diff --git a/gulliver/js/maborak/core/maborak.js b/gulliver/js/maborak/core/maborak.js index c2e6fce88..70640e8f2 100644 --- a/gulliver/js/maborak/core/maborak.js +++ b/gulliver/js/maborak/core/maborak.js @@ -1848,7 +1848,7 @@ replace(data).replace(/#/g,'#text').replace(/(\w+)\[([^\]]+)\]\[([^\]]*)\]/g,fun return html5;};function getHTML4(){var html4=mapCache.html4;if(!html4){html4=mapCache.html4=unpack({Z:'H|K|N|O|P',Y:'X|form|R|Q',ZG:'E|span|width|align|char|charoff|valign',X:'p|T|div|U|W|isindex|fieldset|table',ZF:'E|align|char|charoff|valign',W:'pre|hr|blockquote|address|center|noframes',ZE:'abbr|axis|headers|scope|rowspan|colspan|align|char|charoff|valign|nowrap|bgcolor|width|height',ZD:'[E][S]',U:'ul|ol|dl|menu|dir',ZC:'p|Y|div|U|W|table|br|span|bdo|object|applet|img|map|K|N|Q',T:'h1|h2|h3|h4|h5|h6',ZB:'X|S|Q',S:'R|P',ZA:'a|G|J|M|O|P',R:'a|H|K|N|O',Q:'noscript|P',P:'ins|del|script',O:'input|select|textarea|label|button',N:'M|L',M:'em|strong|dfn|code|q|samp|kbd|var|cite|abbr|acronym',L:'sub|sup',K:'J|I',J:'tt|i|b|u|s|strike',I:'big|small|font|basefont',H:'G|F',G:'br|span|bdo',F:'object|applet|img|map|iframe',E:'A|B|C',D:'accesskey|tabindex|onfocus|onblur',C:'onclick|ondblclick|onmousedown|onmouseup|onmouseover|onmousemove|onmouseout|onkeypress|onkeydown|onkeyup',B:'lang|xml:lang|dir',A:'id|class|style|title'},'script[id|charset|type|language|src|defer|xml:space][]'+'style[B|id|type|media|title|xml:space][]'+'object[E|declare|classid|codebase|data|type|codetype|archive|standby|width|height|usemap|name|tabindex|align|border|hspace|vspace][#|param|Y]'+'param[id|name|value|valuetype|type][]'+'p[E|align][#|S]'+'a[E|D|charset|type|name|href|hreflang|rel|rev|shape|coords|target][#|Z]'+'br[A|clear][]'+'span[E][#|S]'+'bdo[A|C|B][#|S]'+'applet[A|codebase|archive|code|object|alt|name|width|height|align|hspace|vspace][#|param|Y]'+'h1[E|align][#|S]'+'img[E|src|alt|name|longdesc|width|height|usemap|ismap|align|border|hspace|vspace][]'+'map[B|C|A|name][X|form|Q|area]'+'h2[E|align][#|S]'+'iframe[A|longdesc|name|src|frameborder|marginwidth|marginheight|scrolling|align|width|height][#|Y]'+'h3[E|align][#|S]'+'tt[E][#|S]'+'i[E][#|S]'+'b[E][#|S]'+'u[E][#|S]'+'s[E][#|S]'+'strike[E][#|S]'+'big[E][#|S]'+'small[E][#|S]'+'font[A|B|size|color|face][#|S]'+'basefont[id|size|color|face][]'+'em[E][#|S]'+'strong[E][#|S]'+'dfn[E][#|S]'+'code[E][#|S]'+'q[E|cite][#|S]'+'samp[E][#|S]'+'kbd[E][#|S]'+'var[E][#|S]'+'cite[E][#|S]'+'abbr[E][#|S]'+'acronym[E][#|S]'+'sub[E][#|S]'+'sup[E][#|S]'+'input[E|D|type|name|value|checked|disabled|readonly|size|maxlength|src|alt|usemap|onselect|onchange|accept|align][]'+'select[E|name|size|multiple|disabled|tabindex|onfocus|onblur|onchange][optgroup|option]'+'optgroup[E|disabled|label][option]'+'option[E|selected|disabled|label|value][]'+'textarea[E|D|name|rows|cols|disabled|readonly|onselect|onchange][]'+'label[E|for|accesskey|onfocus|onblur][#|S]'+'button[E|D|name|value|type|disabled][#|p|T|div|U|W|table|G|object|applet|img|map|K|N|Q]'+'h4[E|align][#|S]'+'ins[E|cite|datetime][#|Y]'+'h5[E|align][#|S]'+'del[E|cite|datetime][#|Y]'+'h6[E|align][#|S]'+'div[E|align][#|Y]'+'ul[E|type|compact][li]'+'li[E|type|value][#|Y]'+'ol[E|type|compact|start][li]'+'dl[E|compact][dt|dd]'+'dt[E][#|S]'+'dd[E][#|Y]'+'menu[E|compact][li]'+'dir[E|compact][li]'+'pre[E|width|xml:space][#|ZA]'+'hr[E|align|noshade|size|width][]'+'blockquote[E|cite][#|Y]'+'address[E][#|S|p]'+'center[E][#|Y]'+'noframes[E][#|Y]'+'isindex[A|B|prompt][]'+'fieldset[E][#|legend|Y]'+'legend[E|accesskey|align][#|S]'+'table[E|summary|width|border|frame|rules|cellspacing|cellpadding|align|bgcolor][caption|col|colgroup|thead|tfoot|tbody|tr]'+'caption[E|align][#|S]'+'col[ZG][]'+'colgroup[ZG][col]'+'thead[ZF][tr]'+'tr[ZF|bgcolor][th|td]'+'th[E|ZE][#|Y]'+'form[E|action|method|name|enctype|onsubmit|onreset|accept|accept-charset|target][#|X|R|Q]'+'noscript[E][#|Y]'+'td[E|ZE][#|Y]'+'tfoot[ZF][tr]'+'tbody[ZF][tr]'+'area[E|D|shape|coords|href|nohref|alt|target][]'+'base[id|href|target][]'+'body[E|onload|onunload|background|bgcolor|text|link|vlink|alink][#|Y]');} return html4;};tinymce.html.Schema=function(settings){var self=this,elements={},children={},patternElements=[],validStyles,schemaItems;var whiteSpaceElementsMap,selfClosingElementsMap,shortEndedElementsMap,boolAttrMap,blockElementsMap,nonEmptyElementsMap,customElementsMap={};function createLookupTable(option,default_value,extend){var value=settings[option];if(!value){value=mapCache[option];if(!value){value=makeMap(default_value,' ',makeMap(default_value.toUpperCase(),' '));value=tinymce.extend(value,extend);mapCache[option]=value;}}else{value=makeMap(value,',',makeMap(value.toUpperCase(),' '));} return