ngcp-panel

Commit Graph

Author	SHA1	Message	Date
Kirill Solomko	60fa23cb68	MT#60585 add user ban support * users for admin/subscriber realms are now banned if failed to login X amount of times (UI/API). * rework Redis connection and it's now a Catalyst plugin NGCP::Redis accessed by $c->redis_get_connection({database => 19}), the connection per database, per worker process is established only once and then reused (with auto built-in reconnect support). * remove Utils::Redis.pm as it does not have any code/logic anymore. * ban values are taken from $config->{security}{login} as - ban_enable: 1 - ban_expire_time: 3600 ban expire time in seconds - max_attempts: 5 * if max_attempts set to 0, the ban functionality is disabled as it requires to be at least 1 to work. * upon successful login or ban, the failed attempts counter is removed * the failed attempts counter is also removed automatically with the expire time equals "ban_expire_time" or otherwise 3600 seconds. * user bans are logged into panel.log * banned user receives exactly the same return page/codes as per invalid logic. Change-Id: I05cc68c623ee289488fc64f1af50527004dcaae1	9 months ago
Kirill Solomko	d9f283cbc8	MT#59449 enhance password validation and handling * passwords are now validated based on - minlen - maxlen - min lower case chars - min uppper case chars - min digits - min special chars * Data::Password::zxcvbn is used to calculate password score and reject passwords with score < 3 as weak (this library is ported from the Dropbox password validation) * Add password journals and check last used passwords in the journals * Improve password generator javascript function to generate a password with at least 4 of each of the char group types. * Currently affected are subcriber and admin entry creation or modification via UI/API * NGCP::Utils::Auth add optional bcrypt_cost support as last argument for generate_salted_hash and get_usr_salted_pass Change-Id: I100c25107d91741d5101bc58d29a3fa558b0b017	9 months ago
Kirill Solomko	43d112bd5e	MT#60558 add max subscribers/groups license checks * max_subscribers, max_pbx_subscribers, max_pbx_groups license checks are added for subscriber/group creation in UI/API * new accessor $c->license_meta that returns meta license flags hashref * new accessor $c->license_max_subscribers * new accessor $c->license_max_pbx_subscribers * new accessor $c->license_max_pbx_groups * the new accessors (except license_meta) return -1 instead of 'unlimited' to ease off comprarsion * 403 Forbidden is returned by the API if a license is violated. Change-Id: I3f5a949efc84bf85b76b33404b37b362ec484d5f	9 months ago
Kirill Solomko	9d021be65a	MT#59979 add license control * UI and API parts are now under license control * new Util::License::get_license($c, $name) - fetches license status by name (1 if enabled, and also if /proc/ngcp/check if 'ok') * add Catalyst::Plugins::NGCP::License with license($name) to fetch valid license by name from anywhere using $c->license('pbx') or from the templates using c.license('pbx'). It internally uses Util::License::get_license($c, $name) * License::get_license_status($c) now requires $c as first argument as well logs license status check errors. * new ActionRoles::License that enables usage of :Does(License) RequiresLicense('pbx') LicenseDetachTo('/denied_page') in the Controller chains * Add license control for UI elements and return 403 Forbidden if a resource is covered by licenses and the license is not active * Hide UI elements if a license is not active * API/Entities/Entities new $c->set_config key: - per endpoint: $c->set_config({ required_licenses => [qw/pbx device_provisioning/] } - or per method: $c->set_config({ required_licenses => { POST => [qw/pbx device_provisioning/] } } } * In case if an API endpoint does not have a license: 403 Forbidden "Invalid license" reply is returned. * Add license based restrictions to API endpoints * /api documentation: - completely hide endpoints that do not have an active license - hide only methods that does not have an active license Change-Id: Iba45fc5068b02306a617fed7b5405f2210574b61	9 months ago
Rene Krenn	9c103302c8	MT#60575 dynamically load provisioning templates module Change-Id: Ibff509825f82a75c9b0221505a1673d78b401989	9 months ago
Kirill Solomko	10a88cf669	MT#58964 /api/platforminfo add license_meta * new Utils::License::get_license_meta($c) to fetch license meta ({} by default) that contains license related metadata such as current and max amount of subcsribers and license valid until date. currently the following data is fetched from /proc/ngcp check current_calls current_pbx_groups current_pbx_subscribers current_registered_subscribers current_subscribers license_valid_until max_calls max_pbx_groups max_pbx_subscribers max_registered_subscribers max_subscribers valid * Controller::API::Root platforminfo now also returns license_meta Change-Id: I323cdfd646335a408e0150ecd69ad950fa0461ab	10 months ago
Kirill Solomko	522fd97020	MT#58964 /api/platforminfo add licenses info * NGCP::Utils::License new function get_licenses() that reads /proc/ngcp/flags/ and returns all files with content 1. * api/platforminfo.tt template now calls a stashed callback (coderef) that decodes provided json file, includes licenses and returns encoded the json back. * ngcp-panel.service changes # Files + directories not directly associated are made invisible in the /proc/ file system # ProcSubset=pid # Disabled: MT#58964, to be able to read /proc/ngcp/flags/ # Processes owned by other users are hidden from /proc/ # ProtectProc=invisible # Disabled: MT#58964, to be able to read /proc/ngcp/flags/ Change-Id: I84b6707a918e3f4f271e32b9353f320753c5ae68	10 months ago
Kirill Solomko	ca908bf629	MT#60400 /api/soundsets remove null search detection * customer_id search param now has the same search logic as the rest as it had before 'null' detection and conversion => 'undef' whereas it's not needed anymore because it's now supported globally. The change also fixes an empty response issue. Change-Id: If95de44d16ca2871da72d0ee019850802a3a94dd	10 months ago
Kirill Solomko	5d26436c05	MT#60392 /api/ncoslnpcarriers fix reseller role typo * fix reseller role typo in allowed_roles Change-Id: Ia2da00f7317eb64cfbe0e2c5069a75a9b24e24e5	10 months ago
Kirill Solomko	244b4f786b	MT#60392 /api/ncoslnpcarriers allow reseller * resellers should be able to create/update and delete NCOS LNP Carrier entries using exising LNP Carriers. Change-Id: I85d900c194d46af8d888e2f854729a3ca52711fe	10 months ago
Kirill Solomko	775ec90d5d	MT#60392 /api/lnpcarriers allow reseller GET * reseller role can use GET on the endpoint because it is needed for an NCOS Levels (which resellers can create). Change-Id: Ic793b0d74e767eb9e150a6ae3c67ff9f51c8cf6c	10 months ago
Kirill Solomko	6543743992	MT#60162 improve expand functionality for collections * in general expand collection now performs only 1 sql query to per expand field to fetch all items by the ids instead of fetching them for every single collection item, that should significantly increase performance in case of large databases and reduce work for the database * introduce $c->stash->{expand_cache} that contains cached data for the expand fields to avoid multiple same calculations * expand_field() and expand_field_data() have been reworked to support expand_cache * new method expand_prepare_collection() is called for all API GET collection methods before preparing resource hal fields, to change the expand logic to only cache the data instead of fetching it from the database * new method expand_collection_fields() that is called in all API GET collection methods after the @embedded data is prepared to finalise the expand collection fields * for expand collection there is only 1 SQL request per expand field that fetches all items -in [ids to expand] and then the expand_collection_fields() uses the cached items_by_ids with O(1) fetch from the cache by id Change-Id: Ie7c6115472878febf0d8c9b4d833f5c23b15c78b	11 months ago
Kirill Solomko	9a2d66a00a	MT#60238 /api/customerpreferences allow subscriberadmin * subscriberadmin roles can now handle customer preferences belonging to the same customer and only those with expose_to_customer = '1' Change-Id: Iae9ab5d4a96a065b1a627d180dd523e805d954f3	11 months ago
Kirill Solomko	0d8d68d9a5	MT#60236 /api/mailtofaxsettings allow subscriber roles * subscriberadmin and subscriber can now use /api/mailtofaxsettings * adapt item_rs query for subscriberadmin and subscriber so that subscriberadmin can have access to all 'own' subscribers Change-Id: If8e768c5c06bc4e5f0a6ef9d15e19f542d8b6a4d	11 months ago
Kirill Solomko	f2478178f0	MT#60119 allow pbxfielddeveicepreferences to subscriberadmin role * subscriberadmin role can now CRUD preferences for devices that are assigned to the customer. Change-Id: I09fe3c3b2ed670f0411970dc6402486a3cf6d4be	12 months ago
Kirill Solomko	c6aaaddd87	MT#56301 move lock_provisioning_voip_subscriber before underrun_lock * POST /api/subscribers/ invoke lock_provisioning_voip_subscriber() before underrun_lock(), so that if the subscriber is about to be locked due to customer balance costs, the lock_provisioning_lock_subscriber() invocation will not unlock it back straight after Change-Id: I55020f844c9aa76df2e2f057a88b2ae7c9ebbfcc	1 year ago
Rene Krenn	df670f501f	MT#56301 set locklevel of created subscribers only if specified Change-Id: I90f2d68dee50ab240de4eb5af7495ddd551c00d8	1 year ago
Marco Capetta	8945b8a5ac	MT#56301 Fix API creation of an active subscriber with lock Using API is possibile to edit an existing subscriber and set status: active and lock: 2. It is instead impossbile to create a new subscriber with the same configuration because the 'lock' param is not taken into account. The only way to properly setup lock level it is to set the status to 'locked' and this is in fact wrong. The fix address this issue and allow now to create a new subscriber with status: active and lock: 2. Change-Id: Id18e40bc001c5a7de30f5d148231bda93a3b1b3d	1 year ago
Kirill Solomko	b2a1bc00d1	MT#59806 adapt /api/cfdestinationsets to Entities * Entites logic is used for GET/POST/PUT/PATCH/DELETE * Utils::CallForwards::check_destinations() do not obfuscate destinations that are returned in the response as all logged data is obfuscated anyways Change-Id: Ia79f9e236c966410e2640d719c3a7f5784cc4c2a	1 year ago
Kirill Solomko	9e3653341a	MT#59478 adapt /api/cftimesets to global transactions, more fixes * /api/cftimesets now fully use Entities/EntitiesItem * EntitiesItem: delete(): fix delete_item() expression processing * Entities/EntitiesItem: post/put/patch/delete: go to TX_END in scenarios where after a method call (e.g. update_item()) there is a normal return from the function but errors in $c->error, so that they are also caught correctly Change-Id: I3bef409ded590796c2bba4f30acd28b02e99065b	1 year ago
Kirill Solomko	91f1dcf37e	MT#59478 /api/ root error handling * clear errors in Controller::API::Root::end so that they are not interfere with generated ones * API::error(): add $c->stash->{is_api_error_response} = 1 to track it in log_response() * API::log_response(): distinguish and correctly correct errors for cases when is_api_response == 1 and also when there were $c->error('error') calls in the code, to log them correctly in both cases Change-Id: Id922b8219832c1b99815d9d608309035b9b25cff	1 year ago
Kirill Solomko	9dbd6b0e88	MT#59478 /api/contracts address $now and hal_from_contract * the following changes resolve an issue where $now in Role/Contracts resource_from_item appeared as an object and failed subsequent logic: - hal_from_contract is renamed to hal_from_item to match correctly the parent method - call hal_from_item and pass $now string there correctly as $params { now => $now } Change-Id: I5c02d5f7df5d9000550505ad120b9531f87e8d65	1 year ago
