fernando/luos
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Merged in release/3.2.2 (pull request #6128)

Browse Source 
release/3.2.2

Approved-by: Paula Quispe <paula.quispe@processmaker.com>
This commit is contained in:
Paula Quispe
2017-10-20 12:47:58 +00:00
parent 2032b5076a 4eb81fd01e
commit dd317925c5
24 changed files with 719 additions and 511 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
workflow/public_html/bootstrap.php
View File

@@ -644,8 +644,7 @@ use ProcessMaker\Plugins\PluginRegistry;
require_once 'classes/model/Users.php';
$oUser = new Users();
$aUser = $oUser->load($aSession['USR_UID']);
$_SESSION['USER_LOGGED'] = $aUser['USR_UID'];
$_SESSION['USR_USERNAME'] = $aUser['USR_USERNAME'];
initUserSession($aUser['USR_UID'], $aUser['USR_USERNAME']);
$bRedirect = false;
if (PHP_VERSION < 5.2) {
setcookie(session_name(), session_id(), time() + $timelife, '/', '; HttpOnly');

106
workflow/public_html/pmGmail/sso.php
View File

@@ -15,7 +15,7 @@ $server = isset($_GET['server']) ? $_GET['server'] : '';
//We do need the server to continue.
if( !isset($_GET['server']) || $server == "" ){
throw new \Exception(Bootstrap::LoadTranslation( 'ID_GMAIL_NEED_SERVER' ));
throw new \Exception(Bootstrap::LoadTranslation( 'ID_GMAIL_NEED_SERVER' ));
}
//First check if the feature is enabled in the license.
@@ -53,75 +53,77 @@ curl_close($curl);
$decodedResp = G::json_decode($curl_response);
if(!is_object($decodedResp) || property_exists($decodedResp,'error')) {
die($decodedResp->error->message);
die($decodedResp->error->message);
}
//getting the enviroment
$enviroment = $decodedResp->enviroment;
if(count($decodedResp->user) > 1){
echo Bootstrap::LoadTranslation( 'ID_EMAIL_MORE_THAN_ONE_USER' );
die;
echo Bootstrap::LoadTranslation( 'ID_EMAIL_MORE_THAN_ONE_USER' );
die;
} else if(count($decodedResp->user) < 1){
echo Bootstrap::LoadTranslation( 'ID_USER_NOT_FOUND' );
die;
echo Bootstrap::LoadTranslation( 'ID_USER_NOT_FOUND' );
die;
}
//validationg if there is an actual PM session
if( !isset($_SESSION['USER_LOGGED']) || $_SESSION['USER_LOGGED'] != $decodedResp->user['0']->USR_UID){
$url = 'https://www.googleapis.com/oauth2/v1/tokeninfo?access_token='.$gmailToken;
$url = 'https://www.googleapis.com/oauth2/v1/tokeninfo?access_token='.$gmailToken;
// init curl object
$ch = curl_init();
// define options
$optArray = array(
// init curl object
$ch = curl_init();
// define options
$optArray = array(
CURLOPT_URL => $url,
CURLOPT_RETURNTRANSFER => true,
CURLOPT_SSL_VERIFYPEER => false,
CURLOPT_SSL_VERIFYHOST => false
);
// apply those options
curl_setopt_array($ch, $optArray);
// execute request and get response
$result = curl_exec($ch);
$response = (G::json_decode($result));
curl_close($ch);
);
// apply those options
curl_setopt_array($ch, $optArray);
// execute request and get response
$result = curl_exec($ch);
$response = (G::json_decode($result));
curl_close($ch);
//First validate if this user (mail) corresponds to a PM user
if(isset($response->email) && ($gmail == $response->email)){
//If the email corresponds I get the username and with the gmail user_id the session is created.
if($decodedResp->user['0']->USR_STATUS == "ACTIVE"){
//User Active! lets create the Session
@session_destroy();
session_start();
session_regenerate_id();
if (PHP_VERSION < 5.2) {
setcookie("workspaceSkin", $enviroment, time() + (24 * 60 * 60), "/sys" . $enviroment, "; HttpOnly");
} else {
setcookie("workspaceSkin", $enviroment, time() + (24 * 60 * 60), "/sys" . $enviroment, null, false, true);
}
//First validate if this user (mail) corresponds to a PM user
if(isset($response->email) && ($gmail == $response->email)){
//If the email corresponds I get the username and with the gmail user_id the session is created.
if($decodedResp->user['0']->USR_STATUS == "ACTIVE"){
//User Active! lets create the Session
@session_destroy();
session_start();
session_regenerate_id();
$_SESSION = array();
$_SESSION['__EE_INSTALLATION__'] = 2;
$_SESSION['__EE_SW_PMLICENSEMANAGER__'] = 1;
$_SESSION['phpLastFileFound'] = '';
$_SESSION['USERNAME_PREVIOUS1'] = $decodedResp->user['0']->USR_USERNAME;
$_SESSION['USERNAME_PREVIOUS2'] = $decodedResp->user['0']->USR_USERNAME;
$_SESSION['WORKSPACE'] = $pmws;
$_SESSION['USER_LOGGED'] = $decodedResp->user['0']->USR_UID;
$_SESSION['USR_USERNAME'] = $decodedResp->user['0']->USR_USERNAME;
$_SESSION['USR_FULLNAME'] = $decodedResp->user['0']->USR_FIRSTNAME. ' ' .$decodedResp->user['0']->USR_LASTNAME;
$_SESSION['__sw__'] = 1;
//session created
} else {
echo Bootstrap::LoadTranslation( 'ID_USER_NOT_ACTIVE' );
die;
}
} else {
echo Bootstrap::LoadTranslation( 'ID_USER_DOES_NOT_CORRESPOND' );
die;
}
if (PHP_VERSION < 5.2) {
setcookie("workspaceSkin", $enviroment, time() + (24 * 60 * 60), "/sys" . $enviroment, "; HttpOnly");
} else {
setcookie("workspaceSkin", $enviroment, time() + (24 * 60 * 60), "/sys" . $enviroment, null, false, true);
}
$_SESSION = array();
$_SESSION['__EE_INSTALLATION__'] = 2;
$_SESSION['__EE_SW_PMLICENSEMANAGER__'] = 1;
$_SESSION['phpLastFileFound'] = '';
$_SESSION['USERNAME_PREVIOUS1'] = $decodedResp->user['0']->USR_USERNAME;
$_SESSION['USERNAME_PREVIOUS2'] = $decodedResp->user['0']->USR_USERNAME;
$_SESSION['WORKSPACE'] = $pmws;
$_SESSION['USR_FULLNAME'] = $decodedResp->user['0']->USR_FIRSTNAME. ' ' .$decodedResp->user['0']->USR_LASTNAME;
$_SESSION['__sw__'] = 1;
initUserSession(
$decodedResp->user['0']->USR_UID,
$decodedResp->user['0']->USR_USERNAME
);
//session created
} else {
echo Bootstrap::LoadTranslation( 'ID_USER_NOT_ACTIVE' );
die;
}
} else {
echo Bootstrap::LoadTranslation( 'ID_USER_DOES_NOT_CORRESPOND' );
die;
}
}
$_SESSION['server'] = 'https://' . $server . '/sys'. $pmws .'/en/'.$enviroment.'/';

