/**
* Revoke team access to specified environment
*
* @param int $envId Environment ID
* @param int $teamId Team ID
*
* @return ResultEnvelope
*
* @throws ApiErrorException
* @throws ModelException
*/
public function denyTeamAction($envId, $teamId)
{
if (!$this->getUser()->canManageAcl()) {
throw new ApiInsufficientPermissionsException();
}
$this->getEnv($envId);
$team = Account\TeamEnvs::findOne([['envId' => $envId], ['teamId' => $teamId]]);
if (empty($team)) {
throw new ApiErrorException(404, ErrorMessage::ERR_OBJECT_NOT_FOUND, "Team '{$teamId}' has no access to environment '{$envId}'");
}
$team->delete();
return $this->result(null);
}
/**
* Gets TeamEnvs entity
*
* @param string $criteria search criteria
* @param array $params query params
* @return TeamEnvs
*/
protected function getEnvironmentTeam($criteria, $params)
{
/* @var $teamEnv TeamEnvs */
$teamEnv = TeamEnvs::findOne([['teamId' => $criteria], ['envId' => $params['envId']]]);
static::toDelete(TeamEnvs::class, [$teamEnv->envId, $teamEnv->teamId]);
return $teamEnv;
}
/**
* Generate SQL query like "EXISTS(SELECT 1 FROM farm_teams .... WHERE ...) to check FARM_TEAMS permission.
* Table `farms` should have alias `f`.
* If farmId is set, when JOIN table farms to get envId from it.
*
* @param int $userId Identifier of User
* @param int $farmId optional Identifier of Farm
* @return string
*/
public static function getUserTeamOwnershipSql($userId, $farmId = null)
{
$farm = new Farm();
$farmTeam = new FarmTeam();
$accountTeamUser = new Account\TeamUser();
$accountTeamEnv = new Account\TeamEnvs();
$sql = "EXISTS(" . "SELECT 1 FROM {$farmTeam->table()}" . "JOIN {$accountTeamUser->table()} ON {$accountTeamUser->columnTeamId} = {$farmTeam->columnTeamId} " . "JOIN {$accountTeamEnv->table()} ON {$accountTeamEnv->columnTeamId} = {$farmTeam->columnTeamId} " . ($farmId ? "JOIN {$farm->table('f')} ON {$farmTeam->columnFarmId} = {$farm->columnId('f')}" : "") . "WHERE {$accountTeamEnv->columnEnvId()} = {$farm->columnEnvId('f')} " . "AND " . ($farmId ? "{$farm->columnId('f')} = " . $farm->db()->qstr($farmId) : "{$farm->columnId('f')} = {$farmTeam->columnFarmId}") . " " . "AND {$accountTeamUser->columnUserId} = " . $farm->db()->qstr($userId) . ")";
return $sql;
}
/**
* {@inheritdoc}
* @see AbstractEntity::delete()
*/
public function delete()
{
parent::delete();
TeamEnvs::deleteByTeamId($this->id);
TeamUser::deleteByTeamId($this->id);
}
/**
* {@inheritdoc}
* @see ApiEntityAdapter::validateEntity()
*/
public function validateEntity($entity)
{
if (!$entity instanceof TeamEnvs) {
throw new InvalidArgumentException(sprintf("First argument must be instance of %s", Team::class));
}
if (empty($entity->teamId)) {
throw new ApiErrorException(400, ErrorMessage::ERR_INVALID_STRUCTURE, "Missed property team.id");
}
$teamId = $entity->teamId;
if (!is_numeric($teamId)) {
throw new ApiErrorException(400, ErrorMessage::ERR_INVALID_VALUE, "Invalid team identifier");
}
/* @var $team Team */
$team = Team::findOne([['id' => $teamId], ['accountId' => $this->controller->getUser()->accountId]]);
if (empty($team)) {
throw new ApiErrorException(404, ErrorMessage::ERR_OBJECT_NOT_FOUND, sprintf("Requested team %s do not exist in this account", $teamId));
}
if (!empty(TeamEnvs::findOne([['envId' => $entity->envId], ['teamId' => $teamId]]))) {
throw new ApiErrorException(409, ErrorMessage::ERR_UNICITY_VIOLATION, sprintf("Team %s already exists in this environment", $teamId));
}
/* @var $teamAdapter TeamAdapter */
$teamAdapter = $this->controller->adapter('team');
$teamAdapter->validateTeamName($team->name);
}
/**
* {@inheritdoc}
* @see AbstractEntity::delete()
*
* @param bool $force Delete ignoring restrictions
*/
public function delete($force = false)
{
$db = $this->db();
if (!$force) {
if ($db->GetOne("SELECT 1 FROM `farms` WHERE `env_id` = ? LIMIT 1", [$this->id])) {
throw new ObjectInUseException('Cannot remove environment. You need to remove all your farms first.');
}
if ($db->GetOne("SELECT COUNT(*) FROM client_environments WHERE client_id = ?", [$this->accountId]) < 2) {
throw new ObjectInUseException('At least one environment should be in account. You cannot remove the last one.');
}
}
parent::delete();
try {
$db->Execute("DELETE FROM client_environment_properties WHERE env_id=?", [$this->id]);
$db->Execute("DELETE FROM apache_vhosts WHERE env_id=?", [$this->id]);
$db->Execute("DELETE FROM autosnap_settings WHERE env_id=?", [$this->id]);
$db->Execute("DELETE FROM bundle_tasks WHERE env_id=?", [$this->id]);
$db->Execute("DELETE FROM dns_zones WHERE env_id=?", [$this->id]);
$db->Execute("DELETE FROM ec2_ebs WHERE env_id=?", [$this->id]);
$db->Execute("DELETE FROM elastic_ips WHERE env_id=?", [$this->id]);
$db->Execute("DELETE FROM farms WHERE env_id=?", [$this->id]);
$db->Execute("DELETE FROM roles WHERE env_id=?", [$this->id]);
$servers = \DBServer::listByFilter(['envId' => $this->id]);
foreach ($servers as $server) {
/* @var $server \DBServer */
$server->Remove();
}
Entity\EnvironmentCloudCredentials::deleteByEnvId($this->id);
Entity\CloudCredentials::deleteByEnvId($this->id);
TeamEnvs::deleteByEnvId($this->id);
} catch (Exception $e) {
throw new Exception(sprintf(_("Cannot delete record. Error: %s"), $e->getMessage()), $e->getCode());
}
}
