Chg: update image tag in helm values to v2.8.0

https://telecominfraproject.atlassian.net/browse/WIFI-11956

.clang-format

@@ -4,4 +4,4 @@ TabWidth:     4
 IndentWidth:  4
 UseTab:       Always
 ColumnLimit:  100
-Language:     Cpp
+Language:     Cpp

.github/workflows/ci.yml

@@ -27,7 +27,7 @@ jobs:
       DOCKER_REGISTRY_USERNAME: ucentral
     steps:
     - name: Checkout actions repo
-      uses: actions/checkout@v2
+      uses: actions/checkout@v3
       with:
         repository: Telecominfraproject/.github
         path: github
@@ -58,10 +58,10 @@ jobs:
     - name: Get base branch name and set as output
       id: get_base_branch
       run: |
-        echo ::set-output name=branch::$(echo ${GITHUB_BASE_REF##*/} | sed 's/master/main/g')
+        echo "branch=$(echo ${GITHUB_BASE_REF##*/} | sed 's/master/main/g')" >> $GITHUB_OUTPUT
 
     - name: Checkout actions repo
-      uses: actions/checkout@v2
+      uses: actions/checkout@v3
       with:
         repository: Telecominfraproject/.github
         path: github
@@ -85,7 +85,7 @@ jobs:
       - docker
     steps:
     - name: Checkout actions repo
-      uses: actions/checkout@v2
+      uses: actions/checkout@v3
       with:
         repository: Telecominfraproject/.github
         path: github

.github/workflows/enforce-jira-issue-key.yml

@@ -11,7 +11,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Checkout actions repo
-        uses: actions/checkout@v2
+        uses: actions/checkout@v3
         with:
           repository: Telecominfraproject/.github
           path: github

.github/workflows/openapi-pages.yml

@@ -0,0 +1,41 @@
+name: Update OpenAPI docs on GitHub Pages
+
+on:
+  push:
+    paths:
+      - 'openapi/**'
+    branches:
+      - master
+  workflow_dispatch:
+
+defaults:
+  run:
+    shell: bash
+
+jobs:
+  docsgen:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v3
+
+      - name: Generate static HTML page with docs from OpenAPI definition
+        run: |
+          docker run --rm -v "${PWD}:/local" openapitools/openapi-generator-cli:v6.2.1 generate -i https://raw.githubusercontent.com/Telecominfraproject/wlan-cloud-ucentralgw/master/openapi/owgw.yaml -g html2 --skip-validate-spec -o /local/
+
+      - name: Update OpenAPI docs
+        run: |
+          mkdir tmp-docs
+          mv index.html tmp-docs/index.html
+          mkdir -p ~/.ssh
+          ssh-keyscan -H github.com >> ~/.ssh/known_hosts
+          echo https://tip-automation:${{ secrets.GIT_PUSH_PAT }}@github.com > ~/.git-credentials
+          git config --global credential.helper store
+          git config --global user.email "tip-automation@telecominfraproject.com"
+          git config --global user.name "TIP Automation User"
+          git pull
+          git checkout gh-pages || git checkout -b gh-pages
+          rm -rf docs
+          mv tmp-docs docs
+          git add docs
+          git commit -m'Update OpenAPI docs for GitHub pages'
+          git push --set-upstream origin gh-pages

.github/workflows/release.yml

@@ -17,7 +17,7 @@ jobs:
       HELM_REPO_USERNAME: ucentral
     steps:
       - name: Checkout uCentral assembly chart repo
-        uses: actions/checkout@v2
+        uses: actions/checkout@v3
         with:
           path: wlan-cloud-ucentralgw
 

CMakeLists.txt

@@ -1,5 +1,5 @@
 cmake_minimum_required(VERSION 3.13)
-project(owgw VERSION 2.7.1)
+project(owgw VERSION 2.8.0)
 
 set(CMAKE_CXX_STANDARD 17)
 
@@ -39,12 +39,12 @@ endif()
 
 find_package(Git QUIET)
 if(GIT_FOUND AND EXISTS "${PROJECT_SOURCE_DIR}/.git")
-    execute_process(COMMAND ${GIT_EXECUTABLE} describe --always --tags
+    execute_process(COMMAND ${GIT_EXECUTABLE} rev-parse --short HEAD
             WORKING_DIRECTORY ${CMAKE_CURRENT_SOURCE_DIR}
             RESULT_VARIABLE GIT_RESULT
             OUTPUT_VARIABLE GIT_HASH)
     if(NOT GIT_RESULT EQUAL "0")
-        message(FATAL_ERROR "git describe --always --tags failed with ${GIT_RESULT}")
+        message(FATAL_ERROR "git rev-parse --short HEAD failed with ${GIT_RESULT}")
     endif()
     string(REGEX REPLACE "\n$" "" GIT_HASH "${GIT_HASH}")
 endif()
@@ -115,6 +115,7 @@ add_executable( owgw
         src/framework/RESTAPI_IntServer.h
         src/framework/RESTAPI_SystemCommand.h
         src/framework/RESTAPI_WebSocketServer.h
+        src/framework/RESTAPI_SystemConfiguration.h
         src/framework/EventBusManager.cpp
         src/framework/EventBusManager.h
         src/framework/RESTAPI_PartHandler.h
@@ -164,10 +165,6 @@ add_executable( owgw
         src/CapabilitiesCache.h src/FindCountry.h
         src/rttys/RTTYS_server.cpp
         src/rttys/RTTYS_server.h
-        src/rttys/RTTYS_device.cpp
-        src/rttys/RTTYS_device.h
-        src/rttys/RTTYS_ClientConnection.cpp
-        src/rttys/RTTYS_ClientConnection.h
         src/rttys/RTTYS_WebServer.cpp
         src/rttys/RTTYS_WebServer.h src/RESTAPI/RESTAPI_device_helper.h
         src/SDKcalls.cpp
@@ -198,7 +195,7 @@ add_executable( owgw
         src/AP_WS_Process_telemetry.cpp
         src/AP_WS_Process_venuebroadcast.cpp
         src/RADSEC_server.h
-        src/UI_GW_WebSocketNotifications.cpp src/UI_GW_WebSocketNotifications.h)
+        src/UI_GW_WebSocketNotifications.cpp src/UI_GW_WebSocketNotifications.h src/framework/RESTAPI_SystemConfiguration.h src/ScriptManager.cpp src/ScriptManager.h src/RESTAPI/RESTAPI_scripts_handler.cpp src/RESTAPI/RESTAPI_scripts_handler.h src/RESTAPI/RESTAPI_script_handler.cpp src/RESTAPI/RESTAPI_script_handler.h src/storage/storage_scripts.cpp src/storage/storage_scripts.h src/SignatureMgr.cpp src/SignatureMgr.h)
 
 if(NOT SMALL_BUILD)
 
@@ -222,4 +219,4 @@ if(NOT SMALL_BUILD)
     if(UNIX AND NOT APPLE)
         target_link_libraries(owgw PUBLIC PocoJSON)
     endif()
-endif()
+endif()

Dockerfile

@@ -1,5 +1,5 @@
 ARG DEBIAN_VERSION=11.5-slim
-ARG POCO_VERSION=poco-tip-v1
+ARG POCO_VERSION=poco-tip-v2
 ARG CPPKAFKA_VERSION=tip-v1
 ARG JSON_VALIDATOR_VERSION=2.1.0
 
@@ -101,7 +101,7 @@ RUN wget https://raw.githubusercontent.com/Telecominfraproject/wlan-cloud-ucentr
 
 COPY --from=owgw-build /owgw/cmake-build/owgw /openwifi/owgw
 COPY --from=cppkafka-build /cppkafka/cmake-build/src/lib /usr/local/lib/
-COPY --from=poco-build /poco/cmake-build/lib /usr/local/lib
+COPY --from=poco-build /poco/cmake-build/lib /usr/local/lib/
 
 RUN ldconfig
 

OPENAPI.md

@@ -5,6 +5,11 @@ This document will describe how the API is built and how to use it.
 This uses OpenAPI definition 3.0 and can be found [here](https://github.com/Telecominfraproject/wlan-cloud-ucentralgw/blob/main/openapi/ucentral/owgw.yaml).
 All endpoints begin with `/api/v1`.
 
+## OpenAPI docs
+You may get static page with OpenAPI docs generated from the definition on [GitHub Page](https://telecominfraproject.github.io/wlan-cloud-ucentralgw).
+
+Also you may use [Swagger UI](https://petstore.swagger.io/#/) with OpenAPI definition file raw link (i.e. [latest version file](https://raw.githubusercontent.com/Telecominfraproject/wlan-cloud-ucentralgw/master/openapi/owgw.yaml)) to get interactive docs page.
+
 ## The flow
 In order to use any of the API calls, you must obtain a token (I know - shocking). You do so by calling the end-point
 `/oauth2`. Once you obtain that `access-token`, you will need to pass it in the headers under `Authorization: Bearer <place your token here>`.