24
workflow/public_html/sysGeneric.php
View File

@@ -980,8 +980,10 @@ if (! defined( 'EXECUTE_BY_CRON' )) {
require_once 'classes/model/Users.php';
$oUser = new Users();
$aUser = $oUser->load( $aSession['USR_UID'] );
$_SESSION['USER_LOGGED'] = $aUser['USR_UID'];
$_SESSION['USR_USERNAME'] = $aUser['USR_USERNAME'];
initUserSession(
$_SESSION['USER_LOGGED'],
$aUser['USR_USERNAME']
);
$bRedirect = false;
if ((preg_match("/msie/i", $_SERVER ['HTTP_USER_AGENT']) != 1 ||
$config['ie_cookie_lifetime'] == 1) &&
@@ -1000,23 +1002,27 @@ if (! defined( 'EXECUTE_BY_CRON' )) {
}
}
if ($bRedirect && !isset($_GET["tracker_designer"])) {
if (substr( SYS_SKIN, 0, 2 ) == 'ux' && SYS_SKIN != 'uxs') { // verify if the current skin is a 'ux' variant
if (isset($_GET['tracker_designer']) && intval($_GET['tracker_designer']) !== 1) {
unset($_GET['tracker_designer']);
}
if ($bRedirect && (!isset($_GET['tracker_designer']) || (!isset($_SESSION['CASE']) && !isset($_SESSION['PIN'])))) {
if (substr(SYS_SKIN, 0, 2) === 'ux' && SYS_SKIN !== 'uxs') { // verify if the current skin is a 'ux' variant
$loginUrl = 'main/login';
} else if (strpos( $_SERVER['REQUEST_URI'], '/home' ) !== false) { //verify is it is using the uxs skin for simplified interface
} else if (strpos($_SERVER['REQUEST_URI'], '/home') !== false) { //verify is it is using the uxs skin for simplified interface
$loginUrl = 'home/login';
} else {
$loginUrl = 'login/login'; // just set up the classic login
}
if (empty( $_POST )) {
header( 'location: ' . SYS_URI . $loginUrl . '?u=' . urlencode( $_SERVER['REQUEST_URI'] ) );
if (empty($_POST)) {
header('location: ' . SYS_URI . $loginUrl . '?u=' . urlencode($_SERVER['REQUEST_URI']));
} else {
if ($isControllerCall) {
header( "HTTP/1.0 302 session lost in controller" );
header("HTTP/1.0 302 session lost in controller");
} else {
header( 'location: ' . SYS_URI . $loginUrl );
header('location: ' . SYS_URI . $loginUrl);
}
}
die();