customer auth matching by interface (#1459)

* customer auth matching by interface
yeti-switch · Apr 9, 2024 · 0259367 · 0259367
1 parent 666dd1a
commit 0259367
Show file tree

Hide file tree

Showing 24 changed files with 15,883 additions and 465 deletions.
diff --git a/app/admin/routing/customers_auths.rb b/app/admin/routing/customers_auths.rb
@@ -25,7 +25,7 @@
                  :dst_prefix,
                  :dst_number_min_length, :dst_number_max_length,
                  :uri_domain, :from_domain, :to_domain,
-                 :x_yeti_auth,
+                 :x_yeti_auth, :interface,
                  [:customer_name, proc { |row| row.customer.try(:name) }],
                  [:account_name, proc { |row| row.account.try(:name) || '' }],
                  :check_account_balance,
@@ -74,7 +74,7 @@
                 :ip, :pop_id,
                 :src_prefix, :src_number_min_length, :src_number_max_length,
                 :dst_prefix, :dst_number_min_length, :dst_number_max_length,
-                :uri_domain, :from_domain, :to_domain, :x_yeti_auth,
+                :uri_domain, :from_domain, :to_domain, :x_yeti_auth, :interface,
                 :radius_auth_profile_id,
                 :src_number_radius_rewrite_rule, :src_number_radius_rewrite_result,
                 :dst_number_radius_rewrite_rule, :dst_number_radius_rewrite_result,
@@ -120,8 +120,6 @@ def update
     column :reject_calls
     column :transport_protocol
     column :ip
-    column :external_id
-    column :external_type
     column :pop
     column :src_prefix
     column :src_number_length do |c|
@@ -135,6 +133,7 @@ def update
     column :from_domain
     column :to_domain
     column :x_yeti_auth
+    column :interface
 
     column :customer, sortable: 'contractors.name' do |row|
       auto_link(row.customer, row.customer.decorated_customer_display_name)
@@ -192,6 +191,8 @@ def update
 
     column :tag_action
     column :display_tag_action_value
+    column :external_id
+    column :external_type
   end
 
   filter :id
@@ -228,6 +229,7 @@ def update
   filter :from_domain_array_contains, label: I18n.t('activerecord.attributes.customers_auth.from_domain')
   filter :to_domain_array_contains, label: I18n.t('activerecord.attributes.customers_auth.to_domain')
   filter :x_yeti_auth_array_contains, label: I18n.t('activerecord.attributes.customers_auth.x_yeti_auth')
+  filter :interface_contains, label: I18n.t('activerecord.attributes.customers_auth.interface')
   filter :lua_script, input_html: { class: 'chosen' }
   boolean_filter :require_incoming_auth
   boolean_filter :check_account_balance
@@ -309,6 +311,7 @@ def update
           f.input :from_domain, as: :array_of_strings
           f.input :to_domain, as: :array_of_strings
           f.input :x_yeti_auth, as: :array_of_strings
+          f.input :interface, as: :array_of_strings
         end
       end
 
@@ -415,6 +418,7 @@ def update
             row :from_domain
             row :to_domain
             row :x_yeti_auth
+            row :interface
           end
         end
       end

diff --git a/app/admin/routing/routing_simulations.rb b/app/admin/routing/routing_simulations.rb
@@ -8,6 +8,7 @@
       @dc = Routing::SimulationForm.new(
         params[:routing_simulation]&.permit(
           :auth_id,
+          :interface,
           :transport_protocol_id,
           :remote_ip,
           :remote_port,

diff --git a/app/forms/routing/simulation_form.rb b/app/forms/routing/simulation_form.rb
@@ -72,8 +72,9 @@ def dst_country
   attribute :rpid, :string
   attribute :rpid_privacy, :string
   attribute :auth_id, :integer
+  attribute :interface, :string
 
-  validates :remote_ip, :remote_port, :src_number, :dst_number, :pop_id, :transport_protocol_id, presence: true
+  validates :remote_ip, :remote_port, :src_number, :dst_number, :pop_id, :transport_protocol_id, :interface, presence: true
 
   validates :pop_id, :transport_protocol_id, numericality: true
 
@@ -138,6 +139,7 @@ def _save
             ?, /* i_uri_domain character varying */
             ?, /* i_auth_id integer */
             ?, /* i_identity */
+            ?, /* interface */
             ?, /* i_x_yeti_auth character varying, */
             ?, /* i_diversion character varying */
             ?, /* i_x_orig_ip inet */
@@ -170,6 +172,7 @@ def _save
           uri_domain,
           auth_id,
           '[]',
+          interface,
           x_yeti_auth,
           nil,
           nil,

diff --git a/app/models/application_record.rb b/app/models/application_record.rb
@@ -117,7 +117,7 @@ def self.enum_scope_names(name)
   end
 
