* the following changes resolve an issue where $now in Role/Contracts
resource_from_item appeared as an object and failed subsequent
logic:
- hal_from_contract is renamed to hal_from_item to match correctly
the parent method
- call hal_from_item and pass $now string there correctly as $params
{ now => $now }
Change-Id: I5c02d5f7df5d9000550505ad120b9531f87e8d65
* Role/Entities*: POST/PUT/PATCH/DELETE methods changes:
- support deadlock detection and transaction retry
(2 retry attempts at the moment)
- improve transaction control, use local $guard
instead of saving the ref to $c->stash, as in that
case it went out of scope too late and also reported
an error message into the log about abnormal $guard out
of scope interruption
- move all non transaction related code outside
of the scope
- add error handling when methods such as update_item,
and a like do not return the expected data, instead of
simply going out of scope and resulting in an uncontrolled
reply
* Role/API:
- rework transaction control:
+ get_transaction_control() is renamed to start_transaction()
to better reflect what it does
+ complete_transaction() is renamed to commit_transaction()
+ remove unused %params arg
+ pass $guard into commit_transaction() instead of having it
stored as $c->stash->{transaction_guard) that caused the $guard
ref to be destroyed much late than expected
(there was also a typo as transaction_quard,
which is not relevant anymore with the changes
+ add check_deadlock() that is invoked when an exception is caught
or an $c->errors contain an error, and if the error message
represents a transaction error, the transaction block is
re-invoked via "goto TX_START"
- rework error():
+ it now accepts args as following:
($self, $c, $code, $message, @errors)
# code -> returned as HTTP code in the reply
# message -> returned as HTTP message in the reply
# errors -> contain errors for internal logging, last element often contains a DBIx exception
+ populates all @errors into $c->error so they are available on
demend in the code via $c->error or $c->last_error
+ $c->log->error is not invoked now as the errors become printed
in log_response()
- log_response() now prints collected errors from $c->error correctly
as a separate log line, that is alike to the other api logs so that
those can be looked up by the request's tx_id, also all errors are
now printed only into api.log
* Adjust all $self->error() calls in catch($e) to include $e as the last
argument, as well as the duplicate $c->log->error is removed from
those ocassions
* Remove all $c->log->error() calls as they are replaced with either
$self->error() (that logs it correctly into api.log) or
$c->error('err') that also adds it correctly into api.log
* API::CallForwards: rework to use Entities/EntitiesItem
* API::Contracts: rework POST to use Entities
* API::PeeringGroups: rework POST to use Entities
* API::SubscriberRegistrations: rework POST to use Entities
* API::RewriteRuleSets: improve create_item() functionality
* Utils/Message: add 'api_retry' log type
* $c->session->{api_request_tx_id} is changed to
$c->stash->{api_request_tx_id} because sometimes the session
ref is different and a different tx_id becomes used
Change-Id: I633ce7a8047b1bf00a2f6889003088edf0825dcd
* POST /api/headerrules now supports either 'set_id' or 'subscriber_id'.
When 'subsriber_id' is specified, a subscriber assigned header rule
set is automatically created if it does not exist, as well as
automatically removed when its last header rule is deleted.
* It is now possible to directly GET and DELETE /api/headerrules/:id
where :id is a subscriber assigned header rule.
* It is now possible to directly GET and DELETE /api/headerrulesets/:id
where :id is a subscriber assigned header rule set.
* Improve /api/headerrules data validation and duplicate header rule
detection.
* It is now possible to expand by /api/headerrules/?expand=set_id field
Change-Id: I681bc61c2eed47a8e54847f07f31134f643930c2
in case the DB shows discrepancy because of missing
primary provisioning.voip_dbaliases records, align with
legacy panel behaviour and also take the restapi
aliases list from voip_numbers, instead of voip_dbaliases.
.. while trying to keep the performance gain from
https://gerrit.mgm.sipwise.com/c/ngcp-panel/+/65086.
