diff --git a/gulliver/system/class.rbac.php b/gulliver/system/class.rbac.php
index 9d5938f4b..35356b3ac 100644
--- a/gulliver/system/class.rbac.php
+++ b/gulliver/system/class.rbac.php
@@ -70,9 +70,48 @@ class RBAC
public $singleSignOn = false;
private static $instance = null;
+ public $authorizedActions = array();
public function __construct ()
{
+ $this->authorizedActions = array(
+ 'users_Ajax.php' => array(
+ 'availableUsers' => array('PM_FACTORY'),
+ 'assign' => array('PM_FACTORY'),
+ 'changeView' => array(),
+ 'ofToAssign' => array('PM_FACTORY'),
+ 'usersGroup' => array('PM_FACTORY'),
+ 'canDeleteUser' => array('PM_USERS'),
+ 'deleteUser' => array('PM_USERS'),
+ 'changeUserStatus' => array('PM_USERS'),
+ 'availableGroups' => array('PM_USERS'),
+ 'assignedGroups' => array('PM_USERS'),
+ 'assignGroupsToUserMultiple' => array('PM_USERS'),
+ 'deleteGroupsToUserMultiple' => array('PM_USERS'),
+ 'authSources' => array('PM_USERS'),
+ 'loadAuthSourceByUID' => array('PM_USERS'),
+ 'updateAuthServices' => array('PM_USERS'),
+ 'usersList' => array('PM_USERS'),
+ 'updatePageSize' => array(),
+ 'summaryUserData' => array('PM_USERS'),
+ 'verifyIfUserAssignedAsSupervisor' => array('PM_USERS')
+ ),
+ 'skin_Ajax.php' => array(
+ 'updatePageSize' => array(),
+ 'skinList' => array('PM_SETUP_SKIN'),
+ 'newSkin' => array('PM_SETUP_SKIN'),
+ 'importSkin' => array('PM_SETUP_SKIN'),
+ 'exportSkin' => array('PM_SETUP_SKIN'),
+ 'deleteSkin' => array('PM_SETUP_SKIN'),
+ 'addTarFolder' => array('PM_SETUP_SKIN'),
+ 'copy_skin_folder' => array('PM_SETUP_SKIN'),
+ 'deleteSkin' => array('PM_SETUP_SKIN')
+ ),
+ 'processes_DownloadFile.php' => array(
+ 'downloadFileHash' => array('PM_FACTORY')
+ )
+
+ );
}
/**
@@ -1445,5 +1484,36 @@ class RBAC
}
}
}
+ /**
+ * This function verify if the user allows to the file with a specific action
+ * If the action is not defined in the authorizedActions we give the allow
+ * @param string $file
+ * @param string $action
+ *
+ * @return void
+ */
+ public function allows($file, $action)
+ {
+ $access = false;
+ if (isset($this->authorizedActions[$file][$action])) {
+ $permissions = $this->authorizedActions[$file][$action];
+ $totalPermissions = count($permissions);
+ $countAccess = 0;
+ foreach ($permissions as $key => $value) {
+ if ($this->userCanAccess($value) == 1) {
+ $countAccess++;
+ }
+ }
+ //Check if the user has all permissions that needed
+ if ($countAccess == $totalPermissions) {
+ $access = true;
+ }
+ }
+
+ if (!$access) {
+ G::header('Location: /errors/error403.php');
+ die();
+ }
+ }
}
diff --git a/workflow/engine/classes/model/ObjectPermission.php b/workflow/engine/classes/model/ObjectPermission.php
index 1319e6456..b483918db 100644
--- a/workflow/engine/classes/model/ObjectPermission.php
+++ b/workflow/engine/classes/model/ObjectPermission.php
@@ -409,5 +409,39 @@ class ObjectPermission extends BaseObjectPermission
}
return $result;
}
+
+ /**
+ * Verify if the user has a objectPermission for some process
+ *
+ * @param string $usrUid the uid of the user
+ * @param int $typeRelation
+ *
+ * @return array
+ */
+ public function objectPermissionPerUser($usrUid, $typeRelation = 1)
+ {
+ $criteria = new Criteria("workflow");
+ $criteria->addSelectColumn(ObjectPermissionPeer::USR_UID);
+ $criteria->addSelectColumn(ObjectPermissionPeer::PRO_UID);
+ $criteria->add(ObjectPermissionPeer::OP_USER_RELATION, $typeRelation, Criteria::EQUAL);
+ $criteria->add(ObjectPermissionPeer::USR_UID, $usrUid, Criteria::EQUAL);
+ $doSelectRS = ObjectPermissionPeer::doSelectRS($criteria);
+ $doSelectRS->setFetchmode(ResultSet::FETCHMODE_ASSOC);
+ $doSelectRS->next();
+ $objectPermision = $doSelectRS->getRow();
+ $data = array();
+ if (isset($objectPermision["USR_UID"])) {
+ $criteria = new Criteria("workflow");
+ $criteria->addSelectColumn(ProcessPeer::PRO_TITLE);
+ $criteria->add(ProcessPeer::PRO_UID, $objectPermision["PRO_UID"], Criteria::EQUAL);
+ $doSelectRS = ProcessPeer::doSelectRS($criteria);
+ $doSelectRS->setFetchmode(ResultSet::FETCHMODE_ASSOC);
+ $doSelectRS->next();
+ $content = $doSelectRS->getRow();
+ $data['PRO_TITLE'] = $content["PRO_TITLE"];
+ $data['PRO_UID'] = $objectPermision["PRO_UID"];
+ }
+ return $data;
+ }
}
diff --git a/workflow/engine/content/translations/english/processmaker.en.po b/workflow/engine/content/translations/english/processmaker.en.po
index e2dc8c93d..79c68c507 100644
--- a/workflow/engine/content/translations/english/processmaker.en.po
+++ b/workflow/engine/content/translations/english/processmaker.en.po
@@ -15187,6 +15187,12 @@ msgstr "SYSTEM INSTALLATION FAILED"
msgid "A problem occurred during the installation of the system. Please, uninstall the partial installation and try again."
msgstr "A problem occurred during the installation of the system. Please, uninstall the partial installation and try again."
+# TRANSLATION
+# LABEL/ID_PROCESSMAKER_ALREADY_INSTALLED
+#: LABEL/ID_PROCESSMAKER_ALREADY_INSTALLED
+msgid "ProcessMaker is already installed."
+msgstr "ProcessMaker is already installed."
