fernando/luos
1
0
Fork 0
Code Releases Activity

Merged in bugfix/HOR-4931 (pull request #6673)

Browse Source 
HOR-4931

Approved-by: Julio Cesar Laura Avendaño <contact@julio-laura.com>
This commit is contained in:
Paula Quispe
2018-10-25 18:35:44 +00:00
committed by Julio Cesar Laura Avendaño
parent 88b61567e2 5c45dacddc
commit f40b310f23
1 changed files with 31 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files

39
workflow/engine/src/ProcessMaker/Services/Api/Cases.php
View File

@@ -2,19 +2,18 @@
namespace ProcessMaker\Services\Api; namespace ProcessMaker\Services\Api;
use AppDocument;
use AppDelegation; use AppDelegation;
use AppDelegationPeer; use AppDelegationPeer;
use AppDocument;
use Criteria; use Criteria;
use Exception; use Exception;
use ListUnassigned; use ListUnassigned;
use Luracast\Restler\RestException; use Luracast\Restler\RestException;
use ProcessMaker\BusinessModel\Cases as BmCases; use ProcessMaker\BusinessModel\Cases as BmCases;
use ProcessMaker\BusinessModel\User as BmUser; use ProcessMaker\BusinessModel\User as BmUser;
use ProcessMaker\BusinessModel\ProcessSupervisor as BmProcessSupervisor;
use ProcessMaker\Util\DateTime;
use ProcessMaker\BusinessModel\Validator;
use ProcessMaker\Services\Api; use ProcessMaker\Services\Api;
use ProcessMaker\Util\DateTime;
use RBAC;
/** /**
@@ -40,6 +39,28 @@ class Cases extends Api
"note_date" "note_date"
]; ];
/**
* Constructor of the class
* We will to define the $RBAC definition
*/
public function __construct()
{
global $RBAC;
if (!isset($RBAC)) {
$RBAC = RBAC::getSingleton(PATH_DATA, session_id());
$RBAC->sSystem = 'PROCESSMAKER';
$RBAC->initRBAC();
$RBAC->loadUserRolePermission($RBAC->sSystem, $this->getUserId());
}
}
/**
* This function adds customized validations for allow the access to functions
* If does not have access will be return 401
*
* @return boolean
* @throws Exception
*/
public function __isAllowed() public function __isAllowed()
{ {
try { try {
@@ -657,10 +678,11 @@ class Cases extends Api
$search = '' $search = ''
) { ) {
try { try {
$dataList['userId'] = $this->getUserId(); global $RBAC;
//If the user does not have PM_ALLCASES we will be able to search for cases in which the user has participated
$dataList['userId'] = ($RBAC->userCanAccess('PM_ALLCASES') == 1)? '' : $this->getUserId();
$dataList['action'] = 'search'; $dataList['action'] = 'search';
$dataList['paged'] = false; $dataList['paged'] = false;
$dataList['start'] = $start; $dataList['start'] = $start;
$dataList['limit'] = $limit; $dataList['limit'] = $limit;
$dataList['sort'] = $sort; $dataList['sort'] = $sort;
@@ -713,10 +735,11 @@ class Cases extends Api
$search = '' $search = ''
) { ) {
try { try {
$dataList['userId'] = $this->getUserId(); global $RBAC;
//If the user does not have PM_ALLCASES we will be able to search for cases in which the user has participated
$dataList['userId'] = ($RBAC->userCanAccess('PM_ALLCASES') == 1)? '' : $this->getUserId();
$dataList['action'] = 'search'; $dataList['action'] = 'search';
$dataList['paged'] = true; $dataList['paged'] = true;
$dataList['start'] = $start; $dataList['start'] = $start;
$dataList['limit'] = $limit; $dataList['limit'] = $limit;
$dataList['sort'] = $sort; $dataList['sort'] = $sort;