[horde] alarms - permission denied

Jan Schneider jan at horde.org
Mon Mar 17 23:17:37 UTC 2008


Zitat von Michael Redinger <Michael.Redinger at uibk.ac.at>:

> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
>
>
> Jan Schneider wrote:
>> Zitat von Michael Redinger <Michael.Redinger at uibk.ac.at>:
>>
>>> ok, I tried to track this down:
>>>
>>> I call the alarm script eg. as root like this:
>>>
>>> /usr/bin/php /var/www/html/horde/admin/alarms.php
>>>
>>> alarms.php checks if the user has admin permissions:
>>> if (!Auth::isAdmin()) {
>>>     Horde::authenticationFailureRedirect();
>>> }
>>
>> These lines don't exist in alarms.php.
>
> Oops, sorry, at some point I got the file wrong (admin/alarms.php
> instead of scripts/alarm.php).
> However, the problem is real, "only" the description was wrong ... And
> if I read the code correctly, the question stays the same:
> How should the session be set correctly by the alarm script if called
> from the command line?
> Back to scripts/alarms.php:
>
> I tracked the problem down to kronolith/lib/api.php, function
> _kronolith_listAlarms($time, $user = null) (same for nag):
>
> $current_user = Auth::getAuth();
> if ((empty($user) || $user != $current_user) && !Auth::isAdmin()) {
>
> If I read the code correctly, scripts/alarms.php calls the alarm notify
> function with the user set to null (first parameter). This function then
> calls notify, which calls listAlarms, which calls load. Next,
> $registry->callByPackage actually switches to the kronolith api
> (listAlarms).

scripts/alarms.php sets the user before calling notify().

Jan.

-- 
Do you need professional PHP or Horde consulting?
http://horde.org/consulting/



More information about the horde mailing list