[autopatch] Automatic patch attempt for helpers 2.1

conf/aeneria.cron

@@ -1,2 +1,2 @@
-__MINUTES__ __HOUR__-23/3 * * * __APP__ /usr/bin/php__PHPVERSION__ __INSTALL_DIR__/bin/console aeneria:fetch-data
+__MINUTES__ __HOUR__-23/3 * * * __APP__ /usr/bin/php__PHP_VERSION__ __INSTALL_DIR__/bin/console aeneria:fetch-data
-*/15 * * * * __APP__ /usr/bin/php__PHPVERSION__ __INSTALL_DIR__/bin/console aeneria:pending-action:process-expired
+*/15 * * * * __APP__ /usr/bin/php__PHP_VERSION__ __INSTALL_DIR__/bin/console aeneria:pending-action:process-expired

conf/extra_php-fpm.conf

@@ -1,4 +0,0 @@
-; Additional php.ini defines, specific to this pool of workers.
-
-php_admin_value[upload_max_filesize] = 50M
-php_admin_value[post_max_size] = 50M

conf/nginx.conf

@@ -9,7 +9,7 @@ location __PATH__/ {
   fastcgi_read_timeout 60m;
   client_max_body_size 50M;
 
-  try_files $uri @__NAME__;
+  try_files $uri @__APP__;
 
   location ~ ^__PATH__/index\.php(/|$) {
     include fastcgi_params;
@@ -17,7 +17,7 @@ location __PATH__/ {
     fastcgi_param SCRIPT_FILENAME $request_filename;
     fastcgi_param PATH_INFO       $fastcgi_path_info;
     fastcgi_param REMOTE_USER     $remote_user;
-    fastcgi_pass unix:/var/run/php/php__PHPVERSION__-fpm-__NAME__.sock;
+    fastcgi_pass unix:/var/run/php/php__PHP_VERSION__-fpm-__APP__.sock;
     fastcgi_intercept_errors on;
   }
 
@@ -31,6 +31,6 @@ location __PATH__/ {
   include conf.d/yunohost_panel.conf.inc;
 }
 
-location @__NAME__ {
+location @__APP__ {
   rewrite ^ __PATH__/index.php/$is_args$args;
 }

manifest.toml

@@ -17,7 +17,8 @@ code = "https://gitlab.com/aeneria/aeneria-app"
 demo = "https://demo.aeneria.com"
 
 [integration]
-yunohost = ">= 11.2"
+yunohost = ">= 11.2.18"
+helpers_version = "2.1"
 architectures = "all"
 multi_instance = true
 
@@ -51,6 +52,7 @@ ram.runtime = "50M"
     [resources.system_user]
 
     [resources.install_dir]
+    group = "www-data:r-x"
 
     [resources.permissions]
     main.url = "/"

scripts/_common.sh

@@ -1,11 +1,7 @@
 #!/bin/bash
 
 #=================================================
-# COMMON VARIABLES
+# COMMON VARIABLES AND CUSTOM HELPERS
-#=================================================
-
-#=================================================
-# PERSONAL HELPERS
 #=================================================
 
 # Assign two variables:
@@ -19,14 +15,10 @@
 generate_random_minutes_hour () {
         minutes="$(ynh_string_random --length=1 --filter=0-5)$(ynh_string_random --length=1 --filter=0-9)"
         hour="$(ynh_string_random --length=1 --filter=0-2)"
-        ynh_app_setting_set --app=$app --key=minutes --value=$minutes
+        ynh_app_setting_set --key=minutes --value=$minutes
-        ynh_app_setting_set --app=$app --key=hour --value=$hour
+        ynh_app_setting_set --key=hour --value=$hour
 }
 
-#=================================================
-# EXPERIMENTAL HELPERS
-#=================================================
-
 # Check available space before creating a temp directory.
 #
 # usage: ynh_smart_mktemp --min_size="Min size"
@@ -63,7 +55,3 @@ ynh_smart_mktemp () {
 
         echo "$(mktemp --directory --tmpdir="$tmpdir")"
 }
-
-#=================================================
-# FUTURE OFFICIAL HELPERS
-#=================================================

scripts/backup

@@ -1,37 +1,28 @@
 #!/bin/bash
 
-#=================================================
-# GENERIC START
-#=================================================
-# IMPORT GENERIC HELPERS
-#=================================================
-
 # Keep this path for calling _common.sh inside the execution's context of backup and restore scripts
 source ../settings/scripts/_common.sh
 source /usr/share/yunohost/helpers
 
