protected function LogRequest($trans_id, $action, $ipaddr, $request, $response)
{
if ($request['debug'] == 1 || $request['Debug'] == 1 || $request['Action'] == 'DNSZoneRecordAdd') {
try {
$this->DB->Execute("INSERT INTO api_log SET\n transaction_id\t= ?,\n dtadded\t\t\t= ?,\n action\t\t\t= ?,\n ipaddress\t\t= ?,\n request\t\t\t= ?,\n response\t\t= ?,\n clientid\t\t= ?,\n env_id\t\t\t= ?\n ", array($trans_id, time(), $action, $ipaddr, http_build_query($request), $response, $this->user->getAccountId(), $this->Environment->id));
} catch (Exception $e) {
}
}
}
/**
* {@inheritdoc}
* @see \Scalr\LogCollector\AuditLoggerRetrieveConfigurationInterface::getAuditLoggerConfig()
*/
public function getAuditLoggerConfig()
{
$config = new AuditLoggerConfiguration(AuditLogger::REQUEST_TYPE_API);
$config->user = $this->user;
$config->accountId = $this->user ? $this->user->getAccountId() : null;
$config->envId = isset($this->Environment) ? $this->Environment->id : null;
$config->remoteAddr = $this->getContainer()->request->getRemoteAddr();
return $config;
}
/**
* {@inheritdoc}
* @see \Scalr\LogCollector\AuditLoggerRetrieveConfigurationInterface::getAuditLoggerConfig()
*/
public function getAuditLoggerConfig()
{
$config = new AuditLoggerConfiguration(AuditLogger::REQUEST_TYPE_UI);
$config->user = $this->user;
$config->accountId = $this->user ? $this->user->getAccountId() : null;
$config->envId = isset($this->environment) ? $this->environment->id : null;
$config->ruid = Scalr_Session::getInstance()->getRealUserId();
$config->remoteAddr = $this->getRemoteAddr();
return $config;
}
protected function LogRequest($trans_id, $action, $ipaddr, $request, $response)
{
$request = filter_var_array($request, ['debug' => ['filter' => FILTER_VALIDATE_INT, 'flags' => FILTER_REQUIRE_SCALAR], 'Debug' => ['filter' => FILTER_VALIDATE_INT, 'flags' => FILTER_REQUIRE_SCALAR], 'Action' => ['filter' => FILTER_DEFAULT, 'flags' => FILTER_REQUIRE_SCALAR]], true);
if ($request['debug'] === 1 || $request['Debug'] === 1 || $request['Action'] === 'DNSZoneRecordAdd') {
try {
$this->DB->Execute("\n INSERT INTO api_log SET\n transaction_id = ?,\n dtadded = ?,\n action = ?,\n ipaddress = ?,\n request = ?,\n response = ?,\n clientid = ?,\n env_id = ?\n ", [$trans_id, time(), $action, $ipaddr, http_build_query($request), $response, $this->user instanceof Scalr_Account_User ? $this->user->getAccountId() : null, !empty($this->Environment->id) ? $this->Environment->id : null]);
} catch (Exception $ignore) {
}
}
}
public function callActionMethod($method)
{
if ($this->request->getRequestType() == Scalr_UI_Request::REQUEST_TYPE_API) {
$apiMethodCheck = false;
if (method_exists($this, 'getApiDefinitions')) {
$api = $this::getApiDefinitions();
$m = str_replace('Action', '', $method);
if (in_array($m, $api)) {
$apiMethodCheck = true;
}
}
if (!$apiMethodCheck) {
throw new Scalr_UI_Exception_NotFound();
}
}
/*
* Debug action section
* Controller::Action => array of filter's params (accountId, userId) or true
*/
$debug = false;
$debugMode = false;
$key = get_class($this) . '::' . $method;
if ($debug && array_key_exists($key, $debug)) {
$value = $debug[$key];
if (is_array($value) && $this->user) {
if (isset($value['accountId'])) {
if (is_array($value['accountId']) && in_array($this->user->getAccountId(), $value['accountId'])) {
$debugMode = true;
}
if (is_numeric($value['accountId']) && $value['accountId'] == $this->user->getAccountId()) {
$debugMode = true;
}
}
if (isset($value['userId'])) {
if (is_array($value['userId']) && in_array($this->user->getId(), $value['userId'])) {
$debugMode = true;
}
if (is_numeric($value['userId']) && $value['userId'] == $this->user->getId()) {
$debugMode = true;
}
}
} else {
