From 9cf159246892e3388b36f4b43cccc0c62e54a29f Mon Sep 17 00:00:00 2001
From: Nozomi Anzai <anzai@sraoss.co.jp>
Date: Wed, 25 Dec 2013 19:43:33 +0900
Subject: [PATCH] Fix that pgpool_pgctl can be executed only when the login
 user is super user in backend nodes. Previously, any login user was able to
 try to execute pgpool_pgctl() which could stop/restart/reload a backend node
 even if he was not a super user. Also pgpool_pgctl() was executed by
 sr_check_user or health_check_user, but it wasn't reasonable. This update is
 that buttons of stop/restart/reload are disabled when the login user isn't a
 super user and that pgpool_pg_ctl() is executed by login user instead of
 sr_check_user or health_check_user who don't have to be non-superuser. Per
 [pgpool-general: 2338].

---
 common.php                                  | 6 +++++-
 status.php                                  | 8 +++++++-
 templates/elements/status_pgsql_buttons.tpl | 8 ++++----
 3 files changed, 16 insertions(+), 6 deletions(-)

diff --git a/common.php b/common.php
index 4631f05..05f8876 100644
--- a/common.php
+++ b/common.php
@@ -284,7 +284,11 @@ function NodeStandby($num)
 function conStr($num, $mode = NULL)
 {
     // check user info
-    if ($mode == 'stream' && paramExists('sr_check_user')) {
+    if ($mode == 'login') {
+        $user     = $_SESSION[SESSION_LOGIN_USER];
+        $password = $_SESSION[SESSION_LOGIN_USER_PASSWORD];
+
+    } elseif ($mode == 'stream' && paramExists('sr_check_user')) {
         $params = readConfigParams(array('sr_check_user',
                                          'sr_check_password'));
         $user     = $params['sr_check_user'];
diff --git a/status.php b/status.php
index ed7adc2..295ee6a 100644
--- a/status.php
+++ b/status.php
@@ -516,11 +516,17 @@ function _doPgCtl($nodeNumber, $pg_ctl_action)
 
     if (isSuperUser($_SESSION[SESSION_LOGIN_USER]) == FALSE) { return FALSE; }
 
-    $conn = @pg_connect(conStr($nodeNumber));
+    $conn = @pg_connect(conStr($nodeNumber, 'login'));
+    if ($conn == FALSE) {
+        @pg_close($conn);
+        return FALSE;
+    }
     $query = sprintf("SELECT pgpool_pgctl('%s', '%s')",
                      $pg_ctl_action,
                      (isset($_POST['stop_mode'])) ? $_POST['stop_mode'] : NULL);
     $result = execQuery($conn, $query);
 
+    @pg_close($conn);
+
     return $result;
 }
diff --git a/templates/elements/status_pgsql_buttons.tpl b/templates/elements/status_pgsql_buttons.tpl
index 4f23e02..8f8f16b 100644
--- a/templates/elements/status_pgsql_buttons.tpl
+++ b/templates/elements/status_pgsql_buttons.tpl
@@ -1,15 +1,15 @@
 <input type="button" onClick="stopPgsqlButtonHandler({$node_num})"
-       {if $nodeInfo.$node_num.is_active == false}disabled{/if}
+       {if $nodeInfo.$node_num.is_active == false || $is_superuser !== 'yes'}disabled{/if}
        value="{$message.strStopPgsql|escape}">
 
 <input type="button" onClick="restartPgsqlHandler({$node_num})"
-       {if $nodeInfo.$node_num.is_active == false}disabled{/if}
+       {if $nodeInfo.$node_num.is_active == false || $is_superuser !== 'yes'}disabled{/if}
        value="{$message.strRestartPgsql|escape}">
 
 <input type="button" onClick="sendCommand('reloadPgsql', {$node_num}, '{$message.msgReloadPgpool|escape}')"
-       {if $nodeInfo.$node_num.is_active == false}disabled{/if}
+       {if $nodeInfo.$node_num.is_active == false || $is_superuser !== 'yes'}disabled{/if}
        value="{$message.strReloadPgsql|escape}">
 |
 <input type="button" onClick="sendCommand('removeBackend', {$node_num}, '{$message.msgRemoveBackend|escape}')"
-       {if $pgpoolIsRunning && $nodeInfo.$node_num.is_active}disabled{/if}
+       {if $nodeInfo.$node_num.is_active == false || $is_superuser !== 'yes'}disabled{/if}
        value="{$message.strRemoveBackend|escape}">
-- 
2.39.5