Merge branch 'Support/2.8.X' into 'master'

fix(19647) : changing the pattern regex in html to prevent validation error...

See merge request !719

CHANGELOG.md

 # CHANGELOG
 
+## Version 2.8.3
+ - `Fixed` Recherche par côte d'archive non fonctionnelle.
+ - `Fixed` Vérification du pattern de l'adresse email lors de la création d'un nouvel utilisateur.
+
+## Version 2.8.2
+ - `Changed` Possibilité d'ajouter des caractères spéciaux dans les identifiants d'organisations.
+ - `Fixed`   Blocage du process d'extraction fulltext si un document était en erreur dans Apache Tika.
+ - `Changed` Possibilité de rechercher les archives d'un service producteur appartenant à une autre organisation si la liaison du service d'archive et service producteur existe dans un accord de versement.
+ - `Changed` Possibilité d'empêcher l'opérateur d'archivage d'accéder à toutes les archives du système. Voir point de configuration "ownerIsSuperUser" dans configuration.ini.default.
+ - `Fixed`   Import via connecteur Octave.
+
 ## Version 2.8.1
  - `Fixed` Impossible de modifier son mot de passe pour un utilisateur nouvellement créé
 

MIGRATION.md

+# Migration 2.8.2
+
+## Modification dans la configuration :
+### Ajout
+Dans la section [recordsManagement], ajout de la directive `ownerIsSuperUser` qui permet de définir si les utilisateurs appartenant au service d'opérateur d'archvivage ont le droit ou non d'accéder à toutes les archives du système. Si `true`, alors les opérateurs ont accès à toutes les archives du système. Si `false`, l'opérateur d'archivage sera considéré comme n'importe quel autre service producteur et aura accès uniquement à ses propres archives dont il est déclaré comme producteur.
+
 # Migration 2.7 vers 2.8
 
 ## Vhost :

VERSION.md

-2.8.1
+2.8.3

data/maarchRM/conf/configuration.ini.default

@@ -46,6 +46,10 @@ css = "/presentation/css/style.css"
 displayableFormat = "['application/pdf', 'image/jpeg', 'image/png', 'text/plain']"
 
 [recordsManagement]
+
+; Allow the owner org to have access to other org units archives
+ownerIsSuperUser = false
+
 ; Profile directory for rng profile
 profilesDirectory = "%laabsDirectory%/data/maarchRM/profiles"
 refDirectory = "%laabsDirectory%/data/maarchRM/ref"

src/bundle/auth/Controller/userAccount.php

@@ -223,6 +223,11 @@ class userAccount
         $userAccount->accountId = \laabs::newId();
         $userAccount->accountType = 'user';
 
+        if (!is_null($userAccount->emailAddress) && !filter_var($userAccount->emailAddress, FILTER_VALIDATE_EMAIL)) {
+            $validationErrors = ["Email malformed"];
+            throw \laabs::newException("auth/invalidUserInformationException", $validationErrors);
+        }
+
         $organizationController = \laabs::newController('organization/organization');
         if (!is_null($organizations)) {
             $organization = $organizationController->read($organizations[0]);

src/bundle/digitalResource/Controller/digitalResource.php

@@ -882,7 +882,9 @@ class digitalResource
 
                 file_put_contents($srcfile, $contents);
 
-                $fullText .= $fullTextService->getText($srcfile);
+                try {
+                    $fullText .= $fullTextService->getText($srcfile);
+                } catch (\Exception $exception) {}
             }
         }
 

src/bundle/medona/Controller/ArchiveTransfer.php

@@ -119,15 +119,16 @@ class ArchiveTransfer extends abstractMessage
 
         foreach ($confParams as $name => $confParam) {
             // Default value
+            $param = "";
             if (isset($confParam["default"])) {
-                $value = $confParam["default"];
+                $param = $confParam["default"];
             }
 
             if (isset($params[$name]) && $params[$name] !== "") {
-                $value = $params[$name];
+                $param = $params[$name];
             }
 
