fernando/luos
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Merges upstream master branch manually due to conflicts in the System REST end point.

Browse Source
This commit is contained in:
Gustavo Cruz
2015-03-16 08:58:18 -04:00
parent b158c20114 db29297e35
commit d1ea4faf95
417 changed files with 32934 additions and 567 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
workflow/engine/methods/cases/ajaxListener.php
View File

@@ -852,11 +852,11 @@ class Ajax
$Fields["APP_DATA"]["__DYNAFORM_OPTIONS"]["NEXT_STEP"] = "#";
$Fields["APP_DATA"]["__DYNAFORM_OPTIONS"]["NEXT_ACTION"] = "return false;";
G::LoadClass('pmDynaform');
$a = new pmDynaform($_REQUEST['DYN_UID'], $Fields['APP_DATA']);
$FieldsPmDynaform["PRO_UID"] = $_SESSION['PROCESS'];
$FieldsPmDynaform["CURRENT_DYNAFORM"] = $_REQUEST['DYN_UID'];
$a = new pmDynaform($FieldsPmDynaform);
if ($a->isResponsive()) {
$a->app_data["PROCESS"] = $_SESSION['PROCESS'];
$a->app_data["SYS_SYS"] = SYS_SYS;
$a->printView((!isset($_SESSION["PM_RUN_OUTSIDE_MAIN_APP"])) ? "true" : "false", $_SESSION['APPLICATION']);
$a->printView();
} else {
$G_PUBLISH->AddContent("dynaform", "xmlform", $_SESSION["PROCESS"] . "/" . $_POST["DYN_UID"], "", $Fields["APP_DATA"], "", "", "view");
}

15
workflow/engine/methods/cases/casesHistoryDynaformPage_Ajax.php
View File

@@ -383,11 +383,12 @@ if ($actionAjax == 'dynaformChangeLogViewHistory') {
$Fields['APP_DATA']['__DYNAFORM_OPTIONS']['NEXT_STEP'] = '#';
$Fields['APP_DATA']['__DYNAFORM_OPTIONS']['NEXT_ACTION'] = 'return false;';
G::LoadClass('pmDynaform');
$a = new pmDynaform($_GET['DYN_UID'], $Fields['APP_DATA']);
$FieldsPmDynaform = $Fields;
$FieldsPmDynaform["PRO_UID"] = $_SESSION['PROCESS'];
$FieldsPmDynaform["CURRENT_DYNAFORM"] = $_GET['DYN_UID'];
$a = new pmDynaform($FieldsPmDynaform);
if ($a->isResponsive()) {
$a->app_data["PROCESS"] = $_SESSION['PROCESS'];
$a->app_data["SYS_SYS"] = SYS_SYS;
$a->printView((!isset($_SESSION["PM_RUN_OUTSIDE_MAIN_APP"])) ? "true" : "false", $_SESSION['APPLICATION']);
$a->printView();
} else {
$G_PUBLISH->AddContent('dynaform', 'xmlform', $_SESSION['PROCESS'] . '/' . $_POST['DYN_UID'], '', $Fields['APP_DATA'], '', '', 'view');
}
@@ -474,9 +475,11 @@ if ($actionAjax == 'historyDynaformGridPreview') {
$_SESSION['CURRENT_DYN_UID'] = $_POST['DYN_UID'];
$_SESSION['DYN_UID_PRINT'] = $_POST['DYN_UID'];
G::LoadClass('pmDynaform');
$a = new pmDynaform($_GET['DYN_UID'], $Fields['APP_DATA']);
$FieldsPmDynaform = $Fields;
$FieldsPmDynaform["CURRENT_DYNAFORM"] = $_GET['DYN_UID'];
$a = new pmDynaform($FieldsPmDynaform);
if ($a->isResponsive()) {
$a->printView((!isset($_SESSION["PM_RUN_OUTSIDE_MAIN_APP"])) ? "true" : "false", $_SESSION['APPLICATION']);
$a->printView();
} else {
$G_PUBLISH->AddContent('dynaform', 'xmlform', $_SESSION['PROCESS'] . '/' . $_POST['DYN_UID'], '', $Fields['APP_DATA'], '', '', 'view');
}

2
workflow/engine/methods/cases/casesList_Ajax.php
View File

@@ -216,6 +216,7 @@ if ($actionAjax == "getUsersToReassign") {
G::LoadClass( 'tasks' );
$task = new Task();
$tasks = $task->load($_SESSION['TASK']);
$result = new stdclass();
$result->data = $case->getUsersToReassign( $_SESSION['TASK'], $_SESSION['USER_LOGGED'], $tasks['PRO_UID'] );
print G::json_encode( $result );
}
@@ -240,6 +241,7 @@ if ($actionAjax == 'reassignCase') {
//print_r($caseData);
$data['APP_NUMBER'] = $caseData['APP_NUMBER'];
$data['USER'] = $userData['USR_LASTNAME'] . ' ' . $userData['USR_FIRSTNAME']; //TODO change with the farmated username from environment conf
$result = new stdclass();
$result->status = 0;
$result->msg = G::LoadTranslation( 'ID_REASSIGNMENT_SUCCESS', SYS_LANG, $data );
} catch (Exception $e) {

11
workflow/engine/methods/cases/cases_Step.php
View File

@@ -269,11 +269,14 @@ try {
$_SESSION['CURRENT_DYN_UID'] = $_GET['UID'];
G::LoadClass('pmDynaform');
$a = new pmDynaform($_GET['UID'], $Fields['APP_DATA']);
$FieldsPmDynaform = $Fields;
$FieldsPmDynaform["PM_RUN_OUTSIDE_MAIN_APP"] = (!isset($_SESSION["PM_RUN_OUTSIDE_MAIN_APP"])) ? "true" : "false";
$FieldsPmDynaform["STEP_MODE"] = $oStep->getStepMode();
$FieldsPmDynaform["PRO_SHOW_MESSAGE"] = $noShowTitle;
$FieldsPmDynaform["TRIGGER_DEBUG"] = $_SESSION['TRIGGER_DEBUG']['ISSET'];
$a = new pmDynaform($FieldsPmDynaform);
if ($a->isResponsive()) {
$a->app_data["PRO_SHOW_MESSAGE"] = $noShowTitle;
$a->app_data["TRIGGER_DEBUG"] = $_SESSION['TRIGGER_DEBUG']['ISSET'];
$a->printEdit((!isset($_SESSION["PM_RUN_OUTSIDE_MAIN_APP"])) ? "true" : "false", $_SESSION['APPLICATION'], $array, $oStep->getStepMode());
$a->printEdit();
} else {
$G_PUBLISH->AddContent('dynaform', 'xmlform', $_SESSION['PROCESS'] . '/' . $_GET['UID'], '', $Fields['APP_DATA'], 'cases_SaveData?UID=' . $_GET['UID'] . '&APP_UID=' . $_SESSION['APPLICATION'], '', (strtolower($oStep->getStepMode()) != 'edit' ? strtolower($oStep->getStepMode()) : ''));
}

