1101 Commits (master)

Author	SHA1	Message	Date
Rene Krenn	a040dc4b46	MT#64788 mitigate CVE-2024-28344 ... check the target url host when redirecting after pressing a "back" form button. Change-Id: I03b424ec71f3ed985faf42087d1bf1dc6f2e4ff6	4 weeks ago
Kirill Solomko	8b288081f8	MT#62339 RedisLocationResultSet fix $filter assignment typo ... * fix $filter =// typo, should have been $filter =. Change-Id: I33e742cefc530406b736c72f3c9e325be9b84106	4 weeks ago
Kirill Solomko	d1280015c4	MT#62339 /api/subscriberregistrations add total_count support ... * Panel::Utils::RedisLocationResultSet: - add total_count() that returns total count of all entries without pagination - add total count aggregation during _find(), _row_from_mapkey(), _scan() that aggregates total entries that can be shown without pagination * SubscriberRegistrations: - return correct total_count of all possible entries that can be shown (without pagination) - fix a 500 error when 'subscriber_id' contains a non-existing subscriber Change-Id: I914356a809a005c21bb662498ca78dd35affc0ee	4 weeks ago
Rene Krenn	8481c5adb7	MT#64761 prov templates: support contract-only mode ... provisioning templates basically work on subscriber level. this change introduces support for processing files with contract data only. Change-Id: I2f75aaf01e70b1348549c957ab68faf0d786bca9	1 month ago
Rene Krenn	47b5cc7b7b	MT#64594 prov templates: fraud preferences support ... this change introduces support to set contract fraud preferences via provisioning template, ie: fraud_preferences: fraud_interval_limit: "function { current_fraud_interval_source == 'profile' ? current_fraud_interval_limit : 10000; }" fraud_interval_lock: "function { current_fraud_interval_source == 'profile' ? current_fraud_interval_lock : 2; }" fraud_interval_notify: "function { current_fraud_interval_source == 'profile' ? current_fraud_interval_notify : 'jdoe@sipwise.com'; }" fraud_daily_limit: 500 fraud_daily_lock: 2 fraud_daily_notify: "jdoe@sipwise.com" Change-Id: Id7e67fd71e0b1d291ee5e2ea9e2ea9b6bae64781	2 months ago
Rene Krenn	03fec29b38	MT#64584 prov templates: contract_balance support ... this change introduces support to set balances via provisioning template, ie: contract_balance: cash_balance_code: function ( return 123; } free_time_balance: 456 Change-Id: I85d444b26c8f4d50ace39518f7c33c292b4afa0b	2 months ago
Rene Krenn	14caac386c	MT#62342 encode XMLRPC request body, decode XMLRPC response body ... prevent api 500 errors ie. from LibXML parsing because of invalid chars. Change-Id: I2630ba285e1da7bcbfe5558bad1b7c30fa86bebe	2 months ago
Kirill Solomko	00b960814d	MT#64346 skip email dispatch without a dest email ... * when during email template sending invokation there is no target email, the process is correctly skipped. Change-Id: I810b258c9e623b75598fb5da9b98ff499a419c44	3 months ago
Rene Krenn	5fb5a860c3	MT#63980 fix Javascript prov templates raising errors ... The JE module will populate $@, hence an enclosing eval{} wipes the error string unintentionally. in addition the "die" method is now exposed in Javascript templates, to use it to bail out, ie. to propagate a msg from an input validation to the UI. Change-Id: Id3fcf8a7820ee3df51e0cc6323350f5f5908fcf4	3 months ago
Guillem Jover	b6e2baa6c7	MT#63479 Remove prosody support ... Change-Id: I9d3e268450396c12e4058ac9394a80bb191d7635	4 months ago
Kirill Solomko	f6246ba094	MT#64131 fix non-default NULL preference render ... * non-default NULL value is now correctly selected in the UI preferences list as well as in the edit form. Change-Id: Ief3b2e6778441c736589cfccc5a5fb7e60a7dcf0	4 months ago
Kirill Solomko	eae620f204	MT#64067 address deadlock detection for preferences ... * improve Role/API/Preferences err_code callback to check deadlocks (via $self->check_deadlock) and set $process_extras->{retry_tx} = 1 so that the outer caller can act upon it and restart the transaction. * increase deadlock attempts from 2 to 5 as some deadlocks seem to take longer time to resolve. * wait 1 second between deadlock retry attempts as otherwise if a deadlock takes more than 1 second and all the retries are done within less than a second it will cause an error. * EntitiesItem: add support for retry_tx and call goto TX_START if $process_extras->{retry_tx} (when check_deadlock is processed externally, like in Utils::Preferences::update_item in the err_code callback). Change-Id: Ib56383710041c21d72782047a852353296c22215	4 months ago