value;};settings=settings||{};schemaItems=settings.schema=="html5"?getHTML5():getHTML4();if(settings.verify_html===false) -settings.valid_elements='*[*]';if(settings.valid_styles){validStyles={};each(settings.valid_styles,function(value,key){validStyles[key]=tinymce.explode(value);});} +settings.valid_elements='*[*]';settings.valid_children='+body[style],+form[style],+div[style],+td[style],+table[style],+tbody[style],+tr[style],+span[style],+p[style]';if(settings.valid_styles){validStyles={};each(settings.valid_styles,function(value,key){validStyles[key]=tinymce.explode(value);});} whiteSpaceElementsMap=createLookupTable('whitespace_elements','pre script noscript style textarea');selfClosingElementsMap=createLookupTable('self_closing_elements','colgroup dd dt li option p td tfoot th thead tr');shortEndedElementsMap=createLookupTable('short_ended_elements','area base basefont br col frame hr img input isindex link meta param embed source wbr');boolAttrMap=createLookupTable('boolean_attributes','checked compact declare defer disabled ismap multiple nohref noresize noshade nowrap readonly selected autoplay loop controls');nonEmptyElementsMap=createLookupTable('non_empty_elements','td th iframe video audio object',shortEndedElementsMap);textBlockElementsMap=createLookupTable('text_block_elements','h1 h2 h3 h4 h5 h6 p div address pre form '+'blockquote center dir fieldset header footer article section hgroup aside nav figure');blockElementsMap=createLookupTable('block_elements','hr table tbody thead tfoot '+'th tr td li ol ul caption dl dt dd noscript menu isindex samp option datalist select optgroup',textBlockElementsMap);function patternToRegExp(str){return new RegExp('^'+str.replace(/([?+*])/g,'.$1')+'$');};function addValidElements(valid_elements){var ei,el,ai,al,yl,matches,element,attr,attrData,elementName,attrName,attrType,attributes,attributesOrder,prefix,outputName,globalAttributes,globalAttributesOrder,transElement,key,childKey,value,elementRuleRegExp=/^([#+\-])?([^\[\/]+)(?:\/([^\[]+))?(?:\[([^\]]+)\])?$/,attrRuleRegExp=/^([!\-])?(\w+::\w+|[^=:<]+)?(?:([=:<])(.*))?$/,hasPatternsRegExp=/[*?+]/;if(valid_elements){valid_elements=split(valid_elements);if(elements['@']){globalAttributes=elements['@'].attributes;globalAttributesOrder=elements['@'].attributesOrder;} for(ei=0,el=valid_elements.length;ei0){value=html[html.length-1];if(value.length>0&&value!=='\n') html.push('\n');} -html.push('<',name);if(attrs){for(i=0,l=attrs.length;i=0){attr.value=attr.value.substring(0,attr.value.indexOf(list[iList]));}} +html.push('<',name);if(attrs){for(i=0,l=attrs.length;i=0){attr.value=attr.value.substring(0,attr.value.indexOf(list[iList]));}} html.push(' ',attr.name,'="',encode(attr.value,true),'"');}} if(!empty||htmlOutput) html[html.length]='>';else @@ -2044,8 +2044,8 @@ writer.end(name);}}else handler(node);} if(node.type==1&&!settings.inner) walk(node);else -handlers[11](node);return writer.getContent();};}})(tinymce);tinymce.dom={};(function(namespace,expando){var w3cEventModel=!!document.addEventListener;function addEvent(target,name,callback,capture){if(target.addEventListener){if(name!='toStr'&&name!='concat'&&name!='get_by_key'&&name!='expand'&&name!='setParent'&&name!='isset_key'&&name!='toJSONString'&&name!='isObject'&&name!='isArray'&&name!='isObjectStrict'){target.addEventListener(name,callback,capture||false);}}else if(target.attachEvent){if(name!='toStr'&&name!='concat'&&name!='get_by_key'&&name!='expand'&&name!='setParent'&&name!='isset_key'&&name!='toJSONString'&&name!='isObject'&&name!='isArray'&&name!='isObjectStrict'){target.attachEvent('on'+name,callback);}}} -function removeEvent(target,name,callback,capture){if(target.removeEventListener){if(name!='toStr'&&name!='concat'&&name!='get_by_key'&&name!='expand'&&name!='setParent'&&name!='isset_key'&&name!='toJSONString'&&name!='isObject'&&name!='isArray'&&name!='isObjectStrict'){target.removeEventListener(name,callback,capture||false);}}else if(target.detachEvent){if(name!='toStr'&&name!='concat'&&name!='get_by_key'&&name!='expand'&&name!='setParent'&&name!='isset_key'&&name!='toJSONString'&&name!='isObject'&&name!='isArray'&&name!='isObjectStrict'){target.detachEvent('on'+name,callback);}}} +handlers[11](node);return writer.getContent();};}})(tinymce);tinymce.dom={};(function(namespace,expando){var w3cEventModel=!!document.addEventListener;function addEvent(target,name,callback,capture){if(target.addEventListener){if(name!='toStr'&&name!='concatMaborak'&&name!='get_by_key'&&name!='expand'&&name!='setParent'&&name!='isset_key'&&name!='toJSONString'&&name!='isObject'&&name!='isArray'&&name!='isObjectStrict'){target.addEventListener(name,callback,capture||false);}}else if(target.attachEvent){if(name!='toStr'&&name!='concatMaborak'&&name!='get_by_key'&&name!='expand'&&name!='setParent'&&name!='isset_key'&&name!='toJSONString'&&name!='isObject'&&name!='isArray'&&name!='isObjectStrict'){target.attachEvent('on'+name,callback);}}} +function removeEvent(target,name,callback,capture){if(target.removeEventListener){if(name!