Reference13r3:Concept App Service Contacts: Difference between revisions

From innovaphone wiki
Jump to navigation Jump to search
→‎Sharing of Address Book: Added: Sharing of Address Book/Share globally
m →‎Known Issues: Added "DECT Phones Cannot Access Personal Directories"
Line 430: Line 430:
* [[Support:Contacts_Upload_Fails_From_Within_myApps_Launcher | Contacts Upload Fails From Within myApps Launcher]]
* [[Support:Contacts_Upload_Fails_From_Within_myApps_Launcher | Contacts Upload Fails From Within myApps Launcher]]
* [[Support:Forward_search_shows_no_result | Forward Search shows "no result"]]
* [[Support:Forward_search_shows_no_result | Forward Search shows "no result"]]
== DECT Phones Cannot Access Personal Directories ==
DECT gateways do not support the mechanism required to query into directories with restricted access rules.


= Related =
= Related =
<references/>
<references/>

Revision as of 15:47, 14 July 2022

FIXME: This product is in the beta phase and is not yet finished

Applies To

  • App Contacts version 13r3

Overview

The App Service Contacts is an App Service which can be installed on an innovaphone App Platform. It is used for information retrieval of a database of contact entries, as well as maintaining personal contact books.

Inside Contacts, personal and general entries can be searched (forward lookup) or be used to resolve incoming numbers to their respective name (reverse lookup).

Features

  • Import: Comma-separated files
  • Database for contact entries: A user interface for retrieval purposes is available.
  • API: Search API for other apps
  • Edit Functionality: Contact entries are editable.
  • Personal Address Book: Every user can maintain one or more personal address books.
  • Access Right Management: Owners can maintain access privileges for single users or even groups of users, in order to control viewability of an address book.

Requirements

innovaphone PBX and App Platform from on version 13r3.

Upgrade Considerations

As always, don't forget to backup an existing App Platform in prior. This 13r3 App Contacts does alter the underlying database scheme.

13r3 App on 13r1 App Platform, 13r1 PBX
Doesn't work. This 13r3 Contacts App does not work on an 13r1 Application Platform/Environment.
13r3 App on 13r2 App Platform, 13r2 PBX
The 13r3 Contacts App works with the restriction, that the reverse lookup for private address books doesn't work. For full feature set, also upgrade the App Platform and PBX to 13r3.

Apps

innovaphone-contacts

The reqular app

innovaphone-contacts-admin

Features a menu (top-right) to manually upload a CSV file

innovaphone-contacts-searchapi

Provides a search API to other apps, e.g. for the Phone App

Concept

General contact entries and entries for personal directories are stored within the same database. With the table acl which is acting as an access control list, restricted views and edit rights for personal directories can be granted.

This way, only the owner of a personal directory (and granted user or groups) can see the content.

Number handling

In principle, two versions of a phone number are always stored in the contacts database.

Original Number
This is the unchanged number imported by the user. This version includes all decorative characters, spaces, etc. (eg. +49-(7031) 730090)
Formated number
A filter is applied to the original number before saving to remove all non-dialable characters. (This means that only 0-9,+,*,# remain after that) This formated version of the call number is saved in addition to the data set. (eg. +497031730090)

If a number is searched for (reverse lookup), the cleaned version is searched for. Thus, it does not matter which decorative characters or formats are imported. If an entry is displayed to the user, the originally entered call number (incl. decoration characters) is displayed.

It is therefore best practice to import only international format numbers (Decorations can be imported as they will be removed anyway), as the PBX always converts the number into the international format for a reverse lookup, if the dialing location was configured correct.

Assign unique IDs for contacts entries

It is recommended to upload CSV files with an additional column extAnchor. The column extAnchor allows to identify individual entries uniquely and independent of renaming operations. The column extAnchor is supposed to contain an external unique database id, alike a guid. If extAnchor was provided the import procedure will perform an UPDATE of previously existing entries, instead of deleting and re-INSERTing the entries. Entries pinned on home are going to remain functional.

