HOR-4018
This commit is contained in:
Paula Quispe
@@ -5684,6 +5684,7 @@ class Cases
|
||||
foreach ($permissionAction as $action) {
|
||||
$mainObjects[$action] = $this->getAllObjectsFrom($proUid, $appUid, $tasUid, $usrUid, $action, $delIndex);
|
||||
}
|
||||
|
||||
//We will review data with VIEW and BLOCK
|
||||
//Dynaforms BLOCK it means does not show in the list
|
||||
$resultObjects['DYNAFORMS'] = G::arrayDiff(
|
||||
@@ -5701,6 +5702,9 @@ class Cases
|
||||
$resultObjects['CASES_NOTES'] = G::arrayDiff(
|
||||
$mainObjects['VIEW']['CASES_NOTES'], $mainObjects['BLOCK']['CASES_NOTES']
|
||||
);
|
||||
//Summary form it means does not show in the list
|
||||
$resultObjects['SUMMARY_FORM'] = isset($mainObjects['VIEW']['SUMMARY_FORM']) ? $mainObjects['VIEW']['SUMMARY_FORM'] : 0;
|
||||
|
||||
array_push($resultObjects["DYNAFORMS"], -1, -2);
|
||||
array_push($resultObjects['INPUT_DOCUMENTS'], -1);
|
||||
array_push($resultObjects['OUTPUT_DOCUMENTS'], -1);
|
||||
|
||||
@@ -28,6 +28,7 @@ use EntitySolrRequestData;
|
||||
use G;
|
||||
use Groups;
|
||||
use InvalidIndexSearchTextException;
|
||||
use ListParticipatedLast;
|
||||
use PmDynaform;
|
||||
use ProcessMaker\BusinessModel\Task as BmTask;
|
||||
use ProcessMaker\BusinessModel\User as BmUser;
|
||||
@@ -3096,61 +3097,47 @@ class Cases
|
||||
return !(boolean)AppDelegationPeer::doCount($c);
|
||||
}
|
||||
|
||||
/**
|
||||
* This function review if the user has processPermissions or the user is supervisor
|
||||
*
|
||||
* @param string $userUid
|
||||
* @param string $applicationUid
|
||||
* @param string $dynaformUid
|
||||
*
|
||||
* @return boolean
|
||||
*/
|
||||
public function checkUserHasPermissionsOrSupervisor($userUid, $applicationUid, $dynaformUid)
|
||||
{
|
||||
$arrayApplicationData = $this->getApplicationRecordByPk($applicationUid, [], false);
|
||||
//Check whether the process supervisor
|
||||
$supervisor = new BmProcessSupervisor();
|
||||
$userAccess = $supervisor->isUserProcessSupervisor($arrayApplicationData['PRO_UID'], $userUid);
|
||||
if (!empty($dynaformUid)) {
|
||||
//Check if have objects assigned (Supervisor)
|
||||
$flagSupervisors = $this->isSupervisorFromForm(
|
||||
$userUid,
|
||||
$applicationUid,
|
||||
$dynaformUid,
|
||||
$arrayApplicationData['PRO_UID']
|
||||
);
|
||||
//Get all access for the user, we no consider the permissions
|
||||
$userCanAccess = $this->userAuthorization(
|
||||
$userUid,
|
||||
$arrayApplicationData['PRO_UID'],
|
||||
$applicationUid,
|
||||
[],
|
||||
[],
|
||||
true
|
||||
);
|
||||
|
||||
//Check if have permissions VIEW
|
||||
$case = new ClassesCases();
|
||||
$arrayAllObjectsFrom = $case->getAllObjectsFrom($arrayApplicationData['PRO_UID'], $applicationUid, '',
|
||||
$userUid, 'VIEW', 0);
|
||||
$flagPermissionsVIEW = false;
|
||||
if (array_key_exists('DYNAFORMS', $arrayAllObjectsFrom) &&
|
||||
!empty($arrayAllObjectsFrom['DYNAFORMS'])
|
||||
) {
|
||||
foreach ($arrayAllObjectsFrom['DYNAFORMS'] as $value) {
|
||||
if ($value == $dynaformUid) {
|
||||
$flagPermissionsVIEW = true;
|
||||
}
|
||||
}
|
||||
}
|
||||
//Check if have permissions BLOCK
|
||||
$arrayAllObjectsFrom = $case->getAllObjectsFrom($arrayApplicationData['PRO_UID'], $applicationUid, '',
|
||||
$userUid, 'BLOCK', 0);
|
||||
$flagPermissionsBLOCK = false;
|
||||
if (array_key_exists('DYNAFORMS', $arrayAllObjectsFrom) &&
|
||||
!empty($arrayAllObjectsFrom['DYNAFORMS'])
|
||||
) {
|
||||
foreach ($arrayAllObjectsFrom['DYNAFORMS'] as $value) {
|
||||
if ($value == $dynaformUid) {
|
||||
$flagPermissionsBLOCK = true;
|
||||
}
|
||||
}
|
||||
}
|
||||
//check case Tracker
|
||||
$flagCaseTracker = $case->getAllObjectsTrackerDynaform($arrayApplicationData['PRO_UID'], $dynaformUid);
|
||||
//We need to get all the object permission consider the BLOCK
|
||||
$case = new ClassesCases();
|
||||
$allObjectPermissions = $case->getAllObjects($arrayApplicationData['PRO_UID'], $applicationUid, '', $userUid);
|
||||
|
||||
return ($flagSupervisors && $userAccess) || $flagPermissionsVIEW || $flagPermissionsBLOCK || $flagCaseTracker;
|
||||
} else {
|
||||
$arrayResult = $this->getStatusInfo($applicationUid, 0, $userUid);
|
||||
$flagParticipated = false;
|
||||
if ($arrayResult || $userAccess) {
|
||||
$flagParticipated = true;
|
||||
}
|
||||
//Check case tracker
|
||||
$flagCaseTracker = $case->getAllObjectsTrackerDynaform($arrayApplicationData['PRO_UID'], $dynaformUid);
|
||||
|
||||
return $flagParticipated;
|
||||
}
|
||||
//Review if the user has participated in the case
|
||||
//Review if the user is supervisor in the case and if had assign the objectSupervisor
|
||||
//Review if the user has process permission SUMMARY FORM
|
||||
//Review if the user has process permission DYNAFORM for the specific form
|
||||
//Review if the form is configured for case tracker
|
||||
return (
|
||||
$userCanAccess['participated']
|
||||
|| ($userCanAccess['supervisor'] && in_array($dynaformUid, $userCanAccess['objectSupervisor']))
|
||||
|| $allObjectPermissions['SUMMARY_FORM']
|
||||
|| in_array($dynaformUid, $allObjectPermissions['DYNAFORMS'])
|
||||
|| $flagCaseTracker
|
||||
);
|
||||
}
|
||||
|
||||
/**
|
||||
@@ -3325,34 +3312,42 @@ class Cases
|
||||
}
|
||||
|
||||
/**
|
||||
* Get Permissions, Participate, Access
|
||||
* Get Permissions, Participate, Access, Objects supervisor
|
||||
*
|
||||
* @param string $usrUid
|
||||
* @param string $proUid
|
||||
* @param string $appUid
|
||||
* @param array $rolesPermissions
|
||||
* @param array $objectPermissions
|
||||
* @return array Returns array with all access
|
||||
* @param array $rolesPermissions, the roles that we need to review
|
||||
* @param array $objectPermissions, the permissions that we need to review
|
||||
* @param boolean $objectSupervisor, if we need to get all the objects supervisor
|
||||
* @return array
|
||||
*/
|
||||
public function userAuthorization(
|
||||
$usrUid,
|
||||
$proUid,
|
||||
$appUid,
|
||||
$rolesPermissions = array(),
|
||||
$objectPermissions = array()
|
||||
$rolesPermissions = [],
|
||||
$objectPermissions = [],
|
||||
$objectSupervisor = false
|
||||
) {
|
||||
$arrayAccess = array();
|
||||
$arrayAccess = [];
|
||||
|
||||
//User has participated
|
||||
$oParticipated = new \ListParticipatedLast();
|
||||
