ngcp-panel

Commit Graph

Author	SHA1	Message	Date
Kirill Solomko	d9f283cbc8	MT#59449 enhance password validation and handling * passwords are now validated based on - minlen - maxlen - min lower case chars - min uppper case chars - min digits - min special chars * Data::Password::zxcvbn is used to calculate password score and reject passwords with score < 3 as weak (this library is ported from the Dropbox password validation) * Add password journals and check last used passwords in the journals * Improve password generator javascript function to generate a password with at least 4 of each of the char group types. * Currently affected are subcriber and admin entry creation or modification via UI/API * NGCP::Utils::Auth add optional bcrypt_cost support as last argument for generate_salted_hash and get_usr_salted_pass Change-Id: I100c25107d91741d5101bc58d29a3fa558b0b017	9 months ago
Kirill Solomko	205b27a267	MT#59478 API better transaction and error handling * Role/Entities: POST/PUT/PATCH/DELETE methods changes: - support deadlock detection and transaction retry (2 retry attempts at the moment) - improve transaction control, use local $guard instead of saving the ref to $c->stash, as in that case it went out of scope too late and also reported an error message into the log about abnormal $guard out of scope interruption - move all non transaction related code outside of the scope - add error handling when methods such as update_item, and a like do not return the expected data, instead of simply going out of scope and resulting in an uncontrolled reply Role/API: - rework transaction control: + get_transaction_control() is renamed to start_transaction() to better reflect what it does + complete_transaction() is renamed to commit_transaction() + remove unused %params arg + pass $guard into commit_transaction() instead of having it stored as $c->stash->{transaction_guard) that caused the $guard ref to be destroyed much late than expected (there was also a typo as transaction_quard, which is not relevant anymore with the changes + add check_deadlock() that is invoked when an exception is caught or an $c->errors contain an error, and if the error message represents a transaction error, the transaction block is re-invoked via "goto TX_START" - rework error(): + it now accepts args as following: ($self, $c, $code, $message, @errors) # code -> returned as HTTP code in the reply # message -> returned as HTTP message in the reply # errors -> contain errors for internal logging, last element often contains a DBIx exception + populates all @errors into $c->error so they are available on demend in the code via $c->error or $c->last_error + $c->log->error is not invoked now as the errors become printed in log_response() - log_response() now prints collected errors from $c->error correctly as a separate log line, that is alike to the other api logs so that those can be looked up by the request's tx_id, also all errors are now printed only into api.log * Adjust all $self->error() calls in catch($e) to include $e as the last argument, as well as the duplicate $c->log->error is removed from those ocassions * Remove all $c->log->error() calls as they are replaced with either $self->error() (that logs it correctly into api.log) or $c->error('err') that also adds it correctly into api.log * API::CallForwards: rework to use Entities/EntitiesItem * API::Contracts: rework POST to use Entities * API::PeeringGroups: rework POST to use Entities * API::SubscriberRegistrations: rework POST to use Entities * API::RewriteRuleSets: improve create_item() functionality * Utils/Message: add 'api_retry' log type * $c->session->{api_request_tx_id} is changed to $c->stash->{api_request_tx_id} because sometimes the session ref is different and a different tx_id becomes used Change-Id: I633ce7a8047b1bf00a2f6889003088edf0825dcd	1 year ago
