fernando/luos
1
0
Fork 0
Code Releases Activity

Put security fixes to develop branch

Browse Source
This commit is contained in:
Julio Cesar Laura Avendaño
2017-06-14 11:14:23 -04:00
parent 440c2e5f22 3a26dce3a0
commit 720e3eb458
15 changed files with 400 additions and 322 deletions
Download Patch File Download Diff File Expand all files Collapse all files

70
gulliver/system/class.rbac.php
View File

@@ -70,9 +70,48 @@ class RBAC
public $singleSignOn = false;
private static $instance = null;
public $authorizedActions = array();
public function __construct ()
{
$this->authorizedActions = array(
'users_Ajax.php' => array(
'availableUsers' => array('PM_FACTORY'),
'assign' => array('PM_FACTORY'),
'changeView' => array(),
'ofToAssign' => array('PM_FACTORY'),
'usersGroup' => array('PM_FACTORY'),
'canDeleteUser' => array('PM_USERS'),
'deleteUser' => array('PM_USERS'),
'changeUserStatus' => array('PM_USERS'),
'availableGroups' => array('PM_USERS'),
'assignedGroups' => array('PM_USERS'),
'assignGroupsToUserMultiple' => array('PM_USERS'),
'deleteGroupsToUserMultiple' => array('PM_USERS'),
'authSources' => array('PM_USERS'),
'loadAuthSourceByUID' => array('PM_USERS'),
'updateAuthServices' => array('PM_USERS'),
'usersList' => array('PM_USERS'),
'updatePageSize' => array(),
'summaryUserData' => array('PM_USERS'),
'verifyIfUserAssignedAsSupervisor' => array('PM_USERS')
),
'skin_Ajax.php' => array(
'updatePageSize' => array(),
'skinList' => array('PM_SETUP_SKIN'),
'newSkin' => array('PM_SETUP_SKIN'),
'importSkin' => array('PM_SETUP_SKIN'),
'exportSkin' => array('PM_SETUP_SKIN'),
'deleteSkin' => array('PM_SETUP_SKIN'),
'addTarFolder' => array('PM_SETUP_SKIN'),
'copy_skin_folder' => array('PM_SETUP_SKIN'),
'deleteSkin' => array('PM_SETUP_SKIN')
),
'processes_DownloadFile.php' => array(
'downloadFileHash' => array('PM_FACTORY')
)
);
}
/**
@@ -1445,5 +1484,36 @@ class RBAC
}
}
}
/**
* This function verify if the user allows to the file with a specific action
* If the action is not defined in the authorizedActions we give the allow
* @param string $file
* @param string $action
*
* @return void
*/
public function allows($file, $action)
{
$access = false;
if (isset($this->authorizedActions[$file][$action])) {
$permissions = $this->authorizedActions[$file][$action];
$totalPermissions = count($permissions);
$countAccess = 0;
foreach ($permissions as $key => $value) {
if ($this->userCanAccess($value) == 1) {
$countAccess++;
}
}
//Check if the user has all permissions that needed
if ($countAccess == $totalPermissions) {
$access = true;
}
}
if (!$access) {
G::header('Location: /errors/error403.php');
die();
}
}
}

34
workflow/engine/classes/model/ObjectPermission.php
View File

@@ -409,5 +409,39 @@ class ObjectPermission extends BaseObjectPermission
}
return $result;
}
/**
* Verify if the user has a objectPermission for some process
*
* @param string $usrUid the uid of the user
* @param int $typeRelation
*
* @return array
*/
public function objectPermissionPerUser($usrUid, $typeRelation = 1)
{
$criteria = new Criteria("workflow");
$criteria->addSelectColumn(ObjectPermissionPeer::USR_UID);
$criteria->addSelectColumn(ObjectPermissionPeer::PRO_UID);
$criteria->add(ObjectPermissionPeer::OP_USER_RELATION, $typeRelation, Criteria::EQUAL);
$criteria->add(ObjectPermissionPeer::USR_UID, $usrUid, Criteria::EQUAL);
$doSelectRS = ObjectPermissionPeer::doSelectRS($criteria);
$doSelectRS->setFetchmode(ResultSet::FETCHMODE_ASSOC);
$doSelectRS->next();
$objectPermision = $doSelectRS->getRow();
$data = array();
if (isset($objectPermision["USR_UID"])) {
$criteria = new Criteria("workflow");
$criteria->addSelectColumn(ProcessPeer::PRO_TITLE);
$criteria->add(ProcessPeer::PRO_UID, $objectPermision["PRO_UID"], Criteria::EQUAL);
$doSelectRS = ProcessPeer::doSelectRS($criteria);
$doSelectRS->setFetchmode(ResultSet::FETCHMODE_ASSOC);
$doSelectRS->next();
$content = $doSelectRS->getRow();
$data['PRO_TITLE'] = $content["PRO_TITLE"];
$data['PRO_UID'] = $objectPermision["PRO_UID"];
}
return $data;
}
}

