Merged in release/3.3 (pull request #6641)

HOR-4897

Approved-by: Julio Cesar Laura Avendaño <contact@julio-laura.com>

artisan

@@ -0,0 +1,51 @@
+#!/usr/bin/env php
+<?php
+
+/*
+|--------------------------------------------------------------------------
+| Register The Auto Loader
+|--------------------------------------------------------------------------
+|
+| Composer provides a convenient, automatically generated class loader
+| for our application. We just need to utilize it! We'll require it
+| into the script here so that we do not have to worry about the
+| loading of any our classes "manually". Feels great to relax.
+|
+*/
+
+require __DIR__.'/bootstrap/autoload.php';
+
+$app = require_once __DIR__.'/bootstrap/app.php';
+
+/*
+|--------------------------------------------------------------------------
+| Run The Artisan Application
+|--------------------------------------------------------------------------
+|
+| When we run the console application, the current CLI command will be
+| executed in this console and the response sent back to a terminal
+| or another output device for the developers. Here goes nothing!
+|
+*/
+
+$kernel = $app->make(Illuminate\Contracts\Console\Kernel::class);
+
+$status = $kernel->handle(
+    $input = new Symfony\Component\Console\Input\ArgvInput,
+    new Symfony\Component\Console\Output\ConsoleOutput
+);
+
+/*
+|--------------------------------------------------------------------------
+| Shutdown The Application
+|--------------------------------------------------------------------------
+|
+| Once Artisan has finished running, we will fire off the shutdown events
+| so that any final work may be done by the application before we shut
+| down the process. This is the last thing to happen to the request.
+|
+*/
+
+$kernel->terminate($input, $status);
+
+exit($status);

config/app.php

@@ -17,7 +17,10 @@ return [
         FilesystemServiceProvider::class,
         CacheServiceProvider::class,
         ViewServiceProvider::class,
-        \Illuminate\Database\DatabaseServiceProvider::class,
+        Illuminate\Database\DatabaseServiceProvider::class,
+        Illuminate\Foundation\Providers\ConsoleSupportServiceProvider::class,
+        Illuminate\Queue\QueueServiceProvider::class,
+        Illuminate\Translation\TranslationServiceProvider::class,
 
     ],
 

gulliver/system/class.rbac.php

@@ -885,6 +885,10 @@ class RBAC
         foreach ($this->aRbacPlugins as $className) {
             if (strtolower($className) === strtolower($authType)) {
                 $plugin = new $className();
+                $reflectionClass = new ReflectionClass($plugin);
+                if ($reflectionClass->hasConstant('AUTH_TYPE')) {
+                    return $plugin->VerifyLogin($userFields['USR_USERNAME'], $strPass);
+                }
                 $plugin->sAuthSource = $userFields['UID_AUTH_SOURCE'];
                 $plugin->sSystem = $this->sSystem;
 

rbac/engine/classes/plugins/class.Gauth.php

@@ -0,0 +1,93 @@
+<?php
+
+class Gauth
+{
+    /**
+     * Defined type authentication.
+     */
+    const AUTH_TYPE = 'gauth';
+
+    /**
+     * Authentication of a user through the class RBAC_user
+     *
+     * verifies that a user has permission to start an application
+     *
+     * Function verifyLogin
+     *
+     * @access public
+     * @param  string $userName UserId  (login) de usuario
+     * @param  string $password Password
+     * @return type
+     *  -1: no user exists
+     *  -2: wrong password
+     *  -3: inactive user
+     *  -4: expired user
+     *  -6: role inactive
+     *  n : string user uid
+     * @throws Exception
+     */
+    public function VerifyLogin($userName, $password)
+    {
+        $validationMethod = function($inputPassword, $storedPassword) {
+            return Bootstrap::verifyHashPassword($inputPassword, $storedPassword);
+        };
+
+        if (app()->getProvider(Illuminate\Session\SessionServiceProvider::class) !== null) {
+            if (session()->has(Gauth::AUTH_TYPE) && session(Gauth::AUTH_TYPE) === true) {
+                $user = Socialite::driver('google')->userFromToken($password);
+                $token = $user->token;
+                $validationMethod = function($inputPassword, $storedPassword) use($token) {
+                    return $token === $inputPassword;
+                };
+            }
+        }
+
+        //invalid user
+        if ($userName == '') {
+            return -1;
+        }
+        //invalid password
+        if ($password == '') {
+            return -2;
+        }
+        $con = Propel::getConnection(RbacUsersPeer::DATABASE_NAME);
+        try {
+            $c = new Criteria('rbac');
+            $c->add(RbacUsersPeer::USR_USERNAME, $userName);
+
+            $rs = RbacUsersPeer::doSelect($c, Propel::getDbConnection('rbac_ro'));
+            if (is_array($rs) && isset($rs[0]) && is_object($rs[0]) && get_class($rs[0]) == 'RbacUsers') {
+                $dataFields = $rs[0]->toArray(BasePeer::TYPE_FIELDNAME);
+                //verify password with md5, and md5 format
+                if (mb_strtoupper($userName, 'utf-8') === mb_strtoupper($dataFields['USR_USERNAME'], 'utf-8')) {
+                    if ($validationMethod($password, $rs[0]->getUsrPassword())) {
+                        if ($dataFields['USR_DUE_DATE'] < date('Y-m-d')) {
+                            return -4;
+                        }
+                        if ($dataFields['USR_STATUS'] != 1 && $dataFields['USR_UID'] !== RBAC::GUEST_USER_UID) {
+                            return -3;
+                        }
+
+                        $rbacUsers = new RbacUsers();
+                        $role = $rbacUsers->getUserRole($dataFields['USR_UID']);
+                        if ($role['ROL_STATUS'] == 0) {
+                            return -6;
+                        }
+
+                        return $dataFields['USR_UID'];
+                    } else {
+                        return -2;
+                    }
+                } else {
+                    return -1;
+                }
+            } else {
+                return -1;
+            }
+        } catch (Exception $error) {
+            throw($error);
+        }
+
+        return -1;
+    }
+}