-            $params[$name] = $value;
+            $params[$name] = $param;
 
             if ($param == "") {
                 if (isset($confParam["required"]) && $confParam["required"]) {

src/bundle/organization/Controller/organization.php

@@ -1624,15 +1624,11 @@ class organization
     public function getOriginator()
     {
         $currentService = \laabs::getToken("ORGANIZATION");
-        if (!$currentService) {
-            $this->view->addContentFile("recordsManagement/welcome/noWorkingOrg.html");
-
-            return $this->view->saveHtml();
-        }
+        
         $ownerOriginatorOrgs = $this->getOwnerOrgsByRole($currentService, 'originator');
         $originators = [];
         foreach ($ownerOriginatorOrgs as $org) {
-            foreach ($org->originator as $originator) {
+            foreach ($org->originators as $originator) {
                 $originator->ownerOrgName = $org->displayName;
                 $originators[] = $originator;
             }
@@ -1650,20 +1646,22 @@ class organization
      */
     protected function getOwnerOrgsByRole($currentService, $role)
     {
-        $organizationController = \laabs::newController('organization/organization');
-        $orgUnits = $organizationController->getOrgsByRole($role);
+        $orgUnits = $this->getOrgsByRole($role);
 
         $userPositionController = \laabs::newController('organization/userPosition');
-        $orgController = \laabs::newController('organization/organization');
+        $archivalAgreementController = \laabs::newController('medona/archivalAgreement');
 
         $owner = false;
         $archiver = false;
         $userOrgUnits = [];
         $userOrgs = [];
+        $allArchivalAgreements = $archivalAgreementController->index();
+
+        $originatorOrgIds = [];
 
         $userOrgUnitOrgRegNumbers = array_merge(array($currentService->registrationNumber), $userPositionController->readDescandantService((string)$currentService->orgId));
         foreach ($userOrgUnitOrgRegNumbers as $userOrgUnitOrgRegNumber) {
-            $userOrgUnit = $orgController->getOrgByRegNumber($userOrgUnitOrgRegNumber);
+            $userOrgUnit = $this->getOrgByRegNumber($userOrgUnitOrgRegNumber);
             $userOrgUnits[] = $userOrgUnit;
             if (isset($userOrgUnit->orgRoleCodes)) {
                 foreach ($userOrgUnit->orgRoleCodes as $orgRoleCode) {
@@ -1672,6 +1670,12 @@ class organization
                     }
                     if ($orgRoleCode == 'archiver') {
                         $archiver = true;
+                        $myOriginatorOrgs = [];
+                        foreach ($allArchivalAgreements as $archivalAgreement) {
+                            if($archivalAgreement->archiverOrgRegNumber == $userOrgUnitOrgRegNumber) {
+                                $myOriginatorOrgs = array_merge($myOriginatorOrgs, $archivalAgreement->originatorOrgIds->jsonSerialize());
+                            }
+                        }
                     }
                 }
             }
@@ -1681,20 +1685,22 @@ class organization
             foreach ($orgUnits as $orgUnit) {
                 if (// Owner = all originators
                 $owner
-                    // Archiver = all originators fo the same org
-                || ($archiver && $orgUnit->ownerOrgId == $userOrgUnit->ownerOrgId)
+                    // Archiver = all originators for the same org
+                || ($archiver && ($orgUnit->ownerOrgId == $userOrgUnit->ownerOrgId || in_array($orgUnit->orgId, $myOriginatorOrgs)))
                     // Originator = all originators at position and sub-services
                 || ($role == 'originator' && $orgUnit->registrationNumber == $userOrgUnit->registrationNumber)
                     // Depositor = all
                 || $role == 'depositor') {
-                    if (!isset($userOrgs[(string)$orgUnit->ownerOrgId])) {
-                        $orgObject = $organizationController->read((string)$orgUnit->ownerOrgId);
+                    // $originators = $orgUnit->originators;
 
+                    if (!isset($userOrgs[(string)$orgUnit->ownerOrgId])) {
+                        $orgObject = $this->read((string)$orgUnit->ownerOrgId);
+                        
                         $userOrgs[(string)$orgObject->orgId] = new \stdClass();
                         $userOrgs[(string)$orgObject->orgId]->displayName = $orgObject->displayName;
-                        $userOrgs[(string)$orgObject->orgId]->{$role} = [];
+                        $userOrgs[(string)$orgObject->orgId]->originators = [];
                     }
-                    $userOrgs[(string)$orgObject->orgId]->{$role}[] = $orgUnit;
+                    $userOrgs[(string)$orgObject->orgId]->originators[] = $orgUnit;
                 }
             }
         }

src/bundle/recordsManagement/Controller/archiveAccessTrait.php

@@ -85,6 +85,10 @@ trait archiveAccessTrait
         $checkAccess = true,
         $maxResults = null
     ) {
+        if(is_null($originatorArchiveId)) {
+            $originatorArchiveId = $archiverArchiveId;
+        }
+        
         $accountController = \laabs::newController('auth/userAccount');
         $accountController->isAuthorized('user');
 
