* if $resource does not have reseller_id then the user's one
is used to write into the journal entry
Change-Id: I33ab6fe6271bd6be156b247c830eecea6e2f63ea
(cherry picked from commit 514989cc5a)
* use any instead of grep for checking the allowed_ngcp_types
array
Change-Id: I7382a2a61764a4520cd07d2db67ffa3a5112b378
(cherry picked from commit f311177236)
* "Header Manipulations" UI is now hidden for CE
* /api/headerrulesets is now hidden for CE
* /api/headerrules is now hidden for CE
* /api/headerruleconditions is now hidden for CE
* /api/headerruleactions is now hidden for CE
Change-Id: I717b9d3cdf693f01e32f81086b69aafce4f3113a
(cherry picked from commit a8bc49408a)
* templates now rely on c.config.general.ngcp_type and hide
the Phonebook feature everywhere if ngcp_type is CE
* introduce "allowed_ngcp_types" config for Controller::API::*
that is an array, and when specified, only the ngcp_type
roles are allowed, otherwise if not specified all ngcp types
allowed (default)
* Controller::API::Root:
- filter controllers from the documentation rendedring
that have allowed_ngcp_type config
specified and do not match the current ngcp type
* Role::API Role::Entities*
- new method check_allowed_ngcp_types()
- check_allowed_ngcp_types() is now called in Entities and
EntitiesItem auto() and denies to 404 Path not found if
the ngcp type does not match
* "Phonebook" UI is now hidden for CE
* /api/phonebookentries is now hidden for CE
Change-Id: I41d4b2f87121f281472be3775b862333923fe37f
(cherry picked from commit 09b589738d)
* the attributes fields list in field_list() {} was rendered
without the field name, causing internal issues in HTML::FormHandler
Change-Id: Ic4c7a0454135b2bf394a0fb8c4291a0fadd06df6
(cherry picked from commit a61497297c)
* comparsion is now char based instead of int based as the primary
number can contain chars
Change-Id: I1f9b348dffe036ecf62bc6ed6a1f84592126427c
(cherry picked from commit d6463ffeb5)
* peer server preferences such as rewrite_rule_set, header_rule_set,
contract_sound_set, sound_set do not include reseller_id
anymore when set for a peer server as peerings are platform wide
Change-Id: I4276767649bc5f2f35aba3eacd0f566b960cf647
These are shared files across all PRO/Carrier nodes, but at the time
they were introduced we did not have the concept of a shared-files
subdirectory. All other such shared files have been moved over time to
that subdirectory, but this was still remaining behind. Let's move it
now for consistency, and so that its purpose is more clear.
Change-Id: I05762d66c352b8ebee34ae93d952d9ffd58910fb
* rtcengine related logic and apps is now removed
* remove /api/rtcapps endpoint
* remove /api/rtcnetworks endpoint
* remove rtcengine relations from resellers such as
enable_rtc flags
* remove rtcengine related API tests
* remove rtcengine and comx related libraries
* remove csc webphone ui app
* remove webrtc related selenium tests
* remove rtcengine flags from /api/capabilities
Change-Id: I83a4b0457fac2e0df23d267f8dbc82841dfb3001
* target selection for chained routes in BillingNetworks is now
performed based on the account that $c->stash->{close_target}
can be already set, and it's used if defined instead of the
explicit target
* add NGCP::Panel::Utils::Navigation::select_back_target()
* NGCP::Panel::Utils::Navigation::back_or() now uses internally
select_back_target()
Change-Id: If6ca47a776896db48955a04f544731dc87c59aa1
* the endpoint now contains additional fields starting with prefix
current_* that represent the current aggregated value that is
used for the preferences and also
current_fraud_interval_source
current_fraud_daily_source
that represent the used source for the current_ values
(billing_profie or customer)
customer - if the fraud limit is set on the customer level and > 0
billing_profile - if fraud limit is not set on the customer level
Change-Id: I074285e3464420a14f65695c40c8b8008a241a8d
* Role::API::Contracts add item_by_id() that calls contract_by_id()
* Utils::ProfilePackages::catchup_contract_balances return if
$contract object is undef
* Form::Topup::Log::contract_id expands into Role::API::Customers
instead of Role::API::Contracts
Change-Id: Id4fc67b8ea1e91f350d0172aafc2b722f34e61f3
* the password reset via API now uses webusername instead of
wrongly used username to fetch the subscriber
Change-Id: Ib2ed042382963f13d73619acd48a588f3874c25b
* Utils::Subscriber::update_subscriber_numbers() fix
an error when $current_primary_number is undefined
* t/api-rest: remove devid_alias from the tests as the field
is deprecated and no longer in use
Change-Id: I6e472398a7a393cd83de5818157629338388ec8e
* the current condition for primary number removal for PUT/PATCH is if
the primary number exists and specified in the data as
primary_number => undef. The condition failed as the 'primary_number'
key was explicitly created regardless of the original user data input,
resulting in a false primary_number => undef.
