fernando/luos
1
0
Fork 0
Code Releases Activity
19,393 Commits 1 Branch 0 Tags
f674b935d20b37f1218f4600fbf6e13c70c7584c
Commit Graph

3194 Commits

Author SHA1 Message Date
Julio Cesar Laura Avendaño
fddc585aaa Merged in mcuiza/processmaker/HOR-1378 (pull request #4498) 
HOR-1378
 2016-07-06 15:24:59 -04:00
Victor Saisa Lopez
67a530e59e HOR-1360 "CLONE - Penetration test >> Privilege Escalation" SOLVED 
Issue:
    CLONE - Penetration test >> Privilege Escalation
Cause:
    En el profile del usuario se puede asignar un valor al rol en un request POST
Solution:
    - Se hizo un analisis de la propuesta sobre "separar los archivos", este punto no se realizo, en vez de esto
      se separo los request con un switch-case
    - Existe duplicidad de codigo en los files "usersAjax.php" y "ProcessMaker\BusinessModel\User.php",
      por lo que ahora en el file "usersAjax.php" se llama a los metodos "create y update" de la clase "ProcessMaker\BusinessModel\User.php"
    - No se hizo cambios en front-end
 2016-07-06 12:57:59 -04:00
Julio Cesar Laura Avendaño
a023682fcc Merged in gproly/processmaker/HOR-1362 (pull request #4481) 
HOR-1362
 2016-07-06 11:21:02 -04:00
mcuiza
4f9b0a611e HOR-1378: Security Se puede ingresar a proxyNewCasesList sin estar autentificado al Sistema 
correccion obsersvacion CR
 2016-07-06 10:34:47 -04:00
Paula V. Quispe
1d719e4ad5 HOR-1258 
HOR-1258

Solve the ITME to Start and ITEE

Solve the Send By

-Claim case: Previous User

HOR-1258

EOP send 2 email

, Solve the observation 7
 2016-07-05 10:24:26 -04:00
Julio Cesar Laura Avendaño
ea16c08828 HOR-1373 2016-07-05 08:46:37 -04:00
Julio Cesar Laura Avendaño
39fea2d2c5 Merged in mcuiza/processmaker/HOR-1350 (pull request #4491) 
HOR-1350
 2016-07-04 14:12:14 -04:00
Luis Fernando Saisa Lopez
bcbb328da4 HOR-1024 "Tiempo del LastLogin no se adecua al timezone..." SOLVED 2016-07-01 14:47:07 -04:00
Ronald Q
e910e146ed HOR-1385 Agregar los campos INP_DOC_TITLE y INP_DOC_DESCRIPTION en la tabla INPUT_DOCUMENT 2016-07-01 09:58:57 -04:00
mcuiza
638894455d HOR-1350: Penetration test>> Access md5 user’s password (authenticated request) 2016-06-30 10:11:27 -04:00
Roly Rudy Gutierrez Pinto
f13256d12d HOR-1362 2016-06-30 09:19:26 -04:00
Ronald Q
01b9f8760f LF 2016-06-29 12:13:11 -04:00
Ronald Q
6a82ca3e96 remove DEPO_TITLE 2016-06-29 12:07:16 -04:00
Ronald Q
5c79eb30da HOR-1316 Agregar el campo DEPO_TITLE en la tabla DEPARTMENT 2016-06-29 11:52:56 -04:00
Julio Cesar Laura Avendaño
e8caa0ae5d Merged in 3.1 (pull request #4482) 
3.1
 2016-06-29 11:31:30 -04:00
Victor Saisa Lopez
57a246b51c HOR-1363 "CLONE - Penetration test >> Internal paths exposed in cases" SOLVED 
Issue:
    CLONE - Penetration test >> Internal paths exposed in cases
Cause:
    No se filtran las variables
Solution:
    - Se filtran las variables enviadas
    - Para evitar mostrar los paths de los files que son mostrados cuando se genera un notice PHP, se debe configurar
      el php.ini, se sugiere revisar las siguientes URL: http://www.zootemplate.com/news-updates/how-to-disable-notice-and-warning-in-phpini-file
 2016-06-27 12:17:06 -04:00
Roly Rudy Gutierrez Pinto
250f04dbd4 HOR-170 2016-06-23 18:17:35 -04:00
Julio Cesar Laura Avendaño
f810b6a622 Merged in mcuiza/processmaker/HOR-1101 (pull request #4420) 
HOR-1101
 2016-06-23 15:05:55 -04:00
Julio Cesar Laura Avendaño
4dfbb5d931 Merged in qronald/processmaker/HOR-1329 (pull request #4447) 
HOR-1329
 2016-06-23 10:26:10 -04:00
Julio Cesar Laura Avendaño
8d39a55e54 Merged in dheeyi/processmaker/HOR-982 (pull request #4407) 
R-982
 2016-06-22 14:06:17 -04:00
Ronald Q
c6e803c6f0 HOR-1329 Agregar los campos PRO_TITLE y PRO_DESCRIPTION en la tabla PROCESS 2016-06-20 16:50:57 -04:00
Dheeyi William
4491d70e63 R-982 
Parallel with Subprocess Asyncrono

R-982
Parallel with Subprocess Asyncrono
 2016-06-20 15:53:52 -04:00
mcuiza
9e78e01918 HOR-1113: Process supervisor - Review - Jump to 
correcciones

