HOR-1497
This commit is contained in:
Julio Cesar Laura Avendaño
@@ -1744,22 +1744,6 @@ class Cases
|
||||
Validator::isString($usr_uid, '$usr_uid');
|
||||
Validator::usrUid($usr_uid, '$usr_uid');
|
||||
|
||||
$appCacheView = new \AppCacheView();
|
||||
$isProcessSupervisor = $appCacheView->getProUidSupervisor($usr_uid);
|
||||
$criteria = new \Criteria("workflow");
|
||||
$criteria->addSelectColumn(\AppDelegationPeer::APP_UID);
|
||||
$criteria->add(\AppDelegationPeer::APP_UID, $app_uid, \Criteria::EQUAL);
|
||||
$criteria->add(\AppDelegationPeer::USR_UID, $usr_uid, \Criteria::EQUAL);
|
||||
$criteria->add(
|
||||
$criteria->getNewCriterion(\AppDelegationPeer::USR_UID, $usr_uid, \Criteria::EQUAL)->addOr(
|
||||
$criteria->getNewCriterion(\AppDelegationPeer::PRO_UID, $isProcessSupervisor, \Criteria::IN))
|
||||
);
|
||||
$rsCriteria = \AppDelegationPeer::doSelectRS($criteria);
|
||||
|
||||
if (!$rsCriteria->next()) {
|
||||
throw (new \Exception(\G::LoadTranslation("ID_NO_PERMISSION_NO_PARTICIPATED", array($usr_uid))));
|
||||
}
|
||||
|
||||
$case = new \Cases();
|
||||
$fields = $case->loadCase($app_uid);
|
||||
|
||||
@@ -3006,5 +2990,59 @@ class Cases
|
||||
$c->add(\AppDelegationPeer::DEL_FINISH_DATE, null, \Criteria::ISNULL);
|
||||
return !(boolean) \AppDelegationPeer::doCount($c);
|
||||
}
|
||||
|
||||
public function checkUserHasPermissionsOrSupervisor($userUid, $applicationUid, $dynaformUid)
|
||||
{
|
||||
if (!empty($dynaformUid)) {
|
||||
$arrayApplicationData = $this->getApplicationRecordByPk($applicationUid, [], false);
|
||||
//Check whether the process supervisor
|
||||
$supervisor = new \ProcessMaker\BusinessModel\ProcessSupervisor();
|
||||
$userAccess = $supervisor->isUserProcessSupervisor($arrayApplicationData['PRO_UID'], $userUid);
|
||||
//Check if have objects assigned (Supervisor)
|
||||
$cases = new \Cases();
|
||||
$resultDynaForm = $cases->getAllDynaformsStepsToRevise($applicationUid);
|
||||
$flagSupervisors = false;
|
||||
while ($resultDynaForm->next()) {
|
||||
$row = $resultDynaForm->getRow();
|
||||
if ($row["STEP_UID_OBJ"] = $dynaformUid) {
|
||||
$flagSupervisors = true;
|
||||
break;
|
||||
}
|
||||
}
|
||||
//Check if have permissions VIEW
|
||||
$case = new \Cases();
|
||||
$arrayAllObjectsFrom = $case->getAllObjectsFrom($arrayApplicationData['PRO_UID'], $applicationUid, '', $userUid, 'VIEW', 0);
|
||||
$flagPermissionsVIEW = false;
|
||||
if (array_key_exists('DYNAFORMS', $arrayAllObjectsFrom) &&
|
||||
!empty($arrayAllObjectsFrom['DYNAFORMS'])
|
||||
) {
|
||||
foreach ($arrayAllObjectsFrom['DYNAFORMS'] as $value) {
|
||||
if ($value == $dynaformUid) {
|
||||
$flagPermissionsVIEW = true;
|
||||
}
|
||||
}
|
||||
}
|
||||
//Check if have permissions BLOCK
|
||||
$arrayAllObjectsFrom = $case->getAllObjectsFrom($arrayApplicationData['PRO_UID'], $applicationUid, '', $userUid, 'BLOCK', 0);
|
||||
$flagPermissionsBLOCK = false;
|
||||
if (array_key_exists('DYNAFORMS', $arrayAllObjectsFrom) &&
|
||||
!empty($arrayAllObjectsFrom['DYNAFORMS'])
|
||||
) {
|
||||
foreach ($arrayAllObjectsFrom['DYNAFORMS'] as $value) {
|
||||
if ($value == $dynaformUid) {
|
||||
$flagPermissionsBLOCK = true;
|
||||
}
|
||||
}
|
||||
}
|
||||
return ($flagSupervisors && $userAccess) || $flagPermissionsVIEW || $flagPermissionsBLOCK;
|
||||
} else {
|
||||
$arrayResult = $this->getStatusInfo($applicationUid, 0, $userUid);
