Spaces:

kenken999
/

processmaker-community

Sleeping

App Files Files Community

processmaker-community / processmaker-files /workflow /engine /methods /users /users_Ajax.php

kenken999

Upload folder using huggingface_hub

07c3cdd verified 26 days ago

Raw

History Blame Contribute Delete

17.8 kB

	<?php

	try {
	global $RBAC;
	switch ($RBAC->userCanAccess('PM_LOGIN')) {
	case - 2:
	G::SendTemporalMessage('ID_USER_HAVENT_RIGHTS_SYSTEM', 'error', 'labels');
	G::header('location: ../login/login');
	die();
	break;
	case - 1:
	G::SendTemporalMessage('ID_USER_HAVENT_RIGHTS_PAGE', 'error', 'labels');
	G::header('location: ../login/login');
	die();
	break;
	}
	if (isset($_POST['form'])) {
	$_POST = $_POST['form'];
	}
	if (isset($_REQUEST['function'])) {
	$value = get_ajax_value('function');
	} else {
	$value = get_ajax_value('functions');
	}

	$RBAC->allows(basename(__FILE__), $value);
	switch ($value) {
	case 'availableUsers':
	//Classic process: list of users to assign in the task
	$oProcessMap = new ProcessMap();
	global $G_PUBLISH;
	$G_PUBLISH = new Publisher();
	$G_PUBLISH->AddContent('propeltable', 'paged-table', 'users/users_AvailableUsers', $oProcessMap->getAvailableUsersCriteria($_GET['sTask'], $_GET['iType']));
	G::RenderPage('publish', 'raw');
	break;
	case 'assign':
	//Classic process: assign users and groups in the task
	$oTasks = new Tasks();
	switch ((int) $_POST['TU_RELATION']) {
	case 1:
	$resh = htmlentities($oTasks->assignUser($_POST['TAS_UID'], $_POST['USR_UID'], $_POST['TU_TYPE']), ENT_QUOTES \| ENT_HTML5, 'UTF-8');
	G::outRes($resh);
	G::auditlog("AssignUserTask","Assign a User to a Task -> ".$_POST['TAS_UID'].' User UID -> '.$_POST['USR_UID']);
	break;
	case 2:
	$resh = htmlentities($oTasks->assignGroup($_POST['TAS_UID'], $_POST['USR_UID'], $_POST['TU_TYPE']), ENT_QUOTES \| ENT_HTML5, 'UTF-8');
	G::outRes($resh);
	G::auditlog("AssignGroupTask","Assign a Group to a Task -> ".$_POST['TAS_UID'].' User UID -> '.$_POST['USR_UID']);
	break;
	}
	break;
	case 'ofToAssign':
	//Classic process: remove users and groups related a task
	$oTasks = new Tasks();
	switch ((int) $_POST['TU_RELATION']) {
	case 1:
	echo $oTasks->ofToAssignUser($_POST['TAS_UID'], $_POST['USR_UID'], $_POST['TU_TYPE']);
	G::auditlog("DeleteUserTask"," Delete a User from a Task -> ".$_POST['TAS_UID'].' User UID -> '.$_POST['USR_UID']);
	break;
	case 2:
	echo $oTasks->ofToAssignGroup($_POST['TAS_UID'], $_POST['USR_UID'], $_POST['TU_TYPE']);
	G::auditlog("DeleteGroupTask","Delete a Group from a Task -> ".$_POST['TAS_UID'].' User UID -> '.$_POST['USR_UID']);
	break;
	}
	break;
	case 'changeView':
	//Classic process: set variable for users and groups Ad hoc
	$_SESSION['iType'] = $_POST['TU_TYPE'];
	break;
	case 'usersGroup':
	//Classic process: list of users in a group related a task
	$oGroup = new Groups();
	$aGroup = $oGroup->getUsersOfGroup($_POST['GRP_UID']);
	foreach ($aGroup as $iIndex => $aValues) {
	echo $aValues['USR_FIRSTNAME'] . ' ' . $aValues['USR_LASTNAME'] . '<br>';
	}
	break;
	case 'canDeleteUser':
	//Check before delete a user
	$oProcessMap = new Cases();
	$userUid = $_POST['uUID'];
	$total = 0;
	$history = 0;
	$c = $oProcessMap->getCriteriaUsersCases('TO_DO', $userUid);
	$total += ApplicationPeer::doCount($c);
	$c = $oProcessMap->getCriteriaUsersCases('DRAFT', $userUid);
	$total += ApplicationPeer::doCount($c);
	$c = $oProcessMap->getCriteriaUsersCases('COMPLETED', $userUid);
	$history += ApplicationPeer::doCount($c);
	$c = $oProcessMap->getCriteriaUsersCases('CANCELLED', $userUid);
	$history += ApplicationPeer::doCount($c);
	//Check if the user is configured in Web Entry
	if ($total === 0) {
	$webEntry = new \ProcessMaker\BusinessModel\WebEntryEvent();
	$total = $webEntry->getWebEntryRelatedToUser($userUid);
	}

