/** * @method * * Returns a list or user. * * @name PMFGetUserEmailAddress * @label PMF Get User Email Address * @link http://wiki.processmaker.com/index.php/ProcessMaker_Functions#PMFGetUserEmailAddress.28.29 * * @param string(32) or Array | $id | Case ID | Id of the case. * @param string(32) | $APP_UID = null | Application ID | Id of the Application. * @param string(32) | $prefix = "usr" | prefix | Id of the task. * @return array | $aRecipient | Array of the Recipient | Return an Array of the Recipient. * */ function PMFGetUserEmailAddress($id, $APP_UID = null, $prefix = 'usr') { require_once 'classes/model/UsersPeer.php'; require_once 'classes/model/AppDelegation.php'; G::LoadClass('case'); if (is_string($id) && trim($id) == "") { return false; } if (is_array($id) && count($id) == 0) { return false; } //recipient to store the email addresses $aRecipient = array(); $aItems = array(); /* * First at all the $id user input can be by example erik@colosa.com * 2.this $id param can be a array by example Array('000000000001','000000000002') in this case $prefix is necessary * 3.this same param can be a array by example Array('usr|000000000001', 'usr|-1', 'grp|2245141479413131441') */ /* * The second thing is that the return type will be configurated depend of the input type (using $retType) */ if (is_array($id)) { $aItems = $id; $retType = 'array'; } else { $retType = 'string'; if (strpos($id, ",") !== false) { $aItems = explode(',', $id); } else { array_push($aItems, $id); } } foreach ($aItems as $sItem) { //cleaning for blank spaces into each array item $sItem = trim($sItem); if (strpos($sItem, "|") !== false) { // explode the parameter because always will be compose with pipe separator to indicate // the type (user or group) and the target mai list($sType, $sID) = explode('|', $sItem); $sType = trim($sType); $sID = trim($sID); } else { $sType = $prefix; $sID = $sItem; } switch ($sType) { case 'ext': if (G::emailAddress($sID)) { array_push($aRecipient, $sID); } break; case 'usr': if ($sID == '-1') { // -1: Curent user, load from user record if (isset($APP_UID)) { $oAppDelegation = new AppDelegation(); $aAppDel = $oAppDelegation->getLastDeleration($APP_UID); if (isset($aAppDel)) { $oUserRow = UsersPeer::retrieveByPK($aAppDel['USR_UID']); if (isset($oUserRow)) { $sID = $oUserRow->getUsrEmail(); } else { throw new Exception('User with ID ' . $oAppDelegation->getUsrUid() . 'doesn\'t exist'); } if (G::emailAddress($sID)) { array_push($aRecipient, $sID); } } } } else { $oUserRow = UsersPeer::retrieveByPK($sID); if ($oUserRow != null) { $sID = $oUserRow->getUsrEmail(); if (G::emailAddress($sID)) { array_push($aRecipient, $sID); } } } break; case 'grp': G::LoadClass('groups'); $oGroups = new Groups(); $oCriteria = $oGroups->getUsersGroupCriteria($sID); $oDataset = GroupwfPeer::doSelectRS($oCriteria); $oDataset->setFetchmode(ResultSet::FETCHMODE_ASSOC); while ($oDataset->next()) { $aGroup = $oDataset->getRow(); //to validate email address if (G::emailAddress($aGroup['USR_EMAIL'])) { array_push($aRecipient, $aGroup['USR_EMAIL']); } } break; case 'dyn': $oCase = new Cases(); $aFields = $oCase->loadCase($APP_UID); $aFields['APP_DATA'] = array_merge($aFields['APP_DATA'], G::getSystemConstants()); //to validate email address if (isset($aFields['APP_DATA'][$sID]) && G::emailAddress($aFields['APP_DATA'][$sID])) { array_push($aRecipient, $aFields['APP_DATA'][$sID]); } break; } } switch ($retType) { case 'array': return $aRecipient; break; case 'string': return implode(',', $aRecipient); break; default: return $aRecipient; } }
