Release/3.3.2
This commit is contained in:
Paula Quispe
@@ -5893,4 +5893,25 @@ class G
|
||||
$class = isset(self::$adapters[$key]) ? self::$adapters[$key] : $name;
|
||||
return class_exists($class);
|
||||
}
|
||||
|
||||
/**
|
||||
* Fix string corrupted related to PMC-336.
|
||||
* To do, this method should be removed. Related to PMC-336.
|
||||
*
|
||||
* @param string $string
|
||||
* @return string
|
||||
*/
|
||||
public static function fixStringCorrupted($string)
|
||||
{
|
||||
$string = preg_replace_callback("/iconv\\(\\'UCS\\-4LE\\',\\'UTF\\-8\\',pack\\(\\'V\\', hexdec\\(\\'U[a-f0-9]{4}\\'\\)\\)\\)/", function($result) {
|
||||
//This looks for the following pattern:
|
||||
//iconv('UCS-4LE','UTF-8',pack('V', hexdec('U062f')))iconv('UCS-4LE','UTF-8',pack('V', hexdec('U0631')))
|
||||
//So making this replacement is safe.
|
||||
$portion = $result[0];
|
||||
$portion = str_replace("iconv('UCS-4LE','UTF-8',pack('V', hexdec('U", "\u", $portion);
|
||||
$portion = str_replace("')))", "", $portion);
|
||||
return $portion;
|
||||
}, $string);
|
||||
return $string;
|
||||
}
|
||||
}
|
||||
|
||||
@@ -55,7 +55,7 @@ class RBAC
|
||||
/**
|
||||
*
|
||||
* @access private
|
||||
* @var $userObj
|
||||
* @var RbacUsers $userObj
|
||||
*/
|
||||
public $userObj;
|
||||
public $usersPermissionsObj;
|
||||
@@ -803,6 +803,80 @@ class RBAC
|
||||
$this->aUserInfo[$sSystem]['PERMISSIONS'] = $fieldsPermissions;
|
||||
}
|
||||
|
||||
/**
|
||||
* Verification of a user through the class RBAC_user
|
||||
* verify if the user has permissions to stay in the application
|
||||
* -4: expired user
|
||||
* @access public
|
||||
* @throws Exception
|
||||
*/
|
||||
public function verifyDueDateUserLogged()
|
||||
{
|
||||
if (empty($this->userObj)) {
|
||||
return;
|
||||
}
|
||||
$uid = !empty($this->userObj) ? $this->userObj->getUsrUid() : null;
|
||||
//if the expired user
|
||||
if ($this->userObj->getUsrDueDate() < date('Y-m-d')) {
|
||||
$uid = -4;
|
||||
$errLabel = 'ID_USER_INACTIVE_BY_DATE';
|
||||
}
|
||||
|
||||
if (!isset($uid) || $uid < 0) {
|
||||
if (!defined('PPP_FAILED_LOGINS')) {
|
||||
define('PPP_FAILED_LOGINS', 0);
|
||||
}
|
||||
//start new session
|
||||
@session_destroy();
|
||||
session_start();
|
||||
session_regenerate_id();
|
||||
|
||||
throw new RBACException($errLabel);
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* Destroy all active sessions of a user (browser, soap, oauth)
|
||||
* @param string $usrUid User uid
|
||||
*/
|
||||
public static function destroySessionUser($usrUid)
|
||||
{
|
||||
//remove all register of tables related to the token
|
||||
(new OauthAccessTokens())->removeByUser($usrUid);
|
||||
(new OauthRefreshTokens())->removeByUser($usrUid);
|
||||
(new PmoauthUserAccessTokens())->removeByUser($usrUid);
|
||||
(new OauthAuthorizationCodes())->removeByUser($usrUid);
|
||||
|
||||
$loginLog = new LoginLog();
|
||||
$sessionId = $loginLog->getSessionsIdByUser($usrUid);
|
||||
if ($sessionId) {
|
||||
//remove all login log row's of LOGIN_LOG table
|
||||
$loginLog->removeByUser($usrUid);
|
||||
//remove all register of tables
|
||||
(new Session())->removeByUser($usrUid);
|
||||
|
||||
// 1. commit session if it's started.
|
||||
if (session_id()) {
|
||||
session_commit();
|
||||
}
|
||||
// 2. store current session id
|
||||
session_start();
|
||||
$currentSessionId = session_id();
|
||||
session_commit();
|
||||
// 3. then destroy session specified.