-#=================================================
+ynh_print_info "Declaring files to be backed up..."
-# DECLARE DATA AND CONF FILES TO BACKUP
-#=================================================
-ynh_print_info --message="Declaring files to be backed up..."
 
 #=================================================
 # BACKUP THE APP MAIN DIR
 #=================================================
 
-ynh_backup --src_path="$install_dir"
+ynh_backup "$install_dir"
 
 #=================================================
 # BACKUP THE NGINX CONFIGURATION
 #=================================================
 
-ynh_backup --src_path="/etc/nginx/conf.d/$domain.d/$app.conf"
+ynh_backup "/etc/nginx/conf.d/$domain.d/$app.conf"
 
 #=================================================
 # BACKUP THE PHP-FPM CONFIGURATION
 #=================================================
 
-ynh_backup --src_path="/etc/php/$phpversion/fpm/pool.d/$app.conf"
+ynh_backup "/etc/php/$php_version/fpm/pool.d/$app.conf"
 
 #=================================================
 # SPECIFIC BACKUP
@@ -39,17 +30,17 @@ ynh_backup --src_path="/etc/php/$phpversion/fpm/pool.d/$app.conf"
 # BACKUP VARIOUS FILES
 #=================================================
 
-ynh_backup --src_path="/etc/cron.d/$app"
+ynh_backup "/etc/cron.d/$app"
 
 #=================================================
 # BACKUP THE PSQL DATABASE
 #=================================================
-ynh_print_info --message="Backing up the PSQL database..."
+ynh_print_info "Backing up the PSQL database..."
 
-ynh_psql_dump_db --database="$db_name" > db.sql
+ynh_psql_dump_db > db.sql
 
 #=================================================
 # END OF SCRIPT
 #=================================================
 
-ynh_print_info --message="Backup script completed for $app. (YunoHost will then actually copy those files to the archive)."
+ynh_print_info "Backup script completed for $app. (YunoHost will then actually copy those files to the archive)."

scripts/change_url

@@ -1,11 +1,5 @@
 #!/bin/bash
 
-#=================================================
-# GENERIC STARTING
-#=================================================
-# IMPORT GENERIC HELPERS
-#=================================================
-
 source _common.sh
 source /usr/share/yunohost/helpers
 
@@ -19,21 +13,19 @@ source /usr/share/yunohost/helpers
 # If the app is currently installed under a path, we warn the admin
 # that he should move the app under its own domain
 if [ "$path" != "/" ]; then
-  ynh_die --message="Since version 2.0.0, $app need to be installed under its own domain. \
+  ynh_die "Since version 2.0.0, $app need to be installed under its own domain. \
   Before upgrading, change $app URL: delete the path and switch to a new domain if needed."
 fi
 
-#=================================================
-# STANDARD MODIFICATIONS
 #=================================================
 # MODIFY URL IN NGINX CONF
 #=================================================
-ynh_script_progression --message="Updating NGINX web server configuration..." --weight=3
+ynh_script_progression "Updating NGINX web server configuration..."
 
-ynh_change_url_nginx_config
+ynh_config_change_url_nginx
 
 #=================================================
 # END OF SCRIPT
 #=================================================
 
-ynh_script_progression --message="Change of URL completed for $app" --last
+ynh_script_progression "Change of URL completed for $app"

scripts/install

@@ -1,11 +1,5 @@
 #!/bin/bash
 
-#=================================================
-# GENERIC START
-#=================================================
-# IMPORT GENERIC HELPERS
-#=================================================
-
 source _common.sh
 source /usr/share/yunohost/helpers
 
@@ -14,70 +8,69 @@ source /usr/share/yunohost/helpers
 #=================================================
 
 deskey=$(ynh_string_random --length=24)
-ynh_app_setting_set --app=$app --key=deskey --value=$deskey
+ynh_app_setting_set --key=deskey --value=$deskey
 
 #=================================================
 # DOWNLOAD, CHECK AND UNPACK SOURCE
 #=================================================
-ynh_script_progression --message="Setting up source files..." --weight=1
+ynh_script_progression "Setting up source files..."
 
