ngcp-panel

Commit Graph

Author	SHA1	Message	Date
Kirill Solomko	60fa23cb68	MT#60585 add user ban support * users for admin/subscriber realms are now banned if failed to login X amount of times (UI/API). * rework Redis connection and it's now a Catalyst plugin NGCP::Redis accessed by $c->redis_get_connection({database => 19}), the connection per database, per worker process is established only once and then reused (with auto built-in reconnect support). * remove Utils::Redis.pm as it does not have any code/logic anymore. * ban values are taken from $config->{security}{login} as - ban_enable: 1 - ban_expire_time: 3600 ban expire time in seconds - max_attempts: 5 * if max_attempts set to 0, the ban functionality is disabled as it requires to be at least 1 to work. * upon successful login or ban, the failed attempts counter is removed * the failed attempts counter is also removed automatically with the expire time equals "ban_expire_time" or otherwise 3600 seconds. * user bans are logged into panel.log * banned user receives exactly the same return page/codes as per invalid logic. Change-Id: I05cc68c623ee289488fc64f1af50527004dcaae1	9 months ago
Kirill Solomko	d9f283cbc8	MT#59449 enhance password validation and handling * passwords are now validated based on - minlen - maxlen - min lower case chars - min uppper case chars - min digits - min special chars * Data::Password::zxcvbn is used to calculate password score and reject passwords with score < 3 as weak (this library is ported from the Dropbox password validation) * Add password journals and check last used passwords in the journals * Improve password generator javascript function to generate a password with at least 4 of each of the char group types. * Currently affected are subcriber and admin entry creation or modification via UI/API * NGCP::Utils::Auth add optional bcrypt_cost support as last argument for generate_salted_hash and get_usr_salted_pass Change-Id: I100c25107d91741d5101bc58d29a3fa558b0b017	9 months ago
Kirill Solomko	43d112bd5e	MT#60558 add max subscribers/groups license checks * max_subscribers, max_pbx_subscribers, max_pbx_groups license checks are added for subscriber/group creation in UI/API * new accessor $c->license_meta that returns meta license flags hashref * new accessor $c->license_max_subscribers * new accessor $c->license_max_pbx_subscribers * new accessor $c->license_max_pbx_groups * the new accessors (except license_meta) return -1 instead of 'unlimited' to ease off comprarsion * 403 Forbidden is returned by the API if a license is violated. Change-Id: I3f5a949efc84bf85b76b33404b37b362ec484d5f	9 months ago
Kirill Solomko	9d021be65a	MT#59979 add license control * UI and API parts are now under license control * new Util::License::get_license($c, $name) - fetches license status by name (1 if enabled, and also if /proc/ngcp/check if 'ok') * add Catalyst::Plugins::NGCP::License with license($name) to fetch valid license by name from anywhere using $c->license('pbx') or from the templates using c.license('pbx'). It internally uses Util::License::get_license($c, $name) * License::get_license_status($c) now requires $c as first argument as well logs license status check errors. * new ActionRoles::License that enables usage of :Does(License) RequiresLicense('pbx') LicenseDetachTo('/denied_page') in the Controller chains * Add license control for UI elements and return 403 Forbidden if a resource is covered by licenses and the license is not active * Hide UI elements if a license is not active * API/Entities/Entities new $c->set_config key: - per endpoint: $c->set_config({ required_licenses => [qw/pbx device_provisioning/] } - or per method: $c->set_config({ required_licenses => { POST => [qw/pbx device_provisioning/] } } } * In case if an API endpoint does not have a license: 403 Forbidden "Invalid license" reply is returned. * Add license based restrictions to API endpoints * /api documentation: - completely hide endpoints that do not have an active license - hide only methods that does not have an active license Change-Id: Iba45fc5068b02306a617fed7b5405f2210574b61	9 months ago
Kirill Solomko	a46ef5b9e2	MT#60160 improve same primary number detection * consider as the "same number" if old/new primary numbers are empty (undefined in the database as if a primary number exists at least cc and sn are mandatory). * check for new primary number "cc" existence when preparing comparsion to the existing primary number, as some clients may send an object value with null cc+ac+sn. Change-Id: I810cda7d7aa07f2d7e46dbca099bc327ef7b4963	11 months ago
Rene Krenn	941c75ebe1	MT#59078 ?create_primary_acli= query param creating or updating subscriber (-aliases) will modify the allowedcli (acli) preference, if the auto_allow_cli config option is set. the primary number will also be part of the acli list. when specifying ?create_primary_acli=false or ?create_primary_acli=0, the primary alias will no longer be added to acli. Change-Id: I4641e2b973de2afe2e36805140b1546cac2a699a	12 months ago
Donat Zenichev	844a9e5920	MT#59011 Cleanup panel from the reference to "sip:localuser" An outdated and not used implementation for the "sip:localuser" in the ngcp-panel. Change-Id: I7c83bee0da07f7fafe7b1cb669a8c5080bc8565e	1 year ago
Kirill Solomko	1fb8d04136	MT#59615 /api/subscribers skip primary number processing if unchanged * if the primary numner during /api/subscribers update request is unchanged, the primary number processing related logic is not invoked, as otherwise it's a redundant and in some cases (pilot subscriber) time consuming operation. Change-Id: I4cbb0387011f5241fcbdaab1efbb0d4a5caa2143	1 year ago
Kirill Solomko	6953de937c	MT#33041 add reseller max subscribers support * Max subscribers can now be defined in the Reseller contract * Max subscribers is now shown in int Reseller's "Reseller Contract" Details (with an indictaion of how many subscribers are created out of the defined max subscribers, as well as when the limit is reached (similar to the Customer's Details page) * Add reseller subscribers count checks on the UI Create Subscriber page * Add reseller subscribers count checks in /api/contracts POST/PUT * Prevent max_subscribers definition for Peering contracts in /api/contracts POST/PUT Change-Id: I1561d4eb7da5b1a0a0c99acabd18d2a9cd98dec7	2 years ago
Donat Zenichev	fd796a91ba	MT#56845 HG: introduce new field `Cancel Mode` This field controls a behavior upon cancelling unsuccessful legs: - terminate legs with CANCEL (default way) - terminate legs with BYE Change-Id: I2ff5c758c319714f0e6636db8b8ba5c0fd495e1f	2 years ago
Rene Krenn	7ad8d0a01f	MT#57667 fix registration collection failing with terminated subs Change-Id: I0a16ebd6a39ea59720f07a048c3f8e9576111922	2 years ago
Alessio Garzi	c45639af5a	MT#57447 Set reseller_id preference automatically when an account is created This commit forces the creation of reseller_id preference whenever a new subscriber is created in the same fashion of the already existing preference account_id. Change-Id: I8cc2b3b65e0e7a81e72452a3840fdd3540146968	2 years ago
Kirill Solomko	391aa3fbc3	MT#57564 convert deprecated timezone names * timezone names are converted to their links, and if a link is found (means that the current name is deprecated), it's validated and stored as the link. Change-Id: I6348659178400a96eaadd70f79b792c4fa25d7d4	2 years ago
Rene Krenn	ccec3eff01	MT#57186 expose variables to new_subscriber email additional variables for the new_subscriber mail template: username password webusername webpassword cc ac sn Change-Id: I8deadee11b162ef66e9f210d20bca11aa747c18f	2 years ago
Kirill Solomko	8459e03f51	MT#56234 update_voicemail_number update all use cases * update use cases for update_voicemail_number() and provide $param{c} Change-Id: I016ea49e1f619e129010909b673e1e7c7ef08c91	2 years ago
Kirill Solomko	f1cc84c34f	MT#56234 add voip_preferences.expose_to_subscriber support * expose_to_subscriber is a new preferences flag that indicates that the preference can be read/modified by 'subscriber' role * expose_to_customer now only does the same as expose_to_subscriber but for 'subscriberadmin' role * get_usr_preference() not expects $params{$c} to be passed as an argument * fix update_voicemail_number() behaviour, it correctly updates number for subscribers of a subscriberadmin as well as no longer fails with an error if echo_voicemail_number or cli are not available (not set or not visible) Change-Id: I95fade92efb541146e9e56ba4f517af79fa71b5a	2 years ago
Kirill Solomko	826d3f1d9f	MT#55618 /api/subscribers fix default contract_sound_set assignment * when a new subscriber is created via POST, if the associated customer has at least one default contract_sound_set, it is correctly assigned to the subscriber as the "contract_sound_set" preference. the logic is now inline with the UI behaviour Change-Id: Ifeb86faf6718648b29e6391bd16752766358ed0f	3 years ago
Daniel Grotti	878f48a562	TT#151207 Save CF destinations to fax2mail with new prefix 'fax=' When the "Ignore domain" billing profile option is set, billing fees will be matched against the 'destination_user_in' CDR field (Instead of 'destination_user_in@destination_domain'). As a consequence, NGCP services such as vsc, conference, voicebox, fax2mail cannot longer be charged by defining domain-based fee entries (e.g. \.local$, @vsc\.local$, @conference\.local$, @voicebox\.local$ and @fax2mail\.local$). Hence, these services need to be matched differently when "Ignore domain" is set, if an operator wants to charge for those services separately. Only fax2mail calls has not predefined prefix that distinguishes it. In order to normalize that and fix this issue the panel will create and save in DB the CD destination for fax2mail with a new prefix: 'fax='. Change-Id: I926909e46828b43e476c75f2b3e0c51e20a2a5b6	3 years ago
Marco Capetta	b3cb8b5bdd	TT#185000 Wrong sample rate for asterisk greating messages Partially reverted commit `7f59aedb4` because it will scale the asterisk voicemail greating messages rate to 16kHz where asterisk supports only 8kHz. Change-Id: I90ad14fc2ae37a9baf168a61e5454b285432fee9	3 years ago
Kirill Solomko	7f59aedb4c	TT#185000 increase sound/voicemails sample rate to 16k * sample rate was downscaled to 8k by sox for all sound files, it's now set to 16k for better audio quality Change-Id: I7447e08ed90147ec98e110419cc4c068b8299848	3 years ago
Kirill Solomko	d6463ffeb5	TT#182102 fix subcriber primary number and cli comparsion * comparsion is now char based instead of int based as the primary number can contain chars Change-Id: I1f9b348dffe036ecf62bc6ed6a1f84592126427c	3 years ago
Kirill Solomko	999332d270	TT#171850 fix api-subscribers tests * Utils::Subscriber::update_subscriber_numbers() fix an error when $current_primary_number is undefined * t/api-rest: remove devid_alias from the tests as the field is deprecated and no longer in use Change-Id: I6e472398a7a393cd83de5818157629338388ec8e	3 years ago
Kirill Solomko	e011960739	Revert "TT#171850 fix unintentional primary number removal" This reverts commit 6bdfca91129309561e72eed902a8a4b66604a7bd. Change-Id: Ie7269ac9ce0302928b234302880bfa9896e8cdf0	3 years ago
Kirill Solomko	6bdfca9112	TT#171850 fix unintentional primary number removal * the current condition for primary number removal for PUT/PATCH is if the primary number exists and specified in the data as primary_number => undef. The condition failed as the 'primary_number' key was explicitly created regardless of the original user data input, resulting in a false primary_number => undef. Change-Id: I17651046627f5c48696c3f1d17da5aa49452fe9a	3 years ago
Oleksandr Duts	afa9289b66	TT#167900 /api/subscribers improve number duplicate checks * primary and alias numbers are now validated that they do not belong to another subscriber * aliases are now validated that they are not already set as the primary number * reduce amount of related sql queries Change-Id: I4397bbdc4bc9001b7feeef22cb8f85ee0b6ce8ff	3 years ago
Oleksandr Duts	8af29b6470	TT#154351 Sound set propagation * Contract default sound set - subscriber propagation for cases: - New customer sound set is created as default. - Customer sound set is changed to default. - New subscriber creation - setting contract default sound set id. * The mentioned cases were implemented for both UI and API. Change-Id: Ia4733c972ae388d3457d0336e3f85b85eec6e9a2	3 years ago
Oleksandr Duts	ace1698a3d	TT#154550 API topuplogs - expand fields * The next fields are expanded: package_after_id, package_before_id, profile_after_id, profile_before_id, contract_id, contract_balance_after_id, contract_balance_before_id, subscriber_idvoucher_id. Change-Id: I4d5f12fb88eaaeb8daf45e673c14e92c1512e239	3 years ago
Rene Krenn	599dd0613b	TT#151751 fix plaintext sippassword no longer returned this fix addresses regression reported by dominik: * $resource{_password}/{_webpassword} cannot be set before the form validation as they are effectively removed by it, causing /api/susbcribers returning no passwords at all for 'subscriber' roles * Having them after the patch makes no sense either as next resource_from_item call will effectively remove them again (in PATCH) (cherry picked from commit `5e9066c4fb`) Change-Id: I88c9ec40843f1e9a6983952b96c0b0e70fbb1bb1	3 years ago
Kirill Solomko	5d9618e642	TT#156354 fix a syntax typo when marking voicemail as read Change-Id: Ib13a1839e6f5bc9419fb137a2e6d4a23d6993ecd	3 years ago
Kirill Solomko	81ebdb8dcf	Revert "TT#151751 refactor persisting subscriber webpassword" This reverts commit `5e9066c4fb`. This implementation breaks: * $resource{_password}/{_webpassword} cannot be set before the form validation as they are effectively removed by it, causing /api/susbcribers returning no passwords at all for 'subscriber' roles * Having them after the patch makes no sense either as next resource_from_item call will effectively remove them again (in PATCH) Change-Id: I0e8389e8ab34ad72f1b87a684daba77f1030f8ba	3 years ago
Rene Krenn	5e9066c4fb	TT#151751 refactor persisting subscriber webpassword a multitude of issues popped after introducing bcrypted webpasswords in the database. most recently the PATCH /api/susbcribers rail was reported to reset the webpassword unintentionally. subscriber login fails afterwards, which is a severe issue. the bugs are adressed by this refactorings. the change also introduces a global variable $NGCP::Panel::Utils::Auth::ENCRYPT_SUBSCRIBER_WEBPASSWORDS to control encrypting webpasswords. it is still enabled as of now, but it's worth to consider disabling it. there other ways to have a "cost" for an authentication request, eg. adding a simple sleep(1sec). Change-Id: I2d47d54a2d83568546ffdd2b211337a5f56be3a2	3 years ago
Rene Krenn	4c47920f2e	TT#132650 run provisioningtemplate from api provisioning templates with their dynamic forms can be executed by a entityitem POST request, ie. POST /api/provicioningtemplates/<reseller>/<template> or POST /api/provisioningtemplates/<readonly template> Change-Id: I77f6c9d42e1afdb49635d3f11e4d73bcf6269605	4 years ago
Kirill Solomko	b199ad3e1e	TT#139550 improve vmnotify behaviour * vmnotify() now accepts cli and uuid arguments * API handling of voicemails is now improved to: - send a notify if the item's INBOX/Old has been changed - correctly process DELETE to send vmnotify after the item's removal Change-Id: Ic00ae825cf091bce273e55aa37cd0a7ac80d8b0f	4 years ago
Kirill Solomko	67bc755276	TT#139550 vmnotify use correct uuid * wrong value was used in the vmnotify select query, now the correct uuid is used Change-Id: I311cc7ea9cce01014dd40761d0bc7f594ecca7b2	4 years ago
Kirill Solomko	68dcad8c70	TT#139550 improve vmnotify messaging * improve select from voicemail_spool to avoid sequental scan with like '%..' * select now fetches all messages count * add old messages count support * old/new messages are reported as 0 if not returned from voicemail_spool Change-Id: I11ac1a407e8d22fe828a17cda55aa3298c6e6f02	4 years ago
Kirill Solomko	4e33039bb6	TT#145300 fix domain vs customer reseller check * fix a wrong expression that checks domain vs customer reseller id Change-Id: I0da43bffa833ce5432848c23aacf307bc1b0a3ff	4 years ago
Kirill Solomko	da4278daa3	TT#145300 Adjust domains reseller_id handling * domains do not use billing.domain_resellers table anymore but instead the new domains.reseller_id field. That is to remove the unneeded many<>many relation through the additional table where the actual logic only supports one(reseller) to many(domains) relation Change-Id: I1b681543baf1901f19e10c2f6210e4cf6eeb8fbe	4 years ago
