Development Guides Home >> Guide to API Privilege Escalation

Guide to API Privilege Escalation - Object Methods

Your class will inherit several useful methods (for example, the get_caller_username() method), from the Cpanel::AdminBin::Script::Call module.

Inherited methods

Your class will inherit the following methods:

Method Description
get_caller_domains() The method returns an array of the domains that the user who called the function owns. This includes the user's primary domain.
get_caller_former_domains_that_remain_unused() This method returns an array of the domains that the caller no longer owns.
get_caller_uid() This method returns the UID of the user who called the function.
get_caller_username() This method returns the username of the user who called the function.
get_caller_homedir() This method returns the home directory of the user who called the function.
get_action() This method returns the name of the function that the user called.
verify_that_caller_owns_domain($domain) This method checks whether the user who called the function owns the $domain domain. If the caller does not own the domain, it throws an exception.
user_has_feature_or_die($feature) This method checks whether the user has the necessary $feature feature to call the function. If the caller does not have access to the feature, it throws an exception.

Example

The following example demonstrates the inherited methods:

#an arrayref of owned domains, including the account's primary domain
my $domains_ar = $self->get_caller_domains();

#an arrayref of formerly-owned domains that the caller no longer owns
my $old_domains_ar = $self->get_caller_former_domains_that_remain_unused();

my $uid = $self->get_caller_uid();

my $username = $self->get_caller_username();

my $homedir = $self->get_caller_homedir(); #i.e., home directory

#the function that the user requested to run
my $action = $self->get_action();

$self->verify_that_caller_owns_domain($domain); #die()s if not

$self->user_has_feature_or_die($feature); #die()s if not