sipwise
/
ngcp-panel
mirror of https://github.com/sipwise/ngcp-panel.git
1
0
Fork 0
Code Issues Releases Wiki Activity

Revert "TT#76111 - Hide LI Admins from NGCP Panel"

Browse Source 
This reverts commit ec674132df.

Reason for revert: Feature was partially backported and lawful intercept admins were deleted from databse. Feature needs redesign.

Change-Id: I500e66f3bd3b4a0c29fa05e1113568d3776eacf9
changes/78/40578/1
Flaviu Mates 5 years ago
parent ec674132df
commit 35518554ec
3 changed files with 17 additions and 27 deletions
Show Stats Download Patch File Download Diff File

22
lib/NGCP/Panel/Controller/Administrator.pm
Unescape View File

@ -20,9 +20,8 @@ sub list_admin :PathPart('administrator') :Chained('/') :CaptureArgs(0) {
my ($self, $c) = @_;
my $dispatch_to = '_admin_resultset_' . $c->user->roles;
my $is_li_admin = $c->user->lawful_intercept;
$c->stash(
admins => $self->$dispatch_to($c, $is_li_admin),
admins => $self->$dispatch_to($c),
template => 'administrator/list.tt',
);
my $cols = [
@ -43,23 +42,23 @@ sub list_admin :PathPart('administrator') :Chained('/') :CaptureArgs(0) {
{ name => "billing_data", title => $c->loc("Show Billing Info") },
{ name => "can_reset_password", title => $c->loc("Can Reset Password") },
);
if($c->user->is_superuser) {
@{ $cols } = (@{ $cols }, { name => "lawful_intercept", title => $c->loc("Lawful Intercept") });
}
$c->stash->{admin_dt_columns} = NGCP::Panel::Utils::Datatables::set_columns($c, $cols);
$c->stash->{special_admin_login} = NGCP::Panel::Utils::Auth::get_special_admin_login();
return;
}
sub _admin_resultset_admin {
my ($self, $c, $is_li_admin) = @_;
my $condition = $is_li_admin ? {'me.id' => $c->user->id} : {lawful_intercept => 0};
return $c->model('DB')->resultset('admins')->search($condition);
my ($self, $c) = @_;
return $c->model('DB')->resultset('admins');
}
sub _admin_resultset_reseller {
my ($self, $c, $is_li_admin) = @_;
my $condition = $is_li_admin ? {'me.id' => $c->user->id} : {lawful_intercept => 0};
my ($self, $c) = @_;
return $c->model('DB')->resultset('admins')->search({
reseller_id => $c->user->reseller_id,
%$condition
});
}
@ -149,8 +148,8 @@ sub base :Chained('list_admin') :PathPart('') :CaptureArgs(1) {
);
NGCP::Panel::Utils::Navigation::back_or($c, $c->uri_for('/administrator'));
}
$c->stash(administrator => $c->stash->{admins}->find({id => $administrator_id}));
if(!$c->stash->{administrator} || ($c->stash->{administrator} && $c->stash->{administrator}->lawful_intercept && $administrator_id != $c->user->id)) {
$c->stash(administrator => $c->stash->{admins}->find($administrator_id));
unless($c->stash->{administrator}) {
NGCP::Panel::Utils::Message::error(
c => $c,
desc => $c->loc('Administrator not found'),
@ -181,8 +180,7 @@ sub edit :Chained('base') :PathPart('edit') :Args(0) {
posted => $posted,
params => $c->request->params,
item => $params,
inactive => $c->stash->{administrator}->id != $c->user->id ? ['password'] :
$c->user->lawful_intercept ? ['login', 'is_superuser', 'is_ccare', 'is_master', 'is_active', 'read_only', 'show_passwords', 'call_data', 'billing_data', 'can_reset_password'] : [],
inactive => $c->stash->{administrator}->id != $c->user->id ? ['password'] : [],
);
NGCP::Panel::Utils::Navigation::check_form_buttons(
c => $c,

6
lib/NGCP/Panel/Form/Administrator/Admin.pm
Unescape View File

@ -5,7 +5,9 @@ extends 'NGCP::Panel::Form::Administrator::Reseller';
use NGCP::Panel::Utils::Auth;
has_field 'is_superuser' => (type => 'Boolean',);
for (qw(is_superuser lawful_intercept)) {
has_field $_ => (type => 'Boolean',);
}
has_field 'reseller' => (
type => '+NGCP::Panel::Field::Reseller',
label => 'Reseller',
@ -15,7 +17,7 @@ has_block 'fields' => (
tag => 'div',
class => [qw(modal-body)],
render_list => [qw(
reseller login password email is_superuser is_master is_ccare is_active read_only show_passwords call_data billing_data can_reset_password
reseller login password email is_superuser is_master is_ccare is_active read_only show_passwords call_data billing_data lawful_intercept can_reset_password
)],
);

16
lib/NGCP/Panel/Role/API/Admins.pm
Unescape View File

@ -32,22 +32,18 @@ sub _item_rs {
my ($self, $c) = @_;
my $item_rs = $c->model('DB')->resultset('admins');
my $condition = $c->user->lawful_intercept ? {'me.id' => $c->user->id} : {lawful_intercept => 0};
if($c->user->roles eq "reseller") {
$item_rs = $item_rs->search({
reseller_id => $c->user->reseller_id,
%$condition
reseller_id => $c->user->reseller_id
});
}
if($c->user->is_master || $c->user->is_superuser) {
# return all (or all of reseller) admins except lawful intercept admin
$item_rs = $item_rs->search($condition);
# return all (or all of reseller) admins
} else {
# otherwise, only return the own admin if master is not set
$item_rs = $item_rs->search({
id => $c->user->id,
%$condition
});
}
return $item_rs;
@ -83,7 +79,7 @@ sub process_form_resource{
$resource->{md5pass} = undef;
$resource->{saltedpass} = NGCP::Panel::Utils::Auth::generate_salted_hash($pass);
}
foreach my $f(qw/billing_data call_data is_active is_master is_superuser is_ccare read_only show_passwords/) {
foreach my $f(qw/billing_data call_data is_active is_master is_superuser is_ccare lawful_intercept read_only show_passwords/) {
$resource->{$f} = (ref $resource->{$f} eq 'JSON::true' || ( defined $resource->{$f} && ( $resource->{$f} eq 'true' || $resource->{$f} eq '1' ) ) ) ? 1 : 0;
}
return $resource;
@ -150,12 +146,6 @@ sub update_item {
$resource = $old_resource;
$resource->{is_active} = $active;
}
if ($c->user->lawful_intercept) {
#allow LI admins to only change password and email
delete @$resource{qw/billing_data call_data can_reset_password is_active is_ccare is_master is_superuser login read_only show_passwords/};
}
$item->update($resource);
return $item;

Write Preview
Loading…
Cancel
Save