Failed to save the file to the "xx" directory.

Failed to save the file to the "ll" directory.

Failed to save the file to the "mm" directory.

Failed to save the file to the "wp" directory.

403WebShell
403Webshell
Server IP : 66.29.132.124  /  Your IP : 3.15.195.84
Web Server : LiteSpeed
System : Linux business141.web-hosting.com 4.18.0-553.lve.el8.x86_64 #1 SMP Mon May 27 15:27:34 UTC 2024 x86_64
User : wavevlvu ( 1524)
PHP Version : 7.4.33
Disable Function : NONE
MySQL : OFF  |  cURL : ON  |  WGET : ON  |  Perl : ON  |  Python : ON  |  Sudo : OFF  |  Pkexec : OFF
Directory :  /var/softaculous/bolt/

Upload File :
current_dir [ Writeable ] document_root [ Writeable ]

 

Command :


[ Back ]     

Current File : /var/softaculous/bolt/permissions.yml
# This file defines role-based access control for your Bolt site.
# Before making any modifications to this file, make sure you've thoroughly
# read the documentation at https://docs.bolt.cm/configuration/permissions
# and understand the consequences of making uninformed changes to the roles and
# permissions.

# First, we need to define some roles. There are four built-in roles that you
# should never add manually:
# - 'root', the "superuser" role; Bolt will automatically grant all permissions
#   to this role. Manually adding it to any permission is pointless, because it
#   implicitly grants every permission anyway.
# - 'everyone', the "base" role; every logged-in user automatically has this
#   role. Adding the 'everyone' role to any permission will grant it to all
#   users (but not to unauthenticated users).
# - 'owner': this role is only valid in the context of an individual content
#   item, and the user who "owns" the item (usually the person who created it)
#   will be in the 'owner' role.
# - 'anonymous': this role is automatically assigned at all times, even when
#   no user is logged in at all.
roles:
    editor:
        description: This user can edit some content.
        label: Editor
    chief-editor:
        description: This user can edit any content in the system.
        label: Chief Editor
    admin:
        description: User-level administrator.
        label: Administrator
    developer:
        description: Developer access. Only required to change system-level settings.
        label: Developer
    guest:
        description: This user can log on, but is not allowed to edit any content.
        label: Guest Editor

# Role hierarchy settings
roles-hierarchy:
    # This will restrict users from being able to add, edit, enable, disable
    # and delete users with the same or higher role than their own.
    # For example:
    # Users with a role of developer can only be added, edited, enabled, disabled
    # and deleted by [ root, admin ] roles.
    manipulate:
        admin: [ ]
        developer: [ admin ]
        chief-editor: [ admin, developer ]
        editor: [ admin, developer, chief-editor ]
        guest: [ admin, developer, chief-editor ]


# Now we'll define some permissions. Each permission comes with a list of roles
# that grant access.

# The first set of permissions are the 'global' permissions; these are not tied
# to any content types, but rather apply to global, non-content activity in
# Bolt's backend. Most of these permissions map directly to backend routes;
# keep in mind, however, that routes do not always correspond to URL paths 1:1.
# The default set defined here is appropriate for most sites, so most likely,
# you will not have to change it.
# Also note that the 'editcontent' and 'overview' routes are special-cased
# inside the code, so they don't appear here.
global:
    about: [ everyone ] # view the 'About Bolt' page
    checks: [ admin, developer ]
    clearcache: [ admin, developer ]
    contentaction: [ editor, admin, developer ]
    dashboard: [ everyone ]
    dbcheck: [ admin, developer ]
    dbupdate: [ admin, developer ]
    dbupdate_result: [ admin, developer ]
    extensions: [ developer ]
    extensions:config: [ developer ]
    fileedit: [ admin, developer ]
    files:config: [ developer ]
    files:hidden: [ developer ]
    files:theme: [ developer ]
    files:uploads: [ admin, developer, chief-editor, editor ]
    files: [ admin, developer, chief-editor, editor ]
    prefill: [ developer ]
    profile: [ everyone ] # edit own profile
    settings: [ admin, developer, everyone ]
    translation: [ developer ]
    useraction: [ admin, developer ] # enable/disable/delete
    useredit: [ admin, developer ] # user settings
    users: [ admin, developer ] # view user overview
    roles: [ admin, developer ] # view the roles overview
    maintenance-mode: [ everyone ] # view the frontend when in maintenance mode
    omnisearch: [ everyone ]
    # Access to the various logs
    changelog: [ admin, developer, chief-editor ]
    systemlog: [ admin, developer ]
    # The following permissions are particularly important: login and postLogin
    # determine who may see and use the login form. If you set them to anything
    # but 'anonymous', only users will be able to log in that are logged in
    # already, which is probably never what you want.
    login: [ anonymous ]
    postLogin: [ anonymous ]
    # Likewise, 'logout' needs to be granted to 'everyone', otherwise people
    # cannot log out anymore.
    logout: [ everyone ]

