public/flexisip-account-manager
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

1.6.5

Browse source
This commit is contained in:
Ho Sy Tan 2025-06-16 15:17:38 +07:00
commit bcaf21c5a6
473 changed files with 46106 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

18
.gitignore vendored Normal file
View file

@ -0,0 +1,18 @@
flexisip-account-manager/
rpmbuild/
.env.*
flexiapi/node_modules
flexiapi/public/hot
flexiapi/public/storage
flexiapi/public/css/*.style.css
flexiapi/storage/*.key
flexiapi/vendor
flexiapi/.env
flexiapi/.env.backup
flexiapi/.phpunit.result.cache
flexiapi/Homestead.json
flexiapi/Homestead.yaml
flexiapi/npm-debug.log
flexiapi/yarn-error.log

61
.gitlab-ci-files/deploy.yml Normal file
View file

@ -0,0 +1,61 @@
rocky8-deploy:
extends: .deploy
script:
- ./deploy_packages.sh rockylinux
needs:
- rocky8-package
- rocky8-test
rocky9-deploy:
extends: .deploy
script:
- ./deploy_packages.sh rockylinux
needs:
- rocky9-package
- rocky9-test
#debian11-deploy:
# extends: .deploy
# script:
# - ./deploy_packages.sh debian bullseye
# needs:
# - debian11-package
# - debian11-test
debian12-deploy:
extends: .deploy
script:
- ./deploy_packages.sh debian bookworm
needs:
- debian12-package
- debian12-test
remi-rocky8-deploy:
extends: .deploy
script:
- ./deploy_packages.sh rockylinux
needs:
- remi-rocky8-package
- remi-rocky8-test
.deploy:
stage: deploy
tags: ["docker"]
only:
- master
- /^release/.*$/
before_script:
- rm -f $CI_PROJECT_DIR/build/*devel*.rpm # Remove devel packages
- cd $CI_PROJECT_DIR/build/ && for file in *; do mv "$file" $(echo "$file" | sed -e 's/[^A-Za-z0-9._+-]//g'); done || true && cd .. # Rename non standard packages
- eval $(ssh-agent -s)
- echo "$DEPLOY_USER_KEY" | tr -d '\r' | ssh-add - > /dev/null
- mkdir -p ~/.ssh && chmod 700 ~/.ssh
- echo "$DEPLOY_SERVER_HOST_KEY" >> ~/.ssh/known_hosts
- |
curl -o deploy_packages.sh --header "PRIVATE-TOKEN: ${TOOLS_REPOSITORY_TOKEN}" https://gitlab.linphone.org/api/v4/projects/368/repository/files/deploy_packages.sh/raw
- chmod +x deploy_packages.sh
after_script:
- rm -rf ~/.ssh || true
- rm -rf deploy_packages.sh || true

75
.gitlab-ci-files/package.yml Normal file
View file

@ -0,0 +1,75 @@
rocky8-package:
extends: .package
image: gitlab.linphone.org:4567/bc/public/docker/rocky8-php:$ROCKY_8_IMAGE_VERSION
script:
# We install this dependency only for the pipeline
- dnf -y install https://rpms.remirepo.net/enterprise/remi-release-8.rpm
- dnf -y module reset php
- dnf -y module enable php:remi-8.0
- dnf -y update php\*
- dnf -y install php-sodium
- make rpm-el8
rocky9-package:
extends: .package
image: gitlab.linphone.org:4567/bc/public/docker/rocky9-php:$ROCKY_9_IMAGE_VERSION
script:
- make rpm-el9
#debian11-package:
# extends: .debian_package
# image: gitlab.linphone.org:4567/bc/public/docker/debian11-php:$DEBIAN_11_IMAGE_VERSION
debian12-package:
extends: .debian_package
image: gitlab.linphone.org:4567/bc/public/docker/debian12-php:$DEBIAN_12_IMAGE_VERSION
.debian_package:
extends: .package
script:
- make deb
remi-rocky8-package:
image: gitlab.linphone.org:4567/bc/public/docker/rocky8-php:$ROCKY_8_IMAGE_VERSION
extends: .package
script:
- mkdir -p $CI_PROJECT_DIR/build
- dnf -y install https://rpms.remirepo.net/enterprise/remi-release-8.rpm
- yum -y install wget php-devel gcc liblzf php-pear lz4-devel liblzf-devel libzstd-devel php-pecl-apcu-devel
# igbinary
- wget https://rpms.remirepo.net/SRPMS/$PHP_IGBINARY_REMI_VERSION.remi.src.rpm
- rpmbuild --rebuild $PHP_IGBINARY_REMI_VERSION.remi.src.rpm
- rm /root/rpmbuild/RPMS/*/*debug*.rpm
- mv /root/rpmbuild/RPMS/*/*devel*.rpm $CI_PROJECT_DIR/build/$PHP_IGBINARY_REMI_VERSION-devel.el8.x86_64.rpm || true # Rename to fit our naming format
- mv /root/rpmbuild/RPMS/*/*.rpm $CI_PROJECT_DIR/build/$PHP_IGBINARY_REMI_VERSION.el8.x86_64.rpm # Rename to fit our naming format
# msgpack
- wget https://rpms.remirepo.net/SRPMS/$PHP_MSGPACK_REMI_VERSION.remi.src.rpm
- rpmbuild --rebuild $PHP_MSGPACK_REMI_VERSION.remi.src.rpm
- rm /root/rpmbuild/RPMS/*/*debug*.rpm
- mv /root/rpmbuild/RPMS/*/*devel*.rpm $CI_PROJECT_DIR/build/$PHP_MSGPACK_REMI_VERSION-devel.el8.x86_64.rpm || true
- mv /root/rpmbuild/RPMS/*/*.rpm $CI_PROJECT_DIR/build/$PHP_MSGPACK_REMI_VERSION.el8.x86_64.rpm
# install and cleanup the dependencies
- yum -y localinstall build/*.rpm
- rm build/*.rpm
# phpredis
- wget https://rpms.remirepo.net/SRPMS/$PHP_REDIS_REMI_VERSION.remi.src.rpm
- rpmbuild --rebuild $PHP_REDIS_REMI_VERSION.remi.src.rpm
- rm /root/rpmbuild/RPMS/*/*debug*.rpm
- mv /root/rpmbuild/RPMS/*/*devel*.rpm $CI_PROJECT_DIR/build/$PHP_REDIS_REMI_VERSION-devel.el8.x86_64.rpm || true
- mv /root/rpmbuild/RPMS/*/*.rpm $CI_PROJECT_DIR/build/$PHP_REDIS_REMI_VERSION.el8.x86_64.rpm
- rm -r /root/rpmbuild # Cleanup
.package:
tags: ["docker"]
stage: package
artifacts:
paths:
- build/*
when: always
expire_in: 1 day
cache:
key: ${CI_COMMIT_REF_SLUG}
paths:
- flexiapi/vendor/

87
.gitlab-ci-files/test.yml Normal file
View file

@ -0,0 +1,87 @@
rocky8-test:
extends: .rocky-test
image: gitlab.linphone.org:4567/bc/public/docker/rocky8-php:$ROCKY_8_IMAGE_VERSION
needs:
- rocky8-package
rocky9-test:
extends: .rocky-test
image: gitlab.linphone.org:4567/bc/public/docker/rocky9-php:$ROCKY_9_IMAGE_VERSION
needs:
- rocky9-package
.rocky-test:
extends: .test
script:
- yum -y localinstall build/*.rpm
- cd /opt/belledonne-communications/share/flexisip-account-manager/flexiapi
- composer install --ignore-platform-req=ext-sodium # Rocky 8 use the external library
- vendor/bin/phpcs
- vendor/bin/phpmd . ansi phpmd.xml
- php artisan key:generate
- vendor/bin/phpunit --log-junit $CI_PROJECT_DIR/flexiapi_phpunit.log
#debian11-test:
# extends: .debian-test
# image: gitlab.linphone.org:4567/bc/public/docker/debian11-php:$DEBIAN_11_IMAGE_VERSION
# needs:
# - debian11-package
debian12-test:
extends: .debian-test
image: gitlab.linphone.org:4567/bc/public/docker/debian12-php:$DEBIAN_12_IMAGE_VERSION
needs:
- debian12-package
.debian-test:
extends: .test
script:
- apt update
- apt install -y ./build/*.deb
- cd /opt/belledonne-communications/share/flexisip-account-manager/flexiapi
- composer install --dev
- vendor/bin/phpcs
- vendor/bin/phpmd . ansi phpmd.xml
- php artisan key:generate
- vendor/bin/phpunit --log-junit $CI_PROJECT_DIR/flexiapi_phpunit.log
remi-rocky8-test:
extends: .test
image: gitlab.linphone.org:4567/bc/public/docker/rocky8-php:$ROCKY_8_IMAGE_VERSION
needs:
- remi-rocky8-package
script:
- yum -y localinstall build/*.rpm
mysql-latest-test:
extends: .test
image: gitlab.linphone.org:4567/bc/public/docker/debian12-php:$DEBIAN_12_IMAGE_VERSION
needs:
- debian12-package
services:
- mysql
variables:
MYSQL_ROOT_PASSWORD: flexiapi
MYSQL_DATABASE: flexiapi
DB_HOST: mysql
DB_DATABASE: flexiapi
DB_PASSWORD: flexiapi
DB_USERNAME: root
script:
- apt update
- apt install -y ./build/*.deb
- cd /opt/belledonne-communications/share/flexisip-account-manager/flexiapi
- composer install --dev
- php artisan db:show
- php artisan migrate
- php artisan migrate:rollback
.test:
tags: ["docker"]
stage: test
artifacts:
paths:
- $CI_PROJECT_DIR/flexiapi_phpunit.log
- flexiapi/storage/logs/
when: always
expire_in: 1 day

18
.gitlab-ci.yml Normal file
View file

@ -0,0 +1,18 @@
variables:
ROCKY_8_IMAGE_VERSION: 20241112_111033_update_package_and_dependencies
ROCKY_9_IMAGE_VERSION: 20241112_115442_add_php_sodium
# DEBIAN_11_IMAGE_VERSION: 20241204_161845_update_download_linphone_org
DEBIAN_12_IMAGE_VERSION: 20241204_162237_update_download_linphone_org
PHP_REDIS_REMI_VERSION: php-pecl-redis5-5.3.6-1
PHP_IGBINARY_REMI_VERSION: php-pecl-igbinary-3.2.14-1
PHP_MSGPACK_REMI_VERSION: php-pecl-msgpack-2.2.0-1
include:
- '.gitlab-ci-files/package.yml'
- '.gitlab-ci-files/test.yml'
- '.gitlab-ci-files/deploy.yml'
stages:
- package
- test
- deploy

168
CHANGELOG.md Normal file
View file

@ -0,0 +1,168 @@
# Flexisip Account Manager Changelog
v1.6
----
- Fix FLEXIAPI-192 Add DotEnv configuration to allow the expiration of tokens and codes in the app
- Fix FLEXIAPI-196 Add a phone validation system by country code with configuration panels and related tests and documentation
- Fix FLEXIAPI-203 Implement domain based Linphone configuration, add documentation, complete API endpoints, complete provisioning XML
- Fix FLEXIAPI-208 Add SMS templates documentation
- Fix FLEXIAPI-211 Add a JSON validation middleware + test
- Fix FLEXIAPI-212 Add CoTURN credentials support in the provisioning
- Fix FLEXIAPI-213 Add TURN credentials support in the API as defined in draft-uberti-behave-turn-rest-00
- Fix FLEXIAPI-216 Implement the RFC 8898 partially... for HTTP
- Fix FLEXIAPI-239 Ensure to return the correct error codes as stated in the RFC6750 section 3.1
- Fix FLEXIAPI-238 Replace Material Icons with Phosphor
- Fix FLEXIAPI-240 Update the Docker images
- Fix GH-15 Add password import from CSV
- Fix FLEXIAPI-242 Add stricter validation for the AccountCreationToken Push Notification endpoint
- Fix FLEXIAPI-252 Update the hCaptcha Laravel library, use file instead of cookies to store the session to prevent empty errors bags
- Fix FLEXIAPI-254 Allow no data on POST requests to not trigger the ValidateJSON middleware
- Fix FLEXIAPI-262 Bypass the JWT auth if we have an API Key
- Fix FLEXIAPI-264 Add -k|api_key_ip parameter to accounts:create-admin-account to set/clear the related API Key restriction
- Fix FLEXIAPI-268 Allow pn-param in Apple format for the push notifications endpoints
- Fix FLEXIAPI-269 Update the IsNotPhoneNumber rule to use a better phone number validator
v1.5
---
- Fix FLEXIAPI-202 Add account parameter to the redirection in the destroy admin route
- Fix FLEXIAPI-195 Fix LiblinphoneTesterAccoutSeeder to fit with the latest Account related changes
- Fix FLEXIAPI-193 Typo
- Fix FLEXIAPI-192 Clear and upgrade properly the account dictionary entries if the entries are already existing
- Fix FLEXIAPI-191 Add quotes for the pn-prid parameter in FlexisipPusherConnector
- Fix FLEXIAPI-186 Ensure that empty objects are serialized in JSON as objects and not empty arrays
- Fix FLEXIAPI-185 Return null if the account dictionary is empty in the API
- Fix FLEXIAPI-184 Append phone_change_code and email_change_code to the admin /accounts/<id> endpoint if they are available
- Fix FLEXIAPI-183 Complete the account hooks on the dictionnary actions
- Fix FLEXIAPI-182 Replace APP_SUPER_ADMINS_SIP_DOMAINS with a proper sip_domains table, API endpoints, UI panels, console command, tests and documentation
- Fix FLEXIAPI-181 Replace APP_ADMINS_MANAGE_MULTI_DOMAINS with APP_SUPER_ADMINS_SIP_DOMAINS
- Fix FLEXIAPI-180 Fix the token and activation flow for the provisioning with token endpoint when the header is missing
- Fix FLEXIAPI-179 Add Localization support as a Middleware that handles Accept-Language HTTP header
- Fix FLEXIAPI-178 Show the unused code in the Activity tab of the accounts in the admin panel
- Fix FLEXIAPI-177 Complete vcards-storage and devices related endpoints with their User/Admin ones
- Fix FLEXIAPI-176 Improve logs for the deprecated endpoints and AccountCreationToken related serialization
- Fix FLEXIAPI-175 and FLEXISIP-231 Rewrite the Redis contacts parser to handle properly SIP uris (thanks @thibault.lemaire !)
- Fix FLEXIAPI-174 Check if the phone is valid before trying to recover it (deprecated endpoint)
- Fix FLEXIAPI-173 Wrong route in validateEmail (deprecated)
- Fix FLEXIAPI-171 Fix README documentation for CreateAdminAccount
- Fix FLEXIAPI-170 Fix undefined variable apiKey in CreateAdminAccount
- Fix FLEXIAPI-168 Add POST /accounts/me/email to confirm the email change
- Fix FLEXIAPI-167 Add the handling of a custom identifier for the JWT tokens on top of the email one
- Fix FLEXIAPI-166 Reimplement the deprecated email validation URL
- Fix FLEXIAPI-165 Remove for now text/vcard header constraint
- Fix FLEXIAPI-164 Add vcards-storage endpoints
- Fix FLEXIAPI-163 Complete AccountService hooks
- Fix FLEXIAPI-162 Drop the aliases table and migrate the data to the phone column
- Fix FLEXIAPI-161 Complete the Dictionary tests to cover the collection accessor
- Fix FLEXIAPI-159 Add the account_creation_tokens/consume endpoint
- Fix FLEXIAPI-158 Restrict the phone number change API endpoint to return 403 if the account doesn't have a validated Account Creation Token
- Fix FLEXIAPI-156 Disable the Phone change web form when PHONE_AUTHENTICATION is disabled
- Fix FLEXIAPI-155 Add a new accountServiceAccountUpdatedHook and accountServiceAccountDeletedHook
- Fix FLEXIAPI-153 Add phone and email to be changed in the Activity panel
- Fix FLEXIAPI-152 API Key usage clarification
- Fix FLEXIAPI-151 Migrate to hCaptcha
- Fix FLEXIAPI-150 Use the same account_id parameter for both API and Web routes
- Fix FLEXIAPI-149 Add a toggle to disable phone check on username for admin endpoints and forms
- Fix FLEXIAPI-148 Reuse AccountService in the POST /api/accounts admin endpoint
- FIX FLEXIAPI-146 Allow users to manage their own devices
- Fix FLEXIAPI-145 Put back the 'code' parameter as an alias for the 'confirmation_key' for the activateEmail and activatePhone endpoints
- Fix FLEXIAPI-144 Introduce APP_FLEXISIP_PUSHER_FIREBASE_KEYSMAP as a replacement for APP_FLEXISIP_PUSHER_FIREBASE_KEY
- Fix FLEXIAPI-143 JWT Authentication layer on the API
- Fix FLEXIAPI-142 PUT /accounts endpoint doesn't allow overiding values anymore
- Fix FLEXIAPI-140 Fix the display_name attribute in the Vcard4 render
- Fix FLEXIAPI-139 Refactor the email and phone API documentation
- Fix FLEXIAPI-138 Add ip and user_agent columns to all the tokens and code tables, fill the values when required and display them in the admin
- Fix FLEXIAPI-136 Refactor the Web Panel toggle mechanism and move it to a proper Middleware
- Fix FLEXIAPI-135 Merge the admins table in the accounts table
- Fix FLEXIAPI-134 Add a system to detect and block abusive accounts
- Fix FLEXIAPI-133 Use the correct breadcrumb on create and fix a password
- Fix FLEXIAPI-132 Refactor the Provisioning to remove proxy_default_values
- Fix #143 Ensure that the ProvisioningToken model behave likes all the other Consommable
- Fix #141 Add a new hook system for the Account Service
- Fix #138 Add a dictionary attached to the accounts
- Fix #137 Migrate the icons from Material Icons to Material Symbols
- Fix #135 Refactor the password algorithms code
- Fix #134 Create an Activity view in the Admin > Accounts panel
- Fix #133 Make the MySQL connection unstrict
- Fix #132 Move the provisioning_tokens and recovery_codes to dedicated table
- Fix #130 Drop the group column in the Accounts table
v1.4.9
------
- Complete the missing changelog
v1.4.8
------
- Fix FLEXIAPI-166 Reimplement the deprecated email validation URL
- Fix FLEXIAPI-140 Select the display_name attribute from the database to inject...
v1.4.7
------
- Fix FLEXIAPI-175 and FLEXISIP-231 Rewrite the Redis contacts parser to handle properly SIP uris (thanks @thibault.lemaire !)
v1.4.6
------
- Fix FLEXIAPI-142 PUT /accounts endpoint doesn't allow overiding values anymore
- Fix typos and dependencies
v1.4.5
------
- Fix FLEXIAPI-132 Refactor the Provisioning to remove proxy_default_values
v1.4.4
------
- Fix FLEXIAPI-136 Refactor the Web Panel toggle mechanism and move it to a proper Middleware
v1.4.3
------
- Fix FLEXIAPI-133 Use the correct breadcrumb on create and fix a password update related issue on update
v1.4.2
------
- Fix #135 Refactor the password algorithms code
v1.4.1
------
- Fix #133 Make the MySQL connection unstrict
v1.4
----
- Redesign and refactoring of the main UI and panel flows
- Complete the statistics and add a specific API to get usage statistics from FlexiAPI
- Removal of XMLRPC
- Add RockyLinux 9 support
- Add Debian 12 to CI
- Fix #122 Add a new console command CreateFirstAdmin
- Fix #121 Only apply throttling to redeemed tokens
- Fix #123 Define a proper documentation for the provisioning flow
- Fix #124 Return 404 when the account is already provisioned or the provisioning_token not valid
- Fix #125 Remove the External Accounts feature
- Fix #19 Set all the ERROR confirmation_key to null in the accounts table
v1.3
----
- Fix #90 Deploy packages from release branches as well
- Fix #58 Fix the packaging process to use git describe as a reference
- Fix #58 Move the generated packages in the build directory, and fix the release and version format in the .spec
- Fix #58 Refactor and cleanup the .gitlab-ci file
- Move the minimum PHP version to 8.0
- Fix #47 Move the docker to an external repository
- Fix #83 Add php-redis-remi package
- Fix #85 Also package php-pecl-igbinary and php-pecl-msgpack from remi
- Fix #84 Remove CentOS7 from the pipeline
- Fix #80 Inject provisioning link and QRCode in the default email with a password_reset parameter
- Fix #79 Add a refresh_password parameter to the provisioning URLs
- Fix #78 Add a APP_ACCOUNTS_EMAIL_UNIQUE environnement setting
- Fix #30 Remove APP_EVERYONE_IS_ADMIN
v1.2
----
- Introduce FlexiAPI built on Laravel to replace XMLRPC
- Deprecates XMLRPC (will be removed in the 2.0 release)
- Create a REST API to manage the accounts, related features and provisioning
- Create a user web panel for their account management, currently in testing phase (unstable)
- Create an admin web panel to manage accounts and related features
- Allow accounts to be exported as ExternalAccounts and imported in another Flexisip Account Manager instance
- Add various artisan console commands to maintain the data (cleaning up, importing, exporting, seeding)
- Add unit tests for the FlexiAIP REST API
- Rebuild the existing database using the Laravel migration scripts

661
COPYING Normal file
View file

@ -0,0 +1,661 @@
GNU AFFERO GENERAL PUBLIC LICENSE
Version 3, 19 November 2007
Copyright (C) 2007 Free Software Foundation, Inc. <http://fsf.org/>
Everyone is permitted to copy and distribute verbatim copies
of this license document, but changing it is not allowed.
Preamble
The GNU Affero General Public License is a free, copyleft license for
software and other kinds of works, specifically designed to ensure
cooperation with the community in the case of network server software.
The licenses for most software and other practical works are designed
to take away your freedom to share and change the works. By contrast,
our General Public Licenses are intended to guarantee your freedom to
share and change all versions of a program--to make sure it remains free
software for all its users.
When we speak of free software, we are referring to freedom, not
price. Our General Public Licenses are designed to make sure that you
have the freedom to distribute copies of free software (and charge for
them if you wish), that you receive source code or can get it if you
want it, that you can change the software or use pieces of it in new
free programs, and that you know you can do these things.
Developers that use our General Public Licenses protect your rights
with two steps: (1) assert copyright on the software, and (2) offer
you this License which gives you legal permission to copy, distribute
and/or modify the software.
A secondary benefit of defending all users' freedom is that
improvements made in alternate versions of the program, if they
receive widespread use, become available for other developers to
incorporate. Many developers of free software are heartened and
encouraged by the resulting cooperation. However, in the case of
software used on network servers, this result may fail to come about.
The GNU General Public License permits making a modified version and
letting the public access it on a server without ever releasing its
source code to the public.
The GNU Affero General Public License is designed specifically to
ensure that, in such cases, the modified source code becomes available
to the community. It requires the operator of a network server to
provide the source code of the modified version running there to the
users of that server. Therefore, public use of a modified version, on
a publicly accessible server, gives the public access to the source
code of the modified version.
An older license, called the Affero General Public License and
published by Affero, was designed to accomplish similar goals. This is
a different license, not a version of the Affero GPL, but Affero has
released a new version of the Affero GPL which permits relicensing under
this license.
The precise terms and conditions for copying, distribution and
modification follow.
TERMS AND CONDITIONS
0. Definitions.
"This License" refers to version 3 of the GNU Affero General Public License.
"Copyright" also means copyright-like laws that apply to other kinds of
works, such as semiconductor masks.
"The Program" refers to any copyrightable work licensed under this
License. Each licensee is addressed as "you". "Licensees" and
"recipients" may be individuals or organizations.
To "modify" a work means to copy from or adapt all or part of the work
in a fashion requiring copyright permission, other than the making of an
exact copy. The resulting work is called a "modified version" of the
earlier work or a work "based on" the earlier work.
A "covered work" means either the unmodified Program or a work based
on the Program.
To "propagate" a work means to do anything with it that, without
permission, would make you directly or secondarily liable for
infringement under applicable copyright law, except executing it on a
computer or modifying a private copy. Propagation includes copying,
distribution (with or without modification), making available to the
public, and in some countries other activities as well.
To "convey" a work means any kind of propagation that enables other
parties to make or receive copies. Mere interaction with a user through
a computer network, with no transfer of a copy, is not conveying.
An interactive user interface displays "Appropriate Legal Notices"
to the extent that it includes a convenient and prominently visible
feature that (1) displays an appropriate copyright notice, and (2)
tells the user that there is no warranty for the work (except to the
extent that warranties are provided), that licensees may convey the
work under this License, and how to view a copy of this License. If
the interface presents a list of user commands or options, such as a
menu, a prominent item in the list meets this criterion.
1. Source Code.
The "source code" for a work means the preferred form of the work
for making modifications to it. "Object code" means any non-source
form of a work.
A "Standard Interface" means an interface that either is an official
standard defined by a recognized standards body, or, in the case of
interfaces specified for a particular programming language, one that
is widely used among developers working in that language.
The "System Libraries" of an executable work include anything, other
than the work as a whole, that (a) is included in the normal form of
packaging a Major Component, but which is not part of that Major
Component, and (b) serves only to enable use of the work with that
Major Component, or to implement a Standard Interface for which an
implementation is available to the public in source code form. A
"Major Component", in this context, means a major essential component
(kernel, window system, and so on) of the specific operating system
(if any) on which the executable work runs, or a compiler used to
produce the work, or an object code interpreter used to run it.
The "Corresponding Source" for a work in object code form means all
the source code needed to generate, install, and (for an executable
work) run the object code and to modify the work, including scripts to
control those activities. However, it does not include the work's
System Libraries, or general-purpose tools or generally available free
programs which are used unmodified in performing those activities but
which are not part of the work. For example, Corresponding Source
includes interface definition files associated with source files for
the work, and the source code for shared libraries and dynamically
linked subprograms that the work is specifically designed to require,
such as by intimate data communication or control flow between those
subprograms and other parts of the work.
The Corresponding Source need not include anything that users
can regenerate automatically from other parts of the Corresponding
Source.
The Corresponding Source for a work in source code form is that
same work.
2. Basic Permissions.
All rights granted under this License are granted for the term of
copyright on the Program, and are irrevocable provided the stated
conditions are met. This License explicitly affirms your unlimited
permission to run the unmodified Program. The output from running a
covered work is covered by this License only if the output, given its
content, constitutes a covered work. This License acknowledges your
rights of fair use or other equivalent, as provided by copyright law.
You may make, run and propagate covered works that you do not
convey, without conditions so long as your license otherwise remains
in force. You may convey covered works to others for the sole purpose
of having them make modifications exclusively for you, or provide you
with facilities for running those works, provided that you comply with
the terms of this License in conveying all material for which you do
not control copyright. Those thus making or running the covered works
for you must do so exclusively on your behalf, under your direction
and control, on terms that prohibit them from making any copies of
your copyrighted material outside their relationship with you.
Conveying under any other circumstances is permitted solely under
the conditions stated below. Sublicensing is not allowed; section 10
makes it unnecessary.
3. Protecting Users' Legal Rights From Anti-Circumvention Law.
No covered work shall be deemed part of an effective technological
measure under any applicable law fulfilling obligations under article
11 of the WIPO copyright treaty adopted on 20 December 1996, or
similar laws prohibiting or restricting circumvention of such
measures.
When you convey a covered work, you waive any legal power to forbid
circumvention of technological measures to the extent such circumvention
is effected by exercising rights under this License with respect to
the covered work, and you disclaim any intention to limit operation or
modification of the work as a means of enforcing, against the work's
users, your or third parties' legal rights to forbid circumvention of
technological measures.
4. Conveying Verbatim Copies.
You may convey verbatim copies of the Program's source code as you
receive it, in any medium, provided that you conspicuously and
appropriately publish on each copy an appropriate copyright notice;
keep intact all notices stating that this License and any
non-permissive terms added in accord with section 7 apply to the code;
keep intact all notices of the absence of any warranty; and give all
recipients a copy of this License along with the Program.
You may charge any price or no price for each copy that you convey,
and you may offer support or warranty protection for a fee.
5. Conveying Modified Source Versions.
You may convey a work based on the Program, or the modifications to
produce it from the Program, in the form of source code under the
terms of section 4, provided that you also meet all of these conditions:
a) The work must carry prominent notices stating that you modified
it, and giving a relevant date.
b) The work must carry prominent notices stating that it is
released under this License and any conditions added under section
7. This requirement modifies the requirement in section 4 to
"keep intact all notices".
c) You must license the entire work, as a whole, under this
License to anyone who comes into possession of a copy. This
License will therefore apply, along with any applicable section 7
additional terms, to the whole of the work, and all its parts,
regardless of how they are packaged. This License gives no
permission to license the work in any other way, but it does not
invalidate such permission if you have separately received it.
d) If the work has interactive user interfaces, each must display
Appropriate Legal Notices; however, if the Program has interactive
interfaces that do not display Appropriate Legal Notices, your
work need not make them do so.
A compilation of a covered work with other separate and independent
works, which are not by their nature extensions of the covered work,
and which are not combined with it such as to form a larger program,
in or on a volume of a storage or distribution medium, is called an
"aggregate" if the compilation and its resulting copyright are not
used to limit the access or legal rights of the compilation's users
beyond what the individual works permit. Inclusion of a covered work
in an aggregate does not cause this License to apply to the other
parts of the aggregate.
6. Conveying Non-Source Forms.
You may convey a covered work in object code form under the terms
of sections 4 and 5, provided that you also convey the
machine-readable Corresponding Source under the terms of this License,
in one of these ways:
a) Convey the object code in, or embodied in, a physical product
(including a physical distribution medium), accompanied by the
Corresponding Source fixed on a durable physical medium
customarily used for software interchange.
b) Convey the object code in, or embodied in, a physical product
(including a physical distribution medium), accompanied by a
written offer, valid for at least three years and valid for as
long as you offer spare parts or customer support for that product
model, to give anyone who possesses the object code either (1) a
copy of the Corresponding Source for all the software in the
product that is covered by this License, on a durable physical
medium customarily used for software interchange, for a price no
more than your reasonable cost of physically performing this
conveying of source, or (2) access to copy the
Corresponding Source from a network server at no charge.
c) Convey individual copies of the object code with a copy of the
written offer to provide the Corresponding Source. This
alternative is allowed only occasionally and noncommercially, and
only if you received the object code with such an offer, in accord
with subsection 6b.
d) Convey the object code by offering access from a designated
place (gratis or for a charge), and offer equivalent access to the
Corresponding Source in the same way through the same place at no
further charge. You need not require recipients to copy the
Corresponding Source along with the object code. If the place to
copy the object code is a network server, the Corresponding Source
may be on a different server (operated by you or a third party)
that supports equivalent copying facilities, provided you maintain
clear directions next to the object code saying where to find the
Corresponding Source. Regardless of what server hosts the
Corresponding Source, you remain obligated to ensure that it is
available for as long as needed to satisfy these requirements.
e) Convey the object code using peer-to-peer transmission, provided
you inform other peers where the object code and Corresponding
Source of the work are being offered to the general public at no
charge under subsection 6d.
A separable portion of the object code, whose source code is excluded
from the Corresponding Source as a System Library, need not be
included in conveying the object code work.
A "User Product" is either (1) a "consumer product", which means any
tangible personal property which is normally used for personal, family,
or household purposes, or (2) anything designed or sold for incorporation
into a dwelling. In determining whether a product is a consumer product,
doubtful cases shall be resolved in favor of coverage. For a particular
product received by a particular user, "normally used" refers to a
typical or common use of that class of product, regardless of the status
of the particular user or of the way in which the particular user
actually uses, or expects or is expected to use, the product. A product
is a consumer product regardless of whether the product has substantial
commercial, industrial or non-consumer uses, unless such uses represent
the only significant mode of use of the product.
"Installation Information" for a User Product means any methods,
procedures, authorization keys, or other information required to install
and execute modified versions of a covered work in that User Product from
a modified version of its Corresponding Source. The information must
suffice to ensure that the continued functioning of the modified object
code is in no case prevented or interfered with solely because
modification has been made.
If you convey an object code work under this section in, or with, or
specifically for use in, a User Product, and the conveying occurs as
part of a transaction in which the right of possession and use of the
User Product is transferred to the recipient in perpetuity or for a
fixed term (regardless of how the transaction is characterized), the
Corresponding Source conveyed under this section must be accompanied
by the Installation Information. But this requirement does not apply
if neither you nor any third party retains the ability to install
modified object code on the User Product (for example, the work has
been installed in ROM).
The requirement to provide Installation Information does not include a
requirement to continue to provide support service, warranty, or updates
for a work that has been modified or installed by the recipient, or for
the User Product in which it has been modified or installed. Access to a
network may be denied when the modification itself materially and
adversely affects the operation of the network or violates the rules and
protocols for communication across the network.
Corresponding Source conveyed, and Installation Information provided,
in accord with this section must be in a format that is publicly
documented (and with an implementation available to the public in
source code form), and must require no special password or key for
unpacking, reading or copying.
7. Additional Terms.
"Additional permissions" are terms that supplement the terms of this
License by making exceptions from one or more of its conditions.
Additional permissions that are applicable to the entire Program shall
be treated as though they were included in this License, to the extent
that they are valid under applicable law. If additional permissions
apply only to part of the Program, that part may be used separately
under those permissions, but the entire Program remains governed by
this License without regard to the additional permissions.
When you convey a copy of a covered work, you may at your option
remove any additional permissions from that copy, or from any part of
it. (Additional permissions may be written to require their own
removal in certain cases when you modify the work.) You may place
additional permissions on material, added by you to a covered work,
for which you have or can give appropriate copyright permission.
Notwithstanding any other provision of this License, for material you
add to a covered work, you may (if authorized by the copyright holders of
that material) supplement the terms of this License with terms:
a) Disclaiming warranty or limiting liability differently from the
terms of sections 15 and 16 of this License; or
b) Requiring preservation of specified reasonable legal notices or
author attributions in that material or in the Appropriate Legal
Notices displayed by works containing it; or
c) Prohibiting misrepresentation of the origin of that material, or
requiring that modified versions of such material be marked in
reasonable ways as different from the original version; or
d) Limiting the use for publicity purposes of names of licensors or
authors of the material; or
e) Declining to grant rights under trademark law for use of some
trade names, trademarks, or service marks; or
f) Requiring indemnification of licensors and authors of that
material by anyone who conveys the material (or modified versions of
it) with contractual assumptions of liability to the recipient, for
any liability that these contractual assumptions directly impose on
those licensors and authors.
All other non-permissive additional terms are considered "further
restrictions" within the meaning of section 10. If the Program as you
received it, or any part of it, contains a notice stating that it is
governed by this License along with a term that is a further
restriction, you may remove that term. If a license document contains
a further restriction but permits relicensing or conveying under this
License, you may add to a covered work material governed by the terms
of that license document, provided that the further restriction does
not survive such relicensing or conveying.
If you add terms to a covered work in accord with this section, you
must place, in the relevant source files, a statement of the
additional terms that apply to those files, or a notice indicating
where to find the applicable terms.
Additional terms, permissive or non-permissive, may be stated in the
form of a separately written license, or stated as exceptions;
the above requirements apply either way.
8. Termination.
You may not propagate or modify a covered work except as expressly
provided under this License. Any attempt otherwise to propagate or
modify it is void, and will automatically terminate your rights under
this License (including any patent licenses granted under the third
paragraph of section 11).
However, if you cease all violation of this License, then your
license from a particular copyright holder is reinstated (a)
provisionally, unless and until the copyright holder explicitly and
finally terminates your license, and (b) permanently, if the copyright
holder fails to notify you of the violation by some reasonable means
prior to 60 days after the cessation.
Moreover, your license from a particular copyright holder is
reinstated permanently if the copyright holder notifies you of the
violation by some reasonable means, this is the first time you have
received notice of violation of this License (for any work) from that
copyright holder, and you cure the violation prior to 30 days after
your receipt of the notice.
Termination of your rights under this section does not terminate the
licenses of parties who have received copies or rights from you under
this License. If your rights have been terminated and not permanently
reinstated, you do not qualify to receive new licenses for the same
material under section 10.
9. Acceptance Not Required for Having Copies.
You are not required to accept this License in order to receive or
run a copy of the Program. Ancillary propagation of a covered work
occurring solely as a consequence of using peer-to-peer transmission
to receive a copy likewise does not require acceptance. However,
nothing other than this License grants you permission to propagate or
modify any covered work. These actions infringe copyright if you do
not accept this License. Therefore, by modifying or propagating a
covered work, you indicate your acceptance of this License to do so.
10. Automatic Licensing of Downstream Recipients.
Each time you convey a covered work, the recipient automatically
receives a license from the original licensors, to run, modify and
propagate that work, subject to this License. You are not responsible
for enforcing compliance by third parties with this License.
An "entity transaction" is a transaction transferring control of an
organization, or substantially all assets of one, or subdividing an
organization, or merging organizations. If propagation of a covered
work results from an entity transaction, each party to that
transaction who receives a copy of the work also receives whatever
licenses to the work the party's predecessor in interest had or could
give under the previous paragraph, plus a right to possession of the
Corresponding Source of the work from the predecessor in interest, if
the predecessor has it or can get it with reasonable efforts.
You may not impose any further restrictions on the exercise of the
rights granted or affirmed under this License. For example, you may
not impose a license fee, royalty, or other charge for exercise of
rights granted under this License, and you may not initiate litigation
(including a cross-claim or counterclaim in a lawsuit) alleging that
any patent claim is infringed by making, using, selling, offering for
sale, or importing the Program or any portion of it.
11. Patents.
A "contributor" is a copyright holder who authorizes use under this
License of the Program or a work on which the Program is based. The
work thus licensed is called the contributor's "contributor version".
A contributor's "essential patent claims" are all patent claims
owned or controlled by the contributor, whether already acquired or
hereafter acquired, that would be infringed by some manner, permitted
by this License, of making, using, or selling its contributor version,
but do not include claims that would be infringed only as a
consequence of further modification of the contributor version. For
purposes of this definition, "control" includes the right to grant
patent sublicenses in a manner consistent with the requirements of
this License.
Each contributor grants you a non-exclusive, worldwide, royalty-free
patent license under the contributor's essential patent claims, to
make, use, sell, offer for sale, import and otherwise run, modify and
propagate the contents of its contributor version.
In the following three paragraphs, a "patent license" is any express
agreement or commitment, however denominated, not to enforce a patent
(such as an express permission to practice a patent or covenant not to
sue for patent infringement). To "grant" such a patent license to a
party means to make such an agreement or commitment not to enforce a
patent against the party.
If you convey a covered work, knowingly relying on a patent license,
and the Corresponding Source of the work is not available for anyone
to copy, free of charge and under the terms of this License, through a
publicly available network server or other readily accessible means,
then you must either (1) cause the Corresponding Source to be so
available, or (2) arrange to deprive yourself of the benefit of the
patent license for this particular work, or (3) arrange, in a manner
consistent with the requirements of this License, to extend the patent
license to downstream recipients. "Knowingly relying" means you have
actual knowledge that, but for the patent license, your conveying the
covered work in a country, or your recipient's use of the covered work
in a country, would infringe one or more identifiable patents in that
country that you have reason to believe are valid.
If, pursuant to or in connection with a single transaction or
arrangement, you convey, or propagate by procuring conveyance of, a
covered work, and grant a patent license to some of the parties
receiving the covered work authorizing them to use, propagate, modify
or convey a specific copy of the covered work, then the patent license
you grant is automatically extended to all recipients of the covered
work and works based on it.
A patent license is "discriminatory" if it does not include within
the scope of its coverage, prohibits the exercise of, or is
conditioned on the non-exercise of one or more of the rights that are
specifically granted under this License. You may not convey a covered
work if you are a party to an arrangement with a third party that is
in the business of distributing software, under which you make payment
to the third party based on the extent of your activity of conveying
the work, and under which the third party grants, to any of the
parties who would receive the covered work from you, a discriminatory
patent license (a) in connection with copies of the covered work
conveyed by you (or copies made from those copies), or (b) primarily
for and in connection with specific products or compilations that
contain the covered work, unless you entered into that arrangement,
or that patent license was granted, prior to 28 March 2007.
Nothing in this License shall be construed as excluding or limiting
any implied license or other defenses to infringement that may
otherwise be available to you under applicable patent law.
12. No Surrender of Others' Freedom.
If conditions are imposed on you (whether by court order, agreement or
otherwise) that contradict the conditions of this License, they do not
excuse you from the conditions of this License. If you cannot convey a
covered work so as to satisfy simultaneously your obligations under this
License and any other pertinent obligations, then as a consequence you may
not convey it at all. For example, if you agree to terms that obligate you
to collect a royalty for further conveying from those to whom you convey
the Program, the only way you could satisfy both those terms and this
License would be to refrain entirely from conveying the Program.
13. Remote Network Interaction; Use with the GNU General Public License.
Notwithstanding any other provision of this License, if you modify the
Program, your modified version must prominently offer all users
interacting with it remotely through a computer network (if your version
supports such interaction) an opportunity to receive the Corresponding
Source of your version by providing access to the Corresponding Source
from a network server at no charge, through some standard or customary
means of facilitating copying of software. This Corresponding Source
shall include the Corresponding Source for any work covered by version 3
of the GNU General Public License that is incorporated pursuant to the
following paragraph.
Notwithstanding any other provision of this License, you have
permission to link or combine any covered work with a work licensed
under version 3 of the GNU General Public License into a single
combined work, and to convey the resulting work. The terms of this
License will continue to apply to the part which is the covered work,
but the work with which it is combined will remain governed by version
3 of the GNU General Public License.
14. Revised Versions of this License.
The Free Software Foundation may publish revised and/or new versions of
the GNU Affero General Public License from time to time. Such new versions
will be similar in spirit to the present version, but may differ in detail to
address new problems or concerns.
Each version is given a distinguishing version number. If the
Program specifies that a certain numbered version of the GNU Affero General
Public License "or any later version" applies to it, you have the
option of following the terms and conditions either of that numbered
version or of any later version published by the Free Software
Foundation. If the Program does not specify a version number of the
GNU Affero General Public License, you may choose any version ever published
by the Free Software Foundation.
If the Program specifies that a proxy can decide which future
versions of the GNU Affero General Public License can be used, that proxy's
public statement of acceptance of a version permanently authorizes you
to choose that version for the Program.
Later license versions may give you additional or different
permissions. However, no additional obligations are imposed on any
author or copyright holder as a result of your choosing to follow a
later version.
15. Disclaimer of Warranty.
THERE IS NO WARRANTY FOR THE PROGRAM, TO THE EXTENT PERMITTED BY
APPLICABLE LAW. EXCEPT WHEN OTHERWISE STATED IN WRITING THE COPYRIGHT
HOLDERS AND/OR OTHER PARTIES PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY
OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, BUT NOT LIMITED TO,
THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
PURPOSE. THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE PROGRAM
IS WITH YOU. SHOULD THE PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF
ALL NECESSARY SERVICING, REPAIR OR CORRECTION.
16. Limitation of Liability.
IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING
WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MODIFIES AND/OR CONVEYS
THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES, INCLUDING ANY
GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING OUT OF THE
USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED TO LOSS OF
DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY YOU OR THIRD
PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER PROGRAMS),
EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF
SUCH DAMAGES.
17. Interpretation of Sections 15 and 16.
If the disclaimer of warranty and limitation of liability provided
above cannot be given local legal effect according to their terms,
reviewing courts shall apply local law that most closely approximates
an absolute waiver of all civil liability in connection with the
Program, unless a warranty or assumption of liability accompanies a
copy of the Program in return for a fee.
END OF TERMS AND CONDITIONS
How to Apply These Terms to Your New Programs
If you develop a new program, and you want it to be of the greatest
possible use to the public, the best way to achieve this is to make it
free software which everyone can redistribute and change under these terms.
To do so, attach the following notices to the program. It is safest
to attach them to the start of each source file to most effectively
state the exclusion of warranty; and each file should have at least
the "copyright" line and a pointer to where the full notice is found.
<one line to give the program's name and a brief idea of what it does.>
Copyright (C) <year> <name of author>
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU Affero General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU Affero General Public License for more details.
You should have received a copy of the GNU Affero General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
Also add information on how to contact you by electronic and paper mail.
If your software can interact with users remotely through a computer
network, you should also make sure that it provides a way for users to
get its source. For example, if your program is a web application, its
interface could display a "Source" link that leads users to an archive
of the code. There are many ways you could offer source, and different
solutions will be better for different programs; see section 13 for the
specific requirements.
You should also get your employer (if you work as a programmer) or school,
if any, to sign a "copyright disclaimer" for the program, if necessary.
For more information on this, and how to apply and follow the GNU AGPL, see
<http://www.gnu.org/licenses/>.

96
Makefile Normal file
View file

@ -0,0 +1,96 @@
OUTPUT_DIR = ${CURDIR}
GIT_DESCRIBE = $(shell sh -c "git describe --long" 2>/dev/null)
DESCRIBE_PARTS = $(subst -, ,$(GIT_DESCRIBE))
VERSION_TAG = $(word 1,$(DESCRIBE_PARTS))
STATUS_TAG = $(word 2,$(DESCRIBE_PARTS))
STATUS_DISTANCE_TAG = $(word 3,$(DESCRIBE_PARTS))
COMMIT_HASH_TAG = $(word 4,$(DESCRIBE_PARTS))
CLEAN_COMMIT_HASH_TAG = $(COMMIT_HASH_TAG:g%=%)
package-semvers:
mkdir -p build
cp flexisip-account-manager.spec flexisip-account-manager.spec.run
sed -i 's/MAKE_FILE_VERSION_SEARCH/$(VERSION_TAG)/g' $(CURDIR)/flexisip-account-manager.spec.run
ifneq (,$(filter alpha beta,$(STATUS_TAG)))
sed -i 's/MAKE_FILE_BUILD_NUMBER_SEARCH/0.$(STATUS_TAG).$(STATUS_DISTANCE_TAG)+$(CLEAN_COMMIT_HASH_TAG)/g' $(CURDIR)/flexisip-account-manager.spec.run
else
sed -i 's/MAKE_FILE_BUILD_NUMBER_SEARCH/1/g' $(CURDIR)/flexisip-account-manager.spec.run
endif
cleanup-package-semvers:
rm flexisip-account-manager.spec.run
prepare:
cd flexiapi && php composer.phar install --ignore-platform-req=ext-redis --no-dev
prepare-dev:
cd flexiapi && php composer.phar install --ignore-platform-req=ext-redis
package-common:
rm -rf $(OUTPUT_DIR)/flexisip-account-manager
mkdir $(OUTPUT_DIR)/flexisip-account-manager
mkdir -p $(OUTPUT_DIR)/rpmbuild/SPECS
mkdir -p $(OUTPUT_DIR)/rpmbuild/SOURCES
# FlexiAPI
cp -R --parents flexiapi/**/* $(OUTPUT_DIR)/flexisip-account-manager/
cp flexiapi/composer* $(OUTPUT_DIR)/flexisip-account-manager/flexiapi/
cp README.md $(OUTPUT_DIR)/flexisip-account-manager/
cp flexiapi/.env.example $(OUTPUT_DIR)/flexisip-account-manager/flexiapi/.env.example
cp flexiapi/artisan $(OUTPUT_DIR)/flexisip-account-manager/flexiapi/
cp flexiapi/phpunit.xml $(OUTPUT_DIR)/flexisip-account-manager/flexiapi/
cp flexiapi/phpcs.xml $(OUTPUT_DIR)/flexisip-account-manager/flexiapi/
cp flexiapi/phpmd.xml $(OUTPUT_DIR)/flexisip-account-manager/flexiapi/
# General
cp -R httpd/ $(OUTPUT_DIR)/flexisip-account-manager/
cp -R cron/ $(OUTPUT_DIR)/flexisip-account-manager/
cp flexisip-account-manager.spec.run $(OUTPUT_DIR)/rpmbuild/SPECS/flexisip-account-manager.spec
tar cvf flexisip-account-manager.tar.gz -C $(OUTPUT_DIR) flexisip-account-manager
mv flexisip-account-manager.tar.gz $(OUTPUT_DIR)/rpmbuild/SOURCES/flexisip-account-manager.tar.gz
package-end-common:
rm -rf $(OUTPUT_DIR)/flexisip-account-manager
rm -rf $(OUTPUT_DIR)/rpmbuild/SPECS $(OUTPUT_DIR)/rpmbuild/SOURCES $(OUTPUT_DIR)/rpmbuild/SRPMS $(OUTPUT_DIR)/rpmbuild/BUILD $(OUTPUT_DIR)/rpmbuild/BUILDROOT
rpm-el8-only:
sed -i 's/Requires:.*/Requires: php >= 8.0, php-gd, php-pdo, php-redis, php-mysqlnd, php-mbstring/g' $(OUTPUT_DIR)/rpmbuild/SPECS/flexisip-account-manager.spec
rpmbuild -v -bb --define 'dist .el8' --define '_topdir $(OUTPUT_DIR)/rpmbuild' --define "_rpmdir $(OUTPUT_DIR)/rpmbuild" $(OUTPUT_DIR)/rpmbuild/SPECS/flexisip-account-manager.spec
@echo "📦✅ RPM el8 Package Created"
rpm-el9-only:
rpmbuild -v -bb --define 'dist .el9' --define '_topdir $(OUTPUT_DIR)/rpmbuild' --define "_rpmdir $(OUTPUT_DIR)/rpmbuild" $(OUTPUT_DIR)/rpmbuild/SPECS/flexisip-account-manager.spec
@echo "📦✅ RPM el9 Package Created"
rpm-cleanup:
@echo "🧹 Cleanup"
mv rpmbuild/*/*.rpm build/.
rm -r rpmbuild
deb-only:
rpmbuild -v -bb --with deb --define '_topdir $(OUTPUT_DIR)/rpmbuild' --define "_rpmfilename tmp.rpm" --define "_rpmdir $(OUTPUT_DIR)/rpmbuild" $(OUTPUT_DIR)/rpmbuild/SPECS/flexisip-account-manager.spec
fakeroot alien -g -k --scripts $(OUTPUT_DIR)/rpmbuild/tmp.rpm
rm -r $(OUTPUT_DIR)/rpmbuild
rm -rf $(OUTPUT_DIR)/*.orig
sed -i 's/Depends:.*/Depends: $${shlibs:Depends}, php (>= 8.0), php-xml, php-pdo, php-gd, php-redis, php-mysql, php-mbstring, php-sqlite3/g' $(OUTPUT_DIR)/bc-flexisip-account-manager*/debian/control
cd `ls -rt $(OUTPUT_DIR) | tail -1` && dpkg-buildpackage --no-sign
@echo "📦✅ DEB Package Created"
@echo "🧹 Cleanup"
ls -d */ | cut -f1 -d'/' | grep bc-flexisip-account-manager | xargs rm -rf
ls bc-flexisip-account-manager* | grep -v "\.deb" | xargs rm
mv *.deb build/.
rpm-el8: prepare package-semvers package-common rpm-el8-only rpm-cleanup cleanup-package-semvers package-end-common
rpm-el8-dev: prepare-dev package-semvers package-common rpm-el8-only rpm-cleanup cleanup-package-semvers package-end-common
rpm-el9: prepare package-semvers package-common rpm-el9-only rpm-cleanup cleanup-package-semvers package-end-common
rpm-el9-dev: prepare-dev package-semvers package-common rpm-el9-only rpm-cleanup cleanup-package-semvers package-end-common
deb: prepare package-semvers package-common deb-only cleanup-package-semvers package-end-common
deb-dev: prepare-dev package-semvers package-common deb-only cleanup-package-semvers package-end-common
.PHONY: rpm

253
README.md Normal file
View file

@ -0,0 +1,253 @@
# Introduction
Flexisip Account Manager brings several tools in one:
- FlexiAPI, a REST API for the creation and management of user accounts by end-users and/or service administrators.
- a web portal, powered by FlexiAPI
- a remote provisioning server, able to generate configuration files compatible with Linphone's QrCode-based or URL-based remote provisioning feature
# License
Copyright © Belledonne Communications
Flexisip is dual licensed, and can be licensed and distributed:
- under a GNU Affero GPLv3 license for free (see COPYING file for details)
- under a proprietary license, for closed source projects. Contact Belledonne Communications for any question about costs and services.
# Documentation
Once deployed you can have access to the global and API documentation on the `/api` and `/documentation` pages.
# Setup
## DotEnv configuration
FlexiAPI relies on [DotEnv](https://github.com/vlucas/phpdotenv) to be configured. This configuration can be accessed using the existing `.env` file that can be itself overwritten by an environnement variables.
Thoses variables can then be set using Docker-Compose, a bash script or a web-server for example.
If you're installing FlexiAPI from the RPM package you can find the configuration file at `/etc/flexisip-account-manager/flexiapi.env`.
## Manual setup
Clone the repository, install the dependencies and generate a key.
composer install --no-dev
php artisan key:generate
Then configure the database connection in the `.env` file (from the `.env.example` one). And migrate the tables. The migration *MUST* be run on an empty database. The `.env` file will be available at the root of the project or often located in `/etc/flexisip-account-manager` in packaged versions.
php artisan migrate
You can also run the test suit using `phpunit`.
To know more about the web server configuration part, you can directly [visit the official Laravel installation documentation](https://laravel.com/docs/8.x).
### Apache2 server configuration
The package will deploy a `flexisip-account-manager.conf` file in the apache2 configuration directory.
This file can be loaded and configured in your specific VirtualHost configuration.
### Configure the .env file
Complete all the other variables in the `.env` file or by overwritting them in your Docker or web-server configuration:
- The OVH SMS connector
- SMTP configuration
- App name, SIP domain…
### Multi instances environement
FlexiAPI can also handle multi domains setup.
#### Multiple virtualhosts option
In your web server configuration create several virtualhosts that are pointing to the same FlexiAPI instance.
Using the environnement variables you can then configure FlexiAPI per instance.
With Apache, use the [mod_env](https://httpd.apache.org/docs/2.4/mod/mod_env.html) module.
SetEnv APP_NAME "VirtualHost One"
On nginx use `fastcgi_param` to pass the parameter directly to PHP.
location ~ [^/]\.php(/|$) {
include /etc/nginx/fastcgi_params;
fastcgi_param APP_NAME "VirtualHost Two";
}
> **Warning** Do not create a cache of your configuration (using `artisan config:cache`) if you have a multi-environnement setup.
> The cache is always having the priority on the variables set in the configuration files.
#### Multiple .env option
To do so, configure several web servers virtualhosts and set a specific `APP_ENV` environnement variable in each of them.
Note that if `APP_ENV` is not set FlexiAPI will directly use the default `.env` file.
FlexiAPI will then try to load a custom configuration file with the following name `.env.$APP_ENV`. So for the previous example `.env.foobar`.
You can then configure your instances with specific values.
INSTANCE_COPYRIGHT="FooBar - Since 1997"
INSTANCE_INTRO_REGISTRATION="Welcome on the FooBar Server"
INSTANCE_CUSTOM_THEME=true
#### Custom theme
If you set `INSTANCE_CUSTOM_THEME` to true, FlexiAPI will try to load a CSS file located in `public/css/$APP_ENV.style.css`. If the file doesn't exists it will fallback to `public/css/style.css`.
You can find an example CSS file at `public/css/custom.style.css`.
#### Flexisip Push notifications pusher
The API endpoint `POST /account_creation_tokens/send-by-push` uses the `flexisip_pusher` binary delivered by the [Flexisip](https://gitlab.linphone.org/BC/public/flexisip) project (and related package). You must configure the `APP_FLEXISIP_PUSHER_PATH` and `APP_FLEXISIP_PUSHER_FIREBASE_KEYSMAP` environnement variables to point to the correct binary.
APP_FLEXISIP_PUSHER_PATH=/opt/belledonne-communications/bin/flexisip_pusher
This binary will be executed under "web user" privileges. Ensure that all the related files required by `flexisip_pusher` can be accessed using this user account.
/var/opt/belledonne-communications/log/flexisip/flexisip-pusher.log // Write permissions
/etc/flexisip/apn/*pem // Read permissions
### SELinux restrictions
If you are running on a CentOS/RedHat machine, please ensure that SELinux is correctly configured.
Allow the webserver user to write in the `storage/` directory:
chcon -R -t httpd_sys_rw_content_t storage/
Don't forget to make this change persistent if the directory may be relabeled :
semanage fcontext -a -t httpd_sys_rw_content_t storage/
You can use the restorecon command to verify that this is working :
restorecon storage/
If your database is located on a remote machine, you should also allow your webserver user to connect to remote hosts:
semanage port -a -t http_port_t -p tcp 3306 // Open remote connections on the MySQL port for example
setsebool -P httpd_can_network_connect 1 // Allow remote network connected
setsebool -P httpd_can_network_connect_db 1 // Allow remote database connection
If you are planning to send emails using your account manager:
setsebool -P httpd_can_sendmail 1 // Allow email to be sent
## Usage
For the web panel, a general documentation is available under the `/documentation` page.
For the REST API, the `/api` page contains all the required documentation to authenticate and request the API.
FlexiAPI is also providing endpoints to provision Liblinphone powered devices. You can find more documentation about it on the `/provisioning/documentation` documentation page.
## Console commands
FlexiAPI is shipped with several console commands that you can launch using the `artisan` executable available at the root of this project.
### Create or update a SIP Domain
Create or update a SIP Domain, required to then create accounts afterward. The `super` option enable/disable the domain as a super domain.
php artisan sip_domains:create-update {domain} {--super}
### Create an admin account
Create an admin account, an API Key will also be generated along the way, it might expire after a while (regarding the API Key expiration policy). An empty `api_key_ip` will remove the IP restriction on the key.
If no parameters are put, a default admin account will be created.
php artisan accounts:create-admin-account {-u|username=} {-p|password=} {-d|domain=} {-k|api_key_ip=}
### Clear the expired API Keys
This will remove the API Keys that were not used after `x minutes`.
php artisan digest:clear-api-keys {minutes}
### Clear Expired Nonces for DIGEST authentication
This will remove the nonces stored that were not updated after `x minutes`.
php artisan digest:clear-nonces {minutes}
### Remove the unconfirmed accounts
This request will remove the accounts that were not confirmed after `x days`. In the database an unconfirmed account is having the `activated` attribute set to `false`.
php artisan accounts:clear-unconfirmed {days} {--apply} {--and-confirmed}
The base request will not delete the related accounts by default. You need to add `--apply` to remove them.
### Remove deleted accounts tombstones
This request will remove the deleted accounts tombstones created after `x days`.
php artisan accounts:clear-accounts-tombstones {days} {--apply}
The base request will not delete the related tombstones by default. You need to add `--apply` to remove them.
### Set an account admin
This command will set the admin role to any available Flexisip account. You need to use the account DB id as a parameter in this command.
php artisan accounts:set-admin {account_id}
Once one account is declared as administrator, you can directly configure the other ones using the web panel.
### Seed liblinphone test accounts
You can also seed the tables with test accounts for the liblinphone test suite with the following command (check LiblinphoneTesterAccoutSeeder for the JSON syntax):
php artisan accounts:seed /path/to/accounts.json
## SMS templates
To send SMS to the USA some providers need to validate their templates before transfering them, see [Sending SMS messages to the USA - OVH](https://help.ovhcloud.com/csm/en-ie-sms-sending-sms-to-usa?id=kb_article_view&sysparm_article=KB0051359).
Here are the currently used SMS templates in the app to declare in your provider panel:
- Creation code: `Your #APP_NAME# creation code is #CODE#`. Sent to confirm the creation of the account by SMS.
- Recovery code: `Your #APP_NAME# recovery code is #CODE#`. Sent to recover the account by SMS.
- Validation code: `Your #APP_NAME# validation code is #CODE#`. Sent to validate the phone change by SMS.
- Validation code with expiration: `Your #APP_NAME# validation code is #CODE#. The code is available for #CODE_MINUTES# minutes`. Sent to validate the phone change by SMS, include an expiration time.
## Custom email templaces
Some email templates can be customized.
To do so, copy and rename the existing `*_custom.blade.php.example` files into `*custom.blade.php` and adapt the content of the email (HTML and text versions), those files will then replace the default ones.
## Hooks
### Provisioning hooks
The XML returned by the provisioning endpoint can be completed using hooks.
To do so, copy and rename the `provisioning_hooks.php.example` file into `provisioning_hooks.php` in the configuration directory and complete the functions in the file.
The functions already contains example codes to show you how the XML can be enhanced or completed.
### Account Service hooks
The internal Account Service is also providing hooks. Rename and complete the following file to enable and use them: `account_service_hooks.php.example`.
## Sending SIP messages from the API
The `POST /api/messages` endpoint allows you to send messages on the SIP network. It call internally `linphone-daemon` to do so. To be able to use it you should follow the following steps:
1. Launch the `linphone-daemon` with a UNIX socket path, this will create a socket file in `/tmp` (the file will be `/tmp/lp` for the following line).
$ linphone-daemon --pipe ld
2. Configure the `.env` file to point to that UNIX socket
APP_LINPHONE_DAEMON_UNIX_PATH=/tmp/ld
If you have issues connecting to that socket check the [`systemd restrictions`](#systemd-restrictions) part of this document.
The socket is located in the `/tmp` directory.
The systemd service [PrivateTmp](https://access.redhat.com/blogs/766093/posts/1976243) setting might also restrict that access.