78
workflow/engine/methods/cases/main_init.php
View File

@@ -80,9 +80,49 @@ if ($oServerConf->isRtl( SYS_LANG )) {
$regionTreePanel = 'west';
$regionDebug = 'east';
}
$urlProxy = 'casesMenuLoader?action=getAllCounters&r=';
/*----------------------------------********---------------------------------*/
$urlProxy = '/api/1.0/' . SYS_SYS . '/system/counters-lists?r=';
$clientId = 'x-pm-local-client';
$client = getClientCredentials($clientId);
$authCode = getAuthorizationCode($client);
$debug = false; //System::isDebugMode();
$loader = Maveriks\Util\ClassLoader::getInstance();
$loader->add(PATH_TRUNK . 'vendor/bshaffer/oauth2-server-php/src/', "OAuth2");
$request = array(
'grant_type' => 'authorization_code',
'code' => $authCode
);
$server = array(
'REQUEST_METHOD' => 'POST'
);
$headers = array(
"PHP_AUTH_USER" => $client['CLIENT_ID'],
"PHP_AUTH_PW" => $client['CLIENT_SECRET'],
"Content-Type" => "multipart/form-data;",
"Authorization" => "Basic " . base64_encode($client['CLIENT_ID'] . ":" . $client['CLIENT_SECRET'])
);
$request = new \OAuth2\Request(array(), $request, array(), array(), array(), $server, null, $headers);
$oauthServer = new \ProcessMaker\Services\OAuth2\Server();
$response = $oauthServer->postToken($request, true);
$clientToken = $response->getParameters();
$clientToken["client_id"] = $client['CLIENT_ID'];
$clientToken["client_secret"] = $client['CLIENT_SECRET'];
/*----------------------------------********---------------------------------*/
$oHeadPublisher->assign( 'regionTreePanel', $regionTreePanel );
$oHeadPublisher->assign( 'regionDebug', $regionDebug );
$oHeadPublisher->assign( "defaultOption", $defaultOption ); //User menu permissions
$oHeadPublisher->assign( 'urlProxy', $urlProxy ); //sending the urlProxy to make
/*----------------------------------********---------------------------------*/
$oHeadPublisher->assign( 'credentials', $clientToken );
/*----------------------------------********---------------------------------*/
$oHeadPublisher->assign( "_nodeId", isset( $confDefaultOption ) ? $confDefaultOption : "PM_USERS" ); //User menu permissions
$oHeadPublisher->assign( "FORMATS", $conf->getFormats() );
@@ -90,3 +130,41 @@ $_SESSION["current_ux"] = "NORMAL";
G::RenderPage( "publish", "extJs" );
/*----------------------------------********---------------------------------*/
function getClientCredentials($clientId)
{
$oauthQuery = new ProcessMaker\Services\OAuth2\PmPdo(getDsn());
return $oauthQuery->getClientDetails($clientId);
}
function getDsn()
{
list($host, $port) = strpos(DB_HOST, ':') !== false ? explode(':', DB_HOST) : array(DB_HOST, '');
$port = empty($port) ? '' : ";port=$port";
$dsn = DB_ADAPTER.':host='.$host.';dbname='.DB_NAME.$port;
return array('dsn' => $dsn, 'username' => DB_USER, 'password' => DB_PASS);
}
function getAuthorizationCode($client)
{
\ProcessMaker\Services\OAuth2\Server::setDatabaseSource(getDsn());
\ProcessMaker\Services\OAuth2\Server::setPmClientId($client['CLIENT_ID']);
$oauthServer = new \ProcessMaker\Services\OAuth2\Server();
$userId = $_SESSION['USER_LOGGED'];
$authorize = true;
$_GET = array_merge($_GET, array(
'response_type' => 'code',
'client_id' => $client['CLIENT_ID'],
'scope' => implode(' ', $oauthServer->getScope())
));
$response = $oauthServer->postAuthorize($authorize, $userId, true);
$code = substr($response->getHttpHeader('Location'), strpos($response->getHttpHeader('Location'), 'code=')+5, 40);
return $code;
}
/*----------------------------------********---------------------------------*/

2
workflow/engine/methods/cases/pmDynaform.php
View File

@@ -2,5 +2,5 @@
$DYN_UID = $_GET["dyn_uid"];
G::LoadClass('pmDynaform');
$a = new pmDynaform($DYN_UID);
$a = new pmDynaform(array("CURRENT_DYNAFORM" => $DYN_UID));
$a->printPmDynaform();