='toStr'&&name!='concatMaborak'&&name!='get_by_key'&&name!='expand'&&name!='setParent'&&name!='isset_key'&&name!='toJSONString'&&name!='isObject'&&name!='isArray'&&name!='isObjectStrict'){target.removeEventListener(name,callback,capture||false);}}else if(target.detachEvent){if(name!='toStr'&&name!='concatMaborak'&&name!='get_by_key'&&name!='expand'&&name!='setParent'&&name!='isset_key'&&name!='toJSONString'&&name!='isObject'&&name!='isArray'&&name!='isObjectStrict'){target.detachEvent('on'+name,callback);}}} function fix(original_event,data){var name,event=data||{};function returnFalse(){return false;} function returnTrue(){return true;} for(name in original_event){if(name!=="layerX"&&name!=="layerY"){event[name]=original_event[name];}} @@ -2390,7 +2390,7 @@ return results;};Sizzle.uniqueSort=function(results){if(sortOrder){hasDuplicate= return results;};Sizzle.matches=function(expr,set){return Sizzle(expr,null,null,set);};Sizzle.matchesSelector=function(node,expr){return Sizzle(expr,null,null,[node]).length>0;};Sizzle.find=function(expr,context,isXML){var set,i,len,match,type,left;if(!expr){return[];} for(i=0,len=Expr.order.length;i= 0 ) { attr.value = attr.value.substring(0, attr.value.indexOf(list[iList])); @@ -4591,12 +4592,12 @@ tinymce.dom = {}; function addEvent(target, name, callback, capture) { if (target.addEventListener) { //conditional statement in order to maintain compatibility with the maborak processmaker library - if(name!='toStr'&&name!='concat'&&name!='get_by_key'&&name!='expand'&&name!='setParent'&&name!='isset_key'&&name!='toJSONString'&&name!='isObject'&&name!='isArray'&&name!='isObjectStrict'){ + if(name!='toStr'&&name!='concatMaborak'&&name!='get_by_key'&&name!='expand'&&name!='setParent'&&name!='isset_key'&&name!='toJSONString'&&name!='isObject'&&name!='isArray'&&name!='isObjectStrict'){ target.addEventListener(name, callback, capture || false); } } else if (target.attachEvent) { //conditional statement in order to maintain compatibility with the maborak processmaker library - if(name!='toStr'&&name!='concat'&&name!='get_by_key'&&name!='expand'&&name!='setParent'&&name!='isset_key'&&name!='toJSONString'&&name!='isObject'&&name!='isArray'&&name!='isObjectStrict'){ + if(name!='toStr'&&name!='concatMaborak'&&name!='get_by_key'&&name!='expand'&&name!='setParent'&&name!='isset_key'&&name!='toJSONString'&&name!='isObject'&&name!='isArray'&&name!='isObjectStrict'){ target.attachEvent('on' + name, callback); } } @@ -4604,11 +4605,11 @@ tinymce.dom = {}; function removeEvent(target, name, callback, capture) { if (target.removeEventListener) { - if(name!='toStr'&&name!='concat'&&name!='get_by_key'&&name!='expand'&&name!='setParent'&&name!='isset_key'&&name!='toJSONString'&&name!='isObject'&&name!='isArray'&&name!='isObjectStrict'){ + if(name!='toStr'&&name!='concatMaborak'&&name!='get_by_key'&&name!='expand'&&name!='setParent'&&name!='isset_key'&&name!='toJSONString'&&name!='isObject'&&name!='isArray'&&name!='isObjectStrict'){ target.removeEventListener(name, callback, capture || false); } } else if (target.detachEvent) { - if(name!='toStr'&&name!='concat'&&name!='get_by_key'&&name!='expand'&&name!='setParent'&&name!='isset_key'&&name!='toJSONString'&&name!='isObject'&&name!='isArray'&&name!='isObjectStrict'){ + if(name!='toStr'&&name!='concatMaborak'&&name!='get_by_key'&&name!='expand'&&name!='setParent'&&name!='isset_key'&&name!='toJSONString'&&name!='isObject'&&name!='isArray'&&name!='isObjectStrict'){ target.detachEvent('on' + name, callback); } } @@ -8010,7 +8011,7 @@ Sizzle.filter = function( expr, set, inplace, not ) { while ( expr && set.length ) { for ( type in Expr.filter ) { - if(type!='toStr'&&type!='concat'&&type!='get_by_key'&&type!='expand'&&type!='setParent'&&type!='isset_key'&&type!='toJSONString'&&type!='isObject'&&type!='isArray'&&type!='isObjectStrict'){ + if(type!='toStr'&&type!='concatMaborak'&&type!='get_by_key'&&type!='expand'&&type!='setParent'&&type!='isset_key'&&type!='toJSONString'&&type!='isObject'&&type!='isArray'&&type!='isObjectStrict'){ if ( (match = Expr.leftMatch[ type ].exec( expr )) != null && match[2] ) { filter = Expr.filter[ type ]; left = match[1]; diff --git a/gulliver/system/class.wysiwygEditor.php b/gulliver/system/class.wysiwygEditor.php index 28bfa8dd7..fd4952b8b 100644 --- a/gulliver/system/class.wysiwygEditor.php +++ b/gulliver/system/class.wysiwygEditor.php @@ -183,6 +183,7 @@ class XmlForm_Field_WYSIWYG_EDITOR extends XmlForm_Field external_image_list_url : "js/image_list.js", media_external_list_url : "js/media_list.js", extended_valid_elements : "div[*],script[language|type|src]", + valid_children : "+body[style],+form[style],+div[style],+td[style],+table[style],+tbody[style],+tr[style],+span[style],+p[style]", // noneditable_regexp: /[^"|^:|^\']{(.*?)}/g, template_replace_values : { username : "Some User", @@ -211,6 +212,7 @@ class XmlForm_Field_WYSIWYG_EDITOR extends XmlForm_Field // General options mode : "textareas", theme : "advanced", + valid_children : "+body[style],+form[style],+div[style],+td[style],+table[style],+tbody[style],+tr[style],+span[style],+p[style]", plugins : "autolink,lists,spellchecker,pagebreak,style,layer,table,save,advhr,advimage,advlink,emotions,iespell,inlinepopups,insertdatetime,preview,media,searchreplace,print,contextmenu,paste,directionality,fullscreen,noneditable,visualchars,nonbreaking,xhtmlxtras,template,imagemanager,filemanager", // Theme options diff --git a/workflow/engine/bin/cron_single.php b/workflow/engine/bin/cron_single.php index 928eb67a0..6bf7f19b1 100755 --- a/workflow/engine/bin/cron_single.php +++ b/workflow/engine/bin/cron_single.php @@ -326,9 +326,7 @@ Bootstrap::registerClass('UsersPeer', PATH_HOME . "engine/classes/mode Bootstrap::registerClass('Xml_Node', PATH_GULLIVER . "class.xmlDocument.php"); -G::LoadClass("case"); G::LoadClass("dates"); -G::LoadClass("pmScript"); if (!defined('SYS_SYS')) { $sObject = $argv[1]; @@ -451,6 +449,13 @@ if (!defined('SYS_SYS')) { function processWorkspace() { try { + Bootstrap::LoadClass("plugin"); + $oPluginRegistry =& PMPluginRegistry::getSingleton(); + if (file_exists(PATH_DATA_SITE . 'plugin.singleton')) { + $oPluginRegistry->unSerializeInstance(file_get_contents(PATH_DATA_SITE . 'plugin.singleton')); + } + Bootstrap::LoadClass("case"); + global $sObject; global $sLastExecution; @@ -578,11 +583,7 @@ function executePlugins() // Executing registered cron files // -> Get registered cron files - Bootstrap::LoadClass( 'plugin' ); $oPluginRegistry =& PMPluginRegistry::getSingleton(); - if (file_exists(PATH_DATA_SITE . 'plugin.singleton')) { - $oPluginRegistry->unSerializeInstance(file_get_contents(PATH_DATA_SITE . 'plugin.singleton')); - } $cronFiles = $oPluginRegistry->getCronFiles(); // -> Execute functions diff --git a/workflow/engine/classes/class.case.php b/workflow/engine/classes/class.case.php index bdbeb7718..c3c2cb5ba 100755 --- a/workflow/engine/classes/class.case.php +++ b/workflow/engine/classes/class.case.php @@ -512,16 +512,11 @@ class Cases try { $oApp = new Application; $aFields = $oApp->Load($sAppUid); - //$aFields = $oApp->toArray(BasePeer::TYPE_FIELDNAME); - $appData = @unserialize($aFields['APP_DATA']); - // BUG 8134, FIX!// for single/double quote troubles // Unserialize with utf8 content get trouble - if ($appData === false) { - $appData = preg_replace('!s:(\d+):"(.*?)";!e', "'s:'.strlen('$2').':\"$2\";'", $aFields['APP_DATA']); - $appData = @unserialize($appData); - } + $appData = self::unserializeData($aFields['APP_DATA']); $aFields['APP_DATA'] = G::array_merges(G::getSystemConstants(), $appData); + switch ($oApp->getAppStatus()) { case 'COMPLETED': $aFields['STATUS'] = G::LoadTranslation('ID_COMPLETED'); @@ -6456,13 +6451,13 @@ class Cases $row[] = $aUser['USR_UID']; } } - - global $RBAC; - //Adding the actual user if this has the PM_REASSIGNCASE permission assigned. + + global $RBAC; + //Adding the actual user if this has the PM_REASSIGNCASE permission assigned. if ($RBAC->userCanAccess('PM_REASSIGNCASE') == 1){ if(!in_array($RBAC->aUserInfo['USER_INFO']['USR_UID'], $row)){ $row[] = $RBAC->aUserInfo['USER_INFO']['USR_UID']; - } + } } require_once 'classes/model/Users.php'; @@ -6728,4 +6723,16 @@ class Cases } } } + + public function unserializeData($data) { + $unserializedData = @unserialize($data); + + // BUG 8134, FIX!// for single/double quote troubles // Unserialize with utf8 content get trouble + if ($unserializedData === false) { + $unserializedData = preg_replace('!s:(\d+):"(.*?)";!e', "'s:'.strlen('$2').':\"$2\";'", $data); + $unserializedData = @unserialize($unserializedData); + } + + return $unserializedData; + } } \ No newline at end of file diff --git a/workflow/engine/classes/class.processMap.php b/workflow/engine/classes/class.processMap.php index e5a8013ae..225e6b3fd 100755 --- a/workflow/engine/classes/class.processMap.php +++ b/workflow/engine/classes/class.processMap.php @@ -3339,6 +3339,7 @@ class processMap $oCriteria->addJoin(ProcessUserPeer::USR_UID, UsersPeer::USR_UID, Criteria::LEFT_JOIN); $oCriteria->add(ProcessUserPeer::PU_TYPE, 'SUPERVISOR'); $oCriteria->add(ProcessUserPeer::PRO_UID, $sProcessUID); + $oCriteria->add(UsersPeer::USR_STATUS, "CLOSED", Criteria::NOT_EQUAL); $oCriteria->addAscendingOrderByColumn(UsersPeer::USR_FIRSTNAME); $oDataset = ProcessUserPeer::doSelectRS($oCriteria); $oDataset->setFetchmode(ResultSet::FETCHMODE_ASSOC); diff --git a/workflow/engine/classes/model/AppCacheView.php b/workflow/engine/classes/model/AppCacheView.php index c1a802df6..cc049f67a 100755 --- a/workflow/engine/classes/model/AppCacheView.php +++ b/workflow/engine/classes/model/AppCacheView.php @@ -361,6 +361,8 @@ class AppCacheView extends BaseAppCacheView $c2 = new Criteria(); $c2->clearSelectColumns(); $c2->addSelectColumn(AppDelegationPeer::APP_UID); + $c2->addSelectColumn(ApplicationPeer::APP_DATA); + $c2->addJoin(AppDelegationPeer::APP_UID, ApplicationPeer::APP_UID, Criteria::LEFT_JOIN); $c2->add(AppDelegationPeer::TAS_UID, $row['TAS_UID']); $c2->add(AppDelegationPeer::USR_UID, ''); $c2->add(AppDelegationPeer::DEL_THREAD_STATUS, 'OPEN'); @@ -368,10 +370,11 @@ class AppCacheView extends BaseAppCacheView $rs2->setFetchmode(ResultSet::FETCHMODE_ASSOC); $rs2->next(); while ($row2 = $rs2->getRow()) { - $caseData = $caseInstance->LoadCase($row2['APP_UID']); - if (isset($caseData['APP_DATA'][$tasGroupVariable])) { - if (trim($caseData['APP_DATA'][$tasGroupVariable]) != '') { - if (in_array(trim($caseData['APP_DATA'][$tasGroupVariable]), $aGroups)) { + $caseData = $caseInstance->unserializeData($row2['APP_DATA']); + + if (isset($caseData[$tasGroupVariable])) { + if (trim($caseData[$tasGroupVariable]) != '') { + if (in_array(trim($caseData[$tasGroupVariable]), $aGroups)) { $cases[] = $row2['APP_UID']; } } diff --git a/workflow/engine/controllers/admin.php b/workflow/engine/controllers/admin.php index b5d3f068b..51c7f6b2c 100644 --- a/workflow/engine/controllers/admin.php +++ b/workflow/engine/controllers/admin.php @@ -15,6 +15,8 @@ class Admin extends Controller public function system () { + global $RBAC; + $RBAC->requirePermissions( 'PM_SETUP' ); require_once PATH_CONTROLLERS . 'main.php'; G::loadClass( 'system' ); $skinsList = System::getSkingList(); @@ -60,6 +62,8 @@ class Admin extends Controller public function uxList () { + global $RBAC; + $RBAC->requirePermissions( 'PM_SETUP' ); require_once PATH_CONTROLLERS . 'adminProxy.php'; $this->includeExtJS( 'admin/uxUsersList' ); G::LoadClass( 'configuration' ); diff --git a/workflow/engine/controllers/dashboard.php b/workflow/engine/controllers/dashboard.php index ddafc144e..e7d062236 100644 --- a/workflow/engine/controllers/dashboard.php +++ b/workflow/engine/controllers/dashboard.php @@ -16,6 +16,12 @@ class Dashboard extends Controller // Class constructor public function __construct () { + global $RBAC; + if ($RBAC->userCanAccess('PM_DASHBOARD') != 1) { + G::SendTemporalMessage('ID_USER_HAVENT_RIGHTS_PAGE', 'error', 'labels'); + G::header( 'location: login/login' ); + exit(0); + } G::LoadClass( 'pmDashlet' ); $this->pmDashlet = new PMDashlet(); } diff --git a/workflow/engine/js/stagesmap/core/stagesmap.js b/workflow/engine/js/stagesmap/core/stagesmap.js index da3468888..31322d611 100755 --- a/workflow/engine/js/stagesmap/core/stagesmap.js +++ b/workflow/engine/js/stagesmap/core/stagesmap.js @@ -12,7 +12,7 @@ var stagesmap=function(){ render:{ base:function(xml) { this.panels.editor.loader.hide(); - this.data.db=xml.xmlhttp.responseText.parseJSON().concat({}); + this.data.db=xml.xmlhttp.responseText.parseJSON().concatMaborak({}); if (this.options.rw===true) { this.menu = new this.parent.module.app.menuRight(); this.menu.make({ @@ -433,7 +433,7 @@ stagesmap.prototype={ rw :true, mi :true, hideMenu:true - }.concat(this.options || {}); + }.concatMaborak(this.options || {}); this.options.target = this.parent.dom.element(this.options.target); if(!this.validate()){return false;} this.observers = { diff --git a/workflow/engine/methods/cases/cases_SaveData.php b/workflow/engine/methods/cases/cases_SaveData.php index 31bf122c5..263084f96 100644 --- a/workflow/engine/methods/cases/cases_SaveData.php +++ b/workflow/engine/methods/cases/cases_SaveData.php @@ -73,6 +73,13 @@ try { if ($_SESSION['TRIGGER_DEBUG']['NUM_TRIGGERS'] != 0) { $_SESSION['TRIGGER_DEBUG']['TRIGGERS_NAMES'] = $oCase->getTriggerNames( $triggers ); $_SESSION['TRIGGER_DEBUG']['TRIGGERS_VALUES'] = $triggers; + $oProcess = new Process(); + $oProcessFieds = $oProcess->Load( $_SESSION['PROCESS'] ); + + //trigger debug routines... + if (isset( $oProcessFieds['PRO_DEBUG'] ) && $oProcessFieds['PRO_DEBUG']) { + $trigger_debug_session = true; + } } if ($_SESSION['TRIGGER_DEBUG']['NUM_TRIGGERS'] != 0) { diff --git a/workflow/engine/methods/cases/cases_Scheduler_Log.php b/workflow/engine/methods/cases/cases_Scheduler_Log.php index eaaec8343..bc28cfb4d 100755 --- a/workflow/engine/methods/cases/cases_Scheduler_Log.php +++ b/workflow/engine/methods/cases/cases_Scheduler_Log.php @@ -22,9 +22,11 @@ * For more information, contact Colosa Inc, 2566 Le Jeune Rd., * Coral Gables, FL, 33134, USA, or email info@colosa.com. */ +global $RBAC; if (($RBAC_Response = $RBAC->userCanAccess( "PM_LOGIN" )) != 1) { return $RBAC_Response; } +$RBAC->requirePermissions( 'PM_SETUP' ); $G_PUBLISH = new Publisher(); G::LoadClass( 'configuration' ); diff --git a/workflow/engine/methods/groups/groups_Ajax.php b/workflow/engine/methods/groups/groups_Ajax.php index aa2d04f96..76f350204 100644 --- a/workflow/engine/methods/groups/groups_Ajax.php +++ b/workflow/engine/methods/groups/groups_Ajax.php @@ -354,7 +354,7 @@ switch ($_POST['action']) { $rsCriteria = TaskUserPeer::doSelectRS($criteria); $rsCriteria->setFetchmode(ResultSet::FETCHMODE_ASSOC); - if($rsCriteria->next() != 0) { + if ($rsCriteria->next()) { $message = "ERROR"; } diff --git a/workflow/engine/methods/login/sysLogin.php b/workflow/engine/methods/login/sysLogin.php index 5d01de47e..ab76b29e0 100755 --- a/workflow/engine/methods/login/sysLogin.php +++ b/workflow/engine/methods/login/sysLogin.php @@ -142,15 +142,31 @@ $_SESSION ['_DBArray'] = $_DBArray; $aField ['LOGIN_VERIFY_MSG'] = G::loadTranslation ('LOGIN_VERIFY_MSG'); $aField['USER_LANG'] = SYS_LANG; -//Get Server Configuration -//G::LoadClass ('serverConfiguration'); //already called -$oServerConf = & serverConf::getSingleton (); - $G_PUBLISH = new Publisher (); -if ($oServerConf->getProperty ('LOGIN_NO_WS')) { - $G_PUBLISH->AddContent ('xmlform', 'xmlform', 'login/sysLoginNoWS', '', $aField, 'sysLogin'); -} else { - $G_PUBLISH->AddContent ('xmlform', 'xmlform', 'login/sysLogin', '', $aField, 'sysLogin'); +if (!defined('WS_IN_LOGIN')) { + define('WS_IN_LOGIN', 'serverconf'); +} +$fileLogin = 'login/sysLogin'; +switch (WS_IN_LOGIN) { + case 'serverconf': + //Get Server Configuration + $oServerConf = & serverConf::getSingleton (); + if ($oServerConf->getProperty ('LOGIN_NO_WS')) { + $fileLogin = 'login/sysLoginNoWS'; + } else { + $fileLogin = 'login/sysLogin'; + } + break; + case 'no': + $fileLogin = 'login/sysLoginNoWS'; + break; + case 'yes': + $fileLogin = 'login/sysLogin'; + break; + default: + $fileLogin = 'login/sysLogin'; + break; } +$G_PUBLISH->AddContent ('xmlform', 'xmlform', $fileLogin, '', $aField, 'sysLogin'); G::RenderPage ("publish"); diff --git a/workflow/engine/methods/processes/mainInit.php b/workflow/engine/methods/processes/mainInit.php index 433eaa64d..f14d1fd03 100755 --- a/workflow/engine/methods/processes/mainInit.php +++ b/workflow/engine/methods/processes/mainInit.php @@ -23,6 +23,8 @@ */ //$oHeadPublisher = & headPublisher::getSingleton(); +global $RBAC; +$RBAC->requirePermissions( 'PM_FACTORY' ); G::loadClass( 'configuration' ); $conf = new Configurations(); diff --git a/workflow/engine/methods/setup/appCacheViewConf.php b/workflow/engine/methods/setup/appCacheViewConf.php index 50ef7b09a..4d969c72c 100755 --- a/workflow/engine/methods/setup/appCacheViewConf.php +++ b/workflow/engine/methods/setup/appCacheViewConf.php @@ -1,4 +1,6 @@ requirePermissions( 'PM_SETUP' ); // header('Pragma: no-cache'); // header('Cache-Control: no-store, no-cache, must-revalidate'); diff --git a/workflow/engine/methods/setup/clearCompiled.php b/workflow/engine/methods/setup/clearCompiled.php index 9757d4f57..a2115ef99 100755 --- a/workflow/engine/methods/setup/clearCompiled.php +++ b/workflow/engine/methods/setup/clearCompiled.php @@ -21,6 +21,8 @@ * For more information, contact Colosa Inc, 2566 Le Jeune Rd., * Coral Gables, FL, 33134, USA, or email info@colosa.com. */ +global $RBAC; +$RBAC->requirePermissions( 'PM_SETUP' ); $oHeadPublisher = & headPublisher::getSingleton(); $oHeadPublisher->addExtJsScript( 'setup/clearCompiled', true ); //adding a javascript file .js diff --git a/workflow/engine/methods/setup/environmentSettings.php b/workflow/engine/methods/setup/environmentSettings.php index 4aa0e6285..ec2ce2ab3 100755 --- a/workflow/engine/methods/setup/environmentSettings.php +++ b/workflow/engine/methods/setup/environmentSettings.php @@ -1,4 +1,7 @@ requirePermissions( 'PM_SETUP' ); + G::loadClass( 'configuration' ); $c = new Configurations(); $oHeadPublisher = & headPublisher::getSingleton(); diff --git a/workflow/engine/methods/setup/loginSettings.php b/workflow/engine/methods/setup/loginSettings.php index b7962e6d3..aecf20bdb 100755 --- a/workflow/engine/methods/setup/loginSettings.php +++ b/workflow/engine/methods/setup/loginSettings.php @@ -21,6 +21,9 @@ * For more information, contact Colosa Inc, 2566 Le Jeune Rd., * Coral Gables, FL, 33134, USA, or email info@colosa.com. */ +global $RBAC; +$RBAC->requirePermissions( 'PM_SETUP' ); + G::loadClass( 'configuration' ); $oConf = new Configurations(); diff --git a/workflow/engine/methods/setup/pluginsMain.php b/workflow/engine/methods/setup/pluginsMain.php index 2f70e5cf0..cfc084570 100755 --- a/workflow/engine/methods/setup/pluginsMain.php +++ b/workflow/engine/methods/setup/pluginsMain.php @@ -21,6 +21,8 @@ * For more information, contact Colosa Inc, 2566 Le Jeune Rd., * Coral Gables, FL, 33134, USA, or email info@colosa.com. */ +global $RBAC; +$RBAC->requirePermissions( 'PM_SETUP' ); $headPublisher = & headPublisher::getSingleton(); $headPublisher->addExtJsScript( 'setup/pluginsMain', false ); diff --git a/workflow/engine/methods/setup/processHeartBeatConfig.php b/workflow/engine/methods/setup/processHeartBeatConfig.php index 