Skip to content

Commit

Permalink
Loopback info (2600hz#6005)
Browse files Browse the repository at this point in the history 
* get real key for channel loopback

* set loopback channel properties

* don't use amqp worker in rate

* remove extra code from j5

* set authz boolean types

* Is-Authorized
* Global-Resource
* Soft-Limit

* spawn authorize_channel

event stream will execute the publish at end
authorize_channel will make sync call to j5
and channel is not there yet

* include reseller in endpoint properties

* update tests for pqc_j5_channels

* soft-limit is now a boolean

* add sleep time for pqc_j5_channels

* because channel_destroy is handled in cast
  and total_calls is a direct read from ets
  without going thru serialization

* j5 whitespace
  • Loading branch information
@lazedo @icehess
lazedo authored and icehess committed Sep 4, 2019
1 parent 268737b commit d0b1d83
Show file tree
Hide file tree
Showing 15 changed files with 227 additions and 258 deletions.
7 changes: 5 additions & 2 deletions applications/ecallmgr/src/ecallmgr_fs_xml.erl
View file
Original file line number Diff line number Diff line change
Expand Up @@ -752,8 +752,11 @@ diversion_header_fold(<<_/binary>> = V, Vars0) ->
-spec kazoo_var_to_fs_var_fold(kz_json:path(), kz_json:json_term(), iolist()) -> iolist().
kazoo_var_to_fs_var_fold(<<"Force-Fax">>, Direction, Acc) ->
[<<"execute_on_answer='t38_gateway ", Direction/binary, "'">>|Acc];
kazoo_var_to_fs_var_fold(<<?CHANNEL_LOOPBACK_HEADER_PREFIX, _/binary>>=K, V, Acc) ->
[list_to_binary([kz_term:to_list(K), "='", kz_term:to_list(V), "'"]) |Acc];

kazoo_var_to_fs_var_fold(<<?CHANNEL_LOOPBACK_HEADER_PREFIX, K/binary>>, V, Acc) ->
Key = <<?CHANNEL_LOOPBACK_HEADER_PREFIX, (ecallmgr_util:get_fs_key(K))/binary>>,
[list_to_binary([kz_term:to_list(Key), "='", kz_term:to_list(V), "'"]) |Acc];

kazoo_var_to_fs_var_fold(<<"Channel-Actions">>, Actions, Acc) ->
[Actions |Acc];
kazoo_var_to_fs_var_fold(K, V, Acc) ->
Expand Down
5 changes: 4 additions & 1 deletion applications/ecallmgr/src/ecallmgr_util.erl
View file
Original file line number Diff line number Diff line change
Expand Up @@ -543,7 +543,10 @@ get_fs_key(?CCV(Key)) -> get_fs_key(Key);
get_fs_key(?CAV(_)=CAV) -> CAV;
get_fs_key(?JSON_CAV(_)=JSONCAV) -> JSONCAV;
get_fs_key(<<"X-", _/binary>>=Key) -> <<"sip_h_", Key/binary>>;
get_fs_key(<<?CHANNEL_LOOPBACK_HEADER_PREFIX, _/binary>>=Key) -> Key;

get_fs_key(<<?CHANNEL_LOOPBACK_HEADER_PREFIX, K/binary>>) ->
<<?CHANNEL_LOOPBACK_HEADER_PREFIX, (get_fs_key(K))/binary>>;

get_fs_key(Key) ->
case lists:keyfind(Key, 1, ?SPECIAL_CHANNEL_VARS) of
'false' -> ?CCV(Key);
Expand Down
2 changes: 1 addition & 1 deletion applications/ecallmgr/src/event_stream/ecallmgr_fs_channel_stream.erl
View file
Original file line number Diff line number Diff line change
Expand Up @@ -112,7 +112,7 @@ channel_unhold(#{call_id := UUID}) ->
%%------------------------------------------------------------------------------
maybe_authorize_channel(Node, UUID, JObj) ->
case kz_json:get_value([<<"Custom-Channel-Vars">>, <<"Ecallmgr-Node">>], JObj) =:= kz_term:to_binary(node()) of
'true' -> authorize_channel(Node, UUID, JObj);
'true' -> kz_util:spawn(fun authorize_channel/3, [Node, UUID, JObj]);
'false' -> 'ok'
end.

Expand Down
2 changes: 1 addition & 1 deletion applications/hotornot/src/hon_rater.erl
View file
Original file line number Diff line number Diff line change
Expand Up @@ -52,7 +52,7 @@ publish_no_rate_found(RateReq) ->
| kz_api:default_headers(?APP_NAME, ?APP_VERSION)
],
lager:debug("publishing empty ~srate resp for ~s(~s)", [maybe_empty_mobile_log(RateReq), ServerId, MsgId]),
kz_amqp_worker:cast(Resp, fun(P) -> kapi_rate:publish_resp(ServerId, P) end).
kapi_rate:publish_resp(ServerId, Resp).

-spec maybe_empty_mobile_log(kapi_rate:req()) -> string().
maybe_empty_mobile_log(RateReq) ->
Expand Down
160 changes: 8 additions & 152 deletions applications/jonny5/src/j5_authz_req.erl
View file
Original file line number Diff line number Diff line change
Expand Up @@ -16,154 +16,25 @@

-spec handle_req(kapi_authz:req(), kz_term:proplist()) -> any().
handle_req(JObj, _) ->
'true' = kapi_authz:authz_req_v(JObj),
kz_util:put_callid(JObj),
maybe_determine_account_id(j5_request:from_jobj(JObj)).

-spec maybe_determine_account_id(j5_request:request()) -> 'ok'.
maybe_determine_account_id(Request) ->
case j5_request:account_id(Request) of
'undefined' -> determine_account_id(Request);
_Else -> maybe_account_limited(Request)
end.

-spec determine_account_id(j5_request:request()) -> 'ok'.
determine_account_id(Request) ->
case j5_request:caller_network_address(Request) of
'undefined' -> determine_account_id_from_number(Request);
IP -> determine_account_id_from_ip(Request, IP)
end.

-spec determine_account_id_from_ip(j5_request:request(), kz_term:ne_binary()) -> 'ok'.
determine_account_id_from_ip(Request, IP) ->
case kapps_util:get_ccvs_by_ip(IP) of
{'ok', AccountCCVs} ->
maybe_inbound_account_by_ip(j5_request:from_ccvs(Request, AccountCCVs), IP);
{'error', 'not_found'} ->
lager:debug("auth for IP ~s not found, trying number", [IP]),
determine_account_id_from_number(Request)
end.

-spec maybe_inbound_account_by_ip(j5_request:request(), kz_term:ne_binary()) -> 'ok'.
maybe_inbound_account_by_ip(Request, IP) ->
AuthorizingType =
kz_json:get_value(<<"Authorizing-Type">>, j5_request:ccvs(Request)),
case j5_request:call_direction(Request) =:= <<"inbound">>
andalso lists:member(AuthorizingType, ?INBOUND_ACCOUNT_TYPES)
of
'true' -> inbound_account_by_ip(Request, IP);
'false' ->
lager:debug("source IP ~s authorizing type requires authorization", [IP]),
maybe_account_limited(Request)
end.

-spec inbound_account_by_ip(j5_request:request(), kz_term:ne_binary()) -> 'ok'.
inbound_account_by_ip(Request, IP) ->
AccountId = j5_request:account_id(Request),
lager:debug("source IP ~s belongs to account ~s, allowing"
,[IP, AccountId]
),
Routines = [fun(R) ->
ResellerId = kz_services_reseller:get_id(AccountId),
j5_request:set_reseller_id(ResellerId, R)
end
,fun(R) -> j5_request:authorize_account(<<"limits_disabled">>, R) end
,fun(R) -> j5_request:authorize_reseller(<<"limits_disabled">>, R) end
],
send_response(lists:foldl(fun(F, R) -> F(R) end, Request, Routines)).

-spec determine_account_id_from_number(j5_request:request()) -> 'ok'.
determine_account_id_from_number(Request) ->
Number = j5_request:number(Request),
case knm_number:lookup_account(Number) of
{'ok', AccountId, Props} ->
lager:debug("number ~s belongs to ~s", [Number, AccountId]),
Routines = [fun(R) -> j5_request:set_account_id(AccountId, R) end
,fun(R) ->
ResellerId = kz_services_reseller:get_id(AccountId),
j5_request:set_reseller_id(ResellerId, R)
end
],
maybe_local_resource(Props, lists:foldl(fun(F, R) -> F(R) end, Request, Routines));
{'error', {'account_disabled', AccountId}} ->
lager:debug("account ~s is disabled", [AccountId]),
Routines = [fun(R) -> j5_request:set_account_id(AccountId, R) end
,fun(R) ->
ResellerId = kz_services_reseller:get_id(AccountId),
j5_request:set_reseller_id(ResellerId, R)
end
,fun(R) -> j5_request:deny_account(<<"disabled">>, R) end
],
send_response(lists:foldl(fun(F, R) -> F(R) end, Request, Routines));
{'error', _R} ->
lager:debug("unable to determine account id for ~s: ~p"
,[Number, _R]
),
'ok'
end.

-spec maybe_local_resource(knm_number_options:extra_options(), j5_request:request()) -> 'ok'.
maybe_local_resource( Props, Request) ->
case knm_number_options:is_local_number(Props) of
'true' -> maybe_authz_local_resource(Request);
'false' ->
maybe_account_limited(Request)
end.

-spec maybe_authz_local_resource(j5_request:request()) -> 'ok'.
maybe_authz_local_resource(Request) ->
case should_authz_local(Request) of
'false' -> allow_local_resource(Request);
'true' ->
lager:debug("authz_local_resources enabled, applying limits for local numbers"),
maybe_account_limited(Request)
end.

-spec allow_local_resource(j5_request:request()) -> 'ok'.
allow_local_resource(Request) ->
Number = j5_request:number(Request),
lager:debug("number ~s is a local number for account ~s, allowing"
,[Number, j5_request:account_id(Request)]
),
Routines = [fun(R) -> j5_request:authorize_account(<<"limits_disabled">>, R) end
,fun(R) -> j5_request:authorize_reseller(<<"limits_disabled">>, R) end
],
send_response(lists:foldl(fun(F, R) -> F(R) end, Request, Routines)).

-spec should_authz_local(j5_request:request()) -> boolean().
should_authz_local(Request) ->
Node = j5_request:node(Request),
kapps_config:get_is_true(<<"ecallmgr">>, <<"authz_local_resources">>, 'false', Node).
'true' = kapi_authz:authz_req_v(JObj),
Request = j5_request:from_jobj(JObj),
maybe_account_limited(Request).

-spec maybe_account_limited(j5_request:request()) -> 'ok'.
maybe_account_limited(Request) ->
AccountId = j5_request:account_id(Request),
Limits = j5_limits:get(AccountId),
R = maybe_authorize(Request, Limits),
case j5_request:is_authorized(R, Limits) of
'true' -> maybe_determine_reseller_id(R);
'true' -> maybe_reseller_limited(R);
'false' ->
lager:debug("account ~s is not authorized to create this channel"
,[AccountId]
),
send_response(R)
end.

-spec maybe_determine_reseller_id(j5_request:request()) -> 'ok'.
maybe_determine_reseller_id(Request) ->
case j5_request:reseller_id(Request) of
'undefined' -> determine_reseller_id(Request);
_Else -> maybe_reseller_limited(Request)
end.

-spec determine_reseller_id(j5_request:request()) -> 'ok'.
determine_reseller_id(Request) ->
AccountId = j5_request:account_id(Request),
ResellerId = kz_services_reseller:get_id(AccountId),
maybe_reseller_limited(
j5_request:set_reseller_id(ResellerId, Request)
).

-spec maybe_reseller_limited(j5_request:request()) -> 'ok'.
maybe_reseller_limited(Request) ->
ResellerId = j5_request:reseller_id(Request),
Expand Down Expand Up @@ -350,37 +221,22 @@ send_response(Request) ->
]),

Resp = props:filter_undefined(
[{<<"Is-Authorized">>, kz_term:to_binary(j5_request:is_authorized(Request))}
[{<<"Is-Authorized">>, j5_request:is_authorized(Request)}
,{<<"Account-ID">>, j5_request:account_id(Request)}
,{<<"Account-Billing">>, j5_request:account_billing(Request)}
,{<<"Reseller-ID">>, j5_request:reseller_id(Request)}
,{<<"Reseller-Billing">>, j5_request:reseller_billing(Request)}
,{<<"Call-Direction">>, j5_request:call_direction(Request)}
,{<<"Other-Leg-Call-ID">>, j5_request:other_leg_call_id(Request)}
,{<<"Soft-Limit">>, kz_term:to_binary(j5_request:soft_limit(Request))}
,{<<"Soft-Limit">>, j5_request:soft_limit(Request)}
,{<<"Msg-ID">>, j5_request:message_id(Request)}
,{<<"Call-ID">>, j5_request:call_id(Request)}
,{<<"Custom-Channel-Vars">>, CCVs}
| kz_api:default_headers(?APP_NAME, ?APP_VERSION)
]),

maybe_publish_authz_resp(Request, ServerId, Resp).

-spec maybe_publish_authz_resp(j5_request:request(), kz_term:ne_binary(), kz_term:proplist()) -> 'ok'.
maybe_publish_authz_resp(Request, ServerId, Resp) ->
maybe_publish_authz_resp(Request, ServerId, Resp, j5_channels:is_destroyed(j5_request:call_id(Request))).

-spec maybe_publish_authz_resp(j5_request:request(), kz_term:ne_binary(), kz_term:proplist(), boolean()) -> 'ok'.
maybe_publish_authz_resp(_Request, _ServerId, _Resp, 'true') ->
lager:notice("the channel has already been destroyed, not sending authz response");
maybe_publish_authz_resp(Request, ServerId, Resp, 'false') ->
kapi_authz:publish_authz_resp(ServerId, Resp),
case j5_request:is_authorized(Request) of
'false' -> j5_util:send_system_alert(Request);
'true' ->
kapi_authz:broadcast_authz_resp(Resp),
j5_channels:authorized(kz_json:from_list(Resp))
end.
j5_util:maybe_send_system_alert(Request),
kapi_authz:broadcast_authz_resp(Resp).

-spec trunk_usage(kz_term:ne_binary()) -> kz_term:ne_binary().
trunk_usage(<<Id/binary>>) ->
Expand Down
Loading

0 comments on commit d0b1d83

Please sign in to comment.