|
||||
$flagParticipated = false;
|
||||
if ($arrayResult) {
|
||||
$flagParticipated = true;
|
||||
}
|
||||
return $flagParticipated;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
@@ -33,8 +33,15 @@ class Cases extends Api
|
||||
{
|
||||
try {
|
||||
$methodName = $this->restler->apiMethodInfo->methodName;
|
||||
|
||||
$arrayArgs = $this->restler->apiMethodInfo->arguments;
|
||||
switch ($methodName) {
|
||||
case 'doGetCaseVariables':
|
||||
$applicationUid = $this->parameters[$arrayArgs['app_uid']];
|
||||
$dynaformUid = $this->parameters[$arrayArgs['dyn_uid']];
|
||||
$userUid = $this->getUserId();
|
||||
$oCases = new \ProcessMaker\BusinessModel\Cases();
|
||||
return $oCases->checkUserHasPermissionsOrSupervisor($userUid, $applicationUid, $dynaformUid);
|
||||
break;
|
||||
case 'doPostReassign':
|
||||
$arrayParameters = $this->parameters[0]['cases'];
|
||||
$usrUid = $this->getUserId();
|
||||
@@ -68,8 +75,6 @@ class Cases extends Api
|
||||
}
|
||||
break;
|
||||
}
|
||||
|
||||
//Return
|
||||
return false;
|
||||
} catch (\Exception $e) {
|
||||
throw new RestException(Api::STAT_APP_EXCEPTION, $e->getMessage());
|
||||
@@ -884,19 +889,24 @@ class Cases extends Api
|
||||
/**
|
||||
* Get Case Variables
|
||||
*
|
||||
* @param string $app_uid {@min 1}{@max 32}
|
||||
*
|
||||
* @author Brayan Pereyra (Cochalo) <brayan@colosa.com>
|
||||
* @copyright Colosa - Bolivia
|
||||
*
|
||||
* @access protected
|
||||
* @class AccessControl {@className \ProcessMaker\Services\Api\Cases}
|
||||
* @url GET /:app_uid/variables
|
||||
*
|
||||
* @param string $app_uid {@min 1}{@max 32}
|
||||
* @param string $dyn_uid
|
||||
* @param string $pro_uid
|
||||
* @param string $act_uid
|
||||
* @param int $app_index
|
||||
* @return mixed
|
||||
* @throws RestException
|
||||
*/
|
||||
public function doGetCaseVariables($app_uid)
|
||||
public function doGetCaseVariables($app_uid, $dyn_uid = null, $pro_uid = null, $act_uid = null, $app_index = null)
|
||||
{
|
||||
try {
|
||||
$usr_uid = $this->getUserId();
|
||||
$cases = new \ProcessMaker\BusinessModel\Cases();
|
||||
$response = $cases->getCaseVariables($app_uid, $usr_uid);
|
||||
$response = $cases->getCaseVariables($app_uid, $usr_uid, $dyn_uid, $pro_uid, $act_uid, $app_index);
|
||||
return DateTime::convertUtcToIso8601($response);
|
||||
} catch (\Exception $e) {
|
||||
throw (new RestException(Api::STAT_APP_EXCEPTION, $e->getMessage()));
|
||||
@@ -1217,4 +1227,5 @@ class Cases extends Api
|
||||
throw new RestException(Api::STAT_APP_EXCEPTION, $e->getMessage());
|
||||
}
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
@@ -1515,9 +1515,17 @@ class Light extends Api
|
||||
/**
|
||||
* Get Case Variables
|
||||
*
|
||||
* @param string $app_uid {@min 1}{@max 32}
|
||||
*
|
||||
* @access protected
|
||||
* @class AccessControl {@className \ProcessMaker\Services\Api\Cases}
|
||||
* @url GET /:app_uid/variables
|
||||
*
|
||||
* @param string $app_uid {@min 1}{@max 32}
|
||||
* @param string $dyn_uid
|
||||
* @param string $pro_uid
|
||||
* @param string $act_uid
|
||||
* @param int $app_index
|
||||
* @return mixed
|
||||
* @throws RestException
|
||||
*/
|
||||
public function doGetCaseVariables($app_uid, $dyn_uid = null, $pro_uid = null, $act_uid = null, $app_index = null)
|
||||
{
|
||||
|
||||
Reference in New Issue
Block a user