Client cannot save any changes to domain if admin created it before
If admin created a domain for a client it cannot be modified by the client itself.
I checked the db sys_perm_group value for the domain and it was 'ru' which I was supposed to means 'read', 'update' so it shold work. Finally I tracked down and the whole form at the save stage was in "readonly" status.
ISPConfig version: 3.1.2
Problem:
The 'interface/web/sites/web_vhos_domain_edit.php' explicitly overrides the form 'readonly' settings which is true by default if not amin accesses the form. In the onShowEdit function there was a permCheck for 'riud' and an override for this value to false if the current user has the full set of rights (read, inser, update, delete). In the onSubmit function there was no any permCheck and override for this value which leaded to this situation and after a save the form didn't become not readonly.
Resolution:
- Changed the checkPerm($this->id, 'riud') to checkPerm($this->id, 'u') in onShowEdit, because this is the right check
- Copied this line to the beginning to onSubmit function (this one which solves the problem)
Notice:
This permission checking is a mess in ISPConfig. I found multiple instances of checking the database fields directly against a value and the use of checkPerm with the full 'riud' value as well. This should be changed/revised everywhere.
Modified code to resolve the issue:
Line: 938
` function onShowEdit() { global $app; if($app->tform->checkPerm($this->id, 'u')) $app->tform->formDef['tabs']['domain']['readonly'] = false; parent::onShowEdit(); }
function onSubmit() {
global $app, $conf;
if($app->tform->checkPerm($this->id, 'u')) $app->tform->formDef['tabs']['domain']['readonly'] = false;
// Set a few fixed values
$this->dataRecord["vhost_type"] = 'name';
`