53
RELEASE.md Normal file
View file

@ -0,0 +1,53 @@
# Releases
All notable changes to this project will be documented in this file.
The format is based on [Keep a Changelog](https://keepachangelog.com/).
## [1.6] - 2024-11-12
## Added
- **Allow the expiration of tokens and codes in the DotEnv configuration**
- **New DotEnv variables:** check all the new `*_EXPIRATION_MINUTES` for each token and code in `.env.example`
- **Phone validation system by country code:** all the provided phone numbers are now properly validated and some countries can be forbidden
- **SIP Domain management:** the account domains are now managed in a set of panels and API endpoints, this is the base of the upcoming space administration system
- **JSON validation in the API:** the provised JSON is now validated and returns an error if an issue is detected
- **CoTURN credentials support:** TURN credentials can now be generated and return through the provisioning feature
## Changed
- **Replace Material Icons with Phosphor**
## Deprecated
- **Last major version supporting the deprecated endpoints of the API**
## [1.5] - 2024-08-29
### Added
- **Account activity view:** new panel, available behind the Activity tab, will allow any admin to follow the activity of the accounts they manage.
- **Detect and block abusive accounts:** This activity tracking is coming with a related tool that is measuring the accounts activity and automatically block them if it detects some unusual behaviors on the service. An account can also directly be blocked and unblocked from the setting panel. Two new setting variables will allow you to fine tune those behaviors triggers.
- **New DotEnv variable:** `BLOCKING_TIME_PERIOD_CHECK=30` # Time span on which the blocking service will proceed, in minutes
- **New DotEnv variable:** `BLOCKING_AMOUNT_EVENTS_AUTHORIZED_DURING_PERIOD=5` # Amount of account events authorized during this period
- **OAuth JWT Authentication:** OAuth support with the handling of JWE tokens issues by a third party service such as Keycloack.
- **New DotEnv variable:** `JWT_RSA_PUBLIC_KEY_PEM=`
- **New DotEnv variable:** `JWT_SIP_IDENTIFIER=sip_identifier`
- **Super-domains and super-admins support:** Introduce SIP domains management. The app accounts are now divided by their domains with their own respective administrators that can only see and manage their own domain accounts and settings. On top of that it is possible to configure a SIP domain as a "super-domain" and then allow its admins to become "super-admins". Those super-admins will then be able to manage all the accounts handled by the instance and create/edit/delete the other SIP domains. Add new endpoints and a new super-admin role in the API to manage the SIP domains. SIP domains can also be created and updated directly from the console using a new artisan script (documented in the README);
- **New Artisan script:** `php artisan sip_domains:create-update {domain} {--super}`
- **Account Dictionary:** Each account can now handle a specific dictionary, configurable by the API or directly the web panel. This dictionary allows developers to store arbitrary `key -> value pairs` on each accounts.
- **Vcard storage:** Attach custom vCards on a dedicated account using new endpoints in the API. The published vCard are validated before being stored.
### Changed
- **User management of their own devices:** Allowing users will be able to manage its own devices. Specific API endpoints were also added to manage them directly from the clients.
- **Migration to hCaptcha:** Migrate from Google Recaptcha to hCaptcha in this release.
- **New DotEnv variable:** HCAPTCHA_SECRET=secret-key
- **New DotEnv variable:** HCAPTCHA_SITEKEY=site-key
- **Localization support:** The API is now accepting the `Accept-Language` header and adapt its internal localization to the client/browser one. For the moment only French and English are supported but more languages could be added in the future.
### Deprecated
- **Last major version supporting the deprecated endpoints of the API**

7
cron/flexiapi.debian Normal file
View file

@ -0,0 +1,7 @@
#!/bin/sh
cd /opt/belledonne-communications/share/flexisip-account-manager/flexiapi/
sudo -su www-data && php artisan digest:clear-nonces 60
sudo -su www-data && php artisan accounts:clear-api-keys 60
sudo -su www-data && php artisan accounts:clear-accounts-tombstones 7 --apply
sudo -su www-data && php artisan accounts:clear-unconfirmed 30 --apply

7
cron/flexiapi.redhat Normal file
View file

@ -0,0 +1,7 @@
#!/bin/sh
cd /opt/belledonne-communications/share/flexisip-account-manager/flexiapi/
php artisan digest:clear-nonces 60
php artisan accounts:clear-api-keys 60
php artisan accounts:clear-accounts-tombstones 7 --apply
php artisan accounts:clear-unconfirmed 30 --apply

15
flexiapi/.editorconfig Normal file
View file

@ -0,0 +1,15 @@
root = true
[*]
charset = utf-8
end_of_line = lf
insert_final_newline = true
indent_style = space
indent_size = 4
trim_trailing_whitespace = true
[*.md]
trim_trailing_whitespace = false
[*.{yml,yaml}]
indent_size = 2

5
flexiapi/.gitattributes vendored Normal file
View file

@ -0,0 +1,5 @@
* text=auto
*.css linguist-vendored
*.scss linguist-vendored
*.js linguist-vendored
CHANGELOG.md export-ignore

13
flexiapi/.gitignore vendored Normal file
View file

@ -0,0 +1,13 @@
/node_modules
/public/hot
/public/storage
/storage/*.key
/storage/*.sqlite
/vendor
.env
.env.backup
.phpunit.result.cache
Homestead.json
Homestead.yaml
npm-debug.log
yarn-error.log

13
flexiapi/.styleci.yml Normal file
View file

@ -0,0 +1,13 @@
php:
preset: laravel
disabled:
- unused_use
finder:
not-name:
- index.php
- server.php
js:
finder:
not-name:
- webpack.mix.js
css: true

496
flexiapi/app/Account.php Normal file
View file

@ -0,0 +1,496 @@
<?php
/*
Flexisip Account Manager is a set of tools to manage SIP accounts.
Copyright (C) 2020 Belledonne Communications SARL, All rights reserved.
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU Affero General Public License as
published by the Free Software Foundation, either version 3 of the
License, or (at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU Affero General Public License for more details.
You should have received a copy of the GNU Affero General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
namespace App;
use Illuminate\Database\Eloquent\Factories\HasFactory;
use Illuminate\Database\Eloquent\Builder;
use Illuminate\Support\Facades\Auth;
use Illuminate\Foundation\Auth\User as Authenticatable;
use Illuminate\Http\Request;
use Illuminate\Support\Str;
use Carbon\Carbon;
use Awobaz\Compoships\Compoships;
use App\Http\Controllers\Account\AuthenticateController as WebAuthenticateController;
use stdClass;
class Account extends Authenticatable
{
use HasFactory;
use Compoships;
protected $with = ['passwords', 'activationExpiration', 'emailChangeCode', 'types', 'actions', 'dictionaryEntries'];
protected $hidden = ['expire_time', 'confirmation_key', 'pivot', 'currentProvisioningToken', 'currentRecoveryCode', 'dictionaryEntries'];
protected $appends = ['realm', 'confirmation_key_expires', 'provisioning_token', 'provisioning_token_expire_at', 'dictionary'];
protected $casts = [
'activated' => 'boolean',
];
protected $fillable = ['username', 'domain', 'email'];
public static $dtmfProtocols = ['sipinfo' => 'SIPInfo', 'rfc2833' => 'RFC2833', 'sipmessage' => 'SIP Message'];
public static function boot()
{
parent::boot();
static::deleted(function (Account $account) {
StatisticsMessage::where('from_username', $account->username)
->where('from_domain', $account->domain)
->delete();
StatisticsCall::where('from_username', $account->username)
->where('from_domain', $account->domain)
->delete();
});
static::created(function (Account $account) {
$account->provision();
$account->refresh();
});
}
protected static function booted()
{
static::addGlobalScope('domain', function (Builder $builder) {
if (Auth::hasUser() && Auth::user()->superAdmin) {
return;
}
$builder->where('domain', config('app.sip_domain'));
});
}
public function scopeSip($query, string $sip)
{
if (\str_contains($sip, '@')) {
list($username, $domain) = explode('@', $sip);
return $query->where('username', $username)
->where('domain', $domain);
};
return $query->where('id', '<', 0);
}
public static function subByContactsList($query, int $contactsListId)
{
return $query->from('accounts')
->whereIn('id', function ($query) use ($contactsListId) {
$query->select('contact_id')
->from('contacts_list_contact')
->where('contacts_list_id', $contactsListId);
});
}
/**
* Relations
*/
public function actions()
{
return $this->hasMany('App\AccountAction')->whereIn('account_id', function ($query) {
$query->select('id')
->from('accounts')
->whereNotNull('dtmf_protocol');
});
}
public function activationExpiration()
{
return $this->hasOne(ActivationExpiration::class);
}
public function apiKey()
{
return $this->hasOne(ApiKey::class);
}
public function contacts()
{
return $this->belongsToMany(Account::class, 'contacts', 'account_id', 'contact_id');
}
public function vcardsStorage()
{
return $this->hasMany(VcardStorage::class);
}
public function contactsLists()
{
return $this->belongsToMany(ContactsList::class, 'account_contacts_list', 'account_id', 'contacts_list_id');
}
public function dictionaryEntries()
{
return $this->hasMany(AccountDictionaryEntry::class);
}
public function getDictionaryAttribute()
{
if ($this->dictionaryEntries->isEmpty()) return new stdClass;
return $this->dictionaryEntries->keyBy('key')->map(function ($entry) {
return $entry->value;
});
}
public function setDictionaryEntry(string $key, string $value): AccountDictionaryEntry
{
$this->dictionaryEntries()->where('key', $key)->delete();
$entry = new AccountDictionaryEntry;
$entry->account_id = $this->id;
$entry->key = $key;
$entry->value = $value;
$entry->save();
return $entry;
}
public function nonces()
{
return $this->hasMany(DigestNonce::class);
}
public function passwords()
{
return $this->hasMany(Password::class);
}
public function types()
{
return $this->belongsToMany(AccountType::class);
}
public function sipDomain()
{
return $this->hasOne(SipDomain::class, 'domain', 'domain');
}
public function statisticsFromCalls()
{
return $this->hasMany(StatisticsCall::class, ['from_username', 'from_domain'], ['username', 'domain']);
}
public function statisticsToCalls()
{
return $this->hasMany(StatisticsCall::class, ['to_username', 'to_domain'], ['username', 'domain']);
}
public function statisticsFromMessages()
{
return $this->hasMany(StatisticsMessage::class, ['from_username', 'from_domain'], ['username', 'domain']);
}
public function statisticsToMessageDevices()
{
return $this->hasMany(StatisticsMessageDevice::class, ['to_username', 'to_domain'], ['username', 'domain']);
}
/**
* Tokens and codes
*/
public function currentRecoveryCode()
{
return $this->hasOne(RecoveryCode::class)->whereNotNull('code')->latestOfMany();
}
public function recoveryCodes()
{
return $this->hasMany(RecoveryCode::class)->latest();
}
public function phoneChangeCode()
{
return $this->hasOne(PhoneChangeCode::class)->whereNotNull('code')->latestOfMany();
}
public function phoneChangeCodes()
{
return $this->hasMany(PhoneChangeCode::class)->latest();
}
public function emailChangeCode()
{
return $this->hasOne(EmailChangeCode::class)->whereNotNull('code')->latestOfMany();
}
public function emailChangeCodes()
{
return $this->hasMany(EmailChangeCode::class)->latest();
}
public function currentProvisioningToken()
{
return $this->hasOne(ProvisioningToken::class)->where('used', false)->latestOfMany();
}
public function provisioningTokens()
{
return $this->hasMany(ProvisioningToken::class)->latest();
}
public function accountCreationToken()
{
return $this->hasOne(AccountCreationToken::class);
}
public function authTokens()
{
return $this->hasMany(AuthToken::class);
}
/**
* Attributes
*/
public function getRecoveryCodeAttribute(): ?string
{
if ($this->currentRecoveryCode) {
return $this->currentRecoveryCode->code;
}
return null;
}
public function getProvisioningTokenAttribute(): ?string
{
if ($this->currentProvisioningToken) {
return $this->currentProvisioningToken->token;
}
return null;
}
public function getProvisioningTokenExpireAtAttribute(): ?string
{
if ($this->currentProvisioningToken) {
return $this->currentProvisioningToken->expire_at;
}
return null;
}
public function getIdentifierAttribute(): string
{
return $this->attributes['username'] . '@' . $this->attributes['domain'];
}
public function getFullIdentifierAttribute(): string
{
$displayName = $this->attributes['display_name']
? '"' . $this->attributes['display_name'] . '" '
: '';
return $displayName . '<sip:' . $this->getIdentifierAttribute() . '>';
}
public function getRealmAttribute()
{
return config('app.account_realm');
}
public function getResolvedRealmAttribute()
{
return config('app.account_realm') ?? $this->domain;
}
public function getConfirmationKeyExpiresAttribute()
{
if ($this->activationExpiration) {
return $this->activationExpiration->expires->format('Y-m-d H:i:s');
}
return null;
}
public function getSha256PasswordAttribute()
{
return $this->passwords()->where('algorithm', 'SHA-256')->exists();
}
public static function dtmfProtocolsRule()
{
return implode(',', array_keys(self::$dtmfProtocols));
}
public function getResolvedDtmfProtocolAttribute()
{
return self::$dtmfProtocols[$this->attributes['dtmf_protocol']];
}
public function getSuperAdminAttribute(): bool
{
return SipDomain::where('domain', $this->domain)->where('super', true)->exists() && $this->admin;
}
/**
* Utils
*/
public function activationExpired(): bool
{
return ($this->activationExpiration && $this->activationExpiration->isExpired());
}
public function generateApiKey(?string $ip = null): ApiKey
{
$this->apiKey()->delete();
$apiKey = new ApiKey;
$apiKey->account_id = $this->id;
$apiKey->last_used_at = Carbon::now();
$apiKey->key = Str::random(40);
$apiKey->ip = $ip;
$apiKey->save();
return $apiKey;
}
public function generateAuthToken(): AuthToken
{
// Clean the expired and previous ones
AuthToken::where(
'created_at',
'<',
Carbon::now()->subMinutes(AuthToken::$expirationMinutes)
)->orWhere('account_id', $this->id)
->delete();
$authToken = new AuthToken;
$authToken->account_id = $this->id;
$authToken->token = Str::random(32);
$authToken->save();
return $authToken;
}
public function recover(?string $code = null): string
{
$recoveryCode = new RecoveryCode;
$recoveryCode->code = $code ?? generatePin();
$recoveryCode->account_id = $this->id;
if (request()) {
$recoveryCode->fillRequestInfo(request());
}
$recoveryCode->save();
return $recoveryCode->code;
}
public function provision(?string $token = null): string
{
$provisioningToken = new ProvisioningToken;
$provisioningToken->token = $token ?? Str::random(WebAuthenticateController::$emailCodeSize);
$provisioningToken->account_id = $this->id;
if (request()) {
$provisioningToken->fillRequestInfo(request());
}
$provisioningToken->save();
return $provisioningToken->token;
}
public function setRole(string $role)
{
if ($role == 'end_user') {
$this->admin = false;
}
if ($role == 'admin') {
$this->admin = true;
}
$this->save();
}
public function hasTombstone(): bool
{
return AccountTombstone::where('username', $this->attributes['username'])
->where('domain', $this->attributes['domain'])
->exists();
}
public function createTombstone(): bool
{
if (!$this->hasTombstone()) {
$tombstone = new AccountTombstone();
$tombstone->username = $this->attributes['username'];
$tombstone->domain = $this->attributes['domain'];
$tombstone->save();
return true;
}
return false;
}
public function failedRecentRecovery(): bool
{
$oneHourAgo = Carbon::now()->subHour();
return !empty($this->recovery_code) && $this->updated_at->greaterThan($oneHourAgo);
}
public function updatePassword(string $newPassword, ?string $algorithm = null)
{
$algorithm = $algorithm ?? config('app.account_default_password_algorithm');
$this->passwords()->delete();
$password = new Password;
$password->account_id = $this->id;
$password->password = bchash($this->username, $this->resolvedRealm, $newPassword, $algorithm);
$password->algorithm = $algorithm;
$password->save();
}
public function toVcard4()
{
$vcard = 'BEGIN:VCARD
VERSION:4.0
KIND:individual
IMPP:sip:' . $this->getIdentifierAttribute();
$vcard .= '
FN:';
$vcard .= !empty($this->display_name)
? $this->display_name
: $this->getIdentifierAttribute();
if ($this->dtmf_protocol) {
$vcard .= '
X-LINPHONE-ACCOUNT-DTMF-PROTOCOL:' . $this->dtmf_protocol;
}
foreach ($this->types as $type) {
$vcard .= '
X-LINPHONE-ACCOUNT-TYPE:' . $type->key;
}
foreach ($this->actions as $action) {
$vcard .= '
X-LINPHONE-ACCOUNT-ACTION:' . $action->key . ';' . $action->code;
}
return $vcard . '
END:VCARD';
}
}

35
flexiapi/app/AccountAction.php Normal file
View file

@ -0,0 +1,35 @@
<?php
/*
Flexisip Account Manager is a set of tools to manage SIP accounts.
Copyright (C) 2022 Belledonne Communications SARL, All rights reserved.
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU Affero General Public License as
published by the Free Software Foundation, either version 3 of the
License, or (at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU Affero General Public License for more details.
You should have received a copy of the GNU Affero General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
namespace App;
use Illuminate\Database\Eloquent\Factories\HasFactory;
use Illuminate\Database\Eloquent\Model;
class AccountAction extends Model
{
use HasFactory;
protected $hidden = ['created_at', 'updated_at', 'account_id'];
public function account()
{
return $this->belongsTo(Account::class);
}
}

48
flexiapi/app/AccountCreationRequestToken.php Normal file
View file

@ -0,0 +1,48 @@
<?php
/*
Flexisip Account Manager is a set of tools to manage SIP accounts.
Copyright (C) 2023 Belledonne Communications SARL, All rights reserved.
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU Affero General Public License as
published by the Free Software Foundation, either version 3 of the
License, or (at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU Affero General Public License for more details.
You should have received a copy of the GNU Affero General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
namespace App;
use Illuminate\Database\Eloquent\Factories\HasFactory;
class AccountCreationRequestToken extends Consommable
{
use HasFactory;
protected $hidden = ['id', 'updated_at', 'created_at'];
protected $appends = ['validation_url'];
public function accountCreationToken()
{
return $this->belongsTo(AccountCreationToken::class, 'acc_creation_token_id');
}
public function getValidationUrlAttribute(): ?string
{
return $this->validated_at == null
? route('account.creation_request_token.check', $this->token)
: null;
}
public function consume()
{
$this->used = true;
$this->save();
}
}

65
flexiapi/app/AccountCreationToken.php Normal file
View file

@ -0,0 +1,65 @@
<?php
/*
Flexisip Account Manager is a set of tools to manage SIP accounts.
Copyright (C) 2020 Belledonne Communications SARL, All rights reserved.
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU Affero General Public License as
published by the Free Software Foundation, either version 3 of the
License, or (at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU Affero General Public License for more details.
You should have received a copy of the GNU Affero General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
namespace App;
use Illuminate\Validation\Rule;
use Illuminate\Database\Eloquent\Factories\HasFactory;
class AccountCreationToken extends Consommable
{
use HasFactory;
protected $hidden = ['id', 'updated_at', 'created_at'];
protected $appends = ['expire_at'];
protected ?string $configExpirationMinutesKey = 'account_creation_token_expiration_minutes';
public function accountCreationRequestToken()
{
return $this->hasOne(AccountCreationRequestToken::class, 'acc_creation_token_id');
}
public function account()
{
return $this->belongsTo(Account::class);
}
public function consume()
{
$this->used = true;
$this->save();
}
public function consumed(): bool
{
return $this->used == true;
}
public function toLog()
{
return [
'token' => $this->token,
'pn_param' => $this->pn_param,
'used' => $this->used,
'account_id' => $this->account_id,
'ip' => $this->ip,
'user_agent' => $this->user_agent,
];
}
}

18
flexiapi/app/AccountDictionaryEntry.php Normal file
View file

@ -0,0 +1,18 @@
<?php
namespace App;
use Illuminate\Database\Eloquent\Factories\HasFactory;
use Illuminate\Database\Eloquent\Model;
class AccountDictionaryEntry extends Model
{
use HasFactory;
protected $visible = ['value'];
public function account()
{
return $this->belongsTo(Account::class);
}
}

30
flexiapi/app/AccountTombstone.php Normal file
View file

@ -0,0 +1,30 @@
<?php
/*
Flexisip Account Manager is a set of tools to manage SIP accounts.
Copyright (C) 2022 Belledonne Communications SARL, All rights reserved.
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU Affero General Public License as
published by the Free Software Foundation, either version 3 of the
License, or (at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU Affero General Public License for more details.
You should have received a copy of the GNU Affero General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
namespace App;
use Illuminate\Database\Eloquent\Factories\HasFactory;
use Illuminate\Database\Eloquent\Model;
class AccountTombstone extends Model
{
protected $table = 'accounts_tombstones';
use HasFactory;
}

35
flexiapi/app/AccountType.php Normal file
View file

@ -0,0 +1,35 @@
<?php
/*
Flexisip Account Manager is a set of tools to manage SIP accounts.
Copyright (C) 2022 Belledonne Communications SARL, All rights reserved.
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU Affero General Public License as
published by the Free Software Foundation, either version 3 of the
License, or (at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU Affero General Public License for more details.
You should have received a copy of the GNU Affero General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
namespace App;
use Illuminate\Database\Eloquent\Factories\HasFactory;
use Illuminate\Database\Eloquent\Model;
class AccountType extends Model
{
use HasFactory;
protected $hidden = ['pivot', 'created_at', 'updated_at'];
public function accounts()
{
return $this->belongsToMany(Account::class);
}
}

44
flexiapi/app/ActivationExpiration.php Normal file
View file

@ -0,0 +1,44 @@
<?php
/*
Flexisip Account Manager is a set of tools to manage SIP accounts.
Copyright (C) 2020 Belledonne Communications SARL, All rights reserved.
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU Affero General Public License as
published by the Free Software Foundation, either version 3 of the
License, or (at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU Affero General Public License for more details.
You should have received a copy of the GNU Affero General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
namespace App;
use Carbon\Carbon;
use Illuminate\Database\Eloquent\Factories\HasFactory;
use Illuminate\Database\Eloquent\Model;
class ActivationExpiration extends Model
{
use HasFactory;
protected $casts = [
'expires' => 'datetime:Y-m-d H:i:s',
];
public function account()
{
return $this->belongsTo(Account::class);
}
public function isExpired()
{
$now = Carbon::now();
return $this->expires->lessThan($now);
}
}

35
flexiapi/app/ApiKey.php Normal file
View file

@ -0,0 +1,35 @@
<?php
/*
Flexisip Account Manager is a set of tools to manage SIP accounts.
Copyright (C) 2020 Belledonne Communications SARL, All rights reserved.
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU Affero General Public License as
published by the Free Software Foundation, either version 3 of the
License, or (at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU Affero General Public License for more details.
You should have received a copy of the GNU Affero General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
namespace App;
use Illuminate\Database\Eloquent\Factories\HasFactory;
use Illuminate\Database\Eloquent\Model;
class ApiKey extends Model
{
use HasFactory;
protected $table = 'api_keys';
public function account()
{
return $this->belongsTo(Account::class);
}
}

23
flexiapi/app/AuthToken.php Normal file
View file

@ -0,0 +1,23 @@
<?php
namespace App;
use Carbon\Carbon;
use Illuminate\Database\Eloquent\Factories\HasFactory;
class AuthToken extends Consommable
{
use HasFactory;
public static $expirationMinutes = 5;
public function account()
{
return $this->belongsTo(Account::class);
}
public function scopeValid($query)
{
return $query->where('created_at', '>', Carbon::now()->subMinutes(self::$expirationMinutes));
}
}

55
flexiapi/app/Console/Commands/Accounts/ClearAccountsTombstones.php Normal file
View file

@ -0,0 +1,55 @@
<?php
/*
Flexisip Account Manager is a set of tools to manage SIP accounts.
Copyright (C) 2020 Belledonne Communications SARL, All rights reserved.
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU Affero General Public License as
published by the Free Software Foundation, either version 3 of the
License, or (at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU Affero General Public License for more details.
You should have received a copy of the GNU Affero General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
namespace App\Console\Commands\Accounts;
use Illuminate\Console\Command;
use Carbon\Carbon;
use App\AccountTombstone;
class ClearAccountsTombstones extends Command
{
protected $signature = 'accounts:clear-accounts-tombstones {days} {--apply}';
protected $description = 'Clear deleted accounts tombstones after n days';
public function __construct()
{
parent::__construct();
}
public function handle()
{
$tombstones = AccountTombstone::where(
'created_at',
'<',
Carbon::now()->subDays($this->argument('days'))->toDateTimeString()
);
if ($this->option('apply')) {
$this->info($tombstones->count() . ' tombstones deleted');
$tombstones->delete();
return 0;
}
$this->info($tombstones->count() . ' tombstones to delete');
return 0;
}
}

56
flexiapi/app/Console/Commands/Accounts/ClearApiKeys.php Normal file
View file

@ -0,0 +1,56 @@
<?php
/*
Flexisip Account Manager is a set of tools to manage SIP accounts.
Copyright (C) 2020 Belledonne Communications SARL, All rights reserved.
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU Affero General Public License as
published by the Free Software Foundation, either version 3 of the
License, or (at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU Affero General Public License for more details.
You should have received a copy of the GNU Affero General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
namespace App\Console\Commands\Accounts;
use Illuminate\Console\Command;
use Carbon\Carbon;
use App\ApiKey;
class ClearApiKeys extends Command
{
protected $signature = 'accounts:clear-api-keys {minutes?}';
protected $description = 'Clear the expired API Keys after n minutes';
public function __construct()
{
parent::__construct();
}
public function handle()
{
$minutes = $this->argument('minutes') ?? config('app.api_key_expiration_minutes');
if ($minutes == 0) {
$this->info('Expiration time is set to 0, nothing to clear');
return 0;
}
$this->info('Deleting api keys unused after ' . $minutes . ' minutes');
$count = ApiKey::where(
'last_used_at',
'<',
Carbon::now()->subMinutes($minutes)->toDateTimeString()
)->delete();
$this->info($count . ' api keys deleted');
}
}

62
flexiapi/app/Console/Commands/Accounts/ClearUnconfirmed.php Normal file
View file

@ -0,0 +1,62 @@
<?php
/*
Flexisip Account Manager is a set of tools to manage SIP accounts.
Copyright (C) 2020 Belledonne Communications SARL, All rights reserved.
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU Affero General Public License as
published by the Free Software Foundation, either version 3 of the
License, or (at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU Affero General Public License for more details.
You should have received a copy of the GNU Affero General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
namespace App\Console\Commands\Accounts;
use Illuminate\Console\Command;
use Carbon\Carbon;
use App\Account;
class ClearUnconfirmed extends Command
{
protected $signature = 'accounts:clear-unconfirmed {days} {--apply} {--and-confirmed}';
protected $description = 'Clear unconfirmed accounts after n days';
public function __construct()
{
parent::__construct();
}
public function handle()
{
$accounts = Account::where(
'created_at',
'<',
Carbon::now()->subDays($this->argument('days'))->toDateTimeString()
);
if (!$this->option('and-confirmed')) {
$accounts = $accounts->where('activated', false);
}
$count = $accounts->count();
if ($this->option('apply')) {
$this->info($count . ' accounts in deletion…');
$accounts->delete();
$this->info($count . ' accounts deleted');
return 0;
}
$this->info($count . ' accounts to delete');
return 0;
}
}

100
flexiapi/app/Console/Commands/Accounts/CreateAdminAccount.php Normal file
View file

@ -0,0 +1,100 @@
<?php
/*
Flexisip Account Manager is a set of tools to manage SIP accounts.
Copyright (C) 2020 Belledonne Communications SARL, All rights reserved.
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU Affero General Public License as
published by the Free Software Foundation, either version 3 of the
License, or (at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU Affero General Public License for more details.
You should have received a copy of the GNU Affero General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
namespace App\Console\Commands\Accounts;
use Illuminate\Console\Command;
use Carbon\Carbon;
use App\Account;
use App\SipDomain;
class CreateAdminAccount extends Command
{
protected $signature = 'accounts:create-admin-account {--u|username=} {--p|password=} {--d|domain=} {--k|api_key_ip=}';
protected $description = 'Create an admin account and generate an API Key';
public function __construct()
{
parent::__construct();
}
public function handle()
{
$sipDomains = SipDomain::all('domain')->pluck('domain');
$this->info('Your will create a new admin account in the database, existing accounts with the same credentials will be overwritten');
$username = $this->option('username');
$domain = $this->option('domain');
$password = $this->option('password');
if (!$this->option('username')) {
$username = $this->ask('What will be the admin username? Default: admin');
}
if (!$this->option('domain')) {
$domain = $this->ask('What will be the admin domain? Default: ' . $sipDomains->first());
}
if (!$this->option('password')) {
$password = $this->ask('What will be the admin password? Default: changeme');
}
$username = $username ?? 'admin';
$domain = $domain ?? $sipDomains->first();
$password = $password ?? 'change_me';
if (!$sipDomains->contains($domain)) {
$this->error('The domain must be one of the following ones: ' . $sipDomains->implode(', '));
$this->comment('You can create an extra domain using the dedicated console command');
return Command::FAILURE;
}
// Delete the account if it already exists
$account = Account::withoutGlobalScopes()
->where('username', $username)
->where('domain', $domain)
->first();
if ($account) {
$account->delete();
}
$account = new Account;
$account->username = $username;
$account->domain = $domain;
$account->email = 'admin_test@sip.example.org';
$account->activated = true;
$account->user_agent = 'Test';
$account->ip_address = '0.0.0.0';
$account->admin = true;
// Create an "old" account to prevent unwanted deletion on the test server
$account->created_at = Carbon::now()->subYears(3);
$account->save();
$account->generateApiKey(ip: $this->option('api_key_ip') ?? null);
$account->updatePassword($password);
$this->info('Admin test account created: "' . $username . '@' . $domain . '" | Password: "' . $password . '" | API Key: "' . $account->apiKey->key . '" (valid on ' . ($account->apiKey->ip ?? 'any') . ' ip)');
return 0;
}
}

