diff --git a/workflow/engine/classes/model/ListParticipatedLast.php b/workflow/engine/classes/model/ListParticipatedLast.php
index 4fa3cdc22..feeaa1ba5 100644
--- a/workflow/engine/classes/model/ListParticipatedLast.php
+++ b/workflow/engine/classes/model/ListParticipatedLast.php
@@ -282,11 +282,11 @@ class ListParticipatedLast extends BaseListParticipatedLast
return (int)$total;
}
- public function loadList($usr_uid, $filters = array(), $callbackRecord = null)
+ public function loadList($usr_uid, $filters = array(), $callbackRecord = null, $appUid = '')
{
$pmTable = new PmTable();
$criteria = $pmTable->addPMFieldsToList('sent');
-
+
$criteria->addSelectColumn(ListParticipatedLastPeer::APP_UID);
$criteria->addSelectColumn(ListParticipatedLastPeer::DEL_INDEX);
$criteria->addSelectColumn(ListParticipatedLastPeer::USR_UID);
@@ -311,6 +311,12 @@ class ListParticipatedLast extends BaseListParticipatedLast
$criteria->addSelectColumn(ListParticipatedLastPeer::DEL_PRIORITY);
$criteria->addSelectColumn(ListParticipatedLastPeer::DEL_THREAD_STATUS);
$criteria->add( ListParticipatedLastPeer::USR_UID, $usr_uid, Criteria::EQUAL );
+
+ //Check if the user was participated in a specific case
+ if($appUid != ''){
+ $criteria->add( ListParticipatedLastPeer::APP_UID, $appUid, Criteria::EQUAL );
+ }
+
self::loadFilters($criteria, $filters);
$sort = (!empty($filters['sort'])) ? $filters['sort'] : "DEL_DELEGATE_DATE";
diff --git a/workflow/engine/methods/cases/cases_Ajax.php b/workflow/engine/methods/cases/cases_Ajax.php
index c62ad5b9c..a90b02548 100644
--- a/workflow/engine/methods/cases/cases_Ajax.php
+++ b/workflow/engine/methods/cases/cases_Ajax.php
@@ -1004,7 +1004,6 @@ switch (($_POST['action']) ? $_POST['action'] : $_REQUEST['action']) {
}
break;
case "previusJump":
- //require_once 'classes/model/Application.php';
$oCriteria = new Criteria( 'workflow' );
$response = array ("success" => true );
@@ -1017,8 +1016,27 @@ switch (($_POST['action']) ? $_POST['action'] : $_REQUEST['action']) {
if (is_array( $aApplication )) {
$response['exists'] = true;
+
+ //Check if the user is a supervisor to this Process
+ if(isset($_POST['actionFromList']) && $_POST['actionFromList']==='to_revise'){
+ $oAppCache = new AppCacheView();
+ $aProcesses = $oAppCache->getProUidSupervisor($_SESSION['USER_LOGGED']);
+ if(!in_array($aApplication['PRO_UID'], $aProcesses)){
+ $response['exists'] = false;
+ $response['message'] = G::LoadTranslation('ID_NO_PERMISSION_NO_PARTICIPATED');
+ }
+ } else {//Check if the user participated in this case
+ $oParticipated = new ListParticipatedLast();
+ $aParticipated = $oParticipated->loadList($_SESSION['USER_LOGGED'], array(), null, $aApplication['APP_UID']);
+ if(!sizeof($aParticipated)){
+ //Check in the selfservice list
+ $response['exists'] = false;
+ $response['message'] = G::LoadTranslation('ID_NO_PERMISSION_NO_PARTICIPATED');
+ }
+ }
} else {
$response['exists'] = false;
+ $response['message'] = G::LoadTranslation('ID_CASE_DOES_NOT_EXIST_JS', array($_POST['appNumber']));
}
echo Bootstrap::json_encode( $response );
diff --git a/workflow/engine/methods/cases/cases_StepToRevise.php b/workflow/engine/methods/cases/cases_StepToRevise.php
index 4fdab8c27..eadbaefe9 100644
--- a/workflow/engine/methods/cases/cases_StepToRevise.php
+++ b/workflow/engine/methods/cases/cases_StepToRevise.php
@@ -39,6 +39,7 @@ switch ($RBAC->userCanAccess( 'PM_SUPERVISOR' )) {
break;
}
+//If the user does not have the permission and the user can be access from url
$processUser = new ProcessUser();
$userAccess = $processUser->validateUserAccess($_GET['PRO_UID'], $_SESSION['USER_LOGGED'], 'SUPERVISOR');
if(!$userAccess) {
@@ -105,8 +106,8 @@ if (! isset( $_GET['type'] )) {
}
