| [ Index ] |
PHP Cross Reference of moodle-2.8 |
[Summary view] [Print] [Text view]
1 <?php 2 /** 3 * Zend Framework 4 * 5 * LICENSE 6 * 7 * This source file is subject to the new BSD license that is bundled 8 * with this package in the file LICENSE.txt. 9 * It is also available through the world-wide-web at this URL: 10 * http://framework.zend.com/license/new-bsd 11 * If you did not receive a copy of the license and are unable to 12 * obtain it through the world-wide-web, please send an email 13 * to [email protected] so we can send you a copy immediately. 14 * 15 * @category Zend 16 * @package Zend_Service_Amazon 17 * @subpackage Ec2 18 * @copyright Copyright (c) 2005-2010 Zend Technologies USA Inc. (http://www.zend.com) 19 * @license http://framework.zend.com/license/new-bsd New BSD License 20 * @version $Id$ 21 */ 22 23 /** 24 * @see Zend_Service_Amazon_Ec2_Abstract 25 */ 26 require_once 'Zend/Service/Amazon/Ec2/Abstract.php'; 27 28 /** 29 * An Amazon EC2 interface to create, delete, describe, grand and revoke sercurity permissions. 30 * 31 * @category Zend 32 * @package Zend_Service_Amazon 33 * @subpackage Ec2 34 * @copyright Copyright (c) 2005-2010 Zend Technologies USA Inc. (http://www.zend.com) 35 * @license http://framework.zend.com/license/new-bsd New BSD License 36 */ 37 class Zend_Service_Amazon_Ec2_Securitygroups extends Zend_Service_Amazon_Ec2_Abstract 38 { 39 /** 40 * Creates a new security group. 41 * 42 * Every instance is launched in a security group. If no security group is specified 43 * during launch, the instances are launched in the default security group. Instances 44 * within the same security group have unrestricted network access to each other. 45 * Instances will reject network access attempts from other instances in a different 46 * security group. As the owner of instances you can grant or revoke specific permissions 47 * using the {@link authorizeIp}, {@link authorizeGroup}, {@link revokeGroup} and 48 * {$link revokeIp} operations. 49 * 50 * @param string $name Name of the new security group. 51 * @param string $description Description of the new security group. 52 * @return boolean 53 */ 54 public function create($name, $description) 55 { 56 $params = array(); 57 $params['Action'] = 'CreateSecurityGroup'; 58 $params['GroupName'] = $name; 59 $params['GroupDescription'] = $description; 60 61 $response = $this->sendRequest($params); 62 $xpath = $response->getXPath(); 63 $success = $xpath->evaluate('string(//ec2:return/text())'); 64 65 return ($success === "true"); 66 } 67 68 /** 69 * Returns information about security groups that you own. 70 * 71 * If you specify security group names, information about those security group is returned. 72 * Otherwise, information for all security group is returned. If you specify a group 73 * that does not exist, a fault is returned. 74 * 75 * @param string|array $name List of security groups to describe 76 * @return array 77 */ 78 public function describe($name = null) 79 { 80 $params = array(); 81 $params['Action'] = 'DescribeSecurityGroups'; 82 if(is_array($name) && !empty($name)) { 83 foreach($name as $k=>$name) { 84 $params['GroupName.' . ($k+1)] = $name; 85 } 86 } elseif($name) { 87 $params['GroupName.1'] = $name; 88 } 89 90 $response = $this->sendRequest($params); 91 $xpath = $response->getXPath(); 92 93 $return = array(); 94 95 $nodes = $xpath->query('//ec2:securityGroupInfo/ec2:item'); 96 97 foreach($nodes as $node) { 98 $item = array(); 99 100 $item['ownerId'] = $xpath->evaluate('string(ec2:ownerId/text())', $node); 101 $item['groupName'] = $xpath->evaluate('string(ec2:groupName/text())', $node); 102 $item['groupDescription'] = $xpath->evaluate('string(ec2:groupDescription/text())', $node); 103 104 $ip_nodes = $xpath->query('ec2:ipPermissions/ec2:item', $node); 105 106 foreach($ip_nodes as $ip_node) { 107 $sItem = array(); 108 109 $sItem['ipProtocol'] = $xpath->evaluate('string(ec2:ipProtocol/text())', $ip_node); 110 $sItem['fromPort'] = $xpath->evaluate('string(ec2:fromPort/text())', $ip_node); 111 $sItem['toPort'] = $xpath->evaluate('string(ec2:toPort/text())', $ip_node); 112 113 $ips = $xpath->query('ec2:ipRanges/ec2:item', $ip_node); 114 115 $sItem['ipRanges'] = array(); 116 foreach($ips as $ip) { 117 $sItem['ipRanges'][] = $xpath->evaluate('string(ec2:cidrIp/text())', $ip); 118 } 119 120 if(count($sItem['ipRanges']) == 1) { 121 $sItem['ipRanges'] = $sItem['ipRanges'][0]; 122 } 123 124 $item['ipPermissions'][] = $sItem; 125 unset($ip_node, $sItem); 126 } 127 128 $return[] = $item; 129 130 unset($item, $node); 131 } 132 133 134 return $return; 135 } 136 137 /** 138 * Deletes a security group. 139 * 140 * If you attempt to delete a security group that contains instances, a fault is returned. 141 * If you attempt to delete a security group that is referenced by another security group, 142 * a fault is returned. For example, if security group B has a rule that allows access 143 * from security group A, security group A cannot be deleted until the allow rule is removed. 144 * 145 * @param string $name Name of the security group to delete. 146 * @return boolean 147 */ 148 public function delete($name) 149 { 150 $params = array(); 151 $params['Action'] = 'DeleteSecurityGroup'; 152 $params['GroupName'] = $name; 153 154 $response = $this->sendRequest($params); 155 $xpath = $response->getXPath(); 156 $success = $xpath->evaluate('string(//ec2:return/text())'); 157 158 return ($success === "true"); 159 } 160 161 /** 162 * Adds permissions to a security group 163 * 164 * Permissions are specified by the IP protocol (TCP, UDP or ICMP), the source of the request 165 * (by IP range or an Amazon EC2 user-group pair), the source and destination port ranges 166 * (for TCP and UDP), and the ICMP codes and types (for ICMP). When authorizing ICMP, -1 167 * can be used as a wildcard in the type and code fields. 168 * 169 * Permission changes are propagated to instances within the security group as quickly as 170 * possible. However, depending on the number of instances, a small delay might occur. 171 * 172 * 173 * @param string $name Name of the group to modify. 174 * @param string $ipProtocol IP protocol to authorize access to when operating on a CIDR IP. 175 * @param integer $fromPort Bottom of port range to authorize access to when operating on a CIDR IP. 176 * This contains the ICMP type if ICMP is being authorized. 177 * @param integer $toPort Top of port range to authorize access to when operating on a CIDR IP. 178 * This contains the ICMP code if ICMP is being authorized. 179 * @param string $cidrIp CIDR IP range to authorize access to when operating on a CIDR IP. 180 * @return boolean 181 */ 182 public function authorizeIp($name, $ipProtocol, $fromPort, $toPort, $cidrIp) 183 { 184 $params = array(); 185 $params['Action'] = 'AuthorizeSecurityGroupIngress'; 186 $params['GroupName'] = $name; 187 $params['IpProtocol'] = $ipProtocol; 188 $params['FromPort'] = $fromPort; 189 $params['ToPort'] = $toPort; 190 $params['CidrIp'] = $cidrIp; 191 192 $response = $this->sendRequest($params); 193 $xpath = $response->getXPath(); 194 $success = $xpath->evaluate('string(//ec2:return/text())'); 195 196 return ($success === "true"); 197 198 } 199 200 /** 201 * Adds permissions to a security group 202 * 203 * When authorizing a user/group pair permission, GroupName, SourceSecurityGroupName and 204 * SourceSecurityGroupOwnerId must be specified. 205 * 206 * Permission changes are propagated to instances within the security group as quickly as 207 * possible. However, depending on the number of instances, a small delay might occur. 208 * 209 * @param string $name Name of the group to modify. 210 * @param string $groupName Name of security group to authorize access to when operating on a user/group pair. 211 * @param string $ownerId Owner of security group to authorize access to when operating on a user/group pair. 212 * @return boolean 213 */ 214 public function authorizeGroup($name, $groupName, $ownerId) 215 { 216 $params = array(); 217 $params['Action'] = 'AuthorizeSecurityGroupIngress'; 218 $params['GroupName'] = $name; 219 $params['SourceSecurityGroupName'] = $groupName; 220 $params['SourceSecurityGroupOwnerId'] = $ownerId; 221 222 223 $response = $this->sendRequest($params); 224 $xpath = $response->getXPath(); 225 $success = $xpath->evaluate('string(//ec2:return/text())'); 226 227 228 return ($success === "true"); 229 } 230 231 /** 232 * Revokes permissions from a security group. The permissions used to revoke must be specified 233 * using the same values used to grant the permissions. 234 * 235 * Permissions are specified by the IP protocol (TCP, UDP or ICMP), the source of the request 236 * (by IP range or an Amazon EC2 user-group pair), the source and destination port ranges 237 * (for TCP and UDP), and the ICMP codes and types (for ICMP). When authorizing ICMP, -1 238 * can be used as a wildcard in the type and code fields. 239 * 240 * Permission changes are propagated to instances within the security group as quickly as 241 * possible. However, depending on the number of instances, a small delay might occur. 242 * 243 * 244 * @param string $name Name of the group to modify. 245 * @param string $ipProtocol IP protocol to revoke access to when operating on a CIDR IP. 246 * @param integer $fromPort Bottom of port range to revoke access to when operating on a CIDR IP. 247 * This contains the ICMP type if ICMP is being revoked. 248 * @param integer $toPort Top of port range to revoked access to when operating on a CIDR IP. 249 * This contains the ICMP code if ICMP is being revoked. 250 * @param string $cidrIp CIDR IP range to revoke access to when operating on a CIDR IP. 251 * @return boolean 252 */ 253 public function revokeIp($name, $ipProtocol, $fromPort, $toPort, $cidrIp) 254 { 255 $params = array(); 256 $params['Action'] = 'RevokeSecurityGroupIngress'; 257 $params['GroupName'] = $name; 258 $params['IpProtocol'] = $ipProtocol; 259 $params['FromPort'] = $fromPort; 260 $params['ToPort'] = $toPort; 261 $params['CidrIp'] = $cidrIp; 262 263 $response = $this->sendRequest($params); 264 $xpath = $response->getXPath(); 265 $success = $xpath->evaluate('string(//ec2:return/text())'); 266 267 return ($success === "true"); 268 } 269 270 /** 271 * Revokes permissions from a security group. The permissions used to revoke must be specified 272 * using the same values used to grant the permissions. 273 * 274 * Permission changes are propagated to instances within the security group as quickly as 275 * possible. However, depending on the number of instances, a small delay might occur. 276 * 277 * When revoking a user/group pair permission, GroupName, SourceSecurityGroupName and 278 * SourceSecurityGroupOwnerId must be specified. 279 * 280 * @param string $name Name of the group to modify. 281 * @param string $groupName Name of security group to revoke access to when operating on a user/group pair. 282 * @param string $ownerId Owner of security group to revoke access to when operating on a user/group pair. 283 * @return boolean 284 */ 285 public function revokeGroup($name, $groupName, $ownerId) 286 { 287 $params = array(); 288 $params['Action'] = 'RevokeSecurityGroupIngress'; 289 $params['GroupName'] = $name; 290 $params['SourceSecurityGroupName'] = $groupName; 291 $params['SourceSecurityGroupOwnerId'] = $ownerId; 292 293 294 $response = $this->sendRequest($params); 295 $xpath = $response->getXPath(); 296 $success = $xpath->evaluate('string(//ec2:return/text())'); 297 298 299 return ($success === "true"); 300 } 301 }
title
Description
Body
title
Description
Body
title
Description
Body
title
Body
| Generated: Fri Nov 28 20:29:05 2014 | Cross-referenced by PHPXref 0.7.1 |