ngcp-panel

Commit Graph

Author	SHA1	Message	Date
Kirill Solomko	224aec5fc8	MT#64232 improve check_subscriberadmin_write_access * subscriberadmin can now edit own data in scenarios where it's a SIP customer subscriber * add a check to that the edited subscriber belongs to the same customer Change-Id: I69a84c481be413ac5604c74856e760eee648b637	2 weeks ago
Kirill Solomko	c417cc622d	MT#64295 better handling of via_route empty string * transform via_route empty string into undef and store it as undef without validating it against SIP-URI Change-Id: Iefae7b26910201183ae3d049b3785a68dc81ce64	2 weeks ago
Kirill Solomko	638b2f20ae	MT#64295 fix /api/peeringservers via_route validation * NGCP::Form::Peering::Server rework via_route URI check from a comma separated list to a single value as well as improve value transformation and validation logic * /api/peeringservers add via_route value transformation as pre_proccess_form_resource() Change-Id: I742a40534a4861dd30e0ccbc6684c02d2386f642	3 weeks ago
Guillem Jover	b6e2baa6c7	MT#63479 Remove prosody support Change-Id: I9d3e268450396c12e4058ac9394a80bb191d7635	2 months ago
Kirill Solomko	9d70f62f70	MT#64121 fix $c->error $c->error handling * errors coming from Utils::Preferences can have only 1 element in $c->error, the case is now correctly handled. Change-Id: I9f5d384da8b5cb50b78636309dbaab5efa9bdee2	2 months ago
Kirill Solomko	eae620f204	MT#64067 address deadlock detection for preferences * improve Role/API/Preferences err_code callback to check deadlocks (via $self->check_deadlock) and set $process_extras->{retry_tx} = 1 so that the outer caller can act upon it and restart the transaction. * increase deadlock attempts from 2 to 5 as some deadlocks seem to take longer time to resolve. * wait 1 second between deadlock retry attempts as otherwise if a deadlock takes more than 1 second and all the retries are done within less than a second it will cause an error. * EntitiesItem: add support for retry_tx and call goto TX_START if $process_extras->{retry_tx} (when check_deadlock is processed externally, like in Utils::Preferences::update_item in the err_code callback). Change-Id: Ib56383710041c21d72782047a852353296c22215	2 months ago
Kirill Solomko	6e2ca03a6e	MT#63997 make underrun lock on requests optional * a new ngcp_panel option $c->config->{api}{underrun_lock_on_request} is in place and if disabled - the underrun lock logic on GET contracts,customers,subscribers,subscriberpreferences, and POST subscribers is skipped. Change-Id: I5ea337ce42b3c979fe55b3df3516a19548b64f90	2 months ago
Kirill Solomko	d0783b1856	MT#63859 add expand by carrier_id * /api/lnpnumbers can now expand by carrier_id Change-Id: Ia484041c413a240800c1610f0bc92c141bded14d	3 months ago
Rene Krenn	f501fc1dcf	MT#63706 skip_locked for POST /api/subscriber/ add the SELECT .. SKIP LOCK mechanism for POST /api/subscriber/, to reduce lock wait timeouts when creating suscribers for the same customer in parallel. Change-Id: I067102b3dc726e5d12fa859613b548d007ce29ee	3 months ago
Rene Krenn	3ff0395cac	MT#61442 allow utf8 for creating data::hal links prevent api 500 error when building urls in data::hal from item data tha carry odd utf8 fields (ie. usernames of banned users) Change-Id: I0c2c0bf0170bf97bf8a05c35fdb343860b6aeef4	3 months ago
Kirill Solomko	d1686f5243	MT#63050 /api/customers email_template auto assign * POST /api/customers now assigns reseller's default email_templates that are not specified in the DTO. If reseller's default template does not exist (reseller that was created via UI v1 without values), it automatically created as a copy of the raw default template for the reseller, and then assigned to the customer. Change-Id: I0f74154724e1d053002ec4fcc59a5f99cedd322c	4 months ago
Rene Krenn	82b253973e	MT#63724 reduce contract_cnt limit to 10 select count(1) from (select 1 from Y .. limit X) can have a longer runtime, depending on order of rows in table Y. to better limit the runtime, X is reduced from 1000 to 10. the UI will show now "used by 10+ contracts" instead of "used by 1000+ contracts". Change-Id: I028b0569cd5f3325d4bd6bed314517b061e4659b	4 months ago
Kirill Solomko	0d3aac99a7	MT#63605 fix GET invoicetemplates without reseller_id * 'reseller' level invoice templates are correctly returned with reseller_id: null, instead of 500 error Change-Id: Ied1e7626fcbb2c28bf3850dd1788f06574ef892b	5 months ago
