diff --git a/lib/NGCP/Panel/Authentication/Store/RoleFromRealm.pm b/lib/NGCP/Panel/Authentication/Store/RoleFromRealm.pm
index d67236cb79..a303c196d5 100644
--- a/lib/NGCP/Panel/Authentication/Store/RoleFromRealm.pm
+++ b/lib/NGCP/Panel/Authentication/Store/RoleFromRealm.pm
@@ -8,8 +8,13 @@ sub roles {
if ($self->auth_realm) {
for my $auth_type (qw/admin_bcrypt admin api_admin_cert api_admin_http api_admin api_admin_bcrypt/) {
if ($auth_type eq $self->auth_realm) {
- $self->_user->is_superuser ? return "admin"
- : return "reseller";
+ if ($self->_user->is_ccare) {
+ $self->_user->is_superuser ? return "ccareadmin"
+ : return "ccare";
+ } else {
+ $self->_user->is_superuser ? return "admin"
+ : return "reseller";
+ }
}
}
foreach my $auth_type (qw/subscriber api_subscriber_http api_subscriber_jwt/) { # TODO: simplify this
diff --git a/lib/NGCP/Panel/Controller/API/AutoAttendants.pm b/lib/NGCP/Panel/Controller/API/AutoAttendants.pm
index ca4fd7dc9d..a1e50912f7 100644
--- a/lib/NGCP/Panel/Controller/API/AutoAttendants.pm
+++ b/lib/NGCP/Panel/Controller/API/AutoAttendants.pm
@@ -41,7 +41,7 @@ sub relation{
}
__PACKAGE__->set_config({
- allowed_roles => [qw/admin reseller subscriberadmin/],
+ allowed_roles => [qw/admin reseller ccareadmin ccare subscriberadmin/],
});
sub GET :Allow {
diff --git a/lib/NGCP/Panel/Controller/API/AutoAttendantsItem.pm b/lib/NGCP/Panel/Controller/API/AutoAttendantsItem.pm
index 655aec4163..7b085ebe31 100644
--- a/lib/NGCP/Panel/Controller/API/AutoAttendantsItem.pm
+++ b/lib/NGCP/Panel/Controller/API/AutoAttendantsItem.pm
@@ -39,8 +39,8 @@ sub journal_query_params {
__PACKAGE__->set_config({
allowed_roles => {
- Default => [qw/admin reseller subscriberadmin/],
- Journal => [qw/admin reseller/],
+ Default => [qw/admin reseller ccareadmin ccare subscriberadmin/],
+ Journal => [qw/admin reseller ccareadmin ccare/],
}
});
diff --git a/lib/NGCP/Panel/Controller/API/BalanceIntervals.pm b/lib/NGCP/Panel/Controller/API/BalanceIntervals.pm
index a420602a70..3c2d4f1113 100644
--- a/lib/NGCP/Panel/Controller/API/BalanceIntervals.pm
+++ b/lib/NGCP/Panel/Controller/API/BalanceIntervals.pm
@@ -85,7 +85,7 @@ sub relation{
}
__PACKAGE__->set_config({
- allowed_roles => [qw/admin reseller/],
+ allowed_roles => [qw/admin reseller ccareadmin ccare/],
});
sub GET :Allow {
diff --git a/lib/NGCP/Panel/Controller/API/BalanceIntervalsItem.pm b/lib/NGCP/Panel/Controller/API/BalanceIntervalsItem.pm
index 44ed247be3..d8496bbd60 100644
--- a/lib/NGCP/Panel/Controller/API/BalanceIntervalsItem.pm
+++ b/lib/NGCP/Panel/Controller/API/BalanceIntervalsItem.pm
@@ -55,7 +55,7 @@ sub query_params {
}
__PACKAGE__->set_config({
- allowed_roles => [qw/admin reseller/],
+ allowed_roles => [qw/admin reseller ccareadmin ccare/],
action_add => {
item_base => {
Chained => '/',
diff --git a/lib/NGCP/Panel/Controller/API/BillingNetworks.pm b/lib/NGCP/Panel/Controller/API/BillingNetworks.pm
index 3da090ffe7..3aa3eada13 100644
--- a/lib/NGCP/Panel/Controller/API/BillingNetworks.pm
+++ b/lib/NGCP/Panel/Controller/API/BillingNetworks.pm
@@ -132,9 +132,12 @@ sub POST :Allow {
);
last unless $resource;
- if($c->user->roles eq "admin") {
- } elsif($c->user->roles eq "reseller") {
+ if ($c->user->roles eq "admin") {
+ } elsif ($c->user->roles eq "reseller") {
$resource->{reseller_id} = $c->user->reseller_id;
+ } elsif ($c->user->roles eq "ccareadmin" || $c->user->roles eq "ccare") {
+ $self->error($c, HTTP_FORBIDDEN, "Read-only resource for authenticated role");
+ last;
}
my $form = $self->get_form($c);
diff --git a/lib/NGCP/Panel/Controller/API/BillingProfiles.pm b/lib/NGCP/Panel/Controller/API/BillingProfiles.pm
index 29261d13f3..21bc52eb03 100644
--- a/lib/NGCP/Panel/Controller/API/BillingProfiles.pm
+++ b/lib/NGCP/Panel/Controller/API/BillingProfiles.pm
@@ -62,7 +62,7 @@ sub relation{
}
__PACKAGE__->set_config({
- allowed_roles => [qw/admin reseller/],
+ allowed_roles => [qw/admin reseller ccareadmin ccare/],
});
sub GET :Allow {
@@ -119,9 +119,12 @@ sub POST :Allow {
);
last unless $resource;
- if($c->user->roles eq "admin") {
- } elsif($c->user->roles eq "reseller") {
+ if ($c->user->roles eq "admin") {
+ } elsif ($c->user->roles eq "reseller") {
$resource->{reseller_id} = $c->user->reseller_id;
+ } elsif ($c->user->roles eq "ccareadmin" || $c->user->roles eq "ccare") {
+ $self->error($c, HTTP_FORBIDDEN, "Read-only resource for authenticated role");
+ last;
} else {
$resource->{reseller_id} = $c->user->contract->contact->reseller_id;
}
diff --git a/lib/NGCP/Panel/Controller/API/BillingProfilesItem.pm b/lib/NGCP/Panel/Controller/API/BillingProfilesItem.pm
index 84288ea4c9..c0faddfbcd 100644
--- a/lib/NGCP/Panel/Controller/API/BillingProfilesItem.pm
+++ b/lib/NGCP/Panel/Controller/API/BillingProfilesItem.pm
@@ -37,8 +37,8 @@ sub journal_query_params {
__PACKAGE__->set_config({
allowed_roles => {
- Default => [qw/admin reseller/],
- Journal => [qw/admin reseller/],
+ Default => [qw/admin reseller ccareadmin ccare/],
+ Journal => [qw/admin reseller ccareadmin ccare/],
}
});
@@ -80,6 +80,11 @@ sub PATCH :Allow {
);
last unless $json;
+ if ($c->user->roles eq "ccareadmin" || $c->user->roles eq "ccare") {
+ $self->error($c, HTTP_FORBIDDEN, "Read-only resource for authenticated role");
+ last;
+ }
+
my $profile = $self->profile_by_id($c, $id);
last unless $self->resource_exists($c, billingprofile => $profile);
my $old_resource = { $profile->get_inflated_columns };
@@ -108,6 +113,11 @@ sub PUT :Allow {
my $preference = $self->require_preference($c);
last unless $preference;
+ if ($c->user->roles eq "ccareadmin" || $c->user->roles eq "ccare") {
+ $self->error($c, HTTP_FORBIDDEN, "Read-only resource for authenticated role");
+ last;
+ }
+
my $profile = $self->profile_by_id($c, $id);
last unless $self->resource_exists($c, billingprofile => $profile );
my $resource = $self->get_valid_put_data(
@@ -136,6 +146,11 @@ sub DELETE :Allow {
my ($self, $c, $id) = @_;
my $guard = $c->model('DB')->txn_scope_guard;
{
+ if ($c->user->roles eq "ccareadmin" || $c->user->roles eq "ccare") {
+ $self->error($c, HTTP_FORBIDDEN, "Read-only resource for authenticated role");
+ last;
+ }
+
my $billing_profile = $self->item_by_id($c, $id);
last unless $self->resource_exists($c, billingprofile => $billing_profile);
last unless NGCP::Panel::Utils::Reseller::check_reseller_delete_item($c, $billing_profile->reseller_id, sub {
diff --git a/lib/NGCP/Panel/Controller/API/CFBNumberSets.pm b/lib/NGCP/Panel/Controller/API/CFBNumberSets.pm
index 056fd393dd..94e3b56279 100644
--- a/lib/NGCP/Panel/Controller/API/CFBNumberSets.pm
+++ b/lib/NGCP/Panel/Controller/API/CFBNumberSets.pm
@@ -59,7 +59,7 @@ sub documentation_sample {
use parent qw/NGCP::Panel::Role::Entities NGCP::Panel::Role::API::CFBNumberSets/;
__PACKAGE__->set_config({
- allowed_roles => [qw/admin reseller subscriberadmin subscriber/],
+ allowed_roles => [qw/admin reseller ccareadmin ccare subscriberadmin subscriber/],
});
sub create_item {
diff --git a/lib/NGCP/Panel/Controller/API/CFBNumberSetsItem.pm b/lib/NGCP/Panel/Controller/API/CFBNumberSetsItem.pm
index 44879e6b83..19e237f1bc 100644
--- a/lib/NGCP/Panel/Controller/API/CFBNumberSetsItem.pm
+++ b/lib/NGCP/Panel/Controller/API/CFBNumberSetsItem.pm
@@ -27,8 +27,8 @@ sub journal_query_params {
__PACKAGE__->set_config({
allowed_roles => {
- Default => [qw/admin reseller subscriberadmin subscriber/],
- Journal => [qw/admin reseller/],
+ Default => [qw/admin reseller ccareadmin ccare subscriberadmin subscriber/],
+ Journal => [qw/admin reseller ccareadmin ccare/],
},
PATCH => { ops => [qw/add replace remove copy/] },
});
diff --git a/lib/NGCP/Panel/Controller/API/CFDestinationSets.pm b/lib/NGCP/Panel/Controller/API/CFDestinationSets.pm
index 74f48aedb5..4944ec671a 100644
--- a/lib/NGCP/Panel/Controller/API/CFDestinationSets.pm
+++ b/lib/NGCP/Panel/Controller/API/CFDestinationSets.pm
@@ -64,7 +64,7 @@ sub relation{
}
__PACKAGE__->set_config({
- allowed_roles => [qw/admin reseller subscriberadmin subscriber/],
+ allowed_roles => [qw/admin reseller ccareadmin ccare subscriberadmin subscriber/],
});
sub GET :Allow {
diff --git a/lib/NGCP/Panel/Controller/API/CFDestinationSetsItem.pm b/lib/NGCP/Panel/Controller/API/CFDestinationSetsItem.pm
index cd3eeb70f6..d335386166 100644
--- a/lib/NGCP/Panel/Controller/API/CFDestinationSetsItem.pm
+++ b/lib/NGCP/Panel/Controller/API/CFDestinationSetsItem.pm
@@ -39,8 +39,8 @@ sub journal_query_params {
__PACKAGE__->set_config({
allowed_roles => {
- Default => [qw/admin reseller subscriberadmin subscriber/],
- Journal => [qw/admin reseller/],
+ Default => [qw/admin reseller ccareadmin ccare subscriberadmin subscriber/],
+ Journal => [qw/admin reseller ccareadmin ccare/],
}
});
diff --git a/lib/NGCP/Panel/Controller/API/CFMappings.pm b/lib/NGCP/Panel/Controller/API/CFMappings.pm
index 23a27f1cea..596eea75ce 100644
--- a/lib/NGCP/Panel/Controller/API/CFMappings.pm
+++ b/lib/NGCP/Panel/Controller/API/CFMappings.pm
@@ -57,7 +57,7 @@ sub relation{
}
__PACKAGE__->set_config({
- allowed_roles => [qw/admin reseller subscriberadmin subscriber/],
+ allowed_roles => [qw/admin reseller ccareadmin ccare subscriberadmin subscriber/],
});
sub GET :Allow {
diff --git a/lib/NGCP/Panel/Controller/API/CFMappingsItem.pm b/lib/NGCP/Panel/Controller/API/CFMappingsItem.pm
index cfb4910084..b31bda0774 100644
--- a/lib/NGCP/Panel/Controller/API/CFMappingsItem.pm
+++ b/lib/NGCP/Panel/Controller/API/CFMappingsItem.pm
@@ -39,8 +39,8 @@ sub journal_query_params {
__PACKAGE__->set_config({
allowed_roles => {
- Default => [qw/admin reseller subscriberadmin subscriber/],
- Journal => [qw/admin reseller/],
+ Default => [qw/admin reseller ccareadmin ccare subscriberadmin subscriber/],
+ Journal => [qw/admin reseller ccareadmin ccare/],
}
});
diff --git a/lib/NGCP/Panel/Controller/API/CFSourceSets.pm b/lib/NGCP/Panel/Controller/API/CFSourceSets.pm
index c4e0ad2aba..06e87322f4 100644
--- a/lib/NGCP/Panel/Controller/API/CFSourceSets.pm
+++ b/lib/NGCP/Panel/Controller/API/CFSourceSets.pm
@@ -71,7 +71,7 @@ sub relation{
}
__PACKAGE__->set_config({
- allowed_roles => [qw/admin reseller subscriberadmin subscriber/],
+ allowed_roles => [qw/admin reseller ccareadmin ccare subscriberadmin subscriber/],
});
sub GET :Allow {
diff --git a/lib/NGCP/Panel/Controller/API/CFSourceSetsItem.pm b/lib/NGCP/Panel/Controller/API/CFSourceSetsItem.pm
index 77b410478f..3750666e46 100644
--- a/lib/NGCP/Panel/Controller/API/CFSourceSetsItem.pm
+++ b/lib/NGCP/Panel/Controller/API/CFSourceSetsItem.pm
@@ -39,8 +39,8 @@ sub journal_query_params {
__PACKAGE__->set_config({
allowed_roles => {
- Default => [qw/admin reseller subscriberadmin subscriber/],
- Journal => [qw/admin reseller/],
+ Default => [qw/admin reseller ccareadmin ccare subscriberadmin subscriber/],
+ Journal => [qw/admin reseller ccareadmin ccare/],
}
});
diff --git a/lib/NGCP/Panel/Controller/API/CFTimeSets.pm b/lib/NGCP/Panel/Controller/API/CFTimeSets.pm
index 4c8c9137ae..f8da8bf85a 100644
--- a/lib/NGCP/Panel/Controller/API/CFTimeSets.pm
+++ b/lib/NGCP/Panel/Controller/API/CFTimeSets.pm
@@ -64,7 +64,7 @@ sub relation{
}
__PACKAGE__->set_config({
- allowed_roles => [qw/admin reseller subscriberadmin subscriber/],
+ allowed_roles => [qw/admin reseller ccareadmin ccare subscriberadmin subscriber/],
});
sub GET :Allow {
diff --git a/lib/NGCP/Panel/Controller/API/CFTimeSetsItem.pm b/lib/NGCP/Panel/Controller/API/CFTimeSetsItem.pm
index e86ce712cc..07a87d3a7e 100644
--- a/lib/NGCP/Panel/Controller/API/CFTimeSetsItem.pm
+++ b/lib/NGCP/Panel/Controller/API/CFTimeSetsItem.pm
@@ -39,8 +39,8 @@ sub journal_query_params {
__PACKAGE__->set_config({
allowed_roles => {
- Default => [qw/admin reseller subscriberadmin subscriber/],
- Journal => [qw/admin reseller/],
+ Default => [qw/admin reseller ccareadmin ccare subscriberadmin subscriber/],
+ Journal => [qw/admin reseller ccareadmin ccare/],
}
});
diff --git a/lib/NGCP/Panel/Controller/API/CustomerBalances.pm b/lib/NGCP/Panel/Controller/API/CustomerBalances.pm
index e6e63581dc..441d1f8bc4 100644
--- a/lib/NGCP/Panel/Controller/API/CustomerBalances.pm
+++ b/lib/NGCP/Panel/Controller/API/CustomerBalances.pm
@@ -117,7 +117,7 @@ sub relation{
}
__PACKAGE__->set_config({
- allowed_roles => [qw/admin reseller/],
+ allowed_roles => [qw/admin reseller ccareadmin ccare/],
});
sub GET :Allow {
diff --git a/lib/NGCP/Panel/Controller/API/CustomerBalancesItem.pm b/lib/NGCP/Panel/Controller/API/CustomerBalancesItem.pm
index c5be93b6d7..ad9fe957ed 100644
--- a/lib/NGCP/Panel/Controller/API/CustomerBalancesItem.pm
+++ b/lib/NGCP/Panel/Controller/API/CustomerBalancesItem.pm
@@ -37,8 +37,8 @@ sub journal_query_params {
__PACKAGE__->set_config({
allowed_roles => {
- Default => [qw/admin reseller/],
- Journal => [qw/admin reseller/],
+ Default => [qw/admin reseller ccareadmin ccare/],
+ Journal => [qw/admin reseller ccareadmin ccare/],
}
});
diff --git a/lib/NGCP/Panel/Controller/API/CustomerContacts.pm b/lib/NGCP/Panel/Controller/API/CustomerContacts.pm
index f037fdd1f9..79bbc43e3d 100644
--- a/lib/NGCP/Panel/Controller/API/CustomerContacts.pm
+++ b/lib/NGCP/Panel/Controller/API/CustomerContacts.pm
@@ -61,7 +61,7 @@ sub relation{
}
__PACKAGE__->set_config({
- allowed_roles => [qw/admin reseller/],
+ allowed_roles => [qw/admin reseller ccareadmin ccare/],
});
sub GET :Allow {
diff --git a/lib/NGCP/Panel/Controller/API/CustomerContactsItem.pm b/lib/NGCP/Panel/Controller/API/CustomerContactsItem.pm
index d92eb85609..abd6450448 100644
--- a/lib/NGCP/Panel/Controller/API/CustomerContactsItem.pm
+++ b/lib/NGCP/Panel/Controller/API/CustomerContactsItem.pm
@@ -37,8 +37,8 @@ sub journal_query_params {
__PACKAGE__->set_config({
allowed_roles => {
- Default => [qw/admin reseller/],
- Journal => [qw/admin reseller/],
+ Default => [qw/admin reseller ccareadmin ccare/],
+ Journal => [qw/admin reseller ccareadmin ccare/],
}
});
diff --git a/lib/NGCP/Panel/Controller/API/CustomerFraudEvents.pm b/lib/NGCP/Panel/Controller/API/CustomerFraudEvents.pm
index 9660c8e7d5..27b7d2a796 100644
--- a/lib/NGCP/Panel/Controller/API/CustomerFraudEvents.pm
+++ b/lib/NGCP/Panel/Controller/API/CustomerFraudEvents.pm
@@ -71,7 +71,7 @@ sub relation{
__PACKAGE__->set_config({
- allowed_roles => [qw/admin reseller/],
+ allowed_roles => [qw/admin reseller ccareadmin ccare/],
});
-1;
\ No newline at end of file
+1;
diff --git a/lib/NGCP/Panel/Controller/API/CustomerFraudEventsItem.pm b/lib/NGCP/Panel/Controller/API/CustomerFraudEventsItem.pm
index 20bed99122..7ad507ffb7 100644
--- a/lib/NGCP/Panel/Controller/API/CustomerFraudEventsItem.pm
+++ b/lib/NGCP/Panel/Controller/API/CustomerFraudEventsItem.pm
@@ -28,7 +28,7 @@ sub relation{
}
__PACKAGE__->set_config({
- allowed_roles => [qw/admin reseller/],
+ allowed_roles => [qw/admin reseller ccareadmin ccare/],
});
1;
diff --git a/lib/NGCP/Panel/Controller/API/CustomerLocations.pm b/lib/NGCP/Panel/Controller/API/CustomerLocations.pm
index 783741a6d1..0e53ffdc37 100644
--- a/lib/NGCP/Panel/Controller/API/CustomerLocations.pm
+++ b/lib/NGCP/Panel/Controller/API/CustomerLocations.pm
@@ -63,7 +63,7 @@ sub relation{
}
__PACKAGE__->set_config({
- allowed_roles => [qw/admin reseller/],
+ allowed_roles => [qw/admin reseller ccareadmin ccare/],
});
sub GET :Allow {
diff --git a/lib/NGCP/Panel/Controller/API/CustomerLocationsItem.pm b/lib/NGCP/Panel/Controller/API/CustomerLocationsItem.pm
index ab118c88c5..45ddcca3e0 100644
--- a/lib/NGCP/Panel/Controller/API/CustomerLocationsItem.pm
+++ b/lib/NGCP/Panel/Controller/API/CustomerLocationsItem.pm
@@ -40,8 +40,8 @@ sub journal_query_params {
__PACKAGE__->set_config({
allowed_roles => {
- Default => [qw/admin reseller/],
- Journal => [qw/admin reseller/],
+ Default => [qw/admin reseller ccareadmin ccare/],
+ Journal => [qw/admin reseller ccareadmin ccare/],
}
});
diff --git a/lib/NGCP/Panel/Controller/API/CustomerPreferenceDefs.pm b/lib/NGCP/Panel/Controller/API/CustomerPreferenceDefs.pm
index 3cb06783d1..190e7ef0d0 100644
--- a/lib/NGCP/Panel/Controller/API/CustomerPreferenceDefs.pm
+++ b/lib/NGCP/Panel/Controller/API/CustomerPreferenceDefs.pm
@@ -12,7 +12,7 @@ sub allowed_methods{
__PACKAGE__->set_config({
preferences_group => 'contract_pref',
- allowed_roles => [qw/admin reseller/],
+ allowed_roles => [qw/admin reseller ccareadmin ccare/],
});
1;
diff --git a/lib/NGCP/Panel/Controller/API/CustomerPreferences.pm b/lib/NGCP/Panel/Controller/API/CustomerPreferences.pm
index f87bff6536..d310419eaa 100644
--- a/lib/NGCP/Panel/Controller/API/CustomerPreferences.pm
+++ b/lib/NGCP/Panel/Controller/API/CustomerPreferences.pm
@@ -9,7 +9,7 @@ sub allowed_methods{
use parent qw/NGCP::Panel::Role::Entities NGCP::Panel::Role::API::Preferences/;
__PACKAGE__->set_config({
- allowed_roles => [qw/admin reseller/],
+ allowed_roles => [qw/admin reseller ccareadmin ccare/],
});
sub item_name{
diff --git a/lib/NGCP/Panel/Controller/API/CustomerPreferencesItem.pm b/lib/NGCP/Panel/Controller/API/CustomerPreferencesItem.pm
index 95bfd01808..395ac13cb2 100644
--- a/lib/NGCP/Panel/Controller/API/CustomerPreferencesItem.pm
+++ b/lib/NGCP/Panel/Controller/API/CustomerPreferencesItem.pm
@@ -8,8 +8,8 @@ use parent qw/NGCP::Panel::Role::EntitiesItem NGCP::Panel::Role::API::Preference
__PACKAGE__->set_config({
PATCH => { ops => [qw/add replace remove copy/] },
allowed_roles => {
- Default => [qw/admin reseller/],
- Journal => [qw/admin reseller/],
+ Default => [qw/admin reseller ccareadmin ccare/],
+ Journal => [qw/admin reseller ccareadmin ccare/],
}
});
diff --git a/lib/NGCP/Panel/Controller/API/Customers.pm b/lib/NGCP/Panel/Controller/API/Customers.pm
index dd7bc78fc1..9fd73a3d88 100644
--- a/lib/NGCP/Panel/Controller/API/Customers.pm
+++ b/lib/NGCP/Panel/Controller/API/Customers.pm
@@ -147,7 +147,7 @@ sub relation{
}
__PACKAGE__->set_config({
- allowed_roles => [qw/admin reseller/],
+ allowed_roles => [qw/admin reseller ccareadmin ccare/],
});
sub GET :Allow {
diff --git a/lib/NGCP/Panel/Controller/API/CustomersItem.pm b/lib/NGCP/Panel/Controller/API/CustomersItem.pm
index c790ad4ff7..35778a6597 100644
--- a/lib/NGCP/Panel/Controller/API/CustomersItem.pm
+++ b/lib/NGCP/Panel/Controller/API/CustomersItem.pm
@@ -42,8 +42,8 @@ sub journal_query_params {
__PACKAGE__->set_config({
allowed_roles => {
- Default => [qw/admin reseller subscriberadmin/],
- Journal => [qw/admin reseller/],
+ Default => [qw/admin reseller ccareadmin ccare subscriberadmin/],
+ Journal => [qw/admin reseller ccareadmin ccare/],
}
});
diff --git a/lib/NGCP/Panel/Controller/API/Domains.pm b/lib/NGCP/Panel/Controller/API/Domains.pm
index 23f1953f81..f1e5a8019a 100644
--- a/lib/NGCP/Panel/Controller/API/Domains.pm
+++ b/lib/NGCP/Panel/Controller/API/Domains.pm
@@ -63,7 +63,7 @@ sub relation{
}
__PACKAGE__->set_config({
- allowed_roles => [qw/admin reseller/],
+ allowed_roles => [qw/admin reseller ccareadmin ccare/],
});
sub GET :Allow {
@@ -113,6 +113,11 @@ sub GET :Allow {
sub POST :Allow {
my ($self, $c) = @_;
+ if ($c->user->roles eq "ccareadmin" || $c->user->roles eq "ccare") {
+ $self->error($c, HTTP_FORBIDDEN, "Read-only resource for authenticated role");
+ return;
+ }
+
my $guard = $c->model('DB')->txn_scope_guard;
{
my $resource = $self->get_valid_post_data(
diff --git a/lib/NGCP/Panel/Controller/API/EmailTemplates.pm b/lib/NGCP/Panel/Controller/API/EmailTemplates.pm
index 7c14eba2eb..39a8717074 100644
--- a/lib/NGCP/Panel/Controller/API/EmailTemplates.pm
+++ b/lib/NGCP/Panel/Controller/API/EmailTemplates.pm
@@ -60,7 +60,7 @@ sub relation{
}
__PACKAGE__->set_config({
- allowed_roles => [qw/admin reseller/],
+ allowed_roles => [qw/admin reseller ccareadmin ccare/],
});
sub GET :Allow {
@@ -122,9 +122,13 @@ sub POST :Allow {
resource => $resource,
form => $form,
);
- if($c->user->roles eq "admin") {
- } elsif($c->user->roles eq "reseller") {
+
+ if ($c->user->roles eq "admin") {
+ } elsif ($c->user->roles eq "reseller") {
$resource->{reseller_id} = $c->user->reseller_id;
+ } elsif ($c->user->roles eq "ccareadmin" || $c->user->roles eq "ccare") {
+ $self->error($c, HTTP_FORBIDDEN, "Read-only resource for authenticated role");
+ last;
}
my $item;
diff --git a/lib/NGCP/Panel/Controller/API/EmailTemplatesItem.pm b/lib/NGCP/Panel/Controller/API/EmailTemplatesItem.pm
index 962ec2ba50..2be1299fbe 100644
--- a/lib/NGCP/Panel/Controller/API/EmailTemplatesItem.pm
+++ b/lib/NGCP/Panel/Controller/API/EmailTemplatesItem.pm
@@ -90,6 +90,11 @@ sub PUT :Allow {
my ($self, $c, $id) = @_;
my $guard = $c->model('DB')->txn_scope_guard;
{
+ if ($c->user->roles eq "ccareadmin" || $c->user->roles eq "ccare") {
+ $self->error($c, HTTP_FORBIDDEN, "Read-only resource for authenticated role");
+ last;
+ }
+
my $preference = $self->require_preference($c);
last unless $preference;
diff --git a/lib/NGCP/Panel/Controller/API/FaxserverSettings.pm b/lib/NGCP/Panel/Controller/API/FaxserverSettings.pm
index 82bd9e382f..bb5ba7a3c5 100644
--- a/lib/NGCP/Panel/Controller/API/FaxserverSettings.pm
+++ b/lib/NGCP/Panel/Controller/API/FaxserverSettings.pm
@@ -6,7 +6,7 @@ use Sipwise::Base;
use parent qw/NGCP::Panel::Role::Entities NGCP::Panel::Role::API::FaxserverSettings/;
__PACKAGE__->set_config({
- allowed_roles => [qw/admin reseller subscriber subscriberadmin/],
+ allowed_roles => [qw/admin reseller ccareadmin ccare subscriber subscriberadmin/],
});
sub allowed_methods{
diff --git a/lib/NGCP/Panel/Controller/API/FaxserverSettingsItem.pm b/lib/NGCP/Panel/Controller/API/FaxserverSettingsItem.pm
index 6e82247fc7..d476b8d8b3 100644
--- a/lib/NGCP/Panel/Controller/API/FaxserverSettingsItem.pm
+++ b/lib/NGCP/Panel/Controller/API/FaxserverSettingsItem.pm
@@ -11,8 +11,8 @@ use parent qw/NGCP::Panel::Role::EntitiesItem NGCP::Panel::Role::API::FaxserverS
__PACKAGE__->set_config({
allowed_roles => {
- Default => [qw/admin reseller subscriber subscriberadmin/],
- Journal => [qw/admin reseller subscriber subscriberadmin/],
+ Default => [qw/admin reseller ccareadmin ccare subscriber subscriberadmin/],
+ Journal => [qw/admin reseller ccareadmin ccare subscriber subscriberadmin/],
},
PATCH => { ops => [qw/add replace remove copy/] },
});
diff --git a/lib/NGCP/Panel/Controller/API/InvoiceTemplates.pm b/lib/NGCP/Panel/Controller/API/InvoiceTemplates.pm
index 5fb47fe1bb..ab7b94084a 100644
--- a/lib/NGCP/Panel/Controller/API/InvoiceTemplates.pm
+++ b/lib/NGCP/Panel/Controller/API/InvoiceTemplates.pm
@@ -60,7 +60,7 @@ sub relation{
}
__PACKAGE__->set_config({
- allowed_roles => [qw/admin reseller/],