6
workflow/engine/content/translations/english/processmaker.en.po
View File

@@ -15187,6 +15187,12 @@ msgstr "SYSTEM INSTALLATION FAILED"
msgid "A problem occurred during the installation of the system. Please, uninstall the partial installation and try again."
msgstr "A problem occurred during the installation of the system. Please, uninstall the partial installation and try again."
# TRANSLATION
# LABEL/ID_PROCESSMAKER_ALREADY_INSTALLED
#: LABEL/ID_PROCESSMAKER_ALREADY_INSTALLED
msgid "ProcessMaker is already installed."
msgstr "ProcessMaker is already installed."
# TRANSLATION
# LABEL/ID_LICENSE_EMPTY
#: LABEL/ID_LICENSE_EMPTY

12
workflow/engine/controllers/designer.php
View File

@@ -29,6 +29,18 @@ class Designer extends Controller
$client = $this->getClientCredentials();
if (isset($httpData->tracker_designer) && $httpData->tracker_designer == 1) {
try {
if (!isset($_SESSION['CASE']) && !isset($_SESSION['PIN'])) {
throw (new \Exception(
\G::LoadTranslation('ID_CASE_NOT_EXISTS') . "\n" . \G::LoadTranslation('ID_PIN_INVALID')
));
}
\ProcessMaker\BusinessModel\Light\Tracker::authentication($_SESSION['CASE'], $_SESSION['PIN']);
} catch (\Exception $e) {
Bootstrap::registerMonolog('CaseTracker', 400, $e->getMessage(), [], SYS_SYS, 'processmaker.log');
\G::header('Location: /errors/error403.php');
die();
}
$client["tracker_designer"] = 1;
}

14
workflow/engine/controllers/installer.php
View File

@@ -38,10 +38,18 @@ class Installer extends Controller
public function index ($httpData)
{
if (file_exists(FILE_PATHS_INSTALLED)) {
$this->setJSVar('messageError', G::LoadTranslation('ID_PROCESSMAKER_ALREADY_INSTALLED'));
$this->includeExtJS('installer/stopInstall');
$this->setView('installer/mainStopInstall');
G::RenderPage('publish', 'extJs');
return;
}
if ((strtoupper(substr(PHP_OS, 0, 3)) == 'WIN') && (file_exists($this->path_shared . 'partner.info'))) {
$this->includeExtJS( 'installer/stopInstall');
$this->setView( 'installer/mainStopInstall' );
G::RenderPage( 'publish', 'extJs' );
$this->setJSVar('messageError', G::LoadTranslation('ID_NO_INSTALL'));
$this->includeExtJS('installer/stopInstall');
$this->setView('installer/mainStopInstall');
G::RenderPage('publish', 'extJs');
return;
}

1
workflow/engine/data/mysql/insert.sql
View File

@@ -4027,6 +4027,7 @@ INSERT INTO TRANSLATION (TRN_CATEGORY,TRN_ID,TRN_LANG,TRN_VALUE,TRN_UPDATE_DATE
( 'LABEL','ID_ROLE_NAME_NOT_EMPTY','en','The ''Name'' field can not be empty.','2014-01-15') ,
( 'LABEL','ID_TITLE_NO_INSTALL','en','SYSTEM INSTALLATION FAILED','2014-01-15') ,
( 'LABEL','ID_NO_INSTALL','en','A problem occurred during the installation of the system. Please, uninstall the partial installation and try again.','2014-01-15') ,
( 'LABEL','ID_PROCESSMAKER_ALREADY_INSTALLED','en','ProcessMaker is already installed.','2017-05-31') ,
( 'LABEL','ID_LICENSE_EMPTY','en','Can not find any license','2014-01-15') ,
( 'LABEL','ID_ADD_LICENSE','en','Please add a new license','2014-01-15') ,
( 'LABEL','ID_DEFAULT_CALENDAR','en','Default Calendar','2014-01-15') ,

