From 33dd5453aebe0a830b420866989a87e528e1589c Mon Sep 17 00:00:00 2001
From: Madhu S R <madhu.sr@vtigersolutions.com>
Date: Sat, 6 Apr 2024 11:57:11 +0530
Subject: [PATCH] #Fixes::156587563::madhusr::Allowing to create duplicate role
 from Burpsuite POST request

---
 .gitignore                              | 1 +
 modules/Settings/Roles/actions/Save.php | 4 ++++
 2 files changed, 5 insertions(+)

diff --git a/.gitignore b/.gitignore
index 1b58a9326..585abce2b 100644
--- a/.gitignore
+++ b/.gitignore
@@ -1,2 +1,3 @@
 vendor/*
 !vendor/.htaccess
+.vscode/*
\ No newline at end of file
diff --git a/modules/Settings/Roles/actions/Save.php b/modules/Settings/Roles/actions/Save.php
index 62124df5d..5b2587ea4 100644
--- a/modules/Settings/Roles/actions/Save.php
+++ b/modules/Settings/Roles/actions/Save.php
@@ -25,6 +25,10 @@ class Settings_Roles_Save_Action extends Vtiger_Action_Controller {
 		$recordId = $request->get('record');
 		$roleName = $request->get('rolename');
 		$allowassignedrecordsto = $request->get('allowassignedrecordsto');
+		$duplicate = Settings_Roles_Record_Model::getInstanceByName($roleName,array($recordId));
+		if($duplicate) {
+			throw new Exception(vtranslate('LBL_DUPLICATES_EXIST',$request->getModule(false)));
+		}
 
 		$moduleModel = Settings_Vtiger_Module_Model::getInstance($qualifiedModuleName);
 		if(!empty($recordId)) {
-- 
GitLab