$debugMode = true;
}
}
if ($debugMode) {
$this->response->debugLog('Server', $_SERVER);
$this->response->debugLog('Request', $_REQUEST);
$this->response->debugLog('Session', Scalr_Session::getInstance());
}
$this->{$method}();
if ($debugMode) {
if ($this->response->jsResponseFlag) {
$this->response->debugLog('JS Response', $this->response->jsResponse);
}
try {
$message = '';
foreach ($this->response->serverDebugLog as $value) {
$message .= $value['key'] . ":\n" . $value['value'] . "\n\n";
}
$this->db->Execute('INSERT INTO ui_debug_log (ipaddress, url, report, env_id, account_id, user_id) VALUES(?, ?, ?, ?, ?, ?)', array($this->request->getClientIp(), $key, $message, $this->getEnvironment() ? $this->getEnvironmentId() : 0, $this->user ? $this->user->getAccountId() : 0, $this->user ? $this->user->getId() : 0));
} catch (Exception $e) {
}
}
}
/**
* @param \Scalr_Account_User $user
* @param int $envId
* @throws \Scalr_Exception_InsufficientPermissions
*/
public function checkPermission(\Scalr_Account_User $user, $envId)
{
if ($this->accountId && $this->accountId != $user->getAccountId()) {
throw new \Scalr_Exception_InsufficientPermissions();
}
if ($this->envId && $this->envId != $envId) {
throw new \Scalr_Exception_InsufficientPermissions();
}
}
/**
* Checks wheter access to ACL resource or unique permission is allowed.
*
* @param \Scalr_Account_User $user The user
* @param \Scalr_Environment $environment The client's environment
* @param int $resourceId The ID of the ACL resource or its symbolic name without "RESOURCE_" prefix.
* @param string $permissionId optional The ID of the uniqure permission which is
* related to specified resource.
* @return bool Returns TRUE if access is allowed
*/
public function isUserAllowedByEnvironment(\Scalr_Account_User $user, $environment, $resourceId, $permissionId = null)
{
//Checks wheter environment and user are from the same account.
if ($user->isScalrAdmin()) {
return true;
} else {
if (!$environment instanceof \Scalr_Environment) {
//If environment is not defined it will return false.
return false;
} else {
if ($environment->clientId != $user->getAccountId()) {
return false;
}
}
}
//Scalr-Admin and Account-Owner is allowed for everything
if ($user->isAccountOwner()) {
return true;
}
if (is_string($resourceId)) {
$sName = 'Scalr\\Acl\\Acl::RESOURCE_' . strtoupper($resourceId);
if (defined($sName)) {
$resourceId = constant($sName);
} else {
throw new \InvalidArgumentException(sprintf('Cannot find ACL resource %s by specified symbolic name %s.', $sName, $resourceId));
}
}
return (bool) $user->getAclRolesByEnvironment($environment->id)->isAllowed($resourceId, $permissionId);
}
/**
* Checks whether the user is allowed to edit specified user
*
* @param \Scalr_Account_User $user The user to edit
* @return boolean Returns true if the user is allowed to edit specified user
*/
public function canEditUser($user)
{
return !$this->isTeamUser() && $user->getAccountId() == $this->getAccountId() && ($this->getId() == $user->getId() || $this->isAccountOwner() || $this->isAccountSuperAdmin() && !$user->isAccountOwner() || $this->isAccountAdmin() && !$user->isAccountOwner() && !$user->isAccountSuperAdmin());
}
/**
* @param string $newRoleName
* @param Scalr_Account_User $user
* @param int $envId
* @return int
* @throws Exception
*/
public function cloneRole($newRoleName, $user, $envId)
{
$this->db->BeginTrans();
$accountId = $user->getAccountId();
try {
$this->db->Execute("INSERT INTO roles SET\n name = ?,\n origin = ?,\n client_id = ?,\n env_id = ?,\n cat_id = ?,\n description = ?,\n behaviors = ?,\n generation = ?,\n os_id = ?,\n dtadded = NOW(),\n added_by_userid = ?,\n added_by_email = ?\n ", array($newRoleName, $accountId ? ROLE_TYPE::CUSTOM : ROLE_TYPE::SHARED, empty($accountId) ? null : intval($accountId), empty($envId) ? null : intval($envId), $this->catId, $this->description, $this->behaviorsRaw, 2, $this->osId, $user->getId(), $user->getEmail()));
$newRoleId = $this->db->Insert_Id();
//Set behaviors
foreach ($this->getBehaviors() as $behavior) {
$this->db->Execute("INSERT IGNORE INTO role_behaviors SET role_id = ?, behavior = ?", array($newRoleId, $behavior));
}
// Set images
$rsr7 = $this->db->Execute("SELECT * FROM role_images WHERE role_id = ?", array($this->id));
while ($r7 = $rsr7->FetchRow()) {
$this->db->Execute("INSERT INTO role_images SET\n `role_id` = ?,\n `cloud_location` = ?,\n `image_id` = ?,\n `platform` = ?\n ", array($newRoleId, $r7['cloud_location'], $r7['image_id'], $r7['platform']));
}
$props = $this->db->Execute("SELECT * FROM role_properties WHERE role_id=?", array($this->id));
while ($p1 = $props->FetchRow()) {
$this->db->Execute("\n INSERT INTO role_properties\n SET `role_id` = ?,\n `name`\t= ?,\n `value`\t= ?\n ON DUPLICATE KEY UPDATE\n `value` = ?\n ", array($newRoleId, $p1['name'], $p1['value'], $p1['value']));
}
//Set global variables
$variables = new Scalr_Scripting_GlobalVariables($this->clientId, $this->envId, ScopeInterface::SCOPE_ROLE);
$variables->setValues($variables->getValues($this->id), $newRoleId);
//Set scripts
$rsr8 = $this->db->Execute("SELECT * FROM role_scripts WHERE role_id = ?", array($this->id));
while ($r8 = $rsr8->FetchRow()) {
$this->db->Execute("INSERT INTO role_scripts SET\n role_id = ?,\n event_name = ?,\n target = ?,\n script_id = ?,\n version = ?,\n timeout = ?,\n issync = ?,\n params = ?,\n order_index = ?,\n script_type = ?,\n script_path = ?,\n hash = ?\n ", array($newRoleId, $r8['event_name'], $r8['target'], $r8['script_id'], $r8['version'], $r8['timeout'], $r8['issync'], $r8['params'], $r8['order_index'], $r8['script_type'], $r8['script_path'], CryptoTool::sault(12)));
}
//Set environments only for account-scope roles
if (!empty($accountId) && empty($envId)) {
$rsr9 = $this->db->Execute("SELECT * FROM role_environments WHERE role_id = ?", array($this->id));
while ($r9 = $rsr9->FetchRow()) {
$this->db->Execute("INSERT INTO role_environments SET\n role_id = ?,\n env_id = ?\n ", array($newRoleId, $r9['env_id']));
}
}
} catch (Exception $e) {
$this->db->RollbackTrans();
throw $e;
}
$this->db->CommitTrans();
if (!empty($newRoleId)) {
$newRole = self::loadById($newRoleId);
$newRole->syncAnalyticsTags();
}
return $newRoleId;
}
public function callActionMethod($method)
{
if ($this->request->getRequestType() == Scalr_UI_Request::REQUEST_TYPE_API) {
$apiMethodCheck = false;
if (method_exists($this, 'getApiDefinitions')) {
$api = $this::getApiDefinitions();
$m = str_replace('Action', '', $method);
if (in_array($m, $api)) {
$apiMethodCheck = true;
}
}
if (!$apiMethodCheck) {
throw new Scalr_UI_Exception_NotFound();
}
}
/*
* Debug action section
* Controller::Action => array of filter's params (accountId, userId) or true
*/
$debug = false;
$debugMode = false;
$key = get_class($this) . '::' . $method;
if ($debug && array_key_exists($key, $debug)) {
$value = $debug[$key];
if (is_array($value) && $this->user) {
if (isset($value['accountId'])) {
if (is_array($value['accountId']) && in_array($this->user->getAccountId(), $value['accountId'])) {
$debugMode = true;
}
if (is_numeric($value['accountId']) && $value['accountId'] == $this->user->getAccountId()) {
$debugMode = true;
}
}
if (isset($value['userId'])) {
if (is_array($value['userId']) && in_array($this->user->getId(), $value['userId'])) {
$debugMode = true;
}
if (is_numeric($value['userId']) && $value['userId'] == $this->user->getId()) {
$debugMode = true;
}
}
} else {