workflow/engine/classes/SpoolRun.php

@@ -411,6 +411,8 @@ class SpoolRun
                                 }
                                 break;
                         }
+                        $systemConfiguration = System::getSystemConfiguration();
+                        $oPHPMailer->Timeout = is_numeric($systemConfiguration['smtp_timeout']) ? $systemConfiguration['smtp_timeout'] : 20;
                         $oPHPMailer->CharSet = "UTF-8";
                         $oPHPMailer->Encoding = "8bit";
                         $oPHPMailer->Host = $this->config['MESS_SERVER'];

workflow/engine/content/translations/english/processmaker.en.po

@@ -8591,6 +8591,30 @@ msgstr "@function() It evaluates the value, then executes a PHP function"
 msgid "G Suite Configuration Saved"
 msgstr "G Suite Configuration Saved"
 
+# TRANSLATION
+# LABEL/ID_G_SUITE_CONNECT
+#: LABEL/ID_G_SUITE_CONNECT
+msgid "Request G Suite connection"
+msgstr "Request G Suite connection"
+
+# TRANSLATION
+# LABEL/ID_G_SUITE_DISCONNECT
+#: LABEL/ID_G_SUITE_DISCONNECT
+msgid "Disconnect G Suite"
+msgstr "Disconnect G Suite"
+
+# TRANSLATION
+# LABEL/ID_G_SUITE_LOAD_GROUPS
+#: LABEL/ID_G_SUITE_LOAD_GROUPS
+msgid "Update G Suite groups"
+msgstr "Update G Suite groups"
+
+# TRANSLATION
+# LABEL/ID_G_SUITE_SYNC_USERS
+#: LABEL/ID_G_SUITE_SYNC_USERS
+msgid "Syncing Users"
+msgstr "Syncing Users"
+
 # TRANSLATION
 # LABEL/ID_GENERAL
 #: LABEL/ID_GENERAL

workflow/engine/data/mysql/insert.sql

@@ -58256,7 +58256,11 @@ INSERT INTO TRANSLATION (TRN_CATEGORY,TRN_ID,TRN_LANG,TRN_VALUE,TRN_UPDATE_DATE
 ( 'LABEL','ID_FULL_NAME','en','Full Name','2014-01-15') ,
 ( 'LABEL','ID_FULL_TEXT_SEARCH','en','Full Text Search','2014-01-15') ,
 ( 'LABEL','ID_FUNCTION','en','@function() It evaluates the value, then executes a PHP function','2014-01-15') ,
-( 'LABEL','ID_G_SUITE_CONFIGURATION_SAVED','en','G Suite Configuration Saved','2018-09-14') ,
+( 'LABEL','ID_G_SUITE_CONFIGURATION_SAVED','en','G Suite Configuration Saved','2018-09-21') ,
+( 'LABEL','ID_G_SUITE_CONNECT','en','Request G Suite connection','2018-09-21') ,
+( 'LABEL','ID_G_SUITE_DISCONNECT','en','Disconnect G Suite','2018-09-21') ,
+( 'LABEL','ID_G_SUITE_LOAD_GROUPS','en','Update G Suite groups','2018-09-21') ,
+( 'LABEL','ID_G_SUITE_SYNC_USERS','en','Syncing Users','2018-09-21') ,
 ( 'LABEL','ID_GENERAL','en','General','2014-01-15') ,
 ( 'LABEL','ID_GENERAL_PROCESS_NUMBERS','en','General Process Numbers','2014-01-15') ,
 ( 'LABEL','ID_GENERATE','en','Generate','2014-01-15') ,

