pseudo-user for Linux superuser Perl scripts

ddmitov · ddmitov · commit 8cfcf907a260 · 2016-12-05T11:54:37.000+02:00
diff --git a/README.md b/README.md
@@ -160,7 +160,8 @@ If PEB is going to be compiled for end users and interaction with the Perl debug
           close_command: "_close_",
           close_confirmation: "_closed_"
       }
-      request.open('GET', 'http://interactive@local-pseudodomain/perl/interactive-script.pl' + formatParameters(parameters), true);
+      request.open('GET', 'http://interactive@local-pseudodomain/perl/interactive-script.pl' +
+                           formatParameters(parameters), true);
       request.send();
   });
   
@@ -223,7 +224,7 @@ If PEB is going to be compiled for end users and interaction with the Perl debug
 ```
 
 ## Calling Linux Superuser Perl Scripts
-Linux superuser Perl scripts can be started using the special query string item ```user=root```. So if PEB finds an URL like: ```http://local-pseudodomain/perl/root-open-directory.pl?user=root```, it will ask the user for the root password and then call ```sudo```, which will start the script. Root password is saved for 5 minutes inside the memory of the running PEB and is deleted afterwards. Output from superuser scripts is displayed inside PEB like the output from any other noninteractive Perl script. User data from HTML forms is supplied to superuser Perl scripts as the first command line argument without ```STDIN``` input or ```QUERY_STRING``` environment variable like in the user-level Perl scripts.
+Linux superuser Perl scripts can be started using the special pseudo-user ```root```. So if PEB finds an URL like: ```http://root@local-pseudodomain/perl/root-open-directory.pl```, it will ask the user for the root password and then call ```sudo```, which will start the script. Root password is saved for 5 minutes inside the memory of the running PEB and is deleted afterwards. Output from superuser scripts is displayed inside PEB like the output from any other noninteractive Perl script. User data from HTML forms is supplied to superuser Perl scripts as the first command line argument without ```STDIN``` input or ```QUERY_STRING``` environment variable like in the user-level Perl scripts.
 
 ## Settings
 **Settings based on the existence of certain files and folders:**  
diff --git a/resources/app/interactive-script.html b/resources/app/interactive-script.html
@@ -52,7 +52,8 @@
 					close_command: "_close_",
 					close_confirmation: "_closed_"
 				}
-				request.open('GET', 'http://interactive@local-pseudodomain/perl/interactive-script.pl' + formatParameters(parameters), true);
+				request.open('GET', 'http://interactive@local-pseudodomain/perl/interactive-script.pl' +
+								formatParameters(parameters), true);
 				request.send();
 			});
 
diff --git a/resources/app/main.html b/resources/app/main.html
@@ -89,8 +89,8 @@
 			</p>
 
 			<p>
-				<a href="http://local-pseudodomain/perl/root-open-directory.pl?user=root"
-					data-toggle="tooltip" title="http://local-pseudodomain/perl/root-open-directory.pl?user=root"
+				<a href="http://root@local-pseudodomain/perl/root-open-directory.pl"
+					data-toggle="tooltip" title="http://root@local-pseudodomain/perl/root-open-directory.pl"
 					data-placement="right" id="root-directory-lister">
 				Linux /root Directory Lister</a>
 			</p>
diff --git a/resources/app/root-get.html b/resources/app/root-get.html
@@ -19,7 +19,7 @@
 	</head>
 
 	<body>
-		<form action="perl/get-post-test.pl" method="get" onsubmit="submitFunction()">
+		<form action="http://root@local-pseudodomain/perl/get-post-test.pl" method="get" onsubmit="submitFunction()">
 			<div class="col-lg-10 col-lg-offset-1">
 				<fieldset>
 					<legend>Send GET request to local Perl script</legend>
@@ -45,7 +45,6 @@
 					</div>
 				</fieldset>
 			</div>
-			<input type="hidden" name="user" value="root">
 		</form>
 	</body>
 
diff --git a/resources/app/root-post.html b/resources/app/root-post.html
@@ -19,7 +19,7 @@
 	</head>
 
 	<body>
-		<form action="perl/get-post-test.pl?user=root" method="post" onsubmit="submitFunction()">
+		<form action="http://root@local-pseudodomain/perl/get-post-test.pl" method="post" onsubmit="submitFunction()">
 			<div class="col-lg-10 col-lg-offset-1">
 				<fieldset>
 					<legend>Send POST request to local Perl script</legend>
diff --git a/src/peb.cpp b/src/peb.cpp
@@ -628,9 +628,7 @@ QNonInteractiveScriptHandler::QNonInteractiveScriptHandler(
     // qDebug() << "Script output target:" << scriptOutputTarget;
 
 #if ADMIN_PRIVILEGES_CHECK == 0
-    scriptUser = scriptQuery.queryItemValue("user");
-    scriptQuery.removeQueryItem("user");
-    // qDebug() << "Script user:" << scriptUser;
+    scriptUser = url.userName();
 #endif
 
     scriptFullFilePath = QDir::toNativeSeparators

Original file line number	Diff line number	Diff line change
`@@ -52,7 +52,8 @@`
`52`	`52`	`close_command: "_close_",`
`53`	`53`	`close_confirmation: "_closed_"`
`54`	`54`	`}`
`55`		`- request.open('GET', 'http://interactive@local-pseudodomain/perl/interactive-script.pl' + formatParameters(parameters), true);`
	`55`	`+ request.open('GET', 'http://interactive@local-pseudodomain/perl/interactive-script.pl' +`
	`56`	`+ formatParameters(parameters), true);`
`56`	`57`	`request.send();`
`57`	`58`	`});`
`58`	`59`