dbxe
/
fusionpbx
2
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

CDR Search fix for Users group, some additional permissions.

This commit is contained in:
Nate Jones 2014-06-16 22:08:30 +00:00
parent fcc5886339
commit a777d49783
4 changed files with 99 additions and 83 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
app/xml_cdr/app_config.php
View File

@ -67,6 +67,15 @@
$apps[$x]['permissions'][$y]['groups'][] = "admin"; $apps[$x]['permissions'][$y]['groups'][] = "admin";
$apps[$x]['permissions'][$y]['groups'][] = "superadmin"; $apps[$x]['permissions'][$y]['groups'][] = "superadmin";
$y++; $y++;
$apps[$x]['permissions'][$y]['name'] = "xml_cdr_search";
$apps[$x]['permissions'][$y]['groups'][] = "user";
$apps[$x]['permissions'][$y]['groups'][] = "admin";
$apps[$x]['permissions'][$y]['groups'][] = "superadmin";
$y++;
$apps[$x]['permissions'][$y]['name'] = "xml_cdr_search_advanced";
$apps[$x]['permissions'][$y]['groups'][] = "admin";
$apps[$x]['permissions'][$y]['groups'][] = "superadmin";
$y++;
$apps[$x]['permissions'][$y]['name'] = "xml_cdr_domain"; $apps[$x]['permissions'][$y]['name'] = "xml_cdr_domain";
$apps[$x]['permissions'][$y]['groups'][] = "admin"; $apps[$x]['permissions'][$y]['groups'][] = "admin";
$apps[$x]['permissions'][$y]['groups'][] = "superadmin"; $apps[$x]['permissions'][$y]['groups'][] = "superadmin";
@ -79,9 +88,6 @@
$y++; $y++;
$apps[$x]['permissions'][$y]['name'] = "xml_cdr_delete"; $apps[$x]['permissions'][$y]['name'] = "xml_cdr_delete";
$apps[$x]['permissions'][$y]['groups'][] = "superadmin"; $apps[$x]['permissions'][$y]['groups'][] = "superadmin";
//$y++;
//$apps[$x]['permissions'][$y]['name'] = "xml_cdr_all";
//$apps[$x]['permissions'][$y]['groups'][] = "superadmin";
//schema details //schema details
$y = 0; //table array index $y = 0; //table array index

15
app/xml_cdr/xml_cdr.php
View File

@ -76,7 +76,7 @@ else {
echo "<table>\n"; echo "<table>\n";
echo "<tr>\n"; echo "<tr>\n";
echo "<td>\n"; echo "<td>\n";
if (if_group("admin") || if_group("superadmin") || permission_exists('xml_cdr_domain')) { if (permission_exists('xml_cdr_search_advanced')) {
echo " <input type='button' class='btn' value='".$text['button-advanced_search']."' onclick=\"window.location='xml_cdr_search.php';\">\n"; echo " <input type='button' class='btn' value='".$text['button-advanced_search']."' onclick=\"window.location='xml_cdr_search.php';\">\n";
} }
echo " <input type='button' class='btn' value='".$text['button-missed']."' onclick=\"document.location.href='xml_cdr.php?missed=true';\">\n"; echo " <input type='button' class='btn' value='".$text['button-missed']."' onclick=\"document.location.href='xml_cdr.php?missed=true';\">\n";
@ -125,8 +125,8 @@ else {
echo "</tr>\n"; echo "</tr>\n";
echo "</table>\n"; echo "</table>\n";
//search the call detail records //basic search of call detail records
if (if_group("admin") || if_group("superadmin") || permission_exists('xml_cdr_domain')) { if (permission_exists('xml_cdr_search')) {
echo "<fieldset>"; echo "<fieldset>";
echo "<legend>Basic Search</legend>"; echo "<legend>Basic Search</legend>";
@ -173,10 +173,8 @@ else {
echo " </td>\n"; echo " </td>\n";
echo " <td class='vtable' width='70%' align='left'>\n"; echo " <td class='vtable' width='70%' align='left'>\n";
echo " <select name=\"hangup_cause\" class='formfld'>\n"; echo " <select name=\"hangup_cause\" class='formfld'>\n";
echo " <option value='".$hangup_cause."' selected='selected'>".$hangup_cause."</option>\n"; echo " <option value=''></option>\n";
if (strlen($hangup_cause) > 0) {
echo " <option value=''></option>\n";
}
$cdr_status_options = array( $cdr_status_options = array(
'NORMAL_CLEARING', 'NORMAL_CLEARING',
'ORIGINATOR_CANCEL', 'ORIGINATOR_CANCEL',
@ -210,8 +208,9 @@ else {
); );
sort($cdr_status_options); sort($cdr_status_options);
foreach ($cdr_status_options as $cdr_status) { foreach ($cdr_status_options as $cdr_status) {
$selected = ($hangup_cause == $cdr_status) ? "selected='selected'" : null;
$cdr_status_label = ucwords(strtolower(str_replace("_", " ", $cdr_status))); $cdr_status_label = ucwords(strtolower(str_replace("_", " ", $cdr_status)));
echo " <option value='".$cdr_status."'>".$cdr_status_label."</option>"; echo " <option value='".$cdr_status."' ".$selected.">".$cdr_status_label."</option>";
} }
echo " </select>\n"; echo " </select>\n";
echo " </td>\n"; echo " </td>\n";

153
app/xml_cdr/xml_cdr_inc.php
View File

@ -73,91 +73,104 @@ else {
//build the sql where string //build the sql where string
if ($missed == true) { if ($missed == true) {
$sql_where .= "and billsec = '0' "; $sql_where_ands[] = "billsec = '0'";
} }
if (strlen($start_epoch) > 0 && strlen($stop_epoch) > 0) { if (strlen($start_epoch) > 0 && strlen($stop_epoch) > 0) {
$sql_where .= "and start_epoch BETWEEN ".$start_epoch." AND ".$stop_epoch." "; $sql_where_ands[] = "start_epoch BETWEEN ".$start_epoch." AND ".$stop_epoch." ";
} }
if (strlen($cdr_id) > 0) { $sql_where .= "and cdr_id like '%$cdr_id%' "; } if (strlen($cdr_id) > 0) { $sql_where_ands[] = "cdr_id like '%".$cdr_id."%'"; }
if (strlen($direction) > 0) { $sql_where .= "and direction = '$direction' "; } if (strlen($direction) > 0) { $sql_where_ands[] = "direction = '".$direction."'"; }
if (strlen($caller_id_name) > 0) { $sql_where .= "and caller_id_name like '%".$caller_id_name."%' "; } if (strlen($caller_id_name) > 0) { $sql_where_ands[] = "caller_id_name like '".$caller_id_name."'"; }
if (strlen($caller_id_number) > 0) { $sql_where .= "and caller_id_number like '%".$caller_id_number."%' "; } if (strlen($caller_id_number) > 0) { $sql_where_ands[] = "caller_id_number like '".$caller_id_number."'"; }
if (strlen($destination_number) > 0) { $sql_where .= "and destination_number like '%".$destination_number."%' "; } if (strlen($destination_number) > 0) { $sql_where_ands[] = "destination_number like '".$destination_number."'"; }
if (strlen($context) > 0) { $sql_where .= "and context like '%$context%' "; } if (strlen($context) > 0) { $sql_where_ands[] = "context like '%".$context."%'"; }
if ($db_type == "sqlite") { if ($db_type == "sqlite") {
if (strlen($start_stamp) > 0) { $sql_where .= "and start_stamp like '%$start_stamp%' "; } if (strlen($start_stamp) > 0) { $sql_where_ands[] = "start_stamp like '%".$start_stamp."%'"; }
if (strlen($end_stamp) > 0) { $sql_where .= "and end_stamp like '%$end_stamp%' "; } if (strlen($end_stamp) > 0) { $sql_where_ands[] = "end_stamp like '%".$end_stamp."%'"; }
} }
if ($db_type == "pgsql" || $db_type == "mysql") { if ($db_type == "pgsql" || $db_type == "mysql") {
if (strlen($start_stamp) > 0 && strlen($end_stamp) == 0) { $sql_where .= "and start_stamp between '$start_stamp 00:00:00' and '$start_stamp 23:59:59' "; } if (strlen($start_stamp) > 0 && strlen($end_stamp) == 0) { $sql_where_ands[] = "start_stamp between '".$start_stamp." 00:00:00' and '".$start_stamp." 23:59:59'"; }
if (strlen($start_stamp) > 0 && strlen($end_stamp) > 0) { $sql_where .= "and start_stamp between '$start_stamp 00:00:00' and '$end_stamp 23:59:59' "; } if (strlen($start_stamp) > 0 && strlen($end_stamp) > 0) { $sql_where_ands[] = "start_stamp between '".$start_stamp." 00:00:00' and '".$end_stamp." 23:59:59'"; }
} }
if (strlen($answer_stamp) > 0) { $sql_where .= "and answer_stamp like '%$answer_stamp%' "; } if (strlen($answer_stamp) > 0) { $sql_where_ands[] = "answer_stamp like '%".$answer_stamp."%'"; }
if (strlen($duration) > 0) { $sql_where .= "and duration like '%$duration%' "; } if (strlen($duration) > 0) { $sql_where_ands[] = "duration like '%".$duration."%'"; }
if (strlen($billsec) > 0) { $sql_where .= "and billsec like '%$billsec%' "; } if (strlen($billsec) > 0) { $sql_where_ands[] = "billsec like '%".$billsec."%'"; }
if (strlen($hangup_cause) > 0) { $sql_where .= "and hangup_cause like '%$hangup_cause%' "; } if (strlen($hangup_cause) > 0) { $sql_where_ands[] = "hangup_cause like '%".$hangup_cause."%'"; }
if (strlen($uuid) > 0) { $sql_where .= "and uuid = '$uuid' "; } if (strlen($uuid) > 0) { $sql_where_ands[] = "uuid = '".$uuid."'"; }
if (strlen($bleg_uuid) > 0) { $sql_where .= "and bleg_uuid = '$bleg_uuid' "; } if (strlen($bleg_uuid) > 0) { $sql_where_ands[] = "bleg_uuid = '".$bleg_uuid."'"; }
