/**
* @deprecated Use method FarmRole::getImage
*
* @return Image|NULL
* @throws \Exception
*/
public function getImage()
{
/* @var $role Role */
$role = Role::findPk($this->roleId);
$criteria = [['id' => $this->imageId], ['platform' => $this->platform], ['cloudLocation' => $this->cloudLocation], ['$or' => [['accountId' => null], ['$and' => [['accountId' => $role->accountId], ['$or' => [['envId' => null], ['envId' => $role->envId]]]]]]]];
return Image::findOne($criteria);
}
/**
* {@inheritdoc}
* @see \Scalr\Api\DataType\ApiEntityAdapter::validateEntity()
*/
public function validateEntity($entity)
{
if (!$entity instanceof Entity\Role) {
throw new \InvalidArgumentException(sprintf("First argument must be instance of Scalr\\Model\\Entity\\Role class"));
}
if ($entity->id !== null) {
if (!is_integer($entity->id)) {
throw new ApiErrorException(400, ErrorMessage::ERR_INVALID_VALUE, "Invalid value of the identifier");
}
//Checks if the role does exist
if (!Entity\Role::findPk($entity->id)) {
throw new ApiErrorException(404, ErrorMessage::ERR_OBJECT_NOT_FOUND, sprintf("Could not find out the Role with ID: %d", $entity->id));
}
}
//Is this a new Role
if (!$entity->id) {
$entity->addedByEmail = $this->controller->getUser()->email;
$entity->addedByUserId = $this->controller->getUser()->id;
}
if (!$entity::isValidName($entity->name)) {
throw new ApiErrorException(400, ErrorMessage::ERR_INVALID_VALUE, "Invalid name of the Role");
}
$entity->description = $entity->description ?: '';
$this->validateString($entity->description, 'Invalid description');
if (!$this->controller->hasPermissions($entity, true)) {
//Checks entity level write access permissions
throw new ApiErrorException(403, ErrorMessage::ERR_PERMISSION_VIOLATION, "Insufficient permissions");
}
//We only allow to either create or modify Environment Scope Roles
if ($entity->getScope() !== $this->controller->getScope()) {
throw new ApiErrorException(403, ErrorMessage::ERR_SCOPE_VIOLATION, sprintf("Invalid scope"));
}
//Checks the Role Category
if (!empty($entity->catId)) {
//Tries to find out the specified Role category
$category = Entity\RoleCategory::findPk($entity->catId);
if ($category instanceof Entity\RoleCategory) {
//Checks if the specified RoleCategory either shared or belongs to User's scope.
if ($category->getScope() !== ScopeInterface::SCOPE_SCALR && $category->envId !== $this->controller->getEnvironment()->id) {
throw new ApiErrorException(400, ErrorMessage::ERR_INVALID_VALUE, "The specified category isn't owned by your environment.");
}
} else {
throw new ApiErrorException(400, ErrorMessage::ERR_INVALID_VALUE, "The Role category does not exist");
}
} else {
throw new ApiErrorException(400, ErrorMessage::ERR_INVALID_STRUCTURE, "Role category should be provided with the request.");
}
if (empty($entity->osId)) {
throw new ApiErrorException(400, ErrorMessage::ERR_INVALID_STRUCTURE, "Missed property 'os.id'");
}
//Tries to find out the specified OS
if (empty(Entity\Os::findPk($entity->osId))) {
throw new ApiErrorException(400, ErrorMessage::ERR_INVALID_VALUE, "OS with id '{$entity->osId}' not found.");
}
}
/**
* @return \Scalr\Model\Entity\Role
* @throws Exception
*/
public function __getNewRoleObject()
{
if (!$this->__newRoleObject) {
if ($this->id) {
$this->__newRoleObject = Role::findPk($this->id);
}
if (!$this->__newRoleObject) {
throw new Exception('Role object is not found');
}
}
return $this->__newRoleObject;
}
/**
* {@inheritdoc}
* @see ScopeInterface::getScope()
*/
public function getScope()
{
/* @var $role Role */