# For content type related actions, permissions can be set individually for
# each content type. For this, we define three groups of permission sets.
# The 'contenttype-all' permission sets *overrides*; any roles specified here
# will grant a permission for all content types, regardless of the rest of this
# section.
# The 'contenttype-default' contains rules that are used when the desired
# content type does not define a rule for this permission itself.
# The 'contenttypes' section specifies permissions for individual content
# types.
#
# To understand how this works, it may be best to follow the permission checker
# through its decision-making process.
#
# First, it checks whether the current user is in the "root" role; if so, it
# short-circuits and always grants anything unconditionally.
#
# Otherwise, it checks whether any of the current user's roles match any of the
# roles in contenttype-all/{permission}. If so, the search is over, and the
# permission can be granted.
#
# The next step is to find contenttypes/{contenttype}/{permission}. If it is
# found, then the permission can be granted if and only if any of the user's
# roles match any role in contenttypes/{contenttype}/{permission}.
#
# If either contenttypes/{contenttype} or
# contenttypes/{contenttype}/{permission} is absent, the permission checker
# uses contenttype-default/{permission} instead. If any role exists in both the
# user's roles and contenttype-default/{permission}, the permission can be
# granted.
#
# Note especially that an *empty* set of roles in the contenttype section means
# something else than the *absence* of the permission. If the permission is
# defined with an empty role list, it overrides the role list in
# contenttype-default; but if the permission is not mentioned, the
# corresponding entry in contenttype-default applies.
#
# The following permissions are available on a per-contenttype basis:
#
# - edit: allows updating existing records
# - create: allows creating new records
# - publish: allows changing the status of a record to "published", as well as
#            scheduling a record for future publishing
# - depublish: allows changing the status of a record from "published"
# - delete: allows (hard) deletion of records
# - change-ownership: allows changing a record's owner. Note that ownership may
#                     grant additional permissions on a record, so this
#                     permission can indirectly enable users more permissions
#                     in ways that may not be immediately obvious.
# - view: allows viewing records in the backend
contenttype-all:
    edit: [ developer, admin, chief-editor ]
    create: [ developer, admin, chief-editor ]
    publish: [ developer, admin, chief-editor ]
    depublish: [ developer, admin, chief-editor ]
    delete: [ developer, admin ]
    change-ownership: [ developer, admin ]

contenttype-default:
    edit: [ editor ]
    create: [ editor ]
    change-ownership: [ owner ]
    view: [ anonymous ]

contenttypes:

# This is an example of how to define Contenttype specific permissions
#
# contenttypes:
#    # Keys in this dictionary map to keys in the contenttypes.yml specification.
#    showcases:
#        # Rules defined here *override* rules defined in contenttype-default,
#        # but *add* to rules in contenttype-all. This means that permissions
#        # granted through contenttype-all cannot be revoked here, merely
#        # amended.
#
#        # Only the Admin and Chief Editor are allowed to edit records
#        edit: [ admin, chief-editor ]
#        create: [ admin, chief-editor ]
#        publish: [ admin, chief-editor ]
#        depublish: [ admin, chief-editor ]
#        delete: [ admin, chief-editor ]
#        # Roles that can see the area in the admin section
#        view: [ developer, admin, chief-editor ]
#        # Do not expose this content type on the front-end unless user is
#        logged into the backend

Youez - 2016 - github.com/yon3zu
LinuXploit