diff --git a/admin_plans.php b/admin_plans.php index cae7fb93..bf30d5ba 100644 --- a/admin_plans.php +++ b/admin_plans.php @@ -17,6 +17,7 @@ define('AREA', 'admin'); require './lib/init.php'; +use Froxlor\Api\Commands\HostingPlans; use Froxlor\Database\Database; use Froxlor\Settings; @@ -69,22 +70,26 @@ if ($page == '' || $page == 'overview') { eval("echo \"" . \Froxlor\UI\Template::getTemplate("plans/plans") . "\";"); } elseif ($action == 'delete' && $id != 0) { - $result_stmt = Database::prepare(" - SELECT * FROM `" . TABLE_PANEL_PLANS . "` WHERE `id` = :id"); - $result = Database::pexecute_first($result_stmt, array( - 'id' => $id - )); + try { + $json_result = HostingPlans::getLocal($userinfo, array( + 'id' => $id + ))->get(); + } catch (Exception $e) { + \Froxlor\UI\Response::dynamic_error($e->getMessage()); + } + $result = json_decode($json_result, true)['data']; if ($result['id'] != 0 && $result['id'] == $id && (int) $userinfo['adminid'] == $result['adminid']) { if (isset($_POST['send']) && $_POST['send'] == 'send') { - $del_stmt = Database::prepare(" - DELETE FROM `" . TABLE_PANEL_PLANS . "` WHERE `id` = :id"); - Database::pexecute($del_stmt, array( - 'id' => $id - )); + try { + HostingPlans::getLocal($userinfo, array( + 'id' => $id + ))->delete(); + } catch (Exception $e) { + \Froxlor\UI\Response::dynamic_error($e->getMessage()); + } - $log->logAction(\Froxlor\FroxlorLogger::ADM_ACTION, LOG_INFO, "Plan '" . $result['name'] . "' has been deleted by '" . $userinfo['loginname'] . "'"); \Froxlor\UI\Response::redirectTo($filename, array( 'page' => $page, 's' => $s @@ -102,113 +107,11 @@ if ($page == '' || $page == 'overview') { } elseif ($action == 'add') { if (isset($_POST['send']) && $_POST['send'] == 'send') { - $name = \Froxlor\Validate\Validate::validate($_POST['name'], 'name'); - $description = \Froxlor\Validate\Validate::validate(str_replace("\r\n", "\n", $_POST['description']), 'description', '/^[^\0]*$/'); - - $value_arr = array(); - - if (empty($name)) { - \Froxlor\UI\Response::standard_error('stringmustntbeempty', 'name'); + try { + HostingPlans::getLocal($userinfo, $_POST)->add(); + } catch (Exception $e) { + \Froxlor\UI\Response::dynamic_error($e->getMessage()); } - - $value_arr['diskspace'] = (int)($_POST['diskspace']); - if (isset($_POST['diskspace_ul'])) { - $value_arr['diskspace'] = - 1; - } - - $value_arr['traffic'] = $_POST['traffic']; - if (isset($_POST['traffic_ul'])) { - $value_arr['traffic'] = - 1; - } - - $value_arr['subdomains'] = (int)($_POST['subdomains']); - if (isset($_POST['subdomains_ul'])) { - $value_arr['subdomains'] = - 1; - } - - $value_arr['emails'] = (int)($_POST['emails']); - if (isset($_POST['emails_ul'])) { - $value_arr['emails'] = - 1; - } - - $value_arr['email_accounts'] = (int)($_POST['email_accounts']); - if (isset($_POST['email_accounts_ul'])) { - $value_arr['email_accounts'] = - 1; - } - - $value_arr['email_forwarders'] = (int)($_POST['email_forwarders']); - if (isset($_POST['email_forwarders_ul'])) { - $value_arr['email_forwarders'] = - 1; - } - - if (Settings::Get('system.mail_quota_enabled') == '1') { - $value_arr['email_quota'] = \Froxlor\Validate\Validate::validate($_POST['email_quota'], 'email_quota', '/^\d+$/', 'vmailquotawrong', array( - '0', - '' - )); - if (isset($_POST['email_quota_ul'])) { - $value_arr['email_quota'] = - 1; - } - } else { - $value_arr['email_quota'] = - 1; - } - - $value_arr['email_imap'] = 0; - if (isset($_POST['email_imap'])) { - $value_arr['email_imap'] = (int)($_POST['email_imap']); - } - - $value_arr['email_pop3'] = 0; - if (isset($_POST['email_pop3'])) { - $value_arr['email_pop3'] = (int)($_POST['email_pop3']); - } - - $value_arr['ftps'] = (int)($_POST['ftps']); - if (isset($_POST['ftps_ul'])) { - $value_arr['ftps'] = - 1; - } - - $value_arr['mysqls'] = (int)($_POST['mysqls']); - if (isset($_POST['mysqls_ul'])) { - $value_arr['mysqls'] = - 1; - } - - $value_arr['phpenabled'] = 0; - if (isset($_POST['phpenabled'])) { - $value_arr['phpenabled'] = intval($_POST['phpenabled']); - } - - $value_arr['allowed_phpconfigs'] = array(); - if (isset($_POST['allowed_phpconfigs']) && is_array($_POST['allowed_phpconfigs'])) { - foreach ($_POST['allowed_phpconfigs'] as $allowed_phpconfig) { - $allowed_phpconfig = intval($allowed_phpconfig); - $value_arr['allowed_phpconfigs'][] = $allowed_phpconfig; - } - } - - $value_arr['perlenabled'] = 0; - if (isset($_POST['perlenabled'])) { - $value_arr['perlenabled'] = intval($_POST['perlenabled']); - } - - $value_arr['dnsenabled'] = 0; - if (isset($_POST['dnsenabled'])) { - $value_arr['dnsenabled'] = intval($_POST['dnsenabled']); - } - - $ins_stmt = Database::prepare(" - INSERT INTO `" . TABLE_PANEL_PLANS . "` - SET `adminid` = :adminid, `name` = :name, `description` = :desc, `value` = :valuearr, `ts` = UNIX_TIMESTAMP(); - "); - $ins_data = array( - 'adminid' => $userinfo['adminid'], - 'name' => $name, - 'desc' => $description, - 'valuearr' => json_encode($value_arr) - ); - Database::pexecute($ins_stmt, $ins_data); - - $log->logAction(\Froxlor\FroxlorLogger::ADM_ACTION, LOG_WARNING, "added plan '" . $name . "'"); \Froxlor\UI\Response::redirectTo($filename, array( 'page' => $page, 's' => $s @@ -266,11 +169,14 @@ if ($page == '' || $page == 'overview') { eval("echo \"" . \Froxlor\UI\Template::getTemplate("plans/plans_add") . "\";"); } } elseif ($action == 'edit' && $id != 0) { - $result_stmt = Database::prepare(" - SELECT * FROM `" . TABLE_PANEL_PLANS . "` WHERE `id` = :id"); - $result = Database::pexecute_first($result_stmt, array( - 'id' => $id - )); + try { + $json_result = HostingPlans::getLocal($userinfo, array( + 'id' => $id + ))->get(); + } catch (Exception $e) { + \Froxlor\UI\Response::dynamic_error($e->getMessage()); + } + $result = json_decode($json_result, true)['data']; if ($result['name'] != '') { @@ -284,110 +190,13 @@ if ($page == '' || $page == 'overview') { if (isset($_POST['send']) && $_POST['send'] == 'send') { - $name = \Froxlor\Validate\Validate::validate($_POST['name'], 'name'); - $description = \Froxlor\Validate\Validate::validate(str_replace("\r\n", "\n", $_POST['description']), 'description', '/^[^\0]*$/'); - - $value_arr = array(); - - $value_arr['diskspace'] = (int)($_POST['diskspace']); - if (isset($_POST['diskspace_ul'])) { - $value_arr['diskspace'] = - 1; + try { + HostingPlans::getLocal($userinfo, array( + 'id' => $id + ))->update(); + } catch (Exception $e) { + \Froxlor\UI\Response::dynamic_error($e->getMessage()); } - - $value_arr['traffic'] = $_POST['traffic']; - if (isset($_POST['traffic_ul'])) { - $value_arr['traffic'] = - 1; - } - - $value_arr['subdomains'] = (int)($_POST['subdomains']); - if (isset($_POST['subdomains_ul'])) { - $value_arr['subdomains'] = - 1; - } - - $value_arr['emails'] = (int)($_POST['emails']); - if (isset($_POST['emails_ul'])) { - $value_arr['emails'] = - 1; - } - - $value_arr['email_accounts'] = (int)($_POST['email_accounts']); - if (isset($_POST['email_accounts_ul'])) { - $value_arr['email_accounts'] = - 1; - } - - $value_arr['email_forwarders'] = (int)($_POST['email_forwarders']); - if (isset($_POST['email_forwarders_ul'])) { - $value_arr['email_forwarders'] = - 1; - } - - if (Settings::Get('system.mail_quota_enabled') == '1') { - $value_arr['email_quota'] = \Froxlor\Validate\Validate::validate($_POST['email_quota'], 'email_quota', '/^\d+$/', 'vmailquotawrong', array( - '0', - '' - )); - if (isset($_POST['email_quota_ul'])) { - $value_arr['email_quota'] = - 1; - } - } else { - $value_arr['email_quota'] = - 1; - } - - $value_arr['email_imap'] = 0; - if (isset($_POST['email_imap'])) { - $value_arr['email_imap'] = (int)($_POST['email_imap']); - } - - $value_arr['email_pop3'] = 0; - if (isset($_POST['email_pop3'])) { - $value_arr['email_pop3'] = (int)($_POST['email_pop3']); - } - - $value_arr['ftps'] = (int)($_POST['ftps']); - if (isset($_POST['ftps_ul'])) { - $value_arr['ftps'] = - 1; - } - - $value_arr['mysqls'] = (int)($_POST['mysqls']); - if (isset($_POST['mysqls_ul'])) { - $value_arr['mysqls'] = - 1; - } - - $value_arr['phpenabled'] = 0; - if (isset($_POST['phpenabled'])) { - $value_arr['phpenabled'] = intval($_POST['phpenabled']); - } - - $value_arr['allowed_phpconfigs'] = array(); - if (isset($_POST['allowed_phpconfigs']) && is_array($_POST['allowed_phpconfigs'])) { - foreach ($_POST['allowed_phpconfigs'] as $allowed_phpconfig) { - $allowed_phpconfig = intval($allowed_phpconfig); - $value_arr['allowed_phpconfigs'][] = $allowed_phpconfig; - } - } - - $value_arr['perlenabled'] = 0; - if (isset($_POST['perlenabled'])) { - $value_arr['perlenabled'] = intval($_POST['perlenabled']); - } - - $value_arr['dnsenabled'] = 0; - if (isset($_POST['dnsenabled'])) { - $value_arr['dnsenabled'] = intval($_POST['dnsenabled']); - } - - $ins_stmt = Database::prepare(" - UPDATE `" . TABLE_PANEL_PLANS . "` - SET `name` = :name, `description` = :desc, `value` = :valuearr, `ts` = UNIX_TIMESTAMP() - WHERE `id` = :id - "); - $ins_data = array( - 'name' => $name, - 'desc' => $description, - 'valuearr' => json_encode($value_arr), - 'id' => $id - ); - Database::pexecute($ins_stmt, $ins_data); - - $log->logAction(\Froxlor\FroxlorLogger::ADM_ACTION, LOG_WARNING, "updated plan '" . $name . "'"); \Froxlor\UI\Response::redirectTo($filename, array( 'page' => $page, 's' => $s @@ -502,11 +311,14 @@ if ($page == '' || $page == 'overview') { } } elseif ($action == 'jqGetPlanValues') { $planid = isset($_POST['planid']) ? (int) $_POST['planid'] : 0; - $result_stmt = Database::prepare(" - SELECT * FROM `" . TABLE_PANEL_PLANS . "` WHERE `id` = :id"); - $result = Database::pexecute_first($result_stmt, array( - 'id' => $planid - )); + try { + $json_result = HostingPlans::getLocal($userinfo, array( + 'id' => $planid + ))->get(); + } catch (Exception $e) { + \Froxlor\UI\Response::dynamic_error($e->getMessage()); + } + $result = json_decode($json_result, true)['data']; echo $result['value']; exit(); } diff --git a/lib/Froxlor/Api/Commands/HostingPlans.php b/lib/Froxlor/Api/Commands/HostingPlans.php index 60b275f3..b20db944 100644 --- a/lib/Froxlor/Api/Commands/HostingPlans.php +++ b/lib/Froxlor/Api/Commands/HostingPlans.php @@ -1,6 +1,9 @@ isAdmin()) { + $this->logger()->logAction(\Froxlor\FroxlorLogger::ADM_ACTION, LOG_NOTICE, "[API] list hosting-plans"); + $result_stmt = Database::prepare(" + SELECT p.*, a.loginname as adminname + FROM `" . TABLE_PANEL_PLANS . "` p, `" . TABLE_PANEL_ADMINS . "` a + WHERE `p`.`adminid` = `a`.`adminid`" . ($this->getUserDetail('customers_see_all') ? '' : " AND `p`.`adminid` = :adminid ")); + $params = array(); + if ($this->getUserDetail('customers_see_all') == '0') { + $params['adminid'] = $this->getUserDetail('adminid'); + } + Database::pexecute($result_stmt, $params); + $result = array(); + while ($row = $result_stmt->fetch(\PDO::FETCH_ASSOC)) { + $result[] = $row; + } + return $this->response(200, "successfull", array( + 'count' => count($result), + 'list' => $result + )); + } + throw new \Exception("Not allowed to execute given command.", 403); } + /** + * return a hosting-plan entry by either id or plan-name + * + * @param int $id + * optional, the hosting-plan-id + * @param string $planname + * optional, the hosting-plan-name + * + * @access admin + * @throws \Exception + * @return string json-encoded array + */ + public function get() + { + if ($this->isAdmin()) { + $id = $this->getParam('id', true, 0); + $dn_optional = ($id <= 0 ? false : true); + $planname = $this->getParam('planname', $dn_optional, ''); + $result_stmt = Database::prepare(" + SELECT * FROM `" . TABLE_PANEL_PLANS . "` WHERE " . ($id > 0 ? "`id` = :iddn" : "`name` = :iddn") . ($this->getUserDetail('customers_see_all') ? '' : " AND `adminid` = :adminid")); + $params = array( + 'iddn' => ($id <= 0 ? $planname : $id) + ); + if ($this->getUserDetail('customers_see_all') == '0') { + $params['adminid'] = $this->getUserDetail('adminid'); + } + $result = Database::pexecute_first($result_stmt, $params, true, true); + if ($result) { + $this->logger()->logAction(\Froxlor\FroxlorLogger::ADM_ACTION, LOG_NOTICE, "[API] get hosting-plan '" . $result['name'] . "'"); + return $this->response(200, "successfull", $result); + } + $key = ($id > 0 ? "id #" . $id : "planname '" . $planname . "'"); + throw new \Exception("Hosting-plan with " . $key . " could not be found", 404); + } + throw new \Exception("Not allowed to execute given command.", 403); + } + + /** + * add new hosting-plan + * + * @param string $name + * name of the plan + * @param string $description + * optional, description for hosting-plan + * @param int $diskspace + * optional disk-space available for customer in MB, default 0 + * @param bool $diskspace_ul + * optional, whether customer should have unlimited diskspace, default 0 (false) + * @param int $traffic + * optional traffic available for customer in GB, default 0 + * @param bool $traffic_ul + * optional, whether customer should have unlimited traffic, default 0 (false) + * @param int $subdomains + * optional amount of subdomains available for customer, default 0 + * @param bool $subdomains_ul + * optional, whether customer should have unlimited subdomains, default 0 (false) + * @param int $emails + * optional amount of emails available for customer, default 0 + * @param bool $emails_ul + * optional, whether customer should have unlimited emails, default 0 (false) + * @param int $email_accounts + * optional amount of email-accounts available for customer, default 0 + * @param bool $email_accounts_ul + * optional, whether customer should have unlimited email-accounts, default 0 (false) + * @param int $email_forwarders + * optional amount of email-forwarders available for customer, default 0 + * @param bool $email_forwarders_ul + * optional, whether customer should have unlimited email-forwarders, default 0 (false) + * @param int $email_quota + * optional size of email-quota available for customer in MB, default is system-setting mail_quota + * @param bool $email_quota_ul + * optional, whether customer should have unlimited email-quota, default 0 (false) + * @param bool $email_imap + * optional, whether to allow IMAP access, default 0 (false) + * @param bool $email_pop3 + * optional, whether to allow POP3 access, default 0 (false) + * @param int $ftps + * optional amount of ftp-accounts available for customer, default 0 + * @param bool $ftps_ul + * optional, whether customer should have unlimited ftp-accounts, default 0 (false) + * @param int $mysqls + * optional amount of mysql-databases available for customer, default 0 + * @param bool $mysqls_ul + * optional, whether customer should have unlimited mysql-databases, default 0 (false) + * @param bool $phpenabled + * optional, whether to allow usage of PHP, default 0 (false) + * @param array $allowed_phpconfigs + * optional, array of IDs of php-config that the customer is allowed to use, default empty (none) + * @param bool $perlenabled + * optional, whether to allow usage of Perl/CGI, default 0 (false) + * @param bool $dnsenabled + * optional, ether to allow usage of the DNS editor (requires activated nameserver in settings), default 0 (false) + * @param bool $logviewenabled + * optional, ether to allow acccess to webserver access/error-logs, default 0 (false) + * + * @access admin + * @throws \Exception + * @return string json-encoded array + */ + public function add() + { + if ($this->isAdmin()) { + $name = $this->getParam('name'); + $description = $this->getParam('description', true, ''); + + $value_arr = array(); + $value_arr['diskspace'] = $this->getUlParam('diskspace', 'diskspace_ul', true, 0); + $value_arr['traffic'] = $this->getUlParam('traffic', 'traffic_ul', true, 0); + $value_arr['subdomains'] = $this->getUlParam('subdomains', 'subdomains_ul', true, 0); + $value_arr['emails'] = $this->getUlParam('emails', 'emails_ul', true, 0); + $value_arr['email_accounts'] = $this->getUlParam('email_accounts', 'email_accounts_ul', true, 0); + $value_arr['email_forwarders'] = $this->getUlParam('email_forwarders', 'email_forwarders_ul', true, 0); + $value_arr['email_quota'] = $this->getUlParam('email_quota', 'email_quota_ul', true, Settings::Get('system.mail_quota')); + $value_arr['email_imap'] = $this->getBoolParam('email_imap', true, 0); + $value_arr['email_pop3'] = $this->getBoolParam('email_pop3', true, 0); + $value_arr['ftps'] = $this->getUlParam('ftps', 'ftps_ul', true, 0); + $value_arr['mysqls'] = $this->getUlParam('mysqls', 'mysqls_ul', true, 0); + $value_arr['phpenabled'] = $this->getBoolParam('phpenabled', true, 0); + $p_allowed_phpconfigs = $this->getParam('allowed_phpconfigs', true, array()); + $value_arr['perlenabled'] = $this->getBoolParam('perlenabled', true, 