/**
* Determine if a user has root access
*
* @return True if the user has root access, false otherwise
*/
function isRootAcess()
{
if (is_logged() && $_SESSION["xcatpassvalid"]) {
$testacc = docmd('tabdump', '', array('policy', '-w', "name==" . $_SESSION["username"]), array());
if (isset($testacc->{'xcatresponse'}->{'data'}->{1})) {
$result = $testacc->{'xcatresponse'}->{'data'}->{1};
$result = str_replace('"', '', $result);
$args = array();
$args = explode(",", $result);
// Get the comments which contains the privilege
$comments = $args[8];
$args = explode(";", $comments);
// Default privilege is guest
$privilege = 'guest';
$_SESSION["xcatpassvalid"] = 0;
foreach ($args as $arg) {
// Get user privilege
if ($arg && is_numeric(strpos($arg, "privilege"))) {
if (is_numeric(strpos($arg, "root"))) {
// Set privilege to root
$privilege = 'root';
$_SESSION["xcatpassvalid"] = 1;
}
break;
}
}
}
}
if (strcmp($_SESSION["username"], 'root') == 0 || strcmp($_SESSION["username"], 'admin') == 0) {
$_SESSION["xcatpassvalid"] = 1;
}
if (isset($_SESSION["xcatpassvalid"]) and $_SESSION["xcatpassvalid"] == 1) {
return true;
} else {
return false;
}
}
/**
* Determine if a user is currently logged in successfully
*
* @return True if the user is currently logged in successfully, false otherwise
*/
function isAuthenticated()
{
if (is_logged()) {
if ($_SESSION["srv_xcatpassvalid"] != 1) {
$testcred = docmd("authcheck", "", NULL, NULL);
if (isset($testcred->{'xcatresponse'}->{'data'})) {
$result = "" . $testcred->{'xcatresponse'}->{'data'};
if (is_numeric(strpos("Authenticated", $result))) {
// Logged in successfully
$_SESSION["srv_xcatpassvalid"] = 1;
} else {
// Not logged in
$_SESSION["srv_xcatpassvalid"] = 0;
}
}
}
}
if (isset($_SESSION["srv_xcatpassvalid"]) and $_SESSION["srv_xcatpassvalid"] == 1) {
return true;
} else {
return false;
}
}
$opts_array = explode("|", $opts);
}
if (strpos($opts, ";")) {
// Split the arguments into an array
$opts_array = array();
$opts_array = explode(";", $opts);
} else {
$opts_array = array($opts);
}
}
// Time needed to update /etc/hosts
if (strncasecmp($cmd, "makehosts", 9) == 0) {
sleep(5);
}
// Submit request and get response
$xml = docmd($cmd, $tgt, $args_array, $opts_array);
// If the output is flushed, do not return output in JSON
if (in_array("flush", $opts_array)) {
return;
}
$rsp = array();
// webrun pping and gangliastatus output needs special handling
if (strncasecmp($cmd, "webrun", 6) == 0 && (stristr($args, "pping") || stristr($args, "gangliastatus") || stristr($args, "chtab"))) {
$rsp = extractWebrun($xml);
} else {
if (strncasecmp($cmd, "nodels", 6) == 0) {
// Handle the output the same way as webrun
$rsp = extractNodels($xml);
} else {
if (strncasecmp($cmd, "extnoderange", 12) == 0) {
$rsp = extractExtnoderange($xml);
if (strncasecmp($cmd, "xdsh", 4) == 0) {
// Directory /var/tmp permissions = 777
// You can write anything to that directory
$msgArgs = explode(";", $msg);
$inst = str_replace("out=scriptStatusBar", "", $msgArgs[0]);
$script = "/var/tmp/script{$inst}.sh";
// Write to file
$handle = fopen($script, 'w') or die("Cannot open {$script}");
fwrite($handle, $att);
fclose($handle);
// Change it to executable
chmod($script, 0777);
// CLI command: xdsh gpok3 -e /var/tmp/gpok3.sh
// Create user entry
array_push($arr, $script);
$xml = docmd($cmd, $tgt, $arr, NULL);
foreach ($xml->children() as $child) {
foreach ($child->children() as $data) {
$data = str_replace(":|:", "\n", $data);
array_push($rsp, "{$data}");
}
}
// Remove this file
unlink($script);
}
}
}
// Reply in the form of JSON
$rtn = array("rsp" => $rsp, "msg" => $msg);
echo json_encode($rtn);
}