+ allowed_roles => [qw/admin reseller ccareadmin ccare/],
});
sub GET :Allow {
diff --git a/lib/NGCP/Panel/Controller/API/InvoiceTemplatesItem.pm b/lib/NGCP/Panel/Controller/API/InvoiceTemplatesItem.pm
index e8b5a9bcb5..8772d9ef18 100644
--- a/lib/NGCP/Panel/Controller/API/InvoiceTemplatesItem.pm
+++ b/lib/NGCP/Panel/Controller/API/InvoiceTemplatesItem.pm
@@ -30,7 +30,7 @@ sub relation{
}
__PACKAGE__->set_config({
- allowed_roles => [qw/admin reseller/],
+ allowed_roles => [qw/admin reseller ccareadmin ccare/],
});
sub GET :Allow {
diff --git a/lib/NGCP/Panel/Controller/API/MailToFaxSettings.pm b/lib/NGCP/Panel/Controller/API/MailToFaxSettings.pm
index 1c73233e20..e73cf03f67 100644
--- a/lib/NGCP/Panel/Controller/API/MailToFaxSettings.pm
+++ b/lib/NGCP/Panel/Controller/API/MailToFaxSettings.pm
@@ -71,7 +71,7 @@ sub relation{
}
__PACKAGE__->set_config({
- allowed_roles => [qw/admin reseller/],
+ allowed_roles => [qw/admin reseller ccareadmin ccare/],
});
sub GET :Allow {
diff --git a/lib/NGCP/Panel/Controller/API/MailToFaxSettingsItem.pm b/lib/NGCP/Panel/Controller/API/MailToFaxSettingsItem.pm
index c239d467ef..ddeaddea2a 100644
--- a/lib/NGCP/Panel/Controller/API/MailToFaxSettingsItem.pm
+++ b/lib/NGCP/Panel/Controller/API/MailToFaxSettingsItem.pm
@@ -37,8 +37,8 @@ sub journal_query_params {
__PACKAGE__->set_config({
allowed_roles => {
- Default => [qw/admin reseller/],
- Journal => [qw/admin reseller/],
+ Default => [qw/admin reseller ccareadmin ccare/],
+ Journal => [qw/admin reseller ccareadmin ccare/],
}
});
diff --git a/lib/NGCP/Panel/Controller/API/ProfilePreferenceDefs.pm b/lib/NGCP/Panel/Controller/API/ProfilePreferenceDefs.pm
index 4ea4fb6eb2..5962a6dd73 100644
--- a/lib/NGCP/Panel/Controller/API/ProfilePreferenceDefs.pm
+++ b/lib/NGCP/Panel/Controller/API/ProfilePreferenceDefs.pm
@@ -12,7 +12,7 @@ sub allowed_methods{
__PACKAGE__->set_config({
preferences_group => 'prof_pref',
- allowed_roles => [qw/admin reseller/],
+ allowed_roles => [qw/admin reseller ccareadmin ccare/],
});
1;
diff --git a/lib/NGCP/Panel/Controller/API/RemindersItem.pm b/lib/NGCP/Panel/Controller/API/RemindersItem.pm
index 11b84a03e3..42dd6f4b09 100644
--- a/lib/NGCP/Panel/Controller/API/RemindersItem.pm
+++ b/lib/NGCP/Panel/Controller/API/RemindersItem.pm
@@ -36,8 +36,8 @@ sub journal_query_params {
__PACKAGE__->set_config({
allowed_roles => {
- Default => [qw/admin reseller subscriberadmin subscriber/],
- Journal => [qw/admin reseller subscriberadmin subscriber/],
+ Default => [qw/admin reseller ccareadmin ccare subscriberadmin subscriber/],
+ Journal => [qw/admin reseller ccareadmin ccare subscriberadmin subscriber/],
}
});
diff --git a/lib/NGCP/Panel/Controller/API/Root.pm b/lib/NGCP/Panel/Controller/API/Root.pm
index 52c9232a4b..54bca70de2 100644
--- a/lib/NGCP/Panel/Controller/API/Root.pm
+++ b/lib/NGCP/Panel/Controller/API/Root.pm
@@ -28,7 +28,7 @@ __PACKAGE__->config(
action => {
map { $_ => {
ACLDetachTo => 'invalid_user',
- AllowedRole => [qw/admin reseller subscriberadmin subscriber/],
+ AllowedRole => [qw/admin reseller ccareadmin ccare subscriberadmin subscriber/],
Args => 0,
Does => [qw(ACL CheckTrailingSlash RequireSSL)],
Method => $_,
diff --git a/lib/NGCP/Panel/Controller/API/SpeedDials.pm b/lib/NGCP/Panel/Controller/API/SpeedDials.pm
index f34669b4cd..70272532e2 100644
--- a/lib/NGCP/Panel/Controller/API/SpeedDials.pm
+++ b/lib/NGCP/Panel/Controller/API/SpeedDials.pm
@@ -55,7 +55,7 @@ sub relation{
}
__PACKAGE__->set_config({
- allowed_roles => [qw/admin reseller subscriberadmin subscriber/],
+ allowed_roles => [qw/admin reseller ccareadmin ccare subscriberadmin subscriber/],
});
sub GET :Allow {
diff --git a/lib/NGCP/Panel/Controller/API/SpeedDialsItem.pm b/lib/NGCP/Panel/Controller/API/SpeedDialsItem.pm
index 9db3a12cc5..e9d366a52d 100644
--- a/lib/NGCP/Panel/Controller/API/SpeedDialsItem.pm
+++ b/lib/NGCP/Panel/Controller/API/SpeedDialsItem.pm
@@ -39,8 +39,8 @@ sub journal_query_params {
__PACKAGE__->set_config({
allowed_roles => {
- Default => [qw/admin reseller subscriberadmin subscriber/],
- Journal => [qw/admin reseller subscriberadmin subscriber/],
+ Default => [qw/admin reseller ccareadmin ccare subscriberadmin subscriber/],
+ Journal => [qw/admin reseller ccareadmin ccare subscriberadmin subscriber/],
}
});
diff --git a/lib/NGCP/Panel/Controller/API/SubscriberPreferenceDefs.pm b/lib/NGCP/Panel/Controller/API/SubscriberPreferenceDefs.pm
index b37fe8427b..d55281bd0a 100644
--- a/lib/NGCP/Panel/Controller/API/SubscriberPreferenceDefs.pm
+++ b/lib/NGCP/Panel/Controller/API/SubscriberPreferenceDefs.pm
@@ -12,7 +12,7 @@ sub allowed_methods{
__PACKAGE__->set_config({
preferences_group => 'usr_pref',
- allowed_roles => [qw/admin reseller subscriberadmin subscriber/],
+ allowed_roles => [qw/admin reseller ccareadmin ccare subscriberadmin subscriber/],
});
1;
diff --git a/lib/NGCP/Panel/Controller/API/SubscriberPreferences.pm b/lib/NGCP/Panel/Controller/API/SubscriberPreferences.pm
index 9edc3fe839..9dbd85ae22 100644
--- a/lib/NGCP/Panel/Controller/API/SubscriberPreferences.pm
+++ b/lib/NGCP/Panel/Controller/API/SubscriberPreferences.pm
@@ -16,7 +16,7 @@ use NGCP::Panel::Utils::DateTime;
use NGCP::Panel::Utils::ProfilePackages qw();
__PACKAGE__->set_config({
- allowed_roles => [qw/admin reseller subscriberadmin subscriber/],
+ allowed_roles => [qw/admin reseller ccareadmin ccare subscriberadmin subscriber/],
});
sub allowed_methods{
diff --git a/lib/NGCP/Panel/Controller/API/SubscriberPreferencesItem.pm b/lib/NGCP/Panel/Controller/API/SubscriberPreferencesItem.pm
index 30a443e86b..273b65063c 100644
--- a/lib/NGCP/Panel/Controller/API/SubscriberPreferencesItem.pm
+++ b/lib/NGCP/Panel/Controller/API/SubscriberPreferencesItem.pm
@@ -17,8 +17,8 @@ use NGCP::Panel::Utils::ProfilePackages qw();
__PACKAGE__->set_config({
PATCH => { ops => [qw/add replace remove copy/] },
allowed_roles => {
- Default => [qw/admin reseller subscriberadmin subscriber/],
- Journal => [qw/admin reseller subscriberadmin subscriber/],
+ Default => [qw/admin reseller ccareadmin ccare subscriberadmin subscriber/],
+ Journal => [qw/admin reseller ccareadmin ccare subscriberadmin subscriber/],
}
});
diff --git a/lib/NGCP/Panel/Controller/API/SubscriberProfileSets.pm b/lib/NGCP/Panel/Controller/API/SubscriberProfileSets.pm
index 32cbfb9031..c5c8171d16 100644
--- a/lib/NGCP/Panel/Controller/API/SubscriberProfileSets.pm
+++ b/lib/NGCP/Panel/Controller/API/SubscriberProfileSets.pm
@@ -60,7 +60,7 @@ sub relation{
}
__PACKAGE__->set_config({
- allowed_roles => [qw/admin reseller/],
+ allowed_roles => [qw/admin reseller ccareadmin ccare/],
});
sub GET :Allow {
@@ -110,6 +110,11 @@ sub GET :Allow {
sub POST :Allow {
my ($self, $c) = @_;
+ if ($c->user->roles eq "ccareadmin" || $c->user->roles eq "ccare") {
+ $self->error($c, HTTP_FORBIDDEN, "Read-only resource for authenticated role");
+ return;
+ }
+
if($c->user->roles eq "reseller" && !$c->config->{profile_sets}->{reseller_edit}) {
$c->log->error("profile set creation by reseller forbidden via config");
$self->error($c, HTTP_FORBIDDEN, "Subscriber profile set creation forbidden for resellers.");
diff --git a/lib/NGCP/Panel/Controller/API/SubscriberProfileSetsItem.pm b/lib/NGCP/Panel/Controller/API/SubscriberProfileSetsItem.pm
index 18f3fbfe75..0d2dcc5374 100644
--- a/lib/NGCP/Panel/Controller/API/SubscriberProfileSetsItem.pm
+++ b/lib/NGCP/Panel/Controller/API/SubscriberProfileSetsItem.pm
@@ -36,7 +36,7 @@ sub journal_query_params {
__PACKAGE__->set_config({
allowed_roles => {
- Default => [qw/admin reseller/],
+ Default => [qw/admin reseller ccareadmin ccare/],
Journal => [qw/admin reseller/],
}
});
@@ -66,6 +66,11 @@ sub GET :Allow {
sub PATCH :Allow {
my ($self, $c, $id) = @_;
+ if ($c->user->roles eq "ccareadmin" || $c->user->roles eq "ccare") {
+ $self->error($c, HTTP_FORBIDDEN, "Read-only resource for authenticated role");
+ return;
+ }
+
if($c->user->roles eq "reseller" && !$c->config->{profile_sets}->{reseller_edit}) {
$c->log->error("profile set modification by reseller forbidden via config");
$self->error($c, HTTP_FORBIDDEN, "Subscriber profile set modification forbidden for resellers.");
@@ -107,6 +112,11 @@ sub PATCH :Allow {
sub PUT :Allow {
my ($self, $c, $id) = @_;
+ if ($c->user->roles eq "ccareadmin" || $c->user->roles eq "ccare") {
+ $self->error($c, HTTP_FORBIDDEN, "Read-only resource for authenticated role");
+ return;
+ }
+
if($c->user->roles eq "reseller" && !$c->config->{profile_sets}->{reseller_edit}) {
$c->log->error("profile set modification by reseller forbidden via config");
$self->error($c, HTTP_FORBIDDEN, "Subscriber profile set modification forbidden for resellers.");
@@ -144,6 +154,11 @@ sub PUT :Allow {
sub DELETE :Allow {
my ($self, $c, $id) = @_;
+ if ($c->user->roles eq "ccareadmin" || $c->user->roles eq "ccare") {
+ $self->error($c, HTTP_FORBIDDEN, "Read-only resource for authenticated role");
+ return;
+ }
+
if($c->user->roles eq "reseller" && !$c->config->{profile_sets}->{reseller_edit}) {
$c->log->error("profile set deletion by reseller forbidden via config");
$self->error($c, HTTP_FORBIDDEN, "Subscriber profile set deletion forbidden for resellers.");
diff --git a/lib/NGCP/Panel/Controller/API/SubscriberProfiles.pm b/lib/NGCP/Panel/Controller/API/SubscriberProfiles.pm
index 6ad5e34523..ccf9f0da1a 100644
--- a/lib/NGCP/Panel/Controller/API/SubscriberProfiles.pm
+++ b/lib/NGCP/Panel/Controller/API/SubscriberProfiles.pm
@@ -60,7 +60,7 @@ sub relation{
}
__PACKAGE__->set_config({
- allowed_roles => [qw/admin reseller/],
+ allowed_roles => [qw/admin reseller ccareadmin ccare/],
});
sub GET :Allow {
@@ -108,6 +108,11 @@ sub GET :Allow {
sub POST :Allow {
my ($self, $c) = @_;
+ if ($c->user->roles eq "ccareadmin" || $c->user->roles eq "ccare") {
+ $self->error($c, HTTP_FORBIDDEN, "Read-only resource for authenticated role");
+ return;
+ }
+
if($c->user->roles eq "reseller" && !$c->config->{profile_sets}->{reseller_edit}) {
$c->log->error("profile creation by reseller forbidden via config");
$self->error($c, HTTP_FORBIDDEN, "Subscriber profile creation forbidden for resellers.");
diff --git a/lib/NGCP/Panel/Controller/API/SubscriberProfilesItem.pm b/lib/NGCP/Panel/Controller/API/SubscriberProfilesItem.pm
index c4f33813cc..de7f39f9ff 100644
--- a/lib/NGCP/Panel/Controller/API/SubscriberProfilesItem.pm
+++ b/lib/NGCP/Panel/Controller/API/SubscriberProfilesItem.pm
@@ -36,8 +36,8 @@ sub journal_query_params {
__PACKAGE__->set_config({
allowed_roles => {
- Default => [qw/admin reseller/],
- Journal => [qw/admin reseller/],
+ Default => [qw/admin reseller ccareadmin ccare/],
+ Journal => [qw/admin reseller ccareadmin ccare/],
}
});
@@ -67,6 +67,11 @@ sub PATCH :Allow {
my ($self, $c, $id) = @_;
my $guard = $c->model('DB')->txn_scope_guard;
{
+ if ($c->user->roles eq "ccareadmin" || $c->user->roles eq "ccare") {
+ $self->error($c, HTTP_FORBIDDEN, "Read-only resource for authenticated role");
+ return;
+ }
+
my $preference = $self->require_preference($c);
last unless $preference;
@@ -103,6 +108,11 @@ sub PUT :Allow {
my ($self, $c, $id) = @_;
my $guard = $c->model('DB')->txn_scope_guard;
{
+ if ($c->user->roles eq "ccareadmin" || $c->user->roles eq "ccare") {
+ $self->error($c, HTTP_FORBIDDEN, "Read-only resource for authenticated role");
+ return;
+ }
+
my $preference = $self->require_preference($c);
last unless $preference;
@@ -131,6 +141,11 @@ sub PUT :Allow {
sub DELETE :Allow {
my ($self, $c, $id) = @_;
+ if ($c->user->roles eq "ccareadmin" || $c->user->roles eq "ccare") {
+ $self->error($c, HTTP_FORBIDDEN, "Read-only resource for authenticated role");
+ return;
+ }
+
if($c->user->roles eq "reseller" && !$c->config->{profile_sets}->{reseller_edit}) {
$c->log->error("profile deletion by reseller forbidden via config");
$self->error($c, HTTP_FORBIDDEN, "Subscriber profile deletion forbidden for resellers.");
diff --git a/lib/NGCP/Panel/Controller/API/SubscriberRegistrations.pm b/lib/NGCP/Panel/Controller/API/SubscriberRegistrations.pm
index 475d02e5f3..a89348299e 100644
--- a/lib/NGCP/Panel/Controller/API/SubscriberRegistrations.pm
+++ b/lib/NGCP/Panel/Controller/API/SubscriberRegistrations.pm
@@ -82,7 +82,7 @@ sub relation{
}
__PACKAGE__->set_config({
- allowed_roles => [qw/admin reseller/],
+ allowed_roles => [qw/admin reseller ccareadmin ccare/],
});
sub GET :Allow {
diff --git a/lib/NGCP/Panel/Controller/API/SubscriberRegistrationsItem.pm b/lib/NGCP/Panel/Controller/API/SubscriberRegistrationsItem.pm
index 7fa21b7b00..39d9234ae4 100644
--- a/lib/NGCP/Panel/Controller/API/SubscriberRegistrationsItem.pm
+++ b/lib/NGCP/Panel/Controller/API/SubscriberRegistrationsItem.pm
@@ -30,7 +30,7 @@ sub relation{
}
__PACKAGE__->set_config({
- allowed_roles => [qw/admin reseller/],
+ allowed_roles => [qw/admin reseller ccareadmin ccare/],
});
sub GET :Allow {
diff --git a/lib/NGCP/Panel/Controller/API/Subscribers.pm b/lib/NGCP/Panel/Controller/API/Subscribers.pm
index d2f300f6a0..31a50d7068 100644
--- a/lib/NGCP/Panel/Controller/API/Subscribers.pm
+++ b/lib/NGCP/Panel/Controller/API/Subscribers.pm
@@ -18,7 +18,7 @@ use NGCP::Panel::Utils::Events qw();
use UUID;
__PACKAGE__->set_config({
- allowed_roles => [qw/admin reseller subscriberadmin subscriber/],
+ allowed_roles => [qw/admin reseller ccareadmin ccare subscriberadmin subscriber/],
});
sub allowed_methods{
diff --git a/lib/NGCP/Panel/Controller/API/SubscribersItem.pm b/lib/NGCP/Panel/Controller/API/SubscribersItem.pm
index 4ddf6c5845..316864d137 100644
--- a/lib/NGCP/Panel/Controller/API/SubscribersItem.pm
+++ b/lib/NGCP/Panel/Controller/API/SubscribersItem.pm
@@ -23,8 +23,8 @@ use parent qw/NGCP::Panel::Role::EntitiesItem NGCP::Panel::Role::API::Subscriber
__PACKAGE__->set_config({
allowed_roles => {
- Default => [qw/admin reseller subscriberadmin subscriber/],
- Journal => [qw/admin reseller/],
+ Default => [qw/admin reseller ccareadmin ccare subscriberadmin subscriber/],
+ Journal => [qw/admin reseller ccareadmin ccare/],
}
});
diff --git a/lib/NGCP/Panel/Controller/API/TrustedSources.pm b/lib/NGCP/Panel/Controller/API/TrustedSources.pm
index 8648763f4b..81a1cd10e1 100644
--- a/lib/NGCP/Panel/Controller/API/TrustedSources.pm
+++ b/lib/NGCP/Panel/Controller/API/TrustedSources.pm
@@ -54,7 +54,7 @@ sub relation{
}
__PACKAGE__->set_config({
- allowed_roles => [qw/admin reseller/],
+ allowed_roles => [qw/admin reseller ccareadmin ccare/],
});
sub GET :Allow {
diff --git a/lib/NGCP/Panel/Controller/API/TrustedSourcesItem.pm b/lib/NGCP/Panel/Controller/API/TrustedSourcesItem.pm
index 03506caac3..be1c4ab54a 100644
--- a/lib/NGCP/Panel/Controller/API/TrustedSourcesItem.pm
+++ b/lib/NGCP/Panel/Controller/API/TrustedSourcesItem.pm
@@ -36,8 +36,8 @@ sub journal_query_params {
__PACKAGE__->set_config({
allowed_roles => {
- Default => [qw/admin reseller/],
- Journal => [qw/admin reseller/],
+ Default => [qw/admin reseller ccareadmin ccare/],
+ Journal => [qw/admin reseller ccareadmin ccare/],
}
});
diff --git a/lib/NGCP/Panel/Controller/API/VoicemailGreetings.pm b/lib/NGCP/Panel/Controller/API/VoicemailGreetings.pm
index 9fb2c00482..7ee701f9bc 100644
--- a/lib/NGCP/Panel/Controller/API/VoicemailGreetings.pm
+++ b/lib/NGCP/Panel/Controller/API/VoicemailGreetings.pm
@@ -17,7 +17,7 @@ sub allowed_methods{
}
sub config_allowed_roles {
- return [qw/admin reseller subscriberadmin subscriber/];
+ return [qw/admin reseller ccareadmin ccare subscriberadmin subscriber/];
}
sub api_description {
diff --git a/lib/NGCP/Panel/Controller/API/VoicemailGreetingsItem.pm b/lib/NGCP/Panel/Controller/API/VoicemailGreetingsItem.pm
index e230c9c473..ece71eca5e 100644
--- a/lib/NGCP/Panel/Controller/API/VoicemailGreetingsItem.pm
+++ b/lib/NGCP/Panel/Controller/API/VoicemailGreetingsItem.pm
@@ -18,7 +18,7 @@ __PACKAGE__->set_config({
#'application/json' is first one and thus is default, if no accept header was received.
'ReturnContentType' => ['application/json', 'audio/x-wav', 'audio/mpeg', 'audio/ogg'],#,
},
- allowed_roles => [qw/admin reseller subscriberadmin subscriber/],
+ allowed_roles => [qw/admin reseller ccareadmin ccare subscriberadmin subscriber/],
});
sub allowed_methods{
diff --git a/lib/NGCP/Panel/Controller/API/VoicemailSettings.pm b/lib/NGCP/Panel/Controller/API/VoicemailSettings.pm
index f8961f6f97..2fd3f18f60 100644
--- a/lib/NGCP/Panel/Controller/API/VoicemailSettings.pm
+++ b/lib/NGCP/Panel/Controller/API/VoicemailSettings.pm
@@ -53,7 +53,7 @@ sub relation{
}
__PACKAGE__->set_config({
- allowed_roles => [qw/admin reseller subscriberadmin subscriber/],
+ allowed_roles => [qw/admin reseller ccareadmin ccare subscriberadmin subscriber/],
});
sub GET :Allow {
diff --git a/lib/NGCP/Panel/Controller/API/VoicemailSettingsItem.pm b/lib/NGCP/Panel/Controller/API/VoicemailSettingsItem.pm
index d4989304d1..38f91d2594 100644
--- a/lib/NGCP/Panel/Controller/API/VoicemailSettingsItem.pm
+++ b/lib/NGCP/Panel/Controller/API/VoicemailSettingsItem.pm
@@ -36,8 +36,8 @@ sub journal_query_params {
__PACKAGE__->set_config({
allowed_roles => {
- Default => [qw/admin reseller subscriberadmin subscriber/],
- Journal => [qw/admin reseller subscriberadmin subscriber/],
+ Default => [qw/admin reseller ccareadmin ccare subscriberadmin subscriber/],
+ Journal => [qw/admin reseller ccareadmin ccare subscriberadmin subscriber/],
}
});
diff --git a/lib/NGCP/Panel/Controller/API/Voicemails.pm b/lib/NGCP/Panel/Controller/API/Voicemails.pm
index bed0ff61ca..d2ce134e21 100644
--- a/lib/NGCP/Panel/Controller/API/Voicemails.pm
+++ b/lib/NGCP/Panel/Controller/API/Voicemails.pm
@@ -70,7 +70,7 @@ sub relation{
}
__PACKAGE__->set_config({
- allowed_roles => [qw/admin reseller subscriberadmin subscriber/],
+ allowed_roles => [qw/admin reseller ccareadmin ccare subscriberadmin subscriber/],
});
sub GET :Allow {
diff --git a/lib/NGCP/Panel/Controller/API/VoicemailsItem.pm b/lib/NGCP/Panel/Controller/API/VoicemailsItem.pm
index a8e7574535..b2740515ad 100644
--- a/lib/NGCP/Panel/Controller/API/VoicemailsItem.pm
+++ b/lib/NGCP/Panel/Controller/API/VoicemailsItem.pm
@@ -31,7 +31,7 @@ sub relation{
}
__PACKAGE__->set_config({
- allowed_roles => [qw/admin reseller subscriberadmin subscriber/],
+ allowed_roles => [qw/admin reseller ccareadmin ccare subscriberadmin subscriber/],
});
sub GET :Allow {
diff --git a/lib/NGCP/Panel/Controller/Administrator.pm b/lib/NGCP/Panel/Controller/Administrator.pm
index 7b305df81b..4a0bc34224 100644
--- a/lib/NGCP/Panel/Controller/Administrator.pm
+++ b/lib/NGCP/Panel/Controller/Administrator.pm
@@ -33,6 +33,7 @@ sub list_admin :PathPart('administrator') :Chained('/') :CaptureArgs(0) {
@{ $cols } = (@{ $cols },
{ name => "login", search => 1, title => $c->loc("Login") },
{ name => "is_master", title => $c->loc("Master") },
+ { name => "is_ccare", title => $c->loc("Customer Care") },
{ name => "is_active", title => $c->loc("Active") },
{ name => "read_only", title => $c->loc("Read Only") },
{ name => "show_passwords", title => $c->loc("Show Passwords") },
@@ -374,7 +375,7 @@ sub toggle_openvpn :Chained('list_admin') :PathPart('openvpn/toggle') :Args(1) {
unless ($set_active eq 'confirm') {
my ($message, $error) = NGCP::Panel::Utils::Admin::toggle_openvpn($c, $set_active);
- if ( $message ) {
+ if ( $message ) {
NGCP::Panel::Utils::Message::info(
c => $c,
desc => $c->loc($message),
@@ -383,7 +384,7 @@ sub toggle_openvpn :Chained('list_admin') :PathPart('openvpn/toggle') :Args(1) {
flash => 0,
);
}
- if ( $error ) {
+ if ( $error ) {
NGCP::Panel::Utils::Message::error(
c => $c,
error => $error,
diff --git a/lib/NGCP/Panel/Controller/Billing.pm b/lib/NGCP/Panel/Controller/Billing.pm
index 15a7b06482..b3cd79e236 100644
--- a/lib/NGCP/Panel/Controller/Billing.pm
+++ b/lib/NGCP/Panel/Controller/Billing.pm
@@ -14,17 +14,18 @@ use NGCP::Panel::Utils::Datatables;
use NGCP::Panel::Utils::DateTime;
use NGCP::Panel::Utils::Billing;
-sub auto :Does(ACL) :ACLDetachTo('/denied_page') :AllowedRole(admin) :AllowedRole(reseller) {
+sub auto :Private {
my ($self, $c) = @_;
$c->log->debug(__PACKAGE__ . '::auto');
NGCP::Panel::Utils::Navigation::check_redirect_chain(c => $c);
return 1;
}
-sub profile_list :Chained('/') :PathPart('billing') :CaptureArgs(0) {
+sub profile_list :Chained('/') :PathPart('billing') :CaptureArgs(0) :Does(ACL) :ACLDetachTo('/denied_page') :AllowedRole(admin) :AllowedRole(reseller) :AllowedRole(ccareadmin) :AllowedRole(ccare) {
my ( $self, $c ) = @_;
- my $dispatch_to = '_profile_resultset_' . $c->user->roles;
+ my $dispatch_role = $c->user->roles =~ /admin$/ ? 'admin' : 'reseller';
+ my $dispatch_to = '_profile_resultset_' . $dispatch_role;
my $profiles_rs = $self->$dispatch_to($c);
$c->stash(profiles_rs => $profiles_rs);
$c->stash->{profile_dt_columns} = NGCP::Panel::Utils::Datatables::set_columns($c, [
@@ -38,6 +39,10 @@ sub profile_list :Chained('/') :PathPart('billing') :CaptureArgs(0) {
$c->stash(template => 'billing/list.tt');
}
+sub profile_list_restricted :Chained('profile_list') :PathPart('') :CaptureArgs(0) :Does(ACL) :ACLDetachTo('/denied_page') :AllowedRole(admin) :AllowedRole(reseller) {
+ my ($self, $c) = @_;
+}
+
sub _profile_resultset_admin {
my ($self, $c) = @_;
my $rs = $c->model('DB')->resultset('billing_profiles')->search({
@@ -94,7 +99,7 @@ sub ajax_filter_reseller :Chained('profile_list') :PathPart('ajax/filter_reselle
$c->detach( $c->view("JSON") );
}
-sub base :Chained('profile_list') :PathPart('') :CaptureArgs(1) {
+sub base :Chained('profile_list_restricted') :PathPart('') :CaptureArgs(1) {
my ($self, $c, $profile_id) = @_;
unless($profile_id && is_int($profile_id)) {
@@ -201,10 +206,11 @@ sub process_edit :Private {
$c->stash( 'form' => $form );
}
-sub create :Chained('profile_list') :PathPart('create') :Args(0) {
+sub create :Chained('profile_list_restricted') :PathPart('create') :Args(0) {
my ($self, $c, $no_reseller) = @_;
$c->forward('process_create', [$no_reseller, 0 ]);
}
+
sub duplicate :Chained('base') :PathPart('duplicate') {
my ($self, $c, $no_reseller) = @_;
my $posted = ($c->request->method eq 'POST');
@@ -289,7 +295,7 @@ sub process_create :Private {
$c->stash(form => $form);
}
-sub create_without_reseller :Chained('profile_list') :PathPart('create/noreseller') :Args(0) {
+sub create_without_reseller :Chained('profile_list_restricted') :PathPart('create/noreseller') :Args(0) {
my ($self, $c) = @_;
$self->create($c, 1);
@@ -1130,4 +1136,3 @@ it under the same terms as Perl itself.
