API2 call 'park' with root permissions

Hi Bjorn,

The following worked for me using the xml-api PHP client class

Authenticating as root

PHP:

<?php
// we will park 'xmlapitest1.net' on top of the primary domain belonging to user 'parktest'

include("xmlapi.php");

$ip = "10.1.1.1";
$root_pass = "S3cr3t!";
$user='parktest';

$xmlapi = new xmlapi($ip);
$xmlapi->password_auth("root",$root_pass);
//$xmlapi->set_port('2087'); // port 2087 is set by default
//$xmlapi->set_debug(1);

$args = array(
        'domain'    =>'xmlapitest1.net',        
        'topdomain' =>'',
        );
        
$xmlapi->api2_query($user,'Park','park',$args);


Authenticating as user 'parktest'

PHP:

<?php
// we will park 'xmlapitest2.net' on top of the primary domain belonging to user 'parktest'
// Obviously, the user will need park domain allowance for this to work
include("xmlapi.php");

$ip = "10.1.1.1";
$user='parktest';
$upass='S3cr3t!';

$xmlapi = new xmlapi($ip);

$xmlapi->password_auth($user,$upass);
$xmlapi->set_port('2083');
//$xmlapi->set_debug(1);

$args = array(
        'domain'    =>'xmlapitest2.net',
        'topdomain' =>'',
        );
        
$xmlapi->api2_query($user,'Park','park',$args);


The only two differences I can see calling this as root or the user:

1) The port needs to be appropriate. All root authenticated requests via XML-API should be done on port 2087 & 2086, all user authenticated requests use 2083 & 2082.

2) The 'topdomain' parameter is taken (ever so slightly) differently.

For a user authenticated request:
the 'topdomain' is treated as an optional parameter. So, if not provided , the primary domain will be the target. If you set to blank, like in my example, then it will use the primary domain as the target.

For a root requests:
The parameter is mandatory. If you do not pass the 'topdomain' key, it will fail. If you pass a blank valueit will use the primary domain as the target.

---.---
For either user or root:
If you provide a value other than empty/blank for 'topdomain', it will be treated as a subdomain reference. Example 'topdomain=here' will target 'here.domain.ttl' (which will fail if you haven't already established the 'here' subdomain).
---.---

Best Regards,
-DavidN

 

Hi Bjorn,

I re-ran my tests against the most current NIGHTLY and CURRENT builds and was able to reproduce the situation you describe. My previous test was just against the NIGHTLY build, which has updated in the interim. I must have hit a bug (that is now fixed), which would explain why I didn't initially get the error that you are reporting.

After reviewing the implementation for this functionality in WHM and the XML-API/API2, it has become clear to me that what we're observing is expected for two reasons:

1) Any execution of an API1/API2 call via the XML-API (whether as root or user), is performed as the user. The fact that I was able to execute the call with success on an account that was at or beyond the Max Park Domain limit should have been a red flag for me but I just assumed the code operated contra item 2

2) The WHM interface for parking a domain is a different code path than that used by the API2 call. It's unique and cannot be accessed other than via the WHM UI (at this time).

So, there are a few ways to resolve this issue, albeit all inelegant:
A) script against a browser interaction (for php, either fopen or cURL). This would be a fragile situation since GET/POST on the UI templates is not supported; the UI changes and programmatic browser interaction is always victim to dynamic content and element rendering/manipulate by JS.

B) modify the accounts Max Park Domain property, either prior to or after a failed attempt to park to a value that will permit the call to succeed.

C) modify the accounts Max Park Domain property, incrementing by 1, add the park, and then decrement by 1. This would yield a notice in the cPanel user interface "Park Domain", and potential place the user into an 'exceeds Max Park Domain' situation (if you monitor for that). However, the parked domain in question should still operate. The end result would be the same as if you were to have just used the WHM UI to add the park for an account: basically a disregard to the Max Park Domain property.

I think the situation is clear now, but sorry for the initial run around.

Best Regards,
-DavidN

 

Glad to help.

-DavidN

 

Hi cbsgroup,

1) I know that there's been a few requests, over in the Feature Request forum, for changes to addon/park domains, but I don't think there's been one specifically for the issue covered in this post. I recommend doing a quick query and, if necessary, spawning a new request thread. The way I see it, the most straight forward (or ideal) request would be to have native functions within the XML-API that are for addon/park domains. This feature would, essentially, be an programmatic way to perform the utility offered in WHM to root (or a privileged reseller) user.

2) Off the top of my head, I can't think of a better way.

Cheers,
-DavidN