fernando/luos
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
06963d81f2725cac0c7b29afacbd928aa9a3c2f7
luos/workflow/engine/methods/cases/main_init.php
Victor Saisa Lopez 06963d81f2 HOR-433 "(WSSO Plugin) Cuando se ingresa al proceso, se..." SOLVED 
Issue:
    (WSSO Plugin) Cuando se ingresa al proceso, se puede verificar que no se puede recuperar la data del mismo
Cause:
    Se esta usando el mismo VirtualHost para clientes WEB y REST
Solution:
    Se realizo la implementacion de la nueva directiva "server_hostname_requests_frontend" del "env.ini"; esto para
    el caso en que se requiera del "feature SSO", tomar nota de lo siguiente:
        - Habilitar el modulo "mod_headers" de apache (httpd.conf)
        - Tener configurado un VirtualHost normal para ProcessMaker (pmos.conf)
        - Para el "feature SSO" se debera crear un 2do VirtualHost con toda la configuracion necesaria para
          el mismo (pmos.conf), por lo que todos los usuarios que requieran este feature, deberan usar este para
          acceder por browser
        - Crear un 3er VirtualHost para las solicitudes del front-end (DESIGNER), en donde se agregara lo
          siguiente (pmos.conf):
              <IfModule mod_headers.c>
                  Header set Access-Control-Allow-Origin  "*"
                  Header set Access-Control-Allow-Headers "Content-Type,Depth,User-Agent,X-File-Size,X-Requested-With,If-Modified-Since,X-File-Name,Cache-Control,Authorization"
                  Header set Access-Control-Allow-Methods "OPTIONS,GET,POST,PUT,DELETE"
              </IfModule>
          De tal forma que quedara asi:
              <IfModule mod_headers.c>
                  Header set Access-Control-Allow-Origin  "*"
                  Header set Access-Control-Allow-Headers "Content-Type,Depth,User-Agent,X-File-Size,X-Requested-With,If-Modified-Since,X-File-Name,Cache-Control,Authorization"
                  Header set Access-Control-Allow-Methods "OPTIONS,GET,POST,PUT,DELETE"
              </IfModule>
              <IfModule mod_rewrite.c>
                  RewriteEngine On
                  RewriteCond %{REQUEST_FILENAME} !-f
                  RewriteRule ^.*/(.*)$ app.php [QSA,L,NC]
              </IfModule>
        - Agregar lo siguiente al archivo "/path/to/processmaker/shared/sites/your-workspace/env.ini"
              server_hostname_requests_frontend = "{your_server_hostname_requests_frontend}"
          Donde:
              - your_server_hostname_requests_frontend, es el nombre del servidor configurado para el
                front-end (3er VirtualHost), ejemplo:
                    server_hostname_requests_frontend = "192.168.40.72:3017"
        - Tambien se puede hacer la configuracion en el archivo "/path/to/processmaker/workflow/engine/config/env.ini",
          considerar que esto afectara a todos lo workspaces creados
Note:
    Todo el desarrollo se lo hizo en un server Windows-Server-2012-R2 con Apache-2.4
2016-03-17 08:45:23 -04:00

170 lines
6.0 KiB
PHP
Executable File
Raw Blame History

<?php
/**
* main.php Cases List main processor
*
* ProcessMaker Open Source Edition
* Copyright (C) 2004 - 2008 Colosa Inc.23
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License as
* published by the Free Software Foundation, either version 3 of the
* License, or (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*
* For more information, contact Colosa Inc, 2566 Le Jeune Rd.,
* Coral Gables, FL, 33134, USA, or email info@colosa.com.
*/
G::LoadClass( "configuration" );
$conf = new Configurations();
$oHeadPublisher = &headPublisher::getSingleton();
$oHeadPublisher->addExtJsScript( "cases/main", false ); //Adding a javascript file .js
$oHeadPublisher->addContent( "cases/main" ); //Adding a html file .html.
