From 84eb38fb4abc10a6aa8d4d70f9ed460778d8cc88 Mon Sep 17 00:00:00 2001 From: Paula Quispe Date: Tue, 14 Mar 2017 13:16:25 -0400 Subject: [PATCH 1/3] HOR-2857 --- workflow/engine/classes/class.case.php | 325 ++++++------------ .../engine/classes/model/ObjectPermission.php | 159 +++++++++ 2 files changed, 261 insertions(+), 223 deletions(-) diff --git a/workflow/engine/classes/class.case.php b/workflow/engine/classes/class.case.php index c42634620..559acf571 100644 --- a/workflow/engine/classes/class.case.php +++ b/workflow/engine/classes/class.case.php @@ -5779,139 +5779,83 @@ class Cases } /** - * Obtain all user permits for Dynaforms, Input and output documents from some action [VIEW, BLOCK, etc...] + * Obtain all object permissions for Dynaforms, Input, Output and Message history * - * function getAllObjectsFrom ($PRO_UID, $APP_UID, $TAS_UID, $USR_UID, $ACTION) - * @author Erik Amaru Ortiz + * This function return information about a specific object permissions or for all = ANY * @access public - * @param Process ID, Application ID, Task ID, User ID, Action, Delegation index + * @param string $proUid + * @param string $appUid + * @param string $tasUid + * @param string $usrUid + * @param string $action some action [VIEW, BLOCK, RESEND] + * @param string $delIndex * @return Array within all user permitions all objects' types */ - public function getAllObjectsFrom($PRO_UID, $APP_UID, $TAS_UID = "", $USR_UID = "", $ACTION = "", $delIndex = 0) + public function getAllObjectsFrom($proUid, $appUid, $tasUid = "", $usrUid = "", $action = "", $delIndex = 0) { - $aCase = $this->loadCase($APP_UID); + $aCase = $this->loadCase($appUid); if ($delIndex != 0) { $appDelay = new AppDelay(); - if ($appDelay->isPaused($APP_UID, $delIndex)) { + if ($appDelay->isPaused($appUid, $delIndex)) { $aCase["APP_STATUS"] = "PAUSED"; } } - $USER_PERMISSIONS = Array(); - $GROUP_PERMISSIONS = Array(); - $RESULT = Array( - "DYNAFORM" => Array(), - "INPUT" => Array(), - "OUTPUT" => Array(), + $userPermissions = array(); + $groupPermissions = array(); + $result = array( + "DYNAFORM" => array(), + "INPUT" => array(), + "OUTPUT" => array(), "CASES_NOTES" => 0, - "MSGS_HISTORY" => Array() - /*----------------------------------********---------------------------------*/ + "MSGS_HISTORY" => array() + /*----------------------------------********---------------------------------*/ ,"SUMMARY_FORM" => 0 - /*----------------------------------********---------------------------------*/ + /*----------------------------------********---------------------------------*/ ); - //permissions per user - $oCriteria = new Criteria('workflow'); - $oCriteria->add( - $oCriteria->getNewCriterion(ObjectPermissionPeer::USR_UID, $USR_UID)->addOr( - $oCriteria->getNewCriterion(ObjectPermissionPeer::USR_UID, '')->addOr( - $oCriteria->getNewCriterion(ObjectPermissionPeer::USR_UID, '0') - ) - ) - ); - $oCriteria->add(ObjectPermissionPeer::PRO_UID, $PRO_UID); - $oCriteria->add(ObjectPermissionPeer::OP_ACTION, $ACTION); - $oCriteria->add( - $oCriteria->getNewCriterion(ObjectPermissionPeer::TAS_UID, $TAS_UID)->addOr( - $oCriteria->getNewCriterion(ObjectPermissionPeer::TAS_UID, '')->addOr( - $oCriteria->getNewCriterion(ObjectPermissionPeer::TAS_UID, '0') - ) - ) - ); + $oObjectPermission = new ObjectPermission(); + $userPermissions = $oObjectPermission->verifyObjectPermissionPerUser($usrUid, $proUid, $tasUid, $action); + $groupPermissions = $oObjectPermission->verifyObjectPermissionPerGroup($usrUid, $proUid, $tasUid, $action); + $permissions = array_merge($userPermissions, $groupPermissions); - $rs = ObjectPermissionPeer::doSelectRS($oCriteria); - $rs->setFetchmode(ResultSet::FETCHMODE_ASSOC); - - while ($rs->next()) { - $row = $rs->getRow(); - - if ($row["OP_CASE_STATUS"] == "ALL" || $row["OP_CASE_STATUS"] == "" || $row["OP_CASE_STATUS"] == "0" || - $row["OP_CASE_STATUS"] == $aCase["APP_STATUS"] - ) { - array_push($USER_PERMISSIONS, $row); - } - } - - //permissions per group - G::loadClass('groups'); - - $gr = new Groups(); - $records = $gr->getActiveGroupsForAnUser($USR_UID); - - foreach ($records as $group) { - $oCriteria = new Criteria('workflow'); - $oCriteria->add(ObjectPermissionPeer::USR_UID, $group); - $oCriteria->add(ObjectPermissionPeer::PRO_UID, $PRO_UID); - $oCriteria->add(ObjectPermissionPeer::OP_ACTION, $ACTION); - $oCriteria->add( - $oCriteria->getNewCriterion(ObjectPermissionPeer::TAS_UID, $TAS_UID)->addOr( - $oCriteria->getNewCriterion(ObjectPermissionPeer::TAS_UID, '')->addOr( - $oCriteria->getNewCriterion(ObjectPermissionPeer::TAS_UID, '0') - ) - ) - ); - - $rs = ObjectPermissionPeer::doSelectRS($oCriteria); - $rs->setFetchmode(ResultSet::FETCHMODE_ASSOC); - while ($rs->next()) { - $row = $rs->getRow(); - - if ($row["OP_CASE_STATUS"] == "ALL" || $row["OP_CASE_STATUS"] == "" || $row["OP_CASE_STATUS"] == "0" || - $row["OP_CASE_STATUS"] == $aCase["APP_STATUS"] - ) { - array_push($GROUP_PERMISSIONS, $row); - } - } - } - - $PERMISSIONS = array_merge($USER_PERMISSIONS, $GROUP_PERMISSIONS); - - foreach ($PERMISSIONS as $row) { - $USER = $row['USR_UID']; - $USER_RELATION = $row['OP_USER_RELATION']; - $TASK_SOURCE = $row['OP_TASK_SOURCE']; - $PARTICIPATE = $row['OP_PARTICIPATE']; - $O_TYPE = $row['OP_OBJ_TYPE']; - $O_UID = $row['OP_OBJ_UID']; - $ACTION = $row['OP_ACTION']; - $CASE_STATUS = $row['OP_CASE_STATUS']; - - // here!,. we should verify $PARTICIPATE + foreach ($permissions as $row) { + $userUid = $row['USR_UID']; + $opUserRelation = $row['OP_USER_RELATION']; + $opTaskSource = $row['OP_TASK_SOURCE']; + $opParticipated = (int)$row['OP_PARTICIPATE']; + $opType = $row['OP_OBJ_TYPE']; + $opObjUid = $row['OP_OBJ_UID']; + $obAction = $row['OP_ACTION']; + $obCaseStatus = $row['OP_CASE_STATUS']; + //We should verify if the user participated + //The values of OP_CASE_STATUS is [ALL, COMPLETED, DRAFT, TO_DO, PAUSED, COMPLETED] $sw_participate = false; // must be false for default - if (($row['OP_CASE_STATUS'] != 'COMPLETED') && ($row['OP_CASE_STATUS'] != '') && ($row['OP_CASE_STATUS'] != '0')) { - if ($PARTICIPATE == 1) { + if ($obCaseStatus != 'COMPLETED') { + if ($opParticipated == 1) { $oCriteriax = new Criteria('workflow'); - $oCriteriax->add(AppDelegationPeer::USR_UID, $USR_UID); - $oCriteriax->add(AppDelegationPeer::APP_UID, $APP_UID); + $oCriteriax->add(AppDelegationPeer::USR_UID, $usrUid); + $oCriteriax->add(AppDelegationPeer::APP_UID, $appUid); if (AppDelegationPeer::doCount($oCriteriax) == 0) { + //If the user has not participated in the case $sw_participate = true; } } } if (!