diff --git a/lib/NGCP/Panel/Controller/API/Admins.pm b/lib/NGCP/Panel/Controller/API/Admins.pm index 4ed2fdb5c6..202dced564 100644 --- a/lib/NGCP/Panel/Controller/API/Admins.pm +++ b/lib/NGCP/Panel/Controller/API/Admins.pm @@ -1,5 +1,6 @@ package NGCP::Panel::Controller::API::Admins; use NGCP::Panel::Utils::Generic qw(:all); +use NGCP::Panel::Utils::UserRole; use Sipwise::Base; @@ -46,6 +47,7 @@ sub create_item { } my $item; try { + $resource->{role_id} = NGCP::Panel::Utils::UserRole::resolve_role_id($c, $resource); $item = $c->model('DB')->resultset('admins')->create($resource); } catch($e) { $c->log->error("failed to create admin: $e"); diff --git a/lib/NGCP/Panel/Controller/Administrator.pm b/lib/NGCP/Panel/Controller/Administrator.pm index e3eca58156..115ef5ae2c 100644 --- a/lib/NGCP/Panel/Controller/Administrator.pm +++ b/lib/NGCP/Panel/Controller/Administrator.pm @@ -8,6 +8,7 @@ use HTTP::Headers qw(); use NGCP::Panel::Utils::Message; use NGCP::Panel::Utils::Navigation; use NGCP::Panel::Utils::Auth; +use NGCP::Panel::Utils::UserRole; sub auto :Does(ACL) :ACLDetachTo('/denied_page') :AllowedRole(admin) :AllowedRole(reseller) :AllowedRole(lintercept) { my ($self, $c) = @_; @@ -130,6 +131,7 @@ sub create :Chained('list_admin') :PathPart('create') :Args(0) :AllowedRole(admi } $form->values->{md5pass} = undef; $form->values->{saltedpass} = NGCP::Panel::Utils::Auth::generate_salted_hash(delete $form->values->{password}); + $form->values->{role_id} = NGCP::Panel::Utils::UserRole::resolve_role_id($c, $form->values); $c->stash->{admins}->create($form->values); delete $c->session->{created_objects}->{reseller}; NGCP::Panel::Utils::Message::info( @@ -239,6 +241,8 @@ sub edit :Chained('base') :PathPart('edit') :Args(0) { delete $form->values->{reseller_id}; } + $form->values->{role_id} = NGCP::Panel::Utils::UserRole::resolve_role_id($c, $form->values); + $c->stash->{administrator}->update($form->values); delete $c->session->{created_objects}->{reseller}; NGCP::Panel::Utils::Message::info( diff --git a/lib/NGCP/Panel/Role/API/Admins.pm b/lib/NGCP/Panel/Role/API/Admins.pm index 69d432a071..445ffdafab 100644 --- a/lib/NGCP/Panel/Role/API/Admins.pm +++ b/lib/NGCP/Panel/Role/API/Admins.pm @@ -11,6 +11,7 @@ use HTTP::Status qw(:constants); use NGCP::Panel::Utils::DateTime; use NGCP::Panel::Utils::Auth; +use NGCP::Panel::Utils::UserRole; sub item_name{ return 'admin'; @@ -166,6 +167,9 @@ sub update_item { $resource = $old_resource; $resource->{is_active} = $active; } + + $resource->{role_id} = NGCP::Panel::Utils::UserRole::resolve_role_id($c, $resource); + $item->update($resource); return $item; diff --git a/lib/NGCP/Panel/Utils/UserRole.pm b/lib/NGCP/Panel/Utils/UserRole.pm new file mode 100644 index 0000000000..c485d0457f --- /dev/null +++ b/lib/NGCP/Panel/Utils/UserRole.pm @@ -0,0 +1,47 @@ +package NGCP::Panel::Utils::UserRole; + +use Sipwise::Base; + +sub _flags_to_name { + my (%flags) = @_; + + # "system" - is_system = 1, + # "admin" - is_superuser = 1 + # "reseller" - is_superuser = 0 + # "ccareadmin" - is_ccare = 1, is_superuser = 1 + # "ccare" = is_ccare = 1, is_superuser = 0 + # "lawful_intercept" - lintercept = 1 + + if ($flags{is_system}) { + return 'system'; + } + + if ($flags{lawful_intercept}) { + return 'lintercept' + } + + if ($flags{is_superuser}) { + if ($flags{is_ccare}) { + return 'ccareadmin'; + } + return 'admin'; + } + + if ($flags{is_ccare}) { + return 'ccare'; + } + + return 'reseller'; +} + + +sub resolve_role_id { + my ($c, $params) = @_; + + my $role_name = &_flags_to_name(%$params); + my $role = $c->model('DB')->resultset('acl_roles')->search({role => $role_name})->first; + + return $role->id; +} + +1; \ No newline at end of file