$keyMem = "USER_PREFERENCES" . $_SESSION["USER_LOGGED"];
$memcache = &PMmemcached::getSingleton( SYS_SYS );
if (($arrayConfig = $memcache->get( $keyMem )) === false) {
$conf->loadConfig( $x, "USER_PREFERENCES", "", "", $_SESSION["USER_LOGGED"], "" );
$arrayConfig = $conf->aConfig;
$memcache->set( $keyMem, $arrayConfig, PMmemcached::ONE_HOUR );
}
$confDefaultOption = "";
if (isset( $arrayConfig["DEFAULT_CASES_MENU"] )) {
//this user has a configuration record
$confDefaultOption = $arrayConfig["DEFAULT_CASES_MENU"];
global $G_TMP_MENU;
$oMenu = new Menu();
$oMenu->load( "cases" );
$defaultOption = "";
foreach ($oMenu->Id as $i => $id) {
if ($id == $confDefaultOption) {
$defaultOption = $oMenu->Options[$i];
break;
}
}
$defaultOption = ($defaultOption != "") ? $defaultOption : "casesListExtJs";
} else {
$defaultOption = "casesListExtJs";
$confDefaultOption = "CASES_INBOX";
}
if (isset( $_GET["id"] ) && isset( $_GET["id"] )) {
$defaultOption = "../cases/open?APP_UID=" . $_GET["id"] . "&DEL_INDEX=" . $_GET["i"];
if (isset( $_GET["a"] )) {
$defaultOption .= "&action=" . $_GET["a"];
}
}
$oServerConf = & serverConf::getSingleton();
if ($oServerConf->isRtl( SYS_LANG )) {
$regionTreePanel = 'east';
$regionDebug = 'west';
} else {
$regionTreePanel = 'west';
$regionDebug = 'east';
}
$urlProxy = 'casesMenuLoader?action=getAllCounters&r=';
/*----------------------------------********---------------------------------*/
$urlProxy = System::getHttpServerHostnameRequestsFrontEnd() . '/api/1.0/' . SYS_SYS . '/system/counters-lists?r=';
$clientId = 'x-pm-local-client';
$client = getClientCredentials($clientId);
$authCode = getAuthorizationCode($client);
$debug = false; //System::isDebugMode();
$loader = Maveriks\Util\ClassLoader::getInstance();
$loader->add(PATH_TRUNK . 'vendor/bshaffer/oauth2-server-php/src/', "OAuth2");
$request = array(
'grant_type' => 'authorization_code',
'code' => $authCode
);
$server = array(
'REQUEST_METHOD' => 'POST'
);
$headers = array(
"PHP_AUTH_USER" => $client['CLIENT_ID'],
"PHP_AUTH_PW" => $client['CLIENT_SECRET'],
"Content-Type" => "multipart/form-data;",
"Authorization" => "Basic " . base64_encode($client['CLIENT_ID'] . ":" . $client['CLIENT_SECRET'])
);
$request = new \OAuth2\Request(array(), $request, array(), array(), array(), $server, null, $headers);
$oauthServer = new \ProcessMaker\Services\OAuth2\Server();
$response = $oauthServer->postToken($request, true);
$clientToken = $response->getParameters();
$clientToken["client_id"] = $client['CLIENT_ID'];
$clientToken["client_secret"] = $client['CLIENT_SECRET'];
/*----------------------------------********---------------------------------*/
$oHeadPublisher->assign( 'regionTreePanel', $regionTreePanel );
$oHeadPublisher->assign( 'regionDebug', $regionDebug );
$oHeadPublisher->assign( "defaultOption", $defaultOption ); //User menu permissions
$oHeadPublisher->assign( 'urlProxy', $urlProxy ); //sending the urlProxy to make
/*----------------------------------********---------------------------------*/
$oHeadPublisher->assign( 'credentials', $clientToken );
/*----------------------------------********---------------------------------*/
$oHeadPublisher->assign( "_nodeId", isset( $confDefaultOption ) ? $confDefaultOption : "PM_USERS" ); //User menu permissions
$oHeadPublisher->assign( "FORMATS", $conf->getFormats() );
$_SESSION["current_ux"] = "NORMAL";
G::RenderPage( "publish", "extJs" );
/*----------------------------------********---------------------------------*/
function getClientCredentials($clientId)
{
$oauthQuery = new ProcessMaker\Services\OAuth2\PmPdo(getDsn());
return $oauthQuery->getClientDetails($clientId);
}
function getDsn()
{
list($host, $port) = strpos(DB_HOST, ':') !== false ? explode(':', DB_HOST) : array(DB_HOST, '');
$port = empty($port) ? '' : ";port=$port";
$dsn = DB_ADAPTER.':host='.$host.';dbname='.DB_NAME.$port;
return array('dsn' => $dsn, 'username' => DB_USER, 'password' => DB_PASS);
}
function getAuthorizationCode($client)
{
\ProcessMaker\Services\OAuth2\Server::setDatabaseSource(getDsn());
\ProcessMaker\Services\OAuth2\Server::setPmClientId($client['CLIENT_ID']);
$oauthServer = new \ProcessMaker\Services\OAuth2\Server();
$userId = $_SESSION['USER_LOGGED'];
$authorize = true;
$_GET = array_merge($_GET, array(
'response_type' => 'code',
'client_id' => $client['CLIENT_ID'],
'scope' => implode(' ', $oauthServer->getScope())
));
$response = $oauthServer->postAuthorize($authorize, $userId, true);
$code = substr($response->getHttpHeader('Location'), strpos($response->getHttpHeader('Location'), 'code=')+5, 40);
return $code;
}
/*----------------------------------********---------------------------------*/
Reference in New Issue View Git Blame Copy Permalink