diff --git a/workflow/engine/methods/services/soap.php b/workflow/engine/methods/services/soap.php deleted file mode 100644 index e21b64939..000000000 --- a/workflow/engine/methods/services/soap.php +++ /dev/null @@ -1,413 +0,0 @@ -login( $params->userid, $params->password ); - return $res->getPayloadArray(); -} - -function ProcessList ($params) -{ - $x = ifPermission( $params->sessionId, 'PM_FACTORY' ); - //if you are not an admin user, then this function will return only - //your valid process - if ($x == 0) { - $oSessions = new Sessions(); - $session = $oSessions->getSessionUser( $params->sessionId ); - $userId = $session['USR_UID']; - - $ws = new wsBase(); - $res = $ws->processListVerified( $userId ); - return $res; - } - - $ws = new wsBase(); - $res = $ws->processList(); - return array ("processes" => $res - ); -} - -function RoleList ($params) -{ - $x = ifPermission( $params->sessionId, 'PM_USERS' ); - if ($x == 0) { - $result[] = array ('guid' => 24,'name' => G::LoadTranslation('ID_NOT_PRIVILEGES')); - return $result; - } - - $ws = new wsBase(); - $res = $ws->roleList(); - return array ("roles" => $res - ); -} - -function GroupList ($params) -{ - $x = ifPermission( $params->sessionId, 'PM_USERS' ); - if ($x == 0) { - $result[] = array ('guid' => 24,'name' => G::LoadTranslation('ID_NOT_PRIVILEGES')); - return $result; - } - - $ws = new wsBase(); - $res = $ws->groupList(); - return array ("groups" => $res - ); -} - -function CaseList ($params) -{ - ifSessionExpiredBreakThis( $params->sessionId ); - $x = ifPermission( $params->sessionId, 'PM_CASES' ); - if ($x == 0) { - return new wsResponse( 9, G::LoadTranslation('ID_SESSION_EXPIRED') ); - } - - $oSessions = new Sessions(); - $session = $oSessions->getSessionUser( $params->sessionId ); - $userId = $session['USR_UID']; - - $ws = new wsBase(); - $res = $ws->caseList( $userId ); - return array ("cases" => $res - ); -} - -function UserList ($params) -{ - $x = ifPermission( $params->sessionId, 'PM_USERS' ); - if ($x == 0) { - $result[] = array ('guid' => 24,'name' => G::LoadTranslation('ID_NOT_PRIVILEGES') ); - return $result; - } - - $ws = new wsBase(); - $res = $ws->userList(); - return array ("users" => $res - ); -} - -function SendMessage ($params) -{ - ifSessionExpiredBreakThis( $params->sessionId ); - $x = ifPermission( $params->sessionId, 'PM_CASES' ); - if ($x == 0) { - $result = new wsResponse( 24, G::LoadTranslation('ID_NOT_PRIVILEGES') ); - return $result; - } - $ws = new wsBase(); - $res = $ws->sendMessage( $params->caseId, $params->from, $params->to, $params->cc, $params->bcc, $params->subject, $params->template ); - return $res->getPayloadArray(); -} - -function getCaseInfo ($params) -{ - ifSessionExpiredBreakThis( $params->sessionId ); - $x = ifPermission( $params->sessionId, 'PM_CASES' ); - if ($x == 0) { - $result = new wsResponse( 24, "You do not have privileges" ); - return $result; - } - $ws = new wsBase(); - $res = $ws->getCaseInfo( $params->caseId, $params->delIndex ); - return $res; -} - -function SendVariables ($params) -{ - - $filter = new InputFilter(); - ifSessionExpiredBreakThis( $params->sessionId ); - $x = ifPermission( $params->sessionId, 'PM_CASES' ); - if ($x == 0) { - $result = new wsResponse( 24, G::LoadTranslation('ID_NOT_PRIVILEGES') ); - return $result; - } - $ws = new wsBase(); - $variables = $params->variables; - if (is_object( $variables )) { - $Fields[$variables->name] = $variables->value; - } - - if (is_array( $variables )) { - foreach ($variables as $key => $val) { - $name = $val->name; - $value = $val->value; - $val->name = $filter->validateInput($val->name); - $val->value = $filter->validateInput($val->value); - eval( '$Fields[ ' . $val->name . ' ]= $val->value ;' ); - } - } - $params->variables = $Fields; - $res = $ws->sendVariables( $params->caseId, $params->variables ); - return $res->getPayloadArray(); -} - -function GetVariables ($params) -{ - ifSessionExpiredBreakThis( $params->sessionId ); - $x = ifPermission( $params->sessionId, 'PM_CASES' ); - if ($x == 0) { - $result = new wsResponse( 24, G::LoadTranslation('ID_NOT_PRIVILEGES') ); - return $result; - } - - $ws = new wsBase(); - - $res = $ws->getVariables( $params->caseId, $params->variables ); - return array ("variables" => $res - ); -} - -function DerivateCase ($params) -{ - ifSessionExpiredBreakThis( $params->sessionId ); - $x = ifPermission( $params->sessionId, 'PM_CASES' ); - if ($x == 0) { - $result = new wsResponse( 24, G::LoadTranslation('ID_NOT_PRIVILEGES') ); - return $result; - } - - $oSession = new Sessions(); - $user = $oSession->getSessionUser( $params->sessionId ); - - $ws = new wsBase(); - $res = $ws->derivateCase( $user['USR_UID'], $params->caseId, $params->delIndex ); - return $res; - - //return $res->getPayloadArray ( ); -} - -function executeTrigger ($params) -{ - ifSessionExpiredBreakThis( $params->sessionId ); - $x = ifPermission( $params->sessionId, 'PM_CASES' ); - if ($x == 0) { - $result = new wsResponse( 24, G::LoadTranslation('ID_NOT_PRIVILEGES') ); - return $result; - } - - $oSession = new Sessions(); - $user = $oSession->getSessionUser( $params->sessionId ); - - $ws = new wsBase(); - $delIndex = (isset( $params->delIndex )) ? $params->delIndex : 1; - $res = $ws->executeTrigger( $user['USR_UID'], $params->caseId, $params->triggerIndex, $delIndex ); - return $res->getPayloadArray(); -} - -function NewCaseImpersonate ($params) -{ - $filter = new InputFilter(); - ifSessionExpiredBreakThis( $params->sessionId ); - $x = ifPermission( $params->sessionId, 'PM_CASES' ); - if ($x == 0) { - $result = new wsResponse( 24, G::LoadTranslation('ID_NOT_PRIVILEGES') ); - return $result; - } - $ws = new wsBase(); - $variables = $params->variables; - foreach ($variables as $key => $val) { - $name = $val->name; - $value = $val->value; - $val->name = $filter->validateInput($val->name); - $val->value = $filter->validateInput($val->value); - eval( '$Fields[ ' . $val->name . ' ]= $val->value ;' ); - } - $params->variables = $Fields; - $res = $ws->newCaseImpersonate( $params->processId, $params->userId, $params->variables ); - return $res->getPayloadArray(); -} - -function NewCase ($params) -{ - $filter = new InputFilter(); - ifSessionExpiredBreakThis( $params->sessionId ); - $x = ifPermission( $params->sessionId, 'PM_CASES' ); - if ($x == 0) { - $result = new wsResponse( 24, G::LoadTranslation('ID_NOT_PRIVILEGES') ); - return $result; - } - - $oSessions = new Sessions(); - $session = $oSessions->getSessionUser( $params->sessionId ); - $userId = $session['USR_UID']; - $variables = $params->variables; - - if (! isset( $params->variables )) { - $variables = array (); - $Fields = array (); - } else { - if (is_object( $variables )) { - /*foreach ( $variables as $key=>$val ) { - $name = $val->name; - $value = $val->value; - $Fields[ $val->name ]= $val->value ; - }*/ - $Fields[$variables->name] = $variables->value; - } - - if (is_array( $variables )) { - foreach ($variables as $key => $val) { - $name = $val->name; - $value = $val->value; - if (! is_object( $val->value )) { - $val->name = $filter->validateInput($val->name); - $val->value = $filter->validateInput($val->value); - eval( '$Fields[ ' . $val->name . ' ]= $val->value ;' ); - } else { - if (is_array( $val->value->item )) { - $i = 1; - foreach ($val->value->item as $key1 => $val1) { - if (isset( $val1->value )) { - if (is_array( $val1->value->item )) { - foreach ($val1->value->item as $key2 => $val2) { - $Fields[$val->name][$i][$val2->key] = $val2->value; - } - } - } - $i ++; - } - } - } - } - } - } - - $params->variables = $Fields; - //$result = new wsResponse (900, print_r($params->variables,1)); - //return $result; - $ws = new wsBase(); - $res = $ws->newCase( $params->processId, $userId, $params->taskId, $params->variables ); - return $res; -} - -function AssignUserToGroup ($params) -{ - ifSessionExpiredBreakThis( $params->sessionId ); - $x = ifPermission( $params->sessionId, 'PM_USERS' ); - if ($x == 0) { - $result = new wsResponse( 24, G::LoadTranslation('ID_NOT_PRIVILEGES') ); - return $result; - } - $sessions = new Sessions(); - $user = $sessions->getSessionUser( $params->sessionId ); - if (! is_array( $user )) { - return new wsResponse( 3, G::LoadTranslation('ID_USER_NOT_REGISTERED_SYSTEM') ); - } - - $ws = new wsBase(); - $res = $ws->assignUserToGroup( $params->userId, $params->groupId ); - return $res->getPayloadArray(); -} - -function CreateUser ($params) -{ - ifSessionExpiredBreakThis( $params->sessionId ); - $x = ifPermission( $params->sessionId, 'PM_USERS' ); - if ($x == 0) { - $result = new wsResponse( 24, G::LoadTranslation('ID_NOT_PRIVILEGES') ); - return $result; - } - $ws = new wsBase(); - $res = $ws->createUser( $params->userId, $params->firstname, $params->lastname, $params->email, $params->role, $params->password ); - return $res->getPayloadArray(); -} - -function TaskList ($params) -{ - $x = ifPermission( $params->sessionId, 'PM_CASES' ); - if ($x == 0) { - $result[] = array ('guid' => 24,'name' => G::LoadTranslation('ID_NOT_PRIVILEGES') ); - return $result; - } - - $ws = new wsBase(); - $oSessions = new Sessions(); - $session = $oSessions->getSessionUser( $params->sessionId ); - $userId = $session['USR_UID']; - $res = $ws->taskList( $userId ); - return array ("tasks" => $res - ); -} - -function TaskCase ($params) -{ - ifSessionExpiredBreakThis( $params->sessionId ); - $x = ifPermission( $params->sessionId, 'PM_CASES' ); - if ($x == 0) { - $result[] = array ('guid' => 24,'name' => G::LoadTranslation('ID_NOT_PRIVILEGES') ); - return $result; - } - - $ws = new wsBase(); - $res = $ws->taskCase( $params->caseId ); - return array ("taskCases" => $res - ); -} - -function ReassignCase ($params) -{ - ifSessionExpiredBreakThis( $params->sessionId ); - - $ws = new wsBase(); - $res = $ws->reassignCase( $params->sessionId, $params->caseId, $params->delIndex, $params->userIdSource, $params->userIdTarget ); - return $res; -} - -function ifSessionExpiredBreakThis ($sessionId) -{ #added By Erik AO in datetime 26.06.2008 10:00:00 - - $oSessions = new Sessions(); - $session = $oSessions->verifySession( $sessionId ); - if ($session == '') { - return new wsResponse( 9, G::LoadTranslation('ID_SESSION_EXPIRED') ); - } -} - -function ifPermission ($sessionId, $permission) -{ - global $RBAC; - $RBAC->initRBAC(); - $oSession = new Sessions(); - $user = $oSession->getSessionUser( $sessionId ); - - $oRBAC = RBAC::getSingleton(); - $oRBAC->loadUserRolePermission( $oRBAC->sSystem, $user['USR_UID'] ); - $aPermissions = $oRBAC->aUserInfo[$oRBAC->sSystem]['PERMISSIONS']; - $sw = 0; - foreach ($aPermissions as $aPermission) { - if ($aPermission['PER_CODE'] == $permission) { - $sw = 1; - } - } - return $sw; -} -$server = new SoapServer( $wsdl ); -$server->addFunction( "Login" ); -$server->addFunction( "ProcessList" ); -$server->addFunction( "CaseList" ); -$server->addFunction( "RoleList" ); -$server->addFunction( "GroupList" ); -$server->addFunction( "UserList" ); -$server->addFunction( "SendMessage" ); -$server->addFunction( "SendVariables" ); -$server->addFunction( "GetVariables" ); -$server->addFunction( "DerivateCase" ); -$server->addFunction( "executeTrigger" ); -$server->addFunction( "NewCaseImpersonate" ); -$server->addFunction( "NewCase" ); -$server->addFunction( "AssignUserToGroup" ); -$server->addFunction( "CreateUser" ); -$server->addFunction( "getCaseInfo" ); -$server->addFunction( "TaskList" ); -$server->addFunction( "TaskCase" ); -$server->addFunction( "ReassignCase" ); - -$server->handle(); - diff --git a/workflow/engine/methods/services/soap2.php b/workflow/engine/methods/services/soap2.php index d0ca027ad..758c21e2a 100644 --- a/workflow/engine/methods/services/soap2.php +++ b/workflow/engine/methods/services/soap2.php @@ -654,83 +654,57 @@ function NewCaseImpersonate ($params) return $res; } -function NewCase ($params) +/** + * Begins a new case under the name of the logged-in user. + * Where the parameter value is: + * - string sessionId: The ID of the session, which is obtained during login. + * - string processId: The ID of the process where the case should start, which + * can be obtained with processList(). + * - string taskId: The ID of the task where the case should start. This will + * generally be the first task in a process, which can be obtained with taskList(). + * - array variables: An array of variableStruct objects which contain information + * to start the case. This array has the following format. + * + * @param object $params + * + * @return object + */ +function NewCase($params) { - $filter = new InputFilter(); + $parseSoapVariableVame = new ParseSoapVariableName(); - $vsResult = isValidSession( $params->sessionId ); + $vsResult = isValidSession($params->sessionId); if ($vsResult->status_code !== 0) { return $vsResult; } - if (ifPermission( $params->sessionId, "PM_CASES" ) == 0) { - $result = new wsResponse( 2, G::LoadTranslation('ID_NOT_PRIVILEGES') ); + if (ifPermission($params->sessionId, 'PM_CASES') == 0) { + $result = new wsResponse(2, G::LoadTranslation('ID_NOT_PRIVILEGES')); return $result; } $oSession = new Sessions(); - $session = $oSession->getSessionUser( $params->sessionId ); - $userId = $session["USR_UID"]; + $session = $oSession->getSessionUser($params->sessionId); + $userId = $session['USR_UID']; $variables = $params->variables; - /* this code is for previous version of ws, and apparently this will work for grids inside the variables.. - if (!isset($params->variables) ) { - $variables = array(); - $field = array(); - } - else { - if ( is_object ($variables) ) { - $field[ $variables->name ]= $variables->value ; - } + $field = array(); - if ( is_array ( $variables) ) { - foreach ( $variables as $key=>$val ) { - $name = $val->name; - $value = $val->value; - if (!is_object($val->value)) - { - eval('$field[ ' . $val->name . ' ]= $val->value ;'); - } - else - { - if (is_array($val->value->item)) { - $i = 1; - foreach ($val->value->item as $key1 => $val1) { - if (isset($val1->value)) { - if (is_array($val1->value->item)) { - foreach ($val1->value->item as $key2 => $val2) { - $field[$val->name][$i][$val2->key] = $val2->value; - } - } - } - $i++; - } - } - } - } - } - } - */ - - $variables = $params->variables; - - $field = array (); - - if ($variables->name === "__POST_VARIABLES__") { + if (is_object($variables) && $variables->name === '__POST_VARIABLES__') { $field = G::json_decode($variables->value, true); $variables = null; } - if (is_object( $variables )) { + if (is_object($variables)) { $field[$variables->name] = $variables->value; } - if (is_array( $variables )) { - foreach ($variables as $key => $val) { - if (! is_object( $val->value )) { - @eval( "\$field[" . $val->name . "]= \$val->value;" ); + if (is_array($variables)) { + foreach ($variables as $val) { + if (!is_object($val->value)) { + $parseSoapVariableVame->buildVariableName($field, $val->name, $val->value); } } } @@ -739,10 +713,10 @@ function NewCase ($params) $ws = new wsBase(); - $res = $ws->newCase($params->processId, $userId, $params->taskId, $params->variables, (isset($params->executeTriggers))? (int)($params->executeTriggers) : 0); + $res = $ws->newCase($params->processId, $userId, $params->taskId, $params->variables, (isset($params->executeTriggers)) ? (int) ($params->executeTriggers) : 0); // we need to register the case id for a stored session