fernando/luos
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Merged in bugfix/HOR-3482-T (pull request #5868)

Browse Source 
HOR-3482
This commit is contained in:
Paula Quispe
2017-08-07 03:38:25 +00:00
committed by Julio Cesar Laura Avendaño
parent 044ab74a9c 445b19014c
commit 56ef252e99
5 changed files with 93 additions and 44 deletions
Download Patch File Download Diff File Expand all files Collapse all files

27
workflow/engine/classes/class.case.php
View File

@@ -5788,8 +5788,8 @@ class Cases
* @param string $tasUid
* @param string $usrUid
* @param string $action some action [VIEW, BLOCK, RESEND]
* @param string $delIndex
* @return Array within all user permitions all objects' types
* @param integer $delIndex
* @return array within all user permissions all objects' types
*/
public function getAllObjectsFrom($proUid, $appUid, $tasUid = '', $usrUid = '', $action = '', $delIndex = 0)
{
@@ -5808,6 +5808,7 @@ class Cases
$result = array(
"DYNAFORM" => array(),
"INPUT" => array(),
"ATTACHMENT" => array(),
"OUTPUT" => array(),
"CASES_NOTES" => 0,
"MSGS_HISTORY" => array()
@@ -5878,6 +5879,15 @@ class Cases
$opObjUid,
$aCase['APP_STATUS']
);
//For Attachment
$result['ATTACHMENT'] = $oObjectPermission->objectPermissionByOutputInput(
$appUid,
$proUid,
$opTaskSource,
'ATTACHED',
$opObjUid,
$aCase['APP_STATUS']
);
$result['CASES_NOTES'] = 1;
/*----------------------------------********---------------------------------*/
@@ -5914,6 +5924,16 @@ class Cases
$aCase['APP_STATUS']
);
break;
case 'ATTACHMENT':
$result['ATTACHMENT'] = $oObjectPermission->objectPermissionByOutputInput(
$appUid,
$proUid,
$opTaskSource,
'ATTACHED',
$opObjUid,
$aCase['APP_STATUS']
);
break;
case 'OUTPUT':
$result['OUTPUT'] = $oObjectPermission->objectPermissionByOutputInput(
$appUid,
@@ -5948,9 +5968,10 @@ class Cases
}
}
return Array(
return array(
"DYNAFORMS" => $result['DYNAFORM'],
"INPUT_DOCUMENTS" => $result['INPUT'],
"ATTACHMENTS" => $result['ATTACHMENT'],
"OUTPUT_DOCUMENTS" => $result['OUTPUT'],
"CASES_NOTES" => $result['CASES_NOTES'],
"MSGS_HISTORY" => $result['MSGS_HISTORY']

