5261 Commits (67a7a774c70a527c19c4a4a5789828c788d02b40)

 

All Branches   

Search

Author	SHA1	Message	Date
Kirill Solomko	c31e221028	MT#55871 /api/subscribers optimise GET alias_numbers ... * "alias_numbers" array when the resource is prepared is created directly from the resultset, avoiding 'foreach' loops and conditions. This improves performance on ~8000 voip_numbers from ~35 seconds to ~3 seconds. * is_devid is now always present in the "alias_numbers" object, and it's =0 if there is no related entry in provisioning.voip_dbaliases Change-Id: Ia05b26208f3fec3a9b2203aafe9b4c09b98ca44d (cherry picked from commit 0c4deaaad0)	3 years ago
Kirill Solomko	e19303a7cc	MT#55864 /api/subscribers correctly process administrative flag ... * administrative flag is now correctl set to false when requested by the client Change-Id: I81a1951f90ce9885bff806d39e11098475d93ac1 (cherry picked from commit 507d088586)	3 years ago
Kirill Solomko	02dc26d4cd	MT#55618 /api/subscribers fix default contract_sound_set assignment ... * when a new subscriber is created via POST, if the associated customer has at least one default contract_sound_set, it is correctly assigned to the subscriber as the "contract_sound_set" preference. the logic is now inline with the UI behaviour Change-Id: Ifeb86faf6718648b29e6391bd16752766358ed0f (cherry picked from commit 826d3f1d9f)	3 years ago
Nico Schedel	59208410fe	MT#55677 fix for "Unstable ngcp-panel-test-selenium-docker runs with failing tests" ... this fix is for domain tests only. failing admins tests are an aui issue Change-Id: Ief3047eadf65443c42589c1a24e9d6b2d1c5b898	3 years ago
Michael Prokop	aa7c010571	TT#76552 systemd: reduce hardening for sendmail(1) usage ... If a customer has email templates enabled, adding a subscriber fails due to: | Failed to create subscriber: error when closing pipe to sendmail: | Trace begun at /usr/share/perl5/Email/Sender/Transport/Sendmail.pm line 94 | Email::Sender::Transport::Sendmail::send_email('Email::Sender::Transport::Sendmail=HASH(0x56251dc80e58)', 'Email::Abstract=ARRAY(0x56252f40f0c0)', 'HASH(0x56252f3fd600)') called at /usr/share/perl5/Email/Sender/Role/CommonSending.pm line 45 | Email::Sender::Role::CommonSending::try {...} at /usr/share/perl5/Try/Tiny.pm line 102 | eval {...} at /usr/share/perl5/Try/Tiny.pm line 93 | [...] Similar, sending subscriber reset password mails etc are also failing. When strace-ing ngcp-panel's fcgi process, one can observe: | 25173 openat(AT_FDCWD, "/var/spool/exim4//input//1ogR98-0006Y1-IA-D", O_RDWR|O_CREAT|O_EXCL, 0640) = -1 EACCES (Permission denied) Now, when disabling all of the systemd hardening, it works fine. Comparing such a working with a failing process, the following changes within /proc/$PID/status can be observed: | diff -urN proc.failing/status proc.working/status | --- proc.failing/status 2022-10-06 18:06:08.519873211 +0200 | +++ proc.working/status 2022-10-06 18:08:17.071722642 +0200 | [...] | CapInh: 0000000000000000 | CapPrm: 0000000000000000 | CapEff: 0000000000000000 | -CapBnd: 000001fbffffffff | +CapBnd: 000001ffffffffff | CapAmb: 0000000000000000 | -NoNewPrivs: 1 | -Seccomp: 2 | -Seccomp_filters: 3 | +NoNewPrivs: 0 | +Seccomp: 0 So NoNewPrivs gets enabled, even though we don't explicitly set NoNewPrivileges but e.g. only ProtectClock=yes. This is expected behavior though, quoting from systemd.exec(5) | NoNewPrivileges= | | Takes a boolean argument. If true, ensures that the service | process and all its children can never gain new privileges through | execve() (e.g. via setuid or setgid bits, or filesystem capabilities). | This is the simplest and most effective way to ensure that a process and | its children can never elevate privileges again. Defaults to false, but | certain settings override this and ignore the value of this setting. | This is the case when SystemCallFilter=, SystemCallArchitectures=, | RestrictAddressFamilies=, RestrictNamespaces=, PrivateDevices=, | ProtectKernelTunables=, ProtectKernelModules=, ProtectKernelLogs=, | ProtectClock=, MemoryDenyWriteExecute=, RestrictRealtime=, | RestrictSUIDSGID=, DynamicUser= or LockPersonality= are specified. Note | that even if this setting is overridden by them, systemctl show shows | the original value of this setting. Also see No New Privileges Flag[4]. Also see https://www.kernel.org/doc/html/latest/userspace-api/no_new_privs.html STR (without having to go through ngcp-panel and a customer/subscriber setup): | root@spce:~# cat /etc/systemd/system/demo.service | [Unit] | Description=sendmail systemd hardening demo | | [Service] | Type=simple | User=www-data | Group=www-data | ExecStart=/usr/bin/perl /usr/bin/send_mail.pl | | # this one enough to trigger the problem | ProtectClock=true | | root@spce:~# cat /usr/bin/send_mail.pl | use strict; | use Template; | use Email::Sender::Simple qw(); | use Email::Simple; | use Email::Simple::Creator; | use Email::Sender::Transport::Sendmail qw(); | | send_email( | subject => 'exim test', | body => 'ohai', | from => 'root@localhost', | to => 'foobar@example.org', | ); | print "done\n"; | exit; | | sub send_email { | my %args = @_; | my $subject = $args{subject}; | my $body = $args{body}; | my $from = $args{from}; | my $to = $args{to}; | | my $transport = Email::Sender::Transport::Sendmail->new; | my $email = Email::Simple->create( | header => [ | To => $to, | From => $from, | Subject => $subject, | ], | body => $body, | ); | return Email::Sender::Simple->send($email, { transport => $transport } ); | } | | root@spce:~# systemctl daemon-reload && systemctl restart demo Until we switch the mail interface from sendmail(1) to SMTP or alike (reported as MT#55576), we need to reduce the systemd hardening, to not get the NoNewPrivileges=true (AKA prctl(PR_SET_NO_NEW_PRIVS,...)) behavior through any of the related hardening options. New systemd hardening state of ngcp-panel (as of systemd v247.3-7+deb11u1): | $ sudo SYSTEMD_COLORS=0 PAGER= COLUMNS=100 unbuffer systemd-analyze security ngcp-panel | grep -v '✓' | NAME DESCRIPTION EXPOSURE | ✗ PrivateNetwork= Service has access to the host's network 0.5 | ✗ CapabilityBoundingSet=~CAP_SET(UID|GID|PCAP) Service may change UID/GID identities/capab… 0.3 | ✗ CapabilityBoundingSet=~CAP_SYS_ADMIN Service has administrator privileges 0.3 | ✗ CapabilityBoundingSet=~CAP_SYS_PTRACE Service has ptrace() debugging abilities 0.3 | ✗ RestrictAddressFamilies=~AF_(INET|INET6) Service may allocate Internet sockets 0.3 | ✗ RestrictNamespaces=~CLONE_NEWUSER Service may create user namespaces 0.3 | ✗ RestrictAddressFamilies=~… Service may allocate exotic sockets 0.3 | ✗ CapabilityBoundingSet=~CAP_(CHOWN|FSETID|SE… Service may change file ownership/access mo… 0.2 | ✗ CapabilityBoundingSet=~CAP_(DAC_*|FOWNER|IP… Service may override UNIX file/IPC