It was close to impossible to read ngcp-panel debug log due to:
* missing clear marker of the start reuqest processing, use '***' once only
* some personal markers (like '+++++++') have been removed as they have no
meaning for other developers. Let's remove the personal markers and work to
make the panel debug log well readable for all developers.
Change-Id: I69faff3ab2258fc156e88c7b8da0edfef14c3e6e
* the endpoint will receive "type" (expires|onetime)
and "expires" (positive integer representing seconds)
* type will define the expiray method for the token;
onetime: the token expires as soon as it's used, or
after "expires" seconds if not used
expires: the token can be used multiple times until
it expires according to the "expires" param value
* login_jwt endpoint for generating the JWT token for
subscribers has been enhanced to accept the "token"
param, containing the token generated using the
/api/authtokens endpoint
* admin_login_jwt endpoint for generating the JWT token
for admins has been enhanced to accept the "token"
param, containing the token generated using the
/api/authtokens endpoint
* login_jwt and amin_login_jwt will respond with 403
"Forbidden" if the token role stored in Redis does
not match the role of the user that generated it
* /api/authtokens is hidden from documentation for now
Change-Id: I4eb76c2b08f2e24774fa84ba0ccf7412ce8670e8
* add quotation with ~ for square brackets ([])
comming from the database, as it is needed for I18N
Change-Id: Ia1253e90d47858a930a4a9569c2d27993a0cd4bc
* /api/callists "type" field now contains the same call type
value as it is in the database, for flexibility so that
customers can implement their own logic around it, as well as
filtering by the query parameter "type" works as expected.
* For history: in /api/callists in case of direction "in", the type
was replaced with type=call regardless of the what was in the database
Change-Id: I1174b34747fe1b739cd6bfc050911c58c4b0964a
* sip_lcr_reload is now called after "commit" in all API endpoints,
to correctly reflect updated DB changes. It was correct in
/api/peeringrules POST but not correct in DELETE, as well as
also not correct in /api/peeringservers and /api/peeringgroups
* sip_domain_reload does not check if the domain is successfully
reload in kamailio proxy as is logic is redundant, it fails
however if domain reload XMLRPC request failed on any available
proxy servers. Another reason is by default tcp_conn_wq_max
in kamailio-proxy is 32KB by default and that causes an impact
when domain.dump XMLRPC is used on very large domain sets (600+),
as well as sip_domain_reload has improved performance with the removed
XMLRPC domain.dump body parsing.
Change-Id: I17c5718198b06b1ce78b2654f3d7c3bd2830f60b
* restore password field in prepare_resource after
it was deleted in resource_from_item for admins
without show_passwords flag
* the password is restored only in case it's missing
from resource and it's present in DB
Change-Id: I390fb8fb94f4546734cb899c741dc90e439df068
* when a target host times out, instead of generating an error,
the host is skipped, this is due to the fact that some proxy
hosts can be disabled but still present in the xmlhosts table
* introduce new code in $ret = distpach(...), -1 indicates that
the host was skipped because of the timeout.
