Limit v-change-user-ns only to admin user (#3761)

* Limit v-change-ns only to admin users

* Fix bug with edit user and viewing / deleting logs

* Allow admin always change state

web/add/cron/autoupdate/index.php

@@ -5,7 +5,10 @@ include $_SERVER["DOCUMENT_ROOT"] . "/inc/main.php";
 // Check token
 verify_csrf($_GET);
 
-if ($_SESSION["userContext"] === "admin" && $_SESSION["POLICY_SYSTEM_HIDE_SERVICES"] == "no") {
+if (
+	($_SESSION["userContext"] === "admin" && $_SESSION["POLICY_SYSTEM_HIDE_SERVICES"] == "no") ||
+	$_SESSION["user"] == "admin"
+) {
 	exec(HESTIA_CMD . "v-add-cron-hestia-autoupdate", $output, $return_var);
 	unset($output);
 }

web/delete/cron/autoupdate/index.php

@@ -6,7 +6,10 @@ include $_SERVER["DOCUMENT_ROOT"] . "/inc/main.php";
 // Check token
 verify_csrf($_GET);
 
-if ($_SESSION["userContext"] === "admin" && $_SESSION["POLICY_SYSTEM_HIDE_SERVICES"] == "no") {
+if (
+	($_SESSION["userContext"] === "admin" && $_SESSION["POLICY_SYSTEM_HIDE_SERVICES"] == "no") ||
+	$_SESSION["user"] == "admin"
+) {
 	exec(HESTIA_CMD . "v-delete-cron-hestia-autoupdate", $output, $return_var);
 	unset($output);
 }

web/delete/log/auth/index.php

@@ -52,7 +52,7 @@ unset($_SESSION["ok_msg"]);
 
 // Set correct page reload target
 if ($_SESSION["userContext"] === "admin" && !empty($_GET["user"])) {
-	header("Location: /list/log/auth/?user=$user&token=$token");
+	header("Location: /list/log/auth/?user=" . $_GET["user"] . "&token=$token");
 } else {
 	header("Location: /list/log/auth/");
 }

web/delete/log/index.php

@@ -23,7 +23,7 @@ if ($return_var > 0) {
 	// Set correct page reload target
 	if ($_SESSION["userContext"] === "admin" && !empty($_GET["user"])) {
 		if ($_GET["user"] != "system") {
-			header("Location: /list/log/?user=$user&token=$token");
+			header("Location: /list/log/?user=" . $_GET["user"] . "&token=$token");
 		} else {
 			header("Location: /list/log/?user=system&token=$token");
 		}

web/edit/user/index.php

@@ -452,90 +452,92 @@ if (!empty($_POST["save"])) {
 	}
 
 	if (!empty($_SESSION["DNS_SYSTEM"])) {
-		// Change NameServers
-		if (empty($_POST["v_ns1"])) {
-			$_POST["v_ns1"] = "";
-		}
-		if (empty($_POST["v_ns2"])) {
-			$_POST["v_ns2"] = "";
-		}
-		if (empty($_POST["v_ns3"])) {
-			$_POST["v_ns3"] = "";
-		}
-		if (empty($_POST["v_ns4"])) {
-			$_POST["v_ns4"] = "";
-		}
-		if (empty($_POST["v_ns5"])) {
-			$_POST["v_ns5"] = "";
-		}
-		if (empty($_POST["v_ns6"])) {
-			$_POST["v_ns6"] = "";
-		}
-		if (empty($_POST["v_ns7"])) {
-			$_POST["v_ns7"] = "";
-		}
-		if (empty($_POST["v_ns8"])) {
-			$_POST["v_ns8"] = "";
-		}
-
-		if (
-			$v_ns1 != $_POST["v_ns1"] ||
-			$v_ns2 != $_POST["v_ns2"] ||
-			$v_ns3 != $_POST["v_ns3"] ||
-			$v_ns4 != $_POST["v_ns4"] ||
-			$v_ns5 != $_POST["v_ns5"] ||
-			$v_ns6 != $_POST["v_ns6"] ||
-			$v_ns7 != $_POST["v_ns7"] ||
-			($v_ns8 != $_POST["v_ns8"] &&
-				empty($_SESSION["error_msg"] && !empty($_POST["v_ns1"]) && $_POST["v_ns2"]))
-		) {
-			$v_ns1 = quoteshellarg($_POST["v_ns1"]);
-			$v_ns2 = quoteshellarg($_POST["v_ns2"]);
-			$v_ns3 = quoteshellarg($_POST["v_ns3"]);
-			$v_ns4 = quoteshellarg($_POST["v_ns4"]);
-			$v_ns5 = quoteshellarg($_POST["v_ns5"]);
-			$v_ns6 = quoteshellarg($_POST["v_ns6"]);
-			$v_ns7 = quoteshellarg($_POST["v_ns7"]);
-			$v_ns8 = quoteshellarg($_POST["v_ns8"]);
-
-			$ns_cmd =
-				HESTIA_CMD .
-				"v-change-user-ns " .
-				quoteshellarg($v_username) .
-				" " .
-				$v_ns1 .
-				" " .
-				$v_ns2;
-			if (!empty($_POST["v_ns3"])) {
-				$ns_cmd = $ns_cmd . " " . $v_ns3;
+		if ($_SESSION["userContext"] === "admin") {
+			// Change NameServers
+			if (empty($_POST["v_ns1"])) {
+				$_POST["v_ns1"] = "";
 			}
-			if (!empty($_POST["v_ns4"])) {
-				$ns_cmd = $ns_cmd . " " . $v_ns4;
+			if (empty($_POST["v_ns2"])) {
+				$_POST["v_ns2"] = "";
 			}
-			if (!empty($_POST["v_ns5"])) {
-				$ns_cmd = $ns_cmd . " " . $v_ns5;
+			if (empty($_POST["v_ns3"])) {
+				$_POST["v_ns3"] = "";
 			}
-			if (!empty($_POST["v_ns6"])) {
-				$ns_cmd = $ns_cmd . " " . $v_ns6;
+			if (empty($_POST["v_ns4"])) {
+				$_POST["v_ns4"] = "";
 			}
-			if (!empty($_POST["v_ns7"])) {
-				$ns_cmd = $ns_cmd . " " . $v_ns7;
+			if (empty($_POST["v_ns5"])) {
+				$_POST["v_ns5"] = "";
 			}
-			if (!empty($_POST["v_ns8"])) {
-				$ns_cmd = $ns_cmd . " " . $v_ns8;
+			if (empty($_POST["v_ns6"])) {
+				$_POST["v_ns6"] = "";
+			}
+			if (empty($_POST["v_ns7"])) {
+				$_POST["v_ns7"] = "";
+			}
+			if (empty($_POST["v_ns8"])) {
+				$_POST["v_ns8"] = "";
 			}
-			exec($ns_cmd, $output, $return_var);
-			check_return_code($return_var, $output);
-			unset($output);
 
-			$v_ns1 = str_replace("'", "", $v_ns1);
-			$v_ns2 = str_replace("'", "", $v_ns2);
-			$v_ns3 = str_replace("'", "", $v_ns3);
-			$v_ns4 = str_replace("'", "", $v_ns4);
-			$v_ns5 = str_replace("'", "", $v_ns5);
-			$v_ns6 = str_replace("'", "", $v_ns6);
-			$v_ns7 = str_replace("'", "", $v_ns7);
-			$v_ns8 = str_replace("'", "", $v_ns8);
+			if (
+				$v_ns1 != $_POST["v_ns1"] ||
+				$v_ns2 != $_POST["v_ns2"] ||
+				$v_ns3 != $_POST["v_ns3"] ||
+				$v_ns4 != $_POST["v_ns4"] ||
+				$v_ns5 != $_POST["v_ns5"] ||
+				$v_ns6 != $_POST["v_ns6"] ||
+				$v_ns7 != $_POST["v_ns7"] ||
+				($v_ns8 != $_POST["v_ns8"] &&
+					empty($_SESSION["error_msg"] && !empty($_POST["v_ns1"]) && $_POST["v_ns2"]))
+			) {
+				$v_ns1 = quoteshellarg($_POST["v_ns1"]);
+				$v_ns2 = quoteshellarg($_POST["v_ns2"]);
+				$v_ns3 = quoteshellarg($_POST["v_ns3"]);
+				$v_ns4 = quoteshellarg($_POST["v_ns4"]);
+				$v_ns5 = quoteshellarg($_POST["v_ns5"]);
+				$v_ns6 = quoteshellarg($_POST["v_ns6"]);
+				$v_ns7 = quoteshellarg($_POST["v_ns7"]);
+				$v_ns8 = quoteshellarg($_POST["v_ns8"]);
+
+				$ns_cmd =
+					HESTIA_CMD .
+					"v-change-user-ns " .
+					quoteshellarg($v_username) .
+					" " .
+					$v_ns1 .
+					" " .
+					$v_ns2;
+				if (!empty($_POST["v_ns3"])) {
+					$ns_cmd = $ns_cmd . " " . $v_ns3;
+				}
+				if (!empty($_POST["v_ns4"])) {
+					$ns_cmd = $ns_cmd . " " . $v_ns4;
+				}
+				if (!empty($_POST["v_ns5"])) {
+					$ns_cmd = $ns_cmd . " " . $v_ns5;
+				}
+				if (!empty($_POST["v_ns6"])) {
+					$ns_cmd = $ns_cmd . " " . $v_ns6;
+				}
+				if (!empty($_POST["v_ns7"])) {
+					$ns_cmd = $ns_cmd . " " . $v_ns7;
+				}
+				if (!empty($_POST["v_ns8"])) {
+					$ns_cmd = $ns_cmd . " " . $v_ns8;
+				}
+				exec($ns_cmd, $output, $return_var);
+				check_return_code($return_var, $output);
+				unset($output);
+
+				$v_ns1 = str_replace("'", "", $v_ns1);
+				$v_ns2 = str_replace("'", "", $v_ns2);
+				$v_ns3 = str_replace("'", "", $v_ns3);
+				$v_ns4 = str_replace("'", "", $v_ns4);
+				$v_ns5 = str_replace("'", "", $v_ns5);
+				$v_ns6 = str_replace("'", "", $v_ns6);
+				$v_ns7 = str_replace("'", "", $v_ns7);
+				$v_ns8 = str_replace("'", "", $v_ns8);
+			}
 		}
 	}
 

web/templates/pages/edit_user.php

@@ -7,10 +7,10 @@
 			</a>
 			<?php
 				if (($_SESSION['userContext'] === 'admin') && (!isset($_SESSION['look'])) && ($_SESSION['user'] !== $v_username)) {
-					$ssh_key_url = "/list/key/?user=".htmlentities($user_plain)."&token=".$_SESSION['token']."";
-					$log_url = "/list/log/?user=".htmlentities($user_plain)."&token=".$_SESSION['token']."";
-					$keys_url = "/list/access-key/?user=".htmlentities($user_plain)."&token=".$_SESSION['token']."";
-				} else {
+					$ssh_key_url = "/list/key/?user=".htmlentities($_GET['user'])."&token=".$_SESSION['token']."";
+					$log_url = "/list/log/?user=".htmlentities($_GET['user'])."&token=".$_SESSION['token']."";
+					$keys_url = "/list/access-key/?user=".htmlentities($_GET['user'])."&token=".$_SESSION['token']."";
+				}else{
 					$ssh_key_url = "/list/key/";
 					$log_url = "/list/log/";
 					$keys_url = "/list/access-key/";