+
# TRANSLATION
# LABEL/ID_LICENSE_EMPTY
#: LABEL/ID_LICENSE_EMPTY
diff --git a/workflow/engine/controllers/designer.php b/workflow/engine/controllers/designer.php
index 24d370c97..f80d6c52f 100644
--- a/workflow/engine/controllers/designer.php
+++ b/workflow/engine/controllers/designer.php
@@ -29,6 +29,18 @@ class Designer extends Controller
$client = $this->getClientCredentials();
if (isset($httpData->tracker_designer) && $httpData->tracker_designer == 1) {
+ try {
+ if (!isset($_SESSION['CASE']) && !isset($_SESSION['PIN'])) {
+ throw (new \Exception(
+ \G::LoadTranslation('ID_CASE_NOT_EXISTS') . "\n" . \G::LoadTranslation('ID_PIN_INVALID')
+ ));
+ }
+ \ProcessMaker\BusinessModel\Light\Tracker::authentication($_SESSION['CASE'], $_SESSION['PIN']);
+ } catch (\Exception $e) {
+ Bootstrap::registerMonolog('CaseTracker', 400, $e->getMessage(), [], SYS_SYS, 'processmaker.log');
+ \G::header('Location: /errors/error403.php');
+ die();
+ }
$client["tracker_designer"] = 1;
}
diff --git a/workflow/engine/controllers/installer.php b/workflow/engine/controllers/installer.php
index dbe1b0572..36a2ebe3b 100644
--- a/workflow/engine/controllers/installer.php
+++ b/workflow/engine/controllers/installer.php
@@ -38,10 +38,18 @@ class Installer extends Controller
public function index ($httpData)
{
+ if (file_exists(FILE_PATHS_INSTALLED)) {
+ $this->setJSVar('messageError', G::LoadTranslation('ID_PROCESSMAKER_ALREADY_INSTALLED'));
+ $this->includeExtJS('installer/stopInstall');
+ $this->setView('installer/mainStopInstall');
+ G::RenderPage('publish', 'extJs');
+ return;
+ }
if ((strtoupper(substr(PHP_OS, 0, 3)) == 'WIN') && (file_exists($this->path_shared . 'partner.info'))) {
- $this->includeExtJS( 'installer/stopInstall');
- $this->setView( 'installer/mainStopInstall' );
- G::RenderPage( 'publish', 'extJs' );
+ $this->setJSVar('messageError', G::LoadTranslation('ID_NO_INSTALL'));
+ $this->includeExtJS('installer/stopInstall');
+ $this->setView('installer/mainStopInstall');
+ G::RenderPage('publish', 'extJs');
return;
}
diff --git a/workflow/engine/data/mysql/insert.sql b/workflow/engine/data/mysql/insert.sql
index 6cede1d6e..be616d70f 100644
--- a/workflow/engine/data/mysql/insert.sql
+++ b/workflow/engine/data/mysql/insert.sql
@@ -4027,6 +4027,7 @@ INSERT INTO TRANSLATION (TRN_CATEGORY,TRN_ID,TRN_LANG,TRN_VALUE,TRN_UPDATE_DATE
( 'LABEL','ID_ROLE_NAME_NOT_EMPTY','en','The ''Name'' field can not be empty.','2014-01-15') ,
( 'LABEL','ID_TITLE_NO_INSTALL','en','SYSTEM INSTALLATION FAILED','2014-01-15') ,
( 'LABEL','ID_NO_INSTALL','en','A problem occurred during the installation of the system. Please, uninstall the partial installation and try again.','2014-01-15') ,
+( 'LABEL','ID_PROCESSMAKER_ALREADY_INSTALLED','en','ProcessMaker is already installed.','2017-05-31') ,
( 'LABEL','ID_LICENSE_EMPTY','en','Can not find any license','2014-01-15') ,
( 'LABEL','ID_ADD_LICENSE','en','Please add a new license','2014-01-15') ,
( 'LABEL','ID_DEFAULT_CALENDAR','en','Default Calendar','2014-01-15') ,
diff --git a/workflow/engine/methods/groups/groups_Ajax.php b/workflow/engine/methods/groups/groups_Ajax.php
index 9e6bc8b6b..aeb565bc5 100644
--- a/workflow/engine/methods/groups/groups_Ajax.php
+++ b/workflow/engine/methods/groups/groups_Ajax.php
@@ -125,7 +125,7 @@ switch ($_POST['action']) {
$result->success = true;
$result->groups = $arrData;
$result->total_groups = $data['totalCount'];
-
+ G::header('Content-Type: application/json');
echo G::json_encode( $result );
break;
case 'exitsGroupName':
@@ -253,6 +253,7 @@ switch ($_POST['action']) {
while ($oDataset->next()) {
$arrData[] = $oDataset->getRow();
}
+ G::header('Content-Type: application/json');
echo '{success: true, members: ' . G::json_encode( $arrData ) . ', total_users: ' . $totalRows . '}';
break;
case 'availableMembers':
@@ -311,6 +312,7 @@ switch ($_POST['action']) {
while ($oDataset->next()) {
$arrData[] = $oDataset->getRow();
}
+ G::header('Content-Type: application/json');
echo '{success: true, members: ' . G::json_encode( $arrData ) . ', total_users: ' . $totalRows . '}';
break;
case 'assignUsersToGroupsMultiple':
diff --git a/workflow/engine/methods/processes/processes_DownloadFile.php b/workflow/engine/methods/processes/processes_DownloadFile.php
index 7cd355876..fee9c9c9b 100644
--- a/workflow/engine/methods/processes/processes_DownloadFile.php
+++ b/workflow/engine/methods/processes/processes_DownloadFile.php
@@ -1,26 +1,5 @@
.
- *
- * For more information, contact Colosa Inc, 2566 Le Jeune Rd.,
- * Coral Gables, FL, 33134, USA, or email info@colosa.com.
- */
+$RBAC->allows(basename(__FILE__), 'downloadFileHash');
if (!isset($_GET["file_hash"])) {
throw new Exception("Invalid Request, param 'file_hash' was not sent.");
@@ -28,26 +7,16 @@ if (!isset($_GET["file_hash"])) {
$httpStream = new \ProcessMaker\Util\IO\HttpStream();
$outputDir = PATH_DATA . "sites" . PATH_SEP . SYS_SYS . PATH_SEP . "files" . PATH_SEP . "output" . PATH_SEP;
-$filename = urldecode(base64_decode($_GET["file_hash"]));
-$fileExtension = pathinfo($outputDir . $filename, PATHINFO_EXTENSION);
+$fileName = urldecode(base64_decode($_GET["file_hash"]));
+$processFile = $outputDir . $fileName;
-if (!file_exists($outputDir . $filename)) {
- throw new Exception("Error, couldn't find request file: $filename");
+//Verify if the file related to process exist in the corresponding path
+$fileInformation = pathinfo($processFile);
+$processFile = $outputDir . $fileInformation['basename'];
+if (!file_exists($processFile)) {
+ throw new Exception("Error, couldn't find request file: $fileName");
}
-
-$httpStream->loadFromFile($outputDir . $filename);
+$fileExtension = $fileInformation['extension'];
+$httpStream->loadFromFile($processFile);
$httpStream->setHeader("Content-Type", "application/$fileExtension");
$httpStream->send();
-
-// ************* DEPRECATED (it will be removed soon) *********************************
-//add more security, and catch any error or exception
-//$sFileName = $_GET['p'] . '.pm';
-//$file = PATH_DOCUMENT . 'output' . PATH_SEP . $sFileName . 'tpm';
-//$filex = PATH_DOCUMENT . 'output' . PATH_SEP . $sFileName;
-//
-//if (file_exists( $file )) {
-// rename( $file, $filex );
-//}
-//
-//$realPath = PATH_DOCUMENT . 'output' . PATH_SEP . $sFileName;
-//G::streamFile( $realPath, true );
diff --git a/workflow/engine/methods/setup/skin_Ajax.php b/workflow/engine/methods/setup/skin_Ajax.php
index 2f3fe89a8..065510958 100644
--- a/workflow/engine/methods/setup/skin_Ajax.php
+++ b/workflow/engine/methods/setup/skin_Ajax.php
@@ -1,8 +1,4 @@
xssFilterHard($_REQUEST);
-
if (! isset( $_REQUEST['action'] )) {
$res['success'] = false;
$res['error'] = $res['message'] = G::LoadTranslation('ID_REQUEST_ACTION');
@@ -17,8 +13,7 @@ if (! function_exists( $_REQUEST['action'] ) || !G::isUserFunction($_REQUEST['ac
print G::json_encode( $res );
die();
}
-$restrictedFunctions = array ('copy_skin_folder','addTarFolder'
-);
+$restrictedFunctions = array ('copy_skin_folder','addTarFolder');
if (in_array( $_REQUEST['action'], $restrictedFunctions )) {
$res['success'] = false;
$res['error'] = $res['message'] = G::LoadTranslation('ID_REQUEST_ACTION_NOT_EXIST');
@@ -28,7 +23,7 @@ if (in_array( $_REQUEST['action'], $restrictedFunctions )) {
$functionName = $_REQUEST['action'];
$functionParams = isset( $_REQUEST['params'] ) ? $_REQUEST['params'] : array ();
-
+$RBAC->allows(basename(__FILE__), $functionName);
$functionName();
function updatePageSize ()
@@ -166,7 +161,7 @@ function newSkin ($baseSkin = 'classic')
$configFileFinal = PATH_CUSTOM_SKINS . $skinFolder . PATH_SEP . 'config.xml';
$xmlConfiguration = file_get_contents( $configFileOriginal );
-
+
$workspace = ($_REQUEST['workspace'] == 'global') ? '' : SYS_SYS;
$xmlConfigurationObj = G::xmlParser($xmlConfiguration);
@@ -356,9 +351,9 @@ function exportSkin ($skinToExport = "")
$response['success'] = true;
$response['message'] = $skinTar;
G::auditLog("ExportSkin", "Skin Name: ".$skinName);
-
+
$response = $filter->xssFilterHard($response);
-
+
print_r( G::json_encode( $response ) );
} catch (Exception $e) {
$response['success'] = false;
@@ -374,7 +369,7 @@ function deleteSkin ()
$filter = new InputFilter();
try {
$_REQUEST['SKIN_FOLDER_ID'] = $filter->xssFilterHard($_REQUEST['SKIN_FOLDER_ID']);
-
+
if (! (isset( $_REQUEST['SKIN_FOLDER_ID'] ))) {
throw (new Exception( G::LoadTranslation( 'ID_SKIN_FOLDER_REQUIRED' ) ));
}
@@ -400,9 +395,9 @@ function deleteSkin ()
function streamSkin ()
{
- $skinTar = $_REQUEST['file'];
+ $skinTar = basename($_REQUEST['file']);
$bDownload = true;
- G::streamFile( $skinTar, $bDownload, basename( $skinTar ) );
+ G::streamFile(PATH_CUSTOM_SKINS . $skinTar, $bDownload, $skinTar);
@unlink( $fileTar );
}
diff --git a/workflow/engine/methods/users/users_Ajax.php b/workflow/engine/methods/users/users_Ajax.php
index 6e3961caf..e9ebbc1c2 100644
--- a/workflow/engine/methods/users/users_Ajax.php
+++ b/workflow/engine/methods/users/users_Ajax.php
@@ -1,34 +1,6 @@
.
- *
- * For more information, contact Colosa Inc, 2566 Le Jeune Rd.,
- * Coral Gables, FL, 33134, USA, or email info@colosa.com.
- */
try {
- G::LoadSystem('inputfilter');
- $filter = new InputFilter();
- $_GET = $filter->xssFilterHard($_GET);
- $_POST = $filter->xssFilterHard($_POST);
- $_REQUEST = $filter->xssFilterHard($_REQUEST);
-
global $RBAC;
switch ($RBAC->userCanAccess('PM_LOGIN')) {
case - 2:
@@ -47,38 +19,15 @@ try {
$_POST = $_POST['form'];
}
if (isset($_REQUEST['function'])) {
- //$value= $_POST['function'];
$value = get_ajax_value('function');
} else {
- //$value= $_POST['functions'];
$value = get_ajax_value('functions');
}
+
+ $RBAC->allows(basename(__FILE__), $value);
switch ($value) {
- case 'verifyUsername':
- //print_r($_POST); die;
- $_POST['sOriginalUsername'] = get_ajax_value('sOriginalUsername');
- $_POST['sUsername'] = get_ajax_value('sUsername');
- if ($_POST['sOriginalUsername'] == $_POST['sUsername']) {
- echo '0';
- } else {
- require_once 'classes/model/Users.php';
- G::LoadClass('Users');
- $oUser = new Users();
- $oCriteria = $oUser->loadByUsername($_POST['sUsername']);
- $oDataset = UsersPeer::doSelectRs($oCriteria, Propel::getDbConnection('workflow_ro'));
- $oDataset->setFetchmode(ResultSet::FETCHMODE_ASSOC);
- $oDataset->next();
- $aRow = $oDataset->getRow();
- //print_r($aRow); die;
- //if (!$aRow)
- if (!is_array($aRow)) {
- echo '0';
- } else {
- echo '1';
- }
- }
- break;
case 'availableUsers':
+ //Classic process: list of users to assign in the task
G::LoadClass('processMap');
$oProcessMap = new ProcessMap();
global $G_PUBLISH;
@@ -87,6 +36,7 @@ try {
G::RenderPage('publish', 'raw');
break;
case 'assign':
+ //Classic process: assign users and groups in the task
G::LoadClass('tasks');
$oTasks = new Tasks();
switch ((int) $_POST['TU_RELATION']) {
@@ -103,6 +53,7 @@ try {
}
break;
case 'ofToAssign':
+ //Classic process: remove users and groups related a task
G::LoadClass('tasks');
$oTasks = new Tasks();
switch ((int) $_POST['TU_RELATION']) {
@@ -117,36 +68,11 @@ try {
}
break;
case 'changeView':
+ //Classic process: set variable for users and groups Ad hoc
$_SESSION['iType'] = $_POST['TU_TYPE'];
break;
- case 'deleteGroup':
- G::LoadClass('groups');
- $oGroup = new Groups();
- $oGroup->removeUserOfGroup($_POST['GRP_UID'], $_POST['USR_UID']);
- $_GET['sUserUID'] = $_POST['USR_UID'];
- $G_PUBLISH = new Publisher();
- $G_PUBLISH->AddContent('view', 'users/users_Tree');
- G::RenderPage('publish', 'raw');
- break;
- case 'showUserGroupInterface':
- $_GET['sUserUID'] = $_POST['sUserUID'];
- $G_PUBLISH = new Publisher();
- $G_PUBLISH->AddContent('view', 'users/users_AssignGroup');
- G::RenderPage('publish', 'raw');
- break;
- case 'showUserGroups':
- $_GET['sUserUID'] = $_POST['sUserUID'];
- $G_PUBLISH = new Publisher();
- $G_PUBLISH->AddContent('view', 'users/users_Tree');
- G::RenderPage('publish', 'raw');
- break;
- case 'assignUserToGroup':
- G::LoadClass('groups');
- $oGroup = new Groups();
- $oGroup->addUserToGroup($_POST['GRP_UID'], $_POST['USR_UID']);
- echo '' . G::LoadTranslation('ID_MSG_ASSIGN_DONE') . '
';
- break;
case 'usersGroup':
+ //Classic process: list of users in a group related a task
G::LoadClass('groups');
$oGroup = new Groups();
$aGroup = $oGroup->getUsersOfGroup($_POST['GRP_UID']);
@@ -154,29 +80,8 @@ try {
echo $aValues['USR_FIRSTNAME'] . ' ' . $aValues['USR_LASTNAME'] . '
';
}
break;
-
- //This case is used to check if any of the user group has as role 'PROCESSMAKER_ADMIN',
- case 'usersAdminGroupExtJS':
- G::LoadClass('groups');
- $oGroup = new Groups();
- $aGroup = $oGroup->getUsersOfGroup($_POST['GRP_UID']);
- $responseUser = 'false';
- $usersAdmin = '';
- foreach ($aGroup as $iIndex => $aValues) {
- if ($aValues['USR_ROLE'] == 'PROCESSMAKER_ADMIN') {
- $responseUser = 'true';
- $usersAdmin .= $aValues['USR_FIRSTNAME'] . ' ' . $aValues['USR_LASTNAME'] . ', ';
- }
- }
- $usersAdmin = substr($usersAdmin, 0, - 2);
-
- $result = new stdClass();
- $result->reponse = $responseUser;
- $result->users = $usersAdmin;
-
- echo G::json_encode($result);
- break;
case 'canDeleteUser':
+ //Check before delete a user
G::LoadClass('case');
$oProcessMap = new Cases();
$userUid = $_POST['uUID'];
@@ -204,44 +109,31 @@ try {
echo $response;
break;
case 'deleteUser':
- $UID = $_POST['USR_UID'];
-
- //process permissions
- $criteria = new Criteria("workflow");
- $criteria->addSelectColumn(ObjectPermissionPeer::USR_UID);
- $criteria->addSelectColumn(ObjectPermissionPeer::PRO_UID);
- $criteria->add(ObjectPermissionPeer::OP_USER_RELATION, 1, Criteria::EQUAL);
- $criteria->add(ObjectPermissionPeer::USR_UID, $UID, Criteria::EQUAL);
- $doSelectRS = DynaformPeer::doSelectRS($criteria);
- $doSelectRS->setFetchmode(ResultSet::FETCHMODE_ASSOC);
- $doSelectRS->next();
- $objectPermision = $doSelectRS->getRow();
- if (isset($objectPermision["USR_UID"])) {
- $criteria = new Criteria("workflow");
- $criteria->addSelectColumn(ProcessPeer::PRO_TITLE);
- $criteria->add(ProcessPeer::PRO_UID, $objectPermision["PRO_UID"], Criteria::EQUAL);
- $doSelectRS = ProcessPeer::doSelectRS($criteria);
- $doSelectRS->setFetchmode(ResultSet::FETCHMODE_ASSOC);
- $doSelectRS->next();
- $content = $doSelectRS->getRow();
+ //Check if the user was defined in a process permissions
+ $oObjectPermission = new ObjectPermission();
+ $aProcess = $oObjectPermission->objectPermissionPerUser($_POST['USR_UID'], 1);
+ if (count($aProcess) > 0) {
echo G::json_encode(array(
"status" => 'ERROR',
- "message" => G::LoadTranslation('ID_USER_CANT_BE_DELETED_FOR_THE_PROCESS', array('processTitle' => isset($content["PRO_TITLE"]) ? $content["PRO_TITLE"] : $objectPermision['PRO_UID']))
+ "message" => G::LoadTranslation('ID_USER_CANT_BE_DELETED_FOR_THE_PROCESS', array('processTitle' => isset($aProcess["PRO_TITLE"]) ? $aProcess["PRO_TITLE"] : $aProcess['PRO_UID']))
));
break;
}
+ //Remove from tasks
G::LoadClass('tasks');
$oTasks = new Tasks();
$oTasks->ofToAssignUserOfAllTasks($UID);
+
+ //Remove from groups
G::LoadClass('groups');
$oGroups = new Groups();
$oGroups->removeUserOfAllGroups($UID);
- $RBAC->changeUserStatus($UID, 'CLOSED');
- $_GET['USR_USERNAME'] = '';
- $RBAC->updateUser(array('USR_UID' => $UID, 'USR_USERNAME' => $_GET['USR_USERNAME']
- ), '');
+
+ //Update the table Users
require_once 'classes/model/Users.php';
+ $RBAC->changeUserStatus($UID, 'CLOSED');
+ $RBAC->updateUser(array('USR_UID' => $UID,'USR_USERNAME' => ''), '');
$oUser = new Users();
$aFields = $oUser->load($UID);
$aFields['USR_STATUS'] = 'CLOSED';
@@ -258,13 +150,13 @@ try {
//Delete users as supervisor
$criteria = new Criteria("workflow");
-
$criteria->add(ProcessUserPeer::USR_UID, $UID, Criteria::EQUAL);
$criteria->add(ProcessUserPeer::PU_TYPE, "SUPERVISOR", Criteria::EQUAL);
ProcessUserPeer::doDelete($criteria);
G::auditLog("DeleteUser", "User Name: ". $userName." User ID: (".$UID.") ");
break;
case 'changeUserStatus':
+ //When the user change the status: ACTIVE, INACTIVE, VACATION
$response = new stdclass();
if (isset($_REQUEST['USR_UID']) && isset($_REQUEST['NEW_USR_STATUS'])) {
$RBAC->changeUserStatus($_REQUEST['USR_UID'], ($_REQUEST['NEW_USR_STATUS'] == 'ACTIVE' ? 1 : 0));
@@ -284,6 +176,7 @@ try {
die(G::json_encode($response));
break;
case 'availableGroups':
+ //Get the available groups for assign to user
G::LoadClass('groups');
$filter = (isset($_POST['textFilter'])) ? $_POST['textFilter'] : '';
$groups = new Groups();
@@ -297,6 +190,7 @@ try {
echo '{groups: ' . G::json_encode($arr) . '}';
break;
case 'assignedGroups':
+ //Get the groups related to user
G::LoadClass('groups');
$filter = (isset($_POST['textFilter'])) ? $_POST['textFilter'] : '';
$groups = new Groups();
@@ -310,6 +204,7 @@ try {
echo '{groups: ' . G::json_encode($arr) . '}';
break;
case 'assignGroupsToUserMultiple':
+ //Assign user in a group
$USR_UID = $_POST['USR_UID'];
$gUIDs = explode(',', $_POST['GRP_UID']);
G::LoadClass('groups');
@@ -319,6 +214,7 @@ try {
}
break;
case 'deleteGroupsToUserMultiple':
+ //Remove a user from a group
$USR_UID = $_POST['USR_UID'];
$gUIDs = explode(',', $_POST['GRP_UID']);
G::LoadClass('groups');
@@ -328,6 +224,7 @@ try {
}
break;
case 'authSources':
+ //Get the authentication information
$criteria = $RBAC->getAllAuthSources();
$objects = AuthenticationSourcePeer::doSelectRS($criteria);
$objects->setFetchmode(ResultSet::FETCHMODE_ASSOC);
@@ -342,22 +239,19 @@ try {
}
$started = Array();
$started['AUTH_SOURCE_UID'] = '00000000000000000000000000000000';
- //$started['AUTH_SOURCE_NAME'] = 'ProcessMaker';
- //$started['AUTH_SOURCE_TYPE'] = 'MYSQL';
$started['AUTH_SOURCE_SHOW'] = 'ProcessMaker (MYSQL)';
$arr[] = $started;
while ($objects->next()) {
$row = $objects->getRow();
$aux = Array();
$aux['AUTH_SOURCE_UID'] = $row['AUTH_SOURCE_UID'];
- //$aux['AUTH_SOURCE_NAME'] = $row['AUTH_SOURCE_NAME'];
- //$aux['AUTH_SOURCE_TYPE'] = $row['AUTH_SOURCE_TYPE'];
$aux['AUTH_SOURCE_SHOW'] = $row['AUTH_SOURCE_NAME'] . ' (' . $row['AUTH_SOURCE_PROVIDER'] . ')';
$arr[] = $aux;
}
echo '{sources: ' . G::json_encode($arr) . '}';
break;
case 'loadAuthSourceByUID':
+ //Get the authentication source assignment
require_once 'classes/model/Users.php';
$oCriteria = $RBAC->load($_POST['uUID']);
$UID_AUTH = $oCriteria['UID_AUTH_SOURCE'];
@@ -379,6 +273,7 @@ try {
echo G::json_encode($res);
break;
case 'updateAuthServices':
+ //Update the information related to user's autentication
$aData = $RBAC->load($_POST['usr_uid']);
unset($aData['USR_ROLE']);
$auth_uid = $_POST['auth_source'];
@@ -399,127 +294,31 @@ try {
$aData['USR_AUTH_USER_DN'] = $auth_dn;
}
$RBAC->updateUser($aData);
- G::auditLog("AssignAuthenticationSource", "User Name: ".$aData['USR_USERNAME'].' User ID: ('.$aData['USR_UID'].') assign to '.$aData['USR_AUTH_TYPE']);
+ G::auditLog(
+ "AssignAuthenticationSource",
+ "User Name: ".$aData['USR_USERNAME'].' User ID: ('.$aData['USR_UID'].') assign to '.$aData['USR_AUTH_TYPE']
+ );
echo '{success: true}';
break;
case 'usersList':
- require_once 'classes/model/Users.php';
- require_once 'classes/model/LoginLog.php';
- require_once 'classes/model/Department.php';
- require_once 'classes/model/AppCacheView.php';
- require_once PATH_RBAC . 'model/Roles.php';
- global $RBAC;
+ //Get the list of users
+ //Read the configurations related to enviroments
G::LoadClass('configuration');
$co = new Configurations();
$config = $co->getConfiguration('usersList', 'pageSize', '', $_SESSION['USER_LOGGED']);
$limit_size = isset($config['pageSize']) ? $config['pageSize'] : 20;
- $start = isset($_REQUEST['start']) ? $_REQUEST['start'] : 0;
$limit = isset($_REQUEST['limit']) ? $_REQUEST['limit'] : $limit_size;
+ $start = isset($_REQUEST['start']) ? $_REQUEST['start'] : 0;
$filter = isset($_REQUEST['textFilter']) ? $_REQUEST['textFilter'] : '';
- $auths = isset($_REQUEST['auths']) ? $_REQUEST['auths'] : '';
+ $authSource = isset($_REQUEST['auths']) ? $_REQUEST['auths'] : '';
$sort = isset($_REQUEST['sort']) ? $_REQUEST['sort'] : '';
$dir = isset($_REQUEST['dir']) ? $_REQUEST['dir'] : 'ASC';
- $aUsers = Array();
- if ($auths != '') {
- $aUsers = $RBAC->getListUsersByAuthSource($auths);
- }
- $oCriteria = new Criteria('workflow');
- $oCriteria->addSelectColumn('COUNT(*) AS CNT');
- if ($filter != '') {
- $cc = $oCriteria->getNewCriterion(UsersPeer::USR_USERNAME, '%' . $filter . '%', Criteria::LIKE)->addOr($oCriteria->getNewCriterion(UsersPeer::USR_FIRSTNAME, '%' . $filter . '%', Criteria::LIKE)->addOr($oCriteria->getNewCriterion(UsersPeer::USR_LASTNAME, '%' . $filter . '%', Criteria::LIKE)->addOr($oCriteria->getNewCriterion(UsersPeer::USR_EMAIL, '%' . $filter . '%', Criteria::LIKE))));
- $oCriteria->add($cc);
- }
- $oCriteria->add(UsersPeer::USR_STATUS, array('CLOSED'), Criteria::NOT_IN);
- if ($auths != '') {
- $totalRows = sizeof($aUsers);
- } else {
- $oDataset = UsersPeer::DoSelectRs($oCriteria);
- $oDataset->setFetchmode(ResultSet::FETCHMODE_ASSOC);
- $oDataset->next();
- $row = $oDataset->getRow();
- $totalRows = $row['CNT'];
- }
- $oCriteria->clearSelectColumns();
- $oCriteria->addSelectColumn(UsersPeer::USR_UID);
- $oCriteria->addSelectColumn(UsersPeer::USR_USERNAME);
- $oCriteria->addSelectColumn(UsersPeer::USR_FIRSTNAME);
- $oCriteria->addSelectColumn(UsersPeer::USR_LASTNAME);
- $oCriteria->addSelectColumn(UsersPeer::USR_EMAIL);
- $oCriteria->addSelectColumn(UsersPeer::USR_ROLE);
- $oCriteria->addSelectColumn(UsersPeer::USR_DUE_DATE);
- $oCriteria->addSelectColumn(UsersPeer::USR_STATUS);
- $oCriteria->addSelectColumn(UsersPeer::USR_UX);
- $oCriteria->addSelectColumn(UsersPeer::DEP_UID);
- $oCriteria->addSelectColumn(UsersPeer::USR_LAST_LOGIN);
- $oCriteria->addAsColumn('LAST_LOGIN', 0);
- $oCriteria->addAsColumn('DEP_TITLE', 0);
- $oCriteria->addAsColumn('TOTAL_CASES', 0);
- $oCriteria->addAsColumn('DUE_DATE_OK', 1);
- $sep = "'";
- $oCriteria->add(UsersPeer::USR_STATUS, array('CLOSED'), Criteria::NOT_IN);
- if ($filter != '') {
- $cc = $oCriteria->getNewCriterion(UsersPeer::USR_USERNAME, '%' . $filter . '%', Criteria::LIKE)->addOr($oCriteria->getNewCriterion(UsersPeer::USR_FIRSTNAME, '%' . $filter . '%', Criteria::LIKE)->addOr($oCriteria->getNewCriterion(UsersPeer::USR_LASTNAME, '%' . $filter . '%', Criteria::LIKE)->addOr($oCriteria->getNewCriterion(UsersPeer::USR_EMAIL, '%' . $filter . '%', Criteria::LIKE))));
- $oCriteria->add($cc);
- }
- if (sizeof($aUsers) > 0) {
- $oCriteria->add(UsersPeer::USR_UID, $aUsers, Criteria::IN);
- } elseif ($totalRows == 0 && $auths != '') {
- $oCriteria->add(UsersPeer::USR_UID, '', Criteria::IN);
- }
- if ($sort != '') {
- if ($dir == 'ASC') {
- $oCriteria->addAscendingOrderByColumn($sort);
- } else {
- $oCriteria->addDescendingOrderByColumn($sort);
- }
- }
- $oCriteria->setOffset($start);
- $oCriteria->setLimit($limit);
- $oDataset = UsersPeer::DoSelectRs($oCriteria);
- $oDataset->setFetchmode(ResultSet::FETCHMODE_ASSOC);
- $Department = new Department();
- $aDepart = $Department->getAllDepartmentsByUser();
- $aAuthSources = $RBAC->getAllAuthSourcesByUser();
- require_once PATH_CONTROLLERS . 'adminProxy.php';
- $uxList = adminProxy::getUxTypesList();
-
- $oRoles = new Roles();
- $oParticipated = new ListParticipatedLast();
- $oAppCache = new AppCacheView();
- $rows = Array();
- $uRole = Array();
- while ($oDataset->next()) {
- $row = $oDataset->getRow();
-
- try {
- $uRole = $oRoles->loadByCode($row['USR_ROLE']);
- } catch (exception $oError) {
- $uRole['ROL_NAME'] = G::loadTranslation('ID_DELETED');
- }
- /*----------------------------------********---------------------------------*/
- if (true) {
- $total = $oParticipated->getCountList($row['USR_UID']);
- } else {
- /*----------------------------------********---------------------------------*/
- $total = $oAppCache->getListCounters('sent', $row['USR_UID'], false);
- /*----------------------------------********---------------------------------*/
- }
- /*----------------------------------********---------------------------------*/
- $row['USR_ROLE_ID'] = $row['USR_ROLE'];
- $row['USR_ROLE'] = isset($uRole['ROL_NAME']) ? ($uRole['ROL_NAME'] != '' ? $uRole['ROL_NAME'] : $uRole['ROL_CODE']) : $uRole['ROL_CODE'];
-
- $row['DUE_DATE_OK'] = (date('Y-m-d') > date('Y-m-d', strtotime($row['USR_DUE_DATE']))) ? 0 : 1;
- $row['LAST_LOGIN'] = isset($row['USR_LAST_LOGIN']) ? \ProcessMaker\Util\DateTime::convertUtcToTimeZone($row['USR_LAST_LOGIN']) : '';
- $row['TOTAL_CASES'] = $total;
- $row['DEP_TITLE'] = isset($aDepart[$row['USR_UID']]) ? $aDepart[$row['USR_UID']] : '';
- $row['USR_UX'] = isset($uxList[$row['USR_UX']]) ? $uxList[$row['USR_UX']] : $uxList['NORMAL'];
- $row['USR_AUTH_SOURCE'] = isset($aAuthSources[$row['USR_UID']]) ? $aAuthSources[$row['USR_UID']] : 'ProcessMaker (MYSQL)';
-
- $rows[] = $row;
- }
-
- echo '{users: ' . G::json_encode($rows) . ', total_users: ' . $totalRows . '}';
+ //Get all list of users with the additional information related to department, role, authentication, cases
+ $oUser = new \ProcessMaker\BusinessModel\User();
+ $oDatasetUsers = $oUser->getAllUsersWithAuthSource($authSource, $filter, $sort, $start, $limit, $dir);
+ $rows = $oUser->getAdditionalInfoFromUsers($oDatasetUsers);
+ echo '{users: ' . G::json_encode($rows['data']) . ', total_users: ' . $rows['totalCount'] . '}';
break;
case 'updatePageSize':
G::LoadClass('configuration');
@@ -533,6 +332,7 @@ try {
echo '{success: true}';
break;
case 'summaryUserData':
+ //Get all information for the summary
require_once 'classes/model/Users.php';
require_once 'classes/model/Department.php';
require_once 'classes/model/AppCacheView.php';
@@ -574,25 +374,16 @@ try {
break;
case "verifyIfUserAssignedAsSupervisor":
