added Mysqls.add
Signed-off-by: Michael Kaufmann (d00p) <d00p@froxlor.org>
This commit is contained in:
Michael Kaufmann (d00p)
@@ -47,6 +47,7 @@ foreach ($m_arr as $module) {
|
|||||||
// set necessary data
|
// set necessary data
|
||||||
$output_arr[$module['module']][$module['function']] = array(
|
$output_arr[$module['module']][$module['function']] = array(
|
||||||
'return_type' => (isset($module['return']['type']) && $module['return']['type'] != "" ? $module['return']['type'] : - 1),
|
'return_type' => (isset($module['return']['type']) && $module['return']['type'] != "" ? $module['return']['type'] : - 1),
|
||||||
|
'return_desc' => (isset($module['return']['desc']) && $module['return']['desc'] != "" ? $module['return']['desc'] : - 1),
|
||||||
'params_list' => array(),
|
'params_list' => array(),
|
||||||
'head' => $module['head'],
|
'head' => $module['head'],
|
||||||
'access' => isset($module['access']) ? $module['access'] : null
|
'access' => isset($module['access']) ? $module['access'] : null
|
||||||
@@ -126,7 +127,7 @@ foreach ($output_arr as $module => $functions) {
|
|||||||
$parms .= "</tbody></table>";
|
$parms .= "</tbody></table>";
|
||||||
$apihelp .= $parms;
|
$apihelp .= $parms;
|
||||||
}
|
}
|
||||||
$apihelp .= "<br><b>Returns</b> " . ($funcdata['return_type'] == - 1 ? "<span class=\"red\">no-return-type</span>" : $funcdata['return_type']);
|
$apihelp .= "<br><b>Returns</b> " . ($funcdata['return_type'] == - 1 ? "<span class=\"red\">no-return-type</span>" : $funcdata['return_type']) . ($funcdata['return_desc'] == - 1 ? "" : " ".$funcdata['return_desc']);
|
||||||
$apihelp .= "</div><br>";
|
$apihelp .= "</div><br>";
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -18,8 +18,207 @@
|
|||||||
class Mysqls extends ApiCommand implements ResourceEntity
|
class Mysqls extends ApiCommand implements ResourceEntity
|
||||||
{
|
{
|
||||||
|
|
||||||
|
/**
|
||||||
|
* add a new mysql-database
|
||||||
|
*
|
||||||
|
* @param string $mysql_password
|
||||||
|
* password for the created database and database-user
|
||||||
|
* @param int $mysql_server
|
||||||
|
* optional, default is 0
|
||||||
|
* @param string $description
|
||||||
|
* optional, description for database
|
||||||
|
* @param bool $sendinfomail
|
||||||
|
* optional, send created resource-information to customer, default: false
|
||||||
|
* @param int $customer_id
|
||||||
|
* required when called as admin, not needed when called as customer
|
||||||
|
*
|
||||||
|
* @access admin, customer
|
||||||
|
* @throws Exception
|
||||||
|
* @return array
|
||||||
|
*/
|
||||||
public function add()
|
public function add()
|
||||||
{}
|
{
|
||||||
|
if ($this->getUserDetail('mysqls_used') < $this->getUserDetail('mysqls') || $this->getUserDetail('mysqls') == '-1') {
|
||||||
|
|
||||||
|
// required paramters
|
||||||
|
$password = $this->getParam('mysql_password');
|
||||||
|
|
||||||
|
// parameters
|
||||||
|
$dbserver = $this->getParam('mysql_server', true, 0);
|
||||||
|
$databasedescription = $this->getParam('description', true, '');
|
||||||
|
$sendinfomail = $this->getParam('sendinfomail', true, 0);
|
||||||
|
|
||||||
|
// validation
|
||||||
|
$password = validate($password, 'password', '', '', array(), true);
|
||||||
|
$password = validatePassword($password, true);
|
||||||
|
$databasedescription = validate(trim($databasedescription), 'description', '', '', array(), true);
|
||||||
|
|
||||||
|
// validate whether the dbserver exists
|
||||||
|
$dbserver = validate($dbserver, html_entity_decode($this->lng['mysql']['mysql_server']), '', '', 0, true);
|
||||||
|
Database::needRoot(true, $dbserver);
|
||||||
|
Database::needSqlData();
|
||||||
|
$sql_root = Database::getSqlData();
|
||||||
|
Database::needRoot(false);
|
||||||
|
if (! isset($sql_root) || ! is_array($sql_root)) {
|
||||||
|
throw new ErrorException("Database server with index #" . $dbserver . " is unknown", 404);
|
||||||
|
}
|
||||||
|
|
||||||
|
if ($password == '') {
|
||||||
|
standard_error(array(
|
||||||
|
'stringisempty',
|
||||||
|
'mysql_password'
|
||||||
|
), '', true);
|
||||||
|
}
|
||||||
|
|
||||||
|
if ($sendinfomail != 1) {
|
||||||
|
$sendinfomail = 0;
|
||||||
|
}
|
||||||
|
|
||||||
|
// get needed customer info to reduce the mysql-usage-counter by one
|
||||||
|
if ($this->isAdmin()) {
|
||||||
|
// get customer id
|
||||||
|
$customer_id = $this->getParam('customer_id');
|
||||||
|
$json_result = Customers::getLocal($this->getUserData(), array(
|
||||||
|
'id' => $result['customerid']
|
||||||
|
))->get();
|
||||||
|
$customer = json_decode($json_result, true)['data'];
|
||||||
|
// check whether the customer has enough resources to get the database added
|
||||||
|
if ($customer['mysqls_used'] >= $customer['mysqls'] && $customer['mysqls'] != '-1') {
|
||||||
|
throw new Exception("Customer has no more resources available", 406);
|
||||||
|
}
|
||||||
|
} else {
|
||||||
|
$customer_id = $this->getUserDetail('customer_id');
|
||||||
|
}
|
||||||
|
|
||||||
|
$newdb_params = array(
|
||||||
|
'loginname' => ($this->isAdmin() ? $customer['loginname'] : $this->getUserDetail('loginname')),
|
||||||
|
'mysql_lastaccountnumber' => ($this->isAdmin() ? $customer['mysql_lastaccountnumber'] : $this->getUserDetail('mysql_lastaccountnumber'))
|
||||||
|
);
|
||||||
|
// create database, user, set permissions, etc.pp.
|
||||||
|
$dbm = new DbManager($this->logger());
|
||||||
|
$username = $dbm->createDatabase($newdb_params['loginname'], $password, $newdb_params['mysql_lastaccountnumber']);
|
||||||
|
|
||||||
|
// we've checked against the password in dbm->createDatabase
|
||||||
|
if ($username == false) {
|
||||||
|
standard_error('passwordshouldnotbeusername', '', true);
|
||||||
|
}
|
||||||
|
|
||||||
|
// add database info to froxlor
|
||||||
|
$stmt = Database::prepare("
|
||||||
|
INSERT INTO `" . TABLE_PANEL_DATABASES . "`
|
||||||
|
SET
|
||||||
|
`customerid` = :customerid,
|
||||||
|
`databasename` = :databasename,
|
||||||
|
`description` = :description,
|
||||||
|
`dbserver` = :dbserver
|
||||||
|
");
|
||||||
|
$params = array(
|
||||||
|
"customerid" => ($this->isAdmin() ? $customer['customerid'] : $this->getUserDetail('customerid')),
|
||||||
|
"databasename" => $username,
|
||||||
|
"description" => $databasedescription,
|
||||||
|
"dbserver" => $dbserver
|
||||||
|
);
|
||||||
|
Database::pexecute($stmt, $params, true, true);
|
||||||
|
$databaseid = Database::lastInsertId();
|
||||||
|
$params['id'] = $databaseid;
|
||||||
|
|
||||||
|
// update customer usage
|
||||||
|
$stmt = Database::prepare("
|
||||||
|
UPDATE `" . TABLE_PANEL_CUSTOMERS . "`
|
||||||
|
SET `mysqls_used` = `mysqls_used` + 1, `mysql_lastaccountnumber` = `mysql_lastaccountnumber` + 1
|
||||||
|
WHERE `customerid` = :customerid
|
||||||
|
");
|
||||||
|
Database::pexecute($stmt, array(
|
||||||
|
"customerid" => ($this->isAdmin() ? $customer['customerid'] : $this->getUserDetail('customerid'))
|
||||||
|
), true, true);
|
||||||
|
|
||||||
|
// update admin usage
|
||||||
|
$stmt = Database::prepare("
|
||||||
|
UPDATE `" . TABLE_PANEL_ADMINS . "`
|
||||||
|
SET `mysqls_used` = `mysqls_used` + 1
|
||||||
|
WHERE `adminid` = :adminid
|
||||||
|
");
|
||||||
|
Database::pexecute($stmt, array(
|
||||||
|
"adminid" => $this->getUserDetail('adminid')
|
||||||
|
), true, true);
|
||||||
|
|
||||||
|
// send info-mail?
|
||||||
|
if ($sendinfomail == 1) {
|
||||||
|
$pma = $this->lng['admin']['notgiven'];
|
||||||
|
if (Settings::Get('panel.phpmyadmin_url') != '') {
|
||||||
|
$pma = Settings::Get('panel.phpmyadmin_url');
|
||||||
|
}
|
||||||
|
|
||||||
|
Database::needRoot(true, $dbserver);
|
||||||
|
Database::needSqlData();
|
||||||
|
$sql_root = Database::getSqlData();
|
||||||
|
Database::needRoot(false);
|
||||||
|
$userinfo = ($this->isAdmin() ? $customer : $this->getUserData());
|
||||||
|
|
||||||
|
$replace_arr = array(
|
||||||
|
'SALUTATION' => getCorrectUserSalutation($userinfo),
|
||||||
|
'CUST_NAME' => getCorrectUserSalutation($userinfo), // < keep this for compatibility
|
||||||
|
'DB_NAME' => $username,
|
||||||
|
'DB_PASS' => $password,
|
||||||
|
'DB_DESC' => $databasedescription,
|
||||||
|
'DB_SRV' => $sql_root['host'],
|
||||||
|
'PMA_URI' => $pma
|
||||||
|
);
|
||||||
|
|
||||||
|
$def_language = $userinfo['def_language'];
|
||||||
|
$result_stmt = Database::prepare("
|
||||||
|
SELECT `value` FROM `" . TABLE_PANEL_TEMPLATES . "`
|
||||||
|
WHERE `adminid` = :adminid
|
||||||
|
AND `language` = :lang
|
||||||
|
AND `templategroup`='mails'
|
||||||
|
AND `varname`='new_database_by_customer_subject'
|
||||||
|
");
|
||||||
|
$result = Database::pexecute_first($result_stmt, array(
|
||||||
|
"adminid" => $userinfo['adminid'],
|
||||||
|
"lang" => $def_language
|
||||||
|
), true, true);
|
||||||
|
$mail_subject = html_entity_decode(replace_variables((($result['value'] != '') ? $result['value'] : $this->lng['mails']['new_database_by_customer']['subject']), $replace_arr));
|
||||||
|
|
||||||
|
$result_stmt = Database::prepare("
|
||||||
|
SELECT `value` FROM `" . TABLE_PANEL_TEMPLATES . "`
|
||||||
|
WHERE `adminid`= :adminid
|
||||||
|
AND `language`= :lang
|
||||||
|
AND `templategroup` = 'mails'
|
||||||
|
AND `varname` = 'new_database_by_customer_mailbody'
|
||||||
|
");
|
||||||
|
$result = Database::pexecute_first($result_stmt, array(
|
||||||
|
"adminid" => $userinfo['adminid'],
|
||||||
|
"lang" => $def_language
|
||||||
|
));
|
||||||
|
$mail_body = html_entity_decode(replace_variables((($result['value'] != '') ? $result['value'] : $this->lng['mails']['new_database_by_customer']['mailbody']), $replace_arr));
|
||||||
|
|
||||||
|
$_mailerror = false;
|
||||||
|
try {
|
||||||
|
$this->mail->Subject = $mail_subject;
|
||||||
|
$this->mail->AltBody = $mail_body;
|
||||||
|
$this->mail->MsgHTML(str_replace("\n", "<br />", $mail_body));
|
||||||
|
$this->mail->AddAddress($userinfo['email'], getCorrectUserSalutation($userinfo));
|
||||||
|
$this->mail->Send();
|
||||||
|
} catch (phpmailerException $e) {
|
||||||
|
$mailerr_msg = $e->errorMessage();
|
||||||
|
$_mailerror = true;
|
||||||
|
} catch (Exception $e) {
|
||||||
|
$mailerr_msg = $e->getMessage();
|
||||||
|
$_mailerror = true;
|
||||||
|
}
|
||||||
|
|
||||||
|
if ($_mailerror) {
|
||||||
|
$this->logger()->logAction($this->isAdmin() ? ADM_ACTION : USR_ACTION, LOG_ERR, "[API] Error sending mail: " . $mailerr_msg);
|
||||||
|
standard_error('errorsendingmail', $userinfo['email'], true);
|
||||||
|
}
|
||||||
|
|
||||||
|
$this->mail->ClearAddresses();
|
||||||
|
}
|
||||||
|
$this->logger()->logAction($this->isAdmin() ? ADM_ACTION : USR_ACTION, LOG_WARNING, "[API] added mysql-database '" . $username . "'");
|
||||||
|
return $this->response(200, "successfull", $params);
|
||||||
|
}
|
||||||
|
throw new Exception("No more resources available", 406);
|
||||||
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* return a mysql database entry by either id or dbname
|
* return a mysql database entry by either id or dbname
|
||||||
@@ -85,6 +284,8 @@ class Mysqls extends ApiCommand implements ResourceEntity
|
|||||||
} else {
|
} else {
|
||||||
if ($id != $this->getUserDetail('customerid')) {
|
if ($id != $this->getUserDetail('customerid')) {
|
||||||
throw new Exception("You cannot access data of other customers", 401);
|
throw new Exception("You cannot access data of other customers", 401);
|
||||||
|
} elseif (Settings::IsInList('panel.customer_hide_options', 'mysql')) {
|
||||||
|
throw new Exception("You cannot access this resource", 405);
|
||||||
}
|
}
|
||||||
$result_stmt = Database::prepare("
|
$result_stmt = Database::prepare("
|
||||||
SELECT * FROM `" . TABLE_PANEL_DATABASES . "`
|
SELECT * FROM `" . TABLE_PANEL_DATABASES . "`
|
||||||
@@ -161,6 +362,9 @@ class Mysqls extends ApiCommand implements ResourceEntity
|
|||||||
$customer_ids[] = $customer['customerid'];
|
$customer_ids[] = $customer['customerid'];
|
||||||
}
|
}
|
||||||
} else {
|
} else {
|
||||||
|
if (Settings::IsInList('panel.customer_hide_options', 'mysql')) {
|
||||||
|
throw new Exception("You cannot access this resource", 405);
|
||||||
|
}
|
||||||
$customer_ids = array(
|
$customer_ids = array(
|
||||||
$this->getUserDetail('customerid')
|
$this->getUserDetail('customerid')
|
||||||
);
|
);
|
||||||
@@ -237,6 +441,10 @@ class Mysqls extends ApiCommand implements ResourceEntity
|
|||||||
throw new Exception("Either 'id' or 'dbname' parameter must be given", 406);
|
throw new Exception("Either 'id' or 'dbname' parameter must be given", 406);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
if ($this->isAdmin() == false && Settings::IsInList('panel.customer_hide_options', 'mysql')) {
|
||||||
|
throw new Exception("You cannot access this resource", 405);
|
||||||
|
}
|
||||||
|
|
||||||
$json_result = Mysqls::getLocal($this->getUserData(), array(
|
$json_result = Mysqls::getLocal($this->getUserData(), array(
|
||||||
'id' => $id,
|
'id' => $id,
|
||||||
'dbname' => $dbname,
|
'dbname' => $dbname,
|
||||||
|
|||||||
Reference in New Issue
Block a user