error case: creating user with duplicate email, return json with msg for toast

add PUT for Account level Carrier
Bugfix/fix permissions (#89 )
2026-01-25 02:08:24 +00:00 · 2022-12-26 13:19:24 -06:00 · 2022-12-26 11:14:41 -06:00 · 2022-12-25 14:52:57 -06:00 · 2022-12-22 12:01:04 -06:00 · 2022-12-19 15:05:35 -05:00
10 changed files with 387 additions and 165 deletions
--- a/db/jambones-sql.sql
+++ b/db/jambones-sql.sql
@@ -83,7 +83,7 @@ CREATE TABLE account_limits
 (
 account_limits_sid CHAR(36) NOT NULL UNIQUE ,
 account_sid CHAR(36) NOT NULL,
-category ENUM('api_rate','voice_call_session', 'device') NOT NULL,
+category ENUM('api_rate','voice_call_session', 'device','voice_call_minutes','voice_call_session_license', 'voice_call_minutes_license') NOT NULL,
 quantity INTEGER NOT NULL,
 PRIMARY KEY (account_limits_sid)
 );
@@ -266,7 +266,7 @@ CREATE TABLE service_provider_limits
 (
 service_provider_limits_sid CHAR(36) NOT NULL UNIQUE ,
 service_provider_sid CHAR(36) NOT NULL,
-category ENUM('api_rate','voice_call_session', 'device') NOT NULL,
+category ENUM('api_rate','voice_call_session', 'device','voice_call_minutes','voice_call_session_license', 'voice_call_minutes_license') NOT NULL,
 quantity INTEGER NOT NULL,
 PRIMARY KEY (service_provider_limits_sid)
 );
@@ -330,14 +330,6 @@ is_active BOOLEAN NOT NULL DEFAULT true,
 PRIMARY KEY (user_sid)
 );

-CREATE TABLE user_permissions
-(
-user_permissions_sid CHAR(36) NOT NULL UNIQUE ,
-user_sid CHAR(36) NOT NULL,
-permission_sid CHAR(36) NOT NULL,
-PRIMARY KEY (user_permissions_sid)
-);
-
 CREATE TABLE voip_carriers
 (
 voip_carrier_sid CHAR(36) NOT NULL UNIQUE ,
@@ -368,6 +360,14 @@ register_public_ip_in_contact BOOLEAN NOT NULL DEFAULT false,
 PRIMARY KEY (voip_carrier_sid)
 ) COMMENT='A Carrier or customer PBX that can send or receive calls';

+CREATE TABLE user_permissions
+(
+user_permissions_sid CHAR(36) NOT NULL UNIQUE ,
+user_sid CHAR(36) NOT NULL,
+permission_sid CHAR(36) NOT NULL,
+PRIMARY KEY (user_permissions_sid)
+);
+
 CREATE TABLE smpp_gateways
 (
 smpp_gateway_sid CHAR(36) NOT NULL UNIQUE ,
@@ -385,7 +385,7 @@ PRIMARY KEY (smpp_gateway_sid)
 CREATE TABLE phone_numbers
 (
 phone_number_sid CHAR(36) UNIQUE ,
-number VARCHAR(32) NOT NULL UNIQUE ,
+number VARCHAR(132) NOT NULL UNIQUE ,
 voip_carrier_sid CHAR(36),
 account_sid CHAR(36),
 application_sid CHAR(36),
@@ -573,12 +573,6 @@ CREATE INDEX service_provider_sid_idx ON users (service_provider_sid);
 ALTER TABLE users ADD FOREIGN KEY service_provider_sid_idxfk_6 (service_provider_sid) REFERENCES service_providers (service_provider_sid);

 CREATE INDEX email_activation_code_idx ON users (email_activation_code);
-CREATE INDEX user_permissions_sid_idx ON user_permissions (user_permissions_sid);
-CREATE INDEX user_sid_idx ON user_permissions (user_sid);
-ALTER TABLE user_permissions ADD FOREIGN KEY user_sid_idxfk (user_sid) REFERENCES users (user_sid) ON DELETE CASCADE;
-
-ALTER TABLE user_permissions ADD FOREIGN KEY permission_sid_idxfk (permission_sid) REFERENCES permissions (permission_sid);
-
 CREATE INDEX voip_carrier_sid_idx ON voip_carriers (voip_carrier_sid);
 CREATE INDEX account_sid_idx ON voip_carriers (account_sid);
 ALTER TABLE voip_carriers ADD FOREIGN KEY account_sid_idxfk_10 (account_sid) REFERENCES accounts (account_sid);
@@ -588,6 +582,12 @@ ALTER TABLE voip_carriers ADD FOREIGN KEY service_provider_sid_idxfk_7 (service_

 ALTER TABLE voip_carriers ADD FOREIGN KEY application_sid_idxfk_2 (application_sid) REFERENCES applications (application_sid);