73
flexiapi/app/Console/Commands/Accounts/CreateAdminTest.php Normal file
View file

@ -0,0 +1,73 @@
<?php
/*
Flexisip Account Manager is a set of tools to manage SIP accounts.
Copyright (C) 2020 Belledonne Communications SARL, All rights reserved.
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU Affero General Public License as
published by the Free Software Foundation, either version 3 of the
License, or (at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU Affero General Public License for more details.
You should have received a copy of the GNU Affero General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
namespace App\Console\Commands\Accounts;
use Illuminate\Console\Command;
use Carbon\Carbon;
use App\Account;
use App\ApiKey;
class CreateAdminTest extends Command
{
protected $signature = 'accounts:create-admin-test';
protected $description = 'Create a test admin account, only for tests purpose';
public function __construct()
{
parent::__construct();
}
public function handle()
{
$username = 'admin_test';
$domain = 'sip.example.org';
$this->call('sip_domains:create-update', [
'domain' => $domain,
'--super' => 'true'
]);
$this->call('accounts:create-admin-account', [
'--username' => $username,
'--domain' => $domain,
'--password' => 'admin_test_password'
]);
$secret = 'no_secret_at_all';
$account = Account::withoutGlobalScopes()
->where('username', $username)
->where('domain', $domain)
->first();
ApiKey::where('account_id', $account->id)->delete();
$apiKey = new ApiKey;
$apiKey->account_id = $account->id;
$apiKey->last_used_at = Carbon::now();
$apiKey->key = $secret;
$apiKey->save();
$this->info('API Key updated to: ' . $secret);
return 0;
}
}

57
flexiapi/app/Console/Commands/Accounts/Seed.php Normal file
View file

@ -0,0 +1,57 @@
<?php
/*
Flexisip Account Manager is a set of tools to manage SIP accounts.
Copyright (C) 2020 Belledonne Communications SARL, All rights reserved.
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU Affero General Public License as
published by the Free Software Foundation, either version 3 of the
License, or (at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU Affero General Public License for more details.
You should have received a copy of the GNU Affero General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
namespace App\Console\Commands\Accounts;
use Database\Seeders\LiblinphoneTesterAccoutSeeder;
use Illuminate\Console\Command;
use Illuminate\Support\Facades\App;
class Seed extends Command
{
protected $signature = 'accounts:seed {json-file-path}';
protected $description = 'Seed some accounts from a JSON file';
public function __construct()
{
parent::__construct();
}
public function handle()
{
$file = $this->argument('json-file-path');
if (!file_exists($file)) {
$this->info('The JSON file doesn\'t exists');
return Command::FAILURE;
}
$json = json_decode(file_get_contents($file));
if ($json == null || $json == false) {
$this->info('Malformed JSON file');
return Command::FAILURE;
}
$seeder = App::make(LiblinphoneTesterAccoutSeeder::class);
$seeder->run($json);
return Command::SUCCESS;
}
}

57
flexiapi/app/Console/Commands/Accounts/SetAdmin.php Normal file
View file

@ -0,0 +1,57 @@
<?php
/*
Flexisip Account Manager is a set of tools to manage SIP accounts.
Copyright (C) 2020 Belledonne Communications SARL, All rights reserved.
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU Affero General Public License as
published by the Free Software Foundation, either version 3 of the
License, or (at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU Affero General Public License for more details.
You should have received a copy of the GNU Affero General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
namespace App\Console\Commands\Accounts;
use Illuminate\Console\Command;
use App\Account;
class SetAdmin extends Command
{
protected $signature = 'accounts:set-admin {id}';
protected $description = 'Give the admin role to an account';
public function __construct()
{
parent::__construct();
}
public function handle()
{
$account = Account::withoutGlobalScopes()->where('id', $this->argument('id'))->first();
if (!$account) {
$this->error('Account not found, please use an existing account id');
return 1;
}
if ($account->admin) {
$this->error('The account is already having the admin role');
return 1;
}
$account->admin = true;
$account->save();
$this->info('Account '.$account->identifier.' is now admin');
return 0;
}
}

47
flexiapi/app/Console/Commands/Digest/ClearNonces.php Normal file
View file

@ -0,0 +1,47 @@
<?php
/*
Flexisip Account Manager is a set of tools to manage SIP accounts.
Copyright (C) 2020 Belledonne Communications SARL, All rights reserved.
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU Affero General Public License as
published by the Free Software Foundation, either version 3 of the
License, or (at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU Affero General Public License for more details.
You should have received a copy of the GNU Affero General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
namespace App\Console\Commands\Digest;
use Illuminate\Console\Command;
use Carbon\Carbon;
use App\DigestNonce;
class ClearNonces extends Command
{
protected $signature = 'digest:clear-nonces {minutes}';
protected $description = 'Clear the expired DIGEST nonces after n minutes';
public function __construct()
{
parent::__construct();
}
public function handle()
{
$count = DigestNonce::where(
'created_at',
'<',
Carbon::now()->subMinutes($this->argument('minutes'))->toDateTimeString()
)->delete();
$this->info($count . ' expired nonces deleted');
}
}

50
flexiapi/app/Console/Commands/SipDomains/CreateUpdate.php Normal file
View file

@ -0,0 +1,50 @@
<?php
/*
Flexisip Account Manager is a set of tools to manage SIP accounts.
Copyright (C) 2020 Belledonne Communications SARL, All rights reserved.
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU Affero General Public License as
published by the Free Software Foundation, either version 3 of the
License, or (at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU Affero General Public License for more details.
You should have received a copy of the GNU Affero General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
namespace App\Console\Commands\SipDomains;
use App\SipDomain;
use Illuminate\Console\Command;
class CreateUpdate extends Command
{
protected $signature = 'sip_domains:create-update {domain} {--super}';
protected $description = 'Create a SIP Domain';
public function handle()
{
$this->info('Your will create or update a SIP Domain in the database');
$sipDomain = SipDomain::where('domain', $this->argument('domain'))->firstOrNew();
$sipDomain->domain = $this->argument('domain');
$sipDomain->exists
? $this->info('The domain already exists, updating it')
: $this->info('A new domain will be created');
$sipDomain->super = (bool)$this->option('super');
$sipDomain->super
? $this->info('Set as a super domain')
: $this->info('Set as a normal domain');
$sipDomain->save();
return Command::SUCCESS;
}
}

42
flexiapi/app/Console/Kernel.php Normal file
View file

@ -0,0 +1,42 @@
<?php
namespace App\Console;
use Illuminate\Console\Scheduling\Schedule;
use Illuminate\Foundation\Console\Kernel as ConsoleKernel;
class Kernel extends ConsoleKernel
{
/**
* The Artisan commands provided by your application.
*
* @var array
*/
protected $commands = [
//
];
/**
* Define the application's command schedule.
*
* @param \Illuminate\Console\Scheduling\Schedule $schedule
* @return void
*/
protected function schedule(Schedule $schedule)
{
// $schedule->command('inspire')
// ->hourly();
}
/**
* Register the commands for the application.
*
* @return void
*/
protected function commands()
{
$this->load(__DIR__.'/Commands');
require base_path('routes/console.php');
}
}

56
flexiapi/app/Consommable.php Normal file
View file

@ -0,0 +1,56 @@
<?php
namespace App;
use Carbon\Carbon;
use DateTime;
use Illuminate\Database\Eloquent\Model;
use Illuminate\Http\Request;
abstract class Consommable extends Model
{
protected string $consommableAttribute = 'code';
protected ?string $configExpirationMinutesKey = null;
protected $casts = [
'expire_at' => 'datetime'
];
public function consume()
{
$this->{$this->consommableAttribute} = null;
$this->save();
}
public function fillRequestInfo(Request $request)
{
$this->ip = $request->ip();
$this->user_agent = $request->userAgent();
}
public function consumed(): bool
{
return $this->{$this->consommableAttribute} == null;
}
public function getExpireAtAttribute(): ?string
{
if ($this->isExpirable()) {
return $this->created_at->addMinutes(config('app.' . $this->configExpirationMinutesKey))->toJSON();
}
return null;
}
public function expired(): bool
{
return ($this->isExpirable()
&& Carbon::now()->subMinutes(config('app.' . $this->configExpirationMinutesKey))->isAfter($this->created_at));
}
private function isExpirable(): bool
{
return $this->configExpirationMinutesKey != null
&& config('app.' . $this->configExpirationMinutesKey) != null
&& config('app.' . $this->configExpirationMinutesKey) > 0;
}
}

28
flexiapi/app/Contact.php Normal file
View file

@ -0,0 +1,28 @@
<?php
/*
Flexisip Account Manager is a set of tools to manage SIP accounts.
Copyright (C) 2022 Belledonne Communications SARL, All rights reserved.
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU Affero General Public License as
published by the Free Software Foundation, either version 3 of the
License, or (at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU Affero General Public License for more details.
You should have received a copy of the GNU Affero General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
namespace App;
use Illuminate\Database\Eloquent\Factories\HasFactory;
use Illuminate\Database\Eloquent\Model;
class Contact extends Model
{
use HasFactory;
}

18
flexiapi/app/ContactsList.php Normal file
View file

@ -0,0 +1,18 @@
<?php
namespace App;
use Illuminate\Database\Eloquent\Factories\HasFactory;
use Illuminate\Database\Eloquent\Model;
class ContactsList extends Model
{
use HasFactory;
protected $withCount = ['contacts'];
public function contacts()
{
return $this->belongsToMany(Account::class, 'contacts_list_contact', 'contacts_list_id', 'contact_id');
}
}

42
flexiapi/app/Device.php Normal file
View file

@ -0,0 +1,42 @@
<?php
/*
Flexisip Account Manager is a set of tools to manage SIP accounts.
Copyright (C) 2020 Belledonne Communications SARL, All rights reserved.
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU Affero General Public License as
published by the Free Software Foundation, either version 3 of the
License, or (at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU Affero General Public License for more details.
You should have received a copy of the GNU Affero General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
namespace App;
use Illuminate\Database\Eloquent\Model;
use Carbon\Carbon;
class Device extends Model
{
protected $fillable = ['user_agent'];
public function fromRedisContact(string $contact)
{
preg_match("/<(.*)>;(.*)/", $contact, $matches);
$parsed = parse_url($matches[1]);
parse_str($parsed["query"], $query);
parse_str(str_replace(";", "&", $parsed["path"]), $sipParams);
parse_str(str_replace(";", "&", $matches[2]), $sipHeaders);
$this->uuid = substr($sipHeaders['sip_instance'], 2, -2);
$this->update_time = Carbon::createFromTimestamp($sipParams['updatedAt']);
$this->user_agent = $query["user-agent"];
}
}

32
flexiapi/app/DigestNonce.php Normal file
View file

@ -0,0 +1,32 @@
<?php
/*
Flexisip Account Manager is a set of tools to manage SIP accounts.
Copyright (C) 2020 Belledonne Communications SARL, All rights reserved.
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU Affero General Public License as
published by the Free Software Foundation, either version 3 of the
License, or (at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU Affero General Public License for more details.
You should have received a copy of the GNU Affero General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
namespace App;
use Illuminate\Database\Eloquent\Model;
class DigestNonce extends Model
{
protected $table = 'nonces';
public function account()
{
return $this->belongsTo(Account::class);
}
}

48
flexiapi/app/EmailChangeCode.php Normal file
View file

@ -0,0 +1,48 @@
<?php
/*
Flexisip Account Manager is a set of tools to manage SIP accounts.
Copyright (C) 2020 Belledonne Communications SARL, All rights reserved.
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU Affero General Public License as
published by the Free Software Foundation, either version 3 of the
License, or (at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU Affero General Public License for more details.
You should have received a copy of the GNU Affero General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
namespace App;
use Illuminate\Database\Eloquent\Factories\HasFactory;
class EmailChangeCode extends Consommable
{
use HasFactory;
protected ?string $configExpirationMinutesKey = 'email_change_code_expiration_minutes';
protected $hidden = ['id', 'account_id', 'code'];
public function account()
{
return $this->belongsTo(Account::class);
}
public function validate(int $code): bool
{
return ($this->code == $code);
}
public function getObfuscatedEmailAttribute()
{
$stars = 4; // Min Stars to use
$at = strpos($this->attributes['email'], '@');
if ($at - 2 > $stars) $stars = $at - 2;
return substr($this->attributes['email'], 0, 1) . str_repeat('*', $stars) . substr($this->attributes['email'], $at - 1);
}
}

33
flexiapi/app/Exceptions/Handler.php Normal file
View file

@ -0,0 +1,33 @@
<?php
namespace App\Exceptions;
use Throwable;
use Illuminate\Database\Eloquent\ModelNotFoundException;
use Illuminate\Foundation\Exceptions\Handler as ExceptionHandler;
class Handler extends ExceptionHandler
{
protected $dontReport = [
//
];
protected $dontFlash = [
'password',
'password_confirmation',
];
public function report(Throwable $exception)
{
parent::report($exception);
}
public function render($request, Throwable $exception)
{
if ($exception instanceof ModelNotFoundException && $request->wantsJson()) {
return response()->json(['message' => 'Missing elements to perform the request'], 404);
}
return parent::render($request, $exception);
}
}

439
flexiapi/app/Helpers/Utils.php Normal file
View file

@ -0,0 +1,439 @@
<?php
/*
Flexisip Account Manager is a set of tools to manage SIP accounts.
Copyright (C) 2020 Belledonne Communications SARL, All rights reserved.
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU Affero General Public License as
published by the Free Software Foundation, either version 3 of the
License, or (at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU Affero General Public License for more details.
You should have received a copy of the GNU Affero General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
use Illuminate\Support\Str;
use App\Account;
use App\DigestNonce;
use Illuminate\Http\Request;
use League\CommonMark\CommonMarkConverter;
use League\CommonMark\Extension\HeadingPermalink\HeadingPermalinkExtension;
use League\CommonMark\Extension\TableOfContents\TableOfContentsExtension;
use Illuminate\Support\Facades\DB;
function passwordAlgorithms(): array
{
return [
'MD5' => 'md5',
'SHA-256' => 'sha256',
];
}
function generateNonce(): string
{
return Str::random(32);
}
function getRequestBoolean(Request $request, string $key): bool
{
return $request->has($key) ? $request->get($key) == "true" : false;
}
function generateValidNonce(Account $account): string
{
$nonce = new DigestNonce();
$nonce->account_id = $account->id;
$nonce->nonce = generateNonce();
$nonce->save();
return $nonce->nonce;
}
function bchash(string $username, string $domain, string $password, string $algorithm = 'MD5'): string
{
return hash(passwordAlgorithms()[$algorithm], $username . ':' . $domain . ':' . $password);
}
function generatePin(): int
{
return mt_rand(1000, 9999);
}
function percent($value, $max): float
{
if ($max == 0) {
$max = 1;
}
return round(($value * 100) / $max, 2);
}
function markdownDocumentationView(string $view): string
{
$converter = new CommonMarkConverter([
'heading_permalink' => [
'html_class' => 'permalink',
'insert' => 'after',
'title' => 'Permalink',
'id_prefix' => '',
'fragment_prefix' => '',
],
'table_of_contents' => [
'html_class' => 'table-of-contents float-right',
],
]);
$converter->getEnvironment()->addExtension(new HeadingPermalinkExtension());
$converter->getEnvironment()->addExtension(new TableOfContentsExtension());
return (string) $converter->convert(
(string)view($view, [
'app_name' => config('app.name')
])->render()
);
}
function hasCoTURNConfigured(): bool
{
return config('app.coturn_session_ttl_minutes') > 0
&& !empty(config('app.coturn_server_host'))
&& !empty(config('app.coturn_static_auth_secret'));
}
function getCoTURNCredentials(): array
{
$user = Str::random(8);
$secret = config('app.coturn_static_auth_secret');
$ttl = config('app.coturn_session_ttl_minutes') * 60;
$time = time() + $ttl;
$username = $time . ':' . Str::random(16);
$password = base64_encode(hash_hmac('sha1', $username, $secret, true));
return [
'username' => $username,
'password' => $password,
];
}
function parseSIP(string $sipAdress): array
{
return explode('@', \substr($sipAdress, 4));
}
function isRegularExpression(string $string): bool
{
set_error_handler(function () {
}, E_WARNING);
$isRegularExpression = preg_match($string, '') !== false;
restore_error_handler();
return $isRegularExpression;
}
function resolveDomain(Request $request): string
{
return $request->has('domain')
&& $request->user()
&& $request->user()->superAdmin
? $request->get('domain')
: config('app.sip_domain');
}
function captchaConfigured(): bool
{
return env('HCAPTCHA_SECRET', false) != false || env('HCAPTCHA_SITEKEY', false) != false;
}
function resolveUserContacts(Request $request)
{
$selected = ['id', 'username', 'domain', 'activated', 'dtmf_protocol', 'display_name'];
return Account::whereIn('id', function ($query) use ($request) {
$query->select('contact_id')
->from('contacts')
->where('account_id', $request->user()->id)
->union(
DB::table('contacts_list_contact')
->select('contact_id')
->whereIn('contacts_list_id', function ($query) use ($request) {
$query->select('contacts_list_id')
->from('account_contacts_list')
->where('account_id', $request->user()->id);
})
);
})->select($selected);
}
/**
* Validate date string to ISO8601
* From: https://github.com/penance316/laravel-iso8601-validator/blob/master/src/IsoDateValidator.php
*
* @param $attribute
* @param $value
* @param $parameters
* @param $validator
*
* @return bool
*/
function validateIsoDate($attribute, $value, $parameters, $validator): bool
{
$regex = (is_array($parameters) && in_array('utc', $parameters))
? '/^(\d{4}(?!\d{2}\b))((-?)((0[1-9]|1[0-2])(\3([12]\d|0[1-9]|3[01]))?|W([0-4]\d|5[0-2])(-?[1-7])?|(00[1-9]|0[1-9]\d|[12]\d{2}|3([0-5]\d|6[1-6])))([T]((([01]\d|2[0-3])((:?)[0-5]\d)?|24\:?00)([\.,]\d+(?!:))?)?(\17[0-5]\d([\.,]\d+)?)?([zZ]|([\+-])([01]\d|2[0-3]):?([0-5]\d)?)))?$/'
// 2012-04-23T18:25:43.511Z
// Regex from https://www.myintervals.com/blog/2009/05/20/iso-8601-date-validation-that-doesnt-suck/
: '/^([\+-]?\d{4}(?!\d{2}\b))((-?)((0[1-9]|1[0-2])(\3([12]\d|0[1-9]|3[01]))?|W([0-4]\d|5[0-2])(-?[1-7])?|(00[1-9]|0[1-9]\d|[12]\d{2}|3([0-5]\d|6[1-6])))([T\s]((([01]\d|2[0-3])((:?)[0-5]\d)?|24\:?00)([\.,]\d+(?!:))?)?(\17[0-5]\d([\.,]\d+)?)?([zZ]|([\+-])([01]\d|2[0-3]):?([0-5]\d)?)?)?)?$/';
return (bool)preg_match($regex, $value);
}
/**
* This list was got from the Internet
*
* @see https://gist.github.com/vxnick/380904
* @return array
*/
function getCountryCodes()
{
return [
'AF' => 'Afghanistan',
'AX' => 'Åland Islands',
'AL' => 'Albania',
'DZ' => 'Algeria',
'AS' => 'American Samoa',
'AD' => 'Andorra',
'AO' => 'Angola',
'AI' => 'Anguilla',
'AG' => 'Antigua & Barbuda',
'AR' => 'Argentina',
'AU' => 'Australia',
'AT' => 'Austria',
'AZ' => 'Azerbaijan',
'BS' => 'Bahamas',
'BH' => 'Bahrain',
'BD' => 'Bangladesh',
'BB' => 'Barbados',
'BY' => 'Belarus',
'BE' => 'Belgium',
'BZ' => 'Belize',
'BJ' => 'Benin',
'BM' => 'Bermuda',
'BT' => 'Bhutan',
'BO' => 'Bolivia',
'BA' => 'Bosnia & Herzegovina',
'BW' => 'Botswana',
'BR' => 'Brazil',
'IO' => 'British Indian Ocean Territory',
'BN' => 'Brunei',
'BG' => 'Bulgaria',
'BF' => 'Burkina Faso',
'BI' => 'Burundi',
'KH' => 'Cambodia',
'CM' => 'Cameroon',
'CA' => 'Canada',
'CV' => 'Cape Verde',
'KY' => 'Cayman Islands',
'CF' => 'Central African Republic',
'TD' => 'Chad',
'CL' => 'Chile',
'CN' => 'China',
'CX' => 'Christmas Island',
'CC' => 'Cocos (Keeling) Islands',
'CO' => 'Colombia',
'KM' => 'Comoros',
'CG' => 'Congo - Brazzaville',
'CD' => 'Congo - Kinshasa',
'CK' => 'Cook Islands',
'CR' => 'Costa Rica',
'CI' => 'Côte dIvoire',
'HR' => 'Croatia',
'CU' => 'Cuba',
'CY' => 'Cyprus',
'CZ' => 'Czechia',
'DK' => 'Denmark',
'DJ' => 'Djibouti',
'DM' => 'Dominica',
'DO' => 'Dominican Republic',
'EC' => 'Ecuador',
'EG' => 'Egypt',
'SV' => 'El Salvador',
'GQ' => 'Equatorial Guinea',
'ER' => 'Eritrea',
'EE' => 'Estonia',
'ET' => 'Ethiopia',
'FK' => 'Falkland Islands',
'FO' => 'Faroe Islands',
'FJ' => 'Fiji',
'FI' => 'Finland',
'FR' => 'France',
'GF' => 'French Guiana',
'PF' => 'French Polynesia',
'GA' => 'Gabon',
'GM' => 'Gambia',
'GE' => 'Georgia',
'DE' => 'Germany',
'GH' => 'Ghana',
'GI' => 'Gibraltar',
'GR' => 'Greece',
'GL' => 'Greenland',
'GD' => 'Grenada',
'GP' => 'Guadeloupe',
'GU' => 'Guam',
'GT' => 'Guatemala',
'GG' => 'Guernsey',
'GN' => 'Guinea',
'GW' => 'Guinea-Bissau',
'GY' => 'Guyana',
'HT' => 'Haiti',
'HN' => 'Honduras',
'HK' => 'Hong Kong SAR China',
'HU' => 'Hungary',
'IS' => 'Iceland',
'IN' => 'India',
'ID' => 'Indonesia',
'IR' => 'Iran',
'IQ' => 'Iraq',
'IE' => 'Ireland',
'IM' => 'Isle of Man',
'IL' => 'Israel',
'IT' => 'Italy',
'JM' => 'Jamaica',
'JP' => 'Japan',
'JE' => 'Jersey',
'JO' => 'Jordan',
'KZ' => 'Kazakhstan',
'KE' => 'Kenya',
'KI' => 'Kiribati',
'KP' => 'North Korea',
'KR' => 'South Korea',
'KW' => 'Kuwait',
'KG' => 'Kyrgyzstan',
'LA' => 'Laos',
'LV' => 'Latvia',
'LB' => 'Lebanon',
'LS' => 'Lesotho',
'LR' => 'Liberia',
'LY' => 'Libya',
'LI' => 'Liechtenstein',
'LT' => 'Lithuania',
'LU' => 'Luxembourg',
'MO' => 'Macao SAR China',
'MK' => 'North Macedonia',
'MG' => 'Madagascar',
'MW' => 'Malawi',
'MY' => 'Malaysia',
'MV' => 'Maldives',
'ML' => 'Mali',
'MT' => 'Malta',
'MH' => 'Marshall Islands',
'MQ' => 'Martinique',
'MR' => 'Mauritania',
'MU' => 'Mauritius',
'YT' => 'Mayotte',
'MX' => 'Mexico',
'FM' => 'Micronesia',
'MD' => 'Moldova',
'MC' => 'Monaco',
'MN' => 'Mongolia',
'ME' => 'Montenegro',
'MS' => 'Montserrat',
'MA' => 'Morocco',
'MZ' => 'Mozambique',
'MM' => 'Myanmar (Burma)',
'NA' => 'Namibia',
'NR' => 'Nauru',
'NP' => 'Nepal',
'NL' => 'Netherlands',
'NC' => 'New Caledonia',
'NZ' => 'New Zealand',
'NI' => 'Nicaragua',
'NE' => 'Niger',
'NG' => 'Nigeria',
'NU' => 'Niue',
'NF' => 'Norfolk Island',
'MP' => 'Northern Mariana Islands',
'NO' => 'Norway',
'OM' => 'Oman',
'PK' => 'Pakistan',
'PW' => 'Palau',
'PS' => 'Palestinian Territories',
'PA' => 'Panama',
'PG' => 'Papua New Guinea',
'PY' => 'Paraguay',
'PE' => 'Peru',
'PH' => 'Philippines',
'PL' => 'Poland',
'PT' => 'Portugal',
'PR' => 'Puerto Rico',
'QA' => 'Qatar',
'RE' => 'Réunion',
'RO' => 'Romania',
'RU' => 'Russia',
'RW' => 'Rwanda',
'SH' => 'St. Helena',
'KN' => 'St. Kitts & Nevis',
'LC' => 'St. Lucia',
'PM' => 'St. Pierre & Miquelon',
'VC' => 'St. Vincent & Grenadines',
'WS' => 'Samoa',
'SM' => 'San Marino',
'ST' => 'São Tomé & Príncipe',
'SA' => 'Saudi Arabia',
'SN' => 'Senegal',
'RS' => 'Serbia',
'SC' => 'Seychelles',
'SL' => 'Sierra Leone',
'SG' => 'Singapore',
'SK' => 'Slovakia',
'SI' => 'Slovenia',
'SB' => 'Solomon Islands',
'SO' => 'Somalia',
'ZA' => 'South Africa',
'ES' => 'Spain',
'LK' => 'Sri Lanka',
'SD' => 'Sudan',
'SR' => 'Suriname',
'SJ' => 'Svalbard & Jan Mayen',
'SZ' => 'Eswatini',
'SE' => 'Sweden',
'CH' => 'Switzerland',
'SY' => 'Syria',
'TW' => 'Taiwan',
'TJ' => 'Tajikistan',
'TZ' => 'Tanzania',
'TH' => 'Thailand',
'TL' => 'Timor-Leste',
'TG' => 'Togo',
'TK' => 'Tokelau',
'TO' => 'Tonga',
'TT' => 'Trinidad & Tobago',
'TN' => 'Tunisia',
'TM' => 'Turkmenistan',
'TC' => 'Turks & Caicos Islands',
'TV' => 'Tuvalu',
'UG' => 'Uganda',
'UA' => 'Ukraine',
'AE' => 'United Arab Emirates',
'GB' => 'United Kingdom',
'US' => 'United States',
'UY' => 'Uruguay',
'UZ' => 'Uzbekistan',
'VU' => 'Vanuatu',
'VE' => 'Venezuela',
'VN' => 'Vietnam',
'VG' => 'British Virgin Islands',
'VI' => 'U.S. Virgin Islands',
'WF' => 'Wallis & Futuna',
'EH' => 'Western Sahara',
'YE' => 'Yemen',
'ZM' => 'Zambia',
'ZW' => 'Zimbabwe',
];
}

13
flexiapi/app/Http/Controllers/AboutController.php Normal file
View file

@ -0,0 +1,13 @@
<?php
namespace App\Http\Controllers;
use Illuminate\Http\Request;
class AboutController extends Controller
{
public function about(Request $request)
{
return view('about');
}
}

86
flexiapi/app/Http/Controllers/Account/AccountController.php Normal file
View file

@ -0,0 +1,86 @@
<?php
/*
Flexisip Account Manager is a set of tools to manage SIP accounts.
Copyright (C) 2020 Belledonne Communications SARL, All rights reserved.
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU Affero General Public License as
published by the Free Software Foundation, either version 3 of the
License, or (at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU Affero General Public License for more details.
You should have received a copy of the GNU Affero General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
namespace App\Http\Controllers\Account;
use Illuminate\Http\Request;
use Illuminate\Support\Facades\Auth;
use App\Http\Controllers\Controller;
use App\Http\Requests\Account\Create\Web\Request as WebRequest;
use App\Services\AccountService;
class AccountController extends Controller
{
public function documentation(Request $request)
{
return view('account.documentation', [
'documentation' => markdownDocumentationView('account.documentation_markdown')
]);
}
public function blocked(Request $request)
{
return view('account.blocked');
}
public function dashboard(Request $request)
{
return view('account.dashboard', [
'account' => $request->user()
]);
}
public function store(WebRequest $request)
{
$account = (new AccountService())->store($request);
Auth::login($account);
if ($request->has('phone')) {
(new AccountService(api: false))->requestPhoneChange($request);
return redirect()->route('account.phone.validate');
} elseif ($request->has('email')) {
(new AccountService(api: false))->requestEmailChange($request);
return redirect()->route('account.email.validate');
}
return abort(404);
}
public function delete(Request $request)
{
return view('account.delete', [
'account' => $request->user()
]);
}
public function destroy(Request $request)
{
$request->validate(['identifier' => 'required|same:identifier_confirm']);
$request->user()->createTombstone();
(new AccountService)->destroy($request, $request->user()->id);
Auth::logout();
return redirect()->route('account.login');
}
}

41
flexiapi/app/Http/Controllers/Account/ApiKeyController.php Normal file
View file

@ -0,0 +1,41 @@
<?php
/*
Flexisip Account Manager is a set of tools to manage SIP accounts.
Copyright (C) 2020 Belledonne Communications SARL, All rights reserved.
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU Affero General Public License as
published by the Free Software Foundation, either version 3 of the
License, or (at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU Affero General Public License for more details.
You should have received a copy of the GNU Affero General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
namespace App\Http\Controllers\Account;
use App\Http\Controllers\Controller;
use Illuminate\Http\Request;
class ApiKeyController extends Controller
{
public function show(Request $request)
{
return view('account.api_key', [
'account' => $request->user()
]);
}
public function update(Request $request)
{
$account = $request->user();
$account->generateApiKey($request->ip());
return redirect()->back();
}
}

