New System Permission

check_process

@@ -14,9 +14,9 @@
 		setup_private=1
 		setup_public=1
 		upgrade=1
+		upgrade=1		from_commit=f356f5b8f496f626aba3ec0f9d9c40c4cb54e7f6
 		backup_restore=1
 		multi_instance=1
-		incorrect_path=1
 		port_already_use=0
 		change_url=0
 ;;; Levels

manifest.json

@@ -14,7 +14,7 @@
         "email": "pierre@kayou.io"
     },
     "requirements": {
-        "yunohost": ">= 3.2.0"
+        "yunohost": ">= 3.7.0"
     },
     "multi_instance": true,
     "services": [

scripts/install

@@ -49,7 +49,6 @@ ynh_webpath_register $app $domain $path_url
 
 ynh_app_setting_set $app domain $domain
 ynh_app_setting_set $app path $path_url
-ynh_app_setting_set $app is_public $is_public
 ynh_app_setting_set $app admin $admin
 
 #=================================================
@@ -154,10 +153,7 @@ ynh_store_file_checksum $php_config
 chown -R $app: $final_path
 
 # Set the app as temporarily public for curl call
-ynh_app_setting_set $app skipped_uris "/"
+ynh_permission_update --permission "main" --remove "all_users" --add "visitors"
-
-# Reload SSOwat config
-yunohost app ssowatconf
 
 # Reload Nginx
 systemctl reload nginx
@@ -167,20 +163,18 @@ installUrl="/admin/install/index.php"
 
 ynh_local_curl $installUrl "u_email=$email" "u_firstname=$firstname" "u_name=$lastname" "u_login=$admin" "u_pwd=$password" "u_pwd2=$password"
 
-ynh_app_setting_delete $app skipped_uris
-
 #=================================================
 # SETUP SSOWAT
 #=================================================
 
-# Make app public if necessary
+if [ $is_public -eq 0 ]; then
-if [ $is_public -eq 1 ]; then
+	ynh_permission_update --permission "main" --remove "visitors" --add "all_users"
-	# unprotected_uris allows SSO credentials to be passed anyway.
-	ynh_app_setting_set $app unprotected_uris "/"
-	# protect admin area
-	ynh_app_setting_set $app protected_uris "/admin"
 fi
 
+ynh_permission_create --permission "admin"
+
+ynh_permission_update --permission "admin" --add $admin
+
 #=================================================
 # RELOAD NGINX
 #=================================================

scripts/upgrade

@@ -30,13 +30,9 @@ master_key=$(ynh_app_setting_get $app master_key)
 #=================================================
 ynh_print_info "Ensuring downward compatibility..."
 
-# Fix is_public as a boolean value
+# Delete is_public if it exists
-if [ "$is_public" = "Yes" ]; then
+if [ ! -z $is_public ]; then
-	ynh_app_setting_set $app is_public 1
+	ynh_app_setting_delete --app=$app --key=is_public
-	is_public=1
-elif [ "$is_public" = "No" ]; then
-	ynh_app_setting_set $app is_public 0
-	is_public=0
 fi
 
 # If db_name doesn't exist, create it
@@ -179,15 +175,10 @@ chown -R $app: $final_path
 #=================================================
 # SETUP SSOWAT
 #=================================================
-ynh_print_info "Upgrading SSOwat configuration..."
 
-# Make app public if necessary
+if ynh_exec_warn_less ynh_permission_create --permission "admin"; then
-if [ $is_public -eq 1 ]
+	ynh_print_info "Upgrading SSOwat configuration..."
-then
+	ynh_permission_update --permission "admin" --add $admin
-	# unprotected_uris allows SSO credentials to be passed anyway
-	ynh_app_setting_set $app unprotected_uris "/"
-	# protect admin area
-	ynh_app_setting_set $app protected_uris "/admin"
 fi
 
 #=================================================