List of Attributes

The list of currently available attributes for a contacts entry follows:

extAnchor
unique id identifiing the entry within the database
givenname
First name
sn
Surname/Family name
company
Corporation
displayname
Name to be displayed
email
e.g. example@example.com
telephonenumber
Internationalized land-line telephone number, e.g. +49 7031 730090
mobile
Internationalized mobile telephone number
homephone
Internationalized home phone number
facsimiletelephonenumber
Internationalized fax number
city
City/Town, e.g. Milano
street
postalcode
state
Federal state, e.g. some US states: Ca, Wa, Fl
country
e.g. Deutschland, Italia
privatecity
Home address
privatestreet
privatepostalcode
privatestate
privatecountry
title
Academic title
position
Position within company, department
department
description
Common description
roomnumber
info
Common info
url
Company URL
sip
Dialable SIP address

List of Text-Indexable Attributes

Attributes to be considered for the full-text index

  • cn
  • sn
  • givenname
  • company
  • displayname
  • info
  • city
  • street
  • postalcode
  • country
  • state
  • private_city
  • private_street
  • private_postalcode
  • private_country
  • private_state
  • title
  • position
  • department
  • description
  • roomnumber
  • sip

Built-in LDAP Server

The App incorporates a proprietary LDAP server functionality. The purpose of the LDAP server functionality is to service innnovaphone LDAP clients, such as desk phones. The LDAP server only supports a proprietary search by means of a meta attribute[1], whereby LDAP is just utilized as a transport vehicle for a user's search input one-to-one.

  • E.g. a user searching for John Doe innovaphone
    • Possible user input jo do inno
    • Resulting LDAP filter (metaSearchText=jo do inno)

Sample Phone Configuration, innovaphone

Phone/User-X/Directories/External LDAP Server

Enable
Active
Use TLS
Active
Server
<host adddress of App Platform>
Port
<can be left empty>
Username,Pw
<Credentials for LDAP Bind operation>
Search Base
dc=entries
Mode
<can be left on "basic">
Object Filter
<leave empty>
Sort Results
Inactive
Name Attributes
givenName,sn,company
Number Attributes
<can be left empty>
H323 ID Attribute
sip
Detail Attributes
title,company,street,postalCode,city,country,email,url
Meta Name Attribute
metaSearchText
Meta Number Attribute
metaSearchNumber

Personal Address Book Details

With version 13r3 it is now possible, to add, editing and delete contacts. It is also possible to create and maintain personal address book(s), as well as share them with other users or whole user groups.

Only user/groups with sufficient rights, will be able to see other address books. An Access control list (acl) is used, to control these rights.

Groups correspond to PBX-groups. The Contacts App gets to know only active PBX-group memberships.

By default, only the user who created an address book, is able to see the content.

Maintain a Personal Address Book

Creating a Personal Address Book

Click on the burger menu in the top right corner inside the Contacts-App, and there on the "Directories". Now click on the "+"-Sympbol, choose a suitable name and confirm your name via "Save" button. A new address book is created.

Adding a new contact

Click on the "+"-Sympbol in the top right corner inside the Contacts-App and select an address book, where you want the contact to be stored in. Now fill in the contact information (the fields "name" and "last name" have to be filled) and save it via "Save"-button.

Editing an existing contact

Search for the contact you want to edit via the search box inside the Contacts-App. Click on the "Details"-field on the right of the contact entry. Now click on the bottom on the "Edit"-button, click on the entry you want to edit and after your change, save it via "Save"-button on the bottom.

Delete an existing contact

Search for the contact you want to edit via the search box inside the Contacts-App. Click on the "Details"-field on the right of the contact entry. Now click on the bottom on the "Edit"-button, and on the "trashcan"-symbol at the top. After confirmation, the entry is deleted.

Sharing of Address Book

Share globally
  • Either remove all rules from a personal directory. Such a configuration corresponds to pre-13r3 capabilities. Up to 13r2 there weren't any visibility rules available.
  • Or make every PBX user an active member of a group e.g. "everybody" and add a directory rule for that group "everybody".
Share with single user(s)

Click on the menu in the top right corner inside the Contacts-App, click on "directories" and select a directory, you want to share.

