Cisco Communications Manager (CUCM) VOIP Phone Info Web Application Server

jsteinberg1, updated 🕥 2023-01-06 04:56:54

Cisco VOIP Phone Info Web Application Server

The VOIP Phone Info server is a application that collects IP phone data from your Cisco VOIP environment.

The key features are:

Phone configuration data: Pulls high level configuration data (MAC/Description/Device Pool/etc) from Cisco Unified Communications Manager (CUCM) via AXL
Phone registration data: Pulls real-time registration data (IP address, firmware, registration time stamp, EM logins) from CUCM via Serviceability API
IP Phone webpage: Collects data (Serial number, CDP/LLDP neighbor info, ITL, Network info) by scraping the IP phone's internal web server
Multiple cluster support: supports integration with multiple CUCM clusters
Docker: Runs easily in Docker containers

Screenshots

Phone Info Page

Phone Info

Settings Page

Settings

Job Status Page

Job Status

Requirements

Python 3.7+ and/or Docker

CUCM Prerequisites

Create a new application user on your CUCM with the following roles:
Standard AXL API Access
Standard CCM Admin Users
Standard CCMAdmin Read Only
Standard SERVICEABILITY Read Only

Docker Installation

Install docker
clone/download CUCM Phone Info from github
Edit the Docker environment variables file docker-fastapi-variables.env in the project root folder. Create your own secret key and specify your timezone
run command below from terminal/command line

```console docker-compose up ```

First time setup info

This will start a HTTPS web server on port 8080
Login to https://localhost:8080/ with username 'localadmin' and password 'setup'
Configure your CUCM clusters on the server. The first CUCM server in the cluster will be used to authenticate future logins to the VOIP Phone Info server.
Perform manual sync on the Job Status tab
Set the scheduler to define the automatic update schedule
All persistent data is stored in the 'data' bind mount. A default self signed certificate is created the first time this application is run. You can replace the files in the 'data/cert' folder with CA signed certificates and then restart the containers.

Known issues & limitations

phone scraper script isn't perfect - If you notice some phone models not working, or missing data, please open an issue.
ITL status is populated based on the IP Phone webpage's 'status messages' page. Depending on the phone model and circumstances in the network/VOIP system, the phone may not have a ITL status listed on the 'status' page. This could happen if the phone has not downloaded the ITL/trust list in a while (for whatever reason). On initial run of the phonescraper within this application, you may have many phones that have a blank 'ITL' field. This application only updates the status of the 'ITL' field when there is some valid ITL message on the 'status' page. Assuming this application is left to run daily phonescrapes, over time the ITL value should become accurate, as this application will update the ITL field when it catches the phone's webpage reporting an ITL update (good or bad). Alternatively, you could reset all phones from CUCM and then run a phonescrape and it should collect ITL on most phones as they should update their ITL status on their 'status' webpage after reset.
testing, has only been tested against CUCM 11.5
schema files need to be updated with 12.5
no redundancy for CUCM, if the CUCM node in the first cluster is down, logins will fail.
The CUCM service account credentials are stored using symmetric encryption. You are responsible for limiting access to the 'data' bind mount directory.

Third-party software credits

This application was built using FastAPI for the backend and VueJS for the front end. This is my first application using both technologies, i'm sure there is room for alot of improvement.
Handsontable Non-Commercial License - this application is using the Handsontable non-commercial license. This application is for personal use. Please see (https://github.com/handsontable/handsontable/blob/develop/handsontable-non-commercial-license.pdf) for more information.
