/**
* {@inheritdoc}
* @see Scalr\Upgrade.UpdateInterface::hasTable()
*/
public function hasTable($table, $database = null)
{
$ret = $this->db->getOne("SHOW TABLES " . ($database ? "FROM `" . $this->db->escape($database) . "` " : "") . "LIKE ?", array($table));
return $ret ? true : false;
}
/**
* Saves account role to database
*
* @param int $accountId The ID of the account.
* @param int $baseRoleId The ID of the base role.
* @param string $name The name of the account role.
* @param int $color The color specified as integer value
* @param array $resources Array of the resources which looks like
* array(
* resource_id => array(
* 'granted' => [0|1], #is granted
* 'permissions' => array(
* permissionId => [0|1], #is granted
* ),
* mode => valueId | null, # identifier of the Resource Mode value
* );
* @param string $accountRoleId optional The ID of the ACL role of account level. NULL if the new role.
* @return string Returns the ID of the created or modified account role on success
* @throws \Scalr\Acl\Exception\AclException
*/
public function setAccountRole($accountId, $baseRoleId, $name, $color, $resources, $accountRoleId = null)
{
$id = $this->db->getOne('SELECT account_role_id FROM `acl_account_roles` WHERE name = ? AND account_id = ? LIMIT 1', [$name, $accountId]);
if ($id && $accountRoleId != $id) {
throw new \Exception('Account role with such name already exists');
}
if (empty($accountRoleId)) {
//Creates new account role
$accountRoleId = self::generateAccountRoleId();
$new = true;
}
$this->db->Execute("\n INSERT `acl_account_roles`\n SET `account_role_id` = ?,\n `account_id` = ?,\n `role_id` = ?,\n `name` = ?,\n `color` = ?,\n `is_automatic` = 0\n ON DUPLICATE KEY UPDATE\n `role_id` = ?,\n `name` = ?,\n `color` = ?\n ", array($accountRoleId, $accountId, $baseRoleId, $name, $color, $baseRoleId, $name, $color));
$accountRole = $this->getAccountRole($accountRoleId);
if ($accountRole === null) {
throw new Exception\AclException($new ? 'Database error' : 'Cannot find requested ACL role!');
}
$baseRole = $accountRole->getBaseRole();
foreach ($accountRole->getIteratorResources() as $resourceDefinition) {
/* @var $resourceDefinition \Scalr\Acl\Resource\ResourceObject */
$resourceId = $resourceDefinition->getResourceId();
$accountResource = $accountRole->getResource($resourceId);
$toUpdate = null;
$toUpdatePerm = [];
foreach ($resourceDefinition->getPermissions() as $permissionId => $permissionName) {
$granted = isset($resources[$resourceId]['permissions'][$permissionId]) ? $resources[$resourceId]['permissions'][$permissionId] == 1 : false;
if ($granted != $baseRole->isAllowed($resourceId, $permissionId)) {
//Unique permission is overridden on account level and needs to be created
$toUpdatePerm[$permissionId] = [$accountRoleId, $resourceId, $permissionId, $granted ? 1 : 0, $granted ? 1 : 0];
} else {
if ($accountResource !== null) {
//Unique permission needs to be removed
$this->db->Execute("\n DELETE FROM `acl_account_role_resource_permissions`\n WHERE `account_role_id` = ?\n AND `resource_id` = ?\n AND `perm_id` = ?\n ", array($accountRoleId, $resourceId, $permissionId));
}
}
}
$granted = isset($resources[$resourceId]['granted']) ? $resources[$resourceId]['granted'] == 1 : false;
if ($granted != $baseRole->isAllowed($resourceId)) {
//Resource record is overridden on account level and needs to be created
$toUpdate = array($accountRoleId, $resourceId, $granted ? 1 : 0, $granted ? 1 : 0);
} elseif ($resourceDefinition->getMode() !== null || !empty($toUpdatePerm) && $granted) {
//Referenced resource must be created as foreign key requires.
$toUpdate = array($accountRoleId, $resourceId, $granted ? 1 : null, $granted ? 1 : null);
} else {
//Resource record the same as in the base role and needs to be removed
$this->db->Execute("\n DELETE FROM `acl_account_role_resources`\n WHERE `account_role_id` = ?\n AND `resource_id` = ?\n ", array($accountRoleId, $resourceId));
}
if ($toUpdate) {
$this->db->Execute("\n INSERT `acl_account_role_resources`\n SET `account_role_id` = ?,\n `resource_id` = ?,\n `granted` = ?\n ON DUPLICATE KEY UPDATE\n `granted` = ?\n ", $toUpdate);
}
if ($resourceDefinition->getMode() !== null) {
//Saves ACL Resource Mode only if it's defined in the Resouce Definition
$modeValue = !empty($resources[$resourceId]['mode']) && in_array(intval($resources[$resourceId]['mode']), array_keys($resourceDefinition->getMode()->getMapping())) ? intval($resources[$resourceId]['mode']) : $resourceDefinition->getMode()->getDefault();
$this->db->Execute("\n INSERT `acl_account_role_resource_modes`\n SET `account_role_id` = ?,\n `resource_id` = ?,\n `mode` = ?\n ON DUPLICATE KEY UPDATE\n `mode` = ?\n ", [$accountRoleId, $resourceId, $modeValue, $modeValue]);
}
if ($toUpdatePerm) {
foreach ($toUpdatePerm as $opt) {
$this->db->Execute("\n INSERT `acl_account_role_resource_permissions`\n SET `account_role_id` = ?,\n `resource_id` = ?,\n `perm_id` = ?,\n `granted` = ?\n ON DUPLICATE KEY UPDATE\n `granted` = ?\n ", $opt);
}
}
}
return $accountRoleId;
}
/**
* Checks whether there is some price for specified platform and url
*
* @param string $platform Cloud platform
* @param string $url The endpoint url
* @param string $cloudLocation optional The cloud location
* @return bool Returns TRUE if there is some price for specified platform and url or FALSE otherwise
*/
public function hasPriceForUrl($platform, $url, $cloudLocation = null)
{
$res = $this->cadb->getOne("\n SELECT EXISTS(\n SELECT 1 FROM `price_history`\n WHERE `platform` = ? AND url = ?\n " . (!empty($cloudLocation) ? "AND cloud_location = " . $this->cadb->qstr($cloudLocation) : "") . "\n ) AS `val`\n ", [$platform, empty($url) ? '' : $this->normalizeUrl($url)]);
return !!$res;
}
/**
* {@inheritdoc}
* @see Scalr\Upgrade.UpdateInterface::hasTable()
*/
public function hasTable($table)
{
$ret = $this->db->getOne("SHOW TABLES LIKE ?", array($table));
return $ret ? true : false;
}