0); + $value_arr['dnsenabled'] = $this->getBoolParam('dnsenabled', true, 0); + $value_arr['logviewenabled'] = $this->getBoolParam('logviewenabled', true, 0); + + // validation + $name = \Froxlor\Validate\Validate::validate(trim($name), 'name', '', '', array(), true); + $description = \Froxlor\Validate\Validate::validate(str_replace("\r\n", "\n", $description), 'description', '/^[^\0]*$/'); + + if (Settings::Get('system.mail_quota_enabled') != '1') { + $value_arr['email_quota'] = - 1; + } + + $value_arr['allowed_phpconfigs'] = array(); + if (! empty($p_allowed_phpconfigs) && is_array($p_allowed_phpconfigs)) { + foreach ($p_allowed_phpconfigs as $allowed_phpconfig) { + $allowed_phpconfig = intval($allowed_phpconfig); + $value_arr['allowed_phpconfigs'][] = $allowed_phpconfig; + } + } + $value_arr['allowed_phpconfigs'] = array_map('intval', $value_arr['allowed_phpconfigs']); + + $ins_stmt = Database::prepare(" + INSERT INTO `" . TABLE_PANEL_PLANS . "` + SET `adminid` = :adminid, `name` = :name, `description` = :desc, `value` = :valuearr, `ts` = UNIX_TIMESTAMP(); + "); + $ins_data = array( + 'adminid' => $this->getUserDetail('adminid'), + 'name' => $name, + 'desc' => $description, + 'valuearr' => json_encode($value_arr) + ); + Database::pexecute($ins_stmt, $ins_data, true, true); + $this->logger()->logAction(\Froxlor\FroxlorLogger::ADM_ACTION, LOG_WARNING, "[API] added hosting-plan '" . $name . "'"); + $result = $this->apiCall('HostingPlans.get', array( + 'planname' => $name + )); + return $this->response(200, "successfull", $result); + } + throw new \Exception("Not allowed to execute given command.", 403); + } + + /** + * update hosting-plan by either id or plan-name + * + * @param int $id + * optional the hosting-plan-id + * @param string $planname + * optional the hosting-plan-name + * @param string $name + * optional name of the plan + * @param string $description + * optional description for hosting-plan + * @param int $diskspace + * optional disk-space available for customer in MB, default 0 + * @param bool $diskspace_ul + * optional, whether customer should have unlimited diskspace, default 0 (false) + * @param int $traffic + * optional traffic available for customer in GB, default 0 + * @param bool $traffic_ul + * optional, whether customer should have unlimited traffic, default 0 (false) + * @param int $subdomains + * optional amount of subdomains available for customer, default 0 + * @param bool $subdomains_ul + * optional, whether customer should have unlimited subdomains, default 0 (false) + * @param int $emails + * optional amount of emails available for customer, default 0 + * @param bool $emails_ul + * optional, whether customer should have unlimited emails, default 0 (false) + * @param int $email_accounts + * optional amount of email-accounts available for customer, default 0 + * @param bool $email_accounts_ul + * optional, whether customer should have unlimited email-accounts, default 0 (false) + * @param int $email_forwarders + * optional amount of email-forwarders available for customer, default 0 + * @param bool $email_forwarders_ul + * optional, whether customer should have unlimited email-forwarders, default 0 (false) + * @param int $email_quota + * optional size of email-quota available for customer in MB, default is system-setting mail_quota + * @param bool $email_quota_ul + * optional, whether customer should have unlimited email-quota, default 0 (false) + * @param bool $email_imap + * optional, whether to allow IMAP access, default 0 (false) + * @param bool $email_pop3 + * optional, whether to allow POP3 access, default 0 (false) + * @param int $ftps + * optional amount of ftp-accounts available for customer, default 0 + * @param bool $ftps_ul + * optional, whether customer should have unlimited ftp-accounts, default 0 (false) + * @param int $mysqls + * optional amount of mysql-databases available for customer, default 0 + * @param bool $mysqls_ul + * optional, whether customer should have unlimited mysql-databases, default 0 (false) + * @param bool $phpenabled + * optional, whether to allow usage of PHP, default 0 (false) + * @param array $allowed_phpconfigs + * optional, array of IDs of php-config that the customer is allowed to use, default empty (none) + * @param bool $perlenabled + * optional, whether to allow usage of Perl/CGI, default 0 (false) + * @param bool $dnsenabled + * optional, ether to allow usage of the DNS editor (requires activated nameserver in settings), default 0 (false) + * @param bool $logviewenabled + * optional, ether to allow acccess to webserver access/error-logs, default 0 (false) + * + * @access admin + * @throws \Exception + * @return string json-encoded array + */ + public function update() + { + if ($this->isAdmin()) { + + // parameters + $id = $this->getParam('id', true, 0); + $dn_optional = ($id <= 0 ? false : true); + $planname = $this->getParam('planname', $dn_optional, ''); + + // get requested hosting-plan + $result = $this->apiCall('HostingPlans.get', array( + 'id' => $id, + 'planname' => $planname + )); + $id = $result['id']; + + $result['value'] = json_decode($result['value'], true); + foreach ($result['value'] as $index => $value) { + $result[$index] = $value; + } + + $name = $this->getParam('name', true, $result['name']); + $description = $this->getParam('description', true, $result['description']); + + $value_arr = array(); + $value_arr['diskspace'] = $this->getUlParam('diskspace', 'diskspace_ul', true, $result['diskspace']); + $value_arr['traffic'] = $this->getUlParam('traffic', 'traffic_ul', true, $result['traffic']); + $value_arr['subdomains'] = $this->getUlParam('subdomains', 'subdomains_ul', true, $result['subdomains']); + $value_arr['emails'] = $this->getUlParam('emails', 'emails_ul', true, $result['emails']); + $value_arr['email_accounts'] = $this->getUlParam('email_accounts', 'email_accounts_ul', true, $result['email_accounts']); + $value_arr['email_forwarders'] = $this->getUlParam('email_forwarders', 'email_forwarders_ul', true, $result['email_forwarders']); + $value_arr['email_quota'] = $this->getUlParam('email_quota', 'email_quota_ul', true, $result['email_quota']); + $value_arr['email_imap'] = $this->getParam('email_imap', true, $result['email_imap']); + $value_arr['email_pop3'] = $this->getParam('email_pop3', true, $result['email_pop3']); + $value_arr['ftps'] = $this->getUlParam('ftps', 'ftps_ul', true, $result['ftps']); + $value_arr['mysqls'] = $this->getUlParam('mysqls', 'mysqls_ul', true, $result['mysqls']); + $value_arr['phpenabled'] = $this->getBoolParam('phpenabled', true, $result['phpenabled']); + $p_allowed_phpconfigs = $this->getParam('allowed_phpconfigs', true, $result['allowed_phpconfigs']); + $value_arr['perlenabled'] = $this->getBoolParam('perlenabled', true, $result['perlenabled']); + $value_arr['dnsenabled'] = $this->getBoolParam('dnsenabled', true, $result['dnsenabled']); + $value_arr['logviewenabled'] = $this->getBoolParam('logviewenabled', true, $result['logviewenabled']); + + // validation + $name = \Froxlor\Validate\Validate::validate(trim($name), 'name', '', '', array(), true); + $description = \Froxlor\Validate\Validate::validate(str_replace("\r\n", "\n", $description), 'description', '/^[^\0]*$/'); + + if (Settings::Get('system.mail_quota_enabled') != '1') { + $value_arr['email_quota'] = - 1; + } + + if (empty($name)) { + $name = $result['name']; + } + + $value_arr['allowed_phpconfigs'] = array(); + if (! empty($p_allowed_phpconfigs) && is_array($p_allowed_phpconfigs)) { + foreach ($p_allowed_phpconfigs as $allowed_phpconfig) { + $allowed_phpconfig = intval($allowed_phpconfig); + $value_arr['allowed_phpconfigs'][] = $allowed_phpconfig; + } + } + $value_arr['allowed_phpconfigs'] = array_map('intval', $value_arr['allowed_phpconfigs']); + + $upd_stmt = Database::prepare(" + UPDATE `" . TABLE_PANEL_PLANS . "` + SET `name` = :name, `description` = :desc, `value` = :valuearr, `ts` = UNIX_TIMESTAMP() + WHERE `id` = :id + "); + $update_data = array( + 'name' => $name, + 'desc' => $description, + 'valuearr' => json_encode($value_arr), + 'id' => $id + ); + Database::pexecute($upd_stmt, $update_data, true, true); + $this->logger()->logAction(\Froxlor\FroxlorLogger::ADM_ACTION, LOG_WARNING, "[API] updated hosting-plan '" . $result['name'] . "'"); + return $this->response(200, "successfull", $update_data); + } + throw new \Exception("Not allowed to execute given command.", 403); + } + + /** + * delete hosting-plan by either id or plan-name + * + * @param int $id + * optional the hosting-plan-id + * @param string $planname + * optional the hosting-plan-name + * + * @access admin + * @throws \Exception + * @return string json-encoded array + */ public function delete() { - throw new \Exception('noop', 303); + if ($this->isAdmin()) { + $id = $this->getParam('id', true, 0); + $dn_optional = ($id <= 0 ? false : true); + $planname = $this->getParam('planname', $dn_optional, ''); + + // get requested hosting-plan + $result = $this->apiCall('HostingPlans.get', array( + 'id' => $id, + 'planname' => $planname + )); + $id = $result['id']; + + $del_stmt = Database::prepare(" + DELETE FROM `" . TABLE_PANEL_PLANS . "` WHERE `id` = :id + "); + Database::pexecute($del_stmt, array( + 'id' => $id + ), true, true); + $this->logger()->logAction(\Froxlor\FroxlorLogger::ADM_ACTION, LOG_WARNING, "[API] deleted hosting-plan '" . $result['name'] . "'"); + return $this->response(200, "successfull", $result); + } + throw new \Exception("Not allowed to execute given command.", 403); } } diff --git a/templates/Sparkle/assets/js/customers.js b/templates/Sparkle/assets/js/customers.js index 46ff6e1e..40d59bda 100644 --- a/templates/Sparkle/assets/js/customers.js +++ b/templates/Sparkle/assets/js/customers.js @@ -31,7 +31,7 @@ $(document).ready(function() { dataType: "json", success: function(json) { for (var i in json) { - if (i == 'email_imap' || i == 'email_pop3' || i == 'perlenabled' || i == 'phpenabled' || i == 'dnsenabled') { + if (i == 'email_imap' || i == 'email_pop3' || i == 'perlenabled' || i == 'phpenabled' || i == 'dnsenabled' || i == 'logviewenabled') { /** handle checkboxes **/ if (json[i] == 1) { $("input[name='"+i+"']").prop('checked', true); diff --git a/tests/Customers/HostingPlansTest.php b/tests/Customers/HostingPlansTest.php new file mode 100644 index 00000000..41cafd80 --- /dev/null +++ b/tests/Customers/HostingPlansTest.php @@ -0,0 +1,258 @@ + 'test', + 'description' => 'first test plan', + 'diskspace' => 0, + 'diskspace_ul' => 1, + 'traffic' => - 1, + 'subdomains' => 15, + 'emails' => - 1, + 'email_accounts' => 15, + 'email_forwarders' => 15, + 'email_imap' => 1, + 'email_pop3' => 0, + 'ftps' => 15, + 'mysqls' => 15, + 'phpenabled' => 1, + 'dnsenabled' => 1, + 'allowed_phpconfigs' => array( + 1 + ) + ]; + + $json_result = HostingPlans::getLocal($admin_userdata, $data)->add(); + $result = json_decode($json_result, true)['data']; + $result['value'] = json_decode($result['value'], true); + foreach ($result['value'] as $index => $value) { + $result[$index] = $value; + } + $this->assertEquals('test', $result['name']); + $this->assertEquals(- 1, $result['diskspace']); + $this->assertEquals(15, $result['email_accounts']); + $this->assertEquals([ + 1 + ], $result['allowed_phpconfigs']); + } + + public function testAdminPlanAddEmptyName() + { + global $admin_userdata; + + $data = [ + 'description' => 'test plan' + ]; + + $this->expectExceptionMessage('Requested parameter "name" could not be found for "HostingPlans:add"'); + HostingPlans::getLocal($admin_userdata, $data)->add(); + + $data['name'] = null; + $this->expectExceptionMessage('Requested parameter "name" is empty where it should not be for "HostingPlans:add"'); + HostingPlans::getLocal($admin_userdata, $data)->add(); + } + + /** + * + * @depends testAdminPlanAdd + */ + public function testAdminPlanList() + { + global $admin_userdata; + + $json_result = HostingPlans::getLocal($admin_userdata)->listing(); + $result = json_decode($json_result, true)['data']; + $this->assertEquals(1, $result['count']); + } + + /** + * + * @depends testAdminPlanAdd + */ + public function testResellerPlanList() + { + global $admin_userdata; + // get reseller + $json_result = Admins::getLocal($admin_userdata, array( + 'loginname' => 'reseller' + ))->get(); + $reseller_userdata = json_decode($json_result, true)['data']; + $reseller_userdata['adminsession'] = 1; + $json_result = HostingPlans::getLocal($reseller_userdata)->listing(); + $result = json_decode($json_result, true)['data']; + $this->assertEquals(0, $result['count']); + } + + /** + * + * @depends testAdminPlanAdd + */ + public function testCustomerPlanList() + { + global $admin_userdata; + // get customer + $json_result = Customers::getLocal($admin_userdata, array( + 'id' => 1 + ))->get(); + $customer_userdata = json_decode($json_result, true)['data']; + + $this->expectExceptionCode(403); + $this->expectExceptionMessage("Not allowed to execute given command."); + + $json_result = HostingPlans::getLocal($customer_userdata)->listing(); + } + + public function testCustomerPlanAdd() + { + global $admin_userdata; + // get customer + $json_result = Customers::getLocal($admin_userdata, array( + 'id' => 1 + ))->get(); + $customer_userdata = json_decode($json_result, true)['data']; + + $this->expectExceptionCode(403); + $this->expectExceptionMessage("Not allowed to execute given command."); + + $json_result = HostingPlans::getLocal($customer_userdata)->add(); + } + + public function testCustomerPlanGet() + { + global $admin_userdata; + // get customer + $json_result = Customers::getLocal($admin_userdata, array( + 'id' => 1 + ))->get(); + $customer_userdata = json_decode($json_result, true)['data']; + + $this->expectExceptionCode(403); + $this->expectExceptionMessage("Not allowed to execute given command."); + + $json_result = HostingPlans::getLocal($customer_userdata)->get(); + } + + public function testCustomerPlanUpdate() + { + global $admin_userdata; + // get customer + $json_result = Customers::getLocal($admin_userdata, array( + 'id' => 1 + ))->get(); + $customer_userdata = json_decode($json_result, true)['data']; + + $this->expectExceptionCode(403); + $this->expectExceptionMessage("Not allowed to execute given command."); + + $json_result = HostingPlans::getLocal($customer_userdata)->update(); + } + + public function testCustomerPlanDelete() + { + global $admin_userdata; + // get customer + $json_result = Customers::getLocal($admin_userdata, array( + 'id' => 1 + ))->get(); + $customer_userdata = json_decode($json_result, true)['data']; + + $this->expectExceptionCode(403); + $this->expectExceptionMessage("Not allowed to execute given command."); + + $json_result = HostingPlans::getLocal($customer_userdata)->delete(); + } + + public function testAdminPlanGetNotFound() + { + global $admin_userdata; + $this->expectExceptionCode(404); + $this->expectExceptionMessage("Hosting-plan with id #999 could not be found"); + HostingPlans::getLocal($admin_userdata, array( + 'id' => 999 + ))->get(); + } + + /** + * + * @depends testAdminPlanAdd + */ + public function testAdminPlanUpdate() + { + global $admin_userdata; + + HostingPlans::getLocal($admin_userdata, array( + 'planname' => 'test', + 'name' => '', + 'ftps' => '20' + ))->update(); + + $json_result = HostingPlans::getLocal($admin_userdata, array( + 'planname' => 'test' + ))->get(); + $result = json_decode($json_result, true)['data']; + $result['value'] = json_decode($result['value'], true); + foreach ($result['value'] as $index => $value) { + $result[$index] = $value; + } + $this->assertEquals(20, $result['ftps']); + $this->assertEquals(- 1, $result['diskspace']); + $this->assertEquals(15, $result['email_accounts']); + $this->assertEquals([ + 1 + ], $result['allowed_phpconfigs']); + } + + public function testResellerPlanDeleteNotOwned() + { + global $admin_userdata; + // get reseller + $json_result = Admins::getLocal($admin_userdata, array( + 'loginname' => 'reseller' + ))->get(); + $reseller_userdata = json_decode($json_result, true)['data']; + $reseller_userdata['adminsession'] = 1; + $this->expectExceptionCode(404); + HostingPlans::getLocal($reseller_userdata, array( + 'planname' => 'test' + ))->delete(); + } + + /** + * + * @depends testAdminPlanAdd + */ + public function testAdminPlanDelete() + { + global $admin_userdata; + // add new customer + $data = [ + 'name' => 'test2', + 'description' => 'second test plan' + ]; + HostingPlans::getLocal($admin_userdata, $data)->add(); + $json_result = HostingPlans::getLocal($admin_userdata, array( + 'planname' => 'test2' + ))->delete(); + $result = json_decode($json_result, true)['data']; + $this->assertEquals('test2', $result['name']); + } +}