diff --git a/CHANGES b/CHANGES
index 3080c2f0563dd460c8cc99a22fb95bdb52b6c10d..8200fb89f0e4e975a0a6eb2ddab9bfcb9967671f 100644
--- a/CHANGES
+++ b/CHANGES
@@ -35,6 +35,10 @@ AMI - The manager (TCP/TLS/HTTP)
* Added Masquerade manager event for when a masquerade happens between
two channels.
* Added "manager reload" command for the CLI
+ * Lots of commands that only provided information are now allowed under the
+ Reporting privilege, instead of only under Call or System.
+ * The IAX* commands now require either System or Reporting privilege, to
+ mirror the privileges of the SIP* commands.
Dialplan functions
------------------
diff --git a/apps/app_stack.c b/apps/app_stack.c
index 341b4c1d995ff4686969775576843847ec9febe0..7f53aff15205b9a38f513b6ddb3a55b24fbe32f4 100644
--- a/apps/app_stack.c
+++ b/apps/app_stack.c
@@ -100,7 +100,7 @@ static int frame_set_var(struct ast_channel *chan, struct gosub_stack_frame *fra
} else
pbx_builtin_setvar_helper(chan, var, value);
- manager_event(EVENT_FLAG_CALL, "VarSet",
+ manager_event(EVENT_FLAG_DIALPLAN, "VarSet",
"Channel: %s\r\n"
"Variable: LOCAL(%s)\r\n"
"Value: %s\r\n"
diff --git a/apps/app_voicemail.c b/apps/app_voicemail.c
index 67d605d1fefe2ae85ac1665ab15bd6b0d09dcd73..f0b137cfc4f19cd405d9a98f157264fb19c9a0da 100644
--- a/apps/app_voicemail.c
+++ b/apps/app_voicemail.c
@@ -8745,7 +8745,7 @@ static int load_module(void)
res |= ast_register_application(app3, vm_box_exists, synopsis_vm_box_exists, descrip_vm_box_exists);
res |= ast_register_application(app4, vmauthenticate, synopsis_vmauthenticate, descrip_vmauthenticate);
res |= ast_custom_function_register(&mailbox_exists_acf);
- res |= ast_manager_register("VoicemailUsersList", EVENT_FLAG_CALL, manager_list_voicemail_users, "List All Voicemail User Information");
+ res |= ast_manager_register("VoicemailUsersList", EVENT_FLAG_CALL | EVENT_FLAG_REPORTING, manager_list_voicemail_users, "List All Voicemail User Information");
if (res)
return res;
diff --git a/channels/chan_iax2.c b/channels/chan_iax2.c
index 35107fa7b1afa7b2f502e26549cd4c3c1d9c0a16..2ad6d8c9fe0ae415186b89bffadfedea9926f40a 100644
--- a/channels/chan_iax2.c
+++ b/channels/chan_iax2.c
@@ -11670,9 +11670,9 @@ static int load_module(void)
ast_register_application(papp, iax2_prov_app, psyn, pdescrip);
- ast_manager_register( "IAXpeers", 0, manager_iax2_show_peers, "List IAX Peers" );
- ast_manager_register( "IAXpeerlist", 0, manager_iax2_show_peer_list, "List IAX Peers" );
- ast_manager_register( "IAXnetstats", 0, manager_iax2_show_netstats, "Show IAX Netstats" );
+ ast_manager_register( "IAXpeers", EVENT_FLAG_SYSTEM | EVENT_FLAG_REPORTING, manager_iax2_show_peers, "List IAX Peers" );
+ ast_manager_register( "IAXpeerlist", EVENT_FLAG_SYSTEM | EVENT_FLAG_REPORTING, manager_iax2_show_peer_list, "List IAX Peers" );
+ ast_manager_register( "IAXnetstats", EVENT_FLAG_SYSTEM | EVENT_FLAG_REPORTING, manager_iax2_show_netstats, "Show IAX Netstats" );
if(set_config(config, 0) == -1)
return AST_MODULE_LOAD_DECLINE;
diff --git a/channels/chan_sip.c b/channels/chan_sip.c
index df20aee03189c7c86234f3fd9843370387212205..3d1b3158f85041da39c309510db4ddab9da83583 100644
--- a/channels/chan_sip.c
+++ b/channels/chan_sip.c