$role = Role::findPk($this->roleId);
return $role->getScope();
}
public function __get($name)
{
switch ($name) {
case 'settings':
if (empty($this->_settings)) {
$this->_settings = new SettingsCollection('Scalr\\Model\\Entity\\FarmRoleSetting', [['farmRoleId' => &$this->id]], ['farmRoleId' => &$this->id]);
}
return $this->_settings;
case 'farm':
if (empty($this->_farm) && !empty($this->farmId)) {
$this->_farm = Farm::findPk($this->farmId);
}
return $this->_farm;
case 'role':
if (empty($this->_role) && !empty($this->roleId)) {
$this->_role = Role::findPk($this->roleId);
}
return $this->_role;
default:
return parent::__get($name);
}
}
/**
* @return Image|NULL
* @throws \Exception
*/
public function getImage()
{
/* @var $role Role */
$role = Role::findPk($this->roleId);
return Image::findOne([['id' => $this->imageId], ['$or' => [['envId' => $role->envId == 0 ? null : $role->envId], ['envId' => null]]], ['platform' => $this->platform], ['cloudLocation' => $this->cloudLocation]]);
}
/**
* @test
*/
public function testAccountRolesFunctional()
{
$db = \Scalr::getDb();
$testName = str_replace('-', '', static::getTestName());
$roles = null;
$uri = self::getAccountApiUrl('/roles');
do {
$query = [];
if (isset($roles->pagination->next)) {
$parts = parse_url($roles->pagination->next);
parse_str($parts['query'], $query);
}
$describe = $this->request($uri, Request::METHOD_GET, $query);
$this->assertDescribeResponseNotEmpty($describe);
$this->assertNotEmpty($describe->getBody());
$roles = $describe->getBody();
foreach ($roles->data as $role) {
$this->assertRolesObjectNotEmpty($role);
if ($role->name == $testName) {
$delete = $this->request($uri . '/' . $role->id, Request::METHOD_DELETE);
$this->assertEquals(200, $delete->status);
}
}
} while (!empty($roles->pagination->next));
// test create action
$create = $this->request($uri, Request::METHOD_POST, [], ['scope' => 'invalid']);
$this->assertErrorMessageContains($create, 400, ErrorMessage::ERR_INVALID_VALUE, 'Invalid scope');
$create = $this->request($uri, Request::METHOD_POST);
$this->assertErrorMessageContains($create, 400, ErrorMessage::ERR_INVALID_STRUCTURE, 'Invalid body');
$create = $this->request($uri, Request::METHOD_POST, [], ['invalid' => 'value']);
$this->assertErrorMessageContains($create, 400, ErrorMessage::ERR_INVALID_STRUCTURE, 'You are trying to set');
$create = $this->request($uri, Request::METHOD_POST, [], ['id' => 'value']);
$this->assertErrorMessageContains($create, 400, ErrorMessage::ERR_INVALID_VALUE, 'Invalid name');
$create = $this->request($uri, Request::METHOD_POST, [], ['scope' => ScopeInterface::SCOPE_ACCOUNT, 'name' => 'invalidName^$&&']);
$this->assertErrorMessageContains($create, 400, ErrorMessage::ERR_INVALID_VALUE, 'Invalid name of the Role');
$create = $this->request($uri, Request::METHOD_POST, [], ['scope' => ScopeInterface::SCOPE_ACCOUNT, 'name' => $testName, 'description' => 'invalidDesc<br/>']);
$this->assertErrorMessageContains($create, 400, ErrorMessage::ERR_INVALID_VALUE, 'Invalid description');
$create = $this->request($uri, Request::METHOD_POST, [], ['scope' => ScopeInterface::SCOPE_ACCOUNT, 'name' => $testName]);
$this->assertErrorMessageContains($create, 400, ErrorMessage::ERR_INVALID_STRUCTURE, 'Role category should be provided');
$create = $this->request($uri, Request::METHOD_POST, [], ['scope' => ScopeInterface::SCOPE_ACCOUNT, 'name' => $testName, 'category' => ['id' => 'not int']]);
$this->assertErrorMessageContains($create, 400, ErrorMessage::ERR_INVALID_VALUE, 'Invalid identifier of the category');
$create = $this->request($uri, Request::METHOD_POST, [], ['scope' => ScopeInterface::SCOPE_ACCOUNT, 'name' => $testName, 'category' => ['id' => -1]]);
$this->assertErrorMessageContains($create, 400, ErrorMessage::ERR_INVALID_VALUE, 'The Role category does not exist');
$rolesCat = RoleCategory::findOne();
/* @var $rolesCat RoleCategory */
$this->assertNotEmpty($rolesCat);
$create = $this->request($uri, Request::METHOD_POST, [], ['scope' => ScopeInterface::SCOPE_ACCOUNT, 'name' => $testName, 'category' => ['id' => $rolesCat->id]]);
$this->assertErrorMessageContains($create, 400, ErrorMessage::ERR_INVALID_STRUCTURE, "Missed property 'os.id'");
$os = Os::findOne([['status' => Os::STATUS_ACTIVE], ['family' => 'ubuntu'], ['generation' => '12.04']]);
/* @var $os Os */
$this->assertNotEmpty($os);
$create = $this->request($uri, Request::METHOD_POST, [], ['scope' => ScopeInterface::SCOPE_ACCOUNT, 'name' => $testName, 'category' => ['id' => $rolesCat->id], 'os' => ['id' => -1]]);
$this->assertErrorMessageContains($create, 400, ErrorMessage::ERR_INVALID_VALUE, 'Invalid identifier of the OS');
$create = $this->request($uri, Request::METHOD_POST, [], ['scope' => ScopeInterface::SCOPE_ACCOUNT, 'name' => $testName, 'category' => ['id' => $rolesCat->id], 'os' => ['id' => 'invalid']]);
$this->assertErrorMessageContains($create, 400, ErrorMessage::ERR_INVALID_VALUE, "OS with id 'invalid' not found.");
$create = $this->request($uri, Request::METHOD_POST, [], ['scope' => ScopeInterface::SCOPE_ACCOUNT, 'name' => $testName, 'description' => $testName, 'category' => $rolesCat->id, 'os' => $os->id, 'quickStart' => true, 'deprecated' => true]);
$body = $create->getBody();
$this->assertEquals(201, $create->response->getStatus());
$this->assertFetchResponseNotEmpty($create);
$this->assertRolesObjectNotEmpty($body->data);
$this->assertNotEmpty($body->data->id);
$this->assertEquals($testName, $body->data->name);
$this->assertEquals($testName, $body->data->description);
$this->assertEquals(ScopeInterface::SCOPE_ACCOUNT, $body->data->scope);
$this->assertEquals($rolesCat->id, $body->data->category->id);
$this->assertEquals($os->id, $body->data->os->id);
$this->assertEquals(true, $body->data->quickStart);
$this->assertEquals(true, $body->data->deprecated);
// test images actions
$roleId = $body->data->id;
$imagesUri = $uri . '/' . $roleId . '/images';
$images = null;
do {
$query = [];
if (isset($images->pagination->next)) {
$parts = parse_url($images->pagination->next);
parse_str($parts['query'], $query);
}
$describeImages = $this->request($imagesUri, Request::METHOD_GET, $query);
$this->assertDescribeResponseNotEmpty($describeImages);
$images = $describeImages->getBody();
foreach ($images->data as $imageRole) {
$this->assertRoleImageObjectNotEmpty($imageRole);
$this->assertEquals($roleId, $imageRole->role->id);
$image = Image::findPk($imageRole->image->id);
/* @var $image Image */
if ($image->name == $testName) {
$delete = $this->request($imagesUri . '/' . $imageRole->image->id, Request::METHOD_DELETE);
$this->assertEquals(200, $delete->status);
}
}
} while (!empty($images->pagination->next));
$env = \Scalr_Environment::init()->loadById(static::$testEnvId);
$platform = \SERVER_PLATFORMS::EC2;
if (!$env->isPlatformEnabled($platform)) {
$env->setPlatformConfig([$platform . '.is_enabled' => 1]);
}
$region = null;
$cloudImageId = null;
foreach (Aws::getCloudLocations() as $cloudLocation) {
$cloudImageId = $this->getNewImageId($env, $cloudLocation);
if (!empty($cloudImageId)) {
$region = $cloudLocation;
break;
}
}
$this->assertNotNull($cloudImageId);
$this->assertNotNull($cloudLocation);
$image = $this->createEntity(new Image(), ['accountId' => $this->getUser()->accountId, 'name' => $testName, 'osId' => $os->id, 'platform' => $platform, 'cloudLocation' => $region, 'id' => $cloudImageId, 'architecture' => 'x86_64', 'source' => Image::SOURCE_MANUAL, 'status' => Image::STATUS_ACTIVE]);
$createRoleImage = $this->request($imagesUri, Request::METHOD_POST, [], ['role' => ['id' => $roleId + 10], 'image' => ['id' => $image->hash]]);
$this->assertErrorMessageStatusEquals(400, $createRoleImage);
$this->assertErrorMessageErrorEquals(ErrorMessage::ERR_INVALID_VALUE, $createRoleImage);
$createRoleImage = $this->request($imagesUri, Request::METHOD_POST, [], ['role' => ['id' => $roleId]]);
$this->assertErrorMessageStatusEquals(400, $createRoleImage);
$this->assertErrorMessageErrorEquals(ErrorMessage::ERR_INVALID_STRUCTURE, $createRoleImage);
$createRoleImage = $this->request($imagesUri, Request::METHOD_POST, [], ['role' => ['id' => $roleId], 'image' => ['id' => '11111111-1111-1111-1111-111111111111']]);
$this->assertErrorMessageStatusEquals(404, $createRoleImage);
$this->assertErrorMessageErrorEquals(ErrorMessage::ERR_INVALID_VALUE, $createRoleImage);
$createRoleImage = $this->request($imagesUri, Request::METHOD_POST, [], ['role' => ['id' => $roleId], 'image' => ['id' => $image->hash]]);
$createRoleImageBody = $createRoleImage->getBody();
$this->assertEquals(201, $createRoleImage->response->getStatus());
$this->assertFetchResponseNotEmpty($createRoleImage);
$this->assertRoleImageObjectNotEmpty($createRoleImageBody->data);
$createRoleImageError = $this->request($imagesUri, Request::METHOD_POST, [], ['role' => ['id' => $roleId], 'image' => ['id' => $image->hash]]);
$this->assertErrorMessageStatusEquals(400, $createRoleImageError);
$this->assertErrorMessageErrorEquals(ErrorMessage::ERR_BAD_REQUEST, $createRoleImageError);
$fetchImage = $this->request($imagesUri . '/' . $createRoleImageBody->data->image->id, Request::METHOD_GET);
$fetchImageBody = $fetchImage->getBody();
$this->assertEquals(200, $fetchImage->response->getStatus());
$this->assertFetchResponseNotEmpty($fetchImage);
$this->assertImageObjectNotEmpty($fetchImageBody->data);
$this->assertEquals($cloudImageId, $fetchImageBody->data->cloudImageId);
$this->assertEquals($testName, $fetchImageBody->data->name);
// test role images filtering
$describeRoleImages = $this->request($imagesUri, Request::METHOD_GET, ['role' => $roleId]);
$this->assertDescribeResponseNotEmpty($describeRoleImages);
foreach ($describeRoleImages->getBody()->data as $data) {
$this->assertRoleImageObjectNotEmpty($data);
$this->assertEquals($roleId, $data->role->id);
}
$describeRoleImages = $this->request($imagesUri, Request::METHOD_GET, ['image' => $image->hash]);
$this->assertDescribeResponseNotEmpty($describeRoleImages);
foreach ($describeRoleImages->getBody()->data as $data) {
$this->assertRoleImageObjectNotEmpty($data);
$this->assertEquals($image->hash, $data->image->id);
}
$describeRoleImages = $this->request($imagesUri, Request::METHOD_GET, ['invalid' => 'value']);
$this->assertErrorMessageContains($describeRoleImages, 400, ErrorMessage::ERR_INVALID_STRUCTURE, 'Unsupported filter');
$currentRole = Role::findPk($roleId);
/* @var $currentRole Role */
$this->assertNotEmpty($currentRole);
$adminImages = Image::find([['envId' => null], ['status' => Image::STATUS_ACTIVE], ['cloudLocation' => $region]]);
$this->assertNotEmpty($adminImages);
$adminImage = null;
foreach ($adminImages as $aImage) {
/* @var $aImage Image */
$imageOs = $aImage->getOs();
if (!empty($imageOs) && $imageOs->generation == $currentRole->getOs()->generation && $imageOs->family == $currentRole->getOs()->family) {
$adminImage = $aImage;
break;
}
}
/* @var $adminImage Image */
$this->assertNotEmpty($adminImage);
$this->assertNotEquals($createRoleImageBody->data->image->id, $adminImage->hash);
$replaceImage = $this->request($imagesUri . '/' . $createRoleImageBody->data->image->id . '/actions/replace', Request::METHOD_POST, [], ['role' => $roleId, 'image' => $adminImage->hash]);
$replaceImageBody = $replaceImage->getBody();
$this->assertEquals(200, $replaceImage->response->getStatus());
$this->assertFetchResponseNotEmpty($replaceImage);
$this->assertRoleImageObjectNotEmpty($replaceImageBody->data);
$this->assertEquals($adminImage->hash, $replaceImageBody->data->image->id);
$deleteImage = $this->request($imagesUri . '/' . $replaceImageBody->data->image->id, Request::METHOD_DELETE);
$this->assertEquals(200, $deleteImage->response->getStatus());
$delete = $this->request(static::getAccountApiUrl("images/{$image->hash}"), Request::METHOD_DELETE);
$this->assertEquals(200, $delete->response->getStatus());
// test get action
$notFoundRoleId = 10 + $db->GetOne("SELECT MAX(r.id) FROM roles r");
$get = $this->request($uri . '/' . $notFoundRoleId, Request::METHOD_GET);
$this->assertErrorMessageContains($get, 404, ErrorMessage::ERR_OBJECT_NOT_FOUND, "The Role either does not exist or isn't in scope for the current Environment");
$get = $this->request($uri . '/' . $body->data->id, Request::METHOD_GET);
$getBody = $get->getBody();
$this->assertEquals(200, $get->response->getStatus());
$this->assertFetchResponseNotEmpty($get);
$this->assertRolesObjectNotEmpty($getBody->data);
$this->assertEquals($body->data->id, $getBody->data->id);
$this->assertEquals($testName, $getBody->data->name);
$this->assertEquals($testName, $getBody->data->description);
$this->assertEquals(ScopeInterface::SCOPE_ACCOUNT, $getBody->data->scope);
$this->assertEquals($rolesCat->id, $getBody->data->category->id);
$this->assertEquals($os->id, $getBody->data->os->id);
// test filters
$describe = $this->request($uri, Request::METHOD_GET, ['description' => $testName]);
$this->assertErrorMessageContains($describe, 400, ErrorMessage::ERR_INVALID_STRUCTURE, 'Unsupported filter');
$describe = $this->request($uri, Request::METHOD_GET, ['scope' => 'wrong<br>']);
$this->assertErrorMessageContains($describe, 400, ErrorMessage::ERR_INVALID_VALUE, 'Unexpected scope value');
$describe = $this->request($uri, Request::METHOD_GET, ['scope' => ScopeInterface::SCOPE_SCALR]);
$this->assertDescribeResponseNotEmpty($describe);
foreach ($describe->getBody()->data as $data) {
$this->assertRolesObjectNotEmpty($data);
}
$describe = $this->request($uri, Request::METHOD_GET, ['scope' => ScopeInterface::SCOPE_ACCOUNT]);
$this->assertDescribeResponseNotEmpty($describe);
foreach ($describe->getBody()->data as $data) {
$this->assertRolesObjectNotEmpty($data);
$this->assertEquals(ScopeInterface::SCOPE_ACCOUNT, $data->scope);
}
$describe = $this->request($uri, Request::METHOD_GET, ['name' => $testName]);
$this->assertDescribeResponseNotEmpty($describe);
foreach ($describe->getBody()->data as $data) {
$this->assertRolesObjectNotEmpty($data);
$this->assertEquals($testName, $data->name);
}
$describe = $this->request($uri, Request::METHOD_GET, ['id' => $roleId]);
$this->assertDescribeResponseNotEmpty($describe);