92
flexiapi/app/Http/Controllers/Account/AuthTokenController.php Normal file
View file

@ -0,0 +1,92 @@
<?php
/*
Flexisip Account Manager is a set of tools to manage SIP accounts.
Copyright (C) 2023 Belledonne Communications SARL, All rights reserved.
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU Affero General Public License as
published by the Free Software Foundation, either version 3 of the
License, or (at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU Affero General Public License for more details.
You should have received a copy of the GNU Affero General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
namespace App\Http\Controllers\Account;
use App\Http\Controllers\Controller;
use App\AuthToken;
use Illuminate\Http\Request;
use Endroid\QrCode\Builder\Builder;
use Endroid\QrCode\Encoding\Encoding;
use Endroid\QrCode\ErrorCorrectionLevel\ErrorCorrectionLevelHigh;
use Endroid\QrCode\Writer\PngWriter;
use Illuminate\Support\Facades\Auth;
class AuthTokenController extends Controller
{
public function qrcode(string $token)
{
$authToken = AuthToken::where('token', $token)
->valid()
->firstOrFail();
$result = Builder::create()
->writer(new PngWriter())
->data(
$authToken->account_id
? route('auth_tokens.auth', ['token' => $authToken->token])
: route('account.auth_tokens.auth.external', ['token' => $authToken->token])
)
->encoding(new Encoding('UTF-8'))
->errorCorrectionLevel(new ErrorCorrectionLevelHigh())
->size(300)
->margin(10)
->build();
return response($result->getString())->header('Content-Type', $result->getMimeType());
}
/**
* @desc Authenticate a user on a new device from a token generated from an authenticated account
*/
public function create(Request $request)
{
$request->user()->generateAuthToken();
return redirect()->back();
}
public function auth(Request $request, string $token)
{
$authToken = AuthToken::where('token', $token)->valid()->firstOrFail();
Auth::login($authToken->account);
$authToken->delete();
return redirect()->route('account.dashboard');
}
/**
* @desc Assign an authenticated account to an auth token generated from an external user
*/
public function authExternal(Request $request, string $token)
{
$authToken = AuthToken::where('token', $token)->valid()->firstOrFail();
if (!$authToken->account_id) {
$authToken->account_id = $request->user()->id;
$authToken->save();
}
return redirect()->route('account.dashboard');
}
}

136
flexiapi/app/Http/Controllers/Account/AuthenticateController.php Normal file
View file

@ -0,0 +1,136 @@
<?php
/*
Flexisip Account Manager is a set of tools to manage SIP accounts.
Copyright (C) 2020 Belledonne Communications SARL, All rights reserved.
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU Affero General Public License as
published by the Free Software Foundation, either version 3 of the
License, or (at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU Affero General Public License for more details.
You should have received a copy of the GNU Affero General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
namespace App\Http\Controllers\Account;
use App\Http\Controllers\Controller;
use Illuminate\Http\Request;
use Illuminate\Support\Facades\Auth;
use Illuminate\Support\Str;
use App\Account;
use App\AuthToken;
class AuthenticateController extends Controller
{
public static $emailCodeSize = 13;
public function login(Request $request)
{
if (Auth::user()) {
return redirect()->route('account.dashboard');
}
return view('account.login', [
'count' => Account::where('activated', true)->count()
]);
}
public function authenticate(Request $request)
{
$request->validate([
'username' => 'required',
'password' => 'required'
]);
$account = Account::where('username', $request->get('username'))
->first();
if (!$account) {
$account = Account::where('phone', $request->get('username'))->first();
}
if (!$account) {
return redirect()->back()->withErrors(['authentication' => 'Wrong username or password']);
}
// Try out the passwords
foreach ($account->passwords as $password) {
if (hash_equals(
$password->password,
bchash($account->username, $account->resolvedRealm, $request->get('password'), $password->algorithm)
)) {
Auth::login($account);
return redirect()->route('account.dashboard');
}
}
return redirect()->back()->withErrors(['authentication' => 'Wrong username or password']);
}
/**
* Deprecated
*/
public function validateEmail(Request $request, string $code)
{
$request->merge(['code' => $code]);
$request->validate(['code' => 'required|size:' . self::$emailCodeSize]);
$account = Account::where('confirmation_key', $code)->first();
if (!$account) {
return redirect()->route('account.login');
}
$account->confirmation_key = null;
$account->activated = true;
$account->save();
Auth::login($account);
return redirect()->route('account.dashboard');
}
public function loginAuthToken(Request $request, ?string $token = null)
{
$authToken = null;
if (!empty($token)) {
$authToken = AuthToken::where('token', $token)->valid()->first();
}
if ($authToken == null) {
$authToken = new AuthToken;
$authToken->token = Str::random(32);
$authToken->fillRequestInfo($request);
$authToken->save();
return redirect()->route('account.authenticate.auth_token', ['token' => $authToken->token]);
}
// If the $authToken was flashed by an authenticated user
if ($authToken->account_id) {
Auth::login($authToken->account);
$authToken->delete();
return redirect()->route('account.dashboard');
}
return view('account.authenticate.auth_token', [
'authToken' => $authToken
]);
}
public function logout(Request $request)
{
Auth::logout();
return redirect()->route('account.login');
}
}

44
flexiapi/app/Http/Controllers/Account/ContactVcardController.php Normal file
View file

@ -0,0 +1,44 @@
<?php
/*
Flexisip Account Manager is a set of tools to manage SIP accounts.
Copyright (C) 2021 Belledonne Communications SARL, All rights reserved.
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU Affero General Public License as
published by the Free Software Foundation, either version 3 of the
License, or (at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU Affero General Public License for more details.
You should have received a copy of the GNU Affero General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
namespace App\Http\Controllers\Account;
use Illuminate\Http\Request;
use App\Http\Controllers\Controller;
class ContactVcardController extends Controller
{
public function index(Request $request)
{
return response(
resolveUserContacts($request)->get()->map(function ($contact) {
return $contact->toVcard4();
})->implode("\n")
);
}
public function show(Request $request, string $sip)
{
return resolveUserContacts($request)
->sip($sip)
->firstOrFail()
->toVcard4();
}
}

63
flexiapi/app/Http/Controllers/Account/CreationRequestTokenController.php Normal file
View file

@ -0,0 +1,63 @@
<?php
/*
Flexisip Account Manager is a set of tools to manage SIP accounts.
Copyright (C) 2023 Belledonne Communications SARL, All rights reserved.
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU Affero General Public License as
published by the Free Software Foundation, either version 3 of the
License, or (at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU Affero General Public License for more details.
You should have received a copy of the GNU Affero General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
namespace App\Http\Controllers\Account;
use App\AccountCreationRequestToken;
use App\Http\Controllers\Controller;
use App\Rules\AccountCreationRequestToken as RulesAccountCreationRequestToken;
use Carbon\Carbon;
use Illuminate\Http\Request;
class CreationRequestTokenController extends Controller
{
public function check(Request $request, string $creationRequestToken)
{
$request->merge(['account_creation_request_token' => $creationRequestToken]);
$request->validate([
'account_creation_request_token' => [
'required',
new RulesAccountCreationRequestToken
]
]);
$accountCreationRequestToken = AccountCreationRequestToken::where('token', $request->get('account_creation_request_token'))->firstOrFail();
return view('account.creation_request_token.check', [
'account_creation_request_token' => $accountCreationRequestToken
]);
}
public function validateToken(Request $request)
{
$request->validate([
'account_creation_request_token' => [
'required',
new RulesAccountCreationRequestToken
],
'h-captcha-response' => captchaConfigured() ? 'required|HCaptcha' : '',
]);
$accountCreationRequestToken = AccountCreationRequestToken::where('token', $request->get('account_creation_request_token'))->firstOrFail();
$accountCreationRequestToken->validated_at = Carbon::now();
$accountCreationRequestToken->save();
return view('account.creation_request_token.valid');
}
}

62
flexiapi/app/Http/Controllers/Account/DeviceController.php Normal file
View file

@ -0,0 +1,62 @@
<?php
/*
Flexisip Account Manager is a set of tools to manage SIP accounts.
Copyright (C) 2020 Belledonne Communications SARL, All rights reserved.
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU Affero General Public License as
published by the Free Software Foundation, either version 3 of the
License, or (at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU Affero General Public License for more details.
You should have received a copy of the GNU Affero General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
namespace App\Http\Controllers\Account;
use App\Http\Controllers\Controller;
use Illuminate\Http\Request;
use App\Libraries\FlexisipConnector;
class DeviceController extends Controller
{
public function index(Request $request)
{
$connector = new FlexisipConnector;
return view(
'account.device.index',
[
'account' => $request->user(),
'devices' => $connector->getDevices($request->user()->identifier)
]
);
}
public function delete(Request $request, string $uuid)
{
$connector = new FlexisipConnector;
return view(
'account.device.delete',
[
'account' => $request->user(),
'device' => $connector->getDevices($request->user()->identifier)
->where('uuid', $uuid)->first()
]
);
}
public function destroy(Request $request)
{
$connector = new FlexisipConnector;
$connector->deleteDevice($request->user()->identifier, $request->get('uuid'));
return redirect()->route('account.device.index');
}
}

66
flexiapi/app/Http/Controllers/Account/EmailController.php Normal file
View file

@ -0,0 +1,66 @@
<?php
/*
Flexisip Account Manager is a set of tools to manage SIP accounts.
Copyright (C) 2020 Belledonne Communications SARL, All rights reserved.
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU Affero General Public License as
published by the Free Software Foundation, either version 3 of the
License, or (at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU Affero General Public License for more details.
You should have received a copy of the GNU Affero General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
namespace App\Http\Controllers\Account;
use Illuminate\Http\Request;
use App\Http\Controllers\Controller;
use App\Services\AccountService;
use App\Services\BlockingService;
class EmailController extends Controller
{
public function change(Request $request)
{
return view('account.email.change', [
'account' => $request->user()
]);
}
public function requestChange(Request $request)
{
$request->validate(['h-captcha-response' => captchaConfigured() ? 'required|HCaptcha': '']);
if ((new BlockingService($request->user()))->checkBlock()) {
return redirect()->route('account.blocked');
}
(new AccountService(api: false))->requestEmailChange($request);
return redirect()->route('account.email.validate');
}
public function validateChange(Request $request)
{
return view('account.email.validate', [
'emailChangeCode' => $request->user()->emailChangeCode()->firstOrFail()
]);
}
public function store(Request $request)
{
if ((new AccountService(api: false))->updateEmail($request)) {
return redirect()->route('account.dashboard');
}
return redirect()->route('account.email.change')->withErrors([
'code' => 'The code entered was not valid'
]);
}
}

64
flexiapi/app/Http/Controllers/Account/PasswordController.php Normal file
View file

@ -0,0 +1,64 @@
<?php
/*
Flexisip Account Manager is a set of tools to manage SIP accounts.
Copyright (C) 2020 Belledonne Communications SARL, All rights reserved.
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU Affero General Public License as
published by the Free Software Foundation, either version 3 of the
License, or (at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU Affero General Public License for more details.
You should have received a copy of the GNU Affero General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
namespace App\Http\Controllers\Account;
use App\Http\Controllers\Controller;
use Illuminate\Http\Request;
use Illuminate\Support\Facades\Mail;
use Illuminate\Support\Facades\Log;
use App\Mail\ConfirmedRegistration;
class PasswordController extends Controller
{
public function show(Request $request)
{
return view('account.password', [
'account' => $request->user()
]);
}
public function update(Request $request)
{
$request->validate([
'password' => 'required|confirmed|filled',
]);
$account = $request->user();
$account->activated = true;
$account->save();
$account->updatePassword($request->get('password'));
if ($account->passwords()->count() > 0) {
Log::channel('events')->info('Web: Password changed', ['id' => $account->identifier]);
return redirect()->route('account.dashboard');
}
Log::channel('events')->info('Web: Password set for the first time', ['id' => $account->identifier]);
if (!empty($account->email)) {
Mail::to($account)->send(new ConfirmedRegistration($account));
}
return redirect()->route('account.dashboard');
}
}

66
flexiapi/app/Http/Controllers/Account/PhoneController.php Normal file
View file

@ -0,0 +1,66 @@
<?php
/*
Flexisip Account Manager is a set of tools to manage SIP accounts.
Copyright (C) 2020 Belledonne Communications SARL, All rights reserved.
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU Affero General Public License as
published by the Free Software Foundation, either version 3 of the
License, or (at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU Affero General Public License for more details.
You should have received a copy of the GNU Affero General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
namespace App\Http\Controllers\Account;
use Illuminate\Http\Request;
use App\Http\Controllers\Controller;
use App\Services\AccountService;
use App\Services\BlockingService;
class PhoneController extends Controller
{
public function change(Request $request)
{
return view('account.phone.change', [
'account' => $request->user()
]);
}
public function requestChange(Request $request)
{
$request->validate(['h-captcha-response' => captchaConfigured() ? 'required|HCaptcha': '']);
if ((new BlockingService($request->user()))->checkBlock()) {
return redirect()->route('account.blocked');
}
(new AccountService(api: false))->requestPhoneChange($request);
return redirect()->route('account.phone.validate');
}
public function validateChange(Request $request)
{
return view('account.phone.validate', [
'phoneChangeCode' => $request->user()->phoneChangeCode()->firstOrFail()
]);
}
public function store(Request $request)
{
if ((new AccountService(api: false))->updatePhone($request)) {
return redirect()->route('account.dashboard');
}
return redirect()->route('account.phone.change')->withErrors([
'code' => 'The code entered was not valid'
]);
}
}

370
flexiapi/app/Http/Controllers/Account/ProvisioningController.php Normal file
View file

@ -0,0 +1,370 @@
<?php
/*
Flexisip Account Manager is a set of tools to manage SIP accounts.
Copyright (C) 2020 Belledonne Communications SARL, All rights reserved.
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU Affero General Public License as
published by the Free Software Foundation, either version 3 of the
License, or (at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU Affero General Public License for more details.
You should have received a copy of the GNU Affero General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
namespace App\Http\Controllers\Account;
use App\Account;
use App\AuthToken;
use App\Http\Controllers\Controller;
use Illuminate\Http\Request;
use Illuminate\Support\Str;
use Endroid\QrCode\Builder\Builder;
use Endroid\QrCode\Encoding\Encoding;
use Endroid\QrCode\ErrorCorrectionLevel\ErrorCorrectionLevelHigh;
use Endroid\QrCode\Writer\PngWriter;
class ProvisioningController extends Controller
{
public function documentation(Request $request)
{
return view('provisioning.documentation', [
'documentation' => markdownDocumentationView('provisioning.documentation_markdown')
]);
}
public function qrcode(Request $request, string $provisioningToken)
{
$account = Account::withoutGlobalScopes()
->where('id', function ($query) use ($provisioningToken) {
$query->select('account_id')
->from('provisioning_tokens')
->where('used', false)
->where('token', $provisioningToken);
})
->firstOrFail();
if ($account->activationExpired()) {
abort(404);
}
$params = ['provisioning_token' => $provisioningToken];
if ($request->has('reset_password')) {
$params['reset_password'] = true;
}
$url = route('provisioning.provision', $params);
$result = Builder::create()
->writer(new PngWriter())
->data($url)
->encoding(new Encoding('UTF-8'))
->errorCorrectionLevel(new ErrorCorrectionLevelHigh())
->size(300)
->margin(10)
->build();
return response($result->getString())
->header('Content-Type', $result->getMimeType())
->header('X-Qrcode-URL', $url);
}
/**
* auth_token based provisioning
*/
public function authToken(Request $request, string $token)
{
$authToken = AuthToken::where('token', $token)->valid()->firstOrFail();
if ($authToken->account) {
$account = $authToken->account;
$authToken->delete();
return $this->generateProvisioning($request, $account);
}
abort(404);
}
/**
* Authenticated provisioning
*/
public function me(Request $request)
{
$this->checkProvisioningHeader($request);
return $this->generateProvisioning($request, $request->user());
}
/**
* Get the base provisioning, with authentication
*/
public function show(Request $request)
{
$this->checkProvisioningHeader($request);
return $this->generateProvisioning($request);
}
/**
* Provisioning Token based provisioning
*/
public function provision(Request $request, string $provisioningToken)
{
$this->checkProvisioningHeader($request);
$account = Account::withoutGlobalScopes()
->where('id', function ($query) use ($provisioningToken) {
$query->select('account_id')
->from('provisioning_tokens')
->where('used', false)
->where('token', $provisioningToken);
})
->firstOrFail();
if ($account->activationExpired() || ($provisioningToken != $account->provisioning_token)) {
return abort(404);
}
if ($account->currentProvisioningToken->expired()) {
return abort(410, 'Expired');
}
$account->activated = true;
$account->currentProvisioningToken->consume();
$account->save();
return $this->generateProvisioning($request, $account);
}
private function checkProvisioningHeader(Request $request)
{
if (!$request->hasHeader('x-linphone-provisioning')
&& config('app.provisioning_use_x_linphone_provisioning_header')) {
abort(400, 'x-linphone-provisioning header is missing');
}
}
private function generateProvisioning(Request $request, Account $account = null)
{
// Load the hooks if they exists
$provisioningHooks = config_path('provisioning_hooks.php');
if (file_exists($provisioningHooks)) {
require_once($provisioningHooks);
}
$dom = new \DOMDocument('1.0', 'UTF-8');
$xpath = new \DOMXpath($dom);
$config = $dom->createElement('config');
$config->setAttribute('xmlns', 'http://www.linphone.org/xsds/lpconfig.xsd');
$dom->appendChild($config);
// Default RC file handling
$rcFile = config('app.provisioning_rc_file');
if (file_exists($rcFile)) {
$rc = parse_ini_file($rcFile, true);
foreach ($rc as $sectionName => $values) {
$section = $dom->createElement('section');
$section->setAttribute('name', $sectionName);
foreach ($values as $key => $value) {
$entry = $dom->createElement('entry', $value);
$entry->setAttribute('name', $key);
$section->appendChild($entry);
}
$config->appendChild($section);
}
}
// Password reset
if ($account && $request->has('reset_password')) {
$account->updatePassword(Str::random(10));
}
$section = $dom->createElement('section');
$section->setAttribute('name', 'misc');
$entry = $dom->createElement('entry', route('account.contacts.vcard.index'));
$entry->setAttribute('name', 'contacts-vcard-list');
$section->appendChild($entry);
$config->appendChild($section);
if ($account) {
$ui = $xpath->query("//section[@name='ui']")->item(0);
if ($ui == null && $account->sipDomain) {
$section = $dom->createElement('section');
$section->setAttribute('name', 'ui');
foreach ([
'super',
'disable_chat_feature',
'disable_meetings_feature',
'disable_broadcast_feature',
'hide_settings',
'hide_account_settings',
'disable_call_recordings_feature',
'only_display_sip_uri_username',
'assistant_hide_create_account',
'assistant_disable_qr_code',
'assistant_hide_third_party_account',
'max_account',
] as $key) {
// Cast the booleans into integers
$entry = $dom->createElement('entry', (int)$account->sipDomain->$key);
$entry->setAttribute('name', $key);
$section->appendChild($entry);
}
$config->appendChild($section);
}
$section = $xpath->query("//section[@name='proxy_0']")->item(0);
if ($section == null) {
$section = $dom->createElement('section');
$section->setAttribute('name', 'proxy_0');
$config->appendChild($section);
}
$entry = $dom->createElement('entry', $account->fullIdentifier);
$entry->setAttribute('name', 'reg_identity');
$section->appendChild($entry);
// Complete the section with the Proxy hook
if (function_exists('provisioningProxyHook')) {
provisioningProxyHook($section, $request, $account);
}
$passwords = $account->passwords()->get();
$authInfoIndex = 0;
// CoTURN
if (hasCoTURNConfigured()) {
list($username, $password) = array_values(getCoTURNCredentials());
// net
$section = $xpath->query("//section[@name='net']")->item(0);
if ($section == null) {
$section = $dom->createElement('section');
$section->setAttribute('name', 'net');
$config->appendChild($section);
}
$ref = Str::random(8);
$entry = $dom->createElement('entry', $ref);
$entry->setAttribute('name', 'nat_policy_ref');
$section->appendChild($entry);
// nat_policy_0
$section = $dom->createElement('section');
$section->setAttribute('name', 'nat_policy_0');
$config->appendChild($section);
$entry = $dom->createElement('entry', $ref);
$entry->setAttribute('name', 'ref');
$section->appendChild($entry);
$entry = $dom->createElement('entry', config('app.coturn_server_host'));
$entry->setAttribute('name', 'stun_server');
$section->appendChild($entry);
$entry = $dom->createElement('entry', $username);
$entry->setAttribute('name', 'stun_server_username');
$section->appendChild($entry);
$entry = $dom->createElement('entry', 'turn,ice');
$entry->setAttribute('name', 'protocols');
$section->appendChild($entry);
// auth_info_x
$section = $xpath->query("//section[@name='auth_info_" . $authInfoIndex . "']")->item(0);
if ($section == null) {
$section = $dom->createElement('section');
$section->setAttribute('name', 'auth_info_' . $authInfoIndex);
$config->appendChild($section);
$authInfoIndex++;
}
$entry = $dom->createElement('entry', $username);
$entry->setAttribute('name', 'username');
$section->appendChild($entry);
$entry = $dom->createElement('entry', $password);
$entry->setAttribute('name', 'passwd');
$section->appendChild($entry);
}
foreach ($passwords as $password) {
$section = $xpath->query("//section[@name='auth_info_" . $authInfoIndex . "']")->item(0);
if ($section == null) {
$section = $dom->createElement('section');
$section->setAttribute('name', 'auth_info_' . $authInfoIndex);
$config->appendChild($section);
}
$entry = $dom->createElement('entry', $account->username);
$entry->setAttribute('name', 'username');
$section->appendChild($entry);
$entry = $dom->createElement('entry', $account->domain);
$entry->setAttribute('name', 'domain');
$section->appendChild($entry);
$entry = $dom->createElement('entry', $password->password);
$entry->setAttribute('name', 'ha1');
$section->appendChild($entry);
$entry = $dom->createElement('entry', $account->resolvedRealm);
$entry->setAttribute('name', 'realm');
$section->appendChild($entry);
$entry = $dom->createElement('entry', $password->algorithm);
$entry->setAttribute('name', 'algorithm');
$section->appendChild($entry);
// Complete the section with the Auth hook
if (function_exists('provisioningAuthHook')) {
provisioningAuthHook($section, $request, $password);
}
$authInfoIndex++;
}
}
// Complete the section with the Auth hook
if (function_exists('provisioningAdditionalSectionHook')) {
provisioningAdditionalSectionHook($config, $request, $account);
}
// Overwrite all the entries
if (config('app.provisioning_overwrite_all')) {
$xpath = new \DOMXpath($dom);
$entries = $xpath->query("//section/entry");
if (!is_null($entries)) {
foreach ($entries as $entry) {
$entry->setAttribute('overwrite', 'true');
}
}
}
return response($dom->saveXML($dom->documentElement))->header('Content-Type', 'application/xml');
}
}

144
flexiapi/app/Http/Controllers/Account/RecoveryController.php Normal file
View file

@ -0,0 +1,144 @@
<?php
/*
Flexisip Account Manager is a set of tools to manage SIP accounts.
Copyright (C) 2023 Belledonne Communications SARL, All rights reserved.
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU Affero General Public License as
published by the Free Software Foundation, either version 3 of the
License, or (at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU Affero General Public License for more details.
You should have received a copy of the GNU Affero General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
namespace App\Http\Controllers\Account;
use App\Account;
use Illuminate\Http\Request;
use App\Http\Controllers\Controller;
use App\Services\AccountService;
use Illuminate\Support\Facades\Auth;
use Illuminate\Support\Facades\Crypt;
class RecoveryController extends Controller
{
public function showEmail(Request $request)
{
return view('account.recovery.show', [
'method' => 'email',
'domain' => resolveDomain($request)
]);
}
public function showPhone(Request $request)
{
return view('account.recovery.show', [
'method' => 'phone',
'domain' => resolveDomain($request)
]);
}
public function send(Request $request)
{
$rules = [
'email' => 'required_without:phone|email|exists:accounts,email',
'phone' => 'required_without:email|starts_with:+',
'h-captcha-response' => captchaConfigured() ? 'required|HCaptcha' : '',
];
$account = null;
if ($request->get('email')) {
if (config('app.account_email_unique') == false) {
$rules['username'] = 'required';
}
$request->validate($rules);
$account = Account::where('email', $request->get('email'));
/**
* Because several accounts can have the same email
*/
if (config('app.account_email_unique') == false) {
$account = $account->where('username', $request->get('username'));
}
$account = $account->first();
if (!$account) {
$account = Account::where('phone', $request->get('username'))
->where('email', $request->get('email'))
->first();
}
} elseif ($request->get('phone')) {
$account = Account::where('username', $request->get('phone'))->first();
if (!$account) {
$account = Account::where('phone', $request->get('phone'))->first();
}
}
if (!$account) {
return redirect()->back()->withErrors(['identifier' => 'The account doesn\'t exists']);
}
if ($account->failedRecentRecovery()) {
return redirect()->back()->withErrors(['code' => 'Account recovered recently, try again later']);
}
if ($request->get('email')) {
$account = (new AccountService)->recoverByEmail($account);
} elseif ($request->get('phone')) {
$account = (new AccountService)->recoverByPhone($account);
}
return view('account.recovery.confirm', [
'method' => $request->get('phone') ? 'phone' : 'email',
'account_id' => Crypt::encryptString($account->id)
]);
}
public function confirm(Request $request)
{
$request->validate([
'account_id' => 'required',
'method' => 'in:phone,email',
'number_1' => 'required|digits:1',
'number_2' => 'required|digits:1',
'number_3' => 'required|digits:1',
'number_4' => 'required|digits:1'
]);
$code = $request->get('number_1') . $request->get('number_2') . $request->get('number_3') . $request->get('number_4');
$account = Account::where('id', Crypt::decryptString($request->get('account_id')))->firstOrFail();
if ($account->currentRecoveryCode->expired()) {
return redirect()->route($request->get('method') == 'phone'
? 'account.recovery.show.phone'
: 'account.recovery.show.email')->withErrors([
'code' => 'The code is expired'
]);
}
if ($account->recovery_code != $code) {
return redirect()->route($request->get('method') == 'phone'
? 'account.recovery.show.phone'
: 'account.recovery.show.email')->withErrors([
'code' => 'The code entered was not valid, try again later'
]);
}
$account->currentRecoveryCode->consume();
Auth::login($account);
return redirect()->route('account.password.update');
}
}

40
flexiapi/app/Http/Controllers/Account/RegisterController.php Normal file
View file

@ -0,0 +1,40 @@
<?php
/*
Flexisip Account Manager is a set of tools to manage SIP accounts.
Copyright (C) 2020 Belledonne Communications SARL, All rights reserved.
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU Affero General Public License as
published by the Free Software Foundation, either version 3 of the
License, or (at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU Affero General Public License for more details.
You should have received a copy of the GNU Affero General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
namespace App\Http\Controllers\Account;
use App\Http\Controllers\Controller;
use Illuminate\Http\Request;
class RegisterController extends Controller
{
public function registerPhone(Request $request)
{
return view('account.register.phone', [
'domain' => resolveDomain($request)
]);
}
public function registerEmail(Request $request)
{
return view('account.register.email', [
'domain' => resolveDomain($request)
]);
}
}

37
flexiapi/app/Http/Controllers/Account/VcardsStorageController.php Normal file
View file

@ -0,0 +1,37 @@
<?php
namespace App\Http\Controllers\Account;
use App\Http\Controllers\Controller;
use Illuminate\Http\Request;
class VcardsStorageController extends Controller
{
public function index(Request $request)
{
//if ($this->vcardRequested($request)) {
$vcards = '';
foreach ($request->user()->vcardsStorage()->get() as $vcard) {
$vcards .= $vcard->vcard . "\n";
}
return $vcards;
/*}
abort(404);*/
}
public function show(Request $request, string $uuid)
{
return /*($this->vcardRequested($request))
?*/ $request->user()->vcardsStorage()->where('uuid', $uuid)->firstOrFail()->vcard
/*: abort(404)*/;
}
/*private function vcardRequested(Request $request): bool
{
return $request->hasHeader('content-type') == 'text/vcard'
&& $request->hasHeader('accept') == 'text/vcard';
}*/
}

71
flexiapi/app/Http/Controllers/Admin/AccountAccountTypeController.php Normal file
View file

@ -0,0 +1,71 @@
<?php
/*
Flexisip Account Manager is a set of tools to manage SIP accounts.
Copyright (C) 2021 Belledonne Communications SARL, All rights reserved.
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU Affero General Public License as
published by the Free Software Foundation, either version 3 of the
License, or (at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU Affero General Public License for more details.
You should have received a copy of the GNU Affero General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
namespace App\Http\Controllers\Admin;
use App\Http\Controllers\Controller;
use Illuminate\Http\Request;
use Illuminate\Support\Facades\Log;
use App\Account;
use App\AccountType;
class AccountAccountTypeController extends Controller
{
public function create(int $id)
{
$account = Account::findOrFail($id);
return view('admin.account.account_type.create', [
'account' => $account,
'account_types' => AccountType::whereNotIn('id', function ($query) use ($account) {
$query->select('account_type_id')
->from('account_account_type')
->where('account_id', $account->id);
})->pluck('key', 'id')
]);
}
public function store(Request $request, int $id)
{
$account = Account::findOrFail($id);
$request->validate([
'account_type_id' => ['required', 'exists:account_types,id'],
]);
$account->types()->detach($request->get('account_type_id'));
$account->types()->attach($request->get('account_type_id'));
Log::channel('events')->info('Web Admin: Account type attached', ['id' => $account->identifier, 'type_id' => $request->get('account_type_id')]);
return redirect()->route('admin.account.edit', $account);
}
public function destroy(Request $request, int $id, int $typeId)
{
$account = Account::findOrFail($id);
$account->types()->detach($typeId);
Log::channel('events')->info('Web Admin: Account type detached', ['id' => $account->identifier, 'type_id' => $request->get('account_type_id')]);
return redirect()->route('admin.account.edit', $account);
}
}

121
flexiapi/app/Http/Controllers/Admin/AccountActionController.php Normal file
View file

