From 6fbe1fd4d20ae110b0ade061ddb4e8171c638df5 Mon Sep 17 00:00:00 2001
From: Julio Cesar Laura <juliocesar@colosa.com>
Date: Wed, 3 Dec 2014 13:42:09 -0400
Subject: [PATCH] PM-1036 Bloquear el acceso a ProcessMaker Enterprise cuando
 la licencia expira SOLVED

---
 gulliver/system/class.rbac.php                |  9 ++++++
 rbac/engine/classes/model/Roles.php           |  7 +++--
 .../engine/classes/class.pmLicenseManager.php | 28 +++++++------------
 .../engine/methods/login/authentication.php   |  3 ++
 workflow/engine/methods/login/login.php       | 26 +++++++++++++----
 .../templates/enterprise/addonsStore.js       | 12 +++++---
 workflow/public_html/sysGeneric.php           |  3 +-
 7 files changed, 57 insertions(+), 31 deletions(-)

diff --git a/gulliver/system/class.rbac.php b/gulliver/system/class.rbac.php
index 307be6668..0d557acc0 100755
--- a/gulliver/system/class.rbac.php
+++ b/gulliver/system/class.rbac.php
@@ -315,6 +315,15 @@ class RBAC
      */
     public function VerifyLogin ($strUser, $strPass)
     {
+        /*----------------------------------********---------------------------------*/
+        if (!class_exists('pmLicenseManager')) {
+            G::LoadClass('pmLicenseManager');
+        }
+        $licenseManager =& pmLicenseManager::getSingleton();
+        if (in_array(md5($licenseManager->result), array('38afd7ae34bd5e3e6fc170d8b09178a3', 'ba2b45bdc11e2a4a6e86aab2ac693cbb'))) {
+            return -7;
+        }
+        /*----------------------------------********---------------------------------*/
 
         if (strlen( $strPass ) == 0) {
             return - 2;
diff --git a/rbac/engine/classes/model/Roles.php b/rbac/engine/classes/model/Roles.php
index 9c9ba437e..11e7c149f 100755
--- a/rbac/engine/classes/model/Roles.php
+++ b/rbac/engine/classes/model/Roles.php
@@ -230,6 +230,9 @@ class Roles extends BaseRoles {
                 return $aRow;
             }
 
+            if (!isset($aData['ROL_NAME'])) {
+                 $aData['ROL_NAME'] = '';
+            }
             $rol_name = $aData['ROL_NAME'];
             unset($aData['ROL_NAME']);
 
@@ -534,7 +537,7 @@ class Roles extends BaseRoles {
         $rol = $this->load($ROL_UID);
         $oUsersRbac = new RbacUsers();
         $user = $oUsersRbac->load($USR_UID);
-        
+
         G::auditLog("DeleteUserToRole", "Delete user ".$user['USR_USERNAME']." (".$USR_UID.") to Role ".$rol['ROL_NAME']." (".$ROL_UID.") ");
     }
 
@@ -647,7 +650,7 @@ class Roles extends BaseRoles {
         $o->setPerUid($PER_UID);
         $permission = $o->getPermissionName($PER_UID);
         $role = $this->load($ROL_UID);
-        
+
         G::auditLog("DeletePermissionToRole", "Delete Permission ".$permission." (".$PER_UID.") from Role ".$role['ROL_NAME']." (".$ROL_UID.") ");
     }
 
diff --git a/workflow/engine/classes/class.pmLicenseManager.php b/workflow/engine/classes/class.pmLicenseManager.php
index 119ee65a2..e2b2dd7a4 100644
--- a/workflow/engine/classes/class.pmLicenseManager.php
+++ b/workflow/engine/classes/class.pmLicenseManager.php
@@ -45,7 +45,6 @@ class pmLicenseManager
         $application->set_server_vars($server_array);
         $application->DATE_STRING = 'Y-m-d H:i:s';
         $results = $application->validate();
-        $application->make_secure();
         $validStatus = array(
           'OK',
           'EXPIRED',
@@ -116,7 +115,7 @@ class pmLicenseManager
     public static function getSingleton()
     {
         if (self::$instance == null) {
-            self::$instance = new pmLicenseManager ();
+            self::$instance = new pmLicenseManager();
         }
         return self::$instance;
     }
@@ -354,7 +353,7 @@ class pmLicenseManager
         }
     }
 
-    public function installLicense($path, $redirect = true)
+    public function installLicense($path, $redirect = true, $includeExpired = true)
     {
         $application = new license_application ( $path, false, true, false, true, true );
 
@@ -362,6 +361,14 @@ class pmLicenseManager
 
         //if the result is ok then it is saved into DB
         $res = $results ['RESULT'];
+        if ($res == 'EMPTY') {
+            return false;
+        }
+        if (!$includeExpired) {
+            if ($res == 'EXPIRED') {
+                return false;
+            }
+        }
         if (( $res != 'OK') && ($res != 'EXPIRED' ) && ($res != 'TMINUS') ) {
             G::SendTemporalMessage ( 'ID_ISNT_LICENSE', 'tmp-info', 'labels' );
             return false;
@@ -382,21 +389,6 @@ class pmLicenseManager
     */
     public function getActiveLicense()
     {
-        //Autoinstall license if exists in data folder and move to license folder
-        $dirData        = PATH_DATA;
-        $dirDataSite    = PATH_DATA_SITE;
-        $dirDataSiteLic = PATH_DATA_SITE . "licenses";
-
-        G::verifyPath($dirDataSiteLic, true);
-
-        $licfile = glob($dirDataSite . "*.dat");
-        if (count($licfile) > 0 && is_file($licfile[0])) {
-            $file = $licfile[0];
-            @copy($file, $dirDataSiteLic . PATH_SEP . basename($file));
-            $this->installLicense($dirDataSiteLic . PATH_SEP . basename($file), false);
-            @unlink($file);
-        }
-
         //get license from database, table LICENSE_MANAGER
         try {
             $aRow = array();
diff --git a/workflow/engine/methods/login/authentication.php b/workflow/engine/methods/login/authentication.php
index 018e1cd56..e4f629ebb 100755
--- a/workflow/engine/methods/login/authentication.php
+++ b/workflow/engine/methods/login/authentication.php
@@ -92,6 +92,9 @@ try {
             case -6:
                 $errLabel = 'ID_ROLE_INACTIVE';
                 break;
+            case -7:
+                $errLabel = 'ID_LECA';
+                break;
         }
 
