/**
* @param string $platform Name of platform
* @param string $cloudLocation Name of location
* @param array $ids The list of the identifiers of the cloud instances
* @param int $roleId optional Identifier of Role
* @return array
* @throws Exception
*/
public function checkStatus($platform, $cloudLocation, $ids, $roleId = null)
{
if (!in_array($platform, $this->allowedPlatforms)) {
throw new Exception(sprintf("Platform '%s' is not supported", $platform));
}
if (!$this->environment->isPlatformEnabled($platform)) {
throw new Exception(sprintf("Platform '%s' is not enabled", $platform));
}
if (empty($ids) || empty($ids[0])) {
throw new Exception("You should provide at least one instanceId");
}
$instances = PlatformFactory::NewPlatform($platform)->getOrphanedServers($this->getEnvironmentEntity(), $cloudLocation, $ids);
$status = ['instances' => $instances];
$imageIds = array_unique(array_map(function ($item) {
return $item->imageId;
}, $instances));
if (count($imageIds) != 1) {
$status['compatibility'] = ['success' => false];
return $status;
}
/* @var $instance OrphanedServer */
$instance = $instances[0];
$status['compatibility'] = ['success' => true];
// Check vpc compatibility
if ($instance->vpcId && $instance->subnetId) {
$gov = new Scalr_Governance($this->getEnvironmentId());
$vpcGovernanceRegions = $gov->getValue(SERVER_PLATFORMS::EC2, Scalr_Governance::AWS_VPC, 'regions');
if (isset($vpcGovernanceRegions)) {
if (!array_key_exists($cloudLocation, $vpcGovernanceRegions)) {
$status['compatibility']['success'] = false;
$status['compatibility']['message'] = sprintf('Region <b>%s</b> is not allowed by the Governance.', $cloudLocation);
} else {
$vpcGovernanceIds = $vpcGovernanceRegions[$cloudLocation]['ids'];
if (!empty($vpcGovernanceIds) && !in_array($instance->vpcId, $vpcGovernanceIds)) {
$status['compatibility']['success'] = false;
$status['compatibility']['message'] = sprintf('VPC <b>%s</b> is not allowed by the Governance.', $instance->vpcId);
} else {
$vpcGovernanceIds = $gov->getValue(SERVER_PLATFORMS::EC2, Scalr_Governance::AWS_VPC, 'ids');
/* @var $platformObject Ec2PlatformModule */
$platformObject = PlatformFactory::NewPlatform(SERVER_PLATFORMS::EC2);
$subnet = $platformObject->listSubnets($this->getEnvironment(), $cloudLocation, $instance->vpcId, true, $instance->subnetId);
if (isset($vpcGovernanceIds[$instance->vpcId])) {
if (!empty($vpcGovernanceIds[$instance->vpcId]) && is_array($vpcGovernanceIds[$instance->vpcId]) && !in_array($instance->subnetId, $vpcGovernanceIds[$instance->vpcId])) {
$status['compatibility']['success'] = false;
$status['compatibility']['message'] = sprintf('Subnet <b>%s</b> is prohibited by the Governance.', $instance->subnetId);
} else {
if ($vpcGovernanceIds[$instance->vpcId] == "outbound-only" && $subnet['type'] != 'private') {
$status['compatibility']['success'] = false;
$status['compatibility']['message'] = 'Only private subnets are allowed by the Governance.';
} else {
if ($vpcGovernanceIds[$instance->vpcId] == "full" && $subnet['type'] != 'public') {
$status['compatibility']['success'] = false;
$status['compatibility']['message'] = 'Only public subnets are allowed by the Governance.';
}
}
}
}
}
}
}
}
if (!$status['compatibility']['success']) {
return $status;
}
$scopeCriteria = ['$or' => [['accountId' => null], ['$and' => [['accountId' => $this->getUser()->accountId], ['$or' => [['envId' => null], ['envId' => $this->getEnvironment()->id]]]]]]];
/* @var $image Entity\Image */
$image = Entity\Image::findOne([['platform' => $platform], ['cloudLocation' => $cloudLocation], ['id' => $instance->imageId], $scopeCriteria]);
$status['image'] = ['success' => !!$image, 'data' => ['id' => $instance->imageId]];
if ($image) {
if ($image->isScalarized) {
