ngcp-panel

Commit Graph

Author	SHA1	Message	Date
Kirill Solomko	00b960814d	MT#64346 skip email dispatch without a dest email * when during email template sending invokation there is no target email, the process is correctly skipped. Change-Id: I810b258c9e623b75598fb5da9b98ff499a419c44	1 week ago
Rene Krenn	5fb5a860c3	MT#63980 fix Javascript prov templates raising errors The JE module will populate $@, hence an enclosing eval{} wipes the error string unintentionally. in addition the "die" method is now exposed in Javascript templates, to use it to bail out, ie. to propagate a msg from an input validation to the UI. Change-Id: Id3fcf8a7820ee3df51e0cc6323350f5f5908fcf4	4 weeks ago
Guillem Jover	b6e2baa6c7	MT#63479 Remove prosody support Change-Id: I9d3e268450396c12e4058ac9394a80bb191d7635	2 months ago
Kirill Solomko	f6246ba094	MT#64131 fix non-default NULL preference render * non-default NULL value is now correctly selected in the UI preferences list as well as in the edit form. Change-Id: Ief3b2e6778441c736589cfccc5a5fb7e60a7dcf0	2 months ago
Kirill Solomko	eae620f204	MT#64067 address deadlock detection for preferences * improve Role/API/Preferences err_code callback to check deadlocks (via $self->check_deadlock) and set $process_extras->{retry_tx} = 1 so that the outer caller can act upon it and restart the transaction. * increase deadlock attempts from 2 to 5 as some deadlocks seem to take longer time to resolve. * wait 1 second between deadlock retry attempts as otherwise if a deadlock takes more than 1 second and all the retries are done within less than a second it will cause an error. * EntitiesItem: add support for retry_tx and call goto TX_START if $process_extras->{retry_tx} (when check_deadlock is processed externally, like in Utils::Preferences::update_item in the err_code callback). Change-Id: Ib56383710041c21d72782047a852353296c22215	2 months ago
Rene Krenn	4905f124bf	MT#63818 ldap auth: support dn lookup this change will allow to transform the NGCP admin login name to a ldap dn by searching the directory. this is the same technique sssd also uses. Change-Id: Ic852cb0e27aaf31177f2ccf692507b12d2fce3a5	2 months ago
Rene Krenn	a5ac1e959e	MT#63706 skip_locked for DELETE /api/subscriber/id #1 Change-Id: I1bbc4d72ca405a4b3935b27d37e503be777de291	3 months ago
Rene Krenn	2a5bd4c409	MT#63706 skip_locked for DELETE /api/subscriber/id while acquiring locks is skipped nowadays for collections eg. a GET /api/subscribers/, timeouts were still reported for individual DELETE /api/subscriber/id requests. this change adds logic to skip acquiring locks for DELETE /api/subscribers. there is also a fix to make GET /api/subscribers/id and GET /api/subsriberpreferences/id work. Change-Id: Ie71abecd1f8387b9f56e8e0a47a5f1b16a6f308d	4 months ago
Rene Krenn	2460c6e3d8	MT#63759 prov templates: parse .csv header to process .csv files created via excel "save as" -> "CSV UTF-8" directly, the header is now analyzed by Text::CSV_XS. this will automagically determine utf BOM and separator char. furthermore, some fixes are added for provisionion templates base on JavaScript, after adding a trim() method for strings. caching of domains (+resellers, billing_profiles, profile_packages is now fixed to propery print "unknown domain ..." for each line. furthermore, the ngcp-provisioning_template script is fixed to work again after changes: MT#60558 invoke max subscribers/group license check only on POST MT#59078 ?create_primary_acli= query param Change-Id: I8b53ab1c6071de27c62d29e921634063a725c130	4 months ago
Rene Krenn	82b253973e	MT#63724 reduce contract_cnt limit to 10 select count(1) from (select 1 from Y .. limit X) can have a longer runtime, depending on order of rows in table Y. to better limit the runtime, X is reduced from 1000 to 10. the UI will show now "used by 10+ contracts" instead of "used by 1000+ contracts". Change-Id: I028b0569cd5f3325d4bd6bed314517b061e4659b	4 months ago
Rene Krenn	73664f29ba	MT#63706 skip_locked for GET /api/subscriber/id while acquiring locks is skipped meanwhile for collections eg. a GET /api/subscribers/, timeouts were still reported for individual GET /api/subscriber/id requests. this change adds logic to skip acquiring locks for GET /apu/subscribers/id and GET /api/subsriberpreferences/id. Change-Id: I0b739dd42947e30938e84b1339ba9b7535da8cb8	4 months ago
