Merged in release/3.3.2 (pull request #6747)

PMC-385

Approved-by: Julio Cesar Laura Avendaño <contact@julio-laura.com>

gulliver/system/class.rbac.php

@@ -841,15 +841,18 @@ class RBAC
      */
     public static function destroySessionUser($usrUid)
     {
+        //remove all register of tables related to the token
+        (new OauthAccessTokens())->removeByUser($usrUid);
+        (new OauthRefreshTokens())->removeByUser($usrUid);
+        (new PmoauthUserAccessTokens())->removeByUser($usrUid);
+        (new OauthAuthorizationCodes())->removeByUser($usrUid);
+
         $loginLog = new LoginLog();
         $sessionId = $loginLog->getSessionsIdByUser($usrUid);
         if ($sessionId) {
             //remove all login log row's of LOGIN_LOG table
             $loginLog->removeByUser($usrUid);
             //remove all register of tables
-            (new OauthAccessTokens())->removeByUser($usrUid);
-            (new OauthRefreshTokens())->removeByUser($usrUid);
-            (new OauthAuthorizationCodes())->removeByUser($usrUid);
             (new Session())->removeByUser($usrUid);
 
             // 1. commit session if it's started.

workflow/engine/classes/Cases.php

@@ -3512,12 +3512,13 @@ class Cases
 
             $fieldsTrigger = [];
             foreach ($triggersList as $trigger) {
-                //Scan the code
+                /*----------------------------------********---------------------------------*/
                 $disabledCode = $this->codeScannerReview($cs, $trigger["TRI_WEBBOT"], $trigger["TRI_TITLE"]);
                 if (!empty($disabledCode)) {
                     $foundDisabledCode .= $disabledCode;
                     continue;
                 }
+                /*----------------------------------********---------------------------------*/
 
                 $execute = true;
                 //Check if the trigger has conditions for the execution

workflow/engine/classes/model/PmoauthUserAccessTokens.php

@@ -29,4 +29,20 @@ class PmoauthUserAccessTokens extends BasePmoauthUserAccessTokens
 
         return (is_array($result) && empty($result)) ? false : $result[0];
     }
+
+    /**
+     * Delete all records related to a user uid
+     *
+     * @param string $userUid User uid
+     *
+     * @return int
+     */
+    public function removeByUser($userUid)
+    {
+        $criteria = new Criteria();
+        $criteria->add(PmoauthUserAccessTokensPeer::USER_ID, $userUid);
+        $resultSet = PmoauthUserAccessTokensPeer::doDelete($criteria);
+
+        return $resultSet;
+    }
 } // PmoauthUserAccessTokens