tracer
/
bindAPI
3
0
Fork 0
Code Issues 2 Pull Requests Projects Releases 15 Wiki Activity

made the default checkPermission always quet

This commit is contained in:
tracer 2023-09-19 18:32:03 +02:00
parent b9925f232f
commit b877c78716
3 changed files with 20 additions and 17 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
composer.json
View File

@ -2,7 +2,7 @@
"name": "24unix/bindapi", "name": "24unix/bindapi",
"description": "manage Bind9 DNS server via REST API", "description": "manage Bind9 DNS server via REST API",
"version": "2023.0.1", "version": "2023.0.1",
"build_number": "322", "build_number": "323",
"authors": [ "authors": [
{ {
"name": "Micha Espey", "name": "Micha Espey",

2
src/Controller/CLIController.php
View File

@ -263,7 +263,7 @@ class CLIController
function runCheckSetup(): void function runCheckSetup(): void
{ {
if (!$this->domainController->checkPermissions(verbose: false)) { if (!$this->domainController->checkPermissions(quiet: true)) {
echo COLOR_RED . 'You need to setup the bindAPI first.' . COLOR_DEFAULT .PHP_EOL; echo COLOR_RED . 'You need to setup the bindAPI first.' . COLOR_DEFAULT .PHP_EOL;
} }