Change-Id: Ibd7f8c8bc6a39ae2c31b4e8818080674ab77d66c
* {"values:", ["value1", "value2"]} is not accepted by
/api/headerruleconditions
* the previous behaviour of {"values": [{"value": "value1"},{"value":
"value2"}]} is preserved
Change-Id: I7d9540d20ed0ecbb2712f1905a7d9e6f7af7e06d
filtering an Entity-Attribute-Value model cannot be done as
simple conjunctions, but requires either INTERSECT set
operation, or joining the same table multiple times.
Change-Id: I5ce1ae1ece9406b6610487654f09d768a233b122
* all reseller_id-number entries are checked for POST
* reseller_id-number pairs that != item->id are checked for PUT/PATCH
Change-Id: I93a8b7fe22ed63d2d84e2d45291981d09b4af156
various api rails will need to support ?caller= and ?callee=
url query parameters.
since this involves SQL queries against potentially large
database tables, special care is taken with wildcard search
to prevent slow queries:
- the ?wildcards=true query parameter has to be specified
to accept search patterns that contain wildcard symbols,
so wildcards are not accepted by default.
WARNING: a search string with a leading wildcard will always
force a *slow* full db table scan!
- the * symbol is used as a wildcard symbol
- \ (backslash) is used as escape character to search for
a literal '*'
Change-Id: Ie6065b0cfa883f7963e1dc8259fffea9a1edfdfe
the conversation list now supports ?caller= and ?callee=
url query parameters.
since this involves SQL queries against potentially large
database tables, special care is taken with wildcard search
to prevent slow queries:
- the ?wildcard=true query parameter has to be specified
to accept search patterns that contain wildcard symbols,
so wilddcards are not accepted by default.
WARNING: a search string with a leading wildcard will always
force a *slow* full db table scan!
- the * symbol is used as a wildcard symbol
- \ (backslash) is used as escape character to search for
a literal '*'
Change-Id: I792d2ea9c649c69c4b5cc98076097cb96467d4bc
In case a susbcriber or subscriber admin get the conversation list
using the API, the caller is not properly anonymized when clir is
set to 1. This is a big security hole.
With the fix, the caller is authomatically anonymized.
Of course, administrators and resellers can still see the
original caller number.
Change-Id: I9bc676718e38ae1d462f43176e4c6611528f7e54
* /api/phonebookentries is now split into 3 parts
* /api/resellerphonebookentries
* /api/customerphonebookentries
* /api/subscriberphonebookentries
main reason is because there are 3 different contexts (tables)
that in the end return "id" which is also a resource identifier
and it is not unique because the contexts handle their own ids,
another reason is to simplify code and access definitions, as well
as to have solid and easy representation.
* /api/resllerphonebookentries
* can be accessed by 'admin', 'reseller' roles
* /api/customerphonebookentries
* can be accessed by 'admin', 'reseller', 'subscriberadmin' roles
* fix contract_id field to be correctly represented as 'customer_id'
* /api/subscriberphonebookentries
* can be accessed by 'admin', 'reseller', 'subscriberadmin',
'subscriber' roles
* add 'shared' query filter
* all the new endpoints
* no more required query param fields
* customer_id is now optional query parameter filter
* add valid/existing resource checks for POST/PATCH/PUT ops
* add correct auto filtering based on the user's role
* various major code simplifications, fixes and code style improvements
* csv download now also allows query param filters to be applied
* fix documentation
Change-Id: I735df96b7a7e18006a46b82a4fcc603e400ad9e6
* Max subscribers can now be defined in the Reseller contract
* Max subscribers is now shown in int Reseller's "Reseller Contract"
Details (with an indictaion of how many subscribers are created
out of the defined max subscribers, as well as when the limit
is reached (similar to the Customer's Details page)
* Add reseller subscribers count checks on the UI Create Subscriber
page
* Add reseller subscribers count checks in /api/contracts POST/PUT
* Prevent max_subscribers definition for Peering contracts in
/api/contracts POST/PUT
Change-Id: I1561d4eb7da5b1a0a0c99acabd18d2a9cd98dec7
This field controls a behavior upon cancelling unsuccessful legs:
- terminate legs with CANCEL (default way)
- terminate legs with BYE
Change-Id: I2ff5c758c319714f0e6636db8b8ba5c0fd495e1f
* secret_key can not be correctly set/updated and unset
* last_secret_key_modify behaviour is changed, if "secret_key"
is provided in the data, the value is updated, otherwise
it points to the last time when the key was updated (or unset)
Change-Id: Ib6d7f78d4e93240ac36750fc1685f1c4c765bf55
* as changes to sound sets and sound files cause
internal triggers + SP to be invoked, the gap
locking should be reduced to avoid possible
deadlocks, hence READ COMMITTED transaction
isolation level is used for all sound sets
and sound files change operations.
