diff --git a/README.md b/README.md index a5b0a0b..4a8d2dc 100644 --- a/README.md +++ b/README.md @@ -18,5 +18,6 @@ What does not work yet: see Issues What works: - Install, upgrade, remove, backup, restore +- Automatic login - Sync YNH users with Dolibarr users - Sync YNH users with members in Dolibarr diff --git a/check_process b/check_process index 329a97d..33912c1 100644 --- a/check_process +++ b/check_process @@ -3,19 +3,19 @@ ; Manifest domain="domain.tld" (DOMAIN) path="/dolibarr" (PATH) - password="admin" (PASSWORD) - is_public=0 (PUBLIC|public=0|private=1) + admin="homer" (USER) + member="1" ; Checks pkg_linter=1 setup_sub_dir=1 setup_root=1 setup_nourl=0 setup_private=1 - setup_public=1 + setup_public=0 upgrade=1 backup_restore=1 - multi_instance=0 - wrong_user=0 + multi_instance=1 + wrong_user=1 wrong_path=1 incorrect_path=1 corrupt_source=0 @@ -26,8 +26,8 @@ Level 1=auto Level 2=auto Level 3=auto - Level 4=na -# LDAP is not integrated yet + Level 4=1 +# LDAP is integrated with HTTP auth Level 5=auto Level 6=auto Level 7=auto diff --git a/conf/ldap_member.sql b/conf/ldap_member.sql index bc0b091..b8dba1e 100644 --- a/conf/ldap_member.sql +++ b/conf/ldap_member.sql @@ -5,7 +5,6 @@ REPLACE INTO ynh_const (`name`, `value`, `type`) VALUES ('LDAP_MEMBER_FIELD_NAME', 'sn', 'chaine'), ('LDAP_MEMBER_FIELD_LOGIN', 'uid', 'chaine'), ('LDAP_MEMBER_FIELD_MAIL', 'mail', 'chaine'), -('LDAP_MEMBER_FIELD_PASSWORD_CRYPTED', 'userPassword', 'chaine'), ('LDAP_MEMBER_FILTER', '&(objectClass=posixAccount)', 'chaine'), ('LDAP_MEMBER_OBJECT_CLASS', 'organizationalUnit,top', 'chaine'), ('LDAP_MEMBER_FIELD_MAIL', 'mail', 'chaine'), diff --git a/conf/ldap_user.sql b/conf/ldap_user.sql index 5c26a7e..aa4dd60 100644 --- a/conf/ldap_user.sql +++ b/conf/ldap_user.sql @@ -8,5 +8,4 @@ REPLACE INTO ynh_const (`name`, `value`, `type`) VALUES ('LDAP_FIELD_FIRSTNAME', 'givenName', 'chaine'), ('LDAP_FIELD_MAIL', 'mail', 'chaine'), ('LDAP_KEY_USERS', 'uid', 'chaine'), -('LDAP_FIELD_PASSWORD_CRYPTED', 'userPassword', 'chaine'), ('LDAP_SYNCHRO_ACTIVE', 'ldap2dolibarr', 'chaine'); diff --git a/conf/nginx.conf b/conf/nginx.conf index 944a41f..be2d9fb 100644 --- a/conf/nginx.conf +++ b/conf/nginx.conf @@ -17,4 +17,7 @@ location YNH_WWW_PATH/ { fastcgi_param PATH_INFO $fastcgi_path_info; fastcgi_param SCRIPT_FILENAME $request_filename; } + + # show YunoHost panel access + include conf.d/yunohost_panel.conf.inc; } diff --git a/hooks/post_user_create b/hooks/post_user_create index 418fecb..a9b62cc 100644 --- a/hooks/post_user_create +++ b/hooks/post_user_create @@ -4,13 +4,10 @@ src_path=/var/www/$app user=YNH_USER member=YNH_MEMBER -# If YNH users should be users, sync users - if [ $user = 1 ]; - then - sudo sudo -u www-data php $src_path/scripts/user/sync_users_ldap2dolibarr.php commitiferror --server=localhost -y - fi +# Sync users + sudo sudo -u www-data php $src_path/scripts/user/sync_users_ldap2dolibarr.php commitiferror --server=localhost -y -# If YNH users should be members, sync members +# If YNH users should also be members, sync members if [ $member = 1 ]; then sudo sudo -u www-data php $src_path/scripts/members/sync_members_ldap2dolibarr.php commitiferror 1 --server=localhost -y diff --git a/hooks/post_user_delete b/hooks/post_user_delete deleted file mode 100644 index 418fecb..0000000 --- a/hooks/post_user_delete +++ /dev/null @@ -1,17 +0,0 @@ -#!