Saturday, November 16, 2013

FreePBX/Asterisk – Per User Pin Set for the poor man

Firstly, FreePBX’s PRO module does this in such elegance http://www.schmoozecom.com/pinsetpro.php. Do support the FreePBX team and make the purchase and keep those devs motivated :-). Thank you for helping!

 

This article describes step by step to do a poor man’s PINSET per user/extension in FreePBX. Why? Cause users keep sharing pinsets and no one takes responsibility on its usage.

It may not be the prettiest way of doing things, but it sure does the job :-)

 

What do you need to use this, more info etc..

  1. FreePBX 2.8 /Asterisk 1.8 or higher (may work for lower versions)
  2. If using FreePBX 2.10 or higher, there’s a setting to bypass pin (pinless dialing), this guide/hack “supports”. Meaning if you enable pinless, you won’t need a pin.
  3. This method hacks the freepbx generated configs using the _override_ file, so be sure to know what is the repercussion of hacking this, e.g. you will lose some configs made in the GUI (except for record in CDR value)
  4. If using Record in CDR, this method honours this request and records it in Account Code column inside asteriskcdrdb
  5. If using the pinset number n in which we defined custom pinsets, it will go through the custom method (per user), otherwise, it will use back the pinsets generated in the PinSet module in FreePBX Gui and work per normal pinset module. Therefore, not affecting other PINsets that you’ve been doing/using.
  6. If a particular user does not have voicemail or you do not want voicemail for that extension, this method will not work. All you got to do is be creative and use another location/method to read
  7. Why i use voicemail password? Simple, cause its user manageable through Asterisk Recording Interface (freepbx gui) or voicemailmain app on Asterisk (when you dial *97)

 

Ok here are the steps:

  1. Create “USER-PINSET” in the Pin Set module, in FreePBX, optionally put the bla bla “Uses our…”
    image
  2. NOTE: You can select to Record in CDR or not, this will be honoured in this custom per use pinset way
  3. When pinsets are created, it will be in placed in a chronological order which it was created, so if you created this particular pinset as the 3rd one, remember that order/number, we will use it later. In my example, this is my first ever created pinset, so it has the chronological order of 1.
    image
  4. The second that i created (AA-Second) will be no 2 and so on …
  5. Now, create a file in /var/lib/asterisk/agi-bin/vmbasedpin.sh, paste the following content in there;
  6. Change the location of vmconfloc if needed. Most cases you don’t have to.

    #!/bin/bash
    #by sanjay@astiostech.com
    vmconfloc="/etc/asterisk/voicemail.conf"
    #
    while test -n "$1"; do
        case "$1" in
            -E)
                ext=$2
                shift
               ;;
    esac
    shift
    done
    #
    # ERROR CHECKING FOR INPUTS
    if [[ "$ext" == "" ]]; then
        echo "ERR" | tr -d '\n' | tr -d ' '
        exit 1
    fi
    #
    #Get pin stored in conf file
    mypin=`cat $vmconfloc | grep $ext | cut -d '>' -f2 | cut -d , -f1 | tr -d " " | tr -d "\n"`
    if [[ "$mypin" == "" ]]; then
        echo "ERR" | tr -d '\n' | tr -d ' '
        exit 1
    else
        echo "$mypin" | tr '\n' ' ' | tr -d ' '
        exit 0
    fi
    exit 2

  7. Make the file executable and make asterisk user own it, in my case asterisk user/group is asterisk
    #chmod +x /var/lib/asterisk/agi-bin/vmbasedpin.sh
    #chown asterisk:asterisk /var/lib/asterisk/agi-bin/vmbasedpin.sh
  8. The above script reads the voicemail configuration file, which normally is located in /etc/asterisk/voicemail.conf. It does read only, doesn’t write anything so no special permissions required. If this file don’t exist, it means no user has voicemail enabled on the system.
  9. Now, edit the file /etc/asterisk/extensions_override_freepbx.conf and paste the content/context below in it, somewhere
  10. Define which order this special “USER-PINSET” was created, in my case its the first pinset, therefore, its 1, see bold text below

