Merge pull request #1649 from webmin/dev/user-modes-tester

Add unobtrusive way to test if user is privileged; separate RPC logic
2026-03-20 08:40:24 +00:00 · 2022-05-28 13:42:28 -07:00
parent e500398a23 7f2d442374
commit 8f9e1cbfc5
4 changed files with 81 additions and 11 deletions
--- a/WebminCore.pm
+++ b/WebminCore.pm
--- a/fastrpc.cgi
+++ b/fastrpc.cgi
@@ -13,7 +13,7 @@ $force_lang = $default_lang;
 print "Content-type: text/plain\n\n";

 # Can this user make remote calls?
-if (!&webmin_user_is_admin()) {
+if (!&webmin_user_can_rpc()) {
 	print "0 Invalid user for RPC\n";
 	exit;
 	}
--- a/rpc.cgi
+++ b/rpc.cgi
@@ -27,7 +27,7 @@ $| = 1;
 print "Content-type: text/plain\n\n";

 # Can this user make remote calls?
-if (!&webmin_user_is_admin()) {
+if (!&webmin_user_can_rpc()) {
 	print &serialise_variable( { 'status' => 0 } );
 	exit;
 	}
--- a/web-lib-funcs.pl
+++ b/web-lib-funcs.pl
@@ -12118,18 +12118,88 @@ my ($variable, $scope) = @_;
 return &globals('delete', $variable, $scope);
 }

-# webmin_user_is_admin([username])
-# Returns 1 if the given user should be considered fully trusted
-sub webmin_user_is_admin
+# webmin_user_can_rpc()
+# Returns 1 if the given user can make remote calls
+sub webmin_user_can_rpc
 {
-my ($user) = @_;
-$user ||= $base_remote_user;
-my %access = &get_module_acl($user, "");
+my $u = $base_remote_user;
+my %access = &get_module_acl($u, "");
 return 1 if ($access{'rpc'} == 1);	# Can make arbitary RPC calls
 return 0 if ($access{'rpc'} == 0);	# Cannot make RPCs

-# Assume that standard admin usernames are root-capable as a fallback
-return $user eq 'admin' || $user eq 'root' || $user eq 'sysadm';
+# Assume that standard admin usernames
+# are root-capable as a fallback
+return $u eq 'root' ||
+       $u eq 'admin' ||
+       $u eq 'sysadm';
+}
+
+# webmin_user_login_mode()
+# Returns currently logged in user mode
+sub webmin_user_login_mode
+{
+# Default mode
+my $mode = 'root';
+
+# Check for foreign modules
+my $foreign_virtual_server
+    = &foreign_available("virtual-server");
+&foreign_require("virtual-server")
+    if ($foreign_virtual_server);
+my $foreign_server_manager
+    = &foreign_available("server-manager");
+&foreign_require("server-manager")
+    if ($foreign_server_manager);
+
+# Get current user and base user global permissions
+my %uaccess = &get_module_acl($remote_user, "");
+my %access = &get_module_acl($base_remote_user, "");
+
+# Check if mode must be restricted
+if ($base_remote_user !~ /^(root|admin|sysadm)$/) {
+	if ($uaccess{'_safe'} == 1 || $access{'_safe'} == 1 ||
+	    $uaccess{'rpc'} == 0 || $access{'rpc'} == 0) {
+			# Safe Webmin user
+	        $mode = 'safe-user';
+	    }
+    }
+if (&get_product_name() eq "usermin") {
+	# Usermin user
+    $mode = 'mail-user';
+    }
+if ($foreign_server_manager) {
+	# Cloudmin machine owner
+    $mode = 'cloud-owner'
+        if ($server_manager::access{'owner'});
+    }
+elsif ($foreign_virtual_server) {
+    $mode =
+      &virtual_server::reseller_admin() ?
+      	# Virtualmin reseller or owner
+        'virtual-reseller' : 'virtual-owner'
+            if (!&virtual_server::master_admin());
+    }
+return $mode;
+}
+
+# webmin_user_is_admin()
+# Returns 1 if currently logged in user is an admin
+sub webmin_user_is_admin
+{
+return &webmin_user_login_mode() eq 'root';
+}
+
+# webmin_user_is()
+# Returns 1 if currently logged in user belongs to one
+# of the requested types: root, safe-user, mail-user,
+# cloud-owner, virtual-reseller, virtual-reseller
+# Simply a convenience wrapper function
+sub webmin_user_is
+{
+my ($user_type) = @_;
+
+# Test mode
+return &webmin_user_login_mode() eq $user_type;
 }

 $done_web_lib_funcs = 1;