variable. like a normal Session. - $oSession->registerGlobal( "APPLICATION", $res->caseId ); + $oSession->registerGlobal('APPLICATION', $res->caseId); return $res; } diff --git a/workflow/engine/methods/services/wsdl.php b/workflow/engine/methods/services/wsdl.php deleted file mode 100644 index 96956029e..000000000 --- a/workflow/engine/methods/services/wsdl.php +++ /dev/null @@ -1,13 +0,0 @@ -. - * - * For more information, contact Colosa Inc, 2566 Le Jeune Rd., - * Coral Gables, FL, 33134, USA, or email info@colosa.com. - */ - -if ($RBAC->userCanAccess( 'PM_SETUP' ) != 1 && $RBAC->userCanAccess( 'PM_FACTORY' ) != 1) { - G::SendTemporalMessage( 'ID_USER_HAVENT_RIGHTS_PAGE', 'error', 'labels' ); - //G::header('location: ../login/login'); - die(); -} - -$G_MAIN_MENU = 'processmaker'; -//$G_SUB_MENU = 'setup'; -$G_ID_MENU_SELECTED = 'SETUP'; -//$G_ID_SUB_MENU_SELECTED = 'WEBSERVICES'; - - -if (! extension_loaded( 'soap' )) { - $G_PUBLISH = new Publisher(); - $G_PUBLISH->AddContent( 'xmlform', 'xmlform', 'setup/wsMessage' ); - G::RenderPage( "publish" ); -} else { - $G_PUBLISH = new Publisher(); - $G_PUBLISH->AddContent( 'view', 'setup/webServicesTree' ); - $G_PUBLISH->AddContent( 'smarty', 'groups/groups_usersList', '', '', array () ); - - G::RenderPage( "publish-treeview", 'blank' ); -} - -$link_Edit = G::encryptlink( 'webServicesSetup' ); -$link_List = G::encryptlink( 'webServicesList' ); - -?> - \ No newline at end of file diff --git a/workflow/engine/methods/setup/webServicesList.php b/workflow/engine/methods/setup/webServicesList.php deleted file mode 100644 index 652f8188a..000000000 --- a/workflow/engine/methods/setup/webServicesList.php +++ /dev/null @@ -1,36 +0,0 @@ -. - * - * For more information, contact Colosa Inc, 2566 Le Jeune Rd., - * Coral Gables, FL, 33134, USA, or email info@colosa.com. - */ -if ($RBAC->userCanAccess( 'PM_SETUP' ) != 1 && $RBAC->userCanAccess( 'PM_FACTORY' ) != 1) { - G::SendTemporalMessage( 'ID_USER_HAVENT_RIGHTS_PAGE', 'error', 'labels' ); - //G::header('location: ../login/login'); - die(); -} - -//G::genericForceLogin( 'WF_MYINFO' , 'login/noViewPage', $urlLogin = 'login/login' ); - - -$G_PUBLISH = new Publisher(); -$G_PUBLISH->AddContent( 'view', 'setup/webServicesTree' ); -G::RenderPage( "publish-raw", "raw" ); - diff --git a/workflow/engine/src/ProcessMaker/Util/ParseSoapVariableName.php b/workflow/engine/src/ProcessMaker/Util/ParseSoapVariableName.php new file mode 100644 index 000000000..3e74af0d3 --- /dev/null +++ b/workflow/engine/src/ProcessMaker/Util/ParseSoapVariableName.php @@ -0,0 +1,80 @@ +isValidVariableName($name)) { + $context = \Bootstrap::getDefaultContextLog(); + $context['action'] = 'soap2'; + $context['exception'] = 'Invalid param: '.G::json_encode($name); + \Bootstrap::registerMonolog('soap2', 400, 'NewCase', $context, $context['workspace'], 'processmaker.log'); + + return; + } + + $brackets = $this->searchBrackets($name); + if (empty($brackets)) { + $field[$name] = $value; + } else { + $current = &$field; + foreach ($brackets as $extension) { + if (!isset($current[$extension])) { + $current[$extension] = []; + } + $current = &$current[$extension]; + } + $current = $value; + } + } + + /** + * Analysis of string representing the depth of the array, represented by a + * valid index name and brackets as separators. + * + * @param type $string + * + * @return array + */ + private function searchBrackets($string) + { + $stringClean = str_replace(' ', '', $string); + $explode = explode('][', $stringClean); + + return $explode; + } + + /** + * Verify if the index name of the array is valid. + * + * @param string $name + * + * @return bool + */ + public function isValidVariableName($name) + { + if (is_string($name) === true) { + if (preg_match("/^[0-9a-zA-Z\_\[\]]+$/", $name)) { + return true; + } + } + + return false; + } +} +