Phonescrape library originally from https://github.com/levensailor/phonescrape. Some modifications to parse additional data, support various models, and store results in object

Issues

Bump json5 and @vue/cli-service in /client

opened on 2023-01-06 04:56:53 by dependabot[bot]

Bumps json5 to 2.2.3 and updates ancestor dependencies json5, json5 and @vue/cli-service. These dependencies need to be updated together.

Updates json5 from 2.1.3 to 2.2.3

Release notes

Sourced from json5's releases.

v2.2.3

Fix: [email protected] is now the 'latest' release according to npm instead of v1.0.2. (#299)

v2.2.2

Fix: Properties with the name __proto__ are added to objects and arrays. (#199) This also fixes a prototype pollution vulnerability reported by Jonathan Gregson! (#295).

v2.2.1

Fix: Removed dependence on minimist to patch CVE-2021-44906. (#266)

v2.2.0

New: Accurate and documented TypeScript declarations are now included. There is no need to install @types/json5. (#236, #244)

Changelog

Sourced from json5's changelog.

v2.2.3 [code, diff]

Fix: [email protected] is now the 'latest' release according to npm instead of v1.0.2. (#299)

v2.2.2 [code, diff]

Fix: Properties with the name __proto__ are added to objects and arrays. (#199) This also fixes a prototype pollution vulnerability reported by Jonathan Gregson! (#295).

v2.2.1 [code, diff]

Fix: Removed dependence on minimist to patch CVE-2021-44906. (#266)

v2.2.0 [code, diff]

New: Accurate and documented TypeScript declarations are now included. There is no need to install @types/json5. (#236, #244)

Commits

c3a7524 2.2.3
94fd06d docs: update CHANGELOG for v2.2.3
3b8cebf docs(security): use GitHub security advisories
f0fd9e1 docs: publish a security policy
6a91a05 docs(template): bug -> bug report
14f8cb1 2.2.2
10cc7ca docs: update CHANGELOG for v2.2.2
7774c10 fix: add proto to objects and arrays
edde30a Readme: slight tweak to intro
97286f8 Improve example in readme
Additional commits viewable in compare view

Updates json5 from 1.0.1 to 2.2.3

Release notes

Sourced from json5's releases.

v2.2.3

Fix: [email protected] is now the 'latest' release according to npm instead of v1.0.2. (#299)

v2.2.2

Fix: Properties with the name __proto__ are added to objects and arrays. (#199) This also fixes a prototype pollution vulnerability reported by Jonathan Gregson! (#295).

v2.2.1

Fix: Removed dependence on minimist to patch CVE-2021-44906. (#266)

v2.2.0

New: Accurate and documented TypeScript declarations are now included. There is no need to install @types/json5. (#236, #244)

Changelog

Sourced from json5's changelog.

v2.2.3 [code, diff]

Fix: [email protected] is now the 'latest' release according to npm instead of v1.0.2. (#299)

v2.2.2 [code, diff]

Fix: Properties with the name __proto__ are added to objects and arrays. (#199) This also fixes a prototype pollution vulnerability reported by Jonathan Gregson! (#295).

v2.2.1 [code, diff]

Fix: Removed dependence on minimist to patch CVE-2021-44906. (#266)

v2.2.0 [code, diff]

New: Accurate and documented TypeScript declarations are now included. There is no need to install @types/json5. (#236, #244)

Commits

c3a7524 2.2.3
94fd06d docs: update CHANGELOG for v2.2.3
3b8cebf docs(security): use GitHub security advisories
f0fd9e1 docs: publish a security policy
6a91a05 docs(template): bug -> bug report
14f8cb1 2.2.2
10cc7ca docs: update CHANGELOG for v2.2.2
7774c10 fix: add proto to objects and arrays
edde30a Readme: slight tweak to intro
97286f8 Improve example in readme
Additional commits viewable in compare view

Updates @vue/cli-service from 4.3.1 to 5.0.8

Release notes

Sourced from @vue/cli-service's releases.

v5.0.8

:bug: Bug Fix

@vue/cli-service

0260e4d fix: add devServer.server.type to useHttps judgement (vuejs/vue-cli#7222)

@vue/cli-ui