Kirill Solomko	205b27a267	MT#59478 API better transaction and error handling * Role/Entities: POST/PUT/PATCH/DELETE methods changes: - support deadlock detection and transaction retry (2 retry attempts at the moment) - improve transaction control, use local $guard instead of saving the ref to $c->stash, as in that case it went out of scope too late and also reported an error message into the log about abnormal $guard out of scope interruption - move all non transaction related code outside of the scope - add error handling when methods such as update_item, and a like do not return the expected data, instead of simply going out of scope and resulting in an uncontrolled reply Role/API: - rework transaction control: + get_transaction_control() is renamed to start_transaction() to better reflect what it does + complete_transaction() is renamed to commit_transaction() + remove unused %params arg + pass $guard into commit_transaction() instead of having it stored as $c->stash->{transaction_guard) that caused the $guard ref to be destroyed much late than expected (there was also a typo as transaction_quard, which is not relevant anymore with the changes + add check_deadlock() that is invoked when an exception is caught or an $c->errors contain an error, and if the error message represents a transaction error, the transaction block is re-invoked via "goto TX_START" - rework error(): + it now accepts args as following: ($self, $c, $code, $message, @errors) # code -> returned as HTTP code in the reply # message -> returned as HTTP message in the reply # errors -> contain errors for internal logging, last element often contains a DBIx exception + populates all @errors into $c->error so they are available on demend in the code via $c->error or $c->last_error + $c->log->error is not invoked now as the errors become printed in log_response() - log_response() now prints collected errors from $c->error correctly as a separate log line, that is alike to the other api logs so that those can be looked up by the request's tx_id, also all errors are now printed only into api.log * Adjust all $self->error() calls in catch($e) to include $e as the last argument, as well as the duplicate $c->log->error is removed from those ocassions * Remove all $c->log->error() calls as they are replaced with either $self->error() (that logs it correctly into api.log) or $c->error('err') that also adds it correctly into api.log * API::CallForwards: rework to use Entities/EntitiesItem * API::Contracts: rework POST to use Entities * API::PeeringGroups: rework POST to use Entities * API::SubscriberRegistrations: rework POST to use Entities * API::RewriteRuleSets: improve create_item() functionality * Utils/Message: add 'api_retry' log type * $c->session->{api_request_tx_id} is changed to $c->stash->{api_request_tx_id} because sometimes the session ref is different and a different tx_id becomes used Change-Id: I633ce7a8047b1bf00a2f6889003088edf0825dcd	1 year ago
Kirill Solomko	aef4c89197	MT#59662 enhance subscriber assigned header rules/sets handling * POST /api/headerrules now supports either 'set_id' or 'subscriber_id'. When 'subsriber_id' is specified, a subscriber assigned header rule set is automatically created if it does not exist, as well as automatically removed when its last header rule is deleted. * It is now possible to directly GET and DELETE /api/headerrules/:id where :id is a subscriber assigned header rule. * It is now possible to directly GET and DELETE /api/headerrulesets/:id where :id is a subscriber assigned header rule set. * Improve /api/headerrules data validation and duplicate header rule detection. * It is now possible to expand by /api/headerrules/?expand=set_id field Change-Id: I681bc61c2eed47a8e54847f07f31134f643930c2	1 year ago
Rene Krenn	48b71e68c5	MT#59363 fix /api/domains/?domain= filter pattern behaviour this filter is another spot, where leading/trailing wildcards were added unintentionally, during harmonization. Change-Id: Id23114f8e7ebca018ad222e35b39d8260f1da92f	1 year ago
Kirill Solomko	80f8b1da0b	MT#59238 fix rewrite rules transaction control for PATCH,DELETE * /api/rewriterules PATCH, DELETE methods used the generic transaction, which conflicted with the xmlrpc reload command. * own_transaction_control was only set for PUT and now also extended to PATCH, DELETE to ensure that dialplan_sip_reload() is called properly after $guard->commit. Change-Id: I7313b4f6d1f6699bf38ae34749c5383a3943f61d	1 year ago