if (strlen($accountcode) > 0) { $sql_where .= "and accountcode = '$accountcode' "; } if (strlen($accountcode) > 0) { $sql_where_ands[] = "accountcode = '".$accountcode."'"; }
if (strlen($read_codec) > 0) { $sql_where .= "and read_codec like '%$read_codec%' "; } if (strlen($read_codec) > 0) { $sql_where_ands[] = "read_codec like '%".$read_codec."%'"; }
if (strlen($write_codec) > 0) { $sql_where .= "and write_codec like '%$write_codec%' "; } if (strlen($write_codec) > 0) { $sql_where_ands[] = "write_codec like '%".$write_codec."%'"; }
if (strlen($remote_media_ip) > 0) { $sql_where .= "and remote_media_ip like '%$remote_media_ip%' "; } if (strlen($remote_media_ip) > 0) { $sql_where_ands[] = "remote_media_ip like '%".$remote_media_ip."%'"; }
if (strlen($network_addr) > 0) { $sql_where .= "and network_addr like '%$network_addr%' "; } if (strlen($network_addr) > 0) { $sql_where_ands[] = "network_addr like '%".$network_addr."%'"; }
//example sql //example sql
// select caller_id_number, destination_number from v_xml_cdr where domain_uuid = '' // select caller_id_number, destination_number from v_xml_cdr where domain_uuid = ''
// and (caller_id_number = '1001' or destination_number = '1001' or destination_number = '*991001') // and (caller_id_number = '1001' or destination_number = '1001' or destination_number = '*991001')
if (!if_group("admin") && !if_group("superadmin") && !permission_exists('xml_cdr_domain')) { if (!permission_exists('xml_cdr_domain')) {
$sql_where = "where domain_uuid = '$domain_uuid' "; if (count($_SESSION['user']['extension']) > 0) { // extensions are assigned to this user
$sql_where .= "and ( "; // create simple user extension array
if (count($_SESSION['user']['extension']) > 0) { foreach ($_SESSION['user']['extension'] as $row) { $user_extensions[] = $row['user']; }
$x = 0; // if both a source and destination are submitted, but neither are an assigned extension, restrict results
foreach($_SESSION['user']['extension'] as $row) { if (
if ($x==0) { $caller_id_number != '' &&
if (strlen($row['user']) > 0) { $sql_where .= "caller_id_number = '".$row['user']."' \n"; } //source $destination_number != '' &&
array_search($caller_id_number, $user_extensions) === false &&
array_search($destination_number, $user_extensions) === false
) {
$sql_where_ors[] = "caller_id_number like '".$user_extension."'";
$sql_where_ors[] = "destination_number like '".$user_extension."'";
$sql_where_ors[] = "destination_number like '*99".$user_extension."'";
}
// if source submitted is blank, implement restriction for assigned extension(s)
if ($caller_id_number == '') { // if source criteria is blank, then restrict to assigned ext
foreach ($user_extensions as $user_extension) {
if (strlen($user_extension) > 0) { $sql_where_ors[] = "caller_id_number like '".$user_extension."'"; }
} }
else { }
if (strlen($row['user']) > 0) { $sql_where .= "or caller_id_number = '".$row['user']."' \n"; } //source // if destination submitted is blank, implement restriction for assigned extension(s)
if ($destination_number == '') {
foreach ($user_extensions as $user_extension) {
if (strlen($user_extension) > 0) {
$sql_where_ors[] = "destination_number like '".$user_extension."'";
$sql_where_ors[] = "destination_number like '*99".$user_extension."'";
}
} }
if (strlen($row['user']) > 0) { $sql_where .= "or destination_number = '".$row['user']."' \n"; } //destination }
if (strlen($row['user']) > 0) { $sql_where .= "or destination_number = '*99".$row['user']."' \n"; } //destination // concatenate the 'or's array, then add to the 'and's array
$x++; if (sizeof($sql_where_ors) > 0) {
$sql_where_ands[] = "( ".implode(" or ", $sql_where_ors)." )";
} }
} }
else {
$sql_where .= "destination_number = 'no extension assigned' \n"; //destination
}
$sql_where .= ") ";
} }
else {
//superadmin or admin or permission_exists('xml_cdr_domain') // concatenate the 'ands's array, add to where clause
