Merge branch 'develop' into bugfix/FOUR-25401

Author: eiresendez

ProcessMaker/Contracts/ConditionalRedirectServiceInterface.php

@@ -26,8 +26,6 @@ class ProcessUpdated implements ShouldBroadcastNow
 
     public $activeTokens;
 
-    public $elementDestination;
-
     /**
      * Create a new event instance.
      *
@@ -43,7 +41,6 @@ public function __construct(ProcessRequest $processRequest, $event, TokenInterfa
         if ($token) {
             $this->tokenId = $token->getId();
             $this->elementType = $token->element_type;
-            $this->elementDestination = $token->elementDestination;
         }
     }
 

ProcessMaker/Events/ProcessUpdated.php

@@ -183,6 +183,55 @@ public function index(Request $request)
      *         ),
      *     ),
      * )
+     *
+     * @OA\Post(
+     *     path="/users_task_count",
+     *     summary="Returns all users and their total tasks (POST version for large form_data)",
+     *     operationId="postUsersTaskCount",
+     *     tags={"Users"},
+     *     @OA\RequestBody(
+     *         description="Request body for filtering users",
+     *         @OA\JsonContent(
+     *             @OA\Property(
+     *                 property="filter",
+     *                 type="string",
+     *                 description="Filter results by string. Searches First Name, Last Name, Email, or Username."
+     *             ),
+     *             @OA\Property(
+     *                 property="include_ids",
+     *                 type="string",
+     *                 description="Comma separated list of user IDs to include in the response. Eg. 1,2,3"
+     *             ),
+     *             @OA\Property(
+     *                 property="assignable_for_task_id",
+     *                 type="integer",
+     *                 description="Task ID to get assignable users for"
+     *             ),
+     *             @OA\Property(
+     *                 property="form_data",
+     *                 type="object",
+     *                 description="Form data used to evaluate rule expressions for task assignment"
+     *             ),
+     *         ),
+     *     ),
+     *     @OA\Response(
+     *         response=200,
+     *         description="List of users with task counts",
+     *         @OA\JsonContent(
+     *             type="object",
+     *             @OA\Property(
+     *                 property="data",
+     *                 type="array",
+     *                 @OA\Items(ref="#/components/schemas/users"),
+     *             ),
+     *             @OA\Property(
+     *                 property="meta",
+     *                 type="object",
+     *                 ref="#/components/schemas/metadata",
+     *             ),
+     *         ),
+     *     ),
+     * )
      */
     public function getUsersTaskCount(Request $request)
     {
@@ -204,10 +253,10 @@ public function getUsersTaskCount(Request $request)
             $include_ids = explode(',', $include_ids_string);
         } elseif ($request->has('assignable_for_task_id')) {
             $processRequestToken = ProcessRequestToken::findOrFail($request->input('assignable_for_task_id'));
-            $assignmentRule = $processRequestToken->getAssignmentRule();
             if (config('app.reassign_restrict_to_assignable_users')) {
                 $include_ids = $processRequestToken->process->getAssignableUsersByAssignmentType($processRequestToken);
             }
+            $assignmentRule = $processRequestToken->getAssignmentRule();
             if ($assignmentRule === 'rule_expression' && $request->has('form_data')) {
                 $include_ids = $processRequestToken->getAssigneesFromExpression($request->input('form_data'));
             }
@@ -223,7 +272,8 @@ public function getUsersTaskCount(Request $request)
             ->withCount('activeTasks')
             ->orderBy(
                 $request->input('order_by', 'username'),
-                $request->input('order_direction', 'ASC'))
+                $request->input('order_direction', 'ASC')
+            )
             ->paginate(50);
 
         return new ApiCollection($response);
@@ -359,8 +409,8 @@ public function getPinnnedControls(User $user)
         $meta = $user->meta ? (array) $user->meta : [];
 
         return array_key_exists('pinnedControls', $meta)
-                ? $meta['pinnedControls']
-                : [];
+            ? $meta['pinnedControls']
+            : [];
     }
 
