Submitted by SteveHeinsch on Sun, 01/24/2010 - 22:01
I am trying to allow a domain user to be able to use the remote api. I always get the message "ERROR: You are not allowed to run remote commands". I have enabled "Can accept RPC calls?" for this particular user from within the webmin users. It will only work if I use commands from root.
Please see this thread (posts #3 and #4) for more details. http://www.virtualmin.com/node/13134
Thanks, Steve
Status:
Closed (fixed)
Comments
Submitted by JamieCameron on Sun, 01/24/2010 - 23:24 Comment #1
Sorry, but at the moment this isn't possible .. the remote API has no concept domain-level access control, so if a domain owner was granted access to it he would have control over the whole system.
However, this is on the roadmap for a future release though..
Submitted by SteveHeinsch on Sun, 01/24/2010 - 23:47 Comment #2
OK, thank you. Is there any other way for a domain owner to create an email account for his domain besides the control panel? The ultimate goal is to be able to incorporate this functionality via php.
Submitted by JamieCameron on Mon, 01/25/2010 - 00:44 Comment #3
One way would be for them to make an HTTP request to https://yourserver:10000/virtual-server/save_user.cgi , with all the same parameters as would result from manually submitting the form to create a new mailbox..
Submitted by SteveHeinsch on Mon, 01/25/2010 - 12:49 Comment #4
Would this be correct as far as url parameters to set up an email only account? Im just going by the form values I see on the create new user page... Is there anything else needed besides the authentication to get to the url?
dom=xxxxxxxxx {numerical id of domain}new=1
mailuser=new_mailbox_name {without domain}
mailpass=password
mailpass_again=password
shell=/dev/null
Thanks, as always, for your help Jaimie -Steve
Submitted by JamieCameron on Mon, 01/25/2010 - 17:20 Comment #5
You may need a few more parameters than that - the best way to be sure is to check the fields on the user creation form. But if you don't get back any error message, you can assume that it worked OK.
Also, you will need to set the HTTP User-Agent: header to "Webmin" to bypass the login form, and also set the HTTP username and password correctly.
Submitted by SteveHeinsch on Thu, 01/28/2010 - 01:09 Comment #6
I got this to work. Thanks Jamie. I do hope you still plan on implementing domain level ACL to the api. That would be the shizzles (and git support :) )