Skip to content

Commit

Permalink
Merge pull request #5934 from ProcessMaker/feature/FOUR-12702
Browse files Browse the repository at this point in the history 
feature/FOUR-12702: Start a Request: we need to enable only if the user was assigned "Start Permission"
  • Loading branch information
@ryancooley
ryancooley committed Jan 12, 2024
2 parents 13f7943 + 05b4199 commit e8f43f3
Show file tree
Hide file tree
Showing 4 changed files with 157 additions and 18 deletions.
139 changes: 139 additions & 0 deletions ProcessMaker/Http/Controllers/Api/ProcessController.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -15,6 +15,7 @@
use ProcessMaker\Events\TemplateUpdated;
use ProcessMaker\Exception\TaskDoesNotHaveUsersException;
use ProcessMaker\Facades\WorkflowManager;
use ProcessMaker\Http\Controllers\Api\GroupController;
use ProcessMaker\Http\Controllers\Api\TemplateController;
use ProcessMaker\Http\Controllers\Controller;
use ProcessMaker\Http\Resources\ApiCollection;
Expand All @@ -25,6 +26,7 @@
use ProcessMaker\Jobs\ExportProcess;
use ProcessMaker\Jobs\ImportProcess;
use ProcessMaker\Models\Bookmark;
use ProcessMaker\Models\Group;
use ProcessMaker\Models\Process;
use ProcessMaker\Models\ProcessPermission;
use ProcessMaker\Models\Screen;
Expand Down Expand Up @@ -214,6 +216,68 @@ public function show(Request $request, Process $process)
return new Resource($process);
}

/**
* Display the specified resource.
*
* @param $process
*
* @return Response
*
* @OA\Get(
* path="/processes/{processId}/start_events",
* summary="Get start events of a process by Id",
* operationId="getStartEventsProcessById",
* tags={"Processes"},
* @OA\Parameter(
* description="ID of process to return",
* in="path",
* name="processId",
* required=true,
* @OA\Schema(
* type="integer",
* )
* ),
* @OA\Parameter(ref="#/components/parameters/include"),
* @OA\Response(
* response=200,
* description="Successfully found the start events process",
* @OA\JsonContent(
* type="object",
* @OA\Property(
* property="data",
* type="array",
* @OA\Items(ref="#/components/schemas/ProcessStartEvents"),
* ),
* @OA\Property(
* property="meta",
* type="object",
* ref="#/components/schemas/metadata",
* ),
* ),)
* ),
* )
*/
public function startEvents(Request $request, Process $process)
{
$startEvents = [];
$currentUser = Auth::user();
foreach ($process->start_events as $event) {
if (count($event["eventDefinitions"]) === 0) {
if (array_key_exists("config", $event)) {
$webEntry = json_decode($event["config"])->web_entry;
$event["webEntry"] = $webEntry;
}
if (
$this->checkUserCanStartProcess($event, $currentUser->id, $process, $request) ||
Auth::user()->is_administrator
) {
$startEvents[] = $event;
}
}
}
return new ApiCollection($startEvents);
}

/**
* Store a newly created resource in storage.
*
Expand Down Expand Up @@ -1433,6 +1497,81 @@ protected function getRequestFilterBy(Request $request, array $searchableColumns

return $where;
}
/**
* check if currentUser can start the request
*
* @param array $event
* @param int $currentUser
* @param Process $process
* @param Request $request
*
* @return bool
*/
protected function checkUserCanStartProcess($event, $currentUser, $process, $request)
{
$response = false;
if (array_key_exists("assignment", $event)) {
switch ($event["assignment"]) {
case "user":
if (array_key_exists("assignedUsers", $event)) {
$response = $currentUser === (int)$event["assignedUsers"];
}
break;
case "group":
if (array_key_exists("assignedGroups", $event)) {
$response = $this->checkUsersGroup((int)$event["assignedGroups"], $request);
}
break;
case "process_manager":
$response = $currentUser === $process->manager_id;
break;
}
}
return $response;
}