|
||||
foreach ($sessionId as $sid) {
|
||||
session_id($sid['LOG_SID']);
|
||||
session_start();
|
||||
session_destroy();
|
||||
session_commit();
|
||||
}
|
||||
// 4. restore current session id. If don't restore it, your current session will refer to the session you just destroyed!
|
||||
session_id($currentSessionId);
|
||||
session_start();
|
||||
session_commit();
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* verification the register automatic
|
||||
*
|
||||
|
||||
20
thirdparty/creole/contrib/DBArrayConnection.php
vendored
20
thirdparty/creole/contrib/DBArrayConnection.php
vendored
@@ -523,19 +523,15 @@ class DBArrayConnection implements Connection
|
||||
}
|
||||
}
|
||||
|
||||
//prepend the headers in the resultRow
|
||||
array_unshift($resultRow, $this->_DBArray[$tableName][0]);
|
||||
//$resultRow[0] = $this->_DBArray[ $tableName ][0];
|
||||
|
||||
/* algorith to order a multiarray
|
||||
// Obtain a list of columns
|
||||
foreach ($data as $key => $row) {
|
||||
$volume[$key] = $row['volume'];
|
||||
$edition[$key] = $row['edition'];
|
||||
/**
|
||||
* Prepend the headers in the resultRow.
|
||||
* If the null value is not taken, $resultRow will lose an element.
|
||||
*/
|
||||
$header = null;
|
||||
if (isset($this->_DBArray[$tableName][0])) {
|
||||
$header = $this->_DBArray[$tableName][0];
|
||||
}
|
||||
// Sort the data with volume descending, edition ascending
|
||||
// Add $data as the last parameter, to sort by the common key
|
||||
array_multisort($volume, SORT_DESC, $edition, SORT_ASC, $data); */
|
||||
array_unshift($resultRow, $header);
|
||||
|
||||
/*
|
||||
* Apply Limit and Offset
|
||||
|
||||
@@ -191,17 +191,19 @@ class MSSQLConnection extends ConnectionCommon implements Connection
|
||||
{
|
||||
$this->lastQuery = $sql;
|
||||
if (extension_loaded('sqlsrv')) {
|
||||
$result = sqlsrv_query($this->dblink, $sql);
|
||||
$result = @sqlsrv_query($this->dblink, $sql);
|
||||
if (!$result) {
|
||||
throw new SQLException('Could not execute query', print_r(sqlsrv_errors(), true));
|
||||
}
|
||||
} else {
|
||||
if (!@mssql_select_db($this->database, $this->dblink)) {
|
||||
throw new SQLException('No database selected');
|
||||
}
|
||||
|
||||
$result = @mssql_query($sql, $this->dblink);
|
||||
}
|
||||
if (!$result) {
|
||||
throw new SQLException('Could not execute query', mssql_get_last_message());
|
||||
}
|
||||
}
|
||||
return new MSSQLResultSet($this, $result, $fetchmode);
|
||||
}
|
||||
|
||||
@@ -210,23 +212,23 @@ class MSSQLConnection extends ConnectionCommon implements Connection
|
||||
*/
|
||||
function executeUpdate($sql)
|
||||
{
|
||||
if (extension_loaded('sqlsrv')) {
|
||||
$result = sqlsrv_query($this->dblink, $sql);
|
||||
} else {
|
||||
$this->lastQuery = $sql;
|
||||
if (extension_loaded('sqlsrv')) {
|
||||
$result = @sqlsrv_query($this->dblink, $sql);
|
||||
if (!$result) {
|
||||
throw new SQLException('Could not execute update', print_r(sqlsrv_errors(), true), $sql);
|
||||
}
|
||||
return (int) sqlsrv_rows_affected($this->dblink);
|
||||
} else {
|
||||
if (!mssql_select_db($this->database, $this->dblink)) {
|
||||
throw new SQLException('No database selected');
|
||||
}
|
||||
|
||||
$result = @mssql_query($sql, $this->dblink);
|
||||
}
|
||||
|
||||
if (!$result) {
|
||||
throw new SQLException('Could not execute update', mssql_get_last_message(), $sql);
|
||||
}
|
||||
|
||||
return (int) mssql_rows_affected($this->dblink);
|
||||
// return $this->getUpdateCount();
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
@@ -237,14 +239,17 @@ class MSSQLConnection extends ConnectionCommon implements Connection
|
||||
protected function beginTrans()
|
||||
{
|
||||
if (extension_loaded('sqlsrv')) {
|
||||
$result = sqlsrv_begin_transaction($this->dblink);
|
||||
$result = @sqlsrv_begin_transaction($this->dblink);
|
||||
if (!$result) {
|
||||
throw new SQLException('Could not begin transaction', print_r(sqlsrv_errors(), true));
|
||||
}
|
||||
} else {
|
||||
$result = @mssql_query('BEGIN TRAN', $this->dblink);
|
||||
}
|
||||
if (!$result) {
|
||||
throw new SQLException('Could not begin transaction', mssql_get_last_message());
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* Commit the current transaction.
|
||||
@@ -254,17 +259,20 @@ class MSSQLConnection extends ConnectionCommon implements Connection
|
||||
protected function commitTrans()
|
||||
{
|
||||
if (extension_loaded('sqlsrv')) {
|
||||
$result = sqlsrv_commit($this->dblink);
|
||||
$result = @sqlsrv_commit($this->dblink);
|
||||
if (!$result) {
|
||||
throw new SQLException('Could not commit transaction', print_r(sqlsrv_errors(), true));
|
||||
}
|
||||
} else {
|
||||
if (!@mssql_select_db($this->database, $this->dblink)) {
|
||||
throw new SQLException('No database selected');
|
||||
}
|
||||
$result = @mssql_query('COMMIT TRAN', $this->dblink);
|
||||
}
|
||||
if (!$result) {
|
||||
throw new SQLException('Could not commit transaction', mssql_get_last_message());
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* Roll back (undo) the current transaction.
|
||||
@@ -274,17 +282,20 @@ class MSSQLConnection extends ConnectionCommon implements Connection
|
||||
protected function rollbackTrans()
|
||||
{
|
||||
if (extension_loaded('sqlsrv')) {
|
||||
$result = sqlsrv_rollback($this->dblink);
|
||||
$result = @sqlsrv_rollback($this->dblink);
|
||||
if (!$result) {
|
||||
throw new SQLException('Could not rollback transaction', print_r(sqlsrv_errors(), true));
|
||||
}
|
||||
} else {
|
||||
if (!@mssql_select_db($this->database, $this->dblink)) {
|
||||
throw new SQLException('no database selected');
|
||||
}
|
||||
$result = @mssql_query('ROLLBACK TRAN', $this->dblink);
|
||||
}
|
||||
if (!$result) {
|
||||
throw new SQLException('Could not rollback transaction', mssql_get_last_message());
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* Gets the number of rows affected by the last query.
|
||||
|
||||
@@ -154,13 +154,15 @@ class MSSQLResultSet extends ResultSetCommon implements ResultSet
|
||||
{
|
||||
if (extension_loaded('sqlsrv')) {
|
||||
$rows = @sqlsrv_num_rows($this->result);
|
||||
if ($rows === null) {
|
||||
throw new SQLException('Error getting record count', print_r(sqlsrv_errors(), true));
|
||||
}
|
||||
} else {
|
||||
$rows = @mssql_num_rows($this->result);
|
||||
}
|
||||
|
||||
if ($rows === null) {
|
||||
throw new SQLException('Error getting record count', mssql_get_last_message());
|
||||
}
|
||||
}
|
||||
// adjust count based on emulated LIMIT/OFFSET
|
||||
$rows -= $this->offset;
|
||||
return ($this->limit > 0 && $rows > $this->limit ? $this->limit : $rows);
|
||||
|
||||
@@ -38,30 +38,29 @@ class MSSQLDatabaseInfo extends DatabaseInfo
|
||||
protected function initTables()
|
||||
{
|
||||
include_once 'creole/drivers/mssql/metadata/MSSQLTableInfo.php';
|
||||
|
||||
$dsn = $this->conn->getDSN();
|
||||
|
||||
|
||||
$sql = "SELECT TABLE_NAME FROM INFORMATION_SCHEMA.TABLES WHERE TABLE_TYPE = 'BASE TABLE' AND TABLE_NAME <> 'dtproperties'";
|
||||
if (extension_loaded('sqlsrv')) {
|
||||
$result = sqlsrv_query(
|
||||
"SELECT TABLE_NAME FROM INFORMATION_SCHEMA.TABLES WHERE TABLE_TYPE = 'BASE TABLE' AND TABLE_NAME <> 'dtproperties'",
|
||||
$this->conn->getResource()
|
||||
);
|
||||
$result = sqlsrv_query($sql, $this->conn->getResource());
|
||||
if (!$result) {
|
||||
throw new SQLException("Could not list tables", print_r(sqlsrv_errors(), true));
|
||||
}
|
||||
while ($row = sqlsrv_fetch_array($result)) {
|
||||
$this->tables[strtoupper($row[0])] = new MSSQLTableInfo($this, $row[0]);
|
||||
}
|
||||
} else {
|
||||
if (!@mssql_select_db($this->dbname, $this->conn->getResource())) {
|
||||
throw new SQLException('No database selected');
|
||||
}
|
||||
$result = mssql_query("SELECT TABLE_NAME FROM INFORMATION_SCHEMA.TABLES WHERE TABLE_TYPE = 'BASE TABLE' AND TABLE_NAME <> 'dtproperties'", $this->conn->getResource());
|
||||
}
|
||||
|
||||
$result = mssql_query($sql, $this->conn->getResource());
|
||||
if (!$result) {
|
||||
throw new SQLException("Could not list tables", mssql_get_last_message());
|
||||
}
|
||||
|
||||
while ($row = mssql_fetch_row($result)) {
|
||||
$this->tables[strtoupper($row[0])] = new MSSQLTableInfo($this, $row[0]);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
*
|
||||
|
||||
@@ -3512,12 +3512,13 @@ class Cases
|
||||
|
||||
$fieldsTrigger = [];
|
||||
foreach ($triggersList as $trigger) {
|
||||
//Scan the code
|
||||
/*----------------------------------********---------------------------------*/
|
||||
$disabledCode = $this->codeScannerReview($cs, $trigger["TRI_WEBBOT"], $trigger["TRI_TITLE"]);
|
||||
if (!empty($disabledCode)) {
|
||||
$foundDisabledCode .= $disabledCode;
|
||||
continue;
|
||||
}
|
||||
/*----------------------------------********---------------------------------*/
|
||||
|
||||
$execute = true;
|
||||
//Check if the trigger has conditions for the execution
|
||||
|
||||
@@ -194,7 +194,7 @@ class DbConnections
|
||||
$conf = Propel::getConfiguration();
|
||||
// Iterate through the datasources of configuration, and only care about workflow, rbac or rp. Remove anything else.
|
||||
foreach ($conf['datasources'] as $key => $val) {
|
||||
if (!in_array($key, ['workflow', 'rbac', 'rp'])) {
|
||||
if (!in_array($key, ['workflow', 'rbac', 'rp', 'dbarray'])) {
|
||||
unset($conf['datasources'][$key]);
|
||||
}
|
||||
}
|
||||
|
||||
@@ -253,14 +253,7 @@ class Net
|
||||
break;
|
||||
case 'mssql':
|
||||
//todo
|
||||
if (!extension_loaded('sqlsrv')) {
|
||||
if ($this->db_instance != "") {
|
||||
$link = @mssql_connect($this->ip . "\\" . $this->db_instance, $this->db_user, $this->db_passwd);
|
||||
} else {
|
||||
$port = (($this->db_port == "") || ($this->db_port == 0) || ($this->db_port == 1433)) ? "" : ":" . $this->db_port;
|
||||
$link = @mssql_connect($this->ip . $port, $this->db_user, $this->db_passwd);
|
||||
}
|
||||
} else {
|
||||
if (extension_loaded('sqlsrv')) {
|
||||
if ($this->db_instance != "") {
|
||||
$server = $this->ip . "\\" . $this->db_instance;
|
||||
} else {
|
||||
@@ -274,6 +267,13 @@ class Net
|
||||
'Database' => $this->db_sourcename
|
||||
];
|
||||
$link = @sqlsrv_connect($server, $opt);
|
||||
} else {
|
||||
if ($this->db_instance != "") {
|
||||
$link = @mssql_connect($this->ip . "\\" . $this->db_instance, $this->db_user, $this->db_passwd);
|
||||
} else {
|
||||
$port = (($this->db_port == "") || ($this->db_port == 0) || ($this->db_port == 1433)) ? "" : ":" . $this->db_port;
|
||||
$link = @mssql_connect($this->ip . $port, $this->db_user, $this->db_passwd);
|
||||
}
|
||||
}
|
||||
|
||||
if ($link) {
|
||||
@@ -397,14 +397,7 @@ class Net
|
||||
}
|
||||
break;
|
||||
case 'mssql':
|
||||
if (!extension_loaded('sqlsrv')) {
|
||||
if ($this->db_instance != "") {
|
||||
$link = @mssql_connect($this->ip . "\\" . $this->db_instance, $this->db_user, $this->db_passwd);
|
||||
} else {
|
||||
$port = (($this->db_port == "") || ($this->db_port == 0) || ($this->db_port == 1433)) ? "" : ":" . $this->db_port;
|
||||