Rene Krenn	672a3110bc	MT#59216 restore appending wildcard behaviour with the change to harmonize wildcard symbols % and * to * in query param filters across all restapi rails, only - /api/subscribers?alias= - /api/subscribers?pbx_extension= - /api/subscribers?primary_number= - /api/pbxdevices?pbx_extension= are supposed to include implicit leading an trailing wildcards. panel UI uses trailing wildcard by default everywhere, and so should the databales of the new Admin UI. external_id were used to support patterns, but must not include a trailing wildcard in rest API, as this can break logic that rely on unique api request results. we now therefore no longer append wildcards in particular to: - /api/voicemails?folder= - /api/voicemailgreetings?type= - /api/subscribers?subscriber_external_id= - /api/subscribers?customer_external_id= - /api/subscribers?display_name= - /api/subscribers?domain= - /api/profilepackages?profile_name= - /api/profilepackages?network_name= - /api/pbxdevices?display_name= - /api/faxserversettings?name_or_password= Change-Id: I40ef1912d7224a56c6d14619d258c70e447ab23d	1 year ago
Rene Krenn	a15d00894a	MT#56817 MT#56362 fix errors from nondetermistic query param ordering the /api/callists rail supports the "call_id" query parameter to match calls with a callid prefix. this filter also adds an implicity ordering ORDER BY length(call_id) ASC, 'start_time' ASC. the /api/callists api rail also requires the query parameter "susbcriber_id", which renders a (fast) compound SQL query to list matching incoming (query1) and outgoing calls (query2) using UNION ALL (instead of a slow OR query). query1 UNION ALL query2 this is supported by the https://metacpan.org/pod/DBIx::Class::Helper::ResultSet::SetOperations module, which however generates invalid SQL syntax if query1 or query2 contains an ORDER BY. this is exactly what caused the 500 error of the customer who applied both "call_id" and "susbcriber_id" parameter in the request at the same time. ... ORDER BY length(call_id) ASC, `start_time` ASC UNION ALL SELECT `me`.`id`... the error happens randomly, because query parameters are stored in a hash (which by definition has no deterministic order of the entries). when the "call_id" parameter is applied at last, it worked as expected. so the issue can be adressed by strictly ordering the UNION ALL result, and prohibit ORDER BY in query1 and query1. the latter was added already with commit `b2dfe28eed`, and could be hotfixed. however, the ORDER BY of "call_id" query param is lost, and should be properly handled by forcing strict ordering of how query parameters are applied. the fix will introduce paramater ordering according to their order of definition in the code. Change-Id: I165d341b5c20e9bb750bd1fba88c836b393e80bd	1 year ago
Kirill Solomko	a4d54b10e4	MT#58709 rework NGCP::Utils::Sound::get_handlers_rs * get_handlers_rs() is renamed into get_file_handles() and reworked from an indented 'from' resultset into 2 separate resultsets, one fetching all the handles and another one files for the sound set, it is now returned as an array with the similar data. Reason for this rework is the deprecated use of 'from', that resulted in a lot of warnings in panel-fcgi.log: DBIx::Class::SQLMaker::ClassicExtensions::_join_condition(): ResultSet {from} structures with conditions not conforming to the SQL::Abstract::Classic syntax are deprecated: you either need to stop abusing {from} altogether, or express the condition properly using the { -ident => ... } * adjust file_handles data key names to better follow the naming conventions and readability, e.g.: groupname -> group_name, fileid -> file_id Change-Id: Ia91c9104c0b4dc79ee5bc359eb0b6e035e56ef3e	1 year ago
Kirill Solomko	b6b453d69d	MT#59001 improve phonebook csv upload * the expected csv fields are as following: - /api/resellerphonebookentries/?reseller_id=1 name,number - /api/customerphonebookentries/?customer_id=1 name,number - /api/subscriberphonebookentries/?subscriber_id=1 name,number,shared - /api/resellerphonebookentries/ name,number,reseller_id - /api/customerphonebookentries/ name,number,contract_id - /api/customerphonebookentries/ name,number,shared,subcriber_id (note: the fields are taken from the leftmost side as the minimum required fields, so if one provides as: - /api/resellerphonebookentries/?reseller_id=1 name,number,reseller_id this line will be uploaded and columns after 'number' are ignored in this case. this is for convenience if you have a prepared upload for different customers/resellers for instance, you can upload it under one customer/reseller when needed * user access scope is now validated, e.g.: resellers cannot upload phonebook entries to another resellers, etc. * fix csv upload for /api/customerphonebookentries/?customer_id=1 Change-Id: I970ac36fdb8b366adff15515a48d296e8abeff13	1 year ago
Rene Krenn	1e9f223276	MT#59025 fix peering groups name filter Change-Id: I329e644c937058069c5932abf8e897dce48a8c10	1 year ago
Kirill Solomko	1dabb6051d	MT#58989 /api/customers add type query param * add 'type' query param to filter by customer type 'sipaccount' or 'pbxaccount' Change-Id: If372cc69cf16c92551824504da7695a65dc867b3	1 year ago
Rene Krenn	cc8fd8928d	MT#58890 force cft_ringtimeout as number Change-Id: I4df4fbf6522d28a30731c87a36c95ae8350830fa	1 year ago
Rene Krenn	2101e2246d	MT#58936 fix customerzonecosts resourcename Change-Id: I22b052bc6931e5426e1aa982396c446cb1c67883	1 year ago
Rene Krenn	853bc9f535	MT#58936 direction filter param for /api/customerzonecosts Change-Id: Ie831381576ffdb2a08375cf73bc66c1c5e6d2076	1 year ago
Kirill Solomko	462bfedc43	MT#58861 /api/headerruleconditions accept values as a list of strings * {"values:", ["value1", "value2"]} is not accepted by /api/headerruleconditions * the previous behaviour of {"values": [{"value": "value1"},{"value": "value2"}]} is preserved Change-Id: I7d9540d20ed0ecbb2712f1905a7d9e6f7af7e06d	1 year ago
Kirill Solomko	08fb96c5a6	MT#58813 adjust header rule conditions/actions filters * remove filter by subscriber_id as it's not possible there * add filters by rule_id, set_id Change-Id: I6dac0a24dad56564dbe2ed648f4507888e0a5c94	1 year ago
Rene Krenn	aa2d07ef29	MT#58762 adjust restpi tests to harmonized wildcard filters Change-Id: I68b2199a3487fedb388803012c950c3abca1a8b3	1 year ago
Rene Krenn	308a974059	MT#58762 harmonize restapi wildcard filters - all standard LIKE search are migrated - will avoid LIKE unless a pattern (* wildcard) is used as a search term. this encourage db index usage, will be faster - supports wildcard escape sequence \\* - harmonize swagger UI descriptions of filters Change-Id: Iea155871c9be6c284e6970a562d4e6af73fedc4b	1 year ago
Rene Krenn	71480acfa3	MT#56239 avoid ambersand symbol in apidoc descriptions Change-Id: Ic024d16c008648cb4d9cf14ae0e58d1ebe8febe9	1 year ago
Rene Krenn	8e82715eb8	MT#56239 api/callrecordings support filtering multiple metakeys filtering an Entity-Attribute-Value model cannot be done as simple conjunctions, but requires either INTERSECT set operation, or joining the same table multiple times. Change-Id: I5ce1ae1ece9406b6610487654f09d768a233b122	1 year ago
Rene Krenn	9c3a549094	MT#56239 api general caller/callee wildcard search support various api rails will need to support ?caller= and ?callee= url query parameters. since this involves SQL queries against potentially large database tables, special care is taken with wildcard search to prevent slow queries: - the ?wildcards=true query parameter has to be specified to accept search patterns that contain wildcard symbols, so wildcards are not accepted by default. WARNING: a search string with a leading wildcard will always force a slow full db table scan! - the * symbol is used as a wildcard symbol - \ (backslash) is used as escape character to search for a literal '*' Change-Id: Ie6065b0cfa883f7963e1dc8259fffea9a1edfdfe	2 years ago
Rene Krenn	ae612eb401	MT#58346 caller/callee filters for conversations the conversation list now supports ?caller= and ?callee= url query parameters. since this involves SQL queries against potentially large database tables, special care is taken with wildcard search to prevent slow queries: - the ?wildcard=true query parameter has to be specified to accept search patterns that contain wildcard symbols, so wilddcards are not accepted by default. WARNING: a search string with a leading wildcard will always force a slow full db table scan! - the * symbol is used as a wildcard symbol - \ (backslash) is used as escape character to search for a literal '*' Change-Id: I792d2ea9c649c69c4b5cc98076097cb96467d4bc	2 years ago
Marco Capetta	f8fd17bb3e	MT#58596 Enable api soundgroups and soundhandles for subscriber The commit extends what done already in `e15e40423` allowing the subscribers to get the soundgroups and soundhandles using API. This is necessary for some CSC features like the selection of the Custom Announcement to play after Call Forward. Change-Id: I40d57d1efdc107c64fe3efafd9e87d1403c4d124	2 years ago
Kirill Solomko	1aef2d5d32	MT#58581 /api/customers fix filter by profile_package_id * filtering by package_id with an incorrect search db query (non-existing field) caused a 500 error * package_id filter is renamed into profile_package_id to correspond to the response field * fix profile_package_id db search query Change-Id: Ia93e0662172dd89e85572717cbb99a2ed51eb3a7	2 years ago
Kirill Solomko	cec12f7b1e	MT#58333 rework /api/phonebookentries * /api/phonebookentries is now split into 3 parts * /api/resellerphonebookentries * /api/customerphonebookentries * /api/subscriberphonebookentries main reason is because there are 3 different contexts (tables) that in the end return "id" which is also a resource identifier and it is not unique because the contexts handle their own ids, another reason is to simplify code and access definitions, as well as to have solid and easy representation. * /api/resllerphonebookentries * can be accessed by 'admin', 'reseller' roles * /api/customerphonebookentries * can be accessed by 'admin', 'reseller', 'subscriberadmin' roles * fix contract_id field to be correctly represented as 'customer_id' * /api/subscriberphonebookentries * can be accessed by 'admin', 'reseller', 'subscriberadmin', 'subscriber' roles * add 'shared' query filter * all the new endpoints * no more required query param fields * customer_id is now optional query parameter filter * add valid/existing resource checks for POST/PATCH/PUT ops * add correct auto filtering based on the user's role * various major code simplifications, fixes and code style improvements * csv download now also allows query param filters to be applied * fix documentation Change-Id: I735df96b7a7e18006a46b82a4fcc603e400ad9e6	2 years ago
Kirill Solomko	706b472465	MT#58430 fix allowed_ngcp_types in API GET * allowed_ngcp_types check is now correct in the Controller:API::Root::GET * also fix allowed roles check Change-Id: I2446d7377d2a1ef152560bfb2799bb9debd0f34b	2 years ago
Kirill Solomko	b7c22618c8	MT#57987 /api/rewriterules calculate priority on create * when a new rewrite rule is created and the priority attribute is not specified, only the first rewrite rule of the same rewrite rule set is set as 50, and the following are as: "MAX(priority) of the same rewrite rule set"+1 Change-Id: I1f1ae275e00918a34a625409987f21044b3b940f	2 years ago
Kirill Solomko	6953de937c	MT#33041 add reseller max subscribers support * Max subscribers can now be defined in the Reseller contract * Max subscribers is now shown in int Reseller's "Reseller Contract" Details (with an indictaion of how many subscribers are created out of the defined max subscribers, as well as when the limit is reached (similar to the Customer's Details page) * Add reseller subscribers count checks on the UI Create Subscriber page * Add reseller subscribers count checks in /api/contracts POST/PUT * Prevent max_subscribers definition for Peering contracts in /api/contracts POST/PUT Change-Id: I1561d4eb7da5b1a0a0c99acabd18d2a9cd98dec7	2 years ago
Rene Krenn	8fbd46e5fc	MT#57382 DELETE /api/faxes/id Change-Id: If578cd842d83e3471659164826d3e0305018cc29	2 years ago

1 2 3 4 5 ...

786 Commits (60fa23cb681afe3223794eccd0d6d8f6cb426152)