Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!

SOLVED API function to check one user account for AutoSSL

Discussion in 'Security' started by swbrains, May 28, 2018.

  1. swbrains

    swbrains Well-Known Member

    Joined:
    Sep 13, 2006
    Messages:
    128
    Likes Received:
    15
    Trophy Points:
    168
    Hi,

    I see a function in the API: start_autossl_check_for_one_user

    Is there a way to give a reseller privileges to run this function. Right now I need to authenticate as a root user to do so, but I'd like to give permission to a reseller to call it.

    Thanks!
     
    #1 swbrains, May 28, 2018
    Last edited: May 28, 2018
  2. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    44,378
    Likes Received:
    1,857
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  3. swbrains

    swbrains Well-Known Member

    Joined:
    Sep 13, 2006
    Messages:
    128
    Likes Received:
    15
    Trophy Points:
    168
    Thanks. How could I accomplish this from a Perl script? That is, I know how to authenticate from the script before calling an API function, but how would I authenticate as the reseller but keep the start_autossl_check function limited to one user?

    Thanks!
     
  4. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    44,378
    Likes Received:
    1,857
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  5. swbrains

    swbrains Well-Known Member

    Joined:
    Sep 13, 2006
    Messages:
    128
    Likes Received:
    15
    Trophy Points:
    168
    No problem. I'm familiar with calling the API/UAPI via Perl. I just wasn't sure about the user's authentication credentials working.
     
    cPanelMichael likes this.
  6. swbrains

    swbrains Well-Known Member

    Joined:
    Sep 13, 2006
    Messages:
    128
    Likes Received:
    15
    Trophy Points:
    168
    Next related question: Is there a non-root way via the API to call get_users_features_settings or some similar function to determine if a user account has a particular feature enabled. For example, I want my script to determine if AutoSSL is enabled in the user account's feature list. The aforementioned function works great if I authenticate as root user, but I'd prefer to have a way to get similar information without authenticating as root, if possible.

    I should probably clarify here -- I'd like to determine if the setting to enable AutoSSL for this *one* user is enabled/disabled, rather than if the feature is simply enabled in the feature set used by user account. That is, going into WHM->Manage AutoSSL, I can override the default feature set for this user and enable AutoSSL manually for this user without enabling it in the feature set for all users. I need to know if it's been enabled for that one user. The get_users_features_settings function works well for this, allowing me to see if it's enabled for just this user, but requires root authentication.

    Thanks!
     
    #6 swbrains, May 29, 2018
    Last edited: May 29, 2018
  7. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    44,378
    Likes Received:
    1,857
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    Hello,

    Not directly, but the following UAPI function would provide this information to you:

    UAPI Functions - SSL::get_autossl_excluded_domains - Developer Documentation - cPanel Documentation

    For example, if AutoSSL is enabled in the feature list associated with the account, yet is disabled for the account via WHM >> Manage AutoSSL >> Manage Users, this UAPI function will return a result like this:

    Code:
    ---
    apiversion: 3
    func: get_autossl_excluded_domains
    module: SSL
    result:
      data: ~
      errors:
        - You do not have the feature “autossl”.
      messages: ~
      metadata: {}
    
      status: 0
      warnings: ~
    Thank you.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  8. swbrains

    swbrains Well-Known Member

    Joined:
    Sep 13, 2006
    Messages:
    128
    Likes Received:
    15
    Trophy Points:
    168
    Would this work the other way around? That is, AutoSSL is disabled in the global feature list used for all accounts by default, but it is enabled for one account in the Manage AutoSSL page where you override the global feature list for that account.
     
  9. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    44,378
    Likes Received:
    1,857
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    Yes, in that case, the output would show that AutoSSL is not disabled:

    Code:
    # uapi --user=user123 SSL get_autossl_excluded_domains
    ---
    apiversion: 3
    func: get_autossl_excluded_domains
    module: SSL
    result:
      data: []
    
      errors: ~
      messages: ~
      metadata:
        transformed: 1
      status: 1
      warnings: ~
    
    Thank you.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  10. swbrains

    swbrains Well-Known Member

    Joined:
    Sep 13, 2006
    Messages:
    128
    Likes Received:
    15
    Trophy Points:
    168
    Awesome, thanks!
     
    cPanelMichael likes this.
Loading...

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice