for administrators with disabled 'show_passwords'
* Add check in master data edit form to disable
web_password and sip password fields.
* Add check for api GET to not show passwords
Change-Id: Icf95cddc07982a698c893661b529e7542002ec60
If a device needs the CA cert to bootstrap, then provide the full
chain of certificates for proper validation.
Change-Id: I62eb0adfa3fba8c558ac244f1cc10189de94ec64
ALE terminals request config.$mac.xml, also strip them in the
bootstrap phase to determine the $mac.
Change-Id: I1a34ce5b0f0ffa4fd5f819b276344bff43a53d64
for panel UI datatables such as callhistory, automatic rowcount
clipping comes into effect, to prevent pageloads taking minutes
with large calllists.
the clipping also requires special handling of any queries
with an OR clause, which we explicitly expressed as compound
queries (set operations eg. UNION) meanwhile (fortunately!).
this allows to improve the query speed in such cases, by injecting
the filter condition to each subset query.
when introducing this technique, it was clear to sacrifice
ordering of the result, since sorting is pointless when merging
clipped subsets with UNION. allthoug the UI provides a subtle
hint whenever clipping occurs, this is not intuitive to users
(what else).
this is an attempt to improve the situation by applying the
order clauses to the subsets. this way eg. the initial sorting
(timestamp descending) of the callhistory datatable should show the
recent items properly and effectively clip away the older entries.
Change-Id: Ia249e96ac4330cfcdb4905ce2cd0b925aace80f4
* switch from Moose to Moo reduced memory consumption
* rework RedisLocationResultSource to use AUTOLOAD
instead of creating accessors in BUILD (that is very expensive
considering the amount of rows, multiplied by the overall amount
of entries). Now the object creation takes sub 0.0001 sec from
0.017 sec as before.
Change-Id: I9917ff38266ce89297adf55d75c40dd5f16a435b
the client cert serial was taken from epoch time in secs.
if a computer is fast enough, there is the chance a
subsequent POST /admincert did not invalidate the old cert
properly (as expected by api-cert-auth.t), but created an
identical one.
Change-Id: Ifd906489029efd17df0997c5aceec3ac1db08fb1
* PATCH by value when it is an ARRAY
now iterates backwards through the current values and
it iterates as:
for current_values
for values_to_remove
instead of:
for values_to_remove
for current_values
to preserve indexes order
* check and avoid situations when indexes for removal are
added multiple times, by marking already added indeses for removal
Change-Id: Id50c5ea08ad0f7c626a6b23b288e6d008a19696a
* elements must be removed reversed so last index is removed first,
otherwise the list "for removal" becomes out of sync with the
"current elements" causing wrong values to be removed, or an
out of bounds index array error
Change-Id: I9ab9bce8205169bc7841c51f37743ab17946cc11
adds gdpr obfuscation quoting for:
+ subscriber numbers
+ subscriber ip addresses
+ subscriber usernames
+ any logmessage "DATA": query parameters, form data, response data
+ subscriber uuid's
+ call id's
+ callforward sip uri's
the quoting is centralized by $c->qs() ("quote sensitive"), using
catalyst plugin mechanism.
escape symbols are set to « (\x{ab}) and » (\x{bb}).
generate_logfile_data_inventory.pl was modified to mark loglines
with "gdpr affected" status, if $c->qs() was used in a log message.
Change-Id: I0f42d7992594232ae33e5666b0a64009211c5b76
* Fix obfuscation in /api/conversations.
Suppresion columns were not retrieved
accordingly because of the need of
suppresion aliases. The issue was solved
by caching the aliases in the stash.
Change-Id: I5b438585fa6538085d4615dd1b98ab08bfb2ffe6
* due to Net::HTTP internal responses handling when
keep_alive is enabled that causes connections that
send an empty body back entering a blocking socket
read scenario and breaking the connection.
