From 3ed97e6c18edf4f4f1462f5d019c7b00ca99d171 Mon Sep 17 00:00:00 2001
From: stephb9959 <stephane.bourque@gmail.com>
Date: Wed, 27 Sep 2023 22:37:06 -0700
Subject: [PATCH] https://telecominfraproject.atlassian.net/browse/WIFI-12954

Signed-off-by: stephb9959 <stephane.bourque@gmail.com>
---
 CMakeLists.txt                                |    9 +-
 build                                         |    2 +-
 openapi/radius_tunnels.yaml                   |  284 +++
 .../RESTAPI_radius_endpoint_handler.cpp       |   83 +
 src/RESTAPI/RESTAPI_radius_endpoint_handler.h |   33 +
 .../RESTAPI_radiusendpoint_list_handler.cpp   |   22 +
 .../RESTAPI_radiusendpoint_list_handler.h     |   29 +
 src/RESTAPI/RESTAPI_routers.cpp               |   10 +-
 src/RESTObjects/RESTAPI_ProvObjects.cpp       |  101 +
 src/RESTObjects/RESTAPI_ProvObjects.h         | 1620 +++++++++--------
 src/StorageService.cpp                        |   12 +-
 src/StorageService.h                          |    3 +
 src/sdks/SDK_gw.cpp                           |   35 +
 src/sdks/SDK_gw.h                             |    5 +
 src/storage/storage_radius_endpoints.cpp      |   83 +
 src/storage/storage_radius_endpoints.h        |   36 +
 16 files changed, 1609 insertions(+), 758 deletions(-)
 create mode 100644 openapi/radius_tunnels.yaml
 create mode 100644 src/RESTAPI/RESTAPI_radius_endpoint_handler.cpp
 create mode 100644 src/RESTAPI/RESTAPI_radius_endpoint_handler.h
 create mode 100644 src/RESTAPI/RESTAPI_radiusendpoint_list_handler.cpp
 create mode 100644 src/RESTAPI/RESTAPI_radiusendpoint_list_handler.h
 create mode 100644 src/storage/storage_radius_endpoints.cpp
 create mode 100644 src/storage/storage_radius_endpoints.h

diff --git a/CMakeLists.txt b/CMakeLists.txt
index 9264ccd8..86837a5f 100644
--- a/CMakeLists.txt
+++ b/CMakeLists.txt
@@ -209,7 +209,14 @@ add_executable(owprov
         src/ProvWebSocketClient.cpp src/ProvWebSocketClient.h
         src/Tasks/VenueRebooter.h src/Tasks/VenueUpgrade.h
         src/sdks/SDK_fms.cpp src/sdks/SDK_fms.h
-        src/RESTAPI/RESTAPI_overrides_handler.cpp src/RESTAPI/RESTAPI_overrides_handler.h src/OpenRoamin_GlobalReach.cpp src/OpenRoamin_GlobalReach.h src/storage/storage_glblraccounts.cpp src/storage/storage_glblraccounts.h src/storage/storage_glblrcerts.cpp src/storage/storage_glblrcerts.h src/RESTAPI/RESTAPI_openroaming_gr_list_acct_handler.cpp src/RESTAPI/RESTAPI_openroaming_gr_list_acct_handler.h src/RESTAPI/RESTAPI_openroaming_gr_acct_handler.cpp src/RESTAPI/RESTAPI_openroaming_gr_acct_handler.h src/RESTAPI/RESTAPI_openroaming_gr_list_certificates.cpp src/RESTAPI/RESTAPI_openroaming_gr_list_certificates.h src/RESTAPI/RESTAPI_openroaming_gr_cert_handler.cpp src/RESTAPI/RESTAPI_openroaming_gr_cert_handler.h src/RESTAPI/RESTAPI_openroaming_orion_list_acct_handler.cpp src/RESTAPI/RESTAPI_openroaming_orion_list_acct_handler.h src/RESTAPI/RESTAPI_openroaming_orion_acct_handler.cpp src/RESTAPI/RESTAPI_openroaming_orion_acct_handler.h src/storage/storage_orion_accounts.cpp src/storage/storage_orion_accounts.h)
+        src/RESTAPI/RESTAPI_overrides_handler.cpp src/RESTAPI/RESTAPI_overrides_handler.h src/OpenRoamin_GlobalReach.cpp src/OpenRoamin_GlobalReach.h src/storage/storage_glblraccounts.cpp src/storage/storage_glblraccounts.h src/storage/storage_glblrcerts.cpp src/storage/storage_glblrcerts.h src/RESTAPI/RESTAPI_openroaming_gr_list_acct_handler.cpp src/RESTAPI/RESTAPI_openroaming_gr_list_acct_handler.h src/RESTAPI/RESTAPI_openroaming_gr_acct_handler.cpp src/RESTAPI/RESTAPI_openroaming_gr_acct_handler.h src/RESTAPI/RESTAPI_openroaming_gr_list_certificates.cpp src/RESTAPI/RESTAPI_openroaming_gr_list_certificates.h src/RESTAPI/RESTAPI_openroaming_gr_cert_handler.cpp src/RESTAPI/RESTAPI_openroaming_gr_cert_handler.h src/RESTAPI/RESTAPI_openroaming_orion_list_acct_handler.cpp src/RESTAPI/RESTAPI_openroaming_orion_list_acct_handler.h src/RESTAPI/RESTAPI_openroaming_orion_acct_handler.cpp src/RESTAPI/RESTAPI_openroaming_orion_acct_handler.h src/storage/storage_orion_accounts.cpp src/storage/storage_orion_accounts.h
+        src/storage/storage_radius_endpoints.cpp
+        src/storage/storage_radius_endpoints.h
+        src/RESTAPI/RESTAPI_radiusendpoint_list_handler.cpp
+        src/RESTAPI/RESTAPI_radiusendpoint_list_handler.h
+        src/RESTAPI/RESTAPI_radius_endpoint_handler.cpp
+        src/RESTAPI/RESTAPI_radius_endpoint_handler.h
+)
 
 target_link_libraries(owprov PUBLIC
         ${Poco_LIBRARIES}
diff --git a/build b/build
index 1758dddc..d2e1cefe 100644
--- a/build
+++ b/build
@@ -1 +1 @@
-32
\ No newline at end of file
+44
\ No newline at end of file
diff --git a/openapi/radius_tunnels.yaml b/openapi/radius_tunnels.yaml
new file mode 100644
index 00000000..01c6476e
--- /dev/null
+++ b/openapi/radius_tunnels.yaml
@@ -0,0 +1,284 @@
+openapi: 3.0.1
+info:
+  title: OpenWiFi RADIUS Resource Model
+  description: Definitions and APIs to manage RADIUS Resources.
+  version: 1.0.0
+  license:
+    name: BSD3
+    url: https://github.com/Telecominfraproject/wlan-cloud-ucentralgw/blob/master/LICENSE
+
+servers:
+  - url: 'https://localhost:16005/api/v1'
+
+security:
+  - bearerAuth: []
+  - ApiKeyAuth: []
+
+components:
+  securitySchemes:
+    ApiKeyAuth:
+      type: apiKey
+      in: header
+      name: X-API-KEY
+    bearerAuth:
+      type: http
+      scheme: bearer
+      bearerFormat: JWT
+
+  responses:
+    NotFound:
+      $ref: 'https://github.com/Telecominfraproject/wlan-cloud-ucentralsec/blob/main/openpapi/owsec.yaml#/components/responses/NotFound'
+    Unauthorized:
+      $ref: 'https://github.com/Telecominfraproject/wlan-cloud-ucentralsec/blob/main/openpapi/owsec.yaml#/components/responses/Unauthorized'
+    Success:
+      $ref: 'https://github.com/Telecominfraproject/wlan-cloud-ucentralsec/blob/main/openpapi/owsec.yaml#/components/responses/Success'
+    BadRequest:
+      $ref: 'https://github.com/Telecominfraproject/wlan-cloud-ucentralsec/blob/main/openpapi/owsec.yaml#/components/responses/BadRequest'
+
+  schemas:
+
+    RADIUSServer:
+      type: object
+      properties:
+        Hostname:
+          type: string
+        IP:
+          type: string
+        Port:
+          type: integer
+          format: int32
+        Secret:
+          type: string
+
+    RADIUSEndPointRadiusType:
+      type: object
+      properties:
+        Authentication:
+          $ref: '#/components/schemas/RADIUSServer'
+        Accounting:
+          $ref: '#/components/schemas/RADIUSServer'
+        CoA:
+          $ref: '#/components/schemas/RADIUSServer'
+        AccountingInterval:
+          type: integer
+          format: int32
+
+    RADIUSEndPointRadsecType:
+      type: object
+      properties:
+        Hostname:
+          type: string
+        IP:
+          type: string
+        Port:
+          type: string
+        Secret:
+          type: string
+          default: radsec
+        UseOpenRoamingAccount:
+          type: string
+          format: uuid
+        Weight:
+          type: integer
+          format: int32
+        Certificate:
+          type: string
+        PrivateKey:
+          type: string
+        CaCerts:
+          type: array
+          items:
+            type: string
+        AllowSelfSigned:
+          type: boolean
+          default: false
+        PoolType:
+          type: string
+          enum:
+            - globalreach
+            - orion
+            - generic
+
+    RADIUSEndPoint:
+      type: object
+      properties:
+        allOf:
+          $ref: 'https://github.com/Telecominfraproject/wlan-cloud-owprov/blob/main/openpapi/owprov.yaml#/components/schemas/ObjectInfo'
+        Type:
+          type: string
+          enum:
+            - radius
+            - radsec
+          default: radius
+        RadsecServers:
+          type: array
+          items:
+            $ref: '#/components/schemas/RADIUSEndPointRadsecType'
+        RadiusServers:
+          type: array
+          items:
+            $ref: '#/components/schemas/RADIUSEndPointRadiusType'
+        PoolStrategy:
+          type: string
+          enum:
+            - none
+            - weighted
+            - random
+        UseGWProxy:
+          type: boolean
+          default: true
+        Index:
+          type: string
+          example:
+            - 0.0.1.0: a ficticious IP address that should begin with 0.0. ...
+        UsedBy:
+          type: array
+          description: list of configuration using this endpoint
+          items:
+            type: string
+            format: uuid
+
+paths:
+  /RADIUSEndPoints:
+    get:
+      tags:
+        - RADIUS Endpoints
+      operationId: getRADIUSEndPoints
+      summary: Retrieve the lists of RADIUSendPoints
+      parameters:
+        - in: query
+          description: Pagination start (starts at 1. If not specified, 1 is assumed)
+          name: offset
+          schema:
+          type: integer
+          required: false
+        - in: query
+          description: Maximum number of entries to return (if absent, no limit is assumed)
+          name: limit
+          schema:
+          type: integer
+          required: false
+        - in: query
+          description: return the number of certificates
+          name: countOnly
+          schema:
+          type: boolean
+          required: false
+      responses:
+        200:
+          description: The list of endpoints
+          content:
+            application/json:
+              schema:
+                type: array
+                items:
+                  $ref: '#/components/schemas/RADIUSEndPoint'
+        400:
+          $ref: '#/components/responses/BadRequest'
+        403:
+          $ref: '#/components/responses/Unauthorized'
+        404:
+          $ref: '#/components/responses/NotFound'
+
+  /RADIUSEndPoint/{id}:
+    get:
+      tags:
+        - RADIUS Endpoints
+      operationId: getRADIUSEndPoint
+      summary: Retrieve a RADIUSendPoint
+      parameters:
+        - in: path
+          name: id
+          schema:
+            type: string
+            format: uuid
+          required: true
+      responses:
+        200:
+          description: The endpoint
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/RADIUSEndPoint'
+        400:
+          $ref: '#/components/responses/BadRequest'
+        403:
+          $ref: '#/components/responses/Unauthorized'
+        404:
+          $ref: '#/components/responses/NotFound'
+
+    delete:
+      tags:
+        - RADIUS Endpoints
+      operationId: deleteRADIUSEndPoint
+      summary: Delete a RADIUSendPoint
+      parameters:
+        - in: path
+          name: id
+          schema:
+            type: string
+            format: uuid
+          required: true
+      responses:
+        200:
+          $ref: '#/components/responses/Success'
+        400:
+          $ref: '#/components/responses/BadRequest'
+        403:
+          $ref: '#/components/responses/Unauthorized'
+        404:
+          $ref: '#/components/responses/NotFound'
+
+    post:
+      tags:
+        - RADIUS Endpoints
+      operationId: createRADIUSEndPoint
+      summary: Create a RADIUSendPoint
+      parameters:
+        - in: path
+          name: id
+          schema:
+            type: string
+            format: uuid
+          required: true
+      requestBody:
+        content:
+          application/json:
+            schema:
+              $ref: '#/components/schemas/RADIUSEndPoint'
+      responses:
+        200:
+          $ref: '#/components/schemas/RADIUSEndPoint'
+        400:
+          $ref: '#/components/responses/BadRequest'
+        403:
+          $ref: '#/components/responses/Unauthorized'
+        404:
+          $ref: '#/components/responses/NotFound'
+
+    put:
+      tags:
+        - RADIUS Endpoints
+      operationId: modifyRADIUSEndPoint
+      summary: Modify a RADIUSendPoint
+      parameters:
+        - in: path
+          name: id
+          schema:
+            type: string
+            format: uuid
+          required: true
+      requestBody:
+        content:
+          application/json:
+            schema:
+              $ref: '#/components/schemas/RADIUSEndPoint'
+      responses:
+        200:
+          $ref: '#/components/schemas/RADIUSEndPoint'
+        400:
+          $ref: '#/components/responses/BadRequest'
+        403:
+          $ref: '#/components/responses/Unauthorized'
+        404:
+          $ref: '#/components/responses/NotFound'
diff --git a/src/RESTAPI/RESTAPI_radius_endpoint_handler.cpp b/src/RESTAPI/RESTAPI_radius_endpoint_handler.cpp
new file mode 100644
index 00000000..36f42efc
--- /dev/null
+++ b/src/RESTAPI/RESTAPI_radius_endpoint_handler.cpp
@@ -0,0 +1,83 @@
+//
+// Created by stephane bourque on 2023-09-27.
+//
+
+#include "RESTAPI_radius_endpoint_handler.h"
+
+namespace OpenWifi {
+    void RESTAPI_radius_endpoint_handler::DoGet() {
+        auto id = GetBinding("id");
+        if(id.empty()) {
+            return BadRequest(RESTAPI::Errors::MissingAuthenticationInformation);
+        }
+
+        RecordType Record;
+        if(DB_.GetRecord("id",id,Record)) {
+            return ReturnObject(Record);
+        }
+
+        return NotFound();
+    }
+
+    void RESTAPI_radius_endpoint_handler::DoDelete() {
+        auto id = GetBinding("id");
+        if(id.empty()) {
+            return BadRequest(RESTAPI::Errors::MissingAuthenticationInformation);
+        }
+        RecordType Record;
+        if(DB_.GetRecord("id",id,Record)) {
+            DB_.DeleteRecord("id",id);
+            return OK();
+        }
+        return NotFound();
+    }
+
+    void RESTAPI_radius_endpoint_handler::DoPost() {
+        auto id = GetBinding("id");
+        if(id.empty()) {
+            return BadRequest(RESTAPI::Errors::MissingAuthenticationInformation);
+        }
+
+        const auto &RawObject = ParsedBody_;
+        RecordType     NewRecord;
+        if(!NewRecord.from_json(RawObject)) {
+            return BadRequest(RESTAPI::Errors::InvalidJSONDocument);
+        }
+
+        ProvObjects::CreateObjectInfo(RawObject,UserInfo_.userinfo,NewRecord.info);
+        if(DB_.CreateRecord(NewRecord)) {
+            RecordType  AddedRecord;
+            DB_.GetRecord("id", NewRecord.info.id, AddedRecord);
+            return ReturnObject(AddedRecord);
+        }
+        return BadRequest(RESTAPI::Errors::RecordNotCreated);
+    }
+
+    void RESTAPI_radius_endpoint_handler::DoPut() {
+        auto id = GetBinding("id");
+        if(id.empty()) {
+            return BadRequest(RESTAPI::Errors::MissingAuthenticationInformation);
+        }
+
+        const auto &RawObject = ParsedBody_;
+        RecordType     ModifiedRecord;
+        if(!ModifiedRecord.from_json(RawObject)) {
+            return BadRequest(RESTAPI::Errors::InvalidJSONDocument);
+        }
+
+        RecordType     Existing;
+        if(!DB_.GetRecord("id",id,Existing)) {
+            return NotFound();
+        }
+
+        ProvObjects::UpdateObjectInfo(RawObject, UserInfo_.userinfo, Existing.info);
+        if(DB_.UpdateRecord("id", Existing.info.id, Existing)) {
+            RecordType  AddedRecord;
+            DB_.GetRecord("id", Existing.info.id, AddedRecord);
+            return ReturnObject(AddedRecord);
+        }
+
+        return BadRequest(RESTAPI::Errors::NotImplemented);
+    }
+
+} // OpenWifi
\ No newline at end of file
diff --git a/src/RESTAPI/RESTAPI_radius_endpoint_handler.h b/src/RESTAPI/RESTAPI_radius_endpoint_handler.h
new file mode 100644
index 00000000..9512ad3d
--- /dev/null
+++ b/src/RESTAPI/RESTAPI_radius_endpoint_handler.h
@@ -0,0 +1,33 @@
+//
+// Created by stephane bourque on 2023-09-27.
+//
+
+#pragma once
+#include "StorageService.h"
+#include "framework/RESTAPI_Handler.h"
+
+namespace OpenWifi {
+    class RESTAPI_radius_endpoint_handler : public RESTAPIHandler {
+    public:
+        RESTAPI_radius_endpoint_handler(const RESTAPIHandler::BindingMap &bindings, Poco::Logger &L,
+                                            RESTAPI_GenericServerAccounting &Server, uint64_t TransactionId,
+                                            bool Internal)
+                : RESTAPIHandler(bindings, L,
+                                 std::vector<std::string>{Poco::Net::HTTPRequest::HTTP_GET,
+                                                          Poco::Net::HTTPRequest::HTTP_PUT,
+                                                          Poco::Net::HTTPRequest::HTTP_POST,
+                                                          Poco::Net::HTTPRequest::HTTP_DELETE,
+                                                          Poco::Net::HTTPRequest::HTTP_OPTIONS},
+                                 Server, TransactionId, Internal) {}
+        static auto PathName() { return std::list<std::string>{"/api/v1/RADIUSEndPoint/{id}"}; };
+
+    private:
+        using RecordType = ProvObjects::RADIUSEndPoint;
+        RadiusEndpointDB &DB_ = StorageService()->RadiusEndpointDB();
+        void DoGet() final;
+        void DoPost() final;
+        void DoPut() final;
+        void DoDelete() final;
+    };
+} // namespace OpenWifi
+
diff --git a/src/RESTAPI/RESTAPI_radiusendpoint_list_handler.cpp b/src/RESTAPI/RESTAPI_radiusendpoint_list_handler.cpp
new file mode 100644
index 00000000..59e013fc
--- /dev/null
+++ b/src/RESTAPI/RESTAPI_radiusendpoint_list_handler.cpp
@@ -0,0 +1,22 @@
+//
+// Created by stephane bourque on 2023-09-27.
+//
+
+#include "RESTAPI_radiusendpoint_list_handler.h"
+
+namespace OpenWifi {
+
+    void RESTAPI_radiusendpoint_list_handler::DoGet() {
+
+        if(QB_.CountOnly) {
+            return ReturnCountOnly(DB_.Count());
+        }
+
+        std::vector<ProvObjects::RADIUSEndPoint>    Records;
+        if(DB_.GetRecords(QB_.Offset,QB_.Limit,Records)) {
+            return ReturnObject(Records);
+        }
+        return NotFound();
+    }
+
+} // OpenWifi
\ No newline at end of file
diff --git a/src/RESTAPI/RESTAPI_radiusendpoint_list_handler.h b/src/RESTAPI/RESTAPI_radiusendpoint_list_handler.h
new file mode 100644
index 00000000..1b6a5002
--- /dev/null
+++ b/src/RESTAPI/RESTAPI_radiusendpoint_list_handler.h
@@ -0,0 +1,29 @@
+//
+// Created by stephane bourque on 2023-09-27.
+//
+
+#pragma once
+#include "StorageService.h"
+#include "framework/RESTAPI_Handler.h"
+
+namespace OpenWifi {
+    class RESTAPI_radiusendpoint_list_handler : public RESTAPIHandler {
+    public:
+        RESTAPI_radiusendpoint_list_handler(const RESTAPIHandler::BindingMap &bindings, Poco::Logger &L,
+                                                 RESTAPI_GenericServerAccounting &Server, uint64_t TransactionId,
+                                                 bool Internal)
+                : RESTAPIHandler(bindings, L,
+                                 std::vector<std::string>{Poco::Net::HTTPRequest::HTTP_GET,
+                                                          Poco::Net::HTTPRequest::HTTP_OPTIONS},
+                                 Server, TransactionId, Internal) {}
+        static auto PathName() { return std::list<std::string>{"/api/v1/RADIUSEndPoints"}; };
+
+    private:
+        RadiusEndpointDB &DB_ = StorageService()->RadiusEndpointDB();
+        void DoGet() final;
+        void DoPost() final{};
+        void DoPut() final{};
+        void DoDelete() final{};
+    };
+} // namespace OpenWifi
+
diff --git a/src/RESTAPI/RESTAPI_routers.cpp b/src/RESTAPI/RESTAPI_routers.cpp
index 62ba3bb3..6bd3e675 100644
--- a/src/RESTAPI/RESTAPI_routers.cpp
+++ b/src/RESTAPI/RESTAPI_routers.cpp
@@ -41,6 +41,8 @@
 #include "RESTAPI/RESTAPI_openroaming_gr_list_certificates.h"
 #include "RESTAPI/RESTAPI_openroaming_orion_acct_handler.h"
 #include "RESTAPI/RESTAPI_openroaming_orion_list_acct_handler.h"
+#include "RESTAPI/RESTAPI_radiusendpoint_list_handler.h"
+#include "RESTAPI/RESTAPI_radius_endpoint_handler.h"
 
 #include "framework/RESTAPI_SystemCommand.h"
 #include "framework/RESTAPI_WebSocketServer.h"
@@ -69,7 +71,8 @@ namespace OpenWifi {
 			RESTAPI_op_location_list_handler, RESTAPI_asset_server, RESTAPI_overrides_handler,
             RESTAPI_openroaming_gr_acct_handler, RESTAPI_openroaming_gr_list_acct_handler,
             RESTAPI_openroaming_gr_cert_handler, RESTAPI_openroaming_gr_list_certificates,
-            RESTAPI_openroaming_orion_acct_handler, RESTAPI_openroaming_orion_list_acct_handler>(
+            RESTAPI_openroaming_orion_acct_handler, RESTAPI_openroaming_orion_list_acct_handler,
+            RESTAPI_radiusendpoint_list_handler, RESTAPI_radius_endpoint_handler>(
 			Path, Bindings, L, S, TransactionId);
 	}
 
@@ -94,7 +97,8 @@ namespace OpenWifi {
 			RESTAPI_op_location_list_handler, RESTAPI_overrides_handler,
             RESTAPI_openroaming_gr_acct_handler, RESTAPI_openroaming_gr_list_acct_handler,
             RESTAPI_openroaming_gr_cert_handler, RESTAPI_openroaming_gr_list_certificates,
-            RESTAPI_openroaming_orion_acct_handler, RESTAPI_openroaming_orion_list_acct_handler>(Path, Bindings, L, S,
-																		 TransactionId);
+            RESTAPI_openroaming_orion_acct_handler, RESTAPI_openroaming_orion_list_acct_handler,
+            RESTAPI_radiusendpoint_list_handler, RESTAPI_radius_endpoint_handler>(
+                    Path, Bindings, L, S,TransactionId);
 	}
 } // namespace OpenWifi
\ No newline at end of file
diff --git a/src/RESTObjects/RESTAPI_ProvObjects.cpp b/src/RESTObjects/RESTAPI_ProvObjects.cpp
index c2166eb2..85129c43 100644
--- a/src/RESTObjects/RESTAPI_ProvObjects.cpp
+++ b/src/RESTObjects/RESTAPI_ProvObjects.cpp
@@ -1278,5 +1278,106 @@ namespace OpenWifi::ProvObjects {
         return false;
     }
 
+    void RADIUSServer::to_json(Poco::JSON::Object &Obj) const {
+        field_to_json(Obj, "Hostname", Hostname);
+        field_to_json(Obj, "IP", IP);
+        field_to_json(Obj, "Port", Port);
+        field_to_json(Obj, "Secret", Secret);
+    }
+
+    bool RADIUSServer::from_json(const Poco::JSON::Object::Ptr &Obj) {
+        try {
+            field_from_json(Obj, "Hostname", Hostname);
+            field_from_json(Obj, "IP", IP);
+            field_from_json(Obj, "Port", Port);
+            field_from_json(Obj, "Secret", Secret);
+            return true;
+        } catch (const Poco::Exception &E) {
+
+        }
+        return false;
+    }
+
+    void RADIUSEndPointRadiusType::to_json(Poco::JSON::Object &Obj) const {
+        field_to_json(Obj, "Authentication", Authentication);
+        field_to_json(Obj, "Accounting", Accounting);
+        field_to_json(Obj, "CoA", CoA);
+        field_to_json(Obj, "AccountingInterval", AccountingInterval);
+    }
+
+    bool RADIUSEndPointRadiusType::from_json(const Poco::JSON::Object::Ptr &Obj) {
+        try {
+            field_from_json(Obj, "Authentication", Authentication);
+            field_from_json(Obj, "Accounting", Accounting);
+            field_from_json(Obj, "CoA", CoA);
+            field_from_json(Obj, "AccountingInterval", AccountingInterval);
+            return true;
+        } catch (const Poco::Exception &E) {
+
+        }
+        return false;
+    }
+
+    void RADIUSEndPointRadsecType::to_json(Poco::JSON::Object &Obj) const {
+        field_to_json(Obj, "Authentication", Hostname);
+        field_to_json(Obj, "Accounting", IP);
+        field_to_json(Obj, "CoA", Port);
+        field_to_json(Obj, "AccountingInterval", Secret);
+        field_to_json(Obj, "OpenRoamingType", OpenRoamingType);
+        field_to_json(Obj, "UseOpenRoamingAccount", UseOpenRoamingAccount);
+        field_to_json(Obj, "Weight", Weight);
+        field_to_json(Obj, "Certificate", Certificate);
+        field_to_json(Obj, "PrivateKey", PrivateKey);
+        field_to_json(Obj, "CaCerts", CaCerts);
+        field_to_json(Obj, "AllowSelfSigned", AllowSelfSigned);
+    }
+
+    bool RADIUSEndPointRadsecType::from_json(const Poco::JSON::Object::Ptr &Obj) {
+        try {
+            field_from_json(Obj, "Authentication", Hostname);
+            field_from_json(Obj, "Accounting", IP);
+            field_from_json(Obj, "CoA", Port);
+            field_from_json(Obj, "AccountingInterval", Secret);
+            field_from_json(Obj, "OpenRoamingType", OpenRoamingType);
+            field_from_json(Obj, "UseOpenRoamingAccount", UseOpenRoamingAccount);
+            field_from_json(Obj, "Weight", Weight);
+            field_from_json(Obj, "Certificate", Certificate);
+            field_from_json(Obj, "PrivateKey", PrivateKey);
+            field_from_json(Obj, "CaCerts", CaCerts);
+            field_from_json(Obj, "AllowSelfSigned", AllowSelfSigned);
+            return true;
+        } catch (const Poco::Exception &E) {
+
+        }
+        return false;
+    }
+
+    void RADIUSEndPoint::to_json(Poco::JSON::Object &Obj) const {
+        info.to_json(Obj);
+        field_to_json(Obj, "Type", Type);
+        field_to_json(Obj, "RadsecServers", RadsecServers);
+        field_to_json(Obj, "RadiusServers", RadiusServers);
+        field_to_json(Obj, "PoolStrategy", PoolStrategy);
+        field_to_json(Obj, "Index", Index);
+        field_to_json(Obj, "UsedBy", UsedBy);
+        field_to_json(Obj, "UseGWProxy", UseGWProxy);
+    }
+
+    bool RADIUSEndPoint::from_json(const Poco::JSON::Object::Ptr &Obj) {
+        try {
+            info.from_json(Obj);
+            field_from_json(Obj, "Type", Type);
+            field_from_json(Obj, "RadsecServers", RadsecServers);
+            field_from_json(Obj, "RadiusServers", RadiusServers);
+            field_from_json(Obj, "PoolStrategy", PoolStrategy);
+            field_from_json(Obj, "Index", Index);
+            field_from_json(Obj, "UsedBy", UsedBy);
+            field_from_json(Obj, "UseGWProxy", UseGWProxy);
+            return true;
+        } catch (const Poco::Exception &E) {
+
+        }
+        return false;
+    }
 
 } // namespace OpenWifi::ProvObjects
diff --git a/src/RESTObjects/RESTAPI_ProvObjects.h b/src/RESTObjects/RESTAPI_ProvObjects.h
index 725b9cc9..7914f86e 100644
--- a/src/RESTObjects/RESTAPI_ProvObjects.h
+++ b/src/RESTObjects/RESTAPI_ProvObjects.h
@@ -12,775 +12,891 @@
 
 namespace OpenWifi::ProvObjects {
 
-	enum FIRMWARE_UPGRADE_RULES {
-		dont_upgrade,
-		upgrade_inherit,
-		upgrade_release_only,
-		upgrade_latest
-	};
-
-	struct ObjectInfo {
-		Types::UUID_t id;
-		std::string name;
-		std::string description;
-		SecurityObjects::NoteInfoVec notes;
-		uint64_t created = 0;
-		uint64_t modified = 0;
-		Types::TagList tags;
-
-		void to_json(Poco::JSON::Object &Obj) const;
-		bool from_json(const Poco::JSON::Object::Ptr &Obj);
-	};
-
-	struct SerialNumberList {
-		Types::UUIDvec_t serialNumbers;
-
-		void to_json(Poco::JSON::Object &Obj) const;
-		bool from_json(const Poco::JSON::Object::Ptr &Obj);
-	};
-
-	struct ManagementPolicyEntry {
-		Types::UUIDvec_t users;
-		Types::UUIDvec_t resources;
-		Types::StringVec access;
-		std::string policy;
-
-		void to_json(Poco::JSON::Object &Obj) const;
-		bool from_json(const Poco::JSON::Object::Ptr &Obj);
-	};
-
-	struct ManagementPolicy {
-		ObjectInfo info;
-		std::vector<ManagementPolicyEntry> entries;
-		Types::StringVec inUse;
-		Types::UUID_t entity;
-		Types::UUID_t venue;
-
-		void to_json(Poco::JSON::Object &Obj) const;
-		bool from_json(const Poco::JSON::Object::Ptr &Obj);
-	};
-	typedef std::vector<ManagementPolicy> ManagementPolicyVec;
-
-	struct RRMAlgorithmDetails {
-		std::string name;
-		std::string parameters;
-		void to_json(Poco::JSON::Object &Obj) const;
-		bool from_json(const Poco::JSON::Object::Ptr &Obj);
-	};
-
-	struct RRMDetails {
-		std::string vendor;
-		std::string schedule;
-		std::vector<RRMAlgorithmDetails> algorithms;
-		void to_json(Poco::JSON::Object &Obj) const;
-		bool from_json(const Poco::JSON::Object::Ptr &Obj);
-	};
-
-	struct DeviceRules {
-		std::string rcOnly{"inherit"};
-		std::string rrm{"inherit"};
-		std::string firmwareUpgrade{"inherit"};
-
-		void to_json(Poco::JSON::Object &Obj) const;
-		bool from_json(const Poco::JSON::Object::Ptr &Obj);
-	};
-
-	struct Entity {
-		ObjectInfo info;
-		Types::UUID_t parent;
-		Types::UUIDvec_t children;
-		Types::UUIDvec_t venues;
-		Types::UUIDvec_t contacts;	// all contacts associated in this entity
-		Types::UUIDvec_t locations; // all locations associated in this entity
-		Types::UUID_t managementPolicy;
-		Types::UUIDvec_t deviceConfiguration;
-		Types::UUIDvec_t devices;
-		DeviceRules deviceRules;
-		Types::StringVec sourceIP;
-		Types::UUIDvec_t variables;
-		Types::UUIDvec_t managementPolicies;
-		Types::UUIDvec_t managementRoles;
-		Types::UUIDvec_t maps;
-		Types::UUIDvec_t configurations;
-
-		void to_json(Poco::JSON::Object &Obj) const;
-		bool from_json(const Poco::JSON::Object::Ptr &Obj);
-	};
-	typedef std::vector<Entity> EntityVec;
-
-	struct DiGraphEntry {
-		Types::UUID_t parent;
-		Types::UUID_t child;
-
-		void to_json(Poco::JSON::Object &Obj) const;
-		bool from_json(const Poco::JSON::Object::Ptr &Obj);
-	};
-
-	typedef std::vector<DiGraphEntry> DiGraph;
-
-	struct Venue {
-		ObjectInfo info;
-		Types::UUID_t entity;
-		Types::UUID_t parent;
-		Types::UUIDvec_t children;
-		Types::UUID_t managementPolicy;
-		Types::UUIDvec_t devices;
-		DiGraph topology;
-		std::string design;
-		Types::UUIDvec_t deviceConfiguration;
-		Types::UUIDvec_t contacts;
-		std::string location;
-		DeviceRules deviceRules;
-		Types::StringVec sourceIP;
-		Types::UUIDvec_t variables;
-		Types::UUIDvec_t configurations;
-		Types::UUIDvec_t maps;
-		Types::UUIDvec_t managementPolicies;
-		Types::UUIDvec_t managementRoles;
-		Types::UUIDvec_t boards;
-
-		void to_json(Poco::JSON::Object &Obj) const;
-		bool from_json(const Poco::JSON::Object::Ptr &Obj);
-	};
-	typedef std::vector<Venue> VenueVec;
-
-	struct UserInfoDigest {
-		std::string id;
-		std::string loginId;
-		std::string userType;
-
-		void to_json(Poco::JSON::Object &Obj) const;
-		bool from_json(const Poco::JSON::Object::Ptr &Obj);
-	};
-
-	struct ManagementRole {
-		ObjectInfo info;
-		Types::UUID_t managementPolicy;
-		Types::UUIDvec_t users;
-		Types::StringVec inUse;
-		Types::UUID_t entity;
-		Types::UUID_t venue;
-
-		void to_json(Poco::JSON::Object &Obj) const;
-		bool from_json(const Poco::JSON::Object::Ptr &Obj);
-	};
-	typedef std::vector<ManagementRole> ManagementRoleVec;
-
-	enum LocationType {
-		LT_SERVICE,
-		LT_EQUIPMENT,
-		LT_AUTO,
-		LT_MANUAL,
-		LT_SPECIAL,
-		LT_UNKNOWN,
-		LT_CORPORATE
-	};
-
-	inline std::string to_string(LocationType L) {
-		switch (L) {
-		case LT_SERVICE:
-			return "SERVICE";
-		case LT_EQUIPMENT:
-			return "EQUIPMENT";
-		case LT_AUTO:
-			return "AUTO";
-		case LT_MANUAL:
-			return "MANUAL";
-		case LT_SPECIAL:
-			return "SPECIAL";
-		case LT_UNKNOWN:
-			return "UNKNOWN";
-		case LT_CORPORATE:
-			return "CORPORATE";
-		default:
-			return "UNKNOWN";
-		}
-	}
-
-	inline LocationType location_from_string(const std::string &S) {
-		if (!Poco::icompare(S, "SERVICE"))
-			return LT_SERVICE;
-		else if (!Poco::icompare(S, "EQUIPMENT"))
-			return LT_EQUIPMENT;
-		else if (!Poco::icompare(S, "AUTO"))
-			return LT_AUTO;
-		else if (!Poco::icompare(S, "MANUAL"))
-			return LT_MANUAL;
-		else if (!Poco::icompare(S, "SPECIAL"))
-			return LT_SPECIAL;
-		else if (!Poco::icompare(S, "UNKNOWN"))
-			return LT_UNKNOWN;
-		else if (!Poco::icompare(S, "CORPORATE"))
-			return LT_CORPORATE;
-		return LT_UNKNOWN;
-	}
-
-	struct Location {
-		ObjectInfo info;
-		LocationType type;
-		std::string buildingName;
-		Types::StringVec addressLines;
-		std::string city;
-		std::string state;
-		std::string postal;
-		std::string country;
-		Types::StringVec phones;
-		Types::StringVec mobiles;
-		std::string geoCode;
-		Types::StringVec inUse;
-		Types::UUID_t entity;
-		Types::UUID_t managementPolicy;
-
-		void to_json(Poco::JSON::Object &Obj) const;
-		bool from_json(const Poco::JSON::Object::Ptr &Obj);
-	};
-	typedef std::vector<Location> LocationVec;
-
-	struct OperatorLocation {
-		ObjectInfo info;
-		std::string type;
-		std::string buildingName;
-		Types::StringVec addressLines;
-		std::string city;
-		std::string state;
-		std::string postal;
-		std::string country;
-		Types::StringVec phones;
-		Types::StringVec mobiles;
-		std::string geoCode;
-		Types::UUID_t operatorId;
-		Types::UUID_t subscriberDeviceId;
-		Types::UUID_t managementPolicy;
-
-		void to_json(Poco::JSON::Object &Obj) const;
-		bool from_json(const Poco::JSON::Object::Ptr &Obj);
-	};
-	typedef std::vector<Location> LocationVec;
-
-	struct SubLocation {
-		std::string type;
-		std::string buildingName;
-		Types::StringVec addressLines;
-		std::string city;
-		std::string state;
-		std::string postal;
-		std::string country;
-		Types::StringVec phones;
-		Types::StringVec mobiles;
-		std::string geoCode;
-
-		void to_json(Poco::JSON::Object &Obj) const;
-		bool from_json(const Poco::JSON::Object::Ptr &Obj);
-	};
-
-	struct OperatorLocationList {
-		std::vector<OperatorLocation> locations;
-
-		void to_json(Poco::JSON::Object &Obj) const;
-		bool from_json(const Poco::JSON::Object::Ptr &Obj);
-	};
-
-	enum ContactType {
-		CT_SUBSCRIBER,
-		CT_USER,
-		CT_INSTALLER,
-		CT_CSR,
-		CT_MANAGER,
-		CT_BUSINESSOWNER,
-		CT_TECHNICIAN,
-		CT_CORPORATE,
-		CT_UNKNOWN
-	};
-
-	inline std::string to_string(ContactType L) {
-		switch (L) {
-		case CT_SUBSCRIBER:
-			return "SUBSCRIBER";
-		case CT_USER:
-			return "USER";
-		case CT_INSTALLER:
-			return "INSTALLER";
-		case CT_CSR:
-			return "CSR";
-		case CT_MANAGER:
-			return "MANAGER";
-		case CT_BUSINESSOWNER:
-			return "BUSINESSOWNER";
-		case CT_TECHNICIAN:
-			return "TECHNICIAN";
-		case CT_CORPORATE:
-			return "CORPORATE";
-		case CT_UNKNOWN:
-			return "UNKNOWN";
-		default:
-			return "UNKNOWN";
-		}
-	}
-
-	inline ContactType contact_from_string(const std::string &S) {
-		if (!Poco::icompare(S, "SUBSCRIBER"))
-			return CT_SUBSCRIBER;
-		else if (!Poco::icompare(S, "USER"))
-			return CT_USER;
-		else if (!Poco::icompare(S, "INSTALLER"))
-			return CT_INSTALLER;
-		else if (!Poco::icompare(S, "CSR"))
-			return CT_CSR;
-		else if (!Poco::icompare(S, "BUSINESSOWNER"))
-			return CT_BUSINESSOWNER;
-		else if (!Poco::icompare(S, "TECHNICIAN"))
-			return CT_TECHNICIAN;
-		else if (!Poco::icompare(S, "CORPORATE"))
-			return CT_CORPORATE;
-		else if (!Poco::icompare(S, "UNKNOWN"))
-			return CT_UNKNOWN;
-		return CT_UNKNOWN;
-	}
-
-	struct Contact {
-		ObjectInfo info;
-		ContactType type = CT_USER;
-		std::string title;
-		std::string salutation;
-		std::string firstname;
-		std::string lastname;
-		std::string initials;
-		std::string visual;
-		Types::StringVec mobiles;
-		Types::StringVec phones;
-		std::string primaryEmail;
-		std::string secondaryEmail;
-		std::string accessPIN;
-		Types::StringVec inUse;
-		Types::UUID_t entity;
-		Types::UUID_t managementPolicy;
-
-		void to_json(Poco::JSON::Object &Obj) const;
-		bool from_json(const Poco::JSON::Object::Ptr &Obj);
-	};
-	typedef std::vector<Contact> ContactVec;
-
-	struct OperatorContact {
-		ObjectInfo info;
-		std::string type;
-		std::string title;
-		std::string salutation;
-		std::string firstname;
-		std::string lastname;
-		std::string initials;
-		std::string visual;
-		Types::StringVec mobiles;
-		Types::StringVec phones;
-		std::string primaryEmail;
-		std::string secondaryEmail;
-		std::string accessPIN;
-		Types::UUID_t operatorId;
-		Types::UUID_t subscriberDeviceId;
-		Types::UUID_t managementPolicy;
-
-		void to_json(Poco::JSON::Object &Obj) const;
-		bool from_json(const Poco::JSON::Object::Ptr &Obj);
-	};
-
-	struct SubContact {
-		std::string type;
-		std::string title;
-		std::string salutation;
-		std::string firstname;
-		std::string lastname;
-		std::string initials;
-		std::string visual;
-		Types::StringVec mobiles;
-		Types::StringVec phones;
-		std::string primaryEmail;
-		std::string secondaryEmail;
-		std::string accessPIN;
-
-		void to_json(Poco::JSON::Object &Obj) const;
-		bool from_json(const Poco::JSON::Object::Ptr &Obj);
-	};
-
-	struct OperatorContactList {
-		std::vector<OperatorContact> contacts;
-
-		void to_json(Poco::JSON::Object &Obj) const;
-		bool from_json(const Poco::JSON::Object::Ptr &Obj);
-	};
-
-	typedef std::vector<OperatorContact> OperatorContactVec;
-
-	struct DeviceConfigurationElement {
-		std::string name;
-		std::string description;
-		uint64_t weight;
-		std::string configuration;
-
-		void to_json(Poco::JSON::Object &Obj) const;
-		bool from_json(const Poco::JSON::Object::Ptr &Obj);
-	};
-	typedef std::vector<DeviceConfigurationElement> DeviceConfigurationElementVec;
-
-	struct DeviceConfiguration {
-		ObjectInfo info;
-		Types::UUID_t managementPolicy;
-		Types::StringVec deviceTypes;
-		DeviceConfigurationElementVec configuration;
-		Types::StringVec inUse;
-		Types::UUIDvec_t variables;
-		DeviceRules deviceRules;
-		bool subscriberOnly = false;
-		std::string venue;
-		std::string entity;
-		std::string subscriber;
-
-		void to_json(Poco::JSON::Object &Obj) const;
-		bool from_json(const Poco::JSON::Object::Ptr &Obj);
-	};
-	typedef std::vector<DeviceConfiguration> DeviceConfigurationVec;
-
-	struct InventoryTag {
-		ObjectInfo info;
-		std::string serialNumber;
-		std::string venue;
-		std::string entity;
-		std::string subscriber;
-		std::string deviceType;
-		std::string qrCode;
-		std::string geoCode;
-		std::string location;
-		std::string contact;
-		std::string deviceConfiguration;
-		DeviceRules deviceRules;
-		Types::UUID_t managementPolicy;
-		std::string state;
-		std::string devClass;
-		std::string locale;
-		std::string realMacAddress;
-		bool doNotAllowOverrides = false;
-
-		void to_json(Poco::JSON::Object &Obj) const;
-		bool from_json(const Poco::JSON::Object::Ptr &Obj);
-	};
-
-	typedef std::vector<InventoryTag> InventoryTagVec;
-
-	struct InventoryTagList {
-		InventoryTagVec taglist;
-
-		void to_json(Poco::JSON::Object &Obj) const;
-		bool from_json(const Poco::JSON::Object::Ptr &Obj);
-	};
-
-	struct InventoryConfigApplyResult {
-		std::string appliedConfiguration;
-		Types::StringVec errors;
-		Types::StringVec warnings;
-		uint64_t errorCode;
-
-		void to_json(Poco::JSON::Object &Obj) const;
-		bool from_json(const Poco::JSON::Object::Ptr &Obj);
-	};
-
-	struct Report {
-		uint64_t snapShot = 0;
-		Types::CountedMap tenants;
-
-		void reset();
-		void to_json(Poco::JSON::Object &Obj) const;
-	};
-
-	struct ExpandedUseEntry {
-		std::string uuid;
-		std::string name;
-		std::string description;
-
-		void to_json(Poco::JSON::Object &Obj) const;
-		bool from_json(const Poco::JSON::Object::Ptr &Obj);
-	};
-
-	struct ExpandedUseEntryList {
-		std::string type;
-		std::vector<ExpandedUseEntry> entries;
-
-		void to_json(Poco::JSON::Object &Obj) const;
-		bool from_json(const Poco::JSON::Object::Ptr &Obj);
-	};
-
-	struct ExpandedUseEntryMapList {
-		std::vector<ExpandedUseEntryList> entries;
-
-		void to_json(Poco::JSON::Object &Obj) const;
-		bool from_json(const Poco::JSON::Object::Ptr &Obj);
-	};
-
-	struct UuidList {
-		Types::UUIDvec_t list;
-
-		void to_json(Poco::JSON::Object &Obj) const;
-		bool from_json(const Poco::JSON::Object::Ptr &Obj);
-	};
-
-	enum ACLACCESS { NONE = 0, READ = 1, MODIFY = 2, CREATE = 3, DELETE = 4 };
-
-	struct ObjectACL {
-		UuidList users;
-		UuidList roles;
-		uint64_t access = (uint64_t)NONE;
-
-		void to_json(Poco::JSON::Object &Obj) const;
-		bool from_json(const Poco::JSON::Object::Ptr &Obj);
-	};
-
-	struct ObjectACLList {
-		std::vector<ObjectACL> list;
-
-		void to_json(Poco::JSON::Object &Obj) const;
-		bool from_json(const Poco::JSON::Object::Ptr &Obj);
-	};
-
-	struct Map {
-		ObjectInfo info;
-		std::string data;
-		std::string entity;
-		std::string creator;
-		std::string visibility{"private"};
-		ObjectACLList access;
-		Types::UUID_t managementPolicy;
-		std::string venue;
-
-		void to_json(Poco::JSON::Object &Obj) const;
-		bool from_json(const Poco::JSON::Object::Ptr &Obj);
-	};
-
-	struct MapList {
-		std::vector<Map> list;
-
-		void to_json(Poco::JSON::Object &Obj) const;
-		bool from_json(const Poco::JSON::Object::Ptr &Obj);
-	};
-
-	enum SignupStatusCodes {
-		SignupCreated = 0,
-		SignupWaitingForEmail,
-		SignupWaitingForDevice,
-		SignupSuccess,
-		SignupFailure,
-		SignupCanceled,
-		SignupTimedOut
-	};
-
-	struct SignupEntry {
-		ObjectInfo info;
-		std::string email;
-		std::string userId;
-		std::string macAddress;
-		std::string serialNumber;
-		uint64_t submitted = 0;
-		uint64_t completed = 0;
-		std::string status;
-		uint64_t error = 0;
-		uint64_t statusCode = 0;
-		std::string deviceID;
-		std::string registrationId;
-		std::string operatorId;
-
-		void to_json(Poco::JSON::Object &Obj) const;
-		bool from_json(const Poco::JSON::Object::Ptr &Obj);
-	};
-
-	struct Variable {
-		std::string type;
-		uint64_t weight = 0;
-		std::string prefix;
-		std::string value;
-
-		void to_json(Poco::JSON::Object &Obj) const;
-		bool from_json(const Poco::JSON::Object::Ptr &Obj);
-	};
-
-	struct VariableList {
-		std::vector<Variable> variables;
-
-		void to_json(Poco::JSON::Object &Obj) const;
-		bool from_json(const Poco::JSON::Object::Ptr &Obj);
-	};
-
-	struct VariableBlock {
-		ObjectInfo info;
-		std::vector<Variable> variables;
-		std::string entity;
-		std::string venue;
-		std::string subscriber;
-		std::string inventory;
-		Types::UUIDvec_t configurations;
-		Types::UUID_t managementPolicy;
-
-		void to_json(Poco::JSON::Object &Obj) const;
-		bool from_json(const Poco::JSON::Object::Ptr &Obj);
-	};
-
-	struct VariableBlockList {
-		std::vector<VariableBlock> variableBlocks;
-
-		void to_json(Poco::JSON::Object &Obj) const;
-		bool from_json(const Poco::JSON::Object::Ptr &Obj);
-	};
-
-	struct Operator {
-		ObjectInfo info;
-		Types::UUID_t managementPolicy;
-		Types::UUIDvec_t managementRoles;
-		DeviceRules deviceRules;
-		std::vector<Variable> variables;
-		bool defaultOperator = false;
-		Types::StringVec sourceIP;
-		std::string registrationId;
-
-		void to_json(Poco::JSON::Object &Obj) const;
-		bool from_json(const Poco::JSON::Object::Ptr &Obj);
-	};
-
-	struct OperatorList {
-		std::vector<Operator> operators;
-
-		void to_json(Poco::JSON::Object &Obj) const;
-		bool from_json(const Poco::JSON::Object::Ptr &Obj);
-	};
-
-	struct VenueDeviceList {
-		std::string id;
-		std::string name;
-		std::string description;
-		Types::UUIDvec_t devices;
-
-		void to_json(Poco::JSON::Object &Obj) const;
-		bool from_json(const Poco::JSON::Object::Ptr &Obj);
-	};
-
-	struct ServiceClass {
-		ObjectInfo info;
-		Types::UUID_t operatorId;
-		Types::UUID_t managementPolicy;
-		double cost = 0.0;
-		std::string currency;
-		std::string period;
-		std::string billingCode;
-		std::vector<Variable> variables;
-		bool defaultService = false;
-
-		void to_json(Poco::JSON::Object &Obj) const;
-		bool from_json(const Poco::JSON::Object::Ptr &Obj);
-	};
-
-	struct ServiceClassList {
-		std::vector<ServiceClass> serviceClasses;
-
-		void to_json(Poco::JSON::Object &Obj) const;
-		bool from_json(const Poco::JSON::Object::Ptr &Obj);
-	};
-
-	struct ConfigurationDetails {
-		DeviceConfigurationElementVec configuration;
-		std::string rrm{"inherit"};
-		std::string firmwareUpgrade{"inherit"};
-		std::string firmwareRCOnly{"inherit"};
-
-		void to_json(Poco::JSON::Object &Obj) const;
-		bool from_json(const Poco::JSON::Object::Ptr &Obj);
-	};
-
-	struct SubscriberDevice {
-		ObjectInfo info;
-		std::string serialNumber;
-		std::string deviceType;
-		Types::UUID_t operatorId;
-		Types::UUID_t subscriberId;
-		SubLocation location;
-		SubContact contact;
-		Types::UUID_t managementPolicy;
-		Types::UUID_t serviceClass;
-		std::string qrCode;
-		std::string geoCode;
-		DeviceRules deviceRules;
-		std::string state;
-		std::string locale;
-		std::string billingCode;
-		DeviceConfigurationElementVec configuration;
-		bool suspended = false;
-		std::string realMacAddress;
-
-		void to_json(Poco::JSON::Object &Obj) const;
-		bool from_json(const Poco::JSON::Object::Ptr &Obj);
-	};
-
-	struct SubscriberDeviceList {
-		std::vector<SubscriberDevice> subscriberDevices;
-
-		void to_json(Poco::JSON::Object &Obj) const;
-		bool from_json(const Poco::JSON::Object::Ptr &Obj);
-	};
-
-	struct ConfigurationOverride {
-		std::string source;
-		std::string reason;
-		std::string parameterName;
-		std::string parameterType;
-		std::string parameterValue;
-		std::uint64_t modified;
-
-		void to_json(Poco::JSON::Object &Obj) const;
-		bool from_json(const Poco::JSON::Object::Ptr &Obj);
-	};
-
-	struct ConfigurationOverrideList {
-		std::string serialNumber;
-		Types::UUID_t managementPolicy;
-		std::vector<ConfigurationOverride> overrides;
-
-		void to_json(Poco::JSON::Object &Obj) const;
-		bool from_json(const Poco::JSON::Object::Ptr &Obj);
-	};
-
-	bool UpdateObjectInfo(const Poco::JSON::Object::Ptr &O, const SecurityObjects::UserInfo &U,
-						  ObjectInfo &I);
-	bool CreateObjectInfo(const Poco::JSON::Object::Ptr &O, const SecurityObjects::UserInfo &U,
-						  ObjectInfo &I);
-	bool CreateObjectInfo(const SecurityObjects::UserInfo &U, ObjectInfo &I);
+    enum FIRMWARE_UPGRADE_RULES {
+        dont_upgrade,
+        upgrade_inherit,
+        upgrade_release_only,
+        upgrade_latest
+    };
+
+    struct ObjectInfo {
+        Types::UUID_t id;
+        std::string name;
+        std::string description;
+        SecurityObjects::NoteInfoVec notes;
+        uint64_t created = 0;
+        uint64_t modified = 0;
+        Types::TagList tags;
+
+        void to_json(Poco::JSON::Object &Obj) const;
+
+        bool from_json(const Poco::JSON::Object::Ptr &Obj);
+    };
+
+    struct SerialNumberList {
+        Types::UUIDvec_t serialNumbers;
+
+        void to_json(Poco::JSON::Object &Obj) const;
+
+        bool from_json(const Poco::JSON::Object::Ptr &Obj);
+    };
+
+    struct ManagementPolicyEntry {
+        Types::UUIDvec_t users;
+        Types::UUIDvec_t resources;
+        Types::StringVec access;
+        std::string policy;
+
+        void to_json(Poco::JSON::Object &Obj) const;
+
+        bool from_json(const Poco::JSON::Object::Ptr &Obj);
+    };
+
+    struct ManagementPolicy {
+        ObjectInfo info;
+        std::vector<ManagementPolicyEntry> entries;
+        Types::StringVec inUse;
+        Types::UUID_t entity;
+        Types::UUID_t venue;
+
+        void to_json(Poco::JSON::Object &Obj) const;
+
+        bool from_json(const Poco::JSON::Object::Ptr &Obj);
+    };
+
+    typedef std::vector<ManagementPolicy> ManagementPolicyVec;
+
+    struct RRMAlgorithmDetails {
+        std::string name;
+        std::string parameters;
+
+        void to_json(Poco::JSON::Object &Obj) const;
+
+        bool from_json(const Poco::JSON::Object::Ptr &Obj);
+    };
+
+    struct RRMDetails {
+        std::string vendor;
+        std::string schedule;
+        std::vector<RRMAlgorithmDetails> algorithms;
+
+        void to_json(Poco::JSON::Object &Obj) const;
+
+        bool from_json(const Poco::JSON::Object::Ptr &Obj);
+    };
+
+    struct DeviceRules {
+        std::string rcOnly{"inherit"};
+        std::string rrm{"inherit"};
+        std::string firmwareUpgrade{"inherit"};
+
+        void to_json(Poco::JSON::Object &Obj) const;
+
+        bool from_json(const Poco::JSON::Object::Ptr &Obj);
+    };
+
+    struct Entity {
+        ObjectInfo info;
+        Types::UUID_t parent;
+        Types::UUIDvec_t children;
+        Types::UUIDvec_t venues;
+        Types::UUIDvec_t contacts;    // all contacts associated in this entity
+        Types::UUIDvec_t locations; // all locations associated in this entity
+        Types::UUID_t managementPolicy;
+        Types::UUIDvec_t deviceConfiguration;
+        Types::UUIDvec_t devices;
+        DeviceRules deviceRules;
+        Types::StringVec sourceIP;
+        Types::UUIDvec_t variables;
+        Types::UUIDvec_t managementPolicies;
+        Types::UUIDvec_t managementRoles;
+        Types::UUIDvec_t maps;
+        Types::UUIDvec_t configurations;
+
+        void to_json(Poco::JSON::Object &Obj) const;
+
+        bool from_json(const Poco::JSON::Object::Ptr &Obj);
+    };
+
+    typedef std::vector<Entity> EntityVec;
+
+    struct DiGraphEntry {
+        Types::UUID_t parent;
+        Types::UUID_t child;
+
+        void to_json(Poco::JSON::Object &Obj) const;
+
+        bool from_json(const Poco::JSON::Object::Ptr &Obj);
+    };
+
+    typedef std::vector<DiGraphEntry> DiGraph;
+
+    struct Venue {
+        ObjectInfo info;
+        Types::UUID_t entity;
+        Types::UUID_t parent;
+        Types::UUIDvec_t children;
+        Types::UUID_t managementPolicy;
+        Types::UUIDvec_t devices;
+        DiGraph topology;
+        std::string design;
+        Types::UUIDvec_t deviceConfiguration;
+        Types::UUIDvec_t contacts;
+        std::string location;
+        DeviceRules deviceRules;
+        Types::StringVec sourceIP;
+        Types::UUIDvec_t variables;
+        Types::UUIDvec_t configurations;
+        Types::UUIDvec_t maps;
+        Types::UUIDvec_t managementPolicies;
+        Types::UUIDvec_t managementRoles;
+        Types::UUIDvec_t boards;
+
+        void to_json(Poco::JSON::Object &Obj) const;
+
+        bool from_json(const Poco::JSON::Object::Ptr &Obj);
+    };
+
+    typedef std::vector<Venue> VenueVec;
+
+    struct UserInfoDigest {
+        std::string id;
+        std::string loginId;
+        std::string userType;
+
+        void to_json(Poco::JSON::Object &Obj) const;
+
+        bool from_json(const Poco::JSON::Object::Ptr &Obj);
+    };
+
+    struct ManagementRole {
+        ObjectInfo info;
+        Types::UUID_t managementPolicy;
+        Types::UUIDvec_t users;
+        Types::StringVec inUse;
+        Types::UUID_t entity;
+        Types::UUID_t venue;
+
+        void to_json(Poco::JSON::Object &Obj) const;
+
+        bool from_json(const Poco::JSON::Object::Ptr &Obj);
+    };
+
+    typedef std::vector<ManagementRole> ManagementRoleVec;
+
+    enum LocationType {
+        LT_SERVICE,
+        LT_EQUIPMENT,
+        LT_AUTO,
+        LT_MANUAL,
+        LT_SPECIAL,
+        LT_UNKNOWN,
+        LT_CORPORATE
+    };
+
+    inline std::string to_string(LocationType L) {
+        switch (L) {
+            case LT_SERVICE:
+                return "SERVICE";
+            case LT_EQUIPMENT:
+                return "EQUIPMENT";
+            case LT_AUTO:
+                return "AUTO";
+            case LT_MANUAL:
+                return "MANUAL";
+            case LT_SPECIAL:
+                return "SPECIAL";
+            case LT_UNKNOWN:
+                return "UNKNOWN";
+            case LT_CORPORATE:
+                return "CORPORATE";
+            default:
+                return "UNKNOWN";
+        }
+    }
+
+    inline LocationType location_from_string(const std::string &S) {
+        if (!Poco::icompare(S, "SERVICE"))
+            return LT_SERVICE;
+        else if (!Poco::icompare(S, "EQUIPMENT"))
+            return LT_EQUIPMENT;
+        else if (!Poco::icompare(S, "AUTO"))
+            return LT_AUTO;
+        else if (!Poco::icompare(S, "MANUAL"))
+            return LT_MANUAL;
+        else if (!Poco::icompare(S, "SPECIAL"))
+            return LT_SPECIAL;
+        else if (!Poco::icompare(S, "UNKNOWN"))
+            return LT_UNKNOWN;
+        else if (!Poco::icompare(S, "CORPORATE"))
+            return LT_CORPORATE;
+        return LT_UNKNOWN;
+    }
+
+    struct Location {
+        ObjectInfo info;
+        LocationType type;
+        std::string buildingName;
+        Types::StringVec addressLines;
+        std::string city;
+        std::string state;
+        std::string postal;
+        std::string country;
+        Types::StringVec phones;
+        Types::StringVec mobiles;
+        std::string geoCode;
+        Types::StringVec inUse;
+        Types::UUID_t entity;
+        Types::UUID_t managementPolicy;
+
+        void to_json(Poco::JSON::Object &Obj) const;
+
+        bool from_json(const Poco::JSON::Object::Ptr &Obj);
+    };
+
+    typedef std::vector<Location> LocationVec;
+
+    struct OperatorLocation {
+        ObjectInfo info;
+        std::string type;
+        std::string buildingName;
+        Types::StringVec addressLines;
+        std::string city;
+        std::string state;
+        std::string postal;
+        std::string country;
+        Types::StringVec phones;
+        Types::StringVec mobiles;
+        std::string geoCode;
+        Types::UUID_t operatorId;
+        Types::UUID_t subscriberDeviceId;
+        Types::UUID_t managementPolicy;
+
+        void to_json(Poco::JSON::Object &Obj) const;
+
+        bool from_json(const Poco::JSON::Object::Ptr &Obj);
+    };
+
+    typedef std::vector<Location> LocationVec;
+
+    struct SubLocation {
+        std::string type;
+        std::string buildingName;
+        Types::StringVec addressLines;
+        std::string city;
+        std::string state;
+        std::string postal;
+        std::string country;
+        Types::StringVec phones;
+        Types::StringVec mobiles;
+        std::string geoCode;
+
+        void to_json(Poco::JSON::Object &Obj) const;
+
+        bool from_json(const Poco::JSON::Object::Ptr &Obj);
+    };
+
+    struct OperatorLocationList {
+        std::vector<OperatorLocation> locations;
+
+        void to_json(Poco::JSON::Object &Obj) const;
+
+        bool from_json(const Poco::JSON::Object::Ptr &Obj);
+    };
+
+    enum ContactType {
+        CT_SUBSCRIBER,
+        CT_USER,
+        CT_INSTALLER,
+        CT_CSR,
+        CT_MANAGER,
+        CT_BUSINESSOWNER,
+        CT_TECHNICIAN,
+        CT_CORPORATE,
+        CT_UNKNOWN
+    };
+
+    inline std::string to_string(ContactType L) {
+        switch (L) {
+            case CT_SUBSCRIBER:
+                return "SUBSCRIBER";
+            case CT_USER:
+                return "USER";
+            case CT_INSTALLER:
+                return "INSTALLER";
+            case CT_CSR:
+                return "CSR";
+            case CT_MANAGER:
+                return "MANAGER";
+            case CT_BUSINESSOWNER:
+                return "BUSINESSOWNER";
+            case CT_TECHNICIAN:
+                return "TECHNICIAN";
+            case CT_CORPORATE:
+                return "CORPORATE";
+            case CT_UNKNOWN:
+                return "UNKNOWN";
+            default:
+                return "UNKNOWN";
+        }
+    }
+
+    inline ContactType contact_from_string(const std::string &S) {
+        if (!Poco::icompare(S, "SUBSCRIBER"))
+            return CT_SUBSCRIBER;
+        else if (!Poco::icompare(S, "USER"))
+            return CT_USER;
+        else if (!Poco::icompare(S, "INSTALLER"))
+            return CT_INSTALLER;
+        else if (!Poco::icompare(S, "CSR"))
+            return CT_CSR;
+        else if (!Poco::icompare(S, "BUSINESSOWNER"))
+            return CT_BUSINESSOWNER;
+        else if (!Poco::icompare(S, "TECHNICIAN"))
+            return CT_TECHNICIAN;
+        else if (!Poco::icompare(S, "CORPORATE"))
+            return CT_CORPORATE;
+        else if (!Poco::icompare(S, "UNKNOWN"))
+            return CT_UNKNOWN;
+        return CT_UNKNOWN;
+    }
+
+    struct Contact {
+        ObjectInfo info;
+        ContactType type = CT_USER;
+        std::string title;
+        std::string salutation;
+        std::string firstname;
+        std::string lastname;
+        std::string initials;
+        std::string visual;
+        Types::StringVec mobiles;
+        Types::StringVec phones;
+        std::string primaryEmail;
+        std::string secondaryEmail;
+        std::string accessPIN;
+        Types::StringVec inUse;
+        Types::UUID_t entity;
+        Types::UUID_t managementPolicy;
+
+        void to_json(Poco::JSON::Object &Obj) const;
+
+        bool from_json(const Poco::JSON::Object::Ptr &Obj);
+    };
+
+    typedef std::vector<Contact> ContactVec;
+
+    struct OperatorContact {
+        ObjectInfo info;
+        std::string type;
+        std::string title;
+        std::string salutation;
+        std::string firstname;
+        std::string lastname;
+        std::string initials;
+        std::string visual;
+        Types::StringVec mobiles;
+        Types::StringVec phones;
+        std::string primaryEmail;
+        std::string secondaryEmail;
+        std::string accessPIN;
+        Types::UUID_t operatorId;
+        Types::UUID_t subscriberDeviceId;
+        Types::UUID_t managementPolicy;
+
+        void to_json(Poco::JSON::Object &Obj) const;
+
+        bool from_json(const Poco::JSON::Object::Ptr &Obj);
+    };
+
+    struct SubContact {
+        std::string type;
+        std::string title;
+        std::string salutation;
+        std::string firstname;
+        std::string lastname;
+        std::string initials;
+        std::string visual;
+        Types::StringVec mobiles;
+        Types::StringVec phones;
+        std::string primaryEmail;
+        std::string secondaryEmail;
+        std::string accessPIN;
+
+        void to_json(Poco::JSON::Object &Obj) const;
+
+        bool from_json(const Poco::JSON::Object::Ptr &Obj);
+    };
+
+    struct OperatorContactList {
+        std::vector<OperatorContact> contacts;
+
+        void to_json(Poco::JSON::Object &Obj) const;
+
+        bool from_json(const Poco::JSON::Object::Ptr &Obj);
+    };
+
+    typedef std::vector<OperatorContact> OperatorContactVec;
+
+    struct DeviceConfigurationElement {
+        std::string name;
+        std::string description;
+        uint64_t weight;
+        std::string configuration;
+
+        void to_json(Poco::JSON::Object &Obj) const;
+
+        bool from_json(const Poco::JSON::Object::Ptr &Obj);
+    };
+
+    typedef std::vector<DeviceConfigurationElement> DeviceConfigurationElementVec;
+
+    struct DeviceConfiguration {
+        ObjectInfo info;
+        Types::UUID_t managementPolicy;
+        Types::StringVec deviceTypes;
+        DeviceConfigurationElementVec configuration;
+        Types::StringVec inUse;
+        Types::UUIDvec_t variables;
+        DeviceRules deviceRules;
+        bool subscriberOnly = false;
+        std::string venue;
+        std::string entity;
+        std::string subscriber;
+
+        void to_json(Poco::JSON::Object &Obj) const;
+
+        bool from_json(const Poco::JSON::Object::Ptr &Obj);
+    };
+
+    typedef std::vector<DeviceConfiguration> DeviceConfigurationVec;
+
+    struct InventoryTag {
+        ObjectInfo info;
+        std::string serialNumber;
+        std::string venue;
+        std::string entity;
+        std::string subscriber;
+        std::string deviceType;
+        std::string qrCode;
+        std::string geoCode;
+        std::string location;
+        std::string contact;
+        std::string deviceConfiguration;
+        DeviceRules deviceRules;
+        Types::UUID_t managementPolicy;
+        std::string state;
+        std::string devClass;
+        std::string locale;
+        std::string realMacAddress;
+        bool doNotAllowOverrides = false;
+
+        void to_json(Poco::JSON::Object &Obj) const;
+
+        bool from_json(const Poco::JSON::Object::Ptr &Obj);
+    };
+
+    typedef std::vector<InventoryTag> InventoryTagVec;
+
+    struct InventoryTagList {
+        InventoryTagVec taglist;
+
+        void to_json(Poco::JSON::Object &Obj) const;
+
+        bool from_json(const Poco::JSON::Object::Ptr &Obj);
+    };
+
+    struct InventoryConfigApplyResult {
+        std::string appliedConfiguration;
+        Types::StringVec errors;
+        Types::StringVec warnings;
+        uint64_t errorCode;
+
+        void to_json(Poco::JSON::Object &Obj) const;
+
+        bool from_json(const Poco::JSON::Object::Ptr &Obj);
+    };
+
+    struct Report {
+        uint64_t snapShot = 0;
+        Types::CountedMap tenants;
+
+        void reset();
+
+        void to_json(Poco::JSON::Object &Obj) const;
+    };
+
+    struct ExpandedUseEntry {
+        std::string uuid;
+        std::string name;
+        std::string description;
+
+        void to_json(Poco::JSON::Object &Obj) const;
+
+        bool from_json(const Poco::JSON::Object::Ptr &Obj);
+    };
+
+    struct ExpandedUseEntryList {
+        std::string type;
+        std::vector<ExpandedUseEntry> entries;
+
+        void to_json(Poco::JSON::Object &Obj) const;
+
+        bool from_json(const Poco::JSON::Object::Ptr &Obj);
+    };
+
+    struct ExpandedUseEntryMapList {
+        std::vector<ExpandedUseEntryList> entries;
+
+        void to_json(Poco::JSON::Object &Obj) const;
+
+        bool from_json(const Poco::JSON::Object::Ptr &Obj);
+    };
+
+    struct UuidList {
+        Types::UUIDvec_t list;
+
+        void to_json(Poco::JSON::Object &Obj) const;
+
+        bool from_json(const Poco::JSON::Object::Ptr &Obj);
+    };
+
+    enum ACLACCESS {
+        NONE = 0, READ = 1, MODIFY = 2, CREATE = 3, DELETE = 4
+    };
+
+    struct ObjectACL {
+        UuidList users;
+        UuidList roles;
+        uint64_t access = (uint64_t) NONE;
+
+        void to_json(Poco::JSON::Object &Obj) const;
+
+        bool from_json(const Poco::JSON::Object::Ptr &Obj);
+    };
+
+    struct ObjectACLList {
+        std::vector<ObjectACL> list;
+
+        void to_json(Poco::JSON::Object &Obj) const;
+
+        bool from_json(const Poco::JSON::Object::Ptr &Obj);
+    };
+
+    struct Map {
+        ObjectInfo info;
+        std::string data;
+        std::string entity;
+        std::string creator;
+        std::string visibility{"private"};
+        ObjectACLList access;
+        Types::UUID_t managementPolicy;
+        std::string venue;
+
+        void to_json(Poco::JSON::Object &Obj) const;
+
+        bool from_json(const Poco::JSON::Object::Ptr &Obj);
+    };
+
+    struct MapList {
+        std::vector<Map> list;
+
+        void to_json(Poco::JSON::Object &Obj) const;
+
+        bool from_json(const Poco::JSON::Object::Ptr &Obj);
+    };
+
+    enum SignupStatusCodes {
+        SignupCreated = 0,
+        SignupWaitingForEmail,
+        SignupWaitingForDevice,
+        SignupSuccess,
+        SignupFailure,
+        SignupCanceled,
+        SignupTimedOut
+    };
+
+    struct SignupEntry {
+        ObjectInfo info;
+        std::string email;
+        std::string userId;
+        std::string macAddress;
+        std::string serialNumber;
+        uint64_t submitted = 0;
+        uint64_t completed = 0;
+        std::string status;
+        uint64_t error = 0;
+        uint64_t statusCode = 0;
+        std::string deviceID;
+        std::string registrationId;
+        std::string operatorId;
+
+        void to_json(Poco::JSON::Object &Obj) const;
+
+        bool from_json(const Poco::JSON::Object::Ptr &Obj);
+    };
+
+    struct Variable {
+        std::string type;
+        uint64_t weight = 0;
+        std::string prefix;
+        std::string value;
+
+        void to_json(Poco::JSON::Object &Obj) const;
+
+        bool from_json(const Poco::JSON::Object::Ptr &Obj);
+    };
+
+    struct VariableList {
+        std::vector<Variable> variables;
+
+        void to_json(Poco::JSON::Object &Obj) const;
+
+        bool from_json(const Poco::JSON::Object::Ptr &Obj);
+    };
+
+    struct VariableBlock {
+        ObjectInfo info;
+        std::vector<Variable> variables;
+        std::string entity;
+        std::string venue;
+        std::string subscriber;
+        std::string inventory;
+        Types::UUIDvec_t configurations;
+        Types::UUID_t managementPolicy;
+
+        void to_json(Poco::JSON::Object &Obj) const;
+
+        bool from_json(const Poco::JSON::Object::Ptr &Obj);
+    };
+
+    struct VariableBlockList {
+        std::vector<VariableBlock> variableBlocks;
+
+        void to_json(Poco::JSON::Object &Obj) const;
+
+        bool from_json(const Poco::JSON::Object::Ptr &Obj);
+    };
+
+    struct Operator {
+        ObjectInfo info;
+        Types::UUID_t managementPolicy;
+        Types::UUIDvec_t managementRoles;
+        DeviceRules deviceRules;
+        std::vector<Variable> variables;
+        bool defaultOperator = false;
+        Types::StringVec sourceIP;
+        std::string registrationId;
+
+        void to_json(Poco::JSON::Object &Obj) const;
+
+        bool from_json(const Poco::JSON::Object::Ptr &Obj);
+    };
+
+    struct OperatorList {
+        std::vector<Operator> operators;
+
+        void to_json(Poco::JSON::Object &Obj) const;
+
+        bool from_json(const Poco::JSON::Object::Ptr &Obj);
+    };
+
+    struct VenueDeviceList {
+        std::string id;
+        std::string name;
+        std::string description;
+        Types::UUIDvec_t devices;
+
+        void to_json(Poco::JSON::Object &Obj) const;
+
+        bool from_json(const Poco::JSON::Object::Ptr &Obj);
+    };
+
+    struct ServiceClass {
+        ObjectInfo info;
+        Types::UUID_t operatorId;
+        Types::UUID_t managementPolicy;
+        double cost = 0.0;
+        std::string currency;
+        std::string period;
+        std::string billingCode;
+        std::vector<Variable> variables;
+        bool defaultService = false;
+
+        void to_json(Poco::JSON::Object &Obj) const;
+
+        bool from_json(const Poco::JSON::Object::Ptr &Obj);
+    };
+
+    struct ServiceClassList {
+        std::vector<ServiceClass> serviceClasses;
+
+        void to_json(Poco::JSON::Object &Obj) const;
+
+        bool from_json(const Poco::JSON::Object::Ptr &Obj);
+    };
+
+    struct ConfigurationDetails {
+        DeviceConfigurationElementVec configuration;
+        std::string rrm{"inherit"};
+        std::string firmwareUpgrade{"inherit"};
+        std::string firmwareRCOnly{"inherit"};
+
+        void to_json(Poco::JSON::Object &Obj) const;
+
+        bool from_json(const Poco::JSON::Object::Ptr &Obj);
+    };
+
+    struct SubscriberDevice {
+        ObjectInfo info;
+        std::string serialNumber;
+        std::string deviceType;
+        Types::UUID_t operatorId;
+        Types::UUID_t subscriberId;
+        SubLocation location;
+        SubContact contact;
+        Types::UUID_t managementPolicy;
+        Types::UUID_t serviceClass;
+        std::string qrCode;
+        std::string geoCode;
+        DeviceRules deviceRules;
+        std::string state;
+        std::string locale;
+        std::string billingCode;
+        DeviceConfigurationElementVec configuration;
+        bool suspended = false;
+        std::string realMacAddress;
+
+        void to_json(Poco::JSON::Object &Obj) const;
+
+        bool from_json(const Poco::JSON::Object::Ptr &Obj);
+    };
+
+    struct SubscriberDeviceList {
+        std::vector<SubscriberDevice> subscriberDevices;
+
+        void to_json(Poco::JSON::Object &Obj) const;
+
+        bool from_json(const Poco::JSON::Object::Ptr &Obj);
+    };
+
+    struct ConfigurationOverride {
+        std::string source;
+        std::string reason;
+        std::string parameterName;
+        std::string parameterType;
+        std::string parameterValue;
+        std::uint64_t modified;
+
+        void to_json(Poco::JSON::Object &Obj) const;
+
+        bool from_json(const Poco::JSON::Object::Ptr &Obj);
+    };
+
+    struct ConfigurationOverrideList {
+        std::string serialNumber;
+        Types::UUID_t managementPolicy;
+        std::vector<ConfigurationOverride> overrides;
+
+        void to_json(Poco::JSON::Object &Obj) const;
+
+        bool from_json(const Poco::JSON::Object::Ptr &Obj);
+    };
+
+    bool UpdateObjectInfo(const Poco::JSON::Object::Ptr &O, const SecurityObjects::UserInfo &U,
+                          ObjectInfo &I);
+
+    bool CreateObjectInfo(const Poco::JSON::Object::Ptr &O, const SecurityObjects::UserInfo &U,
+                          ObjectInfo &I);
+
+    bool CreateObjectInfo(const SecurityObjects::UserInfo &U, ObjectInfo &I);
 
     struct GLBLRAccountInfo {
-        ObjectInfo      info;
-        std::string     privateKey;
-        std::string     country, province, city, organization, commonName;
-        std::string     CSR, CSRPrivateKey, CSRPublicKey;
-        std::string     GlobalReachAcctId;
+        ObjectInfo info;
+        std::string privateKey;
+        std::string country, province, city, organization, commonName;
+        std::string CSR, CSRPrivateKey, CSRPublicKey;
+        std::string GlobalReachAcctId;
 
         void to_json(Poco::JSON::Object &Obj) const;
+
         bool from_json(const Poco::JSON::Object::Ptr &Obj);
     };
 
     struct GLBLRCertificateInfo {
-        std::string     id;
-        std::string     name;
-        std::string     accountId;
-        std::string     csr;
-        std::string     certificate;
-        std::string     certificateChain;
-        std::string     certificateId;
-        std::uint64_t   expiresAt=0;
-        std::uint64_t   created=0;
+        std::string id;
+        std::string name;
+        std::string accountId;
+        std::string csr;
+        std::string certificate;
+        std::string certificateChain;
+        std::string certificateId;
+        std::uint64_t expiresAt = 0;
+        std::uint64_t created = 0;
 
         void to_json(Poco::JSON::Object &Obj) const;
+
         bool from_json(const Poco::JSON::Object::Ptr &Obj);
     };
 
     struct GooglOrionAccountInfo {
-        ObjectInfo                  info;
-        std::string                 privateKey;
-        std::string                 certificate;
-        std::vector<std::string>    cacerts;
+        ObjectInfo info;
+        std::string privateKey;
+        std::string certificate;
+        std::vector<std::string> cacerts;
 
         void to_json(Poco::JSON::Object &Obj) const;
         bool from_json(const Poco::JSON::Object::Ptr &Obj);
     };
 
+    struct RADIUSServer {
+        std::string     Hostname;
+        std::string     IP;
+        std::uint64_t   Port=0;
+        std::string     Secret;
+
+        void to_json(Poco::JSON::Object &Obj) const;
+        bool from_json(const Poco::JSON::Object::Ptr &Obj);
+    };
+
+    struct RADIUSEndPointRadiusType {
+        RADIUSServer    Authentication;
+        RADIUSServer    Accounting;
+        RADIUSServer    CoA;
+        std::uint64_t AccountingInterval = 60;
+
+        void to_json(Poco::JSON::Object &Obj) const;
+        bool from_json(const Poco::JSON::Object::Ptr &Obj);
+    };
+
+    struct RADIUSEndPointRadsecType {
+        std::string     Hostname;
+        std::string     IP;
+        std::uint64_t   Port=2083;
+        std::string     Secret{"radsec"};
+        std::string     OpenRoamingType;
+        std::string     UseOpenRoamingAccount;
+        std::uint64_t   Weight=0;
+        std::string     Certificate;
+        std::string     PrivateKey;
+        std::vector<std::string>    CaCerts;
+        bool AllowSelfSigned=false;
+
+        void to_json(Poco::JSON::Object &Obj) const;
+        bool from_json(const Poco::JSON::Object::Ptr &Obj);
+    };
+
+    struct RADIUSEndPoint {
+        ObjectInfo                  info;
+        std::string                 Type{"radius"};
+        std::string                 PoolStrategy{"none"};
+        bool                        UseGWProxy=true;
+        std::string                 Index;
+        std::vector<std::string>    UsedBy;
+        std::vector<RADIUSEndPointRadiusType>   RadiusServers;
+        std::vector<RADIUSEndPointRadsecType>   RadsecServers;
+
+        void to_json(Poco::JSON::Object &Obj) const;
+        bool from_json(const Poco::JSON::Object::Ptr &Obj);
+    };
 }; // namespace OpenWifi::ProvObjects
diff --git a/src/StorageService.cpp b/src/StorageService.cpp
index cfd1b230..11213d3d 100644
--- a/src/StorageService.cpp
+++ b/src/StorageService.cpp
@@ -42,6 +42,7 @@ namespace OpenWifi {
         GLBLRAccountInfoDB_ = std::make_unique<OpenWifi::GLBLRAccountInfoDB>(dbType_, *Pool_, Logger());
         GLBLRCertsDB_ = std::make_unique<OpenWifi::GLBLRCertsDB>(dbType_, *Pool_, Logger());
         OrionAccountsDB_ = std::make_unique<OpenWifi::OrionAccountsDB>(dbType_, *Pool_, Logger());
+        RadiusEndpointDB_ = std::make_unique<OpenWifi::RadiusEndpointDB>(dbType_, *Pool_, Logger());
 
 		EntityDB_->Create();
 		PolicyDB_->Create();
@@ -65,6 +66,7 @@ namespace OpenWifi {
         GLBLRAccountInfoDB_->Create();
         GLBLRCertsDB_->Create();
         OrionAccountsDB_->Create();
+        RadiusEndpointDB_->Create();
 
 		ExistFunc_[EntityDB_->Prefix()] = [=](const char *F, std::string &V) -> bool {
 			return EntityDB_->Exists(F, V);
@@ -129,9 +131,12 @@ namespace OpenWifi {
         ExistFunc_[GLBLRCertsDB_->Prefix()] = [=](const char *F, std::string &V) -> bool {
             return GLBLRCertsDB_->Exists(F, V);
         };
-        ExistFunc_[GLBLRCertsDB_->Prefix()] = [=](const char *F, std::string &V) -> bool {
+        ExistFunc_[OrionAccountsDB_->Prefix()] = [=](const char *F, std::string &V) -> bool {
             return OrionAccountsDB_->Exists(F, V);
         };
+        ExistFunc_[RadiusEndpointDB_->Prefix()] = [=](const char *F, std::string &V) -> bool {
+            return RadiusEndpointDB_->Exists(F, V);
+        };
 
 
 
@@ -240,6 +245,11 @@ namespace OpenWifi {
                     [[maybe_unused]] std::string &Name,
                     [[maybe_unused]] std::string &Description) -> bool { return false; };
 
+        ExpandFunc_[RadiusEndpointDB_->Prefix()] =
+                [=]([[maybe_unused]] const char *F, [[maybe_unused]] std::string &V,
+                    [[maybe_unused]] std::string &Name,
+                    [[maybe_unused]] std::string &Description) -> bool { return false; };
+
         InventoryDB_->InitializeSerialCache();
 		ConsistencyCheck();
 		InitializeSystemDBs();
diff --git a/src/StorageService.h b/src/StorageService.h
index 0de189fa..b1953761 100644
--- a/src/StorageService.h
+++ b/src/StorageService.h
@@ -31,6 +31,7 @@
 #include "storage/storage_glblraccounts.h"
 #include "storage/storage_glblrcerts.h"
 #include "storage/storage_orion_accounts.h"
+#include "storage/storage_radius_endpoints.h"
 
 #include "Poco/URI.h"
 #include "framework/ow_constants.h"
@@ -72,6 +73,7 @@ namespace OpenWifi {
         inline OpenWifi::GLBLRAccountInfoDB &GLBLRAccountInfoDB() { return *GLBLRAccountInfoDB_; }
         inline OpenWifi::GLBLRCertsDB &GLBLRCertsDB() { return *GLBLRCertsDB_; }
         inline OpenWifi::OrionAccountsDB &OrionAccountsDB() { return *OrionAccountsDB_; }
+        inline OpenWifi::RadiusEndpointDB &RadiusEndpointDB() { return *RadiusEndpointDB_; }
 
 		bool Validate(const Poco::URI::QueryParameters &P, RESTAPI::Errors::msg &Error);
 		bool Validate(const Types::StringVec &P, std::string &Error);
@@ -134,6 +136,7 @@ namespace OpenWifi {
         std::unique_ptr<OpenWifi::GLBLRAccountInfoDB> GLBLRAccountInfoDB_;
         std::unique_ptr<OpenWifi::GLBLRCertsDB> GLBLRCertsDB_;
         std::unique_ptr<OpenWifi::OrionAccountsDB> OrionAccountsDB_;
+        std::unique_ptr<OpenWifi::RadiusEndpointDB> RadiusEndpointDB_;
 		std::string DefaultOperator_;
 
 		typedef std::function<bool(const char *FieldName, std::string &Value)> exist_func;
diff --git a/src/sdks/SDK_gw.cpp b/src/sdks/SDK_gw.cpp
index 97c1ca7c..ab32bcf0 100644
--- a/src/sdks/SDK_gw.cpp
+++ b/src/sdks/SDK_gw.cpp
@@ -238,4 +238,39 @@ namespace OpenWifi::SDK::GW {
 			return false;
 		}
 	} // namespace Device
+
+    namespace RADIUS {
+
+        bool GetConfiguration(RESTAPIHandler *client, GWObjects::RadiusProxyPoolList &Pools) {
+            OpenWifi::OpenAPIRequestGet R(OpenWifi::uSERVICE_GATEWAY,
+                                           "/api/v1/radiusProxyConfig", {},
+                                           60000);
+            auto CallResponse = Poco::makeShared<Poco::JSON::Object>();
+            auto ResponseStatus =
+                    R.Do(CallResponse, client ? client->UserInfo_.webtoken.access_token_ : "");
+            if(ResponseStatus == Poco::Net::HTTPResponse::HTTP_OK) {
+                return Pools.from_json(CallResponse);
+            }
+            return false;
+        }
+
+        bool SetConfiguration(RESTAPIHandler *client, const GWObjects::RadiusProxyPoolList &Pools,
+                              GWObjects::RadiusProxyPoolList &NewPools) {
+            Poco::JSON::Object  Body;
+            Pools.to_json(Body);
+
+            OpenWifi::OpenAPIRequestPut R(OpenWifi::uSERVICE_GATEWAY,
+                                          "/api/v1/radiusProxyConfig", {}, Body,
+                                          60000);
+            auto CallResponse = Poco::makeShared<Poco::JSON::Object>();
+            auto ResponseStatus =
+                    R.Do(CallResponse, client ? client->UserInfo_.webtoken.access_token_ : "");
+            if(ResponseStatus == Poco::Net::HTTPResponse::HTTP_OK) {
+                return NewPools.from_json(CallResponse);
+            }
+            return false;
+        }
+
+    }
+
 } // namespace OpenWifi::SDK::GW
diff --git a/src/sdks/SDK_gw.h b/src/sdks/SDK_gw.h
index 8d05e254..506828fe 100644
--- a/src/sdks/SDK_gw.h
+++ b/src/sdks/SDK_gw.h
@@ -38,4 +38,9 @@ namespace OpenWifi::SDK::GW {
 						  const std::string &entity, const std::string &venue,
 						  const std::string &subscriber);
 	} // namespace Device
+    namespace RADIUS {
+        bool GetConfiguration(RESTAPIHandler *client, GWObjects::RadiusProxyPoolList &Pools);
+        bool SetConfiguration(RESTAPIHandler *client, const GWObjects::RadiusProxyPoolList &Pools,
+                              GWObjects::RadiusProxyPoolList &NewPools);
+    }
 } // namespace OpenWifi::SDK::GW
diff --git a/src/storage/storage_radius_endpoints.cpp b/src/storage/storage_radius_endpoints.cpp
new file mode 100644
index 00000000..a63e1cb7
--- /dev/null
+++ b/src/storage/storage_radius_endpoints.cpp
@@ -0,0 +1,83 @@
+//
+// Created by stephane bourque on 2023-09-27.
+//
+
+#include "storage_radius_endpoints.h"
+#include <framework/RESTAPI_utils.h>
+namespace OpenWifi {
+
+    static ORM::FieldVec RadiusEndpointDB_Fields{// object info
+            ORM::Field{"id", 64, true},
+            ORM::Field{"name", ORM::FieldType::FT_TEXT},
+            ORM::Field{"description", ORM::FieldType::FT_TEXT},
+            ORM::Field{"notes", ORM::FieldType::FT_TEXT},
+            ORM::Field{"created", ORM::FieldType::FT_BIGINT},
+            ORM::Field{"modified", ORM::FieldType::FT_BIGINT},
+            ORM::Field{"Type", ORM::FieldType::FT_TEXT},
+            ORM::Field{"RadsecServers", ORM::FieldType::FT_TEXT},
+            ORM::Field{"RadiusServers", ORM::FieldType::FT_TEXT},
+            ORM::Field{"PoolStrategy", ORM::FieldType::FT_TEXT},
+            ORM::Field{"Index", ORM::FieldType::FT_TEXT},
+            ORM::Field{"UsedBy", ORM::FieldType::FT_TEXT},
+            ORM::Field{"UseGWProxy", ORM::FieldType::FT_BOOLEAN}
+    };
+
+    static ORM::IndexVec RadiusEndpointDB_Indexes{
+            {std::string("radius_ep_name_index"),
+             ORM::IndexEntryVec{{std::string("name"), ORM::Indextype::ASC}}}};
+
+    RadiusEndpointDB::RadiusEndpointDB(OpenWifi::DBType T, Poco::Data::SessionPool &P, Poco::Logger &L)
+            : DB(T, "radius_endpoints", RadiusEndpointDB_Fields, RadiusEndpointDB_Indexes, P, L, "rep") {}
+
+    bool RadiusEndpointDB::Upgrade([[maybe_unused]] uint32_t from, uint32_t &to) {
+        to = Version();
+        std::vector<std::string> Script{};
+
+        for (const auto &i : Script) {
+            try {
+                auto Session = Pool_.get();
+                Session << i, Poco::Data::Keywords::now;
+            } catch (...) {
+            }
+        }
+        return true;
+    }
+
+} // namespace OpenWifi
+
+template <>
+void ORM::DB<OpenWifi::RadiusEndpointDbRecordType, OpenWifi::ProvObjects::RADIUSEndPoint>::Convert(
+        const OpenWifi::RadiusEndpointDbRecordType &In, OpenWifi::ProvObjects::RADIUSEndPoint &Out) {
+    Out.info.id = In.get<0>();
+    Out.info.name = In.get<1>();
+    Out.info.description = In.get<2>();
+    Out.info.notes =
+            OpenWifi::RESTAPI_utils::to_object_array<OpenWifi::SecurityObjects::NoteInfo>(In.get<3>());
+    Out.info.created = In.get<4>();
+    Out.info.modified = In.get<5>();
+    Out.Type = In.get<6>();
+    Out.RadsecServers = OpenWifi::RESTAPI_utils::to_object_array<OpenWifi::ProvObjects::RADIUSEndPointRadsecType>(In.get<7>());
+    Out.RadiusServers = OpenWifi::RESTAPI_utils::to_object_array<OpenWifi::ProvObjects::RADIUSEndPointRadiusType>(In.get<8>());
+    Out.PoolStrategy = In.get<9>();
+    Out.Index = In.get<10>();
+    Out.UsedBy = OpenWifi::RESTAPI_utils::to_object_array(In.get<11>());
+    Out.UseGWProxy = In.get<12>();
+}
+
+template <>
+void ORM::DB<OpenWifi::RadiusEndpointDbRecordType, OpenWifi::ProvObjects::RADIUSEndPoint>::Convert(
+        const OpenWifi::ProvObjects::RADIUSEndPoint &In, OpenWifi::RadiusEndpointDbRecordType &Out) {
+    Out.set<0>(In.info.id);
+    Out.set<1>(In.info.name);
+    Out.set<2>(In.info.description);
+    Out.set<3>(OpenWifi::RESTAPI_utils::to_string(In.info.notes));
+    Out.set<4>(In.info.created);
+    Out.set<5>(In.info.modified);
+    Out.set<6>(In.Type);
+    Out.set<7>(OpenWifi::RESTAPI_utils::to_string(In.RadsecServers));
+    Out.set<8>(OpenWifi::RESTAPI_utils::to_string(In.RadiusServers));
+    Out.set<9>(In.PoolStrategy);
+    Out.set<10>(In.Index);
+    Out.set<11>(OpenWifi::RESTAPI_utils::to_string(In.UsedBy));
+    Out.set<12>(In.UseGWProxy);
+}
diff --git a/src/storage/storage_radius_endpoints.h b/src/storage/storage_radius_endpoints.h
new file mode 100644
index 00000000..61b1e352
--- /dev/null
+++ b/src/storage/storage_radius_endpoints.h
@@ -0,0 +1,36 @@
+//
+// Created by stephane bourque on 2023-09-27.
+//
+
+#pragma once
+
+#include "RESTObjects/RESTAPI_ProvObjects.h"
+#include "framework/orm.h"
+
+namespace OpenWifi {
+
+    typedef Poco::Tuple<
+            std::string,
+            std::string,
+            std::string,
+            std::string,
+            uint64_t,
+            uint64_t,
+            std::string,
+            std::string,
+            std::string,
+            std::string,
+            std::string,
+            std::string,
+            bool
+    >   RadiusEndpointDbRecordType;
+
+    class RadiusEndpointDB : public ORM::DB<RadiusEndpointDbRecordType, ProvObjects::RADIUSEndPoint> {
+    public:
+        RadiusEndpointDB(OpenWifi::DBType T, Poco::Data::SessionPool &P, Poco::Logger &L);
+        virtual ~RadiusEndpointDB(){};
+        bool Upgrade(uint32_t from, uint32_t &to) override;
+    private:
+
+    };
+} // namespace OpenWifi