/**
* check if currentUser is member of a group
*
* @param int $groupId
* @param Request $request
*
* @return bool
*/
protected function checkUsersGroup(int $groupId, Request $request)
{
$currentUser = Auth::user()->id;
$group = Group::find($groupId);
$response = false;
if (isset($group)){
try {
$response = (new GroupController(new Group()))->users($group, $request);
$users = $response->all();

foreach ($users as $user) {
if($user->resource->id === $currentUser) {
$response = true;
}
}
} catch (\Exception $error) {
return ['error' => $error->getMessage()];
}

try {
$response = (new GroupController(new Group()))->groups($group, $request);
$groups = $response->all();

foreach ($groups as $group) {
if ($this->checkUsersGroup($group->resource->id, $request)) {
$response = true;
}
}
} catch (\Exception $error) {
return ['error' => $error->getMessage()];
}
}
return $response;
}

/**
* Get included relationships.
Expand Down
2 changes: 1 addition & 1 deletion resources/js/processes-catalogue/components/ProcessOptions.vue
View file
Original file line number Diff line number Diff line change
Expand Up @@ -6,7 +6,7 @@
<img src="../../../img/wizard-icon.svg" :alt="$t('Guided Template Icon')" />
{{ $t('Re-run Wizard') }}
</b-button>
<chart-save-search :process="process"/>
<chart-save-search :process="process" />

<wizard-helper-process-modal
v-if="createdFromWizardTemplate"
Expand Down
30 changes: 13 additions & 17 deletions resources/js/processes-catalogue/components/optionsMenu/ButtonsStart.vue
View file
Original file line number Diff line number Diff line change
Expand Up @@ -16,6 +16,7 @@
data-toggle="dropdown"
aria-haspopup="true"
aria-expanded="false"
@click="getStartEvents()"
>
<span class="pl-3 pr-4"> {{ $t('Start this process') }} </span>
</button>
Expand Down Expand Up @@ -62,7 +63,6 @@
</template>

<script>
export default {
props: ["process"],
data() {
Expand All @@ -80,23 +80,19 @@ export default {
* get start events for dropdown Menu
*/
getStartEvents() {
const startEvents = this.process.start_events;
startEvents.forEach((event) => {
if (event.eventDefinitions.length === 0) {
if (event.config) {
const webEntry = JSON.parse(event.config).web_entry;
event.webEntry = webEntry;
this.processEvents = [];
ProcessMaker.apiClient
.get(`processes/${this.process.id}/start_events`)
.then((response) => {
this.processEvents = response.data.data;
if (this.processEvents.length <= 1) {
const event = this.processEvents[0] ?? {};
if (!("webEntry" in event)) {
this.havelessOneStartEvent = true;
this.startEvent = event.id ?? 0;
}
}
this.processEvents.push(event);
}
});
if (this.processEvents.length <= 1) {
const event = this.processEvents[0] ?? {};
if (!event.webEntry) {
this.havelessOneStartEvent = true;
this.startEvent = event.id ?? 0;
}
}
});
},
/**
* Start new request
Expand Down
4 changes: 4 additions & 0 deletions routes/api.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -125,6 +125,10 @@
// Processes
Route::get('processes', [ProcessController::class, 'index'])->name('processes.index')->middleware('can:view-processes');
Route::get('processes/{process}', [ProcessController::class, 'show'])->name('processes.show')->middleware('can:view-processes,process');
Route::get('processes/{process}/start_events',
[ProcessController::class, 'startEvents'])
->name('processes.start.events')
->middleware('can:view-processes,process');
Route::post('processes/{process}/export', [ProcessController::class, 'export'])->name('processes.export')->middleware('can:export-processes,process');
Route::get('processes/{process}/bpmn', [ProcessController::class, 'downloadBpmn'])->name('processes.export.bpmn')->middleware('can:view-processes,process');
Route::post('processes/import', [ProcessController::class, 'import'])->name('processes.import')->middleware('can:import-processes');
Expand Down

0 comments on commit e8f43f3

Please sign in to comment.