permissi… 0.2 | ✗ CapabilityBoundingSet=~CAP_NET_ADMIN Service has network configuration privileges 0.2 | ✗ CapabilityBoundingSet=~CAP_SYS_MODULE Service may load kernel modules 0.2 | ✗ CapabilityBoundingSet=~CAP_SYS_RAWIO Service has raw I/O access 0.2 | ✗ CapabilityBoundingSet=~CAP_SYS_TIME Service processes may change the system clo… 0.2 | ✗ IPAddressDeny= Service does not define an IP address allow… 0.2 | ✗ NoNewPrivileges= Service processes may acquire new privileges 0.2 | ✗ PrivateDevices= Service potentially has access to hardware … 0.2 | ✗ PrivateUsers= Service has access to other users 0.2 | ✗ ProtectClock= Service may write to the hardware clock or … 0.2 | ✗ ProtectKernelLogs= Service may read from or write to the kerne… 0.2 | ✗ ProtectKernelModules= Service may load or read kernel modules 0.2 | ✗ ProtectKernelTunables= Service may alter kernel tunables 0.2 | ✗ RestrictAddressFamilies=~AF_PACKET Service may allocate packet sockets 0.2 | ✗ RestrictSUIDSGID= Service may create SUID/SGID files 0.2 | ✗ SystemCallArchitectures= Service may execute system calls with all A… 0.2 | ✗ SystemCallFilter=~@clock Service does not filter system calls 0.2 | ✗ SystemCallFilter=~@debug Service does not filter system calls 0.2 | ✗ SystemCallFilter=~@module Service does not filter system calls 0.2 | ✗ SystemCallFilter=~@mount Service does not filter system calls 0.2 | ✗ SystemCallFilter=~@raw-io Service does not filter system calls 0.2 | ✗ SystemCallFilter=~@reboot Service does not filter system calls 0.2 | ✗ SystemCallFilter=~@swap Service does not filter system calls 0.2 | ✗ SystemCallFilter=~@privileged Service does not filter system calls 0.2 | ✗ SystemCallFilter=~@resources Service does not filter system calls 0.2 | ✗ CapabilityBoundingSet=~CAP_AUDIT_* Service has audit subsystem access 0.1 | ✗ CapabilityBoundingSet=~CAP_KILL Service may send UNIX signals to arbitrary … 0.1 | ✗ CapabilityBoundingSet=~CAP_MKNOD Service may create device nodes 0.1 | ✗ CapabilityBoundingSet=~CAP_NET_(BIND_SERVIC… Service has elevated networking privileges 0.1 | ✗ CapabilityBoundingSet=~CAP_SYSLOG Service has access to kernel logging 0.1 | ✗ CapabilityBoundingSet=~CAP_SYS_(NICE|RESOUR… Service has privileges to change resource u… 0.1 | ✗ RestrictNamespaces=~CLONE_NEWCGROUP Service may create cgroup namespaces 0.1 | ✗ RestrictNamespaces=~CLONE_NEWIPC Service may create IPC namespaces 0.1 | ✗ RestrictNamespaces=~CLONE_NEWNET Service may create network namespaces 0.1 | ✗ RestrictNamespaces=~CLONE_NEWNS Service may create file system namespaces 0.1 | ✗ RestrictNamespaces=~CLONE_NEWPID Service may create process namespaces 0.1 | ✗ RestrictRealtime= Service may acquire realtime scheduling 0.1 | ✗ SystemCallFilter=~@cpu-emulation Service does not filter system calls 0.1 | ✗ SystemCallFilter=~@obsolete Service does not filter system calls 0.1 | ✗ RestrictAddressFamilies=~AF_NETLINK Service may allocate netlink sockets 0.1 | ✗ RootDirectory=/RootImage= Service runs within the host's root directo… 0.1 | ✗ CapabilityBoundingSet=~CAP_MAC_* Service may adjust SMACK MAC 0.1 | ✗ CapabilityBoundingSet=~CAP_SYS_BOOT Service may issue reboot() 0.1 | ✗ LockPersonality= Service may change ABI personality 0.1 | ✗ MemoryDenyWriteExecute= Service may create writable executable memo… 0.1 | ✗ RestrictNamespaces=~CLONE_NEWUTS Service may create hostname namespaces 0.1 | ✗ CapabilityBoundingSet=~CAP_LINUX_IMMUTABLE Service may mark files immutable 0.1 | ✗ CapabilityBoundingSet=~CAP_IPC_LOCK Service may lock memory into RAM 0.1 | ✗ CapabilityBoundingSet=~CAP_SYS_CHROOT Service may issue chroot() 0.1 | ✗ ProtectHostname= Service may change system host/domainname 0.1 | ✗ CapabilityBoundingSet=~CAP_BLOCK_SUSPEND Service may establish wake locks 0.1 | ✗ CapabilityBoundingSet=~CAP_LEASE Service may create file leases 0.1 | ✗ CapabilityBoundingSet=~CAP_SYS_PACCT Service may use acct() 0.1 | ✗ CapabilityBoundingSet=~CAP_SYS_TTY_CONFIG Service may issue vhangup() 0.1 | ✗ CapabilityBoundingSet=~CAP_WAKE_ALARM Service may program timers that wake up the… 0.1 | ✗ RestrictAddressFamilies=~AF_UNIX Service may allocate local sockets 0.1 | | → Overall exposure level for ngcp-panel.service: 7.9 EXPOSED 🙁 Related: MT#31936 Related: MT#55569 Thanks: Thomas Georg on spce-user ml for the bug report, and Victor Seva, Richard Fuchs + Rene Krenn for assistance in tracking this down Change-Id: Ic3be62247bbcae00c99de3b779df838c0daaaf1a (cherry picked from commit 31429319e7)	3 years ago
Rene Krenn	4cf1f140c8	MT#55551 add ccare roles to /api/callforwards ... Change-Id: I414e10fca61bc535471a0b2525b7e684ea9d23e5 (cherry picked from commit 67f6063341)	3 years ago
Rene Krenn	78a62163c5	MT#55436 mark concurrent_* fraudpref fields as readonly ... Change-Id: I47f3a42163703c57cecdbcf4dd84e9e7a9cbe2e7 (cherry picked from commit d4d924e146)	3 years ago
Kirill Solomko	db1b244937	MT#55538 /api/soundsets allow filtering by customer_id=null ... * when customer_id query param is specified as customer_id=null or customer_id=NULL it now correctly fetches soundsets that do not have customer_id assigned to them Change-Id: I8de3d9615c133c2abd3eb2b5f4fea8de5b652417 (cherry picked from commit a86e868a6f)	3 years ago
Rene Krenn	fb05e7b26a	MT#55418 hide billing mappings with terminated profiles in AUI ... Change-Id: Id480f3c0928d8e3d0a29dd3508c08de68e64ce5a (cherry picked from commit a9f53cdf82)	3 years ago
Rene Krenn	2408fa56bb	MT#55421 fix deleting domains ... xmlrpc request such as domain.reload can fail, when database content was not yet replicated. Change-Id: I769f9470b526ef5175826e6c18cbe28c6c1501ca (cherry picked from commit afe80f0110)	3 years ago
Rene Krenn	61f5189cbd	MT#33062 prevent error 500 when deleting registrations ... Change-Id: I7c9731260b973730702c7380881c71bfdc84fa21 (cherry picked from commit f75fdcd943)	3 years ago
Rene Krenn	bc07de7e6e	MT#55419 enable wildcard search for customer.external_id ... Change-Id: I373006325dd60987634ac348f6c40c2ee393fab7 (cherry picked from commit 7caf33ac84)	3 years ago
Sipwise Jenkins Builder	e0625386c8	Release new version 10.5.3.0+0~mr10.5.3.0	3 years ago
Rene Krenn	debd85394d	TT#188950 ignore domain for subscriber authentication ... when ignore_auth_realm is "yes", it should no longer be required to provide the domain part for subscriber logins. Change-Id: I346f94278c9b0d9a598858c24d797b03217123d4 (cherry picked from commit 65b5c62e48)	3 years ago
Rene Krenn	ab916ced07	TT#180400 redirect password recovery to JS CSC in case of mixed/yes ... Change-Id: Ie380079373b35813f5e0b528ce20a5040375f64e (cherry picked from commit 8cf2574d1d0e7acfa8eb080b5559a35cb0243798) (cherry picked from commit 3bc29da9a1)	3 years ago
