fernando/luos
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

BUG 8668 No se puede remover permisos del rol PROCESSMAKER_ADMIN SOLVED

Browse Source 
- The permits can not be removed for the role processmaker_admin.
- We add a generic list of permissions for the role processmaker_admin located in class.rbac.php.
- Was can remove permissions for the role processmaker_admin but other than those predefined in the list of RBAC.
This commit is contained in:
Marco Antonio Nina
2012-10-02 15:21:06 -04:00
parent bfdcf264d7
commit 963c70b62c
3 changed files with 95 additions and 26 deletions
Download Patch File Download Diff File Expand all files Collapse all files

32
gulliver/system/class.rbac.php
View File

@@ -59,6 +59,7 @@ class RBAC
var $currentSystemobj;
var $rolesPermissionsObj;
var $authSourcesObj;
var $permissionsAdmin;
var $aUserInfo = array();
var $aRbacPlugins = array();
@@ -143,6 +144,37 @@ class RBAC
}
}
/**
* gets the Role and their permissions for Administrator Processmaker
*
* @access public
* @return $this->permissionsAdmin[ $permissionsAdmin ]
*/
function loadPermissionAdmin() {
$permissionsAdmin =array(
array("PER_UID"=>"00000000000000000000000000000001","PER_CODE"=>"PM_LOGIN"),
array("PER_UID"=>"00000000000000000000000000000002","PER_CODE"=>"PM_SETUP"),
array("PER_UID"=>"00000000000000000000000000000003","PER_CODE"=>"PM_USERS"),
array("PER_UID"=>"00000000000000000000000000000004","PER_CODE"=>"PM_FACTORY"),
array("PER_UID"=>"00000000000000000000000000000005","PER_CODE"=>"PM_CASES"),
array("PER_UID"=>"00000000000000000000000000000006","PER_CODE"=>"PM_ALLCASES"),
array("PER_UID"=>"00000000000000000000000000000007","PER_CODE"=>"PM_REASSIGNCASE"),
array("PER_UID"=>"00000000000000000000000000000008","PER_CODE"=>"PM_REPORTS"),
array("PER_UID"=>"00000000000000000000000000000009","PER_CODE"=>"PM_SUPERVISOR"),
array("PER_UID"=>"00000000000000000000000000000010","PER_CODE"=>"PM_SETUP_ADVANCE"),
array("PER_UID"=>"00000000000000000000000000000011","PER_CODE"=>"PM_DASHBOARD"),
array("PER_UID"=>"00000000000000000000000000000012","PER_CODE"=>"PM_WEBDAV"),
array("PER_UID"=>"00000000000000000000000000000013","PER_CODE"=>"PM_DELETECASE"),
array("PER_UID"=>"00000000000000000000000000000014","PER_CODE"=>"PM_EDITPERSONALINFO"),
array("PER_UID"=>"00000000000000000000000000000015","PER_CODE"=>"PM_FOLDERS_VIEW"),
array("PER_UID"=>"00000000000000000000000000000016","PER_CODE"=>"PM_FOLDERS_ADD_FOLDER"),
array("PER_UID"=>"00000000000000000000000000000017","PER_CODE"=>"PM_FOLDERS_ADD_FILE"),
array("PER_UID"=>"00000000000000000000000000000018","PER_CODE"=>"PM_CANCELCASE"),
array("PER_UID"=>"00000000000000000000000000000019","PER_CODE"=>"PM_FOLDER_DELETE")
);
return $permissionsAdmin;
}
/**
* Gets the roles and permission for one RBAC_user
*

2
workflow/engine/methods/roles/rolesUsersPermission.php
View File

@@ -61,8 +61,10 @@ $roles['ROL_UID'] = $_GET['rUID'];
$roles['ROL_CODE'] = $RBAC->getRoleCode($_GET['rUID']);
$roles['CURRENT_TAB'] = ($_GET['tab']=='permissions') ? 1 : 0;
$permissionsAdmin = $RBAC->loadPermissionAdmin();
$oHeadPublisher->assign('ROLES', $roles);
$oHeadPublisher->assign('permissionsAdmin', $permissionsAdmin);
G::RenderPage('publish', 'extJs');
?>

43
workflow/engine/templates/roles/rolesUsersPermission.js
View File

@@ -152,7 +152,20 @@ Ext.onReady(function(){
selectionchange: function(sm){
switch (sm.getCount()) {
case 0: Ext.getCmp('removeButton').disable(); break;
default: (ROLES.ROL_UID==pm_admin)? Ext.getCmp('removeButton').disable() : Ext.getCmp('removeButton').enable(); break;
default:
Ext.getCmp('removeButton').enable();
if (ROLES.ROL_UID == pm_admin) {
var permissionUid = assignedGrid.getSelectionModel().getSelections();
permissionUid = permissionUid[0].get('PER_UID');
for (i=0; i<permissionsAdmin.length; i++)
{
if (permissionUid == permissionsAdmin[i]['PER_UID']) {
Ext.getCmp('removeButton').disable();
break;
}
}
}
break;
}
}
}
@@ -268,7 +281,7 @@ Ext.onReady(function(){
{xtype:'button',text: '>', handler: AssignPermissionAction, id: 'assignButton', disabled: true},
{xtype:'button',text: '&lt;', handler: RemovePermissionAction, id: 'removeButton', disabled: true},
{xtype:'button',text: '>>', handler: AssignAllPermissionsAction, id: 'assignButtonAll', disabled: false},
{xtype:'button',text: '&lt;&lt;', handler: RemoveAllPermissionsAction, id: 'removeButtonAll', disabled: (ROLES.ROL_UID==pm_admin) ? true : false}
{xtype:'button',text: '&lt;&lt;', handler: RemoveAllPermissionsAction, id: 'removeButtonAll', disabled: false}
],
hidden : true
});
@@ -659,14 +672,24 @@ AssignPermissionAction = function(){
//RemoveButton Functionality
RemovePermissionAction = function(){
if (ROLES.ROL_UID != pm_admin){
rowsSelected = assignedGrid.getSelectionModel().getSelections();
var arrAux = new Array();
for(var a=0; a < rowsSelected.length; a++){
var sw = true;
if (ROLES.ROL_UID == pm_admin) {
for (i=0; i<permissionsAdmin.length; i++)
{
if (permissionsAdmin[i]['PER_UID'] == rowsSelected[a].get('PER_UID')) {
sw = false;
break;
}
}
}
if (sw) {
arrAux[a] = rowsSelected[a].get('PER_UID');
}
DeletePermissionsRole(arrAux,RefreshPermissions,FailureProcess);
}
DeletePermissionsRole(arrAux,RefreshPermissions,FailureProcess);
};
//AssignALLButton Functionality
@@ -689,8 +712,20 @@ RemoveAllPermissionsAction = function(){
if (allRows.getCount()>0){
for (var r=0; r < allRows.getCount(); r++){
row = allRows.getAt(r);
var sw = true;
if (ROLES.ROL_UID == pm_admin) {
for (i=0; i<permissionsAdmin.length; i++)
{
if (permissionsAdmin[i]['PER_UID'] == row.data['PER_UID']) {
sw = false;
break;
}
}
}
if (sw) {
arrAux[r] = row.data['PER_UID'];
}
}
DeletePermissionsRole(arrAux,RefreshPermissions,FailureProcess);
}
};