/bin/bash -app=YNH_APP -src_path=/var/www/$app -user=YNH_USER -member=YNH_MEMBER - -# If YNH users should be users, sync users - if [ $user = 1 ]; - then - sudo sudo -u www-data php $src_path/scripts/user/sync_users_ldap2dolibarr.php commitiferror --server=localhost -y - fi - -# If YNH users should be members, sync members - if [ $member = 1 ]; - then - sudo sudo -u www-data php $src_path/scripts/members/sync_members_ldap2dolibarr.php commitiferror 1 --server=localhost -y - fi diff --git a/manifest.json b/manifest.json index 9056925..fd46543 100644 --- a/manifest.json +++ b/manifest.json @@ -15,7 +15,7 @@ "requirements": { "yunohost": ">> 2.4.0" }, - "multi_instance": false, + "multi_instance": true, "services": [ "nginx", "php5-fpm", @@ -43,39 +43,22 @@ "default": "/dolibarr" }, { - "name": "password", - "type": "password", + "name": "admin", + "type": "user", "ask": { - "en": "Choose a strong password for the 'admin' user", - "fr": "Choisissez un mot de passe fort pour l'administrateur 'admin'" - } - }, - { - "name": "is_public", - "type": "boolean", - "ask": { - "en": "Is it a public site?", - "fr": "Est-ce un site public ?" + "en": "Choose an admin user", + "fr": "Choisissez l’administrateur" }, - "default": false - }, - { - "name": "user", - "type": "boolean", - "ask": { - "en": "Should YunoHost users be users in Dolibarr?", - "fr": "Les utilisateurs YunoHost doivent-ils être des utilisateurs Dolibarr ?" - }, - "default": true - }, + "example": "johndoe" + }, { "name": "member", "type": "boolean", "ask": { - "en": "Should YunoHost users be draft members in Dolibarr?", - "fr": "Les utilisateurs YunoHost doivent-ils être des adhérents à l'état brouillon dans Dolibarr ?" + "en": "Should YunoHost users also be added as members awaiting approval in Dolibarr?", + "fr": "Les utilisateurs YunoHost doivent-ils aussi être ajoutés comme adhérents en attente de validation dans Dolibarr ?" }, - "default": true + "default": false } ] } diff --git a/scripts/install b/scripts/install index 4021e52..4d9c558 100644 --- a/scripts/install +++ b/scripts/install @@ -10,9 +10,7 @@ version=$(cat ../sources/version) # Retrieve arguments domain=$YNH_APP_ARG_DOMAIN path=$YNH_APP_ARG_PATH - password=$YNH_APP_ARG_PASSWORD - is_public=$YNH_APP_ARG_IS_PUBLIC - user=$YNH_APP_ARG_USER + admin=$YNH_APP_ARG_ADMIN member=$YNH_APP_ARG_MEMBER # Correct path: puts a / at the start and nothing at the end @@ -25,12 +23,15 @@ version=$(cat ../sources/version) # Check domain/path availability sudo yunohost app checkurl "${domain}${path}" -a "$app" \ - || ynh_die "Path not available: ${domain}${path}" + || ynh_die "path not available: ${domain}${path}" + +# Check user parameter + ynh_user_exists "$admin" \ + || ynh_die "The chosen admin user does not exist." # Store settings ynh_app_setting_set $app domain $domain - ynh_app_setting_set $app is_public $is_public - ynh_app_setting_set $app user $user + ynh_app_setting_set $app admin $admin ynh_app_setting_set $app member $member ynh_app_setting_set $app version $version @@ -73,6 +74,7 @@ version=$(cat ../sources/version) sed -i "s@YNH_DBNAME@$dbname@g" ../sources/install.forced.php sed -i "s@YNH_DBUSER@$dbuser@g" ../sources/install.forced.php sed -i "s@YNH_DBPASS@$dbpass@g" ../sources/install.forced.php + sed -i "s@YNH_ADMIN@$admin@g" ../sources/install.forced.php if [ $member = 1 ]; then # If YNH users are members, we must activate the members module @@ -93,6 +95,9 @@ version=$(cat ../sources/version) ynh_app_setting_set "$app" unprotected_uris "/" sudo yunohost app ssowatconf + # Generate a random password for the admin