73
workflow/engine/classes/model/AppDocument.php
View File

@@ -547,6 +547,7 @@ class AppDocument extends BaseAppDocument
*/
public function canDownloadInput($user, $appDocUid, $version)
{
//Check if the the requester is the owner in the file
$oCriteria = new Criteria('workflow');
$oCriteria->addSelectColumn(AppDocumentPeer::APP_UID);
$oCriteria->addJoin(AppDocumentPeer::DOC_UID, InputDocumentPeer::INP_DOC_UID, Criteria::LEFT_JOIN);
@@ -560,11 +561,11 @@ class AppDocument extends BaseAppDocument
if ($dataset->getRow()) {
return true;
} else {
//Review if is a INPUT or ATTACHED
$oCriteria = new Criteria("workflow");
$oCriteria->addSelectColumn(AppDocumentPeer::APP_UID);
$oCriteria->addSelectColumn(AppDocumentPeer::DOC_UID);
$oCriteria->addSelectColumn(InputDocumentPeer::PRO_UID);
$oCriteria->addJoin(AppDocumentPeer::DOC_UID, InputDocumentPeer::INP_DOC_UID, Criteria::LEFT_JOIN);
$oCriteria->addSelectColumn(AppDocumentPeer::APP_DOC_TYPE);
$oCriteria->add(AppDocumentPeer::APP_DOC_UID, $appDocUid);
$oCriteria->add(AppDocumentPeer::DOC_VERSION, $version);
$oCriteria->setLimit(1);
@@ -572,28 +573,56 @@ class AppDocument extends BaseAppDocument
$dataset->setFetchmode(ResultSet::FETCHMODE_ASSOC);
$dataset->next();
$row = $dataset->getRow();
$cases = new \ProcessMaker\BusinessModel\Cases();
$userAuthorization = $cases->userAuthorization(
$user,
$row['PRO_UID'],
$row['APP_UID'],
array(),
array('INPUT_DOCUMENTS' => 'VIEW')
);
if (in_array($appDocUid, $userAuthorization['objectPermissions']['INPUT_DOCUMENTS'])) {
return true;
}
if ($userAuthorization['supervisor']) {
$criteria = new Criteria("workflow");
$criteria->addSelectColumn(StepSupervisorPeer::STEP_UID);
$criteria->add(StepSupervisorPeer::STEP_TYPE_OBJ, "INPUT_DOCUMENT", \Criteria::EQUAL);
$criteria->add(StepSupervisorPeer::STEP_UID_OBJ, $row['DOC_UID'], \Criteria::EQUAL);
$rsCriteria = StepSupervisorPeer::doSelectRS($criteria);
if ($rsCriteria->next()) {
if ($row['DOC_UID'] == '-1') {
//If is an attached we only verify if is a supervisor in the process
$appUid = $row['APP_UID'];
$oApplication = new Application();
$aColumns = $oApplication->Load($appUid);
$cases = new \ProcessMaker\BusinessModel\Cases();
$userAuthorization = $cases->userAuthorization(
$user,
$aColumns['PRO_UID'],
$appUid,
array(),
array('ATTACHMENTS' => 'VIEW')
);
//Has permissions?
if (in_array($appDocUid, $userAuthorization['objectPermissions']['ATTACHMENTS'])) {
return true;
}
//Is supervisor?
if ($userAuthorization['supervisor']) {
return true;
}
} else {
//If is an file related an input document, we will check if the user is a supervisor or has permissions
$appUid = $row['APP_UID'];
$oInputDoc = new InputDocument();
$aColumns = $oInputDoc->Load($row['DOC_UID']);
$cases = new \ProcessMaker\BusinessModel\Cases();
$userAuthorization = $cases->userAuthorization(
$user,
$aColumns['PRO_UID'],
$appUid,
array(),
array('INPUT_DOCUMENTS' => 'VIEW')
);
//Has permissions?
if (in_array($appDocUid, $userAuthorization['objectPermissions']['INPUT_DOCUMENTS'])) {
return true;
}
//Is supervisor?
if ($userAuthorization['supervisor']) {
//Review if the supervisor has assigned the object input document
$criteria = new Criteria("workflow");
$criteria->addSelectColumn(StepSupervisorPeer::STEP_UID);
$criteria->add(StepSupervisorPeer::STEP_TYPE_OBJ, "INPUT_DOCUMENT", \Criteria::EQUAL);
$criteria->add(StepSupervisorPeer::STEP_UID_OBJ, $row['DOC_UID'], \Criteria::EQUAL);
$rsCriteria = StepSupervisorPeer::doSelectRS($criteria);
if ($rsCriteria->next()) {
return true;
}
}
}
}
return false;

11
workflow/engine/classes/model/ObjectPermission.php
View File

@@ -383,10 +383,10 @@ class ObjectPermission extends BaseObjectPermission
}
switch ($obType) {
case 'INPUT':
$oCriteria->add(
$oCriteria->getNewCriterion(AppDocumentPeer::APP_DOC_TYPE, 'INPUT')->
addOr($oCriteria->getNewCriterion(AppDocumentPeer::APP_DOC_TYPE, 'ATTACHED'))
);
$oCriteria->add(AppDocumentPeer::APP_DOC_TYPE, 'INPUT');
break;
case 'ATTACHED':
$oCriteria->add(AppDocumentPeer::APP_DOC_TYPE, 'ATTACHED');
break;
case 'OUTPUT':
$oCriteria->add(AppDocumentPeer::APP_DOC_TYPE, 'OUTPUT');
@@ -399,9 +399,6 @@ class ObjectPermission extends BaseObjectPermission
$result = array();
while ($oDataset->next()) {
$aRow = $oDataset->getRow();
if ($aRow['APP_DOC_TYPE'] == "ATTACHED") {
$aRow['APP_DOC_TYPE'] = "INPUT";
}
if (!in_array($aRow['APP_DOC_UID'], $result)) {
array_push($result, $aRow['APP_DOC_UID']);
}

