/**
* Save metric.
*
* @param string $name
* @param string $retrieveMethod
* @param string $calcFunction
* @param int $metricId optional
* @param string $filePath optional
* @param bool $isInvert optional
* @throws Exception
* @throws Scalr_Exception_Core
* @throws Scalr_Exception_InsufficientPermissions
* @throws \Scalr\Exception\ModelException
*/
public function xSaveAction($name, $retrieveMethod, $calcFunction = null, $metricId = null, $filePath = null, $isInvert = false)
{
$this->request->restrictAccess(Acl::RESOURCE_GENERAL_CUSTOM_SCALING_METRICS, Acl::PERM_GENERAL_CUSTOM_SCALING_METRICS_MANAGE);
$validator = new Validator();
if ($metricId) {
/* @var $metric Entity\ScalingMetric */
$metric = Entity\ScalingMetric::findPk($metricId);
if (!$metric) {
throw new Scalr_UI_Exception_NotFound();
}
$this->user->getPermissions()->validate($metric);
} else {
$metric = new Entity\ScalingMetric();
$metric->accountId = $this->user->getAccountId();
$metric->envId = $this->getEnvironmentId();
$metric->alias = 'custom';
$metric->algorithm = Entity\ScalingMetric::ALGORITHM_SENSOR;
}
if (!preg_match('/^' . Entity\ScalingMetric::NAME_REGEXP . '$/', $name)) {
$validator->addError('name', 'Metric name should be both alphanumeric and greater than 5 chars');
}
if ($retrieveMethod == Entity\ScalingMetric::RETRIEVE_METHOD_URL_REQUEST) {
$validator->addErrorIf($validator->validateUrl($filePath) !== true, 'filePath', 'Invalid URL');
} else {
$validator->addErrorIf($validator->validateNotEmpty($calcFunction) !== true, 'calcFunction', 'Calculation function is required');
}
$criteria = [];
$criteria[] = ['name' => $name];
if ($metricId) {
$criteria[] = ['id' => ['$ne' => $metricId]];
}
if (Entity\ScalingMetric::findOne($criteria)) {
$validator->addError('name', 'Metric with the same name already exists');
}
if ($validator->isValid($this->response)) {
$metric->name = $name;
$metric->filePath = $filePath;
$metric->retrieveMethod = $retrieveMethod;
$metric->calcFunction = $calcFunction;
$metric->isInvert = $isInvert;
$metric->save();
$this->response->success('Scaling metric has been successfully saved.');
$this->response->data(['metric' => get_object_vars($metric)]);
}
}
/**
* @param int $accountId
* @param RawData $password
* @param RawData $currentPassword
* @throws Exception
*/
public function xSaveOwnerPasswordAction($accountId, RawData $password, RawData $currentPassword)
{
$account = new Scalr_Account();
$account->loadById($accountId);
$password = (string) $password;
$validator = new Validator();
$validator->addErrorIf(!$this->user->checkPassword($currentPassword), "currentPassword", "Invalid password");
$validator->validate($password, "password", Validator::PASSWORD, ['admin']);
if ($validator->isValid($this->response)) {
$user = $account->getOwner();
$user->updatePassword($password);
$user->save();
// Send notification E-mail
$this->getContainer()->mailer->sendTemplate(SCALR_TEMPLATES_PATH . '/emails/password_change_admin_notification.eml', array('{{fullname}}' => $user->fullname ? $user->fullname : $user->getEmail(), '{{administratorFullName}}' => $this->user->fullname ? $this->user->fullname : $this->user->getEmail()), $user->getEmail(), $user->fullname);
$this->response->success('Password successfully updated');
}
}
/**
* Add or update announcement message
*
* @param string $msg Announcement's text
* @param string $title Announcement's title
* @param int $id optional Announcement's ID
* @throws Exception
* @throws Scalr_Exception_Core
* @throws Scalr_Exception_InsufficientPermissions
* @throws \Scalr\Exception\ModelException
*/
public function xSaveAction($msg, $title, $id = null)
{
$this->request->restrictAccess(Acl::RESOURCE_ANNOUNCEMENTS);
/* @var $announcement Scalr\Model\Entity\Announcement */
if (empty($id)) {
$announcement = new Announcement();
/* @var $user Scalr\Model\Entity\Account\User */
$user = $this->getUser();
$announcement->accountId = $user->accountId ?: null;
$announcement->createdById = $user->id;
$announcement->createdByEmail = $user->email;
$announcement->added = new \DateTime();
} else {
$announcement = Announcement::findPk($id);
if (!$announcement) {
throw new Exception('Announcement was not found');
}
$this->request->checkPermissions($announcement, true);
}
$validator = new Validator();
$validator->validate($msg, 'msg', $validator::NOEMPTY);
$validator->validate($title, 'title', $validator::NOEMPTY);
$validator->addErrorIf(strlen($title) > 100, 'title', 'Maximum length for this field is 100');
if (!$validator->isValid($this->response)) {
return;
}
$announcement->title = $title;
$announcement->msg = $msg;
$announcement->save();
$this->response->data(['announcement' => $this->prepareDataForList($announcement)]);
$this->response->success("Announcement saved");
}
/**
* @param $password
* @param $cpassword
* @param $securityIpWhitelist
*/
public function xSecuritySaveAction($password, $cpassword, $securityIpWhitelist)
{
$validator = new Validator();
$validator->validate($password, 'password', Validator::NOEMPTY);
$validator->validate($cpassword, 'cpassword', Validator::NOEMPTY);
$validator->addErrorIf($password && $cpassword && $password != $cpassword, ['password', 'cpassword'], 'Two passwords are not equal');
$subnets = array();
$securityIpWhitelist = trim($securityIpWhitelist);
if ($securityIpWhitelist) {
$whitelist = explode(',', $securityIpWhitelist);
foreach ($whitelist as $mask) {
$sub = Scalr_Util_Network::convertMaskToSubnet($mask);
if ($sub) {
$subnets[] = $sub;
} else {
$validator->addError('securityIpWhitelist', sprintf('Not valid mask: %s', $mask));
}
}
}
if (count($subnets) && !Scalr_Util_Network::isIpInSubnets($this->request->getRemoteAddr(), $subnets)) {
$validator->addError('securityIpWhitelist', 'New IP access whitelist doesn\'t correspond your current IP address');
}
if ($validator->isValid($this->response)) {
$updateSession = false;
if ($password != '******') {
$this->user->updatePassword($password);
$updateSession = true;
}
$this->user->setVar(Scalr_Account_User::VAR_SECURITY_IP_WHITELIST, count($subnets) ? serialize($subnets) : '');
$this->user->save();
if ($updateSession) {
Scalr_Session::create($this->user->getId());
}
$this->response->success('Security settings successfully updated');
}
}
/**
* @param RawData $password
* @param RawData $cpassword
* @param $securityIpWhitelist
* @param RawData $currentPassword optional
*/
public function xSecuritySaveAction(RawData $password, RawData $cpassword, $securityIpWhitelist, RawData $currentPassword = null)
{
$validator = new Validator();
if ($password != '******') {
$validator->addErrorIf(!$this->user->checkPassword($currentPassword), ['currentPassword'], 'Invalid password');
}
$validator->validate($password, 'password', Validator::NOEMPTY);
$validator->validate($cpassword, 'cpassword', Validator::NOEMPTY);
$validator->addErrorIf($password && $cpassword && $password != $cpassword, ['password', 'cpassword'], 'Two passwords are not equal');
$subnets = array();
$securityIpWhitelist = trim($securityIpWhitelist);
if ($securityIpWhitelist) {
$whitelist = explode(',', $securityIpWhitelist);
foreach ($whitelist as $mask) {
