From ba5fb70db5e052dab697f48310ddbb163745008f Mon Sep 17 00:00:00 2001
From: Roly Rudy Gutierrez Pinto <gproly@gmail.com>
Date: Tue, 26 Jan 2021 23:48:35 -0400
Subject: [PATCH] PMCORE-2789 LDAP> User imported as an System Administrator
 has permissions as an Operator user

---
 .../methods/authSources/ldapAdvancedProxy.php | 12 +++--
 .../cases/cases_Scheduler_Log_Detail.php      | 52 +------------------
 .../methods/cases/cases_Scheduler_New.php     | 52 +------------------
 3 files changed, 9 insertions(+), 107 deletions(-)

diff --git a/workflow/engine/methods/authSources/ldapAdvancedProxy.php b/workflow/engine/methods/authSources/ldapAdvancedProxy.php
index e2a7b13a7..7be576491 100644
--- a/workflow/engine/methods/authSources/ldapAdvancedProxy.php
+++ b/workflow/engine/methods/authSources/ldapAdvancedProxy.php
@@ -326,9 +326,14 @@ switch ($function) {
                 $aUser['sDN'] = str_replace($match, $newMatch, $aUser['sDN']);
             }
             $aData['USR_AUTH_USER_DN'] = $aUser['sDN'];
+            
+            $usrRole = 'PROCESSMAKER_OPERATOR';
+            if (!empty($aFields['AUTH_SOURCE_DATA']['USR_ROLE'])) {
+                $usrRole = $aFields['AUTH_SOURCE_DATA']['USR_ROLE'];
+            }
 
             try {
-                $sUserUID = $RBAC->createUser($aData, 'PROCESSMAKER_OPERATOR', $aFields['AUTH_SOURCE_NAME']);
+                $sUserUID = $RBAC->createUser($aData, $usrRole, $aFields['AUTH_SOURCE_NAME']);
                 $usersCreated .= $aData['USR_USERNAME'] . ' ';
                 $countUsers++;
             } catch (Exception $oError) {
@@ -340,10 +345,7 @@ switch ($function) {
 
             $aData['USR_STATUS'] = (isset($aUser['USR_STATUS'])) ? $aUser['USR_STATUS'] : 'ACTIVE';
             $aData['USR_UID'] = $sUserUID;
-            $aData['USR_ROLE'] = 'PROCESSMAKER_OPERATOR';
-            if (isset($aFields['AUTH_SOURCE_DATA']['USR_ROLE'])) {
-                $aData['USR_ROLE'] = $aFields['AUTH_SOURCE_DATA']['USR_ROLE'];
-            }
+            $aData['USR_ROLE'] = $usrRole;
 
             $calendarObj = new Calendar();
             $calendarObj->assignCalendarTo($sUserUID, '00000000000000000000000000000001', 'USER');
diff --git a/workflow/engine/methods/cases/cases_Scheduler_Log_Detail.php b/workflow/engine/methods/cases/cases_Scheduler_Log_Detail.php
index 1a0015a3c..ec96c16cb 100644
--- a/workflow/engine/methods/cases/cases_Scheduler_Log_Detail.php
+++ b/workflow/engine/methods/cases/cases_Scheduler_Log_Detail.php
@@ -1,58 +1,8 @@
 <?php
-/**
- * cases_Scheduler_Log_Detail.php
- *
- * ProcessMaker Open Source Edition
- * Copyright (C) 2004 - 2010 Colosa Inc.23
- *
- * This program is free software: you can redistribute it and/or modify
- * it under the terms of the GNU Affero General Public License as
- * published by the Free Software Foundation, either version 3 of the
- * License, or (at your option) any later version.
- *
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- * GNU Affero General Public License for more details.
- *
- * You should have received a copy of the GNU Affero General Public License
- * along with this program. If not, see <http://www.gnu.org/licenses/>.
- *
- * For more information, contact Colosa Inc, 2566 Le Jeune Rd.,
- * Coral Gables, FL, 33134, USA, or email info@colosa.com.
- */
+
 try {
     global $RBAC;
 
