From a9d019db496b15d05eeb69565927f3da674a3e79 Mon Sep 17 00:00:00 2001
From: Paula Quispe <paula.quispe@processmaker.com>
Date: Fri, 3 Aug 2018 08:12:36 -0400
Subject: [PATCH] HOR-4775

---
 gulliver/system/class.rbac.php                |  1 +
 workflow/engine/classes/WsBase.php            | 20 ++++++---
 workflow/engine/classes/WsResponse.php        | 42 +++++++++++++++++++
 workflow/engine/classes/class.pmFunctions.php |  4 ++
 4 files changed, 61 insertions(+), 6 deletions(-)

diff --git a/gulliver/system/class.rbac.php b/gulliver/system/class.rbac.php
index a00462966..6e414bb5e 100644
--- a/gulliver/system/class.rbac.php
+++ b/gulliver/system/class.rbac.php
@@ -43,6 +43,7 @@ use ProcessMaker\Exception\RBACException;
  */
 class RBAC
 {
+    const ADMIN_USER_UID = '00000000000000000000000000000001';
     const SETUPERMISSIONUID = '00000000000000000000000000000002';
     const PER_SYSTEM = '00000000000000000000000000000002';
     const PM_GUEST_CASE = 'PM_GUEST_CASE';
diff --git a/workflow/engine/classes/WsBase.php b/workflow/engine/classes/WsBase.php
index 1d4da5708..52b10c612 100644
--- a/workflow/engine/classes/WsBase.php
+++ b/workflow/engine/classes/WsBase.php
@@ -1336,13 +1336,21 @@ class WsBase
                 }
             }
 
-            $strRole = $RBAC->getRoleCodeValid($role);
-            if (empty($strRole)) {
-                $data = [];
-                $data["ROLE"] = $role;
-                $result = new WsCreateUserResponse(6, G::loadTranslation("ID_INVALID_ROLE", SYS_LANG, $data), null);
+            if (!empty($role)) {
+                if ($userUid === $RBAC::ADMIN_USER_UID) {
+                    $result = new WsResponse(15, G::LoadTranslation("ID_ADMINISTRATOR_ROLE_CANT_CHANGED"));
 
-                return $result;
+                    return $result;
+                }
+
+                $strRole = $RBAC->getRoleCodeValid($role);
+                if (empty($strRole)) {
+                    $data = [];
+                    $data["ROLE"] = $role;
+                    $result = new WsCreateUserResponse(6, G::loadTranslation("ID_INVALID_ROLE", SYS_LANG, $data), null);
+
+                    return $result;
+                }
             }
 
             if (!empty($password) && strlen($password) > 20) {
diff --git a/workflow/engine/classes/WsResponse.php b/workflow/engine/classes/WsResponse.php
index ea6cc4e92..70add2778 100644
--- a/workflow/engine/classes/WsResponse.php
+++ b/workflow/engine/classes/WsResponse.php
@@ -2,6 +2,48 @@
 
 class WsResponse
 {
+    /**
+     * Status used from $status_code
+     * 0 ID_COMMAND_EXECUTED_SUCCESSFULY
+     *
+     * 2 ID_USER_HAVENT_RIGHTS_SYSTEM
+     * 3 ID_USER_NOT_REGISTERED
+     * 4 ID_WRONG_PASS
+     * 5 ID_USER_INACTIVE
+     * 6 ID_INVALID_ROLE
+     * 7 ID_USERNAME_ALREADY_EXISTS
+     * 8 ID_USER_NOT_REGISTERED_GROUP
+     * 9 ID_GROUP_NOT_REGISTERED_SYSTEM
+     * 10 ID_ARRAY_VARIABLES_EMPTY
+     * 11 ID_INVALID_PROCESS
+     * 12 ID_NO_STARTING_TASK
+     * 13 ID_MULTIPLE_STARTING_TASKS
+     * 14 ID_TASK_INVALID_USER_NOT_ASSIGNED_TASK
+     * 15 ID_ADMINISTRATOR_ROLE_CANT_CHANGED
+     * 16 ID_CASE_DOES_NOT_EXIST
+     * 17 ID_CASE_ASSIGNED_ANOTHER_USER
+     * 18 ID_CASE_DELEGATION_ALREADY_CLOSED
+     * 19 ID_CASE_IN_STATUS APP_TYPE
+     * 20 ID_SPECIFY_DELEGATION_INDEX
+     * 21 ID_CAN_NOT_ROUTE_CASE_USING_WEBSERVICES
+     * 22 ID_TASK_DOES_NOT_HAVE_ROUTING_RULE
+     * 23 ID_VARIABLES_PARAM_ZERO
+     * 24 ID_VARIABLES_PARAM_NOT_ARRAY
+     * 25 ID_USERNAME_REQUIRED
+     * 26 ID_PASSWD_REQUIRED
+     * 27 ID_MSG_ERROR_USR_FIRSTNAME
+     * 28 ID_TEMPLATE_FILE_NOT_EXIST
+     * 29 Email does not sent
+     * 30 ID_TARGET_ORIGIN_USER_SAME
+     * 31 ID_INVALID_ORIGIN_USER
+     * 32 ID_CASE_NOT_OPEN
+     * 33 ID_INVALID_CASE_DELEGATION_INDEX
+     * 34 ID_TARGET_USER_DOES_NOT_HAVE_RIGHTS
+     * 35 ID_TARGET_USER_DESTINATION_INVALID
+     * 36 ID_CASE_COULD_NOT_REASSIGNED
+     *
+     * 100 Exception
+    */
     public $status_code = 0;
     public $message = '';
     public $timestamp = '';
diff --git a/workflow/engine/classes/class.pmFunctions.php b/workflow/engine/classes/class.pmFunctions.php
index 3dd6033bb..a2a3a4429 100644
--- a/workflow/engine/classes/class.pmFunctions.php
+++ b/workflow/engine/classes/class.pmFunctions.php
@@ -2240,6 +2240,10 @@ function PMFUpdateUser ($userUid, $userName, $firstName = null, $lastName = null
     $ws = new WsBase();
     $result = $ws->updateUser( $userUid, $userName, $firstName, $lastName, $email, $dueDate, $status, $role, $password );
 
+    //When the user is created the $result parameter is an array, in other case is a object exception
+    if (!is_object($result)) {
+        $result = (object)$result;
+    }
     if ($result->status_code == 0) {
         return 1;
     } else {