LDAP config

2024-09-03 18:26:10 +02:00 · 2023-12-14 17:15:30 +01:00 · 2023-12-14 17:15:30 +01:00 · 0577950caf
commit 0577950caf
parent 3be5ef7f64
5 changed files with 138 additions and 21 deletions
--- a/README.md
+++ b/README.md
@ -0,0 +1,44 @@
+<!--
+N.B.: This README was automatically generated by https://github.com/YunoHost/apps/tree/master/tools/README-generator
+It shall NOT be edited by hand.
+-->
+
+# Diacamma for YunoHost
+
+[![Integration level](https://dash.yunohost.org/integration/diacamma.svg)](https://dash.yunohost.org/appci/app/diacamma) ![Working status](https://ci-apps.yunohost.org/ci/badges/diacamma.status.svg) ![Maintenance status](https://ci-apps.yunohost.org/ci/badges/diacamma.maintain.svg)
+
+[![Install Diacamma with YunoHost](https://install-app.yunohost.org/install-with-yunohost.svg)](https://install-app.yunohost.org/?app=diacamma)
+
+*[Lire ce readme en français.](./README_fr.md)*
+
+> *This package allows you to install Diacamma quickly and simply on a YunoHost server.
+If you don't have YunoHost, please consult [the guide](https://yunohost.org/#/install) to learn how to install it.*
+
+## Overview
+
+Management application for volunteers (association, condominium)
+
+**Shipped version:** 23.12.14.16~ynh1
+
+**Demo:** https://asso.diacamma.org
+## Documentation and resources
+
+* Official app website: <https://www.diacamma.org>
+* Official admin documentation: <https://asso.diacamma.org/Docs>
+* Upstream app code repository: <https://github.com/Diacamma2>
+* YunoHost Store: <https://apps.yunohost.org/app/diacamma>
+* Report a bug: <https://github.com/YunoHost-Apps/diacamma_ynh/issues>
+
+## Developer info
+
+Please send your pull request to the [testing branch](https://github.com/YunoHost-Apps/diacamma_ynh/tree/testing).
+
+To try the testing branch, please proceed like that.
+
+``` bash
+sudo yunohost app install https://github.com/YunoHost-Apps/diacamma_ynh/tree/testing --debug
+or
+sudo yunohost app upgrade diacamma -u https://github.com/YunoHost-Apps/diacamma_ynh/tree/testing --debug
+```
+
+**More info regarding app packaging:** <https://yunohost.org/packaging_apps>
--- a/README_fr.md
+++ b/README_fr.md
@ -0,0 +1,44 @@
+<!--
+N.B.: This README was automatically generated by https://github.com/YunoHost/apps/tree/master/tools/README-generator
+It shall NOT be edited by hand.
+-->
+
+# Diacamma pour YunoHost
+
+[![Niveau d’intégration](https://dash.yunohost.org/integration/diacamma.svg)](https://dash.yunohost.org/appci/app/diacamma) ![Statut du fonctionnement](https://ci-apps.yunohost.org/ci/badges/diacamma.status.svg) ![Statut de maintenance](https://ci-apps.yunohost.org/ci/badges/diacamma.maintain.svg)
+
+[![Installer Diacamma avec YunoHost](https://install-app.yunohost.org/install-with-yunohost.svg)](https://install-app.yunohost.org/?app=diacamma)
+
+*[Read this readme in english.](./README.md)*
+
+> *Ce package vous permet d’installer Diacamma rapidement et simplement sur un serveur YunoHost.
+Si vous n’avez pas YunoHost, regardez [ici](https://yunohost.org/#/install) pour savoir comment l’installer et en profiter.*
+
+## Vue d’ensemble
+
+Application de gestion pour les bénévoles (association, copropriété)
+
+**Version incluse :** 23.12.14.16~ynh1
+
+**Démo :** https://asso.diacamma.org
+## Documentations et ressources
+
+* Site officiel de l’app : <https://www.diacamma.org>
+* Documentation officielle de l’admin : <https://asso.diacamma.org/Docs>
+* Dépôt de code officiel de l’app : <https://github.com/Diacamma2>
+* YunoHost Store: <https://apps.yunohost.org/app/diacamma>