Change-Id: I17651046627f5c48696c3f1d17da5aa49452fe9a
for deployments that expose panel/csc via a proxy,
the auto-generated base url printed in emails can
be unreachable. we therefore introduce the option
to explicitly specify a base url to use.
it will support an sprintf pattern with individual
params for eg.:
- protocol scheme
- domain part
- port
- base url path
Change-Id: I6a9ca23126c669d249ef7f3e092cae0161235ebe
* primary and alias numbers are now validated that they
do not belong to another subscriber
* aliases are now validated that they are not already set as the
primary number
* reduce amount of related sql queries
Change-Id: I4397bbdc4bc9001b7feeef22cb8f85ee0b6ce8ff
* prepare_resource() use prefetch 'attribute' to address
scenarios with high amount of preferences per subscriber
Change-Id: I7a32ff9953ccf9a3cc7e482639c6bd3cdb28eb0f
We need to properly handle transport picking for the SIP peerings:
- in case a non-default 'outbound_socket' is set for the peering,
give a precedence to the transport used for it ;
- in case a default 'outbound_socket' is set for the peering,
use a transport protocol configured for this SIP peering ;
The idea is quite simple, and meets our current requirements.
Change-Id: I98d55b090f04642442d83da83d441aca0f000dec
* Call forwardings related internal usr preferences are now
distinct per call forward type (maximum 1 record per call
forward type, if at least one forwarding for this type exists).
This change is meant to address the issue when there are >1000
call forwardings per subscriber, which leads to performance
issues. Other components (kamailio) only uses this preference
as a boolean to check if there are call forwardings at all per
type, therefore, more than one preference, per type, per subscriber
is not needed.
Change-Id: Iffa475700a74f56eff67400ce9b57092018a14a0
The ngcp-collective-check now produces a more semantic JSON key. This
should allow to produce more organized problems reporting on the
panels, and will allow to remove the old messy keys.
Change-Id: I302eb7927adf70e33a88ef231b477fc7111c4371
* show the correct error message when a peer_auth preferences are
modified for a disabled peering server
Change-Id: Ibd710d142066c9622932992c8a60ec0d7f7674e1
so far the invoice contained outgoing calls only.
this change introduces the "call direction" mode
for invoice templates, to configure invoices with
either
- outgoing calls only
- incoming calls only
- both outgoing and incoming calls
Change-Id: I3a9d4e3dbb83de63cc2bfab5f1c55714fe487c25
* The succesful password recovering redirects to https://<host>/ which is translated to /#/login on CSC page.
Change-Id: If4e7ae510396e3852319c7e5c9d4915fdd214e95
* Contract default sound set - subscriber propagation for cases:
- New customer sound set is created as default.
- Customer sound set is changed to default.
- New subscriber creation - setting contract default sound set id.
* The mentioned cases were implemented for both UI and API.
Change-Id: Ia4733c972ae388d3457d0336e3f85b85eec6e9a2
The 'Calculated fields' label is displayed when creating a new
Batch Provisioning template on Admin Panel. This field has a
selector which offers the 'Javascript' and 'Perl' options. The
label may be confusing, since the options are programming languages
(rather than 'calculated' fields) that can be used on provisioning
templates.
Hence, it is more suitable to change the 'Calculated fields' label
to just the 'Language' label. This will also be in concordance with
the JSON property 'lang' (short word for "Language") that can be used
at API level to set the programming language.
Change-Id: Ie944e446bbab845fee644f698023ac1eacf0e866
* /login_jwt now accepts "jwt" key with an existing valid JWT as the
value
* upon successful authentication with the token a new token with
prolonged expiration time is issued for the authenticated user
and returned in the JSON response
* add "expires" value in the JSON response that contains a timestamp
integer when the issued token expires
* fix encode_json() calls formatting
* most of JWT related error messages are now appear in the log as INFO
instead of ERROR as they are not related to the system errors
Change-Id: Ie8e04534c8819dc756b3c64ebc4432ce442a1d31
* 'location' field is now optional, if not filled it it will always
default to an empty string instead of null. This is required for the
new mode 'forward' that has no use for this field. If the field
is empty in any other mode like 'add' or 'replace', the entry
will be skiped by the logic.
Change-Id: Ia964c3bb272c9772c51b836ac2418ee4cd7b7f42
WHAT: This fix allows the options: (a) Voicemail greeting "temp", and (b) Voicemail greeting "greet" to be displayed within Subscriber Preferences -> "Voicemail and Voicebox" on Admin Panel (Perl-based). Hence, an Admin can load 'greet' and 'temp' prompts via Admin Panel, similarly as 'unavail' and 'busy' options.
WHY: 'greet' and 'temp' options were added to be managed via API, but they were not available on Admin Panel.
Change-Id: Ie2d18f4d9a8e8369f3bbcb8593848ce6ee4b7d32
* Users with "system" role can change all items accross the system including the password changing for other users.