Kirill Solomko	471b9fe861	TT#139550 fix ngcp-vmnotify system call to use the correct args * uuid arg is mandatory now and it is added to the ngcp-vmnotify invokation Change-Id: Ie36b06d7abf700fe65a965c0ea8dbe813dc4faa2	4 years ago
Donat Zenichev	df30292c6b	TT#66577 Add support of outbound registrations for SIP peerings We need to add an improvement, which fulfills the work of the registration mechanism for SIP peerings. Not only do we add here a registration tirggering for peerings, but also a 'type' is introduced, which is mostly needed for XMLRPC commands being sent towards SEMS, to let it understand to whom the $sid is related to. Plus a list of improvements: - de-register peering host on deletion ; - de-register peering host on disable / register of peering host on enable ; Change-Id: I035dfadf6709acb4d106a70f6124f024e719044f	4 years ago
Kirill Solomko	c50b49db96	TT#133800 fix password fields behaviour in API * PATCH: password fields are not removed when resource is created for apply_patch(), they are removed under the same condititions later when hal is generated, that is to ensure that admin users without the 'show_passwords' flag as well as subscribers will not run into situation when they use PATCH and cannot apply it for "path": "/password" or/and "path": "/webpassword", as they were removed before apply_patch() * rework encrypted webpassword detection. webpasword is detected as encrypted if its length is 54 or 56 and it contains at least one '$' char, there is a chance for false positive detection when a user provides with a plain-text password with the same pattern but it's very unlikely, as well as since mr8.5 webpasswords are expected to be encrypted, and moreover worth case scenario is that the plain-text password will not be returned to the user Change-Id: I8ea739cbf728b2134f3ce00cee29da42ab3fb4a3	4 years ago
Flaviu Mates	fe7f65d948	TT#99700 Fix subscribers PATCH in case of admin without show_passwords * restore password field in prepare_resource after it was deleted in resource_from_item for admins without show_passwords flag * the password is restored only in case it's missing from resource and it's present in DB Change-Id: I390fb8fb94f4546734cb899c741dc90e439df068	4 years ago
Flaviu Mates	f4cb6933b4	TT#119550 Allow subscribers to manage their registrations * give access to subscribers roles to see, create and update own registrations * subscriberadmins can manage all registrations of subscribers under same customer Change-Id: I643121da901b0ed99fc718106a1632da4e1e1936	4 years ago
Rene Krenn	a916bd3c4f	TT#116703 prevent entering duplicate alias numbers Change-Id: I3d35f87738bb6d73f62b300e487a113b45223ad1	4 years ago
Rene Krenn	a15e3c2c84	TT#113450 prevent deleting primary alias Change-Id: I8809daa123353a6e1defc3dff2870b9ad3e6551d	4 years ago
Rene Krenn	aa84c19ace	TT#105100 check PATCHing unset webpasswords Change-Id: I18fb6b2f67afe91e080331d277ea29d781f7c7c2	4 years ago
Rene Krenn	8325f3e5c5	TT#105100 fix PATCHing unset webpasswords Change-Id: Ieb02d5ea4d8c1a8bee2ab94dfcf64778e79b8510	4 years ago
Kirill Solomko	6175625d9f	TT#104150 fix /api/callrecordings deletion Change-Id: Ib8bf01cc4a5f9632228c699aee3520da0077c7bc	4 years ago
Flaviu Mates	c50153b1f7	TT#99561 Introduce extension range preference for Customers * Limit subscriber's extension to a predefined customer extension range preference (both AP and api) Change-Id: I0b6ac5c24b3838f07cc561e7ee6b7cfabe69385e	4 years ago
Kirill Solomko	96ce7b1143	TT#101300 remove devid_alias field * dbaliases->devid_alias field is no longer in use and available via the UI/API Change-Id: I3ec1a82ef76822595aa37e94ec002d11a0cce58c	5 years ago
Flaviu Mates	8450bf33ec	TT#100751 Remove all registrations when terminating subscriber * Include alias numbers in registrations removal when subscriber is terminated, alongside registrations by username Change-Id: I5c913c56718e4b9f98f4677c7cd72722ee9f30d3	5 years ago

1 2 3 4 5

227 Commits (60fa23cb681afe3223794eccd0d6d8f6cb426152)