+* Signaler un bug : <https://github.com/YunoHost-Apps/diacamma_ynh/issues>
+
+## Informations pour les développeurs
+
+Merci de faire vos pull request sur la [branche testing](https://github.com/YunoHost-Apps/diacamma_ynh/tree/testing).
+
+Pour essayer la branche testing, procédez comme suit.
+
+``` bash
+sudo yunohost app install https://github.com/YunoHost-Apps/diacamma_ynh/tree/testing --debug
+ou
+sudo yunohost app upgrade diacamma -u https://github.com/YunoHost-Apps/diacamma_ynh/tree/testing --debug
+```
+
+**Plus d’infos sur le packaging d’applications :** <https://yunohost.org/packaging_apps>
--- a/conf/extra_diacamma.json
+++ b/conf/extra_diacamma.json
@ -4,21 +4,55 @@
    "FORCE_SCRIPT_NAME":"/__APP__", 
    "LDAP_SERVERS": [{"host": "127.0.0.1", "port": 389, "use_ssl": false, "get_info": "NONE"}],
    "LDAP_ENGINE" : "OpenLDAP",
-    "LDAP_BIND_USER" : "cn=reader,dc=yunohost,dc=org",
+    "LDAP_BIND_USER" : "",
    "LDAP_BIND_PASSWORD" : "",
    "LDAP_ATTRIBUTES_MAP" : {"username": "uid", "first_name": "cn", "last_name": "sn", "email": "mail"},
    "LDAP_SEARCH_BASE" : "ou=users,dc=yunohost,dc=org",
    "LDAP_USER_SEARCH_FILTER" : "(&(|(objectclass=posixAccount))(uid=%uid)(permission=cn=__APP__.main,ou=permission,dc=yunohost,dc=org))",
    "LDAP_USER_MODEL_USERNAME_FIELD" : "uid",
-    "LDAP_UNCHECK_USER_ACTIVE" : false,
    "LDAP_USE_LDAP_GROUPS" : true,
-    "LDAP_USE_LDAP_GROUPS_FOR_ADMIN_STAFF_ONLY" : true,
-    "LDAP_SUPERUSER_GROUPS" : ["permission=cn=__APP__.admins,ou=permission,dc=yunohost,dc=org"],
-    "LDAP_STAFF_GROUPS" : [],
    "LDAP_GROUPS_SEARCH_BASE" : "ou=groups,dc=yunohost,dc=org",
    "LDAP_GROUPS_SEARCH_FILTER" : "(&(objectclass=top)(memberUid=*))",
    "LDAP_GROUP_MEMBER_ATTRIBUTE" : "memberUid",
    "LDAP_GROUPS_MAP" : {},
+    "LDAP_SUPERUSER_GROUPS" : ["permission=cn=__APP__.admins,ou=permission,dc=yunohost,dc=org"],
+    "LDAP_STAFF_GROUPS" : [],
    "LDAP_IGNORED_LOCAL_GROUPS" : [],
-    "AUTHENTICATION_BACKENDS" : ["django_auth_ldap3_ad.auth.LDAP3ADBackend"]   
+    "USER_READONLY": true,
+    "AUTHENTICATION_BACKENDS" : ["django_auth_ldap3_ad.auth.LDAP3ADBackend"],
+    "LOGGING" : {
+        "version": 1, 
+        "disable_existing_loggers": false,
+        "handlers": {
+            "logfile": {
+                "class": "logging.handlers.WatchedFileHandler", 
+                "filename": "__INSTALL_DIR__/django_error.log"
+            },
+            "console": {
+                "class": "logging.StreamHandler"
+            }
+        },
+        "loggers": {
+            "django": {
+                "level": "ERROR", 
+                "handlers": ["logfile", "console"], 
+                "propagate": false
+            },
+            "lucterios": {
+                "level": "WARNING", 
+                "handlers": ["logfile", "console"], 
+                "propagate": false
+            },
+            "diacamma": {
+                "level": "WARNING", 
+                "handlers": ["logfile", "console"], 
+                "propagate": false
+            },
+            "django_auth_ldap3_ad": {
+                "level": "WARNING", 
+                "handlers": ["logfile", "console"], 
+                "propagate": false
+            }, 
+        },
+    }
 }
--- a/manifest.toml
+++ b/manifest.toml
@ -6,20 +6,20 @@ name = "Diacamma"
 description.en = "Management application for volunteers (association, condominium)"
 description.fr = "Application de gestion pour les bénévoles (association, copropriété)"

