mirrors/flexisip-account-manager
1
0
Fork 0
mirror of https://gitlab.linphone.org/BC/public/flexisip-account-manager.git synced 2026-01-17 10:08:05 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

Fix cases where alias and username can both be phone numbers but different

Browse source 
Update the views and add a test for FlexiAPI
Update the dependencies
This commit is contained in:
Timothée Jaussoin 2022-03-07 14:11:09 +01:00
parent dfd1afcb81
commit 88e2e049c4
13 changed files with 520 additions and 300 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

9
flexiapi/app/Http/Controllers/Account/RegisterController.php
View file

@ -30,11 +30,12 @@ use Carbon\Carbon;
use App\Account; use App\Account;
use App\Alias; use App\Alias;
use App\Rules\WithoutSpaces; use App\Rules\WithoutSpaces;
use App\Rules\IsNotPhoneNumber;
use App\Rules\NoUppercase;
use App\Helpers\Utils; use App\Helpers\Utils;
use App\Libraries\OvhSMS; use App\Libraries\OvhSMS;
use App\Mail\RegisterConfirmation; use App\Mail\RegisterConfirmation;
use App\Mail\NewsletterRegistration; use App\Mail\NewsletterRegistration;
use App\Rules\NoUppercase;
class RegisterController extends Controller class RegisterController extends Controller
{ {
@ -78,7 +79,8 @@ class RegisterController extends Controller
$query->where('domain', config('app.sip_domain')); $query->where('domain', config('app.sip_domain'));
}), }),
'filled', 'filled',
new WithoutSpaces new WithoutSpaces,
new IsNotPhoneNumber,
], ],
'g-recaptcha-response' => 'required|captcha', 'g-recaptcha-response' => 'required|captcha',
'email' => 'required|email|confirmed' 'email' => 'required|email|confirmed'
@ -123,7 +125,8 @@ class RegisterController extends Controller
$query->where('domain', config('app.sip_domain')); $query->where('domain', config('app.sip_domain'));
}), }),
'nullable', 'nullable',
new WithoutSpaces new WithoutSpaces,
new IsNotPhoneNumber,
], ],
'phone' => [ 'phone' => [
'required', 'unique:aliases,alias', 'required', 'unique:aliases,alias',

2
flexiapi/app/Http/Controllers/Api/AccountController.php
View file

@ -31,6 +31,7 @@ use App\Account;
use App\AccountTombstone; use App\AccountTombstone;
use App\Token; use App\Token;
use App\Http\Controllers\Account\AuthenticateController as WebAuthenticateController; use App\Http\Controllers\Account\AuthenticateController as WebAuthenticateController;
use App\Rules\IsNotPhoneNumber;
use App\Rules\NoUppercase; use App\Rules\NoUppercase;
class AccountController extends Controller class AccountController extends Controller
@ -54,6 +55,7 @@ class AccountController extends Controller
'username' => [ 'username' => [
'required', 'required',
new NoUppercase, new NoUppercase,
new IsNotPhoneNumber,
Rule::unique('accounts', 'username')->where(function ($query) use ($request) { Rule::unique('accounts', 'username')->where(function ($query) use ($request) {
$query->where('domain', $request->has('domain') && config('app.everyone_is_admin') && config('app.admins_manage_multi_domains') $query->where('domain', $request->has('domain') && config('app.everyone_is_admin') && config('app.admins_manage_multi_domains')
? $request->get('domain') ? $request->get('domain')

4
flexiapi/app/Http/Controllers/Api/Admin/AccountController.php
View file

@ -33,6 +33,8 @@ use App\ActivationExpiration;
use App\Admin; use App\Admin;
use App\Alias; use App\Alias;
use App\Http\Controllers\Account\AuthenticateController as WebAuthenticateController; use App\Http\Controllers\Account\AuthenticateController as WebAuthenticateController;
use App\Rules\IsNotPhoneNumber;
use App\Rules\NoUppercase;
use App\Rules\WithoutSpaces; use App\Rules\WithoutSpaces;
class AccountController extends Controller class AccountController extends Controller
@ -95,6 +97,8 @@ class AccountController extends Controller
$request->validate([ $request->validate([
'username' => [ 'username' => [
'required', 'required',
new NoUppercase,
new IsNotPhoneNumber,
Rule::unique('accounts', 'username')->where(function ($query) use ($request) { Rule::unique('accounts', 'username')->where(function ($query) use ($request) {
$query->where('domain', $request->has('domain') && config('app.admins_manage_multi_domains') $query->where('domain', $request->has('domain') && config('app.admins_manage_multi_domains')
? $request->get('domain') ? $request->get('domain')

19
flexiapi/app/Rules/IsNotPhoneNumber.php Normal file
View file

@ -0,0 +1,19 @@
<?php
namespace App\Rules;
use Illuminate\Contracts\Validation\Rule;
use Respect\Validation\Validator;
class IsNotPhoneNumber implements Rule
{
public function passes($attribute, $value): bool
{
return (Validator::not(Validator::phone())->not(Validator::startsWith('+'))->noWhitespace()->validate($value));
}
public function message()
{
return 'The :attribute should not be a phone number';
}
}

3
flexiapi/composer.json
View file

@ -18,7 +18,8 @@
"laravelcollective/html": "^6.2", "laravelcollective/html": "^6.2",
"ovh/ovh": "^2.0", "ovh/ovh": "^2.0",
"parsedown/laravel": "^1.2", "parsedown/laravel": "^1.2",
"react/socket": "^1.10" "react/socket": "^1.10",
"respect/validation": "^2.2"
}, },
"require-dev": { "require-dev": {
"barryvdh/laravel-debugbar": "^3.6", "barryvdh/laravel-debugbar": "^3.6",

743
flexiapi/composer.lock generated
View file

File diff suppressed because it is too large Load diff

7
flexiapi/public/css/bootstrap.min.css vendored Normal file
View file

File diff suppressed because one or more lines are too long

2
flexiapi/resources/views/account/register/email.blade.php
View file

@ -16,7 +16,7 @@
<span class="input-group-text" id="basic-addon2">{{ $domain }}</span> <span class="input-group-text" id="basic-addon2">{{ $domain }}</span>
</div> </div>
</div> </div>
<small class="form-text text-muted mb-3">Capital letters are not allowed</small> <small class="form-text text-muted mb-3">Shoudn't be a phone number. Capital letters are not allowed.</small>
</div> </div>
<hr /> <hr />

2
flexiapi/resources/views/account/register/phone.blade.php
View file

@ -21,7 +21,7 @@
<span class="input-group-text" id="basic-addon2">{{ $domain }}</span> <span class="input-group-text" id="basic-addon2">{{ $domain }}</span>
</div> </div>
</div> </div>
<small class="form-text text-muted mb-3">Capital letters are not allowed</small> <small class="form-text text-muted mb-3">Shoudn't be a phone number. Capital letters are not allowed.</small>
</div> </div>
@include('parts.terms') @include('parts.terms')

2
flexiapi/resources/views/layouts/base.blade.php
View file

@ -6,7 +6,7 @@
<meta name="viewport" content="width=device-width, initial-scale=1"> <meta name="viewport" content="width=device-width, initial-scale=1">
<title>{{ config('app.name') }}</title> <title>{{ config('app.name') }}</title>
<link rel="stylesheet" href="https://stackpath.bootstrapcdn.com/bootstrap/4.4.1/css/bootstrap.min.css" integrity="sha384-Vkoo8x4CGsO3+Hhxv8T/Q5PaXtkKtu6ug5TOeNV6gBiFeWPGFN9MuhOf23Q9Ifjh" crossorigin="anonymous"> <link rel="stylesheet" href="{{ asset('css/bootstrap.min.css') }}" integrity="sha384-Vkoo8x4CGsO3+Hhxv8T/Q5PaXtkKtu6ug5TOeNV6gBiFeWPGFN9MuhOf23Q9Ifjh" crossorigin="anonymous">
@if (config('instance.custom_theme')) @if (config('instance.custom_theme'))
@if (file_exists(public_path('css/'.config('app.env').'.style.css'))) @if (file_exists(public_path('css/'.config('app.env').'.style.css')))
<link rel="stylesheet" type="text/css" href="{{ asset('css/'.config('app.env').'.style.css') }}" > <link rel="stylesheet" type="text/css" href="{{ asset('css/'.config('app.env').'.style.css') }}" >

21
flexiapi/tests/Feature/AccountApiTest.php
View file

@ -88,6 +88,27 @@ class AccountApiTest extends TestCase
]); ]);
} }
public function testUsernameNotPhone()
{
$admin = Admin::factory()->create();
$password = $admin->account->passwords()->first();
$password->account->generateApiKey();
$password->account->save();
$username = '+33612121212';
$domain = 'example.com';
$response = $this->keyAuthenticated($password->account)
->json($this->method, $this->route, [
'username' => $username,
'domain' => $domain,
'algorithm' => 'SHA-256',
'password' => '123456',
]);
$response->assertStatus(422);
}
public function testDomain() public function testDomain()
{ {
$configDomain = 'sip.domain.com'; $configDomain = 'sip.domain.com';

2
flexisip-account-manager.spec
View file

@ -8,7 +8,7 @@
#%define _datadir %{_datarootdir} #%define _datadir %{_datarootdir}
#%define _docdir %{_datadir}/doc #%define _docdir %{_datadir}/doc
%define build_number 131 %define build_number 132
%define var_dir /var/opt/belledonne-communications %define var_dir /var/opt/belledonne-communications
%define opt_dir /opt/belledonne-communications/share/flexisip-account-manager %define opt_dir /opt/belledonne-communications/share/flexisip-account-manager

4
src/xmlrpc/accounts_phone.php
View file

@ -53,6 +53,10 @@ function xmlrpc_create_phone_account($method, $args)
return ALGO_NOT_SUPPORTED; return ALGO_NOT_SUPPORTED;
} }
if (startswith($user, "+") && $user != $phone) {
return ALIAS_DOESNT_MATCH;
}
if (!check_parameter($user)) { if (!check_parameter($user)) {
$user = $phone; $user = $phone;
} }