HOR-788
La información personal de un usuario Administrador se ve en modo view. HOR-788 La información personal de un usuario Administrador se ve en modo view. HOR-788 La información personal de un usuario Administrador se ve en modo view. HOR-788 La información personal de un usuario Administrador se ve en modo view. HOR-788 La información personal de un usuario Administrador se ve en modo view.
This commit is contained in:
dheeyi william
@@ -233,6 +233,54 @@ class RBAC
|
||||
"PER_NAME" => "Undo cancel case"
|
||||
), array("PER_UID" => "00000000000000000000000000000039", "PER_CODE" => "PM_REST_API_APPLICATIONS",
|
||||
"PER_NAME" => "Create rest API Aplications"
|
||||
), array("PER_UID" => "00000000000000000000000000000040", "PER_CODE" => "PM_EDIT_USER_PROFILE_FIRST_NAME",
|
||||
"PER_NAME" => "Edit User profile First Name"
|
||||
), array("PER_UID" => "00000000000000000000000000000041", "PER_CODE" => "PM_EDIT_USER_PROFILE_LAST_NAME",
|
||||
"PER_NAME" => "Edit User profile Last Name"
|
||||
), array("PER_UID" => "00000000000000000000000000000042", "PER_CODE" => "PM_EDIT_USER_PROFILE_USERNAME",
|
||||
"PER_NAME" => "Edit User profile Username"
|
||||
), array("PER_UID" => "00000000000000000000000000000043", "PER_CODE" => "PM_EDIT_USER_PROFILE_EMAIL",
|
||||
"PER_NAME" => "Edit User profile Email"
|
||||
), array("PER_UID" => "00000000000000000000000000000044", "PER_CODE" => "PM_EDIT_USER_PROFILE_ADDRESS",
|
||||
"PER_NAME" => "Edit User profile Address"
|
||||
), array("PER_UID" => "00000000000000000000000000000045", "PER_CODE" => "PM_EDIT_USER_PROFILE_ZIP_CODE",
|
||||
"PER_NAME" => "Edit User profile Zip Code"
|
||||
), array("PER_UID" => "00000000000000000000000000000046", "PER_CODE" => "PM_EDIT_USER_PROFILE_COUNTRY",
|
||||
"PER_NAME" => "Edit User profile Country"
|
||||
), array("PER_UID" => "00000000000000000000000000000047", "PER_CODE" => "PM_EDIT_USER_PROFILE_STATE_OR_REGION",
|
||||
"PER_NAME" => "Edit User profile State or Region"
|
||||
), array("PER_UID" => "00000000000000000000000000000048", "PER_CODE" => "PM_EDIT_USER_PROFILE_LOCATION",
|
||||
"PER_NAME" => "Edit User profile Location"
|
||||
), array("PER_UID" => "00000000000000000000000000000049", "PER_CODE" => "PM_EDIT_USER_PROFILE_PHONE",
|
||||
"PER_NAME" => "Edit User profile Phone"
|
||||
), array("PER_UID" => "00000000000000000000000000000050", "PER_CODE" => "PM_EDIT_USER_PROFILE_POSITION",
|
||||
"PER_NAME" => "Edit User profile Position"
|
||||
), array("PER_UID" => "00000000000000000000000000000051", "PER_CODE" => "PM_EDIT_USER_PROFILE_REPLACED_BY",
|
||||
"PER_NAME" => "Edit User profile Replaced By"
|
||||
), array("PER_UID" => "00000000000000000000000000000052", "PER_CODE" => "PM_EDIT_USER_PROFILE_EXPIRATION_DATE",
|
||||
"PER_NAME" => "Edit User profile Expiration Date"
|
||||
), array("PER_UID" => "00000000000000000000000000000053", "PER_CODE" => "PM_EDIT_USER_PROFILE_CALENDAR",
|
||||
"PER_NAME" => "Edit User profile Calendar"
|
||||
), array("PER_UID" => "00000000000000000000000000000054", "PER_CODE" => "PM_EDIT_USER_PROFILE_STATUS",
|
||||
"PER_NAME" => "Edit User profile Status"
|
||||
), array("PER_UID" => "00000000000000000000000000000055", "PER_CODE" => "PM_EDIT_USER_PROFILE_ROLE",
|
||||
"PER_NAME" => "Edit User profile Role"
|
||||
), array("PER_UID" => "00000000000000000000000000000056", "PER_CODE" => "PM_EDIT_USER_PROFILE_TIME_ZONE",
|
||||
"PER_NAME" => "Edit User profile Time Zone"
|
||||
), array("PER_UID" => "00000000000000000000000000000057", "PER_CODE" => "PM_EDIT_USER_PROFILE_DEFAULT_LANGUAGE",
|
||||
"PER_NAME" => "Edit User profile Default Language"
|
||||
), array("PER_UID" => "00000000000000000000000000000058", "PER_CODE" => "PM_EDIT_USER_PROFILE_COSTS",
|
||||
"PER_NAME" => "Edit User profile Costs"
|
||||
), array("PER_UID" => "00000000000000000000000000000059", "PER_CODE" => "PM_EDIT_USER_PROFILE_PASSWORD",
|
||||
"PER_NAME" => "Edit User profile Password"
|
||||
), array("PER_UID" => "00000000000000000000000000000060", "PER_CODE" => "PM_EDIT_USER_PROFILE_USER_MUST_CHANGE_PASSWORD_AT_NEXT_LOGON",
|
||||
"PER_NAME" => "Edit User profile Must Change Password at next Logon"
|
||||
), array("PER_UID" => "00000000000000000000000000000061", "PER_CODE" => "PM_EDIT_USER_PROFILE_PHOTO",
|
||||
"PER_NAME" => "Edit User profile Photo"
|
||||
), array("PER_UID" => "00000000000000000000000000000062", "PER_CODE" => "PM_EDIT_USER_PROFILE_DEFAULT_MAIN_MENU_OPTIONS",
|
||||
"PER_NAME" => "Edit User profile Default Main Menu Options"
|
||||
), array("PER_UID" => "00000000000000000000000000000063", "PER_CODE" => "PM_EDIT_USER_PROFILE_DEFAULT_CASES_MENU_OPTIONS",
|
||||
"PER_NAME" => "Edit User profile Default Cases Menu Options"
|
||||
)
|
||||
);
|
||||
return $permissionsAdmin;
|
||||
