* Add check for existence of webpassword on subscriber
log in to prevent the code from trying to use the
undefined password
* Subscribers with no webpassword cannot log in the old CSC
Change-Id: I7b82c014fa5f70fa36ee7282db94a747e54ce2ae
* new c.users.role 'lintercept', that set to when an admin user has
enabled 'lawful_intercept' flag
* only Administrator page /api/admins and /api/interceptions are available for
the role
* 'lintercept' role can only see own user and only change password
and email
Change-Id: Iadcb022a124afbd77b224e734026f380af0170e8
* As click2dial2 was implemented for pro versions,
the version of click2dial is now in ngcp_panel.conf
and it will be taken from there
Change-Id: Iee1d6eea2cae3a80616272bd3fd5bce9b35fc496
* Introduce endopint '/resetpassword' for asking for
password reset using admin username
* Create form for introducing username
* Create url with unique token pointing to '/recoverpassword'
where admin user can introduce new password and email
said url to admin's email address
* Create form for setting new password
* Store username and unique token in Redis expiring
in 5 minutes to store password reset attempt
and identify it when user accesses url in email
* Limit admin access to be able to only change own password
due to new password reset possibility as requested in
TT#76110
Change-Id: Ie3acb961444398afa5b2fdc85e3ca8ceccf9244a
- persist prov tmeplates in the database: create, update
and permanently remove them again.
- prov templates from config.yml are still supported,
but cannot be edited though. the templates from
config.yml are merged with those from the db.
- each reseller can have their own prov templates,
while the prov templates from config.yml are visible
to all.
- YAML syntax highlighting and parse check when saving.
Scripting language (perl/javascript) is currently parsed
when executing a provisioning templates only. It is
possible to further extend the parsing checks.
- the prov template "name" + reseller is the unique
identifier. relevant also for the command line tool.
Change-Id: I58d7c54fa82fe512b263b3219bfc84d7e49c56a8
* Change the way webpassword is handled accross
NGCP Panel UI/API to comply with new password
encryption
* At login, if password is not encrypted with
high cost due to the ngcp-bcrypt-webpassword
script, encrypt it with proper cost
* Accept old password format as well until all
webpasswords are encrypted
Change-Id: Iefa9584a62ab4b7d2a224d10bdd415e9cbb8dfb5
* /admin_login_jwt now returns a JWT token for admin
users and also the JWT token is supported in the
authorization process for the admin requests
Change-Id: I987640d46bd8a339a959a6b2efb65b6dce06bf8c
OWNER_VAT_SETTINGS = 1: apply the callist "owner's" VAT settings
(VAT rate and Add VAT Y/N) for each CDR displayed.
OWNER_VAT_SETTINGS = 0: apply the CDR's source/destination
account's VAT settings for each CDR individually.
Change-Id: I08cc88afeb0a0c7cc5592b9542dc9da25bb86286
* Deleting or diasbling a peering server was leaving
the peer_probe value in kamailio htable which was
falsely identifying peering server as up when it
was actually down
* Sending htable.delete peer_probe whenever deleting,
disabling or disabling 'probe' for a peering server
fixes the issue
Change-Id: Ie54fd4bd00391a0cc02544d8d7b55108240c74e8
acquire the billing.contract row lock *before* any
unordered billing.voip_numbers rowlocks by
sub manage_subscriber_numbers().
- "deadlock" waittimeout errors will cease when
creating subscribers concurrently via api
- max_subscribers, is_pilot and other per-contract
constraints will be respected accurately
Change-Id: I73bb7525b327bbb09217b790be9c14cc65ddebcc
* Obfuscate nubmers from the same customer which have
CLIR enabled if calllist_clir_scope is set to 'all'
Change-Id: I1953cb760fec5b4921adb2b3c25b7a2a2d2605a7
* A new endpoint is now available that will
return subscriber's preferences and also
the preferences that the subscriber inherits
from its domain
Change-Id: Iaa29fbe57d520f79ac7051dc8fd151d26df41384
- prevent unneccesary redis "scan"s
- avoid filter/scan (iterating all registrations) by properly
un-aliasing filednames
- ignore any registration of subs that no longer exists
- apply the fixes for ->search(), but also ->find()
Change-Id: I32c89482fc06e76b0369034cd8f3eda24ebbe1bf
* Implement checking/creation of server, profile
and prepare request for device creation on ALE
RPS
* Prepare request for device deletion on ALE RPS
* Changes in Panel to support provisioning via
the ALE RPS
Change-Id: I24b62c03b64c56fcbcabea71428d0b70b46706e6
This program allows to run a 'provisioning template' defined
in config.yml. This will produce a subscriber setup including
required billing contact, contract, preferences, etc. from an
input form defined by that template. The form fields can be
passed as command line options.
