sipwise
/
ngcp-panel
mirror of https://github.com/sipwise/ngcp-panel.git
1
0
Fork 0
Code Issues Releases Wiki Activity

TT#4336 subadmin pbxdeviceprofiles and pbxdevicemodels

Browse Source 
as read-only access to subscriberadmin in order to view neccessary
details for creation of pbxdevices.

Change-Id: I369c3a1936e46a4144652f0a65899fc4defcb501
changes/30/12830/3
Gerhard Jungwirth 9 years ago
parent 0cb6d80cfa
commit 2a34ce3d6c
6 changed files with 62 additions and 9 deletions
Show Stats Download Patch File Download Diff File

10
lib/NGCP/Panel/Controller/API/PbxDeviceModels.pm
Unescape View File

@ -25,7 +25,7 @@ sub allowed_methods{
# curl -v -X POST --user $USER --insecure -F front_image=@sandbox/spa504g-front.jpg -F mac_image=@sandbox/spa504g-back.jpg -F json='{"reseller_id":1, "vendor":"Cisco", "model":"SPA999", "linerange":[{"name": "Phone Keys", "can_private":true, "can_shared":true, "can_blf":true, "keys":[{"labelpos":"top", "x":5110, "y":5120},{"labelpos":"top", "x":5310, "y":5320}]}]}' https://localhost:4443/api/pbxdevicemodels/
sub api_description {
return 'Specifies a model to be set in <a href="#pbxdeviceconfigs">PbxDeviceConfigs</a>. Use a Content-Type "multipart/form-data", provide front_image and mac_image parts with the actual images, and an additional json part with the properties specified below, e.g.: <code>curl -X POST --user $USER -F front_image=@/path/to/front.png -F mac_image=@/path/to/mac.png -F json=\'{"reseller_id":...}\' https://example.org:1443/api/pbxdevicemodels/</code>';
return 'Specifies a model to be set in <a href="#pbxdeviceconfigs">PbxDeviceConfigs</a>. Use a Content-Type "multipart/form-data", provide front_image and mac_image parts with the actual images, and an additional json part with the properties specified below, e.g.: <code>curl -X POST --user $USER -F front_image=@/path/to/front.png -F mac_image=@/path/to/mac.png -F json=\'{"reseller_id":...}\' https://example.org:1443/api/pbxdevicemodels/</code> This resource is read-only to subscriberadmins.';
};
sub query_params {
@ -114,7 +114,7 @@ __PACKAGE__->config(
action => {
map { $_ => {
ACLDetachTo => '/api/root/invalid_user',
AllowedRole => [qw/admin reseller/],
AllowedRole => [qw/admin reseller subscriberadmin/],
Args => 0,
Does => [qw(ACL CheckTrailingSlash RequireSSL)],
Method => $_,
@ -207,6 +207,12 @@ sub OPTIONS :Allow {
sub POST :Allow {
my ($self, $c) = @_;
if ($c->user->roles eq 'subscriberadmin') {
$c->log->error("role subscriberadmin cannot create pbxdevicemodels");
$self->error($c, HTTP_UNPROCESSABLE_ENTITY, "Invalid role. Cannot create pbxdevicemodel.");
return;
}
my $guard = $c->model('DB')->txn_scope_guard;
{
last unless $self->forbid_link_header($c);

16
lib/NGCP/Panel/Controller/API/PbxDeviceModelsItem.pm
Unescape View File

@ -38,7 +38,7 @@ __PACKAGE__->config(
action => {
map { $_ => {
ACLDetachTo => '/api/root/invalid_user',
AllowedRole => [qw/admin reseller/],
AllowedRole => [qw/admin reseller subscriberadmin/],
Args => 1,
Does => [qw(ACL RequireSSL)],
Method => $_,
@ -104,6 +104,13 @@ sub OPTIONS :Allow {
sub PATCH :Allow {
my ($self, $c, $id) = @_;
if ($c->user->roles eq 'subscriberadmin') {
$c->log->error("role subscriberadmin cannot edit pbxdevicemodel");
$self->error($c, HTTP_UNPROCESSABLE_ENTITY, "Invalid role. Cannot edit pbxdevicemodel.");
return;
}
my $guard = $c->model('DB')->txn_scope_guard;
{
my $preference = $self->require_preference($c);
@ -149,6 +156,13 @@ sub PATCH :Allow {
sub PUT :Allow {
my ($self, $c, $id) = @_;
if ($c->user->roles eq 'subscriberadmin') {
$c->log->error("role subscriberadmin cannot edit pbxdevicemodel");
$self->error($c, HTTP_UNPROCESSABLE_ENTITY, "Invalid role. Cannot edit pbxdevicemodel.");
return;
}
my $guard = $c->model('DB')->txn_scope_guard;
{
my $preference = $self->require_preference($c);