Victor Seva	87a959cbba	TT#185701 fix deactivate_domain ... we were sending this command: > host:deactivate('NGCP::Panel::Model::DB::domains=HASH(0x55955564e6c8)') Change-Id: I63271b05ee12d0ff3767b5d9376aec22352cb4d5 (cherry picked from commit 78a447f45f)	3 years ago
Marco Capetta	231a1d3479	TT#185000 Wrong sample rate for asterisk greating messages ... Partially reverted commit 7f59aedb4 because it will scale the asterisk voicemail greating messages rate to 16kHz where asterisk supports only 8kHz. Change-Id: I90ad14fc2ae37a9baf168a61e5454b285432fee9	3 years ago
Nico Schedel	1880bcb191	TT#122872 selenium: fix all tests for mr10.5 ... Change-Id: Ic09bf359d112bc5619fe6bd4067b06386776927a	3 years ago
Kirill Solomko	84b448cdfd	TT#176050 adjust subfield expands ... Change-Id: I9826d254cec6f03e7c7bad7122450f4a22125e18 (cherry picked from commit 84e698e7ac)	3 years ago
Kirill Solomko	636bf3e8b3	TT#65101 expand now fills the same key only once ... * the same key is now expanded only once to use the same data ref otherwise expand like contract_id.contact_id,contract_id.billing_profile_id makes it so that 2nd contract_id would overwrite the already existing (expanded) contract_id Change-Id: I6cab67c2f549e9165dbf2cfd2f4b84daef503dd8 (cherry picked from commit 0555f32585)	3 years ago
Kirill Solomko	1cf5e6e7c5	TT#176050 add expand support on array of ids ... * it is possible to expand arrays of ids now * add expand support for pbx_group_ids * add expand support for pxb_groupmember_ids * remove _password and _webpassword internally prepared fields from expands by subscriber_id, pbx_group_ids, pbx_groupmember_ids Change-Id: I7651aae4c58d98943e82d1eda6b24d260ff2480a (cherry picked from commit 938f6ba05c)	3 years ago
Kirill Solomko	14b06c08e8	TT#186950 check db connection ... * 503 HTTP status code is returned if the main db connection is not available Change-Id: Iac2eebfb900ceb0f696264f29c7a27e46877ecaf (cherry picked from commit 6e5721c434)	3 years ago
Kirill Solomko	681230f5d6	TT#151504 subscriberadmin can now manage customer phonebook ... * subscriberadmin with can now manage customer phonebook entries Change-Id: If693c3bce651ed00d9b710b416436abb94ba283a (cherry picked from commit 6b94514dad)	3 years ago
Kirill Solomko	30240128c4	TT#65101 improve expand=all, /api/domains care roles support ... * expand=all now expands by the all resource keys instead of the current form fields, that is to reflect keys that are created manually in the response such as reseller_id or domain_id * ccare roles now correctly support /api/domains Change-Id: I9951bfd97b76186def4dc799c72da44425faea4a (cherry picked from commit 5a18d5fee8)	3 years ago
Kirill Solomko	334a881245	TT#65101 enhance ccare roles support ... * ccare roles now have read-only access to profile packages, this is needed for working with a customer * enable expand for ccareadmin and ccare roles for the following: - contact_id - profile_id - profile_set_id - package_before_id - package_after_id * add expand support for admin,reseller,ccareadmin,ccare roles - profile_package_id - invoice_email_template_id - passreset_email_template_id - invoice_template_id Change-Id: I926304363048e659af67d596dce93be29b3e67af (cherry picked from commit 57a8cefd2c)	3 years ago
Kirill Solomko	f71ac0b690	TT#186506 ccare roles can expand billing_profile_id ... * ccare, ccareadmin roles can now expand billing_profile_id Change-Id: Idfaf61fdc288fed5234f48c34bc70eae260aa8a4 (cherry picked from commit 5a104c3220)	3 years ago
