ngcp-panel

Commit Graph

Author	SHA1	Message	Date
Kirill Solomko	0d3aac99a7	MT#63605 fix GET invoicetemplates without reseller_id * 'reseller' level invoice templates are correctly returned with reseller_id: null, instead of 500 error Change-Id: Ied1e7626fcbb2c28bf3850dd1788f06574ef892b	4 months ago
Kirill Solomko	67091cfb44	MT#63090 /api/conversations add phonebook entries support * new fields: caller_phonebook_id (id of the matched phonebook entry) caller_phonebook_name (matched name in the phonebook by the number) callee_phonebook_id (id of the matched phonebook entry) callee_phonebook_name (matched name in the phonebook by the number) * matching happens in the v_subscriber_phonebook (so all inherited entries are returned) * new private functions _get_call_phonebook() and _get_fax_voicemail_phonebook Change-Id: I321c59dce93a3c478a15ddea2155ff052713db20	5 months ago
Kirill Solomko	4a38eace57	MT#61804 /api/conversations add csv download support * "Accept: text/csv" enabled csv download (same as with other endpoints Change-Id: I84a229f6f1f8760d520f55da1bb250ed6dd1f228	6 months ago
Rene Krenn	eb6f74968e	MT#62987 transcript info - api Change-Id: Ifc83f65b36dfab3913492e8b764210da256f8004	7 months ago
Kirill Solomko	b8cd29ce32	MT#63062 /api/customercontacts fix PUT/PATCH reseller_id validation * add Form::Contact::AdminAPI that uses reseller_id field instead of reseller for better error message * update_contact() fix reseller_id validation for admin roles * update_contact() copy reseller_id from $old_resource for reseller roles so that further reseller_id checks can pass. Change-Id: Ic9559a944265f5c8bceada6077fcf8e14d6bc5d4	7 months ago
Kirill Solomko	a38cd246c4	MT#63066 /api/subscriberphonebook add filter by customer_id * customer_id is now present in the response * customer_id is supported as the query parameter Change-Id: Ia529fa653b165f743c006cb99f6518ae686e517c	7 months ago
Kirill Solomko	f7a3b1eab2	MT#63062 fix /api/customercontacts for reseller roles * fix logic in update_contact() that was performed with the reseller_id that became undef after form validation for reseller roles. Change-Id: I2e1d386f01b5d279188a7600d2d7f0d9d44b7853	8 months ago
Kirill Solomko	0ce365852d	MT#62890 fix and improve voicemailgreetings upload * any wav file is now accepted and converted to GSM 6.10, instead of having a strict requirement of GSM files only * provide error messages with single quotes instead of escaped double quotes * error messages do not contain code backtrace info anymore * temporary files are correctly removed on errors and on a successful upload Change-Id: I7b72dc623d231aa90d0a0f99f8d711c48d3d23f2	9 months ago
Kirill Solomko	4d26ca5c9a	MT#62705 improve peer_auth registrations support * DELETE /api/peeringgroups and PUT/PATCH/DELETE /api/peeringservers now call sip_create_peer_registration or delete_peer_registration correspondingly to correctly reflect the registartion on related changes * rework Panel::Utils::Peering create_peer_registration() and delete_peer_registration() - use provisioning peer db object in the argument instead of a separate hash to simplify its logic - adjust related UI parts that call these functions as well as cleanup now unnesessary code from there * Panel::Utils::Peering: remove '_' prefix from _sip* functions as they are not private but rather public class methods * Panel::Utils::Preferences - add suport for 'peer_auth' updates for type='peerings' (was only supported for 'subscribers') - remove '_' prefix from _is_peer_auth_active() * Panel::Utils::Sems - simplify peer registration by using the the db object (same as for subscribers) - only create/delete peer registration when the peering is enabled, otherwise there will be errors related to unavailable $prov_peer->lcr_gw->id Change-Id: I0fc79a6580fd17aa34df870fb7a93e33edfff15b	9 months ago
Marco Capetta	1be3f5a257	MT#62546 Fix permanent registration nat flags Due to changes in how kamailio manage the NAT contacts and the corresponding natping, the flags that the API or web interface sets while a permanent registration is created have to be updated. Before: * Default cflag is set to 0 (natping disabled) * If nat option, then cflag is set to 64 New: * Default cflag is set to 256 (netping disabled) * If nat option, then cflag is set to 128 Change-Id: I39b1d7a697ef72267fd8a05edf0552d2c1403733	10 months ago
Rene Krenn	6600d7c949	MT#53706 enable_2fa option for /api/admins Change-Id: I7de37482fed913551fc0a1c9b18f789b51b67a05	10 months ago
Rene Krenn	82af5cf518	MT#62283 "for update no lock" logic for GET /subscribers and /contracts to unblock the web UI on heavy loaded systems with call rating enabled, "select .. for update no lock" will no longer wait for acquiring locks when retrieving subscriber or contract contract pages. the contract_balance record creation is will be skipped for such contracts that are locked elsewhere. for rails such as /customerbalances, an explicit contract id row lock timeout is introduced, so it does not depend on the mariadb wait_timeout. Change-Id: I6e96342f3f761279a5876c871d2477977823a39e	11 months ago
Kirill Solomko	24d28676a1	MT#62289 /api/pbxusers add username and domain fields * username represents provisioning.voip_subscribers.username * domain represents provisionoing.voip_domains.domain Change-Id: I98f4043f9b044a7829603f2a350d1548be935ff1	11 months ago
Kirill Solomko	97e457c92b	MT#62178 fix external_id, profile auto removal for subscriber roles * fix 'subscriber' and 'subscriberadmin' roles using PATCH to cause external_id, and profile fields removed. * remove profile_id field from the 'subscriber' and 'subscriberadmin' form Change-Id: Id8bb068ca7fcac2c0c5954f2ed79e841d18ac398	12 months ago
Kirill Solomko	ef4442feeb	MT#61805 add API phonebook support for top level inclusion * /api/customerphonebookentries now support "include" query param that can be either "include=all", "include=shared" or "include=reseller". With "include=all" - shared and reseller entries are included and merged as customer > shared > reseller. With "include=shared" - shared entries are included and merged as customer > shared. With "include=reseller" - reseller entries are included and merged as customer > reseller. * /api/subscriberphonebookentries now support "include" query param that can be either "include=all", "include=customer" or "include=reseller" With "include=all" - customer+shared+reseller entries are included, and merged as subscriber > customer > shared > reseller. With "include=customer" - customer+shared entries are included, and merged as subscriber > customer > shared. With "include=reseller" - customer+reseller entries are included, and merged as subscriber > reseller. * Shared numbers are considered belonging to the customer so when on the customer level the same number is provided, it takes precedence. * It is not possible to edit other level included numbers (they have composide ids). * It is possible to access an included number directly by the id. Change-Id: Ice06bc0961d42a9b64db59aa93029d7505b4805e	12 months ago
Kirill Solomko	e66c568efc	MT#61803 add /api/pbxusers endpoint * this endpoint is designed to provide with basic subscribers info such as display_name, primary_number, pbx_extension and only available for customers with product class 'pbxaccount'. * only GET methods are allowed for this endpoint. Change-Id: I181b863e2c3e5fad34c03a291f64fd7ddb587702	12 months ago
Richard Fuchs	b2b5600c16	MT#61630 invalidate rtpengine cached files Add class to make RPC calls to rtpengine. Add invokations to clear rtpengine audio cache where appropriate, whenever a file stored in DB is deleted or changed. Change-Id: I3660f9f67dfb0c68c1af80a5439982046be3b6f6	1 year ago
Rene Krenn	de0595c089	MT#59447 admin user LDAP authentication #1 Change-Id: Ic31236d933f022b567c74998959267ef9a549b7e	1 year ago
Rene Krenn	598f7dbaf4	MT#61513 prevent duplicates in GET /api/callrecordings callrecording metakeys such as "uuid" for the involved call party is present multiple times by nature. the ?subscriber_id= query param will then narrow down the result. alongside an implicit role filtering (reseller/subscriber), the sql join and filtering for the uuid key is present 2 times however, and multiplied records slip through. this can be prevented with DISTINCT. to avoid performance impacts and consider other metakeys orrcuring multiple times, it will be applied only if a filter is present. Change-Id: I08047aaee265e2e0a706220e03fd4617da16d33c	1 year ago