* fix a condition that caused an evaluation error
when both old_parent_id and parent_id are undef.
Change-Id: I7e69a0a0e5878c03b086977933315e532aaa2a29
* address an issue where get_form() logic did not return
any $form value because of the if ($params) block was
falsely used.
Change-Id: I77f03ac7914c1b4a8f072269cf2c98b99657fa52
* NCOS Levels and NCOS Sets now have expose_to_customer
option (boolean). If enabled, the NCOS Level/Set can
be seen and used by Customers in their and their subscribers'
preferences
* NCOS Levels and NCOS Sets with expose_to_customer = 0 (default)
are not visible anymore to subscribers.
* API GET /api/ncoslevels is now accessible by 'subscriberadmin' role
and returns a list of NCOS Levels that belong to the same reseller
and with expose_to_customer = 1 (fields are limited to
id,name,description).
* When NCOS Level is expose_to_customer is set from 1 to 0, all
assigned ncos preferences for contracts and subscribers are that
contain the NCOS Level are removed.
Change-Id: Id7c444b4a0834939a128179ded6670705258519b
A reseller was not able to edit a phonebook entry unless it
specified the reseller_id. This should not be required since
the reseller could not know it.
Change-Id: I347c676e291659e9a8b2a97632531dc7b06e055a
subscriberadmin is now be able to get, edit and delete registrations
of the other subscribers belonging to the same customer.
This is necessary to extend the CSC features and give the PBX
administrator more flexibility in device configuration.
Change-Id: If83c1adb9af6590111c14800d83fb7d1eafaa9d3
* timezone names are converted to their links, and if a link
is found (means that the current name is deprecated), it's
validated and stored as the link.
Change-Id: I6348659178400a96eaadd70f79b792c4fa25d7d4
When calling a PATCH or PUT API on a peering group or
outbound rule the reload of the kamailio lcr module was
triggered before the update of the database, thus the
kamailio status was not updated.
Change-Id: I59ed863c85219e62d6f5b5a2af80db8ef952844c
When the subscriber preferences API is called by a subscriber
admin of a normal (not PBX) customer, then some values are
removed from the output. In all the other cases those values
are instead returned.
This fix let expose the profile_id, domain_id, status and
webpassword to all the types of subscribers because necessary
in the CSC context.