@ -0,0 +1,121 @@
<?php
/*
Flexisip Account Manager is a set of tools to manage SIP accounts.
Copyright (C) 2021 Belledonne Communications SARL, All rights reserved.
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU Affero General Public License as
published by the Free Software Foundation, either version 3 of the
License, or (at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU Affero General Public License for more details.
You should have received a copy of the GNU Affero General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
namespace App\Http\Controllers\Admin;
use App\Http\Controllers\Controller;
use Illuminate\Http\Request;
use Illuminate\Support\Facades\Log;
use App\Account;
use App\AccountAction;
use App\Rules\NoUppercase;
class AccountActionController extends Controller
{
public function create(int $accountId)
{
$account = Account::findOrFail($accountId);
return view('admin.account.action.create_edit', [
'action' => new AccountAction,
'account' => $account
]);
}
public function store(Request $request, int $accountId)
{
$account = Account::findOrFail($accountId);
$request->validate([
'key' => ['required', 'alpha_dash', new NoUppercase],
'code' => ['required', 'alpha_num', new NoUppercase]
]);
$accountAction = new AccountAction;
$accountAction->account_id = $account->id;
$accountAction->key = $request->get('key');
$accountAction->code = $request->get('code');
$accountAction->save();
Log::channel('events')->info('Web Admin: Account action created', ['id' => $account->identifier, 'action' => $accountAction->key]);
return redirect()->route('admin.account.edit', $accountAction->account);
}
public function edit(int $accountId, int $actionId)
{
$account = Account::findOrFail($accountId);
$accountAction = $account->actions()
->where('id', $actionId)
->firstOrFail();
return view('admin.account.action.create_edit', [
'action' => $accountAction,
'account' => $account
]);
}
public function update(Request $request, int $accountId, int $actionId)
{
$account = Account::findOrFail($accountId);
$request->validate([
'key' => ['alpha_dash', new NoUppercase],
'code' => ['alpha_num', new NoUppercase]
]);
$accountAction = $account->actions()
->where('id', $actionId)
->firstOrFail();
$accountAction->key = $request->get('key');
$accountAction->code = $request->get('code');
$accountAction->save();
Log::channel('events')->info('Web Admin: Account action updated', ['id' => $account->identifier, 'action' => $accountAction->key]);
return redirect()->route('admin.account.edit', $account);
}
public function delete(int $accountId, int $actionId)
{
$account = Account::findOrFail($accountId);
return view('admin.account.action.delete', [
'action' => $account->actions()
->where('id', $actionId)
->firstOrFail()
]);
}
public function destroy(Request $request, int $accountId, int $actionId)
{
$account = Account::findOrFail($accountId);
$accountAction = $account->actions()
->where('id', $actionId)
->firstOrFail();
$accountAction->delete();
Log::channel('events')->info('Web Admin: Account action deleted', ['id' => $accountAction->account->identifier, 'action_id' => $accountAction->key]);
return redirect()->route('admin.account.edit', $accountAction->account);
}
}

37
flexiapi/app/Http/Controllers/Admin/AccountActivityController.php Normal file
View file

@ -0,0 +1,37 @@
<?php
/*
Flexisip Account Manager is a set of tools to manage SIP accounts.
Copyright (C) 2023 Belledonne Communications SARL, All rights reserved.
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU Affero General Public License as
published by the Free Software Foundation, either version 3 of the
License, or (at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU Affero General Public License for more details.
You should have received a copy of the GNU Affero General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
namespace App\Http\Controllers\Admin;
use App\Http\Controllers\Controller;
use App\Account;
class AccountActivityController extends Controller
{
public function index(int $accountId)
{
return view(
'admin.account.activity.index',
[
'account' => Account::findOrFail($accountId)
]
);
}
}

84
flexiapi/app/Http/Controllers/Admin/AccountContactController.php Normal file
View file

@ -0,0 +1,84 @@
<?php
/*
Flexisip Account Manager is a set of tools to manage SIP accounts.
Copyright (C) 2021 Belledonne Communications SARL, All rights reserved.
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU Affero General Public License as
published by the Free Software Foundation, either version 3 of the
License, or (at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU Affero General Public License for more details.
You should have received a copy of the GNU Affero General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
namespace App\Http\Controllers\Admin;
use App\Http\Controllers\Controller;
use Illuminate\Http\Request;
use Illuminate\Support\Facades\Log;
use App\Account;
class AccountContactController extends Controller
{
public function create(int $accountId)
{
$account = Account::findOrFail($accountId);
return view('admin.account.contact.create', [
'account' => $account
]);
}
public function store(Request $request, int $accountId)
{
$request->validate([
'sip' => 'required',
]);
$account = Account::findOrFail($accountId);
$contact = Account::sip($request->get('sip'))->first();
if (!$contact) {
return redirect()->back()->withErrors([
'sip' => 'The contact SIP address doesn\'t exists'
]);
}
$account->contacts()->detach($contact->id);
$account->contacts()->attach($contact->id);
Log::channel('events')->info('Web Admin: Account contact added', ['id' => $account->identifier, 'contact' => $contact->identifier]);
return redirect()->route('admin.account.edit', $account);
}
public function delete(int $accountId, int $contactId)
{
$account = Account::findOrFail($accountId);
$contact = $account->contacts()->where('id', $contactId)->firstOrFail();
return view('admin.account.contact.delete', [
'account' => $account,
'contact' => $contact
]);
}
public function destroy(Request $request, int $accountId)
{
$account = Account::findOrFail($accountId);
$contact = $account->contacts()->where('id', $request->get('contact_id'))->firstOrFail();
$account->contacts()->detach($contact->id);
Log::channel('events')->info('Web Admin: Account contact removed', ['id' => $account->identifier, 'contact' => $contact->identifier]);
return redirect()->route('admin.account.edit', $account);
}
}

173
flexiapi/app/Http/Controllers/Admin/AccountController.php Normal file
View file

@ -0,0 +1,173 @@
<?php
/*
Flexisip Account Manager is a set of tools to manage SIP accounts.
Copyright (C) 2020 Belledonne Communications SARL, All rights reserved.
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU Affero General Public License as
published by the Free Software Foundation, either version 3 of the
License, or (at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU Affero General Public License for more details.
You should have received a copy of the GNU Affero General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
namespace App\Http\Controllers\Admin;
use App\Http\Controllers\Controller;
use Illuminate\Http\Request;
use Illuminate\Support\Facades\Log;
use App\Account;
use App\ContactsList;
use App\Http\Requests\Account\Create\Web\AsAdminRequest;
use App\Http\Requests\Account\Update\Web\AsAdminRequest as WebAsAdminRequest;
use App\Services\AccountService;
use App\SipDomain;
class AccountController extends Controller
{
public function index(Request $request)
{
$request->validate([
'order_by' => 'in:username,updated_at',
'order_sort' => 'in:asc,desc',
]);
$accounts = Account::with('contactsLists')
->orderBy($request->get('order_by', 'updated_at'), $request->get('order_sort', 'desc'));
if ($request->has('search')) {
$accounts = $accounts->where('username', 'like', '%' . $request->get('search') . '%');
}
if ($request->has('updated_date')) {
$accounts->whereDate('updated_at', $request->get('updated_date'));
}
if ($request->has('contacts_list')) {
$accounts->whereHas('contactsLists', function ($query) use ($request) {
$query->where('id', $request->get('contacts_list'));
});
}
if ($request->has('domain')) {
$accounts->where('domain', $request->get('domain'));
}
return view('admin.account.index', [
'domains' => Account::groupBy('domain')->pluck('domain'),
'contacts_lists' => ContactsList::all()->pluck('title', 'id'),
'accounts' => $accounts->paginate(20)->appends($request->query()),
]);
}
public function search(Request $request)
{
return redirect()->route('admin.account.index', $request->except('_token', 'query'));
}
public function create(Request $request)
{
return view('admin.account.create_edit', [
'account' => new Account,
'domains' => $request->user()?->superAdmin
? SipDomain::all()
: SipDomain::where('domain', $request->user()->domain)->get(),
'protocols' => [null => 'None'] + Account::$dtmfProtocols
]);
}
public function store(AsAdminRequest $request)
{
$account = (new AccountService)->store($request);
Log::channel('events')->info('Web Admin: Account created', ['id' => $account->identifier]);
return redirect()->route('admin.account.edit', $account->id);
}
public function edit(Request $request, int $accountId)
{
$account = Account::findOrFail($accountId);
return view('admin.account.create_edit', [
'account' => $account,
'protocols' => [null => 'None'] + Account::$dtmfProtocols,
'domains' => $request->user()?->superAdmin
? SipDomain::all()
: SipDomain::where('domain', $account->domain)->get(),
'contacts_lists' => ContactsList::whereNotIn('id', function ($query) use ($accountId) {
$query->select('contacts_list_id')
->from('account_contacts_list')
->where('account_id', $accountId);
})->get()
]);
}
public function update(WebAsAdminRequest $request, int $accountId)
{
$account = (new AccountService)->update($request, $accountId);
Log::channel('events')->info('Web Admin: Account updated', ['id' => $account->identifier]);
return redirect()->route('admin.account.edit', $accountId);
}
public function provision(int $accountId)
{
$account = Account::findOrFail($accountId);
$account->provision();
$account->save();
Log::channel('events')->info('Web Admin: Account provisioned', ['id' => $account->identifier]);
return redirect()->back()->withFragment('provisioning');
}
public function delete(int $accountId)
{
$account = Account::findOrFail($accountId);
return view('admin.account.delete', [
'account' => $account
]);
}
public function destroy(Request $request)
{
$account = Account::findOrFail($request->get('account_id'));
(new AccountService)->destroy($request, $request->get('account_id'));
Log::channel('events')->info('Web Admin: Account deleted', ['id' => $account->identifier]);
return redirect()->route('admin.account.index');
}
public function contactsListAdd(Request $request, int $accountId)
{
$request->validate([
'contacts_list_id' => 'required|exists:contacts_lists,id'
]);
$account = Account::findOrFail($accountId);
$account->contactsLists()->detach([$request->get('contacts_list_id')]);
$account->contactsLists()->attach([$request->get('contacts_list_id')]);
return redirect()->route('admin.account.edit', $accountId)->withFragment('#contacts_lists');
}
public function contactsListRemove(Request $request, int $accountId)
{
$account = Account::findOrFail($accountId);
$account->contactsLists()->detach([$request->get('contacts_list_id')]);
return redirect()->route('admin.account.edit', $accountId)->withFragment('#contacts_lists');
}
}

67
flexiapi/app/Http/Controllers/Admin/AccountDeviceController.php Normal file
View file

@ -0,0 +1,67 @@
<?php
/*
Flexisip Account Manager is a set of tools to manage SIP accounts.
Copyright (C) 2020 Belledonne Communications SARL, All rights reserved.
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU Affero General Public License as
published by the Free Software Foundation, either version 3 of the
License, or (at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU Affero General Public License for more details.
You should have received a copy of the GNU Affero General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
namespace App\Http\Controllers\Admin;
use App\Account;
use App\Http\Controllers\Controller;
use Illuminate\Http\Request;
use App\Libraries\FlexisipConnector;
class AccountDeviceController extends Controller
{
public function index(int $accountId)
{
$connector = new FlexisipConnector;
$account = Account::findOrFail($accountId);
return view(
'admin.account.device.index',
[
'account' => $account,
'devices' => $connector->getDevices($account->identifier)
]
);
}
public function delete(int $accountId, string $uuid)
{
$connector = new FlexisipConnector;
$account = Account::findOrFail($accountId);
return view(
'admin.account.device.delete',
[
'account' => $account,
'device' => $connector->getDevices($account->identifier)
->where('uuid', $uuid)->first()
]
);
}
public function destroy(Request $request, int $accountId)
{
$connector = new FlexisipConnector;
$account = Account::findOrFail($accountId);
$connector->deleteDevice($account->identifier, $request->get('uuid'));
return redirect()->route('admin.account.device.index', $account);
}
}

117
flexiapi/app/Http/Controllers/Admin/AccountDictionaryController.php Normal file
View file

@ -0,0 +1,117 @@
<?php
/*
Flexisip Account Manager is a set of tools to manage SIP accounts.
Copyright (C) 2023 Belledonne Communications SARL, All rights reserved.
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU Affero General Public License as
published by the Free Software Foundation, either version 3 of the
License, or (at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU Affero General Public License for more details.
You should have received a copy of the GNU Affero General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
namespace App\Http\Controllers\Admin;
use App\Http\Controllers\Controller;
use Illuminate\Http\Request;
use App\Account;
use App\AccountDictionaryEntry;
class AccountDictionaryController extends Controller
{
public function index(int $accountId)
{
return view(
'admin.account.dictionary.index',
[
'account' => Account::findOrFail($accountId)
]
);
}
public function create(int $accountId)
{
return view('admin.account.dictionary.create_edit', [
'account' => Account::findOrFail($accountId),
'entry' => new AccountDictionaryEntry
]);
}
public function store(Request $request, int $accountId)
{
$account = Account::findOrFail($accountId);
$request->validate([
'key' => 'required',
'value' => 'required'
]);
$account->setDictionaryEntry($request->get('key'), $request->get('value'));
if (function_exists('accountServiceAccountEditedHook')) {
$account->refresh();
accountServiceAccountEditedHook($request, $account);
}
return redirect()->route('admin.account.dictionary.index', $account->id);
}
public function edit(int $accountId, string $key)
{
$account = Account::findOrFail($accountId);
return view('admin.account.dictionary.create_edit', [
'account' => $account,
'entry' => $account->dictionaryEntries()->where('key', $key)->firstOrFail()
]);
}
public function update(Request $request, int $accountId, int $entryId)
{
$request->validate([
'value' => 'required'
]);
$account = Account::findOrFail($accountId);
$entry = $account->dictionaryEntries()->findOrFail($entryId);
$entry->value = $request->get('value');
$entry->save();
if (function_exists('accountServiceAccountEditedHook')) {
$account->refresh();
accountServiceAccountEditedHook($request, $account);
}
return redirect()->route('admin.account.dictionary.index', $account->id);
}
public function delete(int $accountId, string $key)
{
$account = Account::findOrFail($accountId);
return view(
'admin.account.dictionary.delete',
[
'account' => $account,
'entry' => $account->dictionaryEntries()->where('key', $key)->firstOrFail()
]
);
}
public function destroy(Request $request, int $accountId)
{
$account = Account::findOrFail($accountId);
$account->dictionaryEntries()->where('key', $request->get('key'))->delete();
return redirect()->route('admin.account.dictionary.index', $account);
}
}

271
flexiapi/app/Http/Controllers/Admin/AccountImportController.php Normal file
View file

@ -0,0 +1,271 @@
<?php
/*
Flexisip Account Manager is a set of tools to manage SIP accounts.
Copyright (C) 2023 Belledonne Communications SARL, All rights reserved.
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU Affero General Public License as
published by the Free Software Foundation, either version 3 of the
License, or (at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU Affero General Public License for more details.
You should have received a copy of the GNU Affero General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
namespace App\Http\Controllers\Admin;
use App\Account;
use App\Password;
use App\Http\Controllers\Controller;
use Illuminate\Support\Collection;
use Illuminate\Http\Request;
use Illuminate\Support\Facades\Storage;
use Illuminate\Validation\Rules\File;
class AccountImportController extends Controller
{
private Collection $errors;
private string $importDirectory = 'imported_csv';
public function __construct()
{
$this->errors = collect();
}
public function create(Request $request)
{
return view('admin.account.import.create', [
'domains' => Account::select('domain')->distinct()->get()->pluck('domain')
]);
}
public function store(Request $request)
{
$request->validate([
'csv' => ['required', File::types(['csv', 'txt'])],
'domain' => 'required|exists:accounts'
]);
$lines = $this->csvToCollection($request->file('csv'));
/**
* Error checking
*/
// Usernames
$existingUsernames = Account::where('domain', $request->get('domain'))
->whereIn('username', $lines->pluck('username')->all())
->pluck('username');
if ($existingUsernames->isNotEmpty()) {
$this->errors['Those usernames already exists'] = $existingUsernames->join(', ', ' and ');
}
if ($duplicates = $lines->pluck('username')->duplicates()) {
if ($duplicates->isNotEmpty()) {
$this->errors['Those usernames are declared several times'] = $duplicates->join(', ', ' and ');
}
}
if ($lines->pluck('username')->contains(function ($value) {
return strlen($value) < 2;
})) {
$this->errors['Some usernames are shorter than expected'] = '';
}
// Passwords
if ($lines->pluck('password')->contains(function ($value) {
return strlen($value) < 6;
})) {
$this->errors['Some passwords are shorter than expected'] = '';
}
// Roles
if ($lines->pluck('role')->contains(function ($value) {
return !in_array($value, ['admin', 'user']);
})) {
$this->errors['Some roles are not correct'] = '';
}
// Status
if ($lines->pluck('status')->contains(function ($value) {
return !in_array($value, ['active', 'inactive']);
})) {
$this->errors['Some status are not correct'] = '';
}
// Phones
if ($phones = $lines->pluck('phone')->filter(function ($value) {
return strlen($value) > 2 && substr($value, 0, 1) != '+';
})) {
if ($phones->isNotEmpty()) {
$this->errors['Some phone numbers are not correct'] = $phones->join(', ', ' and ');
}
}
$existingPhones = Account::whereIn('phone', $lines->pluck('phone')->all())
->pluck('phone');
if ($existingPhones->isNotEmpty()) {
$this->errors['Those phones numbers already exists'] = $existingPhones->join(', ', ' and ');
}
// Emails
if ($emails = $lines->pluck('email')->filter(function ($value) {
return !filter_var($value, FILTER_VALIDATE_EMAIL);
})) {
if ($emails->isNotEmpty()) {
$this->errors['Some emails are not correct'] = $emails->join(', ', ' and ');
}
}
$existingEmails = Account::whereIn('email', $lines->pluck('email')->all())
->pluck('email');
if ($existingEmails->isNotEmpty()) {
$this->errors['Those emails numbers already exists'] = $existingEmails->join(', ', ' and ');
}
if ($emails = $lines->pluck('email')->duplicates()) {
if ($emails->isNotEmpty()) {
$this->errors['Those emails are declared several times'] = $emails->join(', ', ' and ');
}
}
$filePath = $this->errors->isEmpty()
? Storage::putFile($this->importDirectory, $request->file('csv'))
: null;
return view('admin.account.import.check', [
'linesCount' => $lines->count(),
'errors' => $this->errors,
'domain' => $request->get('domain'),
'filePath' => $filePath
]);
}
public function handle(Request $request)
{
$request->validate([
'file_path' => 'required',
'domain' => 'required|exists:accounts'
]);
$lines = $this->csvToCollection(storage_path('app/' . $request->get('file_path')));
$accounts = [];
$now = \Carbon\Carbon::now();
$admins = $phones = $passwords = [];
foreach ($lines as $line) {
if ($line->role == 'admin') {
array_push($admins, $line->username);
}
if (!empty($line->phone)) {
$phones[$line->username] = $line->phone;
}
if (!empty($line->password)) {
$passwords[$line->username] = $line->password;
}
array_push($accounts, [
'username' => $line->username,
'domain' => $request->get('domain'),
'email' => $line->email,
'activated' => $line->status == 'active',
'ip_address' => '127.0.0.1',
'user_agent' => 'CSV Import',
'created_at' => $now,
'updated_at' => $now,
]);
}
Account::insert($accounts);
// Set admins accounts
foreach ($admins as $username) {
$account = Account::where('username', $username)
->where('domain', $request->get('domain'))
->first();
$account->admin = true;
}
// Set passwords
$passwordsToInsert = [];
$passwordAccounts = Account::whereIn('username', array_keys($passwords))
->where('domain', $request->get('domain'))
->get();
$algorithm = config('app.account_default_password_algorithm');
foreach ($passwordAccounts as $passwordAccount) {
array_push($passwordsToInsert, [
'account_id' => $passwordAccount->id,
'password' => bchash(
$passwordAccount->username,
config('app.account_realm') ?? $request->get('domain'),
$passwords[$passwordAccount->username],
$algorithm
),
'algorithm' => $algorithm
]);
}
Password::insert($passwordsToInsert);
// Set admins accounts
foreach ($phones as $username => $phone) {
$account = Account::where('username', $username)
->where('domain', $request->get('domain'))
->first();
$account->phone = $phone;
}
return redirect()->route('admin.account.index');
}
private function csvToCollection($file): Collection
{
$lines = collect();
$csv = fopen($file, 'r');
$i = 1;
while (!feof($csv)) {
if ($line = fgetcsv($csv, 1000, ',')) {
$lines->push((object)[
'line' => $i,
'username' => $line[0],
'password' => $line[1],
'role' => $line[2],
'status' => $line[3],
'phone' => $line[4],
'email' => $line[5],
]);
$i++;
}
}
fclose($csv);
$lines->shift();
return $lines;
}
}

118
flexiapi/app/Http/Controllers/Admin/AccountStatisticsController.php Normal file
View file

@ -0,0 +1,118 @@
<?php
/*
Flexisip Account Manager is a set of tools to manage SIP accounts.
Copyright (C) 2023 Belledonne Communications SARL, All rights reserved.
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU Affero General Public License as
published by the Free Software Foundation, either version 3 of the
License, or (at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU Affero General Public License for more details.
You should have received a copy of the GNU Affero General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
namespace App\Http\Controllers\Admin;
use App\Account;
use App\Http\Controllers\Controller;
use App\Libraries\StatisticsGraphFactory;
use App\StatisticsCall;
use Illuminate\Http\Request;
use Illuminate\Support\Facades\DB;
class AccountStatisticsController extends Controller
{
public function edit(Request $request, int $accountId)
{
$account = Account::findOrFail($accountId);
return redirect()->route('admin.account.statistics.show', [
'account' => $account,
'from' => $request->get('from'),
'to' => $request->get('to'),
'by' => $request->get('by'),
]);
}
public function show(Request $request, int $accountId)
{
$request->validate([
'from' => 'date_format:Y-m-d|before:to',
'to' => 'date_format:Y-m-d|after:from',
'by' => 'in:day,week,month,year',
]);
$account = Account::findOrFail($accountId);
$messagesFromGraph = view('parts.graph', [
'jsonConfig' => json_encode((new StatisticsGraphFactory($request, 'messages', fromUsername: $account->username, fromDomain: $account->domain))->getConfig()),
'request' => $request
])->render();
$messagesToGraph = view('parts.graph', [
'jsonConfig' => json_encode((new StatisticsGraphFactory($request, 'messages', toUsername: $account->username, toDomain: $account->domain))->getConfig()),
'request' => $request
])->render();
$callsFromGraph = view('parts.graph', [
'jsonConfig' => json_encode((new StatisticsGraphFactory($request, 'calls', fromUsername: $account->username, fromDomain: $account->domain))->getConfig()),
'request' => $request
])->render();
$callsToGraph = view('parts.graph', [
'jsonConfig' => json_encode((new StatisticsGraphFactory($request, 'calls', toUsername: $account->username, toDomain: $account->domain))->getConfig()),
'request' => $request
])->render();
return view('admin.account.statistics.show', [
'account' => $account,
'messagesFromGraph' => $messagesFromGraph,
'messagesToGraph' => $messagesToGraph,
'callsFromGraph' => $callsFromGraph,
'callsToGraph' => $callsToGraph,
]);
}
public function editCallLogs(Request $request, int $accountId)
{
return redirect()->route('admin.account.statistics.show_call_logs', [
'from' => $request->get('from'),
'to' => $request->get('to'),
'account' => $accountId
]);
}
public function showCallLogs(Request $request, int $accountId)
{
$account = Account::findOrFail($accountId);
$toQuery = DB::table('statistics_calls')
->where('to_domain', $account->domain)
->where('to_username', $account->username);
$calls = StatisticsCall::where('from_domain', $account->domain)
->where('from_username', $account->username);
if ($request->get('to')) {
$toQuery = $toQuery->where('initiated_at', '<=', $request->get('to'));
$calls = $calls->where('initiated_at', '<=', $request->get('to'));
}
if ($request->get('from')) {
$toQuery = $toQuery->where('initiated_at', '>=', $request->get('from'));
$calls = $calls->where('initiated_at', '>=', $request->get('from'));
}
$calls = $calls->union($toQuery);
return view('admin.account.statistics.show_call_logs', [
'account' => $account,
'calls' => $calls->orderBy('initiated_at', 'desc')->paginate(30),
'request' => $request,
]);
}
}

98
flexiapi/app/Http/Controllers/Admin/AccountTypeController.php Normal file
View file

@ -0,0 +1,98 @@
<?php
/*
Flexisip Account Manager is a set of tools to manage SIP accounts.
Copyright (C) 2021 Belledonne Communications SARL, All rights reserved.
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU Affero General Public License as
published by the Free Software Foundation, either version 3 of the
License, or (at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU Affero General Public License for more details.
You should have received a copy of the GNU Affero General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
namespace App\Http\Controllers\Admin;
use App\Http\Controllers\Controller;
use Illuminate\Http\Request;
use Illuminate\Support\Facades\Log;
use Illuminate\Validation\Rule;
use App\AccountType;
use App\Rules\NoUppercase;
class AccountTypeController extends Controller
{
public function index()
{
return view('admin.account.type.index', ['types' => AccountType::all()]);
}
public function create()
{
return view('admin.account.type.create_edit', [
'type' => new AccountType
]);
}
public function store(Request $request)
{
$request->validate([
'key' => ['required', 'alpha_dash', new NoUppercase, 'unique:account_types,key'],
]);
$accountType = new AccountType;
$accountType->key = $request->get('key');
$accountType->save();
return redirect()->route('admin.account.type.index');
}
public function edit(int $typeId)
{
return view('admin.account.type.create_edit', [
'type' => AccountType::findOrFail($typeId)
]);
}
public function update(Request $request, int $typeId)
{
$request->validate([
'key' => [
'required',
'alpha_dash',
new NoUppercase,
Rule::unique('account_types')->ignore($typeId)
]
]);
$accountType = AccountType::findOrFail($typeId);
$accountType->key = $request->get('key');
$accountType->save();
return redirect()->route('admin.account.type.index');
}
public function delete(int $typeId)
{
return view('admin.account.type.delete', [
'type' => AccountType::findOrFail($typeId)
]);
}
public function destroy(int $typeId)
{
$type = AccountType::findOrFail($typeId);
$type->delete();
Log::channel('events')->info('Web Admin: Account type deleted', ['type' => $type->key]);
return redirect()->route('admin.account.type.index');
}
}

84
flexiapi/app/Http/Controllers/Admin/ContactsListContactController.php Normal file
View file

@ -0,0 +1,84 @@
<?php
/*
Flexisip Account Manager is a set of tools to manage SIP accounts.
Copyright (C) 2023 Belledonne Communications SARL, All rights reserved.
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU Affero General Public License as
published by the Free Software Foundation, either version 3 of the
License, or (at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU Affero General Public License for more details.
You should have received a copy of the GNU Affero General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
namespace App\Http\Controllers\Admin;
use App\Account;
use App\ContactsList;
use App\Http\Controllers\Controller;
use Illuminate\Http\Request;
class ContactsListContactController extends Controller
{
public function add(Request $request, int $contactsListId)
{
$accounts = Account::orderBy('updated_at', $request->get('updated_at_order', 'desc'));
if ($request->has('search')) {
$accounts = $accounts->where('username', 'like', '%' . $request->get('search') . '%');
}
if ($request->has('domain')) {
$accounts = $accounts->where('domain', $request->get('domain'));
}
return view('admin.contacts_list.contacts.add', [
'domains' => Account::groupBy('domain')->pluck('domain'),
'contacts_list' => ContactsList::findOrFail($contactsListId),
'params' => [
'contacts_list_id' => $contactsListId
],
'accounts' => $accounts->whereNotIn('id', function ($query) use ($contactsListId) {
$query->select('contact_id')
->from('contacts_list_contact')
->where('contacts_list_id', $contactsListId);
})->paginate(20)->appends($request->query()),
]);
}
public function search(Request $request, int $contactsListId)
{
return redirect()->route('admin.contacts_lists.contacts.add', ['contacts_list_id' => $contactsListId] + $request->except('_token'));
}
public function store(Request $request, int $contactsListId)
{
$request->validate([
'contacts_ids' => 'required|exists:accounts,id'
]);
$contactsList = ContactsList::findOrFail($contactsListId);
$contactsList->contacts()->detach($request->get('contacts_ids')); // Just in case
$contactsList->contacts()->attach($request->get('contacts_ids'));
return redirect()->route('admin.contacts_lists.edit', $contactsList->id);
}
public function destroy(Request $request, int $contactsListId)
{
$request->validate([
'contacts_ids' => 'required|exists:accounts,id'
]);
$contactsList = ContactsList::findOrFail($contactsListId);
$contactsList->contacts()->detach($request->get('contacts_ids'));
return redirect()->route('admin.contacts_lists.edit', $contactsList->id);
}
}

128
flexiapi/app/Http/Controllers/Admin/ContactsListController.php Normal file
View file

@ -0,0 +1,128 @@
<?php
/*
Flexisip Account Manager is a set of tools to manage SIP accounts.
Copyright (C) 2023 Belledonne Communications SARL, All rights reserved.
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU Affero General Public License as
published by the Free Software Foundation, either version 3 of the
License, or (at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU Affero General Public License for more details.
You should have received a copy of the GNU Affero General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
namespace App\Http\Controllers\Admin;
use App\Account;
use App\ContactsList;
use App\Http\Controllers\Controller;
use Illuminate\Validation\Rule;
use Illuminate\Http\Request;
class ContactsListController extends Controller
{
public function index(Request $request)
{
$request->validate([
'order_by' => 'in:title,updated_at,contacts_count',
'order_sort' => 'in:asc,desc',
]);
$contactsLists = ContactsList::orderBy($request->get('order_by', 'updated_at'), $request->get('order_sort', 'desc'));
return view('admin.contacts_list.index', [
'contacts_lists' => $contactsLists
->paginate(20)
->appends($request->query()),
]);
}
public function show(int $id)
{
}
public function create(Request $request)
{
return view('admin.contacts_list.create_edit', [
'contacts_list' => new ContactsList,
]);
}
public function store(Request $request)
{
$request->validate([
'title' => 'required|unique:contacts_lists'
]);
$contactsList = new ContactsList;
$contactsList->title = $request->get('title');
$contactsList->description = $request->get('description');
$contactsList->save();
return redirect()->route('admin.contacts_lists.edit', $contactsList->id);
}
public function search(Request $request, int $contactsListId)
{
return redirect()->route('admin.contacts_lists.edit', ['contacts_list_id' => $contactsListId] + $request->except('_token'));
}
public function edit(Request $request, int $id)
{
$contacts = ContactsList::findOrFail($id)->contacts();
if ($request->has('search')) {
$contacts = $contacts->where('username', 'like', '%' . $request->get('search') . '%');
}
if ($request->has('domain')) {
$contact = $contacts->where('domain', $request->get('domain'));
}
$contacts = $contacts->get();
return view('admin.contacts_list.create_edit', [
'domains' => Account::groupBy('domain')->pluck('domain'),
'contacts_list' => ContactsList::findOrFail($id),
'contacts' => $contacts
]);
}
public function update(Request $request, int $id)
{
$request->validate([
'title' => [
'required',
Rule::unique('contacts_lists')->ignore($id),
],
]);
$contactsList = ContactsList::findOrFail($id);
$contactsList->title = $request->get('title');
$contactsList->description = $request->get('description');
$contactsList->save();
return redirect()->route('admin.contacts_lists.index');
}
public function delete(int $id)
{
return view('admin.contacts_list.delete', [
'contacts_list' => ContactsList::findOrFail($id),
]);
}
public function destroy(Request $request)
{
$contactsList = ContactsList::findOrFail($request->get('contacts_lists_id'));
$contactsList->delete();
return redirect()->route('admin.contacts_lists.index');
}
}

50
flexiapi/app/Http/Controllers/Admin/PhoneCountryController.php Normal file
View file

@ -0,0 +1,50 @@
<?php
namespace App\Http\Controllers\Admin;
use App\Http\Controllers\Controller;
use App\PhoneCountry;
use Illuminate\Http\Request;
class PhoneCountryController extends Controller
{
public function index()
{
return view('admin.phone_country.index', [
'phone_countries' => PhoneCountry::all()
]);
}
public function activateAll()
{
PhoneCountry::query()->update(['activated' => true]);
return redirect()->route('admin.phone_countries.index');
}
public function deactivateAll()
{
PhoneCountry::query()->update(['activated' => false]);
return redirect()->route('admin.phone_countries.index');
}
public function activate(string $code)
{
$phoneCountry = PhoneCountry::where('code', $code)->firstOrFail();
PhoneCountry::where('country_code', $phoneCountry->country_code)->update(['activated' => true]);
return redirect()->route('admin.phone_countries.index');
}
public function deactivate(string $code)
{
$phoneCountry = PhoneCountry::where('code', $code)->firstOrFail();
PhoneCountry::where('country_code', $phoneCountry->country_code)->update(['activated' => false]);
return redirect()->route('admin.phone_countries.index');
}
}

120
flexiapi/app/Http/Controllers/Admin/SipDomainController.php Normal file
View file

@ -0,0 +1,120 @@
<?php
/*
Flexisip Account Manager is a set of tools to manage SIP accounts.
Copyright (C) 2023 Belledonne Communications SARL, All rights reserved.
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU Affero General Public License as
published by the Free Software Foundation, either version 3 of the
License, or (at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU Affero General Public License for more details.
You should have received a copy of the GNU Affero General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
namespace App\Http\Controllers\Admin;
use Illuminate\Http\Request;
use App\Http\Controllers\Controller;
use App\SipDomain;
use Illuminate\Validation\Rule;
class SipDomainController extends Controller
{
public function index()
{
return view('admin.sip_domain.index', ['sip_domains' => SipDomain::withCount('accounts')->get()]);
}
public function create()
{
return view('admin.sip_domain.create_edit', [
'sip_domain' => new SipDomain
]);
}
public function store(Request $request)
{
$request->validate([
'domain' => 'required|unique:sip_domains',
]);
$sipDomain = new SipDomain;
$sipDomain->domain = $request->get('domain');
$sipDomain = $this->setConfig($request, $sipDomain);
$sipDomain->save();
return redirect()->route('admin.sip_domains.index');
}
public function edit(int $id)
{
return view('admin.sip_domain.create_edit', [
'sip_domain' => SipDomain::findOrFail($id)
]);
}
public function update(Request $request, int $id)
{
$request->validate([
'max_account' => 'required|integer',
]);
$sipDomain = SipDomain::findOrFail($id);
$sipDomain = $this->setConfig($request, $sipDomain);
$sipDomain->save();
return redirect()->back();
}
private function setConfig(Request $request, SipDomain $sipDomain)
{
$request->validate([
'max_account' => 'required|integer',
]);
$sipDomain->super = getRequestBoolean($request, 'super');
$sipDomain->disable_chat_feature = getRequestBoolean($request, 'disable_chat_feature');
$sipDomain->disable_meetings_feature = getRequestBoolean($request, 'disable_meetings_feature');
$sipDomain->disable_broadcast_feature = getRequestBoolean($request, 'disable_broadcast_feature');
$sipDomain->hide_settings = getRequestBoolean($request, 'hide_settings');
$sipDomain->max_account = $request->get('max_account', 0);
$sipDomain->hide_account_settings = getRequestBoolean($request, 'hide_account_settings');
$sipDomain->disable_call_recordings_feature = getRequestBoolean($request, 'disable_call_recordings_feature');
$sipDomain->only_display_sip_uri_username = getRequestBoolean($request, 'only_display_sip_uri_username');
$sipDomain->assistant_hide_create_account = getRequestBoolean($request, 'assistant_hide_create_account');
$sipDomain->assistant_disable_qr_code = getRequestBoolean($request, 'assistant_disable_qr_code');
$sipDomain->assistant_hide_third_party_account = getRequestBoolean($request, 'assistant_hide_third_party_account');
return $sipDomain;
}
public function delete(int $id)
{
return view('admin.sip_domain.delete', [
'sip_domain' => SipDomain::findOrFail($id)
]);
}
public function destroy(Request $request, int $id)
{
$sipDomain = SipDomain::findOrFail($id);
$request->validate([
'domain' => [
'required',
Rule::in(['first-zone', $sipDomain->domain]),
]
]);
$sipDomain->delete();
return redirect()->route('admin.sip_domains.index');
}
}

138
flexiapi/app/Http/Controllers/Admin/StatisticsController.php Normal file
View file

@ -0,0 +1,138 @@
<?php
/*
Flexisip Account Manager is a set of tools to manage SIP accounts.
Copyright (C) 2020 Belledonne Communications SARL, All rights reserved.
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU Affero General Public License as
published by the Free Software Foundation, either version 3 of the
License, or (at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU Affero General Public License for more details.
You should have received a copy of the GNU Affero General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
namespace App\Http\Controllers\Admin;
use App\Account;
use App\ContactsList;
use App\StatisticsMessage;
use App\StatisticsCall;
use App\Http\Controllers\Controller;
use App\Libraries\StatisticsGraphFactory;
use Illuminate\Http\Request;
use Illuminate\Support\Facades\Auth;
class StatisticsController extends Controller
{
public function index(Request $request)
{
return redirect()->route('admin.statistics.show', [
'type' => 'messages'
]);
}
public function edit(Request $request)
{
return redirect()->route('admin.statistics.show', [
'from' => $request->get('from'),
'to' => $request->get('to'),
'by' => $request->get('by'),
'type' => $request->get('type'),
'domain' => $request->get('domain'),
'contacts_list' => $request->get('contacts_list'),
]);
}
public function show(Request $request, string $type = 'messages')
{
$request->validate([
'from' => 'date_format:Y-m-d|before:to',
'to' => 'date_format:Y-m-d|after:from',
'by' => 'in:day,week,month,year',
]);
$graph = new StatisticsGraphFactory($request, type: $type, domain: $request->get('domain'));
$config = $graph->getConfig();
$domains = collect();
if ($request->get('export', false)) {
return $graph->export();
}
if (Auth::user()?->superAdmin) {
switch ($type) {
case 'messages':
$domains = StatisticsMessage::groupBy('from_domain')->pluck('from_domain');
break;
case 'calls':
$domains = StatisticsCall::groupBy('from_domain')->pluck('from_domain');
break;
case 'accounts':
$domains = Account::groupBy('domain')->pluck('domain');
break;
}
}
return view('admin.statistics.show', [
'domains' => $domains,
'contacts_lists' => ContactsList::all()->pluck('title', 'id'),
'jsonConfig' => json_encode($config),
'type' => $type,
'request' => $request
]);
}
public function editCallLogs(Request $request)
{
return redirect()->route('admin.statistics.show_call_logs', [
'from' => $request->get('from'),
'to' => $request->get('to'),
'domain' => $request->get('domain'),
'contacts_list' => $request->get('contacts_list'),
]);
}
public function showCallLogs(Request $request)
{
$fromQuery = StatisticsCall::query();
$toQuery = StatisticsCall::query();
if ($request->get('domain')) {
$fromQuery->where('to_domain', $request->get('domain'));
$toQuery->where('from_domain', $request->get('domain'));
}
if ($request->get('to')) {
$fromQuery->where('initiated_at', '<=', $request->get('to'));
$toQuery->where('initiated_at', '<=', $request->get('to'));
}
if ($request->get('from')) {
$fromQuery->where('initiated_at', '>=', $request->get('from'));
$toQuery->where('initiated_at', '>=', $request->get('from'));
}
if ($request->has('contacts_list')) {
$fromQuery->fromByContactsList($request->get('contacts_list'));
$toQuery->toByContactsList($request->get('contacts_list'));
}
$calls = $fromQuery->union($toQuery);
return view('admin.statistics.show_call_logs', [
'calls' => $calls->orderBy('initiated_at', 'desc')->paginate(30),
'domains' => StatisticsCall::groupBy('from_domain')->pluck('from_domain'),
'contacts_lists' => ContactsList::all()->pluck('title', 'id'),
'request' => $request,
]);
}
}

360
flexiapi/app/Http/Controllers/Api/Account/AccountController.php Normal file
View file

@ -0,0 +1,360 @@
<?php
/*
Flexisip Account Manager is a set of tools to manage SIP accounts.
Copyright (C) 2020 Belledonne Communications SARL, All rights reserved.
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU Affero General Public License as
published by the Free Software Foundation, either version 3 of the
License, or (at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU Affero General Public License for more details.
You should have received a copy of the GNU Affero General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
namespace App\Http\Controllers\Api\Account;
use Illuminate\Http\Request;
use Illuminate\Validation\Rule;
use Illuminate\Support\Str;
use Illuminate\Support\Facades\Log;
use Illuminate\Support\Facades\Mail;
use App\Http\Controllers\Controller;
use Carbon\Carbon;
use App\Account;
use App\AccountCreationToken;
use App\Http\Controllers\Account\AuthenticateController as WebAuthenticateController;
use App\Http\Requests\Account\Create\Api\Request as ApiRequest;
use App\Libraries\OvhSMS;
use App\Mail\RegisterConfirmation;
use App\Rules\AccountCreationToken as RulesAccountCreationToken;
use App\Rules\AccountCreationTokenNotExpired;
use App\Rules\BlacklistedUsername;
use App\Rules\FilteredPhone;
use App\Rules\NoUppercase;
use App\Rules\SIPUsername;
use App\Rules\PasswordAlgorithm;
use App\Services\AccountService;
class AccountController extends Controller
{
/**
* Public information on a specific account
*/
public function info(Request $request, string $sip)
{
$account = Account::sip($sip)->firstOrFail();
return \response()->json([
'activated' => $account->activated,
'realm' => $account->realm
]);
}
/**
* Get services credentials
*/
public function turnService(Request $request)
{
if (hasCoturnConfigured()) {
list($username, $password) = array_values(getCoTURNCredentials());
return [
'username' => $username,
'password' => $password,
'ttl' => config('app.coturn_session_ttl_minutes') * 60,
'uris' => [
'turn:' . config('app.coturn_server_host'),
]
];
}
return abort(404, 'No TURN service configured');
}
/**
* /!\ Dangerous endpoint, disabled by default
*/
public function phoneInfo(Request $request, string $phone)
{
if (!config('app.dangerous_endpoints')) return abort(404);
$request->merge(['phone' => $phone]);
$request->validate([
'phone' => ['required', 'phone', new FilteredPhone]
]);
$account = Account::where('domain', config('app.sip_domain'))
->where(function ($query) use ($phone) {
$query->where('username', $phone)
->orWhere('phone', $phone);
})->firstOrFail();
return \response()->json([
'activated' => $account->activated,
'realm' => $account->realm,
'phone' => (bool)$account->phone
]);
}
/**
* /!\ Dangerous endpoint, disabled by default
* Store directly the account and alias in the DB and send a SMS or email for the validation
*/
public function storePublic(Request $request)
{
if (!config('app.dangerous_endpoints')) return abort(404);
$request->validate([
'username' => [
'required_without:phone',
new NoUppercase,
new BlacklistedUsername,
new SIPUsername,
Rule::unique('accounts', 'username')->where(function ($query) use ($request) {
$query->where('domain', $request->has('domain') ? $request->get('domain') : config('app.sip_domain'));
}),
Rule::unique('accounts_tombstones', 'username')->where(function ($query) use ($request) {
$query->where('domain', $request->has('domain') ? $request->get('domain') : config('app.sip_domain'));
}),
'filled',
],
'algorithm' => ['required', new PasswordAlgorithm],
'password' => 'required|filled',
'domain' => 'min:3',
'email' => config('app.account_email_unique')
? 'required_without:phone|email|unique:accounts,email'
: 'required_without:phone|email',
'phone' => [
'required_without:email',
'required_without:username',
'phone',
new FilteredPhone,
'unique:accounts,phone',
'unique:accounts,username',
],
'account_creation_token' => [
'required',
new RulesAccountCreationToken,
new AccountCreationTokenNotExpired
]
]);
$account = new Account;
$account->username = !empty($request->get('username'))
? $request->get('username')
: $request->get('phone');
$account->email = $request->get('email');
$account->activated = false;
$account->domain = $request->has('domain')
? $request->get('domain')
: config('app.sip_domain');
$account->ip_address = $request->ip();
$account->created_at = Carbon::now();
$account->user_agent = $request->header('User-Agent') ?? config('app.name');
$account->save();
$account->updatePassword($request->get('password'), $request->get('algorithm'));
$token = AccountCreationToken::where('token', $request->get('account_creation_token'))->first();
$token->consume();
$token->account_id = $account->id;
$token->save();
Log::channel('events')->info('API deprecated - Store public: AccountCreationToken redeemed', ['account_creation_token' => $token->toLog()]);
Log::channel('events')->info('API deprecated - Store public: Account created', ['id' => $account->identifier]);
// Send validation by phone
if ($request->has('phone')) {
$account->phone = $request->get('phone');
$account->confirmation_key = generatePin();
$account->save();
Log::channel('events')->info('API deprecated: Account created using the public endpoint by phone', ['id' => $account->identifier]);
$ovhSMS = new OvhSMS;
$ovhSMS->send($request->get('phone'), 'Your ' . config('app.name') . ' creation code is ' . $account->confirmation_key);
} elseif ($request->has('email')) {
// Send validation by email
$account->confirmation_key = Str::random(WebAuthenticateController::$emailCodeSize);
$account->save();
Log::channel('events')->info('API deprecated - Store public: Account created using the public endpoint by email', ['id' => $account->identifier]);
try {
Mail::to($account)->send(new RegisterConfirmation($account));
} catch (\Exception $e) {
Log::channel('events')->info('API deprecated - Store public: Public Register Confirmation email not sent, check errors log', ['id' => $account->identifier]);
Log::error('Public Register Confirmation email not sent: ' . $e->getMessage());
}
}
// Full reload
return Account::withoutGlobalScopes()->find($account->id);
}
/**
* /!\ Dangerous endpoint, disabled by default
*/
public function recoverByPhone(Request $request)
{
if (!config('app.dangerous_endpoints')) return abort(404);
$request->validate([
'phone' => [
'required', 'phone', new FilteredPhone, 'exists:accounts,phone'
],
'account_creation_token' => [
'required',
new RulesAccountCreationToken,
new AccountCreationTokenNotExpired
]
]);
$account = Account::where('phone', $request->get('phone'))->first();
$account->confirmation_key = generatePin();
$account->save();
$token = AccountCreationToken::where('token', $request->get('account_creation_token'))->first();
$token->consume();
$token->account_id = $account->id;
$token->save();
Log::channel('events')->info('API deprecated - Account recovery: AccountCreationToken redeemed', ['account_creation_token' => $token->toLog()]);
Log::channel('events')->info('API deprecated - Account recovery: Account recovery by phone', ['id' => $account->identifier]);
$ovhSMS = new OvhSMS;
$ovhSMS->send($request->get('phone'), 'Your ' . config('app.name') . ' recovery code is ' . $account->confirmation_key);
}
/**
* /!\ Dangerous endpoint, disabled by default
*/
public function recoverUsingKey(string $sip, string $recoveryKey)
{
if (!config('app.dangerous_endpoints')) return abort(404);
list($username, $domain) = explode('@', $sip);
$account = Account::where('domain', $domain)
->where(function ($query) use ($username) {
$query->where('username', $username)
->orWhere('phone', $username);
})->firstOrFail();
$confirmationKey = $account->confirmation_key;
$account->confirmation_key = null;
if ($confirmationKey != $recoveryKey) abort(404);
if ($account->activationExpired()) abort(403, 'Activation expired');
$account->activated = true;
$account->save();
$account->passwords->each(function ($i, $k) {
$i->makeVisible(['password']);
});
return $account;
}
public function store(ApiRequest $request)
{
return (new AccountService)->store($request);
}
/**
* Deprecated
*/
public function activateEmail(Request $request, string $sip)
{
// For retro-compatibility
if ($request->has('code')) {
$request->merge(['confirmation_key' => $request->get('code')]);
}
$request->validate([
'confirmation_key' => 'required|size:' . WebAuthenticateController::$emailCodeSize
]);
$account = Account::sip($sip)
->where('confirmation_key', $request->get('confirmation_key'))
->firstOrFail();
if ($account->activationExpired()) abort(403, 'Activation expired');
$account->activated = true;
$account->confirmation_key = null;
$account->save();
Log::channel('events')->info('API: Account activated by email', ['id' => $account->identifier]);
return $account;
}
/**
* Deprecated
*/
public function activatePhone(Request $request, string $sip)
{
// For retro-compatibility
if ($request->has('code')) {
$request->merge(['confirmation_key' => $request->get('code')]);
}
$request->validate([
'confirmation_key' => 'required|digits:4'
]);
$account = Account::sip($sip)
->where('confirmation_key', $request->get('confirmation_key'))
->firstOrFail();
if ($account->activationExpired()) abort(403, 'Activation expired');
$account->activated = true;
$account->confirmation_key = null;
$account->save();
Log::channel('events')->info('API: Account activated by phone', ['id' => $account->identifier]);
return $account;
}
public function show(Request $request)
{
return Account::where('id', $request->user()->id)
->without(['api_key', 'email_changed.new_email'])
->first();
}
public function provision(Request $request)
{
$account = $request->user();
$account->provision();
$account->save();
Log::channel('events')->info('API: Account provisioned', ['id' => $account->identifier]);
return $account->makeVisible(['provisioning_token']);
}
public function delete(Request $request)
{
$request->user()->createTombstone();
(new AccountService)->destroy($request, $request->user()->id);
return true;
}
}

58
flexiapi/app/Http/Controllers/Api/Account/ApiKeyController.php Normal file
View file

@ -0,0 +1,58 @@
<?php
/*
Flexisip Account Manager is a set of tools to manage SIP accounts.
Copyright (C) 2023 Belledonne Communications SARL, All rights reserved.
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU Affero General Public License as
published by the Free Software Foundation, either version 3 of the
License, or (at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU Affero General Public License for more details.
You should have received a copy of the GNU Affero General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
namespace App\Http\Controllers\Api\Account;
use App\AuthToken;
use App\Http\Controllers\Controller;
use Illuminate\Http\Request;
use Illuminate\Support\Facades\Cookie;
class ApiKeyController extends Controller
{
public function generate(Request $request)
{
$account = $request->user();
$account->generateApiKey($request->ip());
$account->refresh();
Cookie::queue('x-api-key', $account->apiKey->key, config('app.api_key_expiration_minutes'));
return $account->apiKey->key;
}
public function generateFromToken(Request $request, string $token)
{
$authToken = AuthToken::where('token', $token)->valid()->firstOrFail();
if ($authToken->account) {
$authToken->account->generateApiKey($request->ip());
$authToken->account->refresh();
Cookie::queue('x-api-key', $authToken->account->apiKey->key, config('app.api_key_expiration_minutes'));
$apiKey = $authToken->account->apiKey->key;
$authToken->delete();
return response()->json(['api_key' => $apiKey]);
}
abort(404);
}
}

52
flexiapi/app/Http/Controllers/Api/Account/AuthTokenController.php Normal file
View file

@ -0,0 +1,52 @@
<?php
/*
Flexisip Account Manager is a set of tools to manage SIP accounts.
Copyright (C) 2023 Belledonne Communications SARL, All rights reserved.
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU Affero General Public License as
published by the Free Software Foundation, either version 3 of the
License, or (at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU Affero General Public License for more details.
You should have received a copy of the GNU Affero General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
namespace App\Http\Controllers\Api\Account;
use App\AuthToken;
use App\Http\Controllers\Controller;
use Illuminate\Http\Request;
use Illuminate\Support\Str;
class AuthTokenController extends Controller
{
public function store(Request $request)
{
$authToken = new AuthToken;
$authToken->token = Str::random(32);
$authToken->fillRequestInfo($request);
$authToken->save();
return $authToken;
}
public function attach(Request $request, string $token)
{
$authToken = AuthToken::where('token', $token)->valid()->firstOrFail();
if (!$authToken->account_id) {
$authToken->account_id = $request->user()->id;
$authToken->save();
return;
}
abort(404);
}
}

36
flexiapi/app/Http/Controllers/Api/Account/ContactController.php Normal file
View file

@ -0,0 +1,36 @@
<?php
/*
Flexisip Account Manager is a set of tools to manage SIP accounts.
Copyright (C) 2021 Belledonne Communications SARL, All rights reserved.
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU Affero General Public License as
published by the Free Software Foundation, either version 3 of the
License, or (at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU Affero General Public License for more details.
You should have received a copy of the GNU Affero General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
namespace App\Http\Controllers\Api\Account;
use Illuminate\Http\Request;
use App\Http\Controllers\Controller;
class ContactController extends Controller
{
public function index(Request $request)
{
return resolveUserContacts($request)->get();
}
public function show(Request $request, string $sip)
{
return resolveUserContacts($request)->sip($sip)->firstOrFail();
}
}

38
flexiapi/app/Http/Controllers/Api/Account/CreationRequestToken.php Normal file
View file

@ -0,0 +1,38 @@
<?php
/*
Flexisip Account Manager is a set of tools to manage SIP accounts.
Copyright (C) 2023 Belledonne Communications SARL, All rights reserved.
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU Affero General Public License as
published by the Free Software Foundation, either version 3 of the
License, or (at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU Affero General Public License for more details.
You should have received a copy of the GNU Affero General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
namespace App\Http\Controllers\Api\Account;
use App\AccountCreationRequestToken;
use Illuminate\Http\Request;
use Illuminate\Support\Str;
use App\Http\Controllers\Account\AuthenticateController as WebAuthenticateController;
use App\Http\Controllers\Controller;
class CreationRequestToken extends Controller
{
public function create(Request $request)
{
$creationRequestToken = new AccountCreationRequestToken;
$creationRequestToken->token = Str::random(WebAuthenticateController::$emailCodeSize);
$creationRequestToken->save();
return $creationRequestToken;
}
}

125
flexiapi/app/Http/Controllers/Api/Account/CreationTokenController.php Normal file
View file

@ -0,0 +1,125 @@
<?php
/*
Flexisip Account Manager is a set of tools to manage SIP accounts.
Copyright (C) 2020 Belledonne Communications SARL, All rights reserved.
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU Affero General Public License as
published by the Free Software Foundation, either version 3 of the
License, or (at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU Affero General Public License for more details.
You should have received a copy of the GNU Affero General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
namespace App\Http\Controllers\Api\Account;
use Illuminate\Http\Request;
use Illuminate\Support\Str;
use Illuminate\Support\Facades\Log;
use Carbon\Carbon;
use App\AccountCreationToken;
use App\AccountCreationRequestToken;
use App\Rules\PnParam;
use App\Rules\PnPrid;
use App\Rules\PnProvider;
use App\Http\Controllers\Controller;
use App\Http\Controllers\Account\AuthenticateController as WebAuthenticateController;
use App\Libraries\FlexisipPusherConnector;
use App\Rules\AccountCreationRequestToken as RulesAccountCreationRequestToken;
class CreationTokenController extends Controller
{
public function sendByPush(Request $request)
{
$request->validate([
'pn_provider' => ['required', new PnProvider],
'pn_param' => [new PnParam],
'pn_prid' => [new PnPrid],
]);
$last = AccountCreationToken::where('pn_provider', $request->get('pn_provider'))
->where('pn_param', $request->get('pn_param'))
->where('pn_prid', $request->get('pn_prid'))
->where('created_at', '>=', Carbon::now()->subMinutes(config('app.account_creation_token_retry_minutes'))->toDateTimeString())
->where('used', true)
->latest()
->first();
if ($last) {
Log::channel('events')->info('API: Token throttled', ['token' => $last->token]);
abort(429, 'Last token requested too recently');
}
$token = new AccountCreationToken;
$token->token = Str::random(WebAuthenticateController::$emailCodeSize);
$token->pn_provider = $request->get('pn_provider');
$token->pn_param = $request->get('pn_param');
$token->pn_prid = $request->get('pn_prid');
$token->fillRequestInfo($request);
// Send the token to the device via Push Notification
$fp = new FlexisipPusherConnector($token->pn_provider, $token->pn_param, $token->pn_prid);
if ($fp->sendToken($token->token)) {
Log::channel('events')->info('API: Token sent', ['token' => $token->token]);
$token->save();
return;
}
abort(503, "Token not sent");
}
public function usingAccountRequestToken(Request $request)
{
$request->validate([
'account_creation_request_token' => [
'required',
new RulesAccountCreationRequestToken
]
]);
$creationRequestToken = AccountCreationRequestToken::where('token', $request->get('account_creation_request_token'))
->where('used', false)
->first();
if ($creationRequestToken && $creationRequestToken->validated_at != null) {
$accountCreationToken = new AccountCreationToken;
$accountCreationToken->token = Str::random(WebAuthenticateController::$emailCodeSize);
$accountCreationToken->fillRequestInfo($request);
$accountCreationToken->save();
$creationRequestToken->consume();
$creationRequestToken->acc_creation_token_id = $accountCreationToken->id;
$creationRequestToken->save();
return $accountCreationToken;
}
return abort(404);
}
public function consume(Request $request)
{
$accountCreationToken = AccountCreationToken::where('token', $request->get('account_creation_token'))
->where('used', false)
->where('account_id', null)
->first();
if ($accountCreationToken) {
$accountCreationToken->account_id = $request->user()->id;
$accountCreationToken->fillRequestInfo($request);
$accountCreationToken->consume();
return $accountCreationToken;
}
return abort(404);
}
}

42
flexiapi/app/Http/Controllers/Api/Account/DeviceController.php Normal file
View file

@ -0,0 +1,42 @@
<?php
/*
Flexisip Account Manager is a set of tools to manage SIP accounts.
Copyright (C) 2020 Belledonne Communications SARL, All rights reserved.
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU Affero General Public License as
published by the Free Software Foundation, either version 3 of the
License, or (at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU Affero General Public License for more details.
You should have received a copy of the GNU Affero General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
namespace App\Http\Controllers\Api\Account;
use App\Http\Controllers\Controller;
use App\Libraries\FlexisipConnector;
use Illuminate\Http\Request;
use stdClass;
class DeviceController extends Controller
{
public function index(Request $request)
{
$devices = (new FlexisipConnector)->getDevices($request->user()->identifier);
return ($devices->isEmpty()) ? new stdClass : $devices;
}
public function destroy(Request $request, string $uuid)
{
$connector = new FlexisipConnector;
return $connector->deleteDevice($request->user()->identifier, $uuid);
}
}

47
flexiapi/app/Http/Controllers/Api/Account/EmailController.php Normal file
View file

@ -0,0 +1,47 @@
<?php
/*
Flexisip Account Manager is a set of tools to manage SIP accounts.
Copyright (C) 2020 Belledonne Communications SARL, All rights reserved.
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU Affero General Public License as
published by the Free Software Foundation, either version 3 of the
License, or (at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU Affero General Public License for more details.
You should have received a copy of the GNU Affero General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
namespace App\Http\Controllers\Api\Account;
use App\Http\Controllers\Controller;
use App\Services\AccountService;
use App\Services\BlockingService;
use Illuminate\Http\Request;
class EmailController extends Controller
{
public function requestUpdate(Request $request)
{
if ((new BlockingService($request->user()))->checkBlock()) {
return abort(403, 'Account blocked');
}
if (!$request->user()->accountCreationToken?->consumed()) {
return abort(403, 'Account unvalidated');
}
(new AccountService)->requestEmailChange($request);
}
public function update(Request $request)
{
return (new AccountService)->updateEmail($request);
}
}

71
flexiapi/app/Http/Controllers/Api/Account/PasswordController.php Normal file
View file

@ -0,0 +1,71 @@
<?php
/*
Flexisip Account Manager is a set of tools to manage SIP accounts.
Copyright (C) 2020 Belledonne Communications SARL, All rights reserved.
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU Affero General Public License as
published by the Free Software Foundation, either version 3 of the
License, or (at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU Affero General Public License for more details.
You should have received a copy of the GNU Affero General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
namespace App\Http\Controllers\Api\Account;
use Illuminate\Http\Request;
use Illuminate\Support\Facades\Mail;
use Illuminate\Support\Facades\Log;
use App\Http\Controllers\Controller;
use App\Rules\PasswordAlgorithm;
use App\Mail\ConfirmedRegistration;
class PasswordController extends Controller
{
public function update(Request $request)
{
$request->validate([
'algorithm' => ['required', new PasswordAlgorithm],
'password' => 'required',
]);
$account = $request->user();
$account->activated = true;
$account->save();
$algorithm = $request->get('algorithm');
if ($account->passwords()->count() > 0) {
$request->validate(['old_password' => 'required']);
foreach ($account->passwords as $password) {
if (hash_equals(
$password->password,
bchash($account->username, $account->resolvedRealm, $request->get('old_password'), $password->algorithm)
)) {
$account->updatePassword($request->get('password'), $algorithm);
Log::channel('events')->info('API: Account password updated', ['id' => $account->identifier]);
return response()->json();
}
}
return response()->json(['errors' => ['old_password' => 'Incorrect old password']], 422);
}
$account->updatePassword($request->get('password'), $algorithm);
if (!empty($account->email)) {
Mail::to($account)->send(new ConfirmedRegistration($account));
}
}
}

