PMCORE-542

2020-01-29 09:54:21 -04:00
parent 833a2279cc
commit 75b74fe4d6
7 changed files with 75 additions and 202 deletions
--- a/gulliver/system/class.rbac.php
+++ b/gulliver/system/class.rbac.php
@@ -387,7 +387,7 @@ class RBAC
            ],
            [
                "PER_UID" => "00000000000000000000000000000015",
-                "PER_CODE" => "PM_FOLDERS_VIEW",
+                "PER_CODE" => "PM_FOLDERS_ALL",
                "PER_NAME" => "View Folders"
            ],
            [
@@ -645,8 +645,12 @@ class RBAC
                'PER_UID' => '00000000000000000000000000000067',
                'PER_CODE' => 'PM_SETUP_LOG_FILES',
                'PER_NAME' => 'Log Files'
+            ],
+            [
+                'PER_UID' => '00000000000000000000000000000068',
+                'PER_CODE' => 'PM_FOLDERS_OWNER',
+                'PER_NAME' => 'View Your Folders'
            ]
-
        ];

        return $permissionsAdmin;
--- a/rbac/engine/data/mysql/insert.sql
+++ b/rbac/engine/data/mysql/insert.sql
@@ -13,7 +13,7 @@ INSERT INTO `RBAC_PERMISSIONS` VALUES
 ('00000000000000000000000000000012','PM_WEBDAV','2009-08-21 00:00:00','2009-08-21 00:00:00',1,'00000000000000000000000000000002'),
 ('00000000000000000000000000000013','PM_DELETECASE','2009-10-12 00:00:00',NULL,1,'00000000000000000000000000000002'),
 ('00000000000000000000000000000014','PM_EDITPERSONALINFO','2009-10-12 00:00:00',NULL,1,'00000000000000000000000000000002'),
-('00000000000000000000000000000015','PM_FOLDERS_VIEW','2009-10-12 00:00:00',NULL,1,'00000000000000000000000000000002'),
+('00000000000000000000000000000015','PM_FOLDERS_ALL','2009-10-12 00:00:00',NULL,1,'00000000000000000000000000000002'),
 ('00000000000000000000000000000016','PM_FOLDERS_ADD_FOLDER','2009-10-12 00:00:00',NULL,1,'00000000000000000000000000000002'),
 ('00000000000000000000000000000017','PM_FOLDERS_ADD_FILE','2009-10-12 00:00:00',NULL,1,'00000000000000000000000000000002'),
 ('00000000000000000000000000000018','PM_CANCELCASE','2011-12-11 00:00:00','2011-12-11 00:00:00',1,'00000000000000000000000000000002'),
@@ -65,7 +65,8 @@ INSERT INTO `RBAC_PERMISSIONS` VALUES
 ('00000000000000000000000000000064','PM_REASSIGNCASE_SUPERVISOR','2016-09-01 00:00:00','2016-09-01 00:00:00',1,'00000000000000000000000000000002'),
 ('00000000000000000000000000000065','PM_SETUP_CUSTOM_CASES_LIST','2017-03-27 00:00:00','2017-03-27 00:00:00',1,'00000000000000000000000000000002'),
 ('00000000000000000000000000000066','PM_GUEST_CASE','2017-03-27 00:00:00','2017-03-27 00:00:00',1,'00000000000000000000000000000002'),
-('00000000000000000000000000000067','PM_SETUP_LOG_FILES','2018-02-06 00:00:00','2018-02-06 00:00:00',1,'00000000000000000000000000000002');
+('00000000000000000000000000000067','PM_SETUP_LOG_FILES','2018-02-06 00:00:00','2018-02-06 00:00:00',1,'00000000000000000000000000000002'),
+('00000000000000000000000000000068','PM_FOLDERS_OWNER','2020-01-29 00:00:00','2020-01-29 00:00:00',1,'00000000000000000000000000000002');