$link = @mssql_connect($this->ip . $port, $this->db_user, $this->db_passwd);
|
||||
}
|
||||
} else {
|
||||
if (extension_loaded('sqlsrv')) {
|
||||
if ($this->db_instance != "") {
|
||||
$server = $this->ip . "\\" . $this->db_instance;
|
||||
} else {
|
||||
@@ -418,6 +411,13 @@ class Net
|
||||
'Database' => $this->db_sourcename
|
||||
];
|
||||
$link = $db = @sqlsrv_connect($server, $opt);
|
||||
} else {
|
||||
if ($this->db_instance != "") {
|
||||
$link = @mssql_connect($this->ip . "\\" . $this->db_instance, $this->db_user, $this->db_passwd);
|
||||
} else {
|
||||
$port = (($this->db_port == "") || ($this->db_port == 0) || ($this->db_port == 1433)) ? "" : ":" . $this->db_port;
|
||||
$link = @mssql_connect($this->ip . $port, $this->db_user, $this->db_passwd);
|
||||
}
|
||||
}
|
||||
if ($link) {
|
||||
if (!extension_loaded('sqlsrv')) {
|
||||
|
||||
@@ -65,6 +65,8 @@ class PmDynaform
|
||||
}
|
||||
$this->record["DYN_CONTENT"] = G::json_encode($json);
|
||||
}
|
||||
//to do, this line should be removed. Related to PMC-196.
|
||||
$this->record['DYN_CONTENT'] = G::fixStringCorrupted($this->record['DYN_CONTENT']);
|
||||
}
|
||||
|
||||
public function getDynaformTitle($idDynaform)
|
||||
|
||||
@@ -1333,6 +1333,8 @@ class WsBase
|
||||
$result = new WsResponse(-1, G::LoadTranslation("ID_INVALID_DATA") . " $status");
|
||||
|
||||
return $result;
|
||||
} else {
|
||||
$status == 'INACTIVE' ? $RBAC->destroySessionUser($userUid) : null;
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
@@ -130,5 +130,43 @@ class LoginLog extends BaseLoginLog
|
||||
}
|
||||
return $aRows;
|
||||
}
|
||||
|
||||
/**
|
||||
* Returns the last session id of a user
|
||||
* @param string $userUid User uid
|
||||
* @return array All session id of php
|
||||
* @throws PropelException
|
||||
* @throws SQLException
|
||||
*/
|
||||
public function getSessionsIdByUser($userUid)
|
||||
{
|
||||
$criteria = new Criteria();
|
||||
$criteria->addSelectColumn('LOG_SID');
|
||||
$criteria->add(LoginLogPeer::USR_UID, $userUid);
|
||||
$criteria->add(LoginLogPeer::LOG_STATUS, 'ACTIVE');
|
||||
$criteria->setDistinct();
|
||||
$criteria->addDescendingOrderByColumn(LoginLogPeer::LOG_INIT_DATE);
|
||||
$resultSet = LoginLogPeer::doSelectRS($criteria);
|
||||
$resultSet->setFetchmode(ResultSet::FETCHMODE_ASSOC);
|
||||
$row = [];
|
||||
while($resultSet->next()) {
|
||||
$row[] = $resultSet->getRow();
|
||||
}
|
||||
return $row;
|
||||
}
|
||||
|
||||
/**
|
||||
* Delete all records related to a user uid
|
||||
* @param string $userUid User uid
|
||||
* @return int
|
||||
* @throws PropelException
|
||||
*/
|
||||
public function removeByUser($userUid)
|
||||
{
|
||||
$criteria = new Criteria();
|
||||
$criteria->add(LoginLogPeer::USR_UID, $userUid);
|
||||
$resultSet = LoginLogPeer::doDelete($criteria);
|
||||
return $resultSet;
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
@@ -173,6 +173,20 @@ class OauthAccessTokens extends BaseOauthAccessTokens
|
||||
|
||||
return array("numRecTotal" => $numRecTotal, "data" => $arrayData);
|
||||
}
|
||||
|
||||
/**
|
||||
* Delete all records related to a user uid
|
||||
* @param string $userUid User uid
|
||||
* @return int
|
||||
* @throws PropelException
|
||||
*/
|
||||
public function removeByUser($userUid)
|
||||
{
|
||||
$criteria = new Criteria();
|
||||
$criteria->add(OauthAccessTokensPeer::USER_ID, $userUid);
|
||||