+ //Before delete we check if is supervisor
+ $supervisor = new \ProcessMaker\BusinessModel\ProcessSupervisor();
+ $isSupervisor = $supervisor->isUserSupervisor($_POST["supervisorUserUid"]);
$supervisorUserUid = $_POST["supervisorUserUid"];
- $message = "OK";
-
- $criteria = new Criteria("workflow");
-
- $criteria->addSelectColumn(ProcessUserPeer::PU_UID);
- $criteria->add(ProcessUserPeer::USR_UID, $supervisorUserUid, Criteria::EQUAL);
- $criteria->add(ProcessUserPeer::PU_TYPE, "SUPERVISOR", Criteria::EQUAL);
-
- $rsCriteria = ProcessUserPeer::doSelectRS($criteria);
- $rsCriteria->setFetchmode(ResultSet::FETCHMODE_ASSOC);
-
- if ($rsCriteria->next()) {
- $message = "ERROR";
+ $message = 'OK';
+ if ($isSupervisor) {
+ $message = 'ERROR';
}
-
$response = array();
$response["result"] = $message;
-
echo G::json_encode($response);
break;
}
diff --git a/workflow/engine/src/ProcessMaker/BusinessModel/Light/Tracker.php b/workflow/engine/src/ProcessMaker/BusinessModel/Light/Tracker.php
index 7d5b87eed..bc6a5e4ef 100644
--- a/workflow/engine/src/ProcessMaker/BusinessModel/Light/Tracker.php
+++ b/workflow/engine/src/ProcessMaker/BusinessModel/Light/Tracker.php
@@ -13,14 +13,14 @@ class Tracker
}
/**
- * authenticaction for case tracker
+ * Authentication for case tracker
*
- * @param $case numbre case
- * @param $pin code pin access for case tracek
+ * @param int $case number case
+ * @param int $pin code pin access for case track
* @return array
* @throws \Exception
*/
- public function authentication($case, $pin)
+ public static function authentication($case, $pin)
{
$cases = new \Cases();
$response = array();
diff --git a/workflow/engine/src/ProcessMaker/BusinessModel/ProcessSupervisor.php b/workflow/engine/src/ProcessMaker/BusinessModel/ProcessSupervisor.php
index 2ed4d6d34..87503f43d 100644
--- a/workflow/engine/src/ProcessMaker/BusinessModel/ProcessSupervisor.php
+++ b/workflow/engine/src/ProcessMaker/BusinessModel/ProcessSupervisor.php
@@ -1461,4 +1461,37 @@ class ProcessSupervisor
throw $e;
}
}
+ /**
+ * Check if the user is supervisor for some process
+ *
+ * @param string $userUid Unique id of User
+ *
+ * @return bool Return
+ */
+ public function isUserSupervisor($userUid)
+ {
+ //Check if the user is defined as supervisor
+ $criteria = new \Criteria('workflow');
+ $criteria->add(\ProcessUserPeer::USR_UID, $userUid, \Criteria::EQUAL);
+ $criteria->add(\ProcessUserPeer::PU_TYPE, 'SUPERVISOR', \Criteria::EQUAL);
+ $rsCriteria = \ProcessUserPeer::doSelectRS($criteria);
+ $rsCriteria->setFetchmode(\ResultSet::FETCHMODE_ASSOC);
+
+ if ($rsCriteria->next()) {
+ return true;
+ }
+ //Check if the user is in a group defined as supervisor
+ $criteria = new \Criteria('workflow');
+ $criteria->addSelectColumn(\ProcessUserPeer::USR_UID);
+ $criteria->addJoin(\ProcessUserPeer::USR_UID, \GroupUserPeer::GRP_UID, \Criteria::LEFT_JOIN);
+ $criteria->add(\ProcessUserPeer::PU_TYPE, 'GROUP_SUPERVISOR', \Criteria::EQUAL);
+ $criteria->add(\GroupUserPeer::USR_UID, $userUid, \Criteria::EQUAL);
+ $rsCriteria = \ProcessUserPeer::doSelectRS($criteria);
+ $rsCriteria->setFetchmode(\ResultSet::FETCHMODE_ASSOC);
+
+ if ($rsCriteria->next()) {
+ return true;
+ }
+ return false;
+ }
}
diff --git a/workflow/engine/src/ProcessMaker/BusinessModel/User.php b/workflow/engine/src/ProcessMaker/BusinessModel/User.php
index 9efbfaa4a..3e79f9691 100644
--- a/workflow/engine/src/ProcessMaker/BusinessModel/User.php
+++ b/workflow/engine/src/ProcessMaker/BusinessModel/User.php
@@ -1544,5 +1544,163 @@ class User
throw $e;
}
}
+ /**
+ * This function get the list of users
+ *
+ * @param string $authSource, authentication source
+ * @param string $filter
+ * @param string $sort
+ * @param integer $start
+ * @param integer $limit
+ * @param string $dir related to order the column
+ *
+ * @return void
+ */
+ public function getAllUsersWithAuthSource(
+ $authSource = '',
+ $filter = '',
+ $sort = '',
+ $start = 0,
+ $limit = 20,
+ $dir = 'ASC'
+ )
+ {
+ global $RBAC;
+ $aUsers = array();
+ if ($authSource != '') {
+ $aUsers = $RBAC->getListUsersByAuthSource($authSource);
+ }
+ $oCriteria = new \Criteria('workflow');
+ $oCriteria->addSelectColumn('COUNT(*) AS CNT');
+ if ($filter != '') {
+ $cc = $oCriteria->getNewCriterion(\UsersPeer::USR_USERNAME, '%' . $filter . '%', \Criteria::LIKE)
+ ->addOr($oCriteria->getNewCriterion(\UsersPeer::USR_FIRSTNAME, '%' . $filter . '%', \Criteria::LIKE)
+ ->addOr($oCriteria->getNewCriterion(\UsersPeer::USR_LASTNAME, '%' . $filter . '%', \Criteria::LIKE)
+ ->addOr($oCriteria->getNewCriterion(\UsersPeer::USR_EMAIL, '%' . $filter . '%', \Criteria::LIKE))));
+ $oCriteria->add($cc);
+ }
+ $oCriteria->add(\UsersPeer::USR_STATUS, array('CLOSED'), \Criteria::NOT_IN);
+
+ if ($authSource != '') {
+ $totalRows = sizeof($aUsers);
+ } else {
+ $oDataset = \UsersPeer::DoSelectRs($oCriteria);
+ $oDataset->setFetchmode(\ResultSet::FETCHMODE_ASSOC);
+ $oDataset->next();
+ $row = $oDataset->getRow();
+ $totalRows = $row['CNT'];
+ }
+ $oCriteria->clearSelectColumns();
+ $oCriteria->addSelectColumn(\UsersPeer::USR_UID);
+ $oCriteria->addSelectColumn(\UsersPeer::USR_USERNAME);
+ $oCriteria->addSelectColumn(\UsersPeer::USR_FIRSTNAME);
+ $oCriteria->addSelectColumn(\UsersPeer::USR_LASTNAME);
+ $oCriteria->addSelectColumn(\UsersPeer::USR_EMAIL);