 INSERT INTO `RBAC_ROLES` VALUES
 ('00000000000000000000000000000001','','00000000000000000000000000000001','RBAC_ADMIN','2007-07-31 19:10:22','2007-08-03 12:24:36',1),
@@ -142,6 +143,7 @@ INSERT INTO `RBAC_ROLES_PERMISSIONS` VALUES
 ('00000000000000000000000000000002','00000000000000000000000000000064'),
 ('00000000000000000000000000000002','00000000000000000000000000000065'),
 ('00000000000000000000000000000002','00000000000000000000000000000067'),
+('00000000000000000000000000000002','00000000000000000000000000000068'),
 ('00000000000000000000000000000003','00000000000000000000000000000001'),
 ('00000000000000000000000000000003','00000000000000000000000000000005'),
 ('00000000000000000000000000000003','00000000000000000000000000000040'),
--- a/workflow/engine/data/mysql/insert.sql
+++ b/workflow/engine/data/mysql/insert.sql
@@ -71,7 +71,8 @@ INSERT INTO CONTENT (CON_CATEGORY,CON_PARENT,CON_ID,CON_LANG,CON_VALUE) VALUES
 ('PER_NAME','','00000000000000000000000000000063','en','Edit User profile Default Cases Menu Options'),
 ('PER_NAME','','00000000000000000000000000000064','en','Reassign case supervisor'),
 ('PER_NAME','','00000000000000000000000000000065','en','Setup Custom Cases List'),
-('PER_NAME','','00000000000000000000000000000067','en','Log Files');
+('PER_NAME','','00000000000000000000000000000067','en','Log Files'),
+('PER_NAME','','00000000000000000000000000000068','en','View Your Folders');

 INSERT INTO LANGUAGE (LAN_ID,LAN_LOCATION,LAN_NAME,LAN_NATIVE_NAME,LAN_DIRECTION,LAN_WEIGHT,LAN_ENABLED,LAN_CALENDAR) VALUES 
 ('aa','','Afar','','L','0','0','GREGORIAN'),
--- a/workflow/engine/menus/cases.php
+++ b/workflow/engine/menus/cases.php
@@ -111,7 +111,7 @@ if ($RBAC->userCanAccess('PM_REASSIGNCASE') == 1 || $RBAC->userCanAccess('PM_REA
    );
 }

-if ($RBAC->userCanAccess('PM_FOLDERS_VIEW') == 1) {
+if ($RBAC->userCanAccess('PM_FOLDERS_VIEW_ALL') == 1 || $RBAC->userCanAccess('PM_FOLDERS_VIEW_OWNER') == 1) {
    $G_TMP_MENU->AddIdRawOption(
        'CASES_FOLDERS',
        'casesStartPage?action=documents',
@@ -122,7 +122,6 @@ if ($RBAC->userCanAccess('PM_FOLDERS_VIEW') == 1) {
    );
 }

