ben.carrasco/jambonz-api-server
1
0
Fork 0
mirror of https://github.com/jambonz/jambonz-api-server.git synced 2026-01-25 02:08:24 +00:00
Code Issues Packages Projects Releases Wiki Activity

Feat/admin numbers carriers (#532)

Browse Source 
* add JAMBONES_ADMIN_CARRIER check to limit creating carriers and numbers

* fix logic
This commit is contained in:
Sam Machin
2026-01-07 13:01:44 +00:00
committed by GitHub
parent 3f1e756467
commit 69046ab5d2
4 changed files with 31 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
lib/routes/api/accounts.js
View File

@@ -140,6 +140,11 @@ router.put('/:sid/VoipCarriers/:voip_carrier_sid', async(req, res) => {
const logger = req.app.locals.logger;
try {
if (process.env.JAMBONES_ADMIN_CARRIER == 1 && (!req.user.hasScope('service_provider')
&& !req.user.hasScope('admin'))) {
throw new DbErrorBadRequest('insufficient privileges');
}
const sid = parseVoipCarrierSid(req);
const account_sid = parseAccountSid(req);
await validateRequest(req, account_sid);
@@ -159,6 +164,10 @@ router.post('/:sid/VoipCarriers', async(req, res) => {
const logger = req.app.locals.logger;
const payload = req.body;
try {
if (process.env.JAMBONES_ADMIN_CARRIER == 1 && (!req.user.hasScope('service_provider')
|| !!req.user.hasScope('admin'))) {
throw new DbErrorBadRequest('insufficient privileges');
}
const account_sid = parseAccountSid(req);
await validateRequest(req, account_sid);
// Set the service_provder_sid to the relevent value for the account

5
lib/routes/api/phone-numbers.js
View File

@@ -19,6 +19,11 @@ const hasWhitespace = (str) => /\s/.test(str);
/* check for required fields when adding */
async function validateAdd(req) {
try {
if (process.env.JAMBONES_ADMIN_CARRIER == 1 && (!req.user.hasScope('service_provider')
&& !req.user.hasScope('admin'))) {
throw new DbErrorBadRequest('insufficient privileges');
}
/* account level user can only act on carriers associated to his/her account */
if (req.user.hasAccountAuth) {
req.body.account_sid = req.user.account_sid;

6
lib/routes/api/sip-gateways.js
View File

@@ -45,6 +45,12 @@ const validate = async(req, sid) => {
const {netmask, ipv4, inbound, outbound} = req.body;
let voip_carrier_sid;
if (process.env.JAMBONES_ADMIN_CARRIER == 1 && (!req.user.hasScope('service_provider')
&& !req.user.hasScope('admin'))) {
throw new DbErrorBadRequest('insufficient privileges');
}
if (sid) {
const gateway = await lookupSipGatewayBySid(sid);
if (!gateway) throw new DbErrorBadRequest('invalid sip_gateway_sid');

11
lib/routes/api/voip-carriers.js
View File

@@ -9,6 +9,11 @@ const { parseVoipCarrierSid } = require('./utils');
const validate = async(req) => {
const {lookupAppBySid, lookupAccountBySid} = req.app.locals;
if (process.env.JAMBONES_ADMIN_CARRIER == 1 && (!req.user.hasScope('service_provider')
&& !req.user.hasScope('admin'))) {
throw new DbErrorBadRequest('insufficient privileges');
}
/* account level user can only act on carriers associated to his/her account */
if (req.user.hasAccountAuth) {
req.body.account_sid = req.user.account_sid;
@@ -45,6 +50,12 @@ const validateUpdate = async(req, sid) => {
const validateDelete = async(req, sid) => {
const {lookupCarrierBySid} = req.app.locals;
if (process.env.JAMBONES_ADMIN_CARRIER == 1 && (!req.user.hasScope('service_provider')
&& !req.user.hasScope('admin'))) {
throw new DbErrorBadRequest('insufficient privileges');
}
if (req.user.hasAccountAuth) {
/* can only update carriers for the user's account */
const carrier = await lookupCarrierBySid(sid);