Rene Krenn	4905f124bf	MT#63818 ldap auth: support dn lookup ... this change will allow to transform the NGCP admin login name to a ldap dn by searching the directory. this is the same technique sssd also uses. Change-Id: Ic852cb0e27aaf31177f2ccf692507b12d2fce3a5	4 months ago
Rene Krenn	a5ac1e959e	MT#63706 skip_locked for DELETE /api/subscriber/id #1 ... Change-Id: I1bbc4d72ca405a4b3935b27d37e503be777de291	6 months ago
Rene Krenn	2a5bd4c409	MT#63706 skip_locked for DELETE /api/subscriber/id ... while acquiring locks is skipped nowadays for collections eg. a GET /api/subscribers/, timeouts were still reported for individual DELETE /api/subscriber/id requests. this change adds logic to skip acquiring locks for DELETE /api/subscribers. there is also a fix to make GET /api/subscribers/id and GET /api/subsriberpreferences/id work. Change-Id: Ie71abecd1f8387b9f56e8e0a47a5f1b16a6f308d	6 months ago
Rene Krenn	2460c6e3d8	MT#63759 prov templates: parse .csv header ... to process .csv files created via excel "save as" -> "CSV UTF-8" directly, the header is now analyzed by Text::CSV_XS. this will automagically determine utf BOM and separator char. furthermore, some fixes are added for provisionion templates base on JavaScript, after adding a trim() method for strings. caching of domains (+resellers, billing_profiles, profile_packages is now fixed to propery print "unknown domain ..." for each line. furthermore, the ngcp-provisioning_template script is fixed to work again after changes: MT#60558 invoke max subscribers/group license check only on POST MT#59078 ?create_primary_acli= query param Change-Id: I8b53ab1c6071de27c62d29e921634063a725c130	6 months ago
Rene Krenn	82b253973e	MT#63724 reduce contract_cnt limit to 10 ... select count(1) from (select 1 from Y .. limit X) can have a longer runtime, depending on order of rows in table Y. to better limit the runtime, X is reduced from 1000 to 10. the UI will show now "used by 10+ contracts" instead of "used by 1000+ contracts". Change-Id: I028b0569cd5f3325d4bd6bed314517b061e4659b	6 months ago
Rene Krenn	73664f29ba	MT#63706 skip_locked for GET /api/subscriber/id ... while acquiring locks is skipped meanwhile for collections eg. a GET /api/subscribers/, timeouts were still reported for individual GET /api/subscriber/id requests. this change adds logic to skip acquiring locks for GET /apu/subscribers/id and GET /api/subsriberpreferences/id. Change-Id: I0b739dd42947e30938e84b1339ba9b7535da8cb8	6 months ago
Rene Krenn	3451546c41	MT#63617 reset admin OTP instead of clearing ... admin OTP has no lazy initialisation, so it needs to be reset rather than cleared. Change-Id: I2d18dd7c78a475ee37bb89f99eff3109b6820a80	7 months ago
Rene Krenn	da9ad91532	MT#62569 reset admin/subscriber OTP secret - restapi ... the 2FA OTP secret can be reset by removing it, the new one is to be created again during the next login attempt. therefore a corresponding "DELETE /api/otpsecret" rail is introduced. while resetting the own OTP is restricted, the OTP of a specific user requires the ID to be passed as query parameter: - DELETE /api/otpsecret/?admin_id=123 - DELETE /api/otpsecret/?subscriber_id=456 Change-Id: I92839b5b682bc61f4d28ad707e9893add6770af0	8 months ago
Kirill Solomko	88a11e059e	Revert "MT#63090 /api/calllists add phonebook entries support" ... This reverts commit c5e6d15800. Reason for revert: the logic is implemented in /api/conversations instead Change-Id: I449f6793c754d6a968438de691147dcff2a33ba5	8 months ago
Kirill Solomko	c5e6d15800	MT#63090 /api/calllists add phonebook entries support ... * new fields: own_phonebook_name (matched name in the phonebook by the number) own_phonebook_id (id of the matched phonebook entry) other_phonebook_name (matched name in the phonebook by the number) other_phonebook_id (id of the matched phonebook entry) * matching happens in the v_subscriber_phonebook (so all inherited entries are returned) Change-Id: I5a0c825a8de28cd9fb11cf5e74b3941b5ba3b01c	8 months ago
Kirill Solomko	6d25bfaa03	MT#63324 fix Auth::is_user_banned error ... * fix a scenario when $key is undefined because the user is authenticating via JWT. Change-Id: I8d5925e209728d55de7557e9652ee47ea0ea48c1	9 months ago
