* new c.users.role 'lintercept', that set to when an admin user has
enabled 'lawful_intercept' flag
* only Administrator page /api/admins and /api/interceptions are available for
the role
* 'lintercept' role can only see own user and only change password
and email
Change-Id: Iadcb022a124afbd77b224e734026f380af0170e8
* there is a catch when changing the admin password;
first of all, according to TT#76110 only own admin
users can change the password via PUT/PATCH;
secondly, inside the code, for PATCH to work we need
a dummy 'password' key on the old resource which has
been set to the saltedpass; when updating the admin,
if the password is still equal to saltedpass, no change
is made to the password
Change-Id: I423ebe13988c58b527db65d666f09b73a483422d
* Change the way webpassword is handled accross
NGCP Panel UI/API to comply with new password
encryption
* At login, if password is not encrypted with
high cost due to the ngcp-bcrypt-webpassword
script, encrypt it with proper cost
* Accept old password format as well until all
webpasswords are encrypted
Change-Id: Iefa9584a62ab4b7d2a224d10bdd415e9cbb8dfb5
* Deleting or diasbling a peering server was leaving
the peer_probe value in kamailio htable which was
falsely identifying peering server as up when it
was actually down
* Sending htable.delete peer_probe whenever deleting,
disabling or disabling 'probe' for a peering server
fixes the issue
Change-Id: Ie54fd4bd00391a0cc02544d8d7b55108240c74e8
complete the renaming of "sub rowlock_contract" into
"sub acquire_contract_rowlocks" to distinguish it from
"sub recursevly_lock_contract" (which is related to set
the subscriber lock level, not db row write locks)
Change-Id: I287ee611e20c71a90121007511c3781359968bd2
acquire the billing.contract row lock *before* any
unordered billing.voip_numbers rowlocks by
sub manage_subscriber_numbers().
- "deadlock" waittimeout errors will cease when
creating subscribers concurrently via api
- max_subscribers, is_pilot and other per-contract
constraints will be respected accurately
Change-Id: I73bb7525b327bbb09217b790be9c14cc65ddebcc
* A new endpoint is now available that will
return subscriber's preferences and also
the preferences that the subscriber inherits
from its domain
Change-Id: Iaa29fbe57d520f79ac7051dc8fd151d26df41384
* Introduce posibility to provision header rules,
conditions and actions at the same time
using only the /api/headerrules endpoint;
also rules can be modified with PUT/PATCH on
/api/headerrules
Change-Id: I5ef9a85b4bf0f28693d22603cc74f269ea483983
* Introduce posibility to provision rule sets,
rules, condition and actions at the same time
using only the /api/headerrulesets endpoint;
also rules can be modified with PUT/PATCH on
/api/headerrulesets
Change-Id: I8c054f72a2632d45fec76166774521f8c22aea05
The kamailio lcr.reload RPC command was executed before the gateway
were actually removed from the DB.
The execution has been moved afterwards.
Change-Id: I5c514744cf49a4a32f2a8f08dc8f2a45c0b3c87a
* Check if there's a terminated reseller with
the same name and update that reseller's
name to be of "old_<reseller_id>_<name>"
format then create new reseller with that
name
* Applies to both regular creation and default
values creation
* Added same checks to API too
Change-Id: If997cf3716341c5c78bc6879ddea53f7b502c305
* Change sql 'or' which was still in use
when filtering with customer_id to
'union_all' which changes order of
status from enum to alphabetical so
it's now consistent to what happens
when filtering with subscriber_id
Change-Id: I82eea0059d6b414e1148b16d47d4c189a3f43238
when there are other subscribers
* Deleting the pilot subscriber and then editing
other subscribers would result in error, as
details from the pilot are needed
* Added code to makde the deletion of the PBX
pilot subscriber impossible if there are
other subscribers
Change-Id: I46da3e0e3726a8b9e3811fd879869988aa01adff
* If a device id is assigned to a field device line, populate the
device_id field for this line to be used in config templates.