@@ -921,11 +925,16 @@ trait archiveAccessTrait
             $this->userPositionController->readDescandantService((string) $currentService->orgId)
         );
 
+        $ownerIsSuperUser = true;
+        if (isset(\laabs::configuration("recordsManagement")['ownerIsSuperUser'])) {
+            $ownerIsSuperUser = (bool) \laabs::configuration("recordsManagement")['ownerIsSuperUser'];
+        }
+
         foreach ($userServiceOrgRegNumbers as $userServiceOrgRegNumber) {
             $userService = $this->organizationController->getOrgByRegNumber($userServiceOrgRegNumber);
 
             // User orgUnit is owner
-            if (isset($userService->orgRoleCodes) && (strpos((string) $userService->orgRoleCodes, 'owner') !== false)) {
+            if (isset($userService->orgRoleCodes) && (strpos((string) $userService->orgRoleCodes, 'owner') !== false) && $ownerIsSuperUser) {
                 return true;
             }
 
@@ -1030,6 +1039,11 @@ trait archiveAccessTrait
             $queryParts['archiverArchiveId'] = "archiverArchiveId= :archiverArchiveId";
             $queryParams['archiverArchiveId'] = $args['archiverArchiveId'];
         }
+        if (!empty($args['originatorArchiveId']) && !empty($args['archiverArchiveId']) && $args['originatorArchiveId'] == $args['archiverArchiveId']) {
+            $queryParts['originatorArchiveId'] = "(archiveId= :archiveId OR originatorArchiveId= :originatorArchiveId OR archiverArchiveId= :archiverArchiveId)";
+            $queryParams['archiveId'] = $args['originatorArchiveId'];
+            unset($queryParts['archiverArchiveId']);
+        }
         if (!empty($args['originatingDate'])) {
             if (!empty($args['originatingDate'][0]) && is_string($args['originatingDate'][0])) {
                 $args['originatingDate'][0] = \laabs::newDate($args['originatingDate'][0]);
@@ -1129,9 +1143,14 @@ trait archiveAccessTrait
             $this->userPositionController->readDescandantService((string) $currentService->orgId)
         );
 
+        $ownerIsSuperUser = true;
+        if (isset(\laabs::configuration("recordsManagement")['ownerIsSuperUser'])) {
+            $ownerIsSuperUser = (bool) \laabs::configuration("recordsManagement")['ownerIsSuperUser'];
+        }
+
         foreach ($userServiceOrgRegNumbers as $userServiceOrgRegNumber) {
             $userService = $this->organizationController->getOrgByRegNumber($userServiceOrgRegNumber);
-            if (isset($userService->orgRoleCodes) && $userService->orgRoleCodes->contains('owner')) {
+            if (isset($userService->orgRoleCodes) && $userService->orgRoleCodes->contains('owner') && $ownerIsSuperUser) {
                 return;
             }
         }
@@ -1362,7 +1381,6 @@ trait archiveAccessTrait
         if (!$currentUserService) {
             return false;
         }
-
         $userPositionController = \laabs::newController('organization/userPosition');
         $org = $this->organizationController->getOrgByRegNumber($archive->originatorOrgRegNumber);
         $positionAncestors = $this->organizationController->readParentOrg($this->organizationController->getOrgByRegNumber($archive->originatorOrgRegNumber)->orgId);
@@ -1370,9 +1388,16 @@ trait archiveAccessTrait
         $userServices[] = $currentUserService->registrationNumber;
 