Oleksandr Duts	03271187c7	TT#157400 API/UI admins fix authorization for "system" role * Users with "system" role can change all items accross the system including the password changing for other users. * Login "system" has persistant "system" role. * "system" login name is restricted for the user input. Change-Id: Ibaecba35a86f71fa8895ce9d9feab8e768b65d14	3 years ago
Kirill Solomko	f4154b1dbc	TT#154500 tighten /api/admins roles * An attempt to change own role, login, flags (except for can_reset_password) now returns 403 Forbidden, User cannot modify own permissions * POST checks if the admin has necessarry permissions to create another admin * PUT/PATCH changing own role is now forbidden * PUT/PATCH changing other's admin role now checks permissions * DELETE checks role permissions Change-Id: I990609985ae9cab6213cf47f5f5c8afba2efdda3	3 years ago
Kirill Solomko	e95ed81ca7	TT#154500 improve admin users behaviour * admin users with is_master = 0, cannot see other admin users (this includes system users) and brings the is_master flag to the common behaviour * ccareadmin, ccare users can now access te UI Admins page as well as /api/admins but they are limited to see/manage only themselves * admin users cannot see system users (UI/API) * reseller users cannot see system/admin users (UI/API) * admin users cannot modify their own role and flags except for: email, password, can_reset_password (UI/API) * UI edit form now does not render fields that are not meant to be modified by a user (exception: "login") Change-Id: I82e1946437fd2ec4651abd24074470c695a40582	3 years ago
Oleksandr Duts	9855b6ab45	TT#149461 Enhance /api/admins to accept the role data property - Optional "role" parameter is added for POST PUT PATCH. If "role" is provided then the passed flags are ignored and are applied internally by the server according to the provided role. If "role" is not provided then the former flags based approach is applied. Change-Id: Ib6e591ff6dc50122e0ec49a348153ca820fc2e03	3 years ago
Oleksandr Duts	e58cb2cc39	TT#149456 Admins introduce role_id flag - role_id is taken from billing.acl_roles and written into the billing.admins table when a new admin user is created/updated via UI/API. This is the first step towards the role based admin user handling. Change-Id: I0804379cbbcab174cebbb292397a39cb3ea01a31	3 years ago
Oleksandr Duts	8017805589	TT#124802 GET /api/admins/:id/journal - fixing * Admins with is_system and is_superuser are able to see the items for all roles. * Admin is able to see own journal. Change-Id: I3e5d459b08ff7ef218220f1ae11974351121c489	4 years ago
Kirill Solomko	992c9f1e48	TT#129162 Admins fix password field transformation * password field is virtual and needs to be transformed into saltedpass, restored the removed logic that does that in process_form_resource() Change-Id: I8baabbef2bdb46db850e12b6e0c638ca5c3deddf	4 years ago
Kirill Solomko	cc10506b2e	TT#129162 fix subscriber webpassword field validation * 'webpassword' field is now also validated for invalid (non-ascii) characters * Fix multiple APP input field validation erros to comma joined. * Adjust 'webpassword' field validation errors to have better readability when there are multiple validation errors Change-Id: I21536f97a4da78cc5192a3abd8cd5adef1b819ec	4 years ago
Flaviu Mates	b79d68e865	TT#104760 Fix non-master admin privileges managing in API * Forbid non-master admin to change own is_master, read_only, and is_acitve flags; we have this logic in old UI already in place Change-Id: I81ab266d942e32dfb560ba488e9fd471ebc923f4	4 years ago
Flaviu Mates	1b1199e28f	TT#92002 - Add reseller_id to admins with role 'reseller' * The reseller_id will be present only for own admin Change-Id: I545a4e1d076a442f996b68b7d0f99167a5cbf6e9	5 years ago
Flaviu Mates	5f20ca592d	TT#91506 - Return administrator's 'role' in /api/admins Change-Id: I1a3dce853bb9d79e70352b08967fb59d0032316c	5 years ago
Flaviu Mates	a370111540	TT#76111 - Change Lawful Intercept admins managing * LI admins wil only be visible to the is_system administrator. * It's not possible for an andmin to be both ccare and LI at the same time * LI admins can only read/modify themselves * Non-system admins cannot create/read/modify LI admins Change-Id: I7b2189a87a5433d270380393d8e5ffec0283d9e5	5 years ago