-version = "23.10.25.13~ynh1"
+version = "23.12.14.16~ynh1"

 maintainers = ["Laurent Gay"]

 [upstream]
 license = "GNU General Public License v3.0"
 website = "https://www.diacamma.org"
-
-code = "https://github.com/Diacamma2/"
+demo = "https://asso.diacamma.org"
+code = "https://github.com/Diacamma2"
+admindoc = "https://asso.diacamma.org/Docs"

 [integration]
 yunohost = '>= 11.2'
-# List of supported archs using the dpkg --print-architecture nomenclature (amd64/i386/armhf/arm64), for example: ["amd64", "i386']
-architectures = "all" # TODO : handle the "all" option (no ["all"])
+architectures = "all"
 multi_instance = true
 ldap = true
 sso = false
@ -83,9 +83,10 @@ ram.runtime = "50M"
    # and store the corresponding setting $data_dir

    [resources.permissions]
-    # This will configure SSOwat permission for $domain/$path/
-    # The initial allowed group of user is configured via the init_main_permission question (public=visitors, private=all_users)
    main.url = "/"
+    admin.url = "/"
+    admin.show_tile = false
+    admin.allowed = "admins"

    [resources.apt]
    packages = "libxml2-dev,libxslt-dev,libjpeg-dev,libfreetype6,libfreetype6-dev,zlib1g-dev,libpq-dev,python3-pip,python3-dev,python3-tk,python3-pil,python3-venv,build-essential,pkg-config,postgresql,jq"
@ -96,9 +97,3 @@ ram.runtime = "50M"
    # This will automatically provision/deprovison a database and store the corresponding credentials in settings $db_user, $db_name, $db_pwd
    type = "postgresql"

-    [resources.permissions]
-    main.url = "/"
-    
-    admin.url = "/"
-    admin.show_tile = false    # This means that this permission won't correspond to a tile in YunoHost's user portal
-    admin.allowed = "admins"   # Initialize the access for the "admins" group ... You can also use an install question called `init_admin_permission` to let the server admin choose this.
--- a/scripts/install
+++ b/scripts/install
@ -12,11 +12,11 @@ pushd $install_dir
 python3 -m venv venv
 venv/bin/pip3 install -U lucterios lucterios-standard lucterios-contacts lucterios-documents
 venv/bin/pip3 install -U diacamma-asso diacamma-syndic diacamma-financial
-venv/bin/pip3 install -U gunicorn psycopg2-binary psycopg2
+venv/bin/pip3 install -U gunicorn psycopg2-binary psycopg2 django-auth-ldap3-ad
 venv/bin/lucterios_admin.py installed
 ynh_add_config --template="../conf/extra_diacamma.json" --destination="/tmp/extra.json"
 extra_json=$(jq -c . /tmp/extra.json)
-venv/bin/lucterios_admin.py add -n inst-${app} -p "${APPLITYPE}" -m "${MODULES}" -d "${DATABASE}" -e ''$extra_json''
+venv/bin/lucterios_admin.py add -n inst-${app} -p "${APPLITYPE}" -m "${MODULES}" -d "${DATABASE}" -e "'"$extra_json"'"
 popd

 refresh_collect