10
lib/NGCP/Panel/Controller/API/PbxDeviceProfiles.pm
Unescape View File

@ -20,7 +20,7 @@ sub allowed_methods{
}
sub api_description {
return 'Specifies a profile to be set in <a href="#pbxdevices">PbxDevices</a>.';
return 'Specifies a profile to be set in <a href="#pbxdevices">PbxDevices</a>. This item is read-only to subscriberadmins.';
};
sub query_params {
@ -67,7 +67,7 @@ __PACKAGE__->config(
action => {
map { $_ => {
ACLDetachTo => '/api/root/invalid_user',
AllowedRole => [qw/admin reseller/],
AllowedRole => [qw/admin reseller subscriberadmin/],
Args => 0,
Does => [qw(ACL CheckTrailingSlash RequireSSL)],
Method => $_,
@ -160,6 +160,12 @@ sub OPTIONS :Allow {
sub POST :Allow {
my ($self, $c) = @_;
if ($c->user->roles eq 'subscriberadmin') {
$c->log->error("role subscriberadmin cannot create pbxdeviceprofiles");
$self->error($c, HTTP_UNPROCESSABLE_ENTITY, "Invalid role. Cannot create pbxdeviceprofile.");
return;
}
my $guard = $c->model('DB')->txn_scope_guard;
{
my $resource = $self->get_valid_post_data(

16
lib/NGCP/Panel/Controller/API/PbxDeviceProfilesItem.pm
Unescape View File

@ -37,7 +37,7 @@ __PACKAGE__->config(
action => {
map { $_ => {
ACLDetachTo => '/api/root/invalid_user',
AllowedRole => [qw/admin reseller/],
AllowedRole => [qw/admin reseller subscriberadmin/],
Args => 1,
Does => [qw(ACL RequireSSL)],
Method => $_,
@ -103,6 +103,13 @@ sub OPTIONS :Allow {
sub PATCH :Allow {
my ($self, $c, $id) = @_;
if ($c->user->roles eq 'subscriberadmin') {
$c->log->error("role subscriberadmin cannot edit pbxdeviceprofiles");
$self->error($c, HTTP_UNPROCESSABLE_ENTITY, "Invalid role. Cannot edit pbxdeviceprofile.");
return;
}
my $guard = $c->model('DB')->txn_scope_guard;
{
my $preference = $self->require_preference($c);
@ -146,6 +153,13 @@ sub PATCH :Allow {
sub PUT :Allow {
my ($self, $c, $id) = @_;
if ($c->user->roles eq 'subscriberadmin') {
$c->log->error("role subscriberadmin cannot edit pbxdeviceprofiles");
$self->error($c, HTTP_UNPROCESSABLE_ENTITY, "Invalid role. Cannot edit pbxdeviceprofile.");
return;
}
my $guard = $c->model('DB')->txn_scope_guard;
{
my $preference = $self->require_preference($c);

11
lib/NGCP/Panel/Role/API/PbxDeviceModels.pm
Unescape View File

@ -92,10 +92,17 @@ sub resource_from_item {
sub _item_rs {
my ($self, $c) = @_;
my $item_rs = $c->model('DB')->resultset('autoprov_devices');
if($c->user->roles eq "admin") {
my $item_rs = $c->model('DB')->resultset('autoprov_devices')
->search_rs(undef,{ prefetch => {autoprov_device_line_ranges => 'annotations'} });
if ($c->user->roles eq "admin") {
} elsif ($c->user->roles eq "reseller") {
$item_rs = $item_rs->search({ reseller_id => $c->user->reseller_id });
} elsif ($c->user->roles eq "subscriberadmin") {
my $reseller_id = $c->user->contract->contact->reseller_id;
return unless $reseller_id;
$item_rs = $item_rs->search({
reseller_id => $reseller_id,
});
}
return $item_rs;

8
lib/NGCP/Panel/Role/API/PbxDeviceProfiles.pm
Unescape View File

@ -36,6 +36,7 @@ sub hal_from_item {
NGCP::Panel::Utils::DataHalLink->new(relation => 'self', href => sprintf("%s%d", $self->dispatch_path, $item->id)),
NGCP::Panel::Utils::DataHalLink->new(relation => "ngcp:$type", href => sprintf("/api/%s/%d", $type, $item->id)),
NGCP::Panel::Utils::DataHalLink->new(relation => 'ngcp:pbxdeviceconfigs', href => sprintf("/api/pbxdeviceconfigs/%d", $item->config_id)),
NGCP::Panel::Utils::DataHalLink->new(relation => 'ngcp:pbxdevicemodels', href => sprintf("/api/pbxdevicemodels/%d", $item->config->device_id)),
],
relation => 'ngcp:'.$self->resource_name,
);
@ -61,17 +62,22 @@ sub resource_from_item {
$resource{id} = int($item->id);
$resource{config_id} = int($item->config_id);
$resource{device_id} = int($item->config->device_id) if ($item->config);
return \%resource;
}
sub _item_rs {
my ($self, $c) = @_;
my $item_rs = $c->model('DB')->resultset('autoprov_profiles');
if($c->user->roles eq "admin") {
if ($c->user->roles eq "admin") {
} elsif ($c->user->roles eq "reseller") {
$item_rs = $item_rs->search(
{ 'device.reseller_id' => $c->user->reseller_id, },
{ prefetch => { 'config' => 'device', }});
} elsif ($c->user->roles eq "subscriberadmin") {
$item_rs = $item_rs->search(
{ 'device.reseller_id' => $c->user->contract->contact->reseller_id, },
{ prefetch => { 'config' => 'device', }});
}
return $item_rs;

Write Preview
Loading…
Cancel
Save