Kirill Solomko	7862a87639	TT#76111 add lintercept role * new c.users.role 'lintercept', that set to when an admin user has enabled 'lawful_intercept' flag * only Administrator page /api/admins and /api/interceptions are available for the role * 'lintercept' role can only see own user and only change password and email Change-Id: Iadcb022a124afbd77b224e734026f380af0170e8	5 years ago
Flaviu Mates	35518554ec	Revert "TT#76111 - Hide LI Admins from NGCP Panel" This reverts commit `ec674132df`. Reason for revert: Feature was partially backported and lawful intercept admins were deleted from databse. Feature needs redesign. Change-Id: I500e66f3bd3b4a0c29fa05e1113568d3776eacf9	5 years ago
Flaviu Mates	ec674132df	TT#76111 - Hide LI Admins from NGCP Panel * LI Admins are no longer visible in NGCP Panel; they will be managed via config.yml; creation, deletion, email update ar all handled when adding/removing/updating a LI admin in config.yml * LI Admins can only change their password and email via Panel UI and API Change-Id: Idec849e52962b2d5c4cb2a4365cf8c90414c0431	5 years ago
Flaviu Mates	c8ae369e88	TT#76109 - Fix duplicate administrator email check Change-Id: I46d4dde50c0eb4a4bca9eca3ed0d8e4ff3dd2967	5 years ago
Flaviu Mates	9907936d47	TT#76108 - Implement password reset mechanism for admins * Introduce endopint '/resetpassword' for asking for password reset using admin username * Create form for introducing username * Create url with unique token pointing to '/recoverpassword' where admin user can introduce new password and email said url to admin's email address * Create form for setting new password * Store username and unique token in Redis expiring in 5 minutes to store password reset attempt and identify it when user accesses url in email * Limit admin access to be able to only change own password due to new password reset possibility as requested in TT#76110 Change-Id: Ie3acb961444398afa5b2fdc85e3ca8ceccf9244a	5 years ago
Flaviu Mates	e170193cc9	TT#81184 - Add PATCH/PUT endpoints for '/api/admins' * there is a catch when changing the admin password; first of all, according to TT#76110 only own admin users can change the password via PUT/PATCH; secondly, inside the code, for PATCH to work we need a dummy 'password' key on the old resource which has been set to the saltedpass; when updating the admin, if the password is still equal to saltedpass, no change is made to the password Change-Id: I423ebe13988c58b527db65d666f09b73a483422d	5 years ago
Andreas Granig	8f8e1d5fc9	TT#78557 - Use bcrypt to hash webpassword * Change the way webpassword is handled accross NGCP Panel UI/API to comply with new password encryption * At login, if password is not encrypted with high cost due to the ngcp-bcrypt-webpassword script, encrypt it with proper cost * Accept old password format as well until all webpasswords are encrypted Change-Id: Iefa9584a62ab4b7d2a224d10bdd415e9cbb8dfb5	5 years ago
Kirill Solomko	ce664263b2	TT#65101 add ccareadmin ccare roles * ccareadmin and ccare roles have full access to Customers, Subscribers and their preferences/settings, and read-only access to BillingProfiles,InvoceTemplates, EmailTemplates * ccare role is restricted to the related reseller Change-Id: I6cf7d3adf912f0fa98d1ef5c02abea2f4331ec4b	6 years ago
Irina Peshinskaya	b96431b909	TT#37951 Fix regression made in /api/admins Now it accepts both true/false and 0/1 Change-Id: Ifb96c896745483038b4c6a2fa0f9f4b4929e0484	7 years ago
Rene Krenn	b35b0e1cbc	TT#35662 move product_id to billing.contracts Change-Id: I5381b36e226b1c0c2032fa40c3a082b85485e4ac	7 years ago
Irina Peshinskaya	17d36cc339	TT#35429 Fix using boolean json strings in /api/admins Change-Id: If60ef0e75042c23771294315bd62513ee6d7678d	7 years ago
Irina Peshinskaya	1d9907ad45	TT#35429 Allow both 0/1 an true/false as boolean input in /api/admins Change-Id: I4c9805ebce17586674f52a9fe97f280fb9991612	7 years ago