Kirill Solomko	a7589aeba8	MT#60877 /api/preferencemetaentries accept default_val as boolean * default_val is now correctly accepted as either 1/0 or true/false * fix 500 error when default_val is provided as JSON true/false Change-Id: Id6db9c13ae458ddd61e5a68865249eb4e3e124bf	1 year ago
Kirill Solomko	bbd44f16fa	MT#60858 add /api/passwordchange endpoint * the new endpoint accepts new_password fields and enables for authenticated user a mechanism to quickly change their password * the global password validation rules are enabled * returns 204 No Content * if user's password is expired, the endpoint is the only accessible for the user to change the password and unlock other endpoints. * a few fixes in validate_password() to correctly fetch provisioning subscriber for password change scenarios and webpassword field Change-Id: I906fcfe5c780b850d322b46b445b54c054767673	1 year ago
Kirill Solomko	b041888807	MT#60656 add max_age password validation support * UI: password are now validated against $c->config->{security}{password}{web_max_age_days} (unless it's 0) and if the password is expired the user is redirected automatically to /changepassword page, and after successful password change back to the original page. * API: if password is expired all API requests will be returning 403 Forbidden "Password expired", except PUT/PATCH to /api/admins or /api/subscribers with the new password in place. * successful login on the UI now redirects to /dashboard instead of / (to prevent unintended redirect to v2) Change-Id: I075f8e17cc9b0658d6b3b3d526ca5b379d050ce4	2 years ago
Kirill Solomko	e2e1776090	MT#60558 move max license checks for POST /api/subscribers * the relevant max license checkes are moved from Controller::API::Subscribers::POST to Utils::Subscribers::prepare_resource because there we fetch customer_id from the pilot subscriber in case of pbx subscriberadmin requests that is neccessary for PBX subscribers max license check. Change-Id: I2d1c212d73fe5b9295d1595b4fffebeb67b61e5a	2 years ago
Kirill Solomko	60fa23cb68	MT#60585 add user ban support * users for admin/subscriber realms are now banned if failed to login X amount of times (UI/API). * rework Redis connection and it's now a Catalyst plugin NGCP::Redis accessed by $c->redis_get_connection({database => 19}), the connection per database, per worker process is established only once and then reused (with auto built-in reconnect support). * remove Utils::Redis.pm as it does not have any code/logic anymore. * ban values are taken from $config->{security}{login} as - ban_enable: 1 - ban_expire_time: 3600 ban expire time in seconds - max_attempts: 5 * if max_attempts set to 0, the ban functionality is disabled as it requires to be at least 1 to work. * upon successful login or ban, the failed attempts counter is removed * the failed attempts counter is also removed automatically with the expire time equals "ban_expire_time" or otherwise 3600 seconds. * user bans are logged into panel.log * banned user receives exactly the same return page/codes as per invalid logic. Change-Id: I05cc68c623ee289488fc64f1af50527004dcaae1	2 years ago
Kirill Solomko	d9f283cbc8	MT#59449 enhance password validation and handling * passwords are now validated based on - minlen - maxlen - min lower case chars - min uppper case chars - min digits - min special chars * Data::Password::zxcvbn is used to calculate password score and reject passwords with score < 3 as weak (this library is ported from the Dropbox password validation) * Add password journals and check last used passwords in the journals * Improve password generator javascript function to generate a password with at least 4 of each of the char group types. * Currently affected are subcriber and admin entry creation or modification via UI/API * NGCP::Utils::Auth add optional bcrypt_cost support as last argument for generate_salted_hash and get_usr_salted_pass Change-Id: I100c25107d91741d5101bc58d29a3fa558b0b017	2 years ago