$aParticipated = $oParticipated->loadList($usrUid, array(), null, $appUid);
|
||||
$arrayAccess['participated'] = (count($aParticipated) == 0) ? false : true;
|
||||
$participated = new ListParticipatedLast();
|
||||
$listParticipated = $participated->loadList($usrUid, [], null, $appUid);
|
||||
$arrayAccess['participated'] = (count($listParticipated) == 0) ? false : true;
|
||||
|
||||
//User is supervisor
|
||||
$supervisor = new BmProcessSupervisor();
|
||||
$isSupervisor = $supervisor->isUserProcessSupervisor($proUid, $usrUid);
|
||||
$arrayAccess['supervisor'] = ($isSupervisor) ? true : false;
|
||||
|
||||
//If the user is supervisor we will to return the object assigned
|
||||
if ($isSupervisor && $objectSupervisor) {
|
||||
$ps = new BmProcessSupervisor();
|
||||
$arrayAccess['objectSupervisor'] = $ps->getObjectSupervisor($proUid);
|
||||
}
|
||||
|
||||
//Roles Permissions
|
||||
if (count($rolesPermissions) > 0) {
|
||||
global $RBAC;
|
||||
@@ -3363,9 +3358,9 @@ class Cases
|
||||
|
||||
//Object Permissions
|
||||
if (count($objectPermissions) > 0) {
|
||||
$oCase = new ClassesCases();
|
||||
$case = new ClassesCases();
|
||||
foreach ($objectPermissions as $key => $value) {
|
||||
$resPermission = $oCase->getAllObjectsFrom($proUid, $appUid, '', $usrUid, $value);
|
||||
$resPermission = $case->getAllObjectsFrom($proUid, $appUid, '', $usrUid, $value);
|
||||
if (isset($resPermission[$key])) {
|
||||
$arrayAccess['objectPermissions'][$key] = $resPermission[$key];
|
||||
}
|
||||
|
||||
@@ -1,7 +1,12 @@
|
||||
<?php
|
||||
namespace ProcessMaker\BusinessModel;
|
||||
|
||||
use \G;
|
||||
use G;
|
||||
use Criteria;
|
||||
use DynaformPeer;
|
||||
use ResultSet;
|
||||
use StepSupervisorPeer;
|
||||
use Exception;
|
||||
|
||||
class ProcessSupervisor
|
||||
{
|
||||
@@ -1526,4 +1531,40 @@ class ProcessSupervisor
|
||||
|
||||
return $canEdit;
|
||||
}
|
||||
|
||||
/**
|
||||
* Return the objects supervisor
|
||||
*
|
||||
* @param string $proUid
|
||||
* @param array $typeObject, can be DYNAFORM or INPUT_DOCUMENT
|
||||
*
|
||||
* @return array
|
||||
* @throws Exception
|
||||
*/
|
||||
public function getObjectSupervisor($proUid, $typeObject = [])
|
||||
{
|
||||
try {
|
||||
$result = [];
|
||||
$criteria = new Criteria('workflow');
|
||||
$criteria->addSelectColumn(StepSupervisorPeer::STEP_UID);
|
||||
$criteria->addSelectColumn(StepSupervisorPeer::PRO_UID);
|
||||
$criteria->addSelectColumn(StepSupervisorPeer::STEP_TYPE_OBJ);
|
||||
$criteria->addSelectColumn(StepSupervisorPeer::STEP_UID_OBJ);
|
||||
$criteria->addSelectColumn(StepSupervisorPeer::STEP_POSITION);
|
||||
$criteria->add(StepSupervisorPeer::PRO_UID, $proUid);
|
||||
if (!empty($typeObject)) {
|
||||
$criteria->add(StepSupervisorPeer::STEP_TYPE_OBJ, $typeObject, Criteria::IN);
|
||||
}
|
||||
$dataset = StepSupervisorPeer::doSelectRS($criteria);
|
||||
$dataset->setFetchmode(ResultSet::FETCHMODE_ASSOC);
|
||||
$dataset->next();
|
||||
while ($row = $dataset->getRow()) {
|
||||
$result[] = $row['STEP_UID_OBJ'];
|
||||
$dataset->next();
|
||||
}
|
||||
return $result;
|
||||
} catch (Exception $e) {
|
||||
throw $e;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user