR_UID . " AND + " . DB_RBAC_NAME . '.'.\UsersRolesPeer::ROL_UID . " = " . DB_RBAC_NAME . '.'. \RolesPermissionsPeer::ROL_UID . " AND + " . DB_RBAC_NAME . '.'.\RolesPermissionsPeer::PER_UID . " = " . DB_RBAC_NAME . '.'. \PermissionsPeer::PER_UID . " AND + " . DB_RBAC_NAME . '.'.\PermissionsPeer::PER_CODE . " = " . $delimiter . "PM_SUPERVISOR" . $delimiter . " AND + " . DB_RBAC_NAME . '.'.\PermissionsPeer::PER_SYSTEM . " = " . $delimiter . $arrayRbacSystemData["SYS_CODE"] . $delimiter . " "; $criteriaUser->add( From fd24a1e142c5e1eeff1ac1c5c0ceb832ed963b8a Mon Sep 17 00:00:00 2001 From: dheeyi william Date: Fri, 10 Feb 2017 10:56:00 -0400 Subject: [PATCH 37/39] HOR-2667 CLONE 3.2 - Can not assign Supervisors, endpoint error --- .../BusinessModel/ProcessSupervisor.php | 22 +++++++++---------- 1 file changed, 11 insertions(+), 11 deletions(-) diff --git a/workflow/engine/src/ProcessMaker/BusinessModel/ProcessSupervisor.php b/workflow/engine/src/ProcessMaker/BusinessModel/ProcessSupervisor.php index aa0ca4815..2ed4d6d34 100644 --- a/workflow/engine/src/ProcessMaker/BusinessModel/ProcessSupervisor.php +++ b/workflow/engine/src/ProcessMaker/BusinessModel/ProcessSupervisor.php @@ -133,10 +133,10 @@ class ProcessSupervisor WHERE " . \GroupUserPeer::GRP_UID . " = " . \GroupwfPeer::GRP_UID . " AND " . \GroupUserPeer::USR_UID . " = " . \UsersPeer::USR_UID . " AND " . \UsersPeer::USR_STATUS . " = " . $delimiter . "ACTIVE" . $delimiter . " AND " . \UsersPeer::USR_UID . " = " . DB_RBAC_NAME . '.' . \UsersRolesPeer::USR_UID . " AND - " . DB_RBAC_NAME . '.'. \UsersRolesPeer::ROL_UID . " = " . DB_RBAC_NAME . '.'. \RolesPermissionsPeer::ROL_UID . " AND - " . DB_RBAC_NAME . '.'. \RolesPermissionsPeer::PER_UID . " = " . DB_RBAC_NAME . '.'. \PermissionsPeer::PER_UID . " AND - " . DB_RBAC_NAME . '.'. \PermissionsPeer::PER_CODE . " = " . $delimiter . "PM_SUPERVISOR" . $delimiter . " AND - " . DB_RBAC_NAME . '.'. \PermissionsPeer::PER_SYSTEM . " = " . $delimiter . $arrayRbacSystemData["SYS_CODE"] . $delimiter . " + " . DB_RBAC_NAME . '.' . \UsersRolesPeer::ROL_UID . " = " . DB_RBAC_NAME . '.' . \RolesPermissionsPeer::ROL_UID . " AND + " . DB_RBAC_NAME . '.' . \RolesPermissionsPeer::PER_UID . " = " . DB_RBAC_NAME . '.' . \PermissionsPeer::PER_UID . " AND + " . DB_RBAC_NAME . '.' . \PermissionsPeer::PER_CODE . " = " . $delimiter . "PM_SUPERVISOR" . $delimiter . " AND + " . DB_RBAC_NAME . '.' . \PermissionsPeer::PER_SYSTEM . " = " . $delimiter . $arrayRbacSystemData["SYS_CODE"] . $delimiter . " "; $criteriaGroup->add( @@ -209,13 +209,13 @@ class ProcessSupervisor break; case "AVAILABLE": $sql = " - SELECT DISTINCT " . DB_RBAC_NAME . '.'. \UsersRolesPeer::USR_UID . " - FROM " . DB_RBAC_NAME . '.'