fernando/luos
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

BUG 10852 Control de los reenvíos de la notificaciones 'Messages History' SOLVED

Browse Source 
- Se requiere que los reenvíos que se hacen a través del historial de mensajes, no se pueda realizar desde el menú casos, ya que existe el problema que cualquier usuario que haya participado de un caso puede reenviar notificaciones, a cualquier usuario, y existe el peligro de divulgación de información crítica que debe ser restringida por roles.
- Added Roles to control Messages History.
This commit is contained in:
Hector Cortez
2013-04-15 15:49:27 -04:00
parent 03596f504b
commit c90a1d4da2
7 changed files with 465 additions and 256 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
workflow/engine/methods/processes/processes_SaveObjectPermission.php
View File

@@ -42,10 +42,11 @@ if ($access != 1) {
break;
}
}
if (isset( $_POST['form'] ))
if (isset( $_POST['form'] )) {
$sValue = $_POST['form']; //For old processmap
else
} else {
$sValue = $_POST; //For new processmap EXtjs
}
list ($iRelation, $sUserGroup) = explode( '|', $sValue['GROUP_USER'] );
@@ -66,11 +67,13 @@ switch ($sValue['OP_OBJ_TYPE']) {
case 'OUTPUT':
$sObjectUID = $sValue['OUTPUTS'];
break;
case 'MSGS_HISTORY':
$sObjectUID = $sValue['MSGS_HISTORY'];
break;
}
require_once 'classes/model/ObjectPermission.php';
$oOP = new ObjectPermission();
$aData = array ('OP_UID' => G::generateUniqueID(),'PRO_UID' => $sValue['PRO_UID'],'TAS_UID' => $sValue['TAS_UID'],'USR_UID' => (string) $sUserGroup,'OP_USER_RELATION' => $iRelation,'OP_TASK_SOURCE' => $sValue['OP_TASK_SOURCE'],'OP_PARTICIPATE' => $sValue['OP_PARTICIPATE'],'OP_OBJ_TYPE' => $sValue['OP_OBJ_TYPE'],'OP_OBJ_UID' => $sObjectUID,'OP_ACTION' => $sValue['OP_ACTION'],'OP_CASE_STATUS' => $sValue['OP_CASE_STATUS']
);
$aData = array ('OP_UID' => G::generateUniqueID(),'PRO_UID' => $sValue['PRO_UID'],'TAS_UID' => $sValue['TAS_UID'],'USR_UID' => (string) $sUserGroup,'OP_USER_RELATION' => $iRelation,'OP_TASK_SOURCE' => $sValue['OP_TASK_SOURCE'],'OP_PARTICIPATE' => $sValue['OP_PARTICIPATE'],'OP_OBJ_TYPE' => $sValue['OP_OBJ_TYPE'],'OP_OBJ_UID' => $sObjectUID,'OP_ACTION' => $sValue['OP_ACTION'],'OP_CASE_STATUS' => $sValue['OP_CASE_STATUS']);
$oOP->fromArray( $aData, BasePeer::TYPE_FIELDNAME );
$oOP->save();
G::LoadClass( 'processMap' );