public function xSaveAction()
{
if (!$this->user->isAccountSuperAdmin() && !$this->request->isAllowed(Acl::RESOURCE_ENVADMINISTRATION_ENV_CLOUDS)) {
throw new Scalr_Exception_InsufficientPermissions();
}
$params = array('envId' => array('type' => 'int'), 'teams' => array('type' => 'json'));
if ($this->user->isAccountOwner() || $this->user->isAccountSuperAdmin()) {
$params['name'] = array('type' => 'string', 'validator' => array(Scalr_Validator::REQUIRED => true, Scalr_Validator::NOHTML => true));
}
$this->request->defineParams($params);
$this->request->validate();
if ($this->getContainer()->analytics->enabled && $this->request->isInterfaceBetaOrNotHostedScalr()) {
if ($this->getParam('ccId')) {
if (!$this->getContainer()->analytics->ccs->get($this->getParam('ccId'))) {
$this->request->addValidationErrors('ccId', 'Invalid cost center ID');
}
} else {
$this->request->addValidationErrors('ccId', 'Cost center is required field');
}
}
if ($this->request->isValid()) {
$isNew = false;
if (!$this->getParam('envId')) {
//create new environment
if (!$this->user->isAccountOwner() && !$this->user->isAccountSuperAdmin()) {
throw new Scalr_Exception_InsufficientPermissions();
}
$this->user->getAccount()->validateLimit(Scalr_Limits::ACCOUNT_ENVIRONMENTS, 1);
$env = $this->user->getAccount()->createEnvironment($this->getParam('name'));
$isNew = true;
} else {
$env = Scalr_Environment::init()->loadById($this->getParam('envId'));
}
$this->user->getPermissions()->validate($env);
if (!$this->user->isAccountSuperAdmin() && !$this->user->getAclRolesByEnvironment($env->id)->isAllowed(Acl::RESOURCE_ENVADMINISTRATION_ENV_CLOUDS)) {
throw new Scalr_Exception_InsufficientPermissions();
}
//set name and status
if ($this->user->isAccountOwner() || $this->user->isAccountSuperAdmin()) {
$env->name = $this->getParam('name');
}
if ($this->user->canManageAcl()) {
$env->status = $this->getParam('status') == Scalr_Environment::STATUS_ACTIVE ? Scalr_Environment::STATUS_ACTIVE : Scalr_Environment::STATUS_INACTIVE;
}
$env->save();
if ($this->user->canManageAcl()) {
if ($this->getContainer()->analytics->enabled && $this->getParam('ccId')) {
$oldCcId = $env->getPlatformConfigValue(Scalr_Environment::SETTING_CC_ID);
$env->setPlatformConfig(array(Scalr_Environment::SETTING_CC_ID => $this->getParam('ccId')));
if ($isNew || empty($oldCcId)) {
$this->getContainer()->analytics->events->fireAssignCostCenterEvent($env, $this->getParam('ccId'));
} elseif ($oldCcId != $this->getParam('ccId')) {
$this->getContainer()->analytics->events->fireReplaceCostCenterEvent($env, $this->getParam('ccId'), $oldCcId);
}
}
//set teams
$env->clearTeams();
if ($this->getContainer()->config->get('scalr.auth_mode') == 'ldap') {
foreach ($this->getParam('teams') as $name) {
$name = trim($name);
if ($name) {
$id = $this->db->GetOne('SELECT id FROM account_teams WHERE name = ? AND account_id = ? LIMIT 1', array($name, $this->user->getAccountId()));
if (!$id) {
$team = new Scalr_Account_Team();
$team->name = $name;
$team->accountId = $this->user->getAccountId();
$team->save();
$id = $team->id;
}
$env->addTeam($id);
}
}
// remove unused teams
$ids = $this->db->GetAll('
SELECT account_teams.id
FROM account_teams
LEFT JOIN account_team_envs ON account_team_envs.team_id = account_teams.id
WHERE ISNULL(account_team_envs.env_id) AND account_teams.account_id = ?
', array($this->user->getAccountId()));
foreach ($ids as $id) {
$team = new Scalr_Account_Team();
$team->loadById($id['id']);
$team->delete();
}
if ($this->getContainer()->config->get('scalr.connections.ldap.user')) {
$ldap = $this->getContainer()->ldap($this->user->getEmail(), null);
if ($ldap->isValidUsername()) {
$this->user->applyLdapGroups($ldap->getUserGroups());
}
}
} else {
foreach ($this->getParam('teams') as $id) {
$env->addTeam($id);
}
}
}
$this->response->success($isNew ? 'Environment successfully created' : 'Environment saved');
$env = Scalr_Environment::init()->loadById($env->id);
//reload env to be sure we have actual params
$teams = array();
foreach ($env->getTeams() as $teamId) {
if ($this->getContainer()->config->get('scalr.auth_mode') == 'ldap') {
$team = new Scalr_Account_Team();
$team->loadById($teamId);
$teams[] = $team->name;
} else {
$teams[] = $teamId;
}
}
$this->response->data(array('env' => array('id' => $env->id, 'name' => $env->name, 'status' => $env->status, 'platforms' => $env->getEnabledPlatforms(), 'teams' => $teams, 'ccId' => $env->getPlatformConfigValue(Scalr_Environment::SETTING_CC_ID))));
} else {
$this->response->failure($this->request->getValidationErrorsMessage());
}
}
public function testUsers()
{
if (!$this->getUser()->canManageAcl()) {
$this->markTestSkipped('Specified test user cannot manage users.');
}
// remove previous test data
$user = new \Scalr_Account_User();
$user = $user->loadByEmail(self::getTestName(self::USER_NAME) . '@scalr.com', $this->getEnvironment()->clientId);
if ($user) {
$user->delete();
}
$team = new \Scalr_Account_Team();
$result = $team->loadByFilter(array('name' => self::getTestName(self::TEAM_NAME), 'accountId' => $this->getEnvironment()->clientId));
if (count($result)) {
foreach ($result as $e) {
$obj = new \Scalr_Account_Team();
$obj->loadById($e['id']);
$obj->delete();
}
}
// create
$content = $this->request('/account/users/xSave', array('email' => self::getTestName(self::USER_NAME) . '@scalr.com', 'password' => '123', 'status' => 'Active', 'fullname' => 'phpunit test user', 'comments' => 'For testing'));
$this->assertTrue($content['success']);
$this->assertArrayHasKey('user', $content);
$this->assertArrayHasKey('id', $content['user']);
$this->assertArrayHasKey('email', $content['user']);
$this->assertArrayHasKey('fullname', $content['user']);
$createUserId = $content['user']['id'];
$content = $this->request('/account/users/xGetInfo', array('userId' => $createUserId));
$this->assertTrue($content['success']);
$this->assertArrayHasKey('user', $content);
$this->assertArrayHasKey('id', $content['user']);
$this->assertArrayHasKey('email', $content['user']);
$this->assertArrayHasKey('fullname', $content['user']);
$this->assertArrayHasKey('status', $content['user']);
$this->assertArrayHasKey('comments', $content['user']);
// modify some settings
$content = $this->request('/account/users/xSave', array('id' => $createUserId, 'email' => self::getTestName(self::USER_NAME) . '@scalr.com', 'status' => 'Inactive', 'fullname' => 'phpunit test user', 'comments' => 'For testing'));
$this->assertTrue($content['success']);
$content = $this->request('/account/users/xGetInfo', array('userId' => $createUserId));
$this->assertTrue($content['success']);
$this->assertArrayHasKey('user', $content);
$this->assertEquals($content['user']['status'], 'Inactive');
// get api keys
$content = $this->request('/account/users/xGetApiKeys', array('userId' => $createUserId));
$this->assertFalse($content['success']);
// remove user
$content = $this->request("/account/users/xRemove", array('userId' => $createUserId));
$this->assertTrue($content['success']);
// create with api enabled
$content = $this->request('/account/users/xSave', array('email' => self::getTestName(self::USER_NAME) . '@scalr.com', 'password' => '123', 'status' => 'Active', 'fullname' => 'phpunit test user', 'comments' => 'For testing', 'enableApi' => true));
$this->assertTrue($content['success']);
$this->assertArrayHasKey('user', $content);
$createUserId = $content['user']['id'];
// get api keys
$content = $this->request('/account/users/xGetApiKeys', array('userId' => $createUserId));
$this->assertTrue($content['success']);
$this->assertArrayHasKey('accessKey', $content);
$this->assertArrayHasKey('secretKey', $content);
if ($this->getUser()->isAccountOwner()) {
//create team
$content = $this->request("/account/teams/xCreate", array('name' => self::getTestName(self::TEAM_NAME), 'ownerId' => $createUserId, 'envId' => $this->getEnvironment()->id));
$this->assertTrue($content['success']);
$this->assertArrayHasKey('teamId', $content);
$createTeamId = $content['teamId'];
// remove team
$content = $this->request('/account/teams/xRemove', array('teamId' => $createTeamId));
$this->assertTrue($content['success']);
}
// remove user
$content = $this->request('/account/users/xRemove', array('userId' => $createUserId));
$this->assertTrue($content['success']);
}
public function xSaveAction()
{
$this->request->restrictAccess(Acl::RESOURCE_ADMINISTRATION_ENV_CLOUDS);
$params = array('envId' => array('type' => 'int'), 'teams' => array('type' => 'json'));
if ($this->user->isAccountOwner()) {
$params['name'] = array('type' => 'string', 'validator' => array(Scalr_Validator::REQUIRED => true, Scalr_Validator::NOHTML => true));
}
$this->request->defineParams($params);
$this->request->validate();
if ($this->request->isValid()) {
$isNew = false;
if (!$this->getParam('envId')) {
//create new environment
if (!$this->user->isAccountOwner()) {
throw new Scalr_Exception_InsufficientPermissions();
}
$this->user->getAccount()->validateLimit(Scalr_Limits::ACCOUNT_ENVIRONMENTS, 1);
$env = $this->user->getAccount()->createEnvironment($this->getParam('name'));
$isNew = true;
} else {
$env = Scalr_Environment::init()->loadById($this->getParam('envId'));
}
$this->user->getPermissions()->validate($env);
if (!$this->user->getAclRolesByEnvironment($env->id)->isAllowed(Acl::RESOURCE_ADMINISTRATION_ENV_CLOUDS)) {
throw new Scalr_Exception_InsufficientPermissions();
}
//set name and status
if ($this->user->isAccountOwner()) {
$env->name = $this->getParam('name');
}
if ($this->user->canManageAcl()) {
$env->status = $this->getParam('status') == Scalr_Environment::STATUS_ACTIVE ? Scalr_Environment::STATUS_ACTIVE : Scalr_Environment::STATUS_INACTIVE;
}
$env->save();
if ($this->user->canManageAcl()) {
//set teams
$env->clearTeams();
if ($this->getContainer()->config->get('scalr.auth_mode') == 'ldap') {
foreach ($this->getParam('teams') as $name) {
$name = trim($name);
if ($name) {
$id = $this->db->GetOne('SELECT id FROM account_teams WHERE name = ? AND account_id = ? LIMIT 1', array($name, $this->user->getAccountId()));
if (!$id) {
$team = new Scalr_Account_Team();
$team->name = $name;
$team->accountId = $this->user->getAccountId();
$team->save();
$id = $team->id;
}
$env->addTeam($id);
}
}
// remove unused teams
$ids = $this->db->GetAll('
SELECT account_teams.id
FROM account_teams
LEFT JOIN account_team_envs ON account_team_envs.team_id = account_teams.id
WHERE ISNULL(account_team_envs.env_id) AND account_teams.account_id = ?
', array($this->user->getAccountId()));
foreach ($ids as $id) {
$team = new Scalr_Account_Team();
$team->loadById($id['id']);
$team->delete();
}
} else {
foreach ($this->getParam('teams') as $id) {
$env->addTeam($id);
}
}
}
$this->response->success($isNew ? 'Environment successfully created' : 'Environment saved');
$env = Scalr_Environment::init()->loadById($env->id);
//reload env to be sure we have actual params
$teams = array();
foreach ($env->getTeams() as $teamId) {
if ($this->getContainer()->config->get('scalr.auth_mode') == 'ldap') {
$team = new Scalr_Account_Team();
$team->loadById($teamId);
$teams[] = $team->name;
} else {
$teams[] = $teamId;
}
}
$this->response->data(array('env' => array('id' => $env->id, 'name' => $env->name, 'status' => $env->status, 'platforms' => $env->getEnabledPlatforms(), 'teams' => $teams)));
} else {
$this->response->failure($this->request->getValidationErrorsMessage());
}
}
