/** * Determine if a user has root access * * @return True if the user has root access, false otherwise */ function isRootAcess() { if (is_logged() && $_SESSION["xcatpassvalid"]) { $testacc = docmd('tabdump', '', array('policy', '-w', "name==" . $_SESSION["username"]), array()); if (isset($testacc->{'xcatresponse'}->{'data'}->{1})) { $result = $testacc->{'xcatresponse'}->{'data'}->{1}; $result = str_replace('"', '', $result); $args = array(); $args = explode(",", $result); // Get the comments which contains the privilege $comments = $args[8]; $args = explode(";", $comments); // Default privilege is guest $privilege = 'guest'; $_SESSION["xcatpassvalid"] = 0; foreach ($args as $arg) { // Get user privilege if ($arg && is_numeric(strpos($arg, "privilege"))) { if (is_numeric(strpos($arg, "root"))) { // Set privilege to root $privilege = 'root'; $_SESSION["xcatpassvalid"] = 1; } break; } } } } if (strcmp($_SESSION["username"], 'root') == 0 || strcmp($_SESSION["username"], 'admin') == 0) { $_SESSION["xcatpassvalid"] = 1; } if (isset($_SESSION["xcatpassvalid"]) and $_SESSION["xcatpassvalid"] == 1) { return true; } else { return false; } }
/** * Determine if a user is currently logged in successfully * * @return True if the user is currently logged in successfully, false otherwise */ function isAuthenticated() { if (is_logged()) { if ($_SESSION["srv_xcatpassvalid"] != 1) { $testcred = docmd("authcheck", "", NULL, NULL); if (isset($testcred->{'xcatresponse'}->{'data'})) { $result = "" . $testcred->{'xcatresponse'}->{'data'}; if (is_numeric(strpos("Authenticated", $result))) { // Logged in successfully $_SESSION["srv_xcatpassvalid"] = 1; } else { // Not logged in $_SESSION["srv_xcatpassvalid"] = 0; } } } } if (isset($_SESSION["srv_xcatpassvalid"]) and $_SESSION["srv_xcatpassvalid"] == 1) { return true; } else { return false; } }
$opts_array = explode("|", $opts); } if (strpos($opts, ";")) { // Split the arguments into an array $opts_array = array(); $opts_array = explode(";", $opts); } else { $opts_array = array($opts); } } // Time needed to update /etc/hosts if (strncasecmp($cmd, "makehosts", 9) == 0) { sleep(5); } // Submit request and get response $xml = docmd($cmd, $tgt, $args_array, $opts_array); // If the output is flushed, do not return output in JSON if (in_array("flush", $opts_array)) { return; } $rsp = array(); // webrun pping and gangliastatus output needs special handling if (strncasecmp($cmd, "webrun", 6) == 0 && (stristr($args, "pping") || stristr($args, "gangliastatus") || stristr($args, "chtab"))) { $rsp = extractWebrun($xml); } else { if (strncasecmp($cmd, "nodels", 6) == 0) { // Handle the output the same way as webrun $rsp = extractNodels($xml); } else { if (strncasecmp($cmd, "extnoderange", 12) == 0) { $rsp = extractExtnoderange($xml);
if (strncasecmp($cmd, "xdsh", 4) == 0) { // Directory /var/tmp permissions = 777 // You can write anything to that directory $msgArgs = explode(";", $msg); $inst = str_replace("out=scriptStatusBar", "", $msgArgs[0]); $script = "/var/tmp/script{$inst}.sh"; // Write to file $handle = fopen($script, 'w') or die("Cannot open {$script}"); fwrite($handle, $att); fclose($handle); // Change it to executable chmod($script, 0777); // CLI command: xdsh gpok3 -e /var/tmp/gpok3.sh // Create user entry array_push($arr, $script); $xml = docmd($cmd, $tgt, $arr, NULL); foreach ($xml->children() as $child) { foreach ($child->children() as $data) { $data = str_replace(":|:", "\n", $data); array_push($rsp, "{$data}"); } } // Remove this file unlink($script); } } } // Reply in the form of JSON $rtn = array("rsp" => $rsp, "msg" => $msg); echo json_encode($rtn); }