ngcp-panel

Commit Graph

Author	SHA1	Message	Date
Kirill Solomko	e6b29d3e7b	MT#59449 fix password validation enabled/disabled, admins * correctly detect and skip password validation when sip_validatation or web_validation is not enabled respectively * better detect web password for admin users * /api/admins PUT/PATCH now also correctly checks last used passwords Change-Id: I9a6fa9b8e30ae2b81d2852dec0e1f9d858be13ef	9 months ago
Kirill Solomko	f4154b1dbc	TT#154500 tighten /api/admins roles * An attempt to change own role, login, flags (except for can_reset_password) now returns 403 Forbidden, User cannot modify own permissions * POST checks if the admin has necessarry permissions to create another admin * PUT/PATCH changing own role is now forbidden * PUT/PATCH changing other's admin role now checks permissions * DELETE checks role permissions Change-Id: I990609985ae9cab6213cf47f5f5c8afba2efdda3	3 years ago
Oleksandr Duts	e5dd7e5587	TT#129169 API: DELETE /api/admins/:id return wrong http 500 * Fix http code to 403 - Cannot delete own user Change-Id: I21225e112fd7e5b746381753b2e52474b6069c5c	3 years ago
Oleksandr Duts	9855b6ab45	TT#149461 Enhance /api/admins to accept the role data property - Optional "role" parameter is added for POST PUT PATCH. If "role" is provided then the passed flags are ignored and are applied internally by the server according to the provided role. If "role" is not provided then the former flags based approach is applied. Change-Id: Ib6e591ff6dc50122e0ec49a348153ca820fc2e03	3 years ago
Oleksandr Duts	8017805589	TT#124802 GET /api/admins/:id/journal - fixing * Admins with is_system and is_superuser are able to see the items for all roles. * Admin is able to see own journal. Change-Id: I3e5d459b08ff7ef218220f1ae11974351121c489	4 years ago
Alexander Lutay	6c86122c37	TT#113251 Create journal 'update' records for 'admins' REST API Change-Id: I6867a3e23e9e9c7e04ebb900e8eaf608f49732da	4 years ago
Flaviu Mates	55e279ceda	TT#88202 - Allow ccare admins to access /api/admins/:id Change-Id: I3ec8457077e24a1b084b6205272d6f9784aaa589	5 years ago
Kirill Solomko	7862a87639	TT#76111 add lintercept role * new c.users.role 'lintercept', that set to when an admin user has enabled 'lawful_intercept' flag * only Administrator page /api/admins and /api/interceptions are available for the role * 'lintercept' role can only see own user and only change password and email Change-Id: Iadcb022a124afbd77b224e734026f380af0170e8	5 years ago
Flaviu Mates	e170193cc9	TT#81184 - Add PATCH/PUT endpoints for '/api/admins' * there is a catch when changing the admin password; first of all, according to TT#76110 only own admin users can change the password via PUT/PATCH; secondly, inside the code, for PATCH to work we need a dummy 'password' key on the old resource which has been set to the saltedpass; when updating the admin, if the password is still equal to saltedpass, no change is made to the password Change-Id: I423ebe13988c58b527db65d666f09b73a483422d	5 years ago
Andreas Granig	8f8e1d5fc9	TT#78557 - Use bcrypt to hash webpassword * Change the way webpassword is handled accross NGCP Panel UI/API to comply with new password encryption * At login, if password is not encrypted with high cost due to the ngcp-bcrypt-webpassword script, encrypt it with proper cost * Accept old password format as well until all webpasswords are encrypted Change-Id: Iefa9584a62ab4b7d2a224d10bdd415e9cbb8dfb5	5 years ago
Guillem Jover	467084705d	TT#71950 Fix typos Warned-by: codespell Change-Id: If7e52bf2fbf013586e802e5ebb77a272599d9c38	5 years ago
Irina Peshinskaya	c68e4ed8c9	TT#45484 Allow api controllers to control errors and return code Change-Id: I4b0c00210f482169437431c8a07f1ae27965ccf0	7 years ago
Irina Peshinskaya	84c1bacc40	TT#28462 Rewrite admins API to Entities Change-Id: I3bf47038bfb48c09f95030eed5d83550e392ff0c	7 years ago
Gerhard Jungwirth	24de4232e6	TT#30507 remove DataHal workaround layer (NGCP::Panel was loaded every time this was used) Change-Id: I62861e0756aaaf548c9be42b4842e9a06127119c	7 years ago
Irina Peshinskaya	d7c6689b93	TT#22496 TT#22495 Disable "sipwise" admin edit and delete Change-Id: I33341247220c389f997ca02104ccfa6028e76ebb	8 years ago
Andreas Granig	a52558b411	TT#22422 Implement capabilities endpoint Used to fetch whether pbx, faxserver, rtcengine etc is enabled. * Fix rtcengine reseller creation: - Refuse to create reseller if rtcengine part fails - Use proper auto-generated rtcengine values (pass, domain) to not fail on reseller names which are not forming valid hostnames. * Implement /api/admins/id to support testing - add test - fix creating admins with overly long login - fix various ACL bugs handling /api/admins/ - fix creating /api/admincerts/ as r/o user * Fix test framework - use proper client cert when switching API user Change-Id: I602fdd8181c0b3f23e76e3eab0df90a1ff9e986f (cherry picked from commit 0d376bd8b59db65296090d26f2c84d704129beef)	8 years ago

16 Commits (a2a01d4690e8962fdf2c069563a4ce81a290c956)