foreach ($describe->getBody()->data as $data) {
$this->assertRolesObjectNotEmpty($data);
$this->assertEquals($roleId, $data->id);
}
$describe = $this->request($uri, Request::METHOD_GET, ['os' => $os->id]);
$this->assertDescribeResponseNotEmpty($describe);
foreach ($describe->getBody()->data as $data) {
$this->assertRolesObjectNotEmpty($data);
$this->assertEquals($os->id, $data->os->id);
}
$describe = $this->request($uri, Request::METHOD_GET, ['os' => 'invalid*&^^%']);
$this->assertErrorMessageContains($describe, 400, ErrorMessage::ERR_INVALID_VALUE, "Invalid identifier of the OS");
$describe = $this->request($uri, Request::METHOD_GET, ['category' => $rolesCat->id]);
$this->assertDescribeResponseNotEmpty($describe);
foreach ($describe->getBody()->data as $data) {
$this->assertRolesObjectNotEmpty($data);
$this->assertEquals($rolesCat->id, $data->category->id);
}
$describe = $this->request($uri, Request::METHOD_GET, ['category' => '']);
$this->assertErrorMessageContains($describe, 400, ErrorMessage::ERR_INVALID_VALUE, "Invalid identifier of the category");
// test modify action
$modify = $this->request($uri . '/' . $body->data->id, Request::METHOD_PATCH);
$this->assertErrorMessageContains($modify, 400, ErrorMessage::ERR_INVALID_STRUCTURE, 'Invalid body');
$modify = $this->request($uri . '/' . $body->data->id, Request::METHOD_PATCH, [], ['id' => 123]);
$this->assertErrorMessageContains($modify, 400, ErrorMessage::ERR_INVALID_STRUCTURE);
$modify = $this->request($uri . '/' . $body->data->id, Request::METHOD_PATCH, [], ['invalid' => 'err']);
$this->assertErrorMessageContains($modify, 400, ErrorMessage::ERR_INVALID_STRUCTURE, 'You are trying to set');
$modify = $this->request($uri . '/' . $body->data->id, Request::METHOD_PATCH, [], ['scope' => 'environment']);
$this->assertErrorMessageContains($modify, 400, ErrorMessage::ERR_INVALID_VALUE);
$modify = $this->request($uri . '/' . $body->data->id, Request::METHOD_PATCH, [], ['description' => '']);
$modifyBody = $modify->getBody();
$this->assertEquals(200, $modify->response->getStatus());
$this->assertFetchResponseNotEmpty($modify);
$this->assertRolesObjectNotEmpty($modifyBody->data);
$this->assertEquals($body->data->id, $modifyBody->data->id);
$this->assertEquals($testName, $modifyBody->data->name);
$this->assertEquals('', $modifyBody->data->description);
$this->assertEquals(ScopeInterface::SCOPE_ACCOUNT, $modifyBody->data->scope);
$this->assertEquals($rolesCat->id, $modifyBody->data->category->id);
$this->assertEquals($os->id, $modifyBody->data->os->id);
// test delete action
$delete = $this->request(static::getAccountApiUrl("/roles/{$notFoundRoleId}"), Request::METHOD_DELETE);
$this->assertErrorMessageContains($delete, 404, ErrorMessage::ERR_OBJECT_NOT_FOUND);
$delete = $this->request($uri . '/' . $body->data->id, Request::METHOD_DELETE);
$this->assertEquals(200, $delete->status);
$db->Execute("INSERT INTO roles SET\n name = ?,\n dtadded = NOW(),\n env_id\t = NULL,\n client_id = NULL,\n generation = 2\n ", [$testName]);
$insertedId = $db->_insertid();
$db->Execute("INSERT INTO role_images SET\n role_id = ?,\n platform = 'ec2',\n image_id = 'test'\n ", [$insertedId]);
$delete = $this->request($uri . '/' . $insertedId, Request::METHOD_DELETE);
$db->Execute("DELETE FROM roles WHERE name = ? AND id = ?", [$testName, $insertedId]);
$this->assertErrorMessageContains($delete, 403, ErrorMessage::ERR_SCOPE_VIOLATION);
}
/**
* Get Role entity
*
* @return Role|null
*/
public function getRole()
{
if (!empty($this->roleId)) {
