From c3881fb528af349bf47f9ccbf83c994087faa3e6 Mon Sep 17 00:00:00 2001 From: Remigijus Kiminas Date: Mon, 27 Dec 2021 03:47:03 -0500 Subject: [PATCH] Separate permission to use [html] code --- lhc_web/lib/core/lhchat/lhchatworkflow.php | 6 ++++++ lhc_web/modules/lhchat/addmsgadmin.php | 7 ++++++- lhc_web/modules/lhchat/module.php | 2 ++ lhc_web/modules/lhrestapi/addmsgadmin.php | 8 +++++++- 4 files changed, 21 insertions(+), 2 deletions(-) diff --git a/lhc_web/lib/core/lhchat/lhchatworkflow.php b/lhc_web/lib/core/lhchat/lhchatworkflow.php index 35055f4b4f..62f2878709 100644 --- a/lhc_web/lib/core/lhchat/lhchatworkflow.php +++ b/lhc_web/lib/core/lhchat/lhchatworkflow.php @@ -875,6 +875,12 @@ public static function presendCannedMsg($chat) { $msg = new erLhcoreClassModelmsg(); $msg->msg = $cannedMsg->msg_to_user; + + if (strpos($msg->msg,'[html]') !== false && !erLhcoreClassUser::instance()->hasAccessTo('lhchat','htmlbbcodeenabled')) { + $msg->msg = '[html] is disabled for you!'; + $msg->user_id = -1; + } + $msg->chat_id = $chat->id; $msg->user_id = $chat->user_id; $msg->name_support = $chat->user->name_support; diff --git a/lhc_web/modules/lhchat/addmsgadmin.php b/lhc_web/modules/lhchat/addmsgadmin.php index a467bc0723..4c0b0cbce0 100644 --- a/lhc_web/modules/lhchat/addmsgadmin.php +++ b/lhc_web/modules/lhchat/addmsgadmin.php @@ -66,7 +66,12 @@ $msg->time = time(); $msg->name_support = $userData->name_support; - if (isset($_POST['meta_msg'])) { + if (strpos($msg->msg,'[html]') !== false && !$currentUser->hasAccessTo('lhchat','htmlbbcodeenabled')) { + $msg->msg = '[html] is disabled for you!'; + $msg->user_id = -1; + } + + if (isset($_POST['meta_msg']) && $currentUser->hasAccessTo('lhchat','metamsgenabled')) { $meta_msg = json_decode($_POST['meta_msg'], true); if (is_array($meta_msg)) { $metaContent = []; diff --git a/lhc_web/modules/lhchat/module.php b/lhc_web/modules/lhchat/module.php index 92eed1f2f2..6a64eb55f6 100644 --- a/lhc_web/modules/lhchat/module.php +++ b/lhc_web/modules/lhchat/module.php @@ -713,5 +713,7 @@ $FunctionList['subject_chats'] = array('explain' => 'Allow operator see subject filtered chats'); $FunctionList['subject_chats_options'] = array('explain' => 'Allow operator to choose what subjects should be applied as filter'); $FunctionList['export_chats'] = array('explain' => 'Allow operator to export filtered chats'); +$FunctionList['htmlbbcodeenabled'] = array('explain' => 'Allow operator to use [html] bbcode.'); +$FunctionList['metamsgenabled'] = array('explain' => 'Allow operator to use meta_msg in message add interface.'); ?> \ No newline at end of file diff --git a/lhc_web/modules/lhrestapi/addmsgadmin.php b/lhc_web/modules/lhrestapi/addmsgadmin.php index c704ef1ba2..d91372c511 100644 --- a/lhc_web/modules/lhrestapi/addmsgadmin.php +++ b/lhc_web/modules/lhrestapi/addmsgadmin.php @@ -103,7 +103,12 @@ $msg->user_id = $messageUserId; $msg->time = time(); - if ($form->hasValidData('meta_msg') && $form->meta_msg != '') { + if (strpos($msg->msg,'[html]') !== false && !erLhcoreClassRestAPIHandler::hasAccessTo('lhchat','htmlbbcodeenabled')) { + $msg->msg = '[html] is disabled for you!'; + $msg->user_id = -1; + } + + if ($form->hasValidData('meta_msg') && $form->meta_msg != '' && erLhcoreClassRestAPIHandler::hasAccessTo('lhchat','metamsgenabled')) { $metaParts = json_decode($form->meta_msg,true); // Parse meta message as it was bot message and store it within message // We cannot store directly meta message content because it may contain callbacks which can be internal functions @@ -129,6 +134,7 @@ } } + if ($form->hasValidData('operator_name') && $form->operator_name != '') { $msg->name_support = $form->operator_name; } elseif ($form->sender == 'bot') {