=cut
# vim: set tabstop=4 expandtab:
-
diff --git a/lib/NGCP/Panel/Controller/Contact.pm b/lib/NGCP/Panel/Controller/Contact.pm
index a2b3f1323c..f19ac77ab8 100644
--- a/lib/NGCP/Panel/Controller/Contact.pm
+++ b/lib/NGCP/Panel/Controller/Contact.pm
@@ -17,7 +17,7 @@ sub auto :Private {
return 1;
}
-sub list_contact :Chained('/') :PathPart('contact') :CaptureArgs(0) :Does(ACL) :ACLDetachTo('/denied_page') :AllowedRole(admin) :AllowedRole(reseller) {
+sub list_contact :Chained('/') :PathPart('contact') :CaptureArgs(0) :Does(ACL) :ACLDetachTo('/denied_page') :AllowedRole(admin) :AllowedRole(reseller) :AllowedRole(ccareadmin) :AllowedRole(ccare) {
my ($self, $c) = @_;
my $contacts = $c->model('DB')->resultset('contacts')->search({
@@ -332,7 +332,7 @@ sub ajax_list_contacts{
}
-sub countries_ajax :Chained('/') :PathPart('contact/country/ajax') :Args(0) :Does(ACL) :ACLDetachTo('/denied_page') :AllowedRole(admin) :AllowedRole(reseller) {
+sub countries_ajax :Chained('/') :PathPart('contact/country/ajax') :Args(0) :Does(ACL) :ACLDetachTo('/denied_page') :AllowedRole(admin) :AllowedRole(reseller) :AllowedRole(ccareadmin) :AllowedRole(ccare) {
my ($self, $c) = @_;
my $from = $c->request->params->{iDisplayStart} // 0;
diff --git a/lib/NGCP/Panel/Controller/Customer.pm b/lib/NGCP/Panel/Controller/Customer.pm
index ec365f5799..2bddaf8ab2 100644
--- a/lib/NGCP/Panel/Controller/Customer.pm
+++ b/lib/NGCP/Panel/Controller/Customer.pm
@@ -33,7 +33,7 @@ Catalyst Controller.
=cut
-sub auto :Does(ACL) :ACLDetachTo('/denied_page') :AllowedRole(admin) :AllowedRole(reseller) :AllowedRole(subscriberadmin) {
+sub auto :Does(ACL) :ACLDetachTo('/denied_page') :AllowedRole(admin) :AllowedRole(reseller) :AllowedRole(ccareadmin) :AllowedRole(ccare) :AllowedRole(subscriberadmin) {
my ($self, $c) = @_;
$c->log->debug(__PACKAGE__ . '::auto');
NGCP::Panel::Utils::Navigation::check_redirect_chain(c => $c);
@@ -73,7 +73,7 @@ sub list_customer :Chained('/') :PathPart('customer') :CaptureArgs(0) {
);
}
-sub root :Chained('list_customer') :PathPart('') :Args(0) :Does(ACL) :ACLDetachTo('/denied_page') :AllowedRole(admin) :AllowedRole(reseller) {
+sub root :Chained('list_customer') :PathPart('') :Args(0) :Does(ACL) :ACLDetachTo('/denied_page') :AllowedRole(admin) :AllowedRole(reseller) :AllowedRole(ccareadmin) :AllowedRole(ccare) {
my ($self, $c) = @_;
}
@@ -283,7 +283,7 @@ sub base :Chained('list_customer') :PathPart('') :CaptureArgs(1) {
'me.id' => $contract_id,
},undef);
- if($c->user->roles eq 'reseller') {
+ if ($c->user->roles eq 'reseller' || $c->user->roles eq 'ccare') {
$contract_rs = $contract_rs->search({
'contact.reseller_id' => $c->user->reseller_id,
}, {
@@ -503,7 +503,7 @@ sub base :Chained('list_customer') :PathPart('') :CaptureArgs(1) {
$c->stash(phonebook => $contract_first->phonebook );
}
-sub base_restricted :Chained('base') :PathPart('') :CaptureArgs(0) :Does(ACL) :ACLDetachTo('/denied_page') :AllowedRole(admin) :AllowedRole(reseller) {
+sub base_restricted :Chained('base') :PathPart('') :CaptureArgs(0) :Does(ACL) :ACLDetachTo('/denied_page') :AllowedRole(admin) :AllowedRole(reseller) :AllowedRole(ccareadmin) :AllowedRole(ccare) {
my ($self, $c) = @_;
}
diff --git a/lib/NGCP/Panel/Controller/EmailTemplate.pm b/lib/NGCP/Panel/Controller/EmailTemplate.pm
index 44bd641cfb..22c31992c1 100644
--- a/lib/NGCP/Panel/Controller/EmailTemplate.pm
+++ b/lib/NGCP/Panel/Controller/EmailTemplate.pm
@@ -10,7 +10,7 @@ use NGCP::Panel::Utils::Email;
use NGCP::Panel::Utils::Message;
use JSON qw/encode_json decode_json/;
-sub auto :Does(ACL) :ACLDetachTo('/denied_page') :AllowedRole(admin) :AllowedRole(reseller) {
+sub auto :Private {
my ($self, $c) = @_;
$c->log->debug(__PACKAGE__ . '::auto');
NGCP::Panel::Utils::Navigation::check_redirect_chain(c => $c);
@@ -19,7 +19,7 @@ sub auto :Does(ACL) :ACLDetachTo('/denied_page') :AllowedRole(admin) :AllowedRol
}
-sub tmpl_list :Chained('/') :PathPart('emailtemplate') :CaptureArgs(0) {
+sub tmpl_list :Chained('/') :PathPart('emailtemplate') :CaptureArgs(0) :Does(ACL) :ACLDetachTo('/denied_page') :AllowedRole(admin) :AllowedRole(reseller) :AllowedRole(ccareadmin) :AllowedRole(ccare) {
my ( $self, $c ) = @_;
my $tmpl_rs = $c->model('DB')->resultset('email_templates');
@@ -31,9 +31,9 @@ sub tmpl_list :Chained('/') :PathPart('emailtemplate') :CaptureArgs(0) {
{ name => 'subject', search => 1, title => $c->loc('Subject') },
]);
- #select r.id as reseller_id,r.name as reseller_name, etd.id as email_template_id, etd.name as email_template_name from resellers r
+ #select r.id as reseller_id,r.name as reseller_name, etd.id as email_template_id, etd.name as email_template_name from resellers r
#join email_templates etd on etd.reseller_id is null
- #left join email_templates et on et.name=etd.name and et.reseller_id=r.id
+ #left join email_templates et on et.name=etd.name and et.reseller_id=r.id
#where et.id is null order by r.id,etd.id;
my $tmpl_missed_rs = $c->model('DB')->resultset('resellers')->search_rs({
'et.id' => undef,
@@ -88,6 +88,10 @@ sub tmpl_list :Chained('/') :PathPart('emailtemplate') :CaptureArgs(0) {
$c->stash(template => 'emailtemplate/list.tt');
}
+sub tmpl_list_restricted :Chained('tmpl_list') :PathPart('') :CaptureArgs(0) :Does(ACL) :ACLDetachTo('/denied_page') :AllowedRole(admin) :AllowedRole(reseller) {
+ my ($self, $c) = @_;
+}
+
sub tmpl_root :Chained('tmpl_list') :PathPart('') :Args(0) {
my ($self, $c) = @_;
}
@@ -142,7 +146,7 @@ sub tmpl_ajax_missed :Chained('tmpl_list') :PathPart('ajax/missed') :Args(0) {
$c->detach( $c->view("JSON") );
}
-sub tmpl_create :Chained('tmpl_list') :PathPart('create') :Args(0) {
+sub tmpl_create :Chained('tmpl_list_restricted') :PathPart('create') :Args(0) {
my ($self, $c) = @_;
my $posted = ($c->request->method eq 'POST');
@@ -176,13 +180,13 @@ sub tmpl_create :Chained('tmpl_list') :PathPart('create') :Args(0) {
);
}
-sub tmpl_sync :Chained('tmpl_list') :PathPart('sync') :Args(0) {
+sub tmpl_sync :Chained('tmpl_list_restricted') :PathPart('sync') :Args(0) {
my ($self, $c) = @_;
my $posted = ($c->request->method eq 'POST');
my $form = NGCP::Panel::Form::get("NGCP::Panel::Form::EmailTemplate::Sync", $c);
my $params = { id => encode_json([map { $_->id } $c->stash->{tmpl_missed_rs}->all]) };
-
+
$form->process(
posted => $posted,
params => $c->request->params,
@@ -227,7 +231,7 @@ sub tmpl_sync :Chained('tmpl_list') :PathPart('sync') :Args(0) {
);
}
-sub tmpl_base :Chained('tmpl_list') :PathPart('') :CaptureArgs(1) {
+sub tmpl_base :Chained('tmpl_list_restricted') :PathPart('') :CaptureArgs(1) {
my ($self, $c, $tmpl_id) = @_;
$c->detach('/denied_page')
@@ -317,7 +321,7 @@ sub tmpl_edit :Chained('tmpl_base') :PathPart('edit') {
);
}
-sub tmpl_copy :Chained('tmpl_list') :PathPart('copy'): Args(1) {
+sub tmpl_copy :Chained('tmpl_list_restricted') :PathPart('copy'): Args(1) {
my ($self, $c, $tmpl_id) = @_;
$c->detach('/denied_page')
diff --git a/lib/NGCP/Panel/Controller/Invoice.pm b/lib/NGCP/Panel/Controller/Invoice.pm
index 9f3ecdd4b8..2908880bd4 100644
--- a/lib/NGCP/Panel/Controller/Invoice.pm
+++ b/lib/NGCP/Panel/Controller/Invoice.pm
@@ -49,7 +49,7 @@ sub inv_list :Chained('/') :PathPart('invoice') :CaptureArgs(0) :Does(ACL) :ACLD
$c->stash(template => 'invoice/invoice_list.tt');
}
-sub customer_inv_list :Chained('/') :PathPart('invoice/customer') :CaptureArgs(1) :Does(ACL) :ACLDetachTo('/denied_page') :AllowedRole(admin) :AllowedRole(reseller) :AllowedRole(subscriberadmin) {
+sub customer_inv_list :Chained('/') :PathPart('invoice/customer') :CaptureArgs(1) :Does(ACL) :ACLDetachTo('/denied_page') :AllowedRole(admin) :AllowedRole(reseller) :AllowedRole(ccareadmin) :AllowedRole(ccare) :AllowedRole(subscriberadmin) {
my ( $self, $c, $contract_id ) = @_;
$c->stash->{inv_dt_columns} = NGCP::Panel::Utils::Datatables::set_columns($c, [
diff --git a/lib/NGCP/Panel/Controller/InvoiceTemplate.pm b/lib/NGCP/Panel/Controller/InvoiceTemplate.pm
index f0eb1d0906..b8d8dde61d 100644
--- a/lib/NGCP/Panel/Controller/InvoiceTemplate.pm
+++ b/lib/NGCP/Panel/Controller/InvoiceTemplate.pm
@@ -17,8 +17,8 @@ sub auto :Private {
return 1;
}
-sub template_list :Chained('/') :PathPart('invoicetemplate') :CaptureArgs(0) :Does(ACL) :ACLDetachTo('/denied_page') :AllowedRole(admin) :AllowedRole(reseller) {
- my ( $self, $c ) = @_;
+sub template_list :Chained('/') :PathPart('invoicetemplate') :CaptureArgs(0) :Does(ACL) :ACLDetachTo('/denied_page') :AllowedRole(admin) :AllowedRole(reseller) :AllowedRole(ccareadmin) :AllowedRole(ccare) {
+ my ($self, $c) = @_;
$c->stash->{tmpl_rs} = $c->model('DB')->resultset('invoice_templates');
if($c->user->roles eq "admin") {
@@ -38,6 +38,10 @@ sub template_list :Chained('/') :PathPart('invoicetemplate') :CaptureArgs(0) :Do
$c->stash(template => 'invoice/template_list.tt');
}
+sub template_list_restricted :Chained('template_list') :PathPart('') :CaptureArgs(0) :Does(ACL) :ACLDetachTo('/denied_page') :AllowedRole(admin) :AllowedRole(reseller) {
+ my ($self, $c) = @_;
+}
+
sub root :Chained('template_list') :PathPart('') :Args(0) {
my ($self, $c) = @_;
}
@@ -58,7 +62,7 @@ sub reseller_ajax :Chained('template_list') :PathPart('ajax/reseller') :Args(1)
$c->detach( $c->view("JSON") );
}
-sub base :Chained('template_list') :PathPart('') :CaptureArgs(1) {
+sub base :Chained('template_list_restricted') :PathPart('') :CaptureArgs(1) {
my ($self, $c, $tmpl_id) = @_;
unless($tmpl_id && is_int($tmpl_id)) {
@@ -82,7 +86,7 @@ sub base :Chained('template_list') :PathPart('') :CaptureArgs(1) {
$c->stash(tmpl => $res);
}
-sub create :Chained('template_list') :PathPart('create') :Args() {
+sub create :Chained('template_list_restricted') :PathPart('create') :Args() {
my ($self, $c, $reseller_id) = @_;
if(defined $reseller_id && !is_int($reseller_id)) {
@@ -270,7 +274,7 @@ sub edit_content :Chained('base') :PathPart('editcontent') :Args(0) {
$c->stash(template => 'invoice/template.tt');
}
-sub messages_ajax :Chained('template_list') :PathPart('messages') :Args(0) {
+sub messages_ajax :Chained('template_list_restricted') :PathPart('messages') :Args(0) {
my ($self, $c) = @_;
$c->stash(
messages => $c->flash->{messages},
diff --git a/lib/NGCP/Panel/Controller/Network.pm b/lib/NGCP/Panel/Controller/Network.pm
index 96dd627bce..11b603a15d 100644
--- a/lib/NGCP/Panel/Controller/Network.pm
+++ b/lib/NGCP/Panel/Controller/Network.pm
@@ -10,17 +10,18 @@ use NGCP::Panel::Utils::Message;
use NGCP::Panel::Utils::Navigation;
use NGCP::Panel::Utils::BillingNetworks qw();
-sub auto :Does(ACL) :ACLDetachTo('/denied_page') :AllowedRole(admin) :AllowedRole(reseller) {
+sub auto :Private {
my ($self, $c) = @_;
$c->log->debug(__PACKAGE__ . '::auto');
NGCP::Panel::Utils::Navigation::check_redirect_chain(c => $c);
return 1;
}
-sub network_list :Chained('/') :PathPart('network') :CaptureArgs(0) {
+sub network_list :Chained('/') :PathPart('network') :CaptureArgs(0) :Does(ACL) :ACLDetachTo('/denied_page') :AllowedRole(admin) :AllowedRole(reseller) :AllowedRole(ccareadmin) :AllowedRole(ccare) {
my ($self, $c) = @_;
- my $dispatch_to = '_network_resultset_' . $c->user->roles;
+ my $dispatch_role = $c->user->roles =~ /admin$/ ? 'admin' : 'reseller';
+ my $dispatch_to = '_network_resultset_' . $dispatch_role;
my $network_rs = $self->$dispatch_to($c);
$c->stash->{network_dt_columns} = NGCP::Panel::Utils::Datatables::set_columns($c, [
@@ -34,6 +35,10 @@ sub network_list :Chained('/') :PathPart('network') :CaptureArgs(0) {
template => 'network/list.tt');
}
+sub network_list_restricted :Chained('network_list') :PathPart('') :CaptureArgs(0) :Does(ACL) :ACLDetachTo('/denied_page') :AllowedRole(admin) :AllowedRole(reseller) {
+ my ($self, $c) = @_;
+}
+
sub _network_resultset_admin {
my ($self, $c) = @_;
return $c->model('DB')->resultset('billing_networks')->search_rs(undef,
@@ -68,7 +73,7 @@ sub root :Chained('network_list') :PathPart('') :Args(0) {
my ($self, $c) = @_;
}
-sub create :Chained('network_list') :PathPart('create') :Args(0) {
+sub create :Chained('network_list_restricted') :PathPart('create') :Args(0) {
my ($self, $c) = @_;
my $posted = ($c->request->method eq 'POST');
@@ -130,7 +135,7 @@ sub create :Chained('network_list') :PathPart('create') :Args(0) {
);
}
-sub base :Chained('/network/network_list') :PathPart('') :CaptureArgs(1) {
+sub base :Chained('/network/network_list_restricted') :PathPart('') :CaptureArgs(1) {
my ($self, $c, $network_id) = @_;
unless($network_id && is_int($network_id)) {
diff --git a/lib/NGCP/Panel/Controller/Package.pm b/lib/NGCP/Panel/Controller/Package.pm
index db14f66aa5..73c22e0d58 100644
--- a/lib/NGCP/Panel/Controller/Package.pm
+++ b/lib/NGCP/Panel/Controller/Package.pm
@@ -11,17 +11,18 @@ use NGCP::Panel::Utils::Navigation;
use NGCP::Panel::Utils::ProfilePackages qw();
use NGCP::Panel::Utils::Voucher qw();
-sub auto :Does(ACL) :ACLDetachTo('/denied_page') :AllowedRole(admin) :AllowedRole(reseller) {
+sub auto :Private {
my ($self, $c) = @_;
$c->log->debug(__PACKAGE__ . '::auto');
NGCP::Panel::Utils::Navigation::check_redirect_chain(c => $c);
return 1;
}
-sub package_list :Chained('/') :PathPart('package') :CaptureArgs(0) {
+sub package_list :Chained('/') :PathPart('package') :CaptureArgs(0) :Does(ACL) :ACLDetachTo('/denied_page') :AllowedRole(admin) :AllowedRole(reseller) :AllowedRole(ccareadmin) :AllowedRole(ccare) {
my ($self, $c) = @_;
- my $dispatch_to = '_package_resultset_' . $c->user->roles;
+ my $dispatch_role = $c->user->roles =~ /admin$/ ? 'admin' : 'reseller';
+ my $dispatch_to = '_package_resultset_' . $dispatch_role;
my $package_rs = $self->$dispatch_to($c);
$c->stash->{package_dt_columns} = NGCP::Panel::Utils::Datatables::set_columns($c, [
@@ -35,6 +36,10 @@ sub package_list :Chained('/') :PathPart('package') :CaptureArgs(0) {
template => 'package/list.tt');
}
+sub package_list_restricted :Chained('package_list') :PathPart('') :CaptureArgs(0) :Does(ACL) :ACLDetachTo('/denied_page') :AllowedRole(admin) :AllowedRole(reseller) {
+ my ($self, $c) = @_;
+}
+
sub _package_resultset_admin {
my ($self, $c) = @_;
return $c->model('DB')->resultset('profile_packages')->search_rs(
@@ -69,7 +74,7 @@ sub root :Chained('package_list') :PathPart('') :Args(0) {
my ($self, $c) = @_;
}
-sub create :Chained('package_list') :PathPart('create') :Args(0) {
+sub create :Chained('package_list_restricted') :PathPart('create') :Args(0) {
my ($self, $c) = @_;
my $posted = ($c->request->method eq 'POST');
@@ -137,7 +142,7 @@ sub create :Chained('package_list') :PathPart('create') :Args(0) {
);
}
-sub base :Chained('/package/package_list') :PathPart('') :CaptureArgs(1) {
+sub base :Chained('/package/package_list_restricted') :PathPart('') :CaptureArgs(1) {
my ($self, $c, $package_id) = @_;
unless($package_id && is_int($package_id)) {
@@ -289,10 +294,11 @@ sub ajax_filter_reseller :Chained('package_list') :PathPart('ajax/filter_reselle
}
-sub details_base :Chained('/') :PathPart('package') :CaptureArgs(1) {
+sub details_base :Chained('/') :PathPart('package') :CaptureArgs(1) :Does(ACL) :ACLDetachTo('/denied_page') :AllowedRole(admin) :AllowedRole(reseller) {
my ($self, $c, $package_id) = @_;
- my $dispatch_to = '_package_resultset_' . $c->user->roles;
+ my $dispatch_role = $c->user->roles =~ /admin$/ ? 'admin' : 'reseller';
+ my $dispatch_to = '_package_resultset_' . $dispatch_role;
my $package_rs = $self->$dispatch_to($c);
unless($package_id && is_int($package_id)) {
diff --git a/lib/NGCP/Panel/Controller/Product.pm b/lib/NGCP/Panel/Controller/Product.pm
index 1bccf3ea72..9bdace6330 100644
--- a/lib/NGCP/Panel/Controller/Product.pm
+++ b/lib/NGCP/Panel/Controller/Product.pm
@@ -7,14 +7,14 @@ use parent 'Catalyst::Controller';
use NGCP::Panel::Form;
-sub auto :Does(ACL) :ACLDetachTo('/denied_page') :AllowedRole(admin) :AllowedRole(reseller) {
+sub auto :Private {
my ($self, $c) = @_;
$c->log->debug(__PACKAGE__ . '::auto');
NGCP::Panel::Utils::Navigation::check_redirect_chain(c => $c);
return 1;
}
-sub prod_list :Chained('/') :PathPart('product') :CaptureArgs(0) {
+sub prod_list :Chained('/') :PathPart('product') :CaptureArgs(0) :Does(ACL) :ACLDetachTo('/denied_page') :AllowedRole(admin) :AllowedRole(reseller) :AllowedRole(ccareadmin) :AllowedRole(ccare) {
my ($self, $c) = @_;
my $prod_rs = $c->model('DB')->resultset('products')
diff --git a/lib/NGCP/Panel/Controller/Root.pm b/lib/NGCP/Panel/Controller/Root.pm
index 99aaff7f0c..26f007ed53 100644
--- a/lib/NGCP/Panel/Controller/Root.pm
+++ b/lib/NGCP/Panel/Controller/Root.pm
@@ -93,6 +93,14 @@ sub auto :Private {
my $uuid = $c->user->uuid;
my $tz_row = $c->model('DB')->resultset('voip_subscriber_timezone')->find({uuid => $uuid});
_set_session_tz_from_row($c, $tz_row, 'subscriber', $uuid);
+ } elsif ($c->user->roles eq 'ccareadmin') {
+ my $reseller_id = $c->user->reseller_id;
+ my $tz_row = $c->model('DB')->resultset('reseller_timezone')->find({reseller_id => $reseller_id});
+ _set_session_tz_from_row($c, $tz_row, 'admin', $reseller_id);
+ } elsif($c->user->roles eq 'ccare') {
+ my $reseller_id = $c->user->reseller_id;
+ my $tz_row = $c->model('DB')->resultset('reseller_timezone')->find({reseller_id => $reseller_id});
+ _set_session_tz_from_row($c, $tz_row, 'reseller', $reseller_id);
} else {
# this shouldnt happen
}
@@ -298,18 +306,12 @@ sub auto :Private {
# load top menu widgets
my $topmenu_templates = [];
+ $topmenu_templates = ['widgets/'.$c->user->roles.'_topmenu_settings.tt'];
if ($c->user->roles eq 'admin') {
- $topmenu_templates = ['widgets/admin_topmenu_settings.tt'];
if (!$c->stash->{openvpn_info}) {
my $openvpn_info = NGCP::Panel::Utils::Admin::check_openvpn_status($c);
$c->stash(openvpn_info => $openvpn_info);
}
- } elsif ($c->user->roles eq 'reseller') {
- $topmenu_templates = ['widgets/reseller_topmenu_settings.tt'];
- } elsif ($c->user->roles eq 'subscriberadmin') {
- $topmenu_templates = ['widgets/subscriberadmin_topmenu_settings.tt'];
- } elsif ($c->user->roles eq 'subscriber') {
- $topmenu_templates = ['widgets/subscriber_topmenu_settings.tt'];
}
$c->stash(topmenu => $topmenu_templates);
diff --git a/lib/NGCP/Panel/Controller/Subscriber.pm b/lib/NGCP/Panel/Controller/Subscriber.pm
index d9a2b05418..5b6056982f 100644
--- a/lib/NGCP/Panel/Controller/Subscriber.pm
+++ b/lib/NGCP/Panel/Controller/Subscriber.pm
@@ -60,7 +60,7 @@ sub sub_list :Chained('/') :PathPart('subscriber') :CaptureArgs(0) {
$c->stash->{subscribers_rs} = $c->model('DB')->resultset('voip_subscribers')->search({
'me.status' => { '!=' => 'terminated' },
});
- if($c->user->roles eq 'reseller') {
+ if ($c->user->roles eq 'reseller' || $c->user->roles eq 'ccare') {
$c->stash->{subscribers_rs} = $c->stash->{subscribers_rs}->search({
'contact.reseller_id' => $c->user->reseller_id,
},{
@@ -101,7 +101,7 @@ sub sub_list :Chained('/') :PathPart('subscriber') :CaptureArgs(0) {
]);
}
-sub root :Chained('sub_list') :PathPart('') :Args(0) :Does(ACL) :ACLDetachTo('/denied_page') :AllowedRole(admin) :AllowedRole(reseller) {
+sub root :Chained('sub_list') :PathPart('') :Args(0) :Does(ACL) :ACLDetachTo('/denied_page') :AllowedRole(admin) :AllowedRole(reseller) :AllowedRole(ccareadmin) :AllowedRole(ccare) {
my ($self, $c) = @_;
}
@@ -358,7 +358,7 @@ sub webphone_ajax :Chained('base') :PathPart('webphone/ajax') :Args(0) {
$c->detach( $c->view("JSON") );
}
-sub ajax :Chained('sub_list') :PathPart('ajax') :Args(0) :Does(ACL) :ACLDetachTo('/denied_page') :AllowedRole(admin) :AllowedRole(reseller) {
+sub ajax :Chained('sub_list') :PathPart('ajax') :Args(0) :Does(ACL) :ACLDetachTo('/denied_page') :AllowedRole(admin) :AllowedRole(reseller) :AllowedRole(ccareadmin) :AllowedRole(ccare) {
my ($self, $c) = @_;
my $resultset = $c->stash->{subscribers_rs};
@@ -366,7 +366,7 @@ sub ajax :Chained('sub_list') :PathPart('ajax') :Args(0) :Does(ACL) :ACLDetachTo
$c->detach( $c->view("JSON") );
}
-sub terminate :Chained('base') :PathPart('terminate') :Args(0) :Does(ACL) :ACLDetachTo('/denied_page') :AllowedRole(admin) :AllowedRole(reseller) :AllowedRole(subscriberadmin) {
+sub terminate :Chained('base') :PathPart('terminate') :Args(0) :Does(ACL) :ACLDetachTo('/denied_page') :AllowedRole(admin) :AllowedRole(reseller) :AllowedRole(ccareadmin) :AllowedRole(ccare) :AllowedRole(subscriberadmin) {
my ($self, $c) = @_;
my $subscriber = $c->stash->{subscriber};
@@ -774,7 +774,8 @@ sub preferences_edit :Chained('preferences_base') :PathPart('edit') :Args(0) {
my $prov_subscriber = $c->stash->{subscriber}->provisioning_voip_subscriber;
$c->detach('/denied_page')
- if(($c->user->roles eq "admin" || $c->user->roles eq "reseller") && $c->user->read_only);
+ if (($c->user->roles eq "admin" || $c->user->roles eq "reseller" ||
+ $c->user->roles eq "ccareadmin" || $c->user->roles eq "ccare") && $c->user->read_only);
$c->stash(edit_preference => 1);
@@ -842,7 +843,8 @@ sub preferences_callforward :Chained('base') :PathPart('preferences/callforward'
my ($self, $c, $cf_type) = @_;
$c->detach('/denied_page')
- if(($c->user->roles eq "admin" || $c->user->roles eq "reseller") && $c->user->read_only);
+ if(($c->user->roles eq "admin" || $c->user->roles eq "reseller" ||
+ $c->user->roles eq "ccareadmin" || $c->user->roles eq "ccare") && $c->user->read_only);
my $cf_desc;
SWITCH: for ($cf_type) {
@@ -1068,7 +1070,8 @@ sub preferences_callforward_advanced :Chained('base') :PathPart('preferences/cal
my ($self, $c, $cf_type, $advanced) = @_;
$c->detach('/denied_page')
- if(($c->user->roles eq "admin" || $c->user->roles eq "reseller") && $c->user->read_only);
+ if(($c->user->roles eq "admin" || $c->user->roles eq "reseller" ||
+ $c->user->roles eq "ccareadmin" || $c->user->roles eq "ccare") && $c->user->read_only);
# TODO bail out of $advanced ne "advanced"
if(defined $advanced && $advanced eq 'advanced') {
@@ -1278,7 +1281,8 @@ sub preferences_callforward_destinationset :Chained('base') :PathPart('preferenc
my ($self, $c, $cf_type) = @_;
$c->detach('/denied_page')
- if(($c->user->roles eq "admin" || $c->user->roles eq "reseller") && $c->user->read_only);
+ if(($c->user->roles eq "admin" || $c->user->roles eq "reseller" ||
+ $c->user->roles eq "ccareadmin" || $c->user->roles eq "ccare") && $c->user->read_only);
my $prov_subscriber = $c->stash->{subscriber}->provisioning_voip_subscriber;
@@ -2594,7 +2598,7 @@ sub master :Chained('base') :PathPart('details') :CaptureArgs(0) {
);
}
-sub details :Chained('master') :PathPart('') :Args(0) :Does(ACL) :ACLDetachTo('/denied_page') :AllowedRole(admin) :AllowedRole(reseller) :AllowedRole('subscriberadmin') {
+sub details :Chained('master') :PathPart('') :Args(0) :Does(ACL) :ACLDetachTo('/denied_page') :AllowedRole(admin) :AllowedRole(reseller) :AllowedRole(ccareadmin) :AllowedRole(ccare) :AllowedRole('subscriberadmin') {
my ($self, $c) = @_;
$self->underrun_catchup($c);
@@ -2616,7 +2620,7 @@ sub voicemails :Chained('master') :PathPart('voicemails') :Args(0) {
);
}
-sub recordings :Chained('master') :PathPart('recordings') :Args(0) {
+sub recordings :Chained('master') :PathPart('recordings') :Args(0) :AllowedRole(admin) :AllowedRole(reseller) {
my ($self, $c) = @_;
$c->stash(
@@ -2624,7 +2628,7 @@ sub recordings :Chained('master') :PathPart('recordings') :Args(0) {
);
}
-sub calllist_master :Chained('base') :PathPart('calls') :CaptureArgs(0) {
+sub calllist_master :Chained('base') :PathPart('calls') :CaptureArgs(0) :AllowedRole(admin) :AllowedRole(reseller) {
my ($self, $c) = @_;
$c->stash->{callid_enc} = $c->req->params->{callid};
@@ -2682,11 +2686,12 @@ sub reglist :Chained('master') :PathPart('regdevices') :Args(0) {
);
}
-sub edit_master :Chained('master') :PathPart('edit') :Args(0) :Does(ACL) :ACLDetachTo('/denied_page') :AllowedRole(admin) :AllowedRole(reseller) :AllowedRole(subscriberadmin) {
+sub edit_master :Chained('master') :PathPart('edit') :Args(0) :Does(ACL) :ACLDetachTo('/denied_page') :AllowedRole(admin) :AllowedRole(reseller) :AllowedRole(ccareadmin) :AllowedRole(ccare) :AllowedRole(subscriberadmin) {
my ($self, $c) = @_;
$c->detach('/denied_page')
- if(($c->user->roles eq "admin" || $c->user->roles eq "reseller") && $c->user->read_only);
+ if(($c->user->roles eq "admin" || $c->user->roles eq "reseller" ||
+ $c->user->roles eq "ccareadmin" || $c->user->roles eq "ccare") && $c->user->read_only);
my $subscriber = $c->stash->{subscriber};
my $prov_subscriber = $subscriber->provisioning_voip_subscriber;
@@ -2858,7 +2863,8 @@ sub edit_master :Chained('master') :PathPart('edit') :Args(0) :Does(ACL) :ACLDet
);
return;
}
- if($c->user->roles eq "admin" || $c->user->roles eq "reseller") {
+ if ($c->user->roles eq "admin" || $c->user->roles eq "reseller" ||
+ $c->user->roles eq "ccareadmin" || $c->user->roles eq "ccare") {
$prov_params->{profile_set_id} = $profile_set ? $profile_set->id : undef;
$prov_params->{profile_id} = $profile ? $profile->id : undef;
} else {
@@ -3058,7 +3064,7 @@ sub edit_master :Chained('master') :PathPart('edit') :Args(0) :Does(ACL) :ACLDet
}
-sub order_pbx_items :Chained('master') :PathPart('orderpbxitems') :Args(0) :Does(ACL) :ACLDetachTo('/denied_page') :AllowedRole(admin) : AllowedRole(reseller) :AllowedRole(subscriberadmin) {
+sub order_pbx_items :Chained('master') :PathPart('orderpbxitems') :Args(0) :Does(ACL) :ACLDetachTo('/denied_page') :AllowedRole(admin) : AllowedRole(reseller) :AllowedRole(ccareadmin) :AllowedRole(ccare) :AllowedRole(subscriberadmin) {
my ($self, $c) = @_;
my $move_id = $c->req->params->{move};
@@ -3094,7 +3100,7 @@ sub order_pbx_items :Chained('master') :PathPart('orderpbxitems') :Args(0) :Does
$c->detach( $c->view('TT') );
}
-sub aliases_ajax :Chained('master') :PathPart('ordergroups') :Args(0) :Does(ACL) :ACLDetachTo('/denied_page') :AllowedRole(admin) :AllowedRole(reseller) :AllowedRole(subscriberadmin) {
+sub aliases_ajax :Chained('master') :PathPart('ordergroups') :Args(0) :Does(ACL) :ACLDetachTo('/denied_page') :AllowedRole(admin) :AllowedRole(reseller) :AllowedRole(ccareadmin) :AllowedRole(ccare) :AllowedRole(subscriberadmin) {
my ($self, $c) = @_;
my $subscriber = $c->stash->{subscriber};
@@ -3141,7 +3147,8 @@ sub webpass :Chained('base') :PathPart('webpass') :Args(0) {
my ($self, $c) = @_;
$c->detach('/denied_page')
- if(($c->user->roles eq "admin" || $c->user->roles eq "reseller") && $c->user->read_only);
+ if (($c->user->roles eq "admin" || $c->user->roles eq "reseller" ||
+ $c->user->roles eq "ccareadmin" || $c->user->roles eq "ccare") && $c->user->read_only);
$c->stash(
@@ -3153,7 +3160,8 @@ sub webpass_edit :Chained('base') :PathPart('webpass/edit') :Args(0) {
my ($self, $c) = @_;
$c->detach('/denied_page')
- if(($c->user->roles eq "admin" || $c->user->roles eq "reseller") && $c->user->read_only);
+ if(($c->user->roles eq "admin" || $c->user->roles eq "reseller" ||
+ $c->user->roles eq "ccareadmin" || $c->user->roles eq "ccare") && $c->user->read_only);
my $form = NGCP::Panel::Form::get("NGCP::Panel::Form::Subscriber::EditWebpass", $c);
@@ -3202,7 +3210,8 @@ sub edit_voicebox :Chained('base') :PathPart('preferences/voicebox/edit') :Args(
my ($self, $c, $attribute, @additions) = @_;
$c->detach('/denied_page')
- if(($c->user->roles eq "admin" || $c->user->roles eq "reseller") && $c->user->read_only);
+ if(($c->user->roles eq "admin" || $c->user->roles eq "reseller" ||
+ $c->user->roles eq "ccareadmin" || $c->user->roles eq "ccare") && $c->user->read_only);
my $form;
my $posted = ($c->request->method eq 'POST');
@@ -3431,7 +3440,8 @@ sub edit_fax :Chained('base') :PathPart('preferences/fax/edit') :Args(1) {
my ($self, $c, $attribute) = @_;
$c->detach('/denied_page')
- if(($c->user->roles eq "admin" || $c->user->roles eq "reseller") && $c->user->read_only);
+ if(($c->user->roles eq "admin" || $c->user->roles eq "reseller" ||
+ $c->user->roles eq "ccareadmin" || $c->user->roles eq "ccare") && $c->user->read_only);
my $form;
my $posted = ($c->request->method eq 'POST');
@@ -3571,7 +3581,8 @@ sub edit_mail_to_fax :Chained('base') :PathPart('preferences/mail_to_fax/edit')
my ($self, $c, $attribute) = @_;
$c->detach('/denied_page')
- if(($c->user->roles eq "admin" || $c->user->roles eq "reseller") && $c->user->read_only);
+ if(($c->user->roles eq "admin" || $c->user->roles eq "reseller" ||
+ $c->user->roles eq "ccareadmin" || $c->user->roles eq "ccare") && $c->user->read_only);
my $form;
my $posted = ($c->request->method eq 'POST');
@@ -3729,7 +3740,8 @@ sub edit_reminder :Chained('base') :PathPart('preferences/reminder/edit') {
my ($self, $c, $attribute) = @_;
$c->detach('/denied_page')
- if(($c->user->roles eq "admin" || $c->user->roles eq "reseller") && $c->user->read_only);
+ if(($c->user->roles eq "admin" || $c->user->roles eq "reseller" ||
+ $c->user->roles eq "ccareadmin" || $c->user->roles eq "ccare") && $c->user->read_only);
my $posted = ($c->request->method eq 'POST');
my $reminder = $c->stash->{subscriber}->provisioning_voip_subscriber->voip_reminder;
@@ -3803,7 +3815,8 @@ sub delete_reminder :Chained('base') :PathPart('preferences/reminder/delete') {
my ($self, $c, $attribute) = @_;
$c->detach('/denied_page')
- if(($c->user->roles eq "admin" || $c->user->roles eq "reseller") && $c->user->read_only);
+ if(($c->user->roles eq "admin" || $c->user->roles eq "reseller" ||
+ $c->user->roles eq "ccareadmin" || $c->user->roles eq "ccare") && $c->user->read_only);
my $reminder = $c->stash->{subscriber}->provisioning_voip_subscriber->voip_reminder;
if($reminder){
@@ -4069,7 +4082,8 @@ sub delete_voicemail :Chained('voicemail') :PathPart('delete') :Args(0) {
my ($self, $c) = @_;
$c->detach('/denied_page')
- if(($c->user->roles eq "admin" || $c->user->roles eq "reseller") && $c->user->read_only);
+ if(($c->user->roles eq "admin" || $c->user->roles eq "reseller" ||
+ $c->user->roles eq "ccareadmin" || $c->user->roles eq "ccare") && $c->user->read_only);
try {
$c->stash->{voicemail}->delete;
@@ -4160,7 +4174,8 @@ sub delete_recording :Chained('recording') :PathPart('delete') :Args(0) {
my ($self, $c) = @_;
$c->detach('/denied_page')
- if(($c->user->roles eq "admin" || $c->user->roles eq "reseller") && $c->user->read_only);
+ if(($c->user->roles eq "admin" || $c->user->roles eq "reseller" ||
+ $c->user->roles eq "ccareadmin" || $c->user->roles eq "ccare") && $c->user->read_only);
my $posted = ($c->request->method eq 'POST');
my $form = NGCP::Panel::Form::get("NGCP::Panel::Form::Subscriber::CallRecordingDelete", $c);
@@ -4228,7 +4243,8 @@ sub delete_registered :Chained('registered') :PathPart('delete') :Args(0) {
my ($self, $c) = @_;
$c->detach('/denied_page')
- if(($c->user->roles eq "admin" || $c->user->roles eq "reseller") && $c->user->read_only);
+ if(($c->user->roles eq "admin" || $c->user->roles eq "reseller" ||
+ $c->user->roles eq "ccareadmin" || $c->user->roles eq "ccare") && $c->user->read_only);
my $ret;
@@ -4303,7 +4319,7 @@ sub create_registered :Chained('master') :PathPart('registered/create') :Args(0)
);
}
-sub create_trusted :Chained('base') :PathPart('preferences/trusted/create') :Args(0) :Does(ACL) :ACLDetachTo('/denied_page') :AllowedRole(admin) :AllowedRole(reseller) {
+sub create_trusted :Chained('base') :PathPart('preferences/trusted/create') :Args(0) :Does(ACL) :ACLDetachTo('/denied_page') :AllowedRole(admin) :AllowedRole(reseller) :AllowedRole(ccareadmin) :AllowedRole(ccare) {
my ($self, $c) = @_;
my $posted = ($c->request->method eq 'POST');
@@ -4354,7 +4370,7 @@ sub create_trusted :Chained('base') :PathPart('preferences/trusted/create') :Arg
);
}
-sub trusted_base :Chained('base') :PathPart('preferences/trusted') :CaptureArgs(1) :Does(ACL) :ACLDetachTo('/denied_page') :AllowedRole(admin) :AllowedRole(reseller) {
+sub trusted_base :Chained('base') :PathPart('preferences/trusted') :CaptureArgs(1) :Does(ACL) :ACLDetachTo('/denied_page') :AllowedRole(admin) :AllowedRole(reseller) :AllowedRole(ccareadmin) :AllowedRole(ccare) {
my ($self, $c, $trusted_id) = @_;
$c->stash->{trusted} = $c->stash->{subscriber}->provisioning_voip_subscriber
@@ -4375,7 +4391,8 @@ sub edit_trusted :Chained('trusted_base') :PathPart('edit') {
my ($self, $c) = @_;
$c->detach('/denied_page')
- if(($c->user->roles eq "admin" || $c->user->roles eq "reseller") && $c->user->read_only);
+ if(($c->user->roles eq "admin" || $c->user->roles eq "reseller" ||
+ $c->user->roles eq "ccareadmin" || $c->user->roles eq "ccare") && $c->user->read_only);
my $posted = ($c->request->method eq 'POST');
my $trusted = $c->stash->{trusted};
@@ -4435,7 +4452,8 @@ sub delete_trusted :Chained('trusted_base') :PathPart('delete') :Args(0) {
my ($self, $c) = @_;
$c->detach('/denied_page')
- if(($c->user->roles eq "admin" || $c->user->roles eq "reseller") && $c->user->read_only);
+ if(($c->user->roles eq "admin" || $c->user->roles eq "reseller" ||
+ $c->user->roles eq "ccareadmin" || $c->user->roles eq "ccare") && $c->user->read_only);
try {
$c->stash->{trusted}->delete;
@@ -4457,7 +4475,7 @@ sub delete_trusted :Chained('trusted_base') :PathPart('delete') :Args(0) {
$c->uri_for_action('/subscriber/preferences', [$c->req->captures->[0]]));
}
-sub create_upn_rewrite :Chained('base') :PathPart('preferences/upnrewrite/create') :Args(0) :Does(ACL) :ACLDetachTo('/denied_page') :AllowedRole(admin) :AllowedRole(reseller) {
+sub create_upn_rewrite :Chained('base') :PathPart('preferences/upnrewrite/create') :Args(0) :Does(ACL) :ACLDetachTo('/denied_page') :AllowedRole(admin) :AllowedRole(reseller) :AllowedRole(ccareadmin) :AllowedRole(ccare) {
my ($self, $c) = @_;
my $posted = ($c->request->method eq 'POST');
@@ -4511,7 +4529,7 @@ sub create_upn_rewrite :Chained('base') :PathPart('preferences/upnrewrite/create
);
}
-sub upn_rewrite_base :Chained('base') :PathPart('preferences/upnrewrite') :CaptureArgs(1) :Does(ACL) :ACLDetachTo('/denied_page') :AllowedRole(admin) :AllowedRole(reseller) {
+sub upn_rewrite_base :Chained('base') :PathPart('preferences/upnrewrite') :CaptureArgs(1) :Does(ACL) :ACLDetachTo('/denied_page') :AllowedRole(admin) :AllowedRole(reseller) :AllowedRole(ccareadmin) :AllowedRole(ccare) {
my ($self, $c, $rws_id) = @_;
$c->stash->{upn_rws} = $c->stash->{subscriber}->provisioning_voip_subscriber
@@ -4532,7 +4550,8 @@ sub edit_upn_rewrite :Chained('upn_rewrite_base') :PathPart('edit') {
my ($self, $c) = @_;
$c->detach('/denied_page')
- if(($c->user->roles eq "admin" || $c->user->roles eq "reseller") && $c->user->read_only);
+ if(($c->user->roles eq "admin" || $c->user->roles eq "reseller" ||
+ $c->user->roles eq "ccareadmin" || $c->user->roles eq "ccare") && $c->user->read_only);
my $posted = ($c->request->method eq 'POST');
my $upn_rws = $c->stash->{upn_rws};
@@ -4592,7 +4611,8 @@ sub delete_upn_rewrite :Chained('upn_rewrite_base') :PathPart('delete') :Args(0)
my ($self, $c) = @_;
$c->detach('/denied_page')
- if(($c->user->roles eq "admin" || $c->user->roles eq "reseller") && $c->user->read_only);
+ if(($c->user->roles eq "admin" || $c->user->roles eq "reseller" ||
+ $c->user->roles eq "ccareadmin" || $c->user->roles eq "ccare") && $c->user->read_only);
try {
my $upnr_pref_rs = NGCP::Panel::Utils::Preferences::get_usr_preference_rs(
@@ -4732,7 +4752,8 @@ sub delete_speeddial :Chained('speeddial') :PathPart('delete') :Args(0) {
my ($self, $c) = @_;
$c->detach('/denied_page')
- if(($c->user->roles eq "admin" || $c->user->roles eq "reseller") && $c->user->read_only);
+ if(($c->user->roles eq "admin" || $c->user->roles eq "reseller" ||
+ $c->user->roles eq "ccareadmin" || $c->user->roles eq "ccare") && $c->user->read_only);
try {
$c->stash->{speeddial}->delete;
@@ -4756,7 +4777,8 @@ sub edit_speeddial :Chained('speeddial') :PathPart('edit') :Args(0) {
my ($self, $c) = @_;
$c->detach('/denied_page')
- if(($c->user->roles eq "admin" || $c->user->roles eq "reseller") && $c->user->read_only);
+ if(($c->user->roles eq "admin" || $c->user->roles eq "reseller" ||
+ $c->user->roles eq "ccareadmin" || $c->user->roles eq "ccare") && $c->user->read_only);
my $posted = ($c->request->method eq 'POST');
my $prov_subscriber = $c->stash->{subscriber}->provisioning_voip_subscriber;
@@ -4847,7 +4869,8 @@ sub delete_autoattendant :Chained('autoattendant') :PathPart('delete') :Args(0)
my ($self, $c) = @_;
$c->detach('/denied_page')
- if(($c->user->roles eq "admin" || $c->user->roles eq "reseller") && $c->user->read_only);
+ if(($c->user->roles eq "admin" || $c->user->roles eq "reseller" ||
+ $c->user->roles eq "ccareadmin" || $c->user->roles eq "ccare") && $c->user->read_only);
try {
$c->stash->{autoattendant}->delete;
@@ -4871,7 +4894,8 @@ sub edit_autoattendant :Chained('base') :PathPart('preferences/speeddial/edit')
my ($self, $c) = @_;
$c->detach('/denied_page')
- if(($c->user->roles eq "admin" || $c->user->roles eq "reseller") && $c->user->read_only);
+ if(($c->user->roles eq "admin" || $c->user->roles eq "reseller" ||
+ $c->user->roles eq "ccareadmin" || $c->user->roles eq "ccare") && $c->user->read_only);
my $posted = ($c->request->method eq 'POST');
my $prov_subscriber = $c->stash->{subscriber}->provisioning_voip_subscriber;
@@ -4974,7 +4998,8 @@ sub delete_ccmapping :Chained('ccmappings') :PathPart('delete') :Args(0) {
my ($self, $c) = @_;
$c->detach('/denied_page')
- if(($c->user->roles eq "admin" || $c->user->roles eq "reseller") && $c->user->read_only);
+ if(($c->user->roles eq "admin" || $c->user->roles eq "reseller" ||
+ $c->user->roles eq "ccareadmin" || $c->user->roles eq "ccare") && $c->user->read_only);
try {
$c->stash->{ccmapping}->delete;
@@ -4999,7 +5024,8 @@ sub edit_ccmapping :Chained('base') :PathPart('preferences/ccmappings/edit') :Ar
my ($self, $c) = @_;
$c->detach('/denied_page')
- if(($c->user->roles eq "admin" || $c->user->roles eq "reseller") && $c->user->read_only);
+ if(($c->user->roles eq "admin" || $c->user->roles eq "reseller" ||
+ $c->user->roles eq "ccareadmin" || $c->user->roles eq "ccare") && $c->user->read_only);
my $posted = ($c->request->method eq 'POST');
my $prov_subscriber = $c->stash->{subscriber}->provisioning_voip_subscriber;
@@ -5061,7 +5087,7 @@ sub edit_ccmapping :Chained('base') :PathPart('preferences/ccmappings/edit') :Ar
return;
}
-sub callflow_base :Chained('base') :PathPart('callflow') :CaptureArgs(1) :Does(ACL) :ACLDetachTo('/denied_page') :AllowedRole(admin) :AllowedRole(reseller) {
+sub callflow_base :Chained('base') :PathPart('callflow') :CaptureArgs(1) :Does(ACL) :ACLDetachTo('/denied_page') :AllowedRole(admin) :AllowedRole(reseller) :AllowedRole(ccareadmin) :AllowedRole(ccare) {
my ($self, $c, $callid) = @_;
$c->detach('/denied_page')
diff --git a/lib/NGCP/Panel/Controller/SubscriberProfile.pm b/lib/NGCP/Panel/Controller/SubscriberProfile.pm
index f7ccc383c1..5b3f50b690 100644
--- a/lib/NGCP/Panel/Controller/SubscriberProfile.pm
+++ b/lib/NGCP/Panel/Controller/SubscriberProfile.pm
@@ -10,19 +10,19 @@ use NGCP::Panel::Utils::Message;
use NGCP::Panel::Utils::Navigation;
use NGCP::Panel::Utils::Preferences;
-sub auto :Private{
+sub auto :Private {
my ($self, $c) = @_;
$c->log->debug(__PACKAGE__ . '::auto');
NGCP::Panel::Utils::Navigation::check_redirect_chain(c => $c);
return 1;
}
-sub set_list :Chained('/') :PathPart('subscriberprofile') :CaptureArgs(0) {
- my ( $self, $c ) = @_;
+sub set_list :Chained('/') :PathPart('subscriberprofile') :CaptureArgs(0) :Does(ACL) :ACLDetachTo('/denied_page') :AllowedRole(admin) :AllowedRole(reseller) :AllowedRole(ccareadmin) :AllowedRole(ccare) {
+ my ($self, $c) = @_;
$c->stash->{set_rs} = $c->model('DB')->resultset('voip_subscriber_profile_sets');
- if($c->user->roles eq "admin") {
- } elsif($c->user->roles eq "reseller") {
+ if($c->user->roles eq "admin" || $c->user->roles eq "ccareadmin") {
+ } elsif($c->user->roles eq "reseller" || $c->user->roles eq "ccare") {
$c->stash->{set_rs} = $c->stash->{set_rs}->search({
reseller_id => $c->user->reseller_id
});
@@ -42,18 +42,22 @@ sub set_list :Chained('/') :PathPart('subscriberprofile') :CaptureArgs(0) {
$c->stash(template => 'subprofile/set_list.tt');
}
-sub set_root :Chained('set_list') :PathPart('') :Args(0) :Does(ACL) :ACLDetachTo('/denied_page') :AllowedRole(admin) :AllowedRole(reseller) {
+sub set_list_restricted :Chained('set_list') :PathPart('') :CaptureArgs(0) :Does(ACL) :ACLDetachTo('/denied_page') :AllowedRole(admin) :AllowedRole(reseller) {
+ my ($self, $c) = @_;
+}
+
+sub set_root :Chained('set_list') :PathPart('') :Args(0) {
my ($self, $c) = @_;
}
-sub set_ajax :Chained('set_list') :PathPart('ajax') :Args(0) :Does(ACL) :ACLDetachTo('/denied_page') :AllowedRole(admin) :AllowedRole(reseller) {
+sub set_ajax :Chained('set_list') :PathPart('ajax') :Args(0) {
my ($self, $c) = @_;
my $rs = $c->stash->{set_rs};
NGCP::Panel::Utils::Datatables::process($c, $rs, $c->stash->{set_dt_columns});
$c->detach( $c->view("JSON") );
}
-sub set_ajax_reseller :Chained('set_list') :PathPart('ajax/reseller') :Args(1) :Does(ACL) :ACLDetachTo('/denied_page') :AllowedRole(admin) :AllowedRole(reseller) {