if (empty($this->_role) || $this->_role->id != $this->roleId) {
$this->_role = Role::findPk($this->roleId);
}
}
return $this->_role;
}
/**
* @return Image
*/
public function createImageEntity()
{
$snapshot = $this->getSnapshotDetails();
$envId = $this->envId;
/* @var Entity\Server $server */
$server = Entity\Server::findOneByServerId($this->serverId);
if (!empty($server->farmRoleId)) {
/* @var Entity\FarmRole $farmRole */
$farmRole = Entity\FarmRole::findPk($server->farmRoleId);
if (!empty($farmRole->roleId)) {
/* @var Entity\Role $role */
$role = Entity\Role::findPk($farmRole->roleId);
$envId = $role->getScope() == ScopeInterface::SCOPE_ACCOUNT ? NULL : $envId;
}
}
$image = new Image();
$image->id = $this->snapshotId;
$image->accountId = $this->clientId;
$image->envId = $envId;
$image->bundleTaskId = $this->id;
$image->platform = $this->platform;
$image->cloudLocation = $this->cloudLocation;
$image->createdById = $this->createdById;
$image->createdByEmail = $this->createdByEmail;
$image->architecture = is_null($snapshot['os']->arch) ? 'x86_64' : $snapshot['os']->arch;
$image->source = Image::SOURCE_BUNDLE_TASK;
$image->status = Image::STATUS_ACTIVE;
$image->agentVersion = $snapshot['szr_version'];
$image->checkImage();
if (!$image->name) {
$image->name = $this->roleName . '-' . date('YmdHi');
}
$image->osId = $this->osId;
$image->save();
if ($snapshot['software']) {
$software = [];
foreach ((array) $snapshot['software'] as $soft) {
$software[$soft->name] = $soft->version;
}
$image->setSoftware($software);
}
return $image;
}
/**
* Move role to account scope
*
* @param int $id ID of Role
* @throws Exception
*/
public function xPromoteAction($id)
{
throw new \Scalr\Exception\NotYetImplementedException('Not implemented yet');
$this->request->restrictAccess(Acl::RESOURCE_ROLES_ENVIRONMENT, Acl::PERM_ROLES_ENVIRONMENT_MANAGE);
$this->request->restrictAccess(Acl::RESOURCE_ROLES_ACCOUNT, Acl::PERM_ROLES_ACCOUNT_MANAGE);
/* @var $role Role */
if (!$id || !($role = Role::findPk($id))) {
throw new Exception('Role not found');
}
$role->envId = null;
$role->save();
// Invar: move all images to account scope
$this->response->data(['role' => $this->getInfo($role->id, true)]);
}
/**
* @param int $roleId
* @param string $name
* @param string $description
* @param string $osId
* @param int $catId
* @param bool $isQuickStart
* @param bool $isDeprecated
* @param JsonData $behaviors
* @param JsonData $images
* @param JsonData $scripts
* @param JsonData $variables
* @param JsonData $chef
* @param JsonData $environments
* @throws Exception
* @throws Scalr_Exception_Core
* @throws Scalr_Exception_InsufficientPermissions
*/
public function xSaveAction($roleId = 0, $name, $description, $osId, $catId, $isQuickStart = false, $isDeprecated = false, JsonData $behaviors, JsonData $images, JsonData $scripts, JsonData $variables, JsonData $chef, JsonData $environments)
{
$this->restrictAccess('ROLES', 'MANAGE');
if ($roleId == 0) {
$accountId = $this->user->getAccountId() ?: NULL;
if (!Role::isValidName($name)) {
throw new Exception(_("Role name is incorrect"));
}
if (Role::isNameUsed($name, $accountId, $this->getEnvironmentId(true))) {
throw new Exception('Selected role name is already used. Please select another one.');
}
if (!Os::findPk($osId)) {
throw new Exception(sprintf('%s is not valid osId', $osId));
}
$role = new Role();
$role->generation = 2;
$role->origin = $this->user->isScalrAdmin() ? ROLE_TYPE::SHARED : ROLE_TYPE::CUSTOM;
$role->accountId = $accountId;
$role->envId = $this->getEnvironmentId(true);