$sw_participate) { - switch ($O_TYPE) { + switch ($opType) { case 'ANY': //for dynaforms $oCriteria = new Criteria('workflow'); - $oCriteria->add(ApplicationPeer::APP_UID, $APP_UID); + $oCriteria->add(ApplicationPeer::APP_UID, $appUid); $oCriteria->addJoin(ApplicationPeer::PRO_UID, StepPeer::PRO_UID); $oCriteria->addJoin(StepPeer::STEP_UID_OBJ, DynaformPeer::DYN_UID); if ($aCase['APP_STATUS'] != 'COMPLETED') { - if ($TASK_SOURCE != '' && $TASK_SOURCE != "0" && $TASK_SOURCE != 0) { - $oCriteria->add(StepPeer::TAS_UID, $TASK_SOURCE); + if ($opTaskSource != '' && $opTaskSource != "0" && $opTaskSource != 0) { + $oCriteria->add(StepPeer::TAS_UID, $opTaskSource); } } $oCriteria->add(StepPeer::STEP_TYPE_OBJ, 'DYNAFORM'); @@ -5923,8 +5867,8 @@ class Cases $oDataset->next(); while ($aRow = $oDataset->getRow()) { - if (!in_array($aRow['DYN_UID'], $RESULT['DYNAFORM'])) { - array_push($RESULT['DYNAFORM'], $aRow['DYN_UID']); + if (!in_array($aRow['DYN_UID'], $result['DYNAFORM'])) { + array_push($result['DYNAFORM'], $aRow['DYN_UID']); } $oDataset->next(); } @@ -5939,11 +5883,11 @@ class Cases $arrayCondition[] = array(AppDelegationPeer::DEL_INDEX, AppDocumentPeer::DEL_INDEX, Criteria::EQUAL); $oCriteria->addJoinMC($arrayCondition, Criteria::LEFT_JOIN); - $oCriteria->add(AppDelegationPeer::APP_UID, $APP_UID); - $oCriteria->add(AppDelegationPeer::PRO_UID, $PRO_UID); + $oCriteria->add(AppDelegationPeer::APP_UID, $appUid); + $oCriteria->add(AppDelegationPeer::PRO_UID, $proUid); if ($aCase['APP_STATUS'] != 'COMPLETED') { - if ($TASK_SOURCE != '' && $TASK_SOURCE != "0" && $TASK_SOURCE != 0) { - $oCriteria->add(AppDelegationPeer::TAS_UID, $TASK_SOURCE); + if ($opTaskSource != '' && $opTaskSource != "0" && $opTaskSource != 0) { + $oCriteria->add(AppDelegationPeer::TAS_UID, $opTaskSource); } } $oCriteria->add( @@ -5962,70 +5906,36 @@ class Cases if ($aRow['APP_DOC_TYPE'] == "ATTACHED") { $aRow['APP_DOC_TYPE'] = "INPUT"; } - if (!in_array($aRow['APP_DOC_UID'], $RESULT[$aRow['APP_DOC_TYPE']])) { - array_push($RESULT[$aRow['APP_DOC_TYPE']], $aRow['APP_DOC_UID']); + if (!in_array($aRow['APP_DOC_UID'], $result[$aRow['APP_DOC_TYPE']])) { + array_push($result[$aRow['APP_DOC_TYPE']], $aRow['APP_DOC_UID']); } } - $RESULT['CASES_NOTES'] = 1; + $result['CASES_NOTES'] = 1; /*----------------------------------********---------------------------------*/ - $RESULT['SUMMARY_FORM'] = 1; + $result['SUMMARY_FORM'] = 1; /*----------------------------------********---------------------------------*/ // Message History - $RESULT['MSGS_HISTORY'] = array('PERMISSION' => $ACTION); - - $arrayDelIndex = array(); - - $oCriteria = new Criteria('workflow'); - if ($USER_RELATION == 1) { - //Users - $oCriteria->add(AppDelegationPeer::APP_UID, $APP_UID); - $oCriteria->add(AppDelegationPeer::PRO_UID, $PRO_UID); - if ($aCase['APP_STATUS'] != 'COMPLETED') { - if ($TASK_SOURCE != '' && $TASK_SOURCE != "0" && $TASK_SOURCE != 0) { - $oCriteria->add(AppDelegationPeer::TAS_UID, $TASK_SOURCE); - } - } - $oCriteria->add(AppDelegationPeer::USR_UID, $USER); - - $oDataset = AppDelegationPeer::doSelectRS($oCriteria); - $oDataset->setFetchmode(ResultSet::FETCHMODE_ASSOC); - $oDataset->next(); - while ($aRow = $oDataset->getRow()) { - $arrayDelIndex[] = $aRow["DEL_INDEX"]; - $oDataset->next(); - } - } else { - //Groups - $oCriteria->addJoin(GroupUserPeer::USR_UID, AppDelegationPeer::USR_UID, Criteria::LEFT_JOIN); - $oCriteria->add(GroupUserPeer::GRP_UID, $USER); - $oCriteria->add(AppDelegationPeer::APP_UID, $APP_UID); - $oCriteria->add(AppDelegationPeer::PRO_UID, $PRO_UID); - if ($aCase['APP_STATUS'] != 'COMPLETED') { - if ($TASK_SOURCE != '' && $TASK_SOURCE != "0" && $TASK_SOURCE != 0) { - $oCriteria->add(AppDelegationPeer::TAS_UID, $TASK_SOURCE); - } - } - - $oDataset = AppDelegationPeer::doSelectRS($oCriteria); - $oDataset->setFetchmode(ResultSet::FETCHMODE_ASSOC); - $oDataset->next(); - while ($aRow = $oDataset->getRow()) { - $arrayDelIndex[] = $aRow["DEL_INDEX"]; - $oDataset->next(); - } - } - $RESULT["MSGS_HISTORY"] = array_merge(array("DEL_INDEX" => $arrayDelIndex), $RESULT["MSGS_HISTORY"]); + $result['MSGS_HISTORY'] = $oObjectPermission->objectPermissionMessage( + $appUid, + $proUid, + $usrUid, + $action, + $opTaskSource, + $opUserRelation, + $aCase['APP_STATUS'], + $opParticipated + ); break; case 'DYNAFORM': $oCriteria = new Criteria('workflow'); - $oCriteria->add(ApplicationPeer::APP_UID, $APP_UID); - if ($TASK_SOURCE != '' && $TASK_SOURCE != "0") { - $oCriteria->add(StepPeer::TAS_UID, $TASK_SOURCE); + $oCriteria->add(ApplicationPeer::APP_UID, $appUid); + if ($opTaskSource != '' && $opTaskSource != "0") { + $oCriteria->add(StepPeer::TAS_UID, $opTaskSource); } - if ($O_UID != '' && $O_UID != '0') { - $oCriteria->add(DynaformPeer::DYN_UID, $O_UID); + if ($opObjUid != '' && $opObjUid != '0') { + $oCriteria->add(DynaformPeer::DYN_UID, $opObjUid); } $oCriteria->addJoin(ApplicationPeer::PRO_UID, StepPeer::PRO_UID); $oCriteria->addJoin(StepPeer::STEP_UID_OBJ, DynaformPeer::DYN_UID); @@ -6038,8 +5948,8 @@ class Cases $oDataset->next(); while ($aRow = $oDataset->getRow()) { - if (!in_array($aRow['DYN_UID'], $RESULT['DYNAFORM'])) { - array_push($RESULT['DYNAFORM'], $aRow['DYN_UID']); + if (!in_array($aRow['DYN_UID'], $result['DYNAFORM'])) { + array_push($result['DYNAFORM'], $aRow['DYN_UID']); } $oDataset->next(); } @@ -6054,15 +5964,15 @@ class Cases $oCriteria = new Criteria('workflow'); $oCriteria->addSelectColumn(AppDocumentPeer::APP_DOC_UID); $oCriteria->addSelectColumn(AppDocumentPeer::APP_DOC_TYPE); - $oCriteria->add(AppDelegationPeer::APP_UID, $APP_UID); - $oCriteria->add(AppDelegationPeer::PRO_UID, $PRO_UID); + $oCriteria->add(AppDelegationPeer::APP_UID, $appUid); + $oCriteria->add(AppDelegationPeer::PRO_UID, $proUid); if ($aCase['APP_STATUS'] != 'COMPLETED') { - if ($TASK_SOURCE != '' && $TASK_SOURCE != "0" && $TASK_SOURCE != 0) { - $oCriteria->add(AppDelegationPeer::TAS_UID, $TASK_SOURCE); + if ($opTaskSource != '' && $opTaskSource != "0" && $opTaskSource != 0) { + $oCriteria->add(AppDelegationPeer::TAS_UID, $opTaskSource); } } - if ($O_UID != '' && $O_UID != '0') { - $oCriteria->add(AppDocumentPeer::DOC_UID, $O_UID); + if ($opObjUid != '' && $opObjUid != '0') { + $oCriteria->add(AppDocumentPeer::DOC_UID, $opObjUid); } if ($obj_type == 'INPUT') { $oCriteria->add( @@ -6082,8 +5992,8 @@ class Cases $oDataset->setFetchmode(ResultSet::FETCHMODE_ASSOC); $oDataset->next(); while ($aRow = $oDataset->getRow()) { - if (!in_array($aRow['APP_DOC_UID'], $RESULT[$obj_type])) { - array_push($RESULT[$obj_type], $aRow['APP_DOC_UID']); + if (!in_array($aRow['APP_DOC_UID'], $result[$obj_type])) { + array_push($result[$obj_type], $aRow['APP_DOC_UID']); } $oDataset->next(); } @@ -6092,10 +6002,10 @@ class Cases $oCriteria = new Criteria('workflow'); $oCriteria->addSelectColumn(AppDocumentPeer::APP_DOC_UID); $oCriteria->addSelectColumn(AppDocumentPeer::APP_DOC_TYPE); - $oCriteria->add(ApplicationPeer::APP_UID, $APP_UID); - $oCriteria->add(ApplicationPeer::PRO_UID, $PRO_UID); - if ($O_UID != '' && $O_UID != '0') { - $oCriteria->add(AppDocumentPeer::DOC_UID, $O_UID); + $oCriteria->add(ApplicationPeer::APP_UID, $appUid); + $oCriteria->add(ApplicationPeer::PRO_UID, $proUid); + if ($opObjUid != '' && $opObjUid != '0') { + $oCriteria->add(AppDocumentPeer::DOC_UID, $opObjUid); } $oCriteria->add(AppDocumentPeer::APP_DOC_TYPE, 'INPUT'); $oCriteria->add(AppDocumentPeer::DEL_INDEX, 100000); @@ -6106,75 +6016,44 @@ class Cases $oDataset->setFetchmode(ResultSet::FETCHMODE_ASSOC); $oDataset->next(); while ($aRow = $oDataset->getRow()) { - if (!in_array($aRow['APP_DOC_UID'], $RESULT['INPUT'])) { - array_push($RESULT['INPUT'], $aRow['APP_DOC_UID']); + if (!in_array($aRow['APP_DOC_UID'], $result['INPUT'])) { + array_push($result['INPUT'], $aRow['APP_DOC_UID']); } $oDataset->next(); } } break; case 'CASES_NOTES': - $RESULT['CASES_NOTES'] = 1; + $result['CASES_NOTES'] = 1; break; /*----------------------------------********---------------------------------*/ case 'SUMMARY_FORM': - $RESULT['SUMMARY_FORM'] = 1; + $result['SUMMARY_FORM'] = 1; break; /*----------------------------------********---------------------------------*/ case 'MSGS_HISTORY': - // Permission - $RESULT['MSGS_HISTORY'] = array('PERMISSION' => $ACTION); - $arrayDelIndex = array(); - $oCriteria = new Criteria('workflow'); - if ($USER_RELATION == 1) { - $oCriteria->add(AppDelegationPeer::APP_UID, $APP_UID); - $oCriteria->add(AppDelegationPeer::PRO_UID, $PRO_UID); - if ($aCase['APP_STATUS'] != 'COMPLETED') { - if ($TASK_SOURCE != '' && $TASK_SOURCE != "0" && $TASK_SOURCE != 0) { - $oCriteria->add(AppDelegationPeer::TAS_UID, $TASK_SOURCE); - } - } - $oCriteria->add(AppDelegationPeer::USR_UID, $USER); - $oDataset = AppDelegationPeer::doSelectRS($oCriteria); - $oDataset->setFetchmode(ResultSet::FETCHMODE_ASSOC); - $oDataset->next(); - while ($aRow = $oDataset->getRow()) { - $arrayDelIndex[] = $aRow["DEL_INDEX"]; - $oDataset->next(); - } - } else { - //Groups - $oCriteria->addJoin(GroupUserPeer::USR_UID, AppDelegationPeer::USR_UID, Criteria::LEFT_JOIN); - $oCriteria->add(GroupUserPeer::GRP_UID, $USER); - $oCriteria->add(AppDelegationPeer::APP_UID, $APP_UID); - $oCriteria->add(AppDelegationPeer::PRO_UID, $PRO_UID); - if ($aCase['APP_STATUS'] != 'COMPLETED') { - if ($TASK_SOURCE != '' && $TASK_SOURCE != "0" && $TASK_SOURCE != 0) { - $oCriteria->add(AppDelegationPeer::TAS_UID, $TASK_SOURCE); - } - } - $oDataset = AppDelegationPeer::doSelectRS($oCriteria); - $oDataset->setFetchmode(ResultSet::FETCHMODE_ASSOC); - $oDataset->next(); - while ($aRow = $oDataset->getRow()) { - $arrayDelIndex[] = $aRow["DEL_INDEX"]; - $oDataset->next(); - } - } - $RESULT["MSGS_HISTORY"] = array_merge(array("DEL_INDEX" => $arrayDelIndex), $RESULT["MSGS_HISTORY"]); + $result['MSGS_HISTORY'] = $oObjectPermission->objectPermissionMessage( + $appUid, + $proUid, + $usrUid, + $action, + $opTaskSource, + $opUserRelation + ); break; } } } + return Array( - "DYNAFORMS" => $RESULT['DYNAFORM'], - "INPUT_DOCUMENTS" => $RESULT['INPUT'], - "OUTPUT_DOCUMENTS" => $RESULT['OUTPUT'], - "CASES_NOTES" => $RESULT['CASES_NOTES'], - "MSGS_HISTORY" => $RESULT['MSGS_HISTORY'] + "DYNAFORMS" => $result['DYNAFORM'], + "INPUT_DOCUMENTS" => $result['INPUT'], + "OUTPUT_DOCUMENTS" => $result['OUTPUT'], + "CASES_NOTES" => $result['CASES_NOTES'], + "MSGS_HISTORY" => $result['MSGS_HISTORY'] /*----------------------------------********---------------------------------*/ - ,"SUMMARY_FORM" => $RESULT['SUMMARY_FORM'] + ,"SUMMARY_FORM" => $result['SUMMARY_FORM'] /*----------------------------------********---------------------------------*/ ); } diff --git a/workflow/engine/classes/model/ObjectPermission.php b/workflow/engine/classes/model/ObjectPermission.php index 722491bcd..80d5e13dc 100644 --- a/workflow/engine/classes/model/ObjectPermission.php +++ b/workflow/engine/classes/model/ObjectPermission.php @@ -149,5 +149,164 @@ class ObjectPermission extends BaseObjectPermission } return $res; } + + /** + * Verify if the user has a objectPermission + * + * @param string $usrUid the uid of the user + * @param string $proUid the uid of the process + * @param string $tasUid the uid of the task + * @param string $action for the object permissions VIEW, BLOCK, RESEND + * + * @return array + */ + public function verifyObjectPermissionPerUser ($usrUid, $proUid, $tasUid = '', $action = '') + { + $userPermissions = array(); + $oCriteria = new Criteria('workflow'); + $oCriteria->add( + $oCriteria->getNewCriterion(ObjectPermissionPeer::USR_UID, $usrUid)->addOr( + $oCriteria->getNewCriterion(ObjectPermissionPeer::USR_UID, '')->addOr( + $oCriteria->getNewCriterion(ObjectPermissionPeer::USR_UID, '0') + ) + ) + ); + $oCriteria->add(ObjectPermissionPeer::PRO_UID, $proUid); + $oCriteria->add(ObjectPermissionPeer::OP_ACTION, $action); + $oCriteria->add( + $oCriteria->getNewCriterion(ObjectPermissionPeer::TAS_UID, $tasUid)->addOr( + $oCriteria->getNewCriterion(ObjectPermissionPeer::TAS_UID, '')->addOr( + $oCriteria->getNewCriterion(ObjectPermissionPeer::TAS_UID, '0') + ) + ) + ); + + $rs = ObjectPermissionPeer::doSelectRS($oCriteria); + $rs->setFetchmode(ResultSet::FETCHMODE_ASSOC); + + while ($rs->next()) { + $row = $rs->getRow(); + + if ($row["OP_CASE_STATUS"] == "ALL" || $row["OP_CASE_STATUS"] == "" || $row["OP_CASE_STATUS"] == "0" || + $row["OP_CASE_STATUS"] == $aCase["APP_STATUS"] + ) { + array_push($userPermissions, $row); + } + } + return $userPermissions; + } + + /** + * Verify if the user has a objectPermission + * + * @param string $usrUid the uid of the user + * @param string $proUid the uid of the process + * @param string $tasUid the uid of the task + * @param string $action for the object permissions VIEW, BLOCK, RESEND + * + * @return array + */ + public function verifyObjectPermissionPerGroup ($usrUid, $proUid, $tasUid = '', $action = '') + { + G::loadClass('groups'); + $gr = new Groups(); + $records = $gr->getActiveGroupsForAnUser($usrUid); + $groupPermissions = array(); + + foreach ($records as $group) { + $oCriteria = new Criteria('workflow'); + $oCriteria->add(ObjectPermissionPeer::USR_UID, $group); + $oCriteria->add(ObjectPermissionPeer::PRO_UID, $proUid); + $oCriteria->add(ObjectPermissionPeer::OP_ACTION, $action); + $oCriteria->add( + $oCriteria->getNewCriterion(ObjectPermissionPeer::TAS_UID, $tasUid)->addOr( + $oCriteria->getNewCriterion(ObjectPermissionPeer::TAS_UID, '')->addOr( + $oCriteria->getNewCriterion(ObjectPermissionPeer::TAS_UID, '0') + ) + ) + ); + + $rs = ObjectPermissionPeer::doSelectRS($oCriteria); + $rs->setFetchmode(ResultSet::FETCHMODE_ASSOC); + while ($rs->next()) { + $row = $rs->getRow(); + + if ($row["OP_CASE_STATUS"] == "ALL" || $row["OP_CASE_STATUS"] == "" || $row["OP_CASE_STATUS"] == "0" || + $row["OP_CASE_STATUS"] == $aCase["APP_STATUS"] + ) { + array_push($groupPermissions, $row); + } + } + } + return $groupPermissions; + } + + /** + * Verify if the user has the Message History access + * + * @param string $appUid the uid of the case + * @param string $proUid the uid of the process + * @param string $usrUid the uid of the user + * @param string $opTaskSource the uid of a task selected in origin task + * @param int $opUserRelation if the permission is by user or group + * @param string $statusCase the status of the case COMPLETED, TO_DO + * @param int $opParticipated the value selected in participation required + * + * @return array with the indexes with the messageHistory permission + */ + public function objectPermissionMessage ($appUid, $proUid, $usrUid, $obAction, $opTaskSource, $opUserRelation, $statusCase = '', $opParticipated = 0) + { + $result['MSGS_HISTORY'] = array('PERMISSION' => $obAction); + $arrayDelIndex = array(); + + $oCriteria = new Criteria('workflow'); + if ($opUserRelation == 1) { + //The relation is one is related to users + $oCriteria->add(AppDelegationPeer::APP_UID, $appUid); + $oCriteria->add(AppDelegationPeer::PRO_UID, $proUid); + + //If the permission Participation required = YES + if ((int)$opParticipated === 1) { + $oCriteria->add(AppDelegationPeer::USR_UID, $usrUid); + } + + //If the case is COMPLETED we can not considered the Origin Task + if ($statusCase != 'COMPLETED' && !empty($opTaskSource) && (int)$opTaskSource != 0) { + $oCriteria->add(AppDelegationPeer::TAS_UID, $opTaskSource); + } + + $oDataset = AppDelegationPeer::doSelectRS($oCriteria); + $oDataset->setFetchmode(ResultSet::FETCHMODE_ASSOC); + $oDataset->next(); + while ($aRow = $oDataset->getRow()) { + $arrayDelIndex[] = $aRow["DEL_INDEX"]; + $oDataset->next(); + } + } else { + //The relation is two is related to groups + $oCriteria->add(AppDelegationPeer::APP_UID, $appUid); + $oCriteria->add(AppDelegationPeer::PRO_UID, $proUid); + + //If the permission Participation required = YES + if ((int)$opParticipated === 1) { + $oCriteria->addJoin(GroupUserPeer::USR_UID, AppDelegationPeer::USR_UID, Criteria::LEFT_JOIN); + $oCriteria->add(GroupUserPeer::GRP_UID, $usrUid); + } + + //If the case is COMPLETED we can not considered the Origin Task + if ($statusCase != 'COMPLETED' && !empty($opTaskSource) && (int)$opTaskSource != 0) { + $oCriteria->add(AppDelegationPeer::TAS_UID, $opTaskSource); + } + + $oDataset = AppDelegationPeer::doSelectRS($oCriteria); + $oDataset->setFetchmode(ResultSet::FETCHMODE_ASSOC); + $oDataset->next(); + while ($aRow = $oDataset->getRow()) { + $arrayDelIndex[] = $aRow["DEL_INDEX"]; + $oDataset->next(); + } + } + return array_merge(array("DEL_INDEX" => $arrayDelIndex), $result["MSGS_HISTORY"]); + } } From 9cda60d95efd9db974b76f7ab79f5cd1d506e7e6 Mon Sep 17 00:00:00 2001 From: Paula Quispe Date: Tue, 14 Mar 2017 17:16:06 -0400 Subject: [PATCH 2/3] Correct PR observations --- workflow/engine/classes/class.case.php | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/workflow/engine/classes/class.case.php b/workflow/engine/classes/class.case.php index 559acf571..517a00090 100644 --- a/workflow/engine/classes/class.case.php +++ b/workflow/engine/classes/class.case.php @@ -5828,7 +5828,6 @@ class Cases $opParticipated = (int)$row['OP_PARTICIPATE']; $opType = $row['OP_OBJ_TYPE']; $opObjUid = $row['OP_OBJ_UID']; - $obAction = $row['OP_ACTION']; $obCaseStatus = $row['OP_CASE_STATUS']; //We should verify if the user participated //The values of OP_CASE_STATUS is [ALL, COMPLETED, DRAFT, TO_DO, PAUSED, COMPLETED] @@ -5920,7 +5919,7 @@ class Cases $result['MSGS_HISTORY'] = $oObjectPermission->objectPermissionMessage( $appUid, $proUid, - $usrUid, + $userUid, $action, $opTaskSource, $opUserRelation, @@ -6035,7 +6034,7 @@ class Cases $result['MSGS_HISTORY'] = $oObjectPermission->objectPermissionMessage( $appUid, $proUid, - $usrUid, + $userUid, $action, $opTaskSource, $opUserRelation From 8e726f8277698571febad891f116502a0a226565 Mon Sep 17 00:00:00 2001 From: Paula Quispe Date: Wed, 15 Mar 2017 15:38:34 -0400 Subject: [PATCH 3/3] I corrected the QA observations --- workflow/engine/classes/class.case.php | 35 +++++++++++++++----------- 1 file changed, 21 insertions(+), 14 deletions(-) diff --git a/workflow/engine/classes/class.case.php b/workflow/engine/classes/class.case.php index 517a00090..aa820253f 100644 --- a/workflow/engine/classes/class.case.php +++ b/workflow/engine/classes/class.case.php @@ -5791,7 +5791,7 @@ class Cases * @param string $delIndex * @return Array within all user permitions all objects' types */ - public function getAllObjectsFrom($proUid, $appUid, $tasUid = "", $usrUid = "", $action = "", $delIndex = 0) + public function getAllObjectsFrom($proUid, $appUid, $tasUid = '', $usrUid = '', $action = '', $delIndex = 0) { $aCase = $this->loadCase($appUid); @@ -5829,21 +5829,26 @@ class Cases $opType = $row['OP_OBJ_TYPE']; $opObjUid = $row['OP_OBJ_UID']; $obCaseStatus = $row['OP_CASE_STATUS']; - //We should verify if the user participated - //The values of OP_CASE_STATUS is [ALL, COMPLETED, DRAFT, TO_DO, PAUSED, COMPLETED] - $sw_participate = false; // must be false for default - if ($obCaseStatus != 'COMPLETED') { - if ($opParticipated == 1) { - $oCriteriax = new Criteria('workflow'); - $oCriteriax->add(AppDelegationPeer::USR_UID, $usrUid); - $oCriteriax->add(AppDelegationPeer::APP_UID, $appUid); - if (AppDelegationPeer::doCount($oCriteriax) == 0) { - //If the user has not participated in the case - $sw_participate = true; - } + //The values of obCaseStatus is [ALL, COMPLETED, DRAFT, TO_DO, PAUSED] + //If the case is todo and we need the participate + //but we did not participated did not validate nothing and return array empty + $sw_participate = false; // must be false for default + if ($obCaseStatus != 'COMPLETED' && $opParticipated == 1) { + $oCriteriax = new Criteria('workflow'); + $oCriteriax->add(AppDelegationPeer::USR_UID, $usrUid); + $oCriteriax->add(AppDelegationPeer::APP_UID, $appUid); + $datasetx = AppDelegationPeer::doSelectRS($oCriteriax); + $datasetx->setFetchmode(ResultSet::FETCHMODE_ASSOC); + $datasetx->next(); + $aRow = $datasetx->getRow(); + if (!is_array($aRow)) { + //The user was not participated in the case and the participation is required + $sw_participate = true; } } + + //If need need to check more details about the permissions if (!$sw_participate) { switch ($opType) { case 'ANY': @@ -6037,7 +6042,9 @@ class Cases $userUid, $action, $opTaskSource, - $opUserRelation + $opUserRelation, + $aCase['APP_STATUS'], + $opParticipated ); break;