Change-Id: I629475e7f51d747a55ebfbc44232fb94a54fed06
* clear_audio_cache is now invoked also from:
- when a sound file is added (to reflect use_parent/potential child
sets)
- when a parent is changed for a sound set (to reflect current
and potential child sets)
- when a sound set is removed (to reflect potential child sets)
* clear_audio_cache() is reworked
- clear_audio_cache() now calls virtual_child_sound_sets to
fetch all potentially affected child sound sets and also
clears audio cache for them. if the amount of fetched
sound_sets is greater than 10000 then the the whole audio
cache is invalidated
* _clear_audio_cache_service() is reworked
- supports/expects a list of sound sets and sends them
as a string with ':' separator
- if both sound handle and sound sets are provided it calls
clearFiles (so that only the specific sound handle is cleared)
- if only sound sets are provided it calls clearSets (so that
all of the cached files beloning to the sets are removed)
- if none of the above are provided it calls clearAll to invalidate
the whole cache
Change-Id: Ie85f208e27183e88665803b93bb16d7de8e3d7ac
* /api/billingprofiles PUT/PATCH reseller_id for "reseller" roles is forced
to the user one, to address an issue when reseller_id becomes
required on PUT/PATCH
Change-Id: I3fa556c5db5556c75bf481d18b51df6c400a1944
* API now has own GroupAPI form with the correct fields for API
* db/form field name conversion is moved to the newly added
resource_from_item() and process_form_resource() functions
* simplify code for GET/POST/PUT/PATCH operations
Change-Id: I99b76801a2894c8a4821513186796627db728189
* /api/soundsets new parent_name field
* /api/soundfiles now allow POST to be done without the upload,
for cases when an empty record needs to be added to define
"use_parent" behaviour
* improve sems audio cache clear on sound files change, now
sems instances that are not available (not running/request timeout)
are skipped instead of raising an error
Change-Id: I83af2ee2fd3672ab35cf330464ace68416ab52be
The pre-call announcements and the ringback tone
are not under the subscriber administrator control.
This make difficult for PBX customers to modify those
announcements.
Due to that now all the announcement's handle are exposed
also to contract soundsets.
Change-Id: Ie6c98a6a6ed4de18b267bd553f33afc9eb72f995
* sound sets can now use other sound sets as parents, in this
case if a sound is missing for a sound set, it's taken from
the parent one if it exists there, chained parents are also
supported with the available sound files "accumulated" across
them.
* add "expose_to_customer" field to sound sets, it enables exposing
system sound sets to customers so they can be used as a parent or
assigned to the 'sound_set' preference by 'subscriberadmin'.
* add "use_parent" field to sound set files, it's true by default
(for existing or missing sound files) and if set to 0, then parents
are not used for this particular sound file.
* use_parent column is hidden on the UI if a sound set does not have a
parent assigned
* improve sound set handles list on the UI
- Upload is renamed to Add
- empty record are shown in the filename column as localised "(empty)"
and Edit/Delete action buttons
* API /api/soundsets new 'parent_id' field, default null
* API /api/soundfiles new 'use_parent' field, default 1
* API /api/soundsets new 'expose_to_customer' field, default 0
* API /api/soundsets customer_id field now contains the customer id
for 'subscriberadmin' role and 'null' if it's a system sound set
* system sound sets with expose_to_customer == 1 and within the same
reseller are now visible to 'subscriberadmin' on the UI and via the
API in read-only mode, same with the sound files that belong to the
sound set. If a system sound set expose_to_customer is set back to 0,
this sound set is automatically removed from all contract sound sets
where it was assigned as a parent as well as from all subscriber
'sound_set' preferences.
* contract_sound_set|sound_set preference API updates now have tigher
checks for contract_id and also if the system sound set is exposed
to the customer and belongs to the same reseller
Change-Id: I4908fd15e9c224d4c30794ceb8dae1b444bbf56a
* API: GET collection returns only distinct cf sets
* UI: inherited cf sets are now shown in the advanced view
and having suffix '(inherited)' to distinguish them from the
own ones as they are not available in the "Manage Sets" edit
dialog.
Change-Id: Ifd8c1a46fcb4c2c66f8f63268a1e91b80792c216
* subscriber role can now GET call forward sets that
does not belong to the user but used in call forwards
assigned to the user
* the user can only GET the sets but cannot update/delete them
(403 Forbidden is raised in case of attempt)
Change-Id: I391b802d962f4bbeae991e3046ac3f132a19edb6
* update_item(): check that $resource->{attributes}
contains data and an array before processing it
* api-journals.t: fix subscriberprofile 'attributes' field
Change-Id: I28a2e22859cd998f99277e88037dff23981038f3
* subscriber profile form is fixed so that the attributes
list is now correctly shown in the old UI
* /api/subscriberprofiles update, attribute values are now correctly
transformed for the validation and processing
Change-Id: I4418250d4a0e702d75524ab5999eb47429be5a04
* as_admin param is no longer needed as get_usr_preference()
fetches actually set preference for a susbcriber and used
only by the code (not exposed directly to 'subscriber',
'subscriberadmin' roles
* with the aforedescribed, get_usr_preference() no longer
filters by expose_to_customer, expose_to_subscriber for
'subscriber' and 'subscriberadmin' roles
* refactor get_usr_preferences() to be simple and in line
with the other get_*_preferences() as it's mainly responsible
for fetching the preference as requested by the internal
code
Change-Id: Ia52d8f4ebfd854901bf446e29fb475dea1fba866
* fix customer_view role name typo so that it's correctly limited
to for 'subscriberadmin' role
* revert behaviour of get_usr_preference_rs() to return undef if
no preference is found (no access)
* get_usr_preference_rs() now also fetches all internal preferences
for internal work for 'subscriber' and 'subscriberadmin' roles but
they remain invisible for them and not accesible for direct changes
(only when requested by internal logic)
* new get_usr_preference_rs() 'as_admin' parameter that enables
for internal requests to return the preference value for
'subscriberadmin' and 'subscriber' roles, currently used to
show 'lock' status and 'display_name', which are otherwise
inaccessible as those preferences do not have expose_to_customer,
expose_to_subscriber flags
* fix api_prference_defs() correct filtering of preferences for
'subscriber' and 'subscriberadmin' roles
Change-Id: I1a0e51ace1c649f9061deaccb7d6e9f8459f0ed8
* :id is now the brainding's id instead of reseller_id.
That was rather a bug and now fixed and consistent with
the rest of the endpoints.
Change-Id: I794e577499050a95ed68c21af3f963f9f8e9c274
* add described query_params 'subscriber_id', 'reseller_id' so they are
avaialable on the doc
* remove search by param from Role::ResellerBrandingLogos::_item_rs()
* fix Role::ResellerBrandingLogos::_item_rs() queries
* Controller::API::ResellerBrandingLogos*
- now always returns the binary data containing the logo and with
the Content-Type header
- change NOT_FOUND message to indicate that the ResellerBrandingLogo
is either not found or does not have image/image_type
* do not log response queries
* fix allowed_role to be: admin, reseller, subsscriberadmin
Change-Id: Iaadb47fb2d72886a8d9244a523d5914500a4dd20
* subscriberadmin is now able to fetch cfdestinationsets of other subsribers
that belong to the customer
Change-Id: I212f0e31a8e77caa6f681f227771e0b11efb5f62
* subscriberadmin is now able to fetch cfsourcesets of other subsribers
that belong to the customer
Change-Id: I95217587430c52cd7078e1604ffec549ae2dd6b5
* subscriberadmin is now able to fetch cfbnumbersets of other subsribers
that belong to the customer
Change-Id: Ib92c161f320257ba2d6614e10d9eaf03247e7014
* subscriberadmin can now see all other customer's subscribers
call forwards as well as per subscriber_id
Change-Id: I4bdaf3390667fc7208fa6dbde9292b8ba911667f
* "alias_numbers" array when the resource is prepared is
created directly from the resultset, avoiding 'foreach' loops and
conditions.
This improves performance on ~8000 voip_numbers from ~35 seconds
to ~3 seconds.
* is_devid is now always present in the "alias_numbers" object,
and it's =0 if there is no related entry in
provisioning.voip_dbaliases
Change-Id: Ia05b26208f3fec3a9b2203aafe9b4c09b98ca44d
* expand=all now expands by the all resource keys instead
of the current form fields, that is to reflect keys that
are created manually in the response such as reseller_id
or domain_id
* ccare roles now correctly support /api/domains
Change-Id: I9951bfd97b76186def4dc799c72da44425faea4a
* ccareadmin and ccare roles are now able to correctly
fetch the list of billing profiles as well as request one by :id
Change-Id: Ie5f9203b1aa9de9f7ed870caa2ea06ba262c9bfd
* customer_id filter is now possible, which behaves the same as the
existing contract_id. This is to add consistency as filtering by
customer_id is available in other endpoints
Change-Id: I1577d06133f9629c363940a4e8d2fb8012336e21
* rtcengine related logic and apps is now removed
* remove /api/rtcapps endpoint
* remove /api/rtcnetworks endpoint
* remove rtcengine relations from resellers such as
enable_rtc flags
* remove rtcengine related API tests
* remove rtcengine and comx related libraries
* remove csc webphone ui app
* remove webrtc related selenium tests
* remove rtcengine flags from /api/capabilities
Change-Id: I83a4b0457fac2e0df23d267f8dbc82841dfb3001
* the endpoint now contains additional fields starting with prefix
current_* that represent the current aggregated value that is
used for the preferences and also
current_fraud_interval_source
current_fraud_daily_source
that represent the used source for the current_ values
(billing_profie or customer)
customer - if the fraud limit is set on the customer level and > 0
billing_profile - if fraud limit is not set on the customer level
Change-Id: I074285e3464420a14f65695c40c8b8008a241a8d
* Role::API::Contracts add item_by_id() that calls contract_by_id()
* Utils::ProfilePackages::catchup_contract_balances return if
$contract object is undef
* Form::Topup::Log::contract_id expands into Role::API::Customers
instead of Role::API::Contracts
Change-Id: Id4fc67b8ea1e91f350d0172aafc2b722f34e61f3
* the current condition for primary number removal for PUT/PATCH is if
the primary number exists and specified in the data as
primary_number => undef. The condition failed as the 'primary_number'
key was explicitly created regardless of the original user data input,
resulting in a false primary_number => undef.
Change-Id: I17651046627f5c48696c3f1d17da5aa49452fe9a
* primary and alias numbers are now validated that they
do not belong to another subscriber
* aliases are now validated that they are not already set as the
primary number
* reduce amount of related sql queries
Change-Id: I4397bbdc4bc9001b7feeef22cb8f85ee0b6ce8ff
* 'location' field is now optional, if not filled it it will always
default to an empty string instead of null. This is required for the
new mode 'forward' that has no use for this field. If the field
is empty in any other mode like 'add' or 'replace', the entry
will be skiped by the logic.
Change-Id: Ia964c3bb272c9772c51b836ac2418ee4cd7b7f42
* Users with "system" role can change all items accross the system including the password changing for other users.
* Login "system" has persistant "system" role.
* "system" login name is restricted for the user input.
Change-Id: Ibaecba35a86f71fa8895ce9d9feab8e768b65d14
* Fetch recording_metakeys caller/callee for the certain record id(call).
* Add caller/callee fields to the resource and form.
* Frefetching recording_metakeys for the call recording.
Change-Id: I767ea32e19edfd7cbbc74956200343f680fdb2b4
this fix addresses regression reported by dominik:
* $resource{_password}/{_webpassword} cannot be set before the
form validation as they are effectively removed by it,
causing /api/susbcribers returning no passwords at
all for 'subscriber' roles
* Having them after the patch makes no sense either as next
resource_from_item call will effectively remove them again (in PATCH)
(cherry picked from commit 5e9066c4fb)
Change-Id: I88c9ec40843f1e9a6983952b96c0b0e70fbb1bb1
* An attempt to change own role, login, flags
(except for can_reset_password) now returns
403 Forbidden, User cannot modify own permissions
* POST checks if the admin has necessarry permissions
to create another admin
* PUT/PATCH changing own role is now forbidden
* PUT/PATCH changing other's admin role now checks permissions
* DELETE checks role permissions
Change-Id: I990609985ae9cab6213cf47f5f5c8afba2efdda3
This reverts commit 5e9066c4fb.
This implementation breaks:
* $resource{_password}/{_webpassword} cannot be set before the
form validation as they are effectively removed by it,
causing /api/susbcribers returning no passwords at
all for 'subscriber' roles
* Having them after the patch makes no sense either as next
resource_from_item call will effectively remove them again (in PATCH)
Change-Id: I0e8389e8ab34ad72f1b87a684daba77f1030f8ba
* admin users with is_master = 0, cannot see other admin users
(this includes system users) and brings the is_master flag
to the common behaviour
* ccareadmin, ccare users can now access te UI Admins page
as well as /api/admins but they are limited to see/manage
only themselves
* admin users cannot see system users (UI/API)
* reseller users cannot see system/admin users (UI/API)
* admin users cannot modify their own role and flags except for:
email, password, can_reset_password (UI/API)
* UI edit form now does not render fields that are not meant to be
modified by a user (exception: "login")
Change-Id: I82e1946437fd2ec4651abd24074470c695a40582
- Optional "role" parameter is added for POST PUT PATCH.
If "role" is provided then the passed flags are ignored and are applied internally by the server according to the provided role.
If "role" is not provided then the former flags based approach is applied.
Change-Id: Ib6e591ff6dc50122e0ec49a348153ca820fc2e03
a multitude of issues popped after introducing bcrypted
webpasswords in the database. most recently the PATCH /api/susbcribers
rail was reported to reset the webpassword unintentionally.
subscriber login fails afterwards, which is a severe issue.
the bugs are adressed by this refactorings. the change also
introduces a global variable
$NGCP::Panel::Utils::Auth::ENCRYPT_SUBSCRIBER_WEBPASSWORDS
to control encrypting webpasswords. it is still enabled as of now,
but it's worth to consider disabling it. there other ways to have
a "cost" for an authentication request, eg. adding a simple
sleep(1sec).
Change-Id: I2d47d54a2d83568546ffdd2b211337a5f56be3a2
- role_id is taken from billing.acl_roles and written into the billing.admins table when a new admin user is created/updated via UI/API. This is the first step towards the role based admin user handling.
Change-Id: I0804379cbbcab174cebbb292397a39cb3ea01a31
follow up on TT#147151 (fast loading/paging/searching panel
datatables), which broke restapi tests.
Change-Id: I799cb9087b9405c71dec4c690e7a7bab5dfdbdde
* add dictionary support for fields that are expanded
if encountered in all endpoints, with a possibility
to override it, if defined on the endpoint's field
level
* move expand definitions from form fields into the
Expand dictionary
* simplify the expand usage, it now operates only with the
<x>_id fields that are returned and visible in the response
(e.g. if reseller_id is returned, then ?expand=reseller_id),
the returned expand object name is <expand_field_name>_expand
the, so in case of ?expand=reseller_id, the returned object
will be reseller_id_expand
* adapt Role/SystemContacts to work correctly with the expand
functionality
* expanded fields are returned as <expanded_field_name>_expand
Change-Id: I4cab44ede9b40c70a95bbcedc81f58dd1f4e3b67
query refactoring an rowcount clipping for UI datatables
that are slow when using millions of subscribers:
contacts
customers
contracts
subscribers
billing profiles
billing networks
billing profile packages
Change-Id: Ia50e3aa52684772548569b6908f0cbc08395a5a7
* "subscriber" role can now retrieve own autoattendant data. This is needed for the CSC interface.
Change-Id: Id10b302205fe458d5793ae8f7bd9201233f9a0d4
* Admins with is_system and is_superuser are able to see the items for all roles.