    [macro-pinsets]
    include => macro-pinsets-custom
    exten => s,1,NoOp(Starting custom PINSETS)
    exten => s,n,Set(MYCUSTOMPIN=1)
    exten => s,n,GotoIf($["${MYCUSTOMPIN}" = "${ARG1}"]?mypinset,1)
    ;
    exten => s,n,GotoIf(${ARG2} = 1?cdr,1)
    exten => s,n,ExecIf($["${DB(AMPUSER/${AMPUSER}/pinless)}" != "NOPASSWD"]?Authenticate(/etc/asterisk/pinset_${ARG1}))
    exten => s,n,ExecIf($["${DB(AMPUSER/${AMPUSER}/pinless)}" != "NOPASSWD"]?ResetCDR())
    ;
    exten => cdr,1,ExecIf($["${DB(AMPUSER/${AMPUSER}/pinless)}" != "NOPASSWD"]?Authenticate(/etc/asterisk/pinset_${ARG1},a))
    exten => cdr,n,ExecIf($["${DB(AMPUSER/${AMPUSER}/pinless)}" != "NOPASSWD"]?ResetCDR())
    ;
    exten => mypinset,1,NoOp(Custom Pinsets)
    exten => mypinset,n,GotoIf($["${ARG2}" = "1"]?mypinset-cdr,1)
    exten => mypinset,n,Set(MYPRIVATEPIN=${SHELL(/var/lib/asterisk/agi-bin/vmbasedpin.sh -E ${AMPUSERCID})})
    exten => mypinset,n,ExecIf($["${DB(AMPUSER/${AMPUSER}/pinless)}" != "NOPASSWD"]?Authenticate(${MYPRIVATEPIN}))
    exten => mypinset,n,ExecIf($["${DB(AMPUSER/${AMPUSER}/pinless)}" != "NOPASSWD"]?ResetCDR())
    ;
    exten => mypinset-cdr,1,NoOp(Custom Pinsets)
    exten => mypinset-cdr,n,Set(MYPRIVATEPIN=${SHELL(/var/lib/asterisk/agi-bin/vmbasedpin.sh -E ${AMPUSERCID})})
    exten => mypinset-cdr,n,ExecIf($["${DB(AMPUSER/${AMPUSER}/pinless)}" != "NOPASSWD"]?Authenticate(${MYPRIVATEPIN},a))
    exten => mypinset-cdr,n,ExecIf($["${DB(AMPUSER/${AMPUSER}/pinless)}" != "NOPASSWD"]?ResetCDR())

  11. Important: The variable AMPUSERCID must contain a value otherwise this will not work, or use your own variable if you know what you’re doing. FreePBX users need not worry, this value should always be there!
  12. You can first test to see if the script vmbasedpin.sh is executable or not, here i am testing for user 1000, which should return the value of 9999 (her voicemail pin number)
    #/var/lib/asterisk/agi-bin/vmbasedpin.sh -E 1001
  13. IMPORTANT: If there’s no voicemail password/pin defined, or there was an error or it can’t find the extension, or there’s no E value parsed, the output value ERR will be returned therefore, its impossible for a user to make that call particular call when this pinset is used. 
  14. Now, simply go edit your outbound route to use this pinset, like so;
    image  
  15. Go to a particular user’s configuration page, add/edit their vm password, like so;
    image  
  16. Click on Apply Config or reload the dialplan via CLI.
  17. And here’s how the CLI looks like when making a call…( i am using extension 1058, with a pin defined in my vm as 1012
    image
  18. Notice the MYPRIVATEPIN=1012, yes, that was read off the voicemail.conf file
  19. And since check the “Record in CDR” flag in that pinset inside FreePBX, the authentication parses the “,a” option
  20. Putting the value in CDR allows me to run reports using the FreePBX’s CDR Report tool and filter the “Account Code” section where the Pinset used when dialling are recorded.
  21. Enjoy and as usual, do give us feedback!

No comments: