sipwise
/
ngcp-panel
mirror of https://github.com/sipwise/ngcp-panel.git
1
0
Fork 0
Code Issues Releases Wiki Activity

TT#67120 fix domains access for ccareadmin/ccare roles

Browse Source 
* Controller/Domain missed privileges for
      ccareadmin/ccare roles
    * Fix ccareadmin role typo in customer templates
      preventing "Create Susbcriber" button to show up for the role

Change-Id: I05bb520912ad0f1f49a0097d7443081d40aa7426
(cherry picked from commit 7b9eac2770)
changes/75/34175/1
Kirill Solomko 6 years ago
parent 23c04befd7
commit b611c4e455
2 changed files with 25 additions and 8 deletions
Show Stats Download Patch File Download Diff File

19
lib/NGCP/Panel/Controller/Domain.pm
Unescape View File

@ -13,7 +13,7 @@ use NGCP::Panel::Utils::Prosody;
use NGCP::Panel::Utils::Preferences; use NGCP::Panel::Utils::Preferences;
use NGCP::Panel::Utils::XMLDispatcher; use NGCP::Panel::Utils::XMLDispatcher;
sub auto :Does(ACL) :ACLDetachTo('/denied_page') :AllowedRole(admin) :AllowedRole(reseller) { sub auto :Does(ACL) :ACLDetachTo('/denied_page') :AllowedRole(admin) :AllowedRole(reseller) :AllowedRole(ccareadmin) :AllowedRole(ccare) {
my ($self, $c) = @_; my ($self, $c) = @_;
$c->log->debug(__PACKAGE__ . '::auto'); $c->log->debug(__PACKAGE__ . '::auto');
NGCP::Panel::Utils::Navigation::check_redirect_chain(c => $c); NGCP::Panel::Utils::Navigation::check_redirect_chain(c => $c);
@ -23,7 +23,14 @@ sub auto :Does(ACL) :ACLDetachTo('/denied_page') :AllowedRole(admin) :AllowedRol
sub dom_list :Chained('/') :PathPart('domain') :CaptureArgs(0) { sub dom_list :Chained('/') :PathPart('domain') :CaptureArgs(0) {
my ($self, $c) = @_; my ($self, $c) = @_;
my $dispatch_to = '_dom_resultset_' . $c->user->roles; my $resultset_role = $c->user->roles;
if ($resultset_role eq 'ccareadmin') {
$resultset_role = 'admin';
} elsif ($resultset_role eq 'ccare') {
$resultset_role = 'reseller';
}
my $dispatch_to = '_dom_resultset_' . $resultset_role;
my $dom_rs = $self->$dispatch_to($c); my $dom_rs = $self->$dispatch_to($c);
$c->stash->{domain_dt_columns} = NGCP::Panel::Utils::Datatables::set_columns($c, [ $c->stash->{domain_dt_columns} = NGCP::Panel::Utils::Datatables::set_columns($c, [
@ -36,6 +43,10 @@ sub dom_list :Chained('/') :PathPart('domain') :CaptureArgs(0) {
template => 'domain/list.tt'); template => 'domain/list.tt');
} }
sub dom_list_restricted :Chained('dom_list') :PathPart('') :CaptureArgs(0) :Does(ACL) :ACLDetachTo('/denied_page') :AllowedRole(admin) :AllowedRole(reseller) {
my ($self, $c) = @_;
}
sub _dom_resultset_admin { sub _dom_resultset_admin {
my ($self, $c) = @_; my ($self, $c) = @_;
return $c->model('DB')->resultset('domains'); return $c->model('DB')->resultset('domains');
@ -55,7 +66,7 @@ sub root :Chained('dom_list') :PathPart('') :Args(0) {
my ($self, $c) = @_; my ($self, $c) = @_;
} }
sub create :Chained('dom_list') :PathPart('create') :Args() { sub create :Chained('dom_list_restricted') :PathPart('create') :Args() {
my ($self, $c, $reseller_id, $type) = @_; my ($self, $c, $reseller_id, $type) = @_;
my $posted = ($c->request->method eq 'POST'); my $posted = ($c->request->method eq 'POST');
@ -169,7 +180,7 @@ sub create :Chained('dom_list') :PathPart('create') :Args() {
); );
} }
sub base :Chained('/domain/dom_list') :PathPart('') :CaptureArgs(1) { sub base :Chained('/domain/dom_list_restricted') :PathPart('') :CaptureArgs(1) {
my ($self, $c, $domain_id) = @_; my ($self, $c, $domain_id) = @_;
unless($domain_id && is_int($domain_id)) { unless($domain_id && is_int($domain_id)) {

14
share/templates/customer/details.tt
Unescape View File

@ -67,7 +67,8 @@ $(function() {
<a class="btn btn-primary btn-large" href="[% c.uri_for('/back') %]"><i class="icon-arrow-left"></i> [% c.loc('Back') %]</a> <a class="btn btn-primary btn-large" href="[% c.uri_for('/back') %]"><i class="icon-arrow-left"></i> [% c.loc('Back') %]</a>
<a class="btn btn-primary btn-large" href="[% c.uri_for_action('/customer/preferences', [c.req.captures.0]) %]"><i class="icon-list"></i> [% c.loc('Preferences') %]</a> <a class="btn btn-primary btn-large" href="[% c.uri_for_action('/customer/preferences', [c.req.captures.0]) %]"><i class="icon-list"></i> [% c.loc('Preferences') %]</a>
</span> </span>
[% IF !c.user.read_only && (c.user.roles == 'admin' || c.user.roles == 'reseller') -%] [% IF (c.user.roles == 'admin' || c.user.roles == 'reseller' ||
c.user.roles == 'ccareadmin' || c.user.roles == 'ccare') && !c.user.read_only -%]
<span> <span>
<a class="btn btn-primary btn-large" href="[% c.uri_for_action('/customer/edit', [ contract.id ]) %]"><i class="icon-edit"></i> [% c.loc('Edit') %]</a> <a class="btn btn-primary btn-large" href="[% c.uri_for_action('/customer/edit', [ contract.id ]) %]"><i class="icon-edit"></i> [% c.loc('Edit') %]</a>
</span> </span>
@ -234,7 +235,9 @@ $(function() {
[% c.loc('Maximum number of [_1] subscribers [_2] created',contract.max_subscribers, [% c.loc('Maximum number of [_1] subscribers [_2] created',contract.max_subscribers,
c.config.features.cloudpbx ? c.loc('(including PBX groups) ') : '') %] c.config.features.cloudpbx ? c.loc('(including PBX groups) ') : '') %]
</div> </div>
[% ELSIF (c.user.roles == "subscriberadmin" && product.class == "pbxaccount") || c.user.roles == "admin" || c.user.roles == "reseller" -%] [% ELSIF (c.user.roles == "subscriberadmin" && product.class == "pbxaccount") ||
c.user.roles == "admin" || c.user.roles == "reseller" ||
c.user.roles == "ccareadmin" || c.user.roles == "ccare" -%]
<a class="btn btn-large btn-primary" href="[% c.uri_for_action('/customer/subscriber_create', [ c.req.captures.0 ]) %]"> <a class="btn btn-large btn-primary" href="[% c.uri_for_action('/customer/subscriber_create', [ c.req.captures.0 ]) %]">
<i class="icon-star"></i> [% c.loc('Create Subscriber') %] <i class="icon-star"></i> [% c.loc('Create Subscriber') %]
</a> </a>
@ -390,7 +393,9 @@ $(function() {
[% IF [% IF
c.config.features.cloudpbx && c.config.features.cloudpbx &&
product.class == 'pbxaccount' && product.class == 'pbxaccount' &&
(c.user.roles == 'admin' || c.user.roles == 'reseller' || c.user.roles == 'subscriberadmin') (c.user.roles == 'admin' || c.user.roles == 'reseller' ||
c.user.roles == 'ccareadmin' || c.user.roles == 'ccare' ||
c.user.roles == 'subscriberadmin')
-%] -%]
<div class="accordion-group"> <div class="accordion-group">
<div class="accordion-heading"> <div class="accordion-heading">
@ -435,7 +440,8 @@ $(function() {
<div class="accordion-inner"> <div class="accordion-inner">
[% IF (c.user.roles == 'admin' || c.user.roles == 'reseller') && !c.user.read_only -%] [% IF (c.user.roles == 'admin' || c.user.roles == 'reseller' ||
c.user.roles == 'ccareadmin' || c.user.roles == 'ccare') && !c.user.read_only -%]
<span> <span>
[% IF c.user.billing_data -%] [% IF c.user.billing_data -%]
<a class="btn btn-primary btn-large" href="[% c.uri_for_action("/customer/topup_voucher", [contract.id]) %]"><i class="icon-repeat"></i> [% c.loc('Top-up Voucher') %]</a> <a class="btn btn-primary btn-large" href="[% c.uri_for_action("/customer/topup_voucher", [contract.id]) %]"><i class="icon-repeat"></i> [% c.loc('Top-up Voucher') %]</a>

Write Preview
Loading…
Cancel
Save