sipwise
/
ngcp-panel
mirror of https://github.com/sipwise/ngcp-panel.git
1
0
Fork 0
Code Issues Releases Wiki Activity

TT#76111 - Change LI admins flags permissions

Browse Source 
* Admin with lawful intercept will no longer be able
	   to have any flags besides 'is_active', 'read_only',
	   'can_reset_password'
	 * Remove reseller filter on interceptions since LI
	   admins should see all interceptions
	 * Add permissions to /api/admincerts and reseller ajax
	   for LI admins

Change-Id: Id912424b9bbd3ab3cbbc373ac116fda035f81fd3
changes/77/41177/2
Flaviu Mates 5 years ago
parent 0b10a86e9b
commit aec7c8921b
4 changed files with 5 additions and 10 deletions
Show Stats Download Patch File Download Diff File

2
lib/NGCP/Panel/Controller/API/AdminCerts.pm
Unescape View File

@ -9,7 +9,7 @@ use NGCP::Panel::Utils::Auth;
__PACKAGE__->set_config();
sub config_allowed_roles {
return [qw/admin reseller/];
return [qw/admin reseller lintercept/];
}
sub allowed_methods {

2
lib/NGCP/Panel/Controller/Reseller.pm
Unescape View File

@ -64,7 +64,7 @@ sub root :Chained('list_reseller') :PathPart('') :Args(0) :Does(ACL) :ACLDetachT
my ($self, $c) = @_;
}
sub ajax :Chained('list_reseller') :PathPart('ajax') :Args(0) :Does(ACL) :ACLDetachTo('/denied_page') :AllowedRole(admin) :AllowedRole(ccareadmin) {
sub ajax :Chained('list_reseller') :PathPart('ajax') :Args(0) :Does(ACL) :ACLDetachTo('/denied_page') :AllowedRole(admin) :AllowedRole(ccareadmin) :AllowedRole(lintercept){
my ($self, $c) = @_;
my $resellers = $c->stash->{resellers};
NGCP::Panel::Utils::Datatables::process($c, $resellers, $c->stash->{reseller_dt_columns}, sub {

6
lib/NGCP/Panel/Form/Administrator/System.pm
Unescape View File

@ -22,10 +22,10 @@ sub validate {
return unless $c;
my $resource = Storable::dclone($self->values);
if ($resource->{is_ccare} && $resource->{lawful_intercept}) {
my $err = "Administrator cannot be ccare and lawful intercept at the same time.";
if ($resource->{lawful_intercept} &&
($resource->{is_superuser} || $resource->{is_master} || $resource->{is_ccare} || $resource->{is_system} || $resource->{call_data} || $resource->{billing_data} || $resource->{show_passwords})) {
my $err = "Administrator can be flagged as 'lafwul_intercept' only in conjunction with 'is_active', 'read_only' and 'can_reset_password' flags";
$c->log->error($err);
$self->field('is_ccare')->add_error($err);
$self->field('lawful_intercept')->add_error($err);
}
}

5
lib/NGCP/Panel/Role/API/Interceptions.pm
Unescape View File

@ -15,11 +15,6 @@ sub _item_rs {
my $item_rs = $c->model('InterceptDB')->resultset('voip_intercept')->search({
deleted => 0,
});
if($c->user->roles eq "reseller") {
$item_rs = $item_rs->search({
reseller_id => $c->user->reseller_id,
});
}
return $item_rs;
}

Write Preview
Loading…
Cancel
Save