diff --git a/workflow/engine/classes/class.pmDynaform.php b/workflow/engine/classes/class.pmDynaform.php index c682a390e..5a6bc1a8f 100644 --- a/workflow/engine/classes/class.pmDynaform.php +++ b/workflow/engine/classes/class.pmDynaform.php @@ -697,6 +697,7 @@ class pmDynaform window.dynaform = new PMDynaform.core.Project({ data: data, delIndex: delIndex, + dynaformUid: dyn_uid, keys: { server: httpServerHostname, projectId: prj_uid, @@ -755,6 +756,7 @@ class pmDynaform " window.dynaform = new PMDynaform.core.Project({\n" . " data: data,\n" . " delIndex: delIndex,\n" . + " dynaformUid: dyn_uid,\n" . " keys: {\n" . " server: httpServerHostname,\n" . " projectId: prj_uid,\n" . diff --git a/workflow/engine/src/ProcessMaker/Services/Api/Cases.php b/workflow/engine/src/ProcessMaker/Services/Api/Cases.php index c3429d67b..95e5890e2 100644 --- a/workflow/engine/src/ProcessMaker/Services/Api/Cases.php +++ b/workflow/engine/src/ProcessMaker/Services/Api/Cases.php @@ -38,7 +38,19 @@ class Cases extends Api case 'doGetCaseVariables': $applicationUid = $this->parameters[$arrayArgs['app_uid']]; $dynaformUid = $this->parameters[$arrayArgs['dyn_uid']]; + $delIndex = $this->parameters[$arrayArgs['app_index']]; $userUid = $this->getUserId(); + //Check if the user has the case + $appDelegation = new \AppDelegation(); + $aCurUser = $appDelegation->getCurrentUsers($applicationUid, $delIndex); + if (!empty($aCurUser)) { + foreach ($aCurUser as $key => $value) { + if ($value === $userUid) { + return true; + } + } + } + //Check if the user has Permissions $oCases = new \ProcessMaker\BusinessModel\Cases(); return $oCases->checkUserHasPermissionsOrSupervisor($userUid, $applicationUid, $dynaformUid); break;