Kirill Solomko	c1ecacd81e	TT#186503 fix /api/billingprofiles for ccare roles ... * ccareadmin and ccare roles are now able to correctly fetch the list of billing profiles as well as request one by :id Change-Id: Ie5f9203b1aa9de9f7ed870caa2ea06ba262c9bfd (cherry picked from commit 486b0a10d5)	3 years ago
Kirill Solomko	185b93e03d	TT#186501 fix /api/capabilities for ccare roles ... * ccareadmin and ccare roles are now able to correctly fetch the capabilities data Change-Id: I4f4355dfe594a9342fd35c0c01984ef132d7d1a6 (cherry picked from commit 7e37f4b81c)	3 years ago
Kirill Solomko	d40471b5d5	TT#185000 increase sound/voicemails sample rate to 16k ... * sample rate was downscaled to 8k by sox for all sound files, it's now set to 16k for better audio quality Change-Id: I7447e08ed90147ec98e110419cc4c068b8299848 (cherry picked from commit 7f59aedb4c)	3 years ago
Kirill Solomko	ff6603f0db	TT#182101 t/api-rest2 remove phonebookentries from AllLinks ... Change-Id: I55092d2b68f603be05ab75989d1107843bd22cbe (cherry picked from commit e1bab24822)	3 years ago
Kirill Solomko	f38b660eb8	TT#182101 t/api-rest2 remove headerrules from AllLinks ... Change-Id: Ifdca9ee860bf9bde2b89f45a5210176fa827a7f5 (cherry picked from commit be402b13a2)	3 years ago
Kirill Solomko	69c1277a48	TT#182101 t/api-rest2 remove HeaderRuleSets from testing ... * the endpoint is temporarily removed from testing until the ngcp_type check is introduced for these tests Change-Id: I8d5c3c1e625ce68469061f111931011664969c58 (cherry picked from commit f3eafccd95)	3 years ago
Kirill Solomko	fea8e58925	TT#182101 api-preferences.t fix header_rule_set preference processing ... Change-Id: I1a7156314876596e08eb1251213344d8ac584a17 (cherry picked from commit 27c3b7dc3b)	3 years ago
Kirill Solomko	85a7101cc3	TT#182101 api-preferences fix headerrulesets for CE ... Change-Id: I4cd4446cfa45d73b205561cad7d9ae13e001f142 (cherry picked from commit a60a62c800)	3 years ago
Kirill Solomko	2a4abdb98e	TT#182101 ngcp type related api-rest test fixups ... * api-all-links skips PRO only endpoints * api-preferences skips PRO only endpoints Change-Id: I1a14f61e031fb7aa0db63cdc7cb671d229c57ab4 (cherry picked from commit d6c928fbfd)	3 years ago
Kirill Solomko	7f584c7a72	TT#182101 api-rest/testrunner add stable-pro stable-carrier aliases ... * stable-pro and stable-carrier are internally converted into stable, this is for convenience when the testrunned is run from an automated environment Change-Id: Id37756bb9fb765108ae586898045784b954e9432 (cherry picked from commit 01cb54786f)	3 years ago
Kirill Solomko	d37572ec7d	TT#182101 add api-rest/testrunner CE support ... * testrunner can now be run with "stable-ce" or "fast-ce" commands that exclude endpoints that are not available in CE Change-Id: I9c40a82c11b5bd2e88102b545d6ead4a64087326 (cherry picked from commit b81c66ffc2)	3 years ago
Kirill Solomko	ed7d980a5a	TT#182101 hide UI /phonebook page access on CE ... * UI /phonebook page is returned as 404 Not Found Change-Id: I2ed66cc33c8e4c2d2415f94256758f79e264794e (cherry picked from commit 60a39881b6)	3 years ago
Kirill Solomko	5321cd0e53	TT#182053 hide UI /header page access on CE ... * UI /header page is returned as 404 Not Found Change-Id: I6da41ef0b17f677e21705d1df706445a52180bf3 (cherry picked from commit 84910ef944)	3 years ago
