maketank/Froxlor
2
0
Fork 0
Code Pull Requests Releases Activity

add possibility to assign new/edited php-config to all customer accounts; fixes #980

Browse Source 
Signed-off-by: Michael Kaufmann <d00p@froxlor.org>
This commit is contained in:
Michael Kaufmann
2021-10-14 17:09:29 +02:00
parent 724a5e172a
commit 9870db2560
6 changed files with 103 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

46
lib/Froxlor/Api/Commands/PhpSettings.php
View File

@@ -217,7 +217,9 @@ class PhpSettings extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\Resour
* optional number of seconds for idle-timeout if FPM is used, default is fpm-daemon-value * optional number of seconds for idle-timeout if FPM is used, default is fpm-daemon-value
* @param string $limit_extensions * @param string $limit_extensions
* optional limitation of php-file-extensions if FPM is used, default is fpm-daemon-value * optional limitation of php-file-extensions if FPM is used, default is fpm-daemon-value
* * @param bool $allow_all_customers
* optional add this configuration to the list of every existing customer's allowed-fpm-config list, default is false (no)
*
* @access admin * @access admin
* @throws \Exception * @throws \Exception
* @return string json-encoded array * @return string json-encoded array
@@ -261,6 +263,7 @@ class PhpSettings extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\Resour
$max_requests = $this->getParam('max_requests', true, $def_fpmconfig['max_requests']); $max_requests = $this->getParam('max_requests', true, $def_fpmconfig['max_requests']);
$idle_timeout = $this->getParam('idle_timeout', true, $def_fpmconfig['idle_timeout']); $idle_timeout = $this->getParam('idle_timeout', true, $def_fpmconfig['idle_timeout']);
$limit_extensions = $this->getParam('limit_extensions', true, $def_fpmconfig['limit_extensions']); $limit_extensions = $this->getParam('limit_extensions', true, $def_fpmconfig['limit_extensions']);
$allow_all_customers = $this->getBoolParam('allow_all_customers', true, 0);
// validation // validation
$description = \Froxlor\Validate\Validate::validate($description, 'description', '', '', array(), true); $description = \Froxlor\Validate\Validate::validate($description, 'description', '', '', array(), true);
@@ -367,6 +370,8 @@ class PhpSettings extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\Resour
$result = $this->apiCall('PhpSettings.get', array( $result = $this->apiCall('PhpSettings.get', array(
'id' => $ins_data['id'] 'id' => $ins_data['id']
)); ));
$this->addForAllCustomers($allow_all_customers, $ins_data['id']);
return $this->response(200, "successful", $result); return $this->response(200, "successful", $result);
} }
throw new \Exception("Not allowed to execute given command.", 403); throw new \Exception("Not allowed to execute given command.", 403);
@@ -418,6 +423,8 @@ class PhpSettings extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\Resour
* optional number of seconds for idle-timeout if FPM is used, default is fpm-daemon-value * optional number of seconds for idle-timeout if FPM is used, default is fpm-daemon-value
* @param string $limit_extensions * @param string $limit_extensions
* optional limitation of php-file-extensions if FPM is used, default is fpm-daemon-value * optional limitation of php-file-extensions if FPM is used, default is fpm-daemon-value
* @param bool $allow_all_customers
* optional add this configuration to the list of every existing customer's allowed-fpm-config list, default is false (no)
* *
* @access admin * @access admin
* @throws \Exception * @throws \Exception
@@ -456,6 +463,7 @@ class PhpSettings extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\Resour
$max_requests = $this->getParam('max_requests', true, $result['max_requests']); $max_requests = $this->getParam('max_requests', true, $result['max_requests']);
$idle_timeout = $this->getParam('idle_timeout', true, $result['idle_timeout']); $idle_timeout = $this->getParam('idle_timeout', true, $result['idle_timeout']);
$limit_extensions = $this->getParam('limit_extensions', true, $result['limit_extensions']); $limit_extensions = $this->getParam('limit_extensions', true, $result['limit_extensions']);
$allow_all_customers = $this->getBoolParam('allow_all_customers', true, 0);
// validation // validation
$description = \Froxlor\Validate\Validate::validate($description, 'description', '', '', array(), true); $description = \Froxlor\Validate\Validate::validate($description, 'description', '', '', array(), true);
@@ -563,6 +571,8 @@ class PhpSettings extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\Resour
$result = $this->apiCall('PhpSettings.get', array( $result = $this->apiCall('PhpSettings.get', array(
'id' => $id 'id' => $id
)); ));
$this->addForAllCustomers($allow_all_customers, $id);
return $this->response(200, "successful", $result); return $this->response(200, "successful", $result);
} }
throw new \Exception("Not allowed to execute given command.", 403); throw new \Exception("Not allowed to execute given command.", 403);
@@ -618,4 +628,38 @@ class PhpSettings extends \Froxlor\Api\ApiCommand implements \Froxlor\Api\Resour
} }
throw new \Exception("Not allowed to execute given command.", 403); throw new \Exception("Not allowed to execute given command.", 403);
} }
/**
* add given php-config id to the list of allowed php-config to all currently existing customers
* if allow_all_customers parameter is true in PhpSettings::add() or PhpSettings::update()
*
* @param bool $allow_all_customers
* @param int $config_id
*/
private function addForAllCustomers(bool $allow_all_customers, int $config_id)
{
// should this config be added to the allowed list of all existing customers?
if ($allow_all_customers) {
$sel_stmt = Database::prepare("SELECT customerid, allowed_phpconfigs FROM `" . TABLE_PANEL_CUSTOMERS . "`");
$upd_stmt = Database::prepare("UPDATE `" . TABLE_PANEL_CUSTOMERS . "` SET allowed_phpconfigs = :ap WHERE customerid = :cid");
Database::pexecute($sel_stmt);
while ($cust = $sel_stmt->fetch(\PDO::FETCH_ASSOC)) {
// get existing entries of customer
$ap = json_decode($cust['allowed_phpconfigs'], true);
// initialize array if it's empty
if (empty($ap)) {
$ap = [];
}
// add this config
$ap[] = $config_id;
// check for duplicates and force value-type to be int
$ap = array_map('intval', array_unique($ap));
// update customer-entry
Database::pexecute($upd_stmt, [
'ap' => json_encode($ap),
'cid' => $cust['customerid']
]);
}
}
}
} }

11
lib/formfields/admin/phpconfig/formfield.phpconfig_add.php
View File

@@ -179,6 +179,17 @@ return array(
'cols' => 80, 'cols' => 80,
'rows' => 20, 'rows' => 20,
'value' => $result['phpsettings'] 'value' => $result['phpsettings']
),
'allow_all_customers' => array(
'label' => $lng['serversettings']['phpfpm_settings']['allow_all_customers'],
'type' => 'checkbox',
'values' => array(
array(
'label' => $lng['panel']['yes'],
'value' => '1'
)
),
'value' => array()
) )
) )
) )

11
lib/formfields/admin/phpconfig/formfield.phpconfig_edit.php
View File

@@ -187,6 +187,17 @@ return array(
'cols' => 80, 'cols' => 80,
'rows' => 20, 'rows' => 20,
'value' => $result['phpsettings'] 'value' => $result['phpsettings']
),
'allow_all_customers' => array(
'label' => $lng['serversettings']['phpfpm_settings']['allow_all_customers'],
'type' => 'checkbox',
'values' => array(
array(
'label' => $lng['panel']['yes'],
'value' => '1'
)
),
'value' => array()
) )
) )
) )

3
lng/english.lng.php
View File

@@ -2132,3 +2132,6 @@ $lng['error']['local_group_exists'] = 'The given group already exists on the sys
$lng['error']['local_group_invalid'] = 'The given group name is invalid'; $lng['error']['local_group_invalid'] = 'The given group name is invalid';
$lng['error']['invaliddnsforletsencrypt'] = 'The domains DNS does not include any of the chosen IP addresses. Let\'s Encrypt certificate generation not possible.'; $lng['error']['invaliddnsforletsencrypt'] = 'The domains DNS does not include any of the chosen IP addresses. Let\'s Encrypt certificate generation not possible.';
$lng['error']['notallowedphpconfigused'] = 'Trying to use php-config which is not assigned to customer'; $lng['error']['notallowedphpconfigused'] = 'Trying to use php-config which is not assigned to customer';
$lng['serversettings']['phpfpm_settings']['allow_all_customers']['title'] = 'Assign this configuration to all currently existing customers';
$lng['serversettings']['phpfpm_settings']['allow_all_customers']['description'] = 'Set this to "true" if you want to assign this configuration to all currently existing customers so it can be used by them. This setting is not permanent but can be run multiple times.';

3
lng/german.lng.php
View File

@@ -1778,3 +1778,6 @@ $lng['error']['local_group_exists'] = 'Die angegebene Gruppe existiert bereits a
$lng['error']['local_group_invalid'] = 'Der angegebene Gruppen-Name ist nicht gültig'; $lng['error']['local_group_invalid'] = 'Der angegebene Gruppen-Name ist nicht gültig';
$lng['error']['invaliddnsforletsencrypt'] = 'Die DNS-Einträge der Domain enhalten keine der gewählten IP Adressen. Let\'s Encrypt Zertifikats-Erstellung ist nicht möglich.'; $lng['error']['invaliddnsforletsencrypt'] = 'Die DNS-Einträge der Domain enhalten keine der gewählten IP Adressen. Let\'s Encrypt Zertifikats-Erstellung ist nicht möglich.';
$lng['error']['notallowedphpconfigused'] = 'Nutzung einer PHP-Konfiguration welche nicht dem Kunden zugeordnet ist'; $lng['error']['notallowedphpconfigused'] = 'Nutzung einer PHP-Konfiguration welche nicht dem Kunden zugeordnet ist';
$lng['serversettings']['phpfpm_settings']['allow_all_customers']['title'] = 'Für aktuelle Kunden automatisch hinzufügen';
$lng['serversettings']['phpfpm_settings']['allow_all_customers']['description'] = 'Ist diese Einstellung aktiv, wird die Konfiguration automatisch allen aktuell existierenden Kunden-Accounts zugewiesen. Diese Einstellung ist nicht permanent, kann aber mehrfach / nach Bedarf ausgeführt werden.';

30
tests/PhpAndFpm/PhpSettingsTest.php
View File

@@ -97,4 +97,34 @@ class PhpSettingsText extends TestCase
'id' => 1 'id' => 1
))->get(); ))->get();
} }
/**
* @depends testAdminPhpSettingsAdd
*/
public function testAdminPhpSettingsAddForAll()
{
global $admin_userdata;
$data = [
'description' => 'test php #2',
'phpsettings' => 'error_reporting=E_ALL',
'fpmconfig' => Settings::Get('phpfpm.defaultini'),
'allow_all_customers' => true
];
$json_result = PhpSettings::getLocal($admin_userdata, $data)->add();
$result = json_decode($json_result, true)['data'];
$required_id = $result['id'];
$json_result = Customers::getLocal($admin_userdata)->listing();
$result = json_decode($json_result, true)['data'];
$allowed_cnt = 0;
foreach ($result['list'] as $customer) {
$cust_phpconfigsallowed = json_decode($customer['allowed_phpconfigs'], true);
if (!in_array($required_id, $cust_phpconfigsallowed)) {
$this->fail("Customer does not have php-config assigned which was added for all customers");
}
$allowed_cnt++;
}
$this->assertTrue($allowed_cnt == $result['count']);
}
} }