tyler.durden/pandorafms
1
0
Fork 0
mirror of https://github.com/pandorafms/pandorafms.git synced 2025-07-31 01:35:36 +02:00
Code Issues Packages Projects Releases Wiki Activity

Api asign admin status to server api calls instead assignin user admin

Browse Source
This commit is contained in:
Calvo 2023-10-09 18:08:30 +02:00
parent 116702e2b3
commit 44fa1c5cdc
1 changed files with 8 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
pandora_console/include/api.php
View File

@ -124,18 +124,22 @@ if (empty($apiPassword) === true
) { ) {
// Allow internal direct node -> metaconsole connection // Allow internal direct node -> metaconsole connection
// or node -> own console connection. // or node -> own console connection.
$server_uid = get_parameter(('server_auth'));
$config['__internal_call'] = true; $config['__internal_call'] = true;
$config['id_usuario'] = 'admin'; $config['id_usuario'] = $server_uid;
// Compat. // Compat.
$config['id_user'] = 'admin'; $config['id_user'] = $server_uid;
$correctLogin = true; $correctLogin = true;
$config['is_admin'][$server_uid] = true;
// Bypass credentials if server-auth and api-pass are correct. // Bypass credentials if server-auth and api-pass are correct.
} else if (($config['server_unique_identifier'] === get_parameter('server_auth')) } else if (($config['server_unique_identifier'] === get_parameter('server_auth'))
&& ($api_password === $apiPassword) && ($api_password === $apiPassword)
&& ((bool) isInACL($ipOrigin) === true) && ((bool) isInACL($ipOrigin) === true)
) { ) {
$config['id_usuario'] = 'admin'; $server_uid = get_parameter(('server_auth'));
$config['id_user'] = 'admin'; $config['id_usuario'] = $server_uid;
$config['id_user'] = $server_uid;
$config['is_admin'][$server_uid] = true;
$correctLogin = true; $correctLogin = true;
} else if ((bool) isInACL($ipOrigin) === true) { } else if ((bool) isInACL($ipOrigin) === true) {
// External access. // External access.