ngcp-panel

Commit Graph

Author	SHA1	Message	Date
Kirill Solomko	27bdde4e3e	MT#62178 fix external_id, profile auto removal for subscriber roles * fix 'subscriber' and 'subscriberadmin' roles using PATCH to cause external_id, and profile fields removed. * remove profile_id field from the 'subscriber' and 'subscriberadmin' form Change-Id: Id8bb068ca7fcac2c0c5954f2ed79e841d18ac398 (cherry picked from commit `97e457c92b`)	2 months ago
Marco Capetta	51e549b9a5	MT#57342 /api/subscribers fix field role inconsistency When the subscriber preferences API is called by a subscriber admin of a normal (not PBX) customer, then some values are removed from the output. In all the other cases those values are instead returned. This fix let expose the profile_id, domain_id, status and webpassword to all the types of subscribers because necessary in the CSC context. Change-Id: I629475e7f51d747a55ebfbc44232fb94a54fed06 (cherry picked from commit `ce6884ebab`)	2 years ago
Kirill Solomko	c31e221028	MT#55871 /api/subscribers optimise GET alias_numbers * "alias_numbers" array when the resource is prepared is created directly from the resultset, avoiding 'foreach' loops and conditions. This improves performance on ~8000 voip_numbers from ~35 seconds to ~3 seconds. * is_devid is now always present in the "alias_numbers" object, and it's =0 if there is no related entry in provisioning.voip_dbaliases Change-Id: Ia05b26208f3fec3a9b2203aafe9b4c09b98ca44d (cherry picked from commit `0c4deaaad0`)	2 years ago
Kirill Solomko	e19303a7cc	MT#55864 /api/subscribers correctly process administrative flag * administrative flag is now correctl set to false when requested by the client Change-Id: I81a1951f90ce9885bff806d39e11098475d93ac1 (cherry picked from commit `507d088586`)	3 years ago
Kirill Solomko	e011960739	Revert "TT#171850 fix unintentional primary number removal" This reverts commit 6bdfca91129309561e72eed902a8a4b66604a7bd. Change-Id: Ie7269ac9ce0302928b234302880bfa9896e8cdf0	3 years ago
Kirill Solomko	6bdfca9112	TT#171850 fix unintentional primary number removal * the current condition for primary number removal for PUT/PATCH is if the primary number exists and specified in the data as primary_number => undef. The condition failed as the 'primary_number' key was explicitly created regardless of the original user data input, resulting in a false primary_number => undef. Change-Id: I17651046627f5c48696c3f1d17da5aa49452fe9a	3 years ago
Oleksandr Duts	afa9289b66	TT#167900 /api/subscribers improve number duplicate checks * primary and alias numbers are now validated that they do not belong to another subscriber * aliases are now validated that they are not already set as the primary number * reduce amount of related sql queries Change-Id: I4397bbdc4bc9001b7feeef22cb8f85ee0b6ce8ff	3 years ago
Rene Krenn	d82d93da9d	TT#71950 fix leftover with `35b568dde` Change-Id: If71d07972f56cb1b7cb0bbafdcfd3b68cce6e254	3 years ago
Michael Prokop	35b568dde4	TT#71950 Fix typos * successfuly -> successfully * diplay -> display * recieve -> receive * mathes -> matches * cahnged -> changed * Unprocessible -> Unprocessable * The the -> The * repesent -> represents Change-Id: I123f5b1ec8c11fe01db4e5768bd640c4920d3366	3 years ago
Rene Krenn	599dd0613b	TT#151751 fix plaintext sippassword no longer returned this fix addresses regression reported by dominik: * $resource{_password}/{_webpassword} cannot be set before the form validation as they are effectively removed by it, causing /api/susbcribers returning no passwords at all for 'subscriber' roles * Having them after the patch makes no sense either as next resource_from_item call will effectively remove them again (in PATCH) (cherry picked from commit `5e9066c4fb`) Change-Id: I88c9ec40843f1e9a6983952b96c0b0e70fbb1bb1	3 years ago
Kirill Solomko	81ebdb8dcf	Revert "TT#151751 refactor persisting subscriber webpassword" This reverts commit `5e9066c4fb`. This implementation breaks: * $resource{_password}/{_webpassword} cannot be set before the form validation as they are effectively removed by it, causing /api/susbcribers returning no passwords at all for 'subscriber' roles * Having them after the patch makes no sense either as next resource_from_item call will effectively remove them again (in PATCH) Change-Id: I0e8389e8ab34ad72f1b87a684daba77f1030f8ba	3 years ago
Rene Krenn	5e9066c4fb	TT#151751 refactor persisting subscriber webpassword a multitude of issues popped after introducing bcrypted webpasswords in the database. most recently the PATCH /api/susbcribers rail was reported to reset the webpassword unintentionally. subscriber login fails afterwards, which is a severe issue. the bugs are adressed by this refactorings. the change also introduces a global variable $NGCP::Panel::Utils::Auth::ENCRYPT_SUBSCRIBER_WEBPASSWORDS to control encrypting webpasswords. it is still enabled as of now, but it's worth to consider disabling it. there other ways to have a "cost" for an authentication request, eg. adding a simple sleep(1sec). Change-Id: I2d47d54a2d83568546ffdd2b211337a5f56be3a2	3 years ago
Rene Krenn	d786af1591	TT#147151 finish refactoring of avoiding JOIN billing.product follow up on TT#147151 (fast loading/paging/searching panel datatables), which broke restapi tests. Change-Id: I799cb9087b9405c71dec4c690e7a7bab5dfdbdde	4 years ago
Kirill Solomko	535c38cd93	TT#133800 fix webpassword, change subadmin expose password * webpassword is not correctly removed based on length, and remain visible when in plain-text or empty (unset) * config->security->password_(sip\|web)_expose_subadmin now only affects subscribers under the same customer that are not this subscriber admin Change-Id: I329e0f1ad97dd513a33e3652ed03b4a43a95ed04	4 years ago
Kirill Solomko	3ef167575c	TT#133901 fix administrative flag for subscriberadmin * 'administrative' field is read only for susbcriberadmin role and that caused it to be removed from the final update 'resource', setting it to 0 if not existed. now the 'administrative' field is only changed in the database if it's defined in the 'resource'. Change-Id: I50738a77052c2163b19b2a42293c7a00e2780bc3	4 years ago
Kirill Solomko	c50b49db96	TT#133800 fix password fields behaviour in API * PATCH: password fields are not removed when resource is created for apply_patch(), they are removed under the same condititions later when hal is generated, that is to ensure that admin users without the 'show_passwords' flag as well as subscribers will not run into situation when they use PATCH and cannot apply it for "path": "/password" or/and "path": "/webpassword", as they were removed before apply_patch() * rework encrypted webpassword detection. webpasword is detected as encrypted if its length is 54 or 56 and it contains at least one '$' char, there is a chance for false positive detection when a user provides with a plain-text password with the same pattern but it's very unlikely, as well as since mr8.5 webpasswords are expected to be encrypted, and moreover worth case scenario is that the plain-text password will not be returned to the user Change-Id: I8ea739cbf728b2134f3ce00cee29da42ab3fb4a3	4 years ago
Kirill Solomko	2b144caf2c	TT#128605 implement dynamic fields expand * add API functionality to request additional data and expand fields in GET methods * syntax: - /api/resource/?expand=all - expands all expandable fields e.g.: customer_id field is expanded and customer internally is queried and returned under "customer" => {...} (the returned data is identical to what /api/customers/id would return) - /api/resource/?expand=reseller_id,customer_id - expands only reseller_id and customer_id fields, if they are expandable - /api/resource/?expand=reseller_id,invalidfield_id - returns the data and expands only fields that are expandable (reseller_id in this case) but if it finds either unknown fields or non-expandable fields, changes HTTP status code to "409 Conflict" * adapt all API endpoints to support dynamic expand fields expanding functionality, however the actual expand for them requires modifying the form fields in the following format: has_field 'contact_id' => ( element_attr => { expand => { class => 'NGCP::Panel::Role::API::CustomerContacts', id_field => 'contact_id', alias => 'contact', fetch => 0, }, }, ); - class - represents the class that should be used by the logic to fetch the relevant data - id_field - which field from the resource