	//check user guest
	if (RBAC::isGuestUserUid($userUid)) {
	$total++;
	}

	$response = '{success: true, candelete: ';
	$response .= ($total > 0) ? 'false' : 'true';
	$response .= ', hashistory: ';
	$response .= ($history > 0) ? 'true' : 'false';
	$response .= '}';
	echo $response;
	break;
	case 'deleteUser':
	$usrUid = $_POST['USR_UID'];
	//Check if the user was defined in a process permissions
	$oObjectPermission = new ObjectPermission();
	$aProcess = $oObjectPermission->objectPermissionPerUser($usrUid, 1);
	if (count($aProcess) > 0) {
	echo G::json_encode(array(
	"status" => 'ERROR',
	"message" => G::LoadTranslation('ID_USER_CANT_BE_DELETED_FOR_THE_PROCESS', array('processTitle' => isset($aProcess["PRO_TITLE"]) ? $aProcess["PRO_TITLE"] : $aProcess['PRO_UID']))
	));
	break;
	}

	//Remove from tasks
	$oTasks = new Tasks();
	$oTasks->ofToAssignUserOfAllTasks($usrUid);

	//Remove from groups
	$oGroups = new Groups();
	$oGroups->removeUserOfAllGroups($usrUid);

	//Update the table Users
	$RBAC->changeUserStatus($usrUid, 'CLOSED');
	$RBAC->updateUser(array('USR_UID' => $usrUid,'USR_USERNAME' => ''), '');
	$oUser = new Users();
	$aFields = $oUser->load($usrUid);
	$aFields['USR_STATUS'] = 'CLOSED';
	$userName = $aFields['USR_USERNAME'];
	$aFields['USR_USERNAME'] = '';
	$oUser->update($aFields);

	//Delete Dashboard
	$criteria = new Criteria( 'workflow' );
	$criteria->add( DashletInstancePeer::DAS_INS_OWNER_UID, $usrUid );
	$criteria->add( DashletInstancePeer::DAS_INS_OWNER_TYPE , 'USER');
	DashletInstancePeer::doDelete( $criteria );

	//Delete users as supervisor
	$criteria = new Criteria("workflow");
	$criteria->add(ProcessUserPeer::USR_UID, $usrUid, Criteria::EQUAL);
	$criteria->add(ProcessUserPeer::PU_TYPE, "SUPERVISOR", Criteria::EQUAL);
	ProcessUserPeer::doDelete($criteria);
	G::auditLog("DeleteUser", "User Name: ". $userName." User ID: (".$usrUid.") ");
	break;
	case 'changeUserStatus':
	//When the user change the status: ACTIVE, INACTIVE, VACATION
	$response = new stdclass();
	if (isset($_REQUEST['USR_UID']) && isset($_REQUEST['NEW_USR_STATUS'])) {
	$RBAC->changeUserStatus($_REQUEST['USR_UID'], ($_REQUEST['NEW_USR_STATUS'] == 'ACTIVE' ? 1 : 0));
	$userInstance = new Users();
	$userData = $userInstance->load($_REQUEST['USR_UID']);
	$userData['USR_STATUS'] = $_REQUEST['NEW_USR_STATUS'];
	$userInstance->update($userData);

	$msg = $_REQUEST['NEW_USR_STATUS'] == 'ACTIVE'? "EnableUser" : "DisableUser";
	G::auditLog($msg, "User Name: ".$userData['USR_USERNAME']." User ID: (".$userData['USR_UID'].") ");
	$response->status = 'OK';
	} else {
	$response->status = 'ERROR';
	$response->message = 'USR_UID and NEW_USR_STATUS parameters are required.';
	}
	die(G::json_encode($response));
	break;
	case 'availableGroups':
	//Get the available groups for assign to user
	$filter = (isset($_POST['textFilter'])) ? $_POST['textFilter'] : '';
	$groups = new Groups();
	$criteria = $groups->getAvailableGroupsCriteria($_REQUEST['uUID'], $filter);
	$objects = GroupwfPeer::doSelectRS($criteria);
	$objects->setFetchmode(ResultSet::FETCHMODE_ASSOC);
	$arr = Array();
	while ($objects->next()) {
	$arr[] = $objects->getRow();
	}
	echo '{groups: ' . G::json_encode($arr) . '}';
	break;
	case 'assignedGroups':
	//Get the groups related to user
	$filter = (isset($_POST['textFilter'])) ? $_POST['textFilter'] : '';
	$groups = new Groups();
	$criteria = $groups->getAssignedGroupsCriteria($_REQUEST['uUID'], $filter);
	$objects = GroupwfPeer::doSelectRS($criteria);
	$objects->setFetchmode(ResultSet::FETCHMODE_ASSOC);
	$arr = Array();
	while ($objects->next()) {
	$arr[] = $objects->getRow();
	}
	echo '{groups: ' . G::json_encode($arr) . '}';
	break;
	case 'assignGroupsToUserMultiple':
	//Assign user in a group
	$USR_UID = $_POST['USR_UID'];
	$gUIDs = explode(',', $_POST['GRP_UID']);
	$oGroup = new Groups();
	foreach ($gUIDs as $GRP_UID) {
	$oGroup->addUserToGroup($GRP_UID, $USR_UID);
	}
	break;
	case 'deleteGroupsToUserMultiple':
	//Remove a user from a group
	$USR_UID = $_POST['USR_UID'];
	$gUIDs = explode(',', $_POST['GRP_UID']);
	$oGroup = new Groups();
	foreach ($gUIDs as $GRP_UID) {
	$oGroup->removeUserOfGroup($GRP_UID, $USR_UID);
	}
	break;
	case 'authSources':
	//Get the authentication information
	$criteria = $RBAC->getAllAuthSources();
	$objects = AuthenticationSourcePeer::doSelectRS($criteria);
	$objects->setFetchmode(ResultSet::FETCHMODE_ASSOC);
	$arr = Array();
	if (isset($_REQUEST['cmb'])) {
	if ($_REQUEST['cmb'] == 'yes') {
	$started = Array();
	$started['AUTH_SOURCE_UID'] = '';
	$started['AUTH_SOURCE_SHOW'] = G::LoadTranslation('ID_ALL');
	$arr[] = $started;
	}
	}
	$started = Array();
	$started['AUTH_SOURCE_UID'] = '00000000000000000000000000000000';
	$started['AUTH_SOURCE_SHOW'] = 'ProcessMaker (MYSQL)';
	$arr[] = $started;
	while ($objects->next()) {
	$row = $objects->getRow();
	$aux = Array();
	$aux['AUTH_SOURCE_UID'] = $row['AUTH_SOURCE_UID'];
	$aux['AUTH_SOURCE_SHOW'] = $row['AUTH_SOURCE_NAME'] . ' (' . $row['AUTH_SOURCE_PROVIDER'] . ')';
	$arr[] = $aux;
	}
	echo '{sources: ' . G::json_encode($arr) . '}';
	break;
	case 'loadAuthSourceByUID':
	//Get the authentication source assignment
	$oCriteria = $RBAC->load($_POST['uUID']);
	$UID_AUTH = $oCriteria['UID_AUTH_SOURCE'];
	if (($UID_AUTH != '00000000000000000000000000000000') && ($UID_AUTH != '')) {
	$aux = $RBAC->getAuthSource($UID_AUTH);
	$arr = Array();
	$arr['AUTH_SOURCE_NAME'] = $aux['AUTH_SOURCE_NAME'] . ' (' . $aux['AUTH_SOURCE_PROVIDER'] . ')';
	$arr['AUTH_SOURCE_PROVIDER'] = $aux['AUTH_SOURCE_PROVIDER'];
	$aFields = $arr;
	} else {
	$arr = Array();
	$arr['AUTH_SOURCE_NAME'] = 'ProcessMaker (MYSQL)';
	$arr['AUTH_SOURCE_PROVIDER'] = 'MYSQL';
	$aFields = $arr;
	}
	$res = Array();
	$res['data'] = $oCriteria;
	$res['auth'] = $aFields;
	echo G::json_encode($res);
	break;
	case 'updateAuthServices':
	//Update the information related to user's autentication
	$aData = $RBAC->load($_POST['usr_uid']);
	unset($aData['USR_ROLE']);
	$auth_uid = $_POST['auth_source'];
	$auth_uid2 = $_POST['auth_source_uid'];
	if ($auth_uid == $auth_uid2) {
	$auth_uid = $aData['UID_AUTH_SOURCE'];
	}
	if (($auth_uid == '00000000000000000000000000000000') \|\| ($auth_uid == '')) {
	$aData['USR_AUTH_TYPE'] = 'MYSQL';
	$aData['UID_AUTH_SOURCE'] = '';
	} else {
	$aFields = $RBAC->getAuthSource($auth_uid);
	$aData['USR_AUTH_TYPE'] = $aFields['AUTH_SOURCE_PROVIDER'];
	$aData['UID_AUTH_SOURCE'] = $auth_uid;
	}
	if (isset($_POST['auth_dn'])) {
	$auth_dn = $_POST['auth_dn'];
	$aData['USR_AUTH_USER_DN'] = $auth_dn;
	}
	$RBAC->updateUser($aData);
	G::auditLog(
	"AssignAuthenticationSource",
	"User Name: ".$aData['USR_USERNAME'].' User ID: ('.$aData['USR_UID'].') assign to '.$aData['USR_AUTH_TYPE']
	);
	echo '{success: true}';
	break;
	case 'usersList':
	//Get the list of users
	//Read the configurations related to enviroments
	$co = new Configurations();
	$config = $co->getConfiguration('usersList', 'pageSize', '', $_SESSION['USER_LOGGED']);
	$limit_size = isset($config['pageSize']) ? $config['pageSize'] : 20;
	$limit = isset($_REQUEST['limit']) ? $_REQUEST['limit'] : $limit_size;
	$start = isset($_REQUEST['start']) ? $_REQUEST['start'] : 0;
	$filter = isset($_REQUEST['textFilter']) ? $_REQUEST['textFilter'] : '';
	$authSource = isset($_REQUEST['auths']) ? $_REQUEST['auths'] : '';
	$sort = isset($_REQUEST['sort']) ? $_REQUEST['sort'] : '';
	$dir = isset($_REQUEST['dir']) ? $_REQUEST['dir'] : 'ASC';

