* create /api/resellerbrandinglogos/ endpoint
which will return the reseller's branding logo
* the endpoint can be used directly with /{reseller_id}
or with /?subscriber_id={subscriber_id} to get
the logo of subscriber's customer contact reseller
Change-Id: I5db19e208ae21cf7c685d46aa77b5032c26554de
* Filtering by subscriber properties introduced a join
which confused the use of 'profile_id' for devices
Change-Id: I5e8fbdc0a83076b95183dbdb757921c8112e9e00
* Due to DB unique name constraint, enpoint was
returning 500 on duplicate source sets
* Proper 422 is now returned
Change-Id: I883fbe71aa77364645467941206ea6b272523c03
* Limit subscriber's extension to a predefined
customer extension range preference (both AP and api)
Change-Id: I0b6ac5c24b3838f07cc561e7ee6b7cfabe69385e
* Registration entries are now removed by
registration username + registration domain
instead of subscriber username + subscriber domain.
That is to account registrations by the device.
Change-Id: I86a0d97fabc2dcd0eda6042a018ed35f64c3f031
* When a customer is terminated all != terminated
subscribers are set to terminated using the common
Utils::Subscriber::terminate() call, so it's on
par when each subscriber is selectively terminated.
Change-Id: I77394804194ecdb352560047cc8d5b26e3eabc53
* Enable filtering by subscriber's pbx_extension
and display_name with wildcard at the end of string
Change-Id: Ibaee1eddf760be44d11f2df5a9dbc544fe35495c
*Introduce pagination in redis scanning; previously
all the registrations where dumped in an array and
then spliced by page/rows; this was causing huge
loading time for big redis DB's hence the timeout
Change-Id: I1409c48b520d8d860cd8c11aea1a543286aa0334
suppress executing "ul.flush" kamailio xmlrpc after
"ul.add" or "ul.rm", as it seems to be another source of timeouts.
Change-Id: I8faf907c4cbfd6adbe3e3645f5c32069df2eb999
* Access was restricted only for emergency containers
* Added user's reseller_id to DB query to only show
mappings from the same reseller for reseller admins
Change-Id: Ia5fe29e74fe71dbfa5dbc58088fae86a75ac6acc
* This fixes showing the framed v1 Admin Panel when
logging out from v2 and then switching to v1 and
logging back in from there
Change-Id: Idde09409f750f37dfc943c06baaa6a918f0624d3
Model is necessary inside the device configuration template
to provide the necessary flexibility inside the general template
for the several devices if the difference is minor.
For example, SNOM devices configs are perfectly matches
inside the one template for all the models, but firmware
URLs to download new firmware from SNOM SRAPS server are different.
In the past we had to create a different templates in this case,
now we can create a simple tt2 statement:
[% IF phone.model == "D715" -%]
<firmware perm="">https://....</firmware>
[% ELSE; -%]
...
Change-Id: I3cbeb57009f944902cf148e8d491a30235620551
* Request was failing with /?page=1&rows=10
because query params was an empty array
containing an empty hash; it should be
empty array only.
Change-Id: I69717ab589c78ebb27c4cc4825b78f6900800eaf
* on administrator login, store said variables so
we can automatically log in to v2 without having
to redirect
Change-Id: I50d79996198561c54e555d264388d26610905ca6
* The new endpoint will only accept POSTs
* The request body should have two parameters
called 'new_password' and 'token'
* First, look for the token in redis (for admins),
if not found, look for it in DB (for subscribers),
if neither is found, return
Change-Id: I4163a0d5bd886961317b21aeca20c8ccfdeab0dd
* this is needed in order to prevent error when
requesting api documentation
* add 'type' and 'domain' to field list in form
to show up in api documentation
Change-Id: I210ce214523a2c27f84098e630cbfeb5de227848
* The new endpoint will only accept POSTs
* The request body should have two parameters
called 'type', 'username' and 'domain'
* 'type' will accept either 'administrator',
in which case only 'username' is needed,
or 'subscriber', in which case 'username'
and 'domain' will be needed
* The regular password reset email will be sent
to either the admin or the subscriber
Change-Id: If1457c8c625a95295e5e93b6637927e3905698d9
* the GET request will show whether an admin
has or has not a certificate
* the DELETE request will remove an admin's
certificate
Change-Id: I2b233a76a4436a4d3a95749410e74aabd9fca531
* this endpoint will be used to logout from v1
automatically when logging out of v2
* allow unauthenticated acces to it
Change-Id: Ia40cb624f618ef0b0cada8f22dc2cc68f234af53
* Param 'number' is renamed to 'numbers'
* 'numbers' can be a single value like
it is currently used, or an array which
will result in all array elements having
the sub's rewriterule applied and returned
in the same order
Change-Id: Ic24179d2ecbec80cebd23e5af751df0ebbcc7141
* Admin with lawful intercept will no longer be able
to have any flags besides 'is_active', 'read_only',
'can_reset_password'
* Remove reseller filter on interceptions since LI
admins should see all interceptions
* Add permissions to /api/admincerts and reseller ajax
for LI admins
Change-Id: Id912424b9bbd3ab3cbbc373ac116fda035f81fd3
* The endpoint generates a jwt token and stores it in
Redis, then redirects to /v2/#/?v1_auth={token}
* Also added an id in DOM to indentify the Panel V1 login page
Change-Id: I307a3f457f88bbba04bb7735d60fa51bdc5d0438
* own_transaction_control is enabled for PUT method let the
changes be visible for dialplan.reload
Change-Id: Ie3f6d02e38fe769547b19053877db8b2c6d5aed7
* if there are no more *enabled* CFT left after editing
callforwards (simple/advanced) or if CFT is deleted,
the ringtimeout has to be removed.
Change-Id: Icfa2fb1db281a5a5b4b2edce28ad7b0d69ddf47c
* LI admins wil only be visible to the is_system
administrator.
* It's not possible for an andmin to be both ccare
and LI at the same time
* LI admins can only read/modify themselves
* Non-system admins cannot create/read/modify LI admins
Change-Id: I7b2189a87a5433d270380393d8e5ffec0283d9e5
* new c.users.role 'lintercept', that set to when an admin user has
enabled 'lawful_intercept' flag
* only Administrator page /api/admins and /api/interceptions are available for
the role
* 'lintercept' role can only see own user and only change password
and email
Change-Id: Iadcb022a124afbd77b224e734026f380af0170e8
* Allow ccareadmin access to reseller ajax;
it is needed when ccareadmins create a
customer contact
Change-Id: I5fff19ed8b19cfa3d1118a574455e136aa240236
This reverts commit ec674132df.
Reason for revert: Feature was partially backported and lawful intercept admins were deleted from databse. Feature needs redesign.
Change-Id: I500e66f3bd3b4a0c29fa05e1113568d3776eacf9
* LI Admins are no longer visible in NGCP Panel;
they will be managed via config.yml; creation,
deletion, email update ar all handled when
adding/removing/updating a LI admin in config.yml
* LI Admins can only change their password and
email via Panel UI and API
Change-Id: Idec849e52962b2d5c4cb2a4365cf8c90414c0431
* Introduce endopint '/resetpassword' for asking for
password reset using admin username
* Create form for introducing username
* Create url with unique token pointing to '/recoverpassword'
where admin user can introduce new password and email
said url to admin's email address
* Create form for setting new password
* Store username and unique token in Redis expiring
in 5 minutes to store password reset attempt
and identify it when user accesses url in email
* Limit admin access to be able to only change own password
due to new password reset possibility as requested in
TT#76110
Change-Id: Ie3acb961444398afa5b2fdc85e3ca8ceccf9244a
* there is a catch when changing the admin password;
first of all, according to TT#76110 only own admin
users can change the password via PUT/PATCH;
secondly, inside the code, for PATCH to work we need
a dummy 'password' key on the old resource which has
been set to the saltedpass; when updating the admin,
if the password is still equal to saltedpass, no change
is made to the password
Change-Id: I423ebe13988c58b527db65d666f09b73a483422d
* Remove headers, menu, site title and footer if
parameter 'framed' is sent
* Persist 'framed' in the session once it's sent
and only restore header/footer once 'framed' is
sent again with the value 0
Change-Id: Ie1dcc698b901ea3c659a05391ffcdc882113ef13
- persist prov tmeplates in the database: create, update
and permanently remove them again.
- prov templates from config.yml are still supported,
but cannot be edited though. the templates from
config.yml are merged with those from the db.
- each reseller can have their own prov templates,
while the prov templates from config.yml are visible
to all.
- YAML syntax highlighting and parse check when saving.
Scripting language (perl/javascript) is currently parsed
when executing a provisioning templates only. It is
possible to further extend the parsing checks.
- the prov template "name" + reseller is the unique
identifier. relevant also for the command line tool.
Change-Id: I58d7c54fa82fe512b263b3219bfc84d7e49c56a8
* add admin_jwt realm
* admin JWT tokens are now used to access all non /api
content
Change-Id: I711d6419f0b624b02b53876a8c9171ab638b5d09
(cherry picked from commit dc4d9ec84b5b1199f17631e9e1f9a39ab1996807)
* Utils::Admin was renamed to Utils::Auth in
the commit that introduced support for
bcrypted subscribers webpasswords
Change-Id: I61a90bb135f218e9a0854e9ccdda9e83ffd4ba83
* Change the way webpassword is handled accross
NGCP Panel UI/API to comply with new password
encryption
* At login, if password is not encrypted with
high cost due to the ngcp-bcrypt-webpassword
script, encrypt it with proper cost
* Accept old password format as well until all
webpasswords are encrypted
Change-Id: Iefa9584a62ab4b7d2a224d10bdd415e9cbb8dfb5
* /admin_login_jwt now returns a JWT token for admin
users and also the JWT token is supported in the
authorization process for the admin requests
Change-Id: I987640d46bd8a339a959a6b2efb65b6dce06bf8c
* Deleting or diasbling a peering server was leaving
the peer_probe value in kamailio htable which was
falsely identifying peering server as up when it
was actually down
* Sending htable.delete peer_probe whenever deleting,
disabling or disabling 'probe' for a peering server
fixes the issue
Change-Id: Ie54fd4bd00391a0cc02544d8d7b55108240c74e8
complete the renaming of "sub rowlock_contract" into
"sub acquire_contract_rowlocks" to distinguish it from
"sub recursevly_lock_contract" (which is related to set
the subscriber lock level, not db row write locks)
Change-Id: I287ee611e20c71a90121007511c3781359968bd2
acquire the billing.contract row lock *before* any
unordered billing.voip_numbers rowlocks by
sub manage_subscriber_numbers().
- "deadlock" waittimeout errors will cease when
creating subscribers concurrently via api
- max_subscribers, is_pilot and other per-contract
constraints will be respected accurately
Change-Id: I73bb7525b327bbb09217b790be9c14cc65ddebcc
* A new endpoint is now available that will
return subscriber's preferences and also
the preferences that the subscriber inherits
from its domain
Change-Id: Iaa29fbe57d520f79ac7051dc8fd151d26df41384
* Default to 1 if no 'enabled' param is sent
* Send mapping's 'enabled' value to UI Form
to stop defaulting to 1 when trying to edit
Change-Id: Iec22f878bd87999c85a0cc99eabcda68fd7f2985
* Add check wether recording stream actually
exists, to prevent throwing error in case
there's a DB entry for the stream, but no
actual file is saved
Change-Id: Ibd051496f570f05ca7067dcaa9f2f9e85e5d84d6
* Introduce posibility to provision header rules,
conditions and actions at the same time
using only the /api/headerrules endpoint;
also rules can be modified with PUT/PATCH on
/api/headerrules
Change-Id: I5ef9a85b4bf0f28693d22603cc74f269ea483983
* Introduce posibility to provision rule sets,
rules, condition and actions at the same time
using only the /api/headerrulesets endpoint;
also rules can be modified with PUT/PATCH on
/api/headerrulesets
Change-Id: I8c054f72a2632d45fec76166774521f8c22aea05
The kamailio lcr.reload RPC command was executed before the gateway
were actually removed from the DB.
The execution has been moved afterwards.
Change-Id: I5c514744cf49a4a32f2a8f08dc8f2a45c0b3c87a
The value is taken from the kamailio location table and
it is useful to know which is the device with highest
proiority.
Change-Id: I978c7d8da48a84fa537c941e486016881fc03afb
* Change datepicker to datetimepicker
to be able to select time as well
* datetimepicker is now available only
for call lists since this is where
a more thorough filtering is needed
in case the limit of 1000 entries is
passed
Change-Id: I48107fa8f7c4d4ee9b40044c8ae5f7842e35c2a5
* Check if there's a terminated reseller with
the same name and update that reseller's
name to be of "old_<reseller_id>_<name>"
format then create new reseller with that
name
* Applies to both regular creation and default
values creation
* Added same checks to API too
Change-Id: If997cf3716341c5c78bc6879ddea53f7b502c305
* Change sql 'or' which was still in use
when filtering with customer_id to
'union_all' which changes order of
status from enum to alphabetical so
it's now consistent to what happens
when filtering with subscriber_id
Change-Id: I82eea0059d6b414e1148b16d47d4c189a3f43238
* Controller/Domain missed privileges for
ccareadmin/ccare roles
* Fix ccareadmin role typo in customer templates
preventing "Create Susbcriber" button to show up for the role
Change-Id: I05bb520912ad0f1f49a0097d7443081d40aa7426
when there are other subscribers
* Deleting the pilot subscriber and then editing
other subscribers would result in error, as
details from the pilot are needed
* Added code to makde the deletion of the PBX
pilot subscriber impossible if there are
other subscribers
Change-Id: I46da3e0e3726a8b9e3811fd879869988aa01adff
* If a device id is assigned to a field device line, populate the
device_id field for this line to be used in config templates.
* Handle assigned alias id of deviceid_number_id in /api/pbxdevices,
if any.
Change-Id: I455c4cb6e7d96a21977094e9af97ae91bd29fb92
* Add check for provisioning subscriber
webusername so the API trhows the correct
error when encountering a duplicate
* This implementation relies on the DBIx
error to keep the database integrity
Change-Id: Ica3e2673cead28759ad25f5edb3f7ca0f32e1c1e
* Ajax request failed when vouchers was
not set in ngcp_panel.conf under features
because it redirected to denied_page;
moved redirect to topup_voucher method
in Customer.pm because it doesn't work
on ajax requests
* Also hide the top up voucher button if
voucher option is not set under features
in ngcp_panel.conf
Change-Id: I888ac46e9634d75163241cdb4b59b00a2ca08b2f
* ccareadmin and ccare roles have full access to
Customers, Subscribers and their preferences/settings,
and read-only access to BillingProfiles,InvoceTemplates,
EmailTemplates
* ccare role is restricted to the related reseller
Change-Id: I6cf7d3adf912f0fa98d1ef5c02abea2f4331ec4b
* The timeout was defaulting to 300 for
any call forward besides URI. Removing
a sepcific validation for this case fixed
the issue
Change-Id: I2658d77cee08567047c40fb2b3711f5870b49d25
* /api/customerfraudevents now support cdr_period_costs
* add PATCH support to be able to change notify_status and notified_at
* item id is now compound from contract_id,period,period_date
* now all locked contracts are returned (was only for current
day/month before)
* interval query param is not mandatory anymore and multiple
entries per contract can be returned
Change-Id: I9faa911d260f3e3cd386fb1470663a82edb2850c
If a device needs the CA cert to bootstrap, then provide the full
chain of certificates for proper validation.
Change-Id: I62eb0adfa3fba8c558ac244f1cc10189de94ec64
ALE terminals request config.$mac.xml, also strip them in the
bootstrap phase to determine the $mac.
Change-Id: I1a34ce5b0f0ffa4fd5f819b276344bff43a53d64
adds gdpr obfuscation quoting for:
+ subscriber numbers
+ subscriber ip addresses
+ subscriber usernames
+ any logmessage "DATA": query parameters, form data, response data
+ subscriber uuid's
+ call id's
+ callforward sip uri's
the quoting is centralized by $c->qs() ("quote sensitive"), using
catalyst plugin mechanism.
escape symbols are set to « (\x{ab}) and » (\x{bb}).
generate_logfile_data_inventory.pl was modified to mark loglines
with "gdpr affected" status, if $c->qs() was used in a log message.
Change-Id: I0f42d7992594232ae33e5666b0a64009211c5b76
* Add validation when retrieving callflow
domains from config. This prevents the
panel from crashing when features like
pbx are not enabled
Change-Id: Ibe459c7c877d9fdcbc941dcd92e3708b5a1d9b1f
* There is now a PATCH method for soundfiles so
their details can be updated without uploading
a new file
Change-Id: I96e7b453b9830c40d24c15f5ca364021373dfdee
* subscriber_only UI header rule set is now
automatically created only when a first rule
is created and removed with the last rule
Change-Id: I7c0be5a3e89e050e97441c4baaf355769db9867b
* Adapt code to retrieve file type from header,
not only to expect WAV, and convert it to WAV internally
* Add support for multipart/form-data requests for CSC platform
Change-Id: I12dca611a23c90801b1faae269a55b9fcc895244
And also fix description for Location creation form
All Customer controller fix implemented a little out of common way to handle customer detatils forms
Forms on customer details page use common code on the bottom of the customer/details.tt. Phonebook forms use helpers/datatables forms related code. It allows to avoid stashed "description" parameter, that is totally related to View (template) and generates correct name for the edit form.
Change-Id: I2a16d6861cd2d847f68bd02245058c9a4535a0a9
The is_devid and devid_alias were not properly saved and re-loaded
in edit, nor was their status shown in the master data.
Change-Id: If3403b5baa6135b4171e7b523aaa56de0fc5cb10
* Change find_or_create to find_or_new to insert new record
only when a POST is issued and form is validated
Change-Id: I31149c50f543747468230355b7f97d8f02fb47e8
* UI: subscriber Preferences" page now contains
a new "Header Manipulations" tab that enables
setting header manipulation rules per subscriber.
They are applied in the following order:
- domain header rule set is applied (if defined)
- subscriber header rules are applied (if defined)
An internal header rule set is now created per subscriber
automatically, if used from the UI
* API: /api/headerrulesets now supports "subsriber_id",
when a whole collection is fetched without ?subscriber_id
only records where subscriber_id = NULL are returned
by default
* fix "read only" UI elements representation in the datable
for header rule sets, rules, conditions, actions
Change-Id: I3e80d1899c577055f3603e80bb3a13d70c5b22cf
* header manipulations related endpoints are now
rendered with the datatables and support pagination,
and search
Change-Id: I264d2c55ec97199714159bbc2d1d3181e23880fb
Firmware, Directory and config Must be served with cisco-ca signed cert,
so use proper port for this.
Change-Id: I18fecdacf4989aac9f7c033c562e6f0f20dfe454
In case custom "Bootstrap URI" is set and http sync (like for Cisco) is
used, then use this custom bootstrap uri during manual sync.
Also when using http sync, use the bootstrap URI instead of the config
URI to resync phone, as you don't know at this point whether the phone
has a recent firmware to connect to the server, or has to update
firmwares first.
Change-Id: I90b3393060a91619bb5957ed8ec03fda81411a2e
Since Cisco SPA requires a specific server certificate, we have
to bind that interface to a separate port. Use 1447 by default for
it.
Change-Id: Ibfd3301f222cc77b4736935aa7b641ba18d9ac60
We need to detach in chain base, otherwise chain tail will access
undefined dev variable from stash and will produce a 500 server error.
Change-Id: I9ac5d18b365efd2390cb2800ec5adadd4992e989
when passing the ?tz=Europe/Vienna with POST/PUT/PATCH, the
callforward timeset period definition input will be converted from
Europe/Vienna timezone to system timezone before persising to DB.
when passing the ?tz parameter with GET requests, the
callforward timeset period definition from DB will be converted
to the given timezone.
the ?use_owner_tz parameter will take the subscriber's inherited
timezone.
disarmed in code for now.
Change-Id: If4e130b241c28821844e0700231d1cd6883bcbfb
* sound_sets are now allowed for peering hosts
and since peerings are not bound to resellers
and only managed by the administrators of the platform,
it is possible to set any soundset from any reseller,
the only limitation is sound sets that are assigned to
a contract cannot be used for a peering host
Change-Id: I438395d989dbc917bef2ad87d1c80201722fa247
The javascript files contain UTF-8 characters, but the files are sent
without a proper encoding set in the Content-Type header.
Change-Id: I5df0b854a4d9e8525bf02ec394f9e6264800b2db
Signed-off-by: Guillem Jover <gjover@sipwise.com>
* fix relative path use in billing zones ajax
causing an error when rendering the datatable
* fix BillingFee form field to correctly
capture ajax datatable billing profile id
* fix typo when stashing billing_zone_id
* move billing zone datatable fields
from base to zones_list
Change-Id: Ibbeb776a3bc6bfb26798fc13c1183ddb68a9d2fd
- All item_rs modifications should be done before we get rows, so apply order_by before pager
- We can't distinguish if subscriberregistrations really has column or not if we return true for all columns.
We will use has_column only in cases when it returns something really meaningful.
- Subscriberregistrations can't order by nat and subscriber_id
Change-Id: I04b7bb719ee058590a7705c6411cb08bcfb15387
Move strange reseller prefetch upper, that looks as not intended copy-paste
Now this query with prefetch will be used for pagination too.
Change-Id: Ie23d2a574e352754d57e1f67d081943aaef50aea
ALE phones first download the first 256 bytes "header" of the firmware
to check if a new version is available. Support simple single Range
request in format "Range: bytes=X-Y" with X being start and Y being
end.
Also make sure to use $rs->count instead of $rs->first to only
execute the full query once and use a count query before instead,
otherwise we're fetching dozens of MB of data twice when fetching
the firmware.
Change-Id: I0c4e9f8b7d856d077eaa4ba8f2bc0aeaf42deebe
Fix voip_peer_rule linking to voip_peer_group
Remove temporal method for time_set_ajax from Peering controller, use /timeset/fieldajax method instead.
Change-Id: I95670ee3e8160ecdaa9b1289123d9ef051843747
Add test script for API
Fix DateTime create/update issue in TimeSets API (get2put case)
(add and edit functionlity used raw/inflated data respecively)
Add datetimepicker field
Change-Id: If724b7350658c306dbbecbc04309d1d1c0b4a3e2
* Faxes numbers representation now uses one of the available
normalization logics. For the API part it is possible to
override it in /api/faxes with a new 'number_rewrite_mode'
query param or 'fax_number_rewrite_mode',
in case of /api/conversations
Change-Id: I64cfcaa53284eafdc980cdab4c3a01d22a55749b
Unify UI and API code to make subscriberadmin behavior with profile_set and profile common
Change alias_numbers input field to embedded RepeatableJS so it pass form validation
Change-Id: I1b3dc6f88cc6c1f43d76acc8e339dbb664c166a3
Rene Krenn
Flaviu Mates
Kirill Solomko
Alexander Lutay
Hans-Peter Herzog
Marco Capetta
Andreas Granig
Guillem Jover
Irina Peshinskaya
Gerhard Jungwirth