add permission check
This commit is contained in:
parent
68dac0e406
commit
ed2a50f4ae
|
@ -23,7 +23,20 @@ class HostController extends AppController {
|
||||||
|
|
||||||
// an interface to individually control the various ZM daemons
|
// an interface to individually control the various ZM daemons
|
||||||
// invocation: https://server/zm/api/host/daemonControl/<daemon>.pl/<command>.json
|
// invocation: https://server/zm/api/host/daemonControl/<daemon>.pl/<command>.json
|
||||||
|
// note that this API is only for interaction with a specific
|
||||||
|
// daemon. zmdc also allows other functions like logrot/etc
|
||||||
public function daemonControl($daemon_name, $command) {
|
public function daemonControl($daemon_name, $command) {
|
||||||
|
global $user;
|
||||||
|
if ($command == 'check' || $command == 'status') {
|
||||||
|
$permission = 'View';
|
||||||
|
} else {
|
||||||
|
$permission = 'Edit';
|
||||||
|
}
|
||||||
|
$allowed = (!$user) || ($user['System'] == $permission );
|
||||||
|
if ( !$allowed ) {
|
||||||
|
throw new UnauthorizedException(__("Insufficient privileges"));
|
||||||
|
return;
|
||||||
|
}
|
||||||
$string = ZM_PATH_BIN."/zmdc.pl $command $daemon_name";
|
$string = ZM_PATH_BIN."/zmdc.pl $command $daemon_name";
|
||||||
$result = exec($string);
|
$result = exec($string);
|
||||||
$this->set(array(
|
$this->set(array(
|
||||||
|
|
Loading…
Reference in New Issue