PMCORE-2789 LDAP> User imported as an System Administrator has permissions as an Operator user

2021-01-26 23:48:35 -04:00
parent b5c84f0ed3
commit ba5fb70db5
3 changed files with 9 additions and 107 deletions
--- a/workflow/engine/methods/authSources/ldapAdvancedProxy.php
+++ b/workflow/engine/methods/authSources/ldapAdvancedProxy.php
@@ -327,8 +327,13 @@ switch ($function) {
            }
            $aData['USR_AUTH_USER_DN'] = $aUser['sDN'];
            
+            $usrRole = 'PROCESSMAKER_OPERATOR';
+            if (!empty($aFields['AUTH_SOURCE_DATA']['USR_ROLE'])) {
+                $usrRole = $aFields['AUTH_SOURCE_DATA']['USR_ROLE'];
+            }
+
            try {
-                $sUserUID = $RBAC->createUser($aData, 'PROCESSMAKER_OPERATOR', $aFields['AUTH_SOURCE_NAME']);
+                $sUserUID = $RBAC->createUser($aData, $usrRole, $aFields['AUTH_SOURCE_NAME']);
                $usersCreated .= $aData['USR_USERNAME'] . ' ';
                $countUsers++;
            } catch (Exception $oError) {
@@ -340,10 +345,7 @@ switch ($function) {

            $aData['USR_STATUS'] = (isset($aUser['USR_STATUS'])) ? $aUser['USR_STATUS'] : 'ACTIVE';
            $aData['USR_UID'] = $sUserUID;
-            $aData['USR_ROLE'] = 'PROCESSMAKER_OPERATOR';
-            if (isset($aFields['AUTH_SOURCE_DATA']['USR_ROLE'])) {
-                $aData['USR_ROLE'] = $aFields['AUTH_SOURCE_DATA']['USR_ROLE'];
-            }
+            $aData['USR_ROLE'] = $usrRole;

            $calendarObj = new Calendar();
            $calendarObj->assignCalendarTo($sUserUID, '00000000000000000000000000000001', 'USER');
--- a/workflow/engine/methods/cases/cases_Scheduler_Log_Detail.php
+++ b/workflow/engine/methods/cases/cases_Scheduler_Log_Detail.php
@@ -1,58 +1,8 @@
 <?php
-/**
- * cases_Scheduler_Log_Detail.php
- *
- * ProcessMaker Open Source Edition
- * Copyright (C) 2004 - 2010 Colosa Inc.23
- *
- * This program is free software: you can redistribute it and/or modify
- * it under the terms of the GNU Affero General Public License as
- * published by the Free Software Foundation, either version 3 of the
- * License, or (at your option) any later version.
- *
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- * GNU Affero General Public License for more details.
- *
- * You should have received a copy of the GNU Affero General Public License
- * along with this program. If not, see <http://www.gnu.org/licenses/>.
- *
- * For more information, contact Colosa Inc, 2566 Le Jeune Rd.,
- * Coral Gables, FL, 33134, USA, or email info@colosa.com.
- */
+
 try {
    global $RBAC;

