function deleteUserRole($ROL_UID, $USR_UID) { $crit = new Criteria(); $crit->add(UsersRolesPeer::USR_UID, $USR_UID); if ($ROL_UID != '%') { $crit->add(UsersRolesPeer::ROL_UID, $ROL_UID); } UsersRolesPeer::doDelete($crit); $rol = $this->load($ROL_UID); $oUsersRbac = new RbacUsers(); $user = $oUsersRbac->load($USR_UID); G::auditLog("DeleteUserToRole", "Delete user " . $user['USR_USERNAME'] . " (" . $USR_UID . ") to Role " . $rol['ROL_NAME'] . " (" . $ROL_UID . ") "); }
function create($aData) { $oConnection = Propel::getConnection(RbacUsersPeer::DATABASE_NAME); try { $oRBACUsers = new RbacUsers(); do { $aData['USR_UID'] = G::generateUniqueID(); } while ($oRBACUsers->load($aData['USR_UID'])); $oRBACUsers->fromArray($aData, BasePeer::TYPE_FIELDNAME); //if ($oRBACUsers->validate()) { //$oConnection->begin(); $iResult = $oRBACUsers->save(); //$oConnection->commit(); return $aData['USR_UID']; /*} else { $sMessage = ''; $aValidationFailures = $oRBACUsers->getValidationFailures(); foreach($aValidationFailures as $oValidationFailure) { $sMessage .= $oValidationFailure->getMessage() . '<br />'; } throw(new Exception('The registry cannot be created!<br />' . $sMessage)); }*/ } catch (Exception $oError) { $oConnection->rollback(); throw $oError; } }
<?php $data = $_POST['form']; global $RBAC; require_once PATH_RBAC . "model/RbacUsers.php"; G::LoadClass('pmFunctions'); require_once 'classes/model/Users.php'; G::LoadClass("system"); $rbacUser = new RbacUsers(); $user = new Users(); $userData = $rbacUser->getByUsername($data['USR_USERNAME']); if ($userData['USR_EMAIL'] != '' && $userData['USR_EMAIL'] === $data['USR_EMAIL']) { $aSetup = getEmailConfiguration(); if (count($aSetup) == 0 || !isset($aSetup['MESS_ENGINE'])) { G::SendTemporalMessage('ID_EMAIL_ENGINE_IS_NOT_ENABLED', "warning"); G::header('location: forgotPassword'); die; } $newPass = G::generate_password(); $aData['USR_UID'] = $userData['USR_UID']; $aData['USR_PASSWORD'] = md5($newPass); /* **Save after sending the mail $rbacUser->update($aData); $user->update($aData); */ $sFrom = ($aSetup['MESS_ACCOUNT'] != '' ? $aSetup['MESS_ACCOUNT'] . ' ' : '') . '<' . $aSetup['MESS_ACCOUNT'] . '>'; $sSubject = G::LoadTranslation('ID_RESET_PASSWORD') . ' - ProcessMaker'; $msg = '<h3>ProcessMaker Forgot password Service</h3>'; $msg .= '<p>' . G::LoadTranslation('ID_YOUR_USERMANE_IS') . ' : <strong>' . $userData['USR_USERNAME'] . '</strong></p>'; $msg .= '<p>' . G::LoadTranslation('ID_YOUR_PASSWORD_IS') . ' : <strong>' . $newPass . '</strong></p>'; switch ($aSetup['MESS_ENGINE']) {
public function forgotPassword($httpData) { $this->setResponseType('json'); global $RBAC; require_once PATH_RBAC . "model/RbacUsers.php"; require_once 'classes/model/Users.php'; G::LoadClass("system"); $rbacUser = new RbacUsers(); $user = new Users(); try { $userData = $rbacUser->getByUsername($httpData->username); if (!$userData) { $msg = G::LoadTranslation('ID_USER') . ' <b>' . $httpData->username . '</b> ' . G::LoadTranslation('ID_IS_NOT_REGISTERED'); throw new Exception($msg); } if (trim($userData['USR_EMAIL']) != trim($httpData->email)) { $msg = G::LoadTranslation('ID_EMAIL_DOES_NOT_MATCH_FOR_USER') . ' <b>' . $httpData->username . '</b>'; throw new Exception($msg); } $newPass = G::generate_password(); $aData['USR_UID'] = $userData['USR_UID']; $aData['USR_PASSWORD'] = md5($newPass); $rbacUser->update($aData); $user->update($aData); $subject = G::loadTranslation('ID_PROCESSMAKER_FORGOT_PASSWORD_SERVICE'); $template = new TemplatePower(PATH_TPL . 'main/forgotPassword.tpl'); $template->prepare(); $template->assign('server', $_SERVER['SERVER_NAME']); $template->assign('serviceMsg', G::loadTranslation('ID_PROCESSMAKER_FORGOT_PASSWORD_SERVICE')); $template->assign('content', G::loadTranslation('ID_PASSWORD_CHANGED_SUCCESSFULLY')); $template->assign('passwd', $newPass); $template->assign('poweredBy', G::loadTranslation('ID_PROCESSMAKER_SLOGAN1')); $template->assign('versionLabel', G::loadTranslation('ID_VERSION')); $template->assign('version', System::getVersion()); $template->assign('visit', G::loadTranslation('ID_VISIT')); $template->assign('footer', ''); $body = $template->getOutputContent(); G::sendMail('', 'ProcessMaker Service', $httpData->email, $subject, $body); $result->success = true; $result->message = G::LoadTranslation('ID_NEW_PASSWORD_SENT'); } catch (Exception $e) { $result->success = false; $result->message = $e->getMessage(); } return $result; }
/** * Create User Uid * * @param array $arrayUserData Data * * return id */ public function createUser($userData) { require_once (PATH_RBAC_HOME . "engine" . PATH_SEP . "classes" . PATH_SEP . "model" . PATH_SEP . "RbacUsers.php"); $this->userObj = new \RbacUsers(); if (class_exists('PMPluginRegistry')) { $pluginRegistry = & \PMPluginRegistry::getSingleton(); if ($pluginRegistry->existsTrigger(PM_BEFORE_CREATE_USER)) { try { $pluginRegistry->executeTriggers(PM_BEFORE_CREATE_USER, null); } catch (Exception $error) { throw new Exception($error->getMessage()); } } } $oConnection = \Propel::getConnection(\RbacUsersPeer::DATABASE_NAME); try { $oRBACUsers = new \RbacUsers(); do { $userData['USR_UID'] = \G::generateUniqueID(); } while ($oRBACUsers->load($userData['USR_UID'])); $oRBACUsers->fromArray($userData, \BasePeer::TYPE_FIELDNAME); $iResult = $oRBACUsers->save(); return $userData['USR_UID']; } catch (Exception $oError) { $oConnection->rollback(); throw($oError); } }
public function create($aData) { if (class_exists('PMPluginRegistry')) { $pluginRegistry =& PMPluginRegistry::getSingleton(); if ($pluginRegistry->existsTrigger(PM_BEFORE_CREATE_USER)) { try { $pluginRegistry->executeTriggers(PM_BEFORE_CREATE_USER, null); } catch (Exception $error) { throw new Exception($error->getMessage()); } } } $oConnection = Propel::getConnection(RbacUsersPeer::DATABASE_NAME); try { $oRBACUsers = new RbacUsers(); do { $aData['USR_UID'] = G::generateUniqueID(); } while ($oRBACUsers->load($aData['USR_UID'])); $oRBACUsers->fromArray($aData, BasePeer::TYPE_FIELDNAME); //if ($oRBACUsers->validate()) { //$oConnection->begin(); $iResult = $oRBACUsers->save(); //$oConnection->commit(); return $aData['USR_UID']; /* } else { $sMessage = ''; $aValidationFailures = $oRBACUsers->getValidationFailures(); foreach($aValidationFailures as $oValidationFailure) { $sMessage .= $oValidationFailure->getMessage() . '<br />'; } throw(new Exception('The registry cannot be created!<br />' . $sMessage)); } */ } catch (Exception $oError) { $oConnection->rollback(); throw $oError; } }
/** * Set value in WE_DATA * * @param string $webEntryUid Unique id of Web Entry * * return void */ public function setWeData($webEntryUid) { try { //Verify data $this->throwExceptionIfNotExistsWebEntry($webEntryUid, $this->arrayFieldNameForException["webEntryUid"]); //Set variables $arrayWebEntryData = $this->getWebEntry($webEntryUid, true); $processUid = $arrayWebEntryData["PRO_UID"]; $taskUid = $arrayWebEntryData["TAS_UID"]; $dynaFormUid = $arrayWebEntryData["DYN_UID"]; $webEntryMethod = $arrayWebEntryData["WE_METHOD"]; $webEntryInputDocumentAccess = $arrayWebEntryData["WE_INPUT_DOCUMENT_ACCESS"]; $webEntryData = ""; $wsRoundRobin = 0; //0, 1 //0 - Cyclical Assignment $pathDataPublicProcess = PATH_DATA_PUBLIC . $processUid; //Delete previous files if (trim($arrayWebEntryData["WE_DATA"]) != "") { $fileName = str_replace(".php", "", trim($arrayWebEntryData["WE_DATA"])); $file = $pathDataPublicProcess . PATH_SEP . $fileName . ".php"; if (is_file($file) && file_exists($file)) { unlink($file); unlink($pathDataPublicProcess . PATH_SEP . $fileName . "Post.php"); } } //Create files \G::mk_dir($pathDataPublicProcess, 0777); $http = \G::is_https() ? "https://" : "http://"; switch ($webEntryMethod) { case "WS": require_once PATH_RBAC . "model" . PATH_SEP . "RbacUsers.php"; $user = new \RbacUsers(); $arrayUserData = $user->load($arrayWebEntryData["USR_UID"]); $usrUsername = $arrayUserData["USR_USERNAME"]; $usrPassword = $arrayUserData["USR_PASSWORD"]; $dynaForm = new \Dynaform(); $arrayDynaFormData = $dynaForm->Load($arrayWebEntryData["DYN_UID"]); //Creating sys.info; $sitePublicPath = ""; if (file_exists($sitePublicPath . "")) { } //Creating the first file $weTitle = $this->sanitizeFilename($arrayWebEntryData["WE_TITLE"]); $fileName = $weTitle; $fileContent = "<?php\n"; $fileContent .= "global \$_DBArray;\n"; $fileContent .= "if (!isset(\$_DBArray)) {\n"; $fileContent .= " \$_DBArray = array();\n"; $fileContent .= "}\n"; $fileContent .= "\$_SESSION[\"PROCESS\"] = \"" . $processUid . "\";\n"; $fileContent .= "\$_SESSION[\"CURRENT_DYN_UID\"] = \"" . $dynaFormUid . "\";\n"; $fileContent .= "\$G_PUBLISH = new Publisher();\n"; $fileContent .= "G::LoadClass(\"pmDynaform\");\n"; $fileContent .= "\$a = new pmDynaform(array(\"CURRENT_DYNAFORM\" => \"" . $arrayWebEntryData["DYN_UID"] . "\"));\n"; $fileContent .= "if (\$a->isResponsive()) {"; $fileContent .= " \$a->printWebEntry(\"" . $fileName . "Post.php\");"; $fileContent .= "} else {"; $fileContent .= " \$G_PUBLISH->AddContent(\"dynaform\", \"xmlform\", \"" . $processUid . PATH_SEP . $dynaFormUid . "\", \"\", array(), \"" . $fileName . "Post.php\");\n"; $fileContent .= " G::RenderPage(\"publish\", \"blank\");"; $fileContent .= "}"; file_put_contents($pathDataPublicProcess . PATH_SEP . $fileName . ".php", $fileContent); //Creating the second file, the post file who receive the post form. $pluginTpl = PATH_TPL . "processes" . PATH_SEP . "webentryPost.tpl"; $template = new \TemplatePower($pluginTpl); $template->prepare(); $template->assign("wsdlUrl", $http . $_SERVER["HTTP_HOST"] . "/sys" . SYS_SYS . "/" . SYS_LANG . "/" . SYS_SKIN . "/services/wsdl2"); $template->assign("wsUploadUrl", $http . $_SERVER["HTTP_HOST"] . "/sys" . SYS_SYS . "/" . SYS_LANG . "/" . SYS_SKIN . "/services/upload"); $template->assign("processUid", $processUid); $template->assign("dynaformUid", $dynaFormUid); $template->assign("taskUid", $taskUid); $template->assign("wsUser", $usrUsername); $template->assign("wsPass", \Bootstrap::getPasswordHashType() . ':' . $usrPassword); $template->assign("wsRoundRobin", $wsRoundRobin); if ($webEntryInputDocumentAccess == 0) { //Restricted to process permissions $template->assign("USR_VAR", "\$cInfo = ws_getCaseInfo(\$caseId);\n\t \$USR_UID = \$cInfo->currentUsers->userId;"); } else { //No Restriction $template->assign("USR_VAR", "\$USR_UID = -1;"); } $template->assign("dynaform", $arrayDynaFormData["DYN_TITLE"]); $template->assign("timestamp", date("l jS \\of F Y h:i:s A")); $template->assign("ws", SYS_SYS); $template->assign("version", \System::getVersion()); $fileName = $pathDataPublicProcess . PATH_SEP . $weTitle . "Post.php"; file_put_contents($fileName, $template->getOutputContent()); //Creating