From 35d9c3598a2fbb69883d173cb1fc8e8de9a706ac Mon Sep 17 00:00:00 2001
From: Flaviu Mates <fmates@sipwise.com>
Date: Tue, 18 May 2021 14:28:58 +0300
Subject: [PATCH] TT#122001 Allow subscribers to access /api/subscriberprofiles

	  * subscribers are now allowed to fetch their own
	    subscriber profile, they can't modify them

Change-Id: Iabf1244020d0f453257993cf24d4c9036a125397
---
 lib/NGCP/Panel/Controller/API/SubscriberProfiles.pm     | 5 ++++-
 lib/NGCP/Panel/Controller/API/SubscriberProfilesItem.pm | 1 +
 lib/NGCP/Panel/Role/API/SubscriberProfiles.pm           | 2 ++
 3 files changed, 7 insertions(+), 1 deletion(-)

diff --git a/lib/NGCP/Panel/Controller/API/SubscriberProfiles.pm b/lib/NGCP/Panel/Controller/API/SubscriberProfiles.pm
index 56b1c24385..28a1bdbdf8 100644
--- a/lib/NGCP/Panel/Controller/API/SubscriberProfiles.pm
+++ b/lib/NGCP/Panel/Controller/API/SubscriberProfiles.pm
@@ -60,7 +60,10 @@ sub relation{
 }
 
 __PACKAGE__->set_config({
-    allowed_roles => [qw/admin reseller ccareadmin ccare/],
+    allowed_roles => {
+        'Default' => [qw/admin reseller ccareadmin ccare/],
+        'GET'     => [qw/admin reseller ccareadmin ccare subscriberadmin subscriber/],
+    },
 });
 
 sub GET :Allow {
diff --git a/lib/NGCP/Panel/Controller/API/SubscriberProfilesItem.pm b/lib/NGCP/Panel/Controller/API/SubscriberProfilesItem.pm
index de7f39f9ff..5cafdf4888 100644
--- a/lib/NGCP/Panel/Controller/API/SubscriberProfilesItem.pm
+++ b/lib/NGCP/Panel/Controller/API/SubscriberProfilesItem.pm
@@ -38,6 +38,7 @@ __PACKAGE__->set_config({
     allowed_roles => {
         Default => [qw/admin reseller ccareadmin ccare/],
         Journal => [qw/admin reseller ccareadmin ccare/],
+        'GET'   => [qw/admin reseller ccareadmin ccare subscriberadmin subscriber/],
     }
 });
 
diff --git a/lib/NGCP/Panel/Role/API/SubscriberProfiles.pm b/lib/NGCP/Panel/Role/API/SubscriberProfiles.pm
index e77d60feb8..46e78caf39 100644
--- a/lib/NGCP/Panel/Role/API/SubscriberProfiles.pm
+++ b/lib/NGCP/Panel/Role/API/SubscriberProfiles.pm
@@ -20,6 +20,8 @@ sub _item_rs {
         $item_rs = $item_rs->search({ 'profile_set.reseller_id' => $c->user->reseller_id }, {
             join => 'profile_set',
         });
+    } elsif ($c->user->roles eq "subscriber" || $c->user->roles eq "subscriberadmin") {
+        $item_rs = $item_rs->search({ id => $c->user->profile_id });
     }
     return $item_rs;
 }