	//Get all list of users with the additional information related to department, role, authentication, cases
	$oUser = new \ProcessMaker\BusinessModel\User();
	$oDatasetUsers = $oUser->getAllUsersWithAuthSource($authSource, $filter, $sort, $start, $limit, $dir);
	$rows = $oUser->getAdditionalInfoFromUsers($oDatasetUsers["data"]);
	echo '{users: ' . G::json_encode($rows['data']) . ', total_users: ' . $oDatasetUsers["totalRows"] . '}';
	break;
	case 'updatePageSize':
	$c = new Configurations();
	$arr['pageSize'] = $_REQUEST['size'];
	$arr['dateSave'] = date('Y-m-d H:i:s');
	$config = Array();
	$config[] = $arr;
	$c->aConfig = $config;
	$c->saveConfig('usersList', 'pageSize', '', $_SESSION['USER_LOGGED']);
	echo '{success: true}';
	break;
	case 'summaryUserData':
	//Get all information for the summary
	$oUser = new Users();
	$data = $oUser->loadDetailed($_REQUEST['USR_UID']);
	$data['USR_STATUS'] = G::LoadTranslation('ID_' . $data['USR_STATUS']);
	$oAppCache = new AppCacheView();
	$aTypes = Array();
	$aTypes['to_do'] = 'CASES_INBOX';
	$aTypes['draft'] = 'CASES_DRAFT';
	$aTypes['cancelled'] = 'CASES_CANCELLED';
	$aTypes['sent'] = 'CASES_SENT';
	$aTypes['paused'] = 'CASES_PAUSED';
	$aTypes['completed'] = 'CASES_COMPLETED';
	$aTypes['selfservice'] = 'CASES_SELFSERVICE';
	$aCount = $oAppCache->getAllCounters(array_keys($aTypes), $_REQUEST['USR_UID']);
	$dep = new Department();
	if ($dep->existsDepartment($data['DEP_UID'])) {
	$dep->Load($data['DEP_UID']);
	$dep_name = $dep->getDepTitle();
	} else {
	$dep_name = '';
	}
	if ($data['USR_REPLACED_BY'] != '') {
	$user = new Users();
	$u = $user->load($data['USR_REPLACED_BY']);
	$c = new Configurations();
	$arrayConfFormat = $c->getFormats();

	$replaced_by = G::getFormatUserList($arrayConfFormat['format'], $u);
	} else {
	$replaced_by = '';
	}
	$misc = Array();
	$misc['DEP_TITLE'] = $dep_name;
	$misc['REPLACED_NAME'] = $replaced_by;
	echo '{success: true, userdata: ' . G::json_encode($data) . ', cases: ' . G::json_encode($aCount) . ', misc: ' . G::json_encode($misc) . '}';
	break;

	case "verifyIfUserAssignedAsSupervisor":
	//Before delete we check if is supervisor
	$supervisor = new \ProcessMaker\BusinessModel\ProcessSupervisor();
	$isSupervisor = $supervisor->isUserSupervisor($_POST["supervisorUserUid"]);
	$supervisorUserUid = $_POST["supervisorUserUid"];
	$message = 'OK';
	if ($isSupervisor) {
	$message = 'ERROR';
	}
	$response = array();
	$response["result"] = $message;
	echo G::json_encode($response);
	break;
	}
	} catch (Exception $oException) {
	$token = strtotime("now");
	PMException::registerErrorLog($oException, $token);
	G::outRes( G::LoadTranslation("ID_EXCEPTION_LOG_INTERFAZ", array($token)) );
	die;
	}