PROTOCOL.md

@@ -298,7 +298,8 @@ Controller sends this command when it believes the device should upgrade its fir
      "params" : {
 	        "serial" : <serial number> ,
 	        "when"  : Optional - <UTC time when to upgrade the firmware, 0 mean immediate, this is a suggestion>,
-		    "uri"   : <URI to download the firmware>
+		    "uri"   : <URI to download the firmware>,
+            "FWsignature" : <string representation of the signature for the FW> (optional)
      },
      "id" : <some number>
 }
@@ -318,6 +319,13 @@ The device should answer:
       "id" : <same number>
 }
 ```
+Here are the error values
+```text
+0:  No error
+1:  Bad firmware
+2:  Missing signature
+```
+
 
 #### Controller wants the device to perform a factory reset
 Controller sends this command when it believes the device should upgrade its firmware.
@@ -673,9 +681,11 @@ Controller sends this command to run a predefined script. Extreme care must be t
      "method" : "script" , 
      "params" : {
         "serial" : <serial number>,
-        "type" : <one of "shell", "ucode">,
-        "script" : <text blob containing the script>,
-        "timeout" : <max timeout in seconds, default is 30>,
+        "type" : <one of "shell", "ucode", "bundle">,
+        "script" : <text blob containing the script, This must be vase64 encoded>,
+        "timeout" : <max timeout in seconds, default is 30, unused if URI is supplied>,
+        "uri":  "<upload script results using this URI>",
+        "signature" : "<signature for script>: must be supplied to restricted devices",
         "when" : <time when this will be performed as UTC seconds>
      },
      "id" : <some number>

RESTRICTED_DEVICES.md

@@ -0,0 +1,82 @@
+# Restricted devices
+
+## What is a restricted device?
+A restricted device is one that because of regulations or a desire for utmost security, requires signatures to access restricted or blocked 
+features. The restriction process is burnt in the device at manufacturing or later by running a specific command on the device. Once a device
+is restricted, it cannot be unlocked. 
+
+## Current restrictions
+Restrictions are stored on the AP in a protected partition. They are contained in a file called `restrictions.json`. Here is a sample:
+```json
+{
+        "country": [
+                "US", "CA"
+        ],
+        "dfs": true,
+        "rtty": true,
+        "tty": true,
+        "developer": true,
+        "sysupgrade": true,
+        "commands": true,
+        "key_info": {
+                "vendor": "dummy",
+                "algo": "static"
+        }
+}
+```
+- country
+  - List of countries where this device may be used
+- dfs
+  - Disallow DFS Override during wifi-scan. If set to `true`, device will not allow to override DFS channels
+- rtty
+  - Disallow the use of the RTTY command for this device
+- tty
+  - Do not allow the AP to accept `tty` connection
+- developer
+  - Internal use only.
+- sysupgrade
+  - If set to `true`, only signed firmware upgrade command will be allowed.
+- commands
+  - If set to `true`, do not allow commands.
+- key_info
+  - This structure defines how signatures should be generated and verified in a secure system
+    - vendor
+      - An identified that must match the vendor name provided in the controller
+    - algo
+      - The signature algorithm. Here are the supported algorithms
+        - `static`
+          - A test algorithm that always returns and uses a value of `aaaaaaaaaa`. This should never be used in the field.
+        - `dgst-sha256`
+          - The default OpenSSL RSA signature generation and verification. The controller will use the following command to generate the signature
+          ```sh
+          openssl dgst -sha256 -sign private-key.pem -out signature.txt myfile
+          ```
+          - The AP will be using the following to verify the signature
+          ```sh
+          openssl dgst -sha256 -verify public-key.pem -signature signature.txt myfile
+          ```
+
+## Creating signatures on the controller
+When a device is restricted and a signature is required, the controller can generate the signature 
+for the specified `vendor`. However, on the controlelr side, you must configure the vendors. In
+order to do so we suggest the following.
+- Create a directory called `signatures` under your `certs` directory
+- Copy the public and private keys for each `vendor` name. We suggest naming them accordingly
+  - `vendor`-private-key.pem
+  - `vendor`-public-key.pem
+- In the `owgw.properties` file, you need to declare these signatures the following way
+```properties
+    signature.manager.0.key.public = $OWGW_ROOT/certs/signatures/test1-public-key.pem
+    signature.manager.0.key.private = $OWGW_ROOT/certs/signatures/test1-private-key.pem
+    signature.manager.0.vendor = test1
+    
+    signature.manager.1.key.public = $OWGW_ROOT/certs/signatures/test2-public-key.pem
+    signature.manager.1.key.private = $OWGW_ROOT/certs/signatures/test2-private-key.pem
+    signature.manager.1.vendor = test2
+```
+
+## How do you use the signatures?
+There is nothing to do really. Now the controller will use the proper key to create the signatures 
+when it sends commands to the AP. It will use the algorithm that the device understands too. This is transparent 
+to the user. The `vendor` name used in the controller configuration must match the `vendor` name provided in the 
+`restrictions.json` file.

ap_scripts/Author 1/content.yaml

@@ -0,0 +1,36 @@
+
+scripts:
+  - name: List Antennas
+    description: A script to list all antennas on a device
+    type: shell
+    runtype:
+      timeout: 30
+    filename: listantennas.sh
+    readme: listantennas.md
+    help: https://authors.com/scripts/index.html
+  - name: List AP Noise
+    description: A script to list all noise values on all APs
+    type: shell
+    runtype:
+      deferred: true
+    filename: listnoise.sh
+    readme: listnoise.md
+    help: https://authors.com/scripts/index.html
+  - name: Reset AP Statistics
+    description: A script to reset the statistics on a given AP
+    type: shell
+    runtype:
+      timeout: 30
+    filename: resetstats.sh
+    readme: resetstats.md
+    help: https://authors.com/scripts/index.html
+  - name: Gather kernel stats
+    description: A script to all the kernel stats for an AP
+    type: bundle
+    runtype:
+      deferred: true
+    filename: kstats.uci
+    readme: kstats.md
+    help: https://authors.com/scripts/index.html
+
+

ap_scripts/Author 1/listantennas.sh

@@ -0,0 +1 @@
+#!/bin/sh

ap_scripts/Author 1/listnoise.sh

@@ -0,0 +1,2 @@
+#!/bin/sh
+

ap_scripts/Author 1/resetstats.sh

@@ -0,0 +1,2 @@
+#!/bin/sh
+

ap_scripts/README.md

@@ -0,0 +1 @@
+# Repo for scripts

build

@@ -1 +1 @@
-41
+94

docker-entrypoint.sh

@@ -73,6 +73,7 @@ if [[ "$TEMPLATE_CONFIG" = 'true' ]]; then
     STORAGE_TYPE_MYSQL_PASSWORD=${STORAGE_TYPE_MYSQL_PASSWORD:-"owgw"} \
     STORAGE_TYPE_MYSQL_DATABASE=${STORAGE_TYPE_MYSQL_DATABASE:-"owgw"} \
     STORAGE_TYPE_MYSQL_PORT=${STORAGE_TYPE_MYSQL_PORT:-"3306"} \
+    CERTIFICATES_ALLOWMISMATCH=${CERTIFICATES_ALLOWMISMATCH:-"false"} \
     envsubst < /owgw.properties.tmpl > $OWGW_CONFIG/owgw.properties
 fi
 

helm/values.yaml

@@ -9,7 +9,7 @@ fullnameOverride: ""
 images:
   owgw:
     repository: tip-tip-wlan-cloud-ucentral.jfrog.io/owgw
-    tag: master
+    tag: v2.8.0
     pullPolicy: Always
 #    regcred:
 #      registry: tip-tip-wlan-cloud-ucentral.jfrog.io
@@ -230,6 +230,7 @@ configProperties:
   openwifi.devicetypes.0: AP:linksys_ea8300,edgecore_eap101,linksys_e8450-ubi
   openwifi.devicetypes.1: SWITCH:edgecore_ecs4100-12ph
   openwifi.devicetypes.2: IOT:esp32
+  openwifi.certificates.allowmismatch: "false"
   oui.download.uri: https://standards-oui.ieee.org/oui/oui.txt
   firmware.autoupdate.policy.default: auto
   iptocountry.provider: ipinfo

openapi/owgw.yaml

@@ -49,6 +49,38 @@ components:
         - IOT
         - MESH
 
+    DeviceRestrictionsKeyInfo:
+      type: object
+      properties:
+        vendor:
+          type: string
+        algo:
+          type: string
+
+    DeviceRestrictions:
+      type: object
+      properties:
+        dfs:
+          type: boolean
+        ssh:
+          type: boolean
+        rtty:
+          type: boolean
+        tty:
+          type: boolean
+        developer:
+          type: boolean
+        upgrade:
+          type: boolean
+        commands:
+          type: boolean
+        country:
+          type: array
+          items:
+            type: string
+        key_info:
+          $ref: '#/components/schemas/DeviceRestrictionsKeyInfo'
+
     Device:
       type: object
       description: Definition of uCentral device
@@ -107,6 +139,19 @@ components:
           type: string
           minLength: 2
           maxLength: 2
+        restrictedDevice:
+          type: boolean
+          default: false
+        certificateExpiryDate:
+          type: integer
+          format: int64
+        pendingConfiguration:
+          type: string
+        pendingConfigurationCmd:
+          type: string
+          format: uuid
+        restrictionDetails:
+          $ref: '#/components/schemas/DeviceRestrictions'
 
     DeviceWithStatus:
       type: object
@@ -202,6 +247,19 @@ components:
         totalConnectionTime:
           type: integer
           format: int64
+        restrictedDevice:
+          type: boolean
+          default: false
+        certificateDate:
+          type: integer
+          format: int64
+        pendingConfiguration:
+          type: string
+        pendingConfigurationCmd:
+          type: string
+          format: uuid
+        restrictionDetails:
+          $ref: '#/components/schemas/DeviceRestrictions'
 
     DeviceList:
       type: object
@@ -500,18 +558,69 @@ components:
         type:
           type: string
           enum:
-            - uci
-            - ucode
             - shell
+            - bundle
+            - diagnostic
         script:
           type: string
         scriptId:
           type: string
-          format: uuid
         when:
           type: integer
           format: int64
           default: 0
+        signature:
+          type: string
+        deferred:
+          type: boolean
+        uri:
+          type: string
+
+    ScriptEntry:
+      type: object
+      properties:
+        id:
+          type: string
+        name:
+          type: string
+        description:
+          type: string
+        uri:
+          type: string
+        content:
+          type: string
+        version:
+          type: string
+        type:
+          enum:
+            - shell
+            - bundle
+        created:
+          type: integer
+        modified:
+          type: integer
+        author:
+          type: string
+        restricted:
+          type: array
+          items:
+            type: string
+        deferred:
+          type: boolean
+          default: false
+        timeout:
+          type: integer
+          default: 30
+        defaultUploadURI:
+          type: string
+
+    ScriptEntryList:
+      type: object
+      properties:
+        scripts:
+          type: array
+          items:
+            $ref: '#/components/schemas/ScriptEntry'
 
     FactoryRequest:
       type: object
@@ -921,9 +1030,26 @@ components:
           items:
             $ref: '#/components/schemas/TagValuePair'
 
+    ExtraSystemConfiguration:
+      type: array
+      items:
+        type: object
+        properties:
+          parameterName:
+            type: string
+          parameterType:
+            type: string
+            enum:
+              - string
+              - integer
+              - boolean
+              - path
+          parameterValue:
+            {}
+
     #########################################################################################
     ##
-    ## End of uCentral system wide values
+    ## End of uCentral system-wide values
     ##
     #########################################################################################
     BlackDeviceInfo:
@@ -1890,6 +2016,12 @@ paths:
           schema:
             type: boolean
           required: false
+        - in: query
+          description: Return the number of matching records.
+          name: countOnly
+          schema:
+            type: boolean
+          required: false
 
       responses:
         200:
@@ -1899,6 +2031,8 @@ paths:
               schema:
                 oneOf:
                   - $ref: '#/components/schemas/StatisticsRecords'
+                  - $ref: '#/components/schemas/DeviceCount'
+
         403:
           $ref: '#/components/responses/Unauthorized'
         404:
@@ -2076,6 +2210,11 @@ paths:
           schema:
             type: string
           required: true
+        - in: query
+          name: FWsignature
+          schema:
+            type: string
+          required: false
       requestBody:
         description: Command details
         content:
@@ -2430,6 +2569,148 @@ paths:
         404:
           $ref: '#/components/responses/NotFound'
 
+  /scripts:
+    get:
+      tags:
+        - Scripting
+      summary: Returns a list scripts.
+      description: Get a list of scripts.
+      operationId: getScripts
+      parameters:
+        - in: query
+          description: Pagination start (starts at 0. If not specified, 0 is assumed)
+          name: offset
+          schema:
+            type: integer
+          required: false
+        - in: query
+          description: Maximum number of entries to return (if absent, no limit is assumed)
+          name: limit
+          schema:
+            type: integer
+          required: false
+        - in: query
+          description: Filter the results
+          name: filter
+          schema:
+            type: string
+          required: false
+      responses:
+        200:
+          description: List all scripts
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/ScriptEntryList'
+        403:
+          $ref: '#/components/responses/Unauthorized'
+        404:
+          $ref: '#/components/responses/NotFound'
+
+  /script/{uuid}:
+    get:
+      tags:
+        - Scripting
+      summary: Returns a script entry.
+      description: Get a specific script entry.
+      operationId: getScript
+      parameters:
+        - in: path
+          description: The UUID of the script
+          name: uuid
+          schema:
+            type: string
+            format: uuid
+          required: true
+      responses:
+        200:
+          description: A script entry
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/ScriptEntry'
+        403:
+          $ref: '#/components/responses/Unauthorized'
+        404:
+          $ref: '#/components/responses/NotFound'
+
+    post:
+      tags:
+        - Scripting
+      summary: Create a new script.
+      operationId: createScript
+      parameters:
+        - in: path
+          description: The UUID of the script. Must be set to 0 for creation
+          name: uuid
+          schema:
+            type: string
+            format: uuid
+          required: true
+      requestBody:
+        description: Complet script entry
+        content:
+          application/json:
+            schema:
+              $ref: '#/components/schemas/ScriptEntry'
+      responses:
+        200:
+          $ref: '#/components/schemas/ScriptEntry'
+        403:
+          $ref: '#/components/responses/Unauthorized'
+        404:
+          $ref: '#/components/responses/NotFound'
+
+    put:
+      tags:
+        - Scripting
+      summary: Modify a script.
+      operationId: modifyScript
+      parameters:
+        - in: path
+          description: The UUID of the script.
+          name: uuid
+          schema:
+            type: string
+            format: uuid
+          required: true
+      requestBody:
+        description: Complete script entry. You may only modify the name, description, version, uri, and content
+        content:
+          application/json:
+            schema:
+              $ref: '#/components/schemas/ScriptEntry'
+      responses:
+        200:
+          $ref: '#/components/schemas/ScriptEntry'
+        403:
+          $ref: '#/components/responses/Unauthorized'
+        404:
+          $ref: '#/components/responses/NotFound'
+
+    delete:
+      tags:
+        - Scripting
+      summary: Delete a script.
+      operationId: deleteScript
+      parameters:
+        - in: path
+          name: uuid
+          schema:
+            type: string
+            format: uuid
+          required: true
+      responses:
+        204:
+          $ref: '#/components/responses/Success'
+        403:
+          $ref: '#/components/responses/Unauthorized'
+        404:
+          $ref: '#/components/responses/NotFound'
+
+
+
+
   /blacklist:
     get:
       tags:
@@ -2731,4 +3012,51 @@ paths:
         403:
           $ref: '#/components/responses/Unauthorized'
         404:
-          $ref: '#/components/responses/NotFound'
+          $ref: '#/components/responses/NotFound'
+
+  /systemConfiguration:
+    get:
+      tags:
+        - SystemConfiguration
+      summary: Retrieve system configuration items
+      operationId: getSystemConfiguration
+      responses:
+        200:
+          $ref: '#/components/schemas/ExtraSystemConfiguration'
+        403:
+          $ref: '#/components/responses/Unauthorized'
+        404:
+          $ref: '#/components/responses/NotFound'
+
+    put:
+      tags:
+        - SystemConfiguration
+      summary: Set some or all system configuration
+      operationId: setSystemConfiguration
+      requestBody:
+        content:
+          application/json:
+            schema:
+              $ref: '#/components/schemas/ExtraSystemConfiguration'
+
+      responses:
+        200:
+          $ref: '#/components/schemas/ExtraSystemConfiguration'
+        403:
+          $ref: '#/components/responses/Unauthorized'
+        404:
+          $ref: '#/components/responses/NotFound'
+
+    delete:
+      tags:
+        - SystemConfiguration
+      summary: Delete all additional system configuration
+      operationId: deleteSystemConfiguration
+
+      responses:
+        200:
+          $ref: '#/components/responses/Success'
+        403:
+          $ref: '#/components/responses/Unauthorized'
+        404:
+          $ref: '#/components/responses/NotFound'

owgw.properties.tmpl

@@ -75,6 +75,7 @@ openwifi.autoprovisioning = true
 openwifi.devicetypes.0 = AP:linksys_ea8300,edgecore_eap101,linksys_e8450-ubi
 openwifi.devicetypes.1 = SWITCH:edgecore_ecs4100-12ph
 openwifi.devicetypes.2 = IOT:esp32
+openwifi.certificates.allowmismatch = ${CERTIFICATES_ALLOWMISMATCH}
 oui.download.uri = https://standards-oui.ieee.org/oui/oui.txt
 simulatorid = ${SIMULATORID}
 iptocountry.default = US

radsec-config-sample.json

@@ -16,6 +16,7 @@
                         "weight" : 10,
                         "radsec" : true,
                         "radsecPort" : 2083,
+                        "allowSelfSigned" : false,
                         "radsecSecret" : "radsec",
                         "radsecKey" : "LS0tLS1CRUdJTiBFQyBQUklWQVRFIEtFWS0tLS0tCk1IY0NBUUVFSUR6RnpXeTZlYXg0QVoxTySG9VUURRZ0FFS3BnWVBHMktPTVd2S0w1Z3NMRXpUc09rREg1M3NHaEQyS3RsRXBDTXVnNDNIZlFnTFVpUgpTR1R2S1l0bDFmbmJaU1lnY0RJdncxdjNYRy9hVDhOY2JBPT0KLS0tLS1FTkQgRUMgUFJJVkFURSBLRVktLS0tLQo=",
                         "radsecCert" : "LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUNRVENDQWVpZ0F3SUJBZ0lVY3BKS3pVM0Ba0dBMVVFQmhNQ1ZWTXhFekFSQmdOVkJBb1RDa0oxZEhSdmJuZHZiMlF4SFRBYkJnTlZCQU1URkVKMQpkSFJ2Ym5kdmIyUWdVbUZrYzJWaklFTkJNQjRYRFRJeU1EY3dNekExTWpVeE5Gb1hEVEkzTURVeE9UQTFNalV4Ck5Gb3dkVEVMTUFrR0ExVUVCaE1DVlZNeEV6QVJCZ05WQkFvVENrSjFkSFJ2Ym5kdmIyUXhOakEwQmdOVkJBTVQKTFdGeWFXeHBZUzVqWWpFd2FtTnVjemgxYlhCbk9HWnBjRFowTUM1dmNtbHZiaTVoY21WaE1USXdMbU52YlRFWgpNQmNHQ2dtU0pvbVQ4aXhrQVFFVENVZHZiMmRzWlRwVlV6QlpNQk1HQnlxR1NNNDlBZ0VHQ0NxR1NNNDlBd0VICkEwSUFCQ3FZR0R4dGlqakZyeWkrWUxDeE0wN0RwQXgrZDdCb1E5aXJaUktRakxvT054MzBJQzFJa1Voazd5bUwKWmRYNTIyVW1JSEF5TDhOYjkxeHYyay9EWEd5amdZa3dnWVl3RGdZRFZSMFBBUUgvQkFRREFnZUFNQk1HQTFVZApKUVFNTUFvR0NDc0dBUVVGQndNQ01Bd0dBMVVkRXdFQi93UUNNQUF3T0FZRFZSMFJCREV3TDRJdFlYSnBiR2xoCkxtTmlNVEJxWTI1ek9IVnRjR2M0Wm1sd05uUXdMbTl5YVc5dUxtRnlaV0V4TWpBdVkyOXRNQmNHQTFVZElBUVEKTUE0d0RBWUtLd1lCQkFIdUtnRUJCVEFLQmdncWhrak9QUVFEQWdOSEFEQkVBaUFwTmM1dUNBSkp6KzVyakdqdwpCWGtOdHE3UU83bWU5dUg5bkNsTDZnSVE5Z0lnUHM2VkVKVW5CcEZ0RktXbFF4eWJ1YlBxYnpJNjBPSERHQ0ExCmhXUk1PS1U9Ci0tLS0tRU5EIENFUlRJRklDQVRFLS0tLS0K",

src/AP_WS_Connection.cpp

@@ -28,6 +28,8 @@
 
 #include "fmt/format.h"
 
+#include "framework/ow_constants.h"
+
 
 #include "RADIUS_proxy_server.h"
 
@@ -71,27 +73,6 @@ namespace OpenWifi {
 		Valid_ = true;
 	}
 
-	class ThreadedCounter {
-	  public:
-		ThreadedCounter(bool T, std::atomic_uint64_t &C) :
-			C_(C),
-			Threaded_(T) {
-			if(Threaded_) {
-				C_++;
-			}
-		}
-
-		~ThreadedCounter() {
-			if(Threaded_ && C_>0) {
-				C_--;
-			}
-		}
-
-	  private:
-		std::atomic_uint64_t 	&C_;
-		bool 					Threaded_;
-	};
-
 	bool AP_WS_Connection::ValidatedDevice() {
 		if(DeviceValidated_)
 			return true;
@@ -99,6 +80,7 @@ namespace OpenWifi {
 		if(!Valid_)
 			return false;
 
+		std::lock_guard	Lock(ConnectionMutex_);
 		try {
 			auto SockImpl = dynamic_cast<Poco::Net::WebSocketImpl *>(WS_->impl());
 			auto SS = dynamic_cast<Poco::Net::SecureStreamSocketImpl*>(SockImpl->streamSocketImpl());
@@ -155,6 +137,7 @@ namespace OpenWifi {
 				return false;
 			}
 
+			State_.certificateExpiryDate = PeerCert.expiresOn().timestamp().epochTime();
 			SerialNumber_ = CN_;
 			SerialNumberInt_ = Utils::SerialNumberToInt(SerialNumber_);
 
@@ -245,9 +228,9 @@ namespace OpenWifi {
 
 			auto SessionDeleted = AP_WS_Server()->EndSession(State_.sessionId, SerialNumberInt_);
 			if (SessionDeleted) {
-				WebNotificationSingleDevice_t	N;
+				GWWebSocketNotifications::SingleDevice_t	N;
 				N.content.serialNumber = SerialNumber_;
-				WebSocketClientNotificationDeviceDisconnected(N);
+				GWWebSocketNotifications::DeviceDisconnected(N);
 			}
 		}
 	}
@@ -309,13 +292,13 @@ namespace OpenWifi {
 			bool Sent;
 
 			StorageService()->AddCommand(SerialNumber_, Cmd, Storage::CommandExecutionType::COMMAND_EXECUTED);
-			CommandManager()->PostCommand(CommandManager()->NextRPCId(),SerialNumber_, Cmd.Command, Params, Cmd.UUID, Sent);
+			CommandManager()->PostCommand(CommandManager()->Next_RPC_ID(), APCommands::to_apcommand(Cmd.Command.c_str()),SerialNumber_, Cmd.Command, Params, Cmd.UUID, Sent);
 
-			WebNotificationSingleDeviceConfigurationChange_t	Notification;
+			GWWebSocketNotifications::SingleDeviceConfigurationChange_t	Notification;
 			Notification.content.serialNumber = D.SerialNumber;
 			Notification.content.oldUUID = UUID;
 			Notification.content.newUUID = UpgradedUUID;
-			WebSocketClientNotificationDeviceConfigurationChange(Notification);
+			GWWebSocketNotifications::DeviceConfigurationChange(Notification);
 
 			return true;
 		}
@@ -324,7 +307,7 @@ namespace OpenWifi {
 
 	void AP_WS_Connection::ProcessJSONRPCResult(Poco::JSON::Object::Ptr Doc) {
 		poco_debug(Logger_,fmt::format("RECEIVED-RPC({}): {}.", CId_, Doc->get(uCentralProtocol::ID).toString()));
-		CommandManager()->PostCommandResult(SerialNumber_, *Doc);
+		CommandManager()->PostCommandResult(SerialNumber_, Doc);
 	}
 
 	void AP_WS_Connection::ProcessJSONRPCEvent(Poco::JSON::Object::Ptr &Doc) {
@@ -607,7 +590,6 @@ namespace OpenWifi {
 					WS_->sendFrame("", 0,
 								   (int)Poco::Net::WebSocket::FRAME_OP_PONG |
 									   (int)Poco::Net::WebSocket::FRAME_FLAG_FIN);
-					State_.MessageCount++;
 
 					if (KafkaManager()->Enabled()) {
 						Poco::JSON::Object PingObject;

src/AP_WS_Connection.h

@@ -16,7 +16,6 @@
 
 #include "RESTObjects/RESTAPI_GWobjects.h"
 
-
 namespace OpenWifi {
 
 	class AP_WS_Connection {
@@ -44,7 +43,7 @@ namespace OpenWifi {
 		void OnSocketReadable(const Poco::AutoPtr<Poco::Net::ReadableNotification>& pNf);
 		void OnSocketShutdown(const Poco::AutoPtr<Poco::Net::ShutdownNotification>& pNf);
 		void OnSocketError(const Poco::AutoPtr<Poco::Net::ErrorNotification>& pNf);
-		bool LookForUpgrade(const uint64_t UUID, uint64_t & UpgradedUUID);
+		bool LookForUpgrade(uint64_t UUID, uint64_t & UpgradedUUID);
 		static bool ExtractBase64CompressedData(const std::string & CompressedData, std::string & UnCompressedData, uint64_t compress_sz);
 		void LogException(const Poco::Exception &E);
 		inline Poco::Logger & Logger() { return Logger_; }
@@ -53,6 +52,36 @@ namespace OpenWifi {
 		bool StopWebSocketTelemetry(uint64_t RPCID);
 		bool StopKafkaTelemetry(uint64_t RPCID);
 
+		inline void GetLastStats(std::string &LastStats) const {
+			std::shared_lock	G(ConnectionMutex_);
+			LastStats = RawLastStats_;
+		}
+
+		inline void SetLastStats(const std::string &LastStats) {
+			std::unique_lock	G(ConnectionMutex_);
+			RawLastStats_ = LastStats;
+		}
+
+		inline void SetLastHealthCheck(const GWObjects::HealthCheck &H) {
+			std::unique_lock	G(ConnectionMutex_);
+			RawLastHealthcheck_ = H;
+		}
+
+		inline void GetLastHealthCheck(GWObjects::HealthCheck &H) {
+			std::shared_lock	G(ConnectionMutex_);
+			H = RawLastHealthcheck_;
+		}
+
+		inline void GetState(GWObjects::ConnectionState &State) const {
+			std::shared_lock	G(ConnectionMutex_);
+			State = State_;
+		}
+
+		inline void GetRestrictions(GWObjects::DeviceRestrictions & R) const {
+			std::shared_lock	G(ConnectionMutex_);
+			R = Restrictions_;
+		}
+
 		void Process_connect(Poco::JSON::Object::Ptr ParamsObj, const std::string &Serial);
 		void Process_state(Poco::JSON::Object::Ptr ParamsObj);
 		void Process_healthcheck(Poco::JSON::Object::Ptr ParamsObj);
@@ -83,11 +112,15 @@ namespace OpenWifi {
 			return true;
 		}
 
-		friend class DeviceRegistry;
 		friend class AP_WS_Server;
 
+        inline GWObjects::DeviceRestrictions Restrictions() const {
+			std::shared_lock	G(ConnectionMutex_);
+			return Restrictions_;
+		}
+
 	  private:
-		// std::recursive_mutex 				LocalMutex_;
+		mutable std::shared_mutex	 		ConnectionMutex_;
 		std::shared_mutex					TelemetryMutex_;
 		Poco::Logger                    	&Logger_;
 		Poco::Net::SocketReactor			&Reactor_;
@@ -101,22 +134,22 @@ namespace OpenWifi {
 		uint64_t 							Errors_=0;
 		Poco::Net::IPAddress				PeerAddress_;
 		volatile bool 						TelemetryReporting_ = false;
-		volatile uint64_t				TelemetryWebSocketRefCount_ = 0;
-		volatile uint64_t				TelemetryKafkaRefCount_ = 0;
-		volatile uint64_t 				TelemetryWebSocketTimer_ = 0;
-		volatile uint64_t 				TelemetryKafkaTimer_ = 0 ;
-		volatile uint64_t 				TelemetryInterval_ = 0;
-		volatile uint64_t				TelemetryWebSocketPackets_=0;
-		volatile uint64_t				TelemetryKafkaPackets_=0;
+		volatile uint64_t				    TelemetryWebSocketRefCount_ = 0;
+		volatile uint64_t				    TelemetryKafkaRefCount_ = 0;
+		volatile uint64_t 				    TelemetryWebSocketTimer_ = 0;
+		volatile uint64_t 				    TelemetryKafkaTimer_ = 0 ;
+		volatile uint64_t 				    TelemetryInterval_ = 0;
+		volatile uint64_t				    TelemetryWebSocketPackets_=0;
+		volatile uint64_t				    TelemetryKafkaPackets_=0;
 		GWObjects::ConnectionState			State_;
-		std::string        					LastStats_;
-		GWObjects::HealthCheck				LastHealthcheck_;
+		std::string        					RawLastStats_;
+		GWObjects::HealthCheck				RawLastHealthcheck_;
 		std::chrono::time_point<std::chrono::high_resolution_clock> ConnectionStart_ = std::chrono::high_resolution_clock::now();
 		std::chrono::duration<double, std::milli> ConnectionCompletionTime_{0.0};
-		bool 								Threaded_=false;
 		std::atomic_flag 					Dead_=false;
 		std::atomic_bool 					DeviceValidated_=false;
 		std::atomic_bool 					Valid_=false;
+        OpenWifi::GWObjects::DeviceRestrictions       Restrictions_;
 
 		static inline std::atomic_uint64_t 	ConcurrentStartingDevices_=0;
 

src/AP_WS_Process_connect.cpp

@@ -24,10 +24,7 @@ namespace OpenWifi {
 			ParamsObj->has(uCentralProtocol::CAPABILITIES)) {
 			uint64_t UUID = ParamsObj->get(uCentralProtocol::UUID);
 			auto Firmware = ParamsObj->get(uCentralProtocol::FIRMWARE).toString();
-			auto CapabilitiesString = ParamsObj->get(uCentralProtocol::CAPABILITIES).toString();
-
-			Config::Capabilities Caps(CapabilitiesString);
-			Compatible_ = Caps.Compatible();
+			auto Capabilities = ParamsObj->getObject(uCentralProtocol::CAPABILITIES);
 
 			SerialNumber_ = Serial;
 			SerialNumberInt_ = Utils::SerialNumberToInt(SerialNumber_);
@@ -35,6 +32,12 @@ namespace OpenWifi {
 			CommandManager()->ClearQueue(SerialNumberInt_);
 
 			AP_WS_Server()->SetSessionDetails(State_.sessionId,SerialNumberInt_);
+
+			std::lock_guard	    	Lock(ConnectionMutex_);
+			Config::Capabilities    Caps(Capabilities);
+
+			Compatible_ = Caps.Compatible();
+
 			State_.UUID = UUID;
 			State_.Firmware = Firmware;
 			State_.PendingUUID = 0;
@@ -46,45 +49,61 @@ namespace OpenWifi {
 				IP = IP.substr(7);
 			}
 
+			bool RestrictedDevice = false;
+			if(Capabilities->has("restrictions")){
+                RestrictedDevice = true;
+				Poco::JSON::Object::Ptr RestrictionObject = Capabilities->getObject("restrictions");
+				Restrictions_.from_json(RestrictionObject);
+			}
+
 			State_.locale = FindCountryFromIP()->Get(IP);
 			GWObjects::Device	DeviceInfo;
 			auto DeviceExists = StorageService()->GetDevice(SerialNumber_,DeviceInfo);
 			if (Daemon()->AutoProvisioning() && !DeviceExists) {
-				StorageService()->CreateDefaultDevice(SerialNumber_, CapabilitiesString, Firmware,
-													  Compatible_, PeerAddress_);
+				StorageService()->CreateDefaultDevice(SerialNumber_, Caps, Firmware, PeerAddress_);
 			} else if (DeviceExists) {
-				StorageService()->UpdateDeviceCapabilities(SerialNumber_, CapabilitiesString,
-														   Compatible_);
-				bool Updated = false;
+				StorageService()->UpdateDeviceCapabilities(SerialNumber_, Caps );
+				int Updated{0};
 				if(!Firmware.empty()) {
 					if(Firmware!=DeviceInfo.Firmware) {
 						DeviceInfo.Firmware = Firmware;
 						DeviceInfo.LastFWUpdate = Utils::Now();
-						Updated = true;
+						++Updated;
 
-						WebNotificationSingleDeviceFirmwareChange_t	Notification;
+						GWWebSocketNotifications::SingleDeviceFirmwareChange_t	Notification;
 						Notification.content.serialNumber = SerialNumber_;
 						Notification.content.newFirmware = Firmware;
-						WebSocketClientNotificationDeviceFirmwareUpdated(Notification);
+						GWWebSocketNotifications::DeviceFirmwareUpdated(Notification);
 					} else if(DeviceInfo.LastFWUpdate==0) {
 						DeviceInfo.LastFWUpdate = Utils::Now();
-						Updated = true;
+						++Updated;
 					}
 				}
 
 				if(DeviceInfo.locale != State_.locale) {
 					DeviceInfo.locale = State_.locale;
-					Updated = true;
+                    ++Updated;
 				}
 
 				if(Compatible_ != DeviceInfo.DeviceType) {
 					DeviceInfo.DeviceType = Compatible_;
-					Updated = true;
+                    ++Updated;
+				}
+
+				if(RestrictedDevice != DeviceInfo.restrictedDevice) {
+					DeviceInfo.restrictedDevice = RestrictedDevice;
+                    ++Updated;
+				}
+
+				if(Restrictions_ != DeviceInfo.restrictionDetails) {
+					DeviceInfo.restrictionDetails = Restrictions_;
+					++Updated;
 				}
 
 				if(Updated) {
 					StorageService()->UpdateDevice(DeviceInfo);
 				}
+
 				uint64_t UpgradedUUID=0;
 				LookForUpgrade(UUID,UpgradedUUID);
 				State_.UUID = UpgradedUUID;
@@ -96,7 +115,7 @@ namespace OpenWifi {
 			State_.connectionCompletionTime = ConnectionCompletionTime_.count();
 
 			if(State_.VerifiedCertificate == GWObjects::VALID_CERTIFICATE) {
-				if ((	Utils::SerialNumberMatch(CN_, SerialNumber_, AP_WS_Server()->MismatchDepth())) ||
+				if ((	Utils::SerialNumberMatch(CN_, SerialNumber_, (int)AP_WS_Server()->MismatchDepth())) ||
 						AP_WS_Server()->IsSimSerialNumber(CN_)) {
 					State_.VerifiedCertificate = GWObjects::VERIFIED;
 					poco_information(Logger_, fmt::format("CONNECT({}): Fully validated and authenticated device. Session={} ConnectionCompletion Time={}",
@@ -112,17 +131,16 @@ namespace OpenWifi {
 												 State_.connectionCompletionTime));
 					} else {
 						poco_information(
-							Logger_, fmt::format("CONNECT({}): Serial number mismatch disallowed. Device rejected. CN={} Serial={} Session={} ConnectionCompletion Time={}",
-												 CId_, CN_, SerialNumber_, State_.sessionId,
-												 State_.connectionCompletionTime));
+							Logger_, fmt::format("CONNECT({}): Serial number mismatch disallowed. Device rejected. CN={} Serial={} Session={}",
+												 CId_, CN_, SerialNumber_, State_.sessionId));
 						return EndConnection();
 					}
 				}
 			}
 
-			WebNotificationSingleDevice_t	Notification;
+			GWWebSocketNotifications::SingleDevice_t	Notification;
 			Notification.content.serialNumber = SerialNumber_;
-			WebSocketClientNotificationDeviceConnected(Notification);
+			GWWebSocketNotifications::DeviceConnected(Notification);
 
 			// std::cout << "Serial: " << SerialNumber_ << "Session: " << State_.sessionId << std::endl;
 

src/AP_WS_Process_healthcheck.cpp

@@ -11,65 +11,64 @@
 
 namespace OpenWifi {
 
-void AP_WS_Connection::Process_healthcheck(Poco::JSON::Object::Ptr ParamsObj) {
-	if (!State_.Connected) {
-		poco_warning(Logger_, fmt::format(
-								   "INVALID-PROTOCOL({}): Device '{}' is not following protocol", CId_, CN_));
-		Errors_++;
-		return;
-	}
-	if (ParamsObj->has(uCentralProtocol::UUID) && ParamsObj->has(uCentralProtocol::SANITY) &&
-		ParamsObj->has(uCentralProtocol::DATA)) {
-		uint64_t UUID = ParamsObj->get(uCentralProtocol::UUID);
-		auto Sanity = ParamsObj->get(uCentralProtocol::SANITY);
-		auto CheckData = ParamsObj->get(uCentralProtocol::DATA).toString();
-		if (CheckData.empty())
-			CheckData = uCentralProtocol::EMPTY_JSON_DOC;
+	void AP_WS_Connection::Process_healthcheck(Poco::JSON::Object::Ptr ParamsObj) {
+		if (!State_.Connected) {
+			poco_warning(Logger_, fmt::format(
+									   "INVALID-PROTOCOL({}): Device '{}' is not following protocol", CId_, CN_));
+			Errors_++;
+			return;
+		}
+		if (ParamsObj->has(uCentralProtocol::UUID) && ParamsObj->has(uCentralProtocol::SANITY) &&
+			ParamsObj->has(uCentralProtocol::DATA)) {
+			uint64_t UUID = ParamsObj->get(uCentralProtocol::UUID);
+			auto Sanity = ParamsObj->get(uCentralProtocol::SANITY);
+			auto CheckData = ParamsObj->get(uCentralProtocol::DATA).toString();
+			if (CheckData.empty())
+				CheckData = uCentralProtocol::EMPTY_JSON_DOC;
 
-		std::string request_uuid;
-		if (ParamsObj->has(uCentralProtocol::REQUEST_UUID))
-			request_uuid = ParamsObj->get(uCentralProtocol::REQUEST_UUID).toString();
+			std::string request_uuid;
+			if (ParamsObj->has(uCentralProtocol::REQUEST_UUID))
+				request_uuid = ParamsObj->get(uCentralProtocol::REQUEST_UUID).toString();
 
-		if (request_uuid.empty()) {
-			poco_trace(Logger_,
-					   fmt::format("HEALTHCHECK({}): UUID={} Updating.", CId_, UUID));
+			if (request_uuid.empty()) {
+				poco_trace(Logger_,
+						   fmt::format("HEALTHCHECK({}): UUID={} Updating.", CId_, UUID));
+			} else {
+				poco_trace(Logger_,
+						   fmt::format("HEALTHCHECK({}): UUID={} Updating for CMD={}.", CId_,
+									   UUID, request_uuid));
+			}
+
+			uint64_t UpgradedUUID;
+			LookForUpgrade(UUID,UpgradedUUID);
+			State_.UUID = UpgradedUUID;
+
+			GWObjects::HealthCheck Check;
+
+			Check.SerialNumber = SerialNumber_;
+			Check.Recorded = Utils::Now();
+			Check.UUID = UUID;
+			Check.Data = CheckData;
+			Check.Sanity = Sanity;
+
+			StorageService()->AddHealthCheckData(Check);
+
+			if (!request_uuid.empty()) {
+				StorageService()->SetCommandResult(request_uuid, CheckData);
+			}
+
+			SetLastHealthCheck(Check);
+			if (KafkaManager()->Enabled()) {
+				Poco::JSON::Stringifier Stringify;
+				std::ostringstream OS;
+				ParamsObj->set("timestamp", Utils::Now());
+				Stringify.condense(ParamsObj, OS);
+				KafkaManager()->PostMessage(KafkaTopics::HEALTHCHECK, SerialNumber_, OS.str());
+			}
 		} else {
-			poco_trace(Logger_,
-					   fmt::format("HEALTHCHECK({}): UUID={} Updating for CMD={}.", CId_,
-								   UUID, request_uuid));
+			poco_warning(Logger_, fmt::format("HEALTHCHECK({}): Missing parameter", CId_));
+			return;
 		}
-
-		uint64_t UpgradedUUID;
-		LookForUpgrade(UUID,UpgradedUUID);
-		State_.UUID = UpgradedUUID;
-
-		GWObjects::HealthCheck Check;
-
-		Check.SerialNumber = SerialNumber_;
-		Check.Recorded = Utils::Now();
-		Check.UUID = UUID;
-		Check.Data = CheckData;
-		Check.Sanity = Sanity;
-
-		StorageService()->AddHealthCheckData(Check);
-
-		if (!request_uuid.empty()) {
-			StorageService()->SetCommandResult(request_uuid, CheckData);
-		}
-
-		LastHealthcheck_ = Check;
-		if (KafkaManager()->Enabled()) {
-			Poco::JSON::Stringifier Stringify;
-			std::ostringstream OS;
-			ParamsObj->set("timestamp", Utils::Now());
-			Stringify.condense(ParamsObj, OS);
-			KafkaManager()->PostMessage(KafkaTopics::HEALTHCHECK, SerialNumber_, OS.str());
-		}
-	} else {
-		poco_warning(Logger_, fmt::format("HEALTHCHECK({}): Missing parameter", CId_));
-		return;
 	}
-}
-
 
 }

src/AP_WS_Process_recovery.cpp

@@ -9,6 +9,7 @@
 #include "framework/ow_constants.h"
 #include "framework/MicroServiceFuncs.h"
 #include "fmt/format.h"
+#include "framework/ow_constants.h"
 
 namespace OpenWifi {
 	void AP_WS_Connection::Process_recovery(Poco::JSON::Object::Ptr ParamsObj) {
@@ -51,7 +52,7 @@ namespace OpenWifi {
 				Poco::JSON::Stringifier::stringify(Params, O);
 				Cmd.Details = O.str();
 				bool Sent;
-				CommandManager()->PostCommand(CommandManager()->NextRPCId(),SerialNumber_, Cmd.Command, Params, Cmd.UUID, Sent);
+				CommandManager()->PostCommand(CommandManager()->Next_RPC_ID(), APCommands::Commands::reboot, SerialNumber_, Cmd.Command, Params, Cmd.UUID, Sent);
 				StorageService()->AddCommand(SerialNumber_, Cmd, Storage::CommandExecutionType::COMMAND_EXECUTED);
 				poco_information(Logger_, fmt::format("RECOVERY({}): Recovery mode received, need for a reboot.", CId_));
 			} else {

src/AP_WS_Process_state.cpp

@@ -41,7 +41,7 @@ namespace OpenWifi {
 			uint64_t UpgradedUUID;
 			LookForUpgrade(UUID,UpgradedUUID);
 			State_.UUID = UpgradedUUID;
-			LastStats_ = StateStr;
+			SetLastStats(StateStr);
 
 			GWObjects::Statistics Stats{
 				.SerialNumber = SerialNumber_, .UUID = UUID, .Data = StateStr};
@@ -52,7 +52,9 @@ namespace OpenWifi {
 			}
 
 			StateUtils::ComputeAssociations(StateObj, 	State_.Associations_2G,
-														State_.Associations_5G);
+														State_.Associations_5G,
+														State_.Associations_6G
+											);
 
 			if (KafkaManager()->Enabled()) {
 				Poco::JSON::Stringifier Stringify;
@@ -61,9 +63,9 @@ namespace OpenWifi {
 				KafkaManager()->PostMessage(KafkaTopics::STATE, SerialNumber_, OS.str());
 			}
 
-			WebNotificationSingleDevice_t	N;
+			GWWebSocketNotifications::SingleDevice_t	N;
 			N.content.serialNumber = SerialNumber_;
-			WebSocketClientNotificationDeviceStatistics(N);
+			GWWebSocketNotifications::DeviceStatistics(N);
 
 		} else {
 			poco_warning(Logger_, fmt::format("STATE({}): Invalid request. Missing serial, uuid, or state", CId_));

src/AP_WS_Process_telemetry.cpp

@@ -33,7 +33,7 @@ namespace OpenWifi {
 						State_.websocketPackets = TelemetryWebSocketPackets_;
 						TelemetryStream()->NotifyEndPoint(SerialNumberInt_, SS.str());
 					} else {
-						StopWebSocketTelemetry(CommandManager()->NextRPCId());
+						StopWebSocketTelemetry(CommandManager()->Next_RPC_ID());
 					}
 				}
 				if (TelemetryKafkaRefCount_) {
@@ -44,7 +44,7 @@ namespace OpenWifi {
 						KafkaManager()->PostMessage(KafkaTopics::DEVICE_TELEMETRY, SerialNumber_,
 													SS.str());
 					} else {
-						StopKafkaTelemetry(CommandManager()->NextRPCId());
+						StopKafkaTelemetry(CommandManager()->Next_RPC_ID());
 					}
 				}
 			} else {
@@ -53,7 +53,7 @@ namespace OpenWifi {
 		} else {
 			// if we are ignoring telemetry, then close it down on the device.
 			poco_debug(Logger_,fmt::format("TELEMETRY({}): Stopping runaway telemetry.",SerialNumber_));
-			StopTelemetry(CommandManager()->NextRPCId());
+			StopTelemetry(CommandManager()->Next_RPC_ID());
 		}
 	}
 }

src/AP_WS_Server.cpp

@@ -159,9 +159,8 @@ namespace OpenWifi {
 	}
 
 	void AP_WS_Server::onGarbageCollecting([[maybe_unused]] Poco::Timer &timer) {
-		std::lock_guard			Lock(LocalMutex_);
-		if(Garbage_.size()>0) {
-			std::cout << "Removing " << Garbage_.size() << " old connections." << std::endl;
+		std::lock_guard			Lock(WSServerMutex_);
+		if(!Garbage_.empty()) {
 			Garbage_.clear();
 		}
 
@@ -173,20 +172,15 @@ namespace OpenWifi {
 		uint64_t	total_connected_time=0;
 
 		auto now = Utils::Now();
-		for (auto connection=SerialNumbers_.begin(); connection!=SerialNumbers_.end();) {
-
-			if(connection->second.second== nullptr) {
-				connection++;
+		for (const auto & connection:SerialNumbers_) {
+			if(connection.second.second == nullptr) {
 				continue;
 			}
-
-			if (connection->second.second->State_.Connected) {
+			if (connection.second.second->State_.Connected) {
 				NumberOfConnectedDevices_++;
-				total_connected_time += (now - connection->second.second->State_.started);
-				connection++;
+				total_connected_time += (now - connection.second.second->State_.started);
 			} else {
 				NumberOfConnectingDevices_++;
-				connection++;
 			}
 		}
 
@@ -198,11 +192,11 @@ namespace OpenWifi {
 										 NumberOfConnectedDevices_, NumberOfConnectingDevices_, AverageDeviceConnectionTime_));
 		}
 
-		WebSocketClientNotificationNumberOfConnection_t	Notification;
+		GWWebSocketNotifications::NumberOfConnection_t	Notification;
 		Notification.content.numberOfConnectingDevices = NumberOfConnectingDevices_;
 		Notification.content.numberOfDevices = NumberOfConnectedDevices_;
 		Notification.content.averageConnectedTime = AverageDeviceConnectionTime_;
-		WebSocketClientNotificationNumberOfConnections(Notification);
+		GWWebSocketNotifications::NumberOfConnections(Notification);
 	}
 
 	void AP_WS_Server::Stop() {
@@ -221,36 +215,49 @@ namespace OpenWifi {
 	}
 
 	bool AP_WS_Server::GetStatistics(uint64_t SerialNumber, std::string &Statistics) const {
-		std::lock_guard			Lock(LocalMutex_);
-		auto Device = SerialNumbers_.find(SerialNumber);
-		if(Device == SerialNumbers_.end() || Device->second.second==nullptr)
-			return false;
-		Statistics = Device->second.second->LastStats_;
+		std::shared_ptr<AP_WS_Connection>	DevicePtr;
+		{
+			std::lock_guard Lock(WSServerMutex_);
+			auto Device = SerialNumbers_.find(SerialNumber);
+			if (Device == SerialNumbers_.end() || Device->second.second == nullptr) {
+				return false;
+			}
+			DevicePtr = Device->second.second;
+		}
+		DevicePtr->GetLastStats(Statistics);
 		return true;
 	}
 
 	bool AP_WS_Server::GetState(uint64_t SerialNumber, GWObjects::ConnectionState & State) const {
-		std::lock_guard			Lock(LocalMutex_);
-		auto Device = SerialNumbers_.find(SerialNumber);
-		if(Device == SerialNumbers_.end() || Device->second.second==nullptr)
-			return false;
-		State = Device->second.second->State_;
+		std::shared_ptr<AP_WS_Connection>	DevicePtr;
+		{
+			std::lock_guard Lock(WSServerMutex_);
+			auto Device = SerialNumbers_.find(SerialNumber);
+			if (Device == SerialNumbers_.end() || Device->second.second == nullptr) {
+				return false;
+			}
+			DevicePtr = Device->second.second;
+		}
+		DevicePtr->GetState(State);
 		return true;
 	}
 
 	bool AP_WS_Server::GetHealthcheck(uint64_t SerialNumber, GWObjects::HealthCheck & CheckData) const {
-		std::lock_guard			Lock(LocalMutex_);
-
-		auto Device = SerialNumbers_.find(SerialNumber);
-		if(Device == SerialNumbers_.end() || Device->second.second==nullptr)
-			return false;
-
-		CheckData = Device->second.second->LastHealthcheck_;
+		std::shared_ptr<AP_WS_Connection>	DevicePtr;
+		{
+			std::lock_guard Lock(WSServerMutex_);
+			auto Device = SerialNumbers_.find(SerialNumber);
+			if (Device == SerialNumbers_.end() || Device->second.second == nullptr) {
+				return false;
+			}
+			DevicePtr = Device->second.second;
+		}
+		DevicePtr->GetLastHealthCheck(CheckData);
 		return true;
 	}
 
 	void AP_WS_Server::SetSessionDetails(uint64_t connection_id, uint64_t SerialNumber) {
-		std::lock_guard			Lock(LocalMutex_);
+		std::lock_guard			Lock(WSServerMutex_);
 
 		auto Conn = Sessions_.find(connection_id);
 		if(Conn == end(Sessions_))
@@ -259,19 +266,19 @@ namespace OpenWifi {
 		auto CurrentSerialNumber = SerialNumbers_.find(SerialNumber);
 		if(	(CurrentSerialNumber==SerialNumbers_.end())	||
 			(CurrentSerialNumber->second.first<connection_id)) {
-			SerialNumbers_[SerialNumber] = std::make_pair(connection_id, Conn->second.first);
+			SerialNumbers_[SerialNumber] = std::make_pair(connection_id, Conn->second);
 			return;
 		}
 	}
 
 	bool AP_WS_Server::EndSession(uint64_t session_id, uint64_t serial_number) {
-		std::unique_lock G(LocalMutex_);
+		std::lock_guard G(WSServerMutex_);
 
 		auto Session = Sessions_.find(session_id);
 		if(Session==end(Sessions_))
 			return false;
 
-		Garbage_.push_back(Session->second.first);
+		Garbage_.push_back(Session->second);
 
 		auto Device = SerialNumbers_.find(serial_number);
 		if (Device == end(SerialNumbers_)) {
@@ -289,24 +296,45 @@ namespace OpenWifi {
 		return false;
 	}
 
-	bool AP_WS_Server::Connected(uint64_t SerialNumber) const {
-		std::lock_guard			Lock(LocalMutex_);
-		auto Device = SerialNumbers_.find(SerialNumber);
-		if(Device==end(SerialNumbers_) || Device->second.second== nullptr)
-			return false;
+	bool AP_WS_Server::Connected(uint64_t SerialNumber, GWObjects::DeviceRestrictions & Restrictions) const {
+		std::shared_ptr<AP_WS_Connection>	DevicePtr;
+		{
+			std::lock_guard Lock(WSServerMutex_);
+			auto Device = SerialNumbers_.find(SerialNumber);
+			if (Device == end(SerialNumbers_) || Device->second.second == nullptr) {
+				return false;
+			}
+			DevicePtr = Device->second.second;
+		}
+		DevicePtr->GetRestrictions(Restrictions);
+		return  DevicePtr->State_.Connected;
+	}
 
-		return  Device->second.second->State_.Connected;
+	bool AP_WS_Server::Connected(uint64_t SerialNumber) const {
+		std::shared_ptr<AP_WS_Connection>	DevicePtr;
+		{
+			std::lock_guard Lock(WSServerMutex_);
+			auto Device = SerialNumbers_.find(SerialNumber);
+			if (Device == end(SerialNumbers_) || Device->second.second == nullptr) {
+				return false;
+			}
+			DevicePtr = Device->second.second;
+		}
+		return  DevicePtr->State_.Connected;
 	}
 
 	bool AP_WS_Server::SendFrame(uint64_t SerialNumber, const std::string & Payload) const {
-		std::lock_guard			Lock(LocalMutex_);
-		auto Device = SerialNumbers_.find(SerialNumber);
-		if(Device==SerialNumbers_.end() || Device->second.second== nullptr)
-			return false;
-
+		std::shared_ptr<AP_WS_Connection>	DevicePtr;
+		{
+			std::lock_guard Lock(WSServerMutex_);
+			auto Device = SerialNumbers_.find(SerialNumber);
+			if (Device == SerialNumbers_.end() || Device->second.second == nullptr) {
+				return false;
+			}
+			DevicePtr = Device->second.second;
+		}
 		try {
-			// std::cout << "Device connection pointer: " << (uint64_t) Device->second.second << std::endl;
-			return Device->second.second->Send(Payload);
+			return DevicePtr->Send(Payload);
 		} catch (...) {
 			poco_debug(Logger(),fmt::format(": SendFrame: Could not send data to device '{}'", Utils::IntToSerialNumber(SerialNumber)));
 		}
@@ -314,39 +342,56 @@ namespace OpenWifi {
 	}
 
 	void AP_WS_Server::StopWebSocketTelemetry(uint64_t RPCID, uint64_t SerialNumber) {
-		std::lock_guard			Lock(LocalMutex_);
+		std::shared_ptr<AP_WS_Connection>	DevicePtr;
+		{
+			std::lock_guard Lock(WSServerMutex_);
 
-		auto Device = SerialNumbers_.find(SerialNumber);
-		if(Device==end(SerialNumbers_) || Device->second.second==nullptr)
-			return;
-		Device->second.second->StopWebSocketTelemetry(RPCID);
+			auto Device = SerialNumbers_.find(SerialNumber);
+			if (Device == end(SerialNumbers_) || Device->second.second == nullptr) {
+				return;
+			}
+			DevicePtr = Device->second.second;
+		}
+		DevicePtr->StopWebSocketTelemetry(RPCID);
 	}
 
 	void AP_WS_Server::SetWebSocketTelemetryReporting(uint64_t RPCID, uint64_t SerialNumber, uint64_t Interval, uint64_t Lifetime) {
-		std::lock_guard			Lock(LocalMutex_);
-
-		auto Device = SerialNumbers_.find(SerialNumber);
-		if(Device==end(SerialNumbers_) || Device->second.second==nullptr)
-			return;
-		Device->second.second->SetWebSocketTelemetryReporting(RPCID, Interval, Lifetime);
+		std::shared_ptr<AP_WS_Connection>	DevicePtr;
+		{
+			std::lock_guard Lock(WSServerMutex_);
+			auto Device = SerialNumbers_.find(SerialNumber);
+			if (Device == end(SerialNumbers_) || Device->second.second == nullptr) {
+				return;
+			}
+			DevicePtr = Device->second.second;
+		}
+		DevicePtr->SetWebSocketTelemetryReporting(RPCID, Interval, Lifetime);
 	}
 
 	void AP_WS_Server::SetKafkaTelemetryReporting(uint64_t RPCID, uint64_t SerialNumber, uint64_t Interval, uint64_t Lifetime) {
-		std::lock_guard			Lock(LocalMutex_);
-
-		auto Device = SerialNumbers_.find(SerialNumber);
-		if(Device==end(SerialNumbers_) || Device->second.second== nullptr)
-			return;
-		Device->second.second->SetKafkaTelemetryReporting(RPCID, Interval, Lifetime);
+		std::shared_ptr<AP_WS_Connection>	DevicePtr;
+		{
+			std::lock_guard Lock(WSServerMutex_);
+			auto Device = SerialNumbers_.find(SerialNumber);
+			if (Device == end(SerialNumbers_) || Device->second.second == nullptr) {
+				return;
+			}
+			DevicePtr = Device->second.second;
+		}
+		DevicePtr->SetKafkaTelemetryReporting(RPCID, Interval, Lifetime);
 	}
 
 	void AP_WS_Server::StopKafkaTelemetry(uint64_t RPCID, uint64_t SerialNumber) {
-		std::lock_guard			Lock(LocalMutex_);
-
-		auto Device = SerialNumbers_.find(SerialNumber);
-		if(Device==end(SerialNumbers_) || Device->second.second== nullptr)
-			return;
-		Device->second.second->StopKafkaTelemetry(RPCID);
+		std::shared_ptr<AP_WS_Connection>	DevicePtr;
+		{
+			std::lock_guard Lock(WSServerMutex_);
+			auto Device = SerialNumbers_.find(SerialNumber);
+			if (Device == end(SerialNumbers_) || Device->second.second == nullptr) {
+				return;
+			}
+			DevicePtr = Device->second.second;
+		}
+		DevicePtr->StopKafkaTelemetry(RPCID);
 	}
 
 	void AP_WS_Server::GetTelemetryParameters(uint64_t SerialNumber , bool & TelemetryRunning,
@@ -357,29 +402,34 @@ namespace OpenWifi {
 												uint64_t & TelemetryKafkaCount,
 												uint64_t & TelemetryWebSocketPackets,
 												uint64_t & TelemetryKafkaPackets) {
-		std::lock_guard			Lock(LocalMutex_);
-
-		auto Device = SerialNumbers_.find(SerialNumber);
-		if(Device==end(SerialNumbers_)|| Device->second.second== nullptr)
-			return;
-		Device->second.second->GetTelemetryParameters(TelemetryRunning,
-													  TelemetryInterval,
-													  TelemetryWebSocketTimer,
-													  TelemetryKafkaTimer,
-													  TelemetryWebSocketCount,
-													  TelemetryKafkaCount,
-													  TelemetryWebSocketPackets,
-													  TelemetryKafkaPackets);
+		std::shared_ptr<AP_WS_Connection>	DevicePtr;
+		{
+			std::lock_guard Lock(WSServerMutex_);
+			auto Device = SerialNumbers_.find(SerialNumber);
+			if (Device == end(SerialNumbers_) || Device->second.second == nullptr) {
+				return;
+			}
+			DevicePtr = Device->second.second;
+		}
+		DevicePtr->GetTelemetryParameters(
+			TelemetryRunning, TelemetryInterval, TelemetryWebSocketTimer, TelemetryKafkaTimer,
+			TelemetryWebSocketCount, TelemetryKafkaCount, TelemetryWebSocketPackets,
+			TelemetryKafkaPackets);
 	}
 
 	bool AP_WS_Server::SendRadiusAccountingData(const std::string & SerialNumber, const unsigned char * buffer, std::size_t size) {
-		std::lock_guard			Lock(LocalMutex_);
-		auto Device = 		SerialNumbers_.find(Utils::SerialNumberToInt(SerialNumber));
-		if(Device==SerialNumbers_.end() || Device->second.second== nullptr)
-			return false;
+		std::shared_ptr<AP_WS_Connection>	DevicePtr;
+		{
+			std::lock_guard Lock(WSServerMutex_);
+			auto Device = SerialNumbers_.find(Utils::SerialNumberToInt(SerialNumber));
+			if (Device == SerialNumbers_.end() || Device->second.second == nullptr) {
+				return false;
+			}
+			DevicePtr = Device->second.second;
+		}
 
 		try {
-			return Device->second.second->SendRadiusAccountingData(buffer,size);
+			return DevicePtr->SendRadiusAccountingData(buffer,size);
 		} catch (...) {
 			poco_debug(Logger(),fmt::format(": SendRadiusAuthenticationData: Could not send data to device '{}'", SerialNumber));
 		}
@@ -387,13 +437,18 @@ namespace OpenWifi {
 	}
 
 	bool AP_WS_Server::SendRadiusAuthenticationData(const std::string & SerialNumber, const unsigned char * buffer, std::size_t size) {
-		std::lock_guard			Lock(LocalMutex_);
-		auto Device = 		SerialNumbers_.find(Utils::SerialNumberToInt(SerialNumber));
-		if(Device==SerialNumbers_.end() || Device->second.second== nullptr)
-			return false;
+		std::shared_ptr<AP_WS_Connection>	DevicePtr;
+		{
+			std::lock_guard Lock(WSServerMutex_);
+			auto Device = SerialNumbers_.find(Utils::SerialNumberToInt(SerialNumber));
+			if (Device == SerialNumbers_.end() || Device->second.second == nullptr) {
+				return false;
+			}
+			DevicePtr = Device->second.second;
+		}
 
 		try {
-			return Device->second.second->SendRadiusAuthenticationData(buffer,size);
+			return DevicePtr->SendRadiusAuthenticationData(buffer,size);
 		} catch (...) {
 			poco_debug(Logger(),fmt::format(": SendRadiusAuthenticationData: Could not send data to device '{}'", SerialNumber));
 		}
@@ -401,13 +456,18 @@ namespace OpenWifi {
 	}
 
 	bool AP_WS_Server::SendRadiusCoAData(const std::string & SerialNumber, const unsigned char * buffer, std::size_t size) {
-		std::lock_guard			Lock(LocalMutex_);
-		auto Device = 		SerialNumbers_.find(Utils::SerialNumberToInt(SerialNumber));
-		if(Device==SerialNumbers_.end() || Device->second.second== nullptr)
-			return false;
+		std::shared_ptr<AP_WS_Connection>	DevicePtr;
+		{
+			std::lock_guard Lock(WSServerMutex_);
+			auto Device = SerialNumbers_.find(Utils::SerialNumberToInt(SerialNumber));
+			if (Device == SerialNumbers_.end() || Device->second.second == nullptr) {
+				return false;
+			}
+			DevicePtr = Device->second.second;
+		}
 
 		try {
-			return Device->second.second->SendRadiusCoAData(buffer,size);
+			return DevicePtr->SendRadiusCoAData(buffer,size);
 		} catch (...) {
 			poco_debug(Logger(),fmt::format(": SendRadiusCoAData: Could not send data to device '{}'", SerialNumber));
 		}

src/AP_WS_Server.h

@@ -106,16 +106,16 @@ namespace OpenWifi {
 		[[nodiscard]] inline bool Running() const { return Running_; }
 
 		inline void AddConnection(uint64_t session_id, std::shared_ptr<AP_WS_Connection> Connection ) {
-			std::lock_guard			Lock(LocalMutex_);
-			Sessions_[session_id] = std::make_pair(std::move(Connection),false);
+			std::lock_guard			Lock(WSServerMutex_);
+			Sessions_[session_id] = std::move(Connection);
 		}
 
 		inline std::shared_ptr<AP_WS_Connection> FindConnection(uint64_t session_id) const {
-			std::lock_guard			Lock(LocalMutex_);
+			std::lock_guard			Lock(WSServerMutex_);
 
 			auto Connection = Sessions_.find(session_id);
 			if(Connection!=end(Sessions_))
-				return Connection->second.first;
+				return Connection->second;
 			return nullptr;
 		}
 
@@ -134,6 +134,7 @@ namespace OpenWifi {
 		}
 		bool GetHealthcheck(uint64_t SerialNumber, GWObjects::HealthCheck & CheckData) const ;
 
+		bool Connected(uint64_t SerialNumber, GWObjects::DeviceRestrictions & Restrictions) const ;
 		bool Connected(uint64_t SerialNumber) const ;
 
 		inline bool SendFrame(const std::string & SerialNumber, const std::string & Payload) const {
@@ -171,7 +172,7 @@ namespace OpenWifi {
 		}
 
 	private:
-		mutable std::recursive_mutex								LocalMutex_;
+		mutable std::recursive_mutex								WSServerMutex_;
 		std::unique_ptr<Poco::Crypto::X509Certificate>				IssuerCert_;
 		std::list<std::unique_ptr<Poco::Net::HTTPServer>>			WebServers_;
 		Poco::Net::SocketReactor									Reactor_;
@@ -183,7 +184,8 @@ namespace OpenWifi {
 		bool 														SimulatorEnabled_=false;
 		std::unique_ptr<AP_WS_ReactorThreadPool>					Reactor_pool_;
 		std::atomic_bool 											Running_=false;
-		std::map<uint64_t,	std::pair<std::shared_ptr<AP_WS_Connection>,bool>>	Sessions_;
+		// std::map<uint64_t,	std::pair<std::shared_ptr<AP_WS_Connection>,bool>>	Sessions_;
+		std::map<std::uint64_t, std::shared_ptr<AP_WS_Connection>>	Sessions_;
 		std::map<uint64_t, std::pair<uint64_t,std::shared_ptr<AP_WS_Connection>>>	SerialNumbers_;
 		std::atomic_bool 											AllowSerialNumberMismatch_=true;
 		std::atomic_uint64_t 										MismatchDepth_=2;

src/CapabilitiesCache.h

@@ -12,6 +12,7 @@
 #include "framework/MicroServiceFuncs.h"
 
 #include "nlohmann/json.hpp"
+#include "CentralConfig.h"
 
 namespace OpenWifi {
 	const std::string PlatformCacheFileName{"/plat_cache.json"};
@@ -27,17 +28,17 @@ namespace OpenWifi {
 			return instance;
 		}
 
-		inline void Add(const std::string & DeviceType, const std::string & Platform, const std::string & FullCapabilities) {
-			if(DeviceType.empty() || Platform.empty())
+		inline void Add(const Config::Capabilities &Caps) {
+			if(Caps.Compatible().empty() || Caps.Platform().empty())
 				return;
 
 			std::lock_guard	G(Mutex_);
 			if(!PlatformsLoaded_)
 				LoadPlatforms();
-			auto P = Poco::toUpper(Platform);
-			auto Hint = Platforms_.find(DeviceType);
+			auto P = Poco::toUpper(Caps.Platform());
+			auto Hint = Platforms_.find(Caps.Compatible());
 			if(Hint==Platforms_.end()) {
-				Platforms_.insert(std::make_pair(DeviceType,P));
+				Platforms_.insert(std::make_pair(Caps.Compatible(),P));
 				SavePlatforms();
 			} else if(Hint->second != P) {
 				Hint->second = P;
@@ -47,12 +48,14 @@ namespace OpenWifi {
 			if(!CapabilitiesLoaded_)
 				LoadCapabilities();
 
-			auto CapHint = Capabilities_.find(DeviceType);
+			auto CapHint = Capabilities_.find(Caps.Compatible());
 			if(CapHint==Capabilities_.end()) {
-				Capabilities_[DeviceType] = nlohmann::json::parse(FullCapabilities);
+                auto C = nlohmann::json::parse(Caps.AsString());
+                C.erase("restrictions");
+				Capabilities_[Caps.Compatible()] = nlohmann::json::parse(Caps.AsString());
 				SaveCapabilities();
 			} else {
-				CapHint->second = nlohmann::json::parse(FullCapabilities);
+				CapHint->second = nlohmann::json::parse(Caps.AsString());
 				SaveCapabilities();
 			}
 		}
@@ -150,4 +153,7 @@ namespace OpenWifi {
 			}
 		}
 	};
+
+    inline auto CapabilitiesCache() { return CapabilitiesCache::instance(); };
+
 }

src/CentralConfig.cpp

@@ -67,11 +67,11 @@ R"lit(
       "ipv4": {
         "addressing": "static",
         "dhcp": {
-          "lease-count": 10000,
+          "lease-count": 100,
           "lease-first": 10,
           "lease-time": "6h"
         },
-        "subnet": "192.168.1.1/16"
+        "subnet": "192.168.1.1/24"
       },
       "name": "LAN",
       "role": "downstream",
@@ -228,7 +228,7 @@ R"lit(
 		return DefaultConfiguration_;
 	}
 
-    std::string Capabilities::Default() {
+/*    std::string Capabilities::Default() {
         return std::string(R"lit({"model":{"id":"linksys,ea8300","name":"Linksys EA8300 (Dallas)"},
                         "network":{"lan":{"ifname":"eth0","protocol":"static"},"wan":{"ifname":"eth1","protocol":"dhcp"}},
                         "switch":{"switch0":{"enable":true,"reset":true,"ports":[{"num":0,"device":"eth0","need_tag":false,
@@ -242,27 +242,23 @@ R"lit(
                         "platform/soc/a800000.wifi":{"band":["5l"],"ht_capa":6639,"vht_capa":865687986,"htmode":["HT20","HT40","VHT20","VHT40","VHT80"],
                         "tx_ant":3,"rx_ant":3,"channels":[36,40,44,48,52,56,60,64]}}})lit");
     }
+*/
 
-    void Capabilities::Parse() {
-        if(Capabilities_.empty())
-            Capabilities_=Default();
-
+    Capabilities::Capabilities(const Poco::JSON::Object::Ptr &Caps) {
         try {
-            Poco::JSON::Parser parser;
 
-            auto Result = parser.parse(Capabilities_);
-            auto Objects = Result.extract<Poco::JSON::Object::Ptr>();
+            if(Caps->has("compatible"))
+				Compatible_ = Caps->get("compatible").toString();
 
-			if(Objects->has("compatible"))
-				Compatible_ = Objects->get("compatible").toString();
+			if(Caps->has("model"))
+				Model_ = Caps->get("model").toString();
 
-			if(Objects->has("model"))
-				Model_ = Objects->get("model").toString();
+			if(Caps->has("platform"))
+				Platform_ = Caps->get("platform").toString();
 
-			if(Objects->has("platform"))
-				Platform_ = Objects->get("platform").toString();
-
-            Parsed_ = true ;
+            std::ostringstream OS;
+            Caps->stringify(OS);
+            AsString_ = OS.str();
         }
         catch ( const Poco::Exception & E )
         {
@@ -270,22 +266,20 @@ R"lit(
         }
     }
 
-	const std::string & Capabilities::Compatible() {
-		if(!Parsed_)
-			Parse();
+	const std::string & Capabilities::Compatible() const {
 		return Compatible_;
 	}
 
-	const std::string & Capabilities::Model() {
-		if(!Parsed_)
-			Parse();
+	const std::string & Capabilities::Model() const {
 		return Model_;
 	}
 
-	const std::string & Capabilities::Platform() {
-		if(!Parsed_)
-			Parse();
+	const std::string & Capabilities::Platform() const {
 		return Platform_;
 	}
 
+	const std::string & Capabilities::AsString() const {
+        return AsString_;
+    }
+
 } // namespace

src/CentralConfig.h

@@ -35,29 +35,28 @@ namespace OpenWifi::Config {
 
     class Capabilities {
     public:
-        explicit Capabilities(std::string Caps)
-        :   Capabilities_(std::move(Caps))
-        {
+        explicit Capabilities(const Poco::JSON::Object::Ptr &Caps);
 
-        }
-
-        Capabilities()
+/*        Capabilities()
         {
             Capabilities_ = Default();
         }
 
         static std::string Default();
+
         [[nodiscard]] const std::string & Get() const { return Capabilities_; };
-        [[nodiscard]] const std::string & Compatible();
-        [[nodiscard]] const std::string & Model();
-		[[nodiscard]] const std::string & Platform();
+*/
+
+        [[nodiscard]] const std::string & Compatible() const;
+        [[nodiscard]] const std::string & Model() const;
+		[[nodiscard]] const std::string & Platform() const;
+		[[nodiscard]] const std::string & AsString() const;
 
     private:
-        std::string Capabilities_;
-        bool        Parsed_=false;
         std::string Compatible_;
         std::string Model_;
 		std::string Platform_;
+        std::string AsString_;
 
 		void Parse();
     };

src/CommandManager.cpp

@@ -31,39 +31,87 @@ namespace OpenWifi {
 
 			try {
 				if (Resp != nullptr) {
-					const Poco::JSON::Object &Payload = Resp->Payload_;
-					const std::string &SerialNumber = Resp->SerialNumber_;
+					Poco::JSON::Object::Ptr Payload = Resp->Payload_;
+					std::string SerialNumberStr = Utils::IntToSerialNumber(Resp->SerialNumber_);
 
-					std::ostringstream SS;
-					Payload.stringify(SS);
+					bool NoReply = false;
 
-					if (!Payload.has(uCentralProtocol::ID)) {
-						poco_error(Logger(), fmt::format("({}): Invalid RPC response.", SerialNumber));
+					if (!Payload->has(uCentralProtocol::ID)) {
+						poco_error(Logger(), fmt::format("({}): Invalid RPC response.", SerialNumberStr));
 					} else {
-						uint64_t ID = Payload.get(uCentralProtocol::ID);
-						poco_debug(Logger(),fmt::format("({}): Processing {} response.", SerialNumber, ID));
+						uint64_t ID = Payload->get(uCentralProtocol::ID);
+						std::shared_ptr<promise_type_t> TmpRpcEntry;
+						poco_debug(Logger(),fmt::format("({}): Processing {} response.", SerialNumberStr, ID));
 						if (ID > 1) {
 							std::lock_guard	Lock(LocalMutex_);
 							auto RPC = OutStandingRequests_.find(ID);
 							if (RPC == OutStandingRequests_.end() ||
-								RPC->second.SerialNumber !=
-									Utils::SerialNumberToInt(Resp->SerialNumber_)) {
+								RPC->second.SerialNumber != Resp->SerialNumber_) {
 								poco_debug(Logger(),
-									fmt::format("({}): RPC {} completed.", SerialNumber, ID));
+									fmt::format("({}): RPC {} completed.", SerialNumberStr, ID));
 							} else {
 								std::chrono::duration<double, std::milli> rpc_execution_time =
 									std::chrono::high_resolution_clock::now() -
 									RPC->second.submitted;
-								StorageService()->CommandCompleted(RPC->second.UUID, Payload,
-																   rpc_execution_time, true);
-								if (RPC->second.rpc_entry) {
-									RPC->second.rpc_entry->set_value(Payload);
-								}
+
 								poco_debug(Logger(),
 									fmt::format("({}): Received RPC answer {}. Command={}",
-												SerialNumber, ID, RPC->second.Command));
-								OutStandingRequests_.erase(ID);
+													   SerialNumberStr, ID, APCommands::to_string(RPC->second.Command)));
+								if(RPC->second.Command==APCommands::Commands::script) {
+									if(RPC->second.State==2) {
+										//	 look at the payload to see if we should continue or not...
+										if (RPC->second.rpc_entry) {
+											TmpRpcEntry = RPC->second.rpc_entry;
+										}
+
+										// Payload->stringify(std::cout);
+
+										if (Payload->has("result")) {
+											auto Result = Payload->getObject("result");
+											if (Result->has("status")) {
+												auto Status = Result->getObject("status");
+												// Status->stringify(std::cout);
+												std::uint64_t Error = Status->get("error");
+												if(Error==0) {
+													StorageService()->CommandCompleted(RPC->second.UUID, Payload,
+																					   rpc_execution_time, true);
+													RPC->second.State = 1 ;
+												} else {
+													StorageService()->CommandCompleted(RPC->second.UUID, Payload,
+																					   rpc_execution_time, true);
+													std::string ErrorTxt = Status->get("result");
+													StorageService()->CancelWaitFile(RPC->second.UUID, ErrorTxt);
+													RPC->second.State = 0 ;
+												}
+											}
+										} else {
+//											std::cout << "Bad payload on command result" << std::endl;
+											RPC->second.State=0;
+										}
+									} else {
+//										std::cout << "Completing script 2 phase commit." << std::endl;
+										StorageService()->CommandCompleted(RPC->second.UUID, Payload,
+																		   rpc_execution_time, true);
+										NoReply = true;
+										RPC->second.State=0;
+									}
+								} else {
+									if(RPC->second.Command!=APCommands::Commands::telemetry) {
+										StorageService()->CommandCompleted(
+											RPC->second.UUID, Payload, rpc_execution_time, true);
+									}
+									if (RPC->second.rpc_entry) {
+										TmpRpcEntry = RPC->second.rpc_entry;
+									}
+									RPC->second.State = 0 ;
+								}
+
+								if(RPC->second.State==0) {
+									OutStandingRequests_.erase(ID);
+								}
 							}
+							if(!NoReply && TmpRpcEntry != nullptr)
+								TmpRpcEntry->set_value(Payload);
 						}
 					}
 				}
@@ -121,7 +169,7 @@ namespace OpenWifi {
 			if(delta > 10min) {
 				MyLogger.debug(fmt::format("{}: Command={} for {} Timed out.",
 										   request->second.UUID,
-										   request->second.Command,
+										   APCommands::to_string(request->second.Command),
 										   Utils::IntToSerialNumber(request->second.SerialNumber)));
 				request = OutStandingRequests_.erase(request);
 			} else {
@@ -190,14 +238,15 @@ namespace OpenWifi {
 							continue;
 						}
 
-						std::string ExecutingCommand, ExecutingUUID;
+						std::string 			ExecutingUUID;
+						APCommands::Commands	ExecutingCommand=APCommands::Commands::unknown;
 						if (CommandRunningForDevice(Utils::SerialNumberToInt(Cmd.SerialNumber),
 													ExecutingUUID, ExecutingCommand)) {
 							poco_trace(
 								MyLogger,
 								fmt::format(
 									"{}: Serial={} Command={} Device is already busy with command {} (Command={})."
-									, Cmd.UUID, Cmd.SerialNumber, Cmd.Command,ExecutingUUID, ExecutingCommand));
+									, Cmd.UUID, Cmd.SerialNumber, Cmd.Command, ExecutingUUID, APCommands::to_string(ExecutingCommand)));
 							continue;
 						}
 
@@ -206,7 +255,7 @@ namespace OpenWifi {
 						poco_information(MyLogger, fmt::format("{}: Serial={} Command={} Preparing execution.",
 														 Cmd.UUID, Cmd.SerialNumber, Cmd.Command));
 						auto Params = P.parse(Cmd.Details).extract<Poco::JSON::Object::Ptr>();
-						auto Result = PostCommandDisk(NextRPCId(), Cmd.SerialNumber, Cmd.Command,
+						auto Result = PostCommandDisk(Next_RPC_ID(), APCommands::to_apcommand(Cmd.Command.c_str()), Cmd.SerialNumber, Cmd.Command,
 													  *Params, Cmd.UUID, Sent);
 						if (Sent) {
 							StorageService()->SetCommandExecuted(Cmd.UUID);
@@ -241,9 +290,10 @@ namespace OpenWifi {
 	}
 
 	std::shared_ptr<CommandManager::promise_type_t> CommandManager::PostCommand(
-		uint64_t RPCID,
+		uint64_t RPC_ID,
+		APCommands::Commands Command,
 		const std::string &SerialNumber,
-		const std::string &Command,
+		const std::string &CommandStr,
 		const Poco::JSON::Object &Params,
 		const std::string &UUID,
 		bool oneway_rpc,
@@ -256,31 +306,33 @@ namespace OpenWifi {
 		std::stringstream 	ToSend;
 
 		CommandInfo		Idx;
-		Idx.Id = oneway_rpc ? 1 : RPCID;
+		Idx.Id = oneway_rpc ? 1 : RPC_ID;
 		Idx.SerialNumber = SerialNumberInt;
 		Idx.Command = Command;
+		if(Command == APCommands::Commands::script)
+			Idx.State=2;
 		Idx.UUID = UUID;
 
 		Poco::JSON::Object CompleteRPC;
 		CompleteRPC.set(uCentralProtocol::JSONRPC, uCentralProtocol::JSONRPC_VERSION);
-		CompleteRPC.set(uCentralProtocol::ID, RPCID);
-		CompleteRPC.set(uCentralProtocol::METHOD, Command);
+		CompleteRPC.set(uCentralProtocol::ID, RPC_ID);
+		CompleteRPC.set(uCentralProtocol::METHOD, CommandStr);
 		CompleteRPC.set(uCentralProtocol::PARAMS, Params);
 		Poco::JSON::Stringifier::stringify(CompleteRPC, ToSend);
 		Idx.rpc_entry = disk_only ? nullptr : std::make_shared<CommandManager::promise_type_t>();
 
-		poco_debug(Logger(), fmt::format("{}: Sending command. ID: {}", UUID, RPCID));
+		poco_debug(Logger(), fmt::format("{}: Sending command {} to {}. ID: {}", UUID, CommandStr, SerialNumber, RPC_ID));
 		if(AP_WS_Server()->SendFrame(SerialNumber, ToSend.str())) {
 			if(!oneway_rpc) {
 				std::lock_guard M(Mutex_);
-				OutStandingRequests_[RPCID] = Idx;
+				OutStandingRequests_[RPC_ID] = Idx;
 			}
-			poco_debug(Logger(), fmt::format("{}: Sent command. ID: {}", UUID, RPCID));
+			poco_debug(Logger(), fmt::format("{}: Sent command. ID: {}", UUID, RPC_ID));
 			Sent=true;
 			return Idx.rpc_entry;
 		}
 
-		poco_warning(Logger(), fmt::format("{}: Failed to send command. ID: {}", UUID, RPCID));
+		poco_warning(Logger(), fmt::format("{}: Failed to send command. ID: {}", UUID, RPC_ID));
 		return nullptr;
 	}
 }  // namespace

src/CommandManager.h

@@ -31,58 +31,61 @@ namespace OpenWifi {
 
 	class RPCResponseNotification: public Poco::Notification {
 	  public:
-		RPCResponseNotification(const std::string &ser,
-								const Poco::JSON::Object &pl) :
+		RPCResponseNotification(std::uint64_t ser,
+								Poco::JSON::Object::Ptr pl) :
  			SerialNumber_(ser),
-			Payload_(pl)
+			Payload_(std::move(pl))
 		{
 
 		}
-		std::string			SerialNumber_;
-		Poco::JSON::Object	Payload_;
+		std::uint64_t 				SerialNumber_;
+		Poco::JSON::Object::Ptr		Payload_;
 	};
 
 
 	class CommandManager : public SubSystemServer, Poco::Runnable {
 	    public:
-		  	typedef Poco::JSON::Object 		objtype_t;
-		  	typedef std::promise<objtype_t> promise_type_t;
+		  	using objtype_t = Poco::JSON::Object::Ptr;
+		  	using promise_type_t = std::promise<objtype_t>;
 
 			struct CommandInfo {
-				std::uint64_t 	Id=0;
-				std::uint64_t 	SerialNumber=0;
-				std::string 	Command;
-				std::string 	UUID;
+				std::uint64_t 			Id=0;
+				std::uint64_t 			SerialNumber=0;
+				APCommands::Commands 	Command;
+				std::string 			UUID;
+				std::uint64_t 			State=1;
 				std::chrono::time_point<std::chrono::high_resolution_clock> submitted = std::chrono::high_resolution_clock::now();
 				std::shared_ptr<promise_type_t> rpc_entry;
 			};
 
 			struct RPCResponse {
-				std::string 			serialNumber;
-				Poco::JSON::Object		payload;
+				std::uint64_t 				serialNumber;
+				Poco::JSON::Object::Ptr		payload;
 
-				explicit RPCResponse(const std::string &ser, const Poco::JSON::Object &pl)
+				explicit RPCResponse(std::uint64_t ser, Poco::JSON::Object::Ptr pl)
 					:
 						serialNumber(ser),
-						payload(pl) {
+						payload(std::move(pl)) {
 				}
 			};
 
 			int Start() override;
 			void Stop() override;
 			void WakeUp();
-			inline void PostCommandResult(const std::string &SerialNumber, const Poco::JSON::Object &Obj) {
-				// RPCResponseQueue_->Write(RPCResponse{.serialNumber=SerialNumber, .payload = Obj});
-				ResponseQueue_.enqueueNotification(new RPCResponseNotification(SerialNumber,Obj));
+			inline void PostCommandResult(const std::string &SerialNumber, Poco::JSON::Object::Ptr Obj) {
+				ResponseQueue_.enqueueNotification(new RPCResponseNotification(Utils::SerialNumberToInt(SerialNumber),std::move(Obj)));
 			}
 
-			std::shared_ptr<promise_type_t> PostCommandOneWayDisk(uint64_t RPCID,
+			std::shared_ptr<promise_type_t> PostCommandOneWayDisk(uint64_t RPC_ID,
+				APCommands::Commands Command,
 				const std::string &SerialNumber,
 				const std::string &Method,
 				const Poco::JSON::Object &Params,
 				const std::string &UUID,
 				bool & Sent) {
-					return 	PostCommand(RPCID, SerialNumber,
+					return 	PostCommand(RPC_ID,
+								   Command,
+								   SerialNumber,
 									Method,
 									Params,
 									UUID,
@@ -90,13 +93,15 @@ namespace OpenWifi {
 			}
 
 			std::shared_ptr<promise_type_t> PostCommandDisk(
-				uint64_t RPCID,
+				uint64_t RPC_ID,
+				APCommands::Commands Command,
 				const std::string &SerialNumber,
 				const std::string &Method,
 				const Poco::JSON::Object &Params,
 				const std::string &UUID,
 				bool & Sent) {
-					return 	PostCommand(RPCID,
+					return 	PostCommand(RPC_ID,
+								   Command,
 								   SerialNumber,
 								   Method,
 								   Params,
@@ -105,13 +110,16 @@ namespace OpenWifi {
 			}
 
 			std::shared_ptr<promise_type_t> PostCommand(
-				uint64_t RPCID,
+				uint64_t RPC_ID,
+				APCommands::Commands Command,
 				const std::string &SerialNumber,
 				const std::string &Method,
 				const Poco::JSON::Object &Params,
 				const std::string &UUID,
 				bool & Sent) {
-					return 	PostCommand(RPCID, SerialNumber,
+					return 	PostCommand(RPC_ID,
+								   Command,
+								   SerialNumber,
 								   Method,
 								   Params,
 								   UUID,
@@ -120,13 +128,15 @@ namespace OpenWifi {
 			}
 
 			std::shared_ptr<promise_type_t> PostCommandOneWay(
-				uint64_t RPCID,
+				uint64_t RPC_ID,
+				APCommands::Commands Command,
 				const std::string &SerialNumber,
 				const std::string &Method,
 				const Poco::JSON::Object &Params,
 				const std::string &UUID,
 				bool & Sent) {
-					return 	PostCommand(RPCID,
+					return 	PostCommand(RPC_ID,
+								   Command,
 								   SerialNumber,
 								   Method,
 								   Params,
@@ -147,15 +157,14 @@ namespace OpenWifi {
 			inline bool Running() const { return Running_; }
 			void onJanitorTimer(Poco::Timer & timer);
 			void onCommandRunnerTimer(Poco::Timer & timer);
-			void onRPCAnswer(bool& b);
-			inline uint64_t NextRPCId() { return ++Id_; }
+			inline uint64_t Next_RPC_ID() { return ++Id_; }
 
 			void RemovePendingCommand(std::uint64_t Id) {
 				std::unique_lock	Lock(LocalMutex_);
 				OutStandingRequests_.erase(Id);
 			}
 
-			inline bool CommandRunningForDevice(std::uint64_t SerialNumber, std::string & uuid, std::string &command) {
+			inline bool CommandRunningForDevice(std::uint64_t SerialNumber, std::string & uuid, APCommands::Commands &command) {
 				std::lock_guard	Lock(LocalMutex_);
 
 				for(const auto &[Request,Command]:OutStandingRequests_) {
@@ -192,6 +201,7 @@ namespace OpenWifi {
 
 			std::shared_ptr<promise_type_t> PostCommand(
 				uint64_t RPCID,
+				APCommands::Commands Command,
 				const std::string &SerialNumber,
 				const std::string &Method,
 				const Poco::JSON::Object &Params,

src/Daemon.cpp

@@ -27,6 +27,9 @@
 #include "framework/ConfigurationValidator.h"
 #include "rttys/RTTYS_server.h"
 #include "framework/UI_WebSocketClientServer.h"
+#include "UI_GW_WebSocketNotifications.h"
+#include "ScriptManager.h"
+#include "SignatureMgr.h"
 
 namespace OpenWifi {
 	class Daemon *Daemon::instance() {
@@ -49,6 +52,8 @@ namespace OpenWifi {
 										RTTYS_server(),
 								   		RADIUS_proxy_server(),
 								   		VenueBroadcaster(),
+								   		ScriptManager(),
+								   		SignatureManager(),
 									   	AP_WS_Server()
 							   });
         return &instance;
@@ -105,6 +110,7 @@ namespace OpenWifi {
 
 	void DaemonPostInitialization(Poco::Util::Application &self) {
 		Daemon()->PostInitialization(self);
+		GWWebSocketNotifications::Register();
 	}
 }
 

src/Dashboard.cpp

@@ -7,14 +7,45 @@
 #include "framework/utils.h"
 
 namespace OpenWifi {
-	void DeviceDashboard::Create() {
-		uint64_t Now = Utils::Now();
 
-		if(LastRun_==0 || (Now-LastRun_)>120) {
-			DB_.reset();
-			StorageService()->AnalyzeCommands(DB_.commands);
-			StorageService()->AnalyzeDevices(DB_);
-			LastRun_ = Now;
+	bool DeviceDashboard::Get(GWObjects::Dashboard &D, Poco::Logger & Logger) {
+		uint64_t Now = Utils::Now();
+		if(!ValidDashboard_ || LastRun_==0 || (Now-LastRun_)>120) {
+			Generate(D, Logger);
+		} else {
+			std::lock_guard	G(DataMutex_);
+			D = DB_;
+		}
+		return ValidDashboard_;
+	};
+
+	void DeviceDashboard::Generate(GWObjects::Dashboard &D, Poco::Logger & Logger ) {
+		if (GeneratingDashboard_.load()) {
+			// std::cout << "Trying to generate dashboard but already being generated" << std::endl;
+			while(GeneratingDashboard_.load()) {
+				Poco::Thread::trySleep(100);
+			}
+			std::lock_guard	G(DataMutex_);
+			D = DB_;
+		} else {
+			GeneratingDashboard_ = true;
+			ValidDashboard_ = false;
+			try {
+				// std::cout << "Generating dashboard." << std::endl;
+				poco_information(Logger, "DASHBOARD: Generating a new dashboard.");
+				GWObjects::Dashboard	NewData;
+				StorageService()->AnalyzeCommands(NewData.commands);
+				StorageService()->AnalyzeDevices(NewData);
+				LastRun_ = Utils::Now();
+				NewData.snapshot = LastRun_;
+				D = NewData;
+				std::lock_guard	G(DataMutex_);
+				DB_ = NewData;
+				ValidDashboard_=true;
+			} catch(...) {
+
+			}
+			GeneratingDashboard_ = false;
 		}
 	}
 }

src/Dashboard.h

@@ -4,19 +4,24 @@
 
 #pragma once
 
+#include <mutex>
+
 #include "RESTObjects//RESTAPI_GWobjects.h"
 #include "framework/OpenWifiTypes.h"
+#include "Poco/Logger.h"
 
 namespace OpenWifi {
 	class DeviceDashboard {
 	  public:
-			DeviceDashboard() { DB_.reset(); }
-			void Create();
-			[[nodiscard]] const GWObjects::Dashboard & Report() const { return DB_;}
+			bool Get(GWObjects::Dashboard &D, Poco::Logger & Logger);
 	  private:
-			GWObjects::Dashboard 	DB_;
-			uint64_t 				LastRun_=0;
-			inline void Reset() { DB_.reset(); }
+			std::mutex					DataMutex_;
+			volatile std::atomic_bool 	GeneratingDashboard_=false;
+			volatile bool 				ValidDashboard_=false;
+			GWObjects::Dashboard 		DB_;
+			uint64_t 					LastRun_=0;
+
+			void Generate(GWObjects::Dashboard &D, Poco::Logger & Logger);
 	};
 }
 

src/FileUploader.cpp

@@ -126,34 +126,32 @@ namespace OpenWifi {
     }
 
     //  if you pass in an empty UUID, it will just clean the list and not add it.
-    bool FileUploader::AddUUID( const std::string & UUID) {
+    bool FileUploader::AddUUID( const std::string & UUID, std::chrono::seconds WaitTimeInSeconds, const std::string &Type) {
 		std::lock_guard		Guard(Mutex_);
 
         uint64_t now = Utils::Now();
-
-        // remove old stuff...
-        for(auto i=OutStandingUploads_.begin();i!=OutStandingUploads_.end();) {
-            if ((now-i->second) > (60 * 30))
-                i = OutStandingUploads_.erase(i);
-            else
-                ++i;
-        }
-
-        if(!UUID.empty())
-            OutStandingUploads_[UUID] = now;
-
+		auto Func=[now](const UploadId &I) -> bool {
+			return (now > I.Expires);
+		};
+		OutStandingUploads_.erase(std::remove_if(OutStandingUploads_.begin(),OutStandingUploads_.end(),Func),OutStandingUploads_.end());
+		OutStandingUploads_.emplace_back(UploadId{UUID, now + WaitTimeInSeconds.count(), Type});
         return true;
     }
 
     bool FileUploader::ValidRequest(const std::string &UUID) {
 		std::lock_guard		Guard(Mutex_);
-
-        return OutStandingUploads_.find(UUID)!=OutStandingUploads_.end();
+		auto Func = [UUID](const UploadId &P) -> bool {
+			return (P.UUID==UUID);
+		};
+        return std::find_if(OutStandingUploads_.begin(), OutStandingUploads_.end(), Func) != end(OutStandingUploads_);
     }
 
     void FileUploader::RemoveRequest(const std::string &UUID) {
 		std::lock_guard		Guard(Mutex_);
-        OutStandingUploads_.erase(UUID);
+		auto Func = [UUID](const UploadId &P) -> bool {
+			return (P.UUID==UUID);
+		};
+		OutStandingUploads_.erase(std::remove_if(OutStandingUploads_.begin(),OutStandingUploads_.end(),Func),OutStandingUploads_.end());
     }
 
 	class FileUploaderPartHandler2 : public Poco::Net::PartHandler {
@@ -193,9 +191,10 @@ namespace OpenWifi {
     class FormRequestHandler: public Poco::Net::HTTPRequestHandler
     {
     public:
-        explicit FormRequestHandler(std::string UUID, Poco::Logger & L):
+        explicit FormRequestHandler(std::string UUID, Poco::Logger & L, const std::string &Type):
             UUID_(std::move(UUID)),
-            Logger_(L)
+            Logger_(L),
+			Type_(Type)
         {
         }
 
@@ -230,8 +229,8 @@ namespace OpenWifi {
 								Poco::StreamCopier::copyStream(Reader.stream(), FileContent);
 								Answer.set("filename", UUID_);
 								Answer.set("error", 0);
-								poco_debug(Logger(),fmt::format("{}: Trace file uploaded.", UUID_));
-								StorageService()->AttachFileDataToCommand(UUID_, FileContent);
+								poco_debug(Logger(),fmt::format("{}: File uploaded.", UUID_));
+								StorageService()->AttachFileDataToCommand(UUID_, FileContent, Type_);
 								std::ostream &ResponseStream = Response.send();
 								Poco::JSON::Stringifier::stringify(Answer, ResponseStream);
 								return;
@@ -267,6 +266,7 @@ namespace OpenWifi {
     private:
         std::string     UUID_;
         Poco::Logger    & Logger_;
+		std::string 	Type_;
     };
 
     Poco::Net::HTTPRequestHandler *FileUpLoaderRequestHandlerFactory::createRequestHandler(const Poco::Net::HTTPServerRequest & Request) {
@@ -285,11 +285,12 @@ namespace OpenWifi {
         if( UUIDLocation != std::string::npos )
         {
             auto UUID = Request.getURI().substr(UUIDLocation+URI_BASE.size());
-            if(FileUploader()->ValidRequest(UUID))
+
+			FileUploader::UploadId		E;
+            if(FileUploader()->Find(UUID,E))
             {
-                //  make sure we do not allow anyone else to overwrite our file
 				FileUploader()->RemoveRequest(UUID);
-                return new FormRequestHandler(UUID,Logger());
+                return new FormRequestHandler(UUID,Logger(),E.Type);
             }
             else
             {
@@ -299,6 +300,17 @@ namespace OpenWifi {
         return nullptr;
     }
 
+	 bool FileUploader::Find(const std::string &UUID, UploadId &V) {
+		std::lock_guard		G(Mutex_);
+		for(const auto &E:OutStandingUploads_) {
+			if (E.UUID == UUID) {
+				V = E;
+				return true;
+			}
+		}
+		return false;
+	}
+
     void FileUploader::Stop() {
 		poco_notice(Logger(),"Stopping...");
         for( const auto & svr : Servers_ )

src/FileUploader.h

@@ -19,11 +19,18 @@ namespace OpenWifi {
 
     class FileUploader : public SubSystemServer {
     public:
+
+		struct UploadId {
+		  std::string 		UUID;
+		  std::uint64_t 	Expires;
+		  std::string 		Type;
+		};
+
 		int Start() override;
 		void Stop() override;
 		void reinitialize(Poco::Util::Application &self) override;
 		const std::string & FullName();
-		bool AddUUID( const std::string & UUID);
+		bool AddUUID( const std::string & UUID, std::chrono::seconds WaitTimeInSecond, const std::string &Type);
 		bool ValidRequest(const std::string & UUID);
 		void RemoveRequest(const std::string &UUID);
 		const std::string & Path() { return Path_; };
@@ -35,12 +42,13 @@ namespace OpenWifi {
 
 		[[nodiscard]] inline uint64_t MaxSize() const { return MaxSize_; }
 
+		bool Find(const std::string &UUID, UploadId &V);
     private:
         std::vector<std::unique_ptr<Poco::Net::HTTPServer>>   Servers_;
-        std::string                     FullName_;
-        std::map<std::string,uint64_t>  OutStandingUploads_;
-        std::string                     Path_;
-		uint64_t 						MaxSize_=10000000;
+        std::string                     			FullName_;
+        std::list<UploadId>  						OutStandingUploads_;
+        std::string                     			Path_;
+		uint64_t 									MaxSize_=10000000;
 
 		explicit FileUploader() noexcept:
 			SubSystemServer("FileUploader", "FILE-UPLOAD", "openwifi.fileuploader")
@@ -51,10 +59,13 @@ namespace OpenWifi {
     class FileUpLoaderRequestHandlerFactory : public Poco::Net::HTTPRequestHandlerFactory {
     public:
         explicit FileUpLoaderRequestHandlerFactory(Poco::Logger &L) :
-                Logger_(L){}
+			Logger_(L) {
+		}
 
         Poco::Net::HTTPRequestHandler *createRequestHandler(const Poco::Net::HTTPServerRequest &request) override;
-		inline Poco::Logger & Logger() { return Logger_; }
+		inline Poco::Logger & Logger() {
+			return Logger_;
+		}
     private:
         Poco::Logger    & Logger_;
     };

src/RADIUS_helpers.h

@@ -291,6 +291,8 @@ static const struct tok radius_attribute_names[] = {
 	constexpr unsigned char CoA_ACK = 44;
 	constexpr unsigned char CoA_NAK = 45;
 
+	constexpr unsigned char ATTR_MessageAuthenticator = 80;
+
 	inline bool IsAuthentication(unsigned char t) {
 		return (t == RADIUS::Access_Request ||
 				t == RADIUS::Access_Accept ||
@@ -330,6 +332,11 @@ static const struct tok radius_attribute_names[] = {
 		return "Unknown";
 	}
 
+	inline void MakeRadiusAuthenticator(unsigned char *authenticator) {
+		for(int i=0;i<16;i++)
+			authenticator[i]=std::rand() & 0xff;
+	}
+
 	//
 	// From: https://github.com/Telecominfraproject/wlan-dictionary/blob/main/dictionary.tip
 	//
@@ -666,6 +673,44 @@ static const struct tok radius_attribute_names[] = {
 		bool                Valid_=false;
 	};
 
+	class RadiusOutputPacket {
+	  public:
+		explicit RadiusOutputPacket(const std::string &Secret)
+			: Secret_(Secret) {
+		}
+
+		inline void MakeStatusMessage() {
+			P_.code = RADCMD_STATUS_SER;
+			P_.identifier = std::rand() & 0x00ff;
+			MakeRadiusAuthenticator(P_.authenticator);
+			unsigned char MessageAuthenticator[16]{0};
+			AddAttribute(ATTR_MessageAuthenticator,sizeof(MessageAuthenticator),MessageAuthenticator);
+			P_.rawlen = 1 + 1 + 2 + 16 + 1 + 1 + 16;
+
+			Poco::HMACEngine<Poco::MD5Engine> H(Secret_);
+			H.update((const unsigned char *)&P_, P_.rawlen);
+			auto digest = H.digest();
+			int p = 0;
+			for (const auto &i : digest)
+				P_.attributes[1 + 1 + p++] = i;
+		}
+
+		inline void AddAttribute(unsigned char attr, uint8_t len, const unsigned char * data) {
+			P_.attributes[AttributesLen_++] = attr;
+			P_.attributes[AttributesLen_++] = len;
+			memcpy(&P_.attributes[AttributesLen_],data,len);
+			AttributesLen_+=len;
+		}
+
+		[[nodiscard]] inline const unsigned char * Data() const { return (const unsigned char *) &P_;}
+		[[nodiscard]] inline std::uint16_t Len() const { return P_.rawlen; }
+
+	  private:
+		RawRadiusPacket		P_;
+		uint16_t 			AttributesLen_=0;
+		std::string 		Secret_;
+	};
+
 	inline std::ostream &operator<<(std::ostream &os, RadiusPacket const &P) {
 		os << P.Attrs_ ;
 		return os;

src/RADIUS_proxy_server.cpp

@@ -22,124 +22,132 @@ namespace OpenWifi {
 		ConfigFilename_ = MicroServiceDataDirectory()+"/radius_pool_config.json";
 		Poco::File	Config(ConfigFilename_);
 
-		enabled_ = MicroServiceConfigGetBool("radius.proxy.enable",false);
-		if(!enabled_ && !Config.exists()) {
+		Enabled_ = MicroServiceConfigGetBool("radius.proxy.enable",false);
+		if(!Enabled_ && !Config.exists()) {
 			StopRADSECServers();
 			return 0;
 		}
 
 		poco_notice(Logger(),"Starting...");
 
-		enabled_ = true;
+		Enabled_ = true;
 
 		Poco::Net::SocketAddress	AuthSockAddrV4(Poco::Net::AddressFamily::IPv4,
 									   MicroServiceConfigGetInt("radius.proxy.authentication.port",DEFAULT_RADIUS_AUTHENTICATION_PORT));
-		AuthenticationSocketV4_ = std::make_unique<Poco::Net::DatagramSocket>(AuthSockAddrV4,true);
+		AuthenticationSocketV4_ = std::make_unique<Poco::Net::DatagramSocket>(AuthSockAddrV4,true,true);
 		Poco::Net::SocketAddress	AuthSockAddrV6(Poco::Net::AddressFamily::IPv6,
 											  MicroServiceConfigGetInt("radius.proxy.authentication.port",DEFAULT_RADIUS_AUTHENTICATION_PORT));
-		AuthenticationSocketV6_ = std::make_unique<Poco::Net::DatagramSocket>(AuthSockAddrV6,true);
+		AuthenticationSocketV6_ = std::make_unique<Poco::Net::DatagramSocket>(AuthSockAddrV6,true,true);
 
 		Poco::Net::SocketAddress	AcctSockAddrV4(Poco::Net::AddressFamily::IPv4,
 									   MicroServiceConfigGetInt("radius.proxy.accounting.port",DEFAULT_RADIUS_ACCOUNTING_PORT));
-		AccountingSocketV4_ = std::make_unique<Poco::Net::DatagramSocket>(AcctSockAddrV4,true);
+		AccountingSocketV4_ = std::make_unique<Poco::Net::DatagramSocket>(AcctSockAddrV4,true,true);
 		Poco::Net::SocketAddress	AcctSockAddrV6(Poco::Net::AddressFamily::IPv6,
 											  MicroServiceConfigGetInt("radius.proxy.accounting.port",DEFAULT_RADIUS_ACCOUNTING_PORT));
-		AccountingSocketV6_ = std::make_unique<Poco::Net::DatagramSocket>(AcctSockAddrV6,true);
+		AccountingSocketV6_ = std::make_unique<Poco::Net::DatagramSocket>(AcctSockAddrV6,true,true);
 
 		Poco::Net::SocketAddress	CoASockAddrV4(Poco::Net::AddressFamily::IPv4,
 												MicroServiceConfigGetInt("radius.proxy.coa.port",DEFAULT_RADIUS_CoA_PORT));
-		CoASocketV4_ = std::make_unique<Poco::Net::DatagramSocket>(CoASockAddrV4,true);
+		CoASocketV4_ = std::make_unique<Poco::Net::DatagramSocket>(CoASockAddrV4,true,true);
 		Poco::Net::SocketAddress	CoASockAddrV6(Poco::Net::AddressFamily::IPv6,
 												MicroServiceConfigGetInt("radius.proxy.coa.port",DEFAULT_RADIUS_CoA_PORT));
-		CoASocketV6_ = std::make_unique<Poco::Net::DatagramSocket>(CoASockAddrV6,true);
+		CoASocketV6_ = std::make_unique<Poco::Net::DatagramSocket>(CoASockAddrV6,true,true);
 
-		RadiusReactor_.addEventHandler(*AuthenticationSocketV4_,Poco::NObserver<RADIUS_proxy_server, Poco::Net::ReadableNotification>(
+		RadiusReactor_.reset();
+		RadiusReactor_ = std::make_unique<Poco::Net::SocketReactor>();
+		RadiusReactor_->addEventHandler(*AuthenticationSocketV4_,Poco::NObserver<RADIUS_proxy_server, Poco::Net::ReadableNotification>(
 														   *this, &RADIUS_proxy_server::OnAuthenticationSocketReadable));
-		RadiusReactor_.addEventHandler(*AuthenticationSocketV6_,Poco::NObserver<RADIUS_proxy_server, Poco::Net::ReadableNotification>(
+		RadiusReactor_->addEventHandler(*AuthenticationSocketV6_,Poco::NObserver<RADIUS_proxy_server, Poco::Net::ReadableNotification>(
 																			 *this, &RADIUS_proxy_server::OnAuthenticationSocketReadable));
 
-		RadiusReactor_.addEventHandler(*AccountingSocketV4_,Poco::NObserver<RADIUS_proxy_server, Poco::Net::ReadableNotification>(
+		RadiusReactor_->addEventHandler(*AccountingSocketV4_,Poco::NObserver<RADIUS_proxy_server, Poco::Net::ReadableNotification>(
 																		  *this, &RADIUS_proxy_server::OnAccountingSocketReadable));
-		RadiusReactor_.addEventHandler(*AccountingSocketV6_,Poco::NObserver<RADIUS_proxy_server, Poco::Net::ReadableNotification>(
+		RadiusReactor_->addEventHandler(*AccountingSocketV6_,Poco::NObserver<RADIUS_proxy_server, Poco::Net::ReadableNotification>(
 																   *this, &RADIUS_proxy_server::OnAccountingSocketReadable));
 
 
-		RadiusReactor_.addEventHandler(*CoASocketV4_,Poco::NObserver<RADIUS_proxy_server, Poco::Net::ReadableNotification>(
+		RadiusReactor_->addEventHandler(*CoASocketV4_,Poco::NObserver<RADIUS_proxy_server, Poco::Net::ReadableNotification>(
 																			 *this, &RADIUS_proxy_server::OnCoASocketReadable));
-		RadiusReactor_.addEventHandler(*CoASocketV6_,Poco::NObserver<RADIUS_proxy_server, Poco::Net::ReadableNotification>(
+		RadiusReactor_->addEventHandler(*CoASocketV6_,Poco::NObserver<RADIUS_proxy_server, Poco::Net::ReadableNotification>(
 																	 *this, &RADIUS_proxy_server::OnCoASocketReadable));
 
 		ParseConfig();
-
-		//	start RADSEC servers...
-		StopRADSECServers();
 		StartRADSECServers();
-		RadiusReactorThread_.start(RadiusReactor_);
-
+		RadiusReactorThread_.start(*RadiusReactor_);
 		Utils::SetThreadName(RadiusReactorThread_,"rad:reactor");
-
-		running_ = true;
+		Running_ = true;
 
 		return 0;
 	}
 
 	void RADIUS_proxy_server::Stop() {
-		poco_information(Logger(),"Stopping...");
-		if(enabled_ && running_) {
-			RadiusReactor_.removeEventHandler(
+		if(Enabled_ && Running_) {
+			poco_information(Logger(),"Stopping...");
+			RadiusReactor_->removeEventHandler(
 				*AuthenticationSocketV4_,
 				Poco::NObserver<RADIUS_proxy_server, Poco::Net::ReadableNotification>(
 					*this, &RADIUS_proxy_server::OnAuthenticationSocketReadable));
-			RadiusReactor_.removeEventHandler(
+			RadiusReactor_->removeEventHandler(
 				*AuthenticationSocketV6_,
 				Poco::NObserver<RADIUS_proxy_server, Poco::Net::ReadableNotification>(
 					*this, &RADIUS_proxy_server::OnAuthenticationSocketReadable));
 
-			RadiusReactor_.removeEventHandler(
+			RadiusReactor_->removeEventHandler(
 				*AccountingSocketV4_,
 				Poco::NObserver<RADIUS_proxy_server, Poco::Net::ReadableNotification>(
 					*this, &RADIUS_proxy_server::OnAccountingSocketReadable));
-			RadiusReactor_.removeEventHandler(
+			RadiusReactor_->removeEventHandler(
 				*AccountingSocketV6_,
 				Poco::NObserver<RADIUS_proxy_server, Poco::Net::ReadableNotification>(
 					*this, &RADIUS_proxy_server::OnAccountingSocketReadable));
 
-			RadiusReactor_.removeEventHandler(
+			RadiusReactor_->removeEventHandler(
 				*CoASocketV4_,
 				Poco::NObserver<RADIUS_proxy_server, Poco::Net::ReadableNotification>(
 					*this, &RADIUS_proxy_server::OnCoASocketReadable));
-			RadiusReactor_.removeEventHandler(
+			RadiusReactor_->removeEventHandler(
 				*CoASocketV6_,
 				Poco::NObserver<RADIUS_proxy_server, Poco::Net::ReadableNotification>(
 					*this, &RADIUS_proxy_server::OnCoASocketReadable));
 
+			AuthenticationSocketV4_->close();
+			AuthenticationSocketV6_->close();
+			AccountingSocketV4_->close();
+			AccountingSocketV6_->close();
+			CoASocketV4_->close();
+			CoASocketV6_->close();
+
+			AuthenticationSocketV4_.reset();
+			AuthenticationSocketV6_.reset();
+			AccountingSocketV4_.reset();
+			AccountingSocketV6_.reset();
+			CoASocketV4_.reset();
+			CoASocketV6_.reset();
+
 			StopRADSECServers();
-			RadiusReactor_.stop();
+			RadiusReactor_->stop();
 			RadiusReactorThread_.join();
-			enabled_=false;
-			running_=false;
+			Running_=false;
+			poco_information(Logger(),"Stopped...");
 		}
-		poco_information(Logger(),"Stopped...");
 	}
 
 	void RADIUS_proxy_server::StartRADSECServers() {
+		std::lock_guard		G(Mutex_);
 		for(const auto &pool:PoolList_.pools) {
 			for(const auto &entry:pool.authConfig.servers) {
 				if(entry.radsec) {
-					StartRADSECServer(entry);
+					RADSECservers_[ Poco::Net::SocketAddress(entry.ip,0) ] = std::make_unique<RADSEC_server>(*RadiusReactor_,entry);
 				}
 			}
 		}
 	}
 
 	void RADIUS_proxy_server::StopRADSECServers() {
+		std::lock_guard		G(Mutex_);
 		RADSECservers_.clear();
 	}
 
-	void RADIUS_proxy_server::StartRADSECServer(const GWObjects::RadiusProxyServerEntry &E) {
-		RADSECservers_[ Poco::Net::SocketAddress(E.ip,0) ] = std::make_unique<RADSEC_server>(RadiusReactor_,E);
-	}
-
 	void RADIUS_proxy_server::OnAccountingSocketReadable(const Poco::AutoPtr<Poco::Net::ReadableNotification>& pNf) {
 		Poco::Net::SocketAddress	Sender;
 		RADIUS::RadiusPacket		P;
@@ -208,7 +216,7 @@ namespace OpenWifi {
 
 	void RADIUS_proxy_server::SendAccountingData(const std::string &serialNumber, const char *buffer, std::size_t size) {
 
-		if(Pools_.empty() || !enabled_)
+		if(!Continue())
 			return;
 
 		try {
@@ -266,7 +274,7 @@ namespace OpenWifi {
 
 	void RADIUS_proxy_server::SendAuthenticationData(const std::string &serialNumber, const char *buffer, std::size_t size) {
 
-		if(Pools_.empty() || !enabled_)
+		if(!Continue())
 			return;
 
 		try {
@@ -319,7 +327,7 @@ namespace OpenWifi {
 
 	void RADIUS_proxy_server::SendCoAData(const std::string &serialNumber, const char *buffer, std::size_t size) {
 
-		if(Pools_.empty() || !enabled_)
+		if(!Continue())
 			return;
 
 		try {
@@ -389,7 +397,7 @@ namespace OpenWifi {
 			};
 
 			if(setAsDefault && D.useRADSEC)
-				defaultIsRADSEC_ = true;
+				DefaultIsRADSEC_ = true;
 
 			if(S.family()==Poco::Net::IPAddress::IPv4) {
 				TotalV4 += server.weight;
@@ -483,26 +491,26 @@ namespace OpenWifi {
 			}
 		}
 
-		if(defaultIsRADSEC_) {
+		if(DefaultIsRADSEC_) {
 			UseRADSEC = true;
-			return (IsV4 ? Pools_[defaultPoolIndex_].AuthV4[0].Addr : Pools_[defaultPoolIndex_].AuthV6[0].Addr );
+			return (IsV4 ? Pools_[DefaultPoolIndex_].AuthV4[0].Addr : Pools_[DefaultPoolIndex_].AuthV6[0].Addr );
 		}
 
 		switch(rtype) {
 			case radius_type::auth: {
-				return ChooseAddress(IsV4 ? Pools_[defaultPoolIndex_].AuthV4
-										  : Pools_[defaultPoolIndex_].AuthV6,
+				return ChooseAddress(IsV4 ? Pools_[DefaultPoolIndex_].AuthV4
+										  : Pools_[DefaultPoolIndex_].AuthV6,
 									 RequestedAddress);
 				}
 			case radius_type::acct:
 			default: {
-				return ChooseAddress(IsV4 ? Pools_[defaultPoolIndex_].AcctV4
-										  : Pools_[defaultPoolIndex_].AcctV6,
+				return ChooseAddress(IsV4 ? Pools_[DefaultPoolIndex_].AcctV4
+										  : Pools_[DefaultPoolIndex_].AcctV6,
 									 RequestedAddress);
 				}
 			case radius_type::coa: {
-				return ChooseAddress(IsV4 ? Pools_[defaultPoolIndex_].CoaV4
-										  : Pools_[defaultPoolIndex_].CoaV6,
+				return ChooseAddress(IsV4 ? Pools_[DefaultPoolIndex_].CoaV4
+										  : Pools_[DefaultPoolIndex_].CoaV6,
 									 RequestedAddress);
 				}
 			}
@@ -621,7 +629,6 @@ namespace OpenWifi {
 
 	void RADIUS_proxy_server::SetConfig(const GWObjects::RadiusProxyPoolList &C) {
 		std::lock_guard	G(Mutex_);
-		PoolList_ = C;
 
 		Poco::JSON::Object	Disk;
 		C.to_json(Disk);
@@ -630,17 +637,17 @@ namespace OpenWifi {
 		Disk.stringify(ofs);
 		ofs.close();
 
-		if(!running_) {
-			Start();
-		}
-
-		ParseConfig();
+		Stop();
+		ResetConfig();
+		PoolList_ = C;
+		Start();
 	}
 
 	void RADIUS_proxy_server::ResetConfig() {
 		PoolList_.pools.clear();
 		Pools_.clear();
-		defaultPoolIndex_=0;
+		DefaultPoolIndex_=0;
+		DefaultIsRADSEC_=false;
 	}
 
 	void RADIUS_proxy_server::DeleteConfig() {
@@ -653,8 +660,8 @@ namespace OpenWifi {
 		} catch (...) {
 
 		}
-		ResetConfig();
 		Stop();
+		ResetConfig();
 	}
 
 	void RADIUS_proxy_server::GetConfig(GWObjects::RadiusProxyPoolList &C) {

src/RADIUS_proxy_server.h

@@ -29,7 +29,7 @@ namespace OpenWifi {
 
 		int Start() final;
 		void Stop() final;
-		inline bool Enabled() const { return enabled_; }
+		inline bool Enabled() const { return Enabled_; }
 
 		void OnAccountingSocketReadable(const Poco::AutoPtr<Poco::Net::ReadableNotification>& pNf);
 		void OnAuthenticationSocketReadable(const Poco::AutoPtr<Poco::Net::ReadableNotification>& pNf);
@@ -44,7 +44,6 @@ namespace OpenWifi {
 		void GetConfig(GWObjects::RadiusProxyPoolList &C);
 
 		void StartRADSECServers();
-		void StartRADSECServer(const GWObjects::RadiusProxyServerEntry &E);
 		void StopRADSECServers();
 
 		struct Destination {
@@ -62,6 +61,10 @@ namespace OpenWifi {
 			std::vector<std::string>	realms;
 		};
 
+		inline bool Continue() const {
+			return Running_ && Enabled_ && !Pools_.empty();
+		}
+
 	  private:
 		std::unique_ptr<Poco::Net::DatagramSocket>	AccountingSocketV4_;
 		std::unique_ptr<Poco::Net::DatagramSocket>	AccountingSocketV6_;
@@ -69,8 +72,8 @@ namespace OpenWifi {
 		std::unique_ptr<Poco::Net::DatagramSocket>	AuthenticationSocketV6_;
 		std::unique_ptr<Poco::Net::DatagramSocket>	CoASocketV4_;
 		std::unique_ptr<Poco::Net::DatagramSocket>	CoASocketV6_;
-		Poco::Net::SocketReactor		RadiusReactor_;
-		Poco::Thread					RadiusReactorThread_;
+		std::unique_ptr<Poco::Net::SocketReactor>	RadiusReactor_;
+		Poco::Thread								RadiusReactorThread_;
 
 		GWObjects::RadiusProxyPoolList	PoolList_;
 		std::string 					ConfigFilename_;
@@ -87,10 +90,10 @@ namespace OpenWifi {
 		};
 
 		std::vector<RadiusPool>			Pools_;
-		uint 							defaultPoolIndex_=0;
-		bool 							enabled_=false;
-		bool 							defaultIsRADSEC_=false;
-		std::atomic_bool 				running_=false;
+		uint 							DefaultPoolIndex_=0;
+		bool 							Enabled_=false;
+		bool 							DefaultIsRADSEC_=false;
+		std::atomic_bool 				Running_=false;
 
 		RADIUS_proxy_server() noexcept:
 		   SubSystemServer("RADIUS-PROXY", "RADIUS-PROXY", "radius.proxy")

src/RADSEC_server.h

@@ -33,15 +33,17 @@ namespace OpenWifi {
 			Logger_(Poco::Logger::get(fmt::format("RADSEC: {}@{}:{}",
 								Server_.name ,
 								Server_.ip,
-								Server_.port)))
-		{
-			ReconnectThread_.start(*this);
+								Server_.port))) {
+			Start();
 		}
 
 		~RADSEC_server() {
-			if(ReconnectThread_.isRunning()) {
-				Stop();
-			}
+			Stop();
+		}
+
+		inline int Start() {
+			ReconnectThread_.start(*this);
+			return 0;
 		}
 
 		inline void Stop() {
@@ -52,12 +54,22 @@ namespace OpenWifi {
 		}
 
 		inline void run() final {
+			Poco::Thread::trySleep(3000);
+			std::uint64_t LastStatus=0 ;
+			auto RadSecKeepAlive = MicroServiceConfigGetInt("radsec.keepalive",120);
 			while(TryAgain_) {
 				if(!Connected_) {
-					std::unique_lock	G(Mutex_);
+					std::lock_guard G(LocalMutex_);
+					LastStatus = Utils::Now() ;
 					Connect();
+				} else if( (Utils::Now() - LastStatus) > RadSecKeepAlive) {
+					RADIUS::RadiusOutputPacket P(Server_.radsecSecret);
+					P.MakeStatusMessage();
+					poco_information(Logger_,"Keep-Alive message.");
+					Socket_->sendBytes(P.Data(), P.Len());
+					LastStatus = Utils::Now();
 				}
-				Poco::Thread::trySleep(3000);
+				Poco::Thread::trySleep(!Connected_ ? 3000 : 10000);
 			}
 		}
 
@@ -65,22 +77,23 @@ namespace OpenWifi {
 			try {
 				if (Connected_) {
 					RADIUS::RadiusPacket P(buffer, length);
-					// std::cout << serial_number << "    Sending " << P.PacketType() << "  "  << length << " bytes" << std::endl;
 					int sent_bytes;
 					if (P.VerifyMessageAuthenticator(Server_.radsecSecret)) {
-						poco_debug(Logger_,fmt::format("{}: {} Sending {} bytes", serial_number,
-												  P.PacketType(), length));
+						poco_debug(Logger_, fmt::format("{}: {} Sending {} bytes", serial_number,
+														P.PacketType(), length));
 						sent_bytes = Socket_->sendBytes(buffer, length);
 					} else {
-						poco_debug(Logger_,fmt::format("{}: {} Sending {} bytes", serial_number,
-												  P.PacketType(), length));
+						poco_debug(Logger_, fmt::format("{}: {} Sending {} bytes", serial_number,
+														P.PacketType(), length));
 						P.ComputeMessageAuthenticator(Server_.radsecSecret);
 						sent_bytes = Socket_->sendBytes(P.Buffer(), length);
 					}
 					return (sent_bytes == length);
 				}
+			} catch (const Poco::Exception &E) {
+				Logger_.log(E);
 			} catch (...) {
-
+				poco_warning(Logger_,"Exception occurred: while sending data.");
 			}
 			return false;
 		}
@@ -90,7 +103,7 @@ namespace OpenWifi {
 
 			try {
 				auto NumberOfReceivedBytes = Socket_->receiveBytes(Buffer,sizeof(Buffer));
-				if(NumberOfReceivedBytes>40) {
+				if(NumberOfReceivedBytes>=20) {
 					RADIUS::RadiusPacket P(Buffer,NumberOfReceivedBytes);
 					if (P.IsAuthentication()) {
 						auto SerialNumber = P.ExtractSerialNumberFromProxyState();
@@ -101,9 +114,7 @@ namespace OpenWifi {
 							AP_WS_Server()->SendRadiusAuthenticationData(SerialNumber, Buffer,
 																		 NumberOfReceivedBytes);
 						} else {
-							poco_debug(Logger_,
-									   fmt::format("Invalid AUTH packet received in proxy dropped. No serial number Source={}",
-									Socket_->address().toString()));
+							poco_debug(Logger_, "AUTH packet dropped.");
 						}
 					} else if (P.IsAccounting()) {
 						auto SerialNumber = P.ExtractSerialNumberFromProxyState();
@@ -114,53 +125,72 @@ namespace OpenWifi {
 							AP_WS_Server()->SendRadiusAccountingData(SerialNumber, Buffer,
 																	 NumberOfReceivedBytes);
 						} else {
-							poco_debug(Logger_,
-									   fmt::format("Invalid ACCT packet received in proxy dropped. No serial number Source={}",
-												   Socket_->address().toString()));
+							poco_debug(Logger_, "ACCT packet dropped.");
 						}
 					} else if (P.IsAuthority()) {
+						auto SerialNumber = P.ExtractSerialNumberTIP();
+						if(!SerialNumber.empty()) {
+							poco_debug(Logger_,
+									   fmt::format("{}: {} Received {} bytes.", SerialNumber,
+												   P.PacketType(), NumberOfReceivedBytes));
+							AP_WS_Server()->SendRadiusCoAData(SerialNumber, Buffer,
+																	 NumberOfReceivedBytes);
+						} else {
+							poco_debug(Logger_, "CoA/DM packet dropped.");
+						}
+					} else {
+						poco_warning(Logger_,fmt::format("Unknown packet: Type: {} (type={}) Length={}", P.PacketType(), P.PacketTypeInt(), P.BufferLen()));
 					}
 				} else {
+					poco_warning(Logger_,"Invalid packet received. Resetting the connection.");
 					Disconnect();
 				}
 			} catch (const Poco::Exception &E) {
 				Logger_.log(E);
 				Disconnect();
+			} catch (...) {
+				Disconnect();
+				poco_warning(Logger_,"Exception occurred. Resetting the connection.");
 			}
 		}
 
 		inline void onError([[maybe_unused]] const Poco::AutoPtr<Poco::Net::ErrorNotification>& pNf) {
-			std::cout << "onError" << std::endl;
+			poco_warning(Logger_,"Socker error. Terminating connection.");
 			Disconnect();
 		}
 
 		inline void onShutdown([[maybe_unused]] const Poco::AutoPtr<Poco::Net::ShutdownNotification>& pNf) {
-			std::cout << "onShutdown" << std::endl;
+			poco_warning(Logger_,"Socker socket shutdown. Terminating connection.");
 			Disconnect();
 		}
 
 		inline bool Connect() {
 			if(TryAgain_) {
+				std::lock_guard G(LocalMutex_);
 
 				Poco::TemporaryFile	CertFile_(MicroServiceDataDirectory());
 				Poco::TemporaryFile	KeyFile_(MicroServiceDataDirectory());
-				std::vector<Poco::TemporaryFile> CaCertFiles_;
+				std::vector<std::unique_ptr<Poco::TemporaryFile>> CaCertFiles_;
 
 				DecodeFile(CertFile_.path(), Server_.radsecCert);
 				DecodeFile(KeyFile_.path(), Server_.radsecKey);
 
 				for(auto &cert:Server_.radsecCacerts) {
-					CaCertFiles_.emplace_back(Poco::TemporaryFile(MicroServiceDataDirectory()));
-					DecodeFile(CaCertFiles_[CaCertFiles_.size()-1].path(), cert);
+					CaCertFiles_.emplace_back(std::make_unique<Poco::TemporaryFile>(MicroServiceDataDirectory()));
+					DecodeFile(CaCertFiles_[CaCertFiles_.size()-1]->path(), cert);
 				}
 
 				Poco::Net::Context::Ptr SecureContext = Poco::AutoPtr<Poco::Net::Context>(
 					new Poco::Net::Context(Poco::Net::Context::TLS_CLIENT_USE,
 										   KeyFile_.path(),
 										   CertFile_.path(),""));
+				if(Server_.allowSelfSigned) {
+					SecureContext->setSecurityLevel(Poco::Net::Context::SECURITY_LEVEL_NONE);
+					SecureContext->enableExtendedCertificateVerification(false);
+				}
 
 				for(const auto &ca:CaCertFiles_) {
-					Poco::Crypto::X509Certificate	cert(ca.path());
+					Poco::Crypto::X509Certificate	cert(ca->path());
 					SecureContext->addCertificateAuthority(cert);
 				}
 
@@ -172,7 +202,10 @@ namespace OpenWifi {
 					poco_information(Logger_, "Attempting to connect");
 					Socket_->connect(Destination, Poco::Timespan(100, 0));
 					Socket_->completeHandshake();
-					Socket_->verifyPeerCertificate();
+
+					if(!Server_.allowSelfSigned) {
+						Socket_->verifyPeerCertificate();
+					}
 
 					if(Socket_->havePeerCertificate()) {
 						Peer_Cert_ = std::make_unique<Poco::Crypto::X509Certificate>(Socket_->peerCertificate());
@@ -194,9 +227,6 @@ namespace OpenWifi {
 						*Socket_,
 						Poco::NObserver<RADSEC_server, Poco::Net::ShutdownNotification>(
 							*this, &RADSEC_server::onShutdown));
-					Socket_->setBlocking(false);
-					Socket_->setNoDelay(true);
-					Socket_->setKeepAlive(true);
 
 					Connected_ = true;
 					poco_information(Logger_,fmt::format("Connected. CN={}",CommonName()));
@@ -216,7 +246,7 @@ namespace OpenWifi {
 
 		inline void Disconnect() {
 			if(Connected_) {
-				std::unique_lock G(Mutex_);
+				std::lock_guard G(LocalMutex_);
 
 				Reactor_.removeEventHandler(
 					*Socket_, Poco::NObserver<RADSEC_server, Poco::Net::ReadableNotification>(
@@ -227,6 +257,7 @@ namespace OpenWifi {
 				Reactor_.removeEventHandler(
 					*Socket_, Poco::NObserver<RADSEC_server, Poco::Net::ShutdownNotification>(
 								  *this, &RADSEC_server::onShutdown));
+				Socket_->close();
 				Connected_ = false;
 			}
 			poco_information(Logger_,"Disconnecting.");
@@ -259,7 +290,7 @@ namespace OpenWifi {
 		}
 
 	  private:
-		std::recursive_mutex								Mutex_;
+		std::recursive_mutex								LocalMutex_;
 		Poco::Net::SocketReactor							&Reactor_;
 		GWObjects::RadiusProxyServerEntry					Server_;
 		Poco::Logger										&Logger_;

src/RESTAPI/RESTAPI_RPC.cpp

@@ -34,6 +34,7 @@ namespace OpenWifi::RESTAPI_RPC {
 	}
 
 	void WaitForCommand(uint64_t RPCID,
+						APCommands::Commands Command,
 						bool RetryLater,
 						GWObjects::CommandDetails &Cmd,
 						Poco::JSON::Object  & Params,
@@ -64,7 +65,7 @@ namespace OpenWifi::RESTAPI_RPC {
 		bool Sent;
 		std::chrono::time_point<std::chrono::high_resolution_clock> rpc_submitted = std::chrono::high_resolution_clock::now();
 		std::shared_ptr<CommandManager::promise_type_t> rpc_endpoint =
-			CommandManager()->PostCommand(RPCID, Cmd.SerialNumber, Cmd.Command, Params, Cmd.UUID, Sent);
+			CommandManager()->PostCommand(RPCID, Command, Cmd.SerialNumber, Cmd.Command, Params, Cmd.UUID, Sent);
 
 		if(RetryLater && (!Sent || rpc_endpoint== nullptr)) {
 			Logger.information(fmt::format("{},{}: Pending completion. Device is not connected.", Cmd.UUID, RPCID));
@@ -82,13 +83,13 @@ namespace OpenWifi::RESTAPI_RPC {
