public function xListGroupsAction()
{
$sgFilter = null;
$this->request->defineParams(array('filters' => array('type' => 'json')));
$filters = $this->getParam('filters');
if (!empty($filters['sgIds'])) {
$sgFilter = is_null($sgFilter) ? array() : $sgFilter;
$sgFilter[] = array('name' => SecurityGroupFilterNameType::groupId(), 'value' => $filters['sgIds']);
}
if (!empty($filters['vpcId'])) {
$sgFilter = is_null($sgFilter) ? array() : $sgFilter;
$sgFilter[] = array('name' => SecurityGroupFilterNameType::vpcId(), 'value' => $filters['vpcId']);
}
$sgList = $this->getCloudInstance($this->getParam('platform'), $this->getParam('cloudLocation'))->ec2->securityGroup->describe(null, null, $sgFilter);
$rowz = array();
/* @var $sg SecurityGroupData */
foreach ($sgList as $sg) {
$rowz[] = array('id' => $sg->groupId, 'name' => $sg->groupName, 'description' => $sg->groupDescription, 'vpcId' => $sg->vpcId, 'owner' => $sg->ownerId);
}
$response = $this->buildResponseFromData($rowz, array('id', 'name', 'description', 'vpcId'));
if (!empty($response['data'])) {
$cache = array();
foreach ($response['data'] as &$row) {
preg_match_all('/^scalr-(role|farm)\\.([0-9]+)$/si', $row['name'], $matches);
if (isset($matches[1][0]) && $matches[1][0] == 'role') {
$id = $matches[2][0];
try {
$dbFarmRole = DBFarmRole::LoadByID($id);
$row['farm_id'] = $dbFarmRole->FarmID;
$row['farm_roleid'] = $dbFarmRole->ID;
if (!isset($cache['farms'][$dbFarmRole->FarmID])) {
$cache['farms'][$dbFarmRole->FarmID] = $dbFarmRole->GetFarmObject()->Name;
}
$row['farm_name'] = $cache['farms'][$dbFarmRole->FarmID];
if (!isset($cache['roles'][$dbFarmRole->RoleID])) {
$cache['roles'][$dbFarmRole->RoleID] = $dbFarmRole->GetRoleObject()->name;
}
$row['role_name'] = $cache['roles'][$dbFarmRole->RoleID];
} catch (Exception $e) {
}
}
if (isset($matches[1][0]) && $matches[1][0] == 'farm') {
$id = $matches[2][0];
try {
$dbFarm = DBFarm::LoadByID($id);
$row['farm_id'] = $dbFarm->ID;
if (!isset($cache['farms'][$dbFarm->ID])) {
$cache['farms'][$dbFarm->ID] = $dbFarm->Name;
}
$row['farm_name'] = $cache['farms'][$dbFarm->ID];
} catch (Exception $e) {
}
}
}
}
$this->response->data($response);
}
private function listGroupsEc2($platform, $cloudLocation, $filters)
{
$sgFilter = null;
$result = [];
if (!is_array($filters)) {
$filters = [];
}
if (!empty($filters['sgIds'])) {
$sgFilter = is_null($sgFilter) ? array() : $sgFilter;
$sgFilter[] = array('name' => SecurityGroupFilterNameType::groupId(), 'value' => $filters['sgIds']);
}
if (empty($filters['vpcId']) && array_key_exists('vpcId', $filters)) {
$p = PlatformFactory::NewPlatform(SERVER_PLATFORMS::EC2);
$defaultVpc = $p->getDefaultVpc($this->environment, $cloudLocation);
if ($defaultVpc) {
$filters['vpcId'] = $defaultVpc;
}
}
if (!empty($filters['vpcId'])) {
$sgFilter = is_null($sgFilter) ? array() : $sgFilter;
$sgFilter[] = array('name' => SecurityGroupFilterNameType::vpcId(), 'value' => $filters['vpcId']);
}
$sgList = $this->getPlatformService($platform, $cloudLocation)->describe(null, null, $sgFilter);
/* @var $sg SecurityGroupData */
foreach ($sgList as $sg) {
if (is_array($filters) && array_key_exists('vpcId', $filters) && $filters['vpcId'] == null && $sg->vpcId) {
//we don't want to see VPC Security groups when $filters['vpcId'] == null
continue;
}
$result[] = ['id' => $sg->groupId, 'name' => $sg->groupName, 'description' => $sg->groupDescription, 'vpcId' => $sg->vpcId, 'owner' => $sg->ownerId];
}
if ($filters['considerGovernance']) {
$filteredSg = [];
$allowedSgNames = [];
$governance = new Scalr_Governance($this->getEnvironmentId());
$governanceSecurityGroups = $governance->getValue(SERVER_PLATFORMS::EC2, Scalr_Governance::getEc2SecurityGroupPolicyNameForService($filters['serviceName']), '');
if ($governanceSecurityGroups) {
$sgRequiredPatterns = \Scalr_Governance::prepareSecurityGroupsPatterns($filters['osFamily'] == 'windows' && $governanceSecurityGroups['windows'] ? $governanceSecurityGroups['windows'] : $governanceSecurityGroups['value']);
$sgOptionalPatterns = $governanceSecurityGroups['allow_additional_sec_groups'] ? \Scalr_Governance::prepareSecurityGroupsPatterns($governanceSecurityGroups['additional_sec_groups_list']) : [];
foreach ($result as $sg) {
$sgNameLowerCase = strtolower($sg['name']);
$sgAllowed = false;
if ($governanceSecurityGroups['allow_additional_sec_groups']) {
if (!empty($sgOptionalPatterns)) {
if (isset($sgOptionalPatterns[$sgNameLowerCase])) {
$sgAllowed = true;
} else {
foreach ($sgOptionalPatterns as &$sgOptionalPattern) {
if (isset($sgOptionalPattern['regexp']) && preg_match($sgOptionalPattern['regexp'], $sg['name']) === 1) {
$sgAllowed = true;
break;
}
}
}
} else {
$sgAllowed = true;
}
}
if (isset($sgRequiredPatterns[$sgNameLowerCase])) {
$sgAllowed = true;
$sg['addedByGovernance'] = true;
$sgRequiredPatterns[$sgNameLowerCase]['found'] = true;
} else {
foreach ($sgRequiredPatterns as &$sgRequiredPattern) {
if (isset($sgRequiredPattern['regexp']) && preg_match($sgRequiredPattern['regexp'], $sg['name']) === 1) {
$sgRequiredPattern['matches'][] = $sg;
break;
}
}
}
if ($sgAllowed) {
$allowedSgNames[] = $sgNameLowerCase;
$filteredSg[$sg['id']] = $sg;
}
}
foreach ($sgRequiredPatterns as &$sgRequiredPattern) {
if (isset($sgRequiredPattern['matches']) && count($sgRequiredPattern['matches']) == 1) {
$sg = $sgRequiredPattern['matches'][0];
if (!isset($filteredSg[$sg['id']])) {
$filteredSg[$sg['id']] = $sg;
}
$filteredSg[$sg['id']]['addedByGovernance'] = true;
$sgRequiredPattern['found'] = true;
}
}
$result = $filteredSg;
if (!$filters['existingGroupsOnly']) {
foreach ($sgRequiredPatterns as $sgRequiredPattern) {
if (!$sgRequiredPattern['found']) {
$result[] = ['id' => null, 'name' => $sgRequiredPattern['value'], 'description' => null, 'vpcId' => null, 'owner' => null, 'addedByGovernance' => true];
}
}
}
}
}
return $result;
}
private function listGroupsEc2($platform, $cloudLocation, $filters)
{
$sgFilter = null;
$result = array();
if (!empty($filters['sgIds'])) {
$sgFilter = is_null($sgFilter) ? array() : $sgFilter;
$sgFilter[] = array('name' => SecurityGroupFilterNameType::groupId(), 'value' => $filters['sgIds']);
}
if (!empty($filters['vpcId'])) {
$sgFilter = is_null($sgFilter) ? array() : $sgFilter;
$sgFilter[] = array('name' => SecurityGroupFilterNameType::vpcId(), 'value' => $filters['vpcId']);
}
$sgList = $this->getPlatformService($platform, $cloudLocation)->describe(null, null, $sgFilter);
/* @var $sg SecurityGroupData */
foreach ($sgList as $sg) {
$result[] = array('id' => $sg->groupId, 'name' => $sg->groupName, 'description' => $sg->groupDescription, 'vpcId' => $sg->vpcId, 'owner' => $sg->ownerId);
}
return $result;
}
private function listGroupsEc2($platform, $cloudLocation, $filters)
{
$sgFilter = null;
$result = [];
if (!is_array($filters)) {
$filters = [];
}
if (!empty($filters['sgIds'])) {
$sgFilter = is_null($sgFilter) ? array() : $sgFilter;
$sgFilter[] = array('name' => SecurityGroupFilterNameType::groupId(), 'value' => $filters['sgIds']);
}
if (empty($filters['vpcId']) && array_key_exists('vpcId', $filters)) {
$p = PlatformFactory::NewPlatform(SERVER_PLATFORMS::EC2);
$defaultVpc = $p->getDefaultVpc($this->environment, $cloudLocation);
if ($defaultVpc) {
$filters['vpcId'] = $defaultVpc;
}
}
if (!empty($filters['vpcId'])) {
$sgFilter = is_null($sgFilter) ? array() : $sgFilter;
$sgFilter[] = array('name' => SecurityGroupFilterNameType::vpcId(), 'value' => $filters['vpcId']);
}
$sgList = $this->getPlatformService($platform, $cloudLocation)->describe(null, null, $sgFilter);
/* @var $sg SecurityGroupData */
$considerGovernance = $filters['considerGovernance'];
if ($considerGovernance) {
$governance = new Scalr_Governance($this->getEnvironmentId());
$values = $governance->getValues(true);
if (!empty($values['ec2']['aws.additional_security_groups']->value)) {
$sgDefaultNames = explode(',', $values['ec2']['aws.additional_security_groups']->value);
}
}
$sgNames = [];
foreach ($sgList as $sg) {
if (is_array($filters) && array_key_exists('vpcId', $filters) && $filters['vpcId'] == null && $sg->vpcId) {
continue;
}
if ($considerGovernance && empty($values['ec2']['aws.additional_security_groups']->allow_additional_sec_groups) && !empty($sgDefaultNames) && !in_array($sg->groupName, $sgDefaultNames)) {
continue;
}
$result[] = ['id' => $sg->groupId, 'name' => $sg->groupName, 'description' => $sg->groupDescription, 'vpcId' => $sg->vpcId, 'owner' => $sg->ownerId];
$sgNames[] = $sg->groupName;
}
if ($considerGovernance && !empty($sgDefaultNames)) {
foreach ($sgDefaultNames as $sgDefaultName) {
if (!in_array($sgDefaultName, $sgNames)) {
$result[] = ['id' => null, 'name' => $sgDefaultName, 'description' => null, 'vpcId' => null, 'owner' => null];
}
}
}
return $result;
}