22
workflow/engine/src/ProcessMaker/BusinessModel/ProcessPermissions.php
View File

@@ -1,6 +1,7 @@
<?php
namespace ProcessMaker\BusinessModel;
use Behat\Behat\Exception\Exception;
use \G;
use \Cases;
use \Criteria;
@@ -207,24 +208,22 @@ class ProcessPermissions
/**
* Save Process Permission
*
* @var array $data. Data for Process Permission
* @var string $op_uid. Uid for Process Permission
* @var array $data, Data for Process Permission
* @var string $opUid, Uid for Process Permission
*
* @access public
* @author Brayan Pereyra (Cochalo) <brayan@colosa.com>
* @copyright Colosa - Bolivia
*
* @return void
* @throws Exception
*/
public function saveProcessPermission($data, $op_uid = '')
public function saveProcessPermission($data, $opUid = '')
{
try {
$data = array_change_key_case($data, CASE_UPPER);
$this->validateProUid($data['PRO_UID']);
if ($op_uid != '') {
$op_uid = $this->validateOpUid($op_uid);
if ($opUid != '') {
$opUid = $this->validateOpUid($opUid);
}
if ($data['OP_USER_RELATION'] == "1") {
$this->validateUsrUid($data['USR_UID']);
@@ -257,6 +256,9 @@ class ProcessPermissions
}
$sObjectUID = $data['DYNAFORMS'];
break;
case 'ATTACHED':
$sObjectUID = '';
break;
case 'INPUT':
$data['INPUTS'] = $data['INPUTS'] == 0 ? '': $data['INPUTS'];
if ($data['INPUTS'] != '') {
@@ -273,11 +275,11 @@ class ProcessPermissions
break;
}
$oOP = new \ObjectPermission();
$permissionUid = ($op_uid != '') ? $op_uid : G::generateUniqueID();
$permissionUid = ($opUid != '') ? $opUid : G::generateUniqueID();
$data['OP_UID'] = $permissionUid;
$data['OP_OBJ_UID'] = $sObjectUID;
if ($op_uid == '') {
if ($opUid == '') {
$oOP->fromArray( $data, \BasePeer::TYPE_FIELDNAME );
$oOP->save();
$daraRes = $oOP->load($permissionUid);

4
workflow/engine/src/ProcessMaker/Services/Api/Project/ProcessPermissions.php
View File

@@ -65,7 +65,7 @@ class ProcessPermissions extends Api
* @param string $op_user_relation {@from body} {@choice 1,2}
* @param string $op_case_status {@from body} {@choice ALL,DRAFT,TO_DO,PAUSED,COMPLETED}
* @param string $op_participate {@from body} {@choice 0,1}
* @param string $op_obj_type {@from body} {@choice ANY,DYNAFORM,INPUT,OUTPUT,CASES_NOTES,MSGS_HISTORY,SUMMARY_FORM}
* @param string $op_obj_type {@from body} {@choice ANY,DYNAFORM,ATTACHMENT,INPUT,OUTPUT,CASES_NOTES,MSGS_HISTORY,SUMMARY_FORM}
* @param string $op_action {@from body} {@choice VIEW,BLOCK,DELETE,RESEND}
* @param string $tas_uid {@from body}
* @param string $op_task_source {@from body}
@@ -123,7 +123,7 @@ class ProcessPermissions extends Api
* @param string $op_user_relation {@from body} {@choice 1,2}
* @param string $op_case_status {@from body} {@choice ALL,DRAFT,TO_DO,PAUSED,COMPLETED}
* @param string $op_participate {@from body} {@choice 0,1}
* @param string $op_obj_type {@from body} {@choice ANY,DYNAFORM,INPUT,OUTPUT,CASES_NOTES,MSGS_HISTORY,SUMMARY_FORM}
* @param string $op_obj_type {@from body} {@choice ANY,DYNAFORM,ATTACHMENT,INPUT,OUTPUT,CASES_NOTES,MSGS_HISTORY,SUMMARY_FORM}
* @param string $op_action {@from body} {@choice VIEW,BLOCK,DELETE,RESEND}
* @param string $tas_uid {@from body}
* @param string $op_task_source {@from body}