+CREATE INDEX user_permissions_sid_idx ON user_permissions (user_permissions_sid);
+CREATE INDEX user_sid_idx ON user_permissions (user_sid);
+ALTER TABLE user_permissions ADD FOREIGN KEY user_sid_idxfk (user_sid) REFERENCES users (user_sid) ON DELETE CASCADE;
+
+ALTER TABLE user_permissions ADD FOREIGN KEY permission_sid_idxfk (permission_sid) REFERENCES permissions (permission_sid);
+
 CREATE INDEX smpp_gateway_sid_idx ON smpp_gateways (smpp_gateway_sid);
 CREATE INDEX voip_carrier_sid_idx ON smpp_gateways (voip_carrier_sid);
 ALTER TABLE smpp_gateways ADD FOREIGN KEY voip_carrier_sid_idxfk (voip_carrier_sid) REFERENCES voip_carriers (voip_carrier_sid);
--- a/db/jambones.sqs
+++ b/db/jambones.sqs
@@ -87,7 +87,7 @@
            <notNull><![CDATA[1]]></notNull>
            <uid><![CDATA[49E56AF4-4E40-49B6-BA88-4E378F1E6C18]]></uid>
        </SQLField>
-        <labelWindowIndex><![CDATA[7]]></labelWindowIndex>
+        <labelWindowIndex><![CDATA[9]]></labelWindowIndex>
        <ui.treeExpanded><![CDATA[1]]></ui.treeExpanded>
        <uid><![CDATA[0507BD46-ACAC-48A3-841E-4DEC2FEDCB72]]></uid>
    </SQLTable>
@@ -148,7 +148,7 @@
            <notNull><![CDATA[1]]></notNull>
            <uid><![CDATA[6E651E52-F91E-4086-9A1E-FB3425476B2F]]></uid>
        </SQLField>
-        <labelWindowIndex><![CDATA[17]]></labelWindowIndex>
+        <labelWindowIndex><![CDATA[19]]></labelWindowIndex>
        <ui.treeExpanded><![CDATA[1]]></ui.treeExpanded>
        <uid><![CDATA[0A95311F-47FA-429F-BAF9-1442C6EE0C0E]]></uid>
    </SQLTable>
@@ -225,7 +225,7 @@
            <notNull><![CDATA[1]]></notNull>
            <uid><![CDATA[D1019218-F1FC-4BC5-A890-F8DBB7153375]]></uid>
        </SQLField>
-        <labelWindowIndex><![CDATA[10]]></labelWindowIndex>
+        <labelWindowIndex><![CDATA[12]]></labelWindowIndex>
        <ui.treeExpanded><![CDATA[1]]></ui.treeExpanded>
        <uid><![CDATA[0AC2FD20-B22F-48DB-8611-801CEF6BFA12]]></uid>
    </SQLTable>
@@ -279,7 +279,7 @@
            <uid><![CDATA[755D10B0-F60D-4250-8971-C8E4FDB0E0CD]]></uid>
            <unique><![CDATA[1]]></unique>
        </SQLField>
-        <labelWindowIndex><![CDATA[14]]></labelWindowIndex>
+        <labelWindowIndex><![CDATA[16]]></labelWindowIndex>
        <ui.treeExpanded><![CDATA[1]]></ui.treeExpanded>
        <uid><![CDATA[16B9E383-E044-4D71-AB46-FEB86A46A298]]></uid>
    </SQLTable>
@@ -316,7 +316,7 @@
            <notNull><![CDATA[1]]></notNull>
            <uid><![CDATA[C4EEBFF0-C3CB-4897-8720-12D14DBA93A5]]></uid>
        </SQLField>
-        <labelWindowIndex><![CDATA[1]]></labelWindowIndex>
+        <labelWindowIndex><![CDATA[3]]></labelWindowIndex>
        <ui.treeExpanded><![CDATA[1]]></ui.treeExpanded>
        <uid><![CDATA[1A80FB9B-419E-483A-86FF-B44A00A44D7F]]></uid>
    </SQLTable>
@@ -471,7 +471,7 @@
            <notNull><![CDATA[1]]></notNull>
            <uid><![CDATA[601FA05B-78A5-4E7E-9983-39BB0E6D18EB]]></uid>
        </SQLField>
-        <labelWindowIndex><![CDATA[21]]></labelWindowIndex>
+        <labelWindowIndex><![CDATA[23]]></labelWindowIndex>
        <ui.treeExpanded><![CDATA[1]]></ui.treeExpanded>
        <uid><![CDATA[2A735FAB-592C-42E5-9C8B-06B109314799]]></uid>
    </SQLTable>
@@ -537,7 +537,7 @@
            <indexed><![CDATA[1]]></indexed>
            <uid><![CDATA[365FB018-429D-4DA4-AC33-D9D106EA97E5]]></uid>
        </SQLField>
-        <labelWindowIndex><![CDATA[6]]></labelWindowIndex>
+        <labelWindowIndex><![CDATA[8]]></labelWindowIndex>
        <ui.treeExpanded><![CDATA[1]]></ui.treeExpanded>
        <uid><![CDATA[311D99B2-DC8B-4C4A-A1FC-4AFAA1F450F3]]></uid>
    </SQLTable>
@@ -732,7 +732,7 @@
            <notNull><![CDATA[1]]></notNull>
            <uid><![CDATA[E93A67DB-9A49-4980-9B25-CF1E7DC42F9B]]></uid>
        </SQLField>
-        <labelWindowIndex><![CDATA[22]]></labelWindowIndex>
+        <labelWindowIndex><![CDATA[24]]></labelWindowIndex>
        <objectComment><![CDATA[A Carrier or customer PBX that can send or receive calls]]></objectComment>
        <ui.treeExpanded><![CDATA[1]]></ui.treeExpanded>
        <uid><![CDATA[3D3136A7-AFC0-4A70-AEC3-68577955CA2E]]></uid>
@@ -814,7 +814,7 @@
            <defaultValue><![CDATA[CURRENT_TIMESTAMP]]></defaultValue>
            <uid><![CDATA[C84C9B6A-80B5-4B0B-8C14-EB02F7421BBE]]></uid>
        </SQLField>
-        <labelWindowIndex><![CDATA[31]]></labelWindowIndex>
+        <labelWindowIndex><![CDATA[33]]></labelWindowIndex>
        <objectComment><![CDATA[An authorization token that is used to access the REST api]]></objectComment>
        <ui.treeExpanded><![CDATA[1]]></ui.treeExpanded>
        <uid><![CDATA[3EDF89A0-FD38-4DF9-BB65-E0FCD0A678BE]]></uid>
@@ -827,7 +827,7 @@
            <y>325.00</y>
        </location>
        <size>
-            <width>352.00</width>
+            <width>770.00</width>
            <height>100.00</height>
        </size>
        <zorder>30</zorder>
@@ -857,7 +857,7 @@
        </SQLField>
        <SQLField>
            <name><![CDATA[category]]></name>
-            <type><![CDATA[ENUM('api_rate','voice_call_session', 'device')]]></type>
+            <type><![CDATA[ENUM('api_rate','voice_call_session', 'device','voice_call_minutes','voice_call_session_license', 'voice_call_minutes_license')]]></type>
            <notNull><![CDATA[1]]></notNull>
            <uid><![CDATA[9724C27F-3B51-453A-99B8-313480D4A63A]]></uid>
        </SQLField>
@@ -867,7 +867,7 @@
            <notNull><![CDATA[1]]></notNull>
            <uid><![CDATA[EA4C1A7E-68ED-41D5-9EE9-345DD61F00C7]]></uid>
        </SQLField>
-        <labelWindowIndex><![CDATA[3]]></labelWindowIndex>
+        <labelWindowIndex><![CDATA[5]]></labelWindowIndex>
        <ui.treeExpanded><![CDATA[1]]></ui.treeExpanded>
        <uid><![CDATA[4893A0F0-BE1B-4322-9034-644528E802DE]]></uid>
    </SQLTable>
@@ -994,7 +994,7 @@
            <indexType><![CDATA[UNIQUE]]></indexType>
            <uid><![CDATA[554ABEC2-3E1B-41B1-BF07-25F403D5E3B4]]></uid>
        </SQLIndex>
-        <labelWindowIndex><![CDATA[16]]></labelWindowIndex>
+        <labelWindowIndex><![CDATA[18]]></labelWindowIndex>
        <ui.treeExpanded><![CDATA[1]]></ui.treeExpanded>
        <uid><![CDATA[49A68E1C-DEE2-446C-A4EB-9850E16155CC]]></uid>
    </SQLTable>
@@ -1015,7 +1015,7 @@
            <type><![CDATA[VARCHAR(16)]]></type>
            <uid><![CDATA[1EA572BD-FF6B-43CC-9EBB-33A735781429]]></uid>
        </SQLField>
-        <labelWindowIndex><![CDATA[4]]></labelWindowIndex>
+        <labelWindowIndex><![CDATA[6]]></labelWindowIndex>
        <ui.treeExpanded><![CDATA[1]]></ui.treeExpanded>
        <uid><![CDATA[518AC592-D3E6-4032-8A33-15A3DB72B060]]></uid>
    </SQLTable>
@@ -1076,7 +1076,7 @@
            <notNull><![CDATA[1]]></notNull>
            <uid><![CDATA[6B2F726C-48A6-49D9-B7B1-8850DD6FB3EC]]></uid>
        </SQLField>
-        <labelWindowIndex><![CDATA[9]]></labelWindowIndex>
+        <labelWindowIndex><![CDATA[11]]></labelWindowIndex>
        <ui.treeExpanded><![CDATA[1]]></ui.treeExpanded>
        <uid><![CDATA[51A02EFE-AA51-46EF-8671-E8B2F1FC5F8D]]></uid>
    </SQLTable>
@@ -1088,7 +1088,7 @@
            <y>205.00</y>
        </location>
        <size>
-            <width>352.00</width>
+            <width>770.00</width>
            <height>100.00</height>
        </size>
        <zorder>29</zorder>
@@ -1118,7 +1118,7 @@
        </SQLField>
        <SQLField>
            <name><![CDATA[category]]></name>
-            <type><![CDATA[ENUM('api_rate','voice_call_session', 'device')]]></type>
+            <type><![CDATA[ENUM('api_rate','voice_call_session', 'device','voice_call_minutes','voice_call_session_license', 'voice_call_minutes_license')]]></type>
            <notNull><![CDATA[1]]></notNull>
            <uid><![CDATA[72BFA408-371D-4B21-8DA0-A56644FCD92C]]></uid>
        </SQLField>
@@ -1128,7 +1128,7 @@
            <notNull><![CDATA[1]]></notNull>
            <uid><![CDATA[2EA3A57F-7EF7-4958-B06B-62B0279BB87E]]></uid>
        </SQLField>
-        <labelWindowIndex><![CDATA[2]]></labelWindowIndex>
+        <labelWindowIndex><![CDATA[4]]></labelWindowIndex>
        <ui.treeExpanded><![CDATA[1]]></ui.treeExpanded>
        <uid><![CDATA[5784AC2F-BEBC-466F-9818-F9A7D227A5B5]]></uid>
    </SQLTable>
@@ -1178,7 +1178,7 @@
            <type><![CDATA[VARCHAR(255)]]></type>
            <uid><![CDATA[04BB457A-D532-4780-8A58-5900094171EC]]></uid>
        </SQLField>
-        <labelWindowIndex><![CDATA[23]]></labelWindowIndex>
+        <labelWindowIndex><![CDATA[25]]></labelWindowIndex>
        <objectComment><![CDATA[An HTTP callback]]></objectComment>
        <ui.treeExpanded><![CDATA[1]]></ui.treeExpanded>
        <uid><![CDATA[64D64CB9-0990-4C68-BE71-F9FD43C2BE19]]></uid>
@@ -1278,7 +1278,7 @@
            <notNull><![CDATA[1]]></notNull>
            <uid><![CDATA[9A75A20B-1EFD-4E16-994A-5376C650EAB5]]></uid>
        </SQLField>
-        <labelWindowIndex><![CDATA[5]]></labelWindowIndex>
+        <labelWindowIndex><![CDATA[7]]></labelWindowIndex>
        <ui.treeExpanded><![CDATA[1]]></ui.treeExpanded>
        <uid><![CDATA[6511AF7D-91FD-40C7-9F73-B8E9E66DC249]]></uid>
    </SQLTable>
@@ -1347,7 +1347,7 @@
            <uid><![CDATA[9B4208B5-9E3B-4B76-B7F7-4E5D36B99BF2]]></uid>
            <unsigned><![CDATA[0]]></unsigned>
        </SQLField>
-        <labelWindowIndex><![CDATA[30]]></labelWindowIndex>
+        <labelWindowIndex><![CDATA[32]]></labelWindowIndex>
        <objectComment><![CDATA[a regex-based pattern match for call routing]]></objectComment>
        <ui.treeExpanded><![CDATA[1]]></ui.treeExpanded>
        <uid><![CDATA[78584D93-2CD7-4495-9C5E-893C7B869133]]></uid>
@@ -1384,7 +1384,7 @@
            <noQuoteDefault><![CDATA[1]]></noQuoteDefault>
            <uid><![CDATA[4D2F7B02-F183-4239-8CE8-3E98206708AE]]></uid>
        </SQLField>
-        <labelWindowIndex><![CDATA[8]]></labelWindowIndex>
+        <labelWindowIndex><![CDATA[10]]></labelWindowIndex>
        <ui.treeExpanded><![CDATA[1]]></ui.treeExpanded>
        <uid><![CDATA[86FAB0AB-DC68-4ADF-8A08-BBAF61BA1840]]></uid>
    </SQLTable>
@@ -1422,6 +1422,8 @@
            <type><![CDATA[VARCHAR(255)]]></type>
            <uid><![CDATA[673137EA-B74C-4BA7-AD25-1B71360A2E26]]></uid>
        </SQLField>
+        <labelWindowIndex><![CDATA[2]]></labelWindowIndex>
+        <ui.treeExpanded><![CDATA[1]]></ui.treeExpanded>
        <uid><![CDATA[87F254ED-D381-48E3-8E8F-C0F3D99CC01C]]></uid>
    </SQLTable>
    <SQLTable>
@@ -1452,7 +1454,7 @@
            <notNull><![CDATA[1]]></notNull>
            <uid><![CDATA[8998AAD6-A21C-4697-9660-8DC5005AED07]]></uid>
        </SQLField>
-        <labelWindowIndex><![CDATA[0]]></labelWindowIndex>
+        <labelWindowIndex><![CDATA[1]]></labelWindowIndex>
        <ui.treeExpanded><![CDATA[1]]></ui.treeExpanded>
        <uid><![CDATA[8E75DB2D-9078-40E6-88BF-7DDED5033362]]></uid>
    </SQLTable>
@@ -1529,7 +1531,7 @@
            <uid><![CDATA[1DDAD1A1-942D-4487-89C8-D496B7F82274]]></uid>
            <unique><![CDATA[1]]></unique>
        </SQLField>
-        <labelWindowIndex><![CDATA[20]]></labelWindowIndex>
+        <labelWindowIndex><![CDATA[22]]></labelWindowIndex>
        <objectComment><![CDATA[A Microsoft Teams customer tenant]]></objectComment>
        <ui.treeExpanded><![CDATA[1]]></ui.treeExpanded>
        <uid><![CDATA[92FD042A-5AEC-4D8F-AB94-C73C0F566F75]]></uid>
@@ -1599,7 +1601,7 @@
            <objectComment><![CDATA[lower priority carriers are attempted first]]></objectComment>
            <uid><![CDATA[01F61C68-799B-49B0-9E6A-0E2162EE5A54]]></uid>
        </SQLField>
-        <labelWindowIndex><![CDATA[26]]></labelWindowIndex>
+        <labelWindowIndex><![CDATA[28]]></labelWindowIndex>
        <objectComment><![CDATA[An entry in the LCR routing list]]></objectComment>
        <ui.treeExpanded><![CDATA[1]]></ui.treeExpanded>
        <uid><![CDATA[956025F5-0798-47F7-B76C-457814C7B52E]]></uid>
@@ -1792,7 +1794,7 @@
            <referencesTableUID><![CDATA[E97EE4F0-7ED7-4E8C-862E-D98192D6EAE0]]></referencesTableUID>
            <uid><![CDATA[4B8283B4-5E16-4846-A79D-12C6B2E73C86]]></uid>
        </SQLField>
-        <labelWindowIndex><![CDATA[28]]></labelWindowIndex>
+        <labelWindowIndex><![CDATA[30]]></labelWindowIndex>
        <objectComment><![CDATA[An enterprise that uses the platform for comm services]]></objectComment>
        <ui.treeExpanded><![CDATA[1]]></ui.treeExpanded>
        <uid><![CDATA[985D6997-B1A7-4AB3-80F4-4D59B45480C8]]></uid>
@@ -1831,7 +1833,7 @@
            <notNull><![CDATA[1]]></notNull>
            <uid><![CDATA[D0BF7D36-E40C-4385-9BA5-2099B49A1042]]></uid>
        </SQLField>
-        <labelWindowIndex><![CDATA[15]]></labelWindowIndex>
+        <labelWindowIndex><![CDATA[17]]></labelWindowIndex>
        <ui.treeExpanded><![CDATA[1]]></ui.treeExpanded>
        <uid><![CDATA[A8ED2178-3CC4-4174-A8FC-C2B58FD28214]]></uid>
    </SQLTable>
@@ -1923,7 +1925,7 @@
            <type><![CDATA[VARCHAR(32)]]></type>
            <uid><![CDATA[CE2015BC-8538-4FB0-B4D9-454436FAB1D9]]></uid>
        </SQLField>
-        <labelWindowIndex><![CDATA[11]]></labelWindowIndex>
+        <labelWindowIndex><![CDATA[13]]></labelWindowIndex>
        <ui.treeExpanded><![CDATA[1]]></ui.treeExpanded>
        <uid><![CDATA[AF34726D-EDFD-414E-9B44-5243DA9D9497]]></uid>
    </SQLTable>
@@ -1974,7 +1976,7 @@
            <notNull><![CDATA[1]]></notNull>
            <uid><![CDATA[73092A7A-9F3F-4C49-8478-39CE5DAF5ADD]]></uid>
        </SQLField>
-        <labelWindowIndex><![CDATA[13]]></labelWindowIndex>
+        <labelWindowIndex><![CDATA[15]]></labelWindowIndex>
        <ui.treeExpanded><![CDATA[1]]></ui.treeExpanded>
        <uid><![CDATA[B10C0DE3-03CD-4C5A-B1FB-F9F81ED14A40]]></uid>
    </SQLTable>
@@ -1987,7 +1989,7 @@
            <y>954.00</y>
        </location>
        <size>
-            <width>331.00</width>
+            <width>265.00</width>
            <height>140.00</height>
        </size>
        <zorder>2</zorder>
@@ -2004,7 +2006,7 @@
        </SQLField>
        <SQLField>
            <name><![CDATA[number]]></name>
-            <type><![CDATA[VARCHAR(32)]]></type>
+            <type><![CDATA[VARCHAR(132)]]></type>
            <indexed><![CDATA[1]]></indexed>
            <notNull><![CDATA[1]]></notNull>
            <uid><![CDATA[159B82ED-C6B0-4FC6-957B-5C354AF9E783]]></uid>
@@ -2070,7 +2072,7 @@
            <objectComment><![CDATA[if not null, this number is a test number for the associated service provider]]></objectComment>
            <uid><![CDATA[D2D46B75-F9C7-42A5-8D8C-4A8412C75ECA]]></uid>
        </SQLField>
-        <labelWindowIndex><![CDATA[29]]></labelWindowIndex>
+        <labelWindowIndex><![CDATA[31]]></labelWindowIndex>
        <objectComment><![CDATA[A phone number that has been assigned to an account]]></objectComment>
        <ui.treeExpanded><![CDATA[1]]></ui.treeExpanded>
        <uid><![CDATA[BA650DDC-AC7B-4DFE-A5E5-828C75607807]]></uid>
@@ -2170,7 +2172,7 @@
            <indexNamePrefix><![CDATA[sip_gateway]]></indexNamePrefix>
            <uid><![CDATA[1C744DE3-39BD-4EC6-B427-7EB2DD258771]]></uid>
        </SQLIndex>
-        <labelWindowIndex><![CDATA[25]]></labelWindowIndex>
+        <labelWindowIndex><![CDATA[27]]></labelWindowIndex>
        <objectComment><![CDATA[A whitelisted sip gateway used for origination/termination]]></objectComment>
        <ui.treeExpanded><![CDATA[1]]></ui.treeExpanded>
        <uid><![CDATA[D8A564E2-DA41-4217-8ACE-06CF77E9BEC1]]></uid>
@@ -2339,7 +2341,7 @@
            <indexType><![CDATA[UNIQUE]]></indexType>
            <uid><![CDATA[3FDDDF3B-375D-4DE4-B759-514438845F7D]]></uid>
        </SQLIndex>
-        <labelWindowIndex><![CDATA[27]]></labelWindowIndex>
+        <labelWindowIndex><![CDATA[29]]></labelWindowIndex>
        <objectComment><![CDATA[A defined set of behaviors to be applied to phone calls ]]></objectComment>
        <ui.treeExpanded><![CDATA[1]]></ui.treeExpanded>
        <uid><![CDATA[E97EE4F0-7ED7-4E8C-862E-D98192D6EAE0]]></uid>
@@ -2447,7 +2449,7 @@
            <type><![CDATA[VARBINARY(52)]]></type>
            <uid><![CDATA[B4793720-635C-4E25-A306-62E7416541C4]]></uid>
        </SQLField>
-        <labelWindowIndex><![CDATA[12]]></labelWindowIndex>
+        <labelWindowIndex><![CDATA[14]]></labelWindowIndex>
        <ui.treeExpanded><![CDATA[1]]></ui.treeExpanded>
        <uid><![CDATA[EB4BC5F9-CC10-4C8C-AB31-6D942256AEFB]]></uid>
    </SQLTable>
@@ -2517,7 +2519,7 @@
            <indexed><![CDATA[1]]></indexed>
            <uid><![CDATA[6F249D1F-111F-45B4-B76C-8B5E6B9CB43F]]></uid>
        </SQLField>
-        <labelWindowIndex><![CDATA[19]]></labelWindowIndex>
+        <labelWindowIndex><![CDATA[21]]></labelWindowIndex>
        <ui.treeExpanded><![CDATA[1]]></ui.treeExpanded>
        <uid><![CDATA[F0EE651E-DBF6-4CAC-A517-AC85BCC2D3AF]]></uid>
    </SQLTable>
@@ -2562,7 +2564,7 @@
            <uid><![CDATA[B73773BA-AB1B-47AA-B995-2D2FE006198F]]></uid>
            <unique><![CDATA[1]]></unique>
        </SQLField>
-        <labelWindowIndex><![CDATA[24]]></labelWindowIndex>
+        <labelWindowIndex><![CDATA[26]]></labelWindowIndex>
        <objectComment><![CDATA[Least cost routing table]]></objectComment>
        <ui.treeExpanded><![CDATA[1]]></ui.treeExpanded>
        <uid><![CDATA[F283D572-F670-4571-91FD-A665A9D3E15D]]></uid>
@@ -2629,7 +2631,7 @@
            <type><![CDATA[VARCHAR(255)]]></type>
            <uid><![CDATA[FA39B463-61C7-4654-BE9C-D1AC39AB1B97]]></uid>
        </SQLField>
-        <labelWindowIndex><![CDATA[18]]></labelWindowIndex>
+        <labelWindowIndex><![CDATA[20]]></labelWindowIndex>
        <objectComment><![CDATA[A partition of the platform used by one service provider]]></objectComment>
        <ui.treeExpanded><![CDATA[1]]></ui.treeExpanded>
        <uid><![CDATA[F294B51E-F867-47CA-BC1F-F70BDF8170FF]]></uid>
@@ -2685,6 +2687,8 @@
            <notNull><![CDATA[1]]></notNull>
            <uid><![CDATA[A1012D9C-F796-4FF9-8C2C-74C67890BF4F]]></uid>
        </SQLField>
+        <labelWindowIndex><![CDATA[0]]></labelWindowIndex>
+        <ui.treeExpanded><![CDATA[1]]></ui.treeExpanded>
        <uid><![CDATA[F62A9564-0324-4B8A-9C88-DFFDAABE4052]]></uid>
    </SQLTable>
    <SQLDocumentInfo>
@@ -2701,17 +2705,17 @@
        <overviewPanelHidden><![CDATA[0]]></overviewPanelHidden>
        <pageBoundariesVisible><![CDATA[0]]></pageBoundariesVisible>
        <PageGridVisible><![CDATA[0]]></PageGridVisible>
-        <RightSidebarWidth><![CDATA[2274.000000]]></RightSidebarWidth>
+        <RightSidebarWidth><![CDATA[1235.000000]]></RightSidebarWidth>
        <sidebarIndex><![CDATA[2]]></sidebarIndex>
        <snapToGrid><![CDATA[0]]></snapToGrid>
        <SourceSidebarWidth><![CDATA[0.000000]]></SourceSidebarWidth>
        <SQLEditorFileFormatVersion><![CDATA[4]]></SQLEditorFileFormatVersion>
        <uid><![CDATA[58C99A00-06C9-478C-A667-C63842E088F3]]></uid>
-        <windowHeight><![CDATA[954.000000]]></windowHeight>
-        <windowLocationX><![CDATA[-1164.000000]]></windowLocationX>
-        <windowLocationY><![CDATA[1083.000000]]></windowLocationY>
-        <windowScrollOrigin><![CDATA[{0, 0}]]></windowScrollOrigin>
-        <windowWidth><![CDATA[2551.000000]]></windowWidth>
+        <windowHeight><![CDATA[870.000000]]></windowHeight>
+        <windowLocationX><![CDATA[0.000000]]></windowLocationX>
+        <windowLocationY><![CDATA[74.000000]]></windowLocationY>
+        <windowScrollOrigin><![CDATA[{432, 18.5}]]></windowScrollOrigin>
+        <windowWidth><![CDATA[1512.000000]]></windowWidth>
    </SQLDocumentInfo>
    <AllowsIndexRenamingOnInsert><![CDATA[1]]></AllowsIndexRenamingOnInsert>
    <defaultLabelExpanded><![CDATA[1]]></defaultLabelExpanded>
--- a/db/upgrade-jambonz-db.js
+++ b/db/upgrade-jambonz-db.js
@@ -57,6 +57,27 @@ const sql = {
    'ALTER TABLE `voip_carriers` ADD COLUMN `register_from_user` VARCHAR(128)',
    'ALTER TABLE `voip_carriers` ADD COLUMN `register_from_domain` VARCHAR(256)',
    'ALTER TABLE `voip_carriers` ADD COLUMN `register_public_ip_in_contact` BOOLEAN NOT NULL DEFAULT false'
+  ],
+  '8000': [
+    'alter table phone_numbers modify number varchar(132) NOT NULL UNIQUE',
+    `CREATE TABLE permissions
+    (
+    permission_sid CHAR(36) NOT NULL UNIQUE ,
+    name VARCHAR(32) NOT NULL UNIQUE ,
+    description VARCHAR(255),
+    PRIMARY KEY (permission_sid)
+    )`,
+    `CREATE TABLE user_permissions
+    (
+    user_permissions_sid CHAR(36) NOT NULL UNIQUE ,
+    user_sid CHAR(36) NOT NULL,
+    permission_sid CHAR(36) NOT NULL,
+    PRIMARY KEY (user_permissions_sid)
+    )`,
+    'CREATE INDEX user_permissions_sid_idx ON user_permissions (user_permissions_sid)',
+    'CREATE INDEX user_sid_idx ON user_permissions (user_sid)',
+    'ALTER TABLE user_permissions ADD FOREIGN KEY user_sid_idxfk (user_sid) REFERENCES users (user_sid) ON DELETE CASCADE',
+    'ALTER TABLE user_permissions ADD FOREIGN KEY permission_sid_idxfk (permission_sid) REFERENCES permissions (permission_sid)'
  ]
 };

@@ -85,6 +106,7 @@ const doIt = async() => {

        if (val < 7006) upgrades.push(...sql['7006']);
        if (val < 7007) upgrades.push(...sql['7007']);
+        if (val < 8000) upgrades.push(...sql['8000']);

        // perform all upgrades
        logger.info({upgrades}, 'applying schema upgrades..');
--- a/lib/models/user.js
+++ b/lib/models/user.js
@@ -1,13 +1,45 @@
 const Model = require('./model');
 const {promisePool} = require('../db');
-const sqlAccount = 'SELECT * FROM users WHERE account_sid = ?';
-const sqlSP = 'SELECT * FROM users WHERE service_provider_sid = ?';
+const sqlAll = `
+SELECT u.user_sid, u.name, u.email, u.account_sid, u.service_provider_sid, u.is_active, 
+u.force_change, u.phone, u.pending_email, u.provider, u.provider_userid, 
+u.email_activation_code, u.email_validated, 
+sp.name as service_provider_name, acc.name as account_name  
+FROM users u   
+LEFT JOIN service_providers as sp ON u.service_provider_sid = sp.service_provider_sid 
+LEFT JOIN accounts acc ON u.account_sid = acc.account_sid  
+`;
+const sqlAccount = `
+SELECT u.user_sid, u.name, u.email, u.account_sid, u.service_provider_sid, u.is_active, 
+u.force_change, u.phone, u.pending_email, u.provider, u.provider_userid, 
+u.email_activation_code, u.email_validated, 
+sp.name as service_provider_name, acc.name as account_name  
+FROM users u   
+LEFT JOIN service_providers as sp ON u.service_provider_sid = sp.service_provider_sid 
+LEFT JOIN accounts acc ON u.account_sid = acc.account_sid  
+WHERE u.account_sid = ? 
+`;
+const sqlSP = `
+SELECT u.user_sid, u.name, u.email, u.account_sid, u.service_provider_sid, u.is_active, 
+u.force_change, u.phone, u.pending_email, u.provider, u.provider_userid, 
+u.email_activation_code, u.email_validated, 
+sp.name as service_provider_name, acc.name as account_name  
+FROM users u   
+LEFT JOIN service_providers as sp ON u.service_provider_sid = sp.service_provider_sid 
+LEFT JOIN accounts acc ON u.account_sid = acc.account_sid  
+WHERE u.service_provider_sid = ? 
+`;

 class User extends Model {
  constructor() {
    super();
  }

+  static async retrieveAll() {
+    const [rows] = await promisePool.query(sqlAll);
+    return rows;
+  }
+
  static async retrieveAllForAccount(account_sid) {
    const [rows] = await promisePool.query(sqlAccount, [account_sid]);
    return rows;
--- a/lib/routes/api/accounts.js
+++ b/lib/routes/api/accounts.js
@@ -1,6 +1,6 @@
 const router = require('express').Router();
 const request = require('request');
-const {DbErrorBadRequest, DbErrorUnprocessableRequest} = require('../../utils/errors');
+const {DbErrorBadRequest, DbErrorForbidden, DbErrorUnprocessableRequest} = require('../../utils/errors');
 const Account = require('../../models/account');
 const Application = require('../../models/application');
 const Webhook = require('../../models/webhook');
@@ -45,6 +45,21 @@ const stripPort = (hostport) => {
  return hostport;
 };

+const validateUpdateForCarrier = async(req) => {
+  const account_sid = parseAccountSid(req);
+  if (req.user.hasScope('admin')) return ;
+  if (req.user.hasScope('account')) {
+    if (account_sid === req.user.account_sid) return ;
+    throw new DbErrorForbidden('insufficient permissions to update account');
+  }
+  if (req.user.hasScope('service_provider')) {
+    const [r] = await promisePool.execute(
+      'SELECT service_provider_sid from accounts WHERE account_sid = ?', [account_sid]);
+    if (r.length === 1 && r[0].service_provider_sid === req.user.service_provider_sid) return;
+    throw new DbErrorForbidden('insufficient permissions to update account');
+  }
+};
+
 router.use('/:sid/SpeechCredentials', hasAccountPermissions, require('./speech-credentials'));
 router.use('/:sid/RecentCalls', hasAccountPermissions, require('./recent-calls'));
 router.use('/:sid/Alerts', hasAccountPermissions, require('./alerts'));
@@ -72,6 +87,20 @@ router.get('/:sid/VoipCarriers', async(req, res) => {
    sysError(logger, res, err);
  }
 });
+router.put('/:sid/VoipCarriers/:voip_carrier_sid', async(req, res) => {
+  const logger = req.app.locals.logger;
+  try {
+    await validateUpdateForCarrier(req);
+    const rowsAffected = await VoipCarrier.update(req.params.voip_carrier_sid, req.body);
+    if (rowsAffected === 0) {
+      return res.sendStatus(404);
+    }
+    res.status(204).end();
+  } catch (err) {
+    sysError(logger, res, err);
+  }
+});
+
 router.post('/:sid/VoipCarriers', async(req, res) => {
  const logger = req.app.locals.logger;
  const payload = req.body;
--- a/lib/routes/api/login.js
+++ b/lib/routes/api/login.js
@@ -2,6 +2,8 @@ const router = require('express').Router();
 const jwt = require('jsonwebtoken');
 const {verifyPassword} = require('../../utils/password-utils');
 const {promisePool} = require('../../db');
+const Account = require('../../models/account');
+const ServiceProvider = require('../../models/service-provider');
 const sysError = require('../error');
 const retrievePemissionsSql = `
 SELECT p.name 
@@ -37,36 +39,44 @@ router.post('/', async(req, res) => {
      return res.sendStatus(500);
    }

-    if (process.env.JAMBONES_AUTH_USE_JWT) {
-      const [p] = await promisePool.query(retrievePemissionsSql, r[0].user_sid);
-      const permissions = p.map((x) => x.name);
-      const obj = {user_sid: r[0].user_sid, scope: 'admin', force_change, permissions};
-      if (r[0].service_provider_sid && r[0].account_sid) {
-        obj.scope = 'account';
-        obj.service_provider_sid = r[0].service_provider_sid;
-        obj.account_sid = r[0].account_sid;
-      }
-      else if (r[0].service_provider_sid) {
-        obj.scope = 'service_provider';
-        obj.service_provider_sid = r[0].service_provider_sid;
-      }
-      const payload = {
-        scope: obj.scope,
-        permissions,
+    const [p] = await promisePool.query(retrievePemissionsSql, r[0].user_sid);
+    const permissions = p.map((x) => x.name);
+    const obj = {user_sid: r[0].user_sid, scope: 'admin', force_change, permissions};
+    if (r[0].service_provider_sid && r[0].account_sid) {
+      const account = await Account.retrieve(r[0].account_sid);
+      const service_provider = await ServiceProvider.retrieve(r[0].service_provider_sid);
+      obj.scope = 'account';
+      obj.service_provider_sid = r[0].service_provider_sid;
+      obj.account_sid = r[0].account_sid;
+      obj.account_name = account[0].name;
+      obj.service_provider_name = service_provider[0].name;
+    }
+    else if (r[0].service_provider_sid) {
+      const service_provider = await ServiceProvider.retrieve(r[0].service_provider_sid);
+      obj.scope = 'service_provider';
+      obj.service_provider_sid = r[0].service_provider_sid;
+      obj.service_provider_name = service_provider[0].name;
+    }
+    const payload = {
+      scope: obj.scope,
+      permissions,
+      ...(obj.service_provider_sid && {
        service_provider_sid: obj.service_provider_sid,
+        service_provider_name: obj.service_provider_name
+      }),
+      ...(obj.account_sid && {
        account_sid: obj.account_sid,
-        user_sid: obj.user_sid
-      };
-      const token = jwt.sign(
-        payload,
-        process.env.JWT_SECRET,
-        { expiresIn: parseInt(process.env.JWT_EXPIRES_IN || 60) * 60 }
-      );
-      res.json({token, ...obj});
-    }
-    else {
-      res.json({user_sid: r[0].user_sid, force_change, token: t[0].token});
-    }
+        account_name: obj.account_name,
+        service_provider_name: obj.service_provider_name
+      }),
+      user_sid: obj.user_sid
+    };
+    const token = jwt.sign(
+      payload,
+      process.env.JWT_SECRET,
+      { expiresIn: parseInt(process.env.JWT_EXPIRES_IN || 60) * 60 }
+    );
+    res.json({token, ...obj});
  } catch (err) {
    sysError(logger, res, err);
  }
--- a/lib/routes/api/service-providers.js
+++ b/lib/routes/api/service-providers.js
@@ -28,13 +28,28 @@ WHERE voip_carrier_sid IN (
 )`;

 /* only admin users can add a service provider */
-async function validateAdd(req) {
+function validateAdd(req) {
  if (!req.user.hasAdminAuth) {
    throw new DbErrorForbidden('only admin users can add a service provider');
  }
 }

-async function validateUpdate(req) {
+async function validateRetrieve(req) {
+  const service_provider_sid = parseServiceProviderSid(req);
+  if (req.user.hasScope('admin')) return ;
+  if (req.user.hasScope('service_provider')) {
+    if (service_provider_sid === req.user.service_provider_sid) return ;
+  }
+  if (req.user.hasScope('account')) {
+    /* allow account users to retrieve service provider data from parent SP */
+    const sid = req.user.account_sid;
+    const [r] = await promisePool.execute('SELECT service_provider_sid from accounts WHERE account_sid = ?', [sid]);
+    if (r.length === 1 && r[0].service_provider_sid === req.user.service_provider_sid) return;
+  }
+  throw new DbErrorForbidden('insufficient permissions to update service provider');
+}
+
+function validateUpdate(req) {
  if (req.user.hasScope('admin')) return ;
  if (req.user.hasScope('service_provider')) {
    const service_provider_sid = parseServiceProviderSid(req);
@@ -68,8 +83,12 @@ router.use('/:sid/PredefinedCarriers', hasServiceProviderPermissions, require('.
 router.get('/:sid/Accounts', async(req, res) => {
  const logger = req.app.locals.logger;
  try {
+    await validateRetrieve(req);
    const service_provider_sid = parseServiceProviderSid(req);
-    const results = await Account.retrieveAll(service_provider_sid);
+    let results = await Account.retrieveAll(service_provider_sid);
+    if (req.user.hasScope('account')) {
+      results = results.filter((r) => r.account_sid === req.user.account_sid);
+    }
    res.status(200).json(results);
  } catch (err) {
    sysError(logger, res, err);
@@ -78,8 +97,12 @@ router.get('/:sid/Accounts', async(req, res) => {
 router.get('/:sid/Applications', async(req, res) => {
  const logger = req.app.locals.logger;
  try {
+    await validateRetrieve(req);
    const service_provider_sid = parseServiceProviderSid(req);
-    const results = await Application.retrieveAll(service_provider_sid);
+    let results = await Application.retrieveAll(service_provider_sid);
+    if (req.user.hasScope('account')) {
+      results = results.filter((r) => r.account_sid === req.user.account_sid);
+    }
    res.status(200).json(results);
  } catch (err) {
    sysError(logger, res, err);
@@ -88,8 +111,12 @@ router.get('/:sid/Applications', async(req, res) => {
 router.get('/:sid/PhoneNumbers', async(req, res) => {
  const logger = req.app.locals.logger;
  try {
+    await validateRetrieve(req);
    const service_provider_sid = parseServiceProviderSid(req);
-    const results = await PhoneNumber.retrieveAllForSP(service_provider_sid);
+    let results = await PhoneNumber.retrieveAllForSP(service_provider_sid);
+    if (req.user.hasScope('account')) {
+      results = results.filter((r) => r.account_sid === req.user.account_sid);
+    }
    res.status(200).json(results);
  } catch (err) {
    sysError(logger, res, err);
@@ -98,6 +125,7 @@ router.get('/:sid/PhoneNumbers', async(req, res) => {
 router.get('/:sid/VoipCarriers', async(req, res) => {
  const logger = req.app.locals.logger;
  try {
+    await validateRetrieve(req);
    const service_provider_sid = parseServiceProviderSid(req);
    const results = await VoipCarrier.retrieveAllForSP(service_provider_sid);
    res.status(200).json(results);
@@ -108,6 +136,7 @@ router.get('/:sid/VoipCarriers', async(req, res) => {
 router.post('/:sid/VoipCarriers', async(req, res) => {
  const logger = req.app.locals.logger;
  try {
+    validateUpdate(req);
    const service_provider_sid = parseServiceProviderSid(req);
    const uuid = await VoipCarrier.make({...req.body, service_provider_sid});
    res.status(201).json({sid: uuid});
@@ -118,6 +147,7 @@ router.post('/:sid/VoipCarriers', async(req, res) => {
 router.put('/:sid/VoipCarriers/:voip_carrier_sid', async(req, res) => {
  const logger = req.app.locals.logger;
  try {
+    validateUpdate(req);
    const rowsAffected = await VoipCarrier.update(req.params.voip_carrier_sid, req.body);
    if (rowsAffected === 0) {
      return res.sendStatus(404);
@@ -127,21 +157,15 @@ router.put('/:sid/VoipCarriers/:voip_carrier_sid', async(req, res) => {
    sysError(logger, res, err);
  }
 });
-router.get(':sid/Acccounts', async(req, res) => {
-  const logger = req.app.locals.logger;
-  try {
-    const service_provider_sid = parseServiceProviderSid(req);
-    const results = await Account.retrieveAll(service_provider_sid);
-    res.status(200).json(results);
-  } catch (err) {
-    sysError(logger, res, err);
-  }
-});
 router.get('/:sid/ApiKeys', async(req, res) => {
  const logger = req.app.locals.logger;
  const {sid} = req.params;
  try {
-    const results = await ApiKey.retrieveAllForSP(sid);
+    await validateRetrieve(req);
+    let results = await ApiKey.retrieveAllForSP(sid);
+    if (req.user.hasScope('account')) {
+      results = results.filter((r) => r.account_sid === req.user.account_sid);
+    }
    res.status(200).json(results);
    await ApiKey.updateLastUsed(sid);
  } catch (err) {
@@ -153,7 +177,7 @@ router.get('/:sid/ApiKeys', async(req, res) => {
 router.post('/', async(req, res) => {
  const logger = req.app.locals.logger;
  try {
-    await validateAdd(req);
+    validateAdd(req);

