public function xSaveAction() { if (!$this->user->isAccountSuperAdmin() && !$this->request->isAllowed(Acl::RESOURCE_ENVADMINISTRATION_ENV_CLOUDS)) { throw new Scalr_Exception_InsufficientPermissions(); } $params = array('envId' => array('type' => 'int'), 'teams' => array('type' => 'json')); if ($this->user->isAccountOwner() || $this->user->isAccountSuperAdmin()) { $params['name'] = array('type' => 'string', 'validator' => array(Scalr_Validator::REQUIRED => true, Scalr_Validator::NOHTML => true)); } $this->request->defineParams($params); $this->request->validate(); if ($this->getContainer()->analytics->enabled && $this->request->isInterfaceBetaOrNotHostedScalr()) { if ($this->getParam('ccId')) { if (!$this->getContainer()->analytics->ccs->get($this->getParam('ccId'))) { $this->request->addValidationErrors('ccId', 'Invalid cost center ID'); } } else { $this->request->addValidationErrors('ccId', 'Cost center is required field'); } } if ($this->request->isValid()) { $isNew = false; if (!$this->getParam('envId')) { //create new environment if (!$this->user->isAccountOwner() && !$this->user->isAccountSuperAdmin()) { throw new Scalr_Exception_InsufficientPermissions(); } $this->user->getAccount()->validateLimit(Scalr_Limits::ACCOUNT_ENVIRONMENTS, 1); $env = $this->user->getAccount()->createEnvironment($this->getParam('name')); $isNew = true; } else { $env = Scalr_Environment::init()->loadById($this->getParam('envId')); } $this->user->getPermissions()->validate($env); if (!$this->user->isAccountSuperAdmin() && !$this->user->getAclRolesByEnvironment($env->id)->isAllowed(Acl::RESOURCE_ENVADMINISTRATION_ENV_CLOUDS)) { throw new Scalr_Exception_InsufficientPermissions(); } //set name and status if ($this->user->isAccountOwner() || $this->user->isAccountSuperAdmin()) { $env->name = $this->getParam('name'); } if ($this->user->canManageAcl()) { $env->status = $this->getParam('status') == Scalr_Environment::STATUS_ACTIVE ? Scalr_Environment::STATUS_ACTIVE : Scalr_Environment::STATUS_INACTIVE; } $env->save(); if ($this->user->canManageAcl()) { if ($this->getContainer()->analytics->enabled && $this->getParam('ccId')) { $oldCcId = $env->getPlatformConfigValue(Scalr_Environment::SETTING_CC_ID); $env->setPlatformConfig(array(Scalr_Environment::SETTING_CC_ID => $this->getParam('ccId'))); if ($isNew || empty($oldCcId)) { $this->getContainer()->analytics->events->fireAssignCostCenterEvent($env, $this->getParam('ccId')); } elseif ($oldCcId != $this->getParam('ccId')) { $this->getContainer()->analytics->events->fireReplaceCostCenterEvent($env, $this->getParam('ccId'), $oldCcId); } } //set teams $env->clearTeams(); if ($this->getContainer()->config->get('scalr.auth_mode') == 'ldap') { foreach ($this->getParam('teams') as $name) { $name = trim($name); if ($name) { $id = $this->db->GetOne('SELECT id FROM account_teams WHERE name = ? AND account_id = ? LIMIT 1', array($name, $this->user->getAccountId())); if (!$id) { $team = new Scalr_Account_Team(); $team->name = $name; $team->accountId = $this->user->getAccountId(); $team->save(); $id = $team->id; } $env->addTeam($id); } } // remove unused teams $ids = $this->db->GetAll(' SELECT account_teams.id FROM account_teams LEFT JOIN account_team_envs ON account_team_envs.team_id = account_teams.id WHERE ISNULL(account_team_envs.env_id) AND account_teams.account_id = ? ', array($this->user->getAccountId())); foreach ($ids as $id) { $team = new Scalr_Account_Team(); $team->loadById($id['id']); $team->delete(); } if ($this->getContainer()->config->get('scalr.connections.ldap.user')) { $ldap = $this->getContainer()->ldap($this->user->getEmail(), null); if ($ldap->isValidUsername()) { $this->user->applyLdapGroups($ldap->getUserGroups()); } } } else { foreach ($this->getParam('teams') as $id) { $env->addTeam($id); } } } $this->response->success($isNew ? 