@@ -894,6 +942,20 @@ class RBAC
|
||||
return $this->rolesObj->getRolePermissionsByPerUid($ROL_UID);
|
||||
}
|
||||
|
||||
/**
|
||||
* this function is Assigne role permission
|
||||
*
|
||||
*
|
||||
* @access public
|
||||
*
|
||||
* @param string $ROL_UID
|
||||
* @return $this->rolesObj->isAssigneRolePermission
|
||||
*/
|
||||
public function getPermissionAssignedRole($ROL_UID, $PER_UID)
|
||||
{
|
||||
return $this->rolesObj->getPermissionAssignedRole($ROL_UID, $PER_UID);
|
||||
}
|
||||
|
||||
/**
|
||||
* this function gets role permission
|
||||
*
|
||||
@@ -1302,27 +1364,30 @@ class RBAC
|
||||
$permission->fromArray($data, BasePeer::TYPE_FIELDNAME);
|
||||
$permission->save();
|
||||
$message[] = 'Add permission missing ' . $item['PER_CODE'];
|
||||
|
||||
//Adding new labels for new permissions
|
||||
$o = new RolesPermissions();
|
||||
$o->setPerUid($item['PER_UID']);
|
||||
$o->setPermissionName($item['PER_NAME']);
|
||||
//assigning new permissions
|
||||
$this->assigningNewPermissionsPmSetup($item);
|
||||
$this->assigningNewPermissionsPmEditProfile($item);
|
||||
}
|
||||
return $message;
|
||||
}
|
||||
|
||||
//Assigning new permissions
|
||||
/**
|
||||
* Permissions for tab ADMIN
|
||||
* @param array $item
|
||||
*/
|
||||
public function assigningNewPermissionsPmSetup($item = array())
|
||||
{
|
||||
if (strpos($item['PER_CODE'], 'PM_SETUP_') !== false) {
|
||||
$rolesWithPermissionSetup = $this->getRolePermissionsByPerUid(self::SETUPERMISSIONUID);
|
||||
$rolesWithPermissionSetup->next();
|
||||
while ($aRow = $rolesWithPermissionSetup->getRow()) {
|
||||
$userRolePermission = $this->getRolePermissions($aRow['ROL_UID']);
|
||||
$userRolePermission->next();
|
||||
$valueNewPermissions = false;
|
||||
while ($aRowPermission = $userRolePermission->getRow()) {
|
||||
if ($item['PER_CODE'] === $aRowPermission['PER_CODE']) {
|
||||
$valueNewPermissions = true;
|
||||
}
|
||||
$userRolePermission->next();
|
||||
}
|
||||
$isAssignedNewpermissions = $this->getPermissionAssignedRole($aRow['ROL_UID'], $item['PER_UID']);
|
||||
if (!$isAssignedNewpermissions) {
|
||||
$dataPermissions = array();
|
||||
if (!$valueNewPermissions) {
|
||||
$dataPermissions['ROL_UID'] = $aRow['ROL_UID'];
|
||||
$dataPermissions['PER_UID'] = $item['PER_UID'];
|
||||
$this->assignPermissionRole($dataPermissions);
|
||||
@@ -1330,7 +1395,51 @@ class RBAC
|
||||
$rolesWithPermissionSetup->next();
|
||||
}
|
||||
}
|
||||
return $message;
|
||||
}
|
||||
|
||||
/**
|
||||
* Permissions for Edit Profile User
|
||||
* @param array $item
|
||||
*/
|
||||
public function assigningNewPermissionsPmEditProfile($item = array())
|
||||
{
|
||||
if (strpos($item['PER_CODE'], 'PM_EDIT_USER_PROFILE_') !== false) {
|
||||
$allRolesRolUid = $this->getAllRoles('PROCESSMAKER');
|
||||
$perCodePM = array('PROCESSMAKER_ADMIN', 'PROCESSMAKER_OPERATOR', 'PROCESSMAKER_MANAGER');
|
||||
$permissionsForOperator = array(
|
||||
'PM_EDIT_USER_PROFILE_POSITION',
|
||||
'PM_EDIT_USER_PROFILE_REPLACED_BY',
|
||||
'PM_EDIT_USER_PROFILE_EXPIRATION_DATE',
|
||||
'PM_EDIT_USER_PROFILE_STATUS',
|
||||
'PM_EDIT_USER_PROFILE_ROLE',
|
||||
'PM_EDIT_USER_PROFILE_COSTS',
|
||||
'PM_EDIT_USER_PROFILE_USER_MUST_CHANGE_PASSWORD_AT_NEXT_LOGON',
|
||||
'PM_EDIT_USER_PROFILE_DEFAULT_MAIN_MENU_OPTIONS',
|
||||
'PM_EDIT_USER_PROFILE_DEFAULT_CASES_MENU_OPTIONS'
|
||||
);
|
||||
foreach ($allRolesRolUid as $index => $aRow) {
|
||||
$isAssignedNewpermissions = $this->getPermissionAssignedRole($aRow['ROL_UID'], $item['PER_UID']);
|
||||
$assignPermissions = true;
|
||||
if (!$isAssignedNewpermissions) {
|
||||
if ($aRow['ROL_CODE'] == 'PROCESSMAKER_OPERATOR' && in_array($item['PER_CODE'], $permissionsForOperator)) {
|
||||
$assignPermissions = false;
|
||||
}
|
||||
if (!in_array($aRow['ROL_CODE'], $perCodePM)) {
|
||||
$assignPermissions = false;
|
||||
$checkPermisionEdit = $this->getPermissionAssignedRole($aRow['ROL_UID'], '00000000000000000000000000000014');
|
||||
if ($checkPermisionEdit && !in_array($item['PER_CODE'], $permissionsForOperator)) {
|
||||
$assignPermissions = true;
|
||||
}
|
||||
}
|
||||
if ($assignPermissions) {
|
||||
$dataPermissions = array();
|
||||
$dataPermissions['ROL_UID'] = $aRow['ROL_UID'];
|
||||
$dataPermissions['PER_UID'] = $item['PER_UID'];
|
||||
$this->assignPermissionRole($dataPermissions);
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
@@ -471,6 +471,11 @@ class Roles extends BaseRoles {
|
||||
G::auditLog("DeleteUserToRole", "Delete user ".$user['USR_USERNAME']." (".$USR_UID.") to Role ".$rol['ROL_NAME']." (".$ROL_UID.") ");
|
||||
}
|
||||
|
||||
/**
|
||||
* @param $roleUid
|
||||
* @return ResultSet
|
||||
* @throws Exception
|
||||
*/
|
||||
function getRolePermissionsByPerUid($roleUid){
|
||||
try {
|
||||
