Purchased the Call Recordings module for ‘Easy Access’
Pretty straight forward apart from the DELETE button:
Can’t have operators to delete their recordings…
Have opened a ticket and the usual answers…
Can anyone advise on how to possibly remove that option?
Submit a Feature Request. It seems like a obvious thing you’d want to limit.
Support already stated: Can’t be done and I have asked for it to be added as a feature…
Our client won’t be able to use it otherwise
Perhaps a pragmatic work-around is to make the recording read-only for the asterisk user (same as the web user) in a postmonitor script ?
Hey dicko thank you,
will they still be able to listen to ?
What @dicko is saying, albeit in his own unique way , is that read access will allow you to listen to the call recordings.
Now, here is the rub, the asterisk user will not be able to delete a file it doesn’t have write permissions to directly even if ‘self inflicted’ , but because it is the owner of said file, it can but only after the kernel sends it an ‘exception’ it chooses to accept . Hopefully the http code will not be able to bypass that, but if it does, you will need to change either the ownership away from the asterisk user, or make it immutable but leave the Readable permission to the asterisk group/user , both of these require ‘privilege escalation’ which you can’t do in the post recording script
This topic was automatically closed 31 days after the last reply. New replies are no longer allowed.