* Handle assigned alias id of deviceid_number_id in /api/pbxdevices,
if any.
Change-Id: I455c4cb6e7d96a21977094e9af97ae91bd29fb92
* Add check for provisioning subscriber
webusername so the API trhows the correct
error when encountering a duplicate
* This implementation relies on the DBIx
error to keep the database integrity
Change-Id: Ica3e2673cead28759ad25f5edb3f7ca0f32e1c1e
* ccareadmin and ccare roles have full access to
Customers, Subscribers and their preferences/settings,
and read-only access to BillingProfiles,InvoceTemplates,
EmailTemplates
* ccare role is restricted to the related reseller
Change-Id: I6cf7d3adf912f0fa98d1ef5c02abea2f4331ec4b
* /api/customerfraudevents now support cdr_period_costs
* add PATCH support to be able to change notify_status and notified_at
* item id is now compound from contract_id,period,period_date
* now all locked contracts are returned (was only for current
day/month before)
* interval query param is not mandatory anymore and multiple
entries per contract can be returned
Change-Id: I9faa911d260f3e3cd386fb1470663a82edb2850c
adds gdpr obfuscation quoting for:
+ subscriber numbers
+ subscriber ip addresses
+ subscriber usernames
+ any logmessage "DATA": query parameters, form data, response data
+ subscriber uuid's
+ call id's
+ callforward sip uri's
the quoting is centralized by $c->qs() ("quote sensitive"), using
catalyst plugin mechanism.
escape symbols are set to « (\x{ab}) and » (\x{bb}).
generate_logfile_data_inventory.pl was modified to mark loglines
with "gdpr affected" status, if $c->qs() was used in a log message.
Change-Id: I0f42d7992594232ae33e5666b0a64009211c5b76
* There is now a PATCH method for soundfiles so
their details can be updated without uploading
a new file
Change-Id: I96e7b453b9830c40d24c15f5ca364021373dfdee
* Adapt code to retrieve file type from header,
not only to expect WAV, and convert it to WAV internally
* Add support for multipart/form-data requests for CSC platform
Change-Id: I12dca611a23c90801b1faae269a55b9fcc895244
* UI: subscriber Preferences" page now contains
a new "Header Manipulations" tab that enables
setting header manipulation rules per subscriber.
They are applied in the following order:
- domain header rule set is applied (if defined)
- subscriber header rules are applied (if defined)
An internal header rule set is now created per subscriber
automatically, if used from the UI
* API: /api/headerrulesets now supports "subsriber_id",
when a whole collection is fetched without ?subscriber_id
only records where subscriber_id = NULL are returned
by default
* fix "read only" UI elements representation in the datable
for header rule sets, rules, conditions, actions
Change-Id: I3e80d1899c577055f3603e80bb3a13d70c5b22cf
when passing the ?tz=Europe/Vienna with POST/PUT/PATCH, the
callforward timeset period definition input will be converted from
Europe/Vienna timezone to system timezone before persising to DB.
when passing the ?tz parameter with GET requests, the
callforward timeset period definition from DB will be converted
to the given timezone.
the ?use_owner_tz parameter will take the subscriber's inherited
timezone.
disarmed in code for now.
Change-Id: If4e130b241c28821844e0700231d1cd6883bcbfb
- All item_rs modifications should be done before we get rows, so apply order_by before pager
- We can't distinguish if subscriberregistrations really has column or not if we return true for all columns.
We will use has_column only in cases when it returns something really meaningful.
- Subscriberregistrations can't order by nat and subscriber_id
Change-Id: I04b7bb719ee058590a7705c6411cb08bcfb15387
Move strange reseller prefetch upper, that looks as not intended copy-paste
Now this query with prefetch will be used for pagination too.