48
workflow/engine/methods/processes/processes_Ajax.php
View File

@@ -52,22 +52,22 @@ try {
//$oData = $oJSON->decode( stripslashes( $_REQUEST['data'] ) );
$sOutput = '';
$sTask = '';
if(array_key_exists('pro_uid', $oDataAux) || array_key_exists('uid', $oDataAux) || array_key_exists('PRO_UID', $oDataAux) || array_key_exists('UID', $oDataAux)) {
if(array_key_exists('pro_uid', $oDataAux) || array_key_exists('PRO_UID', $oDataAux)) {
if(array_key_exists('pro_uid', $oDataAux)) {
$proUid = $oDataAux['pro_uid'];
} else {
$proUid = $oDataAux['PRO_UID'];
$proUid = $oDataAux['PRO_UID'];
}
} else {
$proUid = $oDataAux['uid'];
$uidAux = $proUid;
}
G::LoadClass('processes');
$infoProcess = new Processes();
if(!$infoProcess->processExists($proUid)) {
$oSL = new SwimlanesElements();
if($oSL->swimlanesElementsExists($proUid)) {
@@ -83,11 +83,11 @@ try {
$rs->next();
$row = $rs->getRow();
$proUid = $row['PRO_UID'];
}
}
}
$resultProcess = $infoProcess->getProcessRow($proUid);
$resultProcess = $infoProcess->getProcessRow($proUid);
} else {
if(array_key_exists('PU_UID', $oDataAux)) {
if(array_key_exists('PU_UID', $oDataAux)) {
$c = new Criteria('workflow');
$c->clearSelectColumns();
$c->addSelectColumn(ProcessUserPeer::PRO_UID);
@@ -98,14 +98,14 @@ try {
$oDataset->next();
$row = $oDataset->getRow();
$userSupervisor = $row['USR_UID'];
G::LoadClass('processes');
$infoProcess = new Processes();
$resultProcess = $infoProcess->getProcessRow($row['PRO_UID']);
$resultProcess = $infoProcess->getProcessRow($row['PRO_UID']);
}
}
}
if(isset($_REQUEST['pro_uid']) && !empty($_REQUEST['pro_uid']) || isset($_REQUEST['PRO_UID']) && !empty($_REQUEST['PRO_UID'])) {
if(isset($_REQUEST['pro_uid']) && !empty($_REQUEST['pro_uid'])) {
$proUid = $_REQUEST['pro_uid'];
@@ -114,21 +114,27 @@ try {
}
G::LoadClass('processes');
$infoProcess = new Processes();
$resultProcess = $infoProcess->getProcessRow($proUid);
$resultProcess = $infoProcess->getProcessRow($proUid);
}
if(isset($proUid) && $proUid != "") {
$valuesProcess['PRO_UID'] = $proUid;
$valuesProcess['PRO_UPDATE_DATE'] = date("Y-m-d H:i:s");
G::LoadClass('processes');
G::LoadClass("processes");
$infoProcess = new Processes();
$resultProcess = $infoProcess->updateProcessRow($valuesProcess);
$resultProcess = $infoProcess->getProcessRow($proUid);
if (!in_array($_REQUEST["action"], array("load"))) {
$infoProcess->updateProcessRow(array(
"PRO_UID" => $proUid,
"PRO_UPDATE_DATE" => date("Y-m-d H:i:s")
));
}
$resultProcess = $infoProcess->getProcessRow($proUid);
}
//G::LoadClass( 'processMap' );
$oProcessMap = new processMap(new DBConnection());
switch ($_REQUEST['action']) {
case 'load':
$_SESSION['PROCESS'] = $oData->uid;
@@ -345,7 +351,7 @@ try {
} else {
switch ($oData->type) {
case 0:
$oData->type = 'SEQUENTIAL';
$oData->type = 'SEQUENTIAL';
break;
case 1:
$oData->type = 'SELECT';
@@ -363,7 +369,7 @@ try {
$oData->type = 'SEC-JOIN';
break;
case 8:
$oData->type = 'DISCRIMINATOR';
$oData->type = 'DISCRIMINATOR';
break;
}
$oProcessMap->newPattern($oData->pro_uid, $oData->tas_uid, $oData->next_task, $oData->type);
@@ -384,7 +390,7 @@ try {
$taskNextInfo=$oTaskNextNewPattern->load($oData->next_task);
$titleNextTask=$taskNextInfo['TAS_TITLE'];
} else {
$titleNextTask=G::LoadTranslation("ID_END_OF_PROCESS");
$titleNextTask=G::LoadTranslation("ID_END_OF_PROCESS");
}
if ($titleNextTask=='') {
G::auditLog("DerivationRule",'PROCESS NAME : '.$titleProcess.' : '.$oData->pro_uid.' Routing rule : END OF PROCESS Task Name -> '.$titleTask.' : '.$oData->tas_uid);