Irina Peshinskaya	84c1bacc40	TT#28462 Rewrite admins API to Entities Change-Id: I3bf47038bfb48c09f95030eed5d83550e392ff0c	7 years ago
Gerhard Jungwirth	24de4232e6	TT#30507 remove DataHal workaround layer (NGCP::Panel was loaded every time this was used) Change-Id: I62861e0756aaaf548c9be42b4842e9a06127119c	7 years ago
Irina Peshinskaya	d7c6689b93	TT#22496 TT#22495 Disable "sipwise" admin edit and delete Change-Id: I33341247220c389f997ca02104ccfa6028e76ebb	8 years ago
Andreas Granig	0d3bf6b1ce	TT#22827 Implement form factory This patch reuses existing forms by clearing them, rather than re-instantiating them again and again. Also, panel start time should be better due to less package pre-loading. Change-Id: Ia3e64fd4b4084bb5ec35a669c5840c9fc3c58f2e	8 years ago
Andreas Granig	a52558b411	TT#22422 Implement capabilities endpoint Used to fetch whether pbx, faxserver, rtcengine etc is enabled. * Fix rtcengine reseller creation: - Refuse to create reseller if rtcengine part fails - Use proper auto-generated rtcengine values (pass, domain) to not fail on reseller names which are not forming valid hostnames. * Implement /api/admins/id to support testing - add test - fix creating admins with overly long login - fix various ACL bugs handling /api/admins/ - fix creating /api/admincerts/ as r/o user * Fix test framework - use proper client cert when switching API user Change-Id: I602fdd8181c0b3f23e76e3eab0df90a1ff9e986f (cherry picked from commit 0d376bd8b59db65296090d26f2c84d704129beef)	8 years ago
Andreas Granig	8ad683d5ae	TT#12601 Move admin pass to bcrypt and drop cert For the migration of the admin pwd, the logic is as follows: 1. If the admin has a bcrypt password already, use this 2. If not, perform auth via md5, then clear the md5 column and write a salted bcrypt hash instead. For dropping the ssl client cert, we simply not store anymore the client certificate in the DB. As a result, you cannot download the certs (pem, p12) after creation anymore, so we immediately download the two certs in a zip file after creation. A cost of 13 takes 500ms on an i7-5500U CPU @ 2.40GHz, which seems to be a reasonable value. Change-Id: I1ce21321c58d8c57d7ddce1541995f64821b0053	8 years ago
Irina Peshinskaya	2073b9e760	TT#9309 Introduce local version of the Data::HAL::Link Change-Id: Ifdf95cef32f0d118330c20316ed447e00c6dae3c	8 years ago
Irina Peshinskaya	41f32401a7	TT#9309 Introduce local version of the Data::HAL with default forcearray Change-Id: Ie33396a75fc6d27fd28fe8f7717caba0a476c776	8 years ago
Gerhard Jungwirth	b34a7df2e1	MT#21193 use Sipwise::Base in api modules which implies, among others, strict and warnings. these should never be omitted and are one of the most frequent complaints of perlcritic currently. as a result TryCatch can be removed (imported by Sipwise::Base). also, "no Moose" is removed (has no effect). Change-Id: I901b6a9f0f6d426f62b73e68f2c5ad6365c1eeef	9 years ago
Guillem Jover	0632585eba	MT#18443 Use parent instead of base module Switch from the discouraged base module to the light-weight parent module. Also remove some surrounding BEGIN blocks from 'use parent' which are completely unnecessary. Change-Id: I3a669e8024f098819be45030ca9d1afa8756105c	9 years ago
Gerhard Jungwirth	bb03c1ff46	MT#17173 fix item filtering in API item_rs from API.pm was not executed before Change-Id: I803f5680d174820db9497d4f7cc1902bfa54a9ab	9 years ago
Irina Peshinskaya	0272c297b8	MT#17173 Remove Moose Roles from API Conflicts: lib/NGCP/Panel/Controller/API/MetaConfigDefs.pm lib/NGCP/Panel/Controller/API/Root.pm Change-Id: I25597baebbec6e2436b15776da17bd6d1bfef838	9 years ago
Andreas Granig	e0f80027b1	MT#17641 Add admins resource to api Currently I only need to fetch a collection and create a new item within the collection, no need for update/delete an existing one. Thus, no AdminsItem.pm yet. Since we're exposing field names now, rename md5pass to password. Change-Id: I571a340f89560bc456147b0ec27d3ae737e6dbc3	9 years ago

39 Commits (d9f283cbc865b453c643d9a3c26333db03a061aa)