Kirill Solomko	67091cfb44	MT#63090 /api/conversations add phonebook entries support * new fields: caller_phonebook_id (id of the matched phonebook entry) caller_phonebook_name (matched name in the phonebook by the number) callee_phonebook_id (id of the matched phonebook entry) callee_phonebook_name (matched name in the phonebook by the number) * matching happens in the v_subscriber_phonebook (so all inherited entries are returned) * new private functions _get_call_phonebook() and _get_fax_voicemail_phonebook Change-Id: I321c59dce93a3c478a15ddea2155ff052713db20	5 months ago
Kirill Solomko	4a38eace57	MT#61804 /api/conversations add csv download support * "Accept: text/csv" enabled csv download (same as with other endpoints Change-Id: I84a229f6f1f8760d520f55da1bb250ed6dd1f228	7 months ago
Rene Krenn	eb6f74968e	MT#62987 transcript info - api Change-Id: Ifc83f65b36dfab3913492e8b764210da256f8004	7 months ago
Kirill Solomko	3bb3d9e4e4	MT#63182 /api/subscribers add lockwait and deadlock detection * API::check_deadlock() add lockwait detection. * lockwait and deadlock detection is now in place for ALL /api/subscribers endpoint methods. because of logic complexity it uses own deadlock detection instead of relying on Entities. It however uses $self->check_deadlock() and similar logic. Change-Id: Idc1876910711563fe14c878541e350ad373d6d31	7 months ago
Kirill Solomko	b8cd29ce32	MT#63062 /api/customercontacts fix PUT/PATCH reseller_id validation * add Form::Contact::AdminAPI that uses reseller_id field instead of reseller for better error message * update_contact() fix reseller_id validation for admin roles * update_contact() copy reseller_id from $old_resource for reseller roles so that further reseller_id checks can pass. Change-Id: Ic9559a944265f5c8bceada6077fcf8e14d6bc5d4	8 months ago
Kirill Solomko	a38cd246c4	MT#63066 /api/subscriberphonebook add filter by customer_id * customer_id is now present in the response * customer_id is supported as the query parameter Change-Id: Ia529fa653b165f743c006cb99f6518ae686e517c	8 months ago
Kirill Solomko	f7a3b1eab2	MT#63062 fix /api/customercontacts for reseller roles * fix logic in update_contact() that was performed with the reseller_id that became undef after form validation for reseller roles. Change-Id: I2e1d386f01b5d279188a7600d2d7f0d9d44b7853	8 months ago
Kirill Solomko	0ce365852d	MT#62890 fix and improve voicemailgreetings upload * any wav file is now accepted and converted to GSM 6.10, instead of having a strict requirement of GSM files only * provide error messages with single quotes instead of escaped double quotes * error messages do not contain code backtrace info anymore * temporary files are correctly removed on errors and on a successful upload Change-Id: I7b72dc623d231aa90d0a0f99f8d711c48d3d23f2	9 months ago
Kirill Solomko	4d26ca5c9a	MT#62705 improve peer_auth registrations support * DELETE /api/peeringgroups and PUT/PATCH/DELETE /api/peeringservers now call sip_create_peer_registration or delete_peer_registration correspondingly to correctly reflect the registartion on related changes * rework Panel::Utils::Peering create_peer_registration() and delete_peer_registration() - use provisioning peer db object in the argument instead of a separate hash to simplify its logic - adjust related UI parts that call these functions as well as cleanup now unnesessary code from there * Panel::Utils::Peering: remove '_' prefix from _sip* functions as they are not private but rather public class methods * Panel::Utils::Preferences - add suport for 'peer_auth' updates for type='peerings' (was only supported for 'subscribers') - remove '_' prefix from _is_peer_auth_active() * Panel::Utils::Sems - simplify peer registration by using the the db object (same as for subscribers) - only create/delete peer registration when the peering is enabled, otherwise there will be errors related to unavailable $prov_peer->lcr_gw->id Change-Id: I0fc79a6580fd17aa34df870fb7a93e33edfff15b	9 months ago
Marco Capetta	1be3f5a257	MT#62546 Fix permanent registration nat flags Due to changes in how kamailio manage the NAT contacts and the corresponding natping, the flags that the API or web interface sets while a permanent registration is created have to be updated. Before: * Default cflag is set to 0 (natping disabled) * If nat option, then cflag is set to 64 New: * Default cflag is set to 256 (netping disabled) * If nat option, then cflag is set to 128 Change-Id: I39b1d7a697ef72267fd8a05edf0552d2c1403733	10 months ago
Rene Krenn	6600d7c949	MT#53706 enable_2fa option for /api/admins Change-Id: I7de37482fed913551fc0a1c9b18f789b51b67a05	10 months ago
Rene Krenn	82af5cf518	MT#62283 "for update no lock" logic for GET /subscribers and /contracts to unblock the web UI on heavy loaded systems with call rating enabled, "select .. for update no lock" will no longer wait for acquiring locks when retrieving subscriber or contract contract pages. the contract_balance record creation is will be skipped for such contracts that are locked elsewhere. for rails such as /customerbalances, an explicit contract id row lock timeout is introduced, so it does not depend on the mariadb wait_timeout. Change-Id: I6e96342f3f761279a5876c871d2477977823a39e	11 months ago
Kirill Solomko	24d28676a1	MT#62289 /api/pbxusers add username and domain fields * username represents provisioning.voip_subscribers.username * domain represents provisionoing.voip_domains.domain Change-Id: I98f4043f9b044a7829603f2a350d1548be935ff1	11 months ago
Kirill Solomko	e8f41aba50	MT#62223 improve error response handling when log_response is off * log_response: 0 is reworked, it now always logs the response but in case if it's off the body is not logged. * adjust error logging, the error in the body is correctly logged in the response even if log_response: 0 Change-Id: I6dfddeccffb5464b830133235bf63c5e82ae6073	12 months ago
Kirill Solomko	cbc4e57d45	MT#62223 API unhandled internal errors cause 500 error * unhandled internal errors (such as DBI error) are now properly returned as 500 Internal Server Error instead of 200 OK Change-Id: Iabc80cd200c9091dd249bc90aa586d5d7b616b69	12 months ago
Kirill Solomko	97e457c92b	MT#62178 fix external_id, profile auto removal for subscriber roles * fix 'subscriber' and 'subscriberadmin' roles using PATCH to cause external_id, and profile fields removed. * remove profile_id field from the 'subscriber' and 'subscriberadmin' form Change-Id: Id8bb068ca7fcac2c0c5954f2ed79e841d18ac398	12 months ago
Kirill Solomko	ef4442feeb	MT#61805 add API phonebook support for top level inclusion * /api/customerphonebookentries now support "include" query param that can be either "include=all", "include=shared" or "include=reseller". With "include=all" - shared and reseller entries are included and merged as customer > shared > reseller. With "include=shared" - shared entries are included and merged as customer > shared. With "include=reseller" - reseller entries are included and merged as customer > reseller. * /api/subscriberphonebookentries now support "include" query param that can be either "include=all", "include=customer" or "include=reseller" With "include=all" - customer+shared+reseller entries are included, and merged as subscriber > customer > shared > reseller. With "include=customer" - customer+shared entries are included, and merged as subscriber > customer > shared. With "include=reseller" - customer+reseller entries are included, and merged as subscriber > reseller. * Shared numbers are considered belonging to the customer so when on the customer level the same number is provided, it takes precedence. * It is not possible to edit other level included numbers (they have composide ids). * It is possible to access an included number directly by the id. Change-Id: Ice06bc0961d42a9b64db59aa93029d7505b4805e	12 months ago
Kirill Solomko	e66c568efc	MT#61803 add /api/pbxusers endpoint * this endpoint is designed to provide with basic subscribers info such as display_name, primary_number, pbx_extension and only available for customers with product class 'pbxaccount'. * only GET methods are allowed for this endpoint. Change-Id: I181b863e2c3e5fad34c03a291f64fd7ddb587702	12 months ago
Richard Fuchs	b2b5600c16	MT#61630 invalidate rtpengine cached files Add class to make RPC calls to rtpengine. Add invokations to clear rtpengine audio cache where appropriate, whenever a file stored in DB is deleted or changed. Change-Id: I3660f9f67dfb0c68c1af80a5439982046be3b6f6	1 year ago
Rene Krenn	de0595c089	MT#59447 admin user LDAP authentication #1 Change-Id: Ic31236d933f022b567c74998959267ef9a549b7e	1 year ago
Rene Krenn	598f7dbaf4	MT#61513 prevent duplicates in GET /api/callrecordings callrecording metakeys such as "uuid" for the involved call party is present multiple times by nature. the ?subscriber_id= query param will then narrow down the result. alongside an implicit role filtering (reseller/subscriber), the sql join and filtering for the uuid key is present 2 times however, and multiplied records slip through. this can be prevented with DISTINCT. to avoid performance impacts and consider other metakeys orrcuring multiple times, it will be applied only if a filter is present. Change-Id: I08047aaee265e2e0a706220e03fd4617da16d33c	1 year ago
Kirill Solomko	a7589aeba8	MT#60877 /api/preferencemetaentries accept default_val as boolean * default_val is now correctly accepted as either 1/0 or true/false * fix 500 error when default_val is provided as JSON true/false Change-Id: Id6db9c13ae458ddd61e5a68865249eb4e3e124bf	1 year ago
Kirill Solomko	bbd44f16fa	MT#60858 add /api/passwordchange endpoint * the new endpoint accepts new_password fields and enables for authenticated user a mechanism to quickly change their password * the global password validation rules are enabled * returns 204 No Content * if user's password is expired, the endpoint is the only accessible for the user to change the password and unlock other endpoints. * a few fixes in validate_password() to correctly fetch provisioning subscriber for password change scenarios and webpassword field Change-Id: I906fcfe5c780b850d322b46b445b54c054767673	1 year ago
Kirill Solomko	b97be4502d	MT#60709 add PBX expand by device_id,profile_id,config_id * device_id, profile_id (device related), config_id are now expandable in the respective /api/pbxdevice* endpoints. * fix expand collection logic to avoid ambiguous 'order by id'. Change-Id: I0b1f4b3da093fb04a30e5097881af6131c1afe46	1 year ago
Kirill Solomko	b041888807	MT#60656 add max_age password validation support * UI: password are now validated against $c->config->{security}{password}{web_max_age_days} (unless it's 0) and if the password is expired the user is redirected automatically to /changepassword page, and after successful password change back to the original page. * API: if password is expired all API requests will be returning 403 Forbidden "Password expired", except PUT/PATCH to /api/admins or /api/subscribers with the new password in place. * successful login on the UI now redirects to /dashboard instead of / (to prevent unintended redirect to v2) Change-Id: I075f8e17cc9b0658d6b3b3d526ca5b379d050ce4	2 years ago
Kirill Solomko	e2e1776090	MT#60558 move max license checks for POST /api/subscribers * the relevant max license checkes are moved from Controller::API::Subscribers::POST to Utils::Subscribers::prepare_resource because there we fetch customer_id from the pilot subscriber in case of pbx subscriberadmin requests that is neccessary for PBX subscribers max license check. Change-Id: I2d1c212d73fe5b9295d1595b4fffebeb67b61e5a	2 years ago
Kirill Solomko	65ae07a97b	MT#60601 obfuscate password/webpassword in API valdiation errors * plain text passwords are obfuscated in validation errors returned by API Change-Id: Iff989696ce09faff34692eaa129aee6981340a97	2 years ago
Kirill Solomko	60fa23cb68	MT#60585 add user ban support * users for admin/subscriber realms are now banned if failed to login X amount of times (UI/API). * rework Redis connection and it's now a Catalyst plugin NGCP::Redis accessed by $c->redis_get_connection({database => 19}), the connection per database, per worker process is established only once and then reused (with auto built-in reconnect support). * remove Utils::Redis.pm as it does not have any code/logic anymore. * ban values are taken from $config->{security}{login} as - ban_enable: 1 - ban_expire_time: 3600 ban expire time in seconds - max_attempts: 5 * if max_attempts set to 0, the ban functionality is disabled as it requires to be at least 1 to work. * upon successful login or ban, the failed attempts counter is removed * the failed attempts counter is also removed automatically with the expire time equals "ban_expire_time" or otherwise 3600 seconds. * user bans are logged into panel.log * banned user receives exactly the same return page/codes as per invalid logic. Change-Id: I05cc68c623ee289488fc64f1af50527004dcaae1	2 years ago
Kirill Solomko	d9f283cbc8	MT#59449 enhance password validation and handling * passwords are now validated based on - minlen - maxlen - min lower case chars - min uppper case chars - min digits - min special chars * Data::Password::zxcvbn is used to calculate password score and reject passwords with score < 3 as weak (this library is ported from the Dropbox password validation) * Add password journals and check last used passwords in the journals * Improve password generator javascript function to generate a password with at least 4 of each of the char group types. * Currently affected are subcriber and admin entry creation or modification via UI/API * NGCP::Utils::Auth add optional bcrypt_cost support as last argument for generate_salted_hash and get_usr_salted_pass Change-Id: I100c25107d91741d5101bc58d29a3fa558b0b017	2 years ago
Kirill Solomko	9d021be65a	MT#59979 add license control * UI and API parts are now under license control * new Util::License::get_license($c, $name) - fetches license status by name (1 if enabled, and also if /proc/ngcp/check if 'ok') * add Catalyst::Plugins::NGCP::License with license($name) to fetch valid license by name from anywhere using $c->license('pbx') or from the templates using c.license('pbx'). It internally uses Util::License::get_license($c, $name) * License::get_license_status($c) now requires $c as first argument as well logs license status check errors. * new ActionRoles::License that enables usage of :Does(License) RequiresLicense('pbx') LicenseDetachTo('/denied_page') in the Controller chains * Add license control for UI elements and return 403 Forbidden if a resource is covered by licenses and the license is not active * Hide UI elements if a license is not active * API/Entities/Entities new $c->set_config key: - per endpoint: $c->set_config({ required_licenses => [qw/pbx device_provisioning/] } - or per method: $c->set_config({ required_licenses => { POST => [qw/pbx device_provisioning/] } } } * In case if an API endpoint does not have a license: 403 Forbidden "Invalid license" reply is returned. * Add license based restrictions to API endpoints * /api documentation: - completely hide endpoints that do not have an active license - hide only methods that does not have an active license Change-Id: Iba45fc5068b02306a617fed7b5405f2210574b61	2 years ago
Rene Krenn	9c103302c8	MT#60575 dynamically load provisioning templates module Change-Id: Ibff509825f82a75c9b0221505a1673d78b401989	2 years ago
Kirill Solomko	524a264850	MT#60498 add search by not_null, change null param * add search by not_null for fields that ends with _id and integers, that adds "IS NOT NULL" to the SQL search query by the field. * null and not null values are expected now as $null and $not_null to avoid conflicts when user searches by null strings that may be a valid case. Change-Id: I8e8b8c9060e985dfe2b94cbfcca1587f05477fe9	2 years ago
Kirill Solomko	f72f8291a7	MT#60393 /api/timesets fix reseller_id validation * fix reselelr_id for 'reseller' role and it's now automatically set to the user's reseller_id instead of throwing a validation error Change-Id: Ic732366aea6c4106c37961e599cd1e40fdaba5b2	2 years ago
Kirill Solomko	18597efb87	MT#60378 accept null same way as NULL for search * search by value null is internally translated to undef to say search for records without a value, same way as it already works for NULL value, just null is more expected and easier to use by clients as it's how its represented in the resource Change-Id: Ia8a75bad95a34dd8167162d0f09a1ec7c4056105	2 years ago
Kirill Solomko	6543743992	MT#60162 improve expand functionality for collections * in general expand collection now performs only 1 sql query to per expand field to fetch all items by the ids instead of fetching them for every single collection item, that should significantly increase performance in case of large databases and reduce work for the database * introduce $c->stash->{expand_cache} that contains cached data for the expand fields to avoid multiple same calculations * expand_field() and expand_field_data() have been reworked to support expand_cache * new method expand_prepare_collection() is called for all API GET collection methods before preparing resource hal fields, to change the expand logic to only cache the data instead of fetching it from the database * new method expand_collection_fields() that is called in all API GET collection methods after the @embedded data is prepared to finalise the expand collection fields * for expand collection there is only 1 SQL request per expand field that fetches all items -in [ids to expand] and then the expand_collection_fields() uses the cached items_by_ids with O(1) fetch from the cache by id Change-Id: Ie7c6115472878febf0d8c9b4d833f5c23b15c78b	2 years ago
Kirill Solomko	9a2d66a00a	MT#60238 /api/customerpreferences allow subscriberadmin * subscriberadmin roles can now handle customer preferences belonging to the same customer and only those with expose_to_customer = '1' Change-Id: Iae9ab5d4a96a065b1a627d180dd523e805d954f3	2 years ago
Kirill Solomko	f81481ea66	MT#60236 disable mailtofaxsettings active state checks * disable active state checks for subscriber and subscriberadmin roles in mailtofaxsettings because they can now change it similar to how they could do it in the old csc. Change-Id: Ica8039e83d2acc5e162c7902afcd4b97ac1c5b6d	2 years ago

1 2 3 4 5 ...

950 Commits (master)