.\UsersRolesPeer::TABLE_NAME . ", " . DB_RBAC_NAME . '.'. \RolesPermissionsPeer::TABLE_NAME . ", " . DB_RBAC_NAME . '.'. \PermissionsPeer::TABLE_NAME . " - WHERE " . DB_RBAC_NAME . '.'.\UsersRolesPeer::USR_UID . " = " . \UsersPeer::USR_UID . " AND - " . DB_RBAC_NAME . '.'.\UsersRolesPeer::ROL_UID . " = " . DB_RBAC_NAME . '.'. \RolesPermissionsPeer::ROL_UID . " AND - " . DB_RBAC_NAME . '.'.\RolesPermissionsPeer::PER_UID . " = " . DB_RBAC_NAME . '.'. \PermissionsPeer::PER_UID . " AND - " . DB_RBAC_NAME . '.'.\PermissionsPeer::PER_CODE . " = " . $delimiter . "PM_SUPERVISOR" . $delimiter . " AND - " . DB_RBAC_NAME . '.'.\PermissionsPeer::PER_SYSTEM . " = " . $delimiter . $arrayRbacSystemData["SYS_CODE"] . $delimiter . " + SELECT DISTINCT " . DB_RBAC_NAME . '.' . \UsersRolesPeer::USR_UID . " + FROM " . DB_RBAC_NAME . '.' . \UsersRolesPeer::TABLE_NAME . ", " . DB_RBAC_NAME . '.' . \RolesPermissionsPeer::TABLE_NAME . ", " . DB_RBAC_NAME . '.' . \PermissionsPeer::TABLE_NAME . " + WHERE " . DB_RBAC_NAME . '.' . \UsersRolesPeer::USR_UID . " = " . \UsersPeer::USR_UID . " AND + " . DB_RBAC_NAME . '.' . \UsersRolesPeer::ROL_UID . " = " . DB_RBAC_NAME . '.' . \RolesPermissionsPeer::ROL_UID . " AND + " . DB_RBAC_NAME . '.' . \RolesPermissionsPeer::PER_UID . " = " . DB_RBAC_NAME . '.' . \PermissionsPeer::PER_UID . " AND + " . DB_RBAC_NAME . '.' . \PermissionsPeer::PER_CODE . " = " . $delimiter . "PM_SUPERVISOR" . $delimiter . " AND + " . DB_RBAC_NAME . '.' . \PermissionsPeer::PER_SYSTEM . " = " . $delimiter . $arrayRbacSystemData["SYS_CODE"] . $delimiter . " "; $criteriaUser->add( From 854c2117580f5fec8302c991509e028d3b966778 Mon Sep 17 00:00:00 2001 From: qronald Date: Fri, 10 Feb 2017 13:50:52 -0400 Subject: [PATCH 38/39] HOR-2673 --- gulliver/system/class.g.php | 17 +++++++---------- 1 file changed, 7 insertions(+), 10 deletions(-) diff --git a/gulliver/system/class.g.php b/gulliver/system/class.g.php index 39e22b3ff..e60db1d1f 100644 --- a/gulliver/system/class.g.php +++ b/gulliver/system/class.g.php @@ -45,19 +45,16 @@ class G /** * is_https - * @return void - */ + * @return bool + */ public static function is_https() { - if (isset($_SERVER['HTTPS'])) { - if ($_SERVER['HTTPS']=='on') { - return true; - } else { - return false; - } - } else { - return false; + $is_http = false; + if ((isset($_SERVER['HTTPS']) && $_SERVER['HTTPS']=='on') || + (isset($_SERVER['HTTP_X_FORWARDED_PROTO']) && $_SERVER['HTTP_X_FORWARDED_PROTO'] == 'https')) { + $is_http = true; } + return $is_http; } /** From 6f1922fac69861f58a06286e6d5e65eab7968efc Mon Sep 17 00:00:00 2001 From: dheeyi william Date: Mon, 13 Feb 2017 11:37:44 -0400 Subject: [PATCH 39/39] HOR-2632 Open the Summary