+ $oCriteria->addSelectColumn(\UsersPeer::USR_ROLE);
+ $oCriteria->addSelectColumn(\UsersPeer::USR_DUE_DATE);
+ $oCriteria->addSelectColumn(\UsersPeer::USR_STATUS);
+ $oCriteria->addSelectColumn(\UsersPeer::USR_UX);
+ $oCriteria->addSelectColumn(\UsersPeer::DEP_UID);
+ $oCriteria->addSelectColumn(\UsersPeer::USR_LAST_LOGIN);
+ $oCriteria->addAsColumn('LAST_LOGIN', 0);
+ $oCriteria->addAsColumn('DEP_TITLE', 0);
+ $oCriteria->addAsColumn('TOTAL_CASES', 0);
+ $oCriteria->addAsColumn('DUE_DATE_OK', 1);
+ $sep = "'";
+ $oCriteria->add(\UsersPeer::USR_STATUS, array('CLOSED'), \Criteria::NOT_IN);
+ if ($filter != '') {
+ $cc = $oCriteria->getNewCriterion(\UsersPeer::USR_USERNAME, '%' . $filter . '%', \Criteria::LIKE)
+ ->addOr($oCriteria->getNewCriterion(\UsersPeer::USR_FIRSTNAME, '%' . $filter . '%', \Criteria::LIKE)
+ ->addOr($oCriteria->getNewCriterion(\UsersPeer::USR_LASTNAME, '%' . $filter . '%', \Criteria::LIKE)
+ ->addOr($oCriteria->getNewCriterion(\UsersPeer::USR_EMAIL, '%' . $filter . '%', \Criteria::LIKE))));
+ $oCriteria->add($cc);
+ }
+ if (sizeof($aUsers) > 0) {
+ $oCriteria->add(\UsersPeer::USR_UID, $aUsers, \Criteria::IN);
+ } elseif ($totalRows == 0 && $authSource != '') {
+ $oCriteria->add(\UsersPeer::USR_UID, '', \Criteria::IN);
+ }
+ if ($sort != '') {
+ if ($dir == 'ASC') {
+ $oCriteria->addAscendingOrderByColumn($sort);
+ } else {
+ $oCriteria->addDescendingOrderByColumn($sort);
+ }
+ }
+ $oCriteria->setOffset($start);
+ $oCriteria->setLimit($limit);
+ $oDataset = \UsersPeer::DoSelectRs($oCriteria);
+ $oDataset->setFetchmode(\ResultSet::FETCHMODE_ASSOC);
+
+ return $oDataset;
+ }
+ /**
+ * This function get additional information related to the user
+ * Information about the department, rol, cases, authentication
+ *
+ * @param criteria $oDatasetUsers, criteria for search users
+ *
+ * @return array $dataUsers array of users with the additional information
+ */
+ public function getAdditionalInfoFromUsers($oDatasetUsers)
+ {
+ global $RBAC;
+ //Get the information about the department
+ $Department = new \Department();
+ $aDepart = $Department->getAllDepartmentsByUser();
+
+ //Get the authentication sources
+ $aAuthSources = $RBAC->getAllAuthSourcesByUser();
+
+ //Get roles
+ $oRoles = new \Roles();
+
+ //Get cases
+ $oParticipated = new \ListParticipatedLast();
+ $oAppCache = new \AppCacheView();
+
+ $rows = array();
+ $uRole = array();
+ $totalRows = 0;
+ $dataUsers = array();
+ while ($oDatasetUsers->next()) {
+ $totalRows++;
+ $row = $oDatasetUsers->getRow();
+
+ //Add the role information related to the user
+ try {
+ $uRole = $oRoles->loadByCode($row['USR_ROLE']);
+ } catch (\exception $oError) {
+ $uRole['ROL_NAME'] = G::loadTranslation('ID_DELETED');
+ }
+ $row['USR_ROLE_ID'] = $row['USR_ROLE'];
+ $row['USR_ROLE'] = isset($uRole['ROL_NAME']) ? ($uRole['ROL_NAME'] != '' ? $uRole['ROL_NAME'] : $uRole['ROL_CODE']) : $uRole['ROL_CODE'];
+
+ /*----------------------------------********---------------------------------*/
+ if (true) {
+ $total = $oParticipated->getCountList($row['USR_UID']);
+ } else {
+ /*----------------------------------********---------------------------------*/
+ $total = $oAppCache->getListCounters('sent', $row['USR_UID'], false);
+ /*----------------------------------********---------------------------------*/
+ }
+ /*----------------------------------********---------------------------------*/
+ $row['TOTAL_CASES'] = $total;
+
+ $row['DUE_DATE_OK'] = (date('Y-m-d') > date('Y-m-d', strtotime($row['USR_DUE_DATE']))) ? 0 : 1;
+ $row['LAST_LOGIN'] = isset($row['USR_LAST_LOGIN']) ? \ProcessMaker\Util\DateTime::convertUtcToTimeZone($row['USR_LAST_LOGIN']) : '';
+ //Add the department information related to the user
+ $row['DEP_TITLE'] = isset($aDepart[$row['USR_UID']]) ? $aDepart[$row['USR_UID']] : '';
+ //Add the authentication information related to the user
+ $row['USR_AUTH_SOURCE'] = isset($aAuthSources[$row['USR_UID']]) ? $aAuthSources[$row['USR_UID']] : 'ProcessMaker (MYSQL)';
+
+ $rows[] = $row;
+ }
+ $dataUsers['data'] = $rows;
+ $dataUsers['totalCount'] = $totalRows;
+
+ return $dataUsers;
+ }
+
}
diff --git a/workflow/engine/src/ProcessMaker/Services/Api/Light/Tracker.php b/workflow/engine/src/ProcessMaker/Services/Api/Light/Tracker.php
index 051c7d2f7..b723c2170 100644
--- a/workflow/engine/src/ProcessMaker/Services/Api/Light/Tracker.php
+++ b/workflow/engine/src/ProcessMaker/Services/Api/Light/Tracker.php
@@ -21,8 +21,7 @@ class Tracker extends Api
public function Authentication($case, $pin)
{
try {
- $oMobile = new \ProcessMaker\BusinessModel\Light\Tracker();
- $response = $oMobile->authentication($case, $pin);
+ $response = \ProcessMaker\BusinessModel\Light\Tracker::authentication($case, $pin);
} catch (\Exception $e) {
throw new RestException(Api::STAT_APP_EXCEPTION, $e->getMessage());
}
diff --git a/workflow/engine/templates/installer/stopInstall.js b/workflow/engine/templates/installer/stopInstall.js
index ff743d8a6..536fd07c3 100644
--- a/workflow/engine/templates/installer/stopInstall.js
+++ b/workflow/engine/templates/installer/stopInstall.js
@@ -9,7 +9,7 @@ Ext.onReady(function() {
title : _('ID_TITLE_NO_INSTALL'),
items:[
- {html: _('ID_NO_INSTALL')}
+ {html: messageError}
]
});
});