-    /*
-    switch ($RBAC->userCanAccess('PM_FACTORY'))
-    {
-    case -2:
-      G::SendTemporalMessage('ID_USER_HAVENT_RIGHTS_SYSTEM', 'error', 'labels');
-      G::header('location: ../login/login');
-      die;
-    break;
-    case -1:
-      G::SendTemporalMessage('ID_USER_HAVENT_RIGHTS_PAGE', 'error', 'labels');
-      G::header('location: ../login/login');
-      die;
-    break;
-    }
-    */
-
-    /*
-    $aFields['MESSAGE0']   = str_replace("\r\n","<br>",G::LoadTranslation('ID_USER_REGISTERED')) . '!';
-    $aFields['MESSAGE1']   = str_replace("\r\n","<br>",G::LoadTranslation('ID_MSG_ERROR_USR_USERNAME'));
-    $aFields['MESSAGE2']   = str_replace("\r\n","<br>",G::LoadTranslation('ID_MSG_ERROR_DUE_DATE'));
-    $aFields['MESSAGE3']   = str_replace("\r\n","<br>",G::LoadTranslation('ID_NEW_PASS_SAME_OLD_PASS'));
-    $aFields['MESSAGE4']   = str_replace("\r\n","<br>",G::LoadTranslation('ID_MSG_ERROR_USR_FIRSTNAME'));
-    $aFields['MESSAGE5']   = str_replace("\r\n","<br>",G::LoadTranslation('ID_MSG_ERROR_USR_LASTNAME'));
-    // the default role variable sets the value that will be showed as the default for the role field.
-    $aFields['DEFAULT_ROLE']   = 'PROCESSMAKER_OPERATOR';
-    $aFields['START_DATE'] = date('Y-m-d');
-    $aFields['END_DATE']   = date('Y-m-d', mktime(0, 0, 0, date('m'), date('d'), date('Y') + 5));
-    $aFields['USR_DUE_DATE']= date('Y-m-d', mktime(0, 0, 0, date('m'), date('d'), date('Y') + 1));
-    */
    if (! class_exists( 'LogCasesSchedulerPeer' )) {
        require_once ('classes/model/LogCasesScheduler.php');
    }
--- a/workflow/engine/methods/cases/cases_Scheduler_New.php
+++ b/workflow/engine/methods/cases/cases_Scheduler_New.php
@@ -1,58 +1,8 @@
 <?php
-/**
- * cases_SchedulerNew.php
- *
- * ProcessMaker Open Source Edition
- * Copyright (C) 2004 - 2010 Colosa Inc.23
- *
- * This program is free software: you can redistribute it and/or modify
- * it under the terms of the GNU Affero General Public License as
- * published by the Free Software Foundation, either version 3 of the
- * License, or (at your option) any later version.
- *
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- * GNU Affero General Public License for more details.
- *
- * You should have received a copy of the GNU Affero General Public License
- * along with this program. If not, see <http://www.gnu.org/licenses/>.
- *
- * For more information, contact Colosa Inc, 2566 Le Jeune Rd.,
- * Coral Gables, FL, 33134, USA, or email info@colosa.com.
- */
+
 try {
    global $RBAC;

-    /*
-    switch ($RBAC->userCanAccess('PM_FACTORY'))
-    {
-    case -2:
-      G::SendTemporalMessage('ID_USER_HAVENT_RIGHTS_SYSTEM', 'error', 'labels');
-      G::header('location: ../login/login');
-      die;
-    break;
-    case -1:
-      G::SendTemporalMessage('ID_USER_HAVENT_RIGHTS_PAGE', 'error', 'labels');
-      G::header('location: ../login/login');
-      die;
-    break;
-    }
-    */
-    /*
-    $aFields['MESSAGE0']   = str_replace("\r\n","<br>",G::LoadTranslation('ID_USER_REGISTERED')) . '!';
-    $aFields['MESSAGE1']   = str_replace("\r\n","<br>",G::LoadTranslation('ID_MSG_ERROR_USR_USERNAME'));
-    $aFields['MESSAGE2']   = str_replace("\r\n","<br>",G::LoadTranslation('ID_MSG_ERROR_DUE_DATE'));
-    $aFields['MESSAGE3']   = str_replace("\r\n","<br>",G::LoadTranslation('ID_NEW_PASS_SAME_OLD_PASS'));
-    $aFields['MESSAGE4']   = str_replace("\r\n","<br>",G::LoadTranslation('ID_MSG_ERROR_USR_FIRSTNAME'));
-    $aFields['MESSAGE5']   = str_replace("\r\n","<br>",G::LoadTranslation('ID_MSG_ERROR_USR_LASTNAME'));
-    // the default role variable sets the value that will be showed as the default for the role field.
-    $aFields['DEFAULT_ROLE']   = 'PROCESSMAKER_OPERATOR';
-    $aFields['START_DATE'] = date('Y-m-d');
-    $aFields['END_DATE']   = date('Y-m-d', mktime(0, 0, 0, date('m'), date('d'), date('Y') + 5));
-    $aFields['USR_DUE_DATE']= date('Y-m-d', mktime(0, 0, 0, date('m'), date('d'), date('Y') + 1));
-    */
-
    require_once 'classes/model/CaseScheduler.php';
    require_once 'classes/model/Process.php';
    require_once 'classes/model/Task.php';