if (! isset( $_GET['position'] )) {
$_GET['position'] = $_SESSION['STEP_POSITION'];
-}else{
- if($_GET['type'] == 'DYNAFORM'){
+}else{
+ if($_GET['type'] == 'DYNAFORM'){
$criteria = new Criteria();
$criteria->addSelectColumn(StepSupervisorPeer::STEP_POSITION);
@@ -116,7 +117,7 @@ if (! isset( $_GET['position'] )) {
$rsCriteria = StepSupervisorPeer::doSelectRS($criteria);
$rsCriteria->setFetchmode(ResultSet::FETCHMODE_ASSOC);
$rsCriteria->next();
- $aRow = $rsCriteria->getRow();
+ $aRow = $rsCriteria->getRow();
$_GET['position'] = $aRow['STEP_POSITION'];
}else{
diff --git a/workflow/engine/methods/cases/open.php b/workflow/engine/methods/cases/open.php
index dcfabcd2d..9355a7951 100644
--- a/workflow/engine/methods/cases/open.php
+++ b/workflow/engine/methods/cases/open.php
@@ -49,22 +49,11 @@ if (! isset( $_GET['APP_UID'] ) || ! isset( $_GET['DEL_INDEX'] )) {
} else {
throw new Exception( "Application ID or Delegation Index is missing!. The System can't open the case." );
}
-} else {
+} else {
$appUid = htmlspecialchars($_GET['APP_UID']);
$delIndex = htmlspecialchars($_GET['DEL_INDEX']);
}
-if( isset($_GET['actionFromList']) && ($_GET['actionFromList'] == 'to_revise') ) {
- $oApp = new Application;
- $oApp->Load($appUid);
- if($oApp->getAppStatus() == 'COMPLETED') {
- unset($_GET['to_revise']);
- } else {
- $_GET['APP_UID'] = $appUid;
- $_GET['DEL_INDEX'] = $delIndex;
- }
-}
-
require_once ("classes/model/Step.php");
G::LoadClass( "configuration" );
G::LoadClass( "case" );
@@ -105,14 +94,21 @@ if( isset($_GET['action']) && ($_GET['action'] == 'jump') ) {
$case = $oCase->loadCase( $appUid, $delIndex );
}
-if (! isset( $_GET['to_revise'] )) {
- $script = 'cases_Open?';
+if(isset($_GET['actionFromList']) && ($_GET['actionFromList'] === 'to_revise') ){
+ $oApp = new Application;
+ $oApp->Load($appUid);
+ //If the case is completed can not update the information from supervisor/review
+ if($oApp->getAppStatus() === 'COMPLETED') {
+ $script = 'cases_Open?';
+ } else {
+ $script = 'cases_OpenToRevise?APP_UID=' . $appUid . '&DEL_INDEX=' . $delIndex;
+ $oHeadPublisher->assign( 'treeToReviseTitle', G::loadtranslation( 'ID_STEP_LIST' ) );
+ $casesPanelUrl = 'casesToReviseTreeContent?APP_UID=' . $appUid . '&DEL_INDEX=' . $delIndex;
+ $oHeadPublisher->assign( 'casesPanelUrl', $casesPanelUrl ); //translations
+ echo "";
+ }
} else {
- $script = 'cases_OpenToRevise?';
- $oHeadPublisher->assign( 'treeToReviseTitle', G::loadtranslation( 'ID_STEP_LIST' ) );
- $casesPanelUrl = 'casesToReviseTreeContent?APP_UID=' . $appUid . '&DEL_INDEX=' . $delIndex;
- $oHeadPublisher->assign( 'casesPanelUrl', $casesPanelUrl ); //translations
- echo "";
+ $script = 'cases_Open?';
}
// getting bpmn projects
diff --git a/workflow/engine/templates/cases/casesList.js b/workflow/engine/templates/cases/casesList.js
index 45fb39d07..9f4466e94 100644
--- a/workflow/engine/templates/cases/casesList.js
+++ b/workflow/engine/templates/cases/casesList.js
@@ -156,11 +156,7 @@ function jumpToCase(appNumber){
if (res.exists === true) {
params = 'APP_NUMBER=' + appNumber;
params += '&action=jump';
-
- if(action == 'to_revise') {
- params += '&to_revise=true';
- params += '&actionFromList=' + action;
- }
+ params += '&actionFromList='+action;
requestFile = '../cases/open';
redirect(requestFile + '?' + params);
@@ -168,10 +164,10 @@ function jumpToCase(appNumber){
Ext.MessageBox.hide();
var message = new Array();
message['CASE_NUMBER'] = appNumber;
- msgBox(_('ID_INPUT_ERROR'), _('ID_CASE_DOES_NOT_EXIST_JS', appNumber), 'error');
+ msgBox(_('ID_INPUT_ERROR'), _(res.message), 'error');
}
},
- params: {action:'previusJump', appNumber: appNumber}
+ params: {action:'previusJump', appNumber: appNumber, actionFromList: action}
});
}