$status['image']['success'] = false;
$status['image']['isScalarized'] = true;
return $status;
}
$status['image']['data'] = ['hash' => $image->hash, 'name' => $image->name, 'id' => $image->id, 'scope' => $image->getScope()];
$criteria = [['platform' => $platform], ['imageId' => $image->id]];
if (!($platform == SERVER_PLATFORMS::GCE || $platform == SERVER_PLATFORMS::AZURE)) {
$criteria[] = ['cloudLocation' => $cloudLocation];
}
$roleIds = [];
foreach (Entity\RoleImage::find($criteria) as $ri) {
$roleIds[] = $ri->roleId;
}
if (count($roleIds)) {
$roles = Entity\Role::find([['id' => ['$in' => $roleIds]], ['isScalarized' => false], $scopeCriteria]);
$status['role'] = ['availableRoles' => [], 'image' => Scalr_UI_Controller_Images::controller()->convertEntityToArray($image)];
$selectedRole = null;
if (count($roles) == 1) {
$selectedRole = $roles->current();
} else {
if ($roleId && in_array($roleId, $roleIds)) {
foreach ($roles as $role) {
/* @var $role Entity\Role */
if ($role->id == $roleId) {
$selectedRole = $role;
break;
}
}
}
}
foreach ($roles as $role) {
/* @var $role Entity\Role */
$status['role']['availableRoles'][] = ['id' => $role->id, 'name' => $role->name, 'scope' => $role->getScope()];
}
if ($selectedRole) {
$status['role']['success'] = true;
$status['role']['data'] = ['id' => $selectedRole->id, 'name' => $selectedRole->name, 'scope' => $selectedRole->getScope()];
$farms = [];
$status['farmrole'] = ['instance' => ['instanceType' => $instance->instanceType, 'vpcId' => $instance->vpcId, 'subnetId' => $instance->subnetId, 'roleName' => $selectedRole->name]];
foreach (Entity\Farm::find([['envId' => $this->getEnvironment()->id], ['status' => FARM_STATUS::RUNNING]]) as $farm) {
/* @var $farm Entity\Farm */
if ($this->request->hasPermissions($farm, Acl::PERM_FARMS_UPDATE) && $this->request->hasPermissions($farm, Acl::PERM_FARMS_SERVERS)) {
// cloud specific (EC2)
if ($farm->settings[Entity\FarmSetting::EC2_VPC_ID] == $instance->vpcId) {
$farms[$farm->id] = ['id' => $farm->id, 'name' => $farm->name, 'farmroles' => []];
}
}
}
foreach (Entity\FarmRole::find([['farmId' => ['$in' => array_keys($farms)]], ['roleId' => $selectedRole->id]]) as $farmRole) {
/* @var $farmRole Entity\FarmRole */
if (isset($farms[$farmRole->farmId])) {
if (!$instance->subnetId || $instance->subnetId && in_array($instance->subnetId, json_decode($farmRole->settings[Entity\FarmRoleSetting::AWS_VPC_SUBNET_ID]))) {
$farms[$farmRole->farmId]['farmroles'][] = ['id' => $farmRole->id, 'name' => $farmRole->alias, 'tags' => $farmRole->getCloudTags(true)];
}
}
}
$status['farmrole']['data'] = array_values($farms);
$status['farmrole']['success'] = false;
} else {
if (count($roles) > 1) {
$status['role']['success'] = false;
} else {
$status['role']['success'] = false;
}
}
} else {
$status['role']['success'] = false;
$status['role']['image'] = Scalr_UI_Controller_Images::controller()->convertEntityToArray($image);
}
}
return $status;
}
/**
* @param int $roleId
* @throws Exception
* @throws Scalr_Exception_Core
* @throws Scalr_Exception_InsufficientPermissions
* @throws Scalr_UI_Exception_NotFound
*/
public function editAction($roleId = 0)
{
$this->request->restrictAccess('ROLES', 'MANAGE');
$params = array();
$params['scriptData'] = \Scalr\Model\Entity\Script::getScriptingData($this->user->getAccountId(), $this->getEnvironmentId(true));
$params['categories'] = array_values($this->listRoleCategories());
$params['accountScripts'] = [];
if (!$this->user->isScalrAdmin()) {
foreach (Scalr_UI_Controller_Account2_Orchestration::controller()->getOrchestrationRules() as $script) {
$script['system'] = 'account';
$params['accountScripts'][] = $script;
}
}
$envs = [];
if ($this->request->getScope() == ScopeInterface::SCOPE_ACCOUNT) {
foreach (Environment::find([['accountId' => $this->user->getAccountId()]], null, ['name' => true]) as $env) {
/* @var $env Environment */
$envs[] = ['id' => $env->id, 'name' => $env->name, 'enabled' => 1];
}
}
$variables = new Scalr_Scripting_GlobalVariables($this->user->getAccountId(), $this->getEnvironmentId(true), ScopeInterface::SCOPE_ROLE);
if ($roleId) {
/* @var $role Role */
$role = Role::findPk($roleId);
if (!$role) {
throw new Scalr_Exception_Core(sprintf(_("Role ID#%s not found in database"), $roleId));
}
$this->request->checkPermissions($role, true);
$images = array();
foreach (RoleImage::find([['roleId' => $role->id]]) as $image) {
/* @var $image RoleImage */
$im = $image->getImage();
$a = get_object_vars($image);
if ($im) {
$b = get_object_vars($im);
$b['scope'] = $im->getScope();
$b['dtAdded'] = Scalr_Util_DateTime::convertTz($b['dtAdded']);
$b['software'] = $im->getSoftwareAsString();
$a['name'] = $im->name;
$a['hash'] = $im->hash;
$a['extended'] = $b;
}
$images[] = $a;
}
$properties = [];
foreach (RoleProperty::find([['roleId' => $role->id], ['name' => ['$like' => 'chef.%']]]) as $prop) {
/* @var $prop RoleProperty */
$properties[$prop->name] = $prop->value;
}
$params['role'] = array('roleId' => $role->id, 'name' => $role->name, 'catId' => $role->catId, 'os' => $role->getOs()->name, 'osId' => $role->osId, 'osFamily' => $role->getOs()->family, 'osGeneration' => $role->getOs()->generation, 'osVersion' => $role->getOs()->version, 'description' => $role->description, 'behaviors' => $role->getBehaviors(), 'images' => $images, 'scripts' => $role->getScripts(), 'dtadded' => Scalr_Util_DateTime::convertTz($role->added), 'addedByEmail' => $role->addedByEmail, 'chef' => $properties, 'isQuickStart' => $role->isQuickStart, 'isDeprecated' => $role->isDeprecated, 'isScalarized' => $role->isScalarized, 'environments' => []);
if ($this->request->getScope() == ScopeInterface::SCOPE_ACCOUNT) {
$allowedEnvs = $role->getAllowedEnvironments();
if (!empty($allowedEnvs)) {
foreach ($envs as &$env) {
$env['enabled'] = in_array($env['id'], $allowedEnvs) ? 1 : 0;
}
}
$params['role']['environments'] = $envs;
}
$params['role']['variables'] = $variables->getValues($role->id);
$params['roleUsage'] = ['farms' => $role->getFarmsCount($this->user->getAccountId(), $this->getEnvironmentId(true)), 'instances' => $role->getServersCount($this->user->getAccountId(), $this->getEnvironmentId(true))];
} else {
$params['role'] = array('roleId' => 0, 'name' => '', 'arch' => 'x86_64', 'agent' => 2, 'description' => '', 'behaviors' => array(), 'images' => array(), 'scripts' => array(), 'tags' => array(), 'environments' => [], 'variables' => $variables->getValues(), 'isScalarized' => 1);
if ($this->request->getScope() == ScopeInterface::SCOPE_ACCOUNT) {
$params['role']['environments'] = $envs;
}
}
$this->response->page('ui/roles/edit.js', $params, ['ui/roles/edit/overview.js', 'ui/roles/edit/images.js', 'ui/roles/edit/scripting.js', 'ui/roles/edit/variables.js', 'ui/roles/edit/chef.js', 'ui/roles/edit/environments.js', 'ui/scripts/scriptfield.js', 'ui/core/variablefield.js', 'ui/services/chef/chefsettings.js'], ['ui/roles/edit.css', 'ui/scripts/scriptfield.css']);
}
/**
* Gets the list of the Images which correspond to the Role
*
* @return array Return array of all role's images in format: [platform][cloudLocation] = [id, architecture, type]
* @throws \Exception
*/
public function fetchImagesArray()
{
$result = [];
foreach (RoleImage::find([['roleId' => $this->id]]) as $image) {
/* @var $image RoleImage */
if (!$result[$image->platform]) {
$result[$image->platform] = [];
}
$i = ['id' => $image->imageId, 'architecture' => '', 'type' => ''];
/* @var $im Image */