user (will be ignored because of LDAP) + password=$(ynh_string_random 8) + # Install with CURL curl -kL -H "Host: $domain" -X POST https://$domain$path/install/fileconf.php > /dev/null 2>&1 curl -kL -H "Host: $domain" -X POST https://$domain$path/install/step1.php --data "testpost=ok&action=set&selectlang=fr_FR" > /dev/null 2>&1 @@ -102,13 +107,10 @@ version=$(cat ../sources/version) # Populate the LDAP parameters mysql -u ${dbuser} -p${dbpass} ${dbname} < ../conf/ldap.sql - - # If YNH users should be users, populate the database accordingly and sync users. Set the script as executable by all users to tackle a Hook limitation - if [ $user = 1 ]; - then - mysql -u ${dbuser} -p${dbpass} ${dbname} < ../conf/ldap_user.sql - sudo sudo -u www-data php $src_path/scripts/user/sync_users_ldap2dolibarr.php commitiferror --server=localhost -y - fi + + # Populate the database with YNH users. + mysql -u ${dbuser} -p${dbpass} ${dbname} < ../conf/ldap_user.sql + sudo sudo -u www-data php $src_path/scripts/user/sync_users_ldap2dolibarr.php commitiferror --server=localhost -y # If YNH users should be members, populate the database accordingly, create the member list, and sync members if [ $member = 1 ]; @@ -117,18 +119,15 @@ version=$(cat ../sources/version) sudo sudo -u www-data php $src_path/scripts/members/sync_members_ldap2dolibarr.php commitiferror 1 --server=localhost -y fi - # Enable SSO if chosen by the user - if [ $is_public = 0 ]; - then - ynh_app_setting_delete $app unprotected_uris - sudo yunohost app ssowatconf - fi + # Re-enable SSO if chosen by the user + ynh_app_setting_delete $app unprotected_uris + sudo yunohost app ssowatconf + +# Setup HTTP auth in conf + sudo sed -i "s@\$dolibarr_main_authentication='dolibarr';@\$dolibarr_main_authentication='http';@g" $src_path/htdocs/conf/conf.php # Setup hooks sed -i "s@YNH_APP@$app@g" ../hooks/post_user_create - sed -i "s@YNH_USER@$user@g" ../hooks/post_user_create sed -i "s@YNH_MEMBER@$member@g" ../hooks/post_user_create - sed -i "s@YNH_APP@$app@g" ../hooks/post_user_delete - sed -i "s@YNH_USER@$user@g" ../hooks/post_user_delete sed -i "s@YNH_MEMBER@$member@g" ../hooks/post_user_delete diff --git a/scripts/upgrade b/scripts/upgrade index ae19d85..269f27a 100755 --- a/scripts/upgrade +++ b/scripts/upgrade @@ -12,7 +12,6 @@ version=$(cat ../sources/version) # Retrieve app settings domain=$(ynh_app_setting_get "$app" domain) path=$(ynh_app_setting_get "$app" path) - is_public=$(ynh_app_setting_get "$app" is_public) old_version=$(ynh_app_setting_get "$app" version) # Copy source files @@ -65,12 +64,9 @@ version=$(cat ../sources/version) sudo chmod 444 $lock sudo chown www-data: $lock - # Enable SSO if chosen by the user - if [ $is_public = 0 ]; - then - ynh_app_setting_delete $app unprotected_uris - sudo yunohost app ssowatconf - fi + # Re-enable SSO + ynh_app_setting_delete $app unprotected_uris + sudo yunohost app ssowatconf # Store the new version ynh_app_setting_set $app version $version diff --git a/sources/install.forced.php b/sources/install.forced.php index d415ebc..267f849 100644 --- a/sources/install.forced.php +++ b/sources/install.forced.php @@ -38,7 +38,7 @@ $force_install_createuser = false; //$force_install_databaserootpass = ''; /** @var string Dolibarr super-administrator username */ -$force_install_dolibarrlogin = 'admin'; +$force_install_dolibarrlogin = 'YNH_ADMIN'; /** @var string Enable module(s) (Comma separated class names list) */ $force_install_module = 'modLdap';