Change-Id: I9e155c5ad192937b859f0df97e206c1192e88770
* Change condition that was defaulting to
one banned user in case of looking by
a non-existent id; it now returns empty
array which is causing the correct
'entity not found' error
Change-Id: Id3191ae78e7804fb62420bf15b292207c087234d
* Add the new fields to the Billing fees form
* Add the new fields to the csv order for
download and upload to work
* Change tests to include the new fees fields
Change-Id: If45bfe4f39ccd0283c72071489f5930eab2c37e9
* Change DB fetch to get reseller based on
subscriber's customer rather than domain
* Added check for existence of field before
filtering by it. This was actually causing
non-superusers to not see registrations
Change-Id: I7bd39dfcd24a2bc8793a49ba58ab4b2f49f4c821
Let's encapsulate the knowledge about ngcp-collective-check into the
same perl module, instead of leaking the implementation details in
multiple places.
Change-Id: I3efe0b9704f9c149dae50bf4d323853b819127c8
* Create new 'Select' field type that includes
'translate' attribute which shows is a field
should be translated
* Change fields that should not be translated
to the new field type
Change-Id: I723e82e609a7b4fc879e4fe708227c012cba1923
* Retrieve statistics details from
ngcp-collective-check
* Restore statistics widget to display
either "All services running", "Errors"
or "Warnings" according to collective-
check result
* Create pop-up modal to display ngcp-
collective-check results
Change-Id: I094a51ad1905d2bf968775dd43480c94a7a440b8
* ccareadmin and ccare roles have full access to
Customers, Subscribers and their preferences/settings,
and read-only access to BillingProfiles,InvoceTemplates,
EmailTemplates
* ccare role is restricted to the related reseller
Change-Id: I6cf7d3adf912f0fa98d1ef5c02abea2f4331ec4b
* The timeout was defaulting to 300 for
any call forward besides URI. Removing
a sepcific validation for this case fixed
the issue
Change-Id: I2658d77cee08567047c40fb2b3711f5870b49d25
* make search by domain strict when redis usrloc is enabled
and multidomain=1 to omit entries without domain and
vice versa, omit entries with domain when multidomain=0
Change-Id: Ia64c87596ea02b9e5dcc9789751a639ef0c6a0b7
* Kamailio location accepts location based on
ngcp_panel.conf: sip.usrloc_expires_type option,
that is taken from config.yml
kamilio.proxy.usrloc_expires_type.
* adjust api-subscriberregistrations.t to support
sip.usrloc_expires_type
Change-Id: Ia040c63ef2e0cc711812f4a4d17093ae753531aa
for panel UI datatables such as callhistory, automatic rowcount
clipping comes into effect, to prevent pageloads taking minutes
with large calllists.
the clipping also requires special handling of any queries
with an OR clause, which we explicitly expressed as compound
queries (set operations eg. UNION) meanwhile (fortunately!).
this allows to improve the query speed in such cases, by injecting
the filter condition to each subset query.
when introducing this technique, it was clear to sacrifice
ordering of the result, since sorting is pointless when merging
clipped subsets with UNION. allthoug the UI provides a subtle
hint whenever clipping occurs, this is not intuitive to users
(what else).
this is an attempt to improve the situation by applying the
order clauses to the subsets. this way eg. the initial sorting
(timestamp descending) of the callhistory datatable should show the
recent items properly and effectively clip away the older entries.
Change-Id: Ia249e96ac4330cfcdb4905ce2cd0b925aace80f4
* switch from Moose to Moo reduced memory consumption
* rework RedisLocationResultSource to use AUTOLOAD
instead of creating accessors in BUILD (that is very expensive
considering the amount of rows, multiplied by the overall amount
of entries). Now the object creation takes sub 0.0001 sec from
0.017 sec as before.
Change-Id: I9917ff38266ce89297adf55d75c40dd5f16a435b
the client cert serial was taken from epoch time in secs.
if a computer is fast enough, there is the chance a
subsequent POST /admincert did not invalidate the old cert
properly (as expected by api-cert-auth.t), but created an
identical one.
Change-Id: Ifd906489029efd17df0997c5aceec3ac1db08fb1
adds gdpr obfuscation quoting for:
+ subscriber numbers
+ subscriber ip addresses
+ subscriber usernames
+ any logmessage "DATA": query parameters, form data, response data
+ subscriber uuid's
+ call id's
+ callforward sip uri's
the quoting is centralized by $c->qs() ("quote sensitive"), using
catalyst plugin mechanism.
escape symbols are set to « (\x{ab}) and » (\x{bb}).
generate_logfile_data_inventory.pl was modified to mark loglines
with "gdpr affected" status, if $c->qs() was used in a log message.
Change-Id: I0f42d7992594232ae33e5666b0a64009211c5b76
* Fix obfuscation in /api/conversations.
Suppresion columns were not retrieved
accordingly because of the need of
suppresion aliases. The issue was solved
by caching the aliases in the stash.
Change-Id: I5b438585fa6538085d4615dd1b98ab08bfb2ffe6
* due to Net::HTTP internal responses handling when
keep_alive is enabled that causes connections that
send an empty body back entering a blocking socket
read scenario and breaking the connection.
Change-Id: I9bb691299012f8e6b943a56e080edf7f73f827f1
* add a check in Subscriber::apply_rewrite that
the provisioning subscriber object exist,
to address cases when a subscriber is terminated
Change-Id: I1ad16f448c4efcf80eedb08ef3f6c014769ff5fd
It works well now for Panasonic, Polycom, Yealink
Snom works (403 response) if change current host
provisioning.snom.com to
secure-provisioning.snom.com
Without this change we need to disable name checking, and then the same get 403 response code with short html description (so, ssl works).
Change-Id: I1743d2dcb33557a7cf9898aef56f00074b9141a2
* subscriber_only UI header rule set is now
automatically created only when a first rule
is created and removed with the last rule
Change-Id: I7c0be5a3e89e050e97441c4baaf355769db9867b
The is_devid and devid_alias were not properly saved and re-loaded
in edit, nor was their status shown in the master data.
Change-Id: If3403b5baa6135b4171e7b523aaa56de0fc5cb10
* UI: subscriber Preferences" page now contains
a new "Header Manipulations" tab that enables
setting header manipulation rules per subscriber.
They are applied in the following order:
- domain header rule set is applied (if defined)
- subscriber header rules are applied (if defined)
An internal header rule set is now created per subscriber
automatically, if used from the UI
* API: /api/headerrulesets now supports "subsriber_id",
when a whole collection is fetched without ?subscriber_id
only records where subscriber_id = NULL are returned
by default
* fix "read only" UI elements representation in the datable
for header rule sets, rules, conditions, actions
Change-Id: I3e80d1899c577055f3603e80bb3a13d70c5b22cf
when passing the ?tz=Europe/Vienna with POST/PUT/PATCH, the
callforward timeset period definition input will be converted from
Europe/Vienna timezone to system timezone before persising to DB.
when passing the ?tz parameter with GET requests, the
callforward timeset period definition from DB will be converted
to the given timezone.
the ?use_owner_tz parameter will take the subscriber's inherited
timezone.
disarmed in code for now.
Change-Id: If4e130b241c28821844e0700231d1cd6883bcbfb
* kamailio does not accept non-sip tcp messages with an empty body,
therefore, also sending the invalidating set_id in the body
is correctly processed by the kamailio endpoint
Change-Id: I4e4f04bd5279e6f7e39f947d54e656737f81e0e5
- All item_rs modifications should be done before we get rows, so apply order_by before pager
- We can't distinguish if subscriberregistrations really has column or not if we return true for all columns.
We will use has_column only in cases when it returns something really meaningful.
- Subscriberregistrations can't order by nat and subscriber_id
Change-Id: I04b7bb719ee058590a7705c6411cb08bcfb15387
ALE phones first download the first 256 bytes "header" of the firmware
to check if a new version is available. Support simple single Range
request in format "Range: bytes=X-Y" with X being start and Y being
end.
Also make sure to use $rs->count instead of $rs->first to only
execute the full query once and use a count query before instead,
otherwise we're fetching dozens of MB of data twice when fetching
the firmware.
Change-Id: I0c4e9f8b7d856d077eaa4ba8f2bc0aeaf42deebe
* get_subscriber_location_rs for the DB model
tried to determine filter based only on username
and domain for the multidomain option but
another use of the function was with passing only
the id. Since the filter argument is built outside
the function with already checking for the multidomain
option there is no need to rely on the filter parameters
in the function itself.
Change-Id: Ie5ad7e58404400d0dda0300720edd55f38eca09c
Add test script for API
Fix DateTime create/update issue in TimeSets API (get2put case)
(add and edit functionlity used raw/inflated data respecively)
Add datetimepicker field
Change-Id: If724b7350658c306dbbecbc04309d1d1c0b4a3e2
* Faxes numbers representation now uses one of the available
normalization logics. For the API part it is possible to
override it in /api/faxes with a new 'number_rewrite_mode'
query param or 'fax_number_rewrite_mode',
in case of /api/conversations
Change-Id: I64cfcaa53284eafdc980cdab4c3a01d22a55749b
Unify UI and API code to make subscriberadmin behavior with profile_set and profile common
Change alias_numbers input field to embedded RepeatableJS so it pass form validation
Change-Id: I1b3dc6f88cc6c1f43d76acc8e339dbb664c166a3
while limiting the count queries is sufficient for basic
queries, a plethora of perfromance cosniderations arise
when running compound queries (queries with set operations)
against large tables. this is the particular case with the
call history UI.
+ multi-column search must not hit any un-indexed column.
when limit is providied, it seems ok for the optimizer
even when no appropriate multi-col index is present.
+ 'col LIKE "%xyz%"' must be turned to 'col LIKE "xyz%"'
- otherwise and idnex is useless. if fulltextsearch is
desired, this needs to be done separately, including all
the pain of maintaining the keyword/substring index etc.
+ each partial query of a compound query must have a LIMIT
clause. if not, the db tends to try building an intermediate
table (which gets large -> slow). this is the only option when sorting,
but it must be prevent if only displaying unsorted or filtered rows.
BIx::Class::Helper::ResultSet::SetOperations generates malformend
SQL when limiting the partial queries. Therefore, the generated
SQL will therefore be parsed and patched.
+ considering the LIMIT for the partial queries, it is also
mandatory to inject the filter/joins to each. this is done
properly by ReseultSet::SetOperations; but needs to be done
explicitly when building compound queries.
+ aggregation footers must be prevented when clipped - it wont
show useful data (sum, count, ..) anyway.
+ prevent page query when count gives 0
+ prevent 'int_column = "12345678901"' search terms: literal must be
numeric and not longer than the digits supported by the column (10)
+ implement * wildcard and strict_search
Change-Id: Ie256877d368747ad6bfe74f5b6ac5dae88be9e58
to prevent long-running count query in case of mio.
of items, it is done on a limited set, ie.
select count(1) from (select id from cdr where .. limit 1000)
the method determines if there are more than eg. 1000
rows, in which case the UI datatable will simply render a "+"
"Showing 1 to 5 of 1000+ records"
it is only enabled for the topical call history datatable
for now.
Change-Id: I1ca6d22c69784f20ec39c74e3db989c43f1a6918
* init_time field is added as a field as well
as query parameters init_le,init_ge to query
calls by the call initiation time
Change-Id: I6540d632e40d9f0fed6b8f50f126a977eb34e369
Clone cached expensive collections and files list data before return
Otherwise changes applied to members of referenced data will preserve and accumulate
Change-Id: I2c7a014eaea9c695725a796b236a782877a6358c
* Utils::Events::get_aliases_snapshot()
both $subsriber and $prov_subscriber variables
are now checked to avoid calls on undef
* Utils::Contract::recursively_lock_contract() changes:
- terminates only active/locked subscribers
- database entries removal happen only in the end
- admin id is checked beforehand
- adjusted Perl syntax
Change-Id: I964be4480450dcd095bc8899385cab526bfcba72
Sessions saved to the `parts` list get cancelled after a failure. In
case of one session failing with an 'insufficient funds', don't save
that session to the `parts` list so the code doesn't try to cancel it.
Instead just destroy the session.
Change-Id: I43c3791baea5af07e1c6f6777e03c63ea2baae34
* $sess returned from SMS::session_create() can be either
>0 = success
0 = remote rejected (subscriber=inactive)
-1 = internal error
* improve the error messages and the session reason based
on the refined return values
Change-Id: I775c637bd3d08fea3bf53094b4ab60072daabfa6
We can replace the apply usage with map plus a returning s///.
This also fixes a hidden bug with the liblist-moreutils-perl dependency
missing from debian/control, being indirectly pulled by some other
dependency, while an implementation detail.
Change-Id: Ibfc7b362ad77c4b202d93cf71774c40623503f14
* perform_prepaid_billing() part of the code
that cancels the session is moved into a new
function cancel_prepaid_billing()
* cancel_prepaid_billing is called in perform_prepaid_billing()
and after init_prepaid_billing() if session status != 'ok'
* add_journal_record() set default coding=0 if undefined
Change-Id: Id98f8e5b738953d5bb047f59657218f5fa6cab62
* smsc_peer is set as 'default' if none is identified
* fill in status and reason fields for sms receive
* write 'cli' fields as intended
Change-Id: I7316935c3253563db96104d481cbaba7213ad436
* fix routine path
* fix passing arguments as an array, not hashref
* send_sms() uses UTF-8 charset for the query_form() method
Change-Id: I3039999751ffc666ce10b40cb01209a69c98e94e
one was actually a true positive. the others were false positives
and are going to be silenced for the time being, while we try to find
an upstream solution. more details can be found in the ticket.