$sub = Scalr_Util_Network::convertMaskToSubnet($mask);
if ($sub) {
$subnets[] = $sub;
} else {
$validator->addError('securityIpWhitelist', sprintf('Not valid mask: %s', $mask));
}
}
}
if (count($subnets) && !Scalr_Util_Network::isIpInSubnets($this->request->getRemoteAddr(), $subnets)) {
$validator->addError('securityIpWhitelist', 'New IP access whitelist doesn\'t correspond your current IP address');
}
if ($validator->isValid($this->response)) {
$updateSession = false;
if ($password != '******') {
$this->user->updatePassword($password);
$updateSession = true;
// Send notification E-mail
$this->getContainer()->mailer->sendTemplate(SCALR_TEMPLATES_PATH . '/emails/password_change_notification.eml', array('{{fullname}}' => $this->user->fullname ? $this->user->fullname : $this->user->getEmail()), $this->user->getEmail(), $this->user->fullname);
}
$this->user->setVar(Scalr_Account_User::VAR_SECURITY_IP_WHITELIST, count($subnets) ? serialize($subnets) : '');
$this->user->save();
if ($updateSession) {
Scalr_Session::create($this->user->getId());
$this->response->data(['specialToken' => Scalr_Session::getInstance()->getToken()]);
}
$this->response->success('Security settings successfully updated');
}
}
/**
* @param string $serverId
* @param string $name
* @param string $description
* @param bool $createRole
* @param string $scope
* @param string $replaceRole
* @param bool $replaceImage
* @param int $rootVolumeSize
* @param string $rootVolumeType
* @param int $rootVolumeIops
* @throws Exception
*/
public function xServerCreateSnapshotAction($serverId, $name = '', $description = '', $createRole = false, $scope = '', $replaceRole = '', $replaceImage = false, $rootVolumeSize = 0, $rootVolumeType = '', $rootVolumeIops = 0)
{
$this->request->restrictAccess(Acl::RESOURCE_IMAGES_ENVIRONMENT, Acl::PERM_IMAGES_ENVIRONMENT_MANAGE);
$server = $this->getServerEntity($serverId);
$this->request->checkPermissions($server, true);
$farm = $server->getFarm();
$role = $server->getFarmRole()->getRole();
//Check for already running bundle on selected instance
if ($this->db->GetOne("SELECT id FROM bundle_tasks WHERE server_id=? AND status NOT IN ('success', 'failed') LIMIT 1", array($server->serverId))) {
throw new Exception(sprintf(_("Server '%s' is already synchonizing."), $server->serverId));
}
$validator = new Validator();
$validator->addErrorIf(!Entity\Role::isValidName($name), 'name', "Role name is incorrect");
$validator->addErrorIf(!in_array($replaceRole, ['farm', 'all', '']), 'replaceRole', 'Invalid value');
$object = $createRole ? BundleTask::BUNDLETASK_OBJECT_ROLE : BundleTask::BUNDLETASK_OBJECT_IMAGE;
$replaceType = SERVER_REPLACEMENT_TYPE::NO_REPLACE;
$createScope = ScopeInterface::SCOPE_ENVIRONMENT;
if ($createRole) {
$this->request->restrictAccess(Acl::RESOURCE_ROLES_ENVIRONMENT, Acl::PERM_ROLES_ENVIRONMENT_MANAGE);
if ($replaceRole == 'farm') {
if ($farm->hasAccessPermissions($this->getUser(), $this->getEnvironment(), Acl::PERM_FARMS_UPDATE)) {
$replaceType = SERVER_REPLACEMENT_TYPE::REPLACE_FARM;
} else {
$validator->addError('replaceRole', "You don't have permissions to update farm");
}
} else {
if ($replaceRole == 'all') {
if ($this->request->isAllowed([Acl::RESOURCE_FARMS, Acl::RESOURCE_TEAM_FARMS, Acl::RESOURCE_OWN_FARMS], Acl::PERM_FARMS_UPDATE)) {
$replaceType = SERVER_REPLACEMENT_TYPE::REPLACE_ALL;
} else {
$validator->addError('replaceRole', "You don't have permissions to update farms");
}
}
}
/* @var $existRole Entity\Role */
$existRole = Entity\Role::findOne([['name' => $name], ['$or' => [['accountId' => null], ['$and' => [['accountId' => $this->getUser()->accountId], ['$or' => [['envId' => null], ['envId' => $this->getEnvironment()->id]]]]]]]]);
if ($existRole) {
if (empty($existRole->accountId)) {
$validator->addError('name', _("Selected role name is reserved and cannot be used for custom role"));
} else {
if ($replaceType != SERVER_REPLACEMENT_TYPE::REPLACE_ALL) {
$validator->addError('name', _("Specified role name is already used by another role. You can use this role name only if you will replace old one on ALL your farms."));
} else {
if ($replaceType == SERVER_REPLACEMENT_TYPE::REPLACE_ALL && $existRole->id != $role->id) {
$validator->addError('name', _("Specified role name is already in use. You cannot replace a Role different from the one you are currently snapshotting."));
}
}
}
}
if ($btId = BundleTask::getActiveTaskIdByName($name, $this->getUser()->accountId, $this->getEnvironment()->id)) {
$validator->addError('name', sprintf("Specified role name is already reserved for BundleTask with ID: %d.", $btId));
}
if ($replaceType != SERVER_REPLACEMENT_TYPE::NO_REPLACE) {
$chk = BundleTask::getActiveTaskIdByRoleId($role->id, $this->getEnvironment()->id, BundleTask::BUNDLETASK_OBJECT_ROLE);
$validator->addErrorIf($chk, 'replaceRole', sprintf("Role is already synchronizing in BundleTask: %d.", $chk));
}
} else {
$sc = $role->getScope();
if ($replaceImage) {
if ($sc == ScopeInterface::SCOPE_ENVIRONMENT && $this->request->isAllowed(Acl::RESOURCE_ROLES_ENVIRONMENT, Acl::PERM_ROLES_ENVIRONMENT_MANAGE) || $sc == ScopeInterface::SCOPE_ACCOUNT && $this->request->isAllowed(Acl::RESOURCE_ROLES_ACCOUNT, Acl::PERM_ROLES_ACCOUNT_MANAGE)) {
$replaceType = SERVER_REPLACEMENT_TYPE::REPLACE_ALL;
$chk = BundleTask::getActiveTaskIdByRoleId($role->id, $this->getEnvironment()->id, BundleTask::BUNDLETASK_OBJECT_IMAGE);
$validator->addErrorIf($chk, 'replaceImage', sprintf("Role is already synchronizing in BundleTask: %d.", $chk));
} else {
$validator->addError('replaceImage', "You don't have permissions to replace image in role");
}
}
}
if ($scope && ($createRole || $scope != $createScope)) {
if ($createRole) {
$c = $scope == ScopeInterface::SCOPE_ENVIRONMENT && $this->request->isAllowed(Acl::RESOURCE_ROLES_ENVIRONMENT, Acl::PERM_ROLES_ENVIRONMENT_MANAGE) || $scope == ScopeInterface::SCOPE_ACCOUNT && $this->request->isAllowed(Acl::RESOURCE_ROLES_ACCOUNT, Acl::PERM_ROLES_ACCOUNT_MANAGE);
$validator->addErrorIf(!$c, 'scope', sprintf("You don't have permissions to create role in scope %s", $scope));
}
$c = $scope == ScopeInterface::SCOPE_ENVIRONMENT && $this->request->isAllowed(Acl::RESOURCE_IMAGES_ENVIRONMENT, Acl::PERM_IMAGES_ENVIRONMENT_MANAGE) || $scope == ScopeInterface::SCOPE_ACCOUNT && $this->request->isAllowed(Acl::RESOURCE_IMAGES_ACCOUNT, Acl::PERM_IMAGES_ACCOUNT_MANAGE);
$validator->addErrorIf(!$c, 'scope', sprintf("You don't have permissions to create image in scope %s", $scope));
$createScope = $scope;
}
$image = $role->getImage($server->platform, $server->cloudLocation)->getImage();
$rootBlockDevice = [];
if ($server->platform == SERVER_PLATFORMS::EC2 && ($server->isVersionSupported('0.7') && $server->os == 'linux' || $image->isEc2HvmImage())) {
if ($rootVolumeSize > 0) {
$rootBlockDevice['size'] = $rootVolumeSize;
}
if (in_array($rootVolumeType, [CreateVolumeRequestData::VOLUME_TYPE_STANDARD, CreateVolumeRequestData::VOLUME_TYPE_GP2, CreateVolumeRequestData::VOLUME_TYPE_IO1, CreateVolumeRequestData::VOLUME_TYPE_SC1, CreateVolumeRequestData::VOLUME_TYPE_ST1])) {
$rootBlockDevice['volume_type'] = $rootVolumeType;
if ($rootVolumeType == CreateVolumeRequestData::VOLUME_TYPE_IO1 && $rootVolumeIops > 0) {
$rootBlockDevice['iops'] = $rootVolumeIops;
}
}
}
if (!$validator->isValid($this->response)) {
return;
}
$ServerSnapshotCreateInfo = new ServerSnapshotCreateInfo(DBServer::LoadByID($server->serverId), $name, $replaceType, $object, $description, $rootBlockDevice);
$BundleTask = BundleTask::Create($ServerSnapshotCreateInfo);
$BundleTask->createdById = $this->user->id;
$BundleTask->createdByEmail = $this->user->getEmail();
$BundleTask->osId = $role->osId;
$BundleTask->objectScope = $createScope;
if ($role->getOs()->family == 'windows') {
$BundleTask->osFamily = $role->getOs()->family;
$BundleTask->osVersion = $role->getOs()->generation;
$BundleTask->osName = '';
} else {
$BundleTask->osFamily = $role->getOs()->family;
$BundleTask->osVersion = $role->getOs()->version;
$BundleTask->osName = $role->getOs()->name;
}
if (in_array($role->getOs()->family, array('redhat', 'oel', 'scientific')) && $server->platform == SERVER_PLATFORMS::EC2) {
$BundleTask->bundleType = SERVER_SNAPSHOT_CREATION_TYPE::EC2_EBS_HVM;
}
$BundleTask->save();
$this->response->data(['bundleTaskId' => $BundleTask->id]);
$this->response->success("Bundle task successfully created.");
}
/**
* @param string $name
* @param string $org
* @param string $email
* @param RawData $password
* @param string $agreeTerms
* @param string $newBilling
* @param string $country
* @param string $phone
* @param string $lastname
* @param string $firstname
* @param string $v
* @param string $numServers
*/
public function xCreateAccountAction($name = '', $org = '', $email = '', RawData $password = null, $agreeTerms = '', $newBilling = '', $country = '', $phone = '', $lastname = '', $firstname = '', $v = '', $numServers = '', $beta = 0)
{
if (!\Scalr::config('scalr.billing.enabled')) {
header("HTTP/1.0 403 Forbidden");
exit;
}
$validator = new Validator();
if ($v == 2) {
$validator->validate($firstname, "firstname", Validator::NOEMPTY, [], "First name is required");
$validator->validate($lastname, "lastname", Validator::NOEMPTY, [], "Last name is required");
$name = $firstname . " " . $lastname;
} else {
$validator->validate($name, "name", Validator::NOEMPTY, [], "Account name is required");
}
if ($password == '') {
$password = \Scalr::GenerateSecurePassword(User::PASSWORD_ADMIN_LENGTH);
}
$validator->validate($email, "email", Validator::EMAIL);
$validator->validate($password, "password", Validator::PASSWORD, ['admin']);
$validator->addErrorIf($this->db->GetOne("SELECT EXISTS(SELECT * FROM account_users WHERE email = ?)", [$email]), "email", "E-mail already exists in the database");
$validator->validate($agreeTerms, "agreeTerms", Validator::NOEMPTY, [], "You haven't accepted terms and conditions");
$errors = $validator->getErrors(true);
if (empty($errors)) {
$account = Scalr_Account::init();
$account->name = $org ? $org : $name;
$account->status = Scalr_Account::STATUS_ACTIVE;
$account->save();
$user = $account->createUser($email, $password, Scalr_Account_User::TYPE_ACCOUNT_OWNER);
$user->fullname = $name;
$user->save();
if ($this->getContainer()->analytics->enabled) {
$analytics = $this->getContainer()->analytics;
//Default Cost Center should be assigned
$cc = $analytics->ccs->get($analytics->usage->autoCostCentre());
//Assigns account with Cost Center
$accountCcEntity = new AccountCostCenterEntity($account->id, $cc->ccId);
$accountCcEntity->save();
}
//Creates Environment. It will be associated with the Cost Center itself.
$account->createEnvironment("Environment 1");
$account->initializeAcl();
if ($v == 2) {
$user->setSetting('website.phone', $phone);
$user->setSetting('website.country', $country);
$user->setSetting('website.num_servers', $numServers);
}
/**
* Limits
*/
$url = Scalr::config('scalr.endpoint.scheme') . "://" . Scalr::config('scalr.endpoint.host');
try {
$billing = new Scalr_Billing();
$billing->loadByAccount($account);
$billing->createSubscription(Scalr_Billing::PAY_AS_YOU_GO, "", "", "", "");
} catch (Exception $e) {
$account->delete();
header("Location: {$url}/order/?error={$e->getMessage()}");
exit;
}
if ($_COOKIE['__utmz']) {
$gaParser = new Scalr_Service_GoogleAnalytics_Parser();
$clientSettings[CLIENT_SETTINGS::GA_CAMPAIGN_CONTENT] = $gaParser->campaignContent;
$clientSettings[CLIENT_SETTINGS::GA_CAMPAIGN_MEDIUM] = $gaParser->campaignMedium;
$clientSettings[CLIENT_SETTINGS::GA_CAMPAIGN_NAME] = $gaParser->campaignName;
$clientSettings[CLIENT_SETTINGS::GA_CAMPAIGN_SOURCE] = $gaParser->campaignSource;
$clientSettings[CLIENT_SETTINGS::GA_CAMPAIGN_TERM] = $gaParser->campaignTerm;
$clientSettings[CLIENT_SETTINGS::GA_FIRST_VISIT] = $gaParser->firstVisit;
$clientSettings[CLIENT_SETTINGS::GA_PREVIOUS_VISIT] = $gaParser->previousVisit;
$clientSettings[CLIENT_SETTINGS::GA_TIMES_VISITED] = $gaParser->timesVisited;
}
if (!empty($clientSettings)) {
foreach ($clientSettings as $k => $v) {
$account->setSetting($k, $v);
}
}
try {
$this->db->Execute("\n INSERT INTO default_records\n SELECT null, '{$account->id}', rtype, ttl, rpriority, rvalue, rkey\n FROM default_records\n WHERE clientid='0'\n ");
} catch (Exception $e) {
}
$clientinfo = array('fullname' => $name, 'firstname' => $firstname ? $firstname : $name, 'email' => $email, 'password' => $password);
//Sends welcome email
$this->getContainer()->mailer->setFrom('*****@*****.**', 'Scalr')->setHtml()->sendTemplate(SCALR_TEMPLATES_PATH . '/emails/welcome.html.php', array('firstName' => htmlspecialchars($clientinfo['firstname']), 'password' => htmlspecialchars($clientinfo['password']), "siteUrl" => htmlspecialchars($url), "wikiUrl" => htmlspecialchars(\Scalr::config('scalr.ui.wiki_url')), "supportUrl" => htmlspecialchars(\Scalr::config('scalr.ui.support_url')), "isUrl" => preg_match('/^http(s?):\\/\\//i', \Scalr::config('scalr.ui.support_url'))), $email);
$user->getAccount()->setSetting(Scalr_Account::SETTING_IS_TRIAL, 1);
//AutoLogin
$user->updateLastLogin();
Scalr_Session::create($user->getId());
Scalr_Session::keepSession();
if ($beta != 1) {
$this->response->setRedirect("{$url}/thanks.html");
} else {
$this->response->data(array('accountId' => $user->getAccountId()));
}
} else {
if ($beta == 1) {
header("HTTP/1.0 400 Bad request");
print json_encode($errors);
exit;
} else {
$error = array_values($errors)[0];
$this->response->setRedirect("{$url}/order/?error={$error}");
}
}
}
/**
* @param int $id
* @param string $email
* @param string $type
* @param RawData $password
* @param string $status
* @param string $fullname
* @param string $comments
* @param RawData $currentPassword optional
* @throws Scalr_Exception_Core
* @throws Scalr_Exception_InsufficientPermissions
*/
public function xSaveAction($id = 0, $email, $type, RawData $password, $status, $fullname, $comments, RawData $currentPassword = null)
{
$user = Scalr_Account_User::init();
$validator = new Validator();
$isNewUser = empty($id);
$isExistingPasswordChanged = false;
$password = (string) $password;
if (!$isNewUser && $password && !$this->user->checkPassword($currentPassword, false)) {
$this->response->data(['errors' => ['currentPassword' => 'Invalid password']]);
$this->response->failure();
return;
}
if ($password || $isNewUser) {
$validator->validate($password, 'password', Validator::PASSWORD, ['admin']);
}
$validator->validate($email, 'email', Validator::NOEMPTY);
if ($type == User::TYPE_FIN_ADMIN) {
$validator->validate($email, 'email', Validator::EMAIL);
}
if ($isNewUser) {
$validator->addErrorIf($this->db->GetOne("SELECT EXISTS(SELECT 1 FROM `account_users` WHERE email = ?)", [$email]), 'email', 'This email is already in use.');
}
$validator->addErrorIf(!in_array($type, [User::TYPE_SCALR_ADMIN, User::TYPE_FIN_ADMIN]), 'type', 'Type is not valid');
$validator->addErrorIf(!in_array($status, [User::STATUS_ACTIVE, User::STATUS_INACTIVE]), 'type', 'Status is not valid');
if (!$validator->isValid($this->response)) {
return;
}
if (!$isNewUser) {
$user->loadById($id);
if ($user->getEmail() == 'admin' && $user->getId() != $this->user->getId()) {
throw new Scalr_Exception_InsufficientPermissions();
}
if ($user->getEmail() != 'admin') {
$user->updateEmail($email);
}
} else {
$user->create($email, $this->user->getAccountId());
$user->type = $type;
}
if ($password) {
$user->updatePassword($password);
if (!$isNewUser) {
$isExistingPasswordChanged = true;
}
}
if ($user->getEmail() != 'admin') {
$user->status = $status;
$user->type = $type;
$user->fullname = $fullname;
$user->comments = $comments;
}
$user->save();
// Send notification E-mail
if ($isExistingPasswordChanged) {
$this->getContainer()->mailer->sendTemplate(SCALR_TEMPLATES_PATH . '/emails/password_change_admin_notification.eml', array('{{fullname}}' => $user->fullname ? $user->fullname : $user->getEmail(), '{{administratorFullName}}' => $this->user->fullname ? $this->user->fullname : $this->user->getEmail()), $user->getEmail(), $user->fullname);
} else {
if ($isNewUser) {
$this->getContainer()->mailer->sendTemplate(SCALR_TEMPLATES_PATH . '/emails/user_new_admin_notification.eml', array('{{fullname}}' => $user->fullname ? $user->fullname : $user->getEmail(), '{{subject}}' => $user->type == Scalr_Account_User::TYPE_FIN_ADMIN ? 'Financial Admin for Scalr Cost Analytics' : 'Admin for Scalr', '{{user_type}}' => $user->type == Scalr_Account_User::TYPE_FIN_ADMIN ? 'a Financial Admin' : 'an Admin', '{{link}}' => Scalr::config('scalr.endpoint.scheme') . "://" . Scalr::config('scalr.endpoint.host')), $user->getEmail(), $user->fullname);
}
}
$this->response->success('User successfully saved');
}
/**
* @param int $accountId
* @param RawData $password
* @param RawData $cpassword
* @param RawData $currentPassword
* @throws Exception
*/
public function xSaveOwnerPasswordAction($accountId, $password, $cpassword, $currentPassword)
{
$account = new Scalr_Account();
$account->loadById($accountId);
$validator = new Validator();
$validator->addErrorIf(!$this->user->checkPassword($currentPassword), ['currentPassword'], 'Invalid password');
$validator->validate($password, 'password', Validator::NOEMPTY);
$validator->validate($cpassword, 'cpassword', Validator::NOEMPTY);
$validator->addErrorIf($password && $cpassword && $password != $cpassword, ['password', 'cpassword'], 'Two passwords are not equal');
if ($validator->isValid($this->response)) {
$user = $account->getOwner();
$user->updatePassword($password);
$user->save();
// Send notification E-mail
$this->getContainer()->mailer->sendTemplate(SCALR_TEMPLATES_PATH . '/emails/password_change_admin_notification.eml', array('{{fullname}}' => $user->fullname ? $user->fullname : $user->getEmail(), '{{administratorFullName}}' => $this->user->fullname ? $this->user->fullname : $this->user->getEmail()), $user->getEmail(), $user->fullname);
$this->response->success('Password successfully updated');
}
}