*/ if (($RBAC_Response = $RBAC->userCanAccess("PM_USERS")) != 1) { return $RBAC_Response; } G::LoadInclude('ajax'); $_POST['action'] = get_ajax_value('action'); switch ($_POST['action']) { case 'showUsers': G::LoadClass('groups'); $oGroups = new Groups(); $oGroup = new Groupwf(); $aFields = $oGroup->load($_POST['sGroupUID']); global $G_PUBLISH; $G_PUBLISH = new Publisher(); //$G_PUBLISH->AddContent('xmlform', 'xmlform', 'groups/groups_UsersListTitle', '', array('GRP_NAME' => $aFields['GRP_TITLE'])); $G_PUBLISH->AddContent('propeltable', 'groups/paged-table2', 'groups/groups_UsersList', $oGroups->getUsersGroupCriteria($_POST['sGroupUID']), array('GRP_UID' => $_POST['sGroupUID'], 'GRP_NAME' => $aFields['GRP_TITLE'])); $oHeadPublisher =& headPublisher::getSingleton(); $oHeadPublisher->addScriptCode("groupname=\"{$aFields["GRP_TITLE"]}\";"); G::RenderPage('publish', 'raw'); break; case 'assignUser': G::LoadClass('groups'); $oGroup = new Groups(); $oGroup->addUserToGroup($_POST['GRP_UID'], $_POST['USR_UID']); break; case 'assignAllUsers': G::LoadClass('groups'); $oGroup = new Groups(); $aUsers = explode(',', $_POST['aUsers']); for ($i = 0; $i < count($aUsers); $i++) { $oGroup->addUserToGroup($_POST['GRP_UID'], $aUsers[$i]);
/** function executed by the cron this function will synchronize users from ldap/active directory to PM users tables @return void */ public function executeCron($debug) { $rbac =& RBAC::getSingleton(); if (is_null($rbac->authSourcesObj)) { $rbac->authSourcesObj = new AuthenticationSource(); } $plugin = new ldapAdvanced(); $plugin->sSystem = $rbac->sSystem; $plugin->setFrontEnd(true); $plugin->setDebug($debug); //Get all authsource for this plugin ( ldapAdvanced plugin, because other authsources are not needed ) $arrayAuthenticationSource = $plugin->getAuthSources(); $aDepartments = $plugin->getDepartments(""); $aGroups = $plugin->getGroups(); //$arrayDepartmentUserAd = array(); //(D) Update Users //$arrayGroupUserAd = array(); //(G) Update Users //echo "\n"; $plugin->frontEndShow("START"); $plugin->debugLog("START"); foreach ($arrayAuthenticationSource as $value) { $arrayAuthenticationSourceData = $value; $plugin->debugLog("ldapadvanced.php > function executeCron() > foreach > \$arrayAuthenticationSourceData ---->\n" . print_r($arrayAuthenticationSourceData, true)); $plugin->sAuthSource = $arrayAuthenticationSourceData["AUTH_SOURCE_UID"]; $plugin->ldapcnn = null; $plugin->setArrayDepartmentUserSynchronizedChecked(array()); $plugin->setArrayUserUpdateChecked(array()); //Get all User (USR_UID, USR_USERNAME, USR_AUTH_USER_DN) registered in RBAC with this Authentication Source $plugin->setArrayAuthenticationSourceUsers($arrayAuthenticationSourceData["AUTH_SOURCE_UID"]); //INITIALIZE DATA $plugin->frontEndShow("TEXT", "Authentication Source: " . $arrayAuthenticationSourceData["AUTH_SOURCE_NAME"]); $plugin->log(null, "Executing cron for Authentication Source: " . $arrayAuthenticationSourceData["AUTH_SOURCE_NAME"]); //Get all departments from Ldap/ActiveDirectory and build a hierarchy using dn (ou->ou parent) $aLdapDepts = $plugin->searchDepartments(); //Obtain all departments from PM with a valid department in LDAP/ActiveDirectory $aRegisteredDepts = $plugin->getRegisteredDepartments($aLdapDepts, $aDepartments); $plugin->debugLog("ldapadvanced.php > function executeCron() > foreach > \$aRegisteredDepts ---->\n" . print_r($aRegisteredDepts, true)); //Get