+sub set_ajax_reseller :Chained('set_list') :PathPart('ajax/reseller') :Args(1) {
my ($self, $c, $reseller_id) = @_;
my $rs = $c->stash->{set_rs};
$rs = $rs->search({
@@ -63,7 +67,7 @@ sub set_ajax_reseller :Chained('set_list') :PathPart('ajax/reseller') :Args(1) :
$c->detach( $c->view("JSON") );
}
-sub set_base :Chained('set_list') :PathPart('') :CaptureArgs(1) {
+sub set_base :Chained('set_list_restricted') :PathPart('') :CaptureArgs(1) {
my ($self, $c, $set_id) = @_;
unless($set_id && is_int($set_id)) {
@@ -87,7 +91,7 @@ sub set_base :Chained('set_list') :PathPart('') :CaptureArgs(1) {
$c->stash(set => $res);
}
-sub set_create :Chained('set_list') :PathPart('create') :Args(0) :Does(ACL) :ACLDetachTo('/denied_page') :AllowedRole(admin) :AllowedRole(reseller) {
+sub set_create :Chained('set_list_restricted') :PathPart('create') :Args(0) {
my ($self, $c) = @_;
$c->detach('/denied_page')
@@ -148,7 +152,7 @@ sub set_create :Chained('set_list') :PathPart('create') :Args(0) :Does(ACL) :ACL
$c->stash(create_flag => 1);
}
-sub set_edit :Chained('set_base') :PathPart('edit') :Does(ACL) :ACLDetachTo('/denied_page') :AllowedRole(admin) :AllowedRole(reseller) {
+sub set_edit :Chained('set_base') :PathPart('edit') {
my ($self, $c) = @_;
$c->detach('/denied_page')
@@ -211,7 +215,7 @@ sub set_edit :Chained('set_base') :PathPart('edit') :Does(ACL) :ACLDetachTo('/de
$c->stash(edit_flag => 1);
}
-sub set_delete :Chained('set_base') :PathPart('delete') :Does(ACL) :ACLDetachTo('/denied_page') :AllowedRole(admin) :AllowedRole(reseller) {
+sub set_delete :Chained('set_base') :PathPart('delete') {
my ($self, $c) = @_;
$c->detach('/denied_page')
@@ -244,7 +248,7 @@ sub set_delete :Chained('set_base') :PathPart('delete') :Does(ACL) :ACLDetachTo(
NGCP::Panel::Utils::Navigation::back_or($c, $c->uri_for('/subscriberprofile'));
}
-sub set_clone :Chained('set_base') :PathPart('clone') :Does(ACL) :ACLDetachTo('/denied_page') :AllowedRole(admin) :AllowedRole(reseller) {
+sub set_clone :Chained('set_base') :PathPart('clone') {
my ($self, $c) = @_;
$c->detach('/denied_page')
@@ -320,8 +324,8 @@ sub set_clone :Chained('set_base') :PathPart('clone') :Does(ACL) :ACLDetachTo('/
}
-sub profile_list :Chained('set_base') :PathPart('profile') :CaptureArgs(0) {
- my ( $self, $c ) = @_;
+sub profile_list :Chained('set_base') :PathPart('profile') :CaptureArgs(0) :Does(ACL) :ACLDetachTo('/denied_page') :AllowedRole(admin) :AllowedRole(reseller) :AllowedRole(ccareadmin) :AllowedRole(ccare) {
+ my ($self, $c) = @_;
$c->stash->{profile_dt_columns} = NGCP::Panel::Utils::Datatables::set_columns($c, [
{ name => 'id', search => 1, title => $c->loc('#') },
@@ -334,7 +338,11 @@ sub profile_list :Chained('set_base') :PathPart('profile') :CaptureArgs(0) {
$c->stash(template => 'subprofile/profile_list.tt');
}
-sub profile_root :Chained('profile_list') :PathPart('') :Args(0) :Does(ACL) :ACLDetachTo('/denied_page') :AllowedRole(admin) :AllowedRole(reseller) {
+sub profile_list_restricted :Chained('profile_list') :PathPart('') :CaptureArgs(0) :Does(ACL) :ACLDetachTo('/denied_page') :AllowedRole(admin) :AllowedRole(reseller) {
+ my ($self, $c) = @_;
+}
+
+sub profile_root :Chained('profile_list') :PathPart('') :Args(0) {
my ($self, $c) = @_;
}
@@ -345,7 +353,7 @@ sub profile_ajax :Chained('profile_list') :PathPart('ajax') :Args(0) {
$c->detach( $c->view("JSON") );
}
-sub profile_base :Chained('profile_list') :PathPart('') :CaptureArgs(1) :Does(ACL) :ACLDetachTo('/denied_page') :AllowedRole(admin) :AllowedRole(reseller) {
+sub profile_base :Chained('profile_list_restricted') :PathPart('') :CaptureArgs(1) {
my ($self, $c, $profile_id) = @_;
unless($profile_id && is_int($profile_id)) {
@@ -372,7 +380,7 @@ sub profile_base :Chained('profile_list') :PathPart('') :CaptureArgs(1) :Does(AC
);
}
-sub profile_create :Chained('profile_list') :PathPart('create') :Args(0) :Does(ACL) :ACLDetachTo('/denied_page') :AllowedRole(admin) :AllowedRole(reseller) {
+sub profile_create :Chained('profile_list_restricted') :PathPart('create') :Args(0) {
my ($self, $c) = @_;
$c->detach('/denied_page')
@@ -440,7 +448,7 @@ sub profile_create :Chained('profile_list') :PathPart('create') :Args(0) :Does(A
$c->stash(create_flag => 1);
}
-sub profile_edit :Chained('profile_base') :PathPart('edit') :Does(ACL) :ACLDetachTo('/denied_page') :AllowedRole(admin) :AllowedRole(reseller) {
+sub profile_edit :Chained('profile_base') :PathPart('edit') {
my ($self, $c) = @_;
my $profile = $c->stash->{profile};
@@ -577,7 +585,7 @@ sub profile_edit :Chained('profile_base') :PathPart('edit') :Does(ACL) :ACLDetac
$c->stash(edit_flag => 1);
}
-sub profile_delete :Chained('profile_base') :PathPart('delete') :Does(ACL) :ACLDetachTo('/denied_page') :AllowedRole(admin) :AllowedRole(reseller) {
+sub profile_delete :Chained('profile_base') :PathPart('delete') {
my ($self, $c) = @_;
$c->detach('/denied_page')
@@ -618,7 +626,7 @@ sub profile_delete :Chained('profile_base') :PathPart('delete') :Does(ACL) :ACLD
NGCP::Panel::Utils::Navigation::back_or($c, $c->uri_for_action('/subscriberprofile/profile_root', [$c->stash->{set}->id]));
}
-sub profile_clone :Chained('profile_base') :PathPart('clone') :Does(ACL) :ACLDetachTo('/denied_page') :AllowedRole(admin) :AllowedRole(reseller) {
+sub profile_clone :Chained('profile_base') :PathPart('clone') {
my ($self, $c) = @_;
$c->detach('/denied_page')
diff --git a/lib/NGCP/Panel/Form/Administrator/Admin.pm b/lib/NGCP/Panel/Form/Administrator/Admin.pm
index c05d16d5bc..53578980dc 100644
--- a/lib/NGCP/Panel/Form/Administrator/Admin.pm
+++ b/lib/NGCP/Panel/Form/Administrator/Admin.pm
@@ -17,7 +17,7 @@ has_block 'fields' => (
tag => 'div',
class => [qw(modal-body)],
render_list => [qw(
- reseller login password is_superuser is_master is_active read_only show_passwords call_data billing_data lawful_intercept
+ reseller login password is_superuser is_master is_ccare is_active read_only show_passwords call_data billing_data lawful_intercept
)],
);
diff --git a/lib/NGCP/Panel/Form/Administrator/Reseller.pm b/lib/NGCP/Panel/Form/Administrator/Reseller.pm
index 9c973595c8..3c50ecca2b 100644
--- a/lib/NGCP/Panel/Form/Administrator/Reseller.pm
+++ b/lib/NGCP/Panel/Form/Administrator/Reseller.pm
@@ -14,7 +14,7 @@ has_field 'password' => (type => 'Password', required => 1, label => 'Password')
for (qw(is_active show_passwords call_data billing_data)) {
has_field $_ => (type => 'Boolean', default => 1);
}
-for (qw(is_master read_only)) {
+for (qw(is_master is_ccare read_only)) {
has_field $_ => (type => 'Boolean',);
}
has_field 'save' => (type => 'Submit', element_class => [qw(btn btn-primary)],);
diff --git a/lib/NGCP/Panel/Role/API/Admins.pm b/lib/NGCP/Panel/Role/API/Admins.pm
index 66a55662fe..c80ce2536c 100644
--- a/lib/NGCP/Panel/Role/API/Admins.pm
+++ b/lib/NGCP/Panel/Role/API/Admins.pm
@@ -79,7 +79,7 @@ sub process_form_resource{
$resource->{md5pass} = undef;
$resource->{saltedpass} = NGCP::Panel::Utils::Admin::generate_salted_hash($pass);
}
- foreach my $f(qw/billing_data call_data is_active is_master is_superuser lawful_intercept read_only show_passwords/) {
+ foreach my $f(qw/billing_data call_data is_active is_master is_superuser is_ccare lawful_intercept read_only show_passwords/) {
$resource->{$f} = (ref $resource->{$f} eq 'JSON::true' || ( defined $resource->{$f} && ( $resource->{$f} eq 'true' || $resource->{$f} eq '1' ) ) ) ? 1 : 0;
}
return $resource;
diff --git a/lib/NGCP/Panel/Role/API/AutoAttendants.pm b/lib/NGCP/Panel/Role/API/AutoAttendants.pm
index c2eebcf00d..6a5a2458b4 100644
--- a/lib/NGCP/Panel/Role/API/AutoAttendants.pm
+++ b/lib/NGCP/Panel/Role/API/AutoAttendants.pm
@@ -61,8 +61,8 @@ sub _item_rs {
$item_rs = $c->model('DB')->resultset('voip_subscribers')
->search({ 'me.status' => { '!=' => 'terminated' } },
{join => 'provisioning_voip_subscriber'});
- if($c->user->roles eq "admin") {
- } elsif($c->user->roles eq "reseller") {
+ if($c->user->roles eq "admin" || $c->user->roles eq "ccareadmin") {
+ } elsif($c->user->roles eq "reseller" || $c->user->roles eq "ccare") {
$item_rs = $item_rs->search({
'contact.reseller_id' => $c->user->reseller_id,
}, {
diff --git a/lib/NGCP/Panel/Role/API/BalanceIntervals.pm b/lib/NGCP/Panel/Role/API/BalanceIntervals.pm
index 9c037ba63d..13ce544d08 100644
--- a/lib/NGCP/Panel/Role/API/BalanceIntervals.pm
+++ b/lib/NGCP/Panel/Role/API/BalanceIntervals.pm
@@ -24,8 +24,8 @@ sub _contract_rs {
now => $now,
);
- if($c->user->roles eq "admin") {
- } elsif($c->user->roles eq "reseller") {
+ if ($c->user->roles eq "admin" || $c->user->roles eq "ccareadmin") {
+ } elsif ($c->user->roles eq "reseller" || $c->user->roles eq "ccare") {
$item_rs = $item_rs->search({
'contact.reseller_id' => $c->user->reseller_id
},{
diff --git a/lib/NGCP/Panel/Role/API/CFBNumberSets.pm b/lib/NGCP/Panel/Role/API/CFBNumberSets.pm
index e9ba5612d8..cb39c020f0 100644
--- a/lib/NGCP/Panel/Role/API/CFBNumberSets.pm
+++ b/lib/NGCP/Panel/Role/API/CFBNumberSets.pm
@@ -41,9 +41,9 @@ sub _item_rs {
my ($self, $c) = @_;
my $item_rs;
- if($c->user->roles eq "admin") {
+ if ($c->user->roles eq "admin" || $c->user->roles eq "ccareadmin") {
$item_rs = $c->model('DB')->resultset('voip_cf_bnumber_sets');
- } elsif ($c->user->roles eq "reseller") {
+ } elsif ($c->user->roles eq "reseller" || $c->user->roles eq "ccare") {
my $reseller_id = $c->user->reseller_id;
$item_rs = $c->model('DB')->resultset('voip_cf_bnumber_sets')
->search_rs({
@@ -52,7 +52,7 @@ sub _item_rs {
join => {'subscriber' => {'contract' => 'contact'} },
});
# TODO: do we want subscriberadmins to update other subs' entries?
- } elsif($c->user->roles eq "subscriberadmin" || $c->user->roles eq "subscriber") {
+ } elsif ($c->user->roles eq "subscriberadmin" || $c->user->roles eq "subscriber") {
$item_rs = $c->model('DB')->resultset('voip_cf_bnumber_sets')
->search_rs({
'subscriber_id' => $c->user->id,
diff --git a/lib/NGCP/Panel/Role/API/CFDestinationSets.pm b/lib/NGCP/Panel/Role/API/CFDestinationSets.pm
index cd442ef020..ffba53ef6d 100644
--- a/lib/NGCP/Panel/Role/API/CFDestinationSets.pm
+++ b/lib/NGCP/Panel/Role/API/CFDestinationSets.pm
@@ -81,9 +81,9 @@ sub _item_rs {
my ($self, $c) = @_;
my $item_rs;
- if($c->user->roles eq "admin") {
+ if ($c->user->roles eq "admin" || $c->user->roles eq "ccareadmin") {
$item_rs = $c->model('DB')->resultset('voip_cf_destination_sets');
- } elsif ($c->user->roles eq "reseller") {
+ } elsif ($c->user->roles eq "reseller" || $c->user->roles eq "ccare") {
my $reseller_id = $c->user->reseller_id;
$item_rs = $c->model('DB')->resultset('voip_cf_destination_sets')
->search_rs({
diff --git a/lib/NGCP/Panel/Role/API/CFMappings.pm b/lib/NGCP/Panel/Role/API/CFMappings.pm
index 02f64e7f4d..1c905e1f8e 100644
--- a/lib/NGCP/Panel/Role/API/CFMappings.pm
+++ b/lib/NGCP/Panel/Role/API/CFMappings.pm
@@ -67,6 +67,7 @@ sub hal_from_item {
my $adm = $c->user->roles eq "admin" || $c->user->roles eq "reseller";
+
my $hal = Data::HAL->new(
links => [
Data::HAL::Link->new(
@@ -106,7 +107,7 @@ sub _item_rs {
{ 'me.status' => { '!=' => 'terminated' } },
{ prefetch => 'provisioning_voip_subscriber',},
);
- if($c->user->roles eq "reseller") {
+ if ($c->user->roles eq "reseller" || $c->user->roles eq "ccare") {
$item_rs = $item_rs->search({
'contact.reseller_id' => $c->user->reseller_id,
}, {
diff --git a/lib/NGCP/Panel/Role/API/CFSourceSets.pm b/lib/NGCP/Panel/Role/API/CFSourceSets.pm
index c178dc2b49..00d8a06a2d 100644
--- a/lib/NGCP/Panel/Role/API/CFSourceSets.pm
+++ b/lib/NGCP/Panel/Role/API/CFSourceSets.pm
@@ -73,9 +73,9 @@ sub _item_rs {
my ($self, $c) = @_;
my $item_rs;
- if($c->user->roles eq "admin") {
+ if ($c->user->roles eq "admin" || $c->user->roles eq "ccareadmin") {
$item_rs = $c->model('DB')->resultset('voip_cf_source_sets');
- } elsif ($c->user->roles eq "reseller") {
+ } elsif ($c->user->roles eq "reseller" || $c->user->roles eq "ccare") {
my $reseller_id = $c->user->reseller_id;
$item_rs = $c->model('DB')->resultset('voip_cf_source_sets')
->search_rs({
diff --git a/lib/NGCP/Panel/Role/API/CFTimeSets.pm b/lib/NGCP/Panel/Role/API/CFTimeSets.pm
index ae38f4588b..b11af424a3 100644
--- a/lib/NGCP/Panel/Role/API/CFTimeSets.pm
+++ b/lib/NGCP/Panel/Role/API/CFTimeSets.pm
@@ -350,9 +350,9 @@ sub _item_rs {
my ($self, $c) = @_;
my $item_rs;
- if($c->user->roles eq "admin") {
+ if ($c->user->roles eq "admin" || $c->user->roles eq "ccareadmin") {
$item_rs = $c->model('DB')->resultset('voip_cf_time_sets');
- } elsif ($c->user->roles eq "reseller") {
+ } elsif ($c->user->roles eq "reseller" || $c->user->roles eq "ccare") {
my $reseller_id = $c->user->reseller_id;
$item_rs = $c->model('DB')->resultset('voip_cf_time_sets')
->search_rs({
@@ -360,7 +360,7 @@ sub _item_rs {
} , {
join => {'subscriber' => {'contract' => 'contact'} },
});
- } elsif($c->user->roles eq "subscriberadmin" || $c->user->roles eq "subscriber") {
+ } elsif ($c->user->roles eq "subscriberadmin" || $c->user->roles eq "subscriber") {
$item_rs = $c->model('DB')->resultset('voip_cf_time_sets')
->search_rs({
'subscriber_id' => $c->user->id,
diff --git a/lib/NGCP/Panel/Role/API/CallForwards.pm b/lib/NGCP/Panel/Role/API/CallForwards.pm
index 93c55791b6..ee741dd46d 100644
--- a/lib/NGCP/Panel/Role/API/CallForwards.pm
+++ b/lib/NGCP/Panel/Role/API/CallForwards.pm
@@ -92,7 +92,7 @@ sub _item_rs {
{ 'me.status' => { '!=' => 'terminated' } },
{ 'prefetch' => { 'provisioning_voip_subscriber' => 'voip_cf_mappings' },},
);
- if ($c->user->roles eq "reseller") {
+ if ($c->user->roles eq "reseller" || $c->user->roles eq "ccare") {
$item_rs = $item_rs->search({
'contact.reseller_id' => $c->user->reseller_id,
}, {
diff --git a/lib/NGCP/Panel/Role/API/CustomerBalances.pm b/lib/NGCP/Panel/Role/API/CustomerBalances.pm
index f34cb7bbf7..2dcbe00a9a 100644
--- a/lib/NGCP/Panel/Role/API/CustomerBalances.pm
+++ b/lib/NGCP/Panel/Role/API/CustomerBalances.pm
@@ -24,8 +24,8 @@ sub _item_rs {
now => $now,
);
- if($c->user->roles eq "admin") {
- } elsif($c->user->roles eq "reseller") {
+ if($c->user->roles eq "admin" || $c->user->roles eq "ccareadmin") {
+ } elsif($c->user->roles eq "reseller" || $c->user->roles eq "ccare") {
$item_rs = $item_rs->search({
'contact.reseller_id' => $c->user->reseller_id
},{
diff --git a/lib/NGCP/Panel/Role/API/CustomerContacts.pm b/lib/NGCP/Panel/Role/API/CustomerContacts.pm
index 8242a395ff..43ae963ffe 100644
--- a/lib/NGCP/Panel/Role/API/CustomerContacts.pm
+++ b/lib/NGCP/Panel/Role/API/CustomerContacts.pm
@@ -18,8 +18,8 @@ sub _item_rs {
reseller_id => { '-not' => undef },
'me.status' => { '!=' => 'terminated' },
});
- if($c->user->roles eq "admin") {
- } elsif($c->user->roles eq "reseller") {
+ if ($c->user->roles eq "admin" || $c->user->roles eq "ccareadmin") {
+ } elsif ($c->user->roles eq "reseller" || $c->user->roles eq "ccare") {
$item_rs = $item_rs->search({
reseller_id => $c->user->reseller_id,
});
@@ -33,9 +33,9 @@ sub _item_rs {
sub get_form {
my ($self, $c) = @_;
- if($c->user->roles eq "admin") {
+ if ($c->user->roles eq "admin" || $c->user->roles eq "ccareadmin") {
return NGCP::Panel::Form::get("NGCP::Panel::Form::Contact::Admin", $c);
- } elsif($c->user->roles eq "reseller") {
+ } elsif ($c->user->roles eq "reseller" || $c->user->roles eq "ccare") {
return NGCP::Panel::Form::get("NGCP::Panel::Form::Contact::Reseller", $c);
}
}
diff --git a/lib/NGCP/Panel/Role/API/CustomerFraudEvents.pm b/lib/NGCP/Panel/Role/API/CustomerFraudEvents.pm
index 1d156eb1f3..0e65c5a606 100644
--- a/lib/NGCP/Panel/Role/API/CustomerFraudEvents.pm
+++ b/lib/NGCP/Panel/Role/API/CustomerFraudEvents.pm
@@ -16,11 +16,11 @@ sub _item_rs {
my ($self, $c, $id) = @_;
my %cond = ();
- if ($c->user->roles eq "admin") {
+ if ($c->user->roles eq "admin" || $c->user->roles eq "ccareadmin") {
if (my $reseller_id = $c->request->param('reseller_id')) {
$cond{'contact.reseller_id'} = $reseller_id;
}
- } elsif ($c->user->roles eq "reseller") {
+ } elsif ($c->user->roles eq "reseller" || $c->user->roles eq "ccare") {
$cond{'contact.reseller_id'} = $c->user->reseller_id;
}
if (my $contract_id = $c->request->param('contract_id')) {
@@ -90,9 +90,9 @@ sub _item_rs {
sub get_form {
my ($self, $c) = @_;
- if($c->user->roles eq "admin") {
+ if ($c->user->roles eq "admin" || $c->user->roles eq "ccareadmin") {
return NGCP::Panel::Form::get("NGCP::Panel::Form::CustomerFraudEvents::Admin", $c);
- } elsif($c->user->roles eq "reseller") {
+ } elsif ($c->user->roles eq "reseller" || $c->user->roles eq "ccare") {
return NGCP::Panel::Form::get("NGCP::Panel::Form::CustomerFraudEvents::Reseller", $c);
}
}
diff --git a/lib/NGCP/Panel/Role/API/Customers.pm b/lib/NGCP/Panel/Role/API/Customers.pm
index 4dc4b3ec52..14ddae7325 100644
--- a/lib/NGCP/Panel/Role/API/Customers.pm
+++ b/lib/NGCP/Panel/Role/API/Customers.pm
@@ -38,7 +38,8 @@ sub hal_from_customer {
my ($self, $c, $customer, $form, $now) = @_;
my $is_adm = 0;
- if($c->user->roles eq "admin" || $c->user->roles eq "reseller") {
+ if ($c->user->roles eq "admin" || $c->user->roles eq "reseller" ||
+ $c->user->roles eq "ccareadmin" || $c->user->roles eq "ccare") {
$is_adm = 1;
}
@@ -86,7 +87,9 @@ sub hal_from_customer {
$customer->subscriber_email_template_id ? (Data::HAL::Link->new(relation => 'ngcp:subscriberemailtemplates', href => sprintf("/api/emailtemplates/%d", $customer->subscriber_email_template_id))) : (),
$customer->passreset_email_template_id ? (Data::HAL::Link->new(relation => 'ngcp:passresetemailtemplates', href => sprintf("/api/emailtemplates/%d", $customer->passreset_email_template_id))) : (),
$customer->invoice_email_template_id ? (Data::HAL::Link->new(relation => 'ngcp:invoiceemailtemplates', href => sprintf("/api/emailtemplates/%d", $customer->invoice_email_template_id))) : (),
- Data::HAL::Link->new(relation => 'ngcp:calls', href => sprintf("/api/calls/?customer_id=%d", $customer->id)),
+ (($c->user->roles eq "ccareadmin" || $c->user->roles eq "ccare")
+ ? ()
+ : Data::HAL::Link->new(relation => 'ngcp:calls', href => sprintf("/api/calls/?customer_id=%d", $customer->id))),
$self->get_journal_relation_link($c, $customer->id),
) : ()),
],
diff --git a/lib/NGCP/Panel/Role/API/EmailTemplates.pm b/lib/NGCP/Panel/Role/API/EmailTemplates.pm
index d989197b26..9dadde7e28 100644
--- a/lib/NGCP/Panel/Role/API/EmailTemplates.pm
+++ b/lib/NGCP/Panel/Role/API/EmailTemplates.pm
@@ -15,8 +15,8 @@ sub _item_rs {
my ($self, $c) = @_;
my $item_rs = $c->model('DB')->resultset('email_templates');
- if($c->user->roles eq "admin") {
- } elsif($c->user->roles eq "reseller") {
+ if ($c->user->roles eq "admin" || $c->user->roles eq "ccareadmin") {
+ } elsif ($c->user->roles eq "reseller" || $c->user->roles eq "ccare") {
$item_rs = $item_rs->search({ reseller_id => $c->user->reseller_id },{prefetch=>'reseller'});
}
return $item_rs;
@@ -81,9 +81,12 @@ sub update_item {
resource => $resource,
item => $item,
);
- if($c->user->roles eq "admin") {
- } elsif($c->user->roles eq "reseller") {
+ if ($c->user->roles eq "admin") {
+ } elsif ($c->user->roles eq "reseller") {
$resource->{reseller_id} = $c->user->reseller_id;
+ } elsif ($c->user->roles eq "ccareadmin" || $c->user->roles eq "ccare") {
+ $self->error($c, HTTP_FORBIDDEN, "Read-only resource for authenticated role");
+ return;
}
my $dup_item = $c->model('DB')->resultset('email_templates')->find({
diff --git a/lib/NGCP/Panel/Role/API/FaxserverSettings.pm b/lib/NGCP/Panel/Role/API/FaxserverSettings.pm
index 58d50d3e9f..23fe67c3dc 100644
--- a/lib/NGCP/Panel/Role/API/FaxserverSettings.pm
+++ b/lib/NGCP/Panel/Role/API/FaxserverSettings.pm
@@ -32,7 +32,7 @@ sub _item_rs {
{ 'me.status' => { '!=' => 'terminated' } },
{ prefetch => 'provisioning_voip_subscriber',},
);
- if($c->user->roles eq "reseller") {
+ if($c->user->roles eq "reseller" || $c->user->roles eq "ccareadmin") {
$item_rs = $item_rs->search({
'contact.reseller_id' => $c->user->reseller_id,
}, {
diff --git a/lib/NGCP/Panel/Role/API/InvoiceTemplates.pm b/lib/NGCP/Panel/Role/API/InvoiceTemplates.pm
index 4961054f19..478f81e509 100644
--- a/lib/NGCP/Panel/Role/API/InvoiceTemplates.pm
+++ b/lib/NGCP/Panel/Role/API/InvoiceTemplates.pm
@@ -15,8 +15,8 @@ sub _item_rs {
my ($self, $c) = @_;
my $item_rs = $c->model('DB')->resultset('invoice_templates');
- if($c->user->roles eq "admin") {
- } elsif($c->user->roles eq "reseller") {
