Clients can select unavailable platforms during site creation

Okay... It seems the client cannot actually create the site (lowering priority), the form validation catches it. Yet it is very strange the client is offered an option he cannot use.

There is the hosting_site_available_options()function that performs several checks for the available form options (this is what the validation uses as well). Attached patch uses this to also limit the displayed platforms.

memtkmcc are you sure those platforms are not restricted (locked, assigned to certain clients, etc) somehow? The listing has become stricter as result of this patch.

I cannot reproduce this error:

I just spun up a new virtual machine, and installed Hosting 7.x-3.8+5-dev (2016-Nov-11) (as part of Hostmaster (Aegir) 7.x-3.8+1-dev (2016-Nov-11)). This contains all recent patches.

I have built Open Atrium from their make file, but placed the include inline, so that it now looks like this (you can verify the contents of the included file in their repository):

api = 2
core = 7.x

; MAKE file for Drupal core.  Used by the Drupal.org packager.

; Drupal Core
projects[drupal][type] = core
projects[drupal][version] = 7.44

; ***** Patches from Panopoly *******
; Bug with image styles on database update
projects[drupal][patch][1973278] = http://www.drupal.org/files/issues/image-accommodate_missing_definition-1973278-16.patch
; ***** End of Panopoly patches *****

; *********** PATCHES ************

; Patch for handling inherited profiles
projects[drupal][patch][1356276] = http://drupal.org/files/1356276-make-D7-21.patch

; Patch for fixing node_access across non-required Views relationships
projects[drupal][patch][1349080] = https://www.drupal.org/files/issues/1349080-195-d7-move-access-to-join-condition.patch

; Patch for simpletest
projects[drupal][patch][911354] = http://drupal.org/files/911354-drupal-profile-85.patch

; Patch to allow install profile enabling to enable dependencies correctly.
projects[drupal][patch][1093420] = http://drupal.org/files/1093420-22.patch

; Patch to prevent empty titles when menu_check_access called more than once
projects[drupal][patch][1697570] = http://drupal.org/files/drupal-menu_always_load_objects-1697570-5.patch

; Patch to move registry build so entity_get_info can be called during install.
projects[drupal][patch][1311820] = https://www.drupal.org/files/issues/1311820-drupal-registry_update-13.patch

; Make node access queries more performant
projects[drupal][patch][106721] = https://www.drupal.org/files/issues/drupal-106721-optimize_node_access_queries-115.patch

; Cache user grants.
projects[drupal][patch][2199001] = https://www.drupal.org/files/issues/node_access_grants-static-cache-11.patch

; Fix javascript error with angular
projects[drupal][patch][2492993] = https://www.drupal.org/files/issues/2492993-drupal-hash-1.patch

; Fixes an issue where _registry_check_code() gets called early in the bootstrap process. Stills throws a warning but
; keeps it from throwing a fatal.
projects[drupal][patch][412808] = https://www.drupal.org/files/issues/drupal-registry_fix-412808-32.patch

; Fixes sticky headers are not calculating the column widths properly.
projects[drupal][patch][2097081] = https://www.drupal.org/files/2097081-fix-sticky-header-column-width-7.x-6.patch

; Prevent Drupal from scanning node_module and bower_component directories in theme
projects[drupal][patch][2329453] = https://www.drupal.org/files/issues/ignore_front_end_vendor-2329453-111.patch

; Issues with "required, multiple" fields in forms.
projects[drupal][patch][980144] = https://www.drupal.org/files/issues/d7-issues_with_required-980144-76.patch

; Download the OpenAtrium install profile and recursively build all its dependencies:
projects[openatrium][type] = profile
projects[openatrium][download][type] = git
projects[openatrium][download][branch] = 7.x-2.x

And it showed up nicely on node/add/site.

Perhaps any of the aegir dev's can give a second opinion?

What happens when you delete minimal & standard profiles (which are useless for platforms with distro-specific profile anyway), so there will be only open atrium profile in the OA platform? Can you still see the OA platform in this form then?

How can I delete these profiles? I can only delete the Drupal base platform (which caused no errors).

@memtkmcc: yes, confirmed. It appears to be coming from hosting_site_available_options($node), that for a new node defaults to the first platform it encounters. It can be overridden per profile, so replacing the lines from the patch with something like this works:

  $p2 = array();

  // We have to obtain the options for all platforms individually.
  foreach($platforms as $platform) {
    $options = hosting_site_available_options($node, $platform);
    $p2[] = $options['platform'][0];
  }

  $platforms = array_flip($platforms);

  $available_platforms = array_flip($p2);
  $platforms = array_intersect_key($platforms, $available_platforms);

  $platforms = array_flip($platforms);

I'll tidy it up and build a new patch. Perhaps it would be better to change the logic in hosting_site_available_options, but that depends on how and where it is used.

Whoa, it is way easier. We just have to make the node aware of the selected profile.

This basically concludes to adding this before the lines of the patch.

$node->profile = $selected_profile;

So the entire patch looks like:

  $node->profile = $selected_profile;
  $available_options = hosting_site_available_options($node);
  $available_platforms = array_flip($available_options['platform']);
  $platforms = array_intersect_key($platforms, $available_platforms);

#16 and #18, follow-up issue #2828256: Enable / disable profiles within platforms.

It appears this still needs some work, currently the 'add site' tab on a platform node is showing the form, but not with the selected platform.

Basically the wrong profile is pre-selected, and as such the chosen platform might not available.
I am not sure if this is caused by the patch, or by manually deleting several profiles. (I suppose the latter because all platforms used to be available for the standard profile.)

For now, please review the proposed solution and then revert this to 'needs work'.

@helmo, since #4 has been committed, can you add #20to it or revert #4 so that dev functions again? From there we can start looking at tests (I'd like some examples before I proceed with those)

Thanks helmo.

@memtkmcc, could you check if your issue is solved?
@helmo, or Jon Pugh, could you provide me with some example of a test?

Thanks for checking.

Reopening in order to add a test for this. Behat is still a lot of magic for me, but I'll take a stab at it later this week.

This patch seems to work partially;

Working:
- Locked platforms to not show up.

Not working:
- Clients are able to see and create sites on the hostmaster platform (could be solved by #2821402: Lock the hostmaster platform by default?)
- Clients are able to see but NOT create sites on platforms where exclusive access was granted to another client.