Now click on the "+"-symbol and select "User" as type. Enter the h323 name of the user, whom you want to give access (field Name in a user object) and select either if the user should have admin-rights or not. Now click on Ok and submit your change with another click on Ok.

Share with a group

Click on the menu in the top right corner inside the Contacts-App, click on "directories" and select a directory, you want to share.

Now click on the "+"-symbol and select "Group" as type. Enter the name of the PBX group and select either if the user should have admin-rights or not. Now click on Ok and submit your change with another click on Ok-button.

Revoke of granted rights

You can also revoke previous granted rights by just clicking on the user/group at the access control list, and click on the trashcan symbol. Now submit your change with another click on Ok-button.

Upload a new Directory

As of Beta-Functionality: The Contacts Admin App allows to upload a CSV file as known from the 13r2 version (Hamburger/Import). In the course of an upload operation a new directory will be created. The newly assigned directory name will be the name of the CSV file. After uploading the visibility setting of the new directory should be administrated as stated before under Sharing of Address Book

Terminology

ACL
Access control list. Refers the database table acl and rows/entries therein.
Directory
Refers the database table dbs and rows/entries therein. All contact entries referencing a dbs-row make up the content of a directory.
Address Book
Synonymous with Directory
Contacts Admin
A user utilizing the Contacts Admin App (via App URL, ending with ../innovaphone-contacts-admin)
Directory Admin
A user entitled the admin right for a directory. Either by user-wise or by group-wise ACL entry.
Directory User/Viewer
A user entitled the viewing right for a directory. Either by user-wise or by group-wise ACL entry.

Database Changes

Three tables realize the functionality for personal directories.

  • Table dbs. Each row represents a directory. Two new columns displayname, sip where added.
    • displayname Name display.
    • sip Creator's sip name, if available.
  • Table acl.New table acting as access control list. Each row references a directory as listed by table dbs and is going to grant view- and admin-right to a specific user or group.
    • dbsid Reference into table dbs.
    • name The name of a user or a group.
    • acltype A numeric value: user(0), group(1)
    • admin Granting edit right: admin(true), non-admin(false)
  • Table entries. Each row within this pre-exisisting table represents a contact entry. The column dbsid informs about whether an entry belongs to a specific directory.
    #Excerpt for an additional directory ''Persönliches Verzeichnis: mst'' with one contact entry.
    
    root@app-platform|/mnt/sda2/home/admin> psql -d "innovaphone.com_contacts" -c "select * from dbs"
     id |                         uri                          |          displayname           | sip
    ----+------------------------------------------------------+--------------------------------+-----
      7 | file:///4eaae395-9971-40fb-9a05-dfae1d023f12?sip=mst | Persönliches Verzeichnis: mst  | mst      # Specification for directory ('Persönliches Verzeichnis: mst')
    
    root@app-platform|/mnt/sda2/home/admin> psql -d "innovaphone.com_contacts" -c "select * from acl"
     id | dbsid | name | acltype | admin
    ----+-------+------+---------+-------
      5 |     7 | mst  |       0 | t              #user 'mst' can view and edit directory with dbsid=7 ('Persönliches Verzeichnis: mst')
    
    root@app-platform|/mnt/sda2/home/admin> psql -d "innovaphone.com_contacts" -c "select sn,givenname,company,id,dbsid from entries where dbsid=7"
        sn    | givenname |   company    |  id   | dbsid
    ----------+-----------+--------------+-------+-------
     Duck     | Dagobert  | Duck Corp.   | 51394 |     7   # main table entries contains 1 entry belonging to ('Persönliches Verzeichnis: mst')
    

Reverse Number Lookup for Personal Directories

Queries into directories are access-checked by looking-up and enforcing ACL-rules. The information on whose name is being queried and which group memberships are taking effect is needed for this process.

Websocket connections to the Contacts App service carry those infos within the SDK method AppWebsocketConnectComplete(). LDAP connections pass this information within a proprietary LDAP control together with an LDAP searchRequest message.

The PBX's centralized Reverse Lookup service (see PBX/Config/General/Reverse Lookup URL) does support this mechanism. That is, for every LDAP searchRequest the affected user's name and active group memberships are going to be sent towards the Contacts App's LDAP server.

See also concept article on reverse lookup.

Upload Data by HTTP Post

A CSV file can be uploaded by means of an HTTP POST request. The following powershell script aims to demonstrate this procedure with the help of CURL[2][3] The required user and password content corresponds to the configuration underneath PBX Manager/AP Contacts/Configuration/User(HTTP Post) and Password(HTTP Post)

# csv.ps1
# Sample powershell script demonstrating how to HTTP POST a CSV file towards the Contacts App service.
# .\bin\curl must be present, e.g. from https://curl.haxx.se/download.html
# Examples:
# powershell -ExecutionPolicy Bypass -Command .\csv.ps1 -Dest 172.16.18.215 -File ".\myContacts.utf8" -User "contacts01" -Pw "pwd01" -Url "/example.com/contacts01/post/myContacts.utf8?op=csv"

param(
	[Parameter(Mandatory=$false, HelpMessage="Destination host")]
	[string]$Dest,
	[Parameter(Mandatory=$false, HelpMessage="Name of file to be POSTed")]
	[string]$File,	
	[Parameter(Mandatory=$false, HelpMessage="Authentication: User")]
	[string]$User,
	[Parameter(Mandatory=$false, HelpMessage="Authentication: Password")]
	[string]$Pw,
	[Parameter(Mandatory=$false, HelpMessage="URL, e.g.: /example.com/contacts01/post/myContacts.csv?op=csv&xml-stats=true")]
	[string]$Url
)

Add-Type -AssemblyName System.Web

$Uri = "http://" + $Dest + $Url

function UploadToContacts {
	# Ensure file's there and has content
	if (!(Test-Path -Path $File)) {
		echo $File+" not downloaded!"
		exit 1
	}
	$lines = 0
	Get-Content $File |%{ $lines++ }
	echo "Lines of $File=$lines"
	if($lines -le 2) {
		echo "No Data to upload!"
		exit 1
	}
	
	$auth = "${User}:${Pw}"

	echo "POSTing towards $Uri"
	.\bin\curl "--digest" -s -S --trace-time -u $auth -i -H "Content-Type:application/octet-stream" -X POST --data-binary "@${File}" "${Uri}"
	echo "POSTed towards $Dest"
}

$timeStart = Get-Date
echo "===Begin: ${timeStart} ==="
UploadToContacts
$timeEnd = Get-Date
echo "===End: ${timeEnd} ==="
echo ""

The URL

The first part of the URL (example.com/contacts01) is the Webserver path configured for the Contacts instance in the App Platform Manager. It must be followed by the literal post. The last part (myContacts.csv) can be chosen freely.

Note that the last part of the URL used to post the file (myContacts.csv in the example above) needs to be chose carefully. Contacts will remember this name as source for each of the uploaded entries. When the file is posted again (that is, when a new POST using this last URL part is done), Contacts will first delete all existing entries previously uploaded with this name and then add the new ones.

Troubleshooting

To collect debugging data, activate the App and App WebSocket trace options at the contacts instance on the App Platform Manager. Now reproduce the issue and save the logfile.

Manually Deleting an uploaded File

If multiple files or multiple versions of a CSV file were uploaded, it might not be clear how to delete an old data set. Here is an example for how to accomplish a deletion of a particular data set related to an imported CSV file:

  • 2 Files were previously imported
    • allcontacts.csv
    • brs%20testimport.csv
  • The file brs%20testimport.csv shall be deleted
  • Hints
    • Within the Contacts database, the table dbs contains the names of files once imported.
    • The database name, here: innovaphone.com_contacts can be retrieved from the settings within in the App Manager for the Contacts App.

