add permission check

This commit is contained in:
Pliable Pixels 2021-01-23 16:18:40 -05:00
parent 68dac0e406
commit ed2a50f4ae
1 changed files with 13 additions and 0 deletions

View File

@ -23,7 +23,20 @@ class HostController extends AppController {
// an interface to individually control the various ZM daemons // an interface to individually control the various ZM daemons
// invocation: https://server/zm/api/host/daemonControl/<daemon>.pl/<command>.json // invocation: https://server/zm/api/host/daemonControl/<daemon>.pl/<command>.json
// note that this API is only for interaction with a specific
// daemon. zmdc also allows other functions like logrot/etc
public function daemonControl($daemon_name, $command) { public function daemonControl($daemon_name, $command) {
global $user;
if ($command == 'check' || $command == 'status') {
$permission = 'View';
} else {
$permission = 'Edit';
}
$allowed = (!$user) || ($user['System'] == $permission );
if ( !$allowed ) {
throw new UnauthorizedException(__("Insufficient privileges"));
return;
}
$string = ZM_PATH_BIN."/zmdc.pl $command $daemon_name"; $string = ZM_PATH_BIN."/zmdc.pl $command $daemon_name";
$result = exec($string); $result = exec($string);
$this->set(array( $this->set(array(