form instead of cases_Resume --- .../engine/methods/cases/cases_Resume.php | 28 +++++++++++++------ workflow/engine/methods/cases/summary.php | 1 - 2 files changed, 19 insertions(+), 10 deletions(-) diff --git a/workflow/engine/methods/cases/cases_Resume.php b/workflow/engine/methods/cases/cases_Resume.php index e7692ce77..931909d44 100644 --- a/workflow/engine/methods/cases/cases_Resume.php +++ b/workflow/engine/methods/cases/cases_Resume.php @@ -49,23 +49,33 @@ $G_ID_SUB_MENU_SELECTED = '_'; /* Prepare page before to show */ $oCase = new Cases(); - -if (isset($_SESSION['ACTION']) && ($_SESSION['ACTION'] == 'jump')) { - $Fields = $oCase->loadCase( $_SESSION['APPLICATION'], $_SESSION['INDEX'], $_SESSION['ACTION']); -} else { - $Fields = $oCase->loadCase( $_SESSION['APPLICATION'], $_SESSION['INDEX']); -} - //Check the authorization $objCase = new \ProcessMaker\BusinessModel\Cases(); $aUserCanAccess = $objCase->userAuthorization( $_SESSION['USER_LOGGED'], - $Fields['PRO_UID'], + $_SESSION['PROCESS'], $_GET['APP_UID'], array('PM_ALLCASES'), - array('SUMMARY_FORM'=>'VIEW') + array('SUMMARY_FORM' => 'VIEW') ); +if (isset($_SESSION['ACTION']) && ($_SESSION['ACTION'] == 'jump')) { + $Fields = $oCase->loadCase( $_SESSION['APPLICATION'], $_SESSION['INDEX'], $_SESSION['ACTION']); + $process = new Process(); + $processData = $process->load($Fields['PRO_UID']); + if (isset($processData['PRO_DYNAFORMS']['PROCESS']) && $processData['PRO_DYNAFORMS']['PROCESS'] != '' && + $aUserCanAccess['objectPermissions']['SUMMARY_FORM'] + ) { + $_REQUEST['APP_UID'] = $Fields['APP_UID']; + $_REQUEST['DEL_INDEX'] = $Fields['DEL_INDEX']; + $_REQUEST['DYN_UID'] = $processData['PRO_DYNAFORMS']['PROCESS']; + require_once(PATH_METHODS . 'cases' . PATH_SEP . 'summary.php'); + exit(); + } +} else { + $Fields = $oCase->loadCase( $_SESSION['APPLICATION'], $_SESSION['INDEX']); +} + if (!$aUserCanAccess['participated'] && !$aUserCanAccess['supervisor'] && !$aUserCanAccess['rolesPermissions']['PM_ALLCASES'] && !$aUserCanAccess['objectPermissions']['SUMMARY_FORM']) { $aMessage['MESSAGE'] = G::LoadTranslation( 'ID_NO_PERMISSION_NO_PARTICIPATED' ); $G_PUBLISH = new Publisher(); diff --git a/workflow/engine/methods/cases/summary.php b/workflow/engine/methods/cases/summary.php index 1fe5fb028..02a6e383d 100644 --- a/workflow/engine/methods/cases/summary.php +++ b/workflow/engine/methods/cases/summary.php @@ -69,7 +69,6 @@ try { $result = DynaformPeer::doSelectRS($criteria); $result->setFetchmode(ResultSet::FETCHMODE_ASSOC); if ($result->next()) { - G::LoadClass('pmDynaform'); G::LoadClass('pmDynaform'); $FieldsPmDynaform = $applicationFields; $FieldsPmDynaform["CURRENT_DYNAFORM"] = $_REQUEST['DYN_UID'];