$resultSet = OauthAccessTokensPeer::doDelete($criteria);
|
||||
return $resultSet;
|
||||
}
|
||||
}
|
||||
|
||||
// OauthAccessTokens
|
||||
|
||||
@@ -14,6 +14,19 @@ require_once 'classes/model/om/BaseOauthAuthorizationCodes.php';
|
||||
*
|
||||
* @package classes.model
|
||||
*/
|
||||
class OauthAuthorizationCodes extends BaseOauthAuthorizationCodes {
|
||||
|
||||
class OauthAuthorizationCodes extends BaseOauthAuthorizationCodes
|
||||
{
|
||||
/**
|
||||
* Delete all records related to a user uid
|
||||
* @param string $userUid User uid
|
||||
* @return int
|
||||
* @throws PropelException
|
||||
*/
|
||||
public function removeByUser($userUid)
|
||||
{
|
||||
$criteria = new Criteria();
|
||||
$criteria->add(OauthAuthorizationCodesPeer::USER_ID, $userUid);
|
||||
$resultSet = OauthAuthorizationCodesPeer::doDelete($criteria);
|
||||
return $resultSet;
|
||||
}
|
||||
} // OauthAuthorizationCodes
|
||||
|
||||
@@ -209,6 +209,19 @@ class OauthClients extends BaseOauthClients
|
||||
return array("numRecTotal" => $numRecTotal, "data" => $arrayData);
|
||||
}
|
||||
|
||||
/**
|
||||
* Delete all records related to a user uid
|
||||
* @param string $userUid User uid
|
||||
* @return int
|
||||
* @throws PropelException
|
||||
*/
|
||||
public function removeByUser($userUid)
|
||||
{
|
||||
$criteria = new Criteria();
|
||||
$criteria->add(OauthClientsPeer::USR_UID, $userUid);
|
||||
$resultSet = OauthClientsPeer::doDelete($criteria);
|
||||
return $resultSet;
|
||||
}
|
||||
}
|
||||
|
||||
// OauthClients
|
||||
|
||||
@@ -14,6 +14,19 @@ require_once 'classes/model/om/BaseOauthRefreshTokens.php';
|
||||
*
|
||||
* @package classes.model
|
||||
*/
|
||||
class OauthRefreshTokens extends BaseOauthRefreshTokens {
|
||||
|
||||
class OauthRefreshTokens extends BaseOauthRefreshTokens
|
||||
{
|
||||
/**
|
||||
* Delete all records related to a user uid
|
||||
* @param string $userUid User uid
|
||||
* @return int
|
||||
* @throws PropelException
|
||||
*/
|
||||
public function removeByUser($userUid)
|
||||
{
|
||||
$criteria = new Criteria();
|
||||
$criteria->add(OauthRefreshTokensPeer::USER_ID, $userUid);
|
||||
$resultSet = OauthRefreshTokensPeer::doDelete($criteria);
|
||||
return $resultSet;
|
||||
}
|
||||
} // OauthRefreshTokens
|
||||
|
||||
@@ -29,4 +29,20 @@ class PmoauthUserAccessTokens extends BasePmoauthUserAccessTokens
|
||||
|
||||
return (is_array($result) && empty($result)) ? false : $result[0];
|
||||
}
|
||||
|
||||
/**
|
||||
* Delete all records related to a user uid
|
||||
*
|
||||
* @param string $userUid User uid
|
||||
*
|
||||
* @return int
|
||||
*/
|
||||
public function removeByUser($userUid)
|
||||
{
|
||||
$criteria = new Criteria();
|
||||
$criteria->add(PmoauthUserAccessTokensPeer::USER_ID, $userUid);
|
||||
$resultSet = PmoauthUserAccessTokensPeer::doDelete($criteria);
|
||||
|
||||
return $resultSet;
|
||||
}
|
||||
} // PmoauthUserAccessTokens
|
||||
|
||||
@@ -20,5 +20,18 @@ require_once 'classes/model/om/BaseSession.php';
|
||||
*/
|
||||
class Session extends BaseSession
|
||||
{
|
||||
/**
|
||||
* Delete all records related to a user uid
|
||||
* @param string $userUid User uid
|
||||
* @return int
|
||||
* @throws PropelException
|
||||
*/
|
||||
public function removeByUser($userUid)
|
||||
{
|
||||
$criteria = new Criteria();
|
||||
$criteria->add(SessionPeer::USR_UID, $userUid);
|
||||
$resultSet = SessionPeer::doDelete($criteria);