the third file, only if this wsClient.php file doesn't exist. $fileName = $pathDataPublicProcess . PATH_SEP . "wsClient.php"; $pluginTpl = PATH_CORE . "templates" . PATH_SEP . "processes" . PATH_SEP . "wsClient.php"; if (file_exists($fileName)) { if (filesize($fileName) != filesize($pluginTpl)) { copy($fileName, $pathDataPublicProcess . PATH_SEP . "wsClient.php.bak"); unlink($fileName); $template = new \TemplatePower($pluginTpl); $template->prepare(); file_put_contents($fileName, $template->getOutputContent()); } } else { $template = new \TemplatePower($pluginTpl); $template->prepare(); file_put_contents($fileName, $template->getOutputContent()); } //Event $task = new \Task(); $arrayTaskData = $task->load($arrayWebEntryData["TAS_UID"]); $weEventUid = $task->getStartingEvent(); if ($weEventUid != "") { $event = new \Event(); $arrayEventData = array(); $arrayEventData["EVN_UID"] = $weEventUid; $arrayEventData["EVN_RELATED_TO"] = "MULTIPLE"; $arrayEventData["EVN_ACTION"] = $dynaFormUid; $arrayEventData["EVN_CONDITIONS"] = $usrUsername; $result = $event->update($arrayEventData); } //WE_DATA $webEntryData = $weTitle . ".php"; break; case "HTML": global $G_FORM; if (!class_exists("Smarty")) { $loader = \Maveriks\Util\ClassLoader::getInstance(); $loader->addClass("Smarty", PATH_THIRDPARTY . "smarty" . PATH_SEP . "libs" . PATH_SEP . "Smarty.class.php"); } $G_FORM = new \Form($processUid . "/" . $dynaFormUid, PATH_DYNAFORM, SYS_LANG, false); $G_FORM->action = $http . $_SERVER["HTTP_HOST"] . "/sys" . SYS_SYS . "/" . SYS_LANG . "/" . SYS_SKIN . "/services/cases_StartExternal.php"; $scriptCode = ""; $scriptCode = $G_FORM->render(PATH_TPL . "xmlform" . ".html", $scriptCode); $scriptCode = str_replace("/controls/", $http . $_SERVER["HTTP_HOST"] . "/controls/", $scriptCode); $scriptCode = str_replace("/js/maborak/core/images/", $http . $_SERVER["HTTP_HOST"] . "/js/maborak/core/images/", $scriptCode); //Render the template $pluginTpl = PATH_TPL . "processes" . PATH_SEP . "webentry.tpl"; $template = new \TemplatePower($pluginTpl); $template->prepare(); $step = new \Step(); $sUidGrids = $step->lookingforUidGrids($processUid, $dynaFormUid); $template->assign("URL_MABORAK_JS", \G::browserCacheFilesUrl("/js/maborak/core/maborak.js")); $template->assign("URL_TRANSLATION_ENV_JS", \G::browserCacheFilesUrl("/jscore/labels/" . SYS_LANG . ".js")); $template->assign("siteUrl", $http . $_SERVER["HTTP_HOST"]); $template->assign("sysSys", SYS_SYS); $template->assign("sysLang", SYS_LANG); $template->assign("sysSkin", SYS_SKIN); $template->assign("processUid", $processUid); $template->assign("dynaformUid", $dynaFormUid); $template->assign("taskUid", $taskUid); $template->assign("dynFileName", $processUid . "/" . $dynaFormUid); $template->assign("formId", $G_FORM->id); $template->assign("scriptCode", $scriptCode); if (sizeof($sUidGrids) > 0) { foreach ($sUidGrids as $k => $v) { $template->newBlock("grid_uids"); $template->assign("siteUrl", $http . $_SERVER["HTTP_HOST"]); $template->assign("gridFileName", $processUid . "/" . $v); } } //WE_DATA $html = str_replace("</body>", "</form></body>", str_replace("</form>", "", $template->getOutputContent())); $webEntryData = $html; break; } //Update //Update where $criteriaWhere = new \Criteria("workflow"); $criteriaWhere->add(\WebEntryPeer::WE_UID, $webEntryUid); //Update set $criteriaSet = new \Criteria("workflow"); $criteriaSet->add(\WebEntryPeer::WE_DATA, $webEntryData); \BasePeer::doUpdate($criteriaWhere, $criteriaSet, \Propel::getConnection("workflow")); } catch (\Exception $e) { throw $e; } }