fernando/luos
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

PMCORE-4204

Browse Source
This commit is contained in:
Julio Cesar Laura Avendaño
2023-03-24 17:55:53 +00:00
parent 0506805783
commit 10839b0b84
21 changed files with 192 additions and 45 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
workflow/engine/methods/setup/appCacheViewAjax.php
View File

@@ -1,6 +1,15 @@
<?php
use Processmaker\Core\System;
use ProcessMaker\Exception\RBACException;
// Include global object RBAC
global $RBAC;
// Check if the current user have the correct permissions to access to this resource, if not throws a RBAC Exception with code 403
if ($RBAC->userCanAccess('PM_SETUP_ADVANCE') !== 1 || $RBAC->userCanAccess('PM_SETUP_CASES_LIST_CACHE_BUILDER') !== 1) {
throw new RBACException('ID_ACCESS_DENIED', 403);
}
$filter = new InputFilter();
$_POST = $filter->xssFilterHard($_POST);