PMCORE-1349 [19511] Multiple file fields dont work with Action By Email
This commit is contained in:
Roly Rudy Gutierrez Pinto
@@ -44,7 +44,12 @@ if (empty($_GET['v'])) {
|
||||
//Check if the user can be download the input Document
|
||||
//Send the parameter v = Version
|
||||
//Send the parameter a = Case UID
|
||||
if ($RBAC->userCanAccess('PM_FOLDERS_ALL') != 1 && defined('DISABLE_DOWNLOAD_DOCUMENTS_SESSION_VALIDATION') && DISABLE_DOWNLOAD_DOCUMENTS_SESSION_VALIDATION == 0) {
|
||||
$isGuestUser = false;
|
||||
if (!empty($_SESSION['GUEST_USER']) && $_SESSION['GUEST_USER'] === RBAC::GUEST_USER_UID) {
|
||||
$isGuestUser = true;
|
||||
}
|
||||
$access = $RBAC->userCanAccess('PM_FOLDERS_ALL') != 1 && defined('DISABLE_DOWNLOAD_DOCUMENTS_SESSION_VALIDATION') && DISABLE_DOWNLOAD_DOCUMENTS_SESSION_VALIDATION == 0;
|
||||
if ($access && $isGuestUser === false) {
|
||||
if (!$oAppDocument->canDownloadInput($_SESSION['USER_LOGGED'], $_GET['a'], $docVersion)) {
|
||||
G::header('Location: /errors/error403.php?url=' . urlencode($_SERVER['REQUEST_URI']));
|
||||
die();
|
||||
|
||||
@@ -48,7 +48,7 @@ if (isset($_GET['BROWSER_TIME_ZONE_OFFSET'])) {
|
||||
|
||||
$record = [];
|
||||
$record['DYN_CONTENT'] = $configuration['DYN_CONTENT'];
|
||||
$record['PRO_UID'] = $configuration['PRO_UID'];
|
||||
$record['PRO_UID'] = $configuration['PRO_UID'];
|
||||
$record['CURRENT_DYNAFORM'] = G::decrypt($_REQUEST['DYN_UID'], URL_KEY);
|
||||
$record['APP_UID'] = $_REQUEST['APP_UID'];
|
||||
$record['DEL_INDEX'] = $_REQUEST['DEL_INDEX'];
|
||||
@@ -56,9 +56,21 @@ if (isset($_GET['BROWSER_TIME_ZONE_OFFSET'])) {
|
||||
$record['APP_DATA'] = $caseFields['APP_DATA'];
|
||||
|
||||
if (is_null($caseFields['DEL_FINISH_DATE'])) {
|
||||
$a = new PmDynaform($record);
|
||||
|
||||
$a->printABE($action,$record);
|
||||
//we define the guest user
|
||||
$restore = false;
|
||||
if (isset($_SESSION["USER_LOGGED"])) {
|
||||
$restore = $_SESSION["USER_LOGGED"];
|
||||
}
|
||||
$_SESSION["USER_LOGGED"] = RBAC::GUEST_USER_UID;
|
||||
$_SESSION['GUEST_USER'] = RBAC::GUEST_USER_UID;
|
||||
$pmDynaform = new PmDynaform($record);
|
||||
//we must return to the original value of the session
|
||||
if ($restore === false) {
|
||||
unset($_SESSION["USER_LOGGED"]);
|
||||
} else {
|
||||
$_SESSION["USER_LOGGED"] = $restore;
|
||||
}
|
||||
$pmDynaform->printABE($action, $record);
|
||||
} else {
|
||||
$G_PUBLISH->AddContent(
|
||||
'xmlform',
|
||||
|
||||
14
workflow/engine/src/ProcessMaker/Model/AppDocument.php
Normal file
14
workflow/engine/src/ProcessMaker/Model/AppDocument.php
Normal file
@@ -0,0 +1,14 @@
|
||||
<?php
|
||||
|
||||
namespace ProcessMaker\Model;
|
||||
|
||||
use Illuminate\Database\Eloquent\Model;
|
||||
|
||||
class AppDocument extends Model
|
||||
{
|
||||
protected $table = "APP_DOCUMENT";
|
||||
protected $primaryKey = 'APP_DOC_UID';
|
||||
public $incrementing = false;
|
||||
public $timestamps = false;
|
||||
|
||||
}
|
||||
@@ -72,6 +72,10 @@ class Cases extends Api
|
||||
$dynaformUid = $this->parameters[$arrayArgs['dyn_uid']];
|
||||
$delIndex = $this->parameters[$arrayArgs['app_index']];
|
||||
$userUid = $this->getUserId();
|
||||
//check the guest user
|
||||
if ($userUid === RBAC::GUEST_USER_UID) {
|
||||
return true;
|
||||
}
|
||||
//Check if the user has the case
|
||||
$appDelegation = new AppDelegation();
|
||||
$aCurUser = $appDelegation->getCurrentUsers($applicationUid, $delIndex);
|
||||
|
||||
Reference in New Issue
Block a user