+ if ($c->user->roles eq "admin" || $c->user->roles eq "ccareadmin") {
+ } elsif ($c->user->roles eq "reseller" || $c->user->roles eq "ccare") {
$item_rs = $item_rs->search({ reseller_id => $c->user->reseller_id });
}
return $item_rs;
@@ -80,9 +80,13 @@ sub update_item {
form => $form,
resource => $resource,
);
- if($c->user->roles eq "admin") {
- } elsif($c->user->roles eq "reseller") {
+
+ if ($c->user->roles eq "admin") {
+ } elsif ($c->user->roles eq "reseller") {
$resource->{reseller_id} = $c->user->reseller_id;
+ } elsif ($c->user->roles eq "ccareadmin" || $c->user->roles eq "ccare") {
+ $self->error($c, HTTP_FORBIDDEN, "Read-only resource for authenticated role");
+ return;
}
my $dup_item = $c->model('DB')->resultset('invoice_templates')->find({
diff --git a/lib/NGCP/Panel/Role/API/MailToFaxSettings.pm b/lib/NGCP/Panel/Role/API/MailToFaxSettings.pm
index 7b58a44742..8266baf7a0 100644
--- a/lib/NGCP/Panel/Role/API/MailToFaxSettings.pm
+++ b/lib/NGCP/Panel/Role/API/MailToFaxSettings.pm
@@ -94,7 +94,7 @@ sub _item_rs {
{ 'me.status' => { '!=' => 'terminated' } },
{ prefetch => 'provisioning_voip_subscriber',},
);
- if($c->user->roles eq "reseller") {
+ if ($c->user->roles eq "reseller" || $c->user->roles eq "ccare") {
$item_rs = $item_rs->search({
'contact.reseller_id' => $c->user->reseller_id,
}, {
diff --git a/lib/NGCP/Panel/Role/API/Preferences.pm b/lib/NGCP/Panel/Role/API/Preferences.pm
index 9145d4ce0f..a5e13a1749 100644
--- a/lib/NGCP/Panel/Role/API/Preferences.pm
+++ b/lib/NGCP/Panel/Role/API/Preferences.pm
@@ -338,7 +338,7 @@ sub _item_rs {
# we actually return the profile rs here, as we can easily
# go to prof_preferences from there
$item_rs = $c->model('DB')->resultset('voip_subscriber_profiles');
- if($c->user->roles eq "reseller") {
+ if($c->user->roles eq "reseller" || $c->user->roles eq "ccare") {
$item_rs = $item_rs->search({
'profile_set.reseller_id' => $c->user->reseller_id,
},{
@@ -346,13 +346,13 @@ sub _item_rs {
});
}
} elsif($type eq "subscribers") {
- if($c->user->roles eq "admin") {
+ if($c->user->roles eq "admin" || $c->user->roles eq "ccareadmin") {
$item_rs = $c->model('DB')->resultset('voip_subscribers')->search({
'me.status' => { '!=' => 'terminated' }
}, {
join => { 'contract' => 'contact' }, #for filters
});
- } elsif($c->user->roles eq "reseller") {
+ } elsif($c->user->roles eq "reseller" || $c->user->roles eq "ccare") {
$item_rs = $c->model('DB')->resultset('voip_subscribers')->search({
'contact.reseller_id' => $c->user->reseller_id,
'me.status' => { '!=' => 'terminated' },
@@ -426,7 +426,7 @@ sub _item_rs {
});
}
} elsif($type eq "contracts") {
- if($c->user->roles eq "admin") {
+ if ($c->user->roles eq "admin" || $c->user->roles eq "ccareadmin") {
$item_rs = $c->model('DB')->resultset('contracts')->search({
'me.status' => { '!=' => 'terminated' },
'contact.reseller_id' => { '!=' => undef },
@@ -434,7 +434,7 @@ sub _item_rs {
},{
join => 'contact',
});
- } elsif($c->user->roles eq "reseller") {
+ } elsif ($c->user->roles eq "reseller" || $c->user->roles eq "ccareadmin") {
$item_rs = $c->model('DB')->resultset('contracts')->search({
'contact.reseller_id' => $c->user->reseller_id,
'me.status' => { '!=' => 'terminated' },
diff --git a/lib/NGCP/Panel/Role/API/Reminders.pm b/lib/NGCP/Panel/Role/API/Reminders.pm
index f718a1e4f2..3c073704ee 100644
--- a/lib/NGCP/Panel/Role/API/Reminders.pm
+++ b/lib/NGCP/Panel/Role/API/Reminders.pm
@@ -16,8 +16,8 @@ sub _item_rs {
my ($self, $c) = @_;
my $item_rs = $c->model('DB')->resultset('voip_reminder');
- if ($c->user->roles eq "admin") {
- } elsif ($c->user->roles eq "reseller") {
+ if ($c->user->roles eq "admin" || $c->user->roles eq "ccareadmin") {
+ } elsif ($c->user->roles eq "reseller" || $c->user->roles eq "ccare") {
$item_rs = $item_rs->search({
'contact.reseller_id' => $c->user->reseller_id
},{
@@ -152,7 +152,7 @@ sub get_subscriber_by_id {
my $sub_rs = $c->model('DB')->resultset('voip_subscribers')->search({
'me.id' => $subscriber_id,
});
- if ($c->user->roles eq "reseller") {
+ if ($c->user->roles eq "reseller" || $c->user->roles eq "ccare") {
$sub_rs = $sub_rs->search({
'contact.reseller_id' => $c->user->reseller_id,
},{
diff --git a/lib/NGCP/Panel/Role/API/SpeedDials.pm b/lib/NGCP/Panel/Role/API/SpeedDials.pm
index ce3effa626..f084f4a73a 100644
--- a/lib/NGCP/Panel/Role/API/SpeedDials.pm
+++ b/lib/NGCP/Panel/Role/API/SpeedDials.pm
@@ -64,8 +64,8 @@ sub _item_rs {
my $item_rs;
$item_rs = $c->model('DB')->resultset('voip_subscribers')
->search({ 'me.status' => { '!=' => 'terminated' } });
- if ($c->user->roles eq "admin") {
- } elsif ($c->user->roles eq "reseller") {
+ if ($c->user->roles eq "admin" || $c->user->role eq "ccareadmin") {
+ } elsif ($c->user->roles eq "reseller" || $c->user->role eq "ccare") {
$item_rs = $item_rs->search({
'contact.reseller_id' => $c->user->reseller_id,
}, {
diff --git a/lib/NGCP/Panel/Role/API/SubscriberProfileSets.pm b/lib/NGCP/Panel/Role/API/SubscriberProfileSets.pm
index 4638790a80..0ec52154a9 100644
--- a/lib/NGCP/Panel/Role/API/SubscriberProfileSets.pm
+++ b/lib/NGCP/Panel/Role/API/SubscriberProfileSets.pm
@@ -15,8 +15,8 @@ sub _item_rs {
my ($self, $c) = @_;
my $item_rs = $c->model('DB')->resultset('voip_subscriber_profile_sets');
- if($c->user->roles eq "admin") {
- } elsif($c->user->roles eq "reseller") {
+ if ($c->user->roles eq "admin" || $c->user->roles eq "ccareadmin") {
+ } elsif ($c->user->roles eq "reseller" || $c->user->roles eq "ccare") {
$item_rs = $item_rs->search({ reseller_id => $c->user->reseller_id });
}
return $item_rs;
@@ -24,9 +24,9 @@ sub _item_rs {
sub get_form {
my ($self, $c) = @_;
- if($c->user->roles eq "admin") {
+ if ($c->user->roles eq "admin" || $c->user->roles eq "ccareadmin") {
return NGCP::Panel::Form::get("NGCP::Panel::Form::SubscriberProfile::SetAdmin", $c);
- } elsif($c->user->roles eq "reseller") {
+ } elsif ($c->user->roles eq "reseller" || $c->user->roles eq "ccare") {
return NGCP::Panel::Form::get("NGCP::Panel::Form::SubscriberProfile::SetReseller", $c);
}
}
@@ -81,9 +81,12 @@ sub update_item {
form => $form,
resource => $resource,
);
- if($c->user->roles eq "admin") {
+ if ($c->user->roles eq "admin") {
} elsif($c->user->roles eq "reseller") {
$resource->{reseller_id} = $c->user->reseller_id;
+ } elsif ($c->user->roles eq "ccareadmin" || $c->user->roles eq "ccare") {
+ $self->error($c, HTTP_FORBIDDEN, "Read-only resource for authenticated role");
+ return;
}
my $dup_item = $c->model('DB')->resultset('voip_subscriber_profile_sets')->find({
diff --git a/lib/NGCP/Panel/Role/API/SubscriberProfiles.pm b/lib/NGCP/Panel/Role/API/SubscriberProfiles.pm
index fda063d0e7..0ab96f656e 100644
--- a/lib/NGCP/Panel/Role/API/SubscriberProfiles.pm
+++ b/lib/NGCP/Panel/Role/API/SubscriberProfiles.pm
@@ -15,8 +15,8 @@ sub _item_rs {
my ($self, $c) = @_;
my $item_rs = $c->model('DB')->resultset('voip_subscriber_profiles');
- if($c->user->roles eq "admin") {
- } elsif($c->user->roles eq "reseller") {
+ if ($c->user->roles eq "admin" || $c->user->roles eq "ccareadmin") {
+ } elsif ($c->user->roles eq "reseller" || $c->user->roles eq "ccare") {
$item_rs = $item_rs->search({ 'profile_set.reseller_id' => $c->user->reseller_id }, {
join => 'profile_set',
});
@@ -90,6 +90,11 @@ sub update_item {
# delete $resource->{attribute} in case reseller not allowed to update set
+ if ($c->user->roles eq "ccareadmin" || $c->user->roles eq "ccare") {
+ $self->error($c, HTTP_FORBIDDEN, "Read-only resource for authenticated role");
+ return;
+ }
+
$resource->{attribute} = delete $resource->{attributes};
$form //= $self->get_form($c);
return unless $self->validate_form(
diff --git a/lib/NGCP/Panel/Role/API/SubscriberRegistrations.pm b/lib/NGCP/Panel/Role/API/SubscriberRegistrations.pm
index 23cc89f39d..daf6e9c12e 100644
--- a/lib/NGCP/Panel/Role/API/SubscriberRegistrations.pm
+++ b/lib/NGCP/Panel/Role/API/SubscriberRegistrations.pm
@@ -40,8 +40,8 @@ sub _item_rs {
}
}
- if ($c->user->roles eq "admin") {
- } elsif ($c->user->roles eq "reseller") {
+ if ($c->user->roles eq "admin" || $c->user->roles eq "ccareadmin") {
+ } elsif ($c->user->roles eq "reseller" || $c->user->roles eq "ccare") {
$filter->{reseller_id} = $c->user->reseller_id;
}
$item_rs = NGCP::Panel::Utils::Subscriber::get_subscriber_location_rs($c, $filter);
@@ -51,13 +51,13 @@ sub _item_rs {
push @joins, 'domain';
}
$item_rs = $c->model('DB')->resultset('location');
- if($c->user->roles eq "admin") {
+ if($c->user->roles eq "admin" || $c->user->roles eq "ccareadmin") {
$item_rs = $item_rs->search({
},{
join => [@joins,'subscriber'],
});
- } elsif($c->user->roles eq "reseller") {
+ } elsif($c->user->roles eq "reseller" || $c->user->roles eq "ccare") {
$item_rs = $item_rs->search({
'contact.reseller_id' => $c->user->reseller_id
},{
@@ -165,8 +165,8 @@ sub subscriber_from_id {
'me.id' => $id,
'me.status' => { '!=' => 'terminated' },
});
- if($c->user->roles eq "admin") {
- } elsif($c->user->roles eq "reseller") {
+ if($c->user->roles eq "admin" || $c->user->roles eq "ccareadmin") {
+ } elsif($c->user->roles eq "reseller" || $c->user->roles eq "ccare") {
$sub_rs = $sub_rs->search({
'contact.reseller_id' => $c->user->reseller_id,
},{
diff --git a/lib/NGCP/Panel/Role/API/Subscribers.pm b/lib/NGCP/Panel/Role/API/Subscribers.pm
index 295053386e..7228fa6aa0 100644
--- a/lib/NGCP/Panel/Role/API/Subscribers.pm
+++ b/lib/NGCP/Panel/Role/API/Subscribers.pm
@@ -33,9 +33,10 @@ sub relation{
sub get_form {
my ($self, $c) = @_;
- if($c->user->roles eq "admin" || $c->user->roles eq "reseller") {
+ if ($c->user->roles eq "admin" || $c->user->roles eq "reseller" ||
+ $c->user->roles eq "ccareadmin" || $c->user->roles eq "ccare") {
return (NGCP::Panel::Form::get("NGCP::Panel::Form::Subscriber::SubscriberAPI", $c));
- } elsif($c->user->roles eq "subscriberadmin" || $c->user->roles eq "subscriber") {
+ } elsif ($c->user->roles eq "subscriberadmin" || $c->user->roles eq "subscriber") {
return (NGCP::Panel::Form::get("NGCP::Panel::Form::Subscriber::SubscriberSubAdminAPI", $c));
}
}
@@ -134,7 +135,8 @@ sub resource_from_item {
# don't leak internal info to subscribers via API for those fields
# not filtered via forms
my $contract_id = int(delete $resource{contract_id});
- if ($c->user->roles eq "admin" || $c->user->roles eq "reseller") {
+ if ($c->user->roles eq "admin" || $c->user->roles eq "reseller" ||
+ $c->user->roles eq "ccareadmin" || $c->user->roles eq "ccare") {
$resource{customer_id} = $contract_id;
$resource{uuid} = $item->uuid;
@@ -176,7 +178,8 @@ sub resource_from_item {
sub hal_from_item {
my ($self, $c, $item, $resource, $form) = @_;
my $is_sub = 1;
- if($c->user->roles eq "admin" || $c->user->roles eq "reseller") {
+ if ($c->user->roles eq "admin" || $c->user->roles eq "reseller" ||
+ $c->user->roles eq "ccareadmin" || $c->user->roles eq "ccare") {
$is_sub = 0;
}
my $is_subadm = 1;
@@ -230,22 +233,22 @@ sub _item_rs {
my $item_rs;
$item_rs = $c->model('DB')->resultset('voip_subscribers')
->search({ 'me.status' => { '!=' => 'terminated' } });
- if($c->user->roles eq "admin") {
+ if ($c->user->roles eq "admin" || $c->user->roles eq "ccareadmin") {
$item_rs = $item_rs->search(undef,
{
join => { 'contract' => 'contact' }, #for filters
});
- } elsif($c->user->roles eq "reseller") {
+ } elsif ($c->user->roles eq "reseller" || $c->user->roles eq "ccare") {
$item_rs = $item_rs->search({
'contact.reseller_id' => $c->user->reseller_id,
}, {
join => { 'contract' => 'contact' },
});
- } elsif($c->user->roles eq "subscriberadmin") {
+ } elsif ($c->user->roles eq "subscriberadmin") {
$item_rs = $item_rs->search({
'contract_id' => $c->user->account_id,
});
- } elsif($c->user->roles eq "subscriber") {
+ } elsif ($c->user->roles eq "subscriber") {
$item_rs = $item_rs->search({
#voip_subscriber is a provisioning.voip_subscribers relation
#$c->user is provisioning.voip_subscribers, so we use ->voip_subscriber->id and compare to billing.voip-subscribers.
@@ -285,8 +288,8 @@ sub get_customer {
'product.class' => 'pbxaccount',
],
},undef);
- if($c->user->roles eq "admin") {
- } elsif($c->user->roles eq "reseller") {
+ if ($c->user->roles eq "admin" || $c->user->roles eq "ccareadmin") {
+ } elsif($c->user->roles eq "reseller" || $c->user->roles eq "ccare") {
$customer_rs = $customer_rs->search({
'contact.reseller_id' => $c->user->reseller_id,
});
@@ -305,7 +308,8 @@ sub prepare_resource {
my $groups = [];
my $groupmembers = [];
my $domain;
- if(($c->user->roles eq "admin" || $c->user->roles eq "reseller") && $resource->{domain}) {
+ if (($c->user->roles eq "admin" || $c->user->roles eq "reseller" ||
+ $c->user->roles eq "ccareadmin" || $c->user->roles eq "ccare") && $resource->{domain}) {
$domain = $schema->resultset('domains')
->search({ domain => $resource->{domain} });
if($c->user->roles eq "admin") {
@@ -323,7 +327,7 @@ sub prepare_resource {
}
delete $resource->{domain};
$resource->{domain_id} = $domain->id;
- } elsif($c->user->roles eq "subscriberadmin") {
+ } elsif ($c->user->roles eq "subscriberadmin") {
my $pilot = $schema->resultset('provisioning_voip_subscribers')->search({
account_id => $c->user->account_id,
is_pbx_pilot => 1,
@@ -392,8 +396,8 @@ sub prepare_resource {
unless($domain) {
$domain = $c->model('DB')->resultset('domains')->search({'me.id' => $resource->{domain_id}});
- if($c->user->roles eq "admin") {
- } elsif($c->user->roles eq "reseller") {
+ if ($c->user->roles eq "admin" || $c->user->roles eq "ccareadmin") {
+ } elsif ($c->user->roles eq "reseller" || $c->user->roles eq "ccare") {
$domain = $domain->search({
'domain_resellers.reseller_id' => $c->user->reseller_id,
}, {
@@ -787,8 +791,9 @@ sub update_item {
sub check_write_access {
my ( $self, $c, $id ) = @_;
- if ($c->user->roles eq "admin" || $c->user->roles eq "reseller") {
-
+ if ($c->user->roles eq "admin" || $c->user->roles eq "reseller" ||
+ $c->user->roles eq "ccareadmin" || $c->user->roles eq "ccare") {
+ return 1;
}
elsif ($c->user->roles eq "subscriberadmin" && !$self->subscriberadmin_write_access($c)) {
$self->error($c, HTTP_FORBIDDEN, "Read-only resource for authenticated role");
diff --git a/lib/NGCP/Panel/Role/API/TrustedSources.pm b/lib/NGCP/Panel/Role/API/TrustedSources.pm
index 8e2b358685..b141504ea6 100644
--- a/lib/NGCP/Panel/Role/API/TrustedSources.pm
+++ b/lib/NGCP/Panel/Role/API/TrustedSources.pm
@@ -16,8 +16,8 @@ sub _item_rs {
my ($self, $c) = @_;
my $item_rs = $c->model('DB')->resultset('voip_trusted_sources');
- if($c->user->roles eq "admin") {
- } elsif($c->user->roles eq "reseller") {
+ if ($c->user->roles eq "admin" || $c->user->roles eq "ccareadmin") {
+ } elsif ($c->user->roles eq "reseller" || $c->user->roles eq "ccare") {
$item_rs = $item_rs->search({
'contact.reseller_id' => $c->user->reseller_id
},{
@@ -96,7 +96,7 @@ sub update_item {
my $sub_rs = $c->model('DB')->resultset('voip_subscribers')->search({
'me.id' => $resource->{subscriber_id},
});
- if($c->user->roles eq "reseller") {
+ if($c->user->roles eq "reseller" || $c->user->roles eq "ccare") {
$sub_rs = $sub_rs->search({
'contact.reseller_id' => $c->user->reseller_id,
},{
diff --git a/lib/NGCP/Panel/Role/API/VoicemailGreetings.pm b/lib/NGCP/Panel/Role/API/VoicemailGreetings.pm
index 79ca23c1ff..e773863102 100644
--- a/lib/NGCP/Panel/Role/API/VoicemailGreetings.pm
+++ b/lib/NGCP/Panel/Role/API/VoicemailGreetings.pm
@@ -39,8 +39,8 @@ sub _item_rs {
'+select' => [qw/voip_subscriber.id/],
'+as' => [qw/subscriber_id/],
});
- if($c->user->roles eq "admin") {
- } elsif($c->user->roles eq "reseller") {
+ if ($c->user->roles eq "admin" || $c->user->roles eq "ccareadmin") {
+ } elsif ($c->user->roles eq "reseller" || $c->user->roles eq "ccare") {
$item_rs = $item_rs->search({
'contact.reseller_id' => $c->user->reseller_id
},{
@@ -103,7 +103,7 @@ sub check_resource{
'me.status' => { '!=' => 'terminated' },
'me.id' => $resource->{subscriber_id},
});
- if($c->user->roles eq 'reseller') {
+ if ($c->user->roles eq 'reseller' || $c->user->roles eq "ccare") {
$subscriber_rs = $subscriber_rs->search({
'contact.reseller_id' => $c->user->reseller_id,
},{
diff --git a/lib/NGCP/Panel/Role/API/VoicemailSettings.pm b/lib/NGCP/Panel/Role/API/VoicemailSettings.pm
index f0df6fed48..f10230878a 100644
--- a/lib/NGCP/Panel/Role/API/VoicemailSettings.pm
+++ b/lib/NGCP/Panel/Role/API/VoicemailSettings.pm
@@ -14,14 +14,14 @@ use HTTP::Status qw(:constants);
sub _item_rs {
my ($self, $c) = @_;
- my $item_rs = $c->model('DB')->resultset('voicemail_users')->search({
+ my $item_rs = $c->model('DB')->resultset('voicemail_users')->search({
'voip_subscriber.status' => { '!=' => 'terminated' },
}, {
join => { provisioning_voip_subscriber => { voip_subscriber => { contract => 'contact' } } },
});
- if ($c->user->roles eq "admin") {
- } elsif ($c->user->roles eq "reseller") {
- $item_rs = $item_rs->search({
+ if ($c->user->roles eq "admin" || $c->user->roles eq "ccareadmin") {
+ } elsif ($c->user->roles eq "reseller" || $c->user->roles eq "ccare") {
+ $item_rs = $item_rs->search({
'contact.reseller_id' => $c->user->reseller_id,
});
} elsif ($c->user->roles eq "subscriberadmin") {
diff --git a/lib/NGCP/Panel/Role/API/Voicemails.pm b/lib/NGCP/Panel/Role/API/Voicemails.pm
index 543d049e73..747e5863a9 100644
--- a/lib/NGCP/Panel/Role/API/Voicemails.pm
+++ b/lib/NGCP/Panel/Role/API/Voicemails.pm
@@ -22,8 +22,8 @@ sub _item_rs {
},{
join => { mailboxuser => { provisioning_voip_subscriber => 'voip_subscriber' } }
});
- if($c->user->roles eq "admin") {
- } elsif($c->user->roles eq "reseller") {
+ if ($c->user->roles eq "admin" || $c->user->roles eq "ccareadmin") {
+ } elsif ($c->user->roles eq "reseller" || $c->user->roles eq "ccare") {
$item_rs = $item_rs->search({
'contact.reseller_id' => $c->user->reseller_id
},{
diff --git a/lib/NGCP/Panel/Utils/Contract.pm b/lib/NGCP/Panel/Utils/Contract.pm
index 8c626dd05c..fa00f252d5 100644
--- a/lib/NGCP/Panel/Utils/Contract.pm
+++ b/lib/NGCP/Panel/Utils/Contract.pm
@@ -154,11 +154,11 @@ sub get_customer_rs {
join => 'contact',
});
- if($c->user->roles eq "admin") {
+ if($c->user->roles eq "admin" || $c->user->roles eq "ccareadmin") {
$rs = $rs->search_rs({
'contact.reseller_id' => { '-not' => undef },
},undef);
- } elsif($c->user->roles eq "reseller") {
+ } elsif($c->user->roles eq "reseller" || $c->user->roles eq "ccare") {
$rs = $rs->search({
'contact.reseller_id' => $c->user->reseller_id,
},undef);
diff --git a/lib/NGCP/Panel/Utils/Subscriber.pm b/lib/NGCP/Panel/Utils/Subscriber.pm
index 3dc72804f3..b86a13889e 100644
--- a/lib/NGCP/Panel/Utils/Subscriber.pm
+++ b/lib/NGCP/Panel/Utils/Subscriber.pm
@@ -212,7 +212,7 @@ sub create_subscriber {
$c->log->warn("invalid license status: $status");
# die("invalid license status: $status");
}
- if ($c->user->roles eq "reseller") {
+ if ($c->user->roles eq "reseller" || $c->user->roles eq "ccare") {
if ($contract->contact->reseller_id ne $c->user->reseller_id) {
die("invalid contract id '".$contract->id."'");
}
@@ -450,7 +450,7 @@ sub create_subscriber {
sub check_profile_set_and_profile {
my ($c, $resource, $subscriber) = @_;
-
+
my ($profile_set, $profile, $profile_set_rs);
my $schema = $c->model('DB');
@@ -465,12 +465,12 @@ sub check_profile_set_and_profile {
} else {
$profile_set_rs = $schema->resultset('voip_subscriber_profile_sets');
}
- if($c->user->roles eq "admin") {
+ if($c->user->roles eq "admin" || $c->user->roles eq "ccareadmin") {
#we allow to admins (both superadmin and reseller admin roles)
- #to pick any profile_set, even not linked to pilot.
+ #to pick any profile_set, even not linked to pilot.
#it may lead to situation when subscriberadmin will not see profile options, as profile ajax call is based on pilot profile_set setting
#this was old behavior and I left untouched this administrator privilege
- } elsif($c->user->roles eq "reseller") {
+ } elsif($c->user->roles eq "reseller" || $c->user->roles eq "ccare") {
$profile_set_rs = $profile_set_rs->search({
'me.reseller_id' => $c->user->reseller_id,
});
@@ -504,7 +504,7 @@ sub check_profile_set_and_profile {
}
} elsif (!exists $resource->{profile_set}{id}) {
if ($c->user->roles eq "subscriberadmin") { #we are in subscriberadmin web UI
- #this is for subscriberadmin web ui to edit subscriber.
+ #this is for subscriberadmin web ui to edit subscriber.
#Edit subscriber form for subscriberadmin doesn't contain profile_set control
#API form doesn't suppose profile_set field.