 # Download, check integrity, uncompress and patch the source from app.src
 ynh_setup_source --dest_dir="$install_dir"
 
-chown -R $app:www-data "$install_dir"
+#REMOVEME? Assuming the install dir is setup using ynh_setup_source, the proper chmod/chowns are now already applied and it shouldn't be necessary to tweak perms | chown -R $app:www-data "$install_dir"
-chmod -R 750 "$install_dir"
+#REMOVEME? Assuming the install dir is setup using ynh_setup_source, the proper chmod/chowns are now already applied and it shouldn't be necessary to tweak perms | chmod -R 750 "$install_dir"
-
 #=================================================
 # SYSTEM CONFIGURATION
 #=================================================
-ynh_script_progression --message="Adding system configurations related to $app..." --weight=1
+ynh_script_progression "Adding system configurations related to $app..."
 
 # Create a dedicated NGINX config
-ynh_add_nginx_config
+ynh_config_add_nginx
 
 # Create a dedicated PHP-FPM config
-ynh_add_fpm_config
+ynh_config_add_phpfpm
 
 #=================================================
 # SPECIFIC SETUP
 #=================================================
 # CONFIGURE AENERIA
 #=================================================
-ynh_script_progression --message="Configuring $app..." --weight=1
+ynh_script_progression "Configuring $app..."
 
-ynh_add_config --template=".env" --destination="$install_dir/.env"
+ynh_config_add --template=".env" --destination="$install_dir/.env"
 
 # Restrict rights to aeneria user only
-chmod 600 "$install_dir/.env"
+#REMOVEME? Assuming the file is setup using ynh_config_add, the proper chmod/chowns are now already applied and it shouldn't be necessary to tweak perms | chmod 600 "$install_dir/.env"
 
 #=================================================
 # INSTALL AENERIA
 #=================================================
-ynh_script_progression --message="Installing aeneria..." --weight=1
+ynh_script_progression "Installing aeneria..."
 
 # Install aeneria
 pushd $install_dir
-  ynh_exec_as $app php$phpversion bin/console aeneria:install "$app" -n
+  ynh_exec_as_app php$php_version bin/console aeneria:install "$app" -n
   # Create admin user
   mail=$(ynh_user_get_info --username="$admin" --key='mail')
-  ynh_exec_as $app php$phpversion bin/console aeneria:user:add "$mail" "$(ynh_string_random)" -n
+  ynh_exec_as_app php$php_version bin/console aeneria:user:add "$mail" "$(ynh_string_random)" -n
-  ynh_exec_as $app php$phpversion bin/console aeneria:user:grant "$mail"
+  ynh_exec_as_app php$php_version bin/console aeneria:user:grant "$mail"
 popd
 
 #=================================================
 # SET UP CRON JOB
 #=================================================
-ynh_script_progression --message="Setuping a cron..." --weight=1
+ynh_script_progression "Setuping a cron..."
 
 # Generate random running schedule, and save $hour and $minutes as app parameters
 generate_random_minutes_hour
 
-ynh_add_config --template="aeneria.cron" --destination="/etc/cron.d/$app"
+ynh_config_add --template="aeneria.cron" --destination="/etc/cron.d/$app"
-chown root: "/etc/cron.d/$app"
+#REMOVEME? Assuming the file is setup using ynh_config_add, the proper chmod/chowns are now already applied and it shouldn't be necessary to tweak perms | chown root: "/etc/cron.d/$app"
-chmod 644 "/etc/cron.d/$app"
+#REMOVEME? Assuming the file is setup using ynh_config_add, the proper chmod/chowns are now already applied and it shouldn't be necessary to tweak perms | chmod 644 "/etc/cron.d/$app"
 
 #=================================================
 # END OF SCRIPT
 #=================================================
 
-ynh_script_progression --message="Installation of $app completed" --last
+ynh_script_progression "Installation of $app completed"

scripts/remove

@@ -1,30 +1,24 @@
 #!/bin/bash
 
-#=================================================
-# GENERIC START
-#=================================================
-# IMPORT GENERIC HELPERS
-#=================================================
-
 source _common.sh
 source /usr/share/yunohost/helpers
 
 #=================================================
 # REMOVE SYSTEM CONFIGURATIONS
 #=================================================
-ynh_script_progression --message="Removing system configurations related to $app..." --weight=1
+ynh_script_progression "Removing system configurations related to $app..."
 
 # Remove the dedicated NGINX config
-ynh_remove_nginx_config
+ynh_config_remove_nginx
 
 # Remove the dedicated PHP-FPM config
-ynh_remove_fpm_config
+ynh_config_remove_phpfpm
 
 # Remove a cron file
-ynh_secure_remove --file="/etc/cron.d/$app"
+ynh_safe_rm "/etc/cron.d/$app"
 
 #=================================================
 # END OF SCRIPT
 #=================================================
 
-ynh_script_progression --message="Removal of $app completed" --last
+ynh_script_progression "Removal of $app completed"

scripts/restore

@@ -1,11 +1,5 @@
 #!/bin/bash
 
-#=================================================
-# GENERIC START
-#=================================================
-# IMPORT GENERIC HELPERS
-#=================================================
-
 # Keep this path for calling _common.sh inside the execution's context of backup and restore scripts
 source ../settings/scripts/_common.sh
 source /usr/share/yunohost/helpers
@@ -13,46 +7,43 @@ source /usr/share/yunohost/helpers
 #=================================================
 # RESTORE THE APP MAIN DIR
 #=================================================
-ynh_script_progression --message="Restoring the app main directory..." --weight=1
+ynh_script_progression "Restoring the app main directory..."
 
-ynh_restore_file --origin_path="$install_dir"
+ynh_restore "$install_dir"
-
-chmod -R o-rwx "$install_dir"
-chown -R $app:www-data "$install_dir"
 
+#REMOVEME? Assuming the install dir is setup using ynh_setup_source, the proper chmod/chowns are now already applied and it shouldn't be necessary to tweak perms | chmod -R o-rwx "$install_dir"
+#REMOVEME? Assuming the install dir is setup using ynh_setup_source, the proper chmod/chowns are now already applied and it shouldn't be necessary to tweak perms | chown -R $app:www-data "$install_dir"
 #=================================================
 # RESTORE THE PSQL DATABASE
 #=================================================
-ynh_script_progression --message="Restoring the PSQL database..." --weight=1
+ynh_script_progression "Restoring the PSQL database..."
 
-ynh_psql_connect_as --user=$db_user --password=$db_pwd --database=$db_name < ./db.sql
+ynh_psql_db_shell < ./db.sql
 
 #=================================================
 # RESTORE SYSTEM CONFIGURATIONS
 #=================================================
 # RESTORE THE PHP-FPM CONFIGURATION
 #=================================================
-ynh_script_progression --message="Restoring system configurations related to $app..." --weight=1
+ynh_script_progression "Restoring system configurations related to $app..."
 
 # Restore the file first, so it can have a backup if different
-ynh_restore_file --origin_path="/etc/php/$phpversion/fpm/pool.d/$app.conf"
+ynh_restore "/etc/php/$php_version/fpm/pool.d/$app.conf"
 
-ynh_restore_file --origin_path="/etc/nginx/conf.d/$domain.d/$app.conf"
+ynh_restore "/etc/nginx/conf.d/$domain.d/$app.conf"
 
-ynh_restore_file --origin_path="/etc/cron.d/$app"
+ynh_restore "/etc/cron.d/$app"
 
-#=================================================
-# GENERIC FINALIZATION
 #=================================================
 # RELOAD NGINX AND PHP-FPM
 #=================================================
-ynh_script_progression --message="Reloading NGINX web server and PHP-FPM..." --weight=1
+ynh_script_progression "Reloading NGINX web server and PHP-FPM..."
 
-ynh_systemd_action --service_name=php$phpversion-fpm --action=reload
+ynh_systemctl --service=php$php_version-fpm --action=reload
-ynh_systemd_action --service_name=nginx --action=reload
+ynh_systemctl --service=nginx --action=reload
 
 #=================================================
 # END OF SCRIPT
 #=================================================
 
-ynh_script_progression --message="Restoration completed for $app" --last
+ynh_script_progression "Restoration completed for $app"

scripts/upgrade

@@ -1,26 +1,12 @@
 #!/bin/bash
 
-#=================================================
-# GENERIC START
-#=================================================
-# IMPORT GENERIC HELPERS
-#=================================================
-
 source _common.sh
 source /usr/share/yunohost/helpers
 
-#=================================================
-# CHECK VERSION
-#=================================================
-
-upgrade_type=$(ynh_check_app_version_changed)
-
-#=================================================
-# STANDARD UPGRADE STEPS
 #=================================================
 # ENSURE DOWNWARD COMPATIBILITY
 #=================================================
-ynh_script_progression --message="Ensuring downward compatibility..."
+ynh_script_progression "Ensuring downward compatibility..."
 
 # If minutes or hour do not exist, create them
 if [ -z "${minutes:-}" ] || [ -z "${hour:-}" ]; then
@@ -34,7 +20,7 @@ fi
 # If the app is currently installed under a path, we warn the admin
 # that he should move the app under its own domain
 if [ "$path" != "/" ]; then
-  ynh_die --message="Since version 2.0.0, $app need to be installed under its own domain. \
+  ynh_die "Since version 2.0.0, $app need to be installed under its own domain. \
   Before upgrading, change $app URL: delete the path and switch to a new domain if needed."
 fi
 
@@ -42,9 +28,10 @@ fi
 # DOWNLOAD, CHECK AND UNPACK SOURCE
 #=================================================
 
-if [ "$upgrade_type" == "UPGRADE_APP" ]
+# FIXME: this is still supported but the recommendation is now to *always* re-setup the app sources wether or not the upstream sources changed
+if ynh_app_upstream_version_changed
 then
-  ynh_script_progression --message="Upgrading source files..."
+  ynh_script_progression "Upgrading source files..."
 
   # For aeneria source update, we use a temporary directory because
   # without it, patches can't be apply correctly:
@@ -62,66 +49,65 @@ then
   mv "$install_dir/private" "$tmpdir"
 
   # Replace the old aeneria by the new one
-  ynh_secure_remove --file="$install_dir"
+  ynh_safe_rm "$install_dir"
   mv "$tmpdir" "$install_dir"
-  ynh_secure_remove --file="$tmpdir"
+  ynh_safe_rm "$tmpdir"
 fi
 
-chown -R $app:www-data "$install_dir"
+#REMOVEME? Assuming the install dir is setup using ynh_setup_source, the proper chmod/chowns are now already applied and it shouldn't be necessary to tweak perms | chown -R $app:www-data "$install_dir"
-chmod -R 750 "$install_dir"
+#REMOVEME? Assuming the install dir is setup using ynh_setup_source, the proper chmod/chowns are now already applied and it shouldn't be necessary to tweak perms | chmod -R 750 "$install_dir"
-
 #=================================================
 # REAPPLY SYSTEM CONFIGURATIONS
 #=================================================
-ynh_script_progression --message="Upgrading system configurations related to $app..." --weight=1
+ynh_script_progression "Upgrading system configurations related to $app..."
 
 # Create a dedicated NGINX config
-ynh_add_nginx_config
+ynh_config_add_nginx
 
 # Create a dedicated PHP-FPM config
-ynh_add_fpm_config
+ynh_config_add_phpfpm
 
-ynh_add_config --template="aeneria.cron" --destination="/etc/cron.d/$app"
+ynh_config_add --template="aeneria.cron" --destination="/etc/cron.d/$app"
-chown root: "/etc/cron.d/$app"
+#REMOVEME? Assuming the file is setup using ynh_config_add, the proper chmod/chowns are now already applied and it shouldn't be necessary to tweak perms | chown root: "/etc/cron.d/$app"
-chmod 644 "/etc/cron.d/$app"
+#REMOVEME? Assuming the file is setup using ynh_config_add, the proper chmod/chowns are now already applied and it shouldn't be necessary to tweak perms | chmod 644 "/etc/cron.d/$app"
 
 #=================================================
 # SPECIFIC SETUP
 #=================================================
 # CONFIGURE AENERIA
 #=================================================
-ynh_script_progression --message="Configuring $app..." --weight=1
+ynh_script_progression "Configuring $app..."
 
-ynh_add_config --template=".env" --destination="$install_dir/.env"
+ynh_config_add --template=".env" --destination="$install_dir/.env"
 
 # Restrict rights to aeneria user only
-chmod 600 "$install_dir/.env"
+#REMOVEME? Assuming the file is setup using ynh_config_add, the proper chmod/chowns are now already applied and it shouldn't be necessary to tweak perms | chmod 600 "$install_dir/.env"
 
 #=================================================
 # UPGRADE AENERIA
 #=================================================
-ynh_script_progression --message="Upgrading $app..." --weight=1
+ynh_script_progression "Upgrading $app..."
 
 # Install dependencies and aeneria
 pushd $install_dir
-  ynh_exec_as $app php$phpversion bin/console cache:clear -n
+  ynh_exec_as_app php$php_version bin/console cache:clear -n
-  ynh_exec_as $app php$phpversion bin/console doctrine:migrations:migrate -n
+  ynh_exec_as_app php$php_version bin/console doctrine:migrations:migrate -n
 
   # Set admin user
   mail=$(ynh_user_get_info --username="$admin" --key='mail')
-  user_exists=$(ynh_exec_as $app php$phpversion bin/console aeneria:user:exist "$mail")
+  user_exists=$(ynh_exec_as_app php$php_version bin/console aeneria:user:exist "$mail")
   if [ $user_exists -eq 0 ]
   then
     user_pass=$(ynh_string_random)
-    ynh_exec_as $app php$phpversion bin/console aeneria:user:add "$mail" "$user_pass" -n
+    ynh_exec_as_app php$php_version bin/console aeneria:user:add "$mail" "$user_pass" -n
   fi
 
   # Regenerate RSA keys
-  ynh_exec_as $app php$phpversion bin/console aeneria:generate-key -n
+  ynh_exec_as_app php$php_version bin/console aeneria:generate-key -n
 popd
 
 #=================================================
 # END OF SCRIPT
 #=================================================
 
-ynh_script_progression --message="Upgrade of $app completed" --last
+ynh_script_progression "Upgrade of $app completed"

sources/patches/main-00-ldap-auth.patch

@@ -1,157 +0,0 @@
-commit 7a3e622666fa16ab124158cffec73d9a3e6748bf
-Author: Simon Mellerin <simon.mellerin@makina-corpus.com>
-Date:   Sun Jan 7 16:25:06 2024 +0100
-
-    YNH LDAP
-
-diff --git a/config/packages/security.yaml b/config/packages/security.yaml
-index 6c4457f1..e716ba39 100644
---- a/config/packages/security.yaml
-+++ b/config/packages/security.yaml
-@@ -11,6 +11,11 @@ security:
-             entity:
-                 class: App\Entity\User
-                 property: username
-+        ldap_user_provider:
-+            id: ynh.ldap.user.provider
-+        all_users:
-+            chain:
-+                providers: ['ldap_user_provider', 'app_user_provider']
-     firewalls:
-         dev:
-             pattern: ^/(_(profiler|wdt)|css|images|js)/
-@@ -22,7 +27,12 @@ security:
-             form_login:
-                 login_path: security.login
-                 check_path: security.login
-+                provider: app_user_provider
-                 enable_csrf: true
-+            http_basic_ldap:
-+                provider: ldap_user_provider
-+                service: ynh.ldap
-+                dn_string: 'uid={username},ou=users,dc=yunohost,dc=org'
-             logout:
-                 path: security.logout
-                 target: security.login
-diff --git a/config/services.yaml b/config/services.yaml
-index 3e770913..83fbec0d 100644
---- a/config/services.yaml
-+++ b/config/services.yaml
-@@ -104,3 +104,21 @@ services:
-
-     Aeneria\GrdfAdictApi\Client\GrdfAdictClientInterface:
-         alias: Aeneria\GrdfAdictApi\Client\GrdfAdictClient
-+
-+    ynh.ldap.user.provider:
-+        class: App\Security\YnhLdapUserProvider
-+        arguments:
-+            $ldap: '@ynh.ldap'
-+            $baseDn: "dc=yunohost,dc=org"
-+            # $searchDn: 'uid={username},ou=users,dc=yunohost,dc=org'
-+            $uidKey: "uid"
-+
-+    ynh.ldap:
-+        class: Symfony\Component\Ldap\Ldap
-+        arguments: ['@ynh.ldap.adapter']
-+        tags: ['ldap']
-+
-+    ynh.ldap.adapter:
-+        class: Symfony\Component\Ldap\Adapter\ExtLdap\Adapter
-+        arguments:
-+            - host: "localhost"
-diff --git a/src/Security/YnhLdapUserProvider.php b/src/Security/YnhLdapUserProvider.php
-new file mode 100755
-index 00000000..eb8b1149
---- /dev/null
-+++ b/src/Security/YnhLdapUserProvider.php
-@@ -0,0 +1,89 @@
-+<?php
-+
-+namespace App\Security;
-+
-+use App\Entity\User;
-+use App\Repository\UserRepository;
-+use Doctrine\ORM\EntityManagerInterface;
-+use Symfony\Component\Ldap\Entry;
-+use Symfony\Component\Ldap\LdapInterface;
-+use Symfony\Component\Ldap\Security\LdapUserProvider as SecurityLdapUserProvider;
-+use Symfony\Component\Security\Core\User\UserInterface;
-+
-+class YnhLdapUserProvider extends SecurityLdapUserProvider
-+{
-+    public function __construct(
-+        private EntityManagerInterface $entityManager,
-+        private UserRepository $userRepository,
-+        LdapInterface $ldap,
-+        string $baseDn,
-+        string $searchDn = null,
-+        string $searchPassword = null,
-+        array $defaultRoles = [],
-+        string $uidKey = null,
-+        string $filter = null,
-+        string $passwordAttribute = null,
-+        array $extraFields = [])
-+    {
-+        parent::__construct(
-+            $ldap,
-+            $baseDn,
-+            $searchDn,
-+            $searchPassword,
-+            $defaultRoles,
-+            $uidKey,
-+            $filter,
-+            $passwordAttribute,
-+            $extraFields,
-+        );
-+    }
-+
-+    /**
-+     * {@inheritdoc}
-+     */
-+    public function upgradePassword($user, string $newHashedPassword): void
-+    {
-+        return;
-+    }
-+
-+    /**
-+     * {@inheritdoc}
-+     */
-+    public function supportsClass(string $class)
-+    {
-+        return User::class === $class;
-+    }
-+
-+    /**
-+     * Loads a user from an LDAP entry.
-+     *
-+     * @return UserInterface
-+     */
-+    protected function loadUser(string $identifier, Entry $entry)
-+    {
-+        $email = $entry->getAttribute('mail');
-+
-+        // Dans le cadre de la connexion LDAP Yunohost,
-+        // on cherche l'utilisateur par son mail.
-+        //
-+        $user = $this->userRepository->findOneBy(['username' => $email]);
-+
-+        // Si l'utilisateur n'existe pas encore, on le crée.
-+        if (!$user) {
-+            $user = (new User())
-+                ->setUsername(\reset($email))
-+                ->setPassword(\bin2hex(\random_bytes(32)))
-+                ->setActive(true)
-+                ->setUpdatedAt(new \DateTimeImmutable())
-+            ;
-+
-+            $this->entityManager->persist($user);
-+            $this->entityManager->flush();
-+        }
-+
-+        return $user
-+            ->setUsername(\reset($email))
-+            ->setUserIdentifier($identifier)
-+        ;
-+    }
-+}
-+