Change-Id: Iae8df7606774a9d26e4d44dbba557c9fe62d2252
this is to fix the TAP tests of the sipwise QA chain
fixed (or ignored):
- ControlStructures::ProhibitMutatingListFunctions
- Documentation::RequirePodSections
- InputOutput::RequireEncodingWithUTF8Layer
- Subroutines::ProhibitSubroutinePrototypes
- BuiltinFunctions::ProhibitStringySplit
- TestingAndDebugging::ProhibitNoStrict
- TestingAndDebugging::ProhibitProlongedStrictureOverride
- InputOutput::ProhibitTwoArgOpen
- CodeLayout::ProhibitQuotedWordLists
Change-Id: I7dce4ce123bad40de2d9b51ba5b1a141e20c3783
these are to fix sipwise TAP tests. The following policies were
violated and have been fixed (or ignored where apppropriate):
- Variables::ProhibitAugmentedAssignmentInDeclaration
- Variables::ProhibitConditionalDeclarations
- Variables::RequireLocalizedPunctuationVars
Change-Id: Ifee93d537cd6e33d9e6e6ef8026be4b2b9fd0ee5
this is to clean the Sipwise TAP tests for this repo
the critical places where undef is really the intended return value (because
a scalar should always be returned) the rule has been overridden
Change-Id: I66e217a03a00e0f366db9c0cbc5007dd15cd9f96
"Mixed high and low-precedence booleans"
The operations have different precedence and must not be mixed together.
Change-Id: If38e25d6e94f599dc9462d9ee37ce165fa303b35
translate forms in NGCP::Panel::Form (the caching module) instead of in the
templates. This gives us better control to avoid translating cached forms
multiple times. Multiple translations lead to errors due to escaping of
special symbols and simply fails from one (non-english) language to another.
Change-Id: I234b22cb70dc068530e4a9f241cb9bb5653e1959
The only two files left with such warning:
* lib/NGCP/Panel/Field/URI.pm
* t/lib/Selenium/Remote/Driver/Extensions.pm
While they need some special Perl magic to be fixed.
Change-Id: I23553bbffd5bfb38b222733bdeb3937945eabf3e
inflate/deflate DateTime for simple (complete) timestamps
considering the correct timezone at the latest possible point
in the action chains: on form-level as well as in the DataTables json output.
Change-Id: Icfe94d6d5a9ac02d9fca0f4b8d048d86cf66cffa
* remove $config->{sms}{smsc} selection as
there is no such thing as smsc in ngcp_panel.conf
* remove charset from the send_sms query form as charset
is now set in the smsc peer group and taken from the template
Change-Id: I12ac8b74d2923a54194685c3f5e28a37f8df1902
* smsc_peer preference is mandatory for NGCP::Utils::SMS::send_sms()
and contains a handle of one of the avilable group=smsc id
* sms_journal is extended to also store smsc_peer
Change-Id: I1a368b55c263bb5ea2acda004bbaf463d6431413
* moved sms_journal record creation into a new
NGCP::Utils::SMS::add_journal_record()
* 'cli' is used when sending sms to store
user_cli or cli subscriber preference.
that is useful for calls where caller is a
remote number
Change-Id: I80bc31da294a56b302e154133525eea187ab6aff
* in case of a specified fax format (pdf)
the temp filehandle had been closed before filled in with data
Change-Id: I938cfa47051a525069902f73b83de121838c00bb
* colelction_nav_links() should be used instead of the old
self/prev/next href link code
* Entities.pm fix colletion_nav_links() to pass missing
$c->request->params
* collection_nav_links() use default $c->request->path and
$c->request->params if those arguments are not specified
Change-Id: Icca5afac812f2e06e6927ba6f4e91057f9745d21
now there is a tag per API rail instead of per method
this also makes it easy to render the documentation centrally per API rail
Change-Id: I683048f742c2bd2da591e502bc2d8f63cc422627
by using strict where it wasn't used before
plus fix all bugs that were discovered along the way by enabling strict
Change-Id: I7f9a8bf0cee74014fd7551ec26f2ab3922715efc
Rene Krenn
Flaviu Mates
Guillem Jover
Kirill Solomko
Marco Capetta
Andreas Granig
Irina Peshinskaya
Gerhard Jungwirth
Richard Fuchs
Alexander Lutay