[BUG] Admin acc and Login to Control Panel

[AnTeKaPa]

Describe the bug Hi, I have tested the V2 of your code and what I found so far:

1. When setup a server connection the user name should be always "admin" not work with other even with admin privileges.
2. I don't know how this is related to your code, but with V2 when create a new user, then login with it to FossBilling, inside the Client area(dashboard) have a button inder "Manage hosting account" section, which button is "Login to control panel", this button should point to CyberPanel but in V2 it open the IP of the server without the port (8090). With V1 this works.

Version Being Used V2.x

To Reproduce Steps to reproduce the behavior:

1. For the first point - Try to create a new server connection with different ADMIN account. For the Second:
2. Create a new user account with some Hosting Service in FossBilling.
3. Login with the new user account.
4. Go to the user Dashboard and Click on the Service which is assigned to.
5. Click on the button "Login to Control panel" at the bottom of the page.

Expected behavior

1. First point - to can use different administrator accounts in the setup.
2. Second point - to can go easy to the CyberPanel page.

Screenshots I will send you if is needed.

Additional context This is not exactly about the problem, but please tell me do I do something wrong or just it is what is:

I cannot find a way where Fossbilling can create a new Website inside CyberPanel, it only creates an account and this account is a bit useless, because of the way how CyberPanel works only admin can create websites..... Also of that what I see (and understand) in your code, it only have a control over the Accounts, nothing else, is that, because only this is possible between these 2 softwares or your idea of this code is different? I just not see a point of using both CyberPanel and FossBilling if they cannot communicate to each other for something else of Account creation and password changes....

BTW: I not blame you for anything, just trying to figure out how these things works.

Thanks!

[jsonkenyon]

Hmmm, I’ll have to take a look and see if CyberPanel only allows the admin user, I don’t recall reading anything that it did. I’ll do some testing when I get off work today and see what I can find.

I’ll also take a look at the client login, not sure why it would go to an IP.

[jsonkenyon]

Okay, took a few minutes while still waking up and getting ready for work. When you change the username for the API user, it returns Only the administrator can use the api

This isn't coming from the server module itself, but instead CyberPanel. We would need to reach out to them to figure out why/if anything needs to be updated on the CyberPanel side to allow other users access to the API.

[jsonkenyon]

Hmmm, further looking into this it looks like despite what you provide the username for the "new" admin user their username also reverts to admin.

Though even doing that doesn't seem to work, this seems like a bug upstream within CyberPanel that they would need to review.

[AnTeKaPa]

To be honest I don't know what to say, because I don't understand this at all, but if I can clarify what I mean:

I have created a new admin user in CyberPanel called fossbilling and set the ACL to admin, after that I used this account to setup Server connection in FossBilling, with your V1 of the code this works fine, but with V2 it said Only the administrator can use the api, so this is about the first issue.

For the second one, I created a normal user through FossBilling with Hosting creation and when login in FossBilling with this user and try to access the Control panel (CyberPanel) ussing the button inside the dashboard of FossBilling it not adding the port for the server and not verifying the user, but this also works correctly with your V1 of the code.

At last, I don't want to loose your time at all, so just tell me is it possible FossBilling to do anything else in CyberPanel except user creating and editing, like creating websites? If not this configuration will be absolutely useless and is no point to continuing with it.

Thanks a lot!

[jsonkenyon]

I have created a new admin user in CyberPanel called fossbilling and set the ACL to admin, after that I used this account to setup Server connection in FossBilling, with your V1 of the code this works fine, but with V2 it said Only the administrator can use the api, so this is about the first issue.

I understand, from the looks of it this looks like its a limitation of the new API function that they have provided. It only seems to allow the default "admin" and the error that you get about it not working and needing to be the "administrator" user is from CyberPanel itself. So it seems to be an upstream issue with them that, they would need to open the API up for other admins/resellers.

For the second one, I created a normal user through FossBilling with Hosting creation and when login in FossBilling with this user and try to access the Control panel (CyberPanel) ussing the button inside the dashboard of FossBilling it not adding the port for the server and not verifying the user, but this also works correctly with your V1 of the code.

This should now be fixed, it looks like I was using

$this->port; instead of $this->_config['port];

[AnTeKaPa]

Thanks for your quick responce and fix, but you still not answer to my most important question, is it possible FossBilling to do something else different of create a user and change password?

I'm sure you know much more of me about both Foss and Cyberpanel, so that's why I asking you...(and no information anywhere) if I cannot create at least a website through FossBilling it is totaly useless and I only loose your time....

Thanks!

[jsonkenyon]

Thanks for your quick responce and fix, but you still not answer to my most important question, is it possible FossBilling to do something else different of create a user and change password?

Correct, this server module once the order is placed and paid, or placed and done if it is free. This should create the CyberPanel user in the control panel + their domain that they have provided. This is for both v1/v2. I guess the biggest difference now would also be that V2 will only allow "admin" as the username and no other reseller/user to use the API.

When you do the order, are you seeing that it isn't creating the website? As this server module allows it to create the website, suspend/unsuspend that account, etc.

[AnTeKaPa]

It is not create a website, both version V1 and V2, only account.

Now I cannot test it again because the virtual machine which I use for this have some problem, I cannot get access to FossBilling admin panel, but anyway, I tryied this many times the last few days and always was only account, maybe I cannot configure it properly, but.... I don't know.

I will reinstall Fossbilling and will test it again and will let you know.

Thanks!

[jsonkenyon]

that is odd. On my end it is able to make the account + website. So it first creates the account, and then creates the website under that new user that it created. When you are attempting to create the website from Fossbilling, are you ensuring that the hosting plan/package is the same name as what is in CyberPanel?

For example, lets say you are giving a website on the default plan. FOSSBilling would need a hosting product with that name matching that of CyberPanel

[AnTeKaPa]

I see where is the problem, I not make them with same names :D, tomorrow morrning I will reinstall the Foss and will test it.

Thanks!

[jsonkenyon]

Understood, okay so this gives me an idea that this server manager could be improved perhaps (for V2 only) the previous /api endpoint doesn't have anything for packages, eg creating, listing, deleting.

I've got a thought that when creating the user + website, we can grab the details of the package from FOSSBilling, and check the name and see if it exists in CyberPanel if it does we just continue to create the account + website, if it doesn't we go a different route of Create Account => Create Package with the name in FOSSBilling => Create website with the newly created plan.

This way, if the plan exists we will use it, if it doesn't we will create it once and then there after the fetching of the packages from CyberPanel it should be listed and just be able to use it.

[jsonkenyon]

Okay, should be good to go for testing again. Took some time today given this feedback to update the docs. They no longer reside in the README, and now are in a wiki. Per #11 if the hosting package doesn't exist it will auto create the package now and return it and continue on with creating the website (ONLY on version 2). Let me know if you have any issues. 🎉🚀

Thanks for your continued testing, and feedback regarding this! 🙇‍♂️🙏

[AnTeKaPa]

Hi again.

So I just test your lates updates and it works.

I have created ONLY in FossBilling Server, Hosting and Service, then register new user account and buy the new Service. The new account, package and website was created in CyberPanel and works.

Have a bit issues:

1. Never can login in CyberPanel with the new user account untill I change the password again through FossBilling Dashboard, I guess the way how the both systems manage the passwords, I don't know, but I should change the password once to get access.
2. Cannot Modify the Package after once is Created through FossBilling, what I mean if I do some changes over the Hosting in FossBilling Dashboard, this not reflect in CyberPanel and remain unchaged.
3. The Service Suspension from FossBilling Dashboard not working, it returns "None (9999)" error.
4. I also test the Service deactivation or Cancelation and this works on some point, but after reactivation the user still cannot Login in CyberPanel, but I guess this is a Cache or Cookie problem with CyberPanel, because (I use a private browser) after I close the browser and reopen it, works.
5. The way how FossBilling accept the users (with only first name) probably will be a issue in a production site, but this is a problem of FossBilling not your code :)

I don't know what else I can test, if you tell me what I will do it :) . Maybe in a future when CyberPanel, make the New Docker option properly you will can add this into the API code :)

Thanks!

[jsonkenyon]

Thanks for the detailed report.

1. I believe that this is due to the way FOSSBilling works, it will auto generate a new hosting account password. By default, when the hosting account is actually setup, it should email you the username + password, but locally I don't have this setup to actually send emails. Perhaps I could test this and see if that is the case.
2. Cannot modify the hosting package, I have a hunch that this is because all of your plans are just "HostingPlanName" though in CyberPanel when you create a new HostingPlanName they are named "adminHostingPlanName" this would be what is causing that issue. I'll get the code updated, I don't really like having to make FOSSBilling name the hosting packages admin the code should be able to handle it, (assuming that the username is always admin, or that the api user doesn't change)
3. I'll take a look into that, if you are getting a "none" error that is coming right from CyberPanel itself, and that is the status that its reporting. In my testing it did seem to work, but I'll take another look and debug it, see if I can replicate it.
4. Indeed, that is what the is sounding like
5. Correct, at the moment that would be something that FOSSBilling would need to update on their end to enforce the user to put in the last name. Though at the moment, we just hardcode "UNKNOWN" to get it to actually create the hosting account.

[jsonkenyon]

Okay, so far point 2 should be fixed, point 3 is getting that error because we are checking for a return on "status" but the API actually returns a "websiteStatus". None the less, the API endpoint "NONE" is reporting that there were no issues with suspending the domain, so it should have suspended, this seems like perhaps something with CyberPanel. Will have to look further and reach out to them to confirm if its a bug on their side. Either way the code has been updated to reflect that we should be checking "websiteStatus" instead of "status"

[jsonkenyon]

Okay, did some further testing and the suspend/un-suspend functions should be working as expected again. So all functions "should" be good to go now.

[AnTeKaPa]

Ok, I just done some tests.

2. Cannot modify the hosting package - Still cannot - when I modify it in Fossbilling it remains unchaged in CyberPanel. I tried with New Hosting Plan aslo, just in case...
3. The Suspension/Unsuspension works correctly now.

I found something else durring the test above, if I use the same USER account in Fossbilling which already have a Website/Hosting, to Order a new/another Service/Hosting it creates a NEW user in CyberPanel and hook up the new website to it, I think it should be better if can create a website and attach it to the already existing account, but I don't know is that possible at all...

Thanks!

[jsonkenyon]

Hmm, I'll take a look at the changing the hosting plan again.

It creating a new account is further discussed in by design in issue #2

[jsonkenyon]

Hmmm, so with the Version 2 API, it doesn't appear that they have a hosting package change in place. The one that we were using before was changePackageAPI when attempting to use this with the cloudAPI we get the following:

{"status": 0, "error_message": "This function is not available in your version of CyberPanel."}

So seems like this is going to be something that will need to go to CyberPanel to see if there is another API endpoint that is "undocumented" or if they even have a hosting package change that we can use.

[AnTeKaPa]

I see, ok is not a big problem.

Thanks!

[jsonkenyon]

Issue #15 has been opened to track this matter and implement any enhancements when the API endpoint becomes available. We will close this issue in favor of that one. If you have any further concerns, please feel free to reopen this issue or submit a new request for a different matter.