YunoHost-Apps/agendav_ynh
1
0
Fork 0
mirror of https://github.com/YunoHost-Apps/agendav_ynh.git synced 2024-09-03 20:36:12 +02:00
Code Issues Activity Actions

Update to 2.2 to be able to toggle Certificate checks on will

Browse source
This commit is contained in:
Jean-Baptiste Holcroft 2017-10-27 17:54:59 +02:00
parent 6aef7cac93
commit 37249f444a
7 changed files with 33 additions and 67 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
check_process
View file

@ -3,8 +3,8 @@
; Manifest ; Manifest
domain="domain.tld" (DOMAIN) domain="domain.tld" (DOMAIN)
path="/path" (PATH) path="/path" (PATH)
is_public=1 (PUBLIC|public=1|private=0)
language="fr" language="fr"
disablecacheck=0
; pre-install ; pre-install
sudo yunohost domain add --verbose baikaldomain.tld --admin-password $PASSWORD sudo yunohost domain add --verbose baikaldomain.tld --admin-password $PASSWORD
sudo yunohost app install baikal -a "domain=baikaldomain.tld&path=/baikal&password=admin" sudo yunohost app install baikal -a "domain=baikaldomain.tld&path=/baikal&password=admin"

4
conf/app.src
View file

@ -1,4 +1,4 @@
SOURCE_URL=https://github.com/adobo/agendav/releases/download/2.0.0/agendav-2.0.0.tar.gz SOURCE_URL=https://github.com/adobo/agendav/releases/download/2.2.0/agendav-2.2.0.tar.gz
SOURCE_SUM=142e8d9ea0e3e6feacd1523c5cabc834fe8bc3e9dbae03034089758b9c3abb92 SOURCE_SUM=0056154ae0a7aa3401f4f24c51f0f2de3d1e97eaa83e74a2129714b67013129f
SOURCE_SUM_PRG=sha256sum SOURCE_SUM_PRG=sha256sum
SOURCE_FORMAT=tar.gz SOURCE_FORMAT=tar.gz

4
conf/php-fpm.conf
View file

@ -8,8 +8,8 @@ listen.group = www-data
listen.mode = 0600 listen.mode = 0600
; Unix user/group of processes. ; Unix user/group of processes.
user = __NAMETOCHANGE__ user = __USER__
group = __NAMETOCHANGE__ group = __USER__
; Choose how the process manager will control the number of child processes. ; Choose how the process manager will control the number of child processes.
pm = dynamic pm = dynamic

3
conf/settings.php
View file

@ -39,6 +39,9 @@ $app['caldav.baseurl'] = '{CALDAV_BASEURL}';
// Authentication method required by CalDAV server (basic or digest) // Authentication method required by CalDAV server (basic or digest)
$app['caldav.authmethod'] = 'basic'; $app['caldav.authmethod'] = 'basic';
// Do not verify SSL certificate, it is self signed
$app['caldav.certificate.verify'] = __CACHECK__;
// Whether to show public CalDAV urls // Whether to show public CalDAV urls
$app['caldav.publicurls'] = true; $app['caldav.publicurls'] = true;

8
manifest.json
View file

@ -53,6 +53,14 @@
"de", "en", "es", "fr", "it", "nl" "de", "en", "es", "fr", "it", "nl"
], ],
"default": "en" "default": "en"
},
{
"name": "disablecacheck",
"ask": {
"en": "Disable certificate checks? (if not using a valid certificate)"
},
"type": "boolean",
"default": false
} }
] ]
} }

23
scripts/install
View file

@ -13,6 +13,7 @@ ynh_abort_if_errors
domain=$YNH_APP_ARG_DOMAIN domain=$YNH_APP_ARG_DOMAIN
path_url=$YNH_APP_ARG_PATH path_url=$YNH_APP_ARG_PATH
language=$YNH_APP_ARG_LANGUAGE language=$YNH_APP_ARG_LANGUAGE
disablecacheck=$YNH_APP_ARG_DISABLECACHECK
# Set app specific variables # Set app specific variables
app=$YNH_APP_INSTANCE_NAME app=$YNH_APP_INSTANCE_NAME
@ -78,6 +79,12 @@ sed -i "s@{LOGDIR}@${LOGDIR}@g" "$conf_path"
sed -i "s@{TIMEZONE}@$(cat /etc/timezone)@g" "$conf_path" sed -i "s@{TIMEZONE}@$(cat /etc/timezone)@g" "$conf_path"
sed -i "s@{LANGUAGE}@${language}@g" "$conf_path" sed -i "s@{LANGUAGE}@${language}@g" "$conf_path"
if [ $disablecacheck -eq 0 ]; then
ynh_replace_string "__CACHECK__" "true" "$conf_path"
else
ynh_replace_string "__CACHECK__" "false" "$conf_path"
fi
# CalDAV config # CalDAV config
caldav_domain=$(ynh_app_setting_get "$caldav_app" domain) caldav_domain=$(ynh_app_setting_get "$caldav_app" domain)
caldav_path=$(ynh_app_setting_get "$caldav_app" path) caldav_path=$(ynh_app_setting_get "$caldav_app" path)
@ -87,18 +94,22 @@ sed -i "s@{CALDAV_DOMAIN}@${caldav_domain}@g" "$conf_path"
ynh_system_user_create "$app" ynh_system_user_create "$app"
chown -R root: "$final_path"
# Protect source code against modifications # Protect source code against modifications
find "${final_path}" -type f -exec chown root:root {} \; -exec chmod 644 {} \; #find "${final_path}" -type f -exec chown root:root {} \; -exec chmod 644 {} \;
find "${final_path}" -type d -exec chown root:root {} \; -exec chmod 755 {} \; #find "${final_path}" -type d -exec chown root:root {} \; -exec chmod 755 {} \;
# Only agendav user should write here # Only agendav user should write here
chown -hR $app: "${final_path}/web/var/cache/"{profiler,twig} chown -R $app "${final_path}/web/var/cache/"{profiler,twig}
chmod -R 750 "${final_path}/web/var/cache/"{profiler,twig} #chmod -R 750 "${final_path}/web/var/cache/"{profiler,twig}
# The agendav user should read here, but does not need to write # The agendav user should read here, but does not need to write
# Other users should not be able to read as it stores passwords. # Other users should not be able to read as it stores passwords.
find "${final_path}/web/config" -type f -exec chown root:$app {} \; -exec chmod 640 {} \; #find "${final_path}/web/config" -type f -exec chown root:$app {} \; -exec chmod 640 {} \;
find "${final_path}/web/config" -type d -exec chown root:$app {} \; -exec chmod 750 {} \; #find "${final_path}/web/config" -type d -exec chown root:$app {} \; -exec chmod 750 {} \;
chown -R $app "${final_path}/web/config/"
# Create log directory # Create log directory
install -m 750 -o $app -g adm -d "$LOGDIR" install -m 750 -o $app -g adm -d "$LOGDIR"

56
sources/patches/app-00-add-http-auth.patch
View file

@ -1,56 +0,0 @@
--- a/web/app/controllers.php
+++ b/web/app/controllers.php
@@ -71,13 +71,20 @@ $controllers->before(function(Request $request, Silex\Application $app) {
// processing the request
if ($app['session']->has('username')) {
$username = $app['session']->get('username');
- $preferences = $app['preferences.repository']->userPreferences($username);
- $app['user.preferences'] = $preferences;
- $app['user.timezone'] = $preferences->get('timezone');
- // Set application language
- $app['locale'] = $preferences->get('language');
- return;
+ // Clear user session if HTTP authentication changed
+ if (isset($_SERVER['PHP_AUTH_USER'])
+ && $username != $_SERVER['PHP_AUTH_USER']) {
+ $app['session']->clear();
+ } else {
+ $preferences = $app['preferences.repository']->userPreferences($username);
+ $app['user.preferences'] = $preferences;
+ $app['user.timezone'] = $preferences->get('timezone');
+
+ // Set application language
+ $app['locale'] = $preferences->get('language');
+ return;
+ }
}
if ($request->isXmlHttpRequest()) {
--- a/web/src/Controller/Authentication.php
+++ b/web/src/Controller/Authentication.php
@@ -33,7 +33,7 @@ class Authentication
{
$template_vars = [];
- if ($request->isMethod('POST')) {
+ if ($request->isMethod('POST') || isset($_SERVER['PHP_AUTH_USER'])) {
$result = $this->processLogin($request, $app);
if ($result === true) {
@@ -62,8 +62,13 @@ class Authentication
protected function processLogin(Request $request, Application $app)
{
- $user = $request->request->get('user');
- $password = $request->request->get('password');
+ if (isset($_SERVER['PHP_AUTH_USER']) && isset($_SERVER['PHP_AUTH_PW'])) {
+ $user = $_SERVER['PHP_AUTH_USER'];
+ $password = $_SERVER['PHP_AUTH_PW'];
+ } else {
+ $user = $request->request->get('user');
+ $password = $request->request->get('password');
+ }
if (empty($user) || empty($password)) {
return $app['translator']->trans('messages.error_empty_fields');