* Admin is able to see own journal.
Change-Id: I3e5d459b08ff7ef218220f1ae11974351121c489
provisioning templates with their dynamic forms
can be executed by a entityitem POST request, ie.
POST /api/provicioningtemplates/<reseller>/<template>
or
POST /api/provisioningtemplates/<readonly template>
Change-Id: I77f6c9d42e1afdb49635d3f11e4d73bcf6269605
* vmnotify() now accepts cli and uuid arguments
* API handling of voicemails is now improved to:
- send a notify if the item's INBOX/Old has been changed
- correctly process DELETE to send vmnotify after the
item's removal
Change-Id: Ic00ae825cf091bce273e55aa37cd0a7ac80d8b0f
* domains do not use billing.domain_resellers table anymore
but instead the new domains.reseller_id field. That is
to remove the unneeded many<>many relation through the
additional table where the actual logic only supports
one(reseller) to many(domains) relation
Change-Id: I1b681543baf1901f19e10c2f6210e4cf6eeb8fbe
* switch to 'populate' instead of using
'insert' for each destinations, sources,
times, bnumbers, mappings and CF preferences
* add API->check_patch_op_add_only - to check if
the patch contains only "add" operations
* improve /api/cfmappings, if all PATCH operations
are "add" then the existing records are not
fetched and not recreated, enabling very new mapping
inserts
Change-Id: I0b4e71565c11771026dbbc000aa57b2a613409fa
the /api/provisionintemplates rail provides the
operations to create, edit and delete "provisioning
templates" know from the "batch provisioning" feature
of admin panel.
these templates can also be defined in config.yml,
while it is however only possible to edit templates
stored in the database.
executing a template and/or uploading a .csv for bulk
execution will be available in a separate part.
Change-Id: If8627327270edfce5bca1be3b1f777c1bd44e90f
* webpassword is not correctly removed based
on length, and remain visible when in plain-text
or empty (unset)
* config->security->password_(sip|web)_expose_subadmin
now only affects subscribers under the same customer
that are not this subscriber admin
Change-Id: I329e0f1ad97dd513a33e3652ed03b4a43a95ed04
* password field is virtual and needs to be transformed
into saltedpass, restored the removed logic that does that
in process_form_resource()
Change-Id: I8baabbef2bdb46db850e12b6e0c638ca5c3deddf
* 'webpassword' field is now also validated for invalid
(non-ascii) characters
* Fix multiple APP input field validation erros to comma joined.
* Adjust 'webpassword' field validation errors to have better
readability when there are multiple validation errors
Change-Id: I21536f97a4da78cc5192a3abd8cd5adef1b819ec
* 'administrative' field is read only for susbcriberadmin
role and that caused it to be removed from the final
update 'resource', setting it to 0 if not existed.
now the 'administrative' field is only changed in the database
if it's defined in the 'resource'.
Change-Id: I50738a77052c2163b19b2a42293c7a00e2780bc3
* PATCH: password fields are not removed when
resource is created for apply_patch(), they
are removed under the same condititions later
when hal is generated, that is to ensure that
admin users without the 'show_passwords' flag
as well as subscribers will not run into situation
when they use PATCH and cannot apply it for
"path": "/password" or/and "path": "/webpassword",
as they were removed before apply_patch()
* rework encrypted webpassword detection.
webpasword is detected as encrypted if its length
is 54 or 56 and it contains at least one '$' char,
there is a chance for false positive detection when
a user provides with a plain-text password with the
same pattern but it's very unlikely, as well as
since mr8.5 webpasswords are expected to be encrypted,
and moreover worth case scenario is that the
plain-text password will not be returned to the user
Change-Id: I8ea739cbf728b2134f3ce00cee29da42ab3fb4a3
Kirill Solomko
Rene Krenn
Marco Capetta
Donat Zenichev
Oleksandr Duts
Michael Prokop
Javier Rodriguez
Flaviu Mates