Customer index: 405 You cannot access this resource

froxlor / Froxlor

The server administration software for your needs - The official Froxlor development Git repository

http://www.froxlor.org

GNU General Public License v2.0

1.63k stars 453 forks source link

Customer index: 405 You cannot access this resource #1183

Closed sorinpohontu closed 1 year ago

sorinpohontu commented 1 year ago

I have updated one system to Froxlor 2.0.2.3 and I can't access customer area from admin account.

/customer_index.php

 Uncaught exception

405 You cannot access this resource

#0 /var/www/html/froxlor/lib/Froxlor/UI/Collection.php(132): Froxlor\Api\Commands\SubDomains->listingCount()
#1 /var/www/html/froxlor/lib/Froxlor/CurrentUser.php(156): Froxlor\UI\Collection->count()
#2 /var/www/html/froxlor/lib/navigation/00.froxlor.main.php(84): Froxlor\CurrentUser::canAddResource()
#3 /var/www/html/froxlor/lib/Froxlor/PhpHelper.php(235): include('...')
#4 /var/www/html/froxlor/lib/init.php(271): Froxlor\PhpHelper::loadConfigArrayDir()
#5 /var/www/html/froxlor/customer_index.php(27): require('...')
#6 {main}

System information

Froxlor version: 2.0.2.3
Web server: apache2
DNS server:None
POP/IMAP server: Dovecot
SMTP server: postfix
FTP server: proftpd/pureftpd
OS/Version: Debian 12

Any hints ?

d00p commented 1 year ago

Does the target customer have domains disabled or no domains at all? Worked just fine for me, maybe I've missed something

sorinpohontu commented 1 year ago

Same error on any customer I click, also I can't login as customer. Last customer added has a domain, email only.

sorinpohontu commented 1 year ago

After errror, I have to clear cookies and site date from Firefox to log in again. I'm always redirected to customer_index.php. Any log I can check ?

d00p commented 1 year ago

Settings -> Panel settings -> Hide menu items and traffic charts in customer panel, is "Domains" selected there?

sorinpohontu commented 1 year ago

Yes

d00p commented 1 year ago

Okay, this option leads to the customer not being allowed to call "SubDomains.listingCount()" API method, please try the following patch:

diff --git a/lib/Froxlor/CurrentUser.php b/lib/Froxlor/CurrentUser.php
index 26c836a3..211fd470 100644
--- a/lib/Froxlor/CurrentUser.php
+++ b/lib/Froxlor/CurrentUser.php
@@ -151,9 +151,13 @@ class CurrentUser
                        ]);
                        $addition = $result['emaildomains'] != 0;
                } elseif ($resource == 'subdomains') {
-                       $parentDomainCollection = (new Collection(SubDomains::class, $_SESSION['userinfo'],
-                               ['sql_search' => ['d.parentdomainid' => 0]]));
-                       $addition = $parentDomainCollection->count() != 0;
+                       if (Settings::IsInList('panel.customer_hide_options', 'domains')) {
+                               $addition = false;
+                       } else {
+                               $parentDomainCollection = (new Collection(SubDomains::class, $_SESSION['userinfo'],
+                                       ['sql_search' => ['d.parentdomainid' => 0]]));
+                               $addition = $parentDomainCollection->count() != 0;
+                       }
                } elseif ($resource == 'domains') {
                        $customerCollection = (new Collection(Customers::class, $_SESSION['userinfo']));
                        $addition = $customerCollection != 0;

sorinpohontu commented 1 year ago

Yes, it working 👍

d00p commented 1 year ago

Great, thanks for the feedback, very helpful :)