all group from Ldap/ActiveDirectory $aLdapGroups = $plugin->searchGroups(); //Obtain all groups from PM with a valid group in LDAP/ActiveDirectory $aRegisteredGroups = $plugin->getRegisteredGroups($aLdapGroups, $aGroups); $plugin->debugLog("ldapadvanced.php > function executeCron() > foreach > \$aRegisteredGroups ---->\n" . print_r($aRegisteredGroups, true)); //Get all users from Removed OU $this->usersRemovedOu = $plugin->getUsersFromRemovedOu($arrayAuthenticationSourceData); $plugin->deactiveArrayOfUsers($this->usersRemovedOu); //Variables $this->deletedRemoved = count($this->usersRemovedOu); $this->deletedRemovedUsers = ""; $this->dAlready = 0; $this->dMoved = 0; $this->dImpossible = 0; $this->dCreated = 0; $this->dRemoved = 0; $this->dAlreadyUsers = ""; $this->dMovedUsers = ""; $this->dImpossibleUsers = ""; $this->dCreatedUsers = ""; $this->dRemovedUsers = ""; $this->gAlready = 0; $this->gMoved = 0; $this->gImpossible = 0; $this->gCreated = 0; $this->gRemoved = 0; $this->gAlreadyUsers = ""; $this->gMovedUsers = ""; $this->gImpossibleUsers = ""; $this->gCreatedUsers = ""; $this->gRemovedUsers = ""; //Department - Synchronize Users $numDepartments = count($aRegisteredDepts); $count = 0; $plugin->debugLog("ldapadvanced.php > function executeCron() > foreach > \$numDepartments ----> {$numDepartments}"); foreach ($aRegisteredDepts as $registeredDept) { $count++; //(D) Update Users //if (!isset($arrayDepartmentUserAd[$registeredDept["DEP_UID"]])) { // $arrayDepartmentUserAd[$registeredDept["DEP_UID"]] = array(); //Current users in department based in Active Directory //} // //$arrayAux = $this->departmentSynchronizeUsers($plugin, $numDepartments, $count, $registeredDept); //$arrayAux = array_merge($arrayDepartmentUserAd[$registeredDept["DEP_UID"]], $arrayAux); // //$arrayDepartmentUserAd[$registeredDept["DEP_UID"]] = array_unique($arrayAux); $arrayAux = $this->departmentSynchronizeUsers($plugin, $numDepartments, $count, $registeredDept); } //Department - Print log $logResults = sprintf("- Departments -> Existing users: %d, moved: %d, impossible: %d, created: %d, removed: %d", $this->dAlready, $this->dMoved, $this->dImpossible, $this->dCreated, $this->dRemoved); $plugin->frontEndShow("TEXT", $logResults); $plugin->log(null, $logResults); //Group - Synchronize Users $numGroups = count($aRegisteredGroups); $count = 0; $plugin->debugLog("ldapadvanced.php > function executeCron() > foreach > \$numGroups ----> {$numGroups}"); foreach ($aRegisteredGroups as $registeredGroup) { $count++; //(G) Update Users //if (!isset($arrayGroupUserAd[$registeredGroup["GRP_UID"]])) { // $arrayGroupUserAd[$registeredGroup["GRP_UID"]] = array(); //Current users in group based in Active Directory //} // //$arrayAux = $this->groupSynchronizeUsers($plugin, $numGroups, $count, $registeredGroup); //$arrayAux = array_merge($arrayGroupUserAd[$registeredGroup["GRP_UID"]], $arrayAux); // //$arrayGroupUserAd[$registeredGroup["GRP_UID"]] = array_unique($arrayAux); $arrayAux = $this->groupSynchronizeUsers($plugin, $numGroups, $count, $registeredGroup); } //Group - Print log $logResults = sprintf("- Groups -> Existing users: %d, moved: %d, impossible: %d, created: %d, removed: %d", $this->gAlready, $this->gMoved, $this->gImpossible, $this->gCreated, $this->gRemoved); $plugin->frontEndShow("TEXT", $logResults); $plugin->log(null, $logResults); //Manager $plugin->clearManager($this->managersToClear); if (isset($arrayAuthenticationSourceData["AUTH_SOURCE_DATA"]["DEPARTMENTS_TO_UNASSIGN"])) { if (is_array($arrayAuthenticationSourceData["AUTH_SOURCE_DATA"]["DEPARTMENTS_TO_UNASSIGN"])) { foreach ($arrayAuthenticationSourceData["AUTH_SOURCE_DATA"]["DEPARTMENTS_TO_UNASSIGN"] as $departmentUID) { // Delete manager assignments $criteriaSet = new Criteria("workflow"); $criteriaSet->add(UsersPeer::USR_REPORTS_TO, ""); $criteriaWhere = new Criteria("workflow"); $criteriaWhere->add(UsersPeer::DEP_UID, $departmentUID); $criteriaWhere->add(UsersPeer::USR_REPORTS_TO, "", Criteria::NOT_EQUAL); $this->deletedManager = BasePeer::doUpdate($criteriaWhere, $criteriaSet, Propel::getConnection("workflow")); // Delete department assignments $criteriaSet = new Criteria("workflow"); $criteriaSet->add(UsersPeer::DEP_UID, ""); $criteriaWhere = new Criteria("workflow"); $criteriaWhere->add(UsersPeer::DEP_UID, $departmentUID); $this->dMoved += UsersPeer::doCount($criteriaWhere); BasePeer::doUpdate($criteriaWhere, $criteriaSet, Propel::getConnection("workflow")); } } unset($arrayAuthenticationSourceData["AUTH_SOURCE_DATA"]["DEPARTMENTS_TO_UNASSIGN"]); $rbac =& RBAC::getSingleton(); $rbac->authSourcesObj->update($arrayAuthenticationSourceData); } if (isset($arrayAuthenticationSourceData["AUTH_SOURCE_DATA"]["GROUPS_TO_UNASSIGN"])) { if (is_array($arrayAuthenticationSourceData["AUTH_SOURCE_DATA"]["GROUPS_TO_UNASSIGN"])) { foreach ($arrayAuthenticationSourceData["AUTH_SOURCE_DATA"]["GROUPS_TO_UNASSIGN"] as $groupUID) { // Delete manager assignments $groupsInstance = new Groups(); $criteria = $groupsInstance->getUsersGroupCriteria($groupUID); $dataset = UsersPeer::doSelectRS($criteria); $dataset->setFetchmode(ResultSet::FETCHMODE_ASSOC); $dataset->next(); $users = array(); while ($row = $dataset->getRow()) { $users[] = $row["USR_UID"]; $dataset->next(); } $criteriaSet = new Criteria("workflow"); $criteriaSet->add(UsersPeer::USR_REPORTS_TO, ""); $criteriaWhere = new Criteria("workflow"); $criteriaWhere->add(UsersPeer::USR_UID, $users, Criteria::IN); $criteriaWhere->add(UsersPeer::USR_REPORTS_TO, "", Criteria::NOT_EQUAL); $this->deletedManager = BasePeer::doUpdate($criteriaWhere, $criteriaSet, Propel::getConnection("workflow")); // Delete group assignments $criteria = new Criteria("workflow"); $criteria->add(GroupUserPeer::GRP_UID, $groupUID); $this->gMoved += GroupUserPeer::doCount($criteria); BasePeer::doDelete($criteria, Propel::getConnection("workflow")); } } unset($arrayAuthenticationSourceData["AUTH_SOURCE_DATA"]["GROUPS_TO_UNASSIGN"]); $rbac =& RBAC::getSingleton(); $rbac->authSourcesObj->update($arrayAuthenticationSourceData); } // Delete the managers that not exists in PM $criteria = new Criteria("rbac"); $criteria->addSelectColumn(RbacUsersPeer::USR_AUTH_USER_DN); $criteria->add(RbacUsersPeer::USR_AUTH_USER_DN, "", Criteria::NOT_EQUAL); $dataset = RbacUsersPeer::doSelectRS($criteria); $dataset->setFetchmode(ResultSet::FETCHMODE_ASSOC); $dataset->next(); $existingUsers = array(); while ($row = $dataset->getRow()) { $existingUsers[] = $row["USR_AUTH_USER_DN"]; $dataset->next(); } foreach ($this->managersHierarchy as $managerDN => $subordinates) { if (!in_array($managerDN, $existingUsers)) { unset($this->managersHierarchy[$managerDN]); } } // Get the managers assigments counters $plugin->synchronizeManagers($this->managersHierarchy); $deletedManagersAssignments = self::array_diff_assoc_recursive($this->oldManagersHierarchy, $this->managersHierarchy); $newManagersAssignments = self::array_diff_assoc_recursive($this->managersHierarchy, $this->oldManagersHierarchy); $deletedManagers = array(); $newManagers = array(); $movedManagers = array(); if (is_array($deletedManagersAssignments)) { foreach ($deletedManagersAssignments as $dn1 => $subordinates1) { foreach ($subordinates1 as $subordinate) { if (!in_array($subordinate, $deletedManagers)) { $deletedManagers[] = $subordinate; } foreach ($newManagersAssignments as $dn2 => $subordinates2) { if (isset($subordinates2[$subordinate])) { $movedManagers[] = $subordinate; } } } } } if (is_array($newManagersAssignments)) { foreach ($newManagersAssignments as $dn1 => $subordinates1) { foreach ($subordinates1 as $subordinate) { if (!in_array($subordinate, $newManagers)) { $newManagers[] = $subordinate; } foreach ($deletedManagersAssignments as $dn2 => $subordinates2) { if (isset($subordinates2[$subordinate])) { if (!in_array($subordinate, $movedManagers)) { $movedManagers[] = $subordinate; } } } } } } //Print and log the users's information //Deleted/Removed Users $logResults = sprintf("- Deleted/Removed Users: %d", $this->deletedRemoved); $plugin->frontEndShow("TEXT", $logResults); $plugin->log(null, $logResults); if ($this->deletedRemoved > 0) { $plugin->log(null, "Deleted/Removed Users: "); $plugin->log(null, $this->deletedRemovedUsers); } if ($this->dAlready + $this->gAlready > 0) { $plugin->log(null, "Existing Users: "); $plugin->log(null, $this->dAlreadyUsers . " " . $this->gAlreadyUsers); } if ($this->dMoved + $this->gMoved > 0) { $plugin->log(null, "Moved Users: "); $plugin->log(null, $this->dMovedUsers . " " . $this->gMovedUsers); } if ($this->dImpossible + $this->gImpossible > 0) { $plugin->log(null, "Impossible Users: "); $plugin->log(null, $this->dImpossibleUsers . " " . $this->gImpossibleUsers); } if ($this->dCreated + $this->gCreated > 0) { $plugin->log(null, "Created Users: "); $plugin->log(null, $this->dCreatedUsers . " " . $this->gCreatedUsers); } if ($this->dRemoved + $this->gRemoved > 0) { $plugin->log(null, "Removed Users: "); $plugin->log(null, $this->dRemovedUsers . " " . $this->gRemovedUsers); } //Print and log the managers assignments"s information $logResults = sprintf("- Managers assignments: created %d, moved %d, removed %d", count($newManagers) - count($movedManagers), count($movedManagers), count($deletedManagers) - count($movedManagers) + $this->deletedManager); $plugin->frontEndShow("TEXT", $logResults); $plugin->log(null, $logResults); //Update Users data based on the LDAP Server $plugin->usersUpdateData($arrayAuthenticationSourceData["AUTH_SOURCE_UID"]); } $plugin->frontEndShow("END"); //(D) Update Users ////Department //Upgrade users in departments //foreach ($arrayDepartmentUserAd as $departmentUid => $arrayUserAd) { // $plugin->setArrayDepartmentUsers($departmentUid); //INITIALIZE DATA // // $arrayAux = array_diff(array_keys($plugin->arrayDepartmentUsersByUid), $arrayUserAd); // // $this->departmentRemoveUsers($departmentUid, $arrayAux); //} //(G) Update Users ////Group //Upgrade users in groups //foreach ($arrayGroupUserAd as $groupUid => $arrayUserAd) { // $plugin->setArrayGroupUsers($groupUid); //INITIALIZE DATA // // $arrayAux = array_diff(array_keys($plugin->arrayGroupUsersByUid), $arrayUserAd); // // $this->groupRemoveUsers($groupUid, $arrayAux); //} //// Developed by Gary and Ronald //$usersInfo = $plugin->ASUpdateInfo(''); //if (isset($usersInfo) && $usersInfo > 0) { // $this->dMoved = $usersInfo; //} //// End Developed by Gary and Ronald $plugin->debugLog("END"); }