12
workflow/engine/methods/services/soap.php
View File

@@ -154,6 +154,8 @@ function getCaseInfo ($params)
function SendVariables ($params)
{
G::LoadSystem('inputfilter');
$filter = new InputFilter();
ifSessionExpiredBreakThis( $params->sessionId );
$x = ifPermission( $params->sessionId, 'PM_CASES' );
if ($x == 0) {
@@ -172,6 +174,8 @@ function SendVariables ($params)
foreach ($variables as $key => $val) {
$name = $val->name;
$value = $val->value;
$val->name = $filter->validateInput($val->name);
$val->value = $filter->validateInput($val->value);
eval( '$Fields[ ' . $val->name . ' ]= $val->value ;' );
}
}
@@ -241,6 +245,8 @@ function executeTrigger ($params)
function NewCaseImpersonate ($params)
{
G::LoadSystem('inputfilter');
$filter = new InputFilter();
ifSessionExpiredBreakThis( $params->sessionId );
$x = ifPermission( $params->sessionId, 'PM_CASES' );
if ($x == 0) {
@@ -254,6 +260,8 @@ function NewCaseImpersonate ($params)
foreach ($variables as $key => $val) {
$name = $val->name;
$value = $val->value;
$val->name = $filter->validateInput($val->name);
$val->value = $filter->validateInput($val->value);
eval( '$Fields[ ' . $val->name . ' ]= $val->value ;' );
}
$params->variables = $Fields;
@@ -265,6 +273,8 @@ function NewCase ($params)
{
G::LoadClass( 'wsBase' );
G::LoadClass( 'sessions' );
G::LoadSystem('inputfilter');
$filter = new InputFilter();
ifSessionExpiredBreakThis( $params->sessionId );
$x = ifPermission( $params->sessionId, 'PM_CASES' );
if ($x == 0) {
@@ -296,6 +306,8 @@ function NewCase ($params)
$name = $val->name;
$value = $val->value;
if (! is_object( $val->value )) {
$val->name = $filter->validateInput($val->name);
$val->value = $filter->validateInput($val->value);
eval( '$Fields[ ' . $val->name . ' ]= $val->value ;' );
} else {
if (is_array( $val->value->item )) {

4
workflow/engine/methods/services/soap2.php
View File

@@ -689,6 +689,8 @@ function NewCaseImpersonate ($params)
function NewCase ($params)
{
G::LoadClass( "sessions" );
G::LoadSystem('inputfilter');
$filter = new InputFilter();
$vsResult = isValidSession( $params->sessionId );
@@ -757,6 +759,8 @@ function NewCase ($params)
if (is_array( $variables )) {
foreach ($variables as $key => $val) {
if (! is_object( $val->value )) {
$val->name = $filter->validateInput($val->name);
$val->value = $filter->validateInput($val->value);
eval( "\$field[" . $val->name . "]= \$val->value;" );
}
}