Change-Id: I0f7b5c64124c6481a142c1821a88ab9c3a652bd1
* give access to subscribers roles to see,
create and update own registrations
* subscriberadmins can manage all registrations
of subscribers under same customer
Change-Id: I643121da901b0ed99fc718106a1632da4e1e1936
* Previous commit for full scan pagination
removed pagination for subscriber_id filter
which was anyway not working properly in
some corner cases
* Introduced usage of Data::Page which correctly
paginates through the results
Change-Id: Ic1c98c090b9e92362ab1f2d9b0de0c39660d9e20
* in mRender (custom_renderers), "data" variable is
a string, therefore data.escapeHtml could not be used
* add new function argument "opt", where it is a dedicated hash
containing custom passable options, so it now looks as
function(data, type, full, opt)
* adapted the existing code to include/use the new argument where
applicable
Change-Id: I4957eece3b2d0f6359cbc8f36caf5a350d7bad95
* blobs can now be uploaded for blob type
preferences using the following form:
"some_blob_preference":
{ "content_type": "/application/data",
"data": "<base64 encoded file content>" },
* upon requesting GET, the "data" field will
contain the string "#blob" to avoid showing
raw blob data; if GET is requested with query
param 'preference=some_blob_pref', the
blob will be downloaded
Change-Id: Idcb6496db1f3244e8f5bae4d06301a6caf35b73f
* Create upload and content type form fields for 'blob'
type preferences
* Implement blob preference upload/download to database
* Show blob content in read only text area if content
is text
Change-Id: Ic4b800f84324eab0aadbf8eeb55c03c770ecc94f
* predefined order_by in the resultset that is used in
Utils::CallLists::call_list_suppressions_rs caused
further $rs->union_all appliance to have an invalid syntax
with order_by inside each "select" where it should have been
outside "union all", therefore "order_by" is disabled
when using call_lists_suppresions_rs
* length(call_id) default order_by is not used when call_id
is specified in the query parameters in /api/calllists,
where explicit order_by and order_by_direction are correctly
applied now when specified
Change-Id: I26ae4f63ef40ba3b80bff9c35dfcda9274d5b81e
* Limit subscriber's extension to a predefined
customer extension range preference (both AP and api)
Change-Id: I0b6ac5c24b3838f07cc561e7ee6b7cfabe69385e
* Registration entries are now removed by
registration username + registration domain
instead of subscriber username + subscriber domain.
That is to account registrations by the device.
Change-Id: I86a0d97fabc2dcd0eda6042a018ed35f64c3f031
* Include alias numbers in registrations removal when
subscriber is terminated, alongside registrations
by username
Change-Id: I5c913c56718e4b9f98f4677c7cd72722ee9f30d3
*Introduce pagination in redis scanning; previously
all the registrations where dumped in an array and
then spliced by page/rows; this was causing huge
loading time for big redis DB's hence the timeout
Change-Id: I1409c48b520d8d860cd8c11aea1a543286aa0334
* conference. subdomain was missing
* mod_sipwise_vhosts_sql module is now taking care of [de]activation
of the subdomains
* send quit command when leaving the console to avoid error in log
> Oct 19 19:22:43 sp1 (debug) prosody[25167]: socket: connection failed in read event: closed
Change-Id: If1d80652efba0a587f29ecc692282c8db067e450
* Remove bootstrap methods from forms and other code
* Delete SipwiseProfile and SipwiseRedirect modules
Change-Id: Iabf6c2730aae27af67830a9470ab176392c1ba50
* Only allow unique values for allowed_clis in
both Admin Panel and API PUT
* In case of PATCH, check only if new clis are
unique, since customers may have systems where
allowed_clis are duplicated already
* Fix tests
Change-Id: I7253271081e7ecc0eae9690a3545ddb5324edac7
* Remove old XMLRPC redirection logic
* Implement Hawk header generation for SRAPS authorization
* Implement bootstraping provisioning profile on SRAPS,
then add the device into said profile
* Implement deletion of device
* Add 'Profile' and 'Product family' fields in SNOM device
models
Change-Id: I44ecf5199a7c04c6b0cb2e969aaa7f75578d874c
* The new endpoint will only accept POSTs
* The request body should have two parameters
called 'new_password' and 'token'
* First, look for the token in redis (for admins),
if not found, look for it in DB (for subscribers),
if neither is found, return
Change-Id: I4163a0d5bd886961317b21aeca20c8ccfdeab0dd
* It will be used in case of devices that
don't need to contact any redirect server
for provisioning
Change-Id: I423993f52b72680d243394e8ca69bd7abdf5022b
* whenever webpassword was not PATCHed, the
request would fail because the resource would
have the encrypted webpassword from the DB
and form valdiation would complai it's too long
* the approach now is to remove the webpassword
from resource before form validation if the
resource has the same webpassword as the DB
(i.e. webpassword wasn't (PATCHed) and then
reassign it to the resource after form validation
Change-Id: I86fab0f4bf789bd3518a74d49daf1a0402f20125
On 8/21/20 7:17 AM, Zhang Jason wrote:
> For the RPS, we switched to new EDS domain:
> https://api.eds.al-enterprise.com
>
> And for the previous domain name,
> to keep compatibility, it’s still usable;
We need to switch to new URL as old one works in
backward compatibility mode only.