|
||||
return $resultSet;
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
@@ -1,5 +1,7 @@
|
||||
<?php
|
||||
/** Permissions */
|
||||
|
||||
use ProcessMaker\Util\DateTime;
|
||||
|
||||
switch ($RBAC->userCanAccess('PM_CASES')) {
|
||||
case -2:
|
||||
G::SendTemporalMessage('ID_USER_HAVENT_RIGHTS_SYSTEM', 'error', 'labels');
|
||||
@@ -104,7 +106,7 @@ if (
|
||||
$fieldsCase['isIE'] = Bootstrap::isIE();
|
||||
|
||||
$G_PUBLISH = new Publisher();
|
||||
$fieldsCase = DateTime::convertUtcToTimeZone($fieldsCase);
|
||||
$G_PUBLISH->AddContent('xmlform', 'xmlform', 'cases/cases_CatchSelfService.xml', '', $fieldsCase, 'cases_CatchExecute');
|
||||
G::RenderPage('publish', 'blank');
|
||||
}
|
||||
|
||||
|
||||
@@ -1,6 +1,7 @@
|
||||
<?php
|
||||
|
||||
use ProcessMaker\BusinessModel\Task as BusinessModelTask;
|
||||
use ProcessMaker\Util\DateTime;
|
||||
|
||||
/* Permissions */
|
||||
switch ($RBAC->userCanAccess('PM_CASES')) {
|
||||
@@ -123,6 +124,7 @@ if ($nTasksInParallel > 1) {
|
||||
}
|
||||
|
||||
$Fields['TAS_TITLE'] = $aTask['TAS_TITLE'];
|
||||
$Fields = DateTime::convertUtcToTimeZone($Fields);
|
||||
|
||||
$objUser = new Users();
|
||||
$oHeadPublisher = headPublisher::getSingleton();
|
||||
@@ -150,10 +152,10 @@ if ($Fields['APP_STATUS'] != 'COMPLETED') {
|
||||
$FieldsPar['CURRENT_USER'] = '';
|
||||
}
|
||||
}
|
||||
$FieldsPar['DEL_DELEGATE_DATE'] = $row['DEL_DELEGATE_DATE'];
|
||||
$FieldsPar['DEL_INIT_DATE'] = $row['DEL_INIT_DATE'];
|
||||
$FieldsPar['DEL_TASK_DUE_DATE'] = $row['DEL_TASK_DUE_DATE'];
|
||||
$FieldsPar['DEL_FINISH_DATE'] = $row['DEL_FINISH_DATE'];
|
||||
$FieldsPar['DEL_DELEGATE_DATE'] = DateTime::convertUtcToTimeZone($row['DEL_DELEGATE_DATE']);
|
||||
$FieldsPar['DEL_INIT_DATE'] = DateTime::convertUtcToTimeZone($row['DEL_INIT_DATE']);
|
||||
$FieldsPar['DEL_TASK_DUE_DATE'] = DateTime::convertUtcToTimeZone($row['DEL_TASK_DUE_DATE']);
|
||||
$FieldsPar['DEL_FINISH_DATE'] = DateTime::convertUtcToTimeZone($row['DEL_FINISH_DATE']);
|
||||
$G_PUBLISH->AddContent('xmlform', 'xmlform', 'cases/cases_Resume_Current_Task.xml', '', $FieldsPar);
|
||||
}
|
||||
}
|
||||
|
||||
@@ -149,6 +149,10 @@ try {
|
||||
$criteria->add(ProcessUserPeer::USR_UID, $usrUid, Criteria::EQUAL);
|
||||
$criteria->add(ProcessUserPeer::PU_TYPE, "SUPERVISOR", Criteria::EQUAL);
|
||||
ProcessUserPeer::doDelete($criteria);
|
||||
//Destroy session after delete user
|
||||
$RBAC->destroySessionUser($usrUid);
|
||||
(new OauthClients())->removeByUser($usrUid);
|
||||
|
||||
G::auditLog("DeleteUser", "User Name: ". $userName." User ID: (".$usrUid.") ");
|
||||
break;
|
||||
case 'changeUserStatus':
|
||||
@@ -160,6 +164,8 @@ try {
|
||||
$userData = $userInstance->load($_REQUEST['USR_UID']);
|
||||
$userData['USR_STATUS'] = $_REQUEST['NEW_USR_STATUS'];
|
||||
$userInstance->update($userData);
|
||||
//Destroy session after inactive user
|
||||
$_REQUEST['NEW_USR_STATUS'] == 'INACTIVE' ? $RBAC->destroySessionUser($_REQUEST['USR_UID']) : null;
|
||||
|
||||
$msg = $_REQUEST['NEW_USR_STATUS'] == 'ACTIVE'? "EnableUser" : "DisableUser";
|
||||
G::auditLog($msg, "User Name: ".$userData['USR_USERNAME']." User ID: (".$userData['USR_UID'].") ");
|
||||
|
||||
@@ -966,9 +966,10 @@ class DynaForm
|
||||
if ($record['DYN_VERSION'] === 0) {
|
||||
$record['DYN_VERSION'] = 1;
|
||||
}
|
||||
|
||||
//to do, this line should be removed. Related to PMC-196.
|
||||
$record['DYN_CONTENT'] = G::fixStringCorrupted($record['DYN_CONTENT']);
|
||||
$record['DYN_CONTENT'] = preg_replace_callback("/\\\\u([a-f0-9]{4})/", function ($m) {
|
||||
return "iconv('UCS-4LE','UTF-8',pack('V', hexdec('U$m[1]')))";
|
||||
return iconv('UCS-4LE', 'UTF-8', pack('V', hexdec('U' . $m[1])));
|
||||
}, $record['DYN_CONTENT']);
|
||||
|
||||
return array(
|
||||
@@ -977,7 +978,7 @@ class DynaForm
|
||||
$this->getFieldNameByFormatFieldName('DYN_DESCRIPTION') => $record['DYN_DESCRIPTION'] . '',
|
||||
$this->getFieldNameByFormatFieldName('DYN_TYPE') => $record['DYN_TYPE'] . '',
|
||||
$this->getFieldNameByFormatFieldName('DYN_CONTENT') => $record['DYN_CONTENT'] . '',
|
||||
$this->getFieldNameByFormatFieldName('DYN_VERSION') => (int)$record['DYN_VERSION'],
|
||||
$this->getFieldNameByFormatFieldName('DYN_VERSION') => (int) $record['DYN_VERSION'],
|
||||
$this->getFieldNameByFormatFieldName('DYN_UPDATE_DATE') => $record['DYN_UPDATE_DATE']
|
||||
);
|
||||
} catch (\Exception $e) {
|
||||
|
||||
@@ -21,6 +21,7 @@ use IsoCountryPeer;
|
||||
use IsoLocationPeer;
|
||||
use IsoSubdivisionPeer;
|
||||
use ListParticipatedLast;
|
||||
use OauthClients;
|
||||
use PMmemcached;
|
||||
use ProcessMaker\BusinessModel\ProcessSupervisor as BmProcessSupervisor;
|
||||
use ProcessMaker\Plugins\PluginRegistry;
|
||||
@@ -1023,6 +1024,9 @@ class User
|
||||
|
||||
//Update in workflow
|
||||
$result = $user->update($arrayData);
|
||||
if (isset($arrayData['USR_STATUS'])) {
|
||||
$arrayData['USR_STATUS'] == 'INACTIVE' ? RBAC::destroySessionUser($userUid) : null;
|
||||
}
|
||||
|
||||
//Save Calendar assigment
|
||||
if (isset($arrayData["USR_CALENDAR"])) {
|
||||
@@ -1330,6 +1334,9 @@ class User
|
||||
$criteria->add(DashletInstancePeer::DAS_INS_OWNER_UID, $UID);
|
||||
$criteria->add(DashletInstancePeer::DAS_INS_OWNER_TYPE, 'USER');
|
||||
DashletInstancePeer::doDelete($criteria);
|
||||
//Destroy session after delete user
|
||||
RBAC::destroySessionUser($usrUid);
|
||||
(new OauthClients())->removeByUser($usrUid);
|
||||
}
|
||||
} catch (Exception $e) {
|
||||
throw $e;
|
||||
|
||||
@@ -937,6 +937,7 @@ if (!defined('EXECUTE_BY_CRON')) {
|
||||
$memKey = 'rbacSession' . session_id();
|
||||
if (($RBAC->aUserInfo = $memcache->get($memKey)) === false) {
|
||||
$RBAC->loadUserRolePermission($RBAC->sSystem, $_SESSION['USER_LOGGED']);
|
||||
$RBAC->verifyDueDateUserLogged();
|
||||
$memcache->set($memKey, $RBAC->aUserInfo, PMmemcached::EIGHT_HOURS);
|
||||
}
|
||||
} else {
|
||||
|
||||
Reference in New Issue
Block a user