         // OWNER access
+        $ownerIsSuperUser = true;
+
+        if (isset(\laabs::configuration("recordsManagement")['ownerIsSuperUser'])) {
+            $ownerIsSuperUser = (bool) \laabs::configuration("recordsManagement")['ownerIsSuperUser'];
+        }
+
         if (
             !is_null($currentUserService->orgRoleCodes)
             && \laabs\in_array('owner', $currentUserService->orgRoleCodes)
+            && $ownerIsSuperUser
         ) {
             return true;
         }

src/bundle/recordsManagement/Controller/archiveEntryTrait.php

@@ -778,16 +778,42 @@ trait archiveEntryTrait
     }
 
     /**
-     * Update the retention start date of an archive
+     * Get the identifiers of the parent and the sibling archives
      *
-     * @param recordsManagement/archive $archive      The archive to receive
+     * @param recordsManagement/archive $archive The archive to receive
+     * @return array Archive ids of the archive, the parent and the siblings of the archive
      */
-    public function updateRetentionRuleStartDate($archive)
-    {
-        if ($this->archivalProfileController->getByReference($archive->archivalProfileReference) &&
-            (!empty($archive->fileplanLevel) && $archive->fileplanLevel == 'file')) {
-            $archive->retentionStartDate = \laabs::newTimestamp();
-            $archive->disposalDate = $archive->retentionStartDate->shift($archive->retentionDuration);
+    public function getParentAndSiblingIds($archive) {
+        $result = [];
+        if (!empty($archive->parentArchiveId)) {
+            $result = array_merge([$archive->parentArchiveId], $this->getChildrenArchives($archive->parentArchiveId));
+        }
+
+        return $result;
+    }
+
+    /**
+     * Apply the retention rule start date modification from last deposit on archive identifiers
+     *
+     * @param array $archiveIds The identifiers of the archives to update
+     */
+    public function updateRetentionRuleStartDate($archiveIds) {
+
+        $currentDate = \laabs::newDate();
+        try {
+            foreach($archiveIds as $archiveId) {
+                $archiveToModify = $this->sdoFactory->read('recordsManagement/archive', $archiveId);
+                
+                $retentionRule = $this->retentionRuleController->read($archiveToModify->retentionRuleCode);
+                $retentionRule = \laabs::castMessage($archiveToModify, 'recordsManagement/archiveRetentionRule');
+                $retentionRule->retentionStartDate = $currentDate;
+                $retentionRule->changeStartDate = true;
+
+                $this->modifyRetentionRule($retentionRule, $archiveId);   
+            }
+
+        } catch (\Exception $exception) {
+            throw $exception;
         }
     }
 
@@ -856,16 +882,16 @@ trait archiveEntryTrait
         }
 
         if ($transactionControl) {
-            $this->sdoFactory->commit();
-
-            // TimeStamp last modification date of the parent archive.
-            if (!empty($archive->parentArchiveId)) {
-                $parentArchive = $this->sdoFactory->read('recordsManagement/archive', $archive->parentArchiveId);
-                $parentArchive->lastModificationDate = \laabs::newTimestamp();
-                if ($this->archivalProfileController->getByReference($parentArchive->archivalProfileReference)->isRetentionLastDeposit) {
-                    $this->updateRetentionRuleStartDate($parentArchive);
-                }
-                $this->sdoFactory->update($parentArchive, 'recordsManagement/archive');
+            $this->sdoFactory->commit();            
+        }
+        
+        // feat/16379 : update retention rule start date from last deposit
+        if (!empty($archive->parentArchiveId)) {
+            $parentArchive = $this->sdoFactory->read('recordsManagement/archive', $archive->parentArchiveId);
+            $parentArchivalProfile = $this->archivalProfileController->getByReference($parentArchive->archivalProfileReference);
+            if ($parentArchivalProfile->isRetentionLastDeposit) {
+                $archiveIds = $this->getParentAndSiblingIds($archive);
+                $this->updateRetentionRuleStartDate($archiveIds);
             }
         }
 

src/bundle/recordsManagement/Controller/archiveModificationTrait.php

@@ -937,7 +937,10 @@ trait archiveModificationTrait
                 stream_copy_to_stream($handler, $tmpStream);
                 rewind($tmpStream);
                 fclose($tmpStream);
-                $fullText .= $fulltextService->getText($tmpFile, $options) . " ";
+                try {
+                    $fullText .= $fulltextService->getText($tmpFile, $options) . " ";
+                } catch (\Exception $exception) {}
+                
                 unlink($tmpFile);
             }
             $archive = $this->retrieve($archiveId);

src/presentation/maarchRM/Presenter/recordsManagement/archive.php

@@ -77,7 +77,21 @@ class archive
             $emptyRole = true;
         } else {
             $emptyRole = false;
-            $ownerOriginatorOrgs = $this->getOwnerOriginatorsOrgs($currentService);
+            // $ownerOriginatorOrgs = $this->getOwnerOriginatorsOrgs($currentService);
+
+            /* $orgController = \laabs::newController('organization/organization');
+            $originators = $orgController->getOriginator();
+            foreach ($originators as $originator) {
+                if (!isset($ownerOriginatorOrgs[(string) $originator->ownerOrgId])) {
+                    $ownerOriginatorOrgs[(string) $originator->ownerOrgId] = new \stdClass();
+                    $ownerOriginatorOrgs[(string) $originator->ownerOrgId]->displayName = $originator->ownerOrgName;
+                    $ownerOriginatorOrgs[(string) $originator->ownerOrgId]->originators = [];
+                }
+                if (!in_array($originator, $ownerOriginatorOrgs[(string) $originator->ownerOrgId]->originators)) {
+                    $ownerOriginatorOrgs[(string)$originator->ownerOrgId]->originators[] = $originator;
+                }
+            } */
+
         }
         $descriptionSchemeNames = \laabs::callService('recordsManagement/descriptionScheme/read_name_Descriptionfields');
         $retentionRuleController = \laabs::newController('recordsManagement/retentionRule');
@@ -111,7 +125,7 @@ class archive
         $this->view->setSource("retentionRules", $retentionRules);
         $this->view->setSource("emptyRole", $emptyRole);
         $this->view->setSource("profiles", $profiles);
-        $this->view->setSource("organizationsOriginator", $ownerOriginatorOrgs);
+        // $this->view->setSource("organizationsOriginator", $ownerOriginatorOrgs);
         $this->view->setSource("deleteDescription", $deleteDescription);
         $this->view->setSource("descriptionScheme", $descriptionSchemeNames);
 
@@ -228,6 +242,7 @@ class archive
                         $archive->hasRights = false;
                     } else {
                         $archive->hasRights = $archiveController->checkRights($archive);
+                        // $archive->hasRights = true;
                     }
                 } catch (\Exception $e) {
                     $archive->hasRights = false;

src/presentation/maarchRM/Resources/locale/fr/organization/messages.po

@@ -204,8 +204,8 @@ msgstr "Comptes de service"
 msgid "Submit"
 msgstr "Valider"
 
-msgid "You must use only letters, numbers and the special character '_'"
-msgstr "Vous devez utiliser uniquement les lettres, les chiffres et le caractère spécial '_'"
+msgid "You must use only letters, numbers and the special characters ('_','-','/' and '.')"
+msgstr "Vous devez utiliser uniquement les lettres, les chiffres et les caractères spéciaux ('_','-','/' et '.')"
 
 msgid "The first and last character must be a letter. You must use only letters and the special character '_'"
 msgstr "Les premier et dernier caractères doivent être des lettres. Vous devez utiliser uniquement les lettres et le caractère spécial '_'"

src/presentation/maarchRM/Resources/view/auth/userAccount/admin/edit.html

@@ -279,7 +279,7 @@
     }
 
     function validateEmail($email) {
-        var emailReg = /^([\w-\.]+@([\w-]+\.)+[\w-]{2,4})?$/;
+        var emailReg = /(?:[a-z0-9!#$%&'*+/=?^_`{|}~-]+(?:\.[a-z0-9!#$%&'*+/=?^_`{|}~-]+)*|"(?:[\x01-\x08\x0b\x0c\x0e-\x1f\x21\x23-\x5b\x5d-\x7f]|\\[\x01-\x09\x0b\x0c\x0e-\x7f])*")@(?:(?:[a-z0-9](?:[a-z0-9-]*[a-z0-9])?\.)+[a-z0-9](?:[a-z0-9-]*[a-z0-9])?|\[(?:(?:(2(5[0-5]|[0-4][0-9])|1[0-9][0-9]|[1-9]?[0-9]))\.){3}(?:(2(5[0-5]|[0-4][0-9])|1[0-9][0-9]|[1-9]?[0-9])|[a-z0-9-]*[a-z0-9]:(?:[\x01-\x08\x0b\x0c\x0e-\x1f\x21-\x5a\x53-\x7f]|\\[\x01-\x09\x0b\x0c\x0e-\x7f])+)\])/;
         return emailReg.test($email);
     }
 