.
 2016-06-20 15:16:54 -04:00
Julio Cesar Laura Avendaño
012fa791f2 Merged in danteloayza/processmaker/BY-237 (pull request #4382) 
BY-237, BY-232, BY-169, BY-170
 2016-06-17 15:50:52 -04:00
mcuiza
f4be06d7f2 HOR-1101: Batch reassignment 
.

validacion USR_UID

correccion observacion

soporte multiple plugins
 2016-06-17 12:15:29 -04:00
Dheeyi William
5781d8ed51 R-1007 
Bloquear pantalla de registro de aplicación de REST API
 2016-06-14 13:07:06 -04:00
Julio Cesar Laura Avendaño
43961b7bbf Merged in mcuiza/processmaker/HOR-1107 (pull request #4363) 
HOR-1107
 2016-06-14 11:49:57 -04:00
Julio Cesar Laura Avendaño
e73140f17d Merged in mcuiza/processmaker/HOR-1031 (pull request #4381) 
HOR-1031
 2016-06-10 09:56:16 -04:00
Julio Cesar Laura Avendaño
e277d330de Merged in zeitmaster/processmaker/MT-182 (pull request #4330) 
HOR-1263
 2016-06-10 09:54:42 -04:00
Gustavo Adolfo Cruz Laura
49116d42ce HOR-1263: Now the & and another special characters don't break the import problem. 2016-06-09 17:04:39 -04:00
Julio Cesar Laura Avendaño
5b82b5b1ad Merged in victorsl/processmaker/HOR-1061-31 (pull request #4367) 
HOR-1061
 2016-06-09 16:21:55 -04:00
Dante
0f517c46f1 Merge remote-tracking branch 'upstream/3.0.1.7-Gmail' into BY-237 
Conflicts:
	workflow/engine/methods/cases/cases_Derivate.php
 2016-06-09 14:00:37 -04:00
mcuiza
cc393c27cd HOR-1031: Security - Remove login/dbInfo page 2016-06-09 12:24:01 -04:00
Julio Cesar Laura Avendaño
22b5f6c4fc HOR-1261 2016-06-09 12:18:51 -04:00
mcuiza
1ba52c21da HOR-1107: Plugin Custom Cases List Builder y nueva estructura de Base Datos 
correccion obervacion CR

correcciones CR

.
 2016-06-08 12:04:13 -04:00
Victor Saisa Lopez
a928ef5974 HOR-1061 "Direct Case Link" SOLVED 
Issue:
    Direct Case Link
Cause:
    Nuevo requerimiento
Solution:
    Se implemento el "Direct Case Link"
 2016-06-07 16:52:49 -04:00
Julio Cesar Laura Avendaño
b78d33e2c9 Merged in paulis/processmaker/HOR-61-31 (pull request #4343) 
HOR-61
 2016-06-07 16:19:20 -04:00
Julio Cesar Laura Avendaño
e0c4e618b7 Merged in qronald/processmaker/HOR-1078 (pull request #4355) 
HOR-1078
 2016-06-07 12:21:49 -04:00
Julio Cesar Laura Avendaño
e7d0066f20 Merged in victorsl/processmaker/HOR-937-31 (pull request #4336) 
HOR-937
 2016-06-07 09:01:27 -04:00
Julio Cesar Laura Avendaño
27caf3ab19 Merged in mcuiza/processmaker/HOR-1115 (pull request #4354) 
HOR-1115
 2016-06-06 15:41:51 -04:00
Ronald Q
958d140bd7 HOR-1078 La hora mostrada en summry es diferente a la q se selecciono en el dynaform. 2016-06-03 15:03:56 -04:00
mcuiza
a2334a9c64 HOR-1115: SQL Injection on file cases/proxyNewCasesList.php 2016-06-03 12:57:23 -04:00
Ronald Q
7acaee7fb7 HOR-1092 Medium: Cross-Site Scripting 2016-06-02 14:47:36 -04:00
Paula V. Quispe
a922754d1a HOR-61: new feature expiration date 2016-06-02 10:23:09 -04:00
Victor Saisa Lopez
1c5d70f853 HOR-937 "PHP Notice: when you save a process classic" SOLVED 
Issue:
    PHP Notice: when you save a process classic
Cause:
    La funcion array_diff_assoc solo hace la comparacion con arrays unidimensionales
Solution:
    Se elimina el campo PRO_DYNAFORMS, el mismo no es utilizado/requerido en el script
 2016-06-01 14:52:57 -04:00
Victor Saisa Lopez
41c13dae23 HOR-1019 "Add option to force the ABE user to login..." SOLVED 
Issue:
    Add option to force the ABE user to login in ProcessMaker before executing Action
Cause:
    Nuevo requerimiento
Solution:
    Se implemento la opcion "Force user login" (Back-end y Front-end)
 2016-05-19 14:52:24 -04:00
mcuiza
0fc96e3e2f HOR-905: Participated folder doesn't sort by current user 
correcion obserevaciones
 2016-05-03 16:53:41 -04:00
Roly Rudy Gutierrez Pinto
ee39004f65 HOR-885 2016-04-28 12:03:26 -04:00
Julio Cesar Laura Avendaño
efe3bdeff9 Merged in gproly/processmaker/HOR-846 (pull request #4159) 
HOR-846
 2016-04-27 19:18:40 -04:00
dheeyi
afd469d756 HOR-835 
Medium: Directory Traversal

Hor-835 fix obs
 2016-04-27 11:41:52 -04:00