* templates now rely on c.config.general.ngcp_type and hide
the Phonebook feature everywhere if ngcp_type is CE
* introduce "allowed_ngcp_types" config for Controller::API::*
that is an array, and when specified, only the ngcp_type
roles are allowed, otherwise if not specified all ngcp types
allowed (default)
* Controller::API::Root:
- filter controllers from the documentation rendedring
that have allowed_ngcp_type config
specified and do not match the current ngcp type
* Role::API Role::Entities*
- new method check_allowed_ngcp_types()
- check_allowed_ngcp_types() is now called in Entities and
EntitiesItem auto() and denies to 404 Path not found if
the ngcp type does not match
* "Phonebook" UI is now hidden for CE
* /api/phonebookentries is now hidden for CE
Change-Id: I41d4b2f87121f281472be3775b862333923fe37f
* the endpoint will receive "type" (expires|onetime)
and "expires" (positive integer representing seconds)
* type will define the expiray method for the token;
onetime: the token expires as soon as it's used, or
after "expires" seconds if not used
expires: the token can be used multiple times until
it expires according to the "expires" param value
* login_jwt endpoint for generating the JWT token for
subscribers has been enhanced to accept the "token"
param, containing the token generated using the
/api/authtokens endpoint
* admin_login_jwt endpoint for generating the JWT token
for admins has been enhanced to accept the "token"
param, containing the token generated using the
/api/authtokens endpoint
* login_jwt and amin_login_jwt will respond with 403
"Forbidden" if the token role stored in Redis does
not match the role of the user that generated it
* /api/authtokens is hidden from documentation for now
Change-Id: I4eb76c2b08f2e24774fa84ba0ccf7412ce8670e8
* /api/platforminfo does not have its own endpoint file
and therefore, does not appear in the rendered documentation.
it only supports GET method and renders the template file.
the endpoint is designed to provide with the prerendered JSON
data containing the current platform configuration.
* /api/platforminfo supports both authenticated and anonymous
requests, where based on that, the template provides with
the corresponding info withing the current scope.
Change-Id: Idc8138595eda2c14e7f8dc7ed97cc50039fd1adc
* this is needed in order to prevent error when
requesting api documentation
* add 'type' and 'domain' to field list in form
to show up in api documentation
Change-Id: I210ce214523a2c27f84098e630cbfeb5de227848
* new c.users.role 'lintercept', that set to when an admin user has
enabled 'lawful_intercept' flag
* only Administrator page /api/admins and /api/interceptions are available for
the role
* 'lintercept' role can only see own user and only change password
and email
Change-Id: Iadcb022a124afbd77b224e734026f380af0170e8
* ccareadmin and ccare roles have full access to
Customers, Subscribers and their preferences/settings,
and read-only access to BillingProfiles,InvoceTemplates,
EmailTemplates
* ccare role is restricted to the related reseller
Change-Id: I6cf7d3adf912f0fa98d1ef5c02abea2f4331ec4b
the "Try it out" button is disabled for the operations:
PUT, PATCH, DELETE, POST
and therefore only enabled for GET unless the special request param is used.
Change-Id: Iee8338c18e3e8053d6349a20315a7ef3c2f203d5
The only two files left with such warning:
* lib/NGCP/Panel/Field/URI.pm
* t/lib/Selenium/Remote/Driver/Extensions.pm
While they need some special Perl magic to be fixed.
Change-Id: I23553bbffd5bfb38b222733bdeb3937945eabf3e
Used to fetch whether pbx, faxserver, rtcengine etc is enabled.
* Fix rtcengine reseller creation:
- Refuse to create reseller if rtcengine part fails
- Use proper auto-generated rtcengine values (pass, domain)
to not fail on reseller names which are not forming valid
hostnames.
* Implement /api/admins/id to support testing
- add test
- fix creating admins with overly long login
- fix various ACL bugs handling /api/admins/
- fix creating /api/admincerts/ as r/o user
* Fix test framework
- use proper client cert when switching API user
Change-Id: I602fdd8181c0b3f23e76e3eab0df90a1ff9e986f
(cherry picked from commit 0d376bd8b59db65296090d26f2c84d704129beef)
When requested with an "Accept: application/json" header, return
the response in json format instead of xhtml.