Change-Id: Ie23d2a574e352754d57e1f67d081943aaef50aea
Add test script for API
Fix DateTime create/update issue in TimeSets API (get2put case)
(add and edit functionlity used raw/inflated data respecively)
Add datetimepicker field
Change-Id: If724b7350658c306dbbecbc04309d1d1c0b4a3e2
* Faxes numbers representation now uses one of the available
normalization logics. For the API part it is possible to
override it in /api/faxes with a new 'number_rewrite_mode'
query param or 'fax_number_rewrite_mode',
in case of /api/conversations
Change-Id: I64cfcaa53284eafdc980cdab4c3a01d22a55749b
Unify UI and API code to make subscriberadmin behavior with profile_set and profile common
Change alias_numbers input field to embedded RepeatableJS so it pass form validation
Change-Id: I1b3dc6f88cc6c1f43d76acc8e339dbb664c166a3
the "Try it out" button is disabled for the operations:
PUT, PATCH, DELETE, POST
and therefore only enabled for GET unless the special request param is used.
Change-Id: Iee8338c18e3e8053d6349a20315a7ef3c2f203d5
* init_time field is added as a field as well
as query parameters init_le,init_ge to query
calls by the call initiation time
Change-Id: I6540d632e40d9f0fed6b8f50f126a977eb34e369
implemented for Source Sets and B-Number Set in:
* Panel
* /api/cfbnumbersets/
* /api/cfsourcesets/
* /api/callforwards/
in addition, the fields have also been documented in the forms (and therefore
also in the API documentation)
Change-Id: I955dd9addf1e61ec7516b4c518adec151248bacc
* perform_prepaid_billing() part of the code
that cancels the session is moved into a new
function cancel_prepaid_billing()
* cancel_prepaid_billing is called in perform_prepaid_billing()
and after init_prepaid_billing() if session status != 'ok'
* add_journal_record() set default coding=0 if undefined
Change-Id: Id98f8e5b738953d5bb047f59657218f5fa6cab62
* smsc_peer is set as 'default' if none is identified
* fill in status and reason fields for sms receive
* write 'cli' fields as intended
Change-Id: I7316935c3253563db96104d481cbaba7213ad436
* fix routine path
* fix passing arguments as an array, not hashref
* send_sms() uses UTF-8 charset for the query_form() method
Change-Id: I3039999751ffc666ce10b40cb01209a69c98e94e
this is to fix the TAP tests of the sipwise QA chain
fixed (or ignored):
- ControlStructures::ProhibitMutatingListFunctions
- Documentation::RequirePodSections
- InputOutput::RequireEncodingWithUTF8Layer
- Subroutines::ProhibitSubroutinePrototypes
- BuiltinFunctions::ProhibitStringySplit
- TestingAndDebugging::ProhibitNoStrict
- TestingAndDebugging::ProhibitProlongedStrictureOverride
- InputOutput::ProhibitTwoArgOpen
- CodeLayout::ProhibitQuotedWordLists
Change-Id: I7dce4ce123bad40de2d9b51ba5b1a141e20c3783
these are to fix sipwise TAP tests. The following policies were
violated and have been fixed (or ignored where apppropriate):
- Variables::ProhibitAugmentedAssignmentInDeclaration
- Variables::ProhibitConditionalDeclarations
- Variables::RequireLocalizedPunctuationVars
Change-Id: Ifee93d537cd6e33d9e6e6ef8026be4b2b9fd0ee5
* enables fetching captured sip data
GET all collection returns JSON with available SIP messages
GET item collection requires a valid call-id and
returns pcap data generated from the packets of the call-id
Change-Id: I552ee9a312a4b9acf95bde93f6c584bbf82f9ea9
this is to clean the Sipwise TAP tests for this repo
the critical places where undef is really the intended return value (because
a scalar should always be returned) the rule has been overridden
Change-Id: I66e217a03a00e0f366db9c0cbc5007dd15cd9f96
The only two files left with such warning:
* lib/NGCP/Panel/Field/URI.pm
* t/lib/Selenium/Remote/Driver/Extensions.pm
While they need some special Perl magic to be fixed.