         //to avoid empty string in user field.  This will avoid a weird message "this row doesn't exist"
diff --git a/workflow/engine/methods/login/login.php b/workflow/engine/methods/login/login.php
index a9bd58187..82edcff76 100755
--- a/workflow/engine/methods/login/login.php
+++ b/workflow/engine/methods/login/login.php
@@ -22,12 +22,13 @@
  * Coral Gables, FL, 33134, USA, or email info@colosa.com.
  *
  */
-//Browser Compatibility
-$browserSupported = G::checkBrowserCompatibility();
-if ($browserSupported==false){
-	if(!isset($_SESSION['G_MESSAGE']) || $_SESSION['G_MESSAGE'] == ""){
-		G::SendTemporalMessage ('ID_CURRENT_BROWSER_NOT_SUPPORTED', 'warning');
-	}
+
+//Browser Compatibility
+$browserSupported = G::checkBrowserCompatibility();
+if ($browserSupported==false){
+	if(!isset($_SESSION['G_MESSAGE']) || $_SESSION['G_MESSAGE'] == ""){
+		G::SendTemporalMessage ('ID_CURRENT_BROWSER_NOT_SUPPORTED', 'warning');
+	}
 }
 
 $aFields = array();
@@ -134,6 +135,19 @@ $_SESSION['FAILED_LOGINS'] = $sFailedLogins;
 $_SESSION["USERNAME_PREVIOUS1"] = $usernamePrevious1;
 $_SESSION["USERNAME_PREVIOUS2"] = $usernamePrevious2;
 
+/*----------------------------------********---------------------------------*/
+if (!class_exists('pmLicenseManager')) {
+  G::LoadClass('pmLicenseManager');
+}
+$licenseManager =& pmLicenseManager::getSingleton();
+if (in_array(md5($licenseManager->result), array('38afd7ae34bd5e3e6fc170d8b09178a3', 'ba2b45bdc11e2a4a6e86aab2ac693cbb'))) {
+    $G_PUBLISH = new Publisher();
+    $G_PUBLISH->AddContent('xmlform', 'xmlform', 'login/licenseExpired', '', array(), 'licenseUpdate');
+    G::RenderPage('publish');
+    die();
+}
+/*----------------------------------********---------------------------------*/
+
 //translation
 //$Translations = G::getModel("Translation");
 //require_once "classes/model/Translation.php";
diff --git a/workflow/engine/templates/enterprise/addonsStore.js b/workflow/engine/templates/enterprise/addonsStore.js
index 7550019e9..5a265e9df 100644
--- a/workflow/engine/templates/enterprise/addonsStore.js
+++ b/workflow/engine/templates/enterprise/addonsStore.js
@@ -833,6 +833,10 @@ Ext.onReady(function() {
             sw = 0;
             msg = _('ID_SELECT_PLUGIN');
           }
+          if (Ext.getCmp("PLUGIN_FILENAME").value.indexOf('enterprise-') > -1) {
+            sw = 0;
+            msg = _('ID_ENTERPRISE_PACK_CANT_UPLOAD');
+          }
 
           if (sw == 1) {
             swReloadTask = 0;
@@ -913,7 +917,7 @@ Ext.onReady(function() {
             }
         ]
     });
-  
+
     var pnlSupport = new Ext.FormPanel({
         frame: true,
         height: 160,
@@ -1539,7 +1543,7 @@ Ext.onReady(function() {
             "cellclick": function (grid, rowIndex, columnIndex, e) {
                 var record = grid.getStore().getAt(rowIndex);
                 var fieldName = grid.getColumnModel().getDataIndex(columnIndex);
-        
+
                 if (fieldName != "status") {
                   return;
                 }
@@ -1622,7 +1626,7 @@ Ext.onReady(function() {
   );
 
   addonsGrid.addListener("rowcontextmenu", onMessageMnuContext, this);
-  
+
     addonsFeatureGrid.on("rowcontextmenu",
         function (grid, rowIndex, evt) {
           var sm = grid.getSelectionModel();
@@ -1630,7 +1634,7 @@ Ext.onReady(function() {
         },
         this
     );
-    
+
     addonsFeatureGrid.addListener("rowcontextmenu", onMessageMnuContext, this);
 
   ///////
diff --git a/workflow/public_html/sysGeneric.php b/workflow/public_html/sysGeneric.php
index 56514f8fb..70d6ec37a 100755
--- a/workflow/public_html/sysGeneric.php
+++ b/workflow/public_html/sysGeneric.php
@@ -892,7 +892,8 @@ if (! defined( 'EXECUTE_BY_CRON' )) {
         $noLoginFiles[] = 'cases_NextStep';
         $noLoginFiles[] = 'genericAjax';
         $noLoginFiles[] = 'casesSaveDataView';
-        $noLoginFiles[] = "propelTableAjax";
+        $noLoginFiles[] = 'propelTableAjax';
+        $noLoginFiles[] = 'licenseUpdate';
 
         $noLoginFolders[] = 'services';
         $noLoginFolders[] = 'tracker';