Some left overs from the old admin user still remaind (hestiacp#4721)

jaapmarcus · web-flow · commit 5c47d5ebf5e4 · 2025-01-23T14:46:18.000+01:00
When using a custom admin user this was causing issues
diff --git a/bin/v-add-sys-pma-sso b/bin/v-add-sys-pma-sso
@@ -62,12 +62,12 @@ fi
 
 # Generate the keys to secure everything
 phpmyadminkey=$(generate_password)
-apikey=$($BIN/v-add-access-key 'admin' 'phpmyadmin-sso' 'phpMyAdmin' 'plain')
+apikey=$($BIN/v-add-access-key "$ROOT_USER" 'phpmyadmin-sso' 'phpMyAdmin' 'plain')
 
 # copy config dir to /usr/share/phpmyadmin/
 cp -f $HESTIA_INSTALL_DIR/phpmyadmin/hestia-sso.php $PMA_INSTALL/hestia-sso.php
 chmod 640 $PMA_INSTALL/hestia-sso.php
-chown root:www-data $PMA_INSTALL/hestia-sso.php
+chown root:hestiamail $PMA_INSTALL/hestia-sso.php
 
 sed -i "s/%PHPMYADMIN_KEY%/$phpmyadminkey/g" $PMA_INSTALL/hestia-sso.php
 sed -i "s/%API_KEY%/$apikey/g" $PMA_INSTALL/hestia-sso.php
@@ -77,7 +77,7 @@ sed -i "s/%API_HESTIA_PORT%/$BACKEND_PORT/g" $PMA_INSTALL/hestia-sso.php
 # Check if config already contains the keys
 touch $PMA_CONFIG/hestia-sso.inc.php
 chmod 640 $PMA_CONFIG/hestia-sso.inc.php
-chown root:www-data $PMA_CONFIG/hestia-sso.inc.php
+chown root:hestiamail $PMA_CONFIG/hestia-sso.inc.php
 
 echo "<?php
 if(isset(\$_GET['hestia_token']) || isset(\$_COOKIE['SignonSession'])){
diff --git a/web/api/index.php b/web/api/index.php
@@ -110,7 +110,9 @@ function api_legacy(array $request_data) {
 			unset($output);
 			exec(
 				HESTIA_CMD .
-					'v-check-user-password "admin" ' .
+					"v-check-user-password " .
+					quoteshellarg($root_user) .
+					" " .
 					quoteshellarg($v_password) .
 					" " .
 					$v_ip .
@@ -222,7 +224,7 @@ function api_connection(array $request_data) {
 	exec(HESTIA_CMD . "v-list-sys-config json", $output, $return_var);
 	$settings = json_decode(implode("", $output), true);
 	unset($output, $return_var);
-
+	$root_user = $settings["config"]["ROOT_USER"];
 	// Get the status of api
 	$api_status =
 		!empty($settings["config"]["API_SYSTEM"]) && is_numeric($settings["config"]["API_SYSTEM"])
@@ -292,13 +294,13 @@ function api_connection(array $request_data) {
 			: -1;
 
 	# Check if API access is enabled for nonadmin users
-	if ($key_user != "admin" && $api_status < 2) {
+	if ($key_user != $root_user && $api_status < 2) {
 		api_error(E_API_DISABLED, "API has been disabled", $hst_return);
 	}
 
 	// Checks if the value entered in the "user" argument matches the user of the key
 	if (
-		$key_user != "admin" &&
+		$key_user != $root_user &&
 		$user_arg_position > 0 &&
 		$hst_cmd_args["arg{$user_arg_position}"] != $key_user
 	) {
