private function saveAzure()
{
if (Scalr::isHostedScalr() && !$this->request->getHeaderVar('Interface-Beta')) {
$this->response->failure('Azure support available only for Scalr Enterprise Edition.');
return;
}
$enabled = false;
$currentCloudCredentials = $this->env->keychain(SERVER_PLATFORMS::AZURE);
if (empty($currentCloudCredentials->id)) {
$currentCloudCredentials = $this->makeCloudCredentials(SERVER_PLATFORMS::AZURE, [], Entity\CloudCredentials::STATUS_DISABLED);
}
/* @var $ccProps Scalr\Model\Collections\SettingsCollection */
$ccProps = $currentCloudCredentials->properties;
if ($this->getParam('azure.is_enabled')) {
$enabled = true;
$tenantName = $this->checkVar(Entity\CloudCredentialsProperty::AZURE_TENANT_NAME, 'string', "Azure Tenant name is required", SERVER_PLATFORMS::AZURE);
$ccProps->saveSettings([Entity\CloudCredentialsProperty::AZURE_AUTH_STEP => 0]);
if (!count($this->checkVarError)) {
$oldTenantName = $ccProps[Entity\CloudCredentialsProperty::AZURE_TENANT_NAME];
$ccProps->saveSettings([Entity\CloudCredentialsProperty::AZURE_TENANT_NAME => $tenantName]);
$azure = $this->env->azure();
$ccProps->saveSettings([Entity\CloudCredentialsProperty::AZURE_AUTH_STEP => 1]);
$authorizationCode = $ccProps[Entity\CloudCredentialsProperty::AZURE_AUTH_CODE];
$accessToken = $ccProps[Entity\CloudCredentialsProperty::AZURE_ACCESS_TOKEN];
if (empty($authorizationCode) && empty($accessToken) || $oldTenantName != $ccProps[Entity\CloudCredentialsProperty::AZURE_TENANT_NAME]) {
$ccProps->saveSettings([Entity\CloudCredentialsProperty::AZURE_AUTH_CODE => false, Entity\CloudCredentialsProperty::AZURE_SUBSCRIPTION_ID => false]);
$location = $azure->getAuthorizationCodeLocation();
$this->response->data(['authLocation' => $location]);
return;
}
$ccProps->saveSettings([Entity\CloudCredentialsProperty::AZURE_AUTH_STEP => 0]);
$subscriptionId = trim($this->checkVar(Entity\CloudCredentialsProperty::AZURE_SUBSCRIPTION_ID, 'string', "Azure Subscription id is required", SERVER_PLATFORMS::AZURE));
$params[Entity\CloudCredentialsProperty::AZURE_SUBSCRIPTION_ID] = $subscriptionId;
if (!count($this->checkVarError)) {
$oldSubscriptionId = $ccProps[Entity\CloudCredentialsProperty::AZURE_SUBSCRIPTION_ID];
if ($subscriptionId != $oldSubscriptionId) {
$azure->getClientToken();
$objectId = $azure->getAppObjectId();
$params[Entity\CloudCredentialsProperty::AZURE_CLIENT_OBJECT_ID] = $objectId;
$contributorRoleId = $azure->getContributorRoleId($subscriptionId);
$params[Entity\CloudCredentialsProperty::AZURE_CONTRIBUTOR_ID] = $contributorRoleId;
$roleAssignment = $azure->getContributorRoleAssignmentInfo($subscriptionId, $objectId, $contributorRoleId);
if (empty($roleAssignment)) {
$roleAssignmentId = \Scalr::GenerateUID();
$azure->assignContributorRoleToApp($subscriptionId, $roleAssignmentId, $objectId, $contributorRoleId);
} else {
$roleAssignmentId = $roleAssignment->name;
}
$params[Entity\CloudCredentialsProperty::AZURE_ROLE_ASSIGNMENT_ID] = $roleAssignmentId;
$ccProps->saveSettings([Entity\CloudCredentialsProperty::AZURE_CLIENT_TOKEN => false, Entity\CloudCredentialsProperty::AZURE_CLIENT_TOKEN_EXPIRE => false]);
$azure->getClientToken(Azure::URL_CORE_WINDOWS);
$ccProps->saveSettings($params);
$providersList = $azure->getProvidersList($subscriptionId);
$requiredProviders = ProviderData::getRequiredProviders();
foreach ($providersList as $providerData) {
/* @var $providerData ProviderData */
if (in_array($providerData->namespace, $requiredProviders) && $providerData->registrationState == ProviderData::REGISTRATION_STATE_NOT_REGISTERED) {
$registerResponse = $azure->registerSubscription($subscriptionId, $providerData->namespace);
}
}
if (!empty($registerResponse)) {
do {
sleep(5);
$provider = $azure->getLocationsList($registerResponse->namespace);
} while ($provider->registrationState != ProviderData::REGISTRATION_STATE_REGISTERED);
}
}
$ccProps[Entity\CloudCredentialsProperty::AZURE_AUTH_STEP] = 3;
} else {
$this->response->failure();
$this->response->data(['errors' => $this->checkVarError]);
return;
}
} else {
$this->response->failure();
$this->response->data(['errors' => $this->checkVarError]);
return;
}
}
$this->db->BeginTrans();
try {
$this->env->enablePlatform(SERVER_PLATFORMS::AZURE, $enabled);
if ($enabled) {
$currentCloudCredentials->status = Entity\CloudCredentials::STATUS_ENABLED;
$currentCloudCredentials->save();
}
if (!$this->user->getAccount()->getSetting(Scalr_Account::SETTING_DATE_ENV_CONFIGURED)) {
$this->user->getAccount()->setSetting(Scalr_Account::SETTING_DATE_ENV_CONFIGURED, time());
}
$this->response->success('Environment saved');
$this->response->data(['enabled' => $enabled]);
} catch (Exception $e) {
$this->db->RollbackTrans();
throw new Exception(_("Failed to save Azure settings: {$e->getMessage()}"));
}
$this->db->CommitTrans();
}
/**
* Unregister a subscription from a resource provider.
*
* @param string $subscriptionId subscription::subscriptionId value of one of user's subscriptions
* @param string $resourceProvider The namespace of the resource provider with which you want to unregister from your subscription
* @return ProviderData
* @throws AzureException
*/
public function unregisterSubscription($subscriptionId, $resourceProvider)
{
$result = null;
$path = '/subscriptions/' . $subscriptionId . '/providers/' . $resourceProvider . '/unregister';
$request = $this->getClient()->prepareRequest($path, 'POST', self::SUBSCRIPTION_API_VERSION, self::URL_MANAGEMENT_WINDOWS);
$response = $this->getClient()->call($request);
if (!$response->hasError()) {
$result = ProviderData::initArray($response->getResult());
}
return $result;
}