47
flexiapi/app/Http/Controllers/Api/Account/PhoneController.php Normal file
View file

@ -0,0 +1,47 @@
<?php
/*
Flexisip Account Manager is a set of tools to manage SIP accounts.
Copyright (C) 2020 Belledonne Communications SARL, All rights reserved.
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU Affero General Public License as
published by the Free Software Foundation, either version 3 of the
License, or (at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU Affero General Public License for more details.
You should have received a copy of the GNU Affero General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
namespace App\Http\Controllers\Api\Account;
use App\Http\Controllers\Controller;
use App\Services\AccountService;
use App\Services\BlockingService;
use Illuminate\Http\Request;
class PhoneController extends Controller
{
public function requestUpdate(Request $request)
{
if ((new BlockingService($request->user()))->checkBlock()) {
return abort(403, 'Account blocked');
}
if (!$request->user()->accountCreationToken?->consumed()) {
return abort(403, 'Account unvalidated');
}
return (new AccountService)->requestPhoneChange($request);
}
public function update(Request $request)
{
return (new AccountService)->updatePhone($request);
}
}

35
flexiapi/app/Http/Controllers/Api/Account/VcardsStorageController.php Normal file
View file

@ -0,0 +1,35 @@
<?php
namespace App\Http\Controllers\Api\Account;
use App\Http\Controllers\Api\Admin\VcardsStorageController as AdminVcardsStorageController;
use App\Http\Controllers\Controller;
use Illuminate\Http\Request;
class VcardsStorageController extends Controller
{
public function index(Request $request)
{
return (new AdminVcardsStorageController)->index($request->user()->id);
}
public function show(Request $request, string $uuid)
{
return (new AdminVcardsStorageController)->show($request->user()->id, $uuid);
}
public function store(Request $request)
{
return (new AdminVcardsStorageController)->store($request, $request->user()->id);
}
public function update(Request $request, string $uuid)
{
return (new AdminVcardsStorageController)->update($request, $request->user()->id, $uuid);
}
public function destroy(Request $request, string $uuid)
{
return (new AdminVcardsStorageController)->destroy($request->user()->id, $uuid);
}
}

97
flexiapi/app/Http/Controllers/Api/Admin/AccountActionController.php Normal file
View file

@ -0,0 +1,97 @@
<?php
/*
Flexisip Account Manager is a set of tools to manage SIP accounts.
Copyright (C) 2021 Belledonne Communications SARL, All rights reserved.
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU Affero General Public License as
published by the Free Software Foundation, either version 3 of the
License, or (at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU Affero General Public License for more details.
You should have received a copy of the GNU Affero General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
namespace App\Http\Controllers\Api\Admin;
use App\Http\Controllers\Controller;
use Illuminate\Http\Request;
use App\Account;
use App\AccountAction;
use App\Rules\NoUppercase;
class AccountActionController extends Controller
{
public function index(int $id)
{
return $this->resolveAccount($id)->actions;
}
public function get(int $id, int $actionId)
{
return $this->resolveAccount($id)
->actions()
->where('id', $actionId)
->firstOrFail();
}
public function store(Request $request, int $id)
{
$account = $this->resolveAccount($id);
$request->validate([
'key' => ['required', 'alpha_dash', new NoUppercase],
'code' => ['required', 'alpha_num', new NoUppercase]
]);
$accountAction = new AccountAction;
$accountAction->account_id = $account->id;
$accountAction->key = $request->get('key');
$accountAction->code = $request->get('code');
$accountAction->save();
return $accountAction;
}
public function update(Request $request, int $id, int $actionId)
{
$account = $this->resolveAccount($id);
$request->validate([
'key' => ['alpha_dash', new NoUppercase],
'code' => ['alpha_num', new NoUppercase]
]);
$accountAction = $account
->actions()
->where('id', $actionId)
->firstOrFail();
$accountAction->key = $request->get('key');
$accountAction->code = $request->get('code');
$accountAction->save();
return $accountAction;
}
public function destroy(int $id, int $actionId)
{
return $this->resolveAccount($id)
->actions()
->where('id', $actionId)
->delete();
}
private function resolveAccount(int $id)
{
$account = Account::findOrFail($id);
if ($account->dtmf_protocol == null) abort(403, 'DTMF Protocol must be configured');
return $account;
}
}

60
flexiapi/app/Http/Controllers/Api/Admin/AccountContactController.php Normal file
View file

@ -0,0 +1,60 @@
<?php
/*
Flexisip Account Manager is a set of tools to manage SIP accounts.
Copyright (C) 2021 Belledonne Communications SARL, All rights reserved.
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU Affero General Public License as
published by the Free Software Foundation, either version 3 of the
License, or (at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU Affero General Public License for more details.
You should have received a copy of the GNU Affero General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
namespace App\Http\Controllers\Api\Admin;
use App\Http\Controllers\Controller;
use App\Account;
class AccountContactController extends Controller
{
public function index(int $id)
{
return Account::findOrFail($id)->contacts;
}
public function show(int $id, int $contactId)
{
return Account::findOrFail($id)
->contacts()
->where('id', $contactId)
->firstOrFail();
}
public function add(int $id, int $contactId)
{
if (Account::findOrFail($id)->contacts()->pluck('id')->contains($contactId)) {
abort(403);
}
if (Account::findOrFail($contactId)) {
return Account::findOrFail($id)->contacts()->attach($contactId);
}
}
public function remove(int $id, int $contactId)
{
if (!Account::findOrFail($id)->contacts()->pluck('id')->contains($contactId)) {
abort(403);
}
return Account::findOrFail($id)->contacts()->detach($contactId);
}
}

202
flexiapi/app/Http/Controllers/Api/Admin/AccountController.php Normal file
View file

@ -0,0 +1,202 @@
<?php
/*
Flexisip Account Manager is a set of tools to manage SIP accounts.
Copyright (C) 2020 Belledonne Communications SARL, All rights reserved.
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU Affero General Public License as
published by the Free Software Foundation, either version 3 of the
License, or (at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU Affero General Public License for more details.
You should have received a copy of the GNU Affero General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
namespace App\Http\Controllers\Api\Admin;
use App\Http\Controllers\Controller;
use Illuminate\Http\Request;
use Illuminate\Support\Facades\Log;
use App\Account;
use App\AccountTombstone;
use App\AccountType;
use App\ContactsList;
use App\Http\Requests\Account\Create\Api\AsAdminRequest;
use App\Http\Requests\Account\Update\Api\AsAdminRequest as ApiAsAdminRequest;
use App\Services\AccountService;
use App\SipDomain;
class AccountController extends Controller
{
public function index(Request $request)
{
return Account::without(['passwords', 'admin'])->with(['phoneChangeCode', 'emailChangeCode'])->paginate(20);
}
public function show(Request $request, $accountId)
{
$account = Account::without(['passwords', 'admin'])->with(['phoneChangeCode', 'emailChangeCode'])->findOrFail($accountId);
if ($request->user()->admin) {
if ($account->phoneChangeCode) {
$account->phoneChangeCode->makeVisible(['code']);
}
if ($account->emailChangeCode) {
$account->emailChangeCode->makeVisible(['code']);
}
}
return $account;
}
public function search(string $sip)
{
return Account::sip($sip)->firstOrFail();
}
public function searchByEmail(string $email)
{
return Account::where('email', $email)->firstOrFail();
}
public function destroy(Request $request, int $accountId)
{
$account = Account::findOrFail($accountId);
if (!$account->hasTombstone()) {
$tombstone = new AccountTombstone();
$tombstone->username = $account->username;
$tombstone->domain = $account->domain;
$tombstone->save();
}
(new AccountService())->destroy($request, $accountId);
Log::channel('events')->info('API Admin: Account destroyed', ['id' => $account->identifier]);
}
public function activate(int $accountId)
{
$account = Account::findOrFail($accountId);
$account->activated = true;
$account->save();
Log::channel('events')->info('API Admin: Account activated', ['id' => $account->identifier]);
return $account;
}
public function deactivate(int $accountId)
{
$account = Account::findOrFail($accountId);
$account->activated = false;
$account->save();
Log::channel('events')->info('API Admin: Account deactivated', ['id' => $account->identifier]);
return $account;
}
public function block(int $accountId)
{
$account = Account::findOrFail($accountId);
$account->blocked = true;
$account->save();
Log::channel('events')->info('API Admin: Account blocked', ['id' => $account->identifier]);
return $account;
}
public function unblock(int $accountId)
{
$account = Account::findOrFail($accountId);
$account->blocked = false;
$account->save();
Log::channel('events')->info('API Admin: Account unblocked', ['id' => $account->identifier]);
return $account;
}
public function provision(int $accountId)
{
$account = Account::findOrFail($accountId);
$account->provision();
$account->save();
Log::channel('events')->info('API Admin: Account provisioned', ['id' => $account->identifier]);
return $account->makeVisible(['provisioning_token']);
}
public function store(AsAdminRequest $request)
{
// Create the missing SipDomain
if ($request->user()->superAdmin
&& $request->has('domain')
&& !SipDomain::pluck('domain')->contains($request->get('domain'))) {
$sipDomain = new SipDomain();
$sipDomain->domain = $request->get('domain');
$sipDomain->save();
}
return (new AccountService())->store($request)->makeVisible(['confirmation_key', 'provisioning_token']);
}
public function update(ApiAsAdminRequest $request, int $accountId)
{
$account = (new AccountService())->update($request, $accountId);
Log::channel('events')->info('API Admin: Account updated', ['id' => $account->identifier]);
return $account->makeVisible(['confirmation_key', 'provisioning_token']);
}
public function typeAdd(int $accountId, int $typeId)
{
if (Account::findOrFail($accountId)->types()->pluck('id')->contains($typeId)) {
abort(403);
}
if (AccountType::findOrFail($typeId)) {
return Account::findOrFail($accountId)->types()->attach($typeId);
}
}
public function typeRemove(int $accountId, int $typeId)
{
if (!Account::findOrFail($accountId)->types()->pluck('id')->contains($typeId)) {
abort(403);
}
return Account::findOrFail($accountId)->types()->detach($typeId);
}
public function contactsListAdd(int $accountId, int $contactsListId)
{
if (Account::findOrFail($accountId)->contactsLists()->pluck('id')->contains($contactsListId)) {
abort(403);
}
if (ContactsList::findOrFail($contactsListId)) {
return Account::findOrFail($accountId)->contactsLists()->attach($contactsListId);
}
}
public function contactsListRemove(int $accountId, int $contactsListId)
{
if (!Account::findOrFail($accountId)->contactsLists()->pluck('id')->contains($contactsListId)) {
abort(403);
}
return Account::findOrFail($accountId)->contactsLists()->detach($contactsListId);
}
}

40
flexiapi/app/Http/Controllers/Api/Admin/AccountCreationTokenController.php Normal file
View file

@ -0,0 +1,40 @@
<?php
/*
Flexisip Account Manager is a set of tools to manage SIP accounts.
Copyright (C) 2020 Belledonne Communications SARL, All rights reserved.
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU Affero General Public License as
published by the Free Software Foundation, either version 3 of the
License, or (at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU Affero General Public License for more details.
You should have received a copy of the GNU Affero General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
namespace App\Http\Controllers\Api\Admin;
use App\Http\Controllers\Controller;
use Illuminate\Http\Request;
use Illuminate\Support\Str;
use App\AccountCreationToken;
use App\Http\Controllers\Account\AuthenticateController as WebAuthenticateController;
class AccountCreationTokenController extends Controller
{
public function create(Request $request)
{
$token = new AccountCreationToken;
$token->token = Str::random(WebAuthenticateController::$emailCodeSize);
$token->fillRequestInfo($request);
$token->save();
return $token;
}
}

60
flexiapi/app/Http/Controllers/Api/Admin/AccountDictionaryController.php Normal file
View file

@ -0,0 +1,60 @@
<?php
/*
Flexisip Account Manager is a set of tools to manage SIP accounts.
Copyright (C) 2023 Belledonne Communications SARL, All rights reserved.
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU Affero General Public License as
published by the Free Software Foundation, either version 3 of the
License, or (at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU Affero General Public License for more details.
You should have received a copy of the GNU Affero General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
namespace App\Http\Controllers\Api\Admin;
use App\Http\Controllers\Controller;
use App\Account;
use Illuminate\Http\Request;
class AccountDictionaryController extends Controller
{
public function index(int $accountId)
{
return Account::findOrFail($accountId)->dictionary;
}
public function show(int $accountId, string $key)
{
return Account::findOrFail($accountId)->dictionaryEntries()->where('key', $key)->first();
}
public function set(Request $request, int $accountId, string $key)
{
$request->validate([
'value' => 'required'
]);
$account = Account::findOrFail($accountId);
$result = $account->setDictionaryEntry($key, $request->get('value'));
if (function_exists('accountServiceAccountEditedHook')) {
$account->refresh();
accountServiceAccountEditedHook($request, $account);
}
return $result;
}
public function destroy(int $accountId, string $key)
{
return Account::findOrFail($accountId)->dictionaryEntries()->where('key', $key)->delete();
}
}

71
flexiapi/app/Http/Controllers/Api/Admin/AccountTypeController.php Normal file
View file

@ -0,0 +1,71 @@
<?php
/*
Flexisip Account Manager is a set of tools to manage SIP accounts.
Copyright (C) 2021 Belledonne Communications SARL, All rights reserved.
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU Affero General Public License as
published by the Free Software Foundation, either version 3 of the
License, or (at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU Affero General Public License for more details.
You should have received a copy of the GNU Affero General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
namespace App\Http\Controllers\Api\Admin;
use App\Http\Controllers\Controller;
use App\Rules\NoUppercase;
use Illuminate\Http\Request;
use App\AccountType;
class AccountTypeController extends Controller
{
public function index()
{
return AccountType::all();
}
public function get(int $accountTypeId)
{
return AccountType::findOrFail($accountTypeId);
}
public function store(Request $request)
{
$request->validate([
'key' => ['required', 'alpha_dash', new NoUppercase, 'unique:account_types,key'],
]);
$accountType = new AccountType;
$accountType->key = $request->get('key');
$accountType->save();
return $accountType;
}
public function update(Request $request, int $accountTypeId)
{
$request->validate([
'key' => ['alpha_dash', new NoUppercase],
]);
$accountType = AccountType::findOrFail($accountTypeId);
$accountType->key = $request->get('key');
$accountType->save();
return $accountType;
}
public function destroy(int $accountTypeId)
{
return AccountType::where('id', $accountTypeId)
->delete();
}
}

94
flexiapi/app/Http/Controllers/Api/Admin/ContactsListController.php Normal file
View file

@ -0,0 +1,94 @@
<?php
/*
Flexisip Account Manager is a set of tools to manage SIP accounts.
Copyright (C) 2023 Belledonne Communications SARL, All rights reserved.
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU Affero General Public License as
published by the Free Software Foundation, either version 3 of the
License, or (at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU Affero General Public License for more details.
You should have received a copy of the GNU Affero General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
namespace App\Http\Controllers\Api\Admin;
use App\Account;
use App\ContactsList;
use App\Http\Controllers\Controller;
use Illuminate\Http\Request;
class ContactsListController extends Controller
{
public function index(Request $request)
{
return ContactsList::all();
}
public function get(int $contactsListId)
{
return ContactsList::findOrFail($contactsListId);
}
public function store(Request $request)
{
$request->validate([
'title' => ['required'],
'description' => ['required']
]);
$contactsList = new ContactsList;
$contactsList->title = $request->get('title');
$contactsList->description = $request->get('description');
$contactsList->save();
return $contactsList;
}
public function update(Request $request, int $contactsListId)
{
$request->validate([
'title' => ['required'],
'description' => ['required']
]);
$contactsList = ContactsList::findOrFail($contactsListId);
$contactsList->title = $request->get('title');
$contactsList->description = $request->get('description');
$contactsList->save();
return $contactsList;
}
public function destroy(int $contactsListId)
{
return ContactsList::where('id', $contactsListId)
->delete();
}
public function contactAdd(int $id, int $contactId)
{
if (ContactsList::findOrFail($id)->contacts()->pluck('id')->contains($contactId)) {
abort(403);
}
if (Account::findOrFail($contactId)) {
return ContactsList::findOrFail($id)->contacts()->attach($contactId);
}
}
public function contactRemove(int $id, int $contactId)
{
if (!ContactsList::findOrFail($id)->contacts()->pluck('id')->contains($contactId)) {
abort(403);
}
return ContactsList::findOrFail($id)->contacts()->detach($contactId);
}
}

42
flexiapi/app/Http/Controllers/Api/Admin/DeviceController.php Normal file
View file

@ -0,0 +1,42 @@
<?php
/*
Flexisip Account Manager is a set of tools to manage SIP accounts.
Copyright (C) 2020 Belledonne Communications SARL, All rights reserved.
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU Affero General Public License as
published by the Free Software Foundation, either version 3 of the
License, or (at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU Affero General Public License for more details.
You should have received a copy of the GNU Affero General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
namespace App\Http\Controllers\Api\Admin;
use App\Http\Controllers\Controller;
use App\Libraries\FlexisipConnector;
use App\Account;
use stdClass;
class DeviceController extends Controller
{
public function index(int $accountId)
{
$devices = (new FlexisipConnector)->getDevices(Account::findOrFail($accountId)->identifier);
return ($devices->isEmpty()) ? new stdClass : $devices;
}
public function destroy(int $accountId, string $uuid)
{
$connector = new FlexisipConnector;
return $connector->deleteDevice(Account::findOrFail($accountId)->identifier, $uuid);
}
}

73
flexiapi/app/Http/Controllers/Api/Admin/MessageController.php Normal file
View file

@ -0,0 +1,73 @@
<?php
/*
Flexisip Account Manager is a set of tools to manage SIP accounts.
Copyright (C) 2023 Belledonne Communications SARL, All rights reserved.
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU Affero General Public License as
published by the Free Software Foundation, either version 3 of the
License, or (at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU Affero General Public License for more details.
You should have received a copy of the GNU Affero General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
namespace App\Http\Controllers\Api\Admin;
use App\Http\Controllers\Controller;
use Illuminate\Http\Request;
use Illuminate\Validation\ValidationException;
use Illuminate\Support\Facades\Log;
class MessageController extends Controller
{
public function send(Request $request)
{
$request->validate([
'to' => 'required',
'body' => 'required'
]);
$returnedLines = [];
$loop = \React\EventLoop\Loop::get();
$connector = new \React\Socket\UnixConnector($loop);
$connector->connect('unix://'.config('app.linphone_daemon_unix_pipe'))
->then(function (\React\Socket\Connection $connection) use ($request, &$returnedLines) {
$connection->on('data', function ($message) use ($connection, &$returnedLines) {
foreach (preg_split("/\r\n|\n|\r/", $message) as $line) {
if (!empty($line) && false !== ($matches = explode(':', $line, 2))) {
$returnedLines["{$matches[0]}"] = trim($matches[1]);
}
}
$connection->close();
});
$connection->write("message sip:".$request->get('to')." ".$request->get('body')."\n");
}, function (\Exception $e) {
Log::error($e->getMessage());
});
$loop->run();
if (!array_key_exists('Status', $returnedLines)) {
throw ValidationException::withMessages(["The internal socket cannot be requested properly"]);
}
if ($returnedLines['Status'] == 'Error') {
throw ValidationException::withMessages([$returnedLines['Reason']]);
}
if ($returnedLines['Status'] == 'Ok') {
return response()->json(['id' => $returnedLines['Id']]);
}
}
}

111
flexiapi/app/Http/Controllers/Api/Admin/SipDomainController.php Normal file
View file

@ -0,0 +1,111 @@
<?php
/*
Flexisip Account Manager is a set of tools to manage SIP accounts.
Copyright (C) 2023 Belledonne Communications SARL, All rights reserved.
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU Affero General Public License as
published by the Free Software Foundation, either version 3 of the
License, or (at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU Affero General Public License for more details.
You should have received a copy of the GNU Affero General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
namespace App\Http\Controllers\Api\Admin;
use Illuminate\Http\Request;
use App\Http\Controllers\Controller;
use App\SipDomain;
class SipDomainController extends Controller
{
public function index()
{
return SipDomain::all();
}
public function store(Request $request)
{
$request->validate([
'domain' => 'required|unique:sip_domains',
]);
$sipDomain = new SipDomain;
$sipDomain->domain = $request->get('domain');
$this->setRequestBoolean($request, $sipDomain, 'super');
$this->setRequestBoolean($request, $sipDomain, 'disable_chat_feature');
$this->setRequestBoolean($request, $sipDomain, 'disable_meetings_feature');
$this->setRequestBoolean($request, $sipDomain, 'disable_broadcast_feature');
$this->setRequestBoolean($request, $sipDomain, 'hide_settings');
$this->setRequestBoolean($request, $sipDomain, 'hide_account_settings');
$this->setRequestBoolean($request, $sipDomain, 'disable_call_recordings_feature');
$this->setRequestBoolean($request, $sipDomain, 'only_display_sip_uri_username');
$this->setRequestBoolean($request, $sipDomain, 'assistant_hide_create_account');
$this->setRequestBoolean($request, $sipDomain, 'assistant_disable_qr_code');
$this->setRequestBoolean($request, $sipDomain, 'assistant_hide_third_party_account');
$sipDomain->max_account = $request->get('max_account', 0);
$sipDomain->save();
return $sipDomain->refresh();
}
public function show(string $domain)
{
return SipDomain::where('domain', $domain)->firstOrFail();
}
public function update(Request $request, string $domain)
{
$request->validate([
'super' => 'required|boolean',
'disable_chat_feature' => 'required|boolean',
'disable_meetings_feature' => 'required|boolean',
'disable_broadcast_feature' => 'required|boolean',
'hide_settings' => 'required|boolean',
'hide_account_settings' => 'required|boolean',
'disable_call_recordings_feature' => 'required|boolean',
'only_display_sip_uri_username' => 'required|boolean',
'assistant_hide_create_account' => 'required|boolean',
'assistant_disable_qr_code' => 'required|boolean',
'assistant_hide_third_party_account' => 'required|boolean',
'max_account' => 'required|integer',
]);
$sipDomain = SipDomain::where('domain', $domain)->firstOrFail();
$sipDomain->super = $request->get('super');
$sipDomain->disable_chat_feature = $request->get('disable_chat_feature');
$sipDomain->disable_meetings_feature = $request->get('disable_meetings_feature');
$sipDomain->disable_broadcast_feature = $request->get('disable_broadcast_feature');
$sipDomain->hide_settings = $request->get('hide_settings');
$sipDomain->hide_account_settings = $request->get('hide_account_settings');
$sipDomain->disable_call_recordings_feature = $request->get('disable_call_recordings_feature');
$sipDomain->only_display_sip_uri_username = $request->get('only_display_sip_uri_username');
$sipDomain->assistant_hide_create_account = $request->get('assistant_hide_create_account');
$sipDomain->assistant_disable_qr_code = $request->get('assistant_disable_qr_code');
$sipDomain->assistant_hide_third_party_account = $request->get('assistant_hide_third_party_account');
$sipDomain->max_account = $request->get('max_account', 0);
$sipDomain->save();
return $sipDomain;
}
private function setRequestBoolean(Request $request, SipDomain $sipDomain, string $key)
{
if ($request->has($key)) {
$sipDomain->$key = (bool)$request->get($key);
}
}
public function destroy(string $domain)
{
return SipDomain::where('domain', $domain)->delete();
}
}

88
flexiapi/app/Http/Controllers/Api/Admin/VcardsStorageController.php Normal file
View file

@ -0,0 +1,88 @@
<?php
/*
Flexisip Account Manager is a set of tools to manage SIP accounts.
Copyright (C) 2023 Belledonne Communications SARL, All rights reserved.
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU Affero General Public License as
published by the Free Software Foundation, either version 3 of the
License, or (at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU Affero General Public License for more details.
You should have received a copy of the GNU Affero General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
namespace App\Http\Controllers\Api\Admin;
use App\Account;
use App\Http\Controllers\Controller;
use App\Rules\Vcard;
use App\VcardStorage;
use Illuminate\Http\Request;
use Sabre\VObject;
class VcardsStorageController extends Controller
{
public function index(int $accountId)
{
return Account::findOrFail($accountId)->vcardsStorage()->get()->keyBy('uuid');
}
public function show(int $accountId, string $uuid)
{
return Account::findOrFail($accountId)->vcardsStorage()->where('uuid', $uuid)->firstOrFail();
}
public function store(Request $request, int $accountId)
{
$request->validate([
'vcard' => ['required', new Vcard()]
]);
$vcardo = VObject\Reader::read($request->get('vcard'));
if (Account::findOrFail($accountId)->vcardsStorage()->where('uuid', $vcardo->UID)->first()) {
abort(409, 'Vcard already exists');
}
$vcard = new VcardStorage();
$vcard->account_id = $accountId;
$vcard->uuid = $vcardo->UID;
$vcard->vcard = preg_replace('/\r\n?/', "\n", $vcardo->serialize());
$vcard->save();
return $vcard->vcard;
}
public function update(Request $request, int $accountId, string $uuid)
{
$request->validate([
'vcard' => ['required', new Vcard()]
]);
$vcardo = VObject\Reader::read($request->get('vcard'));
if ($vcardo->UID != $uuid) {
abort(422, 'UUID should be the same');
}
$vcard = Account::findOrFail($accountId)->vcardsStorage()->where('uuid', $uuid)->firstOrFail();
$vcard->vcard = preg_replace('/\r\n?/', "\n", $vcardo->serialize());
$vcard->save();
return $vcard->vcard;
}
public function destroy(int $accountId, string $uuid)
{
$vcard = Account::findOrFail($accountId)->vcardsStorage()->where('uuid', $uuid)->firstOrFail();
return $vcard->delete();
}
}

33
flexiapi/app/Http/Controllers/Api/ApiController.php Normal file
View file

@ -0,0 +1,33 @@
<?php
/*
Flexisip Account Manager is a set of tools to manage SIP accounts.
Copyright (C) 2020 Belledonne Communications SARL, All rights reserved.
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU Affero General Public License as
published by the Free Software Foundation, either version 3 of the
License, or (at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU Affero General Public License for more details.
You should have received a copy of the GNU Affero General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
namespace App\Http\Controllers\Api;
use App\Http\Controllers\Controller;
use Illuminate\Http\Request;
class ApiController extends Controller
{
public function documentation(Request $request)
{
return view('api.documentation', [
'documentation' => markdownDocumentationView('api.documentation_markdown')
]);
}
}

14
flexiapi/app/Http/Controllers/Api/PhoneCountryController.php Normal file
View file

@ -0,0 +1,14 @@
<?php
namespace App\Http\Controllers\Api;
use App\Http\Controllers\Controller;
use App\PhoneCountry;
class PhoneCountryController extends Controller
{
public function index()
{
return PhoneCountry::all();
}
}

31
flexiapi/app/Http/Controllers/Api/PingController.php Normal file
View file

@ -0,0 +1,31 @@
<?php
/*
Flexisip Account Manager is a set of tools to manage SIP accounts.
Copyright (C) 2020 Belledonne Communications SARL, All rights reserved.
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU Affero General Public License as
published by the Free Software Foundation, either version 3 of the
License, or (at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU Affero General Public License for more details.
You should have received a copy of the GNU Affero General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
namespace App\Http\Controllers\Api;
use App\Http\Controllers\Controller;
use Illuminate\Http\Request;
class PingController extends Controller
{
public function ping(Request $request)
{
return 'pong';
}
}

92
flexiapi/app/Http/Controllers/Api/StatisticsCallController.php Normal file
View file

@ -0,0 +1,92 @@
<?php
/*
Flexisip Account Manager is a set of tools to manage SIP accounts.
Copyright (C) 2020 Belledonne Communications SARL, All rights reserved.
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU Affero General Public License as
published by the Free Software Foundation, either version 3 of the
License, or (at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU Affero General Public License for more details.
You should have received a copy of the GNU Affero General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
namespace App\Http\Controllers\Api;
use App\Http\Controllers\Controller;
use App\StatisticsCall;
use App\StatisticsCallDevice;
use Illuminate\Http\Request;
use Illuminate\Support\Facades\Log;
class StatisticsCallController extends Controller
{
public function store(Request $request)
{
$request->validate([
'id' => 'required|string|max:64',
'from' => 'required|string|max:256',
'to' => 'required|string|max:256',
'initiated_at' => 'required|iso_date',
'ended_at' => 'iso_date|nullable',
'conference_id' => 'string|nullable',
]);
$statisticsCall = new StatisticsCall;
$statisticsCall->id = $request->get('id');
list($statisticsCall->from_username, $statisticsCall->from_domain) = explode('@', $request->get('from'));
list($statisticsCall->to_username, $statisticsCall->to_domain) = explode('@', $request->get('to'));
$statisticsCall->initiated_at = $request->get('initiated_at');
$statisticsCall->ended_at = $request->get('ended_at');
//$statisticsCall->conference_id = $request->get('conference_id');
try {
return $statisticsCall->saveOrFail();
} catch (\Exception $e) {
Log::channel('database_errors')->error($e->getMessage());
abort(400, 'Database error');
}
}
public function storeDevice(Request $request, string $callId, string $deviceId)
{
$request->validate([
'rang_at' => 'iso_date',
'invite_terminated.at' => 'required_with:invite_terminated.state,iso_date',
'invite_terminated.state' => 'required_with:invite_terminated.at,string',
]);
try {
return StatisticsCallDevice::updateOrCreate(
['call_id' => $callId, 'device_id' => $deviceId],
[
'rang_at' => $request->get('rang_at'),
'invite_terminated_at' => $request->get('invite_terminated.at'),
'invite_terminated_state' => $request->get('invite_terminated.state')
]
);
} catch (\Exception $e) {
Log::channel('database_errors')->error($e->getMessage());
abort(400, 'Database error');
}
}
public function update(Request $request, string $callId)
{
$request->validate([
'ended_at' => 'required|iso_date',
]);
$statisticsCall = StatisticsCall::where('id', $callId)->firstOrFail();
$statisticsCall->ended_at = $request->get('ended_at');
$statisticsCall->save();
return $statisticsCall;
}
}

Some files were not shown because too many files have changed in this diff Show more