4
workflow/engine/methods/groups/groups_Ajax.php
View File

@@ -125,7 +125,7 @@ switch ($_POST['action']) {
$result->success = true;
$result->groups = $arrData;
$result->total_groups = $data['totalCount'];
G::header('Content-Type: application/json');
echo G::json_encode( $result );
break;
case 'exitsGroupName':
@@ -253,6 +253,7 @@ switch ($_POST['action']) {
while ($oDataset->next()) {
$arrData[] = $oDataset->getRow();
}
G::header('Content-Type: application/json');
echo '{success: true, members: ' . G::json_encode( $arrData ) . ', total_users: ' . $totalRows . '}';
break;
case 'availableMembers':
@@ -311,6 +312,7 @@ switch ($_POST['action']) {
while ($oDataset->next()) {
$arrData[] = $oDataset->getRow();
}
G::header('Content-Type: application/json');
echo '{success: true, members: ' . G::json_encode( $arrData ) . ', total_users: ' . $totalRows . '}';
break;
case 'assignUsersToGroupsMultiple':

51
workflow/engine/methods/processes/processes_DownloadFile.php
View File

@@ -1,26 +1,5 @@
<?php
/**
* processes_DownloadFile.php
*
* ProcessMaker Open Source Edition
* Copyright (C) 2004 - 2008 Colosa Inc.23
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License as
* published by the Free Software Foundation, either version 3 of the
* License, or (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*
* For more information, contact Colosa Inc, 2566 Le Jeune Rd.,
* Coral Gables, FL, 33134, USA, or email info@colosa.com.
*/
$RBAC->allows(basename(__FILE__), 'downloadFileHash');
if (!isset($_GET["file_hash"])) {
throw new Exception("Invalid Request, param 'file_hash' was not sent.");
@@ -28,26 +7,16 @@ if (!isset($_GET["file_hash"])) {
$httpStream = new \ProcessMaker\Util\IO\HttpStream();
$outputDir = PATH_DATA . "sites" . PATH_SEP . SYS_SYS . PATH_SEP . "files" . PATH_SEP . "output" . PATH_SEP;
$filename = urldecode(base64_decode($_GET["file_hash"]));
$fileExtension = pathinfo($outputDir . $filename, PATHINFO_EXTENSION);
$fileName = urldecode(base64_decode($_GET["file_hash"]));
$processFile = $outputDir . $fileName;
if (!file_exists($outputDir . $filename)) {
throw new Exception("Error, couldn't find request file: $filename");
//Verify if the file related to process exist in the corresponding path
$fileInformation = pathinfo($processFile);
$processFile = $outputDir . $fileInformation['basename'];
if (!file_exists($processFile)) {
throw new Exception("Error, couldn't find request file: $fileName");
}
$httpStream->loadFromFile($outputDir . $filename);
$fileExtension = $fileInformation['extension'];
$httpStream->loadFromFile($processFile);
$httpStream->setHeader("Content-Type", "application/$fileExtension");
$httpStream->send();
// ************* DEPRECATED (it will be removed soon) *********************************
//add more security, and catch any error or exception
//$sFileName = $_GET['p'] . '.pm';
//$file = PATH_DOCUMENT . 'output' . PATH_SEP . $sFileName . 'tpm';
//$filex = PATH_DOCUMENT . 'output' . PATH_SEP . $sFileName;
//
//if (file_exists( $file )) {
// rename( $file, $filex );
//}
//
//$realPath = PATH_DOCUMENT . 'output' . PATH_SEP . $sFileName;
//G::streamFile( $realPath, true );

21
workflow/engine/methods/setup/skin_Ajax.php
View File

@@ -1,8 +1,4 @@
<?php
G::LoadSystem('inputfilter');
$filter = new InputFilter();
$_REQUEST = $filter->xssFilterHard($_REQUEST);
if (! isset( $_REQUEST['action'] )) {
$res['success'] = false;
$res['error'] = $res['message'] = G::LoadTranslation('ID_REQUEST_ACTION');
@@ -17,8 +13,7 @@ if (! function_exists( $_REQUEST['action'] ) || !G::isUserFunction($_REQUEST['ac
print G::json_encode( $res );
die();
}
$restrictedFunctions = array ('copy_skin_folder','addTarFolder'
);
$restrictedFunctions = array ('copy_skin_folder','addTarFolder');
if (in_array( $_REQUEST['action'], $restrictedFunctions )) {
$res['success'] = false;
$res['error'] = $res['message'] = G::LoadTranslation('ID_REQUEST_ACTION_NOT_EXIST');
@@ -28,7 +23,7 @@ if (in_array( $_REQUEST['action'], $restrictedFunctions )) {
$functionName = $_REQUEST['action'];
$functionParams = isset( $_REQUEST['params'] ) ? $_REQUEST['params'] : array ();
$RBAC->allows(basename(__FILE__), $functionName);
$functionName();
function updatePageSize ()
@@ -166,7 +161,7 @@ function newSkin ($baseSkin = 'classic')
$configFileFinal = PATH_CUSTOM_SKINS . $skinFolder . PATH_SEP . 'config.xml';
$xmlConfiguration = file_get_contents( $configFileOriginal );
$workspace = ($_REQUEST['workspace'] == 'global') ? '' : SYS_SYS;
$xmlConfigurationObj = G::xmlParser($xmlConfiguration);
@@ -356,9 +351,9 @@ function exportSkin ($skinToExport = "")
$response['success'] = true;
$response['message'] = $skinTar;
G::auditLog("ExportSkin", "Skin Name: ".$skinName);
$response = $filter->xssFilterHard($response);
print_r( G::json_encode( $response ) );
} catch (Exception $e) {
$response['success'] = false;
@@ -374,7 +369,7 @@ function deleteSkin ()
$filter = new InputFilter();
try {
$_REQUEST['SKIN_FOLDER_ID'] = $filter->xssFilterHard($_REQUEST['SKIN_FOLDER_ID']);
if (! (isset( $_REQUEST['SKIN_FOLDER_ID'] ))) {
throw (new Exception( G::LoadTranslation( 'ID_SKIN_FOLDER_REQUIRED' ) ));
}
@@ -400,9 +395,9 @@ function deleteSkin ()
function streamSkin ()
{
$skinTar = $_REQUEST['file'];
$skinTar = basename($_REQUEST['file']);
$bDownload = true;
G::streamFile( $skinTar, $bDownload, basename( $skinTar ) );
G::streamFile(PATH_CUSTOM_SKINS . $skinTar, $bDownload, $skinTar);
@unlink( $fileTar );
}

305
workflow/engine/methods/users/users_Ajax.php
View File

File diff suppressed because it is too large Load Diff

8
workflow/engine/src/ProcessMaker/BusinessModel/Light/Tracker.php
View File

@@ -13,14 +13,14 @@ class Tracker
}
/**
* authenticaction for case tracker
* Authentication for case tracker
*
* @param $case numbre case
* @param $pin code pin access for case tracek
* @param int $case number case
* @param int $pin code pin access for case track
* @return array
* @throws \Exception
*/
public function authentication($case, $pin)
public static function authentication($case, $pin)
{
$cases = new \Cases();
$response = array();

33
workflow/engine/src/ProcessMaker/BusinessModel/ProcessSupervisor.php
View File

@@ -1461,4 +1461,37 @@ class ProcessSupervisor
throw $e;
}
}
/**
* Check if the user is supervisor for some process
*
* @param string $userUid Unique id of User
*
* @return bool Return
*/
public function isUserSupervisor($userUid)
{
//Check if the user is defined as supervisor
$criteria = new \Criteria('workflow');
$criteria->add(\ProcessUserPeer::USR_UID, $userUid, \Criteria::EQUAL);
$criteria->add(\ProcessUserPeer::PU_TYPE, 'SUPERVISOR', \Criteria::EQUAL);
$rsCriteria = \ProcessUserPeer::doSelectRS($criteria);
$rsCriteria->setFetchmode(\ResultSet::FETCHMODE_ASSOC);
if ($rsCriteria->next()) {
return true;
}
//Check if the user is in a group defined as supervisor
$criteria = new \Criteria('workflow');
$criteria->addSelectColumn(\ProcessUserPeer::USR_UID);
$criteria->addJoin(\ProcessUserPeer::USR_UID, \GroupUserPeer::GRP_UID, \Criteria::LEFT_JOIN);
$criteria->add(\ProcessUserPeer::PU_TYPE, 'GROUP_SUPERVISOR', \Criteria::EQUAL);
$criteria->add(\GroupUserPeer::USR_UID, $userUid, \Criteria::EQUAL);
$rsCriteria = \ProcessUserPeer::doSelectRS($criteria);
$rsCriteria->setFetchmode(\ResultSet::FETCHMODE_ASSOC);
if ($rsCriteria->next()) {
return true;
}
return false;
}
}

158
workflow/engine/src/ProcessMaker/BusinessModel/User.php
View File

@@ -1544,5 +1544,163 @@ class User
throw $e;
}
}
/**
* This function get the list of users
*
* @param string $authSource, authentication source
* @param string $filter
* @param string $sort
* @param integer $start
* @param integer $limit
* @param string $dir related to order the column
*
* @return void
*/
public function getAllUsersWithAuthSource(
$authSource = '',
$filter = '',
$sort = '',
$start = 0,
$limit = 20,
$dir = 'ASC'
)
{
global $RBAC;
$aUsers = array();
if ($authSource != '') {
$aUsers = $RBAC->getListUsersByAuthSource($authSource);
}
$oCriteria = new \Criteria('workflow');
$oCriteria->addSelectColumn('COUNT(*) AS CNT');
if ($filter != '') {
$cc = $oCriteria->getNewCriterion(\UsersPeer::USR_USERNAME, '%' . $filter . '%', \Criteria::LIKE)
->addOr($oCriteria->getNewCriterion(\UsersPeer::USR_FIRSTNAME, '%' . $filter . '%', \Criteria::LIKE)
->addOr($oCriteria->getNewCriterion(\UsersPeer::USR_LASTNAME, '%' . $filter . '%', \Criteria::LIKE)
->addOr($oCriteria->getNewCriterion(\UsersPeer::USR_EMAIL, '%' . $filter . '%', \Criteria::LIKE))));
$oCriteria->add($cc);
}
$oCriteria->add(\UsersPeer::USR_STATUS, array('CLOSED'), \Criteria::NOT_IN);
if ($authSource != '') {
$totalRows = sizeof($aUsers);
} else {
$oDataset = \UsersPeer::DoSelectRs($oCriteria);
$oDataset->setFetchmode(\ResultSet::FETCHMODE_ASSOC);
$oDataset->next();
$row = $oDataset->getRow();
$totalRows = $row['CNT'];
}
$oCriteria->clearSelectColumns();
$oCriteria->addSelectColumn(\UsersPeer::USR_UID);
$oCriteria->addSelectColumn(\UsersPeer::USR_USERNAME);
$oCriteria->addSelectColumn(\UsersPeer::USR_FIRSTNAME);
$oCriteria->addSelectColumn(\UsersPeer::USR_LASTNAME);
$oCriteria->addSelectColumn(\UsersPeer::USR_EMAIL);
$oCriteria->addSelectColumn(\UsersPeer::USR_ROLE);
$oCriteria->addSelectColumn(\UsersPeer::USR_DUE_DATE);
$oCriteria->addSelectColumn(\UsersPeer::USR_STATUS);
$oCriteria->addSelectColumn(\UsersPeer::USR_UX);
$oCriteria->addSelectColumn(\UsersPeer::DEP_UID);
$oCriteria->addSelectColumn(\UsersPeer::USR_LAST_LOGIN);
$oCriteria->addAsColumn('LAST_LOGIN', 0);
$oCriteria->addAsColumn('DEP_TITLE', 0);
$oCriteria->addAsColumn('TOTAL_CASES', 0);
$oCriteria->addAsColumn('DUE_DATE_OK', 1);
$sep = "'";
$oCriteria->add(\UsersPeer::USR_STATUS, array('CLOSED'), \Criteria::NOT_IN);
if ($filter != '') {
$cc = $oCriteria->getNewCriterion(\UsersPeer::USR_USERNAME, '%' . $filter . '%', \Criteria::LIKE)
->addOr($oCriteria->getNewCriterion(\UsersPeer::USR_FIRSTNAME, '%' . $filter . '%', \Criteria::LIKE)
->addOr($oCriteria->getNewCriterion(\UsersPeer::USR_LASTNAME, '%' . $filter . '%', \Criteria::LIKE)
->addOr($oCriteria->getNewCriterion(\UsersPeer::USR_EMAIL, '%' . $filter . '%', \Criteria::LIKE))));
$oCriteria->add($cc);
}
if (sizeof($aUsers) > 0) {
$oCriteria->add(\UsersPeer::USR_UID, $aUsers, \Criteria::IN);
} elseif ($totalRows == 0 && $authSource != '') {
$oCriteria->add(\UsersPeer::USR_UID, '', \Criteria::IN);
}
if ($sort != '') {
if ($dir == 'ASC') {
$oCriteria->addAscendingOrderByColumn($sort);
} else {
$oCriteria->addDescendingOrderByColumn($sort);
}
}
$oCriteria->setOffset($start);
$oCriteria->setLimit($limit);
$oDataset = \UsersPeer::DoSelectRs($oCriteria);
$oDataset->setFetchmode(\ResultSet::FETCHMODE_ASSOC);
return $oDataset;
}
/**
* This function get additional information related to the user
* Information about the department, rol, cases, authentication
*
* @param criteria $oDatasetUsers, criteria for search users
*
* @return array $dataUsers array of users with the additional information
*/
public function getAdditionalInfoFromUsers($oDatasetUsers)
{
global $RBAC;
//Get the information about the department
$Department = new \Department();
$aDepart = $Department->getAllDepartmentsByUser();
//Get the authentication sources
$aAuthSources = $RBAC->getAllAuthSourcesByUser();
//Get roles
$oRoles = new \Roles();
//Get cases
$oParticipated = new \ListParticipatedLast();
$oAppCache = new \AppCacheView();
$rows = array();
$uRole = array();
$totalRows = 0;
$dataUsers = array();
while ($oDatasetUsers->next()) {
$totalRows++;
$row = $oDatasetUsers->getRow();
//Add the role information related to the user
try {
$uRole = $oRoles->loadByCode($row['USR_ROLE']);
} catch (\exception $oError) {
$uRole['ROL_NAME'] = G::loadTranslation('ID_DELETED');
}
$row['USR_ROLE_ID'] = $row['USR_ROLE'];
$row['USR_ROLE'] = isset($uRole['ROL_NAME']) ? ($uRole['ROL_NAME'] != '' ? $uRole['ROL_NAME'] : $uRole['ROL_CODE']) : $uRole['ROL_CODE'];
/*----------------------------------********---------------------------------*/
if (true) {
$total = $oParticipated->getCountList($row['USR_UID']);
} else {
/*----------------------------------********---------------------------------*/
$total = $oAppCache->getListCounters('sent', $row['USR_UID'], false);
/*----------------------------------********---------------------------------*/
}
/*----------------------------------********---------------------------------*/
$row['TOTAL_CASES'] = $total;
$row['DUE_DATE_OK'] = (date('Y-m-d') > date('Y-m-d', strtotime($row['USR_DUE_DATE']))) ? 0 : 1;
$row['LAST_LOGIN'] = isset($row['USR_LAST_LOGIN']) ? \ProcessMaker\Util\DateTime::convertUtcToTimeZone($row['USR_LAST_LOGIN']) : '';
//Add the department information related to the user
$row['DEP_TITLE'] = isset($aDepart[$row['USR_UID']]) ? $aDepart[$row['USR_UID']] : '';
//Add the authentication information related to the user
$row['USR_AUTH_SOURCE'] = isset($aAuthSources[$row['USR_UID']]) ? $aAuthSources[$row['USR_UID']] : 'ProcessMaker (MYSQL)';
$rows[] = $row;
}
$dataUsers['data'] = $rows;
$dataUsers['totalCount'] = $totalRows;
return $dataUsers;
}
}

3
workflow/engine/src/ProcessMaker/Services/Api/Light/Tracker.php
View File

@@ -21,8 +21,7 @@ class Tracker extends Api
public function Authentication($case, $pin)
{
try {
$oMobile = new \ProcessMaker\BusinessModel\Light\Tracker();
$response = $oMobile->authentication($case, $pin);
$response = \ProcessMaker\BusinessModel\Light\Tracker::authentication($case, $pin);
} catch (\Exception $e) {
throw new RestException(Api::STAT_APP_EXCEPTION, $e->getMessage());
}

2
workflow/engine/templates/installer/stopInstall.js
View File

@@ -9,7 +9,7 @@ Ext.onReady(function() {
title : _('ID_TITLE_NO_INSTALL'),
items:[
{html: _('ID_NO_INSTALL')}
{html: messageError}
]
});
});