diff --git a/workflow/engine/src/ProcessMaker/BusinessModel/Cases/InputDocument.php b/workflow/engine/src/ProcessMaker/BusinessModel/Cases/InputDocument.php index 4748b51bc..d14309edc 100644 --- a/workflow/engine/src/ProcessMaker/BusinessModel/Cases/InputDocument.php +++ b/workflow/engine/src/ProcessMaker/BusinessModel/Cases/InputDocument.php @@ -493,7 +493,7 @@ class InputDocument * * return array Return an array with data of an InputDocument */ - public function addCasesInputDocument($applicationUid, $taskUid, $appDocComment, $inputDocumentUid, $userUid) + public function addCasesInputDocument($applicationUid, $taskUid, $appDocComment, $inputDocumentUid, $userUid, $runningWorkflow = true) { try { if ((isset( $_FILES['form'] )) && ($_FILES['form']['error'] != 0)) { @@ -535,7 +535,60 @@ class InputDocument $appDocType = 'INPUT'; $case = new \Cases(); $delIndex = \AppDelegation::getCurrentIndex($applicationUid); - $case->thisIsTheCurrentUser($applicationUid, $delIndex, $userUid, "REDIRECT", "casesListExtJs"); + + if ($runningWorkflow) { + $case->thisIsTheCurrentUser($applicationUid, $delIndex, $userUid, 'REDIRECT', 'casesListExtJs'); + } else { + $criteria = new \Criteria('workflow'); + + $criteria->add(\AppDelegationPeer::APP_UID, $applicationUid); + $criteria->add(\AppDelegationPeer::DEL_INDEX, $delIndex); + $criteria->add(\AppDelegationPeer::USR_UID, $userUid); + + $rsCriteria = \ProcessUserPeer::doSelectRS($criteria); + + if (!$rsCriteria->next()) { + $case2 = new \ProcessMaker\BusinessModel\Cases(); + + $arrayApplicationData = $case2->getApplicationRecordByPk($applicationUid, [], false); + + $msg = ''; + + $supervisor = new \ProcessMaker\BusinessModel\ProcessSupervisor(); + $flagps = $supervisor->isUserProcessSupervisor($arrayApplicationData['PRO_UID'], $userUid); + + if ($flagps == false) { + $msg = \G::LoadTranslation('ID_USER_NOT_IT_BELONGS_CASE_OR_NOT_SUPERVISOR'); + } + + if ($msg == '') { + $criteria = new \Criteria('workflow'); + + $criteria->add(\StepSupervisorPeer::PRO_UID, $arrayApplicationData['PRO_UID'], \Criteria::EQUAL); + $criteria->add(\StepSupervisorPeer::STEP_TYPE_OBJ, 'INPUT_DOCUMENT', \Criteria::EQUAL); + $criteria->add(\StepSupervisorPeer::STEP_UID_OBJ, $inputDocumentUid, \Criteria::EQUAL); + + $rsCriteria = \StepSupervisorPeer::doSelectRS($criteria); + + if (!$rsCriteria->next()) { + $msg = \G::LoadTranslation('ID_USER_IS_SUPERVISOR_DOES_NOT_ASSOCIATED_INPUT_DOCUMENT'); + } + } + + if ($msg != '') { + if ($runningWorkflow) { + \G::SendMessageText($msg, 'ERROR'); + $backUrlObj = explode('sys' . SYS_SYS, $_SERVER['HTTP_REFERER']); + + \G::header('location: ' . '/sys' . SYS_SYS . $backUrlObj[1]); + exit(0); + } else { + throw new \Exception($msg); + } + } + } + } + //Load the fields $arrayField = $case->loadCase($applicationUid); $arrayField["APP_DATA"] = array_merge($arrayField["APP_DATA"], \G::getSystemConstants()); diff --git a/workflow/engine/src/ProcessMaker/BusinessModel/ProcessSupervisor.php b/workflow/engine/src/ProcessMaker/BusinessModel/ProcessSupervisor.php index e0b809835..32fd462f5 100644 --- a/workflow/engine/src/ProcessMaker/BusinessModel/ProcessSupervisor.php +++ b/workflow/engine/src/ProcessMaker/BusinessModel/ProcessSupervisor.php @@ -1523,5 +1523,57 @@ class ProcessSupervisor $oCriteria->setStepPosition($pos); $oCriteria->save(); } -} + /** + * Validate if the user is supervisor of the process + * + * @param string $projectUid Unique id of process + * @param string $userUid Unique id of User + * + * @return bool Return + */ + public function isUserProcessSupervisor($projectUid, $userUid) + { + try { + $criteria = new \Criteria('workflow'); + + $criteria->add(\ProcessUserPeer::USR_UID, $userUid, \Criteria::EQUAL); + $criteria->add(\ProcessUserPeer::PRO_UID, $projectUid, \Criteria::EQUAL); + $criteria->add(\ProcessUserPeer::PU_TYPE, 'SUPERVISOR', \Criteria::EQUAL); + + $rsCriteria = \ProcessUserPeer::doSelectRS($criteria); + $rsCriteria->setFetchmode(\ResultSet::FETCHMODE_ASSOC); + + if ($rsCriteria->next()) { + return true; + } + + $criteria = new \Criteria('workflow'); + + $criteria->addSelectColumn(\ProcessUserPeer::USR_UID); + + $criteria->add(\ProcessUserPeer::PRO_UID, $projectUid, \Criteria::EQUAL); + $criteria->add(\ProcessUserPeer::PU_TYPE, 'GROUP_SUPERVISOR', \Criteria::EQUAL); + + $rsCriteria = \ProcessUserPeer::doSelectRS($criteria); + $rsCriteria->setFetchmode(\ResultSet::FETCHMODE_ASSOC); + + while ($rsCriteria->next()) { + $record = $rsCriteria->getRow(); + + $groupUid = $record['USR_UID']; + + $obj = \GroupUserPeer::retrieveByPK($groupUid, $userUid); + + if (!is_null($obj)) { + return true; + } + } + + //Return + return false; + } catch (\Exception $e) { + throw $e; + } + } +} diff --git a/workflow/engine/src/ProcessMaker/Services/Api/Cases/InputDocument.php b/workflow/engine/src/ProcessMaker/Services/Api/Cases/InputDocument.php index 5e7ed5026..298adcb5a 100644 --- a/workflow/engine/src/ProcessMaker/Services/Api/Cases/InputDocument.php +++ b/workflow/engine/src/ProcessMaker/Services/Api/Cases/InputDocument.php @@ -85,8 +85,9 @@ class InputDocument extends Api { try { $userUid = $this->getUserId(); + $inputDocument = new \ProcessMaker\BusinessModel\Cases\InputDocument(); - $response = $inputDocument->addCasesInputDocument($app_uid, $tas_uid, $app_doc_comment, $inp_doc_uid, $userUid); + $response = $inputDocument->addCasesInputDocument($app_uid, $tas_uid, $app_doc_comment, $inp_doc_uid, $userUid, false); return $response; } catch (\Exception $e) { throw (new RestException(Api::STAT_APP_EXCEPTION, $e->getMessage()));