$sql_where = "where domain_uuid = '$domain_uuid' ".$sql_where; if (sizeof($sql_where_ands) > 0) {
$sql_where = " and ".implode(" and ", $sql_where_ands);
} }
//$sql_where = str_replace ("where or", "where", $sql_where);
//$sql_where = str_replace ("where and", " and", $sql_where);
//set the param variable which is used with paging //set the param variable which is used with paging
$param = ""; $param = "";
$param .= "&missed=$missed"; $param .= "&missed=".$missed;
$param .= "&caller_id_name=$caller_id_name"; $param .= "&caller_id_name=".$caller_id_name;
$param .= "&start_stamp=$start_stamp"; $param .= "&start_stamp=".$start_stamp;
$param .= "&hangup_cause=$hangup_cause"; $param .= "&hangup_cause=".$hangup_cause;
$param .= "&caller_id_number=$caller_id_number"; $param .= "&caller_id_number=".$caller_id_number;
$param .= "&destination_number=$destination_number"; $param .= "&destination_number=".$destination_number;
$param .= "&context=$context"; $param .= "&context=".$context;
$param .= "&answer_stamp=$answer_stamp"; $param .= "&answer_stamp=".$answer_stamp;
$param .= "&end_stamp=$end_stamp"; $param .= "&end_stamp=".$end_stamp;
$param .= "&start_epoch=$start_epoch"; $param .= "&start_epoch=".$start_epoch;
$param .= "&stop_epoch=$stop_epoch"; $param .= "&stop_epoch=".$stop_epoch;
$param .= "&duration=$duration"; $param .= "&duration=".$duration;
$param .= "&billsec=$billsec"; $param .= "&billsec=".$billsec;
$param .= "&uuid=$uuid"; $param .= "&uuid=".$uuid;
$param .= "&bridge_uuid=$bridge_uuid"; $param .= "&bridge_uuid=".$bridge_uuid;
$param .= "&accountcode=$accountcode"; $param .= "&accountcode=".$accountcode;
$param .= "&read_codec=$read_codec"; $param .= "&read_codec=".$read_codec;
$param .= "&write_codec=$write_codec"; $param .= "&write_codec=".$write_codec;
$param .= "&remote_media_ip=$remote_media_ip"; $param .= "&remote_media_ip=".$remote_media_ip;
$param .= "&network_addr=$network_addr"; $param .= "&network_addr=".$network_addr;
if (isset($order_by)) { if (isset($order_by)) {
$param .= "&order_by=".$order_by; $param .= "&order_by=".$order_by;
} }
@ -175,8 +188,7 @@ else {
//page results if rows_per_page is greater than zero //page results if rows_per_page is greater than zero
if ($rows_per_page > 0) { if ($rows_per_page > 0) {
//get the number of rows in the v_xml_cdr //get the number of rows in the v_xml_cdr
$sql = "select count(*) as num_rows from v_xml_cdr "; $sql = "select count(*) as num_rows from v_xml_cdr where domain_uuid = '".$domain_uuid."' ".$sql_where;
$sql .= $sql_where;
$prep_statement = $db->prepare(check_sql($sql)); $prep_statement = $db->prepare(check_sql($sql));
if ($prep_statement) { if ($prep_statement) {
$prep_statement->execute(); $prep_statement->execute();
@ -199,11 +211,10 @@ else {
} }
//get the results from the db //get the results from the db
$sql = "select * from v_xml_cdr "; $sql = "select * from v_xml_cdr where domain_uuid = '".$domain_uuid."' ".$sql_where;
$sql .= $sql_where; if (strlen($order_by)> 0) { $sql .= " order by ".$order_by." ".$order." "; }
if (strlen($order_by)> 0) { $sql .= "order by $order_by $order "; }
if ($rows_per_page > 0) { if ($rows_per_page > 0) {
$sql .= " limit $rows_per_page offset $offset "; $sql .= " limit ".$rows_per_page." offset ".$offset." ";
} }
$prep_statement = $db->prepare(check_sql($sql)); $prep_statement = $db->prepare(check_sql($sql));
$prep_statement->execute(); $prep_statement->execute();

2
app/xml_cdr/xml_cdr_search.php
View File

@ -26,7 +26,7 @@
include "root.php"; include "root.php";
require_once "resources/require.php"; require_once "resources/require.php";
require_once "resources/check_auth.php"; require_once "resources/check_auth.php";
if (permission_exists('xml_cdr_view')) { if (permission_exists('xml_cdr_search_advanced')) {
//access granted //access granted
} }
else { else {