From ae54a183c77cd58b3c17e877e4c855af9eb0318a Mon Sep 17 00:00:00 2001 From: Pierre Lehnen <55164754+pierre-lehnen-rc@users.noreply.github.com> Date: Wed, 18 Sep 2024 13:03:58 -0300 Subject: [PATCH] feat: add new permission for freeswitch voip endpoints (#33310) --- apps/meteor/app/api/server/lib/users.ts | 31 ++++++++++--------- .../server/constant/permissions.ts | 7 +++++ .../api-enterprise/server/voip-freeswitch.ts | 8 ++--- packages/i18n/src/locales/en.i18n.json | 6 ++++ 4 files changed, 33 insertions(+), 19 deletions(-) diff --git a/apps/meteor/app/api/server/lib/users.ts b/apps/meteor/app/api/server/lib/users.ts index 1d7371c38659..0289f1fe5ff5 100644 --- a/apps/meteor/app/api/server/lib/users.ts +++ b/apps/meteor/app/api/server/lib/users.ts @@ -143,21 +143,6 @@ export async function findPaginatedUsersByStatus({ hasLoggedIn, type, }: FindPaginatedUsersByStatusProps) { - const projection = { - name: 1, - username: 1, - emails: 1, - roles: 1, - status: 1, - active: 1, - avatarETag: 1, - lastLogin: 1, - type: 1, - reason: 1, - federated: 1, - freeSwitchExtension: 1, - }; - const actualSort: Record = sort || { username: 1 }; if (sort?.status) { actualSort.active = sort.status; @@ -184,6 +169,22 @@ export async function findPaginatedUsersByStatus({ } const canSeeAllUserInfo = await hasPermissionAsync(uid, 'view-full-other-user-info'); + const canSeeExtension = canSeeAllUserInfo || (await hasPermissionAsync(uid, 'view-user-voip-extension')); + + const projection = { + name: 1, + username: 1, + emails: 1, + roles: 1, + status: 1, + active: 1, + avatarETag: 1, + lastLogin: 1, + type: 1, + reason: 1, + federated: 1, + ...(canSeeExtension ? { freeSwitchExtension: 1 } : {}), + }; match.$or = [ ...(canSeeAllUserInfo ? [{ 'emails.address': { $regex: escapeRegExp(searchTerm || ''), $options: 'i' } }] : []), diff --git a/apps/meteor/app/authorization/server/constant/permissions.ts b/apps/meteor/app/authorization/server/constant/permissions.ts index 46d40713bad1..f57943412fb4 100644 --- a/apps/meteor/app/authorization/server/constant/permissions.ts +++ b/apps/meteor/app/authorization/server/constant/permissions.ts @@ -208,6 +208,13 @@ export const permissions = [ // allows to receive a voip call { _id: 'inbound-voip-calls', roles: ['livechat-agent'] }, + // Allow managing team collab voip extensions + { _id: 'manage-voip-extensions', roles: ['admin'] }, + // Allow viewing the extension number of other users + { _id: 'view-user-voip-extension', roles: ['admin', 'user'] }, + // Allow viewing details of an extension + { _id: 'view-voip-extension-details', roles: ['admin', 'user'] }, + { _id: 'remove-livechat-department', roles: ['livechat-manager', 'admin'] }, { _id: 'manage-apps', roles: ['admin'] }, { _id: 'post-readonly', roles: ['admin', 'owner', 'moderator'] }, diff --git a/apps/meteor/ee/app/api-enterprise/server/voip-freeswitch.ts b/apps/meteor/ee/app/api-enterprise/server/voip-freeswitch.ts index 8094c31981f7..dc2a108989fd 100644 --- a/apps/meteor/ee/app/api-enterprise/server/voip-freeswitch.ts +++ b/apps/meteor/ee/app/api-enterprise/server/voip-freeswitch.ts @@ -13,7 +13,7 @@ import { settings } from '../../../../app/settings/server/cached'; API.v1.addRoute( 'voip-freeswitch.extension.list', - { authRequired: true, permissionsRequired: ['manage-voip-call-settings'], validateParams: isVoipFreeSwitchExtensionListProps }, + { authRequired: true, permissionsRequired: ['manage-voip-extensions'], validateParams: isVoipFreeSwitchExtensionListProps }, { async get() { const { username, type = 'all' } = this.queryParams; @@ -55,7 +55,7 @@ API.v1.addRoute( API.v1.addRoute( 'voip-freeswitch.extension.assign', - { authRequired: true, permissionsRequired: ['manage-voip-call-settings'], validateParams: isVoipFreeSwitchExtensionAssignProps }, + { authRequired: true, permissionsRequired: ['manage-voip-extensions'], validateParams: isVoipFreeSwitchExtensionAssignProps }, { async post() { const { extension, username } = this.bodyParams; @@ -86,7 +86,7 @@ API.v1.addRoute( API.v1.addRoute( 'voip-freeswitch.extension.getDetails', - { authRequired: true, permissionsRequired: ['manage-voip-call-settings'], validateParams: isVoipFreeSwitchExtensionGetDetailsProps }, + { authRequired: true, permissionsRequired: ['view-voip-extension-details'], validateParams: isVoipFreeSwitchExtensionGetDetailsProps }, { async get() { const { extension, group } = this.queryParams; @@ -112,7 +112,7 @@ API.v1.addRoute( API.v1.addRoute( 'voip-freeswitch.extension.getRegistrationInfoByUserId', - { authRequired: true, permissionsRequired: ['manage-voip-call-settings'], validateParams: isVoipFreeSwitchExtensionGetInfoProps }, + { authRequired: true, permissionsRequired: ['view-user-voip-extension'], validateParams: isVoipFreeSwitchExtensionGetInfoProps }, { async get() { const { userId } = this.queryParams; diff --git a/packages/i18n/src/locales/en.i18n.json b/packages/i18n/src/locales/en.i18n.json index d5f6ea820fc5..b5183f2afac2 100644 --- a/packages/i18n/src/locales/en.i18n.json +++ b/packages/i18n/src/locales/en.i18n.json @@ -3467,6 +3467,8 @@ "manage-user-status_description": "Permission to manage the server custom user statuses", "manage-voip-call-settings": "Manage Voip Call Settings", "manage-voip-call-settings_description": "Permission to manage voip call settings", + "manage-voip-extensions": "Manage Voip Extensions", + "manage-voip-extensions_description": "Permission to manage voip extensions assigned to users", "manage-voip-contact-center-settings": "Manage Voip Contact Center Settings", "manage-voip-contact-center-settings_description": "Permission to manage voip contact center settings", "Manage_Omnichannel": "Manage Omnichannel", @@ -5904,6 +5906,10 @@ "view-statistics_description": "Permission to view system statistics such as number of users logged in, number of rooms, operating system information", "view-user-administration": "View User Administration", "view-user-administration_description": "Permission to partial, read-only list view of other user accounts currently logged into the system. No user account information is accessible with this permission", + "view-user-voip-extension": "View User VoIP Extension", + "view-user-voip-extension_description": "Permission to view user's assigned VoIP Extension", + "view-voip-extension-details": "View VoIP Extension Details", + "view-voip-extension-details_description": "Permission to view the details associated with VoIP extensions", "Viewing_room_administration": "Viewing room administration", "Visibility": "Visibility", "Visible": "Visible",