First SSO and progression

2024-09-03 18:16:20 +02:00 · 2020-04-19 14:28:25 +02:00 · 2020-04-19 14:28:25 +02:00 · 125e62ab0c
commit 125e62ab0c
parent 8410a5658d
5 changed files with 56 additions and 26 deletions
--- a/.pydevproject
+++ b/.pydevproject
@ -0,0 +1,5 @@
+<?xml version="1.0" encoding="UTF-8" standalone="no"?>
+<?eclipse-pydev version="1.0"?><pydev_project>
+<pydev_property name="org.python.pydev.PYTHON_PROJECT_INTERPRETER">Default</pydev_property>
+<pydev_property name="org.python.pydev.PYTHON_PROJECT_VERSION">python interpreter</pydev_property>
+</pydev_project>
--- a/scripts/install
+++ b/scripts/install
@ -38,6 +38,7 @@ source _settings.sh
 #=================================================
 # CHECK IF THE APP CAN BE INSTALLED WITH THESE ARGS
 #=================================================
+ynh_script_progression -t --message="Validating installation parameters..."

 final_path=/var/www/$app
 test ! -e "$final_path" || ynh_die "This path already contains a folder"
@ -53,6 +54,7 @@ ynh_webpath_register $app $domain $path_url
 #=================================================
 # STORE SETTINGS FROM MANIFEST
 #=================================================
+ynh_script_progression -t --message="Storing installation settings..."

 ynh_app_setting_set $app domain $domain
 ynh_app_setting_set $app path $path_url
@ -69,32 +71,36 @@ ynh_app_setting_set $app is_public $is_public
 # Find a free port
 port=$(ynh_find_port 8083)
 # Open this port
-ynh_print_info "Opening port $port"
+ynh_script_progression -t --message="Opening port $port..." --weight=5
 yunohost firewall allow --no-upnp TCP $port 2>&1
 ynh_app_setting_set $app port $port

 #=================================================
 # DOWNLOAD, CHECK AND UNPACK SOURCE
 #=================================================
-
+ynh_script_progression -t --message="Downloading sources to $final_path..." --weight=10
 ynh_app_setting_set $app final_path $final_path
-ynh_print_info "Downloading sources to $final_path"
 # Download, check integrity, uncompress and patch the source from app.src
 ynh_setup_source "$final_path"

 #=================================================
 # INSTALL DEPENDENCIES
 #=================================================
+ynh_script_progression -t --message="Installing dependencies..." --weight=15

-ynh_print_info "Installing dependencies and pip packages"
 ynh_install_app_dependencies $PKG_DEPENDENCIES
+ynh_script_progression -t --message="Installing dependencies..." --weight=15
 pip3 install --no-cache-dir --target $final_path/vendor -r $final_path/requirements.txt
+ynh_script_progression -t --message="Installing dependencies..." --weight=40
 pip3 install --no-cache-dir --upgrade --target $final_path/vendor -r $final_path/optional-requirements.txt

 #=================================================
 # NGINX CONFIGURATION
 #=================================================
 #Cannot use empty string for X-script-name, causes an issue in the python prg
+ynh_script_progression -t --message="Setting up system configuration..." --weight=5
+
+
 if [ $path_url = "/" ] ; then
 	ynh_replace_string "        proxy_set_header		X-Script-Name" "#       proxy_set_header		X-Script-Name" ../conf/nginx.conf
 fi
@ -121,7 +127,7 @@ ynh_add_systemd_config
 #=================================================
 # CREATE FILES AND DIRECTORIES
 #=================================================
-ynh_print_info "Creating files and directory"
+ynh_script_progression -t --message="Creating files and directory..."
 #Logic is as follow : if app is set to be publicly accessible, we will assume that the library should be set in "Share" multimedia directory
 # If app is set to be private but access is requested for all user, we will assume the same
 # If app is set to be private but access is limited to the admin user, we will set it inside his own multimedia directory.
@ -161,8 +167,7 @@ chown -R $app:$app /var/log/$app
 #=================================================
 # SET SQLITE DATABASE SETTINGS
 #=================================================
-
-ynh_print_info "Setting up database and settings"
+ynh_script_progression -t --message="Setting up database and settings..."
 #we need to start and stop the service so that initial app.db file is created and that we can set default data
 ynh_systemd_action

@ -221,6 +226,6 @@ fi
 #=================================================
 # RELOAD NGINX
 #=================================================
-ynh_print_info "Reload nginx and start $app"
+ynh_script_progression -t -l --message="Reload nginx and start $app..."
 systemctl reload nginx
 ynh_systemd_action
--- a/scripts/remove
+++ b/scripts/remove
@ -37,7 +37,7 @@ fi
 #=================================================

 # Remove the dedicated systemd config
-ynh_print_info "Removing systemd"
+ynh_script_progression -t --message="Removing systemd..."
 ynh_remove_systemd_config


@ -47,7 +47,7 @@ ynh_remove_systemd_config
 #=================================================

 # Remove metapackage and its dependencies
-ynh_print_info "Removing dependencies"
+ynh_script_progression -t --message="Removing Dependencies..."
 ynh_remove_app_dependencies


@ -56,7 +56,7 @@ ynh_remove_app_dependencies
 #=================================================

 # Remove the app directory securely
-ynh_print_info "Removing $final_path"
+ynh_script_progression -t --message="Removing $final_path..."
 ynh_secure_remove "$final_path"

 #=================================================
@ -64,7 +64,7 @@ ynh_secure_remove "$final_path"
 #=================================================

 # Remove the dedicated nginx config
-ynh_print_info "Removing nginx config"
+ynh_script_progression -t --message="Removing Nginx Config..."
 ynh_remove_nginx_config

 #=================================================
@ -80,14 +80,14 @@ ynh_remove_logrotate

 if yunohost firewall list | grep -q "\- $port$"
 then
-	ynh_print_info "Removing open port $port"
-	echo "Close port $port" >&2
+	ynh_script_progression -t --message="Closing port $port..."
 	yunohost firewall disallow TCP $port 2>&1
 fi

 #=================================================
 # SPECIFIC REMOVE
 #=================================================
+ynh_script_progression -t --message="Removing log and user $app..."

 # Remove the log files
 ynh_secure_remove "/var/log/$app/"
--- a/sources/patches/app-admin.html.patch
+++ b/sources/patches/app-admin.html.patch
@ -1,5 +1,5 @@
--- /home/nicolas/Bureau/calibre-web-06fde4fcd00fcd067a58939e1d9eabee62a86913/cps/templates/admin.html	2020-04-18 11:48:34.000000000 +0200
-+++ ./admin.html	2020-04-18 18:21:39.272422475 +0200
+--- a/cps/templates/admin.html	2020-04-18 11:48:34.000000000 +0200
+++ b/cps/templates/admin.html	2020-04-18 18:21:39.272422475 +0200
@@ -149,8 +149,6 @@
       </table>
 
--- a/sources/patches/app-web.patch
+++ b/sources/patches/app-web.patch
@ -1,10 +1,30 @@
--- /home/nicolas/Bureau/calibre-web-06fde4fcd00fcd067a58939e1d9eabee62a86913/cps/web.py	2020-04-18 11:48:34.000000000 +0200
-+++ ./web.py	2020-04-18 18:13:44.221590991 +0200
-@@ -1216,6 +1216,7 @@
-         user = ub.session.query(ub.User).filter(func.lower(ub.User.nickname) == form['username'].strip().lower()) \
-             .first()
-         if config.config_login_type == constants.LOGIN_LDAP and services.ldap and user and form['password'] != "":
-+            import_ldap_user()
-             login_result, error = services.ldap.bind_user(form['username'], form['password'])
-             if login_result:
-                 login_user(user, remember=True)
+--- a/cps/web.py	2020-04-18 11:48:34.000000000 +0200
+++ b/cps/web.py	2020-04-19 13:42:18.719536869 +0200
+@@ -1206,6 +1206,13 @@
+     if not config.db_configured:
+         log.debug(u"Redirect to initial configuration")
+         return redirect(url_for('admin.basic_configuration'))
+    if config.config_login_type == constants.LOGIN_LDAP and services.ldap:
+        import_ldap_users()
+        auth_user = request.headers.get('X-Remote-User')
+        if auth_user:
+            user = ub.session.query(ub.User).filter(func.lower(ub.User.nickname) == auth_user.strip().lower()).first()
+            log.info("Login of user %s", user.nickname)
+            login_user(user)
+     if current_user is not None and current_user.is_authenticated:
+         return redirect(url_for('web.index'))
+     if config.config_login_type == constants.LOGIN_LDAP and not services.ldap:
+@@ -1284,8 +1291,11 @@
+         logout_user()
+         if feature_support['oauth'] and (config.config_login_type == 2 or config.config_login_type == 3):
+             logout_oauth_user()
+-    log.debug(u"User logged out")
+-    return redirect(url_for('web.login'))
+        auth_user = request.headers.get('X-Remote-User')
+    if auth_user:
+        return redirect(request.host_url)
+    else:
+        return redirect(url_for('web.login'))
+ 
+ 
+ @web.route('/remote/login')