adds gdpr obfuscation quoting for:
+ subscriber numbers
+ subscriber ip addresses
+ subscriber usernames
+ any logmessage "DATA": query parameters, form data, response data
+ subscriber uuid's
+ call id's
+ callforward sip uri's
the quoting is centralized by $c->qs() ("quote sensitive"), using
catalyst plugin mechanism.
escape symbols are set to « (\x{ab}) and » (\x{bb}).
generate_logfile_data_inventory.pl was modified to mark loglines
with "gdpr affected" status, if $c->qs() was used in a log message.
Change-Id: I0f42d7992594232ae33e5666b0a64009211c5b76
* Add validation when retrieving callflow
domains from config. This prevents the
panel from crashing when features like
pbx are not enabled
Change-Id: Ibe459c7c877d9fdcbc941dcd92e3708b5a1d9b1f
* There is now a PATCH method for soundfiles so
their details can be updated without uploading
a new file
Change-Id: I96e7b453b9830c40d24c15f5ca364021373dfdee
* subscriber_only UI header rule set is now
automatically created only when a first rule
is created and removed with the last rule
Change-Id: I7c0be5a3e89e050e97441c4baaf355769db9867b
* Adapt code to retrieve file type from header,
not only to expect WAV, and convert it to WAV internally
* Add support for multipart/form-data requests for CSC platform
Change-Id: I12dca611a23c90801b1faae269a55b9fcc895244
And also fix description for Location creation form
All Customer controller fix implemented a little out of common way to handle customer detatils forms
Forms on customer details page use common code on the bottom of the customer/details.tt. Phonebook forms use helpers/datatables forms related code. It allows to avoid stashed "description" parameter, that is totally related to View (template) and generates correct name for the edit form.
Change-Id: I2a16d6861cd2d847f68bd02245058c9a4535a0a9
The is_devid and devid_alias were not properly saved and re-loaded
in edit, nor was their status shown in the master data.
Change-Id: If3403b5baa6135b4171e7b523aaa56de0fc5cb10
* Change find_or_create to find_or_new to insert new record
only when a POST is issued and form is validated
Change-Id: I31149c50f543747468230355b7f97d8f02fb47e8
* UI: subscriber Preferences" page now contains
a new "Header Manipulations" tab that enables
setting header manipulation rules per subscriber.
They are applied in the following order:
- domain header rule set is applied (if defined)
- subscriber header rules are applied (if defined)
An internal header rule set is now created per subscriber
automatically, if used from the UI
* API: /api/headerrulesets now supports "subsriber_id",
when a whole collection is fetched without ?subscriber_id
only records where subscriber_id = NULL are returned
by default
* fix "read only" UI elements representation in the datable
for header rule sets, rules, conditions, actions
Change-Id: I3e80d1899c577055f3603e80bb3a13d70c5b22cf
* header manipulations related endpoints are now
rendered with the datatables and support pagination,
and search
Change-Id: I264d2c55ec97199714159bbc2d1d3181e23880fb
Firmware, Directory and config Must be served with cisco-ca signed cert,
so use proper port for this.
Change-Id: I18fecdacf4989aac9f7c033c562e6f0f20dfe454
In case custom "Bootstrap URI" is set and http sync (like for Cisco) is
used, then use this custom bootstrap uri during manual sync.
Also when using http sync, use the bootstrap URI instead of the config
URI to resync phone, as you don't know at this point whether the phone
has a recent firmware to connect to the server, or has to update
firmwares first.
Change-Id: I90b3393060a91619bb5957ed8ec03fda81411a2e
Since Cisco SPA requires a specific server certificate, we have
to bind that interface to a separate port. Use 1447 by default for
it.
Change-Id: Ibfd3301f222cc77b4736935aa7b641ba18d9ac60
We need to detach in chain base, otherwise chain tail will access
undefined dev variable from stash and will produce a 500 server error.
Change-Id: I9ac5d18b365efd2390cb2800ec5adadd4992e989
when passing the ?tz=Europe/Vienna with POST/PUT/PATCH, the
callforward timeset period definition input will be converted from
Europe/Vienna timezone to system timezone before persising to DB.
when passing the ?tz parameter with GET requests, the
callforward timeset period definition from DB will be converted
to the given timezone.
the ?use_owner_tz parameter will take the subscriber's inherited
timezone.
disarmed in code for now.
Change-Id: If4e130b241c28821844e0700231d1cd6883bcbfb
* sound_sets are now allowed for peering hosts
and since peerings are not bound to resellers
and only managed by the administrators of the platform,
it is possible to set any soundset from any reseller,
the only limitation is sound sets that are assigned to
a contract cannot be used for a peering host
Change-Id: I438395d989dbc917bef2ad87d1c80201722fa247
The javascript files contain UTF-8 characters, but the files are sent
without a proper encoding set in the Content-Type header.
Change-Id: I5df0b854a4d9e8525bf02ec394f9e6264800b2db
Signed-off-by: Guillem Jover <gjover@sipwise.com>
* fix relative path use in billing zones ajax
causing an error when rendering the datatable
* fix BillingFee form field to correctly
capture ajax datatable billing profile id
* fix typo when stashing billing_zone_id
* move billing zone datatable fields
from base to zones_list
Change-Id: Ibbeb776a3bc6bfb26798fc13c1183ddb68a9d2fd
- All item_rs modifications should be done before we get rows, so apply order_by before pager
- We can't distinguish if subscriberregistrations really has column or not if we return true for all columns.
We will use has_column only in cases when it returns something really meaningful.
- Subscriberregistrations can't order by nat and subscriber_id
Change-Id: I04b7bb719ee058590a7705c6411cb08bcfb15387
Move strange reseller prefetch upper, that looks as not intended copy-paste
Now this query with prefetch will be used for pagination too.
Change-Id: Ie23d2a574e352754d57e1f67d081943aaef50aea
ALE phones first download the first 256 bytes "header" of the firmware
to check if a new version is available. Support simple single Range
request in format "Range: bytes=X-Y" with X being start and Y being
end.
Also make sure to use $rs->count instead of $rs->first to only
execute the full query once and use a count query before instead,
otherwise we're fetching dozens of MB of data twice when fetching
the firmware.
Change-Id: I0c4e9f8b7d856d077eaa4ba8f2bc0aeaf42deebe
Fix voip_peer_rule linking to voip_peer_group
Remove temporal method for time_set_ajax from Peering controller, use /timeset/fieldajax method instead.
Change-Id: I95670ee3e8160ecdaa9b1289123d9ef051843747
Add test script for API
Fix DateTime create/update issue in TimeSets API (get2put case)
(add and edit functionlity used raw/inflated data respecively)
Add datetimepicker field
Change-Id: If724b7350658c306dbbecbc04309d1d1c0b4a3e2
* Faxes numbers representation now uses one of the available
normalization logics. For the API part it is possible to
override it in /api/faxes with a new 'number_rewrite_mode'
query param or 'fax_number_rewrite_mode',
in case of /api/conversations
Change-Id: I64cfcaa53284eafdc980cdab4c3a01d22a55749b