@@ -19590,11 +19590,11 @@ static int load_module(void)
ast_custom_function_register(&checksipdomain_function);
/* Register manager commands */
- ast_manager_register2("SIPpeers", EVENT_FLAG_SYSTEM, manager_sip_show_peers,
+ ast_manager_register2("SIPpeers", EVENT_FLAG_SYSTEM | EVENT_FLAG_REPORTING, manager_sip_show_peers,
"List SIP peers (text format)", mandescr_show_peers);
- ast_manager_register2("SIPshowpeer", EVENT_FLAG_SYSTEM, manager_sip_show_peer,
+ ast_manager_register2("SIPshowpeer", EVENT_FLAG_SYSTEM | EVENT_FLAG_REPORTING, manager_sip_show_peer,
"Show SIP peer (text format)", mandescr_show_peer);
- ast_manager_register2("SIPshowregistry", EVENT_FLAG_SYSTEM, manager_show_registry,
+ ast_manager_register2("SIPshowregistry", EVENT_FLAG_SYSTEM | EVENT_FLAG_REPORTING, manager_show_registry,
"Show SIP registrations (text format)", mandescr_show_registry);
sip_poke_all_peers();
sip_send_all_registers();
diff --git a/configs/manager.conf.sample b/configs/manager.conf.sample
index b4d6a0909e1f02430a3d8c0730cc7898be1f9108..80bea5a700786f97e9845ebcaca71e00fc14b1f8 100644
--- a/configs/manager.conf.sample
+++ b/configs/manager.conf.sample
@@ -71,5 +71,27 @@ bindaddr = 0.0.0.0
;displayconnects = yes ; Display on CLI user login/logoff
;
; Authorization for various classes
-;read = system,call,log,verbose,command,agent,user,config,dtmf,reporting,cdr
-;write = system,call,log,verbose,command,agent,user,config,dtmf,reporting,cdr
+;
+; Read authorization permits you to receive asynchronous events, in general.
+; Write authorization permits you to send commands and get back responses. The
+; following classes exist:
+;
+; system - General information about the system and ability to run system
+; management commands, such as Shutdown, Restart, and Reload.
+; call - Information about channels and ability to set information in a
+; running channel.
+; log - Logging information. Read-only.
+; verbose - Verbose information. Read-only.
+; agent - Information about queues and agents and ability to add queue
+; members to a queue.
+; user - Permission to send and receive UserEvent.
+; config - Ability to read and write configuration files.
+; command - Permission to run CLI commands. Write-only.
+; dtmf - Receive DTMF events. Read-only.
+; reporting - Ability to get information about the system.
+; cdr - Output of cdr_manager, if loaded. Read-only.
+; dialplan - Receive NewExten and VarSet events. Read-only.
+;
+;read = system,call,log,verbose,agent,user,config,dtmf,reporting,cdr,dialplan
+;write = system,call,agent,user,config,command,reporting
+
diff --git a/include/asterisk/manager.h b/include/asterisk/manager.h
index 8e63acfeeb55fffc1e64744c4bcfd5f3f7c5a166..327f674f80663b98ec5ec979a5f6b043d2336406 100644
--- a/include/asterisk/manager.h
+++ b/include/asterisk/manager.h
@@ -68,6 +68,7 @@
#define EVENT_FLAG_DTMF (1 << 8) /* Ability to read DTMF events */
#define EVENT_FLAG_REPORTING (1 << 9) /* Reporting events such as rtcp sent */
#define EVENT_FLAG_CDR (1 << 10) /* CDR events */
+#define EVENT_FLAG_DIALPLAN (1 << 11) /* Dialplan events (VarSet, NewExten) */
/*@} */
/*! \brief Export manager structures */
diff --git a/main/db.c b/main/db.c
index 39d898d13374b3740ab7240147af19e90cc4d0dc..94bf4f0012c55d515fd3484f99ca6050b4ac86d6 100644
--- a/main/db.c
+++ b/main/db.c
@@ -663,7 +663,7 @@ int astdb_init(void)
{
dbinit();
ast_cli_register_multiple(cli_database, sizeof(cli_database) / sizeof(struct ast_cli_entry));
- ast_manager_register("DBGet", EVENT_FLAG_SYSTEM, manager_dbget, "Get DB Entry");
+ ast_manager_register("DBGet", EVENT_FLAG_SYSTEM | EVENT_FLAG_REPORTING, manager_dbget, "Get DB Entry");
ast_manager_register("DBPut", EVENT_FLAG_SYSTEM, manager_dbput, "Put DB Entry");
ast_manager_register("DBDel", EVENT_FLAG_SYSTEM, manager_dbdel, "Delete DB Entry");
ast_manager_register("DBDelTree", EVENT_FLAG_SYSTEM, manager_dbdeltree, "Delete DB Tree");
diff --git a/main/manager.c b/main/manager.c
index 99fe49c4d7a9b22142b8f01bc50e0c58c260de24..ba3ad926480fe5db03c10ab5551f4b05a5604fe6 100644
--- a/main/manager.c
+++ b/main/manager.c
@@ -312,6 +312,7 @@ static struct permalias {
{ EVENT_FLAG_DTMF, "dtmf" },
{ EVENT_FLAG_REPORTING, "reporting" },
{ EVENT_FLAG_CDR, "cdr" },
+ { EVENT_FLAG_DIALPLAN, "dialplan" },
{ -1, "all" },
{ 0, "none" },
};
@@ -1391,7 +1392,7 @@ static int action_listcommands(struct mansession *s, const struct message *m)
astman_start_ack(s, m);
AST_RWLIST_TRAVERSE(&actions, cur, list) {
- if ((s->writeperm & cur->authority) == cur->authority)
+ if (s->writeperm & cur->authority)
astman_append(s, "%s: %s (Priv: %s)\r\n",
cur->action, cur->synopsis, authority_to_str(cur->authority, &temp));
}
@@ -2509,7 +2510,7 @@ static int process_message(struct mansession *s, const struct message *m)
AST_RWLIST_TRAVERSE(&actions, tmp, list) {
if (strcasecmp(action, tmp->action))
continue;
- if ((s->writeperm & tmp->authority) == tmp->authority)
+ if (s->writeperm & tmp->authority)
ret = tmp->func(s, m);
else
astman_send_error(s, m, "Permission denied");
@@ -3467,28 +3468,28 @@ static int __init_manager(int reload)
ast_manager_register2("Logoff", 0, action_logoff, "Logoff Manager", mandescr_logoff);
ast_manager_register2("Login", 0, action_login, "Login Manager", NULL);
ast_manager_register2("Challenge", 0, action_challenge, "Generate Challenge for MD5 Auth", NULL);
- ast_manager_register2("Hangup", EVENT_FLAG_CALL, action_hangup, "Hangup Channel", mandescr_hangup);
- ast_manager_register("Status", EVENT_FLAG_CALL, action_status, "Lists channel status" );
+ ast_manager_register2("Hangup", EVENT_FLAG_SYSTEM | EVENT_FLAG_CALL, action_hangup, "Hangup Channel", mandescr_hangup);
+ ast_manager_register("Status", EVENT_FLAG_SYSTEM | EVENT_FLAG_CALL | EVENT_FLAG_REPORTING, action_status, "Lists channel status" );
ast_manager_register2("Setvar", EVENT_FLAG_CALL, action_setvar, "Set Channel Variable", mandescr_setvar );
- ast_manager_register2("Getvar", EVENT_FLAG_CALL, action_getvar, "Gets a Channel Variable", mandescr_getvar );
- ast_manager_register2("GetConfig", EVENT_FLAG_CONFIG, action_getconfig, "Retrieve configuration", mandescr_getconfig);
- ast_manager_register2("GetConfigJSON", EVENT_FLAG_CONFIG, action_getconfigjson, "Retrieve configuration (JSON format)", mandescr_getconfigjson);
+ ast_manager_register2("Getvar", EVENT_FLAG_CALL | EVENT_FLAG_REPORTING, action_getvar, "Gets a Channel Variable", mandescr_getvar );
+ ast_manager_register2("GetConfig", EVENT_FLAG_SYSTEM | EVENT_FLAG_CONFIG, action_getconfig, "Retrieve configuration", mandescr_getconfig);
+ ast_manager_register2("GetConfigJSON", EVENT_FLAG_SYSTEM | EVENT_FLAG_CONFIG, action_getconfigjson, "Retrieve configuration (JSON format)", mandescr_getconfigjson);
ast_manager_register2("UpdateConfig", EVENT_FLAG_CONFIG, action_updateconfig, "Update basic configuration", mandescr_updateconfig);
ast_manager_register2("Redirect", EVENT_FLAG_CALL, action_redirect, "Redirect (transfer) a call", mandescr_redirect );
ast_manager_register2("Originate", EVENT_FLAG_CALL, action_originate, "Originate Call", mandescr_originate);
ast_manager_register2("Command", EVENT_FLAG_COMMAND, action_command, "Execute Asterisk CLI Command", mandescr_command );
- ast_manager_register2("ExtensionState", EVENT_FLAG_CALL, action_extensionstate, "Check Extension Status", mandescr_extensionstate );
- ast_manager_register2("AbsoluteTimeout", EVENT_FLAG_CALL, action_timeout, "Set Absolute Timeout", mandescr_timeout );
- ast_manager_register2("MailboxStatus", EVENT_FLAG_CALL, action_mailboxstatus, "Check Mailbox", mandescr_mailboxstatus );
- ast_manager_register2("MailboxCount", EVENT_FLAG_CALL, action_mailboxcount, "Check Mailbox Message Count", mandescr_mailboxcount );
+ ast_manager_register2("ExtensionState", EVENT_FLAG_CALL | EVENT_FLAG_REPORTING, action_extensionstate, "Check Extension Status", mandescr_extensionstate );
+ ast_manager_register2("AbsoluteTimeout", EVENT_FLAG_SYSTEM | EVENT_FLAG_CALL, action_timeout, "Set Absolute Timeout", mandescr_timeout );
+ ast_manager_register2("MailboxStatus", EVENT_FLAG_CALL | EVENT_FLAG_REPORTING, action_mailboxstatus, "Check Mailbox", mandescr_mailboxstatus );
+ ast_manager_register2("MailboxCount", EVENT_FLAG_CALL | EVENT_FLAG_REPORTING, action_mailboxcount, "Check Mailbox Message Count", mandescr_mailboxcount );
ast_manager_register2("ListCommands", 0, action_listcommands, "List available manager commands", mandescr_listcommands);
ast_manager_register2("SendText", EVENT_FLAG_CALL, action_sendtext, "Send text message to channel", mandescr_sendtext);
ast_manager_register2("UserEvent", EVENT_FLAG_USER, action_userevent, "Send an arbitrary event", mandescr_userevent);
ast_manager_register2("WaitEvent", 0, action_waitevent, "Wait for an event to occur", mandescr_waitevent);
- ast_manager_register2("CoreSettings", EVENT_FLAG_SYSTEM, action_coresettings, "Show PBX core settings (version etc)", mandescr_coresettings);
- ast_manager_register2("CoreStatus", EVENT_FLAG_SYSTEM, action_corestatus, "Show PBX core status variables", mandescr_corestatus);
- ast_manager_register2("Reload", EVENT_FLAG_CONFIG, action_reload, "Send a reload event", mandescr_reload);
- ast_manager_register2("CoreShowChannels", EVENT_FLAG_SYSTEM, action_coreshowchannels, "List currently active channels", mandescr_coreshowchannels);
+ ast_manager_register2("CoreSettings", EVENT_FLAG_SYSTEM | EVENT_FLAG_REPORTING, action_coresettings, "Show PBX core settings (version etc)", mandescr_coresettings);
+ ast_manager_register2("CoreStatus", EVENT_FLAG_SYSTEM | EVENT_FLAG_REPORTING, action_corestatus, "Show PBX core status variables", mandescr_corestatus);
+ ast_manager_register2("Reload", EVENT_FLAG_CONFIG | EVENT_FLAG_SYSTEM, action_reload, "Send a reload event", mandescr_reload);
+ ast_manager_register2("CoreShowChannels", EVENT_FLAG_SYSTEM | EVENT_FLAG_REPORTING, action_coreshowchannels, "List currently active channels", mandescr_coreshowchannels);
ast_manager_register2("ModuleLoad", EVENT_FLAG_SYSTEM, manager_moduleload, "Module management", mandescr_moduleload);
ast_manager_register2("ModuleCheck", EVENT_FLAG_SYSTEM, manager_modulecheck, "Check if module is loaded", mandescr_modulecheck);
diff --git a/main/pbx.c b/main/pbx.c
index 3085600638e545e205c1c436d6a06a646566447b..6da44b7c3606e3db956312fc1bc8f14961428cda 100644
--- a/main/pbx.c
+++ b/main/pbx.c
@@ -2659,7 +2659,7 @@ static int pbx_extension_helper(struct ast_channel *c, struct ast_context *con,
term_color(tmp3, passdata, COLOR_BRMAGENTA, 0, sizeof(tmp3)),
"in new stack");
}
- manager_event(EVENT_FLAG_CALL, "Newexten",
+ manager_event(EVENT_FLAG_DIALPLAN, "Newexten",
"Channel: %s\r\n"
"Context: %s\r\n"
"Extension: %s\r\n"
@@ -7232,7 +7232,7 @@ void pbx_builtin_setvar_helper(struct ast_channel *chan, const char *name, const
ast_verb(2, "Setting global variable '%s' to '%s'\n", name, value);
newvariable = ast_var_assign(name, value);
AST_LIST_INSERT_HEAD(headp, newvariable, entries);
- manager_event(EVENT_FLAG_CALL, "VarSet",
+ manager_event(EVENT_FLAG_DIALPLAN, "VarSet",
"Channel: %s\r\n"
"Variable: %s\r\n"
"Value: %s\r\n"
@@ -7465,7 +7465,7 @@ int load_pbx(void)
}
/* Register manager application */
- ast_manager_register2("ShowDialPlan", EVENT_FLAG_CONFIG, manager_show_dialplan, "List dialplan", mandescr_show_dialplan);
+ ast_manager_register2("ShowDialPlan", EVENT_FLAG_CONFIG | EVENT_FLAG_REPORTING, manager_show_dialplan, "List dialplan", mandescr_show_dialplan);
ast_mutex_init(&device_state.lock);
ast_cond_init(&device_state.cond, NULL);
diff --git a/pbx/pbx_realtime.c b/pbx/pbx_realtime.c
index 6b9a0fbff7cd4ac355c3df9d9012cf93056e12af..d4876bd7fe9aa0d638e01167e5740b9896655cc6 100644
--- a/pbx/pbx_realtime.c
+++ b/pbx/pbx_realtime.c
@@ -195,7 +195,7 @@ static int realtime_exec(struct ast_channel *chan, const char *context, const ch
term_color(tmp1, app, COLOR_BRCYAN, 0, sizeof(tmp1)),
term_color(tmp2, chan->name, COLOR_BRMAGENTA, 0, sizeof(tmp2)),
term_color(tmp3, S_OR(appdata, ""), COLOR_BRMAGENTA, 0, sizeof(tmp3)));
- manager_event(EVENT_FLAG_CALL, "Newexten",
+ manager_event(EVENT_FLAG_DIALPLAN, "Newexten",
"Channel: %s\r\n"
"Context: %s\r\n"
"Extension: %s\r\n"
diff --git a/res/res_features.c b/res/res_features.c
index 1427038d9dcb98cf7496c8ba6e464d5a43f721ef..36617da5a2e834f1f7f51e85d979ae801115386a 100644
--- a/res/res_features.c
+++ b/res/res_features.c
@@ -3409,7 +3409,7 @@ static int load_module(void)
ast_manager_register("ParkedCalls", 0, manager_parking_status, "List parked calls");
ast_manager_register2("Park", EVENT_FLAG_CALL, manager_park,
"Park a channel", mandescr_park);
- ast_manager_register2("Bridge", EVENT_FLAG_COMMAND, action_bridge, "Bridge two channels already in the PBX", mandescr_bridge);
+ ast_manager_register2("Bridge", EVENT_FLAG_CALL, action_bridge, "Bridge two channels already in the PBX", mandescr_bridge);
}
res |= ast_devstate_prov_add("Park", metermaidstate);