 		if (rpc_result == std::future_status::ready) {
 			std::chrono::duration<double, std::milli> rpc_execution_time = std::chrono::high_resolution_clock::now() - rpc_submitted;
 			auto rpc_answer = rpc_future.get();
-			if (!rpc_answer.has(uCentralProtocol::RESULT) || !rpc_answer.isObject(uCentralProtocol::RESULT)) {
+			if (!rpc_answer->has(uCentralProtocol::RESULT) || !rpc_answer->isObject(uCentralProtocol::RESULT)) {
 				SetCommandStatus(Cmd, Request, Response, Handler, Storage::CommandExecutionType::COMMAND_FAILED, Logger);
 				Logger.information(fmt::format("{},{}: Invalid response. Missing result.", Cmd.UUID, RPCID));
 				return;
 			}
 
-			auto ResultFields = rpc_answer.get(uCentralProtocol::RESULT).extract<Poco::JSON::Object::Ptr>();
+			auto ResultFields = rpc_answer->get(uCentralProtocol::RESULT).extract<Poco::JSON::Object::Ptr>();
 			if (!ResultFields->has(uCentralProtocol::STATUS) || !ResultFields->isObject(uCentralProtocol::STATUS)) {
 				Cmd.executionTime = rpc_execution_time.count();
 				if(Cmd.Command=="ping") {
@@ -107,20 +108,20 @@ namespace OpenWifi::RESTAPI_RPC {
 			if (StatusInnerObj->has(uCentralProtocol::TEXT))
 				Cmd.ErrorText = StatusInnerObj->get(uCentralProtocol::TEXT).toString();
 			std::stringstream ResultText;
-			if(rpc_answer.has(uCentralProtocol::RESULT)) {
+			if(rpc_answer->has(uCentralProtocol::RESULT)) {
 				if(Cmd.Command==uCentralProtocol::WIFISCAN) {
-					auto ScanObj = rpc_answer.get(uCentralProtocol::RESULT).extract<Poco::JSON::Object::Ptr>();
+					auto ScanObj = rpc_answer->get(uCentralProtocol::RESULT).extract<Poco::JSON::Object::Ptr>();
 					ParseWifiScan(ScanObj, ResultText, Logger);
 				} else {
 					Poco::JSON::Stringifier::stringify(
-						rpc_answer.get(uCentralProtocol::RESULT), ResultText);
+						rpc_answer->get(uCentralProtocol::RESULT), ResultText);
 				}
-			} if (rpc_answer.has(uCentralProtocol::RESULT_64)) {
+			} if (rpc_answer->has(uCentralProtocol::RESULT_64)) {
 				uint64_t sz=0;
-				if(rpc_answer.has(uCentralProtocol::RESULT_SZ))
-					sz=rpc_answer.get(uCentralProtocol::RESULT_SZ);
+				if(rpc_answer->has(uCentralProtocol::RESULT_SZ))
+					sz=rpc_answer->get(uCentralProtocol::RESULT_SZ);
 				std::string UnCompressedData;
-				Utils::ExtractBase64CompressedData(rpc_answer.get(uCentralProtocol::RESULT_64).toString(),
+				Utils::ExtractBase64CompressedData(rpc_answer->get(uCentralProtocol::RESULT_64).toString(),
 												   UnCompressedData,sz);
 				Poco::JSON::Stringifier::stringify(UnCompressedData, ResultText);
 			}
@@ -129,7 +130,7 @@ namespace OpenWifi::RESTAPI_RPC {
 			Cmd.Completed = Utils::Now();
 			Cmd.executionTime = rpc_execution_time.count();
 
-			if (Cmd.ErrorCode && Cmd.Command == uCentralProtocol::TRACE) {
+			if (Cmd.ErrorCode && (Cmd.Command == uCentralProtocol::TRACE || Cmd.Command == uCentralProtocol::SCRIPT)) {
 				Cmd.WaitingForFile = 0;
 				Cmd.AttachDate = Cmd.AttachSize = 0;
 				Cmd.AttachType = "";

src/RESTAPI/RESTAPI_RPC.h

@@ -18,10 +18,13 @@
 #include "StorageService.h"
 #include "framework/RESTAPI_Handler.h"
 
+#include "framework/ow_constants.h"
+
 namespace OpenWifi::RESTAPI_RPC {
 
 	void WaitForCommand(
 					uint64_t RPCID,
+					APCommands::Commands Command,
 					bool RetryLater,
 					GWObjects::CommandDetails &Cmd,
 					Poco::JSON::Object  & Params,

src/RESTAPI/RESTAPI_blacklist.cpp

@@ -20,6 +20,8 @@ namespace OpenWifi {
 			return BadRequest(RESTAPI::Errors::MissingSerialNumber);
 		}
 
+		poco_debug(Logger(),fmt::format("BLACKLIST-DELETE: {}", SerialNumber));
+
 		GWObjects::BlackListedDevice	D;
 		if(!StorageService()->GetBlackListDevice(SerialNumber, D)) {
 			return NotFound();
@@ -38,14 +40,12 @@ namespace OpenWifi {
 			return BadRequest(RESTAPI::Errors::MissingSerialNumber);
 		}
 
+		poco_debug(Logger(),fmt::format("BLACKLIST-GET: {}", SerialNumber));
 		GWObjects::BlackListedDevice	D;
 		if(!StorageService()->GetBlackListDevice(SerialNumber, D)) {
 			return NotFound();
 		}
-
-		Poco::JSON::Object	Answer;
-		D.to_json(Answer);
-		return ReturnObject(Answer);
+		return Object(D);
 	}
 
 	void RESTAPI_blacklist::DoPost() {
@@ -60,6 +60,8 @@ namespace OpenWifi {
 			return BadRequest(RESTAPI::Errors::MissingSerialNumber);
 		}
 
+		poco_debug(Logger(),fmt::format("BLACKLIST-POST: {}", D.serialNumber));
+
 		Poco::toLowerInPlace(D.serialNumber);
 		if(StorageService()->IsBlackListed(D.serialNumber)) {
 			return BadRequest(RESTAPI::Errors::SerialNumberExists);
@@ -70,12 +72,8 @@ namespace OpenWifi {
 
 		if(StorageService()->AddBlackListDevice(D)) {
 			GWObjects::BlackListedDevice	CreatedDevice;
-
 			StorageService()->GetBlackListDevice(D.serialNumber,CreatedDevice);
-			Poco::JSON::Object	Answer;
-
-			CreatedDevice.to_json(Answer);
-			return ReturnObject(Answer);
+			return Object(CreatedDevice);
 		}
 		return BadRequest(RESTAPI::Errors::MissingOrInvalidParameters);
 	}
@@ -92,6 +90,8 @@ namespace OpenWifi {
 			return BadRequest(RESTAPI::Errors::InvalidJSONDocument);
 		}
 
+		poco_debug(Logger(),fmt::format("BLACKLIST-PUT: {}", SerialNumber));
+
 		GWObjects::BlackListedDevice	NewDevice;
 		if(!NewDevice.from_json(Obj)) {
 			return BadRequest(RESTAPI::Errors::InvalidJSONDocument);
@@ -104,10 +104,7 @@ namespace OpenWifi {
 			GWObjects::BlackListedDevice	CreatedDevice;
 
 			StorageService()->GetBlackListDevice(SerialNumber,CreatedDevice);
-			Poco::JSON::Object	Answer;
-
-			CreatedDevice.to_json(Answer);
-			return ReturnObject(Answer);
+			return Object(CreatedDevice);
 		}
 		return BadRequest(RESTAPI::Errors::MissingOrInvalidParameters);
 	}

src/RESTAPI/RESTAPI_blacklist_list.cpp

@@ -10,22 +10,16 @@
 namespace OpenWifi {
 	void RESTAPI_blacklist_list::DoGet() {
 
-		std::vector<GWObjects::BlackListedDevice>	Devices;
+		poco_debug(Logger(),fmt::format("BLACKLIST-GET: Device serial number list"));
 
-		Poco::JSON::Array	Arr;
-		Poco::JSON::Object	Answer;
+		std::vector<GWObjects::BlackListedDevice>	Devices;
 
 		if(QB_.CountOnly) {
 			auto Count = StorageService()->GetBlackListDeviceCount();
 			return ReturnCountOnly(Count);
 		} else if(StorageService()->GetBlackListDevices(QB_.Offset, QB_.Limit, Devices)) {
-			for(const auto &i:Devices) {
-				Poco::JSON::Object O;
-				i.to_json(O);
-				Arr.add(O);
-			}
+			return Object("devices",Devices);
 		}
-		Answer.set("devices", Arr);
-		return ReturnObject(Answer);
+		NotFound();
 	}
 }

src/RESTAPI/RESTAPI_capabilities_handler.cpp

@@ -8,7 +8,7 @@
 namespace OpenWifi {
 
 	void RESTAPI_capabilities_handler::DoGet() {
-		CapabilitiesCache_t Caps = CapabilitiesCache().AllCapabilities();
+		CapabilitiesCache_t Caps = CapabilitiesCache()->AllCapabilities();
 
 		Poco::JSON::Array	ObjArr;
 		for(const auto &[deviceType,capabilities]:Caps) {

src/RESTAPI/RESTAPI_command.cpp

@@ -20,9 +20,7 @@ namespace OpenWifi {
 
 		GWObjects::CommandDetails Command;
 		if (StorageService()->GetCommand(CommandUUID, Command)) {
-			Poco::JSON::Object RetObj;
-			Command.to_json(RetObj);
-			return ReturnObject(RetObj);
+			return Object(Command);
 		}
 		return NotFound();
 	}

src/RESTAPI/RESTAPI_commands.cpp

@@ -24,15 +24,7 @@ namespace OpenWifi {
 			StorageService()->GetCommands(SerialNumber, QB_.StartDate, QB_.EndDate, QB_.Offset, QB_.Limit,
 								   Commands);
 		}
-		Poco::JSON::Array ArrayObj;
-		for (const auto &i : Commands) {
-			Poco::JSON::Object Obj;
-			i.to_json(Obj);
-			ArrayObj.add(Obj);
-		}
-		Poco::JSON::Object RetObj;
-		RetObj.set(RESTAPI::Protocol::COMMANDS, ArrayObj);
-		ReturnObject(RetObj);
+		return Object(RESTAPI::Protocol::COMMANDS, Commands);
 	}
 
 	void RESTAPI_commands::DoDelete() {

src/RESTAPI/RESTAPI_default_configuration.cpp

@@ -22,9 +22,7 @@ namespace OpenWifi {
 		std::string Name = ORM::Escape(GetBinding(RESTAPI::Protocol::NAME, ""));
 		GWObjects::DefaultConfiguration DefConfig;
 		if (StorageService()->GetDefaultConfiguration(Name, DefConfig)) {
-			Poco::JSON::Object Obj;
-			DefConfig.to_json(Obj);
-			return ReturnObject(Obj);
+			return Object(DefConfig);
 		}
 		NotFound();
 	}
@@ -106,12 +104,9 @@ namespace OpenWifi {
 			GWObjects::DefaultConfiguration	ModifiedConfig;
 
 			StorageService()->GetDefaultConfiguration(Name,ModifiedConfig);
-			Poco::JSON::Object	Answer;
-			ModifiedConfig.to_json(Answer);
-			return ReturnObject(Answer);
+			return Object(ModifiedConfig);
 		}
 
 		BadRequest(RESTAPI::Errors::RecordNotUpdated);
-
 	}
 }

src/RESTAPI/RESTAPI_default_configurations.cpp

@@ -23,16 +23,6 @@ namespace OpenWifi {
 
 		std::vector<GWObjects::DefaultConfiguration> DefConfigs;
 		StorageService()->GetDefaultConfigurations(QB_.Offset, QB_.Limit, DefConfigs);
-
-		Poco::JSON::Array Objects;
-		for (const auto &i : DefConfigs) {
-			Poco::JSON::Object Obj;
-			i.to_json(Obj);
-			Objects.add(Obj);
-		}
-
-		Poco::JSON::Object RetObj;
-		RetObj.set(RESTAPI::Protocol::CONFIGURATIONS, Objects);
-		ReturnObject(RetObj);
+		return Object(RESTAPI::Protocol::CONFIGURATIONS, DefConfigs);
 	}
 }

src/RESTAPI/RESTAPI_deviceDashboardHandler.cpp

@@ -8,9 +8,11 @@
 
 namespace OpenWifi {
 	void RESTAPI_deviceDashboardHandler::DoGet() {
-		Daemon()->GetDashboard().Create();
-		Poco::JSON::Object	Answer;
-		Daemon()->GetDashboard().Report().to_json(Answer);
-		ReturnObject(Answer);
+		poco_information(Logger(),fmt::format("GET-DASHBOARD: {}", Requester()));
+		GWObjects::Dashboard	Data;
+		if(Daemon()->GetDashboard().Get(Data, Logger())) {
+			return Object(Data);
+		}
+		return BadRequest(RESTAPI::Errors::InternalError);
 	}
 }

src/RESTAPI/RESTAPI_device_commandHandler.cpp

@@ -21,6 +21,8 @@
 #include "TelemetryStream.h"
 #include "CommandManager.h"
 
+#include "SignatureMgr.h"
+
 #include "framework/ConfigurationValidator.h"
 #include "framework/KafkaTopics.h"
 #include "framework/ow_constants.h"
@@ -33,7 +35,7 @@
 namespace OpenWifi {
 
 	void RESTAPI_device_commandHandler::CallCanceled(const char * Cmd, const OpenWifi::RESTAPI::Errors::msg &Err, const std::string & Details) {
-		Logger_.warning(fmt::format("{},{}: TID={} Canceled. Error:{} Reason:{} Details={}", Cmd, SerialNumber_, TransactionId_, Err.err_num, Err.err_txt, Details));
+		poco_warning(Logger_,fmt::format("{},{}: TID={} Canceled. Error:{} Reason:{} Details={}", Cmd, SerialNumber_, TransactionId_, Err.err_num, Err.err_txt, Details));
 	}
 
 	void RESTAPI_device_commandHandler::DoGet() {
@@ -50,32 +52,40 @@ namespace OpenWifi {
 			return NotFound();
 		}
 
+		auto Command = APCommands::to_apcommand(Command_.c_str());
+		if(Command==APCommands::Commands::unknown) {
+			return BadRequest(RESTAPI::Errors::InvalidCommand);
+		}
+
 		SerialNumberInt_ = Utils::SerialNumberToInt(SerialNumber_);
 		Poco::Thread::current()->setName(fmt::format("{}:{}:{}", Command_, TransactionId_, SerialNumber_));
 
-		if (Command_ == RESTAPI::Protocol::CAPABILITIES){
-			return GetCapabilities();
-		} else if (Command_ == RESTAPI::Protocol::LOGS) {
-			return GetLogs();
-		} else if (Command_ == RESTAPI::Protocol::HEALTHCHECKS) {
-			return GetChecks();
-		} else if (Command_ == RESTAPI::Protocol::STATISTICS) {
-			return GetStatistics();
-		} else if (Command_ == RESTAPI::Protocol::STATUS) {
-			return GetStatus();
-		} else if (Command_ == RESTAPI::Protocol::RTTY) {
-			if(!AP_WS_Server()->Connected(SerialNumberInt_)) {
-				CallCanceled(Command_.c_str(), RESTAPI::Errors::DeviceNotConnected);
-				return BadRequest(RESTAPI::Errors::DeviceNotConnected);
-			}
-			auto UUID = MicroServiceCreateUUID();
-			auto RPC = CommandManager()->NextRPCId();
-			poco_debug(Logger_,fmt::format("Command rtty TID={} can proceed. Identified as {} and RPCID as {}. thr_id={}",
-											TransactionId_, UUID, RPC,
-											Poco::Thread::current()->id()));
-			return Rtty(UUID,RPC,60000ms);
-		} else {
-			return BadRequest(RESTAPI::Errors::InvalidCommand);
+		switch(Command) {
+			case APCommands::Commands::capabilities:
+				return GetCapabilities();
+			case APCommands::Commands::logs:
+				return GetLogs();
+			case APCommands::Commands::healthchecks:
+				return GetChecks();
+			case APCommands::Commands::statistics:
+				return GetStatistics();
+			case APCommands::Commands::status:
+				return GetStatus();
+			case APCommands::Commands::rtty: {
+				GWObjects::DeviceRestrictions     Restrictions;
+				if(!AP_WS_Server()->Connected(SerialNumberInt_, Restrictions)) {
+					CallCanceled(Command_.c_str(), RESTAPI::Errors::DeviceNotConnected);
+					return BadRequest(RESTAPI::Errors::DeviceNotConnected);
+				}
+				auto UUID = MicroServiceCreateUUID();
+				auto RPC = CommandManager()->Next_RPC_ID();
+				poco_debug(Logger_,fmt::format("Command rtty TID={} can proceed. Identified as {} and RPCID as {}. thr_id={}",
+												TransactionId_, UUID, RPC,
+												Poco::Thread::current()->id()));
+				return Rtty(UUID,RPC,60000ms, Restrictions);
+				};
+			default:
+				return BadRequest(RESTAPI::Errors::InvalidCommand);
 		}
 	}
 
@@ -93,48 +103,51 @@ namespace OpenWifi {
 			return NotFound();
 		}
 
+		auto Command = APCommands::to_apcommand(Command_.c_str());
+		if(Command==APCommands::Commands::unknown) {
+			return BadRequest(RESTAPI::Errors::InvalidCommand);
+		}
+
 		SerialNumberInt_ = Utils::SerialNumberToInt(SerialNumber_);
 		Poco::Thread::current()->setName(fmt::format("{}:{}:{}",Command_, TransactionId_,SerialNumber_));
 
-		if (Command_ == RESTAPI::Protocol::CAPABILITIES) {
+		switch(Command) {
+		case APCommands::Commands::capabilities:
 			return DeleteCapabilities();
-		} else if (Command_ == RESTAPI::Protocol::LOGS){
+		case APCommands::Commands::logs:
 			return DeleteLogs();
-		} else if (Command_ == RESTAPI::Protocol::HEALTHCHECKS){
+		case APCommands::Commands::healthchecks:
 			return DeleteChecks();
-		} else if (Command_ == RESTAPI::Protocol::STATISTICS) {
+		case APCommands::Commands::statistics:
 			return DeleteStatistics();
-		} else {
+		default:
 			return BadRequest(RESTAPI::Errors::InvalidCommand);
 		}
 	}
 
 	struct PostDeviceCommand {
-		const char *		Command;
-		bool 				AllowParallel=false;
-		bool 				RequireConnection = true;
-		void (RESTAPI_device_commandHandler::*funPtr)(const std::string &, std::uint64_t, std::chrono::milliseconds );
+		APCommands::Commands			Command=APCommands::Commands::unknown;
+		bool 							AllowParallel=false;
+		bool 							RequireConnection = true;
+		void (RESTAPI_device_commandHandler::*funPtr)(const std::string &, std::uint64_t, std::chrono::milliseconds, const GWObjects::DeviceRestrictions &R );
 		std::chrono::milliseconds 		Timeout=120ms;
 	};
 
-	/*
-	const static std::vector<PostDeviceCommand>	PostCommands
+	static const std::vector<PostDeviceCommand>	PostCommands =
 		{
-			{ RESTAPI::Protocol::PERFORM, false, true, &RESTAPI_device_commandHandler::ExecuteCommand },
-			{ RESTAPI::Protocol::CONFIGURE, false, false, &RESTAPI_device_commandHandler::Configure },
-			{ RESTAPI::Protocol::UPGRADE, false, false, &RESTAPI_device_commandHandler::Upgrade },
-			{ RESTAPI::Protocol::REBOOT, false, true, &RESTAPI_device_commandHandler::Reboot },
-			{ RESTAPI::Protocol::FACTORY, false, false, &RESTAPI_device_commandHandler::Factory },
-			{ RESTAPI::Protocol::LEDS, false, true, &RESTAPI_device_commandHandler::LEDs },
-			{ RESTAPI::Protocol::TRACE, false, true, &RESTAPI_device_commandHandler::Trace },
-			{ RESTAPI::Protocol::REQUEST, false, true, &RESTAPI_device_commandHandler::MakeRequest },
-			{ RESTAPI::Protocol::WIFISCAN, false, true, &RESTAPI_device_commandHandler::WifiScan },
-			{ RESTAPI::Protocol::EVENTQUEUE, false, true, &RESTAPI_device_commandHandler::EventQueue },
-			{ RESTAPI::Protocol::TELEMETRY, false, true, &RESTAPI_device_commandHandler::Telemetry },
-			{ RESTAPI::Protocol::PING, false, true, &RESTAPI_device_commandHandler::Ping },
-			{ RESTAPI::Protocol::SCRIPT, false, true, &RESTAPI_device_commandHandler::Script }
-		};
-	*/
+			{ APCommands::Commands::configure, false, false, &RESTAPI_device_commandHandler::Configure, 120000ms },
+			{ APCommands::Commands::upgrade, false, false, &RESTAPI_device_commandHandler::Upgrade, 30000ms },
+			{ APCommands::Commands::reboot, false, true, &RESTAPI_device_commandHandler::Reboot, 30000ms },
+			{ APCommands::Commands::factory, false, false, &RESTAPI_device_commandHandler::Factory, 30000ms },
+			{ APCommands::Commands::leds, false, true, &RESTAPI_device_commandHandler::LEDs, 120000ms },
+			{ APCommands::Commands::trace, false, true, &RESTAPI_device_commandHandler::Trace, 300000ms },
+			{ APCommands::Commands::request, false, true, &RESTAPI_device_commandHandler::MakeRequest, 120000ms },
+			{ APCommands::Commands::wifiscan, false, true, &RESTAPI_device_commandHandler::WifiScan, 120000ms },
+			{ APCommands::Commands::eventqueue, false, true, &RESTAPI_device_commandHandler::EventQueue, 30000ms },
+			{ APCommands::Commands::telemetry, false, true, &RESTAPI_device_commandHandler::Telemetry, 30000ms },
+			{ APCommands::Commands::ping, false, true, &RESTAPI_device_commandHandler::Ping, 60000ms },
+			{ APCommands::Commands::script, false, true, &RESTAPI_device_commandHandler::Script, 300000ms }
+	};
 
 	void RESTAPI_device_commandHandler::DoPost() {
 		if(!ValidateParameters()) {
@@ -143,55 +156,46 @@ namespace OpenWifi {
 		if(!Utils::NormalizeMac(SerialNumber_)) {
 			return BadRequest(RESTAPI::Errors::MissingSerialNumber);
 		}
+
+		auto Command = APCommands::to_apcommand(Command_.c_str());
+		if(Command==APCommands::Commands::unknown) {
+			return BadRequest(RESTAPI::Errors::InvalidCommand);
+		}
+
 		SerialNumberInt_ = Utils::SerialNumberToInt(SerialNumber_);
 		GWObjects::Device	TheDevice;
 		if(!StorageService()->GetDevice(SerialNumber_,TheDevice)) {
 			return NotFound();
 		}
 
-		const std::vector<PostDeviceCommand>	PostCommands =
-			{
-				{ RESTAPI::Protocol::PERFORM, false, true, &RESTAPI_device_commandHandler::ExecuteCommand, 120000ms },
-				{ RESTAPI::Protocol::CONFIGURE, false, false, &RESTAPI_device_commandHandler::Configure, 120000ms },
-				{ RESTAPI::Protocol::UPGRADE, false, false, &RESTAPI_device_commandHandler::Upgrade, 30000ms },
-				{ RESTAPI::Protocol::REBOOT, false, true, &RESTAPI_device_commandHandler::Reboot, 30000ms },
-				{ RESTAPI::Protocol::FACTORY, false, false, &RESTAPI_device_commandHandler::Factory, 30000ms },
-				{ RESTAPI::Protocol::LEDS, false, true, &RESTAPI_device_commandHandler::LEDs, 120000ms },
-				{ RESTAPI::Protocol::TRACE, false, true, &RESTAPI_device_commandHandler::Trace, 300000ms },
-				{ RESTAPI::Protocol::REQUEST, false, true, &RESTAPI_device_commandHandler::MakeRequest, 120000ms },
-				{ RESTAPI::Protocol::WIFISCAN, false, true, &RESTAPI_device_commandHandler::WifiScan, 120000ms },
-				{ RESTAPI::Protocol::EVENTQUEUE, false, true, &RESTAPI_device_commandHandler::EventQueue, 30000ms },
-				{ RESTAPI::Protocol::TELEMETRY, false, true, &RESTAPI_device_commandHandler::Telemetry, 30000ms },
-				{ RESTAPI::Protocol::PING, false, true, &RESTAPI_device_commandHandler::Ping, 60000ms },
-				{ RESTAPI::Protocol::SCRIPT, false, true, &RESTAPI_device_commandHandler::Script, 300000ms }
-			};
-
-		for(const auto &Command:PostCommands) {
-			if(Command_==Command.Command) {
-				Poco::Thread::current()->setName(fmt::format("{}:{}:{}",Command.Command, TransactionId_,SerialNumber_));
-				if(Command.RequireConnection && !AP_WS_Server()->Connected(SerialNumberInt_)) {
-					CallCanceled(Command.Command, RESTAPI::Errors::DeviceNotConnected);
+		for(const auto &PostCommand:PostCommands) {
+			if(Command==PostCommand.Command) {
+				Poco::Thread::current()->setName(fmt::format("{}:{}:{}",Command_, TransactionId_,SerialNumber_));
+                GWObjects::DeviceRestrictions Restrictions;
+				if(PostCommand.RequireConnection && !AP_WS_Server()->Connected(SerialNumberInt_, Restrictions)) {
+					CallCanceled(Command_.c_str(), RESTAPI::Errors::DeviceNotConnected);
 					return BadRequest(RESTAPI::Errors::DeviceNotConnected);
 				}
-				std::string Command_UUID, CommandName;
-				if(!Command.AllowParallel && CommandManager()->CommandRunningForDevice(SerialNumberInt_,Command_UUID,CommandName)) {
-					auto Extra = fmt::format("UUID={} Command={}", Command_UUID, CommandName);
-					CallCanceled(Command.Command, RESTAPI::Errors::DeviceIsAlreadyBusy, Extra);
+				std::string 			Command_UUID;
+				APCommands::Commands	CommandName;
+				if(!PostCommand.AllowParallel && CommandManager()->CommandRunningForDevice(SerialNumberInt_,Command_UUID,CommandName)) {
+					auto Extra = fmt::format("UUID={} Command={}", Command_UUID, APCommands::to_string(CommandName));
+					CallCanceled(Command_.c_str(), RESTAPI::Errors::DeviceIsAlreadyBusy, Extra);
 					return BadRequest(RESTAPI::Errors::DeviceIsAlreadyBusy, Extra);
 				}
 				auto UUID = MicroServiceCreateUUID();
-				auto RPC = CommandManager()->NextRPCId();
+				auto RPC = CommandManager()->Next_RPC_ID();
 				poco_debug(Logger_,fmt::format("Command {} TID={} can proceed. Identified as {} and RPCID as {}. thr_id={}",
-												Command.Command, TransactionId_, UUID, RPC,
+												Command_, TransactionId_, UUID, RPC,
 												Poco::Thread::current()->id()));
-				return (*this.*Command.funPtr)(UUID,RPC,Command.Timeout);
+				return (*this.*PostCommand.funPtr)(UUID,RPC,PostCommand.Timeout, Restrictions);
 			}
 		}
 		return BadRequest(RESTAPI::Errors::InvalidCommand);
 	}
 
 	void RESTAPI_device_commandHandler::GetCapabilities() {
-		Logger_.information(fmt::format("GET-CAPABILITIES: TID={} user={} serial={}. thr_id={}",
+		poco_information(Logger_,fmt::format("GET-CAPABILITIES: TID={} user={} serial={}. thr_id={}",
 										TransactionId_, Requester(), SerialNumber_,
 										Poco::Thread::current()->id()));
 		GWObjects::Capabilities Caps;
@@ -205,7 +209,7 @@ namespace OpenWifi {
 	}
 
 	void RESTAPI_device_commandHandler::DeleteCapabilities() {
-		Logger_.information(fmt::format("DELETE-CAPABILITIES: TID={} user={} serial={}. thr_id={}",
+		poco_information(Logger_,fmt::format("DELETE-CAPABILITIES: TID={} user={} serial={}. thr_id={}",
 										TransactionId_, Requester(), SerialNumber_,
 										Poco::Thread::current()->id()));
 		if (StorageService()->DeleteDeviceCapabilities(SerialNumber_)) {
@@ -215,17 +219,18 @@ namespace OpenWifi {
 	}
 
 	void RESTAPI_device_commandHandler::GetStatistics() {
-		Logger_.information(fmt::format("GET-STATISTICS: TID={} user={} serial={}. thr_id={}",
+		std::string StatsType = QB_.LastOnly ? "LastOnly" : ( QB_.Newest ? "Newest" :
+								( QB_.CountOnly ? "CountOnly" : "Timed"));
+		poco_information(Logger_,fmt::format("GET-STATISTICS: TID={} user={} serial={}. thr_id={}, TYPE={}",
 										TransactionId_, Requester(), SerialNumber_,
-										Poco::Thread::current()->id()));
+										Poco::Thread::current()->id(),StatsType));
 		if (QB_.LastOnly) {
 			std::string Stats;
 			if (AP_WS_Server()->GetStatistics(SerialNumber_, Stats) && !Stats.empty()) {
-				Poco::JSON::Parser P;
-				if (Stats.empty())
-					Stats = uCentralProtocol::EMPTY_JSON_DOC;
-				auto Obj = P.parse(Stats).extract<Poco::JSON::Object::Ptr>();
-				return ReturnObject(*Obj);
+                return ReturnRawJSON(Stats);
+			}
+			if(AP_WS_Server()->Connected(SerialNumberInt_)) {
+				return BadRequest(RESTAPI::Errors::NoDeviceStatisticsYet);
 			}
 			return BadRequest(RESTAPI::Errors::DeviceNotConnected);
 		}
@@ -234,16 +239,25 @@ namespace OpenWifi {
 		if (QB_.Newest) {
 			StorageService()->GetNewestStatisticsData(SerialNumber_, QB_.Limit, Stats);
 		} else {
+            if(QB_.CountOnly) {
+                std::uint64_t Count = 0 ;
+			    StorageService()->GetNumberOfStatisticsDataRecords(SerialNumber_, QB_.StartDate, QB_.EndDate,Count);
+                return ReturnCountOnly(Count);
+            }
+            if(QB_.Limit>100)
+                QB_.Limit=100;
+
 			StorageService()->GetStatisticsData(SerialNumber_, QB_.StartDate, QB_.EndDate,
 												 QB_.Offset, QB_.Limit, Stats);
 		}
 
-		Poco::JSON::Array ArrayObj;
+		Poco::JSON::Array::Ptr ArrayObj = Poco::SharedPtr<Poco::JSON::Array>(new Poco::JSON::Array);
 		for (const auto &i : Stats) {
-			Poco::JSON::Object Obj;
-			i.to_json(Obj);
-			ArrayObj.add(Obj);
+			Poco::JSON::Object::Ptr Obj = Poco::SharedPtr<Poco::JSON::Object>(new Poco::JSON::Object);
+			i.to_json(*Obj);
+			ArrayObj->add(Obj);
 		}
+
 		Poco::JSON::Object RetObj;
 		RetObj.set(RESTAPI::Protocol::DATA, ArrayObj);
 		RetObj.set(RESTAPI::Protocol::SERIALNUMBER, SerialNumber_);
@@ -252,7 +266,7 @@ namespace OpenWifi {
 	}
 
 	void RESTAPI_device_commandHandler::DeleteStatistics() {
-		Logger_.information(fmt::format("DELETE-STATISTICS: TID={} user={} serial={}. thr_id={}",
+		poco_information(Logger_,fmt::format("DELETE-STATISTICS: TID={} user={} serial={}. thr_id={}",
 										TransactionId_, Requester(), SerialNumber_,
 										Poco::Thread::current()->id()));
 		if (StorageService()->DeleteStatisticsData(SerialNumber_, QB_.StartDate, QB_.EndDate)) {
@@ -262,7 +276,7 @@ namespace OpenWifi {
 	}
 
 	void RESTAPI_device_commandHandler::GetStatus() {
-		Logger_.information(fmt::format("GET-STATUS: TID={} user={} serial={}. thr_id={}",
+		poco_information(Logger_,fmt::format("GET-STATUS: TID={} user={} serial={}. thr_id={}",
 										TransactionId_, Requester(), SerialNumber_,
 										Poco::Thread::current()->id()));
 		GWObjects::ConnectionState State;
@@ -280,7 +294,7 @@ namespace OpenWifi {
 	}
 
 	void RESTAPI_device_commandHandler::GetLogs() {
-		Logger_.information(fmt::format("GET-LOGS: TID={} user={} serial={}. thr_id={}",
+		poco_information(Logger_,fmt::format("GET-LOGS: TID={} user={} serial={}. thr_id={}",
 										TransactionId_, Requester(), SerialNumber_,
 										Poco::Thread::current()->id()));
 		std::vector<GWObjects::DeviceLog> Logs;
@@ -304,7 +318,7 @@ namespace OpenWifi {
 	}
 
 	void RESTAPI_device_commandHandler::DeleteLogs() {
-		Logger_.information(fmt::format("DELETE-LOGS: TID={} user={} serial={}. thr_id={}",
+		poco_information(Logger_,fmt::format("DELETE-LOGS: TID={} user={} serial={}. thr_id={}",
 										TransactionId_, Requester(), SerialNumber_,
 										Poco::Thread::current()->id()));
 		if (StorageService()->DeleteLogData(SerialNumber_, QB_.StartDate, QB_.EndDate,
@@ -315,12 +329,10 @@ namespace OpenWifi {
 	}
 
 	void RESTAPI_device_commandHandler::GetChecks() {
-		Logger_.information(fmt::format("GET-HEALTHCHECKS: TID={} user={} serial={}. thr_id={}",
+		poco_information(Logger_,fmt::format("GET-HEALTHCHECKS: TID={} user={} serial={}. thr_id={}",
 										TransactionId_, Requester(), SerialNumber_,
 										Poco::Thread::current()->id()));
 
-		std::vector<GWObjects::HealthCheck> Checks;
-
 		if (QB_.LastOnly) {
 			GWObjects::HealthCheck	HC;
 			if (AP_WS_Server()->GetHealthcheck(SerialNumber_, HC)) {
@@ -331,6 +343,7 @@ namespace OpenWifi {
 				return NotFound();
 			}
 		} else {
+			std::vector<GWObjects::HealthCheck> Checks;
 			if (QB_.Newest) {
 				StorageService()->GetNewestHealthCheckData(SerialNumber_, QB_.Limit, Checks);
 			} else {
@@ -353,7 +366,7 @@ namespace OpenWifi {
 	}
 
 	void RESTAPI_device_commandHandler::DeleteChecks() {
-		Logger_.information(fmt::format("DELETE-HEALTHCHECKS: TID={} user={} serial={}. thr_id={}",
+		poco_information(Logger_,fmt::format("DELETE-HEALTHCHECKS: TID={} user={} serial={}. thr_id={}",
 										TransactionId_, Requester(), SerialNumber_,
 										Poco::Thread::current()->id()));
 		if (StorageService()->DeleteHealthCheckData(SerialNumber_, QB_.StartDate, QB_.EndDate)) {
@@ -362,8 +375,8 @@ namespace OpenWifi {
 		BadRequest(RESTAPI::Errors::NoRecordsDeleted);
 	}
 
-	void RESTAPI_device_commandHandler::Ping(const std::string &CMD_UUID, uint64_t CMD_RPC, std::chrono::milliseconds timeout) {
-		Logger_.information(fmt::format("PING({},{}): TID={} user={} serial={}", CMD_UUID, CMD_RPC, TransactionId_, Requester(), SerialNumber_));
+	void RESTAPI_device_commandHandler::Ping(const std::string &CMD_UUID, uint64_t CMD_RPC, std::chrono::milliseconds timeout, [[maybe_unused]] const GWObjects::DeviceRestrictions &R) {
+		poco_information(Logger_,fmt::format("PING({},{}): TID={} user={} serial={}", CMD_UUID, CMD_RPC, TransactionId_, Requester(), SerialNumber_));
 		const auto &Obj = ParsedBody_;
 		if (Obj->has(RESTAPI::Protocol::SERIALNUMBER)) {
 			auto SNum = Obj->get(RESTAPI::Protocol::SERIALNUMBER).toString();
@@ -386,7 +399,7 @@ namespace OpenWifi {
 			Params.stringify(ParamStream);
 			Cmd.Details = ParamStream.str();
 
-			RESTAPI_RPC::WaitForCommand(CMD_RPC,false,Cmd, Params, *Request, *Response, timeout, nullptr, nullptr, Logger_);
+			RESTAPI_RPC::WaitForCommand(CMD_RPC, APCommands::Commands::ping,false,Cmd, Params, *Request, *Response, timeout, nullptr, nullptr, Logger_);
 
 			GWObjects::CommandDetails Cmd2;
 			if(StorageService()->GetCommand(CMD_UUID,Cmd2)) {
@@ -415,15 +428,15 @@ namespace OpenWifi {
 	}
 
 	void RESTAPI_device_commandHandler::CallCanceled(const char * Cmd, const std::string &UUID, uint64_t RPC, const OpenWifi::RESTAPI::Errors::msg &Err) {
-		Logger_.warning(fmt::format("{}({},{}): Canceled. Error:{} Reason:{}", Cmd, UUID, RPC, Err.err_num, Err.err_txt));
+		poco_warning(Logger_,fmt::format("{}({},{}): Canceled. Error:{} Reason:{}", Cmd, UUID, RPC, Err.err_num, Err.err_txt));
 	}
 
-	void RESTAPI_device_commandHandler::Script(const std::string &CMD_UUID, uint64_t CMD_RPC, std::chrono::milliseconds timeout) {
-		Logger_.information(fmt::format("SCRIPT({},{}): TID={} user={} serial={}", CMD_UUID, CMD_RPC, TransactionId_, Requester(), SerialNumber_));
-		if(!Internal_ && UserInfo_.userinfo.userRole!=SecurityObjects::ROOT) {
-			CallCanceled("SCRIPT", CMD_UUID, CMD_RPC,RESTAPI::Errors::ACCESS_DENIED);
-			return UnAuthorized(RESTAPI::Errors::ACCESS_DENIED);
-		}
+	static bool ValidateScriptType(const std::string &t) {
+		return t=="shell" || t=="bundle";
+	}
+
+	void RESTAPI_device_commandHandler::Script(const std::string &CMD_UUID, uint64_t CMD_RPC, std::chrono::milliseconds timeout, [[maybe_unused]] const GWObjects::DeviceRestrictions &R) {
+		poco_information(Logger_,fmt::format("SCRIPT({},{}): TID={} user={} serial={}", CMD_UUID, CMD_RPC, TransactionId_, Requester(), SerialNumber_));
 
 		const auto &Obj = ParsedBody_;
 		GWObjects::ScriptRequest	SCR;
@@ -432,13 +445,25 @@ namespace OpenWifi {
 			return BadRequest(RESTAPI::Errors::InvalidJSONDocument);
 		}
 
-		if (SCR.serialNumber.empty() ||
-			SCR.script.empty() ||
-			SCR.type.empty() ||
-			SCR.scriptId.empty() ||
-			(SCR.type!="shell" && SCR.type!="ucode")) {
-			CallCanceled("SCRIPT", CMD_UUID, CMD_RPC,RESTAPI::Errors::MissingOrInvalidParameters);
-			return BadRequest(RESTAPI::Errors::MissingOrInvalidParameters);
+		bool DiagnosticScript = (SCR.type=="diagnostic");
+		if(!SCR.script.empty() && !SCR.scriptId.empty()) {
+			CallCanceled("SCRIPT", CMD_UUID, CMD_RPC,RESTAPI::Errors::InvalidScriptSelection);
+			return UnAuthorized(RESTAPI::Errors::InvalidScriptSelection);
+		}
+
+		if(!Internal_ && UserInfo_.userinfo.userRole!=SecurityObjects::ROOT && SCR.scriptId.empty()) {
+			CallCanceled("SCRIPT", CMD_UUID, CMD_RPC,RESTAPI::Errors::ACCESS_DENIED);
+			return UnAuthorized(RESTAPI::Errors::ACCESS_DENIED);
+		}
+
+		if (SCR.script.empty() && SCR.scriptId.empty() && !DiagnosticScript) {
+			CallCanceled("SCRIPT", CMD_UUID, CMD_RPC,RESTAPI::Errors::InvalidScriptSelection);
+			return BadRequest(RESTAPI::Errors::InvalidScriptSelection);
+		}
+
+		if(DiagnosticScript && (!SCR.scriptId.empty() || !SCR.script.empty())){
+			CallCanceled("SCRIPT", CMD_UUID, CMD_RPC,RESTAPI::Errors::InvalidScriptSelection);
+			return BadRequest(RESTAPI::Errors::InvalidScriptSelection);
 		}
 
 		if (SerialNumber_ != SCR.serialNumber) {
@@ -446,6 +471,50 @@ namespace OpenWifi {
 			return BadRequest(RESTAPI::Errors::SerialNumberMismatch);
 		}
 
+		if(!SCR.uri.empty() && !Utils::ValidateURI(SCR.uri)) {
+			return BadRequest(RESTAPI::Errors::InvalidURI);
+		}
+
+		GWObjects::Device	D;
+		if(!StorageService()->GetDevice(SerialNumber_,D)) {
+			return NotFound();
+		}
+
+		if(!SCR.scriptId.empty()) {
+			GWObjects::ScriptEntry	Existing;
+			if(!StorageService()->ScriptDB().GetRecord("id",SCR.scriptId,Existing)) {
+				CallCanceled("SCRIPT", CMD_UUID, CMD_RPC,RESTAPI::Errors::MissingOrInvalidParameters);
+				return BadRequest(RESTAPI::Errors::MissingOrInvalidParameters);
+			}
+
+			//	verify the role...
+			if(Existing.restricted.empty() && UserInfo_.userinfo.userRole!=SecurityObjects::ROOT) {
+				CallCanceled("SCRIPT", CMD_UUID, CMD_RPC,RESTAPI::Errors::ACCESS_DENIED);
+				return UnAuthorized(RESTAPI::Errors::ACCESS_DENIED);
+			}
+
+			if(UserInfo_.userinfo.userRole!=SecurityObjects::ROOT) {
+				if (std::find(Existing.restricted.begin(), Existing.restricted.end(),
+							  SecurityObjects::UserTypeToString(UserInfo_.userinfo.userRole)) ==
+					end(Existing.restricted)) {
+					CallCanceled("SCRIPT", CMD_UUID, CMD_RPC, RESTAPI::Errors::ACCESS_DENIED);
+					return UnAuthorized(RESTAPI::Errors::ACCESS_DENIED);
+				}
+			}
+			poco_information(Logger_,fmt::format("SCRIPT({},{}): TID={} Name={}", CMD_UUID, CMD_RPC, TransactionId_, Existing.name));
+			SCR.script = Existing.content;
+			SCR.type = Existing.type;
+			if(!ParsedBody_->has("deferred"))
+				SCR.deferred = Existing.deferred;
+			if(!ParsedBody_->has("timeout"))
+				SCR.timeout = Existing.timeout;
+		} else {
+			if(!DiagnosticScript && !ValidateScriptType(SCR.type)) {
+				CallCanceled("SCRIPT", CMD_UUID, CMD_RPC,RESTAPI::Errors::MissingOrInvalidParameters);
+				return BadRequest(RESTAPI::Errors::MissingOrInvalidParameters);
+			}
+		}
+
 		uint64_t ap_timeout = SCR.timeout==0 ? 30 : SCR.timeout;
 
 		GWObjects::CommandDetails Cmd;
@@ -454,23 +523,50 @@ namespace OpenWifi {
 		Cmd.SubmittedBy = Requester();
 		Cmd.Command = uCentralProtocol::SCRIPT;
 		Cmd.RunAt = 0;
+		Cmd.WaitingForFile = SCR.deferred ? 1 : 0;
 
 		Poco::JSON::Object Params;
 		Params.set(uCentralProtocol::SERIAL, SerialNumber_);
-		Params.set(uCentralProtocol::TIMEOUT, ap_timeout);
+		if(SCR.deferred && SCR.uri.empty()) {
+			SCR.uri = FileUploader()->FullName() + CMD_UUID ;
+		}
+
+		if(SCR.deferred) {
+			Params.set(uCentralProtocol::URI, SCR.uri);
+		} else {
+			Params.set(uCentralProtocol::TIMEOUT, ap_timeout);
+		}
+
+		if(!SCR.signature.empty()) {
+			Params.set(uCentralProtocol::SIGNATURE, SCR.signature);
+		}
+
+		if(D.restrictedDevice && SCR.signature.empty()) {
+			SCR.signature = SignatureManager()->Sign(R, SCR.script);
+		}
+
+		if(D.restrictedDevice && SCR.signature.empty()) {
+			return BadRequest(RESTAPI::Errors::DeviceRequiresSignature);
+		}
+
+		// convert script to base64 ...
+		auto EncodedScript = Utils::base64encode((const unsigned char *)SCR.script.c_str(),SCR.script.size());
 		Params.set(uCentralProtocol::TYPE, SCR.type);
-		Params.set(uCentralProtocol::SCRIPT, SCR.script);
+		if(!DiagnosticScript) {
+			Params.set(uCentralProtocol::SCRIPT, EncodedScript);
+		}
 		Params.set(uCentralProtocol::WHEN, SCR.when);
 
 		std::stringstream ParamStream;
 		Params.stringify(ParamStream);
 		Cmd.Details = ParamStream.str();
+		FileUploader()->AddUUID(CMD_UUID, 15min, "script_result");
 
-		return RESTAPI_RPC::WaitForCommand(CMD_RPC,false,Cmd, Params, *Request, *Response, timeout, nullptr, this, Logger_);
+		return RESTAPI_RPC::WaitForCommand(CMD_RPC, APCommands::Commands::script,false,Cmd, Params, *Request, *Response, timeout, nullptr, this, Logger_);
 	}
 
-	void RESTAPI_device_commandHandler::Configure(const std::string &CMD_UUID, uint64_t CMD_RPC, std::chrono::milliseconds timeout) {
-		Logger_.information(fmt::format("CONFIGURE({},{}): TID={} user={} serial={}", CMD_UUID, CMD_RPC, TransactionId_, Requester(), SerialNumber_));
+	void RESTAPI_device_commandHandler::Configure(const std::string &CMD_UUID, uint64_t CMD_RPC, std::chrono::milliseconds timeout, [[maybe_unused]] const GWObjects::DeviceRestrictions &R) {
+		poco_information(Logger_,fmt::format("CONFIGURE({},{}): TID={} user={} serial={}", CMD_UUID, CMD_RPC, TransactionId_, Requester(), SerialNumber_));
 
 		const auto &Obj = ParsedBody_;
 		if (Obj->has(RESTAPI::Protocol::SERIALNUMBER) &&
@@ -514,15 +610,15 @@ namespace OpenWifi {
 				Cmd.Details = ParamStream.str();
 
 				// AP_WS_Server()->SetPendingUUID(SerialNumber_, NewUUID);
-				return RESTAPI_RPC::WaitForCommand(CMD_RPC,true,Cmd, Params, *Request, *Response, timeout, nullptr, this, Logger_);
+				return RESTAPI_RPC::WaitForCommand(CMD_RPC, APCommands::Commands::configure,true,Cmd, Params, *Request, *Response, timeout, nullptr, this, Logger_);
 			}
 			return BadRequest(RESTAPI::Errors::RecordNotUpdated);
 		}
 		BadRequest(RESTAPI::Errors::MissingOrInvalidParameters);
 	}
 
-	void RESTAPI_device_commandHandler::Upgrade(const std::string &CMD_UUID, uint64_t CMD_RPC, std::chrono::milliseconds timeout) {