Change-Id: I23553bbffd5bfb38b222733bdeb3937945eabf3e
Revert "TT#11701 check existence of voip number in InterceptionDB"
This reverts commit b803c1ae3e.
Change-Id: I56832cf412a97c4f0fc9f169498a60653d979614
inflate/deflate DateTime for simple (complete) timestamps
considering the correct timezone at the latest possible point
in the action chains: on form-level as well as in the DataTables json output.
Change-Id: Icfe94d6d5a9ac02d9fca0f4b8d048d86cf66cffa
* smsc_peer preference is mandatory for NGCP::Utils::SMS::send_sms()
and contains a handle of one of the avilable group=smsc id
* sms_journal is extended to also store smsc_peer
Change-Id: I1a368b55c263bb5ea2acda004bbaf463d6431413
* moved sms_journal record creation into a new
NGCP::Utils::SMS::add_journal_record()
* 'cli' is used when sending sms to store
user_cli or cli subscriber preference.
that is useful for calls where caller is a
remote number
Change-Id: I80bc31da294a56b302e154133525eea187ab6aff
* colelction_nav_links() should be used instead of the old
self/prev/next href link code
* Entities.pm fix colletion_nav_links() to pass missing
$c->request->params
* collection_nav_links() use default $c->request->path and
$c->request->params if those arguments are not specified
Change-Id: Icca5afac812f2e06e6927ba6f4e91057f9745d21
* /api/phonebookentries is used for the
phonebook_reseller
phonebook_contract
phonebook_subscriber data storage interaction
Change-Id: If45390fd3080886e03602216cfbacc33296f1558
* return HTTP_UNPROCESSABLE_ENTRY if form data is not valid
or a susbcriber is not found
* POST: do not commit transaction if update_item fails
Change-Id: I7149922d4e4d701213ce351112cc67e611c3d910
by using strict where it wasn't used before
plus fix all bugs that were discovered along the way by enabling strict
Change-Id: I7f9a8bf0cee74014fd7551ec26f2ab3922715efc
* Fix item update: a new reloaded item is correctly fetched
fom the db
* Fix Location header: path and item id are correctly delivered
with the header
* Fix xmlrpc ul.add call params:
- correct params order
- "expires" param value is properly calculated
Change-Id: I194b6bab9cb0d295e0a350e6317f7ddbcebdc021
with the previous commit, there is no need anymore to specify form
exceptions manually. validate_form will now automatically consider fields
in the correct format with and without "_id"
Change-Id: I70afae4003c6407c7a37396630110736f1fb13f8
* /api/voicemailrecordings now support mp3 and ogg formats
when specified as query parameters: e.g. ?format=mp3
* add dependency to libsox-fmt-mp3
Change-Id: I0815be013814edc42559c75e26d64b537507334d
* Make sure resellers with interception rights can query both
collections and items
* Make sure we only query the reseller specific interceptions
when accessing API as reseller
Change-Id: I3010f899cbbd1a7a4f60025d95f09f013cc07c03
* NGCP sound files do not need transcoding anymore and
it is disabled for the sound file upload/download logic
(voicemail sound files transcoding is still required
and retained)
Change-Id: I756c794ae614d3d85096936e217d83f3e0c6db44
This patch reuses existing forms by clearing them, rather than
re-instantiating them again and again.
Also, panel start time should be better due to less package
pre-loading.
Change-Id: Ia3e64fd4b4084bb5ec35a669c5840c9fc3c58f2e
Used to fetch whether pbx, faxserver, rtcengine etc is enabled.
* Fix rtcengine reseller creation:
- Refuse to create reseller if rtcengine part fails
- Use proper auto-generated rtcengine values (pass, domain)
to not fail on reseller names which are not forming valid
hostnames.
* Implement /api/admins/id to support testing
- add test
- fix creating admins with overly long login
- fix various ACL bugs handling /api/admins/
- fix creating /api/admincerts/ as r/o user
* Fix test framework
- use proper client cert when switching API user
Change-Id: I602fdd8181c0b3f23e76e3eab0df90a1ff9e986f
(cherry picked from commit 0d376bd8b59db65296090d26f2c84d704129beef)
Remove excrescent code from the pbxdevicemodels API & Panel
Add roles control per method for the API
Use form field "required" attribute for the API uploads
Fix getting old resource for the PATCH and PUT methods
Change-Id: Ia0515b3d071d45435db7c9138ea9de9447775143
* Fix syntax errors and internal errors
* Pass set ids back in mappings
* Allow updates of mappings both via name and ids
Change-Id: I26fdfe96d67563c11040a6c1e87f13a835bb793f
* Implement r/o access to /api/customers for subadmin
* Implement r/o access to /api/subscribers for subs
* Implement create access to /api/subscribers for subadmins
* Implement /api/numbers to re-assign a number
* Implement CF endpoints access for subs
* Implement new test framework to simplify testing
* Fix updating number by using Utils to make sure allowed_clis etc
are handled correctly
* Install missing docker dependencies for new test framework
* Add edr handling on /api/numbers/xx update
Change-Id: I678da16cfb1361b2809780cba8c204ac90bb1736
* billing is split into 2 parts:
- init_prepaid_billing (reserves billing/creates session)
- perform_prepaid_billing (commits or cancels the session)
* when sms fails to be sent the billing session is canceled
(was committed before, regardless)
* NGCP::Panel::Entities::post
- do not do $self->return_representation_post() if
api_error_message is present, therefore, the actual
error is returned
* sms_journal item is now created also in case of an error
* improved errors indication
Change-Id: I454b8c6a1c04d743ee82e03f8621c7cc4c7c4f98
When creating or updating a reseller, catch non-numeric contract_id
and return 422, otherwise 500 would be returned.
Change-Id: I0e22f6f514fef80f5265eca28d7ec97811c1172f
added checking and persisting of timezone for
+ panel UI subscriber create
+ POST /api/subscribers
+ PUT /api/subscriber/x
+ PATCH /api/subscriber/x
+ central is_valid_timezone_name method
Change-Id: I59865f5af33a71e5b5032dc35ba9c41eca74b04c
* new "Manager Secretary" call forwarding type
* new /api/managersecretary
- controls "Manager Secretary" call forwarding auto set
* support Prefer='internal' to avoid all form validations,
and creations as well as no hal is created but json body
is returned instead. only usable on port 1442 for
internal ngcp api clients.
* Role/API valid_uuid() check
Change-Id: I826138d8cdbce737c09c3b98bc7bdd905d09e81c
* enables a mode for cf source sets, where all numbers are
considered as whitelisted or blacklisted (similar to the
NCOS levels mode)
Change-Id: I84e76e5ba717050c48bcaf5c1fd5f67ed5582cab
When requested with an "Accept: application/json" header, return
the response in json format instead of xhtml.
Change-Id: Iba4135d8013fd200af426f2eb3d67b97282c034b
as read-only access to subscriberadmin in order to view neccessary
details for creation of pbxdevices.
Change-Id: I369c3a1936e46a4144652f0a65899fc4defcb501
* enables a filter for calls that were initated or received
by the specified subscriber/custoemr
* set direction for internal subscriber calls to "out"
Change-Id: I2f3b543b57352f92dc5a67bc82779cf371b6f23c
* Add dispatcher reload helper in peer utils
* Handle probe flag for peer hosts
* Reload dispatcher on proxies on peer host change
* Reworked kamailio cache reload to perform it after commit,
otherwise kamailio won't see the changes yet!
Change-Id: I9a53854b4a42c97a2889c63f8bf2c878c6f48a2d
the factory Catalyst::ActionRole::HTTPMethods action role
is set for any action, and in race with our own
NGCP::Panel::Role::HTTPMethods. the testcase could have
been misleading ever since, as it uses DELETE /api/customers,
which was present when implemting the method override initially,
but dropped on the road to 4.5.
the issue is resolved by overriding
Catalyst::Controller::gather_default_action_roles.
until the class hierachy refactoring is completed, only
consistent way is to add the override to each api controller.
the action_roles config attribute can therefore be
removed.
using Plack::Middleware::MethodOverride as an alternative from
upstream has the drawback to work only with POST. but a required
usecase is to also support translation DELETE requests to PATCH.
Change-Id: I204ba59869a8327bdd5db8a867fbbb061d1c9e7c
- including the desired sorting by call leg depth
- "... order by length(call_id) asc, start_time asc;"
seems to cover the call flow sceanrios.
Change-Id: I294c27985627bea6a9acdaff8aeedc84e365c34e
Admins can use this to generate a new ssl client certificate package
in ZIP format containing a PEM and a P12 cert, the same way you can
do it on the admin panel.
Admins can generate that for themselves in all cases, or for others
if they are master or superuser. If role is reseller, then masters
can only do this within their own reseller.
Change-Id: I32d5c1b5af5324d1c80b34bacecd7f2665cd91c7
For the migration of the admin pwd, the logic is as follows:
1. If the admin has a bcrypt password already, use this
2. If not, perform auth via md5, then clear the md5 column
and write a salted bcrypt hash instead.
For dropping the ssl client cert, we simply not store anymore
the client certificate in the DB. As a result, you cannot
download the certs (pem, p12) after creation anymore, so
we immediately download the two certs in a zip file after
creation.
A cost of 13 takes 500ms on an i7-5500U CPU @ 2.40GHz, which
seems to be a reasonable value.
Change-Id: I1ce21321c58d8c57d7ddce1541995f64821b0053
Except for greek characters, which are available in the
GSM 03.38 encoding but not in latin-1, all other latin-1
characters can be sent with coding 0 (7bit).
We neither support the € sign available in the GSM extended
encoding, but for unknown reasons the rest of the extended
char sets (which are part of ascii anways) do work.
So, no € and no greek chars inside coding=0.
Change-Id: Ia87e337772e126b6a0a95b53acba0a369b71e660
-introduce deferred event record insertion, to span across
update_subscriber_number and update_subadmin_sub_aliases
calls by handing over a snapshot of aliases before number
edit operations
-the snapshot is used to persist first_non_primary_alias_before
event values
-it also is the preparation to derive number change events
apart from that, the following was noticed:
-fix: start_huntgroup was generated twice
-fix: when terminating a subs, the order of end events was
not the reverse order of start_events
-POST /api/subscribers does not consider pbx alais selection
of pilot pool aliases, while terminating the susbcriber does
move back alaises to the pilot pool.
Change-Id: I092f4a21bed25503f48c47c253f1cae0729f43da
+preference-style 1:1 association api resource will
list all existing customer contracts
+avoiding get_customer_rs for performance reasons
+PUT/PATCH only, no POST/DELETE
Change-Id: If3b00c6cde07bf030e8bfc308e5e29d3251bdedd
If pcc is enabled for a subscriber, don't forward sms immediately,
rather than mark for forwarding and let the API forward it on
incoming request.
Change-Id: I75104266a1c1fccc7165af9ba65b31f085d7081f
Used to notify NGCP about pending calls and sms.
* /partycallcontrols is for handling incoming
call control requests from external API sources
Change-Id: I4d886f941f19f659017e32504fdb10e8ae02ba8b
Flaviu Mates
Kirill Solomko
Andreas Granig
Rene Krenn
Marco Capetta
Guillem Jover
Irina Peshinskaya
Gerhard Jungwirth
Alexander Lutay
Michael Prokop