-
 //Load Other registered Dashboards (From plugins)
 $oPluginRegistry = PluginRegistry::loadSingleton();
 /** @var \ProcessMaker\Plugins\Interfaces\DashboardPage[] $dashBoardPages */
--- a/workflow/engine/methods/appFolder/appFolderAjax.php
+++ b/workflow/engine/methods/appFolder/appFolderAjax.php
--- a/workflow/engine/methods/cases/cases_ShowDocument.php
+++ b/workflow/engine/methods/cases/cases_ShowDocument.php
@@ -2,29 +2,10 @@
 /**
 * cases_ShowDocument.php
 *
- * ProcessMaker Open Source Edition
- * Copyright (C) 2004 - 2008 Colosa Inc.23
+ * Download documents related to the input document
 *
- * This program is free software: you can redistribute it and/or modify
- * it under the terms of the GNU Affero General Public License as
- * published by the Free Software Foundation, either version 3 of the
- * License, or (at your option) any later version.
- *
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- * GNU Affero General Public License for more details.
- *
- * You should have received a copy of the GNU Affero General Public License
- * along with this program. If not, see <http://www.gnu.org/licenses/>.
- *
- * For more information, contact Colosa Inc, 2566 Le Jeune Rd.,
- * Coral Gables, FL, 33134, USA, or email info@colosa.com.
- */
-/*
- * Created on 13-02-2008
- *
- * @author David Callizaya <davidsantos@colosa.com>
+ * @link https://wiki.processmaker.com/3.2/Cases/Documents#Downloading_Files
+ * @link https://wiki.processmaker.com/3.3/Cases/Information#Uploaded_Documents
 */
 if (isset($_REQUEST['actionAjax']) && $_REQUEST['actionAjax'] == "verifySession") {
    if (!isset($_SESSION['USER_LOGGED'])) {
@@ -63,7 +44,7 @@ if (empty($_GET['v'])) {
 //Check if the user can be download the input Document
 //Send the parameter v = Version
 //Send the parameter a = Case UID
-if (defined('DISABLE_DOWNLOAD_DOCUMENTS_SESSION_VALIDATION') && DISABLE_DOWNLOAD_DOCUMENTS_SESSION_VALIDATION == 0) {
+if ($RBAC->userCanAccess('PM_FOLDERS_ALL') != 1 && defined('DISABLE_DOWNLOAD_DOCUMENTS_SESSION_VALIDATION') && DISABLE_DOWNLOAD_DOCUMENTS_SESSION_VALIDATION == 0) {
    if (!$oAppDocument->canDownloadInput($_SESSION['USER_LOGGED'], $_GET['a'], $docVersion)) {
        G::header('Location: /errors/error403.php');
        die();
--- a/workflow/engine/methods/cases/cases_ShowOutputDocument.php
+++ b/workflow/engine/methods/cases/cases_ShowOutputDocument.php
@@ -2,29 +2,10 @@
 /**
 * cases_ShowOutputDocument.php
 *
- * ProcessMaker Open Source Edition
- * Copyright (C) 2004 - 2008 Colosa Inc.23
+ * Download documents related to the output document
 *
- * This program is free software: you can redistribute it and/or modify
- * it under the terms of the GNU Affero General Public License as
- * published by the Free Software Foundation, either version 3 of the
- * License, or (at your option) any later version.
- *
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- * GNU Affero General Public License for more details.
- *
- * You should have received a copy of the GNU Affero General Public License
- * along with this program. If not, see <http://www.gnu.org/licenses/>.
- *
- * For more information, contact Colosa Inc, 2566 Le Jeune Rd.,
- * Coral Gables, FL, 33134, USA, or email info@colosa.com.
- *
- * Created on 13-02-2008
- *
- *
- * @author David Callizaya <davidsantos@colosa.com>
+ * @link https://wiki.processmaker.com/3.2/Cases/Documents#Downloading_Files
+ * @link https://wiki.processmaker.com/3.3/Cases/Information#Generated_Documents
 */

 use ProcessMaker\Plugins\PluginRegistry;
@@ -63,7 +44,7 @@ $oOutputDocument->Fields = $oOutputDocument->getByUid($sDocUid);
 $download = $oOutputDocument->Fields['OUT_DOC_OPEN_TYPE'];

 //Check if the user can be download the Output Document
-if (defined('DISABLE_DOWNLOAD_DOCUMENTS_SESSION_VALIDATION') && DISABLE_DOWNLOAD_DOCUMENTS_SESSION_VALIDATION == 0) {
+if ($RBAC->userCanAccess('PM_FOLDERS_ALL') != 1 && defined('DISABLE_DOWNLOAD_DOCUMENTS_SESSION_VALIDATION') && DISABLE_DOWNLOAD_DOCUMENTS_SESSION_VALIDATION == 0) {
    if (!$oAppDocument->canDownloadOutput(
        $oAppDocument->Fields['USR_UID'],
        $_SESSION['USER_LOGGED'],