Establish an SSH-session by means of e.g. putty[4]

#Login
#===================================================================
login as: admin
Using keyboard-interactive authentication.
Password:

#Elevate to super-user rights, Command 'su'
#===================================================================
admin@app-platform|/mnt/sda2/home/admin> su
Password:

#Command 'psql'. Printing the table 'dbs'. Contains 2 file names.
#===================================================================
root@app-platform|/mnt/sda2/home/admin> psql -d "innovaphone.com_contacts" -c "select * from dbs"
 id |         uri
----+----------------------
  1 | allcontacts.csv
  5 | brs%20testimport.csv
(2 rows)

#Delete the file "brs%20testimport.csv" via its table-ID 5.
#===================================================================
root@app-platform|/mnt/sda2/home/admin> psql -d "innovaphone.com_contacts" -c "delete from dbs where id=5"
DELETE 1


#Printing the table 'dbs'. Contains 1 file name.
#===================================================================
root@app-platform|/mnt/sda2/home/admin> psql -d "innovaphone.com_contacts" -c "select * from dbs"
 id |       uri
----+-----------------
  1 | allcontacts.csv
(1 row)

root@app-platform|/mnt/sda2/home/admin>

Manually Deleting all Contacts

Sometimes it may become necessary to delete all contacts from the database. This task can be accomplished by simply deleting the main table entries. The deletion will cascade from there into all sub-tables.

  • The database name, here: innovaphone.com_contacts can be retrieved from the settings within in the App Manager for the Contacts App.

Establish an SSH-session by means of e.g. putty[5]

#Login
#===================================================================
login as: admin
Using keyboard-interactive authentication.
Password:

#Elevate to super-user rights, Command 'su'
#===================================================================
admin@app-platform|/mnt/sda2/home/admin> su
Password:

#List number of contacts in main table entries
#===================================================================
root@app-platform|/mnt/sda2/home/admin> psql -d "innovaphone.com_contacts" -c "select count(*) from entries"
 count
-------
    94
(1 row)

#Delete
#===================================================================
root@app-platform|/mnt/sda2/home/admin> psql -d "innovaphone.com_contacts" -c "delete from entries *"
DELETE 94

#List number of contacts in main table entries
#===================================================================
root@app-platform|/mnt/sda2/home/admin> psql -d "innovaphone.com_contacts" -c "select count(*) from entries"
 count
-------
     0
(1 row)

Manually Exporting all Contacts

Sometimes it may become necessary to export all contacts from the database. This task can be accomplished by reading the main table entries, separate attributes by ; and store the result in a given csv-file. The csv-file has to be located in a separate folder with appropriate access rights.

  • The database name, here: innovaphone.com_contacts can be retrieved from the settings within in the App Manager for the Contacts App.

Establish an SSH-session by means of e.g. putty[6]

#Login
#===================================================================
login as: admin
Using keyboard-interactive authentication.
Password:

#Elevate to super-user rights, Command 'su'
#===================================================================
admin@app-platform|/mnt/sda2/home/admin> su
Password:

#create new folder export and grant access rights 
root@app-platform|/mnt/sda2/home/admin> mkdir export
root@app-platform|/mnt/sda2/home/admin> chmod 777 export

#Retrieve all database entries, separate them by ; and store in file
#===================================================================
root@app-platform|/mnt/sda2/home/admin> psql -d "innovaphone.com_contacts" -c "copy entries to '/mnt/sda2/home/admin/export/contacts.csv' delimiter ';' CSV HEADER"

The generated csv-file can be downloaded by use of an sftp-client (e.g. WinSCP) and login to the AP with admin credentials.


Known Issues

DECT Phones Cannot Access Personal Directories

DECT gateways do not support the mechanism required to query into directories with restricted access rules.

Related

  1. Meta attribute: Here an attribute with a special meaning and that is non-physical, not existing within the database
  2. For a windows distribution: e.g.: https://curl.haxx.se/download.html
  3. CURL is recommended(rather required), because it supports the simple POST mechanism with an initial tentative POST with the data length of 0, in order to get through the authentication phase
  4. putty: https://putty.org
  5. putty: https://putty.org
  6. putty: https://putty.org