Rene Krenn	3451546c41	MT#63617 reset admin OTP instead of clearing admin OTP has no lazy initialisation, so it needs to be reset rather than cleared. Change-Id: I2d18dd7c78a475ee37bb89f99eff3109b6820a80	4 months ago
Rene Krenn	da9ad91532	MT#62569 reset admin/subscriber OTP secret - restapi the 2FA OTP secret can be reset by removing it, the new one is to be created again during the next login attempt. therefore a corresponding "DELETE /api/otpsecret" rail is introduced. while resetting the own OTP is restricted, the OTP of a specific user requires the ID to be passed as query parameter: - DELETE /api/otpsecret/?admin_id=123 - DELETE /api/otpsecret/?subscriber_id=456 Change-Id: I92839b5b682bc61f4d28ad707e9893add6770af0	5 months ago
Kirill Solomko	88a11e059e	Revert "MT#63090 /api/calllists add phonebook entries support" This reverts commit `c5e6d15800`. Reason for revert: the logic is implemented in /api/conversations instead Change-Id: I449f6793c754d6a968438de691147dcff2a33ba5	5 months ago
Kirill Solomko	c5e6d15800	MT#63090 /api/calllists add phonebook entries support * new fields: own_phonebook_name (matched name in the phonebook by the number) own_phonebook_id (id of the matched phonebook entry) other_phonebook_name (matched name in the phonebook by the number) other_phonebook_id (id of the matched phonebook entry) * matching happens in the v_subscriber_phonebook (so all inherited entries are returned) Change-Id: I5a0c825a8de28cd9fb11cf5e74b3941b5ba3b01c	5 months ago
Kirill Solomko	6d25bfaa03	MT#63324 fix Auth::is_user_banned error * fix a scenario when $key is undefined because the user is authenticating via JWT. Change-Id: I8d5925e209728d55de7557e9652ee47ea0ea48c1	6 months ago
Kirill Solomko	e3db35dd9e	MT#62568 fix get_subscriber_enable_2fa() and get_chained_preference_rs() * get_chained_preference_rs() now returns undef if the provided preference does not exist * fix Utils::Auth::get_subscriber_enable_2fa() also check if $rs is defined, in case if 'enable_2fa' preference does not exists in the database. Change-Id: Iffd7abc39c4e62a0c81a74a4dc18c04477445d34	8 months ago
Rene Krenn	00a007da16	MT#62568 subscriber 2FA impl Change-Id: Iada4c3a6b0d61babe50178b31c773f5b5897c8c1	8 months ago
Kirill Solomko	0ce365852d	MT#62890 fix and improve voicemailgreetings upload * any wav file is now accepted and converted to GSM 6.10, instead of having a strict requirement of GSM files only * provide error messages with single quotes instead of escaped double quotes * error messages do not contain code backtrace info anymore * temporary files are correctly removed on errors and on a successful upload Change-Id: I7b72dc623d231aa90d0a0f99f8d711c48d3d23f2	9 months ago
Guillem Jover	32b0cb1899	MT#62763 Suppress perlcritic false positives or intentional violations Warned-by: perlcritic Change-Id: I7466d820e8257165e55e1f500bb256dd697de963	9 months ago
Kirill Solomko	8037316fe4	MT#62705 fix get_peer_auth_params() $rs * fix $rs check expression to check for both undef and $rs->value as otherwise it fails when $type is neither 'subscirbers' nor 'peerings' Change-Id: I59e2c445416d5107a4aa207a9f16552d806df54d	9 months ago
Kirill Solomko	4d26ca5c9a	MT#62705 improve peer_auth registrations support * DELETE /api/peeringgroups and PUT/PATCH/DELETE /api/peeringservers now call sip_create_peer_registration or delete_peer_registration correspondingly to correctly reflect the registartion on related changes * rework Panel::Utils::Peering create_peer_registration() and delete_peer_registration() - use provisioning peer db object in the argument instead of a separate hash to simplify its logic - adjust related UI parts that call these functions as well as cleanup now unnesessary code from there * Panel::Utils::Peering: remove '_' prefix from _sip* functions as they are not private but rather public class methods * Panel::Utils::Preferences - add suport for 'peer_auth' updates for type='peerings' (was only supported for 'subscribers') - remove '_' prefix from _is_peer_auth_active() * Panel::Utils::Sems - simplify peer registration by using the the db object (same as for subscribers) - only create/delete peer registration when the peering is enabled, otherwise there will be errors related to unavailable $prov_peer->lcr_gw->id Change-Id: I0fc79a6580fd17aa34df870fb7a93e33edfff15b	9 months ago
Rene Krenn	8a11b8e996	MT#61646 fix phoenbook .csv encoding Change-Id: Iaf7e6a0d13f34459fb00478dc6285875fba52cfb	10 months ago