Kirill Solomko	d9ecbc67a2	TT#184300 journals alawys write reseller_id ... * if $resource does not have reseller_id then the user's one is used to write into the journal entry Change-Id: I33ab6fe6271bd6be156b247c830eecea6e2f63ea (cherry picked from commit 514989cc5a)	3 years ago
Kirill Solomko	f638a12b72	TT#182101 Fix check_allowed_ngcp_types detection ... * use any instead of grep for checking the allowed_ngcp_types array Change-Id: I7382a2a61764a4520cd07d2db67ffa3a5112b378 (cherry picked from commit f311177236)	3 years ago
Kirill Solomko	496d828103	TT#182053 Header Manipulations feature is hidden for CE ... * "Header Manipulations" UI is now hidden for CE * /api/headerrulesets is now hidden for CE * /api/headerrules is now hidden for CE * /api/headerruleconditions is now hidden for CE * /api/headerruleactions is now hidden for CE Change-Id: I717b9d3cdf693f01e32f81086b69aafce4f3113a (cherry picked from commit a8bc49408a)	3 years ago
Kirill Solomko	be4dc2f9a2	TT#182101 Phonebook feature is hidden for CE ... * templates now rely on c.config.general.ngcp_type and hide the Phonebook feature everywhere if ngcp_type is CE * introduce "allowed_ngcp_types" config for Controller::API::* that is an array, and when specified, only the ngcp_type roles are allowed, otherwise if not specified all ngcp types allowed (default) * Controller::API::Root: - filter controllers from the documentation rendedring that have allowed_ngcp_type config specified and do not match the current ngcp type * Role::API Role::Entities* - new method check_allowed_ngcp_types() - check_allowed_ngcp_types() is now called in Entities and EntitiesItem auto() and denies to 404 Path not found if the ngcp type does not match * "Phonebook" UI is now hidden for CE * /api/phonebookentries is now hidden for CE Change-Id: I41d4b2f87121f281472be3775b862333923fe37f (cherry picked from commit 09b589738d)	3 years ago
Kirill Solomko	819f9fa74c	TT#174451 fix SubscriberProfile form attribute field list ... * the attributes fields list in field_list() {} was rendered without the field name, causing internal issues in HTML::FormHandler Change-Id: Ic4c7a0454135b2bf394a0fb8c4291a0fadd06df6 (cherry picked from commit a61497297c)	3 years ago
Sipwise Jenkins Builder	2f0184c1cd	Release new version 10.5.2.0+0~mr10.5.2.0	3 years ago
Kirill Solomko	039fa25590	TT#182102 fix subcriber primary number and cli comparsion ... * comparsion is now char based instead of int based as the primary number can contain chars Change-Id: I1f9b348dffe036ecf62bc6ed6a1f84592126427c (cherry picked from commit d6463ffeb5)	3 years ago
Sipwise Jenkins Builder	96dacbd148	Release new version 10.5.1.0+0~mr10.5.1.0	3 years ago
Alexander Lutay	597beac2d1	TT#149450 Add nagivation buttons '... Sets' to return from submenu ... Those extra buttons helps with navigation (mainly on AUI/v2 WEB), while they are also useful on ngcp-pane/v1, as allow to return from level 2 to level 1 of objects in object sets. Change-Id: I6d151408b9de87a77bc6e57f07d10b9f44f47d78	3 years ago
Kirill Solomko	2efeb70e67	TT#179800 API peer server preferences fix reliance on reseller_id ... * peer server preferences such as rewrite_rule_set, header_rule_set, contract_sound_set, sound_set do not include reseller_id anymore when set for a peer server as peerings are platform wide Change-Id: I4276767649bc5f2f35aba3eacd0f566b960cf647	3 years ago
Rene Krenn	8afc819c31	TT#179700 fix inverted mandatory field ind (swagger) ... Change-Id: I2a92d8a1fbacf6f21045180c3aa1dfa32647602f	3 years ago