Kirill Solomko	e3db35dd9e	MT#62568 fix get_subscriber_enable_2fa() and get_chained_preference_rs() ... * get_chained_preference_rs() now returns undef if the provided preference does not exist * fix Utils::Auth::get_subscriber_enable_2fa() also check if $rs is defined, in case if 'enable_2fa' preference does not exists in the database. Change-Id: Iffd7abc39c4e62a0c81a74a4dc18c04477445d34	11 months ago
Rene Krenn	00a007da16	MT#62568 subscriber 2FA impl ... Change-Id: Iada4c3a6b0d61babe50178b31c773f5b5897c8c1	11 months ago
Kirill Solomko	0ce365852d	MT#62890 fix and improve voicemailgreetings upload ... * any wav file is now accepted and converted to GSM 6.10, instead of having a strict requirement of GSM files only * provide error messages with single quotes instead of escaped double quotes * error messages do not contain code backtrace info anymore * temporary files are correctly removed on errors and on a successful upload Change-Id: I7b72dc623d231aa90d0a0f99f8d711c48d3d23f2	11 months ago
Guillem Jover	32b0cb1899	MT#62763 Suppress perlcritic false positives or intentional violations ... Warned-by: perlcritic Change-Id: I7466d820e8257165e55e1f500bb256dd697de963	12 months ago
Kirill Solomko	8037316fe4	MT#62705 fix get_peer_auth_params() $rs ... * fix $rs check expression to check for both undef and $rs->value as otherwise it fails when $type is neither 'subscirbers' nor 'peerings' Change-Id: I59e2c445416d5107a4aa207a9f16552d806df54d	12 months ago
Kirill Solomko	4d26ca5c9a	MT#62705 improve peer_auth registrations support ... * DELETE /api/peeringgroups and PUT/PATCH/DELETE /api/peeringservers now call sip_create_peer_registration or delete_peer_registration correspondingly to correctly reflect the registartion on related changes * rework Panel::Utils::Peering create_peer_registration() and delete_peer_registration() - use provisioning peer db object in the argument instead of a separate hash to simplify its logic - adjust related UI parts that call these functions as well as cleanup now unnesessary code from there * Panel::Utils::Peering: remove '_' prefix from _sip* functions as they are not private but rather public class methods * Panel::Utils::Preferences - add suport for 'peer_auth' updates for type='peerings' (was only supported for 'subscribers') - remove '_' prefix from _is_peer_auth_active() * Panel::Utils::Sems - simplify peer registration by using the the db object (same as for subscribers) - only create/delete peer registration when the peering is enabled, otherwise there will be errors related to unavailable $prov_peer->lcr_gw->id Change-Id: I0fc79a6580fd17aa34df870fb7a93e33edfff15b	12 months ago
Rene Krenn	8a11b8e996	MT#61646 fix phoenbook .csv encoding ... Change-Id: Iaf7e6a0d13f34459fb00478dc6285875fba52cfb	1 year ago
Marco Capetta	1be3f5a257	MT#62546 Fix permanent registration nat flags ... Due to changes in how kamailio manage the NAT contacts and the corresponding natping, the flags that the API or web interface sets while a permanent registration is created have to be updated. Before: * Default cflag is set to 0 (natping disabled) * If nat option, then cflag is set to 64 New: * Default cflag is set to 256 (netping disabled) * If nat option, then cflag is set to 128 Change-Id: I39b1d7a697ef72267fd8a05edf0552d2c1403733	1 year ago
Rene Krenn	0bd2c64b98	MT#53706 OTP: login, show registration info ... Change-Id: I20e6fba357b6bfed868edb8030009683b8df29ef	1 year ago
Rene Krenn	4bb352e1f8	MT#53706 rail for generating OTP secret QR code png ... Change-Id: I2d8d4ab1d3967a5c7ac720e09278443c0d098866	1 year ago
Rene Krenn	b0b646db5b	MT#53706 wire OTP secret validation - api, jwt ... Change-Id: I7f0205323811196eb0e319fcb2c888cf8a314f81	1 year ago
Rene Krenn	c0249eadbc	MT#53706 OTP generate_secret, verify_secret ... migrate RFC 6238 One-Time-Password (OTP) implementation Change-Id: Iffd50540037a1b502138e69be4ad7ef86aaee519	1 year ago
Rene Krenn	3c497cb52c	MT#62283 fix dbix "for update no lock" patch ... Change-Id: I51f2bf23c467c9919794548499ae13dd98430370	1 year ago