Marco Capetta	1be3f5a257	MT#62546 Fix permanent registration nat flags Due to changes in how kamailio manage the NAT contacts and the corresponding natping, the flags that the API or web interface sets while a permanent registration is created have to be updated. Before: * Default cflag is set to 0 (natping disabled) * If nat option, then cflag is set to 64 New: * Default cflag is set to 256 (netping disabled) * If nat option, then cflag is set to 128 Change-Id: I39b1d7a697ef72267fd8a05edf0552d2c1403733	10 months ago
Rene Krenn	0bd2c64b98	MT#53706 OTP: login, show registration info Change-Id: I20e6fba357b6bfed868edb8030009683b8df29ef	11 months ago
Rene Krenn	4bb352e1f8	MT#53706 rail for generating OTP secret QR code png Change-Id: I2d8d4ab1d3967a5c7ac720e09278443c0d098866	11 months ago
Rene Krenn	b0b646db5b	MT#53706 wire OTP secret validation - api, jwt Change-Id: I7f0205323811196eb0e319fcb2c888cf8a314f81	11 months ago
Rene Krenn	c0249eadbc	MT#53706 OTP generate_secret, verify_secret migrate RFC 6238 One-Time-Password (OTP) implementation Change-Id: Iffd50540037a1b502138e69be4ad7ef86aaee519	11 months ago
Rene Krenn	3c497cb52c	MT#62283 fix dbix "for update no lock" patch Change-Id: I51f2bf23c467c9919794548499ae13dd98430370	11 months ago
Rene Krenn	82af5cf518	MT#62283 "for update no lock" logic for GET /subscribers and /contracts to unblock the web UI on heavy loaded systems with call rating enabled, "select .. for update no lock" will no longer wait for acquiring locks when retrieving subscriber or contract contract pages. the contract_balance record creation is will be skipped for such contracts that are locked elsewhere. for rails such as /customerbalances, an explicit contract id row lock timeout is introduced, so it does not depend on the mariadb wait_timeout. Change-Id: I6e96342f3f761279a5876c871d2477977823a39e	11 months ago
Richard Fuchs	015ee893d9	MT#59979 defuse license logs A missing license is allowable on CE systems. Don't log errors if license is missing. Don't die if sysopen() fails. Change-Id: I00c8ecf361548da6452f1b631d308d9aa8901368	12 months ago
Rene Krenn	143bd0dba9	MT#62084 contract_id field for /api/topupcash and /api/topupvoucher so far the topup api rails had just a subscriber_id field. for the AUI migration a contract_id field is required. Change-Id: I2b53971ecd0abe06f7e0ff0e72b9bb83d12a4f6b	12 months ago
Kirill Solomko	d5fd8679fe	MT#62093 return 403 Banned for banned users * add banned user redirect for API requests * Urils/Auth move Redis composed keys into functions to increase consistency and avoid typos. Change-Id: I7a6f9b340ac53ffc2ee921410852e36a49587941	1 year ago
Kirill Solomko	9960cd152d	MT#62093 extend user ban keys in Redis * keys now have named fields separated by :: * admin keys now contain admin_id and reseller_id * subscriber keys now contain subscriber_id and reseller_id * this is to make it in line with API v2 implementation Change-Id: Ic32a173cad9b63e63e7754f02ac2649d142b099f	1 year ago
Richard Fuchs	b2b5600c16	MT#61630 invalidate rtpengine cached files Add class to make RPC calls to rtpengine. Add invokations to clear rtpengine audio cache where appropriate, whenever a file stored in DB is deleted or changed. Change-Id: I3660f9f67dfb0c68c1af80a5439982046be3b6f6	1 year ago
Richard Fuchs	1bcc6430a4	MT#61630 turn XMLDispatch into HTTPDispatcher Make the dispatcher content-type agnostic. Add wrapper class XMLDispatch so that existing code can remain unchanged. Extend serialised data in DB with method and content type. Make sure queued data from the DB remains compatible. Change-Id: I999ff715d6500e27ad60cdb3fa902117fa329c63	1 year ago
Rene Krenn	fc42ca7564	MT#59447 fix admin LDAP uri Change-Id: Ie9be0d5ea8428a8a96ebfbadb0d285f5082474b5	1 year ago
Kirill Solomko	1873193814	MT#61673 /api/calllists fix missing type response field * The 'type' field is now present in the reponse as it's described in the form and also the search params but was not rendered correctly because in the database it is as 'call_type' Change-Id: If7b69a33ed9578be6873462dbab79c9a2079b076	1 year ago
Rene Krenn	de0595c089	MT#59447 admin user LDAP authentication #1 Change-Id: Ic31236d933f022b567c74998959267ef9a549b7e	1 year ago
Rene Krenn	358139edee	MT#59447 admin user LDAP authentication Change-Id: I86005af30dee6285d80fe69f020f4a33cb23a608	1 year ago
Guillem Jover	bdbd12613c	MT#61459 Do not use Perl indirect object syntax This syntax is discouraged, and it is not enabled by default any longer starting with the 5.36 feature bundles. Stop using it so that we can eventually bump our minimum required Perl version. Fixes: Objects::ProhibitIndirectSyntax Warned-by: perlcritic Ref: https://metacpan.org/pod/feature#The-'indirect'-feature Change-Id: I3f89ce74908a896027efa825d90eab3d2e53b1ee	1 year ago
Rene Krenn	1c09e2773a	MT#60197 support deleting call recordings per subscriber admin panel will no longer delete callrecordings for all parties of the call, but the single subscriber only. rest-api, behaves the same way, if the ?subscriber_id= parameter is provided. when a callrecording is deleted by all call parties, the remaining records and recording files will be dropped. Change-Id: I61f667bdb074a935a8a04473a3685b10e5e09222	1 year ago
Marco Capetta	f9a328f83d	MT#61065 Fix 'cli' preference removal In commit `b51c0c9698` the possibility to change the 'cli' preference by subscriber and subscriber_admin was added (under certain limits). On the other hand, the additiona of that part of code broke the possibility to remove the preference using the PATCH api. It is a very uncommon scenario though, but it seems anyway used by some customer. We may think to deprecate this possibility one day, but till then we don't have to create regression to customer. Change-Id: Ie695b567929eb79b1ba63d3c5a31ae5ce7b559bd	1 year ago
Kirill Solomko	a3945269fc	MT#59449 fix perform_auth to send correct realm to ban check * perform_auth $realm is in a form of a subrealm, e.g. api_admin_http api_admin_jwt, etc. where for bans check it's 'admin' realm. Therefore, user_is_banned() is now called from there using explicit 'admin' realm as the argument. Change-Id: I3a10a9b492bf9dbe83ddd34a8851e83b23f90587	1 year ago
Kirill Solomko	bbd44f16fa	MT#60858 add /api/passwordchange endpoint * the new endpoint accepts new_password fields and enables for authenticated user a mechanism to quickly change their password * the global password validation rules are enabled * returns 204 No Content * if user's password is expired, the endpoint is the only accessible for the user to change the password and unlock other endpoints. * a few fixes in validate_password() to correctly fetch provisioning subscriber for password change scenarios and webpassword field Change-Id: I906fcfe5c780b850d322b46b445b54c054767673	1 year ago
Kirill Solomko	e09de1e781	MT#60558 invoke max subscribers/group license check only on POST * max subscribers/group license check is invoked only on POST to enable clients to modify existing entries even if the threshold is reached. Change-Id: I858b42ada5c95c179f901e43837b15358027011b	1 year ago
Kirill Solomko	46d297dec2	MT#60656 improve 403 Password Expired for expired passwords * 403 Password Expired is now correctly returned for POST /login_jwt when a password is expired, instead of returning the token. * 403 Password Expired is now correctly returned for API requests and redirect to /changepassword only happens for non API requests. * improve Utils::Auth::check_max_age() to accept also $auth_user and $ngcp_realm for cases (like /login_jwt) where there is an authenticated user but there is no $c->user. Change-Id: I302ad8654bdf16fe0882625fd6e9a8bba7a8ad42	1 year ago
Kirill Solomko	78dfb7f7d8	MT#60656 do not check max_age if user does not exist * prevent max age check if user does not exist (not logged in) and return 1 instead. Change-Id: I5d1af5f46eec6a3eea6df0d719a35d1fedb19b3e	2 years ago
Kirill Solomko	b041888807	MT#60656 add max_age password validation support * UI: password are now validated against $c->config->{security}{password}{web_max_age_days} (unless it's 0) and if the password is expired the user is redirected automatically to /changepassword page, and after successful password change back to the original page. * API: if password is expired all API requests will be returning 403 Forbidden "Password expired", except PUT/PATCH to /api/admins or /api/subscribers with the new password in place. * successful login on the UI now redirects to /dashboard instead of / (to prevent unintended redirect to v2) Change-Id: I075f8e17cc9b0658d6b3b3d526ca5b379d050ce4	2 years ago
Kirill Solomko	c7ae8c1dcf	MT#60300 fix sound sets list rendering for reseller * fix code typo that prevented correct rendering of the sound sets list for reseller roles Change-Id: I35ea38a37932b8dd563a0b95f7e2481a5c45cdbe	2 years ago

1 2 3 4 5 ...

1094 Commits (master)