From 09b589738df7c0d028a93bb4cb83bf17ddaae44a Mon Sep 17 00:00:00 2001 From: Kirill Solomko Date: Tue, 5 Jul 2022 14:42:06 +0200 Subject: [PATCH] TT#182101 Phonebook feature is hidden for CE * templates now rely on c.config.general.ngcp_type and hide the Phonebook feature everywhere if ngcp_type is CE * introduce "allowed_ngcp_types" config for Controller::API::* that is an array, and when specified, only the ngcp_type roles are allowed, otherwise if not specified all ngcp types allowed (default) * Controller::API::Root: - filter controllers from the documentation rendedring that have allowed_ngcp_type config specified and do not match the current ngcp type * Role::API Role::Entities* - new method check_allowed_ngcp_types() - check_allowed_ngcp_types() is now called in Entities and EntitiesItem auto() and denies to 404 Path not found if the ngcp type does not match * "Phonebook" UI is now hidden for CE * /api/phonebookentries is now hidden for CE Change-Id: I41d4b2f87121f281472be3775b862333923fe37f --- .../Panel/Controller/API/PhonebookEntries.pm | 1 + .../Panel/Controller/API/PhonebookEntriesItem.pm | 1 + lib/NGCP/Panel/Controller/API/Root.pm | 6 ++++++ lib/NGCP/Panel/Role/API.pm | 16 ++++++++++++++++ lib/NGCP/Panel/Role/Entities.pm | 4 ++++ lib/NGCP/Panel/Role/EntitiesItem.pm | 4 ++++ share/templates/customer/details.tt | 2 ++ share/templates/reseller/details.tt | 2 ++ share/templates/subscriber/master.tt | 2 ++ .../templates/widgets/admin_topmenu_settings.tt | 2 ++ .../widgets/reseller_topmenu_settings.tt | 2 ++ 11 files changed, 42 insertions(+) diff --git a/lib/NGCP/Panel/Controller/API/PhonebookEntries.pm b/lib/NGCP/Panel/Controller/API/PhonebookEntries.pm index b403ea7456..db73ff19b9 100644 --- a/lib/NGCP/Panel/Controller/API/PhonebookEntries.pm +++ b/lib/NGCP/Panel/Controller/API/PhonebookEntries.pm @@ -15,6 +15,7 @@ __PACKAGE__->set_config({ }, allowed_roles => [qw/admin reseller subscriberadmin subscriber/], mandatory_parameters => { 'single' => [qw/reseller_id customer_id subscriber_id/],}, + allowed_ngcp_types => [qw/carrier sppro/], }); sub allowed_methods{ diff --git a/lib/NGCP/Panel/Controller/API/PhonebookEntriesItem.pm b/lib/NGCP/Panel/Controller/API/PhonebookEntriesItem.pm index 5f03703a35..da2308e995 100644 --- a/lib/NGCP/Panel/Controller/API/PhonebookEntriesItem.pm +++ b/lib/NGCP/Panel/Controller/API/PhonebookEntriesItem.pm @@ -8,6 +8,7 @@ use parent qw/NGCP::Panel::Role::EntitiesItem NGCP::Panel::Role::API::PhonebookE __PACKAGE__->set_config({ allowed_roles => [qw/admin reseller subscriberadmin subscriber/], mandatory_parameters => { 'single' => [qw/reseller_id customer_id subscriber_id/],}, + allowed_ngcp_types => [qw/carrier sppro/], }); sub allowed_methods{ diff --git a/lib/NGCP/Panel/Controller/API/Root.pm b/lib/NGCP/Panel/Controller/API/Root.pm index aeae0940b5..c6c6ddf9fb 100644 --- a/lib/NGCP/Panel/Controller/API/Root.pm +++ b/lib/NGCP/Panel/Controller/API/Root.pm @@ -101,6 +101,12 @@ sub GET : Allow { next unless $user_roles{$role}; } + my $allowed_ngcp_types = $full_mod->config->{allowed_ngcp_types} // []; + if (@{$allowed_ngcp_types}) { + next unless grep { /^\Q$c->config->{general}{ngcp_type}\E$/ } + @{$allowed_ngcp_types}; + } + my $query_params = []; if($full_mod->can('query_params')) { $query_params = $full_mod->query_params; diff --git a/lib/NGCP/Panel/Role/API.pm b/lib/NGCP/Panel/Role/API.pm index 43d0b2823f..6b5b39a53f 100644 --- a/lib/NGCP/Panel/Role/API.pm +++ b/lib/NGCP/Panel/Role/API.pm @@ -1574,6 +1574,18 @@ sub post_process_commit{ return; } +sub check_allowed_ngcp_types { + my ($self, $c) = @_; + + my $allowed_ngcp_types = $self->get_config('allowed_ngcp_types') // []; + if (@{$allowed_ngcp_types} && + !grep { /^\Q$c->config->{general}{ngcp_type}\E$/ } + @{$allowed_ngcp_types}) { + return; + } + return 1; +} + sub validate_request { my ($self, $c) = @_; @@ -1674,6 +1686,10 @@ sub allowed_methods{ return $_[0]->config->{allowed_methods}; } +sub allowed_ngcp_types { + return $_[0]->config->{allowed_ngcp_types}; +} + #------ /accessors --- sub return_representation{ my($self, $c, %params) = @_; diff --git a/lib/NGCP/Panel/Role/Entities.pm b/lib/NGCP/Panel/Role/Entities.pm index 24ac747f43..f18ff34db6 100644 --- a/lib/NGCP/Panel/Role/Entities.pm +++ b/lib/NGCP/Panel/Role/Entities.pm @@ -20,6 +20,10 @@ sub auto :Private { if ($self->get_config('log_request')) { $self->log_request($c); } + if (! $self->check_allowed_ngcp_types($c)) { + $self->error($c, HTTP_NOT_FOUND, "Path not found"); + return; + } return $self->validate_request($c); } diff --git a/lib/NGCP/Panel/Role/EntitiesItem.pm b/lib/NGCP/Panel/Role/EntitiesItem.pm index c9f586761d..5628abbd8d 100644 --- a/lib/NGCP/Panel/Role/EntitiesItem.pm +++ b/lib/NGCP/Panel/Role/EntitiesItem.pm @@ -24,6 +24,10 @@ sub auto :Private { if ($self->get_config('log_request')) { $self->log_request($c); } + if (! $self->check_allowed_ngcp_types($c)) { + $self->error($c, HTTP_NOT_FOUND, "Path not found"); + return; + } return $self->validate_request($c); } diff --git a/share/templates/customer/details.tt b/share/templates/customer/details.tt index 3614789641..5e9aaf0d52 100644 --- a/share/templates/customer/details.tt +++ b/share/templates/customer/details.tt @@ -772,6 +772,7 @@ $(function() { [% END -%] + [% IF c.config.general.ngcp_type != 'spce' -%] [% IF (c.user.roles == "subscriberadmin" && product.class == "pbxaccount") || c.user.roles == "admin" || c.user.roles == "reseller" || c.user.roles == "ccareadmin" || c.user.roles == "ccare" -%] @@ -817,6 +818,7 @@ $(function() { [% END -%] + [% END -%] diff --git a/share/templates/reseller/details.tt b/share/templates/reseller/details.tt index ef28c15aac..19abfa8c41 100644 --- a/share/templates/reseller/details.tt +++ b/share/templates/reseller/details.tt @@ -419,6 +419,7 @@ + [% IF c.config.general.ngcp_type != 'spce' -%] [% IF c.user.roles == "admin" || c.user.roles == "reseller" -%]
@@ -496,6 +497,7 @@
[% END -%] + [% END -%]
diff --git a/share/templates/subscriber/master.tt b/share/templates/subscriber/master.tt index f839b265b8..c5c0ad15a9 100644 --- a/share/templates/subscriber/master.tt +++ b/share/templates/subscriber/master.tt @@ -351,6 +351,7 @@ function process_pbx_items(moveId,direction){ [% END -%] + [% IF c.config.general.ngcp_type != 'spce' -%] [% IF (c.user.roles == "subscriberadmin" && product.class == "pbxaccount") || c.user.roles == "admin" || c.user.roles == "reseller" || c.user.roles == "ccareadmin" || c.user.roles == "ccare" -%]
@@ -391,6 +392,7 @@ function process_pbx_items(moveId,direction){
[% END -%] + [% END -%] diff --git a/share/templates/widgets/admin_topmenu_settings.tt b/share/templates/widgets/admin_topmenu_settings.tt index 799eb83d02..94ab6daa2b 100644 --- a/share/templates/widgets/admin_topmenu_settings.tt +++ b/share/templates/widgets/admin_topmenu_settings.tt @@ -93,7 +93,9 @@ [% END -%]
  • [% c.loc('Number Porting') %]
  • [% c.loc('Emergency Mappings') %]
    • + [% IF c.config.general.ngcp_type != 'spce' -%]
  • [% c.loc('Phonebook') %]
    • + [% END -%]
  • [% c.loc('Time Sets') %]
    • diff --git a/share/templates/widgets/reseller_topmenu_settings.tt b/share/templates/widgets/reseller_topmenu_settings.tt index 7e1a237c39..a664c3987d 100644 --- a/share/templates/widgets/reseller_topmenu_settings.tt +++ b/share/templates/widgets/reseller_topmenu_settings.tt @@ -54,7 +54,9 @@
  • [% c.loc('Malicious Calls') %]
    • [% END -%]
  • [% c.loc('Emergency Mappings') %]
    • + [% IF c.config.general.ngcp_type != 'spce' -%]
  • [% c.loc('Phonebook') %]
    • + [% END -%] [% # vim: set tabstop=4 syntax=html expandtab: -%]