fernando/luos
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
d302ffb5e0e506e6d233ae6aed1be5ae46da4afd
luos/workflow/engine/methods/users/users_Ajax.php
Paula Quispe 385e6d952b PMCORE-1222
2021-04-22 12:25:09 -04:00

440 lines
20 KiB
PHP
Raw Blame History

<?php
use ProcessMaker\BusinessModel\Cases\Draft;
use ProcessMaker\BusinessModel\Cases\Inbox;
use ProcessMaker\BusinessModel\Cases\Participated;
use ProcessMaker\BusinessModel\Cases\Paused;
use ProcessMaker\BusinessModel\Cases\Unassigned;
use ProcessMaker\Model\Process;
use ProcessMaker\Model\User;
try {
global $RBAC;
switch ($RBAC->userCanAccess('PM_LOGIN')) {
case - 2:
G::SendTemporalMessage('ID_USER_HAVENT_RIGHTS_SYSTEM', 'error', 'labels');
G::header('location: ../login/login');
die();
break;
case - 1:
G::SendTemporalMessage('ID_USER_HAVENT_RIGHTS_PAGE', 'error', 'labels');
G::header('location: ../login/login');
die();
break;
}
if (isset($_POST['form'])) {
$_POST = $_POST['form'];
}
if (isset($_REQUEST['function'])) {
$value = get_ajax_value('function');
} else {
$value = get_ajax_value('functions');
}
$RBAC->allows(basename(__FILE__), $value);
switch ($value) {
case 'availableUsers':
//Classic process: list of users to assign in the task
$oProcessMap = new ProcessMap();
global $G_PUBLISH;
$G_PUBLISH = new Publisher();
$G_PUBLISH->AddContent('propeltable', 'paged-table', 'users/users_AvailableUsers', $oProcessMap->getAvailableUsersCriteria($_GET['sTask'], $_GET['iType']));
G::RenderPage('publish', 'raw');
break;
case 'assign':
//Classic process: assign users and groups in the task
$oTasks = new Tasks();
switch ((int) $_POST['TU_RELATION']) {
case 1:
$resh = htmlentities($oTasks->assignUser($_POST['TAS_UID'], $_POST['USR_UID'], $_POST['TU_TYPE']), ENT_QUOTES | ENT_HTML5, 'UTF-8');
G::outRes($resh);
G::auditlog("AssignUserTask","Assign a User to a Task -> ".$_POST['TAS_UID'].' User UID -> '.$_POST['USR_UID']);
break;
case 2:
$resh = htmlentities($oTasks->assignGroup($_POST['TAS_UID'], $_POST['USR_UID'], $_POST['TU_TYPE']), ENT_QUOTES | ENT_HTML5, 'UTF-8');
G::outRes($resh);
G::auditlog("AssignGroupTask","Assign a Group to a Task -> ".$_POST['TAS_UID'].' User UID -> '.$_POST['USR_UID']);
break;
}
break;
case 'ofToAssign':
//Classic process: remove users and groups related a task
$oTasks = new Tasks();
switch ((int) $_POST['TU_RELATION']) {
case 1:
echo $oTasks->ofToAssignUser($_POST['TAS_UID'], $_POST['USR_UID'], $_POST['TU_TYPE']);
G::auditlog("DeleteUserTask"," Delete a User from a Task -> ".$_POST['TAS_UID'].' User UID -> '.$_POST['USR_UID']);
break;
case 2:
echo $oTasks->ofToAssignGroup($_POST['TAS_UID'], $_POST['USR_UID'], $_POST['TU_TYPE']);
G::auditlog("DeleteGroupTask","Delete a Group from a Task -> ".$_POST['TAS_UID'].' User UID -> '.$_POST['USR_UID']);
break;
}
break;
case 'changeView':
//Classic process: set variable for users and groups Ad hoc
$_SESSION['iType'] = $_POST['TU_TYPE'];
break;
case 'usersGroup':
//Classic process: list of users in a group related a task
$oGroup = new Groups();
$aGroup = $oGroup->getUsersOfGroup($_POST['GRP_UID']);
foreach ($aGroup as $iIndex => $aValues) {
echo $aValues['USR_FIRSTNAME'] . ' ' . $aValues['USR_LASTNAME'] . '<br>';
}
break;
case 'canDeleteUser':
//Check before delete a user
$oProcessMap = new Cases();
$userUid = $_POST['uUID'];
$total = 0;
$history = 0;
$c = $oProcessMap->getCriteriaUsersCases('TO_DO', $userUid);
$total += ApplicationPeer::doCount($c);
$c = $oProcessMap->getCriteriaUsersCases('DRAFT', $userUid);
$total += ApplicationPeer::doCount($c);
$c = $oProcessMap->getCriteriaUsersCases('COMPLETED', $userUid);
$history += ApplicationPeer::doCount($c);
$c = $oProcessMap->getCriteriaUsersCases('CANCELLED', $userUid);
$history += ApplicationPeer::doCount($c);
//Check if the user is configured in Web Entry
if ($total === 0) {
$webEntry = new \ProcessMaker\BusinessModel\WebEntryEvent();
$total = $webEntry->getWebEntryRelatedToUser($userUid);
}
//check user guest
if (RBAC::isGuestUserUid($userUid)) {
$total++;
}
$response = '{success: true, candelete: ';
$response .= ($total > 0) ? 'false' : 'true';
$response .= ', hashistory: ';
$response .= ($history > 0) ? 'true' : 'false';
$response .= '}';
echo $response;
break;
case 'privateProcesses':
$usrUid = $_POST['USR_UID'];
//Check if the user has private processes
$r = Process::getProcessPrivateListByUser($usrUid);
$response = json_encode(['success'=>true, 'publicProcesses'=>$r]);
echo $response;
break;
case 'deleteUser':
$usrUid = $_POST['USR_UID'];
Process::convertPrivateProcessesToPublicAndUpdateUser(json_decode($_POST['private_processes']), $usrUid);
//Check if the user was defined in a process permissions
$oObjectPermission = new ObjectPermission();
$aProcess = $oObjectPermission->objectPermissionPerUser($usrUid, 1);
if (count($aProcess) > 0) {
echo G::json_encode(array(
"status" => 'ERROR',
"message" => G::LoadTranslation('ID_USER_CANT_BE_DELETED_FOR_THE_PROCESS', array('processTitle' => isset($aProcess["PRO_TITLE"]) ? $aProcess["PRO_TITLE"] : $aProcess['PRO_UID']))
));
break;
}
//Remove from tasks
$oTasks = new Tasks();
$oTasks->ofToAssignUserOfAllTasks($usrUid);
//Remove from groups
$oGroups = new Groups();
$oGroups->removeUserOfAllGroups($usrUid);
//Update the table Users
$RBAC->changeUserStatus($usrUid, 'CLOSED');
$RBAC->updateUser(array('USR_UID' => $usrUid,'USR_USERNAME' => ''), '');
$oUser = new Users();
$aFields = $oUser->load($usrUid);
$aFields['USR_STATUS'] = 'CLOSED';
$userName = $aFields['USR_USERNAME'];
$aFields['USR_USERNAME'] = '';
$oUser->update($aFields);
//Delete Dashboard
$criteria = new Criteria( 'workflow' );
$criteria->add( DashletInstancePeer::DAS_INS_OWNER_UID, $usrUid );
$criteria->add( DashletInstancePeer::DAS_INS_OWNER_TYPE , 'USER');
DashletInstancePeer::doDelete( $criteria );
//Delete users as supervisor
$criteria = new Criteria("workflow");
$criteria->add(ProcessUserPeer::USR_UID, $usrUid, Criteria::EQUAL);
$criteria->add(ProcessUserPeer::PU_TYPE, "SUPERVISOR", Criteria::EQUAL);
ProcessUserPeer::doDelete($criteria);
//Destroy session after delete user
$RBAC->destroySessionUser($usrUid);
(new OauthClients())->removeByUser($usrUid);
G::auditLog("DeleteUser", "User Name: ". $userName." User ID: (".$usrUid.") ");
break;
case 'changeUserStatus':
//When the user change the status: ACTIVE, INACTIVE, VACATION
$response = new stdclass();
if (isset($_REQUEST['USR_UID']) && isset($_REQUEST['NEW_USR_STATUS'])) {
$RBAC->changeUserStatus($_REQUEST['USR_UID'], ($_REQUEST['NEW_USR_STATUS'] == 'ACTIVE' ? 1 : 0));
$userInstance = new Users();
$userData = $userInstance->load($_REQUEST['USR_UID']);
$userData['USR_STATUS'] = $_REQUEST['NEW_USR_STATUS'];
$userInstance->update($userData);
//Destroy session after inactive user
$_REQUEST['NEW_USR_STATUS'] == 'INACTIVE' ? $RBAC->destroySessionUser($_REQUEST['USR_UID']) : null;
$msg = $_REQUEST['NEW_USR_STATUS'] == 'ACTIVE'? "EnableUser" : "DisableUser";
G::auditLog($msg, "User Name: ".$userData['USR_USERNAME']." User ID: (".$userData['USR_UID'].") ");
$response->status = 'OK';
} else {
$response->status = 'ERROR';
$response->message = 'USR_UID and NEW_USR_STATUS parameters are required.';
}
die(G::json_encode($response));
break;
case 'availableGroups':
//Get the available groups for assign to user
$filter = (isset($_POST['textFilter'])) ? $_POST['textFilter'] : '';
$groups = new Groups();
$criteria = $groups->getAvailableGroupsCriteria($_REQUEST['uUID'], $filter);
$objects = GroupwfPeer::doSelectRS($criteria);
$objects->setFetchmode(ResultSet::FETCHMODE_ASSOC);
$arr = Array();
while ($objects->next()) {
$arr[] = $objects->getRow();
}
echo '{groups: ' . G::json_encode($arr) . '}';
break;
case 'assignedGroups':
//Get the groups related to user
$filter = (isset($_POST['textFilter'])) ? $_POST['textFilter'] : '';
$groups = new Groups();
$criteria = $groups->getAssignedGroupsCriteria($_REQUEST['uUID'], $filter);
$objects = GroupwfPeer::doSelectRS($criteria);
$objects->setFetchmode(ResultSet::FETCHMODE_ASSOC);
$arr = Array();
while ($objects->next()) {
$arr[] = $objects->getRow();
}
echo '{groups: ' . G::json_encode($arr) . '}';
break;
case 'assignGroupsToUserMultiple':
//Assign user in a group
$USR_UID = $_POST['USR_UID'];
$gUIDs = explode(',', $_POST['GRP_UID']);
$oGroup = new Groups();
foreach ($gUIDs as $GRP_UID) {
$oGroup->addUserToGroup($GRP_UID, $USR_UID);
}
break;
case 'deleteGroupsToUserMultiple':
//Remove a user from a group
$USR_UID = $_POST['USR_UID'];
$gUIDs = explode(',', $_POST['GRP_UID']);
$oGroup = new Groups();
foreach ($gUIDs as $GRP_UID) {
$oGroup->removeUserOfGroup($GRP_UID, $USR_UID);
}
break;
case 'authSources':
//Get the authentication information
$criteria = $RBAC->getAllAuthSources();
$objects = AuthenticationSourcePeer::doSelectRS($criteria);
$objects->setFetchmode(ResultSet::FETCHMODE_ASSOC);
$arr = Array();
if (isset($_REQUEST['cmb'])) {
if ($_REQUEST['cmb'] == 'yes') {
$started = Array();
$started['AUTH_SOURCE_UID'] = '';
$started['AUTH_SOURCE_SHOW'] = G::LoadTranslation('ID_ALL');
$arr[] = $started;
}
}
$started = Array();
$started['AUTH_SOURCE_UID'] = '00000000000000000000000000000000';
$started['AUTH_SOURCE_SHOW'] = 'ProcessMaker (MYSQL)';
$arr[] = $started;
while ($objects->next()) {
$row = $objects->getRow();
$aux = Array();
$aux['AUTH_SOURCE_UID'] = $row['AUTH_SOURCE_UID'];
$aux['AUTH_SOURCE_SHOW'] = $row['AUTH_SOURCE_NAME'] . ' (' . $row['AUTH_SOURCE_PROVIDER'] . ')';
$arr[] = $aux;
}
echo '{sources: ' . G::json_encode($arr) . '}';
break;
case 'loadAuthSourceByUID':
//Get the authentication source assignment
$oCriteria = $RBAC->load($_POST['uUID']);
$UID_AUTH = $oCriteria['UID_AUTH_SOURCE'];
if (($UID_AUTH != '00000000000000000000000000000000') && ($UID_AUTH != '')) {
$aux = $RBAC->getAuthSource($UID_AUTH);
$arr = Array();
$arr['AUTH_SOURCE_NAME'] = $aux['AUTH_SOURCE_NAME'] . ' (' . $aux['AUTH_SOURCE_PROVIDER'] . ')';
$arr['AUTH_SOURCE_PROVIDER'] = $aux['AUTH_SOURCE_PROVIDER'];
$aFields = $arr;
} else {
$arr = Array();
$arr['AUTH_SOURCE_NAME'] = 'ProcessMaker (MYSQL)';
$arr['AUTH_SOURCE_PROVIDER'] = 'MYSQL';
$aFields = $arr;
}
$res = Array();
$res['data'] = $oCriteria;
$res['auth'] = $aFields;
echo G::json_encode($res);
break;
case 'updateAuthServices':
//Update the information related to user's autentication
$aData = $RBAC->load($_POST['usr_uid']);
unset($aData['USR_ROLE']);
$auth_uid = $_POST['auth_source'];
$auth_uid2 = $_POST['auth_source_uid'];
if ($auth_uid == $auth_uid2) {
$auth_uid = $aData['UID_AUTH_SOURCE'];
}
if (($auth_uid == '00000000000000000000000000000000') || ($auth_uid == '')) {
$aData['USR_AUTH_TYPE'] = 'MYSQL';
$aData['UID_AUTH_SOURCE'] = '';
} else {
$aFields = $RBAC->getAuthSource($auth_uid);
$aData['USR_AUTH_TYPE'] = $aFields['AUTH_SOURCE_PROVIDER'];
$aData['UID_AUTH_SOURCE'] = $auth_uid;
}
if (isset($_POST['auth_dn'])) {
$auth_dn = $_POST['auth_dn'];
$aData['USR_AUTH_USER_DN'] = $auth_dn;
}
$RBAC->updateUser($aData);
G::auditLog(
"AssignAuthenticationSource",
"User Name: ".$aData['USR_USERNAME'].' User ID: ('.$aData['USR_UID'].') assign to '.$aData['USR_AUTH_TYPE']
);
echo '{success: true}';
break;
case 'usersList':
//Get the list of users
//Read the configurations related to enviroments
$co = new Configurations();
$config = $co->getConfiguration('usersList', 'pageSize', '', $_SESSION['USER_LOGGED']);
$limit_size = isset($config['pageSize']) ? $config['pageSize'] : 20;
$limit = isset($_REQUEST['limit']) ? $_REQUEST['limit'] : $limit_size;
$start = isset($_REQUEST['start']) ? $_REQUEST['start'] : 0;
$filter = isset($_REQUEST['textFilter']) ? $_REQUEST['textFilter'] : '';
$authSource = isset($_REQUEST['auths']) ? $_REQUEST['auths'] : '';
$sort = isset($_REQUEST['sort']) ? $_REQUEST['sort'] : '';
$dir = isset($_REQUEST['dir']) ? $_REQUEST['dir'] : 'ASC';
//Get all list of users with the additional information related to department, role, authentication, cases
$oUser = new \ProcessMaker\BusinessModel\User();
$oDatasetUsers = $oUser->getAllUsersWithAuthSource($authSource, $filter, $sort, $start, $limit, $dir);
$rows = $oUser->getAdditionalInfoFromUsers($oDatasetUsers["data"]);
echo '{users: ' . G::json_encode($rows['data']) . ', total_users: ' . $oDatasetUsers["totalRows"] . '}';
break;
case 'updatePageSize':
$c = new Configurations();
$arr['pageSize'] = $_REQUEST['size'];
$arr['dateSave'] = date('Y-m-d H:i:s');
$config = Array();
$config[] = $arr;
$c->aConfig = $config;
$c->saveConfig('usersList', 'pageSize', '', $_SESSION['USER_LOGGED']);
echo '{success: true}';
break;
case 'summaryUserData':
// Get all information for the summary
$result = [];
$usrUid = $_REQUEST['USR_UID'];
$usrId = User::getId($usrUid);
$data = User::getAllInformation($usrId);
$data = head($data);
$result['userdata'] = $data;
// Add additional user information
$isoCountry = IsoCountry::findById($data['USR_COUNTRY']);
$isoSubdivision = IsoSubdivision::findById($data['USR_COUNTRY'], $data['USR_CITY']);
$isoLocation = IsoLocation::findById($data['USR_COUNTRY'], $data['USR_CITY'], $data['USR_LOCATION']);
$result['userdata']['USR_COUNTRY_NAME'] = !empty($isoCountry["IC_NAME"]) ? $isoCountry["IC_NAME"] : '';
$result['userdata']['USR_CITY_NAME'] = !empty($isoSubdivision["IC_NAME"]) ? $isoSubdivision["IC_NAME"] : '';
$result['userdata']['USR_LOCATION_NAME'] = !empty($isoLocation["IC_NAME"]) ? $isoLocation["IC_NAME"] : '';
// Get the role name
$roles = new Roles();
$role = $roles->loadByCode($data['USR_ROLE']);
$result['userdata']['USR_ROLE_NAME'] = $role['ROL_NAME'];
// Get the language name
$translations = new Language();
$translation = $translations->loadByCode($data['USR_DEFAULT_LANG']);
$result['userdata']['USR_DEFAULT_LANG_NAME'] = $translation['LANGUAGE_NAME'];
// Get the full name
$conf = new Configurations();
$confSetting = $conf->getFormats();
$result['userdata']['USR_FULLNAME'] = G::getFormatUserList($confSetting['format'], $data);
// Get the cases counters
$types = [];
// For inbox
$inbox = new Inbox();
$inbox->setUserUid($usrUid);
$inbox->setUserId($usrId);
$types['to_do'] = $inbox->getCounter();
// For draft
$draft = new Draft();
$draft->setUserUid($usrUid);
$draft->setUserId($usrId);
$types['draft'] = $draft->getCounter();
// For Paused
$paused = new Paused();
$paused->setUserUid($usrUid);
$paused->setUserId($usrId);
$types['paused'] = $paused->getCounter();
// For Unassigned
$unassigned = new Unassigned();
$unassigned->setUserUid($usrUid);
$unassigned->setUserId($usrId);
$types['selfservice'] = $unassigned->getCounter();
// For started by me
$participated = new Participated();
$participated->setParticipatedStatus('STARTED');
$participated->setUserUid($usrUid);
$participated->setUserId($usrId);
$types['sent'] = $participated->getCounter();
$types['cancelled'] = 0;
$result['cases'] = $types;
// Get department name
$result['misc'] = [];
$dept = new Department();
$department = '';
if ($dept->existsDepartment($data['DEP_UID'])) {
$dept->Load($data['DEP_UID']);
$department = $dept->getDepTitle();
}
$result['misc']['DEP_TITLE'] = $department;
// Get the user full name who will replace the current user
$replacedBy = '';
if (!empty($data['USR_REPLACED_BY'])) {
$usrId = User::getId($data['USR_REPLACED_BY']);
$dataUser = User::getAllInformation($usrId);
$replacedBy = G::getFormatUserList($confSetting['format'], head($dataUser));
}
$result['misc']['REPLACED_NAME'] = $replacedBy;
echo G::json_encode($result);
break;
case "verifyIfUserAssignedAsSupervisor":
//Before delete we check if is supervisor
$supervisor = new \ProcessMaker\BusinessModel\ProcessSupervisor();
$isSupervisor = $supervisor->isUserSupervisor($_POST["supervisorUserUid"]);
$supervisorUserUid = $_POST["supervisorUserUid"];
$message = 'OK';
if ($isSupervisor) {
$message = 'ERROR';
}
$response = array();
$response["result"] = $message;
echo G::json_encode($response);
break;
}
} catch (Exception $oException) {
$token = strtotime("now");
PMException::registerErrorLog($oException, $token);
G::outRes( G::LoadTranslation("ID_EXCEPTION_LOG_INTERFAZ", array($token)) );
die;
}
Reference in New Issue View Git Blame Copy Permalink