33
src/Controller/DomainController.php
View File

@ -154,76 +154,79 @@ class DomainController
$quiet = $this->configController->getConfig(configKey: 'quiet'); $quiet = $this->configController->getConfig(configKey: 'quiet');
} }
if ($verbose) { // echo 'verbose: ' . ($verbose ? 'true' : 'false') . PHP_EOL;
// echo 'quiet: ' . ($quiet ? 'true' : 'false') . PHP_EOL;
if ($verbose && !$quiet) {
echo 'Checking permissions...' . PHP_EOL; echo 'Checking permissions...' . PHP_EOL;
} }
$uid = posix_geteuid(); $uid = posix_geteuid();
if ($verbose) { if ($verbose && !$quiet) {
echo "UID:\t" . COLOR_YELLOW . $uid . PHP_EOL; echo "UID:\t" . COLOR_YELLOW . $uid . PHP_EOL;
} }
$pwuid = posix_getpwuid(user_id: $uid); $pwuid = posix_getpwuid(user_id: $uid);
$name = $pwuid['name']; $name = $pwuid['name'];
if ($verbose) { if ($verbose && !$quiet) {
echo COLOR_DEFAULT . "Name:\t" . COLOR_YELLOW . $name . PHP_EOL; echo COLOR_DEFAULT . "Name:\t" . COLOR_YELLOW . $name . PHP_EOL;
} }
$bindGroup = posix_getgrnam(name: 'bind'); $bindGroup = posix_getgrnam(name: 'bind');
$members = $bindGroup['members']; $members = $bindGroup['members'];
if (in_array(needle: $name, haystack: $members)) { if (in_array(needle: $name, haystack: $members)) {
if ($verbose) { if ($verbose && !$quiet) {
echo "\t$name" . COLOR_DEFAULT . ' is in group ' . COLOR_YELLOW . 'bind' . PHP_EOL; echo "\t$name" . COLOR_DEFAULT . ' is in group ' . COLOR_YELLOW . 'bind' . PHP_EOL;
} }
} else { } else {
$setupIsValid = false; $setupIsValid = false;
if ($verbose) { if ($verbose && !$quiet) {
echo COLOR_RED . "\t$name needs to be in group " . COLOR_YELLOW . 'bind' . COLOR_DEFAULT . '!' . PHP_EOL; echo COLOR_RED . "\t$name needs to be in group " . COLOR_YELLOW . 'bind' . COLOR_DEFAULT . '!' . PHP_EOL;
} }
} }
if ($verbose) { if ($verbose && !$quiet) {
echo COLOR_DEFAULT . 'Checking ' . COLOR_YELLOW . $this->localZoneFile . PHP_EOL; echo COLOR_DEFAULT . 'Checking ' . COLOR_YELLOW . $this->localZoneFile . PHP_EOL;
} }
$localZoneFilePermissions = @fileperms(filename: $this->localZoneFile); $localZoneFilePermissions = @fileperms(filename: $this->localZoneFile);
if ($localZoneFilePermissions & 0x0010) { if ($localZoneFilePermissions & 0x0010) {
if ($verbose) { if ($verbose && !$quiet) {
echo COLOR_DEFAULT . "\t✅ Group has write access." . PHP_EOL; echo COLOR_DEFAULT . "\t✅ Group has write access." . PHP_EOL;
} }
} else { } else {
$setupIsValid = false; $setupIsValid = false;
if ($verbose) { if ($verbose && !$quiet) {
echo COLOR_RED . "\t❌Group needs write permission!" . COLOR_DEFAULT . PHP_EOL; echo COLOR_RED . "\t❌Group needs write permission!" . COLOR_DEFAULT . PHP_EOL;
} }
} }
if ($verbose) { if ($verbose && !$quiet) {
echo 'Checking ' . COLOR_YELLOW . $this->namedConfLocalFile . PHP_EOL; echo 'Checking ' . COLOR_YELLOW . $this->namedConfLocalFile . PHP_EOL;
} }
if ($namedConfLocal = file_get_contents(filename: $this->namedConfLocalFile)) { if ($namedConfLocal = file_get_contents(filename: $this->namedConfLocalFile)) {
if (!str_contains(haystack: $namedConfLocal, needle: $this->localZoneFile)) { if (!str_contains(haystack: $namedConfLocal, needle: $this->localZoneFile)) {
$setupIsValid = false; $setupIsValid = false;
if ($verbose) { if ($verbose && !$quiet) {
echo "\t$this->localZoneFile" . COLOR_RED . ' needs to be included in ' . COLOR_YELLOW . $this->namedConfLocalFile . PHP_EOL; echo "\t$this->localZoneFile" . COLOR_RED . ' needs to be included in ' . COLOR_YELLOW . $this->namedConfLocalFile . PHP_EOL;
} }
} else { } else {
if ($verbose) { if ($verbose && !$quiet) {
echo "\t$this->localZoneFile" . COLOR_DEFAULT . ' is included in ' . COLOR_YELLOW . $this->namedConfLocalFile . PHP_EOL; echo "\t$this->localZoneFile" . COLOR_DEFAULT . ' is included in ' . COLOR_YELLOW . $this->namedConfLocalFile . PHP_EOL;
} }
} }
} else { } else {
$setupIsValid = false; $setupIsValid = false;
if ($verbose) { if ($verbose && !$quiet) {
echo "\t❌ No access to '$this->namedConfLocalFile' . Please check permissions" . PHP_EOL; echo "\t❌ No access to '$this->namedConfLocalFile' . Please check permissions" . PHP_EOL;
} }
} }
if ($verbose) { if ($verbose && !$quiet) {
echo COLOR_DEFAULT . 'Checking directory: ' . COLOR_YELLOW . $this->localZonesDir . PHP_EOL; echo COLOR_DEFAULT . 'Checking directory: ' . COLOR_YELLOW . $this->localZonesDir . PHP_EOL;
} }
$localZoneDirPermissions = @fileperms(filename: $this->localZonesDir); $localZoneDirPermissions = @fileperms(filename: $this->localZonesDir);
if ($localZoneDirPermissions & 0x0010) { if ($localZoneDirPermissions & 0x0010) {
if ($verbose) { if ($verbose && !$quiet) {
echo "\t✅ Group has write access." . PHP_EOL; echo "\t✅ Group has write access." . PHP_EOL;
} }
} else { } else {
$setupIsValid = false; $setupIsValid = false;
if ($verbose) { if ($verbose && !$quiet) {
echo COLOR_RED . "\t❌Group needs write permission!" . PHP_EOL; echo COLOR_RED . "\t❌Group needs write permission!" . PHP_EOL;
} }
} }