07052c4 fix: Vue CLI UI graphql subscription server error, fixes vuejs/vue-cli#7221

v5.0.7

@vue/cli-service

#7202, [558dea2] fix: support devServer.server option, avoid deprecation warnings (@backrunner, @sodatea)

[beffe8a] fix: allow disabling progress plugin via devServer.client.progress

@vue/cli-ui

#7210 chore: upgrade to apollo-server-express 3.x

Committers: 2

BackRunner (@backrunner)

Haoqun Jiang (@sodatea)

v5.0.6

Fix compatibility with the upcoming Vue 2.7 (currently in alpha) and Vue Loader 15.10 (currently in beta).

In Vue 2.7, vue-template-compiler is no longer a required peer dependency. Rather, there's a new export under the main package as vue/compiler-sfc.

v5.0.5

:bug: Bug Fix

@vue/cli

#7167 fix(upgrade): prevent changing the structure of package.json file during upgrade (@blzsaa)

@vue/cli-service

#7023 fix: windows vue.config.mjs support (@xiaoxiangmoe)

@vue/cli-plugin-e2e-cypress

[697bb44] fix: should correctly resolve cypress bin path for Cypress 10 (Note that the project is still created with Cypress 9 by default, but you can upgrade to Cypress 10 on your own now)

Committers: 3

Martijn Jacobs (@maerteijn)

ZHAO Jinxiang (@xiaoxiangmoe)

@blzsaa

v5.0.4

:bug: Bug Fix

@vue/cli-service

#7005 Better handling of publicPath: 'auto' (@AndreiSoroka)

@vue/cli-shared-utils, @vue/cli-ui

75826d6 fix: replace node-ipc with @achrinza/node-ipc to further secure the dependency chain

Committers: 1

Andrei (@AndreiSoroka)

Haoqun Jiang (@sodatea)

v5.0.3

... (truncated)

Changelog

Sourced from @vue/cli-service's changelog.

5.0.7 (2022-07-05)

@vue/cli-service

#7202, [558dea2] fix: support devServer.server option, avoid deprecation warnings (@backrunner, @sodatea)

[beffe8a] fix: allow disabling progress plugin via devServer.client.progress

@vue/cli-ui

#7210 chore: upgrade to apollo-server-express 3.x

Committers: 2

BackRunner (@backrunner)

Haoqun Jiang (@sodatea)

5.0.6 (2022-06-16)

Fix compatibility with the upcoming Vue 2.7 (currently in alpha) and Vue Loader 15.10 (currently in beta).

In Vue 2.7, vue-template-compiler is no longer a required peer dependency. Rather, there's a new export under the main package as vue/compiler-sfc.

5.0.5 (2022-06-16)

:bug: Bug Fix

@vue/cli

#7167 feat(upgrade): prevent changing the structure of package.json file during upgrade (@blzsaa)

@vue/cli-service

#7023 fix: windows vue.config.mjs support (@xiaoxiangmoe)

Committers: 3

Martijn Jacobs (@maerteijn)

ZHAO Jinxiang (@xiaoxiangmoe)

@blzsaa

5.0.4 (2022-03-22)

:bug: Bug Fix

@vue/cli-service

#7005 Better handling of publicPath: 'auto' (@AndreiSoroka)

@vue/cli-shared-utils, @vue/cli-ui

75826d6 fix: replace node-ipc with @achrinza/node-ipc to further secure the dependency chain

Committers: 1

... (truncated)

Commits

b154dbd v5.0.8
0260e4d fix: add devServer.server.type to useHttps judgement (#7222)
4a0655f v5.0.7
beffe8a fix: allow disabling progress plugin via devServer.client.progress
558dea2 fix: support devServer.server option, avoid deprecation warning
bddd64d fix: optimize the judgment on whether HTTPS has been set in options (#7202)
ef08a08 v5.0.6
fcf27e3 fixup! fix: compatibility with Vue 2.7
a648958 fix: compatibility with Vue 2.7
98c66c9 v5.0.5
Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) - `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language - `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language - `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language - `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/jsteinberg1/CUCM-Phone-Info/network/alerts).

Bump express from 4.17.1 to 4.18.2 in /client

opened on 2022-12-12 16:24:17 by dependabot[bot]

Bumps express from 4.17.1 to 4.18.2.

Release notes

Sourced from express's releases.

4.18.2

Fix regression routing a large stack in a single route

deps: [email protected]

deps: [email protected]

perf: remove unnecessary object clone

deps: [email protected]

4.18.1

Fix hanging on large stack of sync routes

4.18.0