-		Logger_.information(fmt::format("UPGRADE({},{}): TID={} user={} serial={}", CMD_UUID, CMD_RPC, TransactionId_, Requester(), SerialNumber_));
+	void RESTAPI_device_commandHandler::Upgrade(const std::string &CMD_UUID, uint64_t CMD_RPC, std::chrono::milliseconds timeout, [[maybe_unused]] const GWObjects::DeviceRestrictions &R) {
+		poco_information(Logger_,fmt::format("UPGRADE({},{}): TID={} user={} serial={}", CMD_UUID, CMD_RPC, TransactionId_, Requester(), SerialNumber_));
 
 		const auto &Obj = ParsedBody_;
 
@@ -535,6 +631,12 @@ namespace OpenWifi {
 				return BadRequest(RESTAPI::Errors::SerialNumberMismatch);
 			}
 
+			GWObjects::Device	DeviceInfo;
+			if(!StorageService()->GetDevice(SerialNumber_,DeviceInfo)) {
+				return NotFound();
+			}
+
+			std::string FWSignature = GetParameter("FWsignature","");
 			auto URI = GetS(RESTAPI::Protocol::URI, Obj);
 			auto When = GetWhen(Obj);
 
@@ -553,68 +655,33 @@ namespace OpenWifi {
 			Params.set(uCentralProtocol::SERIAL, SerialNumber_);
 			Params.set(uCentralProtocol::URI, URI);
 			Params.set(uCentralProtocol::KEEP_REDIRECTOR, KeepRedirector ? 1 : 0);
-			Params.set(uCentralProtocol::WHEN, When);
 
-			std::stringstream ParamStream;
-			Params.stringify(ParamStream);
-			Cmd.Details = ParamStream.str();
-
-			return RESTAPI_RPC::WaitForCommand(CMD_RPC,true,Cmd,Params, *Request, *Response, timeout, nullptr, this, Logger_);
-		}
-		BadRequest(RESTAPI::Errors::MissingOrInvalidParameters);
-	}
-
-
-	void RESTAPI_device_commandHandler::ExecuteCommand(const std::string &CMD_UUID, uint64_t CMD_RPC, std::chrono::milliseconds timeout) {
-		Logger_.information(fmt::format("EXECUTE({},{}): TID={} user={} serial={}", CMD_UUID, CMD_RPC, TransactionId_, Requester(), SerialNumber_));
-
-		const auto &Obj = ParsedBody_;
-		if (Obj->has(RESTAPI::Protocol::COMMAND) &&
-			Obj->has(RESTAPI::Protocol::SERIALNUMBER) &&
-			Obj->has(RESTAPI::Protocol::PAYLOAD)) {
-
-			auto SNum = Obj->get(RESTAPI::Protocol::SERIALNUMBER).toString();
-			if (SerialNumber_ != SNum) {
-				CallCanceled("EXECUTE", CMD_UUID, CMD_RPC,RESTAPI::Errors::SerialNumberMismatch);
-				return BadRequest(RESTAPI::Errors::SerialNumberMismatch);
+			if(DeviceInfo.restrictionDetails.upgrade && FWSignature.empty()) {
+				Poco::URI	uri(URI);
+				FWSignature = SignatureManager()->Sign(DeviceInfo.restrictionDetails,uri);
 			}
 
-			auto Command = GetS(RESTAPI::Protocol::COMMAND, Obj);
-			auto Payload = GetS(RESTAPI::Protocol::PAYLOAD, Obj);
-			auto When = GetWhen(Obj);
+			if(FWSignature.empty() && DeviceInfo.restrictionDetails.upgrade) {
+				return BadRequest(RESTAPI::Errors::DeviceRequiresSignature);
+			}
 
-			GWObjects::CommandDetails Cmd;
+			if(!FWSignature.empty()) {
+				Params.set(uCentralProtocol::SIGNATURE, FWSignature);
+			}
 
-			Cmd.SerialNumber = SerialNumber_;
-			Cmd.UUID = CMD_UUID;
-			Cmd.SubmittedBy = Requester();
-			Cmd.Command = Command;
-			Cmd.Custom = 1;
-			Cmd.RunAt = When;
-
-			Poco::JSON::Parser parser2;
-
-			Poco::Dynamic::Var result = parser2.parse(Payload);
-			const auto &PayloadObject = result.extract<Poco::JSON::Object::Ptr>();
-
-			Poco::JSON::Object Params;
-
-			Params.set(uCentralProtocol::SERIAL, SerialNumber_);
-			Params.set(uCentralProtocol::COMMAND, Command);
 			Params.set(uCentralProtocol::WHEN, When);
-			Params.set(uCentralProtocol::PAYLOAD, PayloadObject);
 
 			std::stringstream ParamStream;
 			Params.stringify(ParamStream);
 			Cmd.Details = ParamStream.str();
 
-			return RESTAPI_RPC::WaitForCommand(CMD_RPC,false,Cmd, Params, *Request, *Response, timeout, nullptr, this, Logger_);
+			return RESTAPI_RPC::WaitForCommand(CMD_RPC, APCommands::Commands::upgrade,true,Cmd,Params, *Request, *Response, timeout, nullptr, this, Logger_);
 		}
 		BadRequest(RESTAPI::Errors::MissingOrInvalidParameters);
 	}
 
-	void RESTAPI_device_commandHandler::Reboot(const std::string &CMD_UUID, uint64_t CMD_RPC, std::chrono::milliseconds timeout) {
-		Logger_.information(fmt::format("REBOOT({},{}): TID={} user={} serial={}", CMD_UUID, CMD_RPC, TransactionId_, Requester(), SerialNumber_));
+	void RESTAPI_device_commandHandler::Reboot(const std::string &CMD_UUID, uint64_t CMD_RPC, std::chrono::milliseconds timeout, [[maybe_unused]] const GWObjects::DeviceRestrictions &R) {
+		poco_information(Logger_,fmt::format("REBOOT({},{}): TID={} user={} serial={}", CMD_UUID, CMD_RPC, TransactionId_, Requester(), SerialNumber_));
 
 		const auto &Obj = ParsedBody_;
 
@@ -642,13 +709,13 @@ namespace OpenWifi {
 			Params.stringify(ParamStream);
 			Cmd.Details = ParamStream.str();
 
-			return RESTAPI_RPC::WaitForCommand(CMD_RPC,false,Cmd, Params, *Request, *Response, timeout, nullptr, this, Logger_);
+			return RESTAPI_RPC::WaitForCommand(CMD_RPC, APCommands::Commands::reboot, false,Cmd, Params, *Request, *Response, timeout, nullptr, this, Logger_);
 		}
 		BadRequest(RESTAPI::Errors::MissingSerialNumber);
 	}
 
-	void RESTAPI_device_commandHandler::Factory(const std::string &CMD_UUID, uint64_t CMD_RPC, std::chrono::milliseconds timeout) {
-		Logger_.information(fmt::format("FACTORY-RESET({},{}): TID={} user={} serial={}", CMD_UUID, CMD_RPC, TransactionId_, Requester(), SerialNumber_));
+	void RESTAPI_device_commandHandler::Factory(const std::string &CMD_UUID, uint64_t CMD_RPC, std::chrono::milliseconds timeout, [[maybe_unused]] const GWObjects::DeviceRestrictions &R) {
+		poco_information(Logger_,fmt::format("FACTORY-RESET({},{}): TID={} user={} serial={}", CMD_UUID, CMD_RPC, TransactionId_, Requester(), SerialNumber_));
 
 		const auto &Obj = ParsedBody_;
 		if (Obj->has(RESTAPI::Protocol::KEEPREDIRECTOR) &&
@@ -682,13 +749,13 @@ namespace OpenWifi {
 			Params.stringify(ParamStream);
 			Cmd.Details = ParamStream.str();
 
-			return RESTAPI_RPC::WaitForCommand(CMD_RPC,true,Cmd, Params, *Request, *Response, timeout, nullptr, this, Logger_);
+			return RESTAPI_RPC::WaitForCommand(CMD_RPC, APCommands::Commands::factory,true,Cmd, Params, *Request, *Response, timeout, nullptr, this, Logger_);
 		}
 		BadRequest(RESTAPI::Errors::MissingOrInvalidParameters);
 	}
 
-	void RESTAPI_device_commandHandler::LEDs(const std::string &CMD_UUID, uint64_t CMD_RPC, std::chrono::milliseconds timeout) {
-		Logger_.information(fmt::format("LEDS({},{}): TID={} user={} serial={}", CMD_UUID, CMD_RPC, TransactionId_, Requester(), SerialNumber_));
+	void RESTAPI_device_commandHandler::LEDs(const std::string &CMD_UUID, uint64_t CMD_RPC, std::chrono::milliseconds timeout, [[maybe_unused]] const GWObjects::DeviceRestrictions &R) {
+		poco_information(Logger_,fmt::format("LEDS({},{}): TID={} user={} serial={}", CMD_UUID, CMD_RPC, TransactionId_, Requester(), SerialNumber_));
 
 		const auto &Obj = ParsedBody_;
 
@@ -730,13 +797,13 @@ namespace OpenWifi {
 			Params.stringify(ParamStream);
 			Cmd.Details = ParamStream.str();
 
-			return RESTAPI_RPC::WaitForCommand(CMD_RPC,false,Cmd, Params, *Request, *Response, timeout, nullptr, this, Logger_);
+			return RESTAPI_RPC::WaitForCommand(CMD_RPC, APCommands::Commands::leds,false,Cmd, Params, *Request, *Response, timeout, nullptr, this, Logger_);
 		}
 		BadRequest(RESTAPI::Errors::MissingOrInvalidParameters);
 	}
 
-	void RESTAPI_device_commandHandler::Trace(const std::string &CMD_UUID, uint64_t CMD_RPC, std::chrono::milliseconds timeout) {
-		Logger_.information(fmt::format("TRACE({},{}): TID={} user={} serial={}", CMD_UUID, CMD_RPC, TransactionId_, Requester(), SerialNumber_));
+	void RESTAPI_device_commandHandler::Trace(const std::string &CMD_UUID, uint64_t CMD_RPC, std::chrono::milliseconds timeout, [[maybe_unused]] const GWObjects::DeviceRestrictions &R) {
+		poco_information(Logger_,fmt::format("TRACE({},{}): TID={} user={} serial={}", CMD_UUID, CMD_RPC, TransactionId_, Requester(), SerialNumber_));
 
 		const auto &Obj = ParsedBody_;
 
@@ -782,14 +849,14 @@ namespace OpenWifi {
 			Params.stringify(ParamStream);
 			Cmd.Details = ParamStream.str();
 
-			FileUploader()->AddUUID(CMD_UUID);
-			return RESTAPI_RPC::WaitForCommand(CMD_RPC,false,Cmd, Params, *Request, *Response, timeout, nullptr, this, Logger_);
+			FileUploader()->AddUUID(CMD_UUID, 10min, "trace");
+			return RESTAPI_RPC::WaitForCommand(CMD_RPC, APCommands::Commands::trace,false,Cmd, Params, *Request, *Response, timeout, nullptr, this, Logger_);
 		}
 		BadRequest(RESTAPI::Errors::MissingOrInvalidParameters);
 	}
 
-	void RESTAPI_device_commandHandler::WifiScan(const std::string &CMD_UUID, uint64_t CMD_RPC, std::chrono::milliseconds timeout) {
-		Logger_.information(fmt::format("WIFISCAN({},{}): TID={} user={} serial={}", CMD_UUID, CMD_RPC, TransactionId_, Requester(), SerialNumber_));
+	void RESTAPI_device_commandHandler::WifiScan(const std::string &CMD_UUID, uint64_t CMD_RPC, std::chrono::milliseconds timeout, [[maybe_unused]] const GWObjects::DeviceRestrictions &R) {
+		poco_information(Logger_,fmt::format("WIFISCAN({},{}): TID={} user={} serial={}", CMD_UUID, CMD_RPC, TransactionId_, Requester(), SerialNumber_));
 		const auto &Obj = ParsedBody_;
 
 		auto SNum = Obj->get(RESTAPI::Protocol::SERIALNUMBER).toString();
@@ -817,6 +884,11 @@ namespace OpenWifi {
 		Poco::JSON::Object Params;
 
 		Params.set(uCentralProtocol::SERIAL, SerialNumber_);
+
+        if(R.dfs && OverrideDFS) {
+            return BadRequest(RESTAPI::Errors::DeviceIsRestricted);
+        }
+
 		Params.set(uCentralProtocol::OVERRIDEDFS, OverrideDFS);
 		Params.set(uCentralProtocol::ACTIVE, ActiveScan);
 		if(ies)
@@ -827,14 +899,14 @@ namespace OpenWifi {
 		std::stringstream ParamStream;
 		Params.stringify(ParamStream);
 		Cmd.Details = ParamStream.str();
-		RESTAPI_RPC::WaitForCommand(CMD_RPC,false,Cmd, Params, *Request, *Response, timeout, nullptr, this, Logger_);
+		RESTAPI_RPC::WaitForCommand(CMD_RPC, APCommands::Commands::wifiscan,false,Cmd, Params, *Request, *Response, timeout, nullptr, this, Logger_);
 		if (Cmd.ErrorCode == 0) {
 			KafkaManager()->PostMessage(KafkaTopics::WIFISCAN, SerialNumber_, Cmd.Results);
 		}
 	}
 
-	void RESTAPI_device_commandHandler::EventQueue(const std::string &CMD_UUID, uint64_t CMD_RPC, std::chrono::milliseconds timeout) {
-		Logger_.information(fmt::format("EVENT-QUEUE({},{}): TID={} user={} serial={}", CMD_UUID, CMD_RPC, TransactionId_, Requester(), SerialNumber_));
+	void RESTAPI_device_commandHandler::EventQueue(const std::string &CMD_UUID, uint64_t CMD_RPC, std::chrono::milliseconds timeout, [[maybe_unused]] const GWObjects::DeviceRestrictions &R) {
+		poco_information(Logger_,fmt::format("EVENT-QUEUE({},{}): TID={} user={} serial={}", CMD_UUID, CMD_RPC, TransactionId_, Requester(), SerialNumber_));
 
 		const auto &Obj = ParsedBody_;
 		if (Obj->has(RESTAPI::Protocol::SERIALNUMBER) &&
@@ -862,7 +934,7 @@ namespace OpenWifi {
 			Params.stringify(ParamStream);
 			Cmd.Details = ParamStream.str();
 
-			RESTAPI_RPC::WaitForCommand(CMD_RPC,false,Cmd, Params, *Request, *Response, timeout, nullptr, this, Logger_);
+			RESTAPI_RPC::WaitForCommand(CMD_RPC, APCommands::Commands::eventqueue,false,Cmd, Params, *Request, *Response, timeout, nullptr, this, Logger_);
 			if(Cmd.ErrorCode==0) {
 				KafkaManager()->PostMessage(KafkaTopics::DEVICE_EVENT_QUEUE, SerialNumber_,
 											Cmd.Results);
@@ -872,8 +944,8 @@ namespace OpenWifi {
 		BadRequest(RESTAPI::Errors::MissingOrInvalidParameters);
 	}
 
-	void RESTAPI_device_commandHandler::MakeRequest(const std::string &CMD_UUID, uint64_t CMD_RPC, std::chrono::milliseconds timeout) {
-		Logger_.information(fmt::format("FORCE-REQUEST({},{}): TID={} user={} serial={}", CMD_UUID, CMD_RPC, TransactionId_, Requester(), SerialNumber_));
+	void RESTAPI_device_commandHandler::MakeRequest(const std::string &CMD_UUID, uint64_t CMD_RPC, std::chrono::milliseconds timeout, [[maybe_unused]] const GWObjects::DeviceRestrictions &R) {
+		poco_information(Logger_,fmt::format("FORCE-REQUEST({},{}): TID={} user={} serial={}", CMD_UUID, CMD_RPC, TransactionId_, Requester(), SerialNumber_));
 
 		const auto &Obj = ParsedBody_;
 		if (Obj->has(RESTAPI::Protocol::SERIALNUMBER) &&
@@ -909,47 +981,45 @@ namespace OpenWifi {
 			Params.stringify(ParamStream);
 			Cmd.Details = ParamStream.str();
 
-			return RESTAPI_RPC::WaitForCommand(CMD_RPC,false,Cmd, Params, *Request, *Response, timeout, nullptr, this, Logger_ );
+			return RESTAPI_RPC::WaitForCommand(CMD_RPC, APCommands::Commands::request,false,Cmd, Params, *Request, *Response, timeout, nullptr, this, Logger_ );
 		}
 		BadRequest(RESTAPI::Errors::MissingOrInvalidParameters);
 	}
 
-	void RESTAPI_device_commandHandler::Rtty(const std::string &CMD_UUID, uint64_t CMD_RPC, std::chrono::milliseconds timeout) {
-		Logger_.information(fmt::format("RTTY({},{}): TID={} user={} serial={}", CMD_UUID, CMD_RPC, TransactionId_, Requester(), SerialNumber_));
+#define DBGLINE		{	std::cout << __LINE__ << std::endl; }
+
+	void RESTAPI_device_commandHandler::Rtty(const std::string &CMD_UUID, uint64_t CMD_RPC, std::chrono::milliseconds timeout, [[maybe_unused]] const GWObjects::DeviceRestrictions &R) {
+		poco_information(Logger_,fmt::format("RTTY({},{}): TID={} user={} serial={}", CMD_UUID, CMD_RPC, TransactionId_, Requester(), SerialNumber_));
+
+        if(R.rtty) {
+            return BadRequest(RESTAPI::Errors::DeviceIsRestricted);
+        }
 
-//		poco_debug(Logger_,fmt::format("RTTY_DEBUG {} ", __LINE__ ));
 		if (MicroServiceConfigGetBool("rtty.enabled", false)) {
 			GWObjects::Device	Device;
 
-//			poco_debug(Logger_,fmt::format("RTTY_DEBUG {} ", __LINE__ ));
 			if (StorageService()->GetDevice(SerialNumber_, Device)) {
-
-//				poco_debug(Logger_,fmt::format("RTTY_DEBUG {} ", __LINE__ ));
+				static std::uint64_t rtty_sid = 0;
+				rtty_sid += std::rand();
 				GWObjects::RttySessionDetails Rtty{
 					.SerialNumber = SerialNumber_,
 					.Server = MicroServiceConfigGetString("rtty.server", "localhost"),
 					.Port = MicroServiceConfigGetInt("rtty.port", 5912),
 					.Token = MicroServiceConfigGetString("rtty.token", "nothing"),
 					.TimeOut = MicroServiceConfigGetInt("rtty.timeout", 60),
-					.ConnectionId =  Utils::ComputeHash(SerialNumber_,Utils::Now()).substr(0,RTTY_DEVICE_TOKEN_LENGTH),
+					.ConnectionId =  Utils::ComputeHash(SerialNumber_,Utils::Now(),rtty_sid).substr(0,RTTY_DEVICE_TOKEN_LENGTH),
 					.Started = Utils::Now(),
 					.CommandUUID = CMD_UUID,
 					.ViewPort = MicroServiceConfigGetInt("rtty.viewport", 5913),
 					.DevicePassword = ""
 				};
-//				poco_debug(Logger_,fmt::format("RTTY_DEBUG {} ", __LINE__ ));
 
 				if(RTTYS_server()->UseInternal()) {
-//					poco_debug(Logger_,fmt::format("RTTY_DEBUG {} ", __LINE__ ));
 					Rtty.Token = Utils::ComputeHash(UserInfo_.webtoken.refresh_token_,Utils::Now()).substr(0,RTTY_DEVICE_TOKEN_LENGTH);
-//					poco_debug(Logger_,fmt::format("RTTY_DEBUG {} ", __LINE__ ));
 					if(!RTTYS_server()->CreateEndPoint(Rtty.ConnectionId, Rtty.Token, Requester(), SerialNumber_)) {
-//						poco_debug(Logger_,fmt::format("RTTY_DEBUG {} ", __LINE__ ));
 						return BadRequest(RESTAPI::Errors::MaximumRTTYSessionsReached);
 					}
-//					poco_debug(Logger_,fmt::format("RTTY_DEBUG {} ", __LINE__ ));
 				}
-//				poco_debug(Logger_,fmt::format("RTTY_DEBUG {} ", __LINE__ ));
 
 				Poco::JSON::Object ReturnedObject;
 				Rtty.to_json(ReturnedObject);
@@ -961,7 +1031,6 @@ namespace OpenWifi {
 				Cmd.UUID = CMD_UUID;
 				Cmd.Command = uCentralProtocol::RTTY;
 
-//				poco_debug(Logger_,fmt::format("RTTY_DEBUG {} ", __LINE__ ));
 				Poco::JSON::Object Params;
 
 				Params.set(uCentralProtocol::METHOD, uCentralProtocol::RTTY);
@@ -974,27 +1043,20 @@ namespace OpenWifi {
 				Params.set(uCentralProtocol::TIMEOUT, Rtty.TimeOut);
 				Params.set(uCentralProtocol::PASSWORD, Device.DevicePassword);
 
-//				poco_debug(Logger_,fmt::format("RTTY_DEBUG {} ", __LINE__ ));
 				std::stringstream ParamStream;
-//				poco_debug(Logger_,fmt::format("RTTY_DEBUG {} ", __LINE__ ));
 				Params.stringify(ParamStream);
-//				poco_debug(Logger_,fmt::format("RTTY_DEBUG {} ", __LINE__ ));
 				Cmd.Details = ParamStream.str();
-//				poco_debug(Logger_,fmt::format("RTTY_DEBUG {} ", __LINE__ ));
-				Logger_.information(fmt::format("RTTY: user={} serial={} rttyid={} token={} cmd={}.", Requester(), SerialNumber_, Rtty.ConnectionId, Rtty.Token, CMD_UUID));
-//				poco_debug(Logger_,fmt::format("RTTY_DEBUG {} ", __LINE__ ));
-				return RESTAPI_RPC::WaitForCommand(CMD_RPC,false,Cmd, Params, *Request, *Response, timeout, &ReturnedObject, this, Logger_);
+				poco_information(Logger_,fmt::format("RTTY: user={} serial={} rttyid={} token={} cmd={}.", Requester(), SerialNumber_, Rtty.ConnectionId, Rtty.Token, CMD_UUID));
+				return RESTAPI_RPC::WaitForCommand(CMD_RPC, APCommands::Commands::rtty,false,Cmd, Params, *Request, *Response, timeout, &ReturnedObject, this, Logger_);
 			}
 			return NotFound();
 		}
-		Logger_.information(fmt::format("RTTY: user={} serial={}. Internal error.", Requester(), SerialNumber_));
+		poco_information(Logger_,fmt::format("RTTY: user={} serial={}. Internal error.", Requester(), SerialNumber_));
 		return ReturnStatus(Poco::Net::HTTPResponse::HTTP_SERVICE_UNAVAILABLE);
 	}
 
-// #define DBG		{ std::cout << __LINE__ << std::endl; }
-
-	void RESTAPI_device_commandHandler::Telemetry(const std::string &CMD_UUID, uint64_t CMD_RPC, [[maybe_unused]] std::chrono::milliseconds timeout){
-		Logger_.information(fmt::format("TELEMETRY({},{}): TID={} user={} serial={}", CMD_UUID, CMD_RPC, TransactionId_, Requester(), SerialNumber_));
+	void RESTAPI_device_commandHandler::Telemetry(const std::string &CMD_UUID, uint64_t CMD_RPC, [[maybe_unused]] std::chrono::milliseconds timeout, [[maybe_unused]] const GWObjects::DeviceRestrictions &R){
+		poco_information(Logger_,fmt::format("TELEMETRY({},{}): TID={} user={} serial={}", CMD_UUID, CMD_RPC, TransactionId_, Requester(), SerialNumber_));
 
 		const auto &Obj = ParsedBody_;
 
@@ -1010,7 +1072,6 @@ namespace OpenWifi {
 
 			std::stringstream 	oooss;
 			Obj->stringify(oooss);
-			// std::cout << "Payload:" << oooss.str() << std::endl;
 
 			std::uint64_t Lifetime = 60 * 60 ; // 1 hour
 			std::uint64_t Interval = 5;

src/RESTAPI/RESTAPI_device_commandHandler.h

@@ -9,6 +9,7 @@
 #pragma once
 
 #include "framework/RESTAPI_Handler.h"
+#include "RESTObjects/RESTAPI_GWobjects.h"
 
 namespace OpenWifi {
 	class RESTAPI_device_commandHandler : public RESTAPIHandler {
@@ -32,20 +33,20 @@ namespace OpenWifi {
 		void GetStatus();
 		void GetChecks();
 		void DeleteChecks();
-		void ExecuteCommand(const std::string &UUID, uint64_t RPC, std::chrono::milliseconds timeout);
-		void Configure(const std::string &UUID, uint64_t RPC, std::chrono::milliseconds timeout);
-		void Upgrade(const std::string &UUID, uint64_t RPC, std::chrono::milliseconds timeout);
-		void Reboot(const std::string &UUID, uint64_t RPC, std::chrono::milliseconds timeout);
-		void Factory(const std::string &UUID, uint64_t RPC, std::chrono::milliseconds timeout);
-		void LEDs(const std::string &UUID, uint64_t RPC, std::chrono::milliseconds timeout);
-		void Trace(const std::string &UUID, uint64_t RPC, std::chrono::milliseconds timeout);
-		void MakeRequest(const std::string &UUID, uint64_t RPC, std::chrono::milliseconds timeout);
-		void WifiScan(const std::string &UUID, uint64_t RPC, std::chrono::milliseconds timeout);
-		void EventQueue(const std::string &UUID, uint64_t RPC, std::chrono::milliseconds timeout);
-		void Rtty(const std::string &UUID, uint64_t RPC, std::chrono::milliseconds timeout);
-		void Telemetry(const std::string &UUID, uint64_t RPC, std::chrono::milliseconds timeout);
-		void Ping(const std::string &UUID, uint64_t RPC, std::chrono::milliseconds timeout);
-		void Script(const std::string &UUID, uint64_t RPC, std::chrono::milliseconds timeout);
+
+		void Configure(const std::string &UUID, uint64_t RPC, std::chrono::milliseconds timeout, const GWObjects::DeviceRestrictions &R);
+		void Upgrade(const std::string &UUID, uint64_t RPC, std::chrono::milliseconds timeout, const GWObjects::DeviceRestrictions &R);
+		void Reboot(const std::string &UUID, uint64_t RPC, std::chrono::milliseconds timeout, const GWObjects::DeviceRestrictions &R);
+		void Factory(const std::string &UUID, uint64_t RPC, std::chrono::milliseconds timeout, const GWObjects::DeviceRestrictions &R);
+		void LEDs(const std::string &UUID, uint64_t RPC, std::chrono::milliseconds timeout, const GWObjects::DeviceRestrictions &R);
+		void Trace(const std::string &UUID, uint64_t RPC, std::chrono::milliseconds timeout, const GWObjects::DeviceRestrictions &R);
+		void MakeRequest(const std::string &UUID, uint64_t RPC, std::chrono::milliseconds timeout, const GWObjects::DeviceRestrictions &R);
+		void WifiScan(const std::string &UUID, uint64_t RPC, std::chrono::milliseconds timeout, const GWObjects::DeviceRestrictions &R);
+		void EventQueue(const std::string &UUID, uint64_t RPC, std::chrono::milliseconds timeout, const GWObjects::DeviceRestrictions &R);
+		void Rtty(const std::string &UUID, uint64_t RPC, std::chrono::milliseconds timeout, const GWObjects::DeviceRestrictions &R);
+		void Telemetry(const std::string &UUID, uint64_t RPC, std::chrono::milliseconds timeout, const GWObjects::DeviceRestrictions &R);
+		void Ping(const std::string &UUID, uint64_t RPC, std::chrono::milliseconds timeout, const GWObjects::DeviceRestrictions &R);
+		void Script(const std::string &UUID, uint64_t RPC, std::chrono::milliseconds timeout, const GWObjects::DeviceRestrictions &R);
 
 		static auto PathName() { return std::list<std::string>{"/api/v1/device/{serialNumber}/{command}"}; };
 		void DoGet() final;

src/RESTAPI/RESTAPI_device_handler.cpp

@@ -32,9 +32,7 @@ namespace OpenWifi {
 				CompleteDeviceInfo(Device, Answer);
 				return ReturnObject(Answer);
 			} else {
-				Poco::JSON::Object Obj;
-				Device.to_json(Obj);
-				return ReturnObject(Obj);
+				return Object(Device);
 			}
 		}
 		NotFound();
@@ -107,11 +105,6 @@ namespace OpenWifi {
 			return ReturnObject(Answer);
 		}
 
-		if (!Utils::ValidSerialNumber(SerialNumber)) {
-			Logger_.warning(fmt::format("CREATE-DEVICE({}): Illegal serial number.", SerialNumber));
-			return BadRequest( RESTAPI::Errors::InvalidSerialNumber);
-		}
-
 		GWObjects::Device Device;
 		if (!Device.from_json(Obj)) {
 			return BadRequest(RESTAPI::Errors::InvalidJSONDocument);
@@ -144,9 +137,7 @@ namespace OpenWifi {
 
 		if (StorageService()->CreateDevice(Device)) {
 			SetCurrentConfigurationID(SerialNumber, Device.UUID);
-			Poco::JSON::Object DevObj;
-			Device.to_json(DevObj);
-			return ReturnObject(DevObj);
+			return Object(Device);
 		}
 		InternalError(RESTAPI::Errors::RecordNotCreated);
 	}
@@ -196,9 +187,9 @@ namespace OpenWifi {
 		Existing.LastConfigurationChange = Utils::Now();
 		if (StorageService()->UpdateDevice(Existing)) {
 			SetCurrentConfigurationID(SerialNumber, Existing.UUID);
-			Poco::JSON::Object DevObj;
-			NewDevice.to_json(DevObj);
-			return ReturnObject(DevObj);
+			GWObjects::Device UpdatedDevice;
+			StorageService()->GetDevice(SerialNumber, UpdatedDevice);
+			return Object(UpdatedDevice);
 		}
 		InternalError(RESTAPI::Errors::RecordNotUpdated);
 	}

src/RESTAPI/RESTAPI_devices_handler.cpp

@@ -26,7 +26,7 @@ namespace OpenWifi {
 		std::string ItemList;
 
 		Types::StringVec Fields;
-		StorageService()->GetDeviceDbFieldList(Fields);
+		Storage::GetDeviceDbFieldList(Fields);
 
 		std::set<std::string> FieldNames;
 		for(const auto &field:Fields)
@@ -68,7 +68,7 @@ namespace OpenWifi {
 
 		if(GetBoolParameter("orderSpec")) {
 			Types::StringVec Fields;
-			StorageService()->GetDeviceDbFieldList(Fields);
+			Storage::GetDeviceDbFieldList(Fields);
 			std::sort(Fields.begin(),Fields.end());
 			Poco::JSON::Object	Answer;
 			RESTAPI_utils::field_to_json(Answer,"list",Fields);

src/RESTAPI/RESTAPI_file.cpp

@@ -25,7 +25,12 @@ namespace OpenWifi {
 		if (!StorageService()->GetAttachedFileContent(UUID, SerialNumber, FileContent, FileType)) {
 			return NotFound();
 		}
-		SendFileContent(FileContent,"pcap",UUID+".pcap");
+		if(FileType=="pcap")
+			SendFileContent(FileContent,"application/vnd.tcpdump.pcap",UUID+".pcap");
+		else if(FileType=="gzip")
+			SendFileContent(FileContent,"application/gzip",UUID+".tar.gz");
+		else
+			SendFileContent(FileContent,"application/txt",UUID+".txt");
 	}
 
 	void RESTAPI_file::DoDelete() {

src/RESTAPI/RESTAPI_radiusProxyConfig_handler.cpp

@@ -14,9 +14,7 @@ namespace OpenWifi {
 										Poco::Thread::current()->id()));
 		GWObjects::RadiusProxyPoolList	C;
 		RADIUS_proxy_server()->GetConfig(C);
-		Poco::JSON::Object	Answer;
-		C.to_json(Answer);
-		return ReturnObject(Answer);
+		return Object(C);
 	}
 
 	void RESTAPI_radiusProxyConfig_handler::DoDelete() {
@@ -77,7 +75,7 @@ namespace OpenWifi {
 										TransactionId_, Requester(),
 										Poco::Thread::current()->id()));
 		RADIUS_proxy_server()->SetConfig(C);
-		return ReturnObject(*ParsedBody_);
+		return Object(C);
 	}
 
 }

src/RESTAPI/RESTAPI_routers.cpp

@@ -18,8 +18,12 @@
 #include "RESTAPI/RESTAPI_telemetryWebSocket.h"
 #include "RESTAPI/RESTAPI_iptocountry_handler.h"
 #include "RESTAPI/RESTAPI_radiusProxyConfig_handler.h"
+#include "RESTAPI/RESTAPI_script_handler.h"
+#include "RESTAPI/RESTAPI_scripts_handler.h"
+
 #include "framework/RESTAPI_SystemCommand.h"
 #include "framework/RESTAPI_WebSocketServer.h"
+#include "framework/RESTAPI_SystemConfiguration.h"
 
 namespace OpenWifi {
 
@@ -37,12 +41,15 @@ namespace OpenWifi {
 				RESTAPI_ouis,
 				RESTAPI_file,
 				RESTAPI_system_command,
+				RESTAPI_system_configuration,
 				RESTAPI_deviceDashboardHandler,
 				RESTAPI_webSocketServer,
 				RESTAPI_blacklist,
 				RESTAPI_blacklist_list,
 				RESTAPI_iptocountry_handler,
 				RESTAPI_radiusProxyConfig_handler,
+				RESTAPI_scripts_handler,
+				RESTAPI_script_handler,
 				RESTAPI_capabilities_handler, RESTAPI_telemetryWebSocket>(Path,Bindings,L, S, TransactionId);
     }
 
@@ -62,6 +69,8 @@ namespace OpenWifi {
 				RESTAPI_blacklist,
 				RESTAPI_iptocountry_handler,
 				RESTAPI_radiusProxyConfig_handler,
+				RESTAPI_scripts_handler,
+				RESTAPI_script_handler,
 				RESTAPI_blacklist_list>(Path,Bindings,L, S, TransactionId);
 	}
 }

src/RESTAPI/RESTAPI_script_handler.cpp

@@ -0,0 +1,160 @@
+//
+// Created by stephane bourque on 2022-11-21.
+//
+
+#include "RESTAPI_script_handler.h"
+
+namespace OpenWifi {
+
+	void RESTAPI_script_handler::DoGet() {
+		std::string 	UUID = GetBinding("uuid","");
+
+		if(UUID.empty()) {
+			return BadRequest(RESTAPI::Errors::MissingOrInvalidParameters);
+		}
+
+		GWObjects::ScriptEntry	SE;
+		if(DB_.GetRecord("id",UUID, SE)) {
+			return Object(SE);
+		}
+		return NotFound();
+	}
+
+	void RESTAPI_script_handler::DoDelete() {
+		std::string 	UUID = GetBinding("uuid","");
+
+		if(UserInfo_.userinfo.userRole!=SecurityObjects::ROOT) {
+			return BadRequest(RESTAPI::Errors::ACCESS_DENIED);
+		}
+
+		if(UUID.empty()) {
+			return BadRequest(RESTAPI::Errors::MissingOrInvalidParameters);
+		}
+
+		if(DB_.DeleteRecord("id",UUID)) {
+			return OK();
+		}
+		return NotFound();
+	}
+
+	void RESTAPI_script_handler::DoPost() {
+		std::string 	UUID = GetBinding("uuid","");
+
+		if(UserInfo_.userinfo.userRole!=SecurityObjects::ROOT) {
+			return BadRequest(RESTAPI::Errors::ACCESS_DENIED);
+		}
+
+		if(UUID.empty()) {
+			return BadRequest(RESTAPI::Errors::MissingOrInvalidParameters);
+		}
+
+		GWObjects::ScriptEntry	SE;
+		if(!SE.from_json(ParsedBody_)) {
+			return BadRequest(RESTAPI::Errors::InvalidJSONDocument);
+		}
+
+		if(	SE.name.empty() ||
+			SE.author.empty()	||
+			(SE.type!="bundle" && SE.type!="shell") ||
+			SE.content.empty() ||
+			SE.version.empty()) {
+			return BadRequest(RESTAPI::Errors::MissingOrInvalidParameters);
+		}
+
+		if(!SE.restricted.empty()) {
+			for(const auto &role:SE.restricted) {
+				if(SecurityObjects::UserTypeFromString(role)==SecurityObjects::UNKNOWN) {
+					return BadRequest(RESTAPI::Errors::InvalidUserRole);
+				}
+			}
+			std::sort(SE.restricted.begin(),SE.restricted.end());
+		}
+
+		if(!SE.uri.empty() && !Utils::ValidateURI(SE.uri)) {
+			return BadRequest(RESTAPI::Errors::InvalidURI);
+		}
+
+		if(!SE.defaultUploadURI.empty() && !Utils::ValidateURI(SE.defaultUploadURI)) {
+			return BadRequest(RESTAPI::Errors::InvalidURI);
+		}
+
+		SE.id = MicroServiceCreateUUID();
+		SE.created = SE.modified = Utils::Now();
+		if(DB_.CreateRecord(SE)) {
+			return Object(SE);
+		}
+		return BadRequest(RESTAPI::Errors::RecordNotCreated);
+	}
+
+	void RESTAPI_script_handler::DoPut() {
+		std::string 	UUID = GetBinding("uuid","");
+
+		if(UserInfo_.userinfo.userRole!=SecurityObjects::ROOT) {
+			return BadRequest(RESTAPI::Errors::ACCESS_DENIED);
+		}
+
+		if(UUID.empty()) {
+			return BadRequest(RESTAPI::Errors::MissingOrInvalidParameters);
+		}
+
+		GWObjects::ScriptEntry	SE;
+		if(!SE.from_json(ParsedBody_)) {
+			return BadRequest(RESTAPI::Errors::InvalidJSONDocument);
+		}
+
+		if(!SE.restricted.empty()) {
+			for(const auto &role:SE.restricted) {
+				if(SecurityObjects::UserTypeFromString(role)==SecurityObjects::UNKNOWN) {
+					return BadRequest(RESTAPI::Errors::InvalidUserRole);
+				}
+			}
+			std::sort(SE.restricted.begin(),SE.restricted.end());
+		}
+
+		GWObjects::ScriptEntry	Existing;
+		if(!DB_.GetRecord("id", UUID, Existing)) {
+			return NotFound();
+		}
+
+		if(ParsedBody_->has("name") && SE.name.empty()) {
+			return BadRequest(RESTAPI::Errors::MissingOrInvalidParameters);
+		}
+
+		if(ParsedBody_->has("content") && SE.content.empty()) {
+			return BadRequest(RESTAPI::Errors::MissingOrInvalidParameters);
+		}
+
+		if(ParsedBody_->has("version") && SE.version.empty()) {
+			return BadRequest(RESTAPI::Errors::MissingOrInvalidParameters);
+		}
+
+		if(!SE.uri.empty() && !Utils::ValidateURI(SE.uri)) {
+			return BadRequest(RESTAPI::Errors::InvalidURI);
+		}
+
+		if(!SE.defaultUploadURI.empty() && !Utils::ValidateURI(SE.defaultUploadURI)) {
+			return BadRequest(RESTAPI::Errors::InvalidURI);
+		}
+
+		if(ParsedBody_->has("restricted")) {
+			Existing.restricted = SE.restricted;
+		}
+
+		AssignIfPresent(ParsedBody_, "name", Existing.name);
+		AssignIfPresent(ParsedBody_, "description", Existing.description);
+		AssignIfPresent(ParsedBody_, "uri", Existing.uri);
+		AssignIfPresent(ParsedBody_, "content", Existing.content);
+		AssignIfPresent(ParsedBody_, "version", Existing.version);
+		AssignIfPresent(ParsedBody_, "deferred", Existing.deferred);
+		AssignIfPresent(ParsedBody_, "timeout", Existing.timeout);
+		AssignIfPresent(ParsedBody_, "defaultUploadURI", Existing.defaultUploadURI);
+
+		Existing.modified = Utils::Now();
+
+		if(DB_.UpdateRecord("id", UUID, Existing)) {
+			return Object(Existing);
+		}
+		return BadRequest(RESTAPI::Errors::RecordNotUpdated);
+	}
+
+} // namespace OpenWifi

src/RESTAPI/RESTAPI_script_handler.h

@@ -0,0 +1,31 @@
+//
+// Created by stephane bourque on 2022-11-21.
+//
+
+#pragma once
+
+#include "framework/RESTAPI_Handler.h"
+#include "StorageService.h"
+
+namespace OpenWifi {
+	class RESTAPI_script_handler : public RESTAPIHandler {
+	  public:
+		RESTAPI_script_handler(const RESTAPIHandler::BindingMap &bindings, Poco::Logger &L,
+								RESTAPI_GenericServerAccounting &Server, uint64_t TransactionId,
+								bool Internal)
+			: RESTAPIHandler(bindings, L,
+							 std::vector<std::string>{Poco::Net::HTTPRequest::HTTP_GET,
+													  Poco::Net::HTTPRequest::HTTP_PUT,
+													  Poco::Net::HTTPRequest::HTTP_POST,
+													  Poco::Net::HTTPRequest::HTTP_DELETE,
+													  Poco::Net::HTTPRequest::HTTP_OPTIONS},
+							 Server, TransactionId, Internal){};
+		static auto PathName() { return std::list<std::string>{"/api/v1/script/{uuid}"}; };
+	  private:
+		ScriptDB	& DB_{ StorageService()->ScriptDB() };
+		void DoGet() final;
+		void DoDelete() final;
+		void DoPost() final;
+		void DoPut() final;
+	};
+}

src/RESTAPI/RESTAPI_scripts_handler.cpp

@@ -0,0 +1,20 @@
+//
+// Created by stephane bourque on 2022-11-21.
+//
+
+#include "RESTAPI_scripts_handler.h"
+#include "RESTObjects/RESTAPI_GWobjects.h"
+#include "StorageService.h"
+
+namespace OpenWifi {
+
+	void RESTAPI_scripts_handler::DoGet() {
+		GWObjects::ScriptEntryList	L;
+
+		StorageService()->ScriptDB().GetRecords(QB_.Offset,QB_.Limit,L.scripts);
+		Poco::JSON::Object	Answer;
+		L.to_json(Answer);
+		return ReturnObject(Answer);
+	}
+
+} // namespace OpenWifi

src/RESTAPI/RESTAPI_scripts_handler.h

@@ -0,0 +1,25 @@
+//
+// Created by stephane bourque on 2022-11-21.
+//
+
+#pragma once
+
+#include "framework/RESTAPI_Handler.h"
+
+namespace OpenWifi {
+	class RESTAPI_scripts_handler : public RESTAPIHandler {
+	  public:
+		RESTAPI_scripts_handler(const RESTAPIHandler::BindingMap &bindings, Poco::Logger &L,
+								RESTAPI_GenericServerAccounting &Server, uint64_t TransactionId,
+								bool Internal)
+			: RESTAPIHandler(bindings, L,
+							 std::vector<std::string>{Poco::Net::HTTPRequest::HTTP_GET,
+													  Poco::Net::HTTPRequest::HTTP_OPTIONS},
+							 Server, TransactionId, Internal){};
+		static auto PathName() { return std::list<std::string>{"/api/v1/scripts"}; };
+		void DoGet() final;
+		void DoDelete() final{};
+		void DoPost() final{};
+		void DoPut() final{};
+	};
+}

src/RESTObjects/RESTAPI_GWobjects.cpp

@@ -50,6 +50,10 @@ namespace OpenWifi::GWObjects {
 		field_to_json(Obj,"entity", entity);
 		field_to_json(Obj,"modified", modified);
 		field_to_json(Obj,"locale", locale);
+		field_to_json(Obj,"restrictedDevice", restrictedDevice);
+		field_to_json(Obj,"pendingConfiguration", pendingConfiguration);
+		field_to_json(Obj,"pendingConfigurationCmd", pendingConfigurationCmd);
+		field_to_json(Obj,"restrictionDetails", restrictionDetails);
 	}
 
 	void Device::to_json_with_status(Poco::JSON::Object &Obj) const {
@@ -70,6 +74,7 @@ namespace OpenWifi::GWObjects {
 			field_to_json(Obj,"verifiedCertificate", "NO_CERTIFICATE");
 			field_to_json(Obj,"associations_2G", (uint64_t) 0);
 			field_to_json(Obj,"associations_5G", (uint64_t) 0);
+			field_to_json(Obj,"associations_6G", (uint64_t) 0);
 		}
 #endif
 	}
@@ -89,6 +94,10 @@ namespace OpenWifi::GWObjects {
 			field_from_json(Obj,"subscriber", subscriber);
 			field_from_json(Obj,"entity", entity);
 			field_from_json(Obj,"locale", locale);
+			field_from_json(Obj,"restrictedDevice", restrictedDevice);
+			field_from_json(Obj,"pendingConfiguration", pendingConfiguration);
+			field_from_json(Obj,"pendingConfigurationCmd", pendingConfigurationCmd);
+			field_from_json(Obj,"restrictionDetails", restrictionDetails);
 			return true;
 		} catch (const Poco::Exception &E) {
 		}
@@ -199,6 +208,7 @@ namespace OpenWifi::GWObjects {
 		field_to_json(Obj,"lastContact", LastContact);
 		field_to_json(Obj,"associations_2G", Associations_2G);
 		field_to_json(Obj,"associations_5G", Associations_5G);
+		field_to_json(Obj,"associations_6G", Associations_6G);
 		field_to_json(Obj,"webSocketClients", webSocketClients);
 		field_to_json(Obj,"websocketPackets", websocketPackets);
 		field_to_json(Obj,"kafkaClients", kafkaClients);
@@ -208,6 +218,7 @@ namespace OpenWifi::GWObjects {
 		field_to_json(Obj,"sessionId", sessionId);
 		field_to_json(Obj,"connectionCompletionTime", connectionCompletionTime);
 		field_to_json(Obj,"totalConnectionTime", Utils::Now() - started);
+		field_to_json(Obj,"certificateExpiryDate", certificateExpiryDate);
 
 		switch(VerifiedCertificate) {
 			case NO_CERTIFICATE:
@@ -298,9 +309,12 @@ namespace OpenWifi::GWObjects {
 		field_to_json(Obj,"serialNumber",serialNumber);
 		field_to_json(Obj,"timeout",timeout);
 		field_to_json(Obj,"type",type);
-		field_to_json(Obj,"script",script);
 		field_to_json(Obj,"scriptId",scriptId);
+		field_to_json(Obj,"script",script);
 		field_to_json(Obj,"when",when);
+		field_to_json(Obj,"signature", signature);
+		field_to_json(Obj,"deferred", deferred);
+		field_to_json(Obj,"uri", uri);
 	}
 
 	bool ScriptRequest::from_json(const Poco::JSON::Object::Ptr &Obj) {
@@ -311,6 +325,9 @@ namespace OpenWifi::GWObjects {
 			field_from_json(Obj,"script",script);
 			field_from_json(Obj,"scriptId",scriptId);
 			field_from_json(Obj,"when",when);
+			field_from_json(Obj,"signature", signature);
+			field_from_json(Obj,"deferred", deferred);
+			field_from_json(Obj,"uri", uri);
 			return true;
 		} catch (const Poco::Exception &E) {
 		}
@@ -382,6 +399,7 @@ namespace OpenWifi::GWObjects {
 		field_to_json(Obj,"secret",secret);
 		field_to_json(Obj,"certificate",certificate);
 		field_to_json(Obj,"radsec",radsec);
+		field_to_json(Obj,"allowSelfSigned",allowSelfSigned);
 		field_to_json(Obj,"radsecPort",radsecPort);
 		field_to_json(Obj,"radsecSecret",radsecSecret);
 		field_to_json(Obj,"radsecCacerts",radsecCacerts);
@@ -400,6 +418,7 @@ namespace OpenWifi::GWObjects {
 			field_from_json(Obj,"secret",secret);
 			field_from_json(Obj,"certificate",certificate);
 			field_from_json(Obj,"radsec",radsec);
+			field_from_json(Obj,"allowSelfSigned",allowSelfSigned);
 			field_from_json(Obj,"radsecSecret",radsecSecret);
 			field_from_json(Obj,"radsecPort",radsecPort);
 			field_from_json(Obj,"radsecCacerts",radsecCacerts);
@@ -412,5 +431,117 @@ namespace OpenWifi::GWObjects {
 		}
 		return false;
 	}
+
+	void ScriptEntry::to_json(Poco::JSON::Object &Obj) const {
+		field_to_json(Obj,"id", id);
+		field_to_json(Obj,"name", name);
+		field_to_json(Obj,"description", description);
+		field_to_json(Obj,"uri", uri);
+		field_to_json(Obj,"content", content);
+		field_to_json(Obj,"version", version);
+		field_to_json(Obj,"type", type);
+		field_to_json(Obj,"created", created);
+		field_to_json(Obj,"modified", modified);
+		field_to_json(Obj,"author", author);
+		field_to_json(Obj,"restricted", restricted);
+		field_to_json(Obj,"deferred", deferred);
+		field_to_json(Obj,"timeout", timeout);
+		field_to_json(Obj,"defaultUploadURI", defaultUploadURI);
+	}
+
+	bool ScriptEntry::from_json(const Poco::JSON::Object::Ptr &Obj) {
+		try {
+			field_from_json(Obj,"id", id);
+			field_from_json(Obj,"name", name);
+			field_from_json(Obj,"description", description);
+			field_from_json(Obj,"uri", uri);
+			field_from_json(Obj,"content", content);
+			field_from_json(Obj,"version", version);
+			field_from_json(Obj,"type", type);
+			field_from_json(Obj,"created", created);
+			field_from_json(Obj,"modified", modified);
+			field_from_json(Obj,"author", author);
+			field_from_json(Obj,"restricted", restricted);
+			field_from_json(Obj,"deferred", deferred);
+			field_from_json(Obj,"timeout", timeout);
+			field_from_json(Obj,"defaultUploadURI", defaultUploadURI);
+			return true;
+		} catch (const Poco::Exception &E) {
+		}
+		return false;
+	}
+
+	void ScriptEntryList::to_json(Poco::JSON::Object &Obj) const {
+		field_to_json(Obj,"scripts",scripts);
+	}
+
+	bool ScriptEntryList::from_json(const Poco::JSON::Object::Ptr &Obj) {
+		try {
+			field_from_json(Obj,"scripts",scripts);
+			return true;
+		} catch (const Poco::Exception &E) {
+		}
+		return false;
+	}
+
+	void DeviceRestrictionsKeyInfo::to_json(Poco::JSON::Object &Obj) const {
+		field_to_json(Obj,"vendor", vendor);
+		field_to_json(Obj,"algo", algo);
+	}
+
+	bool DeviceRestrictionsKeyInfo::from_json(const Poco::JSON::Object::Ptr &Obj) {
+		try {
+			field_from_json(Obj,"vendor", vendor);
+			field_from_json(Obj,"algo", algo);
+			return true;
+		} catch (const Poco::Exception &E) {
+		}
+		return false;
+
+	}
+
+	void DeviceRestrictions::to_json(Poco::JSON::Object &Obj) const {
+		field_to_json(Obj,"dfs", dfs);
+		field_to_json(Obj,"ssh", ssh);
+		field_to_json(Obj,"rtty", rtty);
+		field_to_json(Obj,"tty", tty);
+		field_to_json(Obj,"developer", developer);
+		field_to_json(Obj,"upgrade", upgrade);
+		field_to_json(Obj,"commands", commands);
+		field_to_json(Obj,"country", country);
+		field_to_json(Obj,"key_info", key_info);
+	}
+
+	bool DeviceRestrictions::from_json(const Poco::JSON::Object::Ptr &Obj) {
+		try {
+			field_from_json(Obj,"dfs", dfs);
+			field_from_json(Obj,"ssh", ssh);
+			field_from_json(Obj,"rtty", rtty);
+			field_from_json(Obj,"tty", tty);
+			field_from_json(Obj,"developer", developer);
+			field_from_json(Obj,"upgrade", upgrade);
+			field_from_json(Obj,"commands", commands);
+			field_from_json(Obj,"country", country);
+			field_from_json(Obj,"key_info", key_info);
+			return true;
+		} catch (const Poco::Exception &E) {
+		}
+		return false;
+	}
+
+	bool DeviceRestrictionsKeyInfo::operator!=(const OpenWifi::GWObjects::DeviceRestrictionsKeyInfo &T) const {
+		return (T.algo!=algo) || (T.vendor!=vendor);
+	}
+
+	bool DeviceRestrictions::operator!=(const OpenWifi::GWObjects::DeviceRestrictions &T) const {
+		return (	(T.dfs!=dfs)					||
+					(T.rtty!=rtty)					||
+					(T.upgrade!=upgrade)		||
+					(T.commands != commands)		||
+					(T.developer != developer)		||
+					(T.ssh !=ssh) 					||
+					(T.key_info != key_info)		||
+					(T.country != country) );
+	}
 }
 

src/RESTObjects/RESTAPI_GWobjects.h

@@ -28,23 +28,52 @@ namespace OpenWifi::GWObjects {
 		uint64_t TX = 0, RX = 0;
 		uint64_t Associations_2G=0;
 		uint64_t Associations_5G=0;
+		uint64_t Associations_6G=0;
 		bool Connected = false;
 		uint64_t LastContact=0;
 		std::string Firmware;
 		CertificateValidation VerifiedCertificate = NO_CERTIFICATE;
-		std::string Compatible;
-		uint64_t 	kafkaClients=0;
-		uint64_t 	webSocketClients=0;
-		uint64_t 	kafkaPackets=0;
-		uint64_t 	websocketPackets=0;
-		std::string locale;
-		uint64_t 	started=0;
-		uint64_t 	sessionId=0;
-		double      connectionCompletionTime=0.0;
+		std::string 	Compatible;
+		uint64_t 		kafkaClients=0;
+		uint64_t 		webSocketClients=0;
+		uint64_t 		kafkaPackets=0;
+		uint64_t 		websocketPackets=0;
+		std::string 	locale;
+		uint64_t 		started=0;
+		uint64_t 		sessionId=0;
+		double      	connectionCompletionTime=0.0;
+		std::uint64_t	certificateExpiryDate=0;
 
 		void to_json(Poco::JSON::Object &Obj) const;
 	};
 
+	struct DeviceRestrictionsKeyInfo {
+		std::string 	vendor;
+		std::string 	algo;
+
+		bool operator !=(const DeviceRestrictionsKeyInfo &b) const;
+
+		void to_json(Poco::JSON::Object &Obj) const;
+		bool from_json(const Poco::JSON::Object::Ptr &Obj);
+	};
+
+	struct DeviceRestrictions {
+		bool    					dfs = false;
+		bool    					ssh = false;
+		bool    					rtty = false;
+		bool    					tty = false;
+		bool    					developer = false;
+		bool    					upgrade = false;
+		bool    					commands = false;
+		std::vector<std::string>   	country;
+		DeviceRestrictionsKeyInfo	key_info;
+
+		bool operator !=(const DeviceRestrictions &D) const;
+
+		void to_json(Poco::JSON::Object &Obj) const;
+		bool from_json(const Poco::JSON::Object::Ptr &Obj);
+	};
+
 	struct Device {
 		std::string SerialNumber;
 		std::string DeviceType;
@@ -68,6 +97,10 @@ namespace OpenWifi::GWObjects {
 		std::string entity;
 		uint64_t 	modified=0;
 		std::string locale;
+		bool 		restrictedDevice=false;
+		std::string pendingConfiguration;
+		std::string pendingConfigurationCmd;
+		DeviceRestrictions	restrictionDetails;
 
 		void to_json(Poco::JSON::Object &Obj) const;
 		void to_json_with_status(Poco::JSON::Object &Obj) const;
@@ -213,13 +246,44 @@ namespace OpenWifi::GWObjects {
 		void to_json(Poco::JSON::Object &Obj) const;
 	};
 
+	struct ScriptEntry {
+		std::string 		id;
+		std::string 		name;
+		std::string 		description;
+		std::string 		uri;
+		std::string 		content;
+		std::string 		version;
+		std::string 		type;
+		std::uint64_t 		created;
+		std::uint64_t 		modified;
+		std::string 		author;
+		Types::StringVec 	restricted;
+		bool				deferred=false;
+		std::uint64_t 		timeout=30;
+		std::string 		defaultUploadURI;
+
+		void to_json(Poco::JSON::Object &Obj) const;
+		bool from_json(const Poco::JSON::Object::Ptr &Obj);
+	};
+
+	struct ScriptEntryList {
+		std::vector<ScriptEntry>	scripts;
+
+		void to_json(Poco::JSON::Object &Obj) const;
+		bool from_json(const Poco::JSON::Object::Ptr &Obj);
+	};
+
 	struct ScriptRequest {
-		uint64_t 	timeout=30;
 		std::string serialNumber;
+		uint64_t 	timeout=30;
 		std::string type;
 		std::string script;
 		std::string scriptId;
-		uint64_t 	when=0;
+		std::uint64_t when;
+		std::string signature;
+		bool deferred;
+		std::string uri;
+
 		void to_json(Poco::JSON::Object &Obj) const;
 		bool from_json(const Poco::JSON::Object::Ptr &Obj);
 	};
@@ -232,6 +296,7 @@ namespace OpenWifi::GWObjects {
 		std::string secret;
 		std::string certificate;
 		bool 		radsec=false;
+		bool 		allowSelfSigned=false;
 		uint16_t 	radsecPort=2083;
 		std::string radsecSecret;
 		std::string radsecKey;
@@ -273,4 +338,5 @@ namespace OpenWifi::GWObjects {
 		void to_json(Poco::JSON::Object &Obj) const;
 		bool from_json(const Poco::JSON::Object::Ptr &Obj);
 	};
+
 }

src/RESTObjects/RESTAPI_ProvObjects.cpp

@@ -602,6 +602,7 @@ namespace OpenWifi::ProvObjects {
         field_to_json( Obj, "devClass",devClass);
         field_to_json( Obj, "locale",locale);
         field_to_json( Obj, "realMacAddress",realMacAddress);
+        field_to_json( Obj, "doNotAllowOverrides",doNotAllowOverrides);
     }
 
     bool InventoryTag::from_json(const Poco::JSON::Object::Ptr &Obj) {
@@ -623,6 +624,7 @@ namespace OpenWifi::ProvObjects {
             field_from_json( Obj,"devClass",devClass);
             field_from_json( Obj,"locale",locale);
             field_from_json( Obj,"realMacAddress",realMacAddress);
+            field_from_json( Obj, "doNotAllowOverrides",doNotAllowOverrides);
             return true;
         } catch(...) {
 
@@ -1195,6 +1197,48 @@ namespace OpenWifi::ProvObjects {
         return false;
     }
 
+    void ConfigurationOverride::to_json(Poco::JSON::Object &Obj) const {
+        field_to_json(Obj,"source",source);
+        field_to_json(Obj,"reason",reason);
+        field_to_json(Obj,"parameterName",parameterName);
+        field_to_json(Obj,"parameterType",parameterType);
+        field_to_json(Obj,"parameterValue",parameterValue);
+        field_to_json(Obj,"modified",modified);
+    }
+
+    bool ConfigurationOverride::from_json(const Poco::JSON::Object::Ptr &Obj) {
+        try {
+            field_from_json(Obj,"source",source);
+            field_from_json(Obj,"reason",reason);
+            field_from_json(Obj,"parameterName",parameterName);
+            field_from_json(Obj,"parameterType",parameterType);
+            field_from_json(Obj,"parameterValue",parameterValue);
+            field_from_json(Obj,"modified",modified);
+            return true;
+        } catch(...) {
+
+        }
+        return false;
+    }
+
+    void ConfigurationOverrideList::to_json(Poco::JSON::Object &Obj) const {
+        field_to_json(Obj,"serialNumber",serialNumber);
+        field_to_json(Obj,"managementPolicy",managementPolicy);
+        field_to_json(Obj,"overrides",overrides);
+    }
+
+    bool ConfigurationOverrideList::from_json(const Poco::JSON::Object::Ptr &Obj) {
+        try {
+            field_from_json(Obj,"serialNumber",serialNumber);
+            field_from_json(Obj,"managementPolicy",managementPolicy);
+            field_from_json(Obj,"overrides",overrides);
+            return true;
+        } catch(...) {
+
+        }
+        return false;
+    }
+
 }
 
 

src/RESTObjects/RESTAPI_ProvObjects.h

@@ -428,6 +428,7 @@ namespace OpenWifi::ProvObjects {
         std::string     devClass;
         std::string     locale;
         std::string     realMacAddress;
+        bool            doNotAllowOverrides=false;
 
         void to_json(Poco::JSON::Object &Obj) const;
         bool from_json(const Poco::JSON::Object::Ptr &Obj);
@@ -693,6 +694,27 @@ namespace OpenWifi::ProvObjects {
         bool from_json(const Poco::JSON::Object::Ptr &Obj);
     };
 
+    struct ConfigurationOverride {
+        std::string     source;
+        std::string     reason;
+        std::string     parameterName;
+        std::string     parameterType;
+        std::string     parameterValue;
+        std::uint64_t   modified;
+
+        void to_json(Poco::JSON::Object &Obj) const;
+        bool from_json(const Poco::JSON::Object::Ptr &Obj);
+    };
+
+    struct ConfigurationOverrideList {
+        std::string     serialNumber;
+        Types::UUID_t   managementPolicy;
+        std::vector<ConfigurationOverride>  overrides;
+
+        void to_json(Poco::JSON::Object &Obj) const;
+        bool from_json(const Poco::JSON::Object::Ptr &Obj);
+    };
+
     bool UpdateObjectInfo(const Poco::JSON::Object::Ptr &O, const SecurityObjects::UserInfo &U, ObjectInfo &I);
     bool CreateObjectInfo(const Poco::JSON::Object::Ptr &O, const SecurityObjects::UserInfo &U, ObjectInfo &I);
     bool CreateObjectInfo(const SecurityObjects::UserInfo &U, ObjectInfo &I);

src/RESTObjects/RESTAPI_SecurityObjects.cpp

@@ -619,5 +619,80 @@ namespace OpenWifi::SecurityObjects {
         field_to_json(Obj,"login",login);
         field_to_json(Obj,"logout",logout);
     }
+
+    void ApiKeyAccessRight::to_json(Poco::JSON::Object &Obj) const {
+        field_to_json(Obj, "service", service);
+        field_to_json(Obj, "access", access);
+    }
+
+    bool ApiKeyAccessRight::from_json(const Poco::JSON::Object::Ptr &Obj) {
+        try {
+            field_from_json(Obj, "service", service);
+            field_from_json(Obj, "access", access);
+            return true;
+        } catch(...) {
+            std::cout << "Cannot parse: Token" << std::endl;
+        }
+        return false;
+    }
+
+    void ApiKeyAccessRightList::to_json(Poco::JSON::Object &Obj) const {
+        field_to_json(Obj, "acls", acls);
+    }
+
+    bool ApiKeyAccessRightList::from_json(const Poco::JSON::Object::Ptr &Obj) {
+        try {
+            field_from_json(Obj, "acls", acls);
+            return true;
+        } catch(...) {
+            std::cout << "Cannot parse: Token" << std::endl;
+        }
+        return false;
+    }
+
+    void ApiKeyEntry::to_json(Poco::JSON::Object &Obj) const {
+        field_to_json(Obj, "id", id);
+        field_to_json(Obj, "userUuid", userUuid);
+        field_to_json(Obj, "name", name);
+        field_to_json(Obj, "apiKey", apiKey);
+        field_to_json(Obj, "salt", salt);
+        field_to_json(Obj, "description", description);
+        field_to_json(Obj, "expiresOn", expiresOn);
+        field_to_json(Obj, "rights", rights);
+        field_to_json(Obj, "lastUse", lastUse);
+    }
+
+    bool ApiKeyEntry::from_json(const Poco::JSON::Object::Ptr &Obj) {
+        try {
+            field_from_json(Obj, "id", id);
+            field_from_json(Obj, "userUuid", userUuid);
+            field_from_json(Obj, "name", name);
+            field_from_json(Obj, "apiKey", apiKey);
+            field_from_json(Obj, "salt", salt);
+            field_from_json(Obj, "description", description);
+            field_from_json(Obj, "expiresOn", expiresOn);
+            field_from_json(Obj, "rights", rights);
+            field_from_json(Obj, "lastUse", lastUse);
+            return true;
+        } catch(...) {
+            std::cout << "Cannot parse: Token" << std::endl;
+        }
+        return false;
+    }
+
+    void ApiKeyEntryList::to_json(Poco::JSON::Object &Obj) const {
+        field_to_json(Obj, "apiKeys", apiKeys);
+    }
+
+    bool ApiKeyEntryList::from_json(const Poco::JSON::Object::Ptr &Obj) {
+        try {
+            field_from_json(Obj, "apiKeys", apiKeys);
+            return true;
+        } catch(...) {
+            std::cout << "Cannot parse: Token" << std::endl;
+        }
+        return false;
+    }
+
 }
 

src/RESTObjects/RESTAPI_SecurityObjects.h

@@ -325,5 +325,44 @@ namespace OpenWifi {
 
             void to_json(Poco::JSON::Object &Obj) const;
         };
+
+        struct ApiKeyAccessRight {
+            std::string     service;
+            std::string     access;
+
+            void to_json(Poco::JSON::Object &Obj) const;
+            bool from_json(const Poco::JSON::Object::Ptr &Obj);
+        };
+
+        struct ApiKeyAccessRightList {
+            std::vector<ApiKeyAccessRight>      acls;
+
+            void to_json(Poco::JSON::Object &Obj) const;
+            bool from_json(const Poco::JSON::Object::Ptr &Obj);
+        };
+
+        struct ApiKeyEntry {
+            Types::UUID_t           id;
+            Types::UUID_t           userUuid;
+            std::string             name;
+            std::string             description;
+            std::string             apiKey;
+            std::string             salt;
+            std::uint64_t           created;
+            std::uint64_t           expiresOn=0;
+            ApiKeyAccessRightList   rights;
+            std::uint64_t           lastUse=0;
+
+            void to_json(Poco::JSON::Object &Obj) const;
+            bool from_json(const Poco::JSON::Object::Ptr &Obj);
+        };
+
+        struct ApiKeyEntryList {
+            std::vector<ApiKeyEntry>    apiKeys;
+
+            void to_json(Poco::JSON::Object &Obj) const;
+            bool from_json(const Poco::JSON::Object::Ptr &Obj);
+        };
+
     }
 }

src/ScriptManager.cpp

@@ -0,0 +1,23 @@
+//
+// Created by stephane bourque on 2022-11-21.
+//
+
+#include "ScriptManager.h"
+#include "framework/MicroServiceFuncs.h"
+#include <fstream>
+#include "Poco/JSON/Parser.h"
+
+namespace OpenWifi {
+
+	int ScriptManager::Start() {
+		poco_notice(Logger(),"Starting...");
+		ScriptDir_ = MicroServiceConfigPath("script.manager.directory", MicroServiceDataDirectory() + "/included_scripts" );
+		return 0;
+	}
+
+	void ScriptManager::Stop() {
+		poco_notice(Logger(),"Stopping...");
+		poco_notice(Logger(),"Stopped...");
+	}
+
+} // namespace OpenWifi

src/ScriptManager.h

@@ -0,0 +1,34 @@
+//
+// Created by stephane bourque on 2022-11-21.
+//
+
+#pragma once
+
+#include "framework/SubSystemServer.h"
+
+namespace OpenWifi {
+
+	class ScriptManager : public SubSystemServer {
+	  public:
+		static auto instance() {
+			auto static instance_ = new ScriptManager;
+			return instance_;
+		}
+
+		int Start();
+		void Stop();
+
+	  private:
+		std::string 		ScriptDir_;
+
+		explicit ScriptManager() noexcept:
+			SubSystemServer("ScriptManager", "SCRIPT-MGR", "script.manager")
+		{
+		}
+
+	};
+
+	inline auto ScriptManager() { return ScriptManager::instance(); }
+
+} // namespace OpenWifi
+

src/SignatureMgr.cpp

@@ -0,0 +1,7 @@
+//
+// Created by stephane bourque on 2022-11-22.
+//
+
+#include "SignatureMgr.h"
+
+namespace OpenWifi {} // namespace OpenWifi

src/SignatureMgr.h

@@ -0,0 +1,176 @@
+//
+// Created by stephane bourque on 2022-11-22.
+//
+
+#pragma once
+
+#include <fstream>
+#include <shared_mutex>
+
+#include "framework/SubSystemServer.h"
+#include "framework/MicroServiceFuncs.h"
+#include "framework/utils.h"
+
+#include "RESTObjects/RESTAPI_GWobjects.h"
+#include "Poco/DigestStream.h"
+#include "Poco/DigestEngine.h"
+#include "Poco/Crypto/RSADigestEngine.h"
+#include "Poco/StreamCopier.h"
+#include "Poco/File.h"
+#include "Poco/StringTokenizer.h"
+#include "Poco/TemporaryFile.h"
+#include "fmt/format.h"
+
+namespace OpenWifi {
+
+	class SignatureManager : public SubSystemServer {
+	  public:
+		inline static auto instance() {
+			static auto instance_ = new SignatureManager;
+			return instance_;
+		}
+
+		struct SignatureCacheEntry {
+			std::string 	vendor_uri_hash;
+			std::string 	signature;
+		};
+
+		inline int Start() final {
+			poco_notice(Logger(),"Starting...");
+
+			std::shared_lock L(KeyMutex_);
+
+			CacheFilename_ = MicroServiceDataDirectory() + "/signature_cache";
+			Poco::File	CacheFile(CacheFilename_);
+
+			if(CacheFile.exists()) {
+				std::fstream	CacheFileContent(CacheFilename_, std::ios_base::in);
+				std::string 	line;
+				while(std::getline(CacheFileContent, line)) {
+					auto Tokens = Poco::StringTokenizer(line,":");
+					if(Tokens.count()==2) {
+						SignatureCache_[Tokens[0]] = Tokens[1];
+					}
+				}
+			}
+			poco_information(Logger(),fmt::format("Found {} entries in signature cache.", SignatureCache_.size()));
+
+			// read all the key vendors.
+			//		signature.manager.0.key.public
+			//		signature.manager.0.key.private
+			//		signature.manager.0.vendor
+			int i=0;
+			while(true) {
+				auto Vendor = MicroServiceConfigGetString("signature.manager." + std::to_string(i) + ".vendor","");
+				auto PrivateKey = MicroServiceConfigPath("signature.manager." + std::to_string(i) + ".key.private","");
+				auto PublicKey = MicroServiceConfigPath("signature.manager." + std::to_string(i) + ".key.public","");
+				if(Vendor.empty() || PrivateKey.empty() || PublicKey.empty()) {
+					break;
+				}
+				Poco::File	PubKey(PublicKey), PrivKey(PrivateKey);
+				if(PubKey.exists() && PrivKey.exists()) {
+					Keys_[Vendor] = Poco::SharedPtr<Poco::Crypto::RSAKey>(
+						new Poco::Crypto::RSAKey(PublicKey, PrivateKey, ""));
+				}
+				++i;
+			}
+
+			poco_information(Logger(),fmt::format("{} signatures in dictionary.", Keys_.size()));
+
+			return 0;
+		}
+
+		inline void Stop() final {
+			poco_notice(Logger(),"Stopping...");
+			poco_notice(Logger(),"Stopped...");
+		}
+
+		inline std::string Sign(const GWObjects::DeviceRestrictions &Restrictions, const std::string &Data) const {
+			std::shared_lock L(KeyMutex_);
+			try {
+				if (Restrictions.key_info.algo == "static") {
+					return "aaaaaaaaaa";
+				}
+				auto Vendor = Keys_.find(Restrictions.key_info.vendor);
+				if (Vendor == Keys_.end()) {
+					poco_error( Logger(), fmt::format("{}: vendor unknown.", Vendor->first));
+					return "";
+				}
+
+				if (Restrictions.key_info.algo == "dgst-sha256") {
+					Poco::Crypto::RSADigestEngine R(*Vendor->second, "SHA256");
+					Poco::DigestOutputStream ostr(R);
+					ostr << Data;
+					ostr.flush();
+					auto Signature = Utils::base64encode(
+						(const unsigned char *)R.signature().data(), R.signature().size());
+					return Signature;
+				}
+			} catch (const Poco::Exception &E) {
+				Logger().log(E);
+			}
+			return "";
+		}
+
+		inline std::string Sign(const GWObjects::DeviceRestrictions &Restrictions, const Poco::URI &uri)  {
+			std::shared_lock L(KeyMutex_);
+			try {
+				if (Restrictions.key_info.algo == "static") {
+					return "aaaaaaaaaa";
+				}
+
+				auto Vendor = Keys_.find(Restrictions.key_info.vendor);
+				if (Vendor == Keys_.end()) {
+					poco_error( Logger(), fmt::format("{}: vendor unknown.", Restrictions.key_info.vendor));
+					return "";
+				}
+
+				if (Restrictions.key_info.algo == "dgst-sha256") {
+					auto FileHash =
+						Utils::ComputeHash(Restrictions.key_info.vendor, Restrictions.key_info.algo, uri.getPathAndQuery());
+					auto CacheEntry = SignatureCache_.find(FileHash);
+					if (CacheEntry != end(SignatureCache_)) {
+						return CacheEntry->second;
+					}
+
+					Poco::TemporaryFile TempDownloadedFile;
+					if (Utils::wgetfile(uri, TempDownloadedFile.path())) {
+						Poco::Crypto::RSADigestEngine R(*Vendor->second, "SHA256");
+						Poco::DigestOutputStream ofs(R);
+						std::fstream ifs(TempDownloadedFile.path(),
+										 std::ios_base::in | std::ios_base::binary);
+						Poco::StreamCopier::copyStream(ifs, ofs);
+						ofs.flush();
+						auto Signature = Utils::base64encode((const unsigned char *)R.signature().data(),R.signature().size());
+						SignatureCache_[FileHash] = Signature;
+						SaveCache();
+						return Signature;
+					}
+				}
+			} catch (const Poco::Exception &E) {
+				Logger().log(E);
+			}
+			return "";
+		}
+
+		void SaveCache() {
+			std::ofstream 	ofs(CacheFilename_, std::ios_base::trunc | std::ios_base::out);
+
+			for(const auto &[hash,signature]:SignatureCache_) {
+				ofs << hash << ":" << signature << std::endl;
+			}
+		}
+
+	  private:
+		mutable std::shared_mutex KeyMutex_;
+		std::map<std::string, Poco::SharedPtr<Poco::Crypto::RSAKey>> Keys_;
+		std::map<std::string,std::string>		SignatureCache_;
+		std::string 							CacheFilename_;
+		explicit SignatureManager() noexcept
+			: SubSystemServer("SignatureManager", "SIGNATURE-MGR", "signature.manager") {}
+	};
+
+	inline auto SignatureManager() { return SignatureManager::instance(); }
+
+}
+

src/StateUtils.cpp

@@ -12,56 +12,75 @@ namespace OpenWifi::StateUtils {
 		return 5;
 	}
 
-	bool ComputeAssociations(const Poco::JSON::Object::Ptr RawObject, uint64_t &Radios_2G,
-										 uint64_t &Radios_5G) {
+	static int BandToInt(const std::string &band) {
+		if(band=="2G") return 2;
+		if(band=="5G") return 5;
+		if(band=="6G") return 6;
+		return 2;
+	}
+
+	bool ComputeAssociations(const Poco::JSON::Object::Ptr RawObject,
+							 uint64_t &Radios_2G,
+							 uint64_t &Radios_5G, uint64_t &Radios_6G) {
 		Radios_2G = 0 ;
 		Radios_5G = 0;
+		Radios_6G = 0;
+
 		if(RawObject->isArray("radios") && RawObject->isArray("interfaces")) {
 			auto RA = RawObject->getArray("radios");
 			// map of phy to 2g/5g
 			std::map<std::string,int>   RadioPHYs;
 			//  parse radios and get the phy out with the band
+			bool UseBandInfo = false;
 			for(auto const &i:*RA) {
-				Poco::JSON::Parser p2;
+//				Poco::JSON::Parser p2;
 				auto RadioObj = i.extract<Poco::JSON::Object::Ptr>();
-				if(RadioObj->has("phy") && RadioObj->has("channel")) {
+				if(RadioObj->has("band")) {
+					// std::cout << "Use band info" << std::endl;
+					UseBandInfo = true ;
+				} else if(RadioObj->has("phy") && RadioObj->has("channel")) {
 					if(RadioObj->isArray("channel")) {
 						auto ChannelArray = RadioObj->getArray("channel");
 						if(ChannelArray->size()) {
-							RadioPHYs[RadioObj->get("phy").toString()] =
+							RadioPHYs[RadioObj->get("phy")] =
 								ChannelToBand( ChannelArray->getElement<uint64_t>(0) );
 						}
 					} else {
-						RadioPHYs[RadioObj->get("phy").toString()] =
+						RadioPHYs[RadioObj->get("phy")] =
 							ChannelToBand(RadioObj->get("channel"));
 					}
 				}
 			}
 
-			auto IA = RawObject->getArray("interfaces");
-			for(auto const &i:*IA) {
-				auto InterfaceObj = i.extract<Poco::JSON::Object::Ptr>();
+			auto InterfaceArray = RawObject->getArray("interfaces");
+			for(auto const &interface:*InterfaceArray) {
+				auto InterfaceObj = interface.extract<Poco::JSON::Object::Ptr>();
 				if(InterfaceObj->isArray("ssids")) {
-					auto SSIDA = InterfaceObj->getArray("ssids");
-					for(const auto &s:*SSIDA) {
-						auto SSIDinfo = s.extract<Poco::JSON::Object::Ptr>();
-						if(SSIDinfo->isArray("associations") && SSIDinfo->has("phy")) {
-							auto PHY = SSIDinfo->get("phy").toString();
+					auto SSIDArray = InterfaceObj->getArray("ssids");
+					for(const auto &ssid:*SSIDArray) {
+						auto SSID_info = ssid.extract<Poco::JSON::Object::Ptr>();
+						if(SSID_info->isArray("associations") && SSID_info->has("phy")) {
 							int Radio = 2;
-							auto Rit = RadioPHYs.find(PHY);
-							if(Rit!=RadioPHYs.end())
-								Radio = Rit->second;
-							auto AssocA = SSIDinfo->getArray("associations");
-							if(Radio==2) {
-								Radios_2G += AssocA->size();
+							if(UseBandInfo) {
+								Radio = BandToInt(SSID_info->get("band"));
+							} else {
+								auto PHY = SSID_info->get("phy");
+								auto Rit = RadioPHYs.find(PHY);
+								if (Rit != RadioPHYs.end())
+									Radio = Rit->second;
 							}
-							else {
-								Radios_5G += AssocA->size();
+							auto AssocA = SSID_info->getArray("associations");
+							switch(Radio) {
+								case 2: Radios_2G += AssocA->size(); break;
+								case 5: Radios_5G += AssocA->size(); break;
+								case 6: Radios_6G += AssocA->size(); break;
+								default: Radios_2G += AssocA->size(); break;
 							}
 						}
 					}
 				}
 			}
+//			std::cout << Radios_2G << " " << Radios_5G << " " << Radios_6G << std::endl;
 			return true;
 		}
 		return false;

src/StateUtils.h

@@ -8,5 +8,5 @@
 
 namespace OpenWifi::StateUtils {
 	bool ComputeAssociations(const Poco::JSON::Object::Ptr RawObject, uint64_t &Radios_2G,
-						 uint64_t &Radios_5G);
+						 uint64_t &Radios_5G, uint64_t &Radio_6G);
 }

src/StorageArchiver.cpp

@@ -18,36 +18,40 @@ namespace OpenWifi {
 	void Archiver::onTimer([[maybe_unused]] Poco::Timer &timer){
 		Utils::SetThreadName("strg-archiver");
 		auto now = Utils::Now();
-		for(const auto &i:DBs_) {
-			if (!Poco::icompare(i.DBName, "healthchecks")) {
+		for(const auto &[DBName, Keep]:DBs_) {
+			if (!Poco::icompare(DBName, "healthchecks")) {
 				poco_information(Logger(),"Archiving HealthChecks...");
 				StorageService()->RemoveHealthChecksRecordsOlderThan(
-					now - (i.HowManyDays * 24 * 60 * 60));
-			} else if (!Poco::icompare(i.DBName, "statistics")) {
+					now - (Keep * 24 * 60 * 60));
+			} else if (!Poco::icompare(DBName, "statistics")) {
 				poco_information(Logger(),"Archiving Statistics...");
 				StorageService()->RemoveStatisticsRecordsOlderThan(
-					now - (i.HowManyDays * 24 * 60 * 60));
-			} else if (!Poco::icompare(i.DBName, "devicelogs")) {
+					now - (Keep * 24 * 60 * 60));
+			} else if (!Poco::icompare(DBName, "devicelogs")) {
 				poco_information(Logger(),"Archiving Device Logs...");
 				StorageService()->RemoveDeviceLogsRecordsOlderThan(
-					now - (i.HowManyDays * 24 * 60 * 60));
-			} else if (!Poco::icompare(i.DBName, "commandlist")) {
+					now - (Keep * 24 * 60 * 60));
+			} else if (!Poco::icompare(DBName, "commandlist")) {
 				poco_information(Logger(),"Archiving Command History...");
 				StorageService()->RemoveCommandListRecordsOlderThan(
-					now - (i.HowManyDays * 24 * 60 * 60));
+					now - (Keep * 24 * 60 * 60));
+			} else if (!Poco::icompare(DBName, "fileuploads")) {
+				poco_information(Logger(),"Archiving Upload files...");
+				StorageService()->RemoveUploadedFilesRecordsOlderThan(
+					now - (Keep * 24 * 60 * 60));
 			} else {
-				poco_information(Logger(),fmt::format("Cannot archive DB '{}'", i.DBName));
+				poco_information(Logger(),fmt::format("Cannot archive DB '{}'", DBName));
 			}
 		}
 		AppServiceRegistry().Set("lastStorageArchiverRun", (uint64_t) now);
 	}
 
-	static auto CalculateDelta(int H, int M) {
+	static auto CalculateDelta(std::uint64_t H, std::uint64_t M) {
 		Poco::LocalDateTime dt;
-		Poco::LocalDateTime scheduled(dt.year(), dt.month(), dt.day(), H, M, 0);
+		Poco::LocalDateTime scheduled(dt.year(), dt.month(), dt.day(), (int)H, (int)M, 0);
 
-		size_t delta = 0;
-		if ((dt.hour() < H) || (dt.hour()==H && dt.minute()<M)) {
+		std::uint64_t delta = 0;
+		if ((dt.hour() < (int)H) || (dt.hour()==(int)H && dt.minute()<(int)M)) {
 			delta = scheduled.timestamp().epochTime() - dt.timestamp().epochTime();
 		} else {
 			delta = (24*60*60) - (dt.timestamp().epochTime() - scheduled.timestamp().epochTime());
@@ -69,13 +73,13 @@ namespace OpenWifi {
 		auto Schedule = MicroServiceConfigGetString("archiver.schedule","03:00");
 		auto S = Poco::StringTokenizer(Schedule,":");
 
-		int RunAtHour_, RunAtMin_;
+		std::uint64_t RunAtHour_, RunAtMin_;
 		if(S.count()!=2) {
 			RunAtHour_ = 3 ;
 			RunAtMin_ = 0;
 		} else {
-			RunAtHour_ = std::atoi(S[0].c_str());
-			RunAtMin_ = std::atoi(S[1].c_str());
+			RunAtHour_ = std::strtoull(S[0].c_str(), nullptr, 10);
+			RunAtMin_ = std::strtoull(S[1].c_str(), nullptr, 10);
 		}
 
 		for(int i=0;i<20;i++) {
@@ -86,10 +90,7 @@ namespace OpenWifi {
 					if(Poco::icompare(DBName,DB)==0) {
 						std::string Key = "archiver.db." + std::to_string(i) + ".keep";
 						auto Keep = MicroServiceConfigGetInt(Key,7);
-						Archiver_->AddDb(Archiver::ArchiverDBEntry{
-							.DBName = DB,
-							.HowManyDays = Keep
-						});
+						Archiver_->AddDb(DB, Keep);
 					}
 				}
 			}

src/StorageArchiver.h

@@ -13,28 +13,26 @@
 
 namespace OpenWifi {
 
-    static const std::list<std::string>		AllInternalDBNames{"healthchecks", "statistics", "devicelogs" , "commandlist" };
+    static const std::list<std::string>		AllInternalDBNames{"healthchecks", "statistics", "devicelogs" , "commandlist", "fileuploads"};
 
     class Archiver {
       public:
-    	struct ArchiverDBEntry {
-    		std::string 					DBName;
-    		uint64_t 						HowManyDays=7;
-    	};
-    	typedef std::vector<ArchiverDBEntry>	ArchiverDBEntryVec;
 
 		explicit Archiver(Poco::Logger &Logger):
 			Logger_(Logger) {
+			for(const auto &db:AllInternalDBNames) {
+				DBs_[db] = 7 ;
+			}
 		}
 
     	void onTimer(Poco::Timer & timer);
-    	inline void AddDb(const ArchiverDBEntry &E ) {
-			DBs_.push_back(E);
+    	inline void AddDb(const std::string &dbname, std::uint64_t retain) {
+			DBs_[dbname] = retain;
 		}
 		inline Poco::Logger & Logger() { return Logger_; }
       private:
-		Poco::Logger		&Logger_;
-    	ArchiverDBEntryVec	DBs_;
+		Poco::Logger							&Logger_;
+    	std::map<std::string,std::uint64_t>		DBs_;
     };
 
     class StorageArchiver : public SubSystemServer {

src/StorageService.cpp

@@ -17,6 +17,10 @@ namespace OpenWifi {
 		Create_Tables();
         InitializeBlackListCache();
 
+		ScriptDB_ = std::make_unique<OpenWifi::ScriptDB>("Scripts", "scr", dbType_,*Pool_, Logger());
+		ScriptDB_->Create();
+		ScriptDB_->Initialize();
+
 		return 0;
     }
 

src/StorageService.h

@@ -11,6 +11,8 @@
 #include "framework/StorageClass.h"
 #include "RESTObjects//RESTAPI_GWobjects.h"
 #include "Poco/Net/IPAddress.h"
+#include "CentralConfig.h"
+#include "storage/storage_scripts.h"
 
 namespace OpenWifi {
 
@@ -28,6 +30,8 @@ namespace OpenWifi {
 			COMMAND_EXECUTING
 		};
 
+		inline OpenWifi::ScriptDB & ScriptDB() { return *ScriptDB_; }
+
 		inline std::string to_string(const CommandExecutionType &C) {
 			switch(C) {
 				case CommandExecutionType::COMMAND_PENDING: return "pending";
@@ -84,6 +88,7 @@ namespace OpenWifi {
 		bool AddStatisticsData(const GWObjects::Statistics & Stats);
 		bool GetStatisticsData(std::string &SerialNumber, uint64_t FromDate, uint64_t ToDate, uint64_t Offset, uint64_t HowMany,
 							   std::vector<GWObjects::Statistics> &Stats);
+        bool GetNumberOfStatisticsDataRecords(std::string &SerialNumber, uint64_t FromDate, uint64_t ToDate, std::uint64_t  &Count);
 		bool DeleteStatisticsData(std::string &SerialNumber, uint64_t FromDate, uint64_t ToDate );
 		bool GetNewestStatisticsData(std::string &SerialNumber, uint64_t HowMany, std::vector<GWObjects::Statistics> &Stats);
 
@@ -97,7 +102,7 @@ namespace OpenWifi {
 		bool UpdateDeviceConfiguration(std::string &SerialNumber, std::string &Configuration, uint64_t & NewUUID );
 
 		bool CreateDevice(GWObjects::Device &);
-		bool CreateDefaultDevice(std::string & SerialNumber, std::string & Capabilities, std::string & Firmware, std::string &Compatible,const Poco::Net::IPAddress & IPAddress);
+		bool CreateDefaultDevice(std::string &SerialNumber, const Config::Capabilities &Caps, std::string & Firmware, const Poco::Net::IPAddress & IPAddress);
 
 		bool GetDevice(std::string &SerialNumber, GWObjects::Device &);
 		bool GetDevices(uint64_t From, uint64_t HowMany, std::vector<GWObjects::Device> &Devices, const std::string & orderBy="");
@@ -111,14 +116,14 @@ namespace OpenWifi {
 		bool GetDeviceFWUpdatePolicy(std::string & SerialNumber, std::string & Policy);
 		bool SetDevicePassword(std::string & SerialNumber, std::string & Password);
 		bool UpdateSerialNumberCache();
-		void GetDeviceDbFieldList( Types::StringVec & Fields);
+		static void GetDeviceDbFieldList( Types::StringVec & Fields);
 
 		bool ExistingConfiguration(std::string &SerialNumber, uint64_t CurrentConfig, std::string &NewConfig, uint64_t &);
 
-		bool UpdateDeviceCapabilities(std::string &SerialNumber, std::string &State, std::string & Compatible);
+		bool UpdateDeviceCapabilities(std::string &SerialNumber, const Config::Capabilities & Capabilities);
 		bool GetDeviceCapabilities(std::string &SerialNumber, GWObjects::Capabilities &);
 		bool DeleteDeviceCapabilities(std::string & SerialNumber);
-		bool CreateDeviceCapabilities(std::string & SerialNumber, std::string & Capabilities);
+		bool CreateDeviceCapabilities(std::string & SerialNumber, const Config::Capabilities & Capabilities);
 		bool InitCapabilitiesCache();
 
 		bool GetLogData(std::string &SerialNumber, uint64_t FromDate, uint64_t ToDate, uint64_t Offset, uint64_t HowMany,
@@ -144,11 +149,9 @@ namespace OpenWifi {
 		bool DeleteCommand( std::string &UUID );
 		bool GetReadyToExecuteCommands( uint64_t Offset, uint64_t HowMany, std::vector<GWObjects::CommandDetails> & Commands );
 		bool CommandExecuted(std::string & UUID);
-		bool CommandCompleted(std::string & UUID, const Poco::JSON::Object & ReturnVars, const std::chrono::duration<double, std::milli> & execution_time, bool FullCommand);
-//		bool AttachFileToCommand(std::string & UUID);
-		bool AttachFileDataToCommand(std::string & UUID, const std::stringstream &s);
+		bool CommandCompleted(std::string & UUID, Poco::JSON::Object::Ptr ReturnVars, const std::chrono::duration<double, std::milli> & execution_time, bool FullCommand);
+		bool AttachFileDataToCommand(std::string & UUID, const std::stringstream &s, const std::string &Type);
 		bool CancelWaitFile( std::string & UUID, std::string & ErrorText );
-//		bool GetAttachedFile(std::string & UUID, const std::string & SerialNumber, const std::string & FileName, std::string &Type);
 		bool GetAttachedFileContent(std::string & UUID, const std::string & SerialNumber, std::string & FileContent, std::string &Type);
 		bool RemoveAttachedFile(std::string & UUID);
 		bool SetCommandResult(std::string & UUID, std::string & Result);
@@ -175,6 +178,7 @@ namespace OpenWifi {
 		bool RemoveDeviceLogsRecordsOlderThan(uint64_t Date);
 		bool RemoveStatisticsRecordsOlderThan(uint64_t Date);
 		bool RemoveCommandListRecordsOlderThan(uint64_t Date);
+		bool RemoveUploadedFilesRecordsOlderThan(uint64_t Date);
 
 		int Create_Tables();
 		int Create_Statistics();
@@ -195,6 +199,8 @@ namespace OpenWifi {
 
 	  private:
 
+		std::unique_ptr<OpenWifi::ScriptDB>		ScriptDB_;
+
    };
 
    inline auto StorageService() { return Storage::instance(); }

src/TelemetryClient.cpp

@@ -80,7 +80,7 @@ namespace OpenWifi {
 	void TelemetryClient::SendTelemetryShutdown() {
 		poco_information(Logger(),fmt::format("TELEMETRY-SHUTDOWN({}): Closing.",CId_));
 		DeRegister();
-		AP_WS_Server()->StopWebSocketTelemetry(CommandManager()->NextRPCId(), SerialNumber_);
+		AP_WS_Server()->StopWebSocketTelemetry(CommandManager()->Next_RPC_ID(), SerialNumber_);
 		TelemetryStream()->DeRegisterClient(UUID_);
 	}
 

src/UI_GW_WebSocketNotifications.cpp

@@ -4,12 +4,13 @@
 
 #include "UI_GW_WebSocketNotifications.h"
 
-namespace OpenWifi {
-	inline void WebNotificationSingleDevice::to_json(Poco::JSON::Object &Obj) const {
+namespace OpenWifi::GWWebSocketNotifications {
+
+	inline void SingleDevice::to_json(Poco::JSON::Object &Obj) const {
 		RESTAPI_utils::field_to_json(Obj,"serialNumber", serialNumber);
 	}
 
-	inline bool WebNotificationSingleDevice::from_json(const Poco::JSON::Object::Ptr &Obj) {
+	inline bool SingleDevice::from_json(const Poco::JSON::Object::Ptr &Obj) {
 		try {
 			RESTAPI_utils::field_from_json(Obj,"serialNumber", serialNumber);
 			return true;
@@ -19,13 +20,13 @@ namespace OpenWifi {
 		return false;
 	}
 
-	inline void WebNotificationSingleDeviceConfigurationChange::to_json(Poco::JSON::Object &Obj) const {
+	inline void SingleDeviceConfigurationChange::to_json(Poco::JSON::Object &Obj) const {
 		RESTAPI_utils::field_to_json(Obj,"serialNumber", serialNumber);
 		RESTAPI_utils::field_to_json(Obj,"oldUUID", oldUUID);
 		RESTAPI_utils::field_to_json(Obj,"newUUID", newUUID);
 	}
 
-	inline bool WebNotificationSingleDeviceConfigurationChange::from_json(const Poco::JSON::Object::Ptr &Obj) {
+	inline bool SingleDeviceConfigurationChange::from_json(const Poco::JSON::Object::Ptr &Obj) {
 		try {
 			RESTAPI_utils::field_from_json(Obj,"serialNumber", serialNumber);
 			RESTAPI_utils::field_from_json(Obj,"oldUUID", oldUUID);
@@ -37,12 +38,12 @@ namespace OpenWifi {
 		return false;
 	}
 
-	inline void WebNotificationSingleDeviceFirmwareChange::to_json(Poco::JSON::Object &Obj) const {
+	inline void SingleDeviceFirmwareChange::to_json(Poco::JSON::Object &Obj) const {
 		RESTAPI_utils::field_to_json(Obj,"serialNumber", serialNumber);
 		RESTAPI_utils::field_to_json(Obj,"newFirmware", newFirmware);
 	}
 
-	inline bool WebNotificationSingleDeviceFirmwareChange::from_json(const Poco::JSON::Object::Ptr &Obj) {
+	inline bool SingleDeviceFirmwareChange::from_json(const Poco::JSON::Object::Ptr &Obj) {
 		try {
 			RESTAPI_utils::field_from_json(Obj,"serialNumber", serialNumber);
 			RESTAPI_utils::field_from_json(Obj,"newFirmware", newFirmware);
@@ -53,13 +54,13 @@ namespace OpenWifi {
 		return false;
 	}
 
-	inline void WebSocketClientNotificationNumberOfConnection::to_json(Poco::JSON::Object &Obj) const {
+	inline void NumberOfConnection::to_json(Poco::JSON::Object &Obj) const {
 		RESTAPI_utils::field_to_json(Obj,"numberOfDevices", numberOfDevices);
 		RESTAPI_utils::field_to_json(Obj,"averageConnectedTime", averageConnectedTime);
 		RESTAPI_utils::field_to_json(Obj,"numberOfConnectingDevices", numberOfConnectingDevices);
 	}
 
-	inline bool WebSocketClientNotificationNumberOfConnection::from_json(const Poco::JSON::Object::Ptr &Obj) {
+	inline bool NumberOfConnection::from_json(const Poco::JSON::Object::Ptr &Obj) {
 		try {
 			RESTAPI_utils::field_from_json(Obj,"numberOfDevices", numberOfDevices);
 			RESTAPI_utils::field_from_json(Obj,"averageConnectedTime", averageConnectedTime);
@@ -71,64 +72,89 @@ namespace OpenWifi {
 		return false;
 	}
 
-	void WebSocketClientNotificationNumberOfConnections(WebSocketClientNotificationNumberOfConnection_t &N) {
-		N.type = "device_connections_statistics";
-		UI_WebSocketClientServer()->SendNotification(N);
-	}
-	void WebSocketClientNotificationNumberOfConnections(const std::string & User, WebSocketClientNotificationNumberOfConnection_t &N) {
-		N.type = "device_connections_statistics";
-		UI_WebSocketClientServer()->SendUserNotification(User,N);
-	}
-
-	void WebSocketClientNotificationDeviceConfigurationChange(WebNotificationSingleDeviceConfigurationChange_t &N) {
-		N.type = "device_configuration_upgrade";
+	void NumberOfConnections(NumberOfConnection_t &N) {
+		// N.type = "device_connections_statistics";
+		N.type_id = 1000 ;
 		UI_WebSocketClientServer()->SendNotification(N);
 	}
 
-	void WebSocketClientNotificationDeviceConfigurationChange(const std::string & User, WebNotificationSingleDeviceConfigurationChange_t &N) {
-		N.type = "device_configuration_upgrade";
+	void NumberOfConnections(const std::string & User, NumberOfConnection_t &N) {
+		// N.type = "device_connections_statistics";
+		N.type_id = 1000 ;
 		UI_WebSocketClientServer()->SendUserNotification(User,N);
 	}
 
-	void WebSocketClientNotificationDeviceFirmwareUpdated(WebNotificationSingleDeviceFirmwareChange_t &N) {
-		N.type = "device_firmware_upgrade";
+	void DeviceConfigurationChange(SingleDeviceConfigurationChange_t &N) {
+		// N.type = "device_configuration_upgrade";
+		N.type_id = 2000 ;
 		UI_WebSocketClientServer()->SendNotification(N);
 	}
 
-	void WebSocketClientNotificationDeviceFirmwareUpdated(const std::string & User, WebNotificationSingleDeviceFirmwareChange_t &N){
-		N.type = "device_firmware_upgrade";
+	void DeviceConfigurationChange(const std::string & User, SingleDeviceConfigurationChange_t &N) {
+		// N.type = "device_configuration_upgrade";
+		N.type_id = 2000 ;
 		UI_WebSocketClientServer()->SendUserNotification(User,N);
 	}
 
-	void WebSocketClientNotificationDeviceConnected(WebNotificationSingleDevice_t &N){
-		N.type = "device_connection";
+	void DeviceFirmwareUpdated(SingleDeviceFirmwareChange_t &N) {
+		// N.type = "device_firmware_upgrade";
+		N.type_id = 3000 ;
 		UI_WebSocketClientServer()->SendNotification(N);
 	}
 
-	void WebSocketClientNotificationDeviceConnected(const std::string & User, WebNotificationSingleDevice_t &N){
-		N.type = "device_connection";
+	void DeviceFirmwareUpdated(const std::string & User, SingleDeviceFirmwareChange_t &N){
+		// N.type = "device_firmware_upgrade";
+		N.type_id = 3000 ;
 		UI_WebSocketClientServer()->SendUserNotification(User,N);
 	}
 
-	void WebSocketClientNotificationDeviceDisconnected(const std::string & User, WebNotificationSingleDevice_t &N){
-		N.type = "device_disconnection";
-		UI_WebSocketClientServer()->SendUserNotification(User,N);
-	}
-
-	void WebSocketClientNotificationDeviceDisconnected(WebNotificationSingleDevice_t &N){
-		N.type = "device_disconnection";
+	void DeviceConnected(SingleDevice_t &N){
+		// N.type = "device_connection";
+		N.type_id = 4000 ;
 		UI_WebSocketClientServer()->SendNotification(N);
 	}
 
-	void WebSocketClientNotificationDeviceStatistics(const std::string & User, WebNotificationSingleDevice_t &N){
-		N.type = "device_statistics";
+	void DeviceConnected(const std::string & User, SingleDevice_t &N){
+		// N.type = "device_connection";
+		N.type_id = 4000 ;
 		UI_WebSocketClientServer()->SendUserNotification(User,N);
 	}
 
-	void WebSocketClientNotificationDeviceStatistics(WebNotificationSingleDevice_t &N){
-		N.type = "device_statistics";
+	void DeviceDisconnected(const std::string & User, SingleDevice_t &N){
+		// N.type = "device_disconnection";
+		N.type_id = 5000 ;
+		UI_WebSocketClientServer()->SendUserNotification(User,N);
+	}
+
+	void DeviceDisconnected(SingleDevice_t &N){
+		// N.type = "device_disconnection";
+		N.type_id = 5000 ;
 		UI_WebSocketClientServer()->SendNotification(N);
 	}
 
+	void DeviceStatistics(const std::string & User, SingleDevice_t &N){
+		// N.type = "device_statistics";
+		N.type_id = 6000 ;
+		UI_WebSocketClientServer()->SendUserNotification(User,N);
+	}
+
+	void DeviceStatistics(SingleDevice_t &N){
+		// N.type = "device_statistics";
+		N.type_id = 6000 ;
+		UI_WebSocketClientServer()->SendNotification(N);
+	}
+
+	void Register() {
+		static const UI_WebSocketClientServer::NotificationTypeIdVec Notifications = {
+			{ 1000, "device_connections_statistics" },
+			{ 2000, "device_configuration_upgrade" },
+			{ 3000, "device_firmware_upgrade" },
+			{ 4000, "device_connection" },
+			{ 5000, "device_disconnection" },
+			{ 6000, "device_statistics" }
+		};
+
+		UI_WebSocketClientServer()->RegisterNotifications(Notifications);
+	}
 
 }

src/UI_GW_WebSocketNotifications.h

@@ -7,14 +7,15 @@
 #include "framework/UI_WebSocketClientNotifications.h"
 #include "framework/UI_WebSocketClientServer.h"
 
-namespace OpenWifi {
-	struct WebNotificationSingleDevice {
+namespace OpenWifi::GWWebSocketNotifications {
+
+	struct SingleDevice {
 		std::string		serialNumber;
 		inline void to_json(Poco::JSON::Object &Obj) const ;
 		inline bool from_json(const Poco::JSON::Object::Ptr &Obj);
 	};
 
-	struct WebNotificationSingleDeviceConfigurationChange {
+	struct SingleDeviceConfigurationChange {
 		std::string		serialNumber;
 		uint64_t 		oldUUID;
 		uint64_t 		newUUID;
@@ -23,14 +24,14 @@ namespace OpenWifi {
 		inline bool from_json(const Poco::JSON::Object::Ptr &Obj);
 	};
 
-	struct WebNotificationSingleDeviceFirmwareChange {
+	struct SingleDeviceFirmwareChange {
 		std::string		serialNumber;
 		std::string		newFirmware;
 		inline void to_json(Poco::JSON::Object &Obj) const ;
 		inline bool from_json(const Poco::JSON::Object::Ptr &Obj);
 	};
 
-	struct WebSocketClientNotificationNumberOfConnection {
+	struct NumberOfConnection {
 		std::uint64_t 	numberOfDevices=0;
 		std::uint64_t 	averageConnectedTime=0;
 		std::uint64_t 	numberOfConnectingDevices=0;
@@ -39,23 +40,25 @@ namespace OpenWifi {
 		inline bool from_json(const Poco::JSON::Object::Ptr &Obj);
 	};
 
-	typedef WebSocketNotification<WebNotificationSingleDevice> WebNotificationSingleDevice_t;
-	typedef WebSocketNotification<WebNotificationSingleDeviceConfigurationChange> WebNotificationSingleDeviceConfigurationChange_t;
-	typedef WebSocketNotification<WebNotificationSingleDeviceFirmwareChange> WebNotificationSingleDeviceFirmwareChange_t;
-	typedef WebSocketNotification<WebSocketClientNotificationNumberOfConnection> WebSocketClientNotificationNumberOfConnection_t;
+	void Register();
 
-	void WebSocketClientNotificationNumberOfConnections(WebSocketClientNotificationNumberOfConnection_t &N);
-	void WebSocketClientNotificationDeviceConfigurationChange(WebNotificationSingleDeviceConfigurationChange_t &N);
-	void WebSocketClientNotificationDeviceFirmwareUpdated(WebNotificationSingleDeviceFirmwareChange_t &);
-	void WebSocketClientNotificationDeviceConnected(WebNotificationSingleDevice_t &N);
-	void WebSocketClientNotificationDeviceDisconnected(WebNotificationSingleDevice_t &N);
-	void WebSocketClientNotificationDeviceStatistics(WebNotificationSingleDevice_t &N);
+	typedef WebSocketNotification<SingleDevice> SingleDevice_t;
+	typedef WebSocketNotification<SingleDeviceConfigurationChange> SingleDeviceConfigurationChange_t;
+	typedef WebSocketNotification<SingleDeviceFirmwareChange> SingleDeviceFirmwareChange_t;
+	typedef WebSocketNotification<NumberOfConnection> NumberOfConnection_t;
 
-	void WebSocketClientNotificationNumberOfConnections(const std::string & User, WebSocketClientNotificationNumberOfConnection_t &N);
-	void WebSocketClientNotificationDeviceConfigurationChange(const std::string & User, WebNotificationSingleDeviceConfigurationChange_t &N);
-	void WebSocketClientNotificationDeviceFirmwareUpdated(const std::string & User, WebNotificationSingleDeviceFirmwareChange_t &);
-	void WebSocketClientNotificationDeviceConnected(const std::string & User, WebNotificationSingleDevice_t &N);
-	void WebSocketClientNotificationDeviceDisconnected(const std::string & User, WebNotificationSingleDevice_t &N);
-	void WebSocketClientNotificationDeviceStatistics(const std::string & User, WebNotificationSingleDevice_t &N);
+	void NumberOfConnections(NumberOfConnection_t &N);
+	void DeviceConfigurationChange(SingleDeviceConfigurationChange_t &N);
+	void DeviceFirmwareUpdated(SingleDeviceFirmwareChange_t &);
+	void DeviceConnected(SingleDevice_t &N);
+	void DeviceDisconnected(SingleDevice_t &N);
+	void DeviceStatistics(SingleDevice_t &N);
+
+	void NumberOfConnections(const std::string & User, NumberOfConnection_t &N);
+	void DeviceConfigurationChange(const std::string & User, SingleDeviceConfigurationChange_t &N);
+	void DeviceFirmwareUpdated(const std::string & User, SingleDeviceFirmwareChange_t &);
+	void DeviceConnected(const std::string & User, SingleDevice_t &N);
+	void DeviceDisconnected(const std::string & User, SingleDevice_t &N);
+	void DeviceStatistics(const std::string & User, SingleDevice_t &N);
 
 };

src/framework/ALBserver.cpp

@@ -51,7 +51,13 @@ namespace OpenWifi {
             poco_information(Logger(),"Starting...");
 			Running_=true;
 			Port_ = (int)MicroServiceConfigGetInt("alb.port",15015);
-			Socket_ = std::make_unique<Poco::Net::ServerSocket>(Port_);
+			Poco::Net::IPAddress Addr(Poco::Net::IPAddress::wildcard(
+				Poco::Net::Socket::supportsIPv6() ? Poco::Net::AddressFamily::IPv6
+												  : Poco::Net::AddressFamily::IPv4));
+			Poco::Net::SocketAddress SockAddr(Addr, Port_);
+			Poco::Net::ServerSocket ClientSocket(SockAddr, 64);
+
+			Socket_ = std::make_unique<Poco::Net::ServerSocket>(SockAddr, Port_);
 			auto Params = new Poco::Net::HTTPServerParams;
 			Params->setName("ws:alb");
 			Server_ = std::make_unique<Poco::Net::HTTPServer>(new ALBRequestHandlerFactory(Logger()), *Socket_, Params);

src/framework/AuthClient.cpp

@@ -7,6 +7,7 @@
 #include "framework/AuthClient.h"
 #include "framework/MicroServiceNames.h"
 #include "framework/OpenAPIRequests.h"
+#include "framework/utils.h"
 #include "fmt/format.h"
 
 namespace OpenWifi {
@@ -18,10 +19,13 @@ namespace OpenWifi {
 		try {
 			Types::StringPairVec QueryData;
 			QueryData.push_back(std::make_pair("token",SessionToken));
+            std::string     AlternateURIForLogging = fmt::format("{}?token={}",  Sub ? "/api/v1/validateSubToken" : "/api/v1/validateToken", Utils::SanitizeToken(SessionToken));
 			OpenAPIRequestGet	Req(    uSERVICE_SECURITY,
 								  Sub ? "/api/v1/validateSubToken" : "/api/v1/validateToken",
 								  QueryData,
-								  10000);
+								  10000,
+								  AlternateURIForLogging
+                                  );
 			Poco::JSON::Object::Ptr Response;
 
 			auto StatusCode = Req.Do(Response);
@@ -46,7 +50,7 @@ namespace OpenWifi {
 				}
 			}
 		} catch (...) {
-			poco_error(Logger(),fmt::format("Failed to retrieve token={} for TID={}", SessionToken, TID));
+			poco_error(Logger(),fmt::format("Failed to retrieve token={} for TID={}", Utils::SanitizeToken(SessionToken), TID));
 		}
 		Expired = false;
 		return false;
@@ -59,6 +63,7 @@ namespace OpenWifi {
 		if(!User.isNull()) {
 			if(IsTokenExpired(User->webtoken)) {
 				Expired = true;
+				Cache_.remove(SessionToken);
 				return false;
 			}
 			Expired = false;
@@ -68,4 +73,57 @@ namespace OpenWifi {
 		return RetrieveTokenInformation(SessionToken, UInfo, TID, Expired, Contacted, Sub);
 	}
 
+    bool AuthClient::RetrieveApiKeyInformation(const std::string & SessionToken,
+                                              SecurityObjects::UserInfoAndPolicy & UInfo,
+                                              std::uint64_t TID,
+                                              bool & Expired, bool & Contacted) {
+        try {
+            Types::StringPairVec QueryData;
+            QueryData.push_back(std::make_pair("apikey",SessionToken));
+            std::string     AlternateURIForLogging = fmt::format("/api/v1/validateApiKey?apiKey={}", Utils::SanitizeToken(SessionToken));
+            OpenAPIRequestGet	Req(    uSERVICE_SECURITY,
+                                         "/api/v1/validateApiKey" ,
+                                         QueryData,
+                                         10000,
+                                         AlternateURIForLogging);
+            Poco::JSON::Object::Ptr Response;
+
+            auto StatusCode = Req.Do(Response);
+            if(StatusCode==Poco::Net::HTTPServerResponse::HTTP_GATEWAY_TIMEOUT) {
+                Contacted = false;
+                return false;
+            }
+
+            Contacted = true;
+            if(StatusCode==Poco::Net::HTTPServerResponse::HTTP_OK) {
+                if(Response->has("tokenInfo") && Response->has("userInfo") && Response->has("expiresOn")) {
+                    UInfo.from_json(Response);
+                    Expired = false;
+                    ApiKeyCache_.update(SessionToken, ApiKeyCacheEntry{ .UserInfo = UInfo, .ExpiresOn = Response->get("expiresOn")});
+                    return true;
+                } else {
+                    return false;
+                }
+            }
+        } catch (...) {
+            poco_error(Logger(),fmt::format("Failed to retrieve api key={} for TID={}", Utils::SanitizeToken(SessionToken), TID));
+        }
+        Expired = false;
+        return false;
+    }
+
+    bool AuthClient::IsValidApiKey(const std::string &SessionToken, SecurityObjects::UserInfoAndPolicy &UInfo,
+                                   std::uint64_t TID, bool &Expired, bool &Contacted) {
+        auto User = ApiKeyCache_.get(SessionToken);
+        if (!User.isNull()) {
+            if(User->ExpiresOn < Utils::Now()) {
+                Expired = false;
+                UInfo = User->UserInfo;
+                return true;
+            }
+			ApiKeyCache_.remove(SessionToken);
+        }
+        return RetrieveApiKeyInformation(SessionToken, UInfo, TID, Expired, Contacted);
+    }
+
 } // namespace OpenWifi

src/framework/AuthClient.h

@@ -12,6 +12,7 @@
 namespace OpenWifi {
 
 	class AuthClient : public SubSystemServer {
+
 	  public:
 		explicit AuthClient() noexcept:
 			 SubSystemServer("Authentication", "AUTH-CLNT", "authentication")
@@ -23,7 +24,12 @@ namespace OpenWifi {
 			return instance_;
 		}
 
-		inline int Start() override {
+        struct ApiKeyCacheEntry {
+            OpenWifi::SecurityObjects::UserInfoAndPolicy    UserInfo;
+            std::uint64_t                                   ExpiresOn;
+        };
+
+        inline int Start() override {
 			return 0;
 		}
 
@@ -36,6 +42,7 @@ namespace OpenWifi {
 
 		inline void RemovedCachedToken(const std::string &Token) {
 			Cache_.remove(Token);
+            ApiKeyCache_.remove(Token);
 		}
 
 		inline static bool IsTokenExpired(const SecurityObjects::WebToken &T) {
@@ -46,12 +53,24 @@ namespace OpenWifi {
 			SecurityObjects::UserInfoAndPolicy & UInfo,
 			std::uint64_t TID,
 		bool & Expired, bool & Contacted, bool Sub=false);
+
+        bool RetrieveApiKeyInformation(const std::string & SessionToken,
+                                      SecurityObjects::UserInfoAndPolicy & UInfo,
+                                      std::uint64_t TID,
+                                      bool & Expired, bool & Contacted);
+
 		bool IsAuthorized(const std::string &SessionToken, SecurityObjects::UserInfoAndPolicy & UInfo,
 								 std::uint64_t TID,
 								 bool & Expired, bool & Contacted, bool Sub = false);
 
+        bool IsValidApiKey(const std::string &SessionToken, SecurityObjects::UserInfoAndPolicy & UInfo,
+                          std::uint64_t TID,
+                          bool & Expired, bool & Contacted);
+
 	  private:
+
 		Poco::ExpireLRUCache<std::string,OpenWifi::SecurityObjects::UserInfoAndPolicy>      Cache_{512,1200000 };
+        Poco::ExpireLRUCache<std::string,ApiKeyCacheEntry>                                  ApiKeyCache_{512,1200000 };
 	};
 
 	inline auto AuthClient() { return AuthClient::instance(); }

src/framework/MicroService.cpp

@@ -8,6 +8,7 @@
 #include "Poco/FormattingChannel.h"
 #include "Poco/AsyncChannel.h"
 #include "Poco/NullChannel.h"
+#include "Poco/SplitterChannel.h"
 #include "Poco/Net/HTTPStreamFactory.h"
 #include "Poco/Net/HTTPSStreamFactory.h"
 #include "Poco/Net/FTPSStreamFactory.h"
@@ -26,7 +27,7 @@
 #include "framework/RESTAPI_ExtServer.h"
 #include "framework/RESTAPI_IntServer.h"
 #include "framework/utils.h"
-
+#include "framework/WebSocketLogger.h"
 
 namespace OpenWifi {
 
@@ -77,7 +78,7 @@ namespace OpenWifi {
 									else
 										SvcList += ", " + Svc.second.Type;
 								}
-								logger().information(fmt::format("Current list of microservices: {}", SvcList));
+								poco_information(logger(),fmt::format("Current list of microservices: {}", SvcList));
 							}
 						} else {
 							poco_error(logger(),fmt::format("KAFKA-MSG: invalid event '{}', missing a field.",Event));
@@ -180,8 +181,6 @@ namespace OpenWifi {
 		MyHash_ = Utils::ComputeHash(MyPublicEndPoint_);
 	}
 
-	void MicroServicePostInitialization();
-
 	void MicroService::InitializeLoggingSystem() {
 		static auto initialized = false;
 
@@ -192,75 +191,144 @@ namespace OpenWifi {
 			auto LoggingDestination = MicroService::instance().ConfigGetString("logging.type", "file");
 			auto LoggingFormat = MicroService::instance().ConfigGetString("logging.format",
 																		  "%Y-%m-%d %H:%M:%S.%i %s: [%p][thr:%I] %t");
-			auto UseAsyncLogs_ = MicroService::instance().ConfigGetBool("logging.asynch",false);
+			auto UseAsyncLogs_ = MicroService::instance().ConfigGetBool("logging.asynch", true);
+			auto DisableWebSocketLogging = MicroService::instance().ConfigGetBool("logging.websocket",false);
+
 			if (LoggingDestination == "null") {
 				Poco::AutoPtr<Poco::NullChannel> DevNull(new Poco::NullChannel);
 				Poco::Logger::root().setChannel(DevNull);
 			} else if (LoggingDestination == "console") {
-				Poco::AutoPtr<Poco::ConsoleChannel> Console(new Poco::ConsoleChannel);
-				if(UseAsyncLogs_) {
-					Poco::AutoPtr<Poco::AsyncChannel> Async(new Poco::AsyncChannel(Console));
-					Poco::AutoPtr<Poco::PatternFormatter> Formatter(new Poco::PatternFormatter);
-					Formatter->setProperty("pattern", LoggingFormat);
-					Poco::AutoPtr<Poco::FormattingChannel> FormattingChannel(
-						new Poco::FormattingChannel(Formatter, Async));
-					Poco::Logger::root().setChannel(FormattingChannel);
-				} else {
-					Poco::AutoPtr<Poco::PatternFormatter> Formatter(new Poco::PatternFormatter);
-					Formatter->setProperty("pattern", LoggingFormat);
-					Poco::AutoPtr<Poco::FormattingChannel> FormattingChannel(
-						new Poco::FormattingChannel(Formatter, Console));
-					Poco::Logger::root().setChannel(FormattingChannel);
-				}
+                SetConsoleLogs(UseAsyncLogs_, DisableWebSocketLogging, LoggingFormat);
 			} else if (LoggingDestination == "colorconsole") {
-				Poco::AutoPtr<Poco::ColorConsoleChannel> ColorConsole(new Poco::ColorConsoleChannel);
-				if(UseAsyncLogs_) {
-					Poco::AutoPtr<Poco::AsyncChannel> Async(new Poco::AsyncChannel(ColorConsole));
-					Poco::AutoPtr<Poco::PatternFormatter> Formatter(new Poco::PatternFormatter);
-					Formatter->setProperty("pattern", LoggingFormat);
-					Poco::AutoPtr<Poco::FormattingChannel> FormattingChannel(
-						new Poco::FormattingChannel(Formatter, Async));
-					Poco::Logger::root().setChannel(FormattingChannel);
-				} else {
-					Poco::AutoPtr<Poco::PatternFormatter> Formatter(new Poco::PatternFormatter);
-					Formatter->setProperty("pattern", LoggingFormat);
-					Poco::AutoPtr<Poco::FormattingChannel> FormattingChannel(
-						new Poco::FormattingChannel(Formatter, ColorConsole));
-					Poco::Logger::root().setChannel(FormattingChannel);
-				}
+                SetColorConsoleLogs(UseAsyncLogs_, DisableWebSocketLogging, LoggingFormat);
 			} else if (LoggingDestination == "sql") {
-				//"CREATE TABLE T_POCO_LOG (Source VARCHAR, Name VARCHAR, ProcessId INTEGER, Thread VARCHAR, ThreadId INTEGER, Priority INTEGER, Text VARCHAR, DateTime DATE)"
-
+                SetSQLLogs(UseAsyncLogs_, DisableWebSocketLogging, LoggingFormat);
 			} else if (LoggingDestination == "syslog") {
-
+                SetSyslogLogs(UseAsyncLogs_, DisableWebSocketLogging, LoggingFormat);
 			} else {
-				auto LoggingLocation =
-					MicroService::instance().ConfigPath("logging.path", "$OWCERT_ROOT/logs") + "/log";
+                SetFileLogs(UseAsyncLogs_, DisableWebSocketLogging, LoggingFormat, DAEMON_ROOT_ENV_VAR);
+            }
 
-				Poco::AutoPtr<Poco::FileChannel> FileChannel(new Poco::FileChannel);
-				FileChannel->setProperty("rotation", "10 M");
-				FileChannel->setProperty("archive", "timestamp");
-				FileChannel->setProperty("path", LoggingLocation);
-				if(UseAsyncLogs_) {
-					Poco::AutoPtr<Poco::AsyncChannel> Async_File(
-						new Poco::AsyncChannel(FileChannel));
-					Poco::AutoPtr<Poco::PatternFormatter> Formatter(new Poco::PatternFormatter);
-					Formatter->setProperty("pattern", LoggingFormat);
-					Poco::AutoPtr<Poco::FormattingChannel> FormattingChannel(
-						new Poco::FormattingChannel(Formatter, Async_File));
-					Poco::Logger::root().setChannel(FormattingChannel);
-				} else {
-					Poco::AutoPtr<Poco::PatternFormatter> Formatter(new Poco::PatternFormatter);
-					Formatter->setProperty("pattern", LoggingFormat);
-					Poco::AutoPtr<Poco::FormattingChannel> FormattingChannel(
-						new Poco::FormattingChannel(Formatter, FileChannel));
-					Poco::Logger::root().setChannel(FormattingChannel);
-				}
-			}
 			auto Level = Poco::Logger::parseLevel(MicroService::instance().ConfigGetString("logging.level", "debug"));
 			Poco::Logger::root().setLevel(Level);
+			if(!DisableWebSocketLogging) {
+				static const UI_WebSocketClientServer::NotificationTypeIdVec Notifications = {
+					{1, "log"}};
+				UI_WebSocketClientServer()->RegisterNotifications(Notifications);
+			}
 		}
-	}
+    }
+
+    void MicroService::SetConsoleLogs(bool UseAsync, bool DisableWebSocketLogging, const std::string & FormatterPattern) {
+
+        Poco::AutoPtr<Poco::ConsoleChannel> Console(new Poco::ConsoleChannel);
+        Poco::AutoPtr<Poco::PatternFormatter> Formatter(new Poco::PatternFormatter);
+        Formatter->setProperty("pattern", FormatterPattern);
+        Poco::AutoPtr<Poco::FormattingChannel> FormattingChannel(new Poco::FormattingChannel(Formatter, Console));
+
+        if(DisableWebSocketLogging) {
+            if(UseAsync) {
+                Poco::AutoPtr<Poco::AsyncChannel> Async(new Poco::AsyncChannel(FormattingChannel));
+                Poco::Logger::root().setChannel(Async);
+            } else {
+                Poco::Logger::root().setChannel(FormattingChannel);
+            }
+        } else {
+            Poco::AutoPtr<WebSocketLogger>			WSLogger(new WebSocketLogger);
+            Poco::AutoPtr<Poco::SplitterChannel>	Splitter(new Poco::SplitterChannel);
+            Splitter->addChannel(WSLogger);
+            Splitter->addChannel(FormattingChannel);
+            if(UseAsync) {
+                Poco::AutoPtr<Poco::AsyncChannel> Async(new Poco::AsyncChannel(Splitter));
+                Poco::Logger::root().setChannel(Async);
+            } else {
+                Poco::Logger::root().setChannel(Splitter);
+            }
+        }
+		Poco::Logger::root().information(fmt::format("Enabled console logs: asynch={} websocket={}",UseAsync,DisableWebSocketLogging));
+    }
+
+    void MicroService::SetColorConsoleLogs(bool UseAsync, bool DisableWebSocketLogging, const std::string & FormatterPattern) {
+
+        Poco::AutoPtr<Poco::ColorConsoleChannel> Console(new Poco::ColorConsoleChannel);
+        Poco::AutoPtr<Poco::PatternFormatter> Formatter(new Poco::PatternFormatter);
+        Formatter->setProperty("pattern", FormatterPattern);
+        Poco::AutoPtr<Poco::FormattingChannel> FormattingChannel(new Poco::FormattingChannel(Formatter, Console));
+
+        if(DisableWebSocketLogging) {
+            if(UseAsync) {
+                Poco::AutoPtr<Poco::AsyncChannel> Async(new Poco::AsyncChannel(FormattingChannel));
+                Poco::Logger::root().setChannel(Async);
+            } else {
+                Poco::Logger::root().setChannel(FormattingChannel);
+            }
+        } else {
+            Poco::AutoPtr<WebSocketLogger>			WSLogger(new WebSocketLogger);
+            Poco::AutoPtr<Poco::SplitterChannel>	Splitter(new Poco::SplitterChannel);
+            Splitter->addChannel(WSLogger);
+            Splitter->addChannel(FormattingChannel);
+            if(UseAsync) {
+                Poco::AutoPtr<Poco::AsyncChannel> Async(new Poco::AsyncChannel(Splitter));
+                Poco::Logger::root().setChannel(Async);
+            } else {
+                Poco::Logger::root().setChannel(Splitter);
+            }
+        }
+		Poco::Logger::root().information(fmt::format("Enabled color console logs: asynch={} websocket={}",UseAsync,DisableWebSocketLogging));
+    }
+
+    void MicroService::SetSQLLogs([[maybe_unused]] bool UseAsync,[[maybe_unused]]  bool DisableWebSocketLogging,[[maybe_unused]]  const std::string & FormatterPattern) {
+        //"CREATE TABLE T_POCO_LOG (Source VARCHAR, Name VARCHAR, ProcessId INTEGER, Thread VARCHAR, ThreadId INTEGER, Priority INTEGER, Text VARCHAR, DateTime DATE)"
+    }
+
+    void MicroService::SetSyslogLogs([[maybe_unused]] bool UseAsync,[[maybe_unused]]  bool DisableWebSocketLogging,[[maybe_unused]]  const std::string & FormatterPattern) {
+
+    }
+
+    void MicroService::SetFileLogs(bool UseAsync, bool DisableWebSocketLogging, const std::string & FormatterPattern, const std::string & root_env_var) {
+        std::string DefaultLogPath = fmt::format("${}/logs",root_env_var);
+        auto LoggingLocationDir = MicroService::instance().ConfigPath("logging.path", DefaultLogPath);
+        Poco::File      LD(LoggingLocationDir);
+        try {
+            if(!LD.exists()) {
+                LD.createDirectory();
+            }
+        } catch(const Poco::Exception &E) {
+            std::cout << "Cannot create " << LD.path() << "  Error: " << E.message() << std::endl;
+        }
+        auto LoggingLocationDirFilePattern = LoggingLocationDir + "/log";
+
+        Poco::AutoPtr<Poco::FileChannel> FileChannel(new Poco::FileChannel);
+        FileChannel->setProperty("rotation", "10 M");
+        FileChannel->setProperty("archive", "timestamp");
+        FileChannel->setProperty("purgeCount", "10");
+        FileChannel->setProperty("path", LoggingLocationDirFilePattern);
+
+        Poco::AutoPtr<Poco::PatternFormatter> Formatter(new Poco::PatternFormatter);
+        Formatter->setProperty("pattern", FormatterPattern);
+        Poco::AutoPtr<Poco::FormattingChannel> FormattingChannel(new Poco::FormattingChannel(Formatter, FileChannel));
+
+        if(DisableWebSocketLogging) {
+            if(UseAsync) {
+                Poco::AutoPtr<Poco::AsyncChannel> Async(new Poco::AsyncChannel(FormattingChannel));
+                Poco::Logger::root().setChannel(Async);
+            } else {
+                Poco::Logger::root().setChannel(FormattingChannel);
+            }
+        } else {
+            Poco::AutoPtr<WebSocketLogger>			WSLogger(new WebSocketLogger);
+            Poco::AutoPtr<Poco::SplitterChannel>	Splitter(new Poco::SplitterChannel);
+            Splitter->addChannel(WSLogger);
+            Splitter->addChannel(FormattingChannel);
+            if(UseAsync) {
+                Poco::AutoPtr<Poco::AsyncChannel> Async(new Poco::AsyncChannel(Splitter));
+                Poco::Logger::root().setChannel(Async);
+            } else {
+                Poco::Logger::root().setChannel(Splitter);
+            }
+        }
+		Poco::Logger::root().information(fmt::format("Enabled file logs: asynch={} websocket={}",UseAsync,DisableWebSocketLogging));
+    }
 
 	void DaemonPostInitialization(Poco::Util::Application &self);
 
@@ -590,15 +658,15 @@ namespace OpenWifi {
 			logger.notice(fmt::format("Starting {} version {}.",DAEMON_APP_NAME, Version()));
 
 			if(Poco::Net::Socket::supportsIPv6())
-				logger.information("System supports IPv6.");
+				poco_information(logger,"System supports IPv6.");
 			else
-				logger.information("System does NOT support IPv6.");
+				poco_information(logger,"System does NOT support IPv6.");
 
 			if (config().getBool("application.runAsDaemon", false)) {
-				logger.information("Starting as a daemon.");
+				poco_information(logger,"Starting as a daemon.");
 			}
 
-			logger.information(fmt::format("System ID set to {}",ID_));
+			poco_information(logger,fmt::format("System ID set to {}",ID_));
 			StartSubSystemServers();
 			waitForTerminationRequest();
 			StopSubSystemServers();
@@ -630,4 +698,15 @@ namespace OpenWifi {
 		}
 	}
 
+	void MicroService::DeleteOverrideConfiguration() {
+		Poco::File	F(DataDir_ + ExtraConfigurationFilename);
+
+		try {
+			if(F.exists())
+				F.remove();
+		} catch (...) {
+
+		}
+	}
+
 }

src/framework/MicroService.h

@@ -81,6 +81,8 @@ namespace OpenWifi {
 			// Logger_ = Poco::Logger::root().get("BASE-SVC");
 		}
 
+		inline static const char * ExtraConfigurationFilename = "/configuration_override.json";
+
 		inline void SaveConfig() { PropConfigurationFile_->save(ConfigFileName_); }
 		inline auto UpdateConfig() { return PropConfigurationFile_; }
 		inline bool NoAPISecurity() const { return NoAPISecurity_; }
@@ -151,9 +153,17 @@ namespace OpenWifi {
 		int main(const ArgVec &args) override;
         void InitializeLoggingSystem();
 
+		void DeleteOverrideConfiguration();
+
 		[[nodiscard]] std::string Sign(Poco::JWT::Token &T, const std::string &Algo);
 		void AddActivity(const std::string &Activity);
 
+        static void SetConsoleLogs(bool UseAsync, bool AllowWebSocket, const std::string & FormatterPattern);
+        static void SetColorConsoleLogs(bool UseAsync, bool AllowWebSocket, const std::string & FormatterPattern);
+        static void SetSQLLogs(bool UseAsync, bool AllowWebSocket, const std::string & FormatterPattern);
+        static void SetSyslogLogs(bool UseAsync, bool AllowWebSocket, const std::string & FormatterPattern);
+        static void SetFileLogs(bool UseAsync, bool AllowWebSocket, const std::string & FormatterPattern, const std::string & root_env_var);
+
 	  private:
 	    static MicroService         * instance_;
 		bool                        HelpRequested_ = false;

src/framework/MicroServiceErrorHandler.h

@@ -10,6 +10,7 @@
 #include "Poco/Net/NetException.h"
 #include "Poco/Net/SSLException.h"
 #include "Poco/JSON/Template.h"
+#include "Poco/JSON/JSONException.h"
 #include "Poco/Thread.h"
 
 namespace OpenWifi {
@@ -101,6 +102,48 @@ namespace OpenWifi {
 													  E.displayText(),
 													  E.message(),
 													  E.what()));
+			} catch (const Poco::TimeoutException &E) {
+				poco_error(App_.logger(), fmt::format("Poco::TimeoutException thr_name={} thr_id={} code={} text={} msg={} what={}",
+													  t_name, t_id, E.code(),
+													  E.displayText(),
+													  E.message(),
+													  E.what()));
+			} catch (const Poco::NoThreadAvailableException &E) {
+				poco_error(App_.logger(), fmt::format("Poco::NoThreadAvailableException thr_name={} thr_id={} code={} text={} msg={} what={}",
+													  t_name, t_id, E.code(),
+													  E.displayText(),
+													  E.message(),
+													  E.what()));
+			} catch (const Poco::OutOfMemoryException &E) {
+				poco_error(App_.logger(), fmt::format("Poco::OutOfMemoryException thr_name={} thr_id={} code={} text={} msg={} what={}",
+													  t_name, t_id, E.code(),
+													  E.displayText(),
+													  E.message(),
+													  E.what()));
+			} catch (const Poco::BadCastException &E) {
+				poco_error(App_.logger(), fmt::format("Poco::BadCastException thr_name={} thr_id={} code={} text={} msg={} what={}",
+													  t_name, t_id, E.code(),
+													  E.displayText(),
+													  E.message(),
+													  E.what()));
+			} catch (const Poco::DataException &E) {
+				poco_error(App_.logger(), fmt::format("Poco::DataException thr_name={} thr_id={} code={} text={} msg={} what={}",
+													  t_name, t_id, E.code(),
+													  E.displayText(),
+													  E.message(),
+													  E.what()));
+			} catch (const Poco::PoolOverflowException &E) {
+				poco_error(App_.logger(), fmt::format("Poco::PoolOverflowException thr_name={} thr_id={} code={} text={} msg={} what={}",
+													  t_name, t_id, E.code(),
+													  E.displayText(),
+													  E.message(),
+													  E.what()));
+			} catch (const Poco::SystemException &E) {
+				poco_error(App_.logger(), fmt::format("Poco::SystemException thr_name={} thr_id={} code={} text={} msg={} what={}",
+													  t_name, t_id, E.code(),
+													  E.displayText(),
+													  E.message(),
+													  E.what()));
 			} catch (const Poco::RuntimeException &E) {
 				poco_error(App_.logger(), fmt::format("Poco::RuntimeException thr_name={} thr_id={} code={} text={} msg={} what={}",
 													  t_name, t_id, E.code(),

src/framework/MicroServiceFuncs.cpp

@@ -114,4 +114,8 @@ namespace OpenWifi {
     std::string MicroServiceGetPublicAPIEndPoint() {
         return MicroService::instance().GetPublicAPIEndPoint();
     }
+
+	void MicroServiceDeleteOverrideConfiguration() {
+		return MicroService::instance().DeleteOverrideConfiguration();
+	}
 }