From 93bbf33c3e1e0d1a4ce6005824276188cdc17445 Mon Sep 17 00:00:00 2001
From: Hai Zheng <hai.zheng@litespeedtech.com>
Date: Mon, 13 Jan 2025 16:45:43 -0500
Subject: [PATCH] v7.0-b31: * **Crawler** Enhanced Role Simulator security by
 disallowing editor or above access in settings.

---
 litespeed-cache.php        |  4 ++--
 readme.txt                 |  1 +
 src/admin-settings.cls.php | 18 ++++++++++++++----
 3 files changed, 17 insertions(+), 6 deletions(-)

diff --git a/litespeed-cache.php b/litespeed-cache.php
index 03bb63f67..459f99071 100644
--- a/litespeed-cache.php
+++ b/litespeed-cache.php
@@ -4,7 +4,7 @@
  * Plugin Name:       LiteSpeed Cache
  * Plugin URI:        https://www.litespeedtech.com/products/cache-plugins/wordpress-acceleration
  * Description:       High-performance page caching and site optimization from LiteSpeed
- * Version:           7.0-b30
+ * Version:           7.0-b31
  * Author:            LiteSpeed Technologies
  * Author URI:        https://www.litespeedtech.com
  * License:           GPLv3
@@ -34,7 +34,7 @@
 	return;
 }
 
-!defined('LSCWP_V') && define('LSCWP_V', '7.0-b30');
+!defined('LSCWP_V') && define('LSCWP_V', '7.0-b31');
 
 !defined('LSCWP_CONTENT_DIR') && define('LSCWP_CONTENT_DIR', WP_CONTENT_DIR);
 !defined('LSCWP_DIR') && define('LSCWP_DIR', __DIR__ . '/'); // Full absolute path '/var/www/html/***/wp-content/plugins/litespeed-cache/' or MU
diff --git a/readme.txt b/readme.txt
index 5cbe07286..481a2c991 100644
--- a/readme.txt
+++ b/readme.txt
@@ -281,6 +281,7 @@ You can report security bugs through the Patchstack Vulnerability Disclosure Pro
 * **ESI** Added Elementor nonces (jujube0ajluxl PR#736)
 * **Crawler** Enhanced hash generation function for cryptographic security.
 * **Crawler** Added back `Role Simulator` w/ IP limited to `127.0.0.1` only.
+* **Crawler** Enhanced Role Simulator security by disallowing editor or above access in settings.
 * **Crawler** Defaulted and limited crawler `Run Duration` maximum to 900 seconds and dropped the setting.
 * **Crawler** Crawler will be stopped when load limit setting is 0.
 * **Crawler** Used `127.0.0.1` instead of server IP setting for DNS resolve when crawling.
diff --git a/src/admin-settings.cls.php b/src/admin-settings.cls.php
index 5e9bf4f82..6e1631782 100644
--- a/src/admin-settings.cls.php
+++ b/src/admin-settings.cls.php
@@ -85,6 +85,18 @@ public function save($raw_data)
 				$data2 = array_key_exists($id, $the_matrix) ? $the_matrix[$id] : (defined('WP_CLI') && WP_CLI ? $this->conf($id) : array());
 			}
 			switch ($id) {
+				case self::O_CRAWLER_ROLES: // Don't allow Editor/admin to be used in crawler role simulator
+					$data = Utility::sanitize_lines($data);
+					if ($data) {
+						foreach ($data as $k => $v) {
+							if (user_can($v, 'edit_posts')) {
+								$msg = sprintf(__('The user id %s has the editor access, it is not allowed to be used as role simulator.', 'litespeed-cache'), '<code>' . $v . '</code>');
+								Admin_Display::error($msg);
+								unset($data[$k]);
+							}
+						}
+					}
+					break;
 				case self::O_CDN_MAPPING:
 					/**
 					 * CDN setting
@@ -161,8 +173,7 @@ public function save($raw_data)
 					$data = $data2;
 					break;
 
-				// Cache exclude cat
-				case self::O_CACHE_EXC_CAT:
+				case self::O_CACHE_EXC_CAT: // Cache exclude cat
 					$data2 = array();
 					$data = Utility::sanitize_lines($data);
 					foreach ($data as $v) {
@@ -176,8 +187,7 @@ public function save($raw_data)
 					$data = $data2;
 					break;
 
-				// Cache exclude tag
-				case self::O_CACHE_EXC_TAG:
+				case self::O_CACHE_EXC_TAG: // Cache exclude tag
 					$data2 = array();
 					$data = Utility::sanitize_lines($data);
 					foreach ($data as $v) {