Change-Id: I9bb691299012f8e6b943a56e080edf7f73f827f1
* Add validation when retrieving callflow
domains from config. This prevents the
panel from crashing when features like
pbx are not enabled
Change-Id: Ibe459c7c877d9fdcbc941dcd92e3708b5a1d9b1f
* Store provious value for admin flag
for subscribers because form field
validation was deleting it because
it is read-only
* Fix DB query that was causing error
Change-Id: Ib73b76c2b912c687da1b1c9ea346541b0b32c3a9
* There is now a PATCH method for soundfiles so
their details can be updated without uploading
a new file
Change-Id: I96e7b453b9830c40d24c15f5ca364021373dfdee
* the system status widget is disabled because
it contains static "OK" values. will be reenabled
once the values represent the actual system state.
Change-Id: I4dbdb64d423911e5a40f0d36e9fb769e0c1424f1
* add a check in Subscriber::apply_rewrite that
the provisioning subscriber object exist,
to address cases when a subscriber is terminated
Change-Id: I1ad16f448c4efcf80eedb08ef3f6c014769ff5fd
It works well now for Panasonic, Polycom, Yealink
Snom works (403 response) if change current host
provisioning.snom.com to
secure-provisioning.snom.com
Without this change we need to disable name checking, and then the same get 403 response code with short html description (so, ssl works).
Change-Id: I1743d2dcb33557a7cf9898aef56f00074b9141a2
* subscriber_only UI header rule set is now
automatically created only when a first rule
is created and removed with the last rule
Change-Id: I7c0be5a3e89e050e97441c4baaf355769db9867b
* Adapt code to retrieve file type from header,
not only to expect WAV, and convert it to WAV internally
* Add support for multipart/form-data requests for CSC platform
Change-Id: I12dca611a23c90801b1faae269a55b9fcc895244
And also fix description for Location creation form
All Customer controller fix implemented a little out of common way to handle customer detatils forms
Forms on customer details page use common code on the bottom of the customer/details.tt. Phonebook forms use helpers/datatables forms related code. It allows to avoid stashed "description" parameter, that is totally related to View (template) and generates correct name for the edit form.
Change-Id: I2a16d6861cd2d847f68bd02245058c9a4535a0a9
The is_devid and devid_alias were not properly saved and re-loaded
in edit, nor was their status shown in the master data.
Change-Id: If3403b5baa6135b4171e7b523aaa56de0fc5cb10
* Change find_or_create to find_or_new to insert new record
only when a POST is issued and form is validated
Change-Id: I31149c50f543747468230355b7f97d8f02fb47e8
* update subscriber preferences after providing
a new header rule set
* add header rule exception in preferences GET
to retrieve the name, not the id
Change-Id: If0368b3b776d0f87c6e2c775c9f7ead4524a0854
* API SoundFiles transcoding error is now handled
correctly
* Fix cases in Role/API/SoundFiles that used
last instead of return
Change-Id: I2636d654b3b405645761dda834c8215514bf50e2
* UI: subscriber Preferences" page now contains
a new "Header Manipulations" tab that enables
setting header manipulation rules per subscriber.
They are applied in the following order:
- domain header rule set is applied (if defined)
- subscriber header rules are applied (if defined)
An internal header rule set is now created per subscriber
automatically, if used from the UI
* API: /api/headerrulesets now supports "subsriber_id",
when a whole collection is fetched without ?subscriber_id
only records where subscriber_id = NULL are returned
by default
* fix "read only" UI elements representation in the datable
for header rule sets, rules, conditions, actions
Change-Id: I3e80d1899c577055f3603e80bb3a13d70c5b22cf
* header manipulations related endpoints are now
rendered with the datatables and support pagination,
and search
Change-Id: I264d2c55ec97199714159bbc2d1d3181e23880fb
Kirill Solomko
Flaviu Mates
Andreas Granig
Rene Krenn
Guillem Jover
Sipwise Jenkins Builder
Irina Peshinskaya