PMC-124

workflow/engine/classes/WsBase.php

@@ -1333,6 +1333,8 @@ class WsBase
                     $result = new WsResponse(-1, G::LoadTranslation("ID_INVALID_DATA") . " $status");
 
                     return $result;
+                } else {
+                    $status == 'INACTIVE' ? $RBAC->destroySessionUser($userUid) : null;
                 }
             }
 

workflow/engine/classes/model/LoginLog.php

@@ -130,5 +130,43 @@ class LoginLog extends BaseLoginLog
         }
         return $aRows;
     }
+
+    /**
+     * Returns the last session id of a user
+     * @param string $userUid User uid
+     * @return array All session id of php
+     * @throws PropelException
+     * @throws SQLException
+     */
+    public function getSessionsIdByUser($userUid)
+    {
+        $criteria = new Criteria();
+        $criteria->addSelectColumn('LOG_SID');
+        $criteria->add(LoginLogPeer::USR_UID, $userUid);
+        $criteria->add(LoginLogPeer::LOG_STATUS, 'ACTIVE');
+        $criteria->setDistinct();
+        $criteria->addDescendingOrderByColumn(LoginLogPeer::LOG_INIT_DATE);
+        $resultSet = LoginLogPeer::doSelectRS($criteria);
+        $resultSet->setFetchmode(ResultSet::FETCHMODE_ASSOC);
+        $row = [];
+        while($resultSet->next()) {
+            $row[] = $resultSet->getRow();
+        }
+        return $row;
+    }
+
+    /**
+     * Delete all records related to a user uid
+     * @param string $userUid User uid
+     * @return int
+     * @throws PropelException
+     */
+    public function removeByUser($userUid)
+    {
+        $criteria = new Criteria();
+        $criteria->add(LoginLogPeer::USR_UID, $userUid);
+        $resultSet = LoginLogPeer::doDelete($criteria);
+        return $resultSet;
+    }
 }
 

workflow/engine/classes/model/OauthAccessTokens.php

@@ -173,6 +173,20 @@ class OauthAccessTokens extends BaseOauthAccessTokens
 
         return array("numRecTotal" => $numRecTotal, "data" => $arrayData);
     }
+
+    /**
+     * Delete all records related to a user uid
+     * @param string $userUid User uid
+     * @return int
+     * @throws PropelException
+     */
+    public function removeByUser($userUid)
+    {
+        $criteria = new Criteria();
+        $criteria->add(OauthAccessTokensPeer::USER_ID, $userUid);
+        $resultSet = OauthAccessTokensPeer::doDelete($criteria);
+        return $resultSet;
+    }
 }
 
 // OauthAccessTokens

workflow/engine/classes/model/OauthAuthorizationCodes.php

@@ -14,6 +14,19 @@ require_once 'classes/model/om/BaseOauthAuthorizationCodes.php';
  *
  * @package    classes.model
  */
-class OauthAuthorizationCodes extends BaseOauthAuthorizationCodes {
-
+class OauthAuthorizationCodes extends BaseOauthAuthorizationCodes
+{
+    /**
+     * Delete all records related to a user uid
+     * @param string $userUid User uid
+     * @return int
+     * @throws PropelException
+     */
+    public function removeByUser($userUid)
+    {
+        $criteria = new Criteria();
+        $criteria->add(OauthAuthorizationCodesPeer::USER_ID, $userUid);
+        $resultSet = OauthAuthorizationCodesPeer::doDelete($criteria);
+        return $resultSet;
+    }
 } // OauthAuthorizationCodes

workflow/engine/classes/model/OauthClients.php

@@ -209,6 +209,19 @@ class OauthClients extends BaseOauthClients
         return array("numRecTotal" => $numRecTotal, "data" => $arrayData);
     }
 
+    /**
+     * Delete all records related to a user uid
+     * @param string $userUid User uid
+     * @return int
+     * @throws PropelException
+     */
+    public function removeByUser($userUid)
+    {
+        $criteria = new Criteria();
+        $criteria->add(OauthClientsPeer::USR_UID, $userUid);
+        $resultSet = OauthClientsPeer::doDelete($criteria);
+        return $resultSet;
+    }
 }
 
 // OauthClients

workflow/engine/classes/model/OauthRefreshTokens.php

@@ -14,6 +14,19 @@ require_once 'classes/model/om/BaseOauthRefreshTokens.php';
  *
  * @package    classes.model
  */
-class OauthRefreshTokens extends BaseOauthRefreshTokens {
-
+class OauthRefreshTokens extends BaseOauthRefreshTokens
+{
+    /**
+     * Delete all records related to a user uid
+     * @param string $userUid User uid
+     * @return int
+     * @throws PropelException
+     */
+    public function removeByUser($userUid)
+    {
+        $criteria = new Criteria();
+        $criteria->add(OauthRefreshTokensPeer::USER_ID, $userUid);
+        $resultSet = OauthRefreshTokensPeer::doDelete($criteria);
+        return $resultSet;
+    }
 } // OauthRefreshTokens

workflow/engine/classes/model/Session.php

@@ -20,5 +20,18 @@ require_once 'classes/model/om/BaseSession.php';
  */
 class Session extends BaseSession
 {
+    /**
+     * Delete all records related to a user uid
+     * @param string $userUid User uid
+     * @return int
+     * @throws PropelException
+     */
+    public function removeByUser($userUid)
+    {
+        $criteria = new Criteria();
+        $criteria->add(SessionPeer::USR_UID, $userUid);
+        $resultSet = SessionPeer::doDelete($criteria);
+        return $resultSet;
+    }
 }
 

workflow/engine/methods/users/users_Ajax.php

@@ -149,6 +149,10 @@ try {
             $criteria->add(ProcessUserPeer::USR_UID, $usrUid, Criteria::EQUAL);
             $criteria->add(ProcessUserPeer::PU_TYPE, "SUPERVISOR", Criteria::EQUAL);
             ProcessUserPeer::doDelete($criteria);
+            //Destroy session after delete user
+            $RBAC->destroySessionUser($usrUid);
+            (new OauthClients())->removeByUser($usrUid);
+
             G::auditLog("DeleteUser", "User Name: ". $userName." User ID: (".$usrUid.") ");
             break;
         case 'changeUserStatus':
@@ -160,6 +164,8 @@ try {
                 $userData = $userInstance->load($_REQUEST['USR_UID']);
                 $userData['USR_STATUS'] = $_REQUEST['NEW_USR_STATUS'];
                 $userInstance->update($userData);
+                //Destroy session after inactive user
+                $_REQUEST['NEW_USR_STATUS'] == 'INACTIVE' ? $RBAC->destroySessionUser($_REQUEST['USR_UID']) : null;
 
                 $msg = $_REQUEST['NEW_USR_STATUS'] == 'ACTIVE'? "EnableUser" : "DisableUser";
                 G::auditLog($msg, "User Name: ".$userData['USR_USERNAME']." User ID: (".$userData['USR_UID'].") ");

workflow/engine/src/ProcessMaker/BusinessModel/User.php

@@ -21,6 +21,7 @@ use IsoCountryPeer;
 use IsoLocationPeer;
 use IsoSubdivisionPeer;
 use ListParticipatedLast;
+use OauthClients;
 use PMmemcached;
 use ProcessMaker\BusinessModel\ProcessSupervisor as BmProcessSupervisor;
 use ProcessMaker\Plugins\PluginRegistry;
@@ -1023,6 +1024,9 @@ class User
 
                 //Update in workflow
                 $result = $user->update($arrayData);
+                if (isset($arrayData['USR_STATUS'])) {
+                    $arrayData['USR_STATUS'] == 'INACTIVE' ? RBAC::destroySessionUser($userUid) : null;
+                }
 
                 //Save Calendar assigment
                 if (isset($arrayData["USR_CALENDAR"])) {
@@ -1330,6 +1334,9 @@ class User
                 $criteria->add(DashletInstancePeer::DAS_INS_OWNER_UID, $UID);
                 $criteria->add(DashletInstancePeer::DAS_INS_OWNER_TYPE, 'USER');
                 DashletInstancePeer::doDelete($criteria);
+                //Destroy session after delete user
+                RBAC::destroySessionUser($usrUid);
+                (new OauthClients())->removeByUser($usrUid);
             }
         } catch (Exception $e) {
             throw $e;

workflow/public_html/sysGeneric.php

@@ -937,6 +937,7 @@ if (!defined('EXECUTE_BY_CRON')) {
         $memKey = 'rbacSession' . session_id();
         if (($RBAC->aUserInfo = $memcache->get($memKey)) === false) {
             $RBAC->loadUserRolePermission($RBAC->sSystem, $_SESSION['USER_LOGGED']);
+            $RBAC->verifyDueDateUserLogged();
             $memcache->set($memKey, $RBAC->aUserInfo, PMmemcached::EIGHT_HOURS);
         }
     } else {