     /**
@@ -774,10 +824,12 @@ private function uploadAvatar(User $user, Request $request)
             // Validate image content
             if ($type === 'svg') {
                 // For SVG files, validate against XSS
-                if (preg_match('/<script/i', $data) ||
+                if (
+                    preg_match('/<script/i', $data) ||
                     preg_match('/on\w+\s*=/i', $data) ||
                     preg_match('/javascript:/i', $data) ||
-                    preg_match('/data:/i', $data)) {
+                    preg_match('/data:/i', $data)
+                ) {
                     throw new \Exception('SVG contains potentially malicious content');
                 }
             } else {
@@ -853,7 +905,7 @@ public function restore(Request $request)
             // Otherwise, search trashed users
             // for the user to restore
             $user = User::onlyTrashed()->where($input, $request->input($input))
-                                       ->first();
+                ->first();
         }
 
         if ($user instanceof User) {

ProcessMaker/Http/Controllers/Api/UserController.php

@@ -12,6 +12,7 @@
 use ProcessMaker\Models\Media;
 use ProcessMaker\Models\Process;
 use ProcessMaker\Models\ProcessCategory;
+use ProcessMaker\Models\ProcessLaunchpad;
 use ProcessMaker\Models\Screen;
 use ProcessMaker\Models\Script;
 use ProcessMaker\Models\User;
@@ -547,6 +548,9 @@ public function exportProcessLaunchpad(): void
     public function importProcessLaunchpad(): void
     {
         foreach ($this->getDependents('process_launchpad') as $launchpad) {
+            if (ProcessLaunchpad::where('process_id', $this->model->id)->exists()) {
+                continue;
+            }
             $launchpad->model->setAttribute('process_id', $this->model->id);
             $launchpad->model->saveOrFail();
         }

ProcessMaker/ImportExport/Exporters/ProcessExporter.php

@@ -3,12 +3,14 @@
 namespace ProcessMaker\Jobs;
 
 use Illuminate\Bus\Queueable;
+use Illuminate\Console\Application;
 use Illuminate\Contracts\Queue\ShouldBeUnique;
 use Illuminate\Contracts\Queue\ShouldQueue;
 use Illuminate\Foundation\Bus\Dispatchable;
 use Illuminate\Queue\InteractsWithQueue;
 use Illuminate\Queue\Middleware\WithoutOverlapping;
 use Illuminate\Support\Facades\Artisan;
+use Illuminate\Support\Facades\Process;
 
 class RefreshArtisanCaches implements ShouldQueue
 {
@@ -21,26 +23,7 @@ class RefreshArtisanCaches implements ShouldQueue
      */
     public function handle()
     {
-        // Skip in testing environment because this reconnects the database
-        // meaning we loose transactions, and sets the console output verbosity
-        // to quiet so we loose expectsOutput assertions.
-        if (app()->environment('testing')) {
-            return;
-        }
-
-        $options = [
-            '--no-interaction' => true,
-            '--quiet' => true,
-        ];
-
-        if (app()->configurationIsCached()) {
-            Artisan::call('config:cache', $options);
-        } else {
-            Artisan::call('queue:restart', $options);
-
-            // We call this manually here since this job is dispatched
-            // automatically when the config *is* cached
-            RestartMessageConsumers::dispatchSync();
-        }
+        // Do not rebuild the cache and restart the queue any more.
+        // This is no longer needed.
     }
 }

ProcessMaker/Jobs/RefreshArtisanCaches.php

@@ -97,22 +97,10 @@ protected function completeSubprocess(TokenInterface $token, ExecutionInstanceIn
         $store = $closedInstance->getDataStore();
         $allData = $store->getData();
 
-        // Determine which data should be merged back from the subprocess.
-        $updatedKeys = method_exists($store, 'getUpdated')
-            ? $store->getUpdated()
-            : null;
-
-        if ($updatedKeys === null) {
-            // Legacy behavior or no tracking available: copy all data.
-            $data = $allData;
-        } elseif ($updatedKeys === []) {
-            // Nothing was updated in the subprocess: do not merge anything.
-            $data = [];
-        } else {
-            // Merge only the explicitly updated keys.
-            $updatedKeys = array_values((array) $updatedKeys);
-            $data = array_intersect_key($allData, array_flip($updatedKeys));
-        }
+        $data = $this->resolveUpdatedData($store, $allData);
+        $parentData = $token->getInstance()->getDataStore()->getData();
+        $data = $this->mergeNewKeys($data, $allData, $parentData);
+        $data = $this->mergeChangedKeys($data, $allData, $parentData);
 
         $dataManager = new DataManager();
         $dataManager->updateData($token, $data);
@@ -125,6 +113,62 @@ protected function completeSubprocess(TokenInterface $token, ExecutionInstanceIn
         return $this;
     }
 
+    /**
+     * Decide which data from the subprocess should be merged based on updated keys.
+     */
+    protected function resolveUpdatedData($store, array $allData): array
+    {
+        $updatedKeys = method_exists($store, 'getUpdated')
+            ? $store->getUpdated()
+            : null;
+
+        if ($updatedKeys === null) {
+            return $allData;
+        }
+
+        if ($updatedKeys === []) {
+            return [];
+        }
+
+        $updatedKeys = array_values((array) $updatedKeys);
+
+        return array_intersect_key($allData, array_flip($updatedKeys));
+    }
+
+    /**
+     * Merge keys that exist only in the subprocess data.
+     */
+    protected function mergeNewKeys(array $data, array $allData, array $parentData): array
+    {
+        $newKeys = array_diff(array_keys($allData), array_keys($parentData));
+        if (empty($newKeys)) {
+            return $data;
+        }
+
+        return $data + array_intersect_key($allData, array_flip($newKeys));
+    }
+
+    /**
+     * Merge keys that changed in the subprocess but may not have been tracked.
+     */
+    protected function mergeChangedKeys(array $data, array $allData, array $parentData): array
+    {
+        $changedKeys = [];
+        foreach ($allData as $key => $value) {
+            if (array_key_exists($key, $parentData) && $parentData[$key] !== $value) {
+                $changedKeys[] = $key;
+            }
+        }
+
+        if (empty($changedKeys)) {
+            return $data;
+        }
+
+        $pendingKeys = array_diff($changedKeys, array_keys($data));
+
+        return $data + array_intersect_key($allData, array_flip($pendingKeys));
+    }
+
     /**
      * Catch a subprocess error
      *

ProcessMaker/Models/CallActivity.php

@@ -1053,29 +1053,65 @@ public function getAssignableUsers($processTaskUuid)
      * - previous_task_assignee: would assign it to the Process Manager.
      * - requester: would assign it to the Process Manager.
      * - process_manager: would assign it to the same Process Manager.
-     * 
+     *
      * @param ProcessRequestToken $processRequestToken
-     * @return array
+     * @return array Array of user IDs, always returns a flat array (never nested)
      */
     public function getAssignableUsersByAssignmentType(ProcessRequestToken $processRequestToken): array
     {
-        $users = [];
-        switch ($processRequestToken->getAssignmentRule()) {
-            case 'user_group':
-            case 'process_variable':
-            case 'rule_expression':
+        $assignmentRule = $processRequestToken->getAssignmentRule();
+        $managerIds = $processRequestToken->process->manager_id ?? [];
+
+        // Rules that only return process managers
+        $managerOnlyRules = ['previous_task_assignee', 'requester', 'process_manager'];
+        if (in_array($assignmentRule, $managerOnlyRules, true)) {
+            return $this->normalizeUserIds($managerIds);
+        }
+
+        // Rules that return assignable users plus process managers
+        $groupBasedRules = ['user_group', 'process_variable', 'rule_expression'];
+        if (in_array($assignmentRule, $groupBasedRules, true)) {
+            $users = [];
+
+            // Get assignable users from task assignments
+            if (!empty($processRequestToken->element_id)) {
                 $users = $this->getAssignableUsers($processRequestToken->element_id);
-                $users[] = $processRequestToken->process->properties["manager_id"];
-                break;
-            case 'previous_task_assignee':
-            case 'requester':
-                $users[] = $processRequestToken->process->properties["manager_id"];
-                break;
-            case 'process_manager':
-                $users[] = $processRequestToken->process->properties["manager_id"];
-                break;
+            }
+
+            // Merge with manager IDs
+            if (!empty($managerIds)) {
+                $users = array_merge($users, $managerIds);
+            }
+
+            return $this->normalizeUserIds($users);
         }
-        return $users;
+
+        // Default: return empty array for unknown rules
+        return [];
+    }
+
+    /**
+     * Normalize user IDs to ensure a flat array of unique numeric values.
+     *
+     * @param array|null $userIds
+     * @return array
+     */
+    private function normalizeUserIds($userIds): array
+    {
+        if (empty($userIds)) {
+            return [];
+        }
+
+        // Flatten nested arrays and filter out invalid values
+        $normalized = array_filter(
+            array_values(Arr::flatten($userIds)),
+            function ($id) {
+                return !empty($id) && is_numeric($id);
+            }
+        );
+
+        // Remove duplicates and return
+        return array_values(array_unique($normalized));
     }
 
     /**