$debugMode = true;
}
}
if ($debugMode) {
$this->response->debugLog('Server', $_SERVER);
$this->response->debugLog('Request', $_REQUEST);
$this->response->debugLog('Session', Scalr_Session::getInstance());
}
$reflection = new ReflectionMethod($this, $method);
if ($reflection->getNumberOfParameters()) {
$params = array();
$comment = $reflection->getDocComment();
$matches = array();
$types = array();
if (preg_match_all('/^\\s+\\*\\s+@param\\s+(.*)\\s+\\$([A-Za-z0-9_]+)*.*$/m', $comment, $matches)) {
for ($i = 0; $i < count($matches[0]); $i++) {
$matches[1][$i] = strtolower(trim($matches[1][$i]));
if (in_array($matches[1][$i], array('bool', 'boolean', 'int', 'integer', 'float', 'string', 'array'))) {
$types[trim($matches[2][$i])] = $matches[1][$i];
}
}
}
// TODO: else: make some warning to log, otherwise we don't know when type-casting is not working
foreach ($reflection->getParameters() as $parameter) {
$className = $parameter->getClass() ? $parameter->getClass()->name : NULL;
$value = $this->request->getRequestParam($parameter->name);
$hasValue = $this->request->hasParam($parameter->name);
if ($className) {
if (is_subclass_of($className, 'Scalr\\UI\\Request\\ObjectInitializingInterface')) {
/* @var ObjectInitializingInterface $className */
$params[] = $className::initFromRequest($className == 'Scalr\\UI\\Request\\FileUploadData' ? $this->request->getFileName($parameter->name) : $value);
} else {
throw new Scalr\Exception\Http\BadRequestException(sprintf('%s is invalid class in argument', $className));
}
} else {
$type = $types[$parameter->name] ? $types[$parameter->name] : 'string';
if ($hasValue) {
if (in_array($type, ['bool', 'boolean'])) {
if (is_numeric($value)) {
$value = !empty($value);
} else {
if (is_string($value)) {
$value = $value !== '' && strtolower($value) !== 'false';
} else {
$value = (bool) $value;
}
}
} else {
if ($type == 'array') {
// do not strip value
settype($value, $type);
} else {
$value = $this->request->stripValue($value);
settype($value, $type);
}
}
} else {
if ($parameter->isDefaultValueAvailable()) {
$value = $parameter->getDefaultValue();
} else {
throw new Exception(sprintf('Missing required argument: %s', $parameter->name));
}
}
$params[] = $value;
}
}
call_user_func_array(array($this, $method), $params);
} else {
$this->{$method}();
}
if ($debugMode) {
if ($this->response->jsResponseFlag) {
$this->response->debugLog('JS Response', $this->response->jsResponse);
}
try {
$message = '';
foreach ($this->response->serverDebugLog as $value) {
$message .= $value['key'] . ":\n" . $value['value'] . "\n\n";
}
$this->db->Execute('INSERT INTO ui_debug_log (ipaddress, url, report, env_id, account_id, user_id) VALUES(?, ?, ?, ?, ?, ?)', array($this->request->getClientIp(), $key, $message, $this->getEnvironment() ? $this->getEnvironmentId() : 0, $this->user ? $this->user->getAccountId() : 0, $this->user ? $this->user->getId() : 0));
} catch (Exception $e) {
}
}
}
/**
* @param $name
* @param \Scalr_Account_User $user
* @return Script
*/
public function fork($name, \Scalr_Account_User $user)
{
$script = new self();
$script->name = $name;
$script->description = $this->description;
$script->os = $this->os;
$script->isSync = $this->isSync;
$script->timeout = $this->timeout;
$script->accountId = $user->getAccountId() ? $user->getAccountId() : NULL;
$script->envId = $this->envId;
$script->createdById = $user->getId();
$script->createdByEmail = $user->getEmail();
$script->save();
$version = new ScriptVersion();
$version->scriptId = $script->id;
$version->changedById = $user->getId();
$version->changedByEmail = $user->getEmail();
$version->content = $this->getLatestVersion()->content;
$version->version = 1;
$version->save();
return $script;
}