workflow/engine/src/ProcessMaker/AuditLog/AuditLog.php

@@ -167,7 +167,12 @@ class AuditLog
             "DeleteUserTask" => G::LoadTranslation("ID_DELETE_USER_TASK"),
             "DeleteGroupTask" => G::LoadTranslation("ID_DELETE_GROUP_TASK"),
             "ImportProcess" => G::LoadTranslation("ID_IMPORT_PROCESS"),
-            "DeleteProcess" => G::LoadTranslation("ID_DELETE_PROCESS")
+            "DeleteProcess" => G::LoadTranslation("ID_DELETE_PROCESS"),
+            "GSuiteConfigurationSaved" => G::LoadTranslation("ID_G_SUITE_CONFIGURATION_SAVED"),
+            "GSuiteConnect" => G::LoadTranslation("ID_G_SUITE_CONNECT"),
+            "GSuiteDisconnect" => G::LoadTranslation("ID_G_SUITE_DISCONNECT"),
+            "GSuiteLoadGroups" => G::LoadTranslation("ID_G_SUITE_LOAD_GROUPS"),
+            "GSuiteSyncUsers" => G::LoadTranslation("ID_G_SUITE_SYNC_USERS")
         ];
     }
 

workflow/engine/src/ProcessMaker/Core/AppEvent.php

@@ -9,6 +9,16 @@ class AppEvent
      */
     const XMLFORM_RENDER = 0;
 
+    /**
+     * Identify login action
+     */
+    const LOGIN = 1;
+
+    /**
+     * Identify scripts with no login
+     */
+    const SCRIPTS_WITH_NO_LOGIN = 2;
+
     /**
      * Represents the AppEvent object.
      * 
@@ -50,7 +60,7 @@ class AppEvent
      * @param object $object
      * @return $this
      */
-    public function dispatch($type, $object)
+    public function dispatch($type, &$object)
     {
         foreach ($this->callbacks as $callback) {
             $callback($type, $object, $this);

workflow/engine/src/ProcessMaker/Core/System.php

@@ -63,7 +63,8 @@ class System
         'disable_download_documents_session_validation' => 0,
         'logs_max_files' => 60,
         'logs_location' => '',
-        'logging_level' => 'INFO'
+        'logging_level' => 'INFO',
+        'smtp_timeout' => 20
     );
 
     /**

workflow/public_html/sysGeneric.php

@@ -1,6 +1,7 @@
 <?php
 
 use Illuminate\Foundation\Http\Kernel;
+use ProcessMaker\Core\AppEvent;
 /*----------------------------------********---------------------------------*/
 use ProcessMaker\ChangeLog\ChangeLog;
 /*----------------------------------********---------------------------------*/
@@ -976,6 +977,11 @@ if (!defined('EXECUTE_BY_CRON')) {
         $noLoginFolders[] = 'services';
         $noLoginFolders[] = 'tracker';
         $noLoginFolders[] = 'InstallerModule';
+        
+        $data = new stdClass();
+        $data->noLoginFiles = &$noLoginFiles;
+        $data->noLoginFolders = &$noLoginFolders;
+        AppEvent::getAppEvent()->dispatch(AppEvent::SCRIPTS_WITH_NO_LOGIN, $data);
 
         // This sentence is used when you lost the Session
         if (!in_array(SYS_TARGET, $noLoginFiles) && !in_array(SYS_COLLECTION,
@@ -1024,7 +1030,9 @@ if (!defined('EXECUTE_BY_CRON')) {
                 }
 
                 if (empty($_POST)) {
-                    header('location: ' . SYS_URI . $loginUrl . '?u=' . urlencode($_SERVER['REQUEST_URI']));
+                    $headerString = 'location: ' . SYS_URI . $loginUrl . '?u=' . urlencode($_SERVER['REQUEST_URI']);
+                    AppEvent::getAppEvent()->dispatch(AppEvent::LOGIN, $headerString);
+                    header($headerString);
                 } else {
                     if ($isControllerCall) {
                         header("HTTP/1.0 302 session lost in controller");