src/presentation/maarchRM/Resources/view/organization/organizationForm.html

@@ -33,7 +33,7 @@
             <div class="form-group">
                 <label>Registration number <span style="color: red">*</span></label>
                 <input type="text" class="form-control" name="registrationNumber" placeholder="Registration number">
-                <small class="help-block">You must use only letters, numbers and the special character '_'</small>
+                <small class="help-block">You must use only letters, numbers and the special characters ('_','-','/' and '.')</small>
             </div>
             <div class="form-group" id="orgForm_enabled" style="display: none">
                 <label>Enabled</label>
@@ -265,7 +265,7 @@
             var organization = OrganizationForm.serialize();
 
 
-            var pattern = new RegExp("^[A-Za-z0-9_]*[A-Za-z0-9_]$");
+            var pattern = new RegExp("^[A-Za-z0-9_/.-]*[A-Za-z0-9_/.-]$");
 
             if(!pattern.test(organization.registrationNumber)) {
                 return;
@@ -395,7 +395,7 @@
 
     $("#organization_organizationForm").on("keyup","[name='registrationNumber']", function(){
         var input = $(this);
-        var pattern = new RegExp("^[A-Za-z0-9_]*[A-Za-z0-9]$");
+        var pattern = new RegExp("^[A-Za-z0-9_/.-]*[A-Za-z0-9/.-]$");
         var formGroup = input.closest('.form-group');
 
         if(!input.val()) {

src/presentation/maarchRM/Resources/view/recordsManagement/archive/fulltextSearchForm.html

@@ -339,7 +339,7 @@ FulltextSearchForm = {
                         } else if ($(this).hasClass('dateTimePicker')) {
                             var operation = ($(this).data('range') == 'start') ? ">=" : "<=";
                             // TODO fix datetime sent in params with a date conversion (done @rm/archives/search.html)
-                            value = name + operation + "'" + $(this).data('DateTimePicker').date().format('YYYY-MM-DD HH:MM:SS') + "'";
+                            value = name + operation + "'" + $(this).data('DateTimePicker').date().format('YYYY-MM-DD HH:mm:ss') + "'";
 
                             // Fill start and end values
                             if (query.description[name] == undefined) {

src/presentation/maarchRM/Resources/view/recordsManagement/archive/searchform.html

@@ -41,7 +41,7 @@
                 <div class="col-sm-8">
                     <input type="text" class="form-control orgHide" placeholder="Producer" name="originatorOwnerOrgRegNumber"
                     id="orgTypeahead" />
-                    <select class="form-control hide" name="originatorOwnerOrgId" id="originatorOwnerOrgId">
+                    <!-- <select class="form-control hide" name="originatorOwnerOrgId" id="originatorOwnerOrgId">
                         <option value="">All</option>
                         <?merge organizationsOriginator ?>
                         <div>
@@ -50,8 +50,10 @@
                                 <?merge .displayName ?>
                             </option>
                         </div>
-                    </select>
-                    <select class="form-control hide" name="originatorOrgRegNumber" id="originatorOrgRegNumber">
+                    </select> -->
+                    <input type="hidden" name="originatorOwnerOrgId" id="originatorOwnerOrgId" />
+                    <!-- <select class="form-control hide" name="originatorOrgRegNumber" id="originatorOrgRegNumber">
+                        
                         <option value="">All</option>
                         <?merge organizationsOriginator ?>
                         <div>
@@ -60,7 +62,8 @@
                                 <?merge .displayName ?>
                             </option>
                         </div>
-                    </select>
+                    </select> -->
+                    <input type="hidden" name="originatorOrgRegNumber" id="originatorOrgRegNumber" />
                 </div>
             </div>
         </div>
@@ -246,6 +249,7 @@
         <hr style="height:1px;border:none;color:gray;background-color:gray;">
     </div>
     <span class="hide" id="required_fields">You must fill all required fields (*)</span>
+    <div data-translate-catalog="recordsManagement/messages" id="noOriginatorFound" class="hide">No originator found</div>
 </div>
 
 <script>