From a65d00c3a890921a26f03ab80794b3890e3a6e01 Mon Sep 17 00:00:00 2001
From: Oleksandr Duts <oduts@sipwise.com>
Date: Wed, 27 Oct 2021 14:45:41 +0300
Subject: [PATCH] TT#139800 Enable subscriber access to /api/autoattendants/:id

* "subscriber" role can now retrieve own autoattendant data. This is needed for the CSC interface.

Change-Id: Id10b302205fe458d5793ae8f7bd9201233f9a0d4
---
 lib/NGCP/Panel/Controller/API/AutoAttendantsItem.pm | 6 +++---
 lib/NGCP/Panel/Role/API/AutoAttendants.pm           | 8 ++++----
 2 files changed, 7 insertions(+), 7 deletions(-)

diff --git a/lib/NGCP/Panel/Controller/API/AutoAttendantsItem.pm b/lib/NGCP/Panel/Controller/API/AutoAttendantsItem.pm
index 7b085ebe31..6235d5aae3 100644
--- a/lib/NGCP/Panel/Controller/API/AutoAttendantsItem.pm
+++ b/lib/NGCP/Panel/Controller/API/AutoAttendantsItem.pm
@@ -39,7 +39,7 @@ sub journal_query_params {
 
 __PACKAGE__->set_config({
     allowed_roles => {
-        Default => [qw/admin reseller ccareadmin ccare subscriberadmin/],
+        Default => [qw/admin reseller ccareadmin ccare subscriberadmin subscriber/],
         Journal => [qw/admin reseller ccareadmin ccare/],
     }
 });
@@ -89,7 +89,7 @@ sub PUT :Allow {
 
         my $hal = $self->hal_from_item($c, $subscriber);
         last unless $self->add_update_journal_item_hal($c,{ hal => $hal, id => $subscriber->id });
-        
+
         $guard->commit;
 
         $self->return_representation($c, 'hal' => $hal, 'preference' => $preference );
@@ -122,7 +122,7 @@ sub PATCH :Allow {
 
         $subscriber = $self->update_item($c, $subscriber, undef, $resource, $form);
         last unless $subscriber;
-        
+
         my $hal = $self->hal_from_item($c, $subscriber);
         last unless $self->add_update_journal_item_hal($c,{ hal => $hal, id => $subscriber->id });
 
diff --git a/lib/NGCP/Panel/Role/API/AutoAttendants.pm b/lib/NGCP/Panel/Role/API/AutoAttendants.pm
index 02ff077d4a..77c6d149c6 100644
--- a/lib/NGCP/Panel/Role/API/AutoAttendants.pm
+++ b/lib/NGCP/Panel/Role/API/AutoAttendants.pm
@@ -70,8 +70,8 @@ sub _item_rs {
     $item_rs = $c->model('DB')->resultset('voip_subscribers')
         ->search({ 'me.status' => { '!=' => 'terminated' } },
             {join => 'provisioning_voip_subscriber'});
-    if($c->user->roles eq "admin" || $c->user->roles eq "ccareadmin") {
-    } elsif($c->user->roles eq "reseller" || $c->user->roles eq "ccare") {
+
+    if($c->user->roles eq "reseller" || $c->user->roles eq "ccare") {
         $item_rs = $item_rs->search({
             'contact.reseller_id' => $c->user->reseller_id,
         }, {
@@ -81,8 +81,8 @@ sub _item_rs {
         $item_rs = $item_rs->search({
             'provisioning_voip_subscriber.account_id' => $c->user->account_id,
         });
-    } else {
-        return;  # subscriber role not allowed
+    } elsif($c->user->roles eq "subscriber") {
+        $item_rs = $item_rs->search({'me.username' => $c->user->username});
     }
 
     return $item_rs;