needs to be expanded, it should be the "id" field (subscriber_id, domain_id, etc.) - alias - (optional), under which key the fetched data is stored. the field name is used as the key if the option is omitted. - fetch - (optional), if the returned data is under $data->{contract_id} then it will be fetched from there and stored under the key (field name or alias), otherwise the whole retreived data is stored under the key (field name or alias) * adapt /api/autoattendants to use the new approach (old one was expand=1) * currently supported endpoints with expand: - admins - autoattendants - domains - customers - customercontacts - resellers - subscribers Change-Id: Iac53409dad944ed4794039a48dc3a9f6dce25bc1	4 years ago
Flaviu Mates	67ca4d5a00	TT#114703 Use config flags password_(sip\|web)_expose_subadmin in api Change-Id: I289a3683c09c098d52c1ddb5a489c8c2093f9c99	4 years ago
Rene Krenn	a916bd3c4f	TT#116703 prevent entering duplicate alias numbers Change-Id: I3d35f87738bb6d73f62b300e487a113b45223ad1	4 years ago
Rene Krenn	8238204682	TT#105100 fix update case for webpasswd db encrytion Change-Id: I91de91430434edef744c6b3791749ea81053d1cb	4 years ago
Flaviu Mates	c50153b1f7	TT#99561 Introduce extension range preference for Customers * Limit subscriber's extension to a predefined customer extension range preference (both AP and api) Change-Id: I0b6ac5c24b3838f07cc561e7ee6b7cfabe69385e	4 years ago
Kirill Solomko	96ce7b1143	TT#101300 remove devid_alias field * dbaliases->devid_alias field is no longer in use and available via the UI/API Change-Id: I3ec1a82ef76822595aa37e94ec002d11a0cce58c	4 years ago
Rene Krenn	65634d7014	TT#84329 encrypt/decrypt password, weppassword, pin Change-Id: I74ae79b798955e6e20c32a644c739d81786f90c0	5 years ago
Andreas Granig	8f8e1d5fc9	TT#78557 - Use bcrypt to hash webpassword * Change the way webpassword is handled accross NGCP Panel UI/API to comply with new password encryption * At login, if password is not encrypted with high cost due to the ngcp-bcrypt-webpassword script, encrypt it with proper cost * Accept old password format as well until all webpasswords are encrypted Change-Id: Iefa9584a62ab4b7d2a224d10bdd415e9cbb8dfb5	5 years ago
Rene Krenn	a11f2bed5e	TT#77452 properly synchronize subscriber create/update acquire the billing.contract row lock before any unordered billing.voip_numbers rowlocks by sub manage_subscriber_numbers(). - "deadlock" waittimeout errors will cease when creating subscribers concurrently via api - max_subscribers, is_pilot and other per-contract constraints will be respected accurately Change-Id: I73bb7525b327bbb09217b790be9c14cc65ddebcc	5 years ago
Rene Krenn	bfd2b4b5b1	TT#73364 batch provisioning implementation of config.yml-based "provisioning templates" for creating a subscriber setup with one click or batch-wise (.csv upload), currently comprising of: - contact - contract - contract prefs - subscriber - subscriber prefs - trusted sources - registrations Change-Id: I0c3c1ef93bbe0ca926bbe906a35346bef5094fac	5 years ago
Flaviu Mates	a4265a91e0	TT#69503 - Change subscriber's domain assignation logic * Only allow to assign domains for subscribers from the same reseller as subscriber's customer * Change Subscribers.yaml test to retrieve a domain for testing from the same reseller as subscriber's customer Change-Id: I6c7cc7a9874207cfcd63360a6f87e2fd6841011c	6 years ago
Flaviu Mates	42473db9d7	TT#64751 - Allow subscribers to change their password * Add specific check for non-pbx subscriberadmins Change-Id: I133d1f77fac54ef77182661f3d8eeee71768a4e3	6 years ago
Kirill Solomko	ce664263b2	TT#65101 add ccareadmin ccare roles * ccareadmin and ccare roles have full access to Customers, Subscribers and their preferences/settings, and read-only access to BillingProfiles,InvoceTemplates, EmailTemplates * ccare role is restricted to the related reseller Change-Id: I6cf7d3adf912f0fa98d1ef5c02abea2f4331ec4b	6 years ago
Flaviu Mates	6f8a1c8be0	TT#64751 - Allow subscribers to change their password * Change permissions to allow subscribers to change their own password Change-Id: Ieee9d1b3d16cab6ce0313491b4d65574039034f3	6 years ago