Kirill Solomko	9d021be65a	MT#59979 add license control * UI and API parts are now under license control * new Util::License::get_license($c, $name) - fetches license status by name (1 if enabled, and also if /proc/ngcp/check if 'ok') * add Catalyst::Plugins::NGCP::License with license($name) to fetch valid license by name from anywhere using $c->license('pbx') or from the templates using c.license('pbx'). It internally uses Util::License::get_license($c, $name) * License::get_license_status($c) now requires $c as first argument as well logs license status check errors. * new ActionRoles::License that enables usage of :Does(License) RequiresLicense('pbx') LicenseDetachTo('/denied_page') in the Controller chains * Add license control for UI elements and return 403 Forbidden if a resource is covered by licenses and the license is not active * Hide UI elements if a license is not active * API/Entities/Entities new $c->set_config key: - per endpoint: $c->set_config({ required_licenses => [qw/pbx device_provisioning/] } - or per method: $c->set_config({ required_licenses => { POST => [qw/pbx device_provisioning/] } } } * In case if an API endpoint does not have a license: 403 Forbidden "Invalid license" reply is returned. * Add license based restrictions to API endpoints * /api documentation: - completely hide endpoints that do not have an active license - hide only methods that does not have an active license Change-Id: Iba45fc5068b02306a617fed7b5405f2210574b61	2 years ago
Rene Krenn	9c103302c8	MT#60575 dynamically load provisioning templates module Change-Id: Ibff509825f82a75c9b0221505a1673d78b401989	2 years ago
Kirill Solomko	f72f8291a7	MT#60393 /api/timesets fix reseller_id validation * fix reselelr_id for 'reseller' role and it's now automatically set to the user's reseller_id instead of throwing a validation error Change-Id: Ic732366aea6c4106c37961e599cd1e40fdaba5b2	2 years ago
Kirill Solomko	9a2d66a00a	MT#60238 /api/customerpreferences allow subscriberadmin * subscriberadmin roles can now handle customer preferences belonging to the same customer and only those with expose_to_customer = '1' Change-Id: Iae9ab5d4a96a065b1a627d180dd523e805d954f3	2 years ago
Kirill Solomko	f81481ea66	MT#60236 disable mailtofaxsettings active state checks * disable active state checks for subscriber and subscriberadmin roles in mailtofaxsettings because they can now change it similar to how they could do it in the old csc. Change-Id: Ica8039e83d2acc5e162c7902afcd4b97ac1c5b6d	2 years ago
Kirill Solomko	0d8d68d9a5	MT#60236 /api/mailtofaxsettings allow subscriber roles * subscriberadmin and subscriber can now use /api/mailtofaxsettings * adapt item_rs query for subscriberadmin and subscriber so that subscriberadmin can have access to all 'own' subscribers Change-Id: If8e768c5c06bc4e5f0a6ef9d15e19f542d8b6a4d	2 years ago
Kirill Solomko	f2478178f0	MT#60119 allow pbxfielddeveicepreferences to subscriberadmin role * subscriberadmin role can now CRUD preferences for devices that are assigned to the customer. Change-Id: I09fe3c3b2ed670f0411970dc6402486a3cf6d4be	2 years ago
Marco Capetta	42f8747a6f	MT#59749 Add use_redirection flag to Call Forwards configuration This new flag controls wether the CF is processed as usual (flag with value 0, default) or generates a 302 redirect message back to the caller (flag with value 1). The implementation cover both the UI and the API. Change-Id: Idf945262e17de0d77bb612101d268fd6ea7a309e	2 years ago
Kirill Solomko	e4cda08bd4	MT#59835 /api/billingzones fix HAL ngcp:billingfees relation * billing fees relation was rendering all associated billing fees and that was causing huge data sets to be returned if a billing zones had many fees, now instead a single link is returned /api/billingfees/?billing_zone_id=:id. this is also on par with other links like /api/billingfees/:id Change-Id: Iabb7afb3bf43abf9a22c71750d45a1962a7f16ec	2 years ago
Kirill Solomko	c006e9efc1	MT#59806 add missing cfdestinationsets HAL link type * add missing: "_links" : { "ngcp:cftimesets" : [ .... ], in the collection representation Change-Id: I59fade61ae2679833c43fd5501d14ca45a376572	2 years ago