# => subscriberadmin can't manage profile_set via web ui and API
@@ -525,14 +525,15 @@ sub check_profile_set_and_profile {
id => $resource->{profile}{id},
});
}
- if (!$profile
+ if (!$profile
&& (
#we force default profile instead of empty for all roles those can't unset profile_set
- (!$resource->{profile}{id})
+ (!$resource->{profile}{id})
#to admin roles we forgive incorrect profile_id (no error)
#this is due web ui, when not dynamic profile field can't reflect profile_set change
#and user need to edit twice to 1) change profile_set + incorrect profile_id) and 2) select not-default profile
- || ($c->user->roles eq "admin" || $c->user->roles eq "reseller")
+ || ($c->user->roles eq "admin" || $c->user->roles eq "reseller" ||
+ $c->user->roles eq "ccareadmin" || $c->user->roles eq "ccare")
)
) {
$profile = $profile_set->voip_subscriber_profiles->find({
@@ -547,7 +548,7 @@ sub check_profile_set_and_profile {
};
}
if (!$profile && (
- $profile_set
+ $profile_set
|| ( $c->user->roles eq "subscriberadmin"
&& $resource->{profile}{id} )
)
@@ -573,8 +574,8 @@ sub check_profile_set_and_profile {
# if the profile changed, clear any preferences which are not in the new profile
#in create use case we don't have prov_subscriber
- if($prov_subscriber
- && $prov_subscriber->voip_subscriber_profile
+ if($prov_subscriber
+ && $prov_subscriber->voip_subscriber_profile
&& ( !$profile || $prov_subscriber->voip_subscriber_profile->id != $profile->id )
) {
my %old_profile_attributes = map { $_ => 1 }
@@ -2036,7 +2037,7 @@ sub delete_callrecording {
my($recording, $force_delete) = @params{qw/recording force_delete/};
foreach my $stream($recording->recording_streams->all) {
- #if we met some error deleting file - we will fail and transaction will be rollbacked
+ #if we met some error deleting file - we will fail and transaction will be rollbacked
if (! -e $stream->full_filename) {
if ( !$force_delete ) {
die("Callrecording file ".$stream->full_filename." is absent");
diff --git a/lib/NGCP/Panel/Widget/Dashboard/CCareCustomerOverview.pm b/lib/NGCP/Panel/Widget/Dashboard/CCareCustomerOverview.pm
new file mode 100644
index 0000000000..a9cec05203
--- /dev/null
+++ b/lib/NGCP/Panel/Widget/Dashboard/CCareCustomerOverview.pm
@@ -0,0 +1,82 @@
+package NGCP::Panel::Widget::Dashboard::CCareCustomerOverview;
+
+use warnings;
+use strict;
+
+sub template {
+ return 'widgets/ccare_customer_overview.tt';
+}
+
+sub filter {
+ my ($self, $c) = @_;
+
+ return 1 if (
+ $c->user->roles eq 'ccareadmin' || $c->user->roles eq 'ccare'
+ );
+ return;
+}
+
+sub _prepare_customers_count {
+ my ($self, $c) = @_;
+ $c->stash(
+ customers => $c->model('DB')->resultset('contracts')->search({
+ 'me.status' => { '!=' => 'terminated' },
+ 'product.class' => { 'not in' => [ 'reseller', 'sippeering', 'pstnpeering' ] },
+ ($c->user->roles eq 'ccare'
+ ? ('contact.reseller_id' => $c->user->reseller_id)
+ : ())
+ },{
+ join => [ 'contact', 'product' ],
+ }),
+ );
+
+}
+
+sub _prepare_subscribers_count {
+ my ($self, $c) = @_;
+
+ $c->stash(
+ subscribers => $c->model('DB')->resultset('voip_subscribers')->search({
+ 'me.status' => { '!=' => 'terminated' },
+ ($c->user->roles eq 'ccare'
+ ? ('contact.reseller_id' => $c->user->reseller_id)
+ : ())
+ },{
+ join => { 'contract' => 'contact'},
+ }),
+ );
+}
+
+sub _prepare_contacts_count {
+ my ($self, $c) = @_;
+
+ $c->stash(
+ contacts => $c->model('DB')->resultset('contacts')->search({
+ 'me.status' => { '!=' => 'terminated' },
+ ($c->user->roles eq 'ccare'
+ ? (reseller_id => $c->user->reseller_id)
+ : ())
+ }),
+ );
+}
+
+sub customers_count {
+ my ($self, $c) = @_;
+ $self->_prepare_customers_count($c);
+ return $c->stash->{customers}->count;
+}
+
+sub subscribers_count {
+ my ($self, $c) = @_;
+ $self->_prepare_subscribers_count($c);
+ return $c->stash->{subscribers}->count;
+}
+
+sub contacts_count {
+ my ($self, $c) = @_;
+ $self->_prepare_contacts_count($c);
+ return $c->stash->{contacts}->count;
+}
+
+1;
+# vim: set tabstop=4 expandtab:
diff --git a/share/layout/body.tt b/share/layout/body.tt
index d0d2603347..72182ba120 100644
--- a/share/layout/body.tt
+++ b/share/layout/body.tt
@@ -12,8 +12,8 @@
<ul class="pull-right">
<li>
[% IF c.user -%]
- [%- IF c.user.roles == 'admin' || c.user.roles == 'reseller' -%]
- [% login_name = c.user.login %]
+ [%- IF c.user.roles == 'admin' || c.user.roles == 'reseller' || c.user.roles == 'ccareadmin' || c.user.roles == 'ccare' -%]
+ [% login_name = c.user.login _ ' (' _ c.user.roles _ ')' %]
[%- ELSE -%]
[% login_name = c.user.webusername _'@'_ c.user.domain.domain %]
[%- END -%]
diff --git a/share/templates/billing/list.tt b/share/templates/billing/list.tt
index 5ec39cd5c8..7a0daa04b6 100644
--- a/share/templates/billing/list.tt
+++ b/share/templates/billing/list.tt
@@ -21,9 +21,11 @@
{ name = c.loc('Fees'), uri = "/billing/'+full[\"id\"]+'/fees", class = 'btn-small btn-tertiary', icon = 'icon-shopping-cart' },
{ name = c.loc('Off-Peaktimes'), uri = "/billing/'+full[\"id\"]+'/peaktimes", class = 'btn-small btn-tertiary', icon = 'icon-time' },
];
- helper.top_buttons = [
- { name = c.loc('Create Billing Profile'), uri = c.uri_for('/billing/create'), icon = 'icon-star' },
- ];
+ IF c.user.roles == "admin" || c.user.roles == "reseller";
+ helper.top_buttons = [
+ { name = c.loc('Create Billing Profile'), uri = c.uri_for('/billing/create'), icon = 'icon-star' },
+ ];
+ END;
END;
PROCESS 'helpers/datatables.tt';
diff --git a/share/templates/customer/details.tt b/share/templates/customer/details.tt
index e5132aad42..c5f084077d 100644
--- a/share/templates/customer/details.tt
+++ b/share/templates/customer/details.tt
@@ -67,7 +67,8 @@ $(function() {
<a class="btn btn-primary btn-large" href="[% c.uri_for('/back') %]"><i class="icon-arrow-left"></i> [% c.loc('Back') %]</a>
<a class="btn btn-primary btn-large" href="[% c.uri_for_action('/customer/preferences', [c.req.captures.0]) %]"><i class="icon-list"></i> [% c.loc('Preferences') %]</a>
</span>
- [% IF !c.user.read_only && (c.user.roles == 'admin' || c.user.roles == 'reseller') -%]
+ [% IF (c.user.roles == 'admin' || c.user.roles == 'reseller' ||
+ c.user.roles == 'ccaradmin' || c.user.roles == 'ccare') && !c.user.read_only -%]
<span>
<a class="btn btn-primary btn-large" href="[% c.uri_for_action('/customer/edit', [ contract.id ]) %]"><i class="icon-edit"></i> [% c.loc('Edit') %]</a>
</span>
@@ -118,7 +119,7 @@ $(function() {
</div>
[% END -%]
- [% IF c.user.roles == 'admin' || c.user.roles == 'reseller' %]
+ [% IF c.user.roles == 'admin' || c.user.roles == 'reseller' || c.user.roles == 'ccareadmin' || c.user.roles == 'ccare' %]
<div class="accordion-group">
<div class="accordion-heading">
<a class="accordion-toggle" data-toggle="collapse" data-parent="#customer_details" href="#collapse_contact">[% c.loc('Contact Details') %]</a>
@@ -221,7 +222,10 @@ $(function() {
</div>
<div class="accordion-body collapse" id="collapse_subs">
<div class="accordion-inner">
- [% IF ((c.user.roles == "subscriberadmin" && product.class == "pbxaccount") || c.user.roles == "admin" || c.user.roles == "reseller") && contract.max_subscribers.defined && subscriber_count < contract.max_subscribers -%]
+ [% IF ((c.user.roles == "subscriberadmin" && product.class == "pbxaccount") ||
+ c.user.roles == "admin" || c.user.roles == "reseller" ||
+ c.user.roles == "ccareadmin" || c.user.roles == "ccare") &&
+ contract.max_subscribers.defined && subscriber_count < contract.max_subscribers -%]
<div class="alert alert-info">
[% c.loc('[_1] of maximum [_2] subscribers [_3] created',subscriber_count,contract.max_subscribers,
c.config.features.cloudpbx ? c.loc('(including PBX groups) ') : '') %]
@@ -234,7 +238,9 @@ $(function() {
[% c.loc('Maximum number of [_1] subscribers [_2] created',contract.max_subscribers,
c.config.features.cloudpbx ? c.loc('(including PBX groups) ') : '') %]
</div>
- [% ELSIF (c.user.roles == "subscriberadmin" && product.class == "pbxaccount") || c.user.roles == "admin" || c.user.roles == "reseller" -%]
+ [% ELSIF (c.user.roles == "subscriberadmin" && product.class == "pbxaccount") ||
+ c.user.roles == "admin" || c.user.roles == "reseller" ||
+ c.user.roles == "ccaradmin" || c.user.roles == "ccare" -%]
<a class="btn btn-large btn-primary" href="[% c.uri_for_action('/customer/subscriber_create', [ c.req.captures.0 ]) %]">
<i class="icon-star"></i> [% c.loc('Create Subscriber') %]
</a>
@@ -390,7 +396,9 @@ $(function() {
[% IF
c.config.features.cloudpbx &&
product.class == 'pbxaccount' &&
- (c.user.roles == 'admin' || c.user.roles == 'reseller' || c.user.roles == 'subscriberadmin')
+ (c.user.roles == 'admin' || c.user.roles == 'reseller' ||
+ c.user.roles == 'ccaradmin' || c.user.roles == 'ccare' ||
+ c.user.roles == 'subscriberadmin')
-%]
<div class="accordion-group">
<div class="accordion-heading">
@@ -435,7 +443,8 @@ $(function() {
<div class="accordion-inner">
- [% IF (c.user.roles == 'admin' || c.user.roles == 'reseller') && !c.user.read_only -%]
+ [% IF (c.user.roles == 'admin' || c.user.roles == 'reseller' ||
+ c.user.roles == 'ccaradmin' || c.user.roles == 'ccare') && !c.user.read_only -%]
<span>
[% IF c.user.billing_data -%]
<a class="btn btn-primary btn-large" href="[% c.uri_for_action("/customer/topup_voucher", [contract.id]) %]"><i class="icon-repeat"></i> [% c.loc('Top-up Voucher') %]</a>
@@ -582,7 +591,8 @@ $(function() {
</div>
</div>
- [% IF c.user.roles == 'admin' || c.user.roles == 'reseller' %]
+ [% IF c.user.roles == 'admin' || c.user.roles == 'reseller' ||
+ c.user.roles == 'ccareadmin' || c.user.roles == 'ccare' %]
<div class="accordion-group">
<div class="accordion-heading">
<a class="accordion-toggle" data-toggle="collapse" data-parent="#customer_details" href="#collapse_fraud">[% c.loc('Fraud Limits') %]</a>
@@ -689,7 +699,9 @@ $(function() {
</div>
</div>
- [% IF (c.user.roles == "subscriberadmin" && product.class == "pbxaccount") || c.user.roles == "admin" || c.user.roles == "reseller" -%]
+ [% IF (c.user.roles == "subscriberadmin" && product.class == "pbxaccount") ||
+ c.user.roles == "admin" || c.user.roles == "reseller" ||
+ c.user.roles == "ccareadmin" || c.user.roles == "ccare" -%]
<div class="accordion-group">
<div class="accordion-heading">
<a class="accordion-toggle" data-toggle="collapse" data-parent="#customer_details" href="#collapse_locations">[% c.loc('Locations') %]</a>
@@ -724,7 +736,9 @@ $(function() {
</div>
[% END -%]
- [% IF (c.user.roles == "subscriberadmin" && product.class == "pbxaccount") || c.user.roles == "admin" || c.user.roles == "reseller" -%]
+ [% IF (c.user.roles == "subscriberadmin" && product.class == "pbxaccount") ||
+ c.user.roles == "admin" || c.user.roles == "reseller" ||
+ c.user.roles == "ccareadmin" || c.user.roles == "ccare" -%]
<div class="accordion-group">
<div class="accordion-heading">
<a class="accordion-toggle" data-toggle="collapse" data-parent="#customer_details" href="#collapse_phonebook">[% c.loc('Phonebook') %]</a>
diff --git a/share/templates/subscriber/master.tt b/share/templates/subscriber/master.tt
index e76e799546..015c80e2d4 100644
--- a/share/templates/subscriber/master.tt
+++ b/share/templates/subscriber/master.tt
@@ -1,4 +1,4 @@
-[%
+[%
IF subscriber.provisioning_voip_subscriber.is_pbx_group;
site_config.title = c.loc('PBX Group [_1]@[_2]', subscriber.username, subscriber.domain.domain);
ELSE;
@@ -11,7 +11,9 @@
<span class="pull-left" style="margin:0 5px 0 5px;">
<a class="btn btn-primary btn-large" href="[% c.uri_for('/back') %]"><i class="icon-arrow-left"></i> [% c.loc('Back') %]</a>
<a class="btn btn-primary btn-large" href="[% c.uri_for_action('/subscriber/preferences', [ subscriber.id ]) %]"><i class="icon-list"></i> [% c.loc('Preferences') %]</a>
+ [% IF c.user.roles != "ccareadmin" && c.user.roles != "ccare" -%]
<a class="btn btn-primary btn-large" href="[% c.uri_for_action('/subscriber/calllist', [subscriber.id]) %]"><i class="icon-list"></i> [% c.loc('Calls history') %]</a>
+ [% END -%]
<a class="btn btn-primary btn-large" href="[% c.uri_for_action('/customer/details', [ subscriber.contract_id ]) %]"><i class="icon-user"></i> [% c.loc('Customer') %]</a>
</span>
</div>
@@ -32,8 +34,9 @@
<div class="ngcp-separator"></div>
<div class="accordion" id="subscriber_data">
- [% IF c.user.roles == 'admin' || c.user.roles == 'reseller'
- || c.user.roles == 'subscriberadmin' -%]
+ [% IF c.user.roles == 'admin' || c.user.roles == 'reseller' ||
+ c.user.roles == 'ccareadmin' || c.user.roles == 'ccare' ||
+ c.user.roles == 'subscriberadmin' -%]
<div class="accordion-group">
<div class="accordion-heading">
<a class="accordion-toggle" data-toggle="collapse" data-parent="#subscriber_data" href="#collapse_master">[% c.loc('Master Data') %]</a>
@@ -41,8 +44,9 @@
<div class="accordion-body collapse" id="collapse_master">
<div class="accordion-inner">
- [% UNLESS (c.user.roles == "admin" || c.user.roles == "reseller") && c.user.read_only -%]
- [%
+ [% UNLESS (c.user.roles == "admin" || c.user.roles == "reseller" ||
+ c.user.roles == "ccareadmin" || c.user.roles == "ccare") && c.user.read_only -%]
+ [%
IF subscriber.provisioning_voip_subscriber.is_pbx_group;
href = c.uri_for_action('/customer/pbx_group_edit', [ contract.id, subscriber.id ]);
ELSE;
@@ -54,7 +58,7 @@
[% IF subscriber.contract.passreset_email_template -%]
<a class="btn btn-secondary btn-large" href="[% c.uri_for_action('/subscriber/reset_webpassword', [subscriber.id]) %]" data-confirm="Reset"><i class="icon-repeat"></i> [% c.loc('Reset Web Password') %]</a>
[% END -%]
-
+
<div class="ngcp-separator"></div>
<table class="table table-bordered table-striped table-highlight table-hover" id="subscribers_table">
@@ -65,13 +69,13 @@
</tr>
</thead>
<tbody>
- [% IF c.user.roles == "admin" || c.user.roles == "reseller" -%]
+ [% IF c.user.roles == "admin" || c.user.roles == "reseller" || c.user.roles == "ccareadmin" || c.user.roles == "ccare" -%]
<tr class="sw_action_row">
<td>[% c.loc('Customer #') %]</td>
<td>[% subscriber.contract.id %]</td>
</tr>
[% END -%]
- [%
+ [%
elements = [];
elements.push({ value = subscriber.status, desc = c.loc('Status') });
@@ -86,7 +90,7 @@
IF (c.user.roles == "admin" || c.user.roles == "reseller") && c.user.show_passwords;
elements.push({ value = subscriber.provisioning_voip_subscriber.password, desc = c.loc('SIP Password') });
END;
- IF c.user.roles == "admin" || c.user.roles == "reseller";
+ IF c.user.roles == "admin" || c.user.roles == "reseller" || c.user.roles == "ccareadmin" || c.user.roles == "ccare";
elements.push({ value = subscriber.provisioning_voip_subscriber.admin ? 'yes' : 'no', desc = c.loc('Administrative') });
elements.push({ value = subscriber.external_id, desc = c.loc('External #')});
elements.push({ value = subscriber.uuid, desc = c.loc('UUID') });
@@ -155,7 +159,7 @@
</div>
[% END -%]
- [% IF
+ [% IF
((c.user.roles == 'admin' || c.user.roles == 'reseller') && c.user.call_data) ||
c.user.roles == 'subscriberadmin'
-%]
@@ -171,7 +175,7 @@ function process_pbx_items(moveId,direction){
'pbx_group_items',
uri,
'',
- function(){
+ function(){
mainWrapperInit();
}
);
@@ -183,11 +187,11 @@ function process_pbx_items(moveId,direction){
</div>
<div class="accordion-body collapse" id="collapse_pbx_group_items">
<div class="accordion-inner" id="pbx_group_items">
-[%PROCESS 'subscriber/pbx_group_items.tt' %]
+[%PROCESS 'subscriber/pbx_group_items.tt' %]
</div>
</div>
</div>
-
+
[% END -%]
@@ -206,7 +210,7 @@ function process_pbx_items(moveId,direction){
helper.form_object = form;
helper.ajax_uri = c.uri_for_action('/subscriber/ajax_voicemails', [c.req.captures.0]);
-
+
IF (c.user.roles == "admin" || c.user.roles == "reseller") && c.user.read_only;
helper.dt_buttons = [
{ name = c.loc('Play'), uri = "details/voicemail/'+full.id+'/play", class = 'btn-small btn-tertiary', icon = 'icon-play' },
@@ -217,7 +221,7 @@ function process_pbx_items(moveId,direction){
{ name = c.loc('Delete'), uri = "details/voicemail/'+full.id+'/delete", class = 'btn-small btn-secondary', icon = 'icon-trash' },
];
END;
-
+
PROCESS 'helpers/datatables.tt';
%]
@@ -225,6 +229,7 @@ function process_pbx_items(moveId,direction){
</div>
</div>
+[% IF c.user.roles != "ccareadmin" && c.user.roles != "ccare" -%]
<div class="accordion-group">
<div class="accordion-heading">
<a class="accordion-toggle" data-toggle="collapse" data-parent="#subscriber_data" href="#collapse_recordings">[% c.loc('Call Recordings') %]</a>
@@ -240,7 +245,7 @@ function process_pbx_items(moveId,direction){
helper.form_object = form;
helper.ajax_uri = c.uri_for_action('/subscriber/ajax_recordings', [c.req.captures.0]);
-
+
IF ((c.user.roles == "admin" || c.user.roles == "reseller") && !c.user.read_only) || c.user.roles == "subscriber" || c.user.roles == "subscriberadmin";
helper.dt_buttons = [
{ name = c.loc('Call Details'), uri = "/subscriber/" _ subscriber.id _ "/calls?callid=' + encodeURIComponent(full.call_id_url) + '", class = 'btn-small btn-tertiary', icon = 'icon-search' },
@@ -254,13 +259,14 @@ function process_pbx_items(moveId,direction){
{ name = c.loc('Files'), uri = "details/recording/'+full.id+'/streams", class = 'btn-small btn-tertiary', icon = 'icon-play' },
];
END;
-
+
PROCESS 'helpers/datatables.tt';
%]
</div>
</div>
</div>
+[% END -%]
@@ -272,7 +278,8 @@ function process_pbx_items(moveId,direction){
<div class="accordion-body collapse" id="collapse_regdev">
<div class="accordion-inner">
- [% UNLESS (c.user.roles == "admin" || c.user.roles == "reseller") && c.user.read_only -%]
+ [% UNLESS (c.user.roles == "admin" || c.user.roles == "reseller" ||
+ c.user.roles == "ccareadmin" || c.user.roles == "ccare") && c.user.read_only -%]
<a class="btn btn-tertiary btn-large" href="[% c.uri_for_action('/subscriber/create_registered', [c.req.captures.0]) %]"><i class="icon-star"></i> [% c.loc('Create Permanent Registration') %]</a>
[% END -%]
[%
@@ -287,12 +294,13 @@ function process_pbx_items(moveId,direction){
helper.form_object = form;
helper.ajax_uri = c.uri_for_action('/subscriber/ajax_registered', [c.req.captures.0]);
- UNLESS (c.user.roles == "admin" || c.user.roles == "reseller") && c.user.read_only;
+ UNLESS (c.user.roles == "admin" || c.user.roles == "reseller" ||
+ c.user.roles == "ccareadmin" || c.user.roles == "ccare") && c.user.read_only;
helper.dt_buttons = [
{ name = c.loc('Delete'), uri = "details/registered/'+full.id+'/delete", class = 'btn-small btn-secondary', icon = 'icon-trash' },
];
END;
-
+
PROCESS 'helpers/datatables.tt';
%]
@@ -300,7 +308,7 @@ function process_pbx_items(moveId,direction){
</div>
</div>
-[% IF c.config.features.callflow && c.user.call_data -%]
+[% IF c.config.features.callflow && c.user.call_data && c.user.roles != "ccareadmin" && c.user.roles != "ccare" -%]
<div class="accordion-group">
<div class="accordion-heading">
<a class="accordion-toggle" data-toggle="collapse" data-parent="#subscriber_data" href="#collapse_cap">[% c.loc('Captured Dialogs') %]</a>
@@ -323,7 +331,7 @@ function process_pbx_items(moveId,direction){
helper.dt_buttons = [
{ name = c.loc('Call Flow'), uri = "callflow/'+encodeURIComponent(full.call_id_url)+'/callmap", class = 'btn-small btn-primary', icon = 'icon-random' },
];
-
+
PROCESS 'helpers/datatables.tt';
%]
@@ -332,7 +340,8 @@ function process_pbx_items(moveId,direction){
</div>
[% END -%]
- [% IF (c.user.roles == "subscriberadmin" && product.class == "pbxaccount") || c.user.roles == "admin" || c.user.roles == "reseller" -%]
+ [% IF (c.user.roles == "subscriberadmin" && product.class == "pbxaccount") ||
+ c.user.roles == "admin" || c.user.roles == "reseller" || c.user.roles == "ccareadmin" || c.user.roles == "ccare" -%]
<div class="accordion-group">
<div class="accordion-heading">
<a class="accordion-toggle" data-toggle="collapse" data-parent="#subscriber_data" href="#collapse_phonebook">[% c.loc('Phonebook') %]</a>
diff --git a/share/templates/subscriber/preferences.tt b/share/templates/subscriber/preferences.tt
index 74ed9a5f63..cb3385191c 100644
--- a/share/templates/subscriber/preferences.tt
+++ b/share/templates/subscriber/preferences.tt
@@ -53,7 +53,8 @@
[% IF
((c.user.roles == "subscriber" || c.user.roles == "subscriberadmin") && special_prefs.check && special_prefs.callforward.active) ||
((c.user.roles == "subscriber" || c.user.roles == "subscriberadmin") && !special_prefs.check) ||
- c.user.roles == "admin" || c.user.roles == "reseller" -%]
+ c.user.roles == "admin" || c.user.roles == "reseller" ||
+ c.user.roles == "ccareadmin" || c.user.roles == "ccare" -%]
<script>
function destinationDynamicFields(selectedValue, inputNumber){
@@ -232,7 +233,8 @@ $( document ).ready(function() {
</td>
<td class="ngcp-actions-column">
<div class="sw_actions">
- [% UNLESS (c.user.roles == "admin" || c.user.roles == "reseller") && c.user.read_only -%]
+ [% UNLESS (c.user.roles == "admin" || c.user.roles == "reseller" ||
+ c.user.roles == "ccareadmin" || c.user.roles == "ccare") && c.user.read_only -%]
<a class="btn btn-primary btn-small" href="[% c.uri_for_action("/subscriber/preferences_callforward", [c.req.captures.0], cf.type) %]"><i class="icon-edit"></i> [% c.loc('Edit') %]</a>
[% IF cf_destinations.${cf.type}.size -%]
<a class="btn btn-secondary btn-small" data-confirm="Delete" href="[% c.uri_for_action("/subscriber/preferences_callforward_delete", [c.req.captures.0], cf.type) %]"><i class="icon-trash"></i> [% c.loc('Delete') %]</a>
@@ -254,7 +256,8 @@ $( document ).ready(function() {
[% IF
((c.user.roles == "subscriber" || c.user.roles == "subscriberadmin") && special_prefs.check && special_prefs.voice_mail.active) ||
((c.user.roles == "subscriber" || c.user.roles == "subscriberadmin") && !special_prefs.check) ||
- c.user.roles == "admin" || c.user.roles == "reseller" -%]
+ c.user.roles == "admin" || c.user.roles == "reseller" ||
+ c.user.roles == "ccareadmin" || c.user.roles == "ccare" -%]
<div class="accordion-group">
<div class="accordion-heading">
<a class="accordion-toggle" data-toggle="collapse" data-parent="#preference_groups" href="#collapse_vm">[% c.loc('Voicemail and Voicebox') %]</a>
@@ -279,7 +282,9 @@ $( document ).ready(function() {
</td>
<td class="ngcp-actions-column">
<div class="sw_actions">
- [% IF c.user.roles == "subscriber" || c.user.roles == "subscriberadmin" || ((c.user.roles == "admin" || c.user.roles == "reseller") && c.user.read_only != 1) -%]
+ [% IF c.user.roles == "subscriber" || c.user.roles == "subscriberadmin" ||
+ ((c.user.roles == "admin" || c.user.roles == "reseller" ||
+ c.user.roles == "ccareadmin" || c.user.roles == "ccare") && c.user.read_only != 1) -%]
<a class="btn btn-primary btn-small" href="[% c.uri_for_action("/subscriber/edit_voicebox", [c.req.captures.0], 'pin') %]"><i class="icon-edit"></i> [% c.loc('Edit') %]</a>
[% END -%]
</div>
@@ -293,7 +298,9 @@ $( document ).ready(function() {
</td>
<td class="ngcp-actions-column">
<div class="sw_actions">
- [% IF c.user.roles == "subscriber" || c.user.roles == "subscriberadmin" || ((c.user.roles == "admin" || c.user.roles == "reseller") && c.user.read_only != 1) -%]
+ [% IF c.user.roles == "subscriber" || c.user.roles == "subscriberadmin" ||
+ ((c.user.roles == "admin" || c.user.roles == "reseller" ||
+ c.user.roles == "ccareadmin" || c.user.roles == "ccare") && c.user.read_only != 1) -%]
<a class="btn btn-primary btn-small" href="[% c.uri_for_action("/subscriber/edit_voicebox", [c.req.captures.0], 'email') %]"><i class="icon-edit"></i> [% c.loc('Edit') %]</a>
[% END -%]
</div>
@@ -307,7 +314,10 @@ $( document ).ready(function() {
</td>
<td class="ngcp-actions-column">
<div class="sw_actions">
- [% IF c.user.roles == "subscriber" || c.user.roles == "subscriberadmin" || ((c.user.roles == "admin" || c.user.roles == "reseller") && c.user.read_only != 1) -%]
+ [% IF c.user.roles == "subscriber" || c.user.roles == "subscriberadmin" ||
+ ((c.user.roles == "admin" || c.user.roles == "reseller" ||
+ c.user.roles == "ccareadmin" || c.user.roles == "ccare") && c.user.read_only != 1) -%]
+
<a class="btn btn-primary btn-small" href="[% c.uri_for_action("/subscriber/edit_voicebox", [c.req.captures.0], 'delete') %]"><i class="icon-edit"></i> [% c.loc('Edit') %]</a>
[% END -%]
</div>
@@ -321,7 +331,9 @@ $( document ).ready(function() {
</td>
<td class="ngcp-actions-column">
<div class="sw_actions">
- [% IF c.user.roles == "subscriber" || c.user.roles == "subscriberadmin" || ((c.user.roles == "admin" || c.user.roles == "reseller") && c.user.read_only != 1) -%]
+ [% IF c.user.roles == "subscriber" || c.user.roles == "subscriberadmin" ||
+ ((c.user.roles == "admin" || c.user.roles == "reseller" ||
+ c.user.roles == "ccareadmin" || c.user.roles == "ccare") && c.user.read_only != 1) -%]
<a class="btn btn-primary btn-small" href="[% c.uri_for_action("/subscriber/edit_voicebox", [c.req.captures.0], 'attach') %]"><i class="icon-edit"></i> [% c.loc('Edit') %]</a>
[% END -%]
</div>
@@ -336,7 +348,9 @@ $( document ).ready(function() {
</td>
<td class="ngcp-actions-column">
<div class="sw_actions">
- [% IF c.user.roles == "subscriber" || c.user.roles == "subscriberadmin" || ((c.user.roles == "admin" || c.user.roles == "reseller") && c.user.read_only != 1) -%]
+ [% IF c.user.roles == "subscriber" || c.user.roles == "subscriberadmin" ||
+ ((c.user.roles == "admin" || c.user.roles == "reseller" ||
+ c.user.roles == "ccareadmin" || c.user.roles == "ccare") && c.user.read_only != 1) -%]
<a class="btn btn-primary btn-small" href="[% c.uri_for_action("/subscriber/edit_voicebox", [c.req.captures.0], 'pager') %]"><i class="icon-edit"></i> [% c.loc('Edit') %]</a>
[% END -%]
</div>
@@ -356,7 +370,9 @@ $( document ).ready(function() {
</td>
<td class="ngcp-actions-column">
<div class="sw_actions">
- [% IF c.user.roles == "subscriber" || c.user.roles == "subscriberadmin" || ((c.user.roles == "admin" || c.user.roles == "reseller") && c.user.read_only != 1) -%]
+ [% IF c.user.roles == "subscriber" || c.user.roles == "subscriberadmin" ||
+ ((c.user.roles == "admin" || c.user.roles == "reseller" ||
+ c.user.roles == "ccareadmin" || c.user.roles == "ccare") && c.user.read_only != 1) -%]
[% IF vm_recording_type.greeting_exists %]
<a class="btn btn-secondary btn-small" data-confirm="Delete" href="[% c.uri_for_action("/subscriber/edit_voicebox", [c.req.captures.0], 'voicemailgreeting','delete', vm_recording_type.type ) %]">
<i class="icon-trash"></i> [% c.loc('Delete') %]
@@ -382,7 +398,8 @@ $( document ).ready(function() {
[% IF c.config.features.faxserver && (
((c.user.roles == "subscriber" || c.user.roles == "subscriberadmin") && special_prefs.check && special_prefs.fax_server.active) ||
((c.user.roles == "subscriber" || c.user.roles == "subscriberadmin") && !special_prefs.check) ||
- c.user.roles == "admin" || c.user.roles == "reseller"
+ c.user.roles == "admin" || c.user.roles == "reseller" ||
+ c.user.roles == "ccareadmin" || c.user.roles == "ccare"
) -%]
<div class="accordion-group" id="fax_features">
<div class="accordion-heading">
@@ -413,7 +430,9 @@ $( document ).ready(function() {
</td>
<td class="ngcp-actions-column">
<div class="sw_actions">
- [% IF c.user.roles == "subscriber" || c.user.roles == "subscriberadmin" || ((c.user.roles == "admin" || c.user.roles == "reseller") && c.user.read_only != 1) -%]
+ [% IF c.user.roles == "subscriber" || c.user.roles == "subscriberadmin" ||
+ ((c.user.roles == "admin" || c.user.roles == "reseller" ||
+ c.user.roles == "ccareadmin" || c.user.roles == "ccare") && c.user.read_only != 1) -%]
<a class="btn btn-primary btn-small" href="[% c.uri_for_action("/subscriber/edit_fax", [c.req.captures.0], 'name') %]">
<i class="icon-edit"></i> [% c.loc('Edit') %]
</a>
@@ -429,7 +448,9 @@ $( document ).ready(function() {
</td>
<td class="ngcp-actions-column">
<div class="sw_actions">
- [% IF c.user.roles == "subscriber" || c.user.roles == "subscriberadmin" || ((c.user.roles == "admin" || c.user.roles == "reseller") && c.user.read_only != 1) -%]
+ [% IF c.user.roles == "subscriber" || c.user.roles == "subscriberadmin" ||
+ ((c.user.roles == "admin" || c.user.roles == "reseller" ||
+ c.user.roles == "ccareadmin" || c.user.roles == "ccare") && c.user.read_only != 1) -%]
<a class="btn btn-primary btn-small" href="[% c.uri_for_action("/subscriber/edit_fax", [c.req.captures.0], 'active') %]">
<i class="icon-edit"></i> [% c.loc('Edit') %]
</a>
@@ -447,7 +468,9 @@ $( document ).ready(function() {
</td>
<td class="ngcp-actions-column">
<div class="sw_actions">
- [% IF c.user.roles == "subscriber" || c.user.roles == "subscriberadmin" || ((c.user.roles == "admin" || c.user.roles == "reseller") && c.user.read_only != 1) -%]
+ [% IF c.user.roles == "subscriber" || c.user.roles == "subscriberadmin" ||
+ ((c.user.roles == "admin" || c.user.roles == "reseller" ||
+ c.user.roles == "ccareadmin" || c.user.roles == "ccare") && c.user.read_only != 1) -%]
<a class="btn btn-primary btn-small" href="[% c.uri_for_action("/subscriber/edit_fax", [c.req.captures.0], 'destinations') %]"><i class="icon-edit"></i> [% c.loc('Edit') %]</a>
[% END -%]
</div>
@@ -461,7 +484,9 @@ $( document ).ready(function() {
</td>
<td class="ngcp-actions-column">
<div class="sw_actions">
- [% IF c.user.roles == "subscriber" || c.user.roles == "subscriberadmin" || ((c.user.roles == "admin" || c.user.roles == "reseller") && c.user.read_only != 1) -%]
+ [% IF c.user.roles == "subscriber" || c.user.roles == "subscriberadmin" ||
+ ((c.user.roles == "admin" || c.user.roles == "reseller" ||
+ c.user.roles == "ccareadmin" || c.user.roles == "ccare") && c.user.read_only != 1) -%]
<a class="btn btn-primary btn-small" href="[% c.uri_for_action("/subscriber/edit_fax", [c.req.captures.0], 't38') %]">
<i class="icon-edit"></i> [% c.loc('Edit') %]
</a>
@@ -477,7 +502,9 @@ $( document ).ready(function() {
</td>
<td class="ngcp-actions-column">
<div class="sw_actions">
- [% IF c.user.roles == "subscriber" || c.user.roles == "subscriberadmin" || ((c.user.roles == "admin" || c.user.roles == "reseller") && c.user.read_only != 1) -%]
+ [% IF c.user.roles == "subscriber" || c.user.roles == "subscriberadmin" ||
+ ((c.user.roles == "admin" || c.user.roles == "reseller" ||
+ c.user.roles == "ccareadmin" || c.user.roles == "ccare") && c.user.read_only != 1) -%]
<a class="btn btn-primary btn-small" href="[% c.uri_for_action("/subscriber/edit_fax", [c.req.captures.0], 'ecm') %]">
<i class="icon-edit"></i> [% c.loc('Edit') %]
</a>
@@ -512,7 +539,9 @@ $( document ).ready(function() {
</td>
<td class="ngcp-actions-column">
<div class="sw_actions">
- [% IF c.user.roles == "subscriber" || c.user.roles == "subscriberadmin" || ((c.user.roles == "admin" || c.user.roles == "reseller") && c.user.read_only != 1) -%]
+ [% IF c.user.roles == "subscriber" || c.user.roles == "subscriberadmin" ||
+ ((c.user.roles == "admin" || c.user.roles == "reseller" ||
+ c.user.roles == "ccareadmin" || c.user.roles == "ccare") && c.user.read_only != 1) -%]
<a class="btn btn-primary btn-small" href="[% c.uri_for_action("/subscriber/edit_mail_to_fax", [c.req.captures.0], 'active') %]">
<i class="icon-edit"></i> [% c.loc('Edit') %]
</a>
@@ -528,7 +557,9 @@ $( document ).ready(function() {
</td>
<td class="ngcp-actions-column">
<div class="sw_actions">
- [% IF c.user.roles == "subscriber" || c.user.roles == "subscriberadmin" || ((c.user.roles == "admin" || c.user.roles == "reseller") && c.user.read_only != 1) -%]
+ [% IF c.user.roles == "subscriber" || c.user.roles == "subscriberadmin" ||
+ ((c.user.roles == "admin" || c.user.roles == "reseller" ||
+ c.user.roles == "ccareadmin" || c.user.roles == "ccare") && c.user.read_only != 1) -%]
<a class="btn btn-primary btn-small" href="[% c.uri_for_action("/subscriber/edit_mail_to_fax", [c.req.captures.0], 'secret_key') %]">
<i class="icon-edit"></i> [% c.loc('Edit') %]
</a>
@@ -544,7 +575,9 @@ $( document ).ready(function() {
</td>
<td class="ngcp-actions-column">
<div class="sw_actions">
- [% IF c.user.roles == "subscriber" || c.user.roles == "subscriberadmin" || ((c.user.roles == "admin" || c.user.roles == "reseller") && c.user.read_only != 1) -%]
+ [% IF c.user.roles == "subscriber" || c.user.roles == "subscriberadmin" ||
+ ((c.user.roles == "admin" || c.user.roles == "reseller" ||
+ c.user.roles == "ccareadmin" || c.user.roles == "ccare") && c.user.read_only != 1) -%]
<a class="btn btn-primary btn-small" href="[% c.uri_for_action("/subscriber/edit_mail_to_fax", [c.req.captures.0], 'secret_key_renew') %]">
<i class="icon-edit"></i> [% c.loc('Edit') %]
</a>
@@ -570,7 +603,9 @@ $( document ).ready(function() {
</td>
<td class="ngcp-actions-column">
<div class="sw_actions">
- [% IF c.user.roles == "subscriber" || c.user.roles == "subscriberadmin" || ((c.user.roles == "admin" || c.user.roles == "reseller") && c.user.read_only != 1) -%]
+ [% IF c.user.roles == "subscriber" || c.user.roles == "subscriberadmin" ||
+ ((c.user.roles == "admin" || c.user.roles == "reseller" ||
+ c.user.roles == "ccareadmin" || c.user.roles == "ccare") && c.user.read_only != 1) -%]
<a class="btn btn-primary btn-small" href="[% c.uri_for_action("/subscriber/edit_mail_to_fax", [c.req.captures.0], 'secret_renew_notify') %]">
<i class="icon-edit"></i> [% c.loc('Edit') %]
</a>
@@ -588,7 +623,9 @@ $( document ).ready(function() {
</td>
<td class="ngcp-actions-column">
<div class="sw_actions">
- [% IF c.user.roles == "subscriber" || c.user.roles == "subscriberadmin" || ((c.user.roles == "admin" || c.user.roles == "reseller") && c.user.read_only != 1) -%]
+ [% IF c.user.roles == "subscriber" || c.user.roles == "subscriberadmin" ||
+ ((c.user.roles == "admin" || c.user.roles == "reseller" ||
+ c.user.roles == "ccareadmin" || c.user.roles == "ccare") && c.user.read_only != 1) -%]
<a class="btn btn-primary btn-small" href="[% c.uri_for_action("/subscriber/edit_mail_to_fax", [c.req.captures.0], 'acl') %]"><i class="icon-edit"></i> [% c.loc('Edit') %]</a>
[% END -%]
</div>
@@ -604,7 +641,8 @@ $( document ).ready(function() {
[% IF c.config.features.cloudpbx && subscriber.contract.product.class == 'pbxaccount' && (
((c.user.roles == "subscriber" || c.user.roles == "subscriberadmin") && special_prefs.check && special_prefs.auto_attendant.active) ||
((c.user.roles == "subscriber" || c.user.roles == "subscriberadmin") && !special_prefs.check) ||
- c.user.roles == "admin" || c.user.roles == "reseller"
+ c.user.roles == "admin" || c.user.roles == "reseller" ||
+ c.user.roles == "ccareadmin" || c.user.roles == "ccare"
) -%]
<div class="accordion-group">
<div class="accordion-heading">
@@ -613,7 +651,9 @@ $( document ).ready(function() {
<div class="accordion-body collapse" id="collapse_aa">
<div class="accordion-inner">
- [% IF c.user.roles == "subscriber" || c.user.roles == "subscriberadmin" || ((c.user.roles == "admin" || c.user.roles == "reseller") && c.user.read_only != 1) -%]
+ [% IF c.user.roles == "subscriber" || c.user.roles == "subscriberadmin" ||
+ ((c.user.roles == "admin" || c.user.roles == "reseller" ||
+ c.user.roles == "ccareadmin" || c.user.roles == "ccare") && c.user.read_only != 1) -%]
<a class="btn btn-tertiary btn-large" href="[% c.uri_for_action('/subscriber/edit_autoattendant', [c.req.captures.0]) %]">
<i class="icon-star"></i> [% c.loc('Edit Slots') %]
</a>
@@ -641,7 +681,8 @@ $( document ).ready(function() {
[% IF
((c.user.roles == "subscriber" || c.user.roles == "subscriberadmin") && special_prefs.check && special_prefs.speed_dial.active) ||
((c.user.roles == "subscriber" || c.user.roles == "subscriberadmin") && !special_prefs.check) ||
- c.user.roles == "admin" || c.user.roles == "reseller" -%]
+ c.user.roles == "admin" || c.user.roles == "reseller" ||
+ c.user.roles == "ccareadmin" || c.user.roles == "ccare" -%]
<div class="accordion-group">
<div class="accordion-heading">
<a class="accordion-toggle" data-toggle="collapse" data-parent="#preference_groups" href="#collapse_speed">[% c.loc('Speed Dial') %]</a>
@@ -649,7 +690,9 @@ $( document ).ready(function() {
<div class="accordion-body collapse" id="collapse_speed">
<div class="accordion-inner">
- [% IF c.user.roles == "subscriber" || c.user.roles == "subscriberadmin" || ((c.user.roles == "admin" || c.user.roles == "reseller") && c.user.read_only != 1) -%]
+ [% IF c.user.roles == "subscriber" || c.user.roles == "subscriberadmin" ||
+ ((c.user.roles == "admin" || c.user.roles == "reseller" ||
+ c.user.roles == "ccareadmin" || c.user.roles == "ccare") && c.user.read_only != 1) -%]
<a class="btn btn-tertiary btn-large" href="[% c.uri_for_action('/subscriber/create_speeddial', [c.req.captures.0]) %]"><i class="icon-star"></i> [% c.loc('Create Slot') %]</a>
[% END -%]
[%
@@ -675,7 +718,8 @@ $( document ).ready(function() {
[% IF
((c.user.roles == "subscriber" || c.user.roles == "subscriberadmin") && special_prefs.check && special_prefs.reminder.active) ||
((c.user.roles == "subscriber" || c.user.roles == "subscriberadmin") && !special_prefs.check) ||
- c.user.roles == "admin" || c.user.roles == "reseller" -%]
+ c.user.roles == "admin" || c.user.roles == "reseller" ||
+ c.user.roles == "ccareadmin" || c.user.roles == "ccare" -%]
<div class="accordion-group">
<div class="accordion-heading">
<a class="accordion-toggle" data-toggle="collapse" data-parent="#preference_groups" href="#collapse_rm">[% c.loc('Reminder') %]</a>
@@ -706,7 +750,9 @@ $( document ).ready(function() {
</td>
<td class="ngcp-actions-column">
<div class="sw_actions">
- [% IF c.user.roles == "subscriber" || c.user.roles == "subscriberadmin" || ((c.user.roles == "admin" || c.user.roles == "reseller") && c.user.read_only != 1) -%]
+ [% IF c.user.roles == "subscriber" || c.user.roles == "subscriberadmin" ||
+ ((c.user.roles == "admin" || c.user.roles == "reseller" ||
+ c.user.roles == "ccareadmin" || c.user.roles == "ccare") && c.user.read_only != 1) -%]
<a class="btn btn-primary btn-small" href="[% c.uri_for_action("/subscriber/edit_reminder", [c.req.captures.0]) %]">
<i class="icon-edit"></i> [% c.loc('Edit') %]
</a>
@@ -729,7 +775,8 @@ $( document ).ready(function() {
[% END -%]
[% IF c.config.features.callingcard && (
- c.user.roles == "admin" || c.user.roles == "reseller"
+ c.user.roles == "admin" || c.user.roles == "reseller" ||
+ c.user.roles == "ccareadmin" || c.user.roles == "ccare"
) -%]
<div class="accordion-group">
<div class="accordion-heading">
@@ -738,7 +785,9 @@ $( document ).ready(function() {
<div class="accordion-body collapse" id="collapse_ccmap">
<div class="accordion-inner">
- [% IF c.user.roles == "subscriber" || c.user.roles == "subscriberadmin" || ((c.user.roles == "admin" || c.user.roles == "reseller") && c.user.read_only != 1) -%]
+ [% IF c.user.roles == "subscriber" || c.user.roles == "subscriberadmin" ||
+ ((c.user.roles == "admin" || c.user.roles == "reseller" ||
+ c.user.roles == "ccareadmin" || c.user.roles == "ccare") && c.user.read_only != 1) -%]
<a class="btn btn-tertiary btn-large" href="[% c.uri_for_action('/subscriber/edit_ccmapping', [c.req.captures.0]) %]">
<i class="icon-star"></i> [% c.loc('Edit Callthrough CLIs') %]
</a>
@@ -772,7 +821,8 @@ $( document ).ready(function() {
<div class="accordion-body collapse" id="collapse_ts">
<div class="accordion-inner">
- [% IF (c.user.roles == "admin" || c.user.roles == "reseller") && c.user.read_only != 1 -%]
+ [% IF (c.user.roles == "admin" || c.user.roles == "reseller" ||
+ c.user.roles == "ccareadmin" || c.user.roles == "ccare") && c.user.read_only != 1 -%]
<a class="btn btn-tertiary btn-large" href="[% c.uri_for_action("/subscriber/create_trusted", [c.req.captures.0]) %]">
<i class="icon-star"></i> [% c.loc('Create') %]
</a>
@@ -803,7 +853,8 @@ $( document ).ready(function() {
</td>
<td class="ngcp-actions-column">
<div class="sw_actions">
- [% IF (c.user.roles == "admin" || c.user.roles == "reseller") && c.user.read_only != 1 -%]
+ [% IF (c.user.roles == "admin" || c.user.roles == "reseller" ||
+ c.user.roles == "ccareadmin" || c.user.roles == "ccare") && c.user.read_only != 1 -%]
<a class="btn btn-primary btn-small" href="[% c.uri_for_action("/subscriber/edit_trusted", [c.req.captures.0, trusted.id]) %]"><i class="icon-edit"></i> [% c.loc('Edit') %]</a>
<a class="btn btn-secondary btn-small" href="[% c.uri_for_action("/subscriber/delete_trusted", [c.req.captures.0, trusted.id]) %]" data-confirm="Delete"><i class="icon-trash"></i> [% c.loc('Delete') %]</a>
[% END -%]
@@ -828,7 +879,8 @@ $( document ).ready(function() {
<div class="accordion-body collapse" id="collapse_upnr">
<div class="accordion-inner">
- [% IF (c.user.roles == "admin" || c.user.roles == "reseller") && c.user.read_only != 1 -%]
+ [% IF (c.user.roles == "admin" || c.user.roles == "reseller" ||
+ c.user.roles == "ccareadmin" || c.user.roles == "ccare") && c.user.read_only != 1 -%]
<a class="btn btn-tertiary btn-large" href="[% c.uri_for_action("/subscriber/create_upn_rewrite", [c.req.captures.0]) %]">
<i class="icon-star"></i> [% c.loc('Create') %]
</a>
@@ -863,7 +915,8 @@ $( document ).ready(function() {
</td>
<td class="ngcp-actions-column">
<div class="sw_actions">
- [% IF (c.user.roles == "admin" || c.user.roles == "reseller") && c.user.read_only != 1 -%]
+ [% IF (c.user.roles == "admin" || c.user.roles == "reseller" ||
+ c.user.roles == "ccareadmin" || c.user.roles == "ccare") && c.user.read_only != 1 -%]
<a class="btn btn-primary btn-small" href="[% c.uri_for_action("/subscriber/edit_upn_rewrite", [c.req.captures.0, set.id]) %]"><i class="icon-edit"></i> [% c.loc('Edit') %]</a>
<a class="btn btn-secondary btn-small" href="[% c.uri_for_action("/subscriber/delete_upn_rewrite", [c.req.captures.0, set.id]) %]" data-confirm="Delete"><i class="icon-trash"></i> [% c.loc('Delete') %]</a>
[% END -%]
@@ -896,7 +949,8 @@ $( document ).ready(function() {
helper.dt_columns = hm_rule_dt_columns;
helper.ajax_uri = c.uri_for_action('/subscriber/header_rules_ajax', [c.req.captures.0]);
- IF (c.user.roles == "admin" || c.user.roles == "reseller") && c.user.read_only != 1;
+ IF (c.user.roles == "admin" || c.user.roles == "reseller" ||
+ c.user.roles == "ccareadmin" || c.user.roles == "ccare") && c.user.read_only != 1;
FILTER null;
backuritmp=c.req.uri;
backuritmp.query_param_delete('back');
@@ -1172,4 +1226,3 @@ $( document ).ready(function() {
[% END -%]
[% # vim: set tabstop=4 syntax=html expandtab: -%]
-
diff --git a/share/templates/widgets/ccare_customer_overview.tt b/share/templates/widgets/ccare_customer_overview.tt
new file mode 100644
index 0000000000..38a1db0377
--- /dev/null
+++ b/share/templates/widgets/ccare_customer_overview.tt
@@ -0,0 +1,45 @@
+<script>
+enqueLists.push([{
+ res: 'contacts_count',
+ widgetName: "CCareCustomerOverview",
+ cb: function(data) {
+ //console.log(data);
+ $("#ccare_customer_overview_lazy_items_list").append('<li><strong>' + data.widget_data + '</strong> ' + (data.widget_data == 1 ? '[% c.escape_js(c.loc('Contact')) %]' : '[% c.escape_js(c.loc('Contacts')) %]') + '</li>');
+ }
+},{
+ res: 'subscribers_count',
+ widgetName: "CCareCustomerOverview",
+ cb: function(data) {
+ //console.log(data);
+ $("#ccare_customer_overview_lazy_items_list").append('<li><strong>' + data.widget_data + '</strong> ' + (data.widget_data == 1 ? '[% c.escape_js(c.loc('Subscriber')) %]' : '[% c.escape_js(c.loc('Subscribers')) %]') + '</li>');
+ }
+},{
+ res: 'customers_count',
+ widgetName: "CCareCustomerOverview",
+ cb: function(data) {
+ //console.log(data);
+ $("#ccare_customer_overview_lazy_loading").remove();
+ $("#ccare_customer_overview_lazy_items_header").append(
+ '<div class="plan-price">' +
+ '<span>' + data.widget_data + '</span>' +
+ '<span class="term">' + (data.widget_data == 1 ? '[% c.escape_js(c.loc('Customer')) %]' : '[% c.escape_js(c.loc('Customers')) %]') + '</span>' +
+ '</div>');
+ }
+}]);
+</script>
+<div class="plan-container">
+ <div class="plan">
+ <div class="plan-header" id="ccare_customer_overview_lazy_items_header">
+ <div class="plan-title">[% c.loc('Customers') %]</div>
+ <div class="plan-price widget-loading" id="ccare_customer_overview_lazy_loading"><span>0</span><span class="term">processing ...</span></div>
+ </div>
+ <div class="plan-features">
+ <ul id="ccare_customer_overview_lazy_items_list">
+ </ul>
+ </div>
+ <div class="plan-actions">
+ <a href="[% c.uri_for('/customer') %]" class="btn">[% c.loc('Configure') %]</a>
+ </div>
+ </div>
+</div>
+[% # vim: set tabstop=4 syntax=html expandtab: -%]
diff --git a/share/templates/widgets/ccare_topmenu_settings.tt b/share/templates/widgets/ccare_topmenu_settings.tt
new file mode 100644
index 0000000000..fac754be52
--- /dev/null
+++ b/share/templates/widgets/ccare_topmenu_settings.tt
@@ -0,0 +1,25 @@
+<li class="dropdown">
+ <a href="javascript:;" class="dropdown-toggle" data-toggle="dropdown">
+ <i class="icon-question-sign"></i>
+ <span>[% c.loc('Documentation') | html %]</span>
+ <b class="caret"></b>
+ </a>
+ <ul class="dropdown-menu">
+ <li><a href="[% c.uri_for('/handbook/') %]" class="ngcp-noback-link">[% c.loc('Handbook') %]</a></li>
+ [% FOR l IN c.config.external_documentation.link -%]
+ <li><a href="[% l.url %]" class="ngcp-noback-link">[% l.name | html %]</a></li>
+ [% END; -%]
+ </ul>
+</li>
+<li class="dropdown">
+ <a href="javascript:;" class="dropdown-toggle" data-toggle="dropdown">
+ <i class="icon-th"></i>
+ <span>[% c.loc('Settings') %]</span>
+ <b class="caret"></b>
+ </a>
+ <ul class="dropdown-menu">
+ <li><a href="[% c.uri_for('/customer') %]">[% c.loc('Customers') %]</a></li>
+ <li><a href="[% c.uri_for('/subscriber') %]">[% c.loc('Subscribers') %]</a></li>
+ </ul>
+</li>
+[% # vim: set tabstop=4 syntax=html expandtab: -%]
diff --git a/share/templates/widgets/ccareadmin_topmenu_settings.tt b/share/templates/widgets/ccareadmin_topmenu_settings.tt
new file mode 100644
index 0000000000..fac754be52
--- /dev/null
+++ b/share/templates/widgets/ccareadmin_topmenu_settings.tt
@@ -0,0 +1,25 @@
+<li class="dropdown">
+ <a href="javascript:;" class="dropdown-toggle" data-toggle="dropdown">
+ <i class="icon-question-sign"></i>
+ <span>[% c.loc('Documentation') | html %]</span>
+ <b class="caret"></b>
+ </a>
+ <ul class="dropdown-menu">
+ <li><a href="[% c.uri_for('/handbook/') %]" class="ngcp-noback-link">[% c.loc('Handbook') %]</a></li>
+ [% FOR l IN c.config.external_documentation.link -%]
+ <li><a href="[% l.url %]" class="ngcp-noback-link">[% l.name | html %]</a></li>
+ [% END; -%]
+ </ul>
+</li>
+<li class="dropdown">
+ <a href="javascript:;" class="dropdown-toggle" data-toggle="dropdown">
+ <i class="icon-th"></i>
+ <span>[% c.loc('Settings') %]</span>
+ <b class="caret"></b>
+ </a>
+ <ul class="dropdown-menu">
+ <li><a href="[% c.uri_for('/customer') %]">[% c.loc('Customers') %]</a></li>
+ <li><a href="[% c.uri_for('/subscriber') %]">[% c.loc('Subscribers') %]</a></li>
+ </ul>
+</li>
+[% # vim: set tabstop=4 syntax=html expandtab: -%]