From dfb844cacfb0a67b654be4639824be5fb993b8ec Mon Sep 17 00:00:00 2001 From: phamt Date: Fri, 3 Feb 2012 18:22:33 +0000 Subject: [PATCH] Added check for user privileges. git-svn-id: https://svn.code.sf.net/p/xcat/code/xcat-core/trunk@11469 8638fb3e-16cb-4fca-ae20-7b5d299a9bcd --- xCAT-UI/js/service/service.js | 4 +-- xCAT-UI/lib/cmd.php | 2 +- xCAT-UI/lib/functions.php | 48 +++++++++++++++++++++++++++++++++++ xCAT-UI/lib/log.php | 2 +- 4 files changed, 52 insertions(+), 4 deletions(-) diff --git a/xCAT-UI/js/service/service.js b/xCAT-UI/js/service/service.js index 49bc12b9c..8776e2de9 100644 --- a/xCAT-UI/js/service/service.js +++ b/xCAT-UI/js/service/service.js @@ -1003,8 +1003,8 @@ function setOSImageCookies(data) { var osArch = cols[osarchPos].replace(new RegExp('"', 'g'), ''); var osComments = cols[comments].replace(new RegExp('"', 'g'), ''); - // Only save compute profile and install boot - if (profile.indexOf('compute') > -1 && provMethod.indexOf('install') > -1) { + // Only save install boot + if (provMethod.indexOf('install') > -1) { if (!osComments) osComments = 'No descritption'; imageNames.push(osImage + ':' + osComments); diff --git a/xCAT-UI/lib/cmd.php b/xCAT-UI/lib/cmd.php index 21d8de3a2..7fde777f3 100644 --- a/xCAT-UI/lib/cmd.php +++ b/xCAT-UI/lib/cmd.php @@ -91,7 +91,7 @@ if (isset($_GET["cmd"])) { foreach ($xml->children() as $child) { foreach ($child->children() as $data) { if($data->name) { - $node = $data->name; + $node = $data->name; if ($data->data->contents) { $cont = $data->data->contents; diff --git a/xCAT-UI/lib/functions.php b/xCAT-UI/lib/functions.php index 14ebc052c..c1e23b5eb 100644 --- a/xCAT-UI/lib/functions.php +++ b/xCAT-UI/lib/functions.php @@ -289,6 +289,54 @@ function isAuthenticated() { } } +/** +* Determine if a user has root access +* +* @param Nothing +* @return True If the user has root access +* False Otherwise +*/ +function isRootAcess() { + if (is_logged() && $_SESSION["xcatpassvalid"]) { + $testacc = docmd('tabdump', '', array('policy', '-w', "name==" . $_SESSION["username"]), array()); + if (isset($testacc->{'xcatresponse'}->{'data'}->{1})) { + $result = $testacc->{'xcatresponse'}->{'data'}->{1}; + $result = str_replace('"', '', $result); + $args = array(); + $args = explode(",", $result); + + // Get the comments which contains the privilege + $comments = $args[8]; + $args = explode(";", $comments); + // Default privilege is guest + $privilege = 'guest'; + $_SESSION["xcatpassvalid"] = 0; + foreach ($args as $arg) { + // Get user privilege + if ($arg && is_numeric(strpos($arg, "privilege"))) { + if (is_numeric(strpos($arg, "root"))) { + // Set privilege to root + $privilege = 'root'; + $_SESSION["xcatpassvalid"] = 1; + } + + break; + } + } + } + } + + if (strcmp($_SESSION["username"], 'root') == 0) { + $_SESSION["xcatpassvalid"] = 1; + } + + if (isset($_SESSION["xcatpassvalid"]) and $_SESSION["xcatpassvalid"]==1) { + return true; + } else { + return false; + } +} + /** * Log out of the current user session * diff --git a/xCAT-UI/lib/log.php b/xCAT-UI/lib/log.php index 6e20b34d8..5d30b04ac 100644 --- a/xCAT-UI/lib/log.php +++ b/xCAT-UI/lib/log.php @@ -30,7 +30,7 @@ if (isset($_REQUEST["username"])) { } $jdata = array(); -if (isAuthenticated()) { +if (isAuthenticated() && isRootAcess()) { $jdata["authenticated"]="yes"; } else { $jdata["authenticated"]="no";