Kirill Solomko	b2a1bc00d1	MT#59806 adapt /api/cfdestinationsets to Entities * Entites logic is used for GET/POST/PUT/PATCH/DELETE * Utils::CallForwards::check_destinations() do not obfuscate destinations that are returned in the response as all logged data is obfuscated anyways Change-Id: Ia79f9e236c966410e2640d719c3a7f5784cc4c2a	2 years ago
Kirill Solomko	9e3653341a	MT#59478 adapt /api/cftimesets to global transactions, more fixes * /api/cftimesets now fully use Entities/EntitiesItem * EntitiesItem: delete(): fix delete_item() expression processing * Entities/EntitiesItem: post/put/patch/delete: go to TX_END in scenarios where after a method call (e.g. update_item()) there is a normal return from the function but errors in $c->error, so that they are also caught correctly Change-Id: I3bef409ded590796c2bba4f30acd28b02e99065b	2 years ago
Kirill Solomko	bf249f9d96	MT#59797 /api/headerruleconditions (actions) fix reseller role * fix resultset when user role is reseller so that reseller_id is joined correctly and a db error is not produced anymore. Change-Id: I2a1b357037d983f23770bb59519fc2cb8b68a7e4	2 years ago
Kirill Solomko	9dbd6b0e88	MT#59478 /api/contracts address $now and hal_from_contract * the following changes resolve an issue where $now in Role/Contracts resource_from_item appeared as an object and failed subsequent logic: - hal_from_contract is renamed to hal_from_item to match correctly the parent method - call hal_from_item and pass $now string there correctly as $params { now => $now } Change-Id: I5c02d5f7df5d9000550505ad120b9531f87e8d65	2 years ago
Kirill Solomko	205b27a267	MT#59478 API better transaction and error handling * Role/Entities: POST/PUT/PATCH/DELETE methods changes: - support deadlock detection and transaction retry (2 retry attempts at the moment) - improve transaction control, use local $guard instead of saving the ref to $c->stash, as in that case it went out of scope too late and also reported an error message into the log about abnormal $guard out of scope interruption - move all non transaction related code outside of the scope - add error handling when methods such as update_item, and a like do not return the expected data, instead of simply going out of scope and resulting in an uncontrolled reply Role/API: - rework transaction control: + get_transaction_control() is renamed to start_transaction() to better reflect what it does + complete_transaction() is renamed to commit_transaction() + remove unused %params arg + pass $guard into commit_transaction() instead of having it stored as $c->stash->{transaction_guard) that caused the $guard ref to be destroyed much late than expected (there was also a typo as transaction_quard, which is not relevant anymore with the changes + add check_deadlock() that is invoked when an exception is caught or an $c->errors contain an error, and if the error message represents a transaction error, the transaction block is re-invoked via "goto TX_START" - rework error(): + it now accepts args as following: ($self, $c, $code, $message, @errors) # code -> returned as HTTP code in the reply # message -> returned as HTTP message in the reply # errors -> contain errors for internal logging, last element often contains a DBIx exception + populates all @errors into $c->error so they are available on demend in the code via $c->error or $c->last_error + $c->log->error is not invoked now as the errors become printed in log_response() - log_response() now prints collected errors from $c->error correctly as a separate log line, that is alike to the other api logs so that those can be looked up by the request's tx_id, also all errors are now printed only into api.log * Adjust all $self->error() calls in catch($e) to include $e as the last argument, as well as the duplicate $c->log->error is removed from those ocassions * Remove all $c->log->error() calls as they are replaced with either $self->error() (that logs it correctly into api.log) or $c->error('err') that also adds it correctly into api.log * API::CallForwards: rework to use Entities/EntitiesItem * API::Contracts: rework POST to use Entities * API::PeeringGroups: rework POST to use Entities * API::SubscriberRegistrations: rework POST to use Entities * API::RewriteRuleSets: improve create_item() functionality * Utils/Message: add 'api_retry' log type * $c->session->{api_request_tx_id} is changed to $c->stash->{api_request_tx_id} because sometimes the session ref is different and a different tx_id becomes used Change-Id: I633ce7a8047b1bf00a2f6889003088edf0825dcd	2 years ago
Kirill Solomko	aef4c89197	MT#59662 enhance subscriber assigned header rules/sets handling * POST /api/headerrules now supports either 'set_id' or 'subscriber_id'. When 'subsriber_id' is specified, a subscriber assigned header rule set is automatically created if it does not exist, as well as automatically removed when its last header rule is deleted. * It is now possible to directly GET and DELETE /api/headerrules/:id where :id is a subscriber assigned header rule. * It is now possible to directly GET and DELETE /api/headerrulesets/:id where :id is a subscriber assigned header rule set. * Improve /api/headerrules data validation and duplicate header rule detection. * It is now possible to expand by /api/headerrules/?expand=set_id field Change-Id: I681bc61c2eed47a8e54847f07f31134f643930c2	2 years ago
Rene Krenn	740bb764e5	MT#59434 always take aliases from voip_numbers in case the DB shows discrepancy because of missing primary provisioning.voip_dbaliases records, align with legacy panel behaviour and also take the restapi aliases list from voip_numbers, instead of voip_dbaliases. .. while trying to keep the performance gain from https://gerrit.mgm.sipwise.com/c/ngcp-panel/+/65086. Change-Id: Ibd7f8c8bc6a39ae2c31b4e8818080674ab77d66c	2 years ago
Rene Krenn	cc8fd8928d	MT#58890 force cft_ringtimeout as number Change-Id: I4df4fbf6522d28a30731c87a36c95ae8350830fa	2 years ago
Rene Krenn	2101e2246d	MT#58936 fix customerzonecosts resourcename Change-Id: I22b052bc6931e5426e1aa982396c446cb1c67883	2 years ago
Rene Krenn	853bc9f535	MT#58936 direction filter param for /api/customerzonecosts Change-Id: Ie831381576ffdb2a08375cf73bc66c1c5e6d2076	2 years ago
Kirill Solomko	462bfedc43	MT#58861 /api/headerruleconditions accept values as a list of strings * {"values:", ["value1", "value2"]} is not accepted by /api/headerruleconditions * the previous behaviour of {"values": [{"value": "value1"},{"value": "value2"}]} is preserved Change-Id: I7d9540d20ed0ecbb2712f1905a7d9e6f7af7e06d	2 years ago
Kirill Solomko	8985839509	MT#58834 fix headerrule conditions/actions dp_id check * address a 500 error when rwr_set_id is specified but empty and dp_id is also specified Change-Id: I0160a3c2f6b3cf139935c4e2daf7e1635dafb99a	2 years ago
Rene Krenn	8e82715eb8	MT#56239 api/callrecordings support filtering multiple metakeys filtering an Entity-Attribute-Value model cannot be done as simple conjunctions, but requires either INTERSECT set operation, or joining the same table multiple times. Change-Id: I5ce1ae1ece9406b6610487654f09d768a233b122	2 years ago
Kirill Solomko	1231cae638	MT#58746 /api/phonebookentries fix duplicate check * all reseller_id-number entries are checked for POST * reseller_id-number pairs that != item->id are checked for PUT/PATCH Change-Id: I93a8b7fe22ed63d2d84e2d45291981d09b4af156	2 years ago
Rene Krenn	9c3a549094	MT#56239 api general caller/callee wildcard search support various api rails will need to support ?caller= and ?callee= url query parameters. since this involves SQL queries against potentially large database tables, special care is taken with wildcard search to prevent slow queries: - the ?wildcards=true query parameter has to be specified to accept search patterns that contain wildcard symbols, so wildcards are not accepted by default. WARNING: a search string with a leading wildcard will always force a slow full db table scan! - the * symbol is used as a wildcard symbol - \ (backslash) is used as escape character to search for a literal '*' Change-Id: Ie6065b0cfa883f7963e1dc8259fffea9a1edfdfe	2 years ago

1 2 3 4 5 ...

814 Commits (0d3aac99a7b72778e3ed60bd139ab5ab15b8eca7)