'Environment successfully created' : 'Environment saved'); $env = Scalr_Environment::init()->loadById($env->id); //reload env to be sure we have actual params $teams = array(); foreach ($env->getTeams() as $teamId) { if ($this->getContainer()->config->get('scalr.auth_mode') == 'ldap') { $team = new Scalr_Account_Team(); $team->loadById($teamId); $teams[] = $team->name; } else { $teams[] = $teamId; } } $this->response->data(array('env' => array('id' => $env->id, 'name' => $env->name, 'status' => $env->status, 'platforms' => $env->getEnabledPlatforms(), 'teams' => $teams, 'ccId' => $env->getPlatformConfigValue(Scalr_Environment::SETTING_CC_ID)))); } else { $this->response->failure($this->request->getValidationErrorsMessage()); } }
public function testUsers() { if (!$this->getUser()->canManageAcl()) { $this->markTestSkipped('Specified test user cannot manage users.'); } // remove previous test data $user = new \Scalr_Account_User(); $user = $user->loadByEmail(self::getTestName(self::USER_NAME) . '@scalr.com', $this->getEnvironment()->clientId); if ($user) { $user->delete(); } $team = new \Scalr_Account_Team(); $result = $team->loadByFilter(array('name' => self::getTestName(self::TEAM_NAME), 'accountId' => $this->getEnvironment()->clientId)); if (count($result)) { foreach ($result as $e) { $obj = new \Scalr_Account_Team(); $obj->loadById($e['id']); $obj->delete(); } } // create $content = $this->request('/account/users/xSave', array('email' => self::getTestName(self::USER_NAME) . '@scalr.com', 'password' => '123', 'status' => 'Active', 'fullname' => 'phpunit test user', 'comments' => 'For testing')); $this->assertTrue($content['success']); $this->assertArrayHasKey('user', $content); $this->assertArrayHasKey('id', $content['user']); $this->assertArrayHasKey('email', $content['user']); $this->assertArrayHasKey('fullname', $content['user']); $createUserId = $content['user']['id']; $content = $this->request('/account/users/xGetInfo', array('userId' => $createUserId)); $this->assertTrue($content['success']); $this->assertArrayHasKey('user', $content); $this->assertArrayHasKey('id', $content['user']); $this->assertArrayHasKey('email', $content['user']); $this->assertArrayHasKey('fullname', $content['user']); $this->assertArrayHasKey('status', $content['user']); $this->assertArrayHasKey('comments', $content['user']); // modify some settings $content = $this->request('/account/users/xSave', array('id' => $createUserId, 'email' => self::getTestName(self::USER_NAME) . '@scalr.com', 'status' => 'Inactive', 'fullname' => 'phpunit test user', 'comments' => 'For testing')); $this->assertTrue($content['success']); $content = $this->request('/account/users/xGetInfo', array('userId' => $createUserId)); $this->assertTrue($content['success']); $this->assertArrayHasKey('user', $content); $this->assertEquals($content['user']['status'], 'Inactive'); // get api keys $content = $this->request('/account/users/xGetApiKeys', array('userId' => $createUserId)); $this->assertFalse($content['success']); // remove user $content = $this->request("/account/users/xRemove", array('userId' => $createUserId)); $this->assertTrue($content['success']); // create with api enabled $content = $this->request('/account/users/xSave', array('email' => self::getTestName(self::USER_NAME) . '@scalr.com', 'password' => '123', 'status' => 'Active', 'fullname' => 'phpunit test user', 'comments' => 'For testing', 'enableApi' => true)); $this->assertTrue($content['success']); $this->assertArrayHasKey('user', $content); $createUserId = $content['user']['id']; // get api keys $content = $this->request('/account/users/xGetApiKeys', array('userId' => $createUserId)); $this->assertTrue($content['success']); $this->assertArrayHasKey('accessKey', $content); $this->assertArrayHasKey('secretKey', $content); if ($this->getUser()->isAccountOwner()) { //create team $content = $this->request("/account/teams/xCreate", array('name' => self::getTestName(self::TEAM_NAME), 'ownerId' => $createUserId, 'envId' => $this->getEnvironment()->id)); $this->assertTrue($content['success']); $this->assertArrayHasKey('teamId', $content); $createTeamId = $content['teamId']; // remove team $content = $this->request('/account/teams/xRemove', array('teamId' => $createTeamId)); $this->assertTrue($content['success']); } // remove user $content = $this->request('/account/users/xRemove', array('userId' => $createUserId)); $this->assertTrue($content['success']); }
public function xSaveAction() { $this->request->restrictAccess(Acl::RESOURCE_ADMINISTRATION_ENV_CLOUDS); $params = array('envId' => array('type' => 'int'), 'teams' => array('type' => 'json')); if ($this->user->isAccountOwner()) { $params['name'] = array('type' => 'string', 'validator' => array(Scalr_Validator::REQUIRED => true, Scalr_Validator::NOHTML => true)); } $this->request->defineParams($params); $this->request->validate(); if ($this->request->isValid()) { $isNew = false; if (!$this->getParam('envId')) { //create new environment if (!$this->user->isAccountOwner()) { throw new Scalr_Exception_InsufficientPermissions(); } $this->user->getAccount()->validateLimit(Scalr_Limits::ACCOUNT_ENVIRONMENTS, 1); $env = $this->user->getAccount()->createEnvironment($this->getParam('name')); $isNew = true; } else { $env = Scalr_Environment::init()->loadById($this->getParam('envId')); } $this->user->getPermissions()->validate($env); if (!$this->user->getAclRolesByEnvironment($env->id)->isAllowed(Acl::RESOURCE_ADMINISTRATION_ENV_CLOUDS)) { throw new Scalr_Exception_InsufficientPermissions(); } //set name and status if ($this->user->isAccountOwner()) { $env->name = $this->getParam('name'); } if ($this->user->canManageAcl()) { $env->status = $this->getParam('status') == Scalr_Environment::STATUS_ACTIVE ? Scalr_Environment::STATUS_ACTIVE : Scalr_Environment::STATUS_INACTIVE; } $env->save(); if ($this->user->canManageAcl()) { //set teams $env->clearTeams(); if ($this->getContainer()->config->get('scalr.auth_mode') == 'ldap') { foreach ($this->getParam('teams') as $name) { $name = trim($name); if ($name) { $id = $this->db->GetOne('SELECT id FROM account_teams WHERE name = ? AND account_id = ? LIMIT 1', array($name, $this->user->getAccountId())); if (!$id) { $team = new Scalr_Account_Team(); $team->name = $name; $team->accountId = $this->user->getAccountId(); $team->save(); $id = $team->id; } $env->addTeam($id); } } // remove unused teams $ids = $this->db->GetAll(' SELECT account_teams.id FROM account_teams LEFT JOIN account_team_envs ON account_team_envs.team_id = account_teams.id WHERE ISNULL(account_team_envs.env_id) AND account_teams.account_id = ? ', array($this->user->getAccountId())); foreach ($ids as $id) { $team = new Scalr_Account_Team(); $team->loadById($id['id']); $team->delete(); } } else { foreach ($this->getParam('teams') as $id) { $env->addTeam($id); } } } $this->response->success($isNew ? 'Environment successfully created' : 'Environment saved'); $env = Scalr_Environment::init()->loadById($env->id); //reload env to be sure we have actual params $teams = array(); foreach ($env->getTeams() as $teamId) { if ($this->getContainer()->config->get('scalr.auth_mode') == 'ldap') { $team = new Scalr_Account_Team(); $team->loadById($teamId); $teams[] = $team->name; } else { $teams[] = $teamId; } } $this->response->data(array('env' => array('id' => $env->id, 'name' => $env->name, 'status' => $env->status, 'platforms' => $env->getEnabledPlatforms(), 'teams' => $teams))); } else { $this->response->failure($this->request->getValidationErrorsMessage()); } }