Change-Id: I9c0db38a9422f32c79940fb79581d47c75e8fce5
unfortunately, preference types were changed over time,
eg. some boolean prefs were turned into enum prefs.
this requires an api client to adopt accordinngly. if
this is not an option, this change allows to add simple
workarounds in the rest-api directly, by registration
of transformation functions for specific preferences.
Change-Id: I215f0e19cd861c67c51e42fd1ab6560e56132041
* The new endpoint will only accept POSTs
* The request body should have two parameters
called 'type', 'username' and 'domain'
* 'type' will accept either 'administrator',
in which case only 'username' is needed,
or 'subscriber', in which case 'username'
and 'domain' will be needed
* The regular password reset email will be sent
to either the admin or the subscriber
Change-Id: If1457c8c625a95295e5e93b6637927e3905698d9
* Add check for existence of webpassword on subscriber
log in to prevent the code from trying to use the
undefined password
* Subscribers with no webpassword cannot log in the old CSC
Change-Id: I7b82c014fa5f70fa36ee7282db94a747e54ce2ae
* new c.users.role 'lintercept', that set to when an admin user has
enabled 'lawful_intercept' flag
* only Administrator page /api/admins and /api/interceptions are available for
the role
* 'lintercept' role can only see own user and only change password
and email
Change-Id: Iadcb022a124afbd77b224e734026f380af0170e8
* As click2dial2 was implemented for pro versions,
the version of click2dial is now in ngcp_panel.conf
and it will be taken from there
Change-Id: Iee1d6eea2cae3a80616272bd3fd5bce9b35fc496
* Introduce endopint '/resetpassword' for asking for
password reset using admin username
* Create form for introducing username
* Create url with unique token pointing to '/recoverpassword'
where admin user can introduce new password and email
said url to admin's email address
* Create form for setting new password
* Store username and unique token in Redis expiring
in 5 minutes to store password reset attempt
and identify it when user accesses url in email
* Limit admin access to be able to only change own password
due to new password reset possibility as requested in
TT#76110
Change-Id: Ie3acb961444398afa5b2fdc85e3ca8ceccf9244a
- persist prov tmeplates in the database: create, update
and permanently remove them again.
- prov templates from config.yml are still supported,
but cannot be edited though. the templates from
config.yml are merged with those from the db.
- each reseller can have their own prov templates,
while the prov templates from config.yml are visible
to all.
- YAML syntax highlighting and parse check when saving.
Scripting language (perl/javascript) is currently parsed
when executing a provisioning templates only. It is
possible to further extend the parsing checks.
- the prov template "name" + reseller is the unique
identifier. relevant also for the command line tool.
Change-Id: I58d7c54fa82fe512b263b3219bfc84d7e49c56a8
* Change the way webpassword is handled accross
NGCP Panel UI/API to comply with new password
encryption
* At login, if password is not encrypted with
high cost due to the ngcp-bcrypt-webpassword
script, encrypt it with proper cost
* Accept old password format as well until all
webpasswords are encrypted
Change-Id: Iefa9584a62ab4b7d2a224d10bdd415e9cbb8dfb5
* /admin_login_jwt now returns a JWT token for admin
users and also the JWT token is supported in the
authorization process for the admin requests
Change-Id: I987640d46bd8a339a959a6b2efb65b6dce06bf8c
OWNER_VAT_SETTINGS = 1: apply the callist "owner's" VAT settings
(VAT rate and Add VAT Y/N) for each CDR displayed.
OWNER_VAT_SETTINGS = 0: apply the CDR's source/destination
account's VAT settings for each CDR individually.