Rene Krenn	82af5cf518	MT#62283 "for update no lock" logic for GET /subscribers and /contracts ... to unblock the web UI on heavy loaded systems with call rating enabled, "select .. for update no lock" will no longer wait for acquiring locks when retrieving subscriber or contract contract pages. the contract_balance record creation is will be skipped for such contracts that are locked elsewhere. for rails such as /customerbalances, an explicit contract id row lock timeout is introduced, so it does not depend on the mariadb wait_timeout. Change-Id: I6e96342f3f761279a5876c871d2477977823a39e	1 year ago
Richard Fuchs	015ee893d9	MT#59979 defuse license logs ... A missing license is allowable on CE systems. Don't log errors if license is missing. Don't die if sysopen() fails. Change-Id: I00c8ecf361548da6452f1b631d308d9aa8901368	1 year ago
Rene Krenn	143bd0dba9	MT#62084 contract_id field for /api/topupcash and /api/topupvoucher ... so far the topup api rails had just a subscriber_id field. for the AUI migration a contract_id field is required. Change-Id: I2b53971ecd0abe06f7e0ff0e72b9bb83d12a4f6b	1 year ago
Kirill Solomko	d5fd8679fe	MT#62093 return 403 Banned for banned users ... * add banned user redirect for API requests * Urils/Auth move Redis composed keys into functions to increase consistency and avoid typos. Change-Id: I7a6f9b340ac53ffc2ee921410852e36a49587941	1 year ago
Kirill Solomko	9960cd152d	MT#62093 extend user ban keys in Redis ... * keys now have named fields separated by :: * admin keys now contain admin_id and reseller_id * subscriber keys now contain subscriber_id and reseller_id * this is to make it in line with API v2 implementation Change-Id: Ic32a173cad9b63e63e7754f02ac2649d142b099f	1 year ago
Richard Fuchs	b2b5600c16	MT#61630 invalidate rtpengine cached files ... Add class to make RPC calls to rtpengine. Add invokations to clear rtpengine audio cache where appropriate, whenever a file stored in DB is deleted or changed. Change-Id: I3660f9f67dfb0c68c1af80a5439982046be3b6f6	1 year ago
Richard Fuchs	1bcc6430a4	MT#61630 turn XMLDispatch into HTTPDispatcher ... Make the dispatcher content-type agnostic. Add wrapper class XMLDispatch so that existing code can remain unchanged. Extend serialised data in DB with method and content type. Make sure queued data from the DB remains compatible. Change-Id: I999ff715d6500e27ad60cdb3fa902117fa329c63	1 year ago
Rene Krenn	fc42ca7564	MT#59447 fix admin LDAP uri ... Change-Id: Ie9be0d5ea8428a8a96ebfbadb0d285f5082474b5	1 year ago
Kirill Solomko	1873193814	MT#61673 /api/calllists fix missing type response field ... * The 'type' field is now present in the reponse as it's described in the form and also the search params but was not rendered correctly because in the database it is as 'call_type' Change-Id: If7b69a33ed9578be6873462dbab79c9a2079b076	1 year ago
Rene Krenn	de0595c089	MT#59447 admin user LDAP authentication #1 ... Change-Id: Ic31236d933f022b567c74998959267ef9a549b7e	1 year ago
Rene Krenn	358139edee	MT#59447 admin user LDAP authentication ... Change-Id: I86005af30dee6285d80fe69f020f4a33cb23a608	1 year ago
Guillem Jover	bdbd12613c	MT#61459 Do not use Perl indirect object syntax ... This syntax is discouraged, and it is not enabled by default any longer starting with the 5.36 feature bundles. Stop using it so that we can eventually bump our minimum required Perl version. Fixes: Objects::ProhibitIndirectSyntax Warned-by: perlcritic Ref: https://metacpan.org/pod/feature#The-'indirect'-feature Change-Id: I3f89ce74908a896027efa825d90eab3d2e53b1ee	1 year ago
Rene Krenn	1c09e2773a	MT#60197 support deleting call recordings per subscriber ... admin panel will no longer delete callrecordings for all parties of the call, but the single subscriber only. rest-api, behaves the same way, if the ?subscriber_id= parameter is provided. when a callrecording is deleted by all call parties, the remaining records and recording files will be dropped. Change-Id: I61f667bdb074a935a8a04473a3685b10e5e09222	2 years ago
Marco Capetta	f9a328f83d	MT#61065 Fix 'cli' preference removal ... In commit b51c0c9698 the possibility to change the 'cli' preference by subscriber and subscriber_admin was added (under certain limits). On the other hand, the additiona of that part of code broke the possibility to remove the preference using the PATCH api. It is a very uncommon scenario though, but it seems anyway used by some customer. We may think to deprecate this possibility one day, but till then we don't have to create regression to customer. Change-Id: Ie695b567929eb79b1ba63d3c5a31ae5ce7b559bd	2 years ago