Add "root" option to res.download

Allow options without filename in res.download

Deprecate string and non-integer arguments to res.status

Fix behavior of null/undefined as maxAge in res.cookie

Fix handling very large stacks of sync middleware

Ignore Object.prototype values in settings through app.set/app.get

Invoke default with same arguments as types in res.format

Support proper 205 responses using res.send

Use http-errors for res.format error

deps: [email protected]

Fix error message for json parse whitespace in strict

Fix internal error when inflated body exceeds limit

Prevent loss of async hooks context

Prevent hanging when request already read

deps: [email protected]

deps: [email protected]

deps: [email protected]

deps: [email protected]

deps: [email protected]

deps: [email protected]

Add priority option

Fix expires option to reject invalid dates

deps: [email protected]

Replace internal eval usage with Function constructor

Use instance methods on process to check for listeners

deps: [email protected]

Remove set content headers that break response

deps: [email protected]

deps: [email protected]

deps: [email protected]

Prevent loss of async hooks context

deps: [email protected]

deps: [email protected]

Fix emitted 416 error missing headers property

Limit the headers removed for 304 response

deps: [email protected]

deps: [email protected]

deps: [email protected]

deps: [email protected]

... (truncated)

Changelog

Sourced from express's changelog.

4.18.2 / 2022-10-08

Fix regression routing a large stack in a single route

deps: [email protected]

deps: [email protected]

perf: remove unnecessary object clone

deps: [email protected]

4.18.1 / 2022-04-29

Fix hanging on large stack of sync routes

4.18.0 / 2022-04-25

Add "root" option to res.download

Allow options without filename in res.download

Deprecate string and non-integer arguments to res.status

Fix behavior of null/undefined as maxAge in res.cookie

Fix handling very large stacks of sync middleware

Ignore Object.prototype values in settings through app.set/app.get

Invoke default with same arguments as types in res.format

Support proper 205 responses using res.send

Use http-errors for res.format error

deps: [email protected]

Fix error message for json parse whitespace in strict

Fix internal error when inflated body exceeds limit

Prevent loss of async hooks context

Prevent hanging when request already read

deps: [email protected]

deps: [email protected]

deps: [email protected]

deps: [email protected]

deps: [email protected]

deps: [email protected]

Add priority option

Fix expires option to reject invalid dates

deps: [email protected]

Replace internal eval usage with Function constructor

Use instance methods on process to check for listeners

deps: [email protected]

Remove set content headers that break response

deps: [email protected]

deps: [email protected]

deps: [email protected]

Prevent loss of async hooks context

deps: [email protected]

deps: se[email protected]

... (truncated)

Commits

8368dc1 4.18.2
61f4049 docs: replace Freenode with Libera Chat
bb7907b build: [email protected]
f56ce73 build: [email protected]
24b3dc5 deps: [email protected]
689d175 deps: [email protected]
340be0f build: [email protected]
33e8dc3 docs: use Node.js name style
644f646 build: [email protected]
ecd7572 build: [email protected]
Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

Bump qs from 6.5.2 to 6.5.3 in /client

opened on 2022-12-11 04:27:40 by dependabot[bot]

Bumps qs from 6.5.2 to 6.5.3.

Changelog

Sourced from qs's changelog.

6.5.3

[Fix] parse: ignore __proto__ keys (#428)

[Fix] utils.merge: avoid a crash with a null target and a truthy non-array source

[Fix] correctly parse nested arrays

[Fix] stringify: fix a crash with strictNullHandling and a custom filter/serializeDate (#279)

[Fix] utils: merge: fix crash when source is a truthy primitive & no options are provided