30
workflow/engine/methods/setup/appCacheViewAjax.php
View File

@@ -26,6 +26,8 @@ function testConnection($type, $server, $user, $passwd, $port = 'none', $dbName
G::LoadClass('net');
$Server = new NET($server);
G::LoadSystem('inputfilter');
$filter = new InputFilter();
if ($Server->getErrno() == 0) {
$Server->scannPort($port);
@@ -40,18 +42,24 @@ function testConnection($type, $server, $user, $passwd, $port = 'none', $dbName
$response = $Server->tryConnectServer($type);
$connDatabase = @mysql_connect($server, $user, $passwd);
$dbNameTest = "PROCESSMAKERTESTDC";
$db = @mysql_query("CREATE DATABASE " . $dbNameTest, $connDatabase);
$dbNameTest = $filter->validateInput($dbNameTest, 'nosql');
$query = "CREATE DATABASE %s";
$query = $filter->preventSqlInjection($query, array($dbNameTest), $connDatabase);
$db = @mysql_query($query, $connDatabase);
$success = false;
if (!$db) {
$message = mysql_error();;
} else {
$usrTest = "wfrbtest";
$chkG = "GRANT ALL PRIVILEGES ON `" . $dbNameTest . "`.* TO " . $usrTest . "@'%' IDENTIFIED BY 'sample' WITH GRANT OPTION";
$chkG = "GRANT ALL PRIVILEGES ON `%s`.* TO %s@'%%' IDENTIFIED BY 'sample' WITH GRANT OPTION";
$chkG = $filter->preventSqlInjection($chkG, array($dbNameTest,$usrTest), $connDatabase);
$ch = @mysql_query($chkG, $connDatabase);
if (!$ch) {
$message = mysql_error();
} else {
$sqlCreateUser = "CREATE USER '" . $user . "_usertest'@'%' IDENTIFIED BY 'sample'";
$sqlCreateUser = "CREATE USER '%s'@'%%' IDENTIFIED BY '%s'";
$user = $filter->validateInput($user, 'nosql');
$sqlCreateUser = $filter->preventSqlInjection($sqlCreateUser, array($user."_usertest","sample"), $connDatabase);
$result = @mysql_query($sqlCreateUser, $connDatabase);
if (!$result) {
$message = mysql_error();
@@ -59,12 +67,20 @@ function testConnection($type, $server, $user, $passwd, $port = 'none', $dbName
$success = true;
$message = G::LoadTranslation('ID_SUCCESSFUL_CONNECTION');
}
$sqlDropUser = "DROP USER '" . $user . "_usertest'@'%'";
$sqlDropUser = "DROP USER '%s'@'%%'";
$user = $filter->validateInput($user, 'nosql');
$sqlDropUser = $filter->preventSqlInjection($sqlDropUser, array($user."_usertest"), $connDatabase);
@mysql_query($sqlDropUser, $connDatabase);
$sqlDropUser = "DROP USER %s@'%%'";
$usrTest = $filter->validateInput($usrTest, 'nosql');
$sqlDropUser = $filter->preventSqlInjection($sqlDropUser, array($usrTest), $connDatabase);
@mysql_query($sqlDropUser, $connDatabase);
@mysql_query("DROP USER " . $usrTest . "@'%'", $connDatabase);
}
@mysql_query("DROP DATABASE " . $dbNameTest, $connDatabase);
$sqlDropDb = "DROP DATABASE %s";
$dbNameTest = $filter->validateInput($dbNameTest, 'nosql');
$sqlDropDb = $filter->preventSqlInjection($sqlDropDb, array($dbNameTest), $connDatabase);
@mysql_query($sqlDropDb, $connDatabase);
}
return array($success, ($message != "")? $message : $Server->error);
} else {

7
workflow/engine/methods/setup/pluginsChange.php
View File

@@ -29,7 +29,10 @@ $pluginStatus = $_GET['status'];
$items = array ();
G::LoadClass( 'plugin' );
//here we are enabling or disabling the plugin and all related options registered.
G::LoadSystem('inputfilter');
$filter = new InputFilter();
$path = PATH_PLUGINS . $pluginFile;
$path = $filter->validateInput($path, 'path');
$oPluginRegistry = & PMPluginRegistry::getSingleton();
@@ -69,7 +72,7 @@ if ($handle = opendir( PATH_PLUGINS )) {
}
/*----------------------------------********---------------------------------*/
//print "change to ENABLED";
require_once(PATH_PLUGINS . $pluginFile);
require_once($path);
$details = $oPluginRegistry->getPluginDetails($pluginFile);
$oPluginRegistry->enablePlugin($details->sNamespace);
$oPluginRegistry->setupPlugins(); //get and setup enabled plugins