From 9625d648a090b6b1d26ca9f73633141e2468f474 Mon Sep 17 00:00:00 2001
From: Pinga <121483313+getpinga@users.noreply.github.com>
Date: Tue, 5 Mar 2024 12:27:51 +0200
Subject: [PATCH] Various domain transfer fixes

---
 cp/app/Controllers/DomainsController.php      | 12 ++++++++++++
 cp/resources/views/partials/js-transfers.twig |  6 +++---
 cp/routes/web.php                             |  8 ++++++++
 3 files changed, 23 insertions(+), 3 deletions(-)

diff --git a/cp/app/Controllers/DomainsController.php b/cp/app/Controllers/DomainsController.php
index 0641194..3741018 100644
--- a/cp/app/Controllers/DomainsController.php
+++ b/cp/app/Controllers/DomainsController.php
@@ -2314,6 +2314,12 @@ class DomainsController extends Controller
                 }
             }
             $registrar_id = $data['registrar'] ?? null;
+            $registrars = $db->select("SELECT id, clid, name FROM registrar");
+            if ($_SESSION["auth_roles"] != 0) {
+                $registrar = true;
+            } else {
+                $registrar = null;
+            }
             $authInfo = $data['authInfo'] ?? null;
             $transferYears = $data['transferYears'] ?? null;
 
@@ -2575,6 +2581,11 @@ class DomainsController extends Controller
         
         $db = $this->container->get('db');
         $registrars = $db->select("SELECT id, clid, name FROM registrar");
+        if ($_SESSION["auth_roles"] != 0) {
+            $registrar = true;
+        } else {
+            $registrar = null;
+        }
             
         $locale = (isset($_SESSION['_lang']) && !empty($_SESSION['_lang'])) ? $_SESSION['_lang'] : 'en_US';
         $currency = $_SESSION['_currency'] ?? 'USD'; // Default to USD if not set
@@ -2591,6 +2602,7 @@ class DomainsController extends Controller
         // Default view for GET requests or if POST data is not set
         return view($response,'admin/domains/requestTransfer.twig', [
             'registrars' => $registrars,
+            'registrar' => $registrar,
             'currencySymbol' => $symbol,
             'currencyPosition' => $position,
             'currency' => $currency
diff --git a/cp/resources/views/partials/js-transfers.twig b/cp/resources/views/partials/js-transfers.twig
index c83b86c..f5ae1f0 100644
--- a/cp/resources/views/partials/js-transfers.twig
+++ b/cp/resources/views/partials/js-transfers.twig
@@ -21,13 +21,13 @@
         const tableResponsive = document.querySelector('.table-responsive');
         const clidValue = atob(tableResponsive.dataset.ref);
    
-        if (hasPendingStatus && clidValue === '0') {
+        if (hasPendingStatus && clidValue == '0') {
             actionButtons += `<a class="btn btn-outline-success btn-icon approve-btn" id="approve-btn" href="javascript:void(0);" data-approve-url="transfer/approve/${cell.getRow().getData().name}" title="{{ __('Approve Transfer') }}"><svg xmlns="http://www.w3.org/2000/svg" class="icon" width="24" height="24" viewBox="0 0 24 24" stroke-width="2" stroke="currentColor" fill="none" stroke-linecap="round" stroke-linejoin="round"><path stroke="none" d="M0 0h24v24H0z" fill="none"/><path d="M9 11l3 3l8 -8" /><path d="M20 12v6a2 2 0 0 1 -2 2h-12a2 2 0 0 1 -2 -2v-12a2 2 0 0 1 2 -2h9" /></svg></a> `;
             actionButtons += `<a class="btn btn-outline-dark btn-icon cancel-btn" id="cancel-btn" href="javascript:void(0);" data-cancel-url="transfer/cancel/${cell.getRow().getData().name}" title="{{ __('Cancel Transfer') }}"><svg xmlns="http://www.w3.org/2000/svg" class="icon" width="24" height="24" viewBox="0 0 24 24" stroke-width="2" stroke="currentColor" fill="none" stroke-linecap="round" stroke-linejoin="round"><path stroke="none" d="M0 0h24v24H0z" fill="none"/><path d="M12 12m-9 0a9 9 0 1 0 18 0a9 9 0 1 0 -18 0" /><path d="M10 10l4 4m0 -4l-4 4" /></svg></a> `;
             actionButtons += `<a class="btn btn-outline-danger btn-icon reject-btn" id="reject-btn" href="javascript:void(0);" data-reject-url="transfer/reject/${cell.getRow().getData().name}" title="{{ __('Reject Transfer') }}"><svg xmlns="http://www.w3.org/2000/svg" class="icon" width="24" height="24" viewBox="0 0 24 24" stroke-width="2" stroke="currentColor" fill="none" stroke-linecap="round" stroke-linejoin="round"><path stroke="none" d="M0 0h24v24H0z" fill="none"/><path d="M12 12m-9 0a9 9 0 1 0 18 0a9 9 0 1 0 -18 0" /><path d="M5.7 5.7l12.6 12.6" /></svg></a>`;
-        } else if (clidValue === rowData.reid) {
+        } else if (clidValue == rowData.reid) {
             actionButtons += `<a class="btn btn-outline-dark btn-icon cancel-btn" id="cancel-btn" href="javascript:void(0);" data-cancel-url="transfer/cancel/${cell.getRow().getData().name}" title="{{ __('Cancel Transfer') }}"><svg xmlns="http://www.w3.org/2000/svg" class="icon" width="24" height="24" viewBox="0 0 24 24" stroke-width="2" stroke="currentColor" fill="none" stroke-linecap="round" stroke-linejoin="round"><path stroke="none" d="M0 0h24v24H0z" fill="none"/><path d="M12 12m-9 0a9 9 0 1 0 18 0a9 9 0 1 0 -18 0" /><path d="M10 10l4 4m0 -4l-4 4" /></svg></a> `;
-        } else if (clidValue === rowData.acid) {
+        } else if (clidValue == rowData.acid) {
             actionButtons += `<a class="btn btn-outline-success btn-icon approve-btn" id="approve-btn" href="javascript:void(0);" data-approve-url="transfer/approve/${cell.getRow().getData().name}" title="{{ __('Approve Transfer') }}"><svg xmlns="http://www.w3.org/2000/svg" class="icon" width="24" height="24" viewBox="0 0 24 24" stroke-width="2" stroke="currentColor" fill="none" stroke-linecap="round" stroke-linejoin="round"><path stroke="none" d="M0 0h24v24H0z" fill="none"/><path d="M9 11l3 3l8 -8" /><path d="M20 12v6a2 2 0 0 1 -2 2h-12a2 2 0 0 1 -2 -2v-12a2 2 0 0 1 2 -2h9" /></svg></a> `;
             actionButtons += `<a class="btn btn-outline-danger btn-icon reject-btn" id="reject-btn" href="javascript:void(0);" data-reject-url="transfer/reject/${cell.getRow().getData().name}" title="{{ __('Reject Transfer') }}"><svg xmlns="http://www.w3.org/2000/svg" class="icon" width="24" height="24" viewBox="0 0 24 24" stroke-width="2" stroke="currentColor" fill="none" stroke-linecap="round" stroke-linejoin="round"><path stroke="none" d="M0 0h24v24H0z" fill="none"/><path d="M12 12m-9 0a9 9 0 1 0 18 0a9 9 0 1 0 -18 0" /><path d="M5.7 5.7l12.6 12.6" /></svg></a>`;
         } else {
diff --git a/cp/routes/web.php b/cp/routes/web.php
index a312bcf..f26b187 100644
--- a/cp/routes/web.php
+++ b/cp/routes/web.php
@@ -252,7 +252,15 @@ $app->any('/api[/{params:.*}]', function (
                 'users_audit' => 'user_id', // Continues to use user_id
             ];
 
+            // Check if the special filter condition for the domain table is met
+            $isSpecialDomainRequest = $tableName === 'domain' && isset($_GET['filter']) && $_GET['filter'] === 'trstatus,nis';
+
             if (array_key_exists($tableName, $columnMap)) {
+                // If it's a special domain request, bypass the usual filtering
+                if ($isSpecialDomainRequest) {
+                    return [];
+                }
+
                 // Use registrarId for tables where 'registrar_id' is the filter
                 // For 'support_tickets' and 'users_audit', use userId
                 return [$columnMap[$tableName] => (in_array($tableName, ['support_tickets', 'users_audit']) ? $_SESSION['auth_user_id'] : $registrarId)];