[Fix] when parseArrays is false, properly handle keys ending in []

[Fix] fix for an impossible situation: when the formatter is called with a non-string value

[Fix] utils.merge: avoid a crash with a null target and an array source

[Refactor] utils: reduce observable [[Get]]s

[Refactor] use cached Array.isArray

[Refactor] stringify: Avoid arr = arr.concat(...), push to the existing instance (#269)

[Refactor] parse: only need to reassign the var once

[Robustness] stringify: avoid relying on a global undefined (#427)

[readme] remove travis badge; add github actions/codecov badges; update URLs

[Docs] Clean up license text so it’s properly detected as BSD-3-Clause

[Docs] Clarify the need for "arrayLimit" option

[meta] fix README.md (#399)

[meta] add FUNDING.yml

[actions] backport actions from main

[Tests] always use String(x) over x.toString()

[Tests] remove nonexistent tape option

[Dev Deps] backport from main

Commits

298bfa5 v6.5.3
ed0f5dc [Fix] parse: ignore __proto__ keys (#428)
691e739 [Robustness] stringify: avoid relying on a global undefined (#427)
1072d57 [readme] remove travis badge; add github actions/codecov badges; update URLs
12ac1c4 [meta] fix README.md (#399)
0338716 [actions] backport actions from main
5639c20 Clean up license text so it’s properly detected as BSD-3-Clause
51b8a0b add FUNDING.yml
45f6759 [Fix] fix for an impossible situation: when the formatter is called with a no...
f814a7f [Dev Deps] backport from main
Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

Bump certifi from 2020.4.5.1 to 2022.12.7

opened on 2022-12-08 09:45:38 by dependabot[bot]

Bumps certifi from 2020.4.5.1 to 2022.12.7.

Commits

9e9e840 2022.12.07
b81bdb2 2022.09.24
939a28f 2022.09.14
aca828a 2022.06.15.2
de0eae1 Only use importlib.resources's new files() / Traversable API on Python ≥3.11 ...
b8eb5e9 2022.06.15.1
47fb7ab Fix deprecation warning on Python 3.11 (#199)
b0b48e0 fixes #198 -- update link in license
9d514b4 2022.06.15
4151e88 Add py.typed to MANIFEST.in to package in sdist (#196)
Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

Bump decode-uri-component from 0.2.0 to 0.2.2 in /client

opened on 2022-12-06 00:40:54 by dependabot[bot]

Bumps decode-uri-component from 0.2.0 to 0.2.2.

Release notes

Sourced from decode-uri-component's releases.

v0.2.2

Prevent overwriting previously decoded tokens 980e0bf

https://github.com/SamVerschueren/decode-uri-component/compare/v0.2.1...v0.2.2

v0.2.1

Switch to GitHub workflows 76abc93

Fix issue where decode throws - fixes #6 746ca5d

Update license (#1) 486d7e2

Tidelift tasks a650457

Meta tweaks 66e1c28

https://github.com/SamVerschueren/decode-uri-component/compare/v0.2.0...v0.2.1

Commits

a0eea46 0.2.2
980e0bf Prevent overwriting previously decoded tokens
3c8a373 0.2.1
76abc93 Switch to GitHub workflows
746ca5d Fix issue where decode throws - fixes #6
486d7e2 Update license (#1)
a650457 Tidelift tasks
66e1c28 Meta tweaks
See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

Bump terser from 4.6.13 to 4.8.1 in /client

opened on 2022-07-21 01:26:51 by dependabot[bot]

Bumps terser from 4.6.13 to 4.8.1.

Changelog

Sourced from terser's changelog.

v4.8.1 (backport)

Security fix for RegExps that should not be evaluated (regexp DDOS)

v4.8.0

Support for numeric separators (million = 1_000_000) was added.

Assigning properties to a class is now assumed to be pure.

Fixed bug where yield wasn't considered a valid property key in generators.

v4.7.0

A bug was fixed where an arrow function would have the wrong size

arguments object is now considered safe to retrieve properties from (useful for length, or 0) even when pure_getters is not set.

Fixed erroneous const declarations without value (which is invalid) in some corner cases when using collapse_vars.

Commits

See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

jsteinberg1

GitHub Repository

callmanager cucm cisco axl-api voip-application cisco-unified-communications unified-communications cisco-callmanager