$im = Image::findOne([['platform' => $image->platform], ['cloudLocation' => $image->cloudLocation], ['id' => $image->imageId], ['$or' => [['envId' => $this->envId == 0 ? NULL : $this->envId], ['envId' => NULL]]]]);
if ($im) {
$i['architecture'] = $im->architecture;
$i['type'] = $im->type;
}
$result[$image->platform][$image->cloudLocation] = $i;
}
return $result;
}
public function editAction()
{
$this->request->restrictAccess(Acl::RESOURCE_FARMS_ROLES, Acl::PERM_FARMS_ROLES_MANAGE);
$this->request->defineParams(array('roleId' => array('type' => 'int')));
$params = array();
$params['scriptData'] = \Scalr\Model\Entity\Script::getScriptingData($this->user->getAccountId(), $this->getEnvironmentId(true));
$params['categories'] = $this->db->GetAll("SELECT * FROM role_categories WHERE env_id IS NULL OR env_id = ?", [$this->user->isScalrAdmin() ? null : $this->getEnvironmentId()]);
$params['accountScripts'] = [];
if (!$this->user->isScalrAdmin()) {
foreach (self::loadController('Orchestration', 'Scalr_UI_Controller_Account2')->getOrchestrationRules() as $script) {
$script['system'] = 'account';
$params['accountScripts'][] = $script;
}
}
$variables = new Scalr_Scripting_GlobalVariables($this->user->getAccountId(), $this->user->isScalrAdmin() ? 0 : $this->getEnvironmentId(), Scalr_Scripting_GlobalVariables::SCOPE_ROLE);
if ($this->getParam('roleId')) {
$dbRole = DBRole::loadById($this->getParam('roleId'));
if (!$this->user->isScalrAdmin()) {
$this->user->getPermissions()->validate($dbRole);
}
$images = array();
foreach (RoleImage::find([['roleId' => $dbRole->id]]) as $image) {
/* @var $image RoleImage */
$im = $image->getImage();
$a = get_object_vars($image);
if ($im) {
$b = get_object_vars($im);
$b['dtAdded'] = Scalr_Util_DateTime::convertTz($b['dtAdded']);
$b['software'] = $im->getSoftwareAsString();
$a['name'] = $im->name;
$a['hash'] = $im->hash;
$a['extended'] = $b;
}
$images[] = $a;
}
$params['role'] = array('roleId' => $dbRole->id, 'name' => $dbRole->name, 'catId' => $dbRole->catId, 'os' => $dbRole->getOs()->name, 'osId' => $dbRole->osId, 'osFamily' => $dbRole->getOs()->family, 'osGeneration' => $dbRole->getOs()->generation, 'osVersion' => $dbRole->getOs()->version, 'description' => $dbRole->description, 'behaviors' => $dbRole->getBehaviors(), 'images' => $images, 'scripts' => $dbRole->getScripts(), 'dtadded' => Scalr_Util_DateTime::convertTz($dbRole->dateAdded), 'addedByEmail' => $dbRole->addedByEmail, 'chef' => $dbRole->getProperties('chef.'));
$params['role']['variables'] = $variables->getValues($dbRole->id);
if ($this->user->isScalrAdmin()) {
$params['roleUsage'] = array('farms' => $dbRole->getFarmRolesCount(), 'instances' => $this->db->GetOne("SELECT COUNT(*) FROM servers LEFT JOIN farm_roles ON servers.farm_roleid = farm_roles.id WHERE farm_roles.role_id=?", array($dbRole->id)));
} else {
$params['roleUsage'] = array('farms' => $dbRole->getFarmRolesCount($this->getEnvironmentId()), 'instances' => $this->db->GetOne("SELECT COUNT(*) FROM servers LEFT JOIN farm_roles ON servers.farm_roleid = farm_roles.id WHERE farm_roles.role_id=? AND env_id=?", array($dbRole->id, $this->getEnvironmentId())));
}
} else {
$params['role'] = array('roleId' => 0, 'name' => '', 'arch' => 'x86_64', 'agent' => 2, 'description' => '', 'behaviors' => array(), 'images' => array(), 'scripts' => array(), 'tags' => array(), 'variables' => $variables->getValues());
}
$this->response->page('ui/roles/edit.js', $params, array('ui/roles/edit/overview.js', 'ui/roles/edit/images.js', 'ui/roles/edit/scripting.js', 'ui/roles/edit/variables.js', 'ui/roles/edit/chef.js', 'ui/scripts/scriptfield.js', 'ui/core/variablefield.js', 'ui/services/chef/chefsettings.js'), array('ui/roles/edit.css', 'ui/scripts/scriptfield.css'));
}