    // create webhooks if provided
    const obj = Object.assign({}, req.body);
@@ -208,7 +232,7 @@ router.put('/:sid', async(req, res) => {
  const sid = req.params.sid;
  const logger = req.app.locals.logger;
  try {
-    await validateUpdate(req);
+    validateUpdate(req);

    // create webhooks if provided
    const obj = Object.assign({}, req.body);
--- a/lib/routes/api/users.js
+++ b/lib/routes/api/users.js
@@ -72,10 +72,10 @@ router.get('/', async(req, res) => {
      results = await User.retrieveAll();
    }
    else if (decodedJwt.scope === 'account') {
-      results = await User.retrieveAllForAccount(decodedJwt.account_sid);
+      results = await User.retrieveAllForAccount(decodedJwt.account_sid, true);
    }
    else if (decodedJwt.scope === 'service_provider') {
-      results = await User.retrieveAllForServiceProvider(decodedJwt.service_provider_sid);
+      results = await User.retrieveAllForServiceProvider(decodedJwt.service_provider_sid, true);
    }
    else {
      throw new DbErrorBadRequest(`invalid scope: ${decodedJwt.scope}`);
@@ -84,7 +84,17 @@ router.get('/', async(req, res) => {
    if (results.length === 0) throw new Error('failure retrieving users list');

    usersList = results.map((user) => {
-      const {user_sid, name, email, force_change, is_active, account_sid, service_provider_sid} = user;
+      const {
+        user_sid,
+        name,
+        email,
+        force_change,
+        is_active,
+        account_sid,
+        service_provider_sid,
+        account_name,
+        service_provider_name
+      } = user;
      let scope;
      if (account_sid && service_provider_sid) {
        scope = 'account';
@@ -94,16 +104,19 @@ router.get('/', async(req, res) => {
        scope = 'admin';
      }

-      return {
+      const obj = {
        user_sid,
        name,
        email,
        scope,
        force_change,
        is_active,
-        account_sid,
-        service_provider_sid
+        ...(account_sid && {account_sid}),
+        ...(account_name && {account_name}),
+        ...(service_provider_sid && {service_provider_sid}),
+        ...(service_provider_name && {service_provider_name})
      };
+      return obj;
    });
  } catch (err) {
    sysError(logger, res, err);
@@ -357,7 +370,7 @@ router.post('/', async(req, res) => {
    const email = allUsers.find((e) => e.email === payload.email);
    if (email) {
      logger.debug({payload}, 'user with this email already exists');
-      return res.sendStatus(403);
+      res.status(422).json({msg: 'user with this email already exists'});
    }

    if (decodedJwt.scope === 'admin') {
--- a/package-lock.json
+++ b/package-lock.json
@@ -26,7 +26,7 @@
        "form-urlencoded": "^6.1.0",
        "helmet": "^5.1.0",
        "ibm-watson": "^7.1.2",
-        "jsonwebtoken": "^8.5.1",
+        "jsonwebtoken": "^9.0.0",
        "mailgun.js": "^3.7.3",
        "microsoft-cognitiveservices-speech-sdk": "^1.24.1",
        "mysql2": "^2.3.3",
@@ -3498,6 +3498,54 @@
      "resolved": "https://registry.npmjs.org/@types/node/-/node-10.14.22.tgz",
      "integrity": "sha512-9taxKC944BqoTVjE+UT3pQH0nHZlTvITwfsOZqyc+R3sfJuxaTtxWjfn1K2UlxyPcKHf0rnaXcVFrS9F9vf0bw=="
    },
+    "node_modules/ibm-cloud-sdk-core/node_modules/jsonwebtoken": {
+      "version": "8.5.1",
+      "resolved": "https://registry.npmjs.org/jsonwebtoken/-/jsonwebtoken-8.5.1.tgz",
+      "integrity": "sha512-XjwVfRS6jTMsqYs0EsuJ4LGxXV14zQybNd4L2r0UvbVnSF9Af8x7p5MzbJ90Ioz/9TI41/hTCvznF/loiSzn8w==",
+      "dependencies": {
+        "jws": "^3.2.2",
+        "lodash.includes": "^4.3.0",
+        "lodash.isboolean": "^3.0.3",
+        "lodash.isinteger": "^4.0.4",
+        "lodash.isnumber": "^3.0.3",
+        "lodash.isplainobject": "^4.0.6",
+        "lodash.isstring": "^4.0.1",
+        "lodash.once": "^4.0.0",
+        "ms": "^2.1.1",
+        "semver": "^5.6.0"
+      },
+      "engines": {
+        "node": ">=4",
+        "npm": ">=1.4.28"
+      }
+    },
+    "node_modules/ibm-cloud-sdk-core/node_modules/jsonwebtoken/node_modules/semver": {
+      "version": "5.7.1",
+      "resolved": "https://registry.npmjs.org/semver/-/semver-5.7.1.tgz",
+      "integrity": "sha512-sauaDf/PZdVgrLTNYHRtpXa1iRiKcaebiKQ1BJdpQlWH2lCvexQdX55snPFyK7QzpudqbCI0qXFfOasHdyNDGQ==",
+      "bin": {
+        "semver": "bin/semver"
+      }
+    },
+    "node_modules/ibm-cloud-sdk-core/node_modules/jwa": {
+      "version": "1.4.1",
+      "resolved": "https://registry.npmjs.org/jwa/-/jwa-1.4.1.tgz",
+      "integrity": "sha512-qiLX/xhEEFKUAJ6FiBMbes3w9ATzyk5W7Hvzpa/SLYdxNtng+gcurvrI7TbACjIXlsJyr05/S1oUhZrc63evQA==",
+      "dependencies": {
+        "buffer-equal-constant-time": "1.0.1",
+        "ecdsa-sig-formatter": "1.0.11",
+        "safe-buffer": "^5.0.1"
+      }
+    },
+    "node_modules/ibm-cloud-sdk-core/node_modules/jws": {
+      "version": "3.2.2",
+      "resolved": "https://registry.npmjs.org/jws/-/jws-3.2.2.tgz",
+      "integrity": "sha512-YHlZCB6lMTllWDtSPHz/ZXTsi8S00usEV6v1tjq8tOUZzw7DpSDWVXjXDre6ed1w/pd495ODpHZYSdkRTsa0HA==",
+      "dependencies": {
+        "jwa": "^1.4.1",
+        "safe-buffer": "^5.0.1"
+      }
+    },
    "node_modules/ibm-cloud-sdk-core/node_modules/tough-cookie": {
      "version": "4.1.2",
      "resolved": "https://registry.npmjs.org/tough-cookie/-/tough-cookie-4.1.2.tgz",
@@ -4373,24 +4421,18 @@
      }
    },
    "node_modules/jsonwebtoken": {
-      "version": "8.5.1",
-      "resolved": "https://registry.npmjs.org/jsonwebtoken/-/jsonwebtoken-8.5.1.tgz",
-      "integrity": "sha512-XjwVfRS6jTMsqYs0EsuJ4LGxXV14zQybNd4L2r0UvbVnSF9Af8x7p5MzbJ90Ioz/9TI41/hTCvznF/loiSzn8w==",
+      "version": "9.0.0",
+      "resolved": "https://registry.npmjs.org/jsonwebtoken/-/jsonwebtoken-9.0.0.tgz",
+      "integrity": "sha512-tuGfYXxkQGDPnLJ7SibiQgVgeDgfbPq2k2ICcbgqW8WxWLBAxKQM/ZCu/IT8SOSwmaYl4dpTFCW5xZv7YbbWUw==",
      "dependencies": {
        "jws": "^3.2.2",
-        "lodash.includes": "^4.3.0",
-        "lodash.isboolean": "^3.0.3",
-        "lodash.isinteger": "^4.0.4",
-        "lodash.isnumber": "^3.0.3",
-        "lodash.isplainobject": "^4.0.6",
-        "lodash.isstring": "^4.0.1",
-        "lodash.once": "^4.0.0",
+        "lodash": "^4.17.21",
        "ms": "^2.1.1",
-        "semver": "^5.6.0"
+        "semver": "^7.3.8"
      },
      "engines": {
-        "node": ">=4",
-        "npm": ">=1.4.28"
+        "node": ">=12",
+        "npm": ">=6"
      }
    },
    "node_modules/jsonwebtoken/node_modules/jwa": {
@@ -4413,11 +4455,17 @@
      }
    },
    "node_modules/jsonwebtoken/node_modules/semver": {
-      "version": "5.7.1",
-      "resolved": "https://registry.npmjs.org/semver/-/semver-5.7.1.tgz",
-      "integrity": "sha512-sauaDf/PZdVgrLTNYHRtpXa1iRiKcaebiKQ1BJdpQlWH2lCvexQdX55snPFyK7QzpudqbCI0qXFfOasHdyNDGQ==",
+      "version": "7.3.8",
+      "resolved": "https://registry.npmjs.org/semver/-/semver-7.3.8.tgz",
+      "integrity": "sha512-NB1ctGL5rlHrPJtFDVIVzTyQylMLu9N9VICA6HSFJo8MCGVTMW6gfpicwKmmK/dAjTOrqu5l63JJOpDSrAis3A==",
+      "dependencies": {
+        "lru-cache": "^6.0.0"
+      },
      "bin": {
-        "semver": "bin/semver"
+        "semver": "bin/semver.js"
+      },
+      "engines": {
+        "node": ">=10"
      }
    },
    "node_modules/jsprim": {
@@ -4573,12 +4621,12 @@
    "node_modules/lodash.includes": {
      "version": "4.3.0",
      "resolved": "https://registry.npmjs.org/lodash.includes/-/lodash.includes-4.3.0.tgz",
-      "integrity": "sha1-YLuYqHy5I8aMoeUTJUgzFISfVT8="
+      "integrity": "sha512-W3Bx6mdkRTGtlJISOvVD/lbqjTlPPUDTMnlXZFnVwi9NKJ6tiAk6LVdlhZMm17VZisqhKcgzpO5Wz91PCt5b0w=="
    },
    "node_modules/lodash.isboolean": {
      "version": "3.0.3",
      "resolved": "https://registry.npmjs.org/lodash.isboolean/-/lodash.isboolean-3.0.3.tgz",
-      "integrity": "sha1-bC4XHbKiV82WgC/UOwGyDV9YcPY="
+      "integrity": "sha512-Bz5mupy2SVbPHURB98VAcw+aHh4vRV5IPNhILUCsOzRmsTmSQ17jIuqopAentWoehktxGd9e/hbIXq980/1QJg=="
    },
    "node_modules/lodash.isempty": {
      "version": "4.4.0",
@@ -4588,22 +4636,22 @@
    "node_modules/lodash.isinteger": {
      "version": "4.0.4",
      "resolved": "https://registry.npmjs.org/lodash.isinteger/-/lodash.isinteger-4.0.4.tgz",
-      "integrity": "sha1-YZwK89A/iwTDH1iChAt3sRzWg0M="
+      "integrity": "sha512-DBwtEWN2caHQ9/imiNeEA5ys1JoRtRfY3d7V9wkqtbycnAmTvRRmbHKDV4a0EYc678/dia0jrte4tjYwVBaZUA=="
    },
    "node_modules/lodash.isnumber": {
      "version": "3.0.3",
      "resolved": "https://registry.npmjs.org/lodash.isnumber/-/lodash.isnumber-3.0.3.tgz",
-      "integrity": "sha1-POdoEMWSjQM1IwGsKHMX8RwLH/w="
+      "integrity": "sha512-QYqzpfwO3/CWf3XP+Z+tkQsfaLL/EnUlXWVkIk5FUPc4sBdTehEqZONuyRt2P67PXAk+NXmTBcc97zw9t1FQrw=="
    },
    "node_modules/lodash.isplainobject": {
      "version": "4.0.6",
      "resolved": "https://registry.npmjs.org/lodash.isplainobject/-/lodash.isplainobject-4.0.6.tgz",
-      "integrity": "sha1-fFJqUtibRcRcxpC4gWO+BJf1UMs="
+      "integrity": "sha512-oSXzaWypCMHkPC3NvBEaPHf0KsA5mvPrOPgQWDsbg8n7orZ290M0BmC/jgRZ4vcJ6DTAhjrsSYgdsW/F+MFOBA=="
    },
    "node_modules/lodash.isstring": {
      "version": "4.0.1",
      "resolved": "https://registry.npmjs.org/lodash.isstring/-/lodash.isstring-4.0.1.tgz",
-      "integrity": "sha1-1SfftUVuynzJu5XV2ur4i6VKVFE="
+      "integrity": "sha512-0wJxfxH1wgO3GrbuP+dTTk7op+6L41QCXbGINEmD+ny/G/eCqGzxyCsh7159S+mgDDcoarnBw6PC1PS5+wUGgw=="
    },
    "node_modules/lodash.merge": {
      "version": "4.6.2",
@@ -4614,7 +4662,7 @@
    "node_modules/lodash.once": {
      "version": "4.1.1",
      "resolved": "https://registry.npmjs.org/lodash.once/-/lodash.once-4.1.1.tgz",
-      "integrity": "sha1-DdOXEhPHxW34gJd9UEyI+0cal6w="
+      "integrity": "sha512-Sb487aTOCr9drQVL8pIxOzVhafOjZN9UU54hiN8PU3uAiSV7lx1yYNpbNmex2PK6dSJoNTSJUUswT651yww3Mg=="
    },
    "node_modules/lodash.truncate": {
      "version": "4.4.2",
@@ -10136,6 +10184,49 @@
          "resolved": "https://registry.npmjs.org/@types/node/-/node-10.14.22.tgz",
          "integrity": "sha512-9taxKC944BqoTVjE+UT3pQH0nHZlTvITwfsOZqyc+R3sfJuxaTtxWjfn1K2UlxyPcKHf0rnaXcVFrS9F9vf0bw=="
        },
+        "jsonwebtoken": {
+          "version": "8.5.1",
+          "resolved": "https://registry.npmjs.org/jsonwebtoken/-/jsonwebtoken-8.5.1.tgz",
+          "integrity": "sha512-XjwVfRS6jTMsqYs0EsuJ4LGxXV14zQybNd4L2r0UvbVnSF9Af8x7p5MzbJ90Ioz/9TI41/hTCvznF/loiSzn8w==",
+          "requires": {
+            "jws": "^3.2.2",
+            "lodash.includes": "^4.3.0",
+            "lodash.isboolean": "^3.0.3",
+            "lodash.isinteger": "^4.0.4",
+            "lodash.isnumber": "^3.0.3",
+            "lodash.isplainobject": "^4.0.6",
+            "lodash.isstring": "^4.0.1",
+            "lodash.once": "^4.0.0",
+            "ms": "^2.1.1",
+            "semver": "^5.6.0"
+          },
+          "dependencies": {
+            "semver": {
+              "version": "5.7.1",
+              "resolved": "https://registry.npmjs.org/semver/-/semver-5.7.1.tgz",
+              "integrity": "sha512-sauaDf/PZdVgrLTNYHRtpXa1iRiKcaebiKQ1BJdpQlWH2lCvexQdX55snPFyK7QzpudqbCI0qXFfOasHdyNDGQ=="
+            }
+          }
+        },
+        "jwa": {
+          "version": "1.4.1",
+          "resolved": "https://registry.npmjs.org/jwa/-/jwa-1.4.1.tgz",
+          "integrity": "sha512-qiLX/xhEEFKUAJ6FiBMbes3w9ATzyk5W7Hvzpa/SLYdxNtng+gcurvrI7TbACjIXlsJyr05/S1oUhZrc63evQA==",
+          "requires": {
+            "buffer-equal-constant-time": "1.0.1",
+            "ecdsa-sig-formatter": "1.0.11",
+            "safe-buffer": "^5.0.1"
+          }
+        },
+        "jws": {
+          "version": "3.2.2",
+          "resolved": "https://registry.npmjs.org/jws/-/jws-3.2.2.tgz",
+          "integrity": "sha512-YHlZCB6lMTllWDtSPHz/ZXTsi8S00usEV6v1tjq8tOUZzw7DpSDWVXjXDre6ed1w/pd495ODpHZYSdkRTsa0HA==",
+          "requires": {
+            "jwa": "^1.4.1",
+            "safe-buffer": "^5.0.1"
+          }
+        },
        "tough-cookie": {
          "version": "4.1.2",
          "resolved": "https://registry.npmjs.org/tough-cookie/-/tough-cookie-4.1.2.tgz",
@@ -10782,20 +10873,14 @@
      }
    },
    "jsonwebtoken": {
-      "version": "8.5.1",
-      "resolved": "https://registry.npmjs.org/jsonwebtoken/-/jsonwebtoken-8.5.1.tgz",
-      "integrity": "sha512-XjwVfRS6jTMsqYs0EsuJ4LGxXV14zQybNd4L2r0UvbVnSF9Af8x7p5MzbJ90Ioz/9TI41/hTCvznF/loiSzn8w==",
+      "version": "9.0.0",
+      "resolved": "https://registry.npmjs.org/jsonwebtoken/-/jsonwebtoken-9.0.0.tgz",
+      "integrity": "sha512-tuGfYXxkQGDPnLJ7SibiQgVgeDgfbPq2k2ICcbgqW8WxWLBAxKQM/ZCu/IT8SOSwmaYl4dpTFCW5xZv7YbbWUw==",
      "requires": {
        "jws": "^3.2.2",
-        "lodash.includes": "^4.3.0",
-        "lodash.isboolean": "^3.0.3",
-        "lodash.isinteger": "^4.0.4",
-        "lodash.isnumber": "^3.0.3",
-        "lodash.isplainobject": "^4.0.6",
-        "lodash.isstring": "^4.0.1",
-        "lodash.once": "^4.0.0",
+        "lodash": "^4.17.21",
        "ms": "^2.1.1",
-        "semver": "^5.6.0"
+        "semver": "^7.3.8"
      },
      "dependencies": {
        "jwa": {
@@ -10818,9 +10903,12 @@
          }
        },
        "semver": {
-          "version": "5.7.1",
-          "resolved": "https://registry.npmjs.org/semver/-/semver-5.7.1.tgz",
-          "integrity": "sha512-sauaDf/PZdVgrLTNYHRtpXa1iRiKcaebiKQ1BJdpQlWH2lCvexQdX55snPFyK7QzpudqbCI0qXFfOasHdyNDGQ=="
+          "version": "7.3.8",
+          "resolved": "https://registry.npmjs.org/semver/-/semver-7.3.8.tgz",
+          "integrity": "sha512-NB1ctGL5rlHrPJtFDVIVzTyQylMLu9N9VICA6HSFJo8MCGVTMW6gfpicwKmmK/dAjTOrqu5l63JJOpDSrAis3A==",
+          "requires": {
+            "lru-cache": "^6.0.0"
+          }
        }
      }
    },
@@ -10939,12 +11027,12 @@
    "lodash.includes": {
      "version": "4.3.0",
      "resolved": "https://registry.npmjs.org/lodash.includes/-/lodash.includes-4.3.0.tgz",
-      "integrity": "sha1-YLuYqHy5I8aMoeUTJUgzFISfVT8="
+      "integrity": "sha512-W3Bx6mdkRTGtlJISOvVD/lbqjTlPPUDTMnlXZFnVwi9NKJ6tiAk6LVdlhZMm17VZisqhKcgzpO5Wz91PCt5b0w=="
    },
    "lodash.isboolean": {
      "version": "3.0.3",
      "resolved": "https://registry.npmjs.org/lodash.isboolean/-/lodash.isboolean-3.0.3.tgz",
-      "integrity": "sha1-bC4XHbKiV82WgC/UOwGyDV9YcPY="
+      "integrity": "sha512-Bz5mupy2SVbPHURB98VAcw+aHh4vRV5IPNhILUCsOzRmsTmSQ17jIuqopAentWoehktxGd9e/hbIXq980/1QJg=="
    },
    "lodash.isempty": {
      "version": "4.4.0",
@@ -10954,22 +11042,22 @@
    "lodash.isinteger": {
      "version": "4.0.4",
      "resolved": "https://registry.npmjs.org/lodash.isinteger/-/lodash.isinteger-4.0.4.tgz",
-      "integrity": "sha1-YZwK89A/iwTDH1iChAt3sRzWg0M="
+      "integrity": "sha512-DBwtEWN2caHQ9/imiNeEA5ys1JoRtRfY3d7V9wkqtbycnAmTvRRmbHKDV4a0EYc678/dia0jrte4tjYwVBaZUA=="
    },
    "lodash.isnumber": {
      "version": "3.0.3",
      "resolved": "https://registry.npmjs.org/lodash.isnumber/-/lodash.isnumber-3.0.3.tgz",
-      "integrity": "sha1-POdoEMWSjQM1IwGsKHMX8RwLH/w="
+      "integrity": "sha512-QYqzpfwO3/CWf3XP+Z+tkQsfaLL/EnUlXWVkIk5FUPc4sBdTehEqZONuyRt2P67PXAk+NXmTBcc97zw9t1FQrw=="
    },
    "lodash.isplainobject": {
      "version": "4.0.6",
      "resolved": "https://registry.npmjs.org/lodash.isplainobject/-/lodash.isplainobject-4.0.6.tgz",
-      "integrity": "sha1-fFJqUtibRcRcxpC4gWO+BJf1UMs="
+      "integrity": "sha512-oSXzaWypCMHkPC3NvBEaPHf0KsA5mvPrOPgQWDsbg8n7orZ290M0BmC/jgRZ4vcJ6DTAhjrsSYgdsW/F+MFOBA=="
    },
    "lodash.isstring": {
      "version": "4.0.1",
      "resolved": "https://registry.npmjs.org/lodash.isstring/-/lodash.isstring-4.0.1.tgz",
-      "integrity": "sha1-1SfftUVuynzJu5XV2ur4i6VKVFE="
+      "integrity": "sha512-0wJxfxH1wgO3GrbuP+dTTk7op+6L41QCXbGINEmD+ny/G/eCqGzxyCsh7159S+mgDDcoarnBw6PC1PS5+wUGgw=="
    },
    "lodash.merge": {
      "version": "4.6.2",
@@ -10980,7 +11068,7 @@
    "lodash.once": {
      "version": "4.1.1",
      "resolved": "https://registry.npmjs.org/lodash.once/-/lodash.once-4.1.1.tgz",
-      "integrity": "sha1-DdOXEhPHxW34gJd9UEyI+0cal6w="
+      "integrity": "sha512-Sb487aTOCr9drQVL8pIxOzVhafOjZN9UU54hiN8PU3uAiSV7lx1yYNpbNmex2PK6dSJoNTSJUUswT651yww3Mg=="
    },
    "lodash.truncate": {
      "version": "4.4.2",
--- a/package.json
+++ b/package.json
@@ -5,7 +5,7 @@
  "main": "app.js",
  "scripts": {
    "start": "node app.js",
-    "test": "NODE_ENV=test JAMBONES_AUTH_USE_JWT=1 APPLY_JAMBONZ_DB_LIMITS=1 JWT_SECRET=foobarbazzle JAMBONES_MYSQL_HOST=127.0.0.1 JAMBONES_MYSQL_PORT=3360 JAMBONES_MYSQL_USER=jambones_test JAMBONES_MYSQL_PASSWORD=jambones_test JAMBONES_MYSQL_DATABASE=jambones_test JAMBONES_REDIS_HOST=localhost JAMBONES_REDIS_PORT=16379 JAMBONES_TIME_SERIES_HOST=127.0.0.1 JAMBONES_LOGLEVEL=error JAMBONES_CREATE_CALL_URL=http://localhost/v1/createCall K8S=true K8S_FEATURE_SERVER_SERVICE_NAME=127.0.0.1 K8S_FEATURE_SERVER_SERVICE_PORT=3100 node test/ ",
+    "test": "NODE_ENV=test APPLY_JAMBONZ_DB_LIMITS=1 JWT_SECRET=foobarbazzle JAMBONES_MYSQL_HOST=127.0.0.1 JAMBONES_MYSQL_PORT=3360 JAMBONES_MYSQL_USER=jambones_test JAMBONES_MYSQL_PASSWORD=jambones_test JAMBONES_MYSQL_DATABASE=jambones_test JAMBONES_REDIS_HOST=localhost JAMBONES_REDIS_PORT=16379 JAMBONES_TIME_SERIES_HOST=127.0.0.1 JAMBONES_LOGLEVEL=error JAMBONES_CREATE_CALL_URL=http://localhost/v1/createCall K8S=true K8S_FEATURE_SERVER_SERVICE_NAME=127.0.0.1 K8S_FEATURE_SERVER_SERVICE_PORT=3100 node test/ ",
    "integration-test": "NODE_ENV=test JAMBONES_AUTH_USE_JWT=1 JAMBONES_TIME_SERIES_HOST=127.0.0.1 AWS_REGION='us-east-1' JAMBONES_CURRENCY=USD JWT_SECRET=foobarbazzle JAMBONES_MYSQL_HOST=127.0.0.1 JAMBONES_MYSQL_PORT=3360 JAMBONES_MYSQL_USER=jambones_test JAMBONES_MYSQL_PASSWORD=jambones_test JAMBONES_MYSQL_DATABASE=jambones_test JAMBONES_REDIS_HOST=localhost JAMBONES_REDIS_PORT=16379 JAMBONES_LOGLEVEL=debug JAMBONES_CREATE_CALL_URL=http://localhost/v1/createCall node test/serve-integration.js",
    "upgrade-db": "node ./db/upgrade-jambonz-db.js",
    "coverage": "./node_modules/.bin/nyc --reporter html --report-dir ./coverage npm run test",
@@ -35,7 +35,7 @@
    "form-urlencoded": "^6.1.0",
    "helmet": "^5.1.0",
    "ibm-watson": "^7.1.2",
-    "jsonwebtoken": "^8.5.1",
+    "jsonwebtoken": "^9.0.0",
    "mailgun.js": "^3.7.3",
    "microsoft-cognitiveservices-speech-sdk": "^1.24.1",
    "mysql2": "^2.3.3",
Author	SHA1	Message	Date
Dave Horton	e42634d726	error case: creating user with duplicate email, return json with msg for toast	2022-12-26 13:19:24 -06:00
Dave Horton	5a9e22df5e	add PUT for Account level Carrier	2022-12-26 11:14:41 -06:00
Dave Horton	e75eae4e24	Bugfix/fix permissions (#89 ) * protect service provider data retrieval so only admin users and appropriate service provider users can access * allow accounts to access ServiceProvider API but filter response data so they dont see other accounts or data they should not	2022-12-25 14:52:57 -06:00
Snyk bot	2000e7de90	fix: package.json & package-lock.json to reduce vulnerabilities (#88 ) The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-JSONWEBTOKEN-3180020 - https://snyk.io/vuln/SNYK-JS-JSONWEBTOKEN-3180022 - https://snyk.io/vuln/SNYK-JS-JSONWEBTOKEN-3180024 - https://snyk.io/vuln/SNYK-JS-JSONWEBTOKEN-3180026	2022-12-22 12:01:04 -06:00
Dave Horton	317a094b3e	return account name and sp name in getUsers (#87 )	2022-12-19 15:05:35 -05:00
Dave Horton	86953b9524	encode account name and sp name as part of jwt (#86 )	2022-12-19 08:50:23 -05:00
Dave Horton	c6fd24bc13	restore service_provider_limits.category enum and same for account	2022-12-14 19:50:20 -05:00
Dave Horton	21a81c224f	switch to jwt auth	2022-12-12 21:06:11 -05:00
Dave Horton	59445d62cc	upgrade script needs to create permissions table	2022-12-12 21:03:30 -05:00
Dave Horton	4a78c5c1fc	allow numbers of up to 132 chars in phone_number table	2022-12-12 13:12:54 -05:00