* Login "system" has persistant "system" role.
* "system" login name is restricted for the user input.
Change-Id: Ibaecba35a86f71fa8895ce9d9feab8e768b65d14
* Fetch recording_metakeys caller/callee for the certain record id(call).
* Add caller/callee fields to the resource and form.
* Frefetching recording_metakeys for the call recording.
Change-Id: I767ea32e19edfd7cbbc74956200343f680fdb2b4
this fix addresses regression reported by dominik:
* $resource{_password}/{_webpassword} cannot be set before the
form validation as they are effectively removed by it,
causing /api/susbcribers returning no passwords at
all for 'subscriber' roles
* Having them after the patch makes no sense either as next
resource_from_item call will effectively remove them again (in PATCH)
(cherry picked from commit 5e9066c4fb)
Change-Id: I88c9ec40843f1e9a6983952b96c0b0e70fbb1bb1
* An attempt to change own role, login, flags
(except for can_reset_password) now returns
403 Forbidden, User cannot modify own permissions
* POST checks if the admin has necessarry permissions
to create another admin
* PUT/PATCH changing own role is now forbidden
* PUT/PATCH changing other's admin role now checks permissions
* DELETE checks role permissions
Change-Id: I990609985ae9cab6213cf47f5f5c8afba2efdda3
* check $c->state for cases when it does not exist
(admin user creation)
* return undef instead 0 in the default field method
Change-Id: I3aa69ebc0f5ec5a590c113379bdf0a5a94e35747
This reverts commit 5e9066c4fb.
This implementation breaks:
* $resource{_password}/{_webpassword} cannot be set before the
form validation as they are effectively removed by it,
causing /api/susbcribers returning no passwords at
all for 'subscriber' roles
* Having them after the patch makes no sense either as next
resource_from_item call will effectively remove them again (in PATCH)
Change-Id: I0e8389e8ab34ad72f1b87a684daba77f1030f8ba
* admin users with is_master = 0, cannot see other admin users
(this includes system users) and brings the is_master flag
to the common behaviour
* ccareadmin, ccare users can now access te UI Admins page
as well as /api/admins but they are limited to see/manage
only themselves
* admin users cannot see system users (UI/API)
* reseller users cannot see system/admin users (UI/API)
* admin users cannot modify their own role and flags except for:
email, password, can_reset_password (UI/API)
* UI edit form now does not render fields that are not meant to be
modified by a user (exception: "login")
Change-Id: I82e1946437fd2ec4651abd24074470c695a40582
- Optional "role" parameter is added for POST PUT PATCH.
If "role" is provided then the passed flags are ignored and are applied internally by the server according to the provided role.
If "role" is not provided then the former flags based approach is applied.
Change-Id: Ib6e591ff6dc50122e0ec49a348153ca820fc2e03
* role_id field is set to optional as the API uses the
form and there is no support for the role_id there yet
Change-Id: Ib663b4d9d0501eca2310a7e95733c2166c9872eb
- Add Role column on /administrator table
- Add Role dropdown input on /administrator/:id/edit
- Add Role dropdown input on /administrator/create
- Implements logic to resolve flags and role id params:
1. role_id is passed(create/edit) then flags will be overrided according to the concrete role.
2. role_id is not passed(create/edit) then flags will be checked to determine role id according to the concrete flags pattern:
Role | Flags
----------- ---------------------------------
system | is_system = 1,
admin | is_superuser = 1
reseller | is_superuser = 0
ccareadmin | is_ccare = 1, is_superuser = 1
ccare | is_ccare = 1, is_superuser = 0
lintercept | lintercept = 1
Change-Id: Ia923a47f664a162d78a06efcc006f84dcd08701d
* soft_expand=1 in API requests when coped with the expand
query parameter tells the API to ignore possible expand
conflicts (such as field mismatch or a permission issue),
returning 200 OK instead of 409 Conflict
Change-Id: Ib798aabddb1b4d66fc9708acbf713037696ad600
a multitude of issues popped after introducing bcrypted
webpasswords in the database. most recently the PATCH /api/susbcribers
rail was reported to reset the webpassword unintentionally.
subscriber login fails afterwards, which is a severe issue.
the bugs are adressed by this refactorings. the change also
introduces a global variable
$NGCP::Panel::Utils::Auth::ENCRYPT_SUBSCRIBER_WEBPASSWORDS
to control encrypting webpasswords. it is still enabled as of now,
but it's worth to consider disabling it. there other ways to have
a "cost" for an authentication request, eg. adding a simple
sleep(1sec).
Change-Id: I2d47d54a2d83568546ffdd2b211337a5f56be3a2
Kirill Solomko
Rene Krenn
Alexander Lutay
Guillem Jover
Sipwise Jenkins Builder
Oleksandr Duts
Javier Rodriguez
Donat Zenichev
Michael Prokop
Marco Capetta