mirror of
https://github.com/YunoHost-Apps/agendav_ynh.git
synced 2024-09-03 20:36:12 +02:00
Update to 2.2 to be able to toggle Certificate checks on will
This commit is contained in:
Jean-Baptiste Holcroft
parent
6aef7cac93
commit
37249f444a
7 changed files with 33 additions and 67 deletions
|
|
@ -3,8 +3,8 @@
|
|||
; Manifest
|
||||
domain="domain.tld" (DOMAIN)
|
||||
path="/path" (PATH)
|
||||
is_public=1 (PUBLIC|public=1|private=0)
|
||||
language="fr"
|
||||
disablecacheck=0
|
||||
; pre-install
|
||||
sudo yunohost domain add --verbose baikaldomain.tld --admin-password $PASSWORD
|
||||
sudo yunohost app install baikal -a "domain=baikaldomain.tld&path=/baikal&password=admin"
|
||||
|
|
|
|||
|
|
@ -1,4 +1,4 @@
|
|||
SOURCE_URL=https://github.com/adobo/agendav/releases/download/2.0.0/agendav-2.0.0.tar.gz
|
||||
SOURCE_SUM=142e8d9ea0e3e6feacd1523c5cabc834fe8bc3e9dbae03034089758b9c3abb92
|
||||
SOURCE_URL=https://github.com/adobo/agendav/releases/download/2.2.0/agendav-2.2.0.tar.gz
|
||||
SOURCE_SUM=0056154ae0a7aa3401f4f24c51f0f2de3d1e97eaa83e74a2129714b67013129f
|
||||
SOURCE_SUM_PRG=sha256sum
|
||||
SOURCE_FORMAT=tar.gz
|
||||
|
|
|
|||
|
|
@ -8,8 +8,8 @@ listen.group = www-data
|
|||
listen.mode = 0600
|
||||
|
||||
; Unix user/group of processes.
|
||||
user = __NAMETOCHANGE__
|
||||
group = __NAMETOCHANGE__
|
||||
user = __USER__
|
||||
group = __USER__
|
||||
|
||||
; Choose how the process manager will control the number of child processes.
|
||||
pm = dynamic
|
||||
|
|
|
|||
|
|
@ -39,6 +39,9 @@ $app['caldav.baseurl'] = '{CALDAV_BASEURL}';
|
|||
// Authentication method required by CalDAV server (basic or digest)
|
||||
$app['caldav.authmethod'] = 'basic';
|
||||
|
||||
// Do not verify SSL certificate, it is self signed
|
||||
$app['caldav.certificate.verify'] = __CACHECK__;
|
||||
|
||||
// Whether to show public CalDAV urls
|
||||
$app['caldav.publicurls'] = true;
|
||||
|
||||
|
|
|
|||
|
|
@ -53,6 +53,14 @@
|
|||
"de", "en", "es", "fr", "it", "nl"
|
||||
],
|
||||
"default": "en"
|
||||
},
|
||||
{
|
||||
"name": "disablecacheck",
|
||||
"ask": {
|
||||
"en": "Disable certificate checks? (if not using a valid certificate)"
|
||||
},
|
||||
"type": "boolean",
|
||||
"default": false
|
||||
}
|
||||
]
|
||||
}
|
||||
|
|
|
|||
|
|
@ -13,6 +13,7 @@ ynh_abort_if_errors
|
|||
domain=$YNH_APP_ARG_DOMAIN
|
||||
path_url=$YNH_APP_ARG_PATH
|
||||
language=$YNH_APP_ARG_LANGUAGE
|
||||
disablecacheck=$YNH_APP_ARG_DISABLECACHECK
|
||||
|
||||
# Set app specific variables
|
||||
app=$YNH_APP_INSTANCE_NAME
|
||||
|
|
@ -78,6 +79,12 @@ sed -i "s@{LOGDIR}@${LOGDIR}@g" "$conf_path"
|
|||
sed -i "s@{TIMEZONE}@$(cat /etc/timezone)@g" "$conf_path"
|
||||
sed -i "s@{LANGUAGE}@${language}@g" "$conf_path"
|
||||
|
||||
if [ $disablecacheck -eq 0 ]; then
|
||||
ynh_replace_string "__CACHECK__" "true" "$conf_path"
|
||||
else
|
||||
ynh_replace_string "__CACHECK__" "false" "$conf_path"
|
||||
fi
|
||||
|
||||
# CalDAV config
|
||||
caldav_domain=$(ynh_app_setting_get "$caldav_app" domain)
|
||||
caldav_path=$(ynh_app_setting_get "$caldav_app" path)
|
||||
|
|
@ -87,18 +94,22 @@ sed -i "s@{CALDAV_DOMAIN}@${caldav_domain}@g" "$conf_path"
|
|||
|
||||
ynh_system_user_create "$app"
|
||||
|
||||
chown -R root: "$final_path"
|
||||
|
||||
# Protect source code against modifications
|
||||
find "${final_path}" -type f -exec chown root:root {} \; -exec chmod 644 {} \;
|
||||
find "${final_path}" -type d -exec chown root:root {} \; -exec chmod 755 {} \;
|
||||
#find "${final_path}" -type f -exec chown root:root {} \; -exec chmod 644 {} \;
|
||||
#find "${final_path}" -type d -exec chown root:root {} \; -exec chmod 755 {} \;