-    /*
-    switch ($RBAC->userCanAccess('PM_FACTORY'))
-    {
-    case -2:
-      G::SendTemporalMessage('ID_USER_HAVENT_RIGHTS_SYSTEM', 'error', 'labels');
-      G::header('location: ../login/login');
-      die;
-    break;
-    case -1:
-      G::SendTemporalMessage('ID_USER_HAVENT_RIGHTS_PAGE', 'error', 'labels');
-      G::header('location: ../login/login');
-      die;
-    break;
-    }
-    */
-
-    /*
-    $aFields['MESSAGE0']   = str_replace("\r\n","<br>",G::LoadTranslation('ID_USER_REGISTERED')) . '!';
-    $aFields['MESSAGE1']   = str_replace("\r\n","<br>",G::LoadTranslation('ID_MSG_ERROR_USR_USERNAME'));
-    $aFields['MESSAGE2']   = str_replace("\r\n","<br>",G::LoadTranslation('ID_MSG_ERROR_DUE_DATE'));
-    $aFields['MESSAGE3']   = str_replace("\r\n","<br>",G::LoadTranslation('ID_NEW_PASS_SAME_OLD_PASS'));
-    $aFields['MESSAGE4']   = str_replace("\r\n","<br>",G::LoadTranslation('ID_MSG_ERROR_USR_FIRSTNAME'));
-    $aFields['MESSAGE5']   = str_replace("\r\n","<br>",G::LoadTranslation('ID_MSG_ERROR_USR_LASTNAME'));
-    // the default role variable sets the value that will be showed as the default for the role field.
-    $aFields['DEFAULT_ROLE']   = 'PROCESSMAKER_OPERATOR';
-    $aFields['START_DATE'] = date('Y-m-d');
-    $aFields['END_DATE']   = date('Y-m-d', mktime(0, 0, 0, date('m'), date('d'), date('Y') + 5));
-    $aFields['USR_DUE_DATE']= date('Y-m-d', mktime(0, 0, 0, date('m'), date('d'), date('Y') + 1));
-    */
     if (! class_exists( 'LogCasesSchedulerPeer' )) {
         require_once ('classes/model/LogCasesScheduler.php');
     }
diff --git a/workflow/engine/methods/cases/cases_Scheduler_New.php b/workflow/engine/methods/cases/cases_Scheduler_New.php
index 70059b86a..1d05e373c 100644
--- a/workflow/engine/methods/cases/cases_Scheduler_New.php
+++ b/workflow/engine/methods/cases/cases_Scheduler_New.php
@@ -1,58 +1,8 @@
 <?php
-/**
- * cases_SchedulerNew.php
- *
- * ProcessMaker Open Source Edition
- * Copyright (C) 2004 - 2010 Colosa Inc.23
- *
- * This program is free software: you can redistribute it and/or modify
- * it under the terms of the GNU Affero General Public License as
- * published by the Free Software Foundation, either version 3 of the
- * License, or (at your option) any later version.
- *
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- * GNU Affero General Public License for more details.
- *
- * You should have received a copy of the GNU Affero General Public License
- * along with this program. If not, see <http://www.gnu.org/licenses/>.
- *
- * For more information, contact Colosa Inc, 2566 Le Jeune Rd.,
- * Coral Gables, FL, 33134, USA, or email info@colosa.com.
- */
+
 try {
     global $RBAC;
 
-    /*
-    switch ($RBAC->userCanAccess('PM_FACTORY'))
-    {
-    case -2:
-      G::SendTemporalMessage('ID_USER_HAVENT_RIGHTS_SYSTEM', 'error', 'labels');
-      G::header('location: ../login/login');
-      die;
-    break;
-    case -1:
-      G::SendTemporalMessage('ID_USER_HAVENT_RIGHTS_PAGE', 'error', 'labels');
-      G::header('location: ../login/login');
-      die;
-    break;
-    }
-    */
-    /*
-    $aFields['MESSAGE0']   = str_replace("\r\n","<br>",G::LoadTranslation('ID_USER_REGISTERED')) . '!';
-    $aFields['MESSAGE1']   = str_replace("\r\n","<br>",G::LoadTranslation('ID_MSG_ERROR_USR_USERNAME'));
-    $aFields['MESSAGE2']   = str_replace("\r\n","<br>",G::LoadTranslation('ID_MSG_ERROR_DUE_DATE'));
-    $aFields['MESSAGE3']   = str_replace("\r\n","<br>",G::LoadTranslation('ID_NEW_PASS_SAME_OLD_PASS'));
-    $aFields['MESSAGE4']   = str_replace("\r\n","<br>",G::LoadTranslation('ID_MSG_ERROR_USR_FIRSTNAME'));
-    $aFields['MESSAGE5']   = str_replace("\r\n","<br>",G::LoadTranslation('ID_MSG_ERROR_USR_LASTNAME'));
-    // the default role variable sets the value that will be showed as the default for the role field.
-    $aFields['DEFAULT_ROLE']   = 'PROCESSMAKER_OPERATOR';
-    $aFields['START_DATE'] = date('Y-m-d');
-    $aFields['END_DATE']   = date('Y-m-d', mktime(0, 0, 0, date('m'), date('d'), date('Y') + 5));
-    $aFields['USR_DUE_DATE']= date('Y-m-d', mktime(0, 0, 0, date('m'), date('d'), date('Y') + 1));
-    */
-
     require_once 'classes/model/CaseScheduler.php';
     require_once 'classes/model/Process.php';
     require_once 'classes/model/Task.php';