Merge branch 'master' of bitbucket.org:dheeyi/processmaker into PM-1737
This commit is contained in:
dheeyi
@@ -216,6 +216,7 @@ if ($actionAjax == "getUsersToReassign") {
|
||||
G::LoadClass( 'tasks' );
|
||||
$task = new Task();
|
||||
$tasks = $task->load($_SESSION['TASK']);
|
||||
$result = new stdclass();
|
||||
$result->data = $case->getUsersToReassign( $_SESSION['TASK'], $_SESSION['USER_LOGGED'], $tasks['PRO_UID'] );
|
||||
print G::json_encode( $result );
|
||||
}
|
||||
@@ -240,6 +241,7 @@ if ($actionAjax == 'reassignCase') {
|
||||
//print_r($caseData);
|
||||
$data['APP_NUMBER'] = $caseData['APP_NUMBER'];
|
||||
$data['USER'] = $userData['USR_LASTNAME'] . ' ' . $userData['USR_FIRSTNAME']; //TODO change with the farmated username from environment conf
|
||||
$result = new stdclass();
|
||||
$result->status = 0;
|
||||
$result->msg = G::LoadTranslation( 'ID_REASSIGNMENT_SUCCESS', SYS_LANG, $data );
|
||||
} catch (Exception $e) {
|
||||
|
||||
@@ -80,9 +80,49 @@ if ($oServerConf->isRtl( SYS_LANG )) {
|
||||
$regionTreePanel = 'west';
|
||||
$regionDebug = 'east';
|
||||
}
|
||||
|
||||
$urlProxy = 'casesMenuLoader?action=getAllCounters&r=';
|
||||
/*----------------------------------********---------------------------------*/
|
||||
$urlProxy = '/api/1.0/' . SYS_SYS . '/system/counters-lists?r=';
|
||||
$clientId = 'x-pm-local-client';
|
||||
$client = getClientCredentials($clientId);
|
||||
$authCode = getAuthorizationCode($client);
|
||||
$debug = false; //System::isDebugMode();
|
||||
|
||||
$loader = Maveriks\Util\ClassLoader::getInstance();
|
||||
$loader->add(PATH_TRUNK . 'vendor/bshaffer/oauth2-server-php/src/', "OAuth2");
|
||||
|
||||
$request = array(
|
||||
'grant_type' => 'authorization_code',
|
||||
'code' => $authCode
|
||||
);
|
||||
$server = array(
|
||||
'REQUEST_METHOD' => 'POST'
|
||||
);
|
||||
$headers = array(
|
||||
"PHP_AUTH_USER" => $client['CLIENT_ID'],
|
||||
"PHP_AUTH_PW" => $client['CLIENT_SECRET'],
|
||||
"Content-Type" => "multipart/form-data;",
|
||||
"Authorization" => "Basic " . base64_encode($client['CLIENT_ID'] . ":" . $client['CLIENT_SECRET'])
|
||||
);
|
||||
|
||||
$request = new \OAuth2\Request(array(), $request, array(), array(), array(), $server, null, $headers);
|
||||
$oauthServer = new \ProcessMaker\Services\OAuth2\Server();
|
||||
$response = $oauthServer->postToken($request, true);
|
||||
|
||||
$clientToken = $response->getParameters();
|
||||
$clientToken["client_id"] = $client['CLIENT_ID'];
|
||||
$clientToken["client_secret"] = $client['CLIENT_SECRET'];
|
||||
/*----------------------------------********---------------------------------*/
|
||||
|
||||
|
||||
$oHeadPublisher->assign( 'regionTreePanel', $regionTreePanel );
|
||||
$oHeadPublisher->assign( 'regionDebug', $regionDebug );
|
||||
$oHeadPublisher->assign( "defaultOption", $defaultOption ); //User menu permissions
|
||||
$oHeadPublisher->assign( 'urlProxy', $urlProxy ); //sending the urlProxy to make
|
||||
/*----------------------------------********---------------------------------*/
|
||||
$oHeadPublisher->assign( 'credentials', $clientToken );
|
||||
/*----------------------------------********---------------------------------*/
|
||||
$oHeadPublisher->assign( "_nodeId", isset( $confDefaultOption ) ? $confDefaultOption : "PM_USERS" ); //User menu permissions
|
||||
$oHeadPublisher->assign( "FORMATS", $conf->getFormats() );
|
||||
|
||||
@@ -90,3 +130,41 @@ $_SESSION["current_ux"] = "NORMAL";
|
||||
|
||||
G::RenderPage( "publish", "extJs" );
|
||||
|
||||
|
||||
/*----------------------------------********---------------------------------*/
|
||||
function getClientCredentials($clientId)
|
||||
{
|
||||
$oauthQuery = new ProcessMaker\Services\OAuth2\PmPdo(getDsn());
|
||||
return $oauthQuery->getClientDetails($clientId);
|
||||
}
|
||||
|
||||
function getDsn()
|
||||
{
|
||||
list($host, $port) = strpos(DB_HOST, ':') !== false ? explode(':', DB_HOST) : array(DB_HOST, '');
|
||||
$port = empty($port) ? '' : ";port=$port";
|
||||
$dsn = DB_ADAPTER.':host='.$host.';dbname='.DB_NAME.$port;
|
||||
|
||||
return array('dsn' => $dsn, 'username' => DB_USER, 'password' => DB_PASS);
|
||||
}
|
||||
|
||||
|
||||
function getAuthorizationCode($client)
|
||||
{
|
||||
\ProcessMaker\Services\OAuth2\Server::setDatabaseSource(getDsn());
|
||||
\ProcessMaker\Services\OAuth2\Server::setPmClientId($client['CLIENT_ID']);
|
||||
|
||||
$oauthServer = new \ProcessMaker\Services\OAuth2\Server();
|
||||
$userId = $_SESSION['USER_LOGGED'];
|
||||
$authorize = true;
|
||||
$_GET = array_merge($_GET, array(
|
||||
'response_type' => 'code',
|
||||
'client_id' => $client['CLIENT_ID'],
|
||||
'scope' => implode(' ', $oauthServer->getScope())
|
||||
));
|
||||
|
||||
$response = $oauthServer->postAuthorize($authorize, $userId, true);
|
||||
$code = substr($response->getHttpHeader('Location'), strpos($response->getHttpHeader('Location'), 'code=')+5, 40);
|
||||
|
||||
return $code;
|
||||
}
|
||||
/*----------------------------------********---------------------------------*/
|
||||
@@ -26,6 +26,8 @@ function testConnection($type, $server, $user, $passwd, $port = 'none', $dbName
|
||||
|
||||
G::LoadClass('net');
|
||||
$Server = new NET($server);
|
||||
G::LoadSystem('inputfilter');
|
||||
$filter = new InputFilter();
|
||||
|
||||
if ($Server->getErrno() == 0) {
|
||||
$Server->scannPort($port);
|
||||
@@ -40,18 +42,24 @@ function testConnection($type, $server, $user, $passwd, $port = 'none', $dbName
|
||||
$response = $Server->tryConnectServer($type);
|
||||
$connDatabase = @mysql_connect($server, $user, $passwd);
|
||||
$dbNameTest = "PROCESSMAKERTESTDC";
|
||||
$db = @mysql_query("CREATE DATABASE " . $dbNameTest, $connDatabase);
|
||||
$dbNameTest = $filter->validateInput($dbNameTest, 'nosql');
|
||||
$query = "CREATE DATABASE %s";
|
||||
$query = $filter->preventSqlInjection($query, array($dbNameTest), $connDatabase);
|
||||
$db = @mysql_query($query, $connDatabase);
|
||||
$success = false;
|
||||
if (!$db) {
|
||||
$message = mysql_error();;
|
||||
} else {
|
||||
$usrTest = "wfrbtest";
|
||||
$chkG = "GRANT ALL PRIVILEGES ON `" . $dbNameTest . "`.* TO " . $usrTest . "@'%' IDENTIFIED BY 'sample' WITH GRANT OPTION";
|
||||
$chkG = "GRANT ALL PRIVILEGES ON `%s`.* TO %s@'%%' IDENTIFIED BY 'sample' WITH GRANT OPTION";
|
||||
$chkG = $filter->preventSqlInjection($chkG, array($dbNameTest,$usrTest), $connDatabase);
|
||||
$ch = @mysql_query($chkG, $connDatabase);
|
||||
if (!$ch) {
|
||||
$message = mysql_error();
|
||||
} else {
|
||||
$sqlCreateUser = "CREATE USER '" . $user . "_usertest'@'%' IDENTIFIED BY 'sample'";
|
||||
$sqlCreateUser = "CREATE USER '%s'@'%%' IDENTIFIED BY '%s'";
|
||||
$user = $filter->validateInput($user, 'nosql');
|
||||
$sqlCreateUser = $filter->preventSqlInjection($sqlCreateUser, array($user."_usertest","sample"), $connDatabase);
|
||||
$result = @mysql_query($sqlCreateUser, $connDatabase);
|
||||
if (!$result) {
|
||||
$message = mysql_error();
|
||||
@@ -59,12 +67,20 @@ function testConnection($type, $server, $user, $passwd, $port = 'none', $dbName
|
||||
$success = true;
|
||||
$message = G::LoadTranslation('ID_SUCCESSFUL_CONNECTION');
|
||||
}
|
||||
$sqlDropUser = "DROP USER '" . $user . "_usertest'@'%'";
|
||||
$sqlDropUser = "DROP USER '%s'@'%%'";
|
||||
$user = $filter->validateInput($user, 'nosql');
|
||||
$sqlDropUser = $filter->preventSqlInjection($sqlDropUser, array($user."_usertest"), $connDatabase);
|
||||
@mysql_query($sqlDropUser, $connDatabase);
|
||||
|
||||
$sqlDropUser = "DROP USER %s@'%%'";
|
||||
$usrTest = $filter->validateInput($usrTest, 'nosql');
|
||||
$sqlDropUser = $filter->preventSqlInjection($sqlDropUser, array($usrTest), $connDatabase);
|
||||
@mysql_query($sqlDropUser, $connDatabase);
|
||||
|
||||
@mysql_query("DROP USER " . $usrTest . "@'%'", $connDatabase);
|
||||
}
|
||||
@mysql_query("DROP DATABASE " . $dbNameTest, $connDatabase);
|
||||
$sqlDropDb = "DROP DATABASE %s";
|
||||
$dbNameTest = $filter->validateInput($dbNameTest, 'nosql');
|
||||
$sqlDropDb = $filter->preventSqlInjection($sqlDropDb, array($dbNameTest), $connDatabase);
|
||||
@mysql_query($sqlDropDb, $connDatabase);
|
||||
}
|
||||
return array($success, ($message != "")? $message : $Server->error);
|
||||
} else {
|
||||
|
||||
Reference in New Issue
Block a user