$role->name = $name;
$role->catId = $catId;
$role->osId = $osId;
$role->addedByUserId = $this->user->getId();
$role->addedByEmail = $this->user->getEmail();
$role->setBehaviors((array) $behaviors);
$role->save();
} else {
$role = Role::findPk($roleId);
if (!$role) {
throw new Scalr_Exception_Core(sprintf(_("Role ID#%s not found in database"), $roleId));
}
$this->checkPermissions($role, true);
}
$globalVariables = new Scalr_Scripting_GlobalVariables($this->user->getAccountId(), $this->getEnvironmentId(true), ScopeInterface::SCOPE_ROLE);
$globalVariables->setValues($variables, $role->id);
foreach (RoleProperty::find([['roleId' => $role->id], ['name' => ['$like' => ['chef.%']]]]) as $prop) {
$prop->delete();
}
foreach ($chef as $name => $value) {
$prop = new RoleProperty();
$prop->roleId = $role->id;
$prop->name = $name;
$prop->value = $value;
$prop->save();
}
$role->description = $description;
$role->isQuickStart = $isQuickStart;
$role->isDeprecated = $isDeprecated;
foreach ($images as $i) {
if (isset($i['platform']) && isset($i['cloudLocation']) && isset($i['imageId'])) {
$role->setImage($i['platform'], $i['cloudLocation'], $i['imageId'], $this->user->getId(), $this->user->getEmail());
}
}
$role->setScripts((array) $scripts);
$role->save();
if ($this->request->getScope() == ScopeInterface::SCOPE_ACCOUNT) {
foreach (RoleEnvironment::find([['roleId' => $roleId]]) as $re) {
$re->delete();
}
$accountEnvironments = [];
$allowedEnvironments = [];
foreach (Environment::find([['accountId' => $this->user->getAccountId()]]) as $env) {
$accountEnvironments[] = $env->id;
}
foreach ($environments as $e) {
if ($e['enabled'] == 1 && in_array($e['id'], $accountEnvironments)) {
$allowedEnvironments[] = $e['id'];
}
}
if (count($allowedEnvironments) < count($accountEnvironments)) {
foreach ($allowedEnvironments as $id) {
$re = new RoleEnvironment();
$re->roleId = $role->id;
$re->envId = $id;
$re->save();
}
}
}
$this->response->data(['role' => $this->getInfo($role->id, true)]);
$this->response->success('Role saved');
}
/**
* @param int $roleId
*/
public function xGetRoleChefSettingsAction($roleId)
{
/* @var $role Role */
$role = Role::findPk($roleId);
if (!$role) {
$this->response->failure('Role not found');
return;
}
$this->checkPermissions($role);
$properties = [];
foreach (RoleProperty::find([['roleId' => $role->id], ['name' => ['$like' => 'chef.%']]]) as $prop) {
/* @var $prop RoleProperty */
$properties[$prop->name] = $prop->value;
}
$this->response->data(['chef' => $properties]);
}
/**
* @param JsonData $roles
* @throws Exception
* @throws Scalr_Exception_InsufficientPermissions
* @throws \Scalr\Exception\ModelException
*/
public function xRemoveAction(JsonData $roles)
{
$this->request->restrictAccess(Acl::RESOURCE_FARMS_ROLES, Acl::PERM_FARMS_ROLES_MANAGE);
$errors = [];
$processed = [];
foreach ($roles as $id) {
try {
/* @var $role Role */
$role = Role::findPk($id);
if ($role) {
if ($this->user->getType() != Scalr_Account_User::TYPE_SCALR_ADMIN) {
$this->user->getPermissions()->validate($role);
}
if ($role->isUsed()) {
throw new Exception(sprintf(_("Role '%s' is used by at least one farm, and cannot be removed."), $role->name));
} else {
$role->delete();
}
}
$processed[] = $id;
} catch (Exception $e) {
$errors[] = $e->getMessage();
}
}
$this->response->data(['processed' => $processed]);
if (count($errors)) {
$this->response->warning("Roles(s) successfully removed, but some errors occurred:\n" . implode("\n", $errors));
} else {
$this->response->success('Roles(s) successfully removed');
}
}