Change-Id: Iba4135d8013fd200af426f2eb3d67b97282c034b
the factory Catalyst::ActionRole::HTTPMethods action role
is set for any action, and in race with our own
NGCP::Panel::Role::HTTPMethods. the testcase could have
been misleading ever since, as it uses DELETE /api/customers,
which was present when implemting the method override initially,
but dropped on the road to 4.5.
the issue is resolved by overriding
Catalyst::Controller::gather_default_action_roles.
until the class hierachy refactoring is completed, only
consistent way is to add the override to each api controller.
the action_roles config attribute can therefore be
removed.
using Plack::Middleware::MethodOverride as an alternative from
upstream has the drawback to work only with POST. but a required
usecase is to also support translation DELETE requests to PATCH.
Change-Id: I204ba59869a8327bdd5db8a867fbbb061d1c9e7c
* map regex fixed
* get_form may return an array with the exceptions now
* use get_item_id consistently
* use warnings and strict
Change-Id: I9f356814ecf4b51613d3aee3782a6b3b91f04cad
which implies, among others, strict and warnings. these should never
be omitted and are one of the most frequent complaints of perlcritic
currently.
as a result TryCatch can be removed (imported by Sipwise::Base).
also, "no Moose" is removed (has no effect).
Change-Id: I901b6a9f0f6d426f62b73e68f2c5ad6365c1eeef
Switch from the discouraged base module to the light-weight parent module.
Also remove some surrounding BEGIN blocks from 'use parent' which are
completely unnecessary.
Change-Id: I3a669e8024f098819be45030ca9d1afa8756105c
CAUTION: uses some optimized bulk-insert and truncate mechanisms
bypassing DBIC to make it reasonably fast (1M rows up in ~20s).
Optimized CSV download also to use partial writes to avoid
gateway timeouts on huge files.
Allows to handle LNP carriers in /api/lnpcarriers/.
Allows to handle LNP numbers and batch uploads in /api/lnpnumbers/.
Change-Id: I2f659bf5ee53270bedd3bb416a011bddc558b9ae
any *attempt* of a top-up request should be
logged.
+create top-up log records for api
in order to record failed top-up requests as well,
the somewhat tricky thing is to have two
separate transactions here
+propery casting of topup request json field
values to numbers etc., so the transaction for
creating the log entry cannot fail and e.g.
requests with subscriber_id='blah' are recorded
correctly
+new "request_token" parameter for /api/topupvoucher
and /api/topupcash, to identify and filter for
particular requests.
+topup log api resource
+topup log api tests
+fix to correctly reject used vouchers
+topup log panel UI
+fix for balanceintervals.t threaded tests
Change-Id: I86eb845f6173803705b12cc7e5cdbac9a3153a0a
We rename DataType fields from "name" to "name_id", but still often allow
to pass field as "name". So we need to document both possible params.
In the same time, we can't add "name" field again with required title
or other params.
Change-Id: I63acd6d175517b7f0bba3aedaaff079597e9f7c5
+ synchronized contract balance catchup
+ balance interval resizing upon profile package transitions
+ dynamic interval length, interval start, carry-over propagation, ..
+ end-of-month 'preserve' mode correction for strictly aligned month intervals for start_mode=customer "create" timestamp
+ new api/balanceintervals resource to inspect contracts' balance interval histories
+ updated affected panel UI controllers
+ test case with time warps using Time::Fake
caveats:
- creating an invoice for a given 'period' (month) has to be refactored to select a disitnct balance interval. right now it takes the last interval in the month specified.
- generate_invoice.pl is broken and needs a major refactoring
Change-Id: I7bb54a83b76e510b1baa573a986d05400a7fec1e
Kirill Solomko
Flaviu Mates
Rene Krenn
Irina Peshinskaya
Gerhard Jungwirth
Alexander Lutay
Andreas Granig
Guillem Jover