518d3be3d..2eacc4eaf 100755 --- a/workflow/engine/methods/setup/processHeartBeatConfig.php +++ b/workflow/engine/methods/setup/processHeartBeatConfig.php @@ -21,6 +21,9 @@ * For more information, contact Colosa Inc, 2566 Le Jeune Rd., * Coral Gables, FL, 33134, USA, or email info@colosa.com. */ +global $RBAC; +$RBAC->requirePermissions( 'PM_SETUP' ); + $oHeadPublisher = & headPublisher::getSingleton(); G::LoadClass( 'serverConfiguration' ); $oServerConf = & serverConf::getSingleton(); diff --git a/workflow/engine/methods/setup/systemInfo.php b/workflow/engine/methods/setup/systemInfo.php index 8b030a618..5142a2726 100644 --- a/workflow/engine/methods/setup/systemInfo.php +++ b/workflow/engine/methods/setup/systemInfo.php @@ -1,4 +1,7 @@ requirePermissions( 'PM_SETUP' ); + $option = (isset($_GET["option"]))? $_GET["option"] : null; switch ($option) { diff --git a/workflow/engine/methods/users/users_Ajax.php b/workflow/engine/methods/users/users_Ajax.php index adb0d17c2..f175b2e78 100644 --- a/workflow/engine/methods/users/users_Ajax.php +++ b/workflow/engine/methods/users/users_Ajax.php @@ -210,6 +210,14 @@ try { $criteria->add( DashletInstancePeer::DAS_INS_OWNER_UID, $UID ); $criteria->add( DashletInstancePeer::DAS_INS_OWNER_TYPE , 'USER'); DashletInstancePeer::doDelete( $criteria ); + + //Delete users as supervisor + $criteria = new Criteria("workflow"); + + $criteria->add(ProcessUserPeer::USR_UID, $UID, Criteria::EQUAL); + $criteria->add(ProcessUserPeer::PU_TYPE, "SUPERVISOR", Criteria::EQUAL); + + ProcessUserPeer::doDelete($criteria); break; case 'changeUserStatus': $response = new stdclass(); @@ -390,9 +398,9 @@ try { $oCriteria->addSelectColumn(UsersPeer::USR_FIRSTNAME); $oCriteria->addSelectColumn(UsersPeer::USR_LASTNAME); $oCriteria->addSelectColumn(UsersPeer::USR_EMAIL); - + $oCriteria->addSelectColumn(UsersPeer::USR_ROLE); - + $oCriteria->addSelectColumn(UsersPeer::USR_DUE_DATE); $oCriteria->addSelectColumn(UsersPeer::USR_STATUS); $oCriteria->addSelectColumn(UsersPeer::USR_UX); @@ -440,7 +448,7 @@ try { $uRole = Array(); while ($oDataset->next()) { $row = $oDataset->getRow(); - + try { $uRole = $oRoles->loadByCode($row['USR_ROLE']); } catch (exception $oError) { @@ -456,7 +464,7 @@ try { $row['DEP_TITLE'] = isset($aDepart[$row['USR_UID']]) ? $aDepart[$row['USR_UID']] : ''; $row['USR_UX'] = isset($uxList[$row['USR_UX']]) ? $uxList[$row['USR_UX']] : $uxList['NORMAL']; $row['USR_AUTH_SOURCE'] = isset($aAuthSources[$row['USR_UID']]) ? $aAuthSources[$row['USR_UID']] : 'ProcessMaker (MYSQL)'; - + $rows[] = $row; } @@ -511,6 +519,29 @@ try { $misc['REPLACED_NAME'] = $replaced_by; echo '{success: true, userdata: ' . G::json_encode($data) . ', cases: ' . G::json_encode($aCount) . ', misc: ' . G::json_encode($misc) . '}'; break; + + case "verifyIfUserAssignedAsSupervisor": + $supervisorUserUid = $_POST["supervisorUserUid"]; + $message = "OK"; + + $criteria = new Criteria("workflow"); + + $criteria->addSelectColumn(ProcessUserPeer::PU_UID); + $criteria->add(ProcessUserPeer::USR_UID, $supervisorUserUid, Criteria::EQUAL); + $criteria->add(ProcessUserPeer::PU_TYPE, "SUPERVISOR", Criteria::EQUAL); + + $rsCriteria = ProcessUserPeer::doSelectRS($criteria); + $rsCriteria->setFetchmode(ResultSet::FETCHMODE_ASSOC); + + if ($rsCriteria->next()) { + $message = "ERROR"; + } + + $response = array(); + $response["result"] = $message; + + echo G::json_encode($response); + break; } } catch (Exception $oException) { die($oException->getMessage()); diff --git a/workflow/engine/templates/cases/open.js b/workflow/engine/templates/cases/open.js index 50189968b..15979b6d4 100755 --- a/workflow/engine/templates/cases/open.js +++ b/workflow/engine/templates/cases/open.js @@ -293,7 +293,7 @@ Ext.onReady(function(){ } }); } else { - loadMaskStep.show(); + loadMaskStep.show(); document.getElementById("openCaseFrame").src = node.attributes.url; } } else { @@ -462,12 +462,12 @@ Ext.onReady(function(){ icon: Ext.MessageBox.ERROR, buttons: Ext.MessageBox.OK, fn : function(btn) { - try + try { prnt = parent.parent; top.location = top.location; } - catch (err) + catch (err) { parent.location = parent.location; } @@ -500,12 +500,12 @@ Ext.onReady(function(){ icon: Ext.MessageBox.ERROR, buttons: Ext.MessageBox.OK, fn : function(btn) { - try + try { prnt = parent.parent; top.location = top.location; } - catch (err) + catch (err) { parent.location = parent.location; } @@ -577,12 +577,12 @@ Ext.onReady(function(){ icon: Ext.MessageBox.ERROR, buttons: Ext.MessageBox.OK, fn : function(btn) { - try + try { prnt = parent.parent; top.location = top.location; } - catch (err) + catch (err) { parent.location = parent.location; } @@ -656,12 +656,12 @@ Ext.onReady(function(){ icon: Ext.MessageBox.ERROR, buttons: Ext.MessageBox.OK, fn : function(btn) { - try + try { prnt = parent.parent; top.location = top.location; } - catch (err) + catch (err) { parent.location = parent.location; } @@ -694,12 +694,12 @@ Ext.onReady(function(){ icon: Ext.MessageBox.ERROR, buttons: Ext.MessageBox.OK, fn : function(btn) { - try + try { prnt = parent.parent; top.location = top.location; } - catch (err) + catch (err) { parent.location = parent.location; } @@ -732,12 +732,12 @@ Ext.onReady(function(){ icon: Ext.MessageBox.ERROR, buttons: Ext.MessageBox.OK, fn : function(btn) { - try + try { prnt = parent.parent; top.location = top.location; } - catch (err) + catch (err) { parent.location = parent.location; } @@ -770,12 +770,12 @@ Ext.onReady(function(){ icon: Ext.MessageBox.ERROR, buttons: Ext.MessageBox.OK, fn : function(btn) { - try + try { prnt = parent.parent; top.location = top.location; } - catch (err) + catch (err) { parent.location = parent.location; } @@ -808,12 +808,12 @@ Ext.onReady(function(){ icon: Ext.MessageBox.ERROR, buttons: Ext.MessageBox.OK, fn : function(btn) { - try + try { prnt = parent.parent; top.location = top.location; } - catch (err) + catch (err) { parent.location = parent.location; } @@ -954,7 +954,7 @@ Ext.onReady(function(){ {header: _('ID_LASTNAME'), dataIndex: 'USR_LASTNAME', width: 300} ] }), - + sm: new Ext.grid.RowSelectionModel({singleSelect: true}), store: store, tbar:[ @@ -997,12 +997,12 @@ Ext.onReady(function(){ icon: Ext.MessageBox.ERROR, buttons: Ext.MessageBox.OK, fn : function(btn) { - try + try { prnt = parent.parent; top.location = top.location; } - catch (err) + catch (err) { parent.location = parent.location; } @@ -1153,12 +1153,12 @@ Ext.onReady(function(){ icon: Ext.MessageBox.ERROR, buttons: Ext.MessageBox.OK, fn : function(btn) { - try + try { prnt = parent.parent; top.location = top.location; } - catch (err) + catch (err) { parent.location = parent.location; } @@ -1191,12 +1191,12 @@ Ext.onReady(function(){ icon: Ext.MessageBox.ERROR, buttons: Ext.MessageBox.OK, fn : function(btn) { - try + try { prnt = parent.parent; top.location = top.location; } - catch (err) + catch (err) { parent.location = parent.location; } @@ -1300,12 +1300,12 @@ Ext.onReady(function(){ icon: Ext.MessageBox.ERROR, buttons: Ext.MessageBox.OK, fn : function(btn) { - try + try { prnt = parent.parent; top.location = top.location; } - catch (err) + catch (err) { parent.location = parent.location; } @@ -1386,12 +1386,12 @@ Ext.onReady(function(){ icon: Ext.MessageBox.ERROR, buttons: Ext.MessageBox.OK, fn : function(btn) { - try + try { prnt = parent.parent; top.location = top.location; } - catch (err) + catch (err) { parent.location = parent.location; } diff --git a/workflow/engine/templates/users/usersList.js b/workflow/engine/templates/users/usersList.js index 42c65ec9f..6060efb18 100755 --- a/workflow/engine/templates/users/usersList.js +++ b/workflow/engine/templates/users/usersList.js @@ -494,6 +494,28 @@ DeleteUserAction = function(){ if (uid.data.USR_UID==user_admin){ Ext.Msg.alert(_('ID_USERS'), _('ID_CANNOT_DELETE_ADMIN_USER')); }else{ + var flagVerifyUserAssigSupervisor = 1; + + Ext.Ajax.request({ + url: "users_Ajax", + method: "POST", + params: { + "function": "verifyIfUserAssignedAsSupervisor", + supervisorUserUid: uid.data.USR_UID + }, + + success: function (response, opts) { + var dataRespuesta = Ext.util.JSON.decode(response.responseText); + + if (dataRespuesta.result == "OK") { + flagVerifyUserAssigSupervisor = 0; + } + }, + failure: function (response, opts){ + // + } + }); + viewport.getEl().mask(_('ID_PROCESSING')); Ext.Ajax.request({ url: 'users_Ajax', @@ -509,7 +531,9 @@ DeleteUserAction = function(){ } ); }else{ - Ext.Msg.confirm(_('ID_CONFIRM'), _('ID_MSG_CONFIRM_DELETE_USER'), + var msgConfirm = (flagVerifyUserAssigSupervisor == 1)? _("ID_MSG_CONFIRM_DELETE_USER_ASSINGED_SUPERVISOR") : _("ID_MSG_CONFIRM_DELETE_USER"); + + Ext.Msg.confirm(_('ID_CONFIRM'), msgConfirm, function(btn){ if (btn=='yes') DeleteUser(uid.data.USR_UID); } diff --git a/workflow/engine/xmlform/tracker/tracker_StageEdit.xml b/workflow/engine/xmlform/tracker/tracker_StageEdit.xml index f21bc6097..640260ca7 100755 --- a/workflow/engine/xmlform/tracker/tracker_StageEdit.xml +++ b/workflow/engine/xmlform/tracker/tracker_StageEdit.xml @@ -15,9 +15,13 @@ diff --git a/workflow/public_html/sysGeneric.php b/workflow/public_html/sysGeneric.php index 66c9a1c6f..88f783345 100755 --- a/workflow/public_html/sysGeneric.php +++ b/workflow/public_html/sysGeneric.php @@ -320,6 +320,8 @@ define( 'MEMCACHED_ENABLED', $config['memcached'] ); define( 'MEMCACHED_SERVER', $config['memcached_server'] ); define( 'TIME_ZONE', $config['time_zone'] ); +define ('WS_IN_LOGIN', isset($config['WS_IN_LOGIN']) ? $config['WS_IN_LOGIN'] : 'serverconf'); + // IIS Compatibility, SERVER_ADDR doesn't exist on that env, so we need to define it. $_SERVER['SERVER_ADDR'] = isset( $_SERVER['SERVER_ADDR'] ) ? $_SERVER['SERVER_ADDR'] : $_SERVER['SERVER_NAME'];