/** * @param integer $id * @param string $name * @throws Exception * @throws Scalr_Exception_Core */ public function xSaveAction($id = 0, $name) { $this->request->restrictAccess('ROLES', 'MANAGE'); $validator = new \Scalr\UI\Request\Validator(); $validator->addErrorIf(!preg_match('/^' . RoleCategory::NAME_REGEXP . '$/', $name), 'name', "Name should start and end with letter or number and contain only letters, numbers, spaces and dashes."); $validator->addErrorIf(strlen($name) > RoleCategory::NAME_LENGTH, 'name', "Name should be less than 18 characters"); $scope = $this->request->getScope(); $criteria = [['name' => $name]]; if ($id) { $criteria[] = ['id' => ['$ne' => $id]]; } if ($this->user->isScalrAdmin()) { $criteria[] = ['accountId' => NULL]; } else { $criteria[] = ['$or' => [['accountId' => $this->user->getAccountId()], ['accountId' => NULL]]]; if ($scope == 'account') { $criteria[] = ['envId' => NULL]; } else { $criteria[] = ['$or' => [['envId' => NULL], ['envId' => $this->getEnvironmentId(true)]]]; } } $validator->addErrorIf(RoleCategory::find($criteria)->count(), 'name', 'This name is already in use. Note that Role Categories names are case-insensitive.'); if (!$validator->isValid($this->response)) { return; } if ($id) { $category = RoleCategory::findPk($id); /* @var $category RoleCategory */ if (!$category) { throw new Exception('Role Category not found'); } $this->request->checkPermissions($category, true); $category->name = $name; $category->save(); } else { $category = new RoleCategory(); if ($this->user->isScalrAdmin()) { $category->accountId = NULL; $category->envId = NULL; } else { $category->accountId = $this->user->getAccountId(); $category->envId = $scope == 'account' ? NULL : $this->getEnvironmentId(); } $category->name = $name; $category->save(); } $used = $category->getUsed(); $this->response->data(['category' => ['id' => $category->id, 'name' => $category->name, 'used' => $used, 'scope' => $scope, 'status' => $used ? 'In use' : 'Not used']]); $this->response->success('Role Category successfully saved'); }
/** * @param integer $id * @param string $name * @param string $description * @param bool $replaceEvent * @throws Exception * @throws Scalr_Exception_Core */ public function xSaveAction($id = 0, $name, $description, $replaceEvent = false) { $this->request->restrictAccess(Acl::RESOURCE_GENERAL_CUSTOM_EVENTS, Acl::PERM_GENERAL_CUSTOM_EVENTS_MANAGE); $validator = new \Scalr\UI\Request\Validator(); $validator->addErrorIf(!preg_match("/^[A-Za-z0-9]+\$/si", $name), 'name', "Name should contain only alphanumeric characters"); $validator->addErrorIf(strlen($name) > 25, 'name', "Name should be less than 25 characters"); $validator->addErrorIf(in_array($name, array_keys(EVENT_TYPE::getScriptingEvents())), 'name', sprintf("'%' is reserved name for event. Please select another one.", $name)); $scope = $this->request->getScope(); if (!$id) { $criteria = [['name' => $name]]; if ($this->user->isScalrAdmin()) { $criteria[] = ['accountId' => NULL]; } else { $criteria[] = ['$or' => [['accountId' => $this->user->getAccountId()], ['accountId' => NULL]]]; if ($scope == 'account') { $criteria[] = ['envId' => NULL]; } else { $criteria[] = ['$or' => [['envId' => NULL], ['envId' => $this->getEnvironmentId(true)]]]; } } $validator->addErrorIf(EventDefinition::find($criteria)->count(), 'name', 'This name is already in use. Note that Event names are case-insensitive.'); // check replacements $replacements = NULL; if ($this->user->isScalrAdmin()) { $replacements = EventDefinition::find([['name' => $name], ['accountId' => ['$ne' => NULL]]]); } else { if ($scope == 'account') { $replacements = EventDefinition::find([['name' => $name], ['accountId' => $this->user->getAccountId()], ['envId' => ['$ne' => NULL]]]); } } } if (!$validator->isValid($this->response)) { return; } if ($replacements && $replacements->count() && !$replaceEvent) { $this->response->data(['replaceEvent' => true]); $this->response->failure(); return; } if ($id) { $event = EventDefinition::findPk($id); /* @var $event EventDefinition */ if (!$event) { throw new Exception('Event not found'); } if ($this->user->isScalrAdmin() && $event->accountId == NULL && $event->envId == NULL || $this->user->isUser() && $event->accountId == $this->user->getAccountId() && ($event->envId == NULL || $event->envId == $this->getEnvironmentId())) { $event->description = $description; } else { throw new Scalr_Exception_InsufficientPermissions(); } $event->save(); } else { $event = new EventDefinition(); if ($this->user->isScalrAdmin()) { $event->accountId = NULL; $event->envId = NULL; } else { $event->accountId = $this->user->getAccountId(); $event->envId = $scope == 'account' ? NULL : $this->getEnvironmentId(); } $event->name = $name; $event->description = $description; $event->save(); if ($replacements) { foreach ($replacements as $e) { $e->delete(); } } } $used = $event->getUsed($this->user->getAccountId(), $this->getEnvironmentId(true)); $this->response->data(['event' => ['id' => $event->id, 'name' => $event->name, 'description' => $event->description, 'used' => $used, 'scope' => $scope, 'status' => $used ? 'In use' : 'Not used']]); $this->response->success('Custom event definition successfully saved'); }
/** * @param string $serverId * @param string $name * @param string $description * @param bool $createRole * @param string $replaceRole * @param bool $replaceImage * @param int $rootVolumeSize * @param string $rootVolumeType * @param int $rootVolumeIops * @throws Exception */ public function xServerCreateSnapshotAction($serverId, $name = '', $description = '', $createRole = false, $replaceRole = '', $replaceImage = false, $rootVolumeSize = 0, $rootVolumeType = '', $rootVolumeIops = 0) { $this->request->restrictAccess(Acl::RESOURCE_IMAGES_ENVIRONMENT, Acl::PERM_IMAGES_ENVIRONMENT_MANAGE); if (!$serverId) { throw new Exception('Server not found'); } $dbServer = DBServer::LoadByID($serverId); $this->user->getPermissions()->validate($dbServer); $errorMsg = []; //Check for already running bundle on selected instance $chk = $this->db->GetOne("SELECT id FROM bundle_tasks WHERE server_id=? AND status NOT IN ('success', 'failed') LIMIT 1", array($dbServer->serverId)); if ($chk) { $errorMsg[] = sprintf(_("Server '%s' is already synchonizing."), $dbServer->serverId); } //Check is role already synchronizing... $chk = $this->db->GetOne("SELECT server_id FROM bundle_tasks WHERE prototype_role_id=? AND status NOT IN ('success', 'failed') LIMIT 1", array($dbServer->GetFarmRoleObject()->RoleID)); if ($chk && $chk != $dbServer->serverId) { try { $bDBServer = DBServer::LoadByID($chk); if ($bDBServer->farmId == $dbServer->farmId) { $errorMsg[] = sprintf(_("Role '%s' is already synchronizing."), $dbServer->GetFarmRoleObject()->GetRoleObject()->name); } } catch (Exception $e) { } } if (!empty($errorMsg)) { throw new Exception(implode('\\n', $errorMsg)); } $validator = new \Scalr\UI\Request\Validator(); $validator->addErrorIf(strlen($name) < 3, 'name', _("Role name should be greater than 3 chars")); $validator->addErrorIf(!preg_match("/^[A-Za-z0-9-]+\$/si", $name), 'name', _("Role name is incorrect")); $validator->addErrorIf(!in_array($replaceRole, ['farm', 'all', '']), 'replaceRole', 'Invalid value'); $object = $createRole ? BundleTask::BUNDLETASK_OBJECT_ROLE : BundleTask::BUNDLETASK_OBJECT_IMAGE; $replaceType = SERVER_REPLACEMENT_TYPE::NO_REPLACE; if ($createRole) { $this->request->restrictAccess(Acl::RESOURCE_ROLES_ENVIRONMENT, Acl::PERM_ROLES_ENVIRONMENT_MANAGE); if ($replaceRole == 'farm') { $this->request->restrictFarmAccess($dbServer->GetFarmObject(), Acl::PERM_FARMS_MANAGE); $replaceType = SERVER_REPLACEMENT_TYPE::REPLACE_FARM; } else { if ($replaceRole == 'all') { $this->request->restrictFarmAccess(null, Acl::PERM_FARMS_MANAGE); $replaceType = SERVER_REPLACEMENT_TYPE::REPLACE_ALL; } } } else { $scope = $dbServer->GetFarmRoleObject()->GetRoleObject()->__getNewRoleObject()->getScope(); if ($replaceImage && ($scope == ScopeInterface::SCOPE_ENVIRONMENT && $this->request->isAllowed(Acl::RESOURCE_ROLES_ENVIRONMENT, Acl::PERM_ROLES_ENVIRONMENT_MANAGE) || $scope == ScopeInterface::SCOPE_ACCOUNT && $this->request->isAllowed(Acl::RESOURCE_ROLES_ACCOUNT, Acl::PERM_ROLES_ACCOUNT_MANAGE))) { $replaceType = SERVER_REPLACEMENT_TYPE::REPLACE_ALL; } } if ($createRole) { $roleInfo = $this->db->GetRow("SELECT * FROM roles WHERE name=? AND (client_id IS NULL OR client_id = ? AND env_id IS NULL OR env_id=?) LIMIT 1", array($name, $dbServer->clientId, $dbServer->envId, $dbServer->GetFarmRoleObject()->RoleID)); if ($roleInfo) { if (empty($roleInfo['client_id'])) { $validator->addError('name', _("Selected role name is reserved and cannot be used for custom role")); } else { if ($replaceType != SERVER_REPLACEMENT_TYPE::REPLACE_ALL) { $validator->addError('name', _("Specified role name is already used by another role. You can use this role name only if you will replace old one on ALL your farms.")); } else { if ($replaceType == SERVER_REPLACEMENT_TYPE::REPLACE_ALL && $roleInfo['id'] != $dbServer->GetFarmRoleObject()->RoleID) { $validator->addError('name', _("This Role name is already in use. You cannot replace a Role different from the one you are currently snapshotting.")); } } } } } $roleImage = $dbServer->GetFarmRoleObject()->GetRoleObject()->__getNewRoleObject()->getImage($dbServer->platform, $dbServer->GetCloudLocation()); $rootBlockDevice = []; if ($dbServer->platform == SERVER_PLATFORMS::EC2 && ($dbServer->IsSupported('0.7') && $dbServer->osType == 'linux' || $roleImage->getImage()->isEc2HvmImage())) { if ($rootVolumeSize > 0) { $rootBlockDevice['size'] = $rootVolumeSize; } if (in_array($rootVolumeType, ['standard', 'gp2', 'io1'])) { $rootBlockDevice['volume_type'] = $rootVolumeType; if ($rootVolumeType == 'io1' && $rootVolumeIops > 0) { $rootBlockDevice['iops'] = $rootVolumeIops; } } } if (!$validator->isValid($this->response)) { return; } $ServerSnapshotCreateInfo = new ServerSnapshotCreateInfo($dbServer, $name, $replaceType, $object, $description, $rootBlockDevice); $BundleTask = BundleTask::Create($ServerSnapshotCreateInfo); $BundleTask->createdById = $this->user->id; $BundleTask->createdByEmail = $this->user->getEmail(); if ($dbServer->GetFarmRoleObject()->GetSetting('user-data.scm_branch') == 'feature/image-api') { $BundleTask->generation = 2; } $protoRole = DBRole::loadById($dbServer->GetFarmRoleObject()->RoleID); $BundleTask->osId = $protoRole->osId; if ($protoRole->getOs()->family == 'windows') { $BundleTask->osFamily = $protoRole->getOs()->family; $BundleTask->osVersion = $protoRole->getOs()->generation; $BundleTask->osName = ''; } else { $BundleTask->osFamily = $protoRole->getOs()->family; $BundleTask->osVersion = $protoRole->getOs()->version; $BundleTask->osName = $protoRole->getOs()->name; } if (in_array($protoRole->getOs()->family, array('redhat', 'oel', 'scientific')) && $dbServer->platform == SERVER_PLATFORMS::EC2) { $BundleTask->bundleType = SERVER_SNAPSHOT_CREATION_TYPE::EC2_EBS_HVM; } $BundleTask->save(); $this->response->data(['bundleTaskId' => $BundleTask->id]); $this->response->success("Bundle task successfully created."); }