Change-Id: I08cc88afeb0a0c7cc5592b9542dc9da25bb86286
* Deleting or diasbling a peering server was leaving
the peer_probe value in kamailio htable which was
falsely identifying peering server as up when it
was actually down
* Sending htable.delete peer_probe whenever deleting,
disabling or disabling 'probe' for a peering server
fixes the issue
Change-Id: Ie54fd4bd00391a0cc02544d8d7b55108240c74e8
acquire the billing.contract row lock *before* any
unordered billing.voip_numbers rowlocks by
sub manage_subscriber_numbers().
- "deadlock" waittimeout errors will cease when
creating subscribers concurrently via api
- max_subscribers, is_pilot and other per-contract
constraints will be respected accurately
Change-Id: I73bb7525b327bbb09217b790be9c14cc65ddebcc
* Obfuscate nubmers from the same customer which have
CLIR enabled if calllist_clir_scope is set to 'all'
Change-Id: I1953cb760fec5b4921adb2b3c25b7a2a2d2605a7
* A new endpoint is now available that will
return subscriber's preferences and also
the preferences that the subscriber inherits
from its domain
Change-Id: Iaa29fbe57d520f79ac7051dc8fd151d26df41384
- prevent unneccesary redis "scan"s
- avoid filter/scan (iterating all registrations) by properly
un-aliasing filednames
- ignore any registration of subs that no longer exists
- apply the fixes for ->search(), but also ->find()
Change-Id: I32c89482fc06e76b0369034cd8f3eda24ebbe1bf
* Implement checking/creation of server, profile
and prepare request for device creation on ALE
RPS
* Prepare request for device deletion on ALE RPS
* Changes in Panel to support provisioning via
the ALE RPS
Change-Id: I24b62c03b64c56fcbcabea71428d0b70b46706e6
This program allows to run a 'provisioning template' defined
in config.yml. This will produce a subscriber setup including
required billing contact, contract, preferences, etc. from an
input form defined by that template. The form fields can be
passed as command line options.
Change-Id: I9e155c5ad192937b859f0df97e206c1192e88770
* Change condition that was defaulting to
one banned user in case of looking by
a non-existent id; it now returns empty
array which is causing the correct
'entity not found' error
Change-Id: Id3191ae78e7804fb62420bf15b292207c087234d
* Add the new fields to the Billing fees form
* Add the new fields to the csv order for
download and upload to work
* Change tests to include the new fees fields
Change-Id: If45bfe4f39ccd0283c72071489f5930eab2c37e9
* Change DB fetch to get reseller based on
subscriber's customer rather than domain
* Added check for existence of field before
filtering by it. This was actually causing
non-superusers to not see registrations
Change-Id: I7bd39dfcd24a2bc8793a49ba58ab4b2f49f4c821
Let's encapsulate the knowledge about ngcp-collective-check into the
same perl module, instead of leaking the implementation details in
multiple places.
Change-Id: I3efe0b9704f9c149dae50bf4d323853b819127c8
* Create new 'Select' field type that includes
'translate' attribute which shows is a field
should be translated
* Change fields that should not be translated
to the new field type
Change-Id: I723e82e609a7b4fc879e4fe708227c012cba1923
* Retrieve statistics details from
ngcp-collective-check
* Restore statistics widget to display
either "All services running", "Errors"
or "Warnings" according to collective-
check result
* Create pop-up modal to display ngcp-
collective-check results
Change-Id: I094a51ad1905d2bf968775dd43480c94a7a440b8
* ccareadmin and ccare roles have full access to
Customers, Subscribers and their preferences/settings,
and read-only access to BillingProfiles,InvoceTemplates,
EmailTemplates
* ccare role is restricted to the related reseller
Change-Id: I6cf7d3adf912f0fa98d1ef5c02abea2f4331ec4b
Alexander Lutay
Rene Krenn
Flaviu Mates
Kirill Solomko
Marco Capetta
Victor Seva
Guillem Jover
Andreas Granig