TT#4336 api pbxdevices for subscriberadmin

Change-Id: Ife0647ea77bd304b0db169f86fe0785856094506

lib/NGCP/Panel/Controller/API/PbxDevices.pm

@@ -79,7 +79,7 @@ __PACKAGE__->config(
     action => {
         map { $_ => {
             ACLDetachTo => '/api/root/invalid_user',
-            AllowedRole => [qw/admin reseller/],
+            AllowedRole => [qw/admin reseller subscriberadmin/],
             Args => 0,
             Does => [qw(ACL CheckTrailingSlash RequireSSL)],
             Method => $_,
@@ -181,6 +181,10 @@ sub POST :Allow {
         );
         last unless $resource;
 
+        if ($c->user->roles eq 'subscriberadmin') {
+            $resource->{customer_id} = $c->user->account_id;
+        }
+
         my $form = $self->get_form($c);
         last unless $self->validate_form(
             c => $c,
@@ -226,6 +230,10 @@ sub POST :Allow {
             }
             my $b_subs = $schema->resultset('voip_subscribers')->find($line->{subscriber_id});
             my $p_subs = $b_subs ? $b_subs->provisioning_voip_subscriber : undef;
+            unless ($b_subs && $b_subs->contract_id == $customer->id) {
+                $self->error($c, HTTP_UNPROCESSABLE_ENTITY, "Invalid 'subscriber_id. Subscriber doesn't exist or doesn't belong to this customer.");
+                return;
+            }
             unless ($p_subs) {
                 $self->error($c, HTTP_UNPROCESSABLE_ENTITY, "Invalid 'subscriber_id'. Could not find subscriber.");
                 return;

lib/NGCP/Panel/Controller/API/PbxDevicesItem.pm

@@ -37,7 +37,7 @@ __PACKAGE__->config(
     action => {
         map { $_ => {
             ACLDetachTo => '/api/root/invalid_user',
-            AllowedRole => [qw/admin reseller/],
+            AllowedRole => [qw/admin reseller subscriberadmin/],
             Args => 1,
             Does => [qw(ACL RequireSSL)],
             Method => $_,

lib/NGCP/Panel/Role/API/PbxDevices.pm

@@ -85,13 +85,17 @@ sub _item_rs {
     my ($self, $c) = @_;
     my $item_rs = $c->model('DB')->resultset('autoprov_field_devices');
 
-    if($c->user->roles eq "admin") {
+    if ($c->user->roles eq "admin") {
     } elsif ($c->user->roles eq "reseller") {
         $item_rs = $item_rs->search({ 
             'device.reseller_id' => $c->user->reseller_id 
         },{
             'join' => { 'profile' => { 'config' => 'device' } },
         });
+    } elsif ($c->user->roles eq "subscriberadmin") {
+        $item_rs = $item_rs->search({
+            'me.contract_id' => $c->user->account_id,
+        });
     }
     return $item_rs;
 }
@@ -109,6 +113,10 @@ sub update_item {
     delete $resource->{id};
     my $schema = $c->model('DB');
 
+    if ($c->user->roles eq 'subscriberadmin') {
+        $resource->{customer_id} = $c->user->account_id;
+    }
+
     return unless $self->validate_form(
         c => $c,
         form => $form,
@@ -125,7 +133,7 @@ sub update_item {
         id => $resource->{customer_id},
         status => { '!=' => 'terminated' },
     });
-    if($c->user->roles eq "admin") {
+    if ($c->user->roles eq "admin") {
     } elsif($c->user->roles eq "reseller") {
         $customer_rs = $customer_rs->search({
             'contact.reseller_id' => $c->user->reseller_id,
@@ -157,6 +165,10 @@ sub update_item {
         }
         my $b_subs = $schema->resultset('voip_subscribers')->find($line->{subscriber_id});
         my $p_subs = $b_subs ? $b_subs->provisioning_voip_subscriber : undef;
+        unless ($b_subs && $b_subs->contract_id == $customer->id) {
+            $self->error($c, HTTP_UNPROCESSABLE_ENTITY, "Invalid 'subscriber_id. Subscriber doesn't exist or doesn't belong to this customer.");
+            return;
+        }
         unless ($p_subs) {
             $self->error($c, HTTP_UNPROCESSABLE_ENTITY, "Invalid 'subscriber_id'. Could not find subscriber.");
             return;