$criteria = new Criteria();
|
||||
@@ -487,6 +492,36 @@ class Roles extends BaseRoles {
|
||||
throw $e;
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* Checks a permission is assigned to a Role
|
||||
* @param $ROL_UID
|
||||
* @param $PER_UID
|
||||
* @return bool
|
||||
* @throws Exception
|
||||
*/
|
||||
function getPermissionAssignedRole($ROL_UID, $PER_UID)
|
||||
{
|
||||
try {
|
||||
$criteria = new Criteria();
|
||||
$criteria->addSelectColumn(RolesPermissionsPeer::ROL_UID);
|
||||
$criteria->addSelectColumn(RolesPermissionsPeer::PER_UID);
|
||||
$criteria->add(RolesPermissionsPeer::ROL_UID, $ROL_UID, Criteria::EQUAL);
|
||||
$criteria->add(RolesPermissionsPeer::PER_UID, $PER_UID, Criteria::EQUAL);
|
||||
|
||||
$oDataset = RolesPermissionsPeer::doSelectRS($criteria);
|
||||
$oDataset->setFetchmode(ResultSet::FETCHMODE_ASSOC);
|
||||
$oDataset->next();
|
||||
if($aRowRP = $oDataset->getRow()){
|
||||
return true;
|
||||
}
|
||||
return false;
|
||||
|
||||
} catch (exception $e) {
|
||||
throw $e;
|
||||
}
|
||||
}
|
||||
|
||||
function getRolePermissions($ROL_UID, $filter='', $status=null) {
|
||||
try {
|
||||
$criteria = new Criteria();
|
||||
|
||||
@@ -37,7 +37,31 @@ INSERT INTO `RBAC_PERMISSIONS` VALUES
|
||||
('00000000000000000000000000000036','PM_DELETE_PROCESS_CASES','2016-03-01 00:00:00','2016-03-01 00:00:00',1,'00000000000000000000000000000002'),
|
||||
('00000000000000000000000000000037','PM_EDITPERSONALINFO_CALENDAR','2016-03-01 00:00:00','2016-03-01 00:00:00',1,'00000000000000000000000000000002'),
|
||||
('00000000000000000000000000000038','PM_UNCANCELCASE','2016-06-14 00:00:00','2016-06-14 00:00:00',1,'00000000000000000000000000000002'),
|
||||
('00000000000000000000000000000039','PM_REST_API_APPLICATIONS','2016-06-14 00:00:00','2016-06-14 00:00:00',1,'00000000000000000000000000000002');
|
||||
('00000000000000000000000000000039','PM_REST_API_APPLICATIONS','2016-06-14 00:00:00','2016-06-14 00:00:00',1,'00000000000000000000000000000002'),
|
||||
('00000000000000000000000000000040','PM_EDIT_USER_PROFILE_FIRST_NAME','2016-07-18 00:00:00','2016-07-18 00:00:00',1,'00000000000000000000000000000002'),
|
||||
('00000000000000000000000000000041','PM_EDIT_USER_PROFILE_LAST_NAME','2016-07-18 00:00:00','2016-07-18 00:00:00',1,'00000000000000000000000000000002'),
|
||||
('00000000000000000000000000000042','PM_EDIT_USER_PROFILE_USERNAME','2016-07-18 00:00:00','2016-07-18 00:00:00',1,'00000000000000000000000000000002'),
|
||||
('00000000000000000000000000000043','PM_EDIT_USER_PROFILE_EMAIL','2016-07-18 00:00:00','2016-07-18 00:00:00',1,'00000000000000000000000000000002'),
|
||||
('00000000000000000000000000000044','PM_EDIT_USER_PROFILE_ADDRESS','2016-07-18 00:00:00','2016-07-18 00:00:00',1,'00000000000000000000000000000002'),
|
||||
('00000000000000000000000000000045','PM_EDIT_USER_PROFILE_ZIP_CODE','2016-07-18 00:00:00','2016-07-18 00:00:00',1,'00000000000000000000000000000002'),
|
||||
('00000000000000000000000000000046','PM_EDIT_USER_PROFILE_COUNTRY','2016-07-18 00:00:00','2016-07-18 00:00:00',1,'00000000000000000000000000000002'),
|
||||
('00000000000000000000000000000047','PM_EDIT_USER_PROFILE_STATE_OR_REGION','2016-07-18 00:00:00','2016-07-18 00:00:00',1,'00000000000000000000000000000002'),
|
||||
('00000000000000000000000000000048','PM_EDIT_USER_PROFILE_LOCATION','2016-07-18 00:00:00','2016-07-18 00:00:00',1,'00000000000000000000000000000002'),
|
||||
('00000000000000000000000000000049','PM_EDIT_USER_PROFILE_PHONE','2016-07-18 00:00:00','2016-07-18 00:00:00',1,'00000000000000000000000000000002'),
|
||||
('00000000000000000000000000000050','PM_EDIT_USER_PROFILE_POSITION','2016-07-18 00:00:00','2016-07-18 00:00:00',1,'00000000000000000000000000000002'),
|
||||
('00000000000000000000000000000051','PM_EDIT_USER_PROFILE_REPLACED_BY','2016-07-18 00:00:00','2016-07-18 00:00:00',1,'00000000000000000000000000000002'),
|
||||
('00000000000000000000000000000052','PM_EDIT_USER_PROFILE_EXPIRATION_DATE','2016-07-18 00:00:00','2016-07-18 00:00:00',1,'00000000000000000000000000000002'),
|
||||
('00000000000000000000000000000053','PM_EDIT_USER_PROFILE_CALENDAR','2016-07-18 00:00:00','2016-07-18 00:00:00',1,'00000000000000000000000000000002'),
|
||||
('00000000000000000000000000000054','PM_EDIT_USER_PROFILE_STATUS','2016-07-18 00:00:00','2016-07-18 00:00:00',1,'00000000000000000000000000000002'),
|
||||
('00000000000000000000000000000055','PM_EDIT_USER_PROFILE_ROLE','2016-07-18 00:00:00','2016-07-18 00:00:00',1,'00000000000000000000000000000002'),
|
||||
('00000000000000000000000000000056','PM_EDIT_USER_PROFILE_TIME_ZONE','2016-07-18 00:00:00','2016-07-18 00:00:00',1,'00000000000000000000000000000002'),
|
||||
('00000000000000000000000000000057','PM_EDIT_USER_PROFILE_DEFAULT_LANGUAGE','2016-07-18 00:00:00','2016-07-18 00:00:00',1,'00000000000000000000000000000002'),
|
||||
('00000000000000000000000000000058','PM_EDIT_USER_PROFILE_COSTS','2016-07-18 00:00:00','2016-07-18 00:00:00',1,'00000000000000000000000000000002'),
|
||||
('00000000000000000000000000000059','PM_EDIT_USER_PROFILE_PASSWORD','2016-07-18 00:00:00','2016-07-18 00:00:00',1,'00000000000000000000000000000002'),
|
||||
('00000000000000000000000000000060','PM_EDIT_USER_PROFILE_USER_MUST_CHANGE_PASSWORD_AT_NEXT_LOGON','2016-07-18 00:00:00','2016-07-18 00:00:00',1,'00000000000000000000000000000002'),
|
||||
('00000000000000000000000000000061','PM_EDIT_USER_PROFILE_PHOTO','2016-07-18 00:00:00','2016-07-18 00:00:00',1,'00000000000000000000000000000002'),
|
||||
('00000000000000000000000000000062','PM_EDIT_USER_PROFILE_DEFAULT_MAIN_MENU_OPTIONS','2016-07-18 00:00:00','2016-07-18 00:00:00',1,'00000000000000000000000000000002'),
|
||||
('00000000000000000000000000000063','PM_EDIT_USER_PROFILE_DEFAULT_CASES_MENU_OPTIONS','2016-07-18 00:00:00','2016-07-18 00:00:00',1,'00000000000000000000000000000002');
|
||||
|
||||
INSERT INTO `RBAC_ROLES` VALUES
|
||||
('00000000000000000000000000000001','','00000000000000000000000000000001','RBAC_ADMIN','2007-07-31 19:10:22','2007-08-03 12:24:36',1),
|
||||
@@ -86,8 +110,47 @@ INSERT INTO `RBAC_ROLES_PERMISSIONS` VALUES
|
||||
('00000000000000000000000000000002','00000000000000000000000000000037'),
|
||||
('00000000000000000000000000000002','00000000000000000000000000000038'),
|
||||
('00000000000000000000000000000002','00000000000000000000000000000039'),
|
||||
('00000000000000000000000000000002','00000000000000000000000000000040'),
|
||||
('00000000000000000000000000000002','00000000000000000000000000000041'),
|
||||
('00000000000000000000000000000002','00000000000000000000000000000042'),
|
||||
('00000000000000000000000000000002','00000000000000000000000000000043'),
|
||||
('00000000000000000000000000000002','00000000000000000000000000000044'),
|
||||
('00000000000000000000000000000002','00000000000000000000000000000045'),
|
||||
('00000000000000000000000000000002','00000000000000000000000000000046'),
|
||||
('00000000000000000000000000000002','00000000000000000000000000000047'),
|
||||
('00000000000000000000000000000002','00000000000000000000000000000048'),
|
||||
('00000000000000000000000000000002','00000000000000000000000000000049'),
|
||||
('00000000000000000000000000000002','00000000000000000000000000000050'),
|
||||
('00000000000000000000000000000002','00000000000000000000000000000051'),
|
||||
('00000000000000000000000000000002','00000000000000000000000000000052'),
|
||||
('00000000000000000000000000000002','00000000000000000000000000000053'),
|
||||
('00000000000000000000000000000002','00000000000000000000000000000054'),
|
||||
('00000000000000000000000000000002','00000000000000000000000000000055'),
|
||||
('00000000000000000000000000000002','00000000000000000000000000000056'),
|
||||
('00000000000000000000000000000002','00000000000000000000000000000057'),
|
||||
('00000000000000000000000000000002','00000000000000000000000000000058'),
|
||||
('00000000000000000000000000000002','00000000000000000000000000000059'),
|
||||
('00000000000000000000000000000002','00000000000000000000000000000060'),
|
||||
('00000000000000000000000000000002','00000000000000000000000000000061'),
|
||||
('00000000000000000000000000000002','00000000000000000000000000000062'),
|
||||
('00000000000000000000000000000002','00000000000000000000000000000063'),
|
||||
('00000000000000000000000000000003','00000000000000000000000000000001'),
|
||||
('00000000000000000000000000000003','00000000000000000000000000000005'),
|
||||
('00000000000000000000000000000003','00000000000000000000000000000040'),
|
||||
('00000000000000000000000000000003','00000000000000000000000000000041'),
|
||||
('00000000000000000000000000000003','00000000000000000000000000000042'),
|
||||
('00000000000000000000000000000003','00000000000000000000000000000043'),
|
||||
('00000000000000000000000000000003','00000000000000000000000000000044'),
|
||||
('00000000000000000000000000000003','00000000000000000000000000000045'),
|
||||
('00000000000000000000000000000003','00000000000000000000000000000046'),
|
||||
('00000000000000000000000000000003','00000000000000000000000000000047'),
|
||||
('00000000000000000000000000000003','00000000000000000000000000000048'),
|
||||
('00000000000000000000000000000003','00000000000000000000000000000049'),
|
||||
('00000000000000000000000000000003','00000000000000000000000000000053'),
|
||||
('00000000000000000000000000000003','00000000000000000000000000000056'),
|
||||
('00000000000000000000000000000003','00000000000000000000000000000057'),
|
||||
('00000000000000000000000000000003','00000000000000000000000000000059'),
|
||||
('00000000000000000000000000000003','00000000000000000000000000000061'),
|
||||
('00000000000000000000000000000004','00000000000000000000000000000001'),
|
||||
('00000000000000000000000000000004','00000000000000000000000000000003'),
|
||||
('00000000000000000000000000000004','00000000000000000000000000000005'),
|
||||
@@ -122,7 +185,31 @@ INSERT INTO `RBAC_ROLES_PERMISSIONS` VALUES
|
||||
('00000000000000000000000000000004','00000000000000000000000000000036'),
|
||||
('00000000000000000000000000000004','00000000000000000000000000000037'),
|
||||
('00000000000000000000000000000004','00000000000000000000000000000038'),
|
||||
('00000000000000000000000000000004','00000000000000000000000000000039');
|
||||
('00000000000000000000000000000004','00000000000000000000000000000039'),
|
||||
('00000000000000000000000000000004','00000000000000000000000000000040'),
|
||||
('00000000000000000000000000000004','00000000000000000000000000000041'),
|
||||
('00000000000000000000000000000004','00000000000000000000000000000042'),
|
||||
('00000000000000000000000000000004','00000000000000000000000000000043'),
|
||||
('00000000000000000000000000000004','00000000000000000000000000000044'),
|
||||
('00000000000000000000000000000004','00000000000000000000000000000045'),
|
||||
('00000000000000000000000000000004','00000000000000000000000000000046'),
|
||||
('00000000000000000000000000000004','00000000000000000000000000000047'),
|
||||
('00000000000000000000000000000004','00000000000000000000000000000048'),
|
||||
('00000000000000000000000000000004','00000000000000000000000000000049'),
|
||||
('00000000000000000000000000000004','00000000000000000000000000000050'),
|
||||
('00000000000000000000000000000004','00000000000000000000000000000051'),
|
||||
('00000000000000000000000000000004','00000000000000000000000000000052'),
|
||||
('00000000000000000000000000000004','00000000000000000000000000000053'),
|
||||
('00000000000000000000000000000004','00000000000000000000000000000054'),
|
||||
('00000000000000000000000000000004','00000000000000000000000000000055'),
|
||||
('00000000000000000000000000000004','00000000000000000000000000000056'),
|
||||
('00000000000000000000000000000004','00000000000000000000000000000057'),
|
||||
('00000000000000000000000000000004','00000000000000000000000000000058'),
|
||||
('00000000000000000000000000000004','00000000000000000000000000000059'),
|
||||
('00000000000000000000000000000004','00000000000000000000000000000060'),
|
||||
('00000000000000000000000000000004','00000000000000000000000000000061'),
|
||||
('00000000000000000000000000000004','00000000000000000000000000000062'),
|
||||
('00000000000000000000000000000004','00000000000000000000000000000063');
|
||||
|
||||
INSERT INTO `RBAC_SYSTEMS` VALUES ('00000000000000000000000000000001','RBAC','2007-07-31 19:10:22','2007-08-03 12:24:36',1),('00000000000000000000000000000002','PROCESSMAKER','2007-07-31 19:10:22','2007-08-03 12:24:36',1);
|
||||
INSERT INTO `RBAC_USERS` VALUES ('00000000000000000000000000000001','admin','21232f297a57a5a743894a0e4a801fc3','Administrator','','admin@processmaker.com','2020-01-01','2007-08-03 12:24:36','2008-02-13 07:24:07',1,'MYSQL','00000000000000000000000000000000','','');
|
||||
|
||||
@@ -30,6 +30,31 @@ SELECT 'PER_NAME','','00000000000000000000000000000035','en','Setup Logs' UNION
|
||||
SELECT 'PER_NAME','','00000000000000000000000000000036','en','Delete process cases' UNION ALL
|
||||
SELECT 'PER_NAME','','00000000000000000000000000000037','en','Edit personal info Calendar' UNION ALL
|
||||
SELECT 'PER_NAME','','00000000000000000000000000000038','en','Undo cancel case' UNION ALL
|
||||
SELECT 'PER_NAME','','00000000000000000000000000000039','en','Create rest API Aplications' UNION ALL
|
||||
SELECT 'PER_NAME','','00000000000000000000000000000040','en','Edit User profile First Name' UNION ALL
|
||||
SELECT 'PER_NAME','','00000000000000000000000000000041','en','Edit User profile Last Name' UNION ALL
|
||||
SELECT 'PER_NAME','','00000000000000000000000000000042','en','Edit User profile Username' UNION ALL
|
||||
SELECT 'PER_NAME','','00000000000000000000000000000043','en','Edit User profile Email' UNION ALL
|
||||
SELECT 'PER_NAME','','00000000000000000000000000000044','en','Edit User profile Address' UNION ALL
|
||||
SELECT 'PER_NAME','','00000000000000000000000000000045','en','Edit User profile Zip Code' UNION ALL
|
||||
SELECT 'PER_NAME','','00000000000000000000000000000046','en','Edit User profile Country' UNION ALL
|
||||
SELECT 'PER_NAME','','00000000000000000000000000000047','en','Edit User profile State or Region' UNION ALL
|
||||
SELECT 'PER_NAME','','00000000000000000000000000000048','en','Edit User profile Location' UNION ALL
|
||||
SELECT 'PER_NAME','','00000000000000000000000000000049','en','Edit User profile Phone' UNION ALL
|
||||
SELECT 'PER_NAME','','00000000000000000000000000000050','en','Edit User profile Position' UNION ALL
|
||||
SELECT 'PER_NAME','','00000000000000000000000000000051','en','Edit User profile Replaced By' UNION ALL
|
||||
SELECT 'PER_NAME','','00000000000000000000000000000052','en','Edit User profile Expiration Date' UNION ALL
|
||||
SELECT 'PER_NAME','','00000000000000000000000000000053','en','Edit User profile Calendar' UNION ALL
|
||||
SELECT 'PER_NAME','','00000000000000000000000000000054','en','Edit User profile Status' UNION ALL
|
||||
SELECT 'PER_NAME','','00000000000000000000000000000055','en','Edit User profile Role' UNION ALL
|
||||
SELECT 'PER_NAME','','00000000000000000000000000000056','en','Edit User profile Time Zone' UNION ALL
|
||||
SELECT 'PER_NAME','','00000000000000000000000000000057','en','Edit User profile Default Language' UNION ALL
|
||||
SELECT 'PER_NAME','','00000000000000000000000000000058','en','Edit User profile Costs' UNION ALL
|
||||
SELECT 'PER_NAME','','00000000000000000000000000000059','en','Edit User profile Password' UNION ALL
|
||||
SELECT 'PER_NAME','','00000000000000000000000000000060','en','Edit User profile Must Change Password at next Logon' UNION ALL
|
||||
SELECT 'PER_NAME','','00000000000000000000000000000061','en','Edit User profile Photo' UNION ALL
|
||||
SELECT 'PER_NAME','','00000000000000000000000000000062','en','Edit User profile Default Main Menu Options' UNION ALL
|
||||
SELECT 'PER_NAME','','00000000000000000000000000000063','en','Edit User profile Default Cases Menu Options' UNION ALL
|
||||
SELECT 'PER_NAME','','00000000000000000000000000000013','en','Delete cases' UNION ALL
|
||||
SELECT 'PER_NAME','','00000000000000000000000000000012','en','WebDav' UNION ALL
|
||||
SELECT 'PER_NAME','','00000000000000000000000000000011','en','Dashboard' UNION ALL
|
||||
|
||||
@@ -44,7 +44,32 @@ INSERT INTO CONTENT (CON_CATEGORY,CON_PARENT,CON_ID,CON_LANG,CON_VALUE) VALUES
|
||||
('PER_NAME','','00000000000000000000000000000035','en','Setup Logs'),
|
||||
('PER_NAME','','00000000000000000000000000000036','en','Delete process cases'),
|
||||
('PER_NAME','','00000000000000000000000000000037','en','Edit personal info Calendar'),
|
||||
('PER_NAME','','00000000000000000000000000000038','en','Undo cancel case');
|
||||
('PER_NAME','','00000000000000000000000000000038','en','Undo cancel case')
|
||||
('PER_NAME','','00000000000000000000000000000039','en','Create rest API Aplications'),
|
||||
('PER_NAME','','00000000000000000000000000000040','en','Edit User profile First Name'),
|
||||
('PER_NAME','','00000000000000000000000000000041','en','Edit User profile Last Name'),
|
||||
('PER_NAME','','00000000000000000000000000000042','en','Edit User profile Username'),
|
||||
('PER_NAME','','00000000000000000000000000000043','en','Edit User profile Email'),
|
||||
('PER_NAME','','00000000000000000000000000000044','en','Edit User profile Address'),
|
||||
('PER_NAME','','00000000000000000000000000000045','en','Edit User profile Zip Code'),
|
||||
('PER_NAME','','00000000000000000000000000000046','en','Edit User profile Country'),
|
||||
('PER_NAME','','00000000000000000000000000000047','en','Edit User profile State or Region'),
|
||||
('PER_NAME','','00000000000000000000000000000048','en','Edit User profile Location'),
|
||||
('PER_NAME','','00000000000000000000000000000049','en','Edit User profile Phone'),
|
||||
('PER_NAME','','00000000000000000000000000000050','en','Edit User profile Position'),
|
||||
('PER_NAME','','00000000000000000000000000000051','en','Edit User profile Replaced By'),
|
||||
('PER_NAME','','00000000000000000000000000000052','en','Edit User profile Expiration Date'),
|
||||
('PER_NAME','','00000000000000000000000000000053','en','Edit User profile Calendar'),
|
||||
('PER_NAME','','00000000000000000000000000000054','en','Edit User profile Status'),
|
||||
('PER_NAME','','00000000000000000000000000000055','en','Edit User profile Role'),
|
||||
('PER_NAME','','00000000000000000000000000000056','en','Edit User profile Time Zone'),
|
||||
('PER_NAME','','00000000000000000000000000000057','en','Edit User profile Default Language'),
|
||||
('PER_NAME','','00000000000000000000000000000058','en','Edit User profile Costs'),
|
||||
('PER_NAME','','00000000000000000000000000000059','en','Edit User profile Password'),
|
||||
('PER_NAME','','00000000000000000000000000000060','en','Edit User profile Must Change Password at next Logon'),
|
||||
('PER_NAME','','00000000000000000000000000000061','en','Edit User profile Photo'),
|
||||
('PER_NAME','','00000000000000000000000000000062','en','Edit User profile Default Main Menu Options'),
|
||||
('PER_NAME','','00000000000000000000000000000063','en','Edit User profile Default Cases Menu Options');
|
||||
|
||||
INSERT INTO LANGUAGE (LAN_ID,LAN_LOCATION,LAN_NAME,LAN_NATIVE_NAME,LAN_DIRECTION,LAN_WEIGHT,LAN_ENABLED,LAN_CALENDAR) VALUES
|
||||
('aa','','Afar','','L','0','0','GREGORIAN'),
|
||||
|
||||
@@ -132,6 +132,8 @@ switch ($_POST['action']) {
|
||||
try {
|
||||
$user = new \ProcessMaker\BusinessModel\User();
|
||||
$form = $_POST;
|
||||
$permissionsToSaveData = $user->getPermissionsForEdit();
|
||||
$form = $user->checkPermissionForEdit($_SESSION['USER_LOGGED'], $permissionsToSaveData, $form);
|
||||
|
||||
switch ($_POST['action']) {
|
||||
case 'saveUser';
|
||||
@@ -145,13 +147,6 @@ switch ($_POST['action']) {
|
||||
) {
|
||||
throw new Exception(G::LoadTranslation('ID_USER_NOT_HAVE_PERMISSION', [$_SESSION['USER_LOGGED']]));
|
||||
}
|
||||
|
||||
unset(
|
||||
$form['USR_REPLACED_BY'],
|
||||
$form['USR_DUE_DATE'],
|
||||
$form['USR_STATUS'],
|
||||
$form['USR_ROLE']
|
||||
);
|
||||
break;
|
||||
default:
|
||||
throw new Exception(G::LoadTranslation('ID_INVALID_DATA'));
|
||||
@@ -337,8 +332,12 @@ switch ($_POST['action']) {
|
||||
unset($aFields['USR_PASSWORD']);
|
||||
}
|
||||
|
||||
$userPermissions = new \ProcessMaker\BusinessModel\User();
|
||||
$permissions = $userPermissions->loadDetailedPermissions($aFields);
|
||||
|
||||
$result->success = true;
|
||||
$result->user = $aFields;
|
||||
$result->permission = $permissions;
|
||||
|
||||
print (G::json_encode($result));
|
||||
break;
|
||||
|
||||
@@ -42,6 +42,36 @@ class User
|
||||
"usrPhoto" => "USR_PHOTO"
|
||||
);
|
||||
|
||||
private $arrayPermissionsForEditUser = array (
|
||||
'USR_FIRSTNAME' => 'PM_EDIT_USER_PROFILE_FIRST_NAME',
|
||||
'USR_LASTNAME' => 'PM_EDIT_USER_PROFILE_LAST_NAME',
|
||||
'USR_USERNAME' => 'PM_EDIT_USER_PROFILE_USERNAME',
|
||||
'USR_EMAIL' => 'PM_EDIT_USER_PROFILE_EMAIL',
|
||||
'USR_ADDRESS' => 'PM_EDIT_USER_PROFILE_ADDRESS',
|
||||
'USR_ZIP_CODE' => 'PM_EDIT_USER_PROFILE_ZIP_CODE',
|
||||
'USR_COUNTRY' => 'PM_EDIT_USER_PROFILE_COUNTRY',
|
||||
'USR_REGION' => 'PM_EDIT_USER_PROFILE_STATE_OR_REGION',
|
||||
'USR_LOCATION' => 'PM_EDIT_USER_PROFILE_LOCATION',
|
||||
'USR_PHONE' => 'PM_EDIT_USER_PROFILE_PHONE',
|
||||
'USR_POSITION' => 'PM_EDIT_USER_PROFILE_POSITION',
|
||||
'USR_REPLACED_BY' => 'PM_EDIT_USER_PROFILE_REPLACED_BY',
|
||||
'USR_DUE_DATE' => 'PM_EDIT_USER_PROFILE_EXPIRATION_DATE',
|
||||
'USR_CALENDAR' => 'PM_EDIT_USER_PROFILE_CALENDAR',
|
||||
'USR_STATUS' => 'PM_EDIT_USER_PROFILE_STATUS',
|
||||
'USR_ROLE' => 'PM_EDIT_USER_PROFILE_ROLE',
|
||||
'USR_TIME_ZONE' => 'PM_EDIT_USER_PROFILE_TIME_ZONE',
|
||||
'USR_DEFAULT_LANG' => 'PM_EDIT_USER_PROFILE_DEFAULT_LANGUAGE',
|
||||
'USR_COST_BY_HOUR' => 'PM_EDIT_USER_PROFILE_COSTS',
|
||||
'USR_UNIT_COST' => 'PM_EDIT_USER_PROFILE_COSTS',
|
||||
'USR_CUR_PASS' => 'PM_EDIT_USER_PROFILE_PASSWORD',
|
||||
'USR_NEW_PASS' => 'PM_EDIT_USER_PROFILE_PASSWORD',
|
||||
'USR_CNF_PASS' => 'PM_EDIT_USER_PROFILE_PASSWORD',
|
||||
'USR_LOGGED_NEXT_TIME' => 'PM_EDIT_USER_PROFILE_USER_MUST_CHANGE_PASSWORD_AT_NEXT_LOGON',
|
||||
'USR_PHOTO' => 'PM_EDIT_USER_PROFILE_PHOTO',
|
||||
'PREF_DEFAULT_MENUSELECTED' => 'PM_EDIT_USER_PROFILE_DEFAULT_MAIN_MENU_OPTIONS',
|
||||
'PREF_DEFAULT_CASESELECTED' => 'PM_EDIT_USER_PROFILE_DEFAULT_CASES_MENU_OPTIONS'
|
||||
);
|
||||
|
||||
/**
|
||||
* Constructor of the class
|
||||
*
|
||||
@@ -58,6 +88,13 @@ class User
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* @return array
|
||||
*/
|
||||
public function getPermissionsForEdit(){
|
||||
return $this->arrayPermissionsForEditUser;
|
||||
}
|
||||
|
||||
/**
|
||||
* Set the format of the fields name (uppercase, lowercase)
|
||||
*
|
||||
@@ -1322,6 +1359,53 @@ class User
|
||||
$this->userObj->update($fields);
|
||||
}
|
||||
|
||||
/**
|
||||
* @param $userUid
|
||||
* @param array $arrayPermission
|
||||
* @return User
|
||||
* @throws \Exception
|
||||
*/
|
||||
public function checkPermissionForEdit($userUid, $arrayPermission = array(), $form)
|
||||
{
|
||||
try {
|
||||
foreach ($arrayPermission as $key => $value) {
|
||||
$flagPermission = $this->checkPermission($userUid, $value);
|
||||
if (!$flagPermission){
|
||||
unset($form[$key]);
|
||||
}
|
||||
}
|
||||
return $form;
|
||||
} catch (\Exception $e) {
|
||||
throw $e;
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* @param $aFields
|
||||
* @return array
|
||||
* @throws \Exception
|
||||
*/
|
||||
public function loadDetailedPermissions($aFields)
|
||||
{
|
||||
try {
|
||||
global $RBAC;
|
||||
$resultPermissionsForUser = array();
|
||||
if ($aFields['USR_UID'] != '') {
|
||||
foreach ($this->arrayPermissionsForEditUser as $index => $item) {
|
||||
if ($RBAC->userCanAccess($item) !== 1) {
|
||||
$resultPermissionsForUser[$index] = $item;
|
||||
}
|
||||
}
|
||||
return $resultPermissionsForUser;
|
||||
} else {
|
||||
$lang = defined('SYS_LANG') ? SYS_LANG : 'en';
|
||||
throw (new \Exception(G::LoadTranslation("ID_USER_UID_DOESNT_EXIST", $lang, array("USR_UID" => $aFields['USR_UID']))));
|
||||
}
|
||||
} catch (\Exception $oError) {
|
||||
throw ($oError);
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* Check permission
|
||||
*
|
||||
|
||||
@@ -29,7 +29,6 @@ var displayPreferences;
|
||||
var box;
|
||||
var infoMode;
|
||||
var global = {};
|
||||
var readMode;
|
||||
var usernameText;
|
||||
var previousUsername = '';
|
||||
var canEdit = true;
|
||||
@@ -63,6 +62,8 @@ Ext.onReady(function () {
|
||||
|
||||
});
|
||||
|
||||
displayPreferences = "display: block;";
|
||||
|
||||
if (MODE == "edit" || MODE == "") {
|
||||
flagPoliciesPassword = true;
|
||||
}
|
||||
@@ -78,12 +79,7 @@ Ext.onReady(function () {
|
||||
//Mode info
|
||||
box.setVisible(false);
|
||||
box.disable();
|
||||
|
||||
displayPreferences = "display: block;";
|
||||
readMode = true;
|
||||
} else {
|
||||
displayPreferences = "display: none;";
|
||||
readMode = false;
|
||||
canEdit = false;
|
||||
}
|
||||
} else {
|
||||
@@ -93,8 +89,6 @@ Ext.onReady(function () {
|
||||
box.setVisible(false);
|
||||
box.disable();
|
||||
|
||||
displayPreferences = "display: none;";
|
||||
readMode = false;
|
||||
canEdit = false;
|
||||
}
|
||||
|
||||
@@ -305,7 +299,6 @@ Ext.onReady(function () {
|
||||
|
||||
fieldLabel: _("ID_REPLACED_BY"),
|
||||
emptyText: "- " + _("ID_NONE") + " -",
|
||||
readOnly: readMode,
|
||||
minChars: 1,
|
||||
hideTrigger: true,
|
||||
|
||||
@@ -317,8 +310,7 @@ Ext.onReady(function () {
|
||||
id : "USR_DUE_DATE",
|
||||
fieldLabel : _("ID_EXPIRATION_DATE"),
|
||||
format : "Y-m-d",
|
||||
editable : false,
|
||||
readOnly : readMode,
|
||||
editable : true,
|
||||
width : 120,
|
||||
value : (new Date().add(Date.YEAR, EXPIRATION_DATE)).format("Y-m-d")
|
||||
});
|
||||
@@ -343,7 +335,6 @@ Ext.onReady(function () {
|
||||
fieldLabel : _('ID_CALENDAR'),
|
||||
hiddenName : 'USR_CALENDAR',
|
||||
id : 'USR_CALENDAR',
|
||||
readOnly : readMode,
|
||||
store : storeCalendar,
|
||||
valueField : 'CALENDAR_UID',
|
||||
displayField : 'CALENDAR_NAME',
|
||||
@@ -375,8 +366,7 @@ Ext.onReady(function () {
|
||||
typeAhead : true,
|
||||
triggerAction : 'all',
|
||||
editable : false,
|
||||
value : 'ACTIVE',
|
||||
readOnly : readMode
|
||||
value : 'ACTIVE'
|
||||
});
|
||||
|
||||
storeRole = new Ext.data.Store({
|
||||
@@ -399,7 +389,6 @@ Ext.onReady(function () {
|
||||
fieldLabel : _('ID_ROLE'),
|
||||
hiddenName : 'USR_ROLE',
|
||||
id : 'USR_ROLE',
|
||||
readOnly : readMode,
|
||||
store : storeRole,
|
||||
valueField : 'ROL_UID',
|
||||
displayField : 'ROL_CODE',
|
||||
@@ -548,6 +537,7 @@ Ext.onReady(function () {
|
||||
allowBlank : false
|
||||
},
|
||||
{
|
||||
id : 'USR_ADDRESS',
|
||||
xtype : 'textarea',
|
||||
name : 'USR_ADDRESS',
|
||||
fieldLabel : _('ID_ADDRESS'),
|
||||
@@ -804,7 +794,7 @@ Ext.onReady(function () {
|
||||
emptyText : TRANSLATIONS.ID_SELECT,
|
||||
width : 260,
|
||||
selectOnFocus : true,
|
||||
editable : false,
|
||||
editable : true,
|
||||
triggerAction : "all",
|
||||
mode : "local"
|
||||
});
|
||||
@@ -877,7 +867,6 @@ Ext.onReady(function () {
|
||||
}
|
||||
//location.href = 'users_List';
|
||||
}
|
||||
//hidden:readMode
|
||||
}
|
||||
]
|
||||
});
|
||||
@@ -1222,7 +1211,6 @@ function userFrmEditSubmit()
|
||||
frmDetails.getForm().findField("USR_REPLACED_BY").setRawValue(usertmp.REPLACED_NAME);
|
||||
}
|
||||
|
||||
Ext.getCmp("USR_STATUS").setDisabled(readMode);
|
||||
Ext.getCmp("frmDetails").getForm().submit({
|
||||
url : "usersAjax",
|
||||
params : {
|
||||
@@ -1469,6 +1457,8 @@ function loadUserData()
|
||||
USR_LOGGED_NEXT_TIME : data.user.USR_LOGGED_NEXT_TIME
|
||||
});
|
||||
|
||||
setReadOnlyItems(data.permission);
|
||||
|
||||
if (infoMode) {
|
||||
Ext.getCmp("USR_FIRSTNAME2").setText(data.user.USR_FIRSTNAME);
|
||||
Ext.getCmp("USR_LASTNAME2").setText(data.user.USR_LASTNAME);
|
||||
@@ -1613,3 +1603,22 @@ function userExecuteEvent(element, event)
|
||||
return !element.dispatchEvent(evt);
|
||||
}
|
||||
}
|
||||
|
||||
function setReadOnlyItems(permissions) {
|
||||
for (var key in permissions) {
|
||||
disableAndReadOnly(key)
|
||||
}
|
||||
}
|
||||
function disableAndReadOnly(idElement) {
|
||||
if(idElement == 'USR_TIME_ZONE'){
|
||||
idElement = 'cboTimeZone';
|
||||
}
|
||||
if(idElement == 'USR_CUR_PASS'){
|
||||
idElement = 'currentPassword';
|
||||
}
|
||||
var myBoxCmp = Ext.getCmp(idElement);
|
||||
if (myBoxCmp) {
|
||||
Ext.getCmp(idElement).setReadOnly(true);
|
||||
Ext.getCmp(idElement).disable();
|
||||
}
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user