Flaviu Mates	603351c2d5	TT#59024 - Disable web_password and sip password fields for administrators with disabled 'show_passwords' * Add check in master data edit form to disable web_password and sip password fields. * Add check for api GET to not show passwords Change-Id: Icf95cddc07982a698c893661b529e7542002ec60	6 years ago
Rene Krenn	dda5ffe48f	TT#56340 fix subscribers.t not matching obfuscation chars Change-Id: I7023d1e23fc397e3556705fc52db50eace6c02b4	6 years ago
Rene Krenn	cae5270af5	TT#56340 panel logline obfuscation adds gdpr obfuscation quoting for: + subscriber numbers + subscriber ip addresses + subscriber usernames + any logmessage "DATA": query parameters, form data, response data + subscriber uuid's + call id's + callforward sip uri's the quoting is centralized by $c->qs() ("quote sensitive"), using catalyst plugin mechanism. escape symbols are set to « (\x{ab}) and » (\x{bb}). generate_logfile_data_inventory.pl was modified to mark loglines with "gdpr affected" status, if $c->qs() was used in a log message. Change-Id: I0f42d7992594232ae33e5666b0a64009211c5b76	6 years ago
Flaviu Mates	d59e4c97e2	TT#58570 Fix subscriberadmin PATCH * Store provious value for admin flag for subscribers because form field validation was deleting it because it is read-only * Fix DB query that was causing error Change-Id: Ib73b76c2b912c687da1b1c9ea346541b0b32c3a9	6 years ago
Andreas Granig	d5ba7c11cb	TT#52989 Implement device alias provisioning logic Change-Id: I7dc14a2f8fdcfa507a5e46872421923b44f133bc	6 years ago
Irina Peshinskaya	b1e4733d00	TT#43351 Check subscriberadmin access to profile and profile_set Unify UI and API code to make subscriberadmin behavior with profile_set and profile common Change alias_numbers input field to embedded RepeatableJS so it pass form validation Change-Id: I1b3dc6f88cc6c1f43d76acc8e339dbb664c166a3	7 years ago
Irina Peshinskaya	49e9e49b74	TT#44077 Disable subscriberadmin creation for subadmin in API And add checking of used customer to limit subscriberadmin and reseller to own customers Change-Id: I979afe8d2babaa0df3ac7106cb9d423548d3634c	7 years ago
Irina Peshinskaya	cf0a6a3684	TT#42860 Add proper reseller checking to subscribers API Change-Id: I5bb688af5f1a247bb99d198daaf17f8523d22b3a	7 years ago
Irina Peshinskaya	9ed0657d4c	TT#40503 Show journal links to allowed roles only Change-Id: I547b2db4767b1e383506bc812b6486db944fceec	7 years ago
Irina Peshinskaya	3e95f54c09	TT#40511 Check subscriberadmin edit only own customer subscriber Change-Id: Icede280da9f72172eb19e0bf8bdb2ee22befcfc4	7 years ago
Gerhard Jungwirth	d7cb06c215	TT#38811 fix changed subscriber form alias_numbers are in a different format than expected by the form. Change-Id: Id3146e0538e3a02aa520c663a641f1eabb0eee06	7 years ago
Rene Krenn	7d045b9ffc	TT#42260 remove prepaid and prepaid_library pref usage Change-Id: Iebd75291f0648ea054b82ace4251b1a98e629198	7 years ago
Kirill Solomko	62a81f1ec7	TT#40010 add new call forward type "cfr" * "cfr" is for Call Forward Rerouting * "cfr" was not added into the "Secretary Manager" part Change-Id: I8cbc9888e827a343a2f80970f36de7ee011c7c66	7 years ago
Rene Krenn	b35b0e1cbc	TT#35662 move product_id to billing.contracts Change-Id: I5381b36e226b1c0c2032fa40c3a082b85485e4ac	7 years ago
Irina Peshinskaya	f103d31d8a	TT#35058 Apply write access checking for subscriberadin on subscribers API Change-Id: I0700ea80026bfb959d240b7ed67c88d5a9385ad9	7 years ago
Irina Peshinskaya	8505eb2470	TT#34565 Consider existent but undefined privileges Change-Id: I82743bfbddd472c7e99f554ffd8c94d13acc7de9	7 years ago
Irina Peshinskaya	ca8f0c2805	TT#34565 Consider empty privileges for the subscriberadmin Change-Id: I3a9680584b56a12c6e1afb814b47938201753125	7 years ago
Irina Peshinskaya	fd6fe07c88	TT#34021 Rename acl to privileges Change-Id: Id6eee8009f9a35399b5bffab62913710e0e507a0	7 years ago
Irina Peshinskaya	cb1a3a4cd8	TT#34021 Allow PUT and PATCH to subscriberadmin on subscribers Change-Id: I3c3d5b0c5d1bfd4c3c8771ed332cbf00d3d3c1dc	7 years ago
Gerhard Jungwirth	24de4232e6	TT#30507 remove DataHal workaround layer (NGCP::Panel was loaded every time this was used) Change-Id: I62861e0756aaaf548c9be42b4842e9a06127119c	7 years ago

1 2 3

139 Commits (27bdde4e3e10a26e8ee972d0c5071ce71ec6ff64)