|
||||
|
||||
# Only agendav user should write here
|
||||
chown -hR $app: "${final_path}/web/var/cache/"{profiler,twig}
|
||||
chmod -R 750 "${final_path}/web/var/cache/"{profiler,twig}
|
||||
chown -R $app "${final_path}/web/var/cache/"{profiler,twig}
|
||||
#chmod -R 750 "${final_path}/web/var/cache/"{profiler,twig}
|
||||
|
||||
# The agendav user should read here, but does not need to write
|
||||
# Other users should not be able to read as it stores passwords.
|
||||
find "${final_path}/web/config" -type f -exec chown root:$app {} \; -exec chmod 640 {} \;
|
||||
find "${final_path}/web/config" -type d -exec chown root:$app {} \; -exec chmod 750 {} \;
|
||||
#find "${final_path}/web/config" -type f -exec chown root:$app {} \; -exec chmod 640 {} \;
|
||||
#find "${final_path}/web/config" -type d -exec chown root:$app {} \; -exec chmod 750 {} \;
|
||||
|
||||
chown -R $app "${final_path}/web/config/"
|
||||
|
||||
# Create log directory
|
||||
install -m 750 -o $app -g adm -d "$LOGDIR"
|
||||
|
|
|
|||
|
|
@ -1,56 +0,0 @@
|
|||
--- a/web/app/controllers.php
|
||||
+++ b/web/app/controllers.php
|
||||
@@ -71,13 +71,20 @@ $controllers->before(function(Request $request, Silex\Application $app) {
|
||||
// processing the request
|
||||
if ($app['session']->has('username')) {
|
||||
$username = $app['session']->get('username');
|
||||
- $preferences = $app['preferences.repository']->userPreferences($username);
|
||||
- $app['user.preferences'] = $preferences;
|
||||
- $app['user.timezone'] = $preferences->get('timezone');
|
||||
|
||||
- // Set application language
|
||||
- $app['locale'] = $preferences->get('language');
|
||||
- return;
|
||||
+ // Clear user session if HTTP authentication changed
|
||||
+ if (isset($_SERVER['PHP_AUTH_USER'])
|
||||
+ && $username != $_SERVER['PHP_AUTH_USER']) {
|
||||
+ $app['session']->clear();
|
||||
+ } else {
|
||||
+ $preferences = $app['preferences.repository']->userPreferences($username);
|
||||
+ $app['user.preferences'] = $preferences;
|
||||
+ $app['user.timezone'] = $preferences->get('timezone');
|
||||
+
|
||||
+ // Set application language
|
||||
+ $app['locale'] = $preferences->get('language');
|
||||
+ return;
|
||||
+ }
|
||||
}
|
||||
|
||||
if ($request->isXmlHttpRequest()) {
|
||||
--- a/web/src/Controller/Authentication.php
|
||||
+++ b/web/src/Controller/Authentication.php
|
||||
@@ -33,7 +33,7 @@ class Authentication
|
||||
{
|
||||
$template_vars = [];
|
||||
|
||||
- if ($request->isMethod('POST')) {
|
||||
+ if ($request->isMethod('POST') || isset($_SERVER['PHP_AUTH_USER'])) {
|
||||
$result = $this->processLogin($request, $app);
|
||||
|
||||
if ($result === true) {
|
||||
@@ -62,8 +62,13 @@ class Authentication
|
||||
|
||||
protected function processLogin(Request $request, Application $app)
|
||||
{
|
||||
- $user = $request->request->get('user');
|
||||
- $password = $request->request->get('password');
|
||||
+ if (isset($_SERVER['PHP_AUTH_USER']) && isset($_SERVER['PHP_AUTH_PW'])) {
|
||||
+ $user = $_SERVER['PHP_AUTH_USER'];
|
||||
+ $password = $_SERVER['PHP_AUTH_PW'];
|
||||
+ } else {
|
||||
+ $user = $request->request->get('user');
|
||||
+ $password = $request->request->get('password');
|
||||
+ }
|
||||
|
||||
if (empty($user) || empty($password)) {
|
||||
return $app['translator']->trans('messages.error_empty_fields');
|
||||
Loading…
Add table
Reference in a new issue