Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!

API : api_token_update bug

Discussion in 'cPanel Developers' started by Dev@SH, Feb 15, 2018.

Tags:
  1. Dev@SH

    Dev@SH Member

    Joined:
    Mar 11, 2014
    Messages:
    17
    Likes Received:
    1
    Trophy Points:
    3
    cPanel Access Level:
    DataCenter Provider
    OS : CENTOS 7.4 kvm
    cPanel : v68.0.29

    When issuing the command:
    Code:
    whmapi1 api_token_update token_name=<tokenname> acl-1=all
    The command returns:
    Code:
    data:
      acls:
        - all
      create_time: '1518471368'
      name: <tokenname>
    metadata:
      command: api_token_update
      reason: OK
      result: 1
      version: 1
    
    Using the api_token_list command, I see all the acls that the token has now and it includes 'all'

    However, when you view the token's permissions from inside WHM, the token does not have 'all' applied and the token does not actually have the permission either. ( cPanel API Response: You do not have permission to create sessions for the user <user> )

    If I use the API shell and issue the same command, the command does correctly set the acl and the user is allowed to create sessions for another user.

    Code:
    {"metadata":{"version":1,"result":1,"command":"api_token_update","reason":"OK"},"data":{"create_time":1518534128,"acls":["all"],"name":"tokenname"}}
    So - question: is there a cPanel service I need to restart after I use the whmapi1 command to get the system to pick up the new acl? Is this a bug?
     
  2. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    43,940
    Likes Received:
    1,819
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    Hello,

    I've been unable to reproduce this issue on a test system. Are you logging into WHM as "root" when reproducing this issue?

    Thank you.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  3. Dev@SH

    Dev@SH Member

    Joined:
    Mar 11, 2014
    Messages:
    17
    Likes Received:
    1
    Trophy Points:
    3
    cPanel Access Level:
    DataCenter Provider
    Yes.

    root is best user... :)

     
  4. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    43,940
    Likes Received:
    1,819
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    Hello,

    I used the following steps in an attempt to replicate this issue:

    1. Created the API token using the following command while logged in via SSH as "root":

    Code:
    whmapi1 api_token_create token_name=subway acl-1=all
    2. Accessed WHM as "root" and browsed to the "Manage API Tokens" option.

    3. Clicked on "Edit" under "subway" and confirmed that all privileges were assigned to the token.

    4. Updated the ACLS for the token:

    Code:
    whmapi1 api_token_update token_name=subway acl-1=news
    5. Clicked on "Edit" under "subway" and confirmed that just the "news" privilege was assigned to the token.

    6. Updated the ACLS for the token:

    Code:
    whmapi1 api_token_update token_name=subway acl-1=all
    7. Clicked on "Edit" under "subway" and confirmed that all privileges were assigned to the token.

    Is there an additional step that isn't working for you, or a difference in one of the above steps?

    Thank you.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice