public function attachCredentialsAction($envId, $cloud)
{
if (!$this->getUser()->canManageAcl()) {
$this->checkPermissions(Acl::RESOURCE_ENV_CLOUDS_ENVIRONMENT);
}
$env = $this->getEnv($envId);
$object = $this->request->getJsonBody();
$cloudCredentialsId = ApiController::getBareId($object, 'id');
if (empty($cloudCredentialsId)) {
throw new ApiErrorException(400, ErrorMessage::ERR_INVALID_STRUCTURE, "Missed property cloudCredentials.id");
}
$cloudCredentials = $this->getCloudCredentials($cloudCredentialsId);
if ($cloudCredentials->envId != $envId && $cloudCredentials->getScope() == ScopeInterface::SCOPE_ENVIRONMENT) {
throw new ApiErrorException(404, ErrorMessage::ERR_OBJECT_NOT_FOUND, "Cloud credentials '{$cloudCredentialsId}' not found!");
}
if ($cloud != $cloudCredentials->cloud) {
throw new ApiErrorException(400, ErrorMessage::ERR_INVALID_VALUE, "Cloud Credentials mismatch");
}
$prevCloudCredentials = $env->keychain($cloud);
if (isset($prevCloudCredentials->id)) {
if ($prevCloudCredentials->id == $cloudCredentialsId) {
return $this->result($this->getCloudCredsController()->adapter($prevCloudCredentials)->toData($prevCloudCredentials));
}
switch ($cloud) {
case SERVER_PLATFORMS::EC2:
$checkEnvIsEmpty = $cloudCredentials->properties[Entity\CloudCredentialsProperty::AWS_ACCOUNT_ID] != $prevCloudCredentials->properties[Entity\CloudCredentialsProperty::AWS_ACCOUNT_ID];
break;
case SERVER_PLATFORMS::GCE:
$checkEnvIsEmpty = $cloudCredentials->properties[Entity\CloudCredentialsProperty::GCE_PROJECT_ID] != $prevCloudCredentials->properties[Entity\CloudCredentialsProperty::GCE_PROJECT_ID];
break;
default:
$checkEnvIsEmpty = false;
break;
}
if ($checkEnvIsEmpty && (count(Entity\Server::find([['envId' => $envId], ['platform' => $cloud]])) || count(Entity\Image::find([['envId' => $envId], ['platform' => $cloud]])))) {
throw new ApiErrorException(409, ErrorMessage::ERR_OBJECT_IN_USE, "Cloud Credentials are used");
}
}
$cloudCredentials->bindEnvironment($envId)->save();
return $this->result($this->getCloudCredsController()->adapter($cloudCredentials)->toData($cloudCredentials));
}