mirror of
https://github.com/fusionpbx/fusionpbx.git
synced 2026-02-22 10:56:31 +00:00
Improve security on the lua scripts, add lua json library, add *77 dnd toggle feature code, speed dial *0[ext], and improve blf support for extension number alias.
This commit is contained in:
markjcrane
@@ -37,24 +37,18 @@
|
||||
--include config.lua
|
||||
require "resources.functions.config";
|
||||
|
||||
--include config.lua
|
||||
require "resources.functions.settings";
|
||||
|
||||
require "resources.functions.channel_utils";
|
||||
|
||||
local log = require "resources.functions.log".call_forward
|
||||
local cache = require "resources.functions.cache"
|
||||
local Database = require "resources.functions.database"
|
||||
local Settings = require "resources.functions.lazy_settings"
|
||||
local route_to_bridge = require "resources.functions.route_to_bridge"
|
||||
|
||||
local function opt(t, ...)
|
||||
if select('#', ...) == 0 then
|
||||
return t
|
||||
end
|
||||
if type(t) ~= 'table' then
|
||||
return nil
|
||||
end
|
||||
return opt(t[...], select(2, ...))
|
||||
--include json library
|
||||
local json
|
||||
if (debug["sql"]) then
|
||||
json = require "resources.functions.lunajson"
|
||||
end
|
||||
|
||||
local function empty(t)
|
||||
@@ -86,7 +80,7 @@
|
||||
session:sleep(1000);
|
||||
|
||||
--connect to the database
|
||||
dbh = Database.new('system');
|
||||
local dbh = Database.new('system');
|
||||
|
||||
--request id is true
|
||||
if (request_id == "true") then
|
||||
@@ -110,12 +104,13 @@
|
||||
--check to see if the pin number is correct
|
||||
if not session:ready() then return end
|
||||
local sql = "SELECT voicemail_password FROM v_voicemails ";
|
||||
sql = sql .. "WHERE domain_uuid = '" .. domain_uuid .."' ";
|
||||
sql = sql .. "AND voicemail_id = '" .. extension .."' ";
|
||||
sql = sql .. "WHERE domain_uuid = :domain_uuid ";
|
||||
sql = sql .. "AND voicemail_id = :extension ";
|
||||
local params = {domain_uuid = domain_uuid, extension = extension};
|
||||
if (debug["sql"]) then
|
||||
log.notice(sql);
|
||||
log.noticef("SQL: %s; params: %s", sql, json.encode(params));
|
||||
end
|
||||
local voicemail_password = dbh:first_value(sql)
|
||||
local voicemail_password = dbh:first_value(sql, params)
|
||||
if (voicemail_password ~= caller_pin_number) then
|
||||
--access denied
|
||||
session:streamFile("phrase:voicemail_fail_auth:#");
|
||||
@@ -127,16 +122,19 @@
|
||||
if not session:ready() then return end
|
||||
|
||||
local sql = "select * from v_extensions ";
|
||||
sql = sql .. "where domain_uuid = '"..domain_uuid.."' ";
|
||||
sql = sql .. "where domain_uuid = :domain_uuid ";
|
||||
local params = {domain_uuid = domain_uuid};
|
||||
if (extension_uuid ~= nil) then
|
||||
sql = sql .. "and extension_uuid = '"..extension_uuid.."' ";
|
||||
sql = sql .. "and extension_uuid = :extension_uuid ";
|
||||
params.extension_uuid = extension_uuid;
|
||||
else
|
||||
sql = sql .. "and (extension = '"..extension.."' or number_alias = '"..extension.."') ";
|
||||
sql = sql .. "and (extension = :extension or number_alias = :extension) ";
|
||||
params.extension = extension;
|
||||
end
|
||||
if (debug["sql"]) then
|
||||
log.notice(sql);
|
||||
log.noticef("SQL: %s; params: %s", sql, json.encode(params));
|
||||
end
|
||||
local row = dbh:first_row(sql)
|
||||
local row = dbh:first_row(sql, params)
|
||||
if not row then return end
|
||||
|
||||
extension_uuid = row.extension_uuid;
|
||||
@@ -178,9 +176,13 @@
|
||||
if enabled == "true" and not empty(forward_caller_id_uuid) then
|
||||
local sql = "select destination_number, destination_description,"..
|
||||
"destination_caller_id_number, destination_caller_id_name " ..
|
||||
"from v_destinations where domain_uuid = '" .. domain_uuid .. "' and " ..
|
||||
"destination_type = 'inbound' and destination_uuid = '" .. forward_caller_id_uuid .. "'";
|
||||
local row = dbh:first_row(sql)
|
||||
"from v_destinations where domain_uuid = :domain_uuid and " ..
|
||||
"destination_type = 'inbound' and destination_uuid = :destination_uuid";
|
||||
local params = {domain_uuid = domain_uuid; destination_uuid = forward_caller_id_uuid}
|
||||
if (debug["sql"]) then
|
||||
log.noticef("SQL: %s; params: %s", sql, json.encode(params));
|
||||
end
|
||||
local row = dbh:first_row(sql, params)
|
||||
if row then
|
||||
local caller_id_number = row.destination_caller_id_number
|
||||
if empty(caller_id_number) then
|
||||
@@ -212,66 +214,64 @@
|
||||
|
||||
--used for number_alias to get the correct user
|
||||
local sql = "select extension, number_alias from v_extensions ";
|
||||
sql = sql .. "where domain_uuid = '"..domain_uuid.."' ";
|
||||
sql = sql .. "and number_alias = '"..forward_all_destination.."' ";
|
||||
dbh:query(sql, function(row)
|
||||
sql = sql .. "where domain_uuid = :domain_uuid ";
|
||||
sql = sql .. "and number_alias = :number_alias ";
|
||||
local params = {domain_uuid = domain_uuid; number_alias = forward_all_destination}
|
||||
if (debug["sql"]) then
|
||||
log.noticef("SQL: %s; params: %s", sql, json.encode(params));
|
||||
end
|
||||
dbh:query(sql, params, function(row)
|
||||
destination_user = row.extension;
|
||||
destination_extension = row.extension;
|
||||
destination_number_alias = row.number_alias or '';
|
||||
end);
|
||||
|
||||
local presence_id
|
||||
if destination_extension then
|
||||
if (#destination_number_alias > 0) and (opt(settings(domain_uuid), 'provision', 'number_as_presence_id', 'boolean') == 'true') then
|
||||
presence_id = destination_number_alias
|
||||
else
|
||||
presence_id = destination_extension
|
||||
end
|
||||
elseif extension then
|
||||
-- setting here presence_id equal extension not dialed number allows work BLF and intercept.
|
||||
-- $presence_id = extension_presence_id($this->extension, $this->number_alias);
|
||||
if (#number_alias > 0) and (opt(settings(domain_uuid), 'provision', 'number_as_presence_id', 'boolean') == 'true') then
|
||||
presence_id = number_alias
|
||||
else
|
||||
presence_id = extension
|
||||
end
|
||||
else
|
||||
presence_id = forward_all_destination
|
||||
end
|
||||
|
||||
--set the dial_string
|
||||
dial_string = "{presence_id="..presence_id.."@"..domain_name;
|
||||
dial_string = dial_string .. ",instant_ringback=true";
|
||||
dial_string = dial_string .. ",domain_uuid="..domain_uuid;
|
||||
dial_string = dial_string .. ",sip_invite_domain="..domain_name;
|
||||
dial_string = dial_string .. ",domain_name="..domain_name;
|
||||
dial_string = dial_string .. ",domain="..domain_name;
|
||||
dial_string = dial_string .. ",toll_allow='"..toll_allow.."'";
|
||||
dial_string = dial_string .. ",sip_h_Diversion=<sip:"..extension.."@"..domain_name..">;reason=unconditional";
|
||||
if (accountcode ~= nil) then
|
||||
dial_string = dial_string .. ",accountcode="..accountcode;
|
||||
end
|
||||
dial_string = dial_string .. forward_caller_id
|
||||
dial_string = dial_string .. "}";
|
||||
|
||||
if (destination_user ~= nil) then
|
||||
cmd = "user_exists id ".. destination_user .." "..domain_name;
|
||||
else
|
||||
cmd = "user_exists id ".. forward_all_destination .." "..domain_name;
|
||||
end
|
||||
user_exists = trim(api:executeString(cmd));
|
||||
if (user_exists == "true") then
|
||||
if (destination_user ~= nil) then
|
||||
dial_string = dial_string .. "user/"..destination_user.."@"..domain_name;
|
||||
else
|
||||
dial_string = dial_string .. "user/"..forward_all_destination.."@"..domain_name;
|
||||
end
|
||||
local user_exists = trim(api:executeString(cmd));
|
||||
|
||||
--set the dial_string
|
||||
dial_string = "{instant_ringback=true";
|
||||
dial_string = dial_string .. ",domain_uuid="..domain_uuid;
|
||||
dial_string = dial_string .. ",sip_invite_domain="..domain_name;
|
||||
dial_string = dial_string .. ",domain_name="..domain_name;
|
||||
dial_string = dial_string .. ",domain="..domain_name;
|
||||
dial_string = dial_string .. ",extension_uuid="..extension_uuid;
|
||||
dial_string = dial_string .. ",toll_allow='"..toll_allow.."'";
|
||||
dial_string = dial_string .. ",sip_h_Diversion=<sip:"..extension.."@"..domain_name..">;reason=unconditional";
|
||||
if (not accountcode) or (#accountcode == 0) then
|
||||
dial_string = dial_string .. ",sip_h_X-accountcode=${accountcode}";
|
||||
else
|
||||
local mode = opt(settings(domain_uuid), 'domain', 'bridge', 'text')
|
||||
dial_string = dial_string .. ",sip_h_X-accountcode="..accountcode;
|
||||
dial_string = dial_string .. ",accountcode="..accountcode;
|
||||
end
|
||||
dial_string = dial_string .. forward_caller_id
|
||||
|
||||
if (user_exists == "true") then
|
||||
-- we do not need here presence_id because user dial-string already has one
|
||||
dial_string = dial_string .. ",dialed_extension=" .. forward_all_destination
|
||||
dial_string = dial_string .. "}"
|
||||
dial_string = dial_string .. "user/"..forward_all_destination.."@"..domain_name;
|
||||
else
|
||||
-- setting here presence_id equal extension not dialed number allows work BLF and intercept.
|
||||
local settings, presence_id = Settings.new(dbh, domain_name, domain_uuid)
|
||||
if (#number_alias > 0) and (settings:get('provision', 'number_as_presence_id', 'text') == 'true') then
|
||||
presence_id = number_alias
|
||||
else
|
||||
presence_id = extension
|
||||
end
|
||||
|
||||
dial_string = dial_string .. ",presence_id="..presence_id.."@"..domain_name;
|
||||
dial_string = dial_string .. "}";
|
||||
local mode = settings:get('domain', 'bridge', 'text')
|
||||
if mode == "outbound" or mode == "bridge" then
|
||||
local bridge = route_to_bridge(dbh, domain_uuid, {
|
||||
destination_number = forward_all_destination;
|
||||
['${toll_allow}'] = toll_allow;
|
||||
['${user_exists}'] = 'false';
|
||||
})
|
||||
if bridge and bridge.bridge then
|
||||
dial_string = dial_string .. bridge.bridge
|
||||
@@ -297,12 +297,13 @@
|
||||
if enabled == "true" and not empty(follow_me_uuid) then
|
||||
local sql = "update v_follow_me set ";
|
||||
sql = sql .. "follow_me_enabled = 'false' ";
|
||||
sql = sql .. "where domain_uuid = '"..domain_uuid.."' ";
|
||||
sql = sql .. "and follow_me_uuid = '"..follow_me_uuid.."' ";
|
||||
sql = sql .. "where domain_uuid = :domain_uuid ";
|
||||
sql = sql .. "and follow_me_uuid = :follow_me_uuid ";
|
||||
local params = {domain_uuid = domain_uuid, follow_me_uuid = follow_me_uuid};
|
||||
if (debug["sql"]) then
|
||||
log.notice(sql);
|
||||
log.noticef("SQL: %s; params: %s", sql, json.encode(params));
|
||||
end
|
||||
dbh:query(sql);
|
||||
dbh:query(sql, params);
|
||||
end
|
||||
|
||||
--check the destination
|
||||
@@ -315,20 +316,27 @@
|
||||
do
|
||||
local sql = "update v_extensions set ";
|
||||
if (enabled == "true") then
|
||||
sql = sql .. "forward_all_destination = '"..forward_all_destination.."', ";
|
||||
sql = sql .. "dial_string = '"..dial_string:gsub("'", "''").."', ";
|
||||
sql = sql .. "forward_all_destination = :forward_all_destination, ";
|
||||
sql = sql .. "dial_string = :dial_string, ";
|
||||
sql = sql .. "do_not_disturb = 'false', ";
|
||||
else
|
||||
sql = sql .. "forward_all_destination = null, ";
|
||||
sql = sql .. "dial_string = null, ";
|
||||
end
|
||||
sql = sql .. "forward_all_enabled = '"..forward_all_enabled.."' ";
|
||||
sql = sql .. "where domain_uuid = '"..domain_uuid.."' ";
|
||||
sql = sql .. "and extension_uuid = '"..extension_uuid.."' ";
|
||||
sql = sql .. "forward_all_enabled = :forward_all_enabled ";
|
||||
sql = sql .. "where domain_uuid = :domain_uuid ";
|
||||
sql = sql .. "and extension_uuid = :extension_uuid ";
|
||||
local params = {
|
||||
forward_all_destination = forward_all_destination;
|
||||
dial_string = dial_string;
|
||||
forward_all_enabled = forward_all_enabled;
|
||||
domain_uuid = domain_uuid;
|
||||
extension_uuid = extension_uuid;
|
||||
}
|
||||
if (debug["sql"]) then
|
||||
log.notice(sql);
|
||||
log.noticef("SQL: %s; params: %s", sql, json.encode(params));
|
||||
end
|
||||
dbh:query(sql);
|
||||
dbh:query(sql, params);
|
||||
end
|
||||
|
||||
--disconnect from database
|
||||
|
||||
Reference in New Issue
Block a user