   DB_VER = LazyObject.new { db_version }
-  ROUTING_SCHEMA = 'switch20'
+  ROUTING_SCHEMA = 'switch21'
 
   PG_MAX_INT = 2_147_483_647
   PG_MIN_INT = -2_147_483_647

diff --git a/app/models/customers_auth.rb b/app/models/customers_auth.rb
@@ -22,6 +22,7 @@
 #  enabled                          :boolean          default(TRUE), not null
 #  external_type                    :string
 #  from_domain                      :string           default([]), is an Array
+#  interface                        :string           default([]), not null, is an Array
 #  ip                               :inet             default(["\"127.0.0.0/8\""]), is an Array
 #  name                             :string           not null
 #  reject_calls                     :boolean          default(FALSE), not null
@@ -140,7 +141,8 @@ module CONST
                                     uri_domain
                                     from_domain
                                     to_domain
-                                    x_yeti_auth].freeze
+                                    x_yeti_auth
+                                    interface].freeze
 
     freeze
   end
@@ -292,18 +294,6 @@ def privacy_mode_name
     end
   end
 
-  def display_name_for_debug
-    b = "#{customer.display_name} -> #{name} | #{id} IP: #{raw_ip}"
-    b += ", Domain: #{uri_domain}" if uri_domain.present?
-    b += ", POP: #{pop.try(:name)}" unless pop_id.nil?
-    b += ", X-Yeti-Auth: #{x_yeti_auth}" if x_yeti_auth.present?
-    b
-  end
-
-  # def pop_name
-  #   pop.nil? ? "Any" : pop.name
-  # end
-
   # force update IP
   def keys_for_partial_write
     (changed + ['ip']).uniq

diff --git a/app/models/customers_auth_normalized.rb b/app/models/customers_auth_normalized.rb
@@ -22,6 +22,7 @@
 #  enabled                          :boolean          default(TRUE), not null
 #  external_type                    :string
 #  from_domain                      :string
+#  interface                        :string
 #  ip                               :inet             not null
 #  name                             :string           not null
 #  reject_calls                     :boolean          default(FALSE), not null

diff --git a/app/models/disconnect_code.rb b/app/models/disconnect_code.rb
@@ -52,6 +52,8 @@ def display_name
     NS_RADIUS => 'Radius'
   }.freeze
 
+  DC_NO_CUSTOMER_AUTH_MATCHED = 110
+  DC_CUSTOMER_AUTH_REJECT = 8004
   DC_NO_ENOUGH_CUSTOMER_BALANCE = 8000
   DC_NO_ROUTES = 113
   DC_NO_DESTINATION_WITH_APPROPRIATE_RATE = 8006

diff --git a/app/views/routing_simulation/_form.html.erb b/app/views/routing_simulation/_form.html.erb
@@ -3,6 +3,7 @@
     <%= form.inputs do %>
         <%= form.input :auth_id, label:"Authorized gateway", collection: Gateway.where("incoming_auth_password is not null and allow_origination"), as: :select, include_blank: 'None', input_html: { class: 'chosen' } %>
         <%= form.input :transport_protocol_id, collection: Equipment::TransportProtocol.all, as: :select, include_blank: false %>
+        <%= form.input :interface, input_html: { value: form.object.interface || 'primary' } %>
         <%= form.input :remote_ip %>
         <%= form.input :remote_port %>
         <%= form.input :pop_id, collection: Pop.all, as: :select, include_blank: false %>

diff --git a/config/locales/en.yml b/config/locales/en.yml
@@ -89,7 +89,13 @@ en:
         hep_capture_id: "Leave it empty to use YETI Node ID as HEP_CAPTURE_ID"
       customers_auth:
         check_account_balance: "Reject calls if originator hasn't enough funds"
-        ip: 'Comma-separated array of IPs'
+        ip: 'Comma-separated list of IPs with masks'
+        src_prefix: 'Comma-separated list of SRC number prefixes accepted by this auth record'
+        dst_prefix: 'Comma-separated list of DST number prefixes accepted by this auth record'
+        uri_domain: 'Comma-separated list of SIP R-URI domains accepted by this auth record'
+        from_domain: 'Comma-separated list of SIP From URI domains accepted by this auth record'
+        to_domain: 'Comma-separated list of SIP To URI domains accepted by this auth record'
+        interface: 'Comma-separated list of SIP interfaces names where initial INVITE may be received. Leave empty to allow any interface. If Gateway locked to specific SIP interface it should be allowed there'
         radius_auth_profile: 'Select for additional RADIUS call authentication before routing'
         radius_accounting_profile: "RADIUS accounting profile for LegA(Origination)"
       destination:
@@ -123,6 +129,7 @@ en:
         from_domain: 'From Domain'
         to_domain: 'To Domain'
         x_yeti_auth: 'X-Yeti-Auth'
+        interface: 'Interface'
       cdr:
         auth_orig_ip: 'Auth Orig IP'
       log/api_log: