YunoHost-Apps/dotclear2_ynh
1
0
Fork 0
mirror of https://github.com/YunoHost-Apps/dotclear2_ynh.git synced 2024-09-03 18:26:29 +02:00
Code Issues Activity Actions 1

Merge pull request #41 from YunoHost-Apps/testing

Browse source 
Testing
This commit is contained in:
Kayou 2022-01-12 11:08:10 +01:00 committed by GitHub
commit e20ed68fb1
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
5 changed files with 217 additions and 22 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

56
conf/class.auth.ldap.php
View file

@ -29,6 +29,11 @@ class ldapDcAuth extends dcAuth
if ($info["count"] == 1)
{
# To be case sensitive
if ($info[0]['dn'] != "uid=".$user_id.",ou=users,".$this->base) {
return parent::checkUser($user_id, $pwd);
}
try
{
$this->con->begin();
@ -42,6 +47,13 @@ class ldapDcAuth extends dcAuth
$cur->user_name = $info[0]['sn'][0];
$cur->user_firstname = $info[0]['givenname'][0];
$cur->user_displayname = $info[0]['cn'][0];
$super_user = "__ADMIN__";
if ($super_user == $user_id) {
$cur->user_super = 1;
}
else {
$cur->user_super = 0;
}
# If the user exist, then we just update his password.
if ($this->core->userExists($user_id))
@ -59,18 +71,38 @@ class ldapDcAuth extends dcAuth
$cur->user_default_blog = 'default'; # Can change this, PR are welcome
$this->sudo(array($this->core,'addUser'), $cur);
# Possible roles:
#admin "administrator"
#usage "manage their own entries and comments"
#publish "publish entries and comments"
#delete "delete entries and comments"
#contentadmin "manage all entries and comments"
#categories "manage categories"
#media "manage their own media items"
#media_admin "manage all media items"
#pages "manage pages"
#blogroll "manage blogroll"
$this->sudo(array($this->core, 'setUserBlogPermissions'), $user_id, 'default', array('usage'=>true)); # Can change this, PR are welcome
# admin "administrator"
# contentadmin "manage all entries and comments"
# usage "manage their own entries and comments"
# publish "publish entries and comments"
# delete "delete entries and comments"
# categories "manage categories"
# media_admin "manage all media items"
# media "manage their own media items"
# pages "manage pages"
# blogroll "manage blogroll"
$permissions = array(
'admin' => "__BLOG_ADMIN__",
'contentadmin' => "__BLOG_CONTENTADMIN__",
'usage' => "__BLOG_USAGE__",
'publish' => "__BLOG_PUBLISH__",
'delete' => "__BLOG_DELETE__",
'categories' => "__BLOG_CATEGORIES__",
'media_admin' => "__BLOG_MEDIA_ADMIN__",
'media' => "__BLOG_MEDIA__",
'pages' => "__BLOG_PAGES__",
'blogroll' => "__BLOG_BLOGROLL__",
);
$set_perms = [];
foreach ($permissions as $perm_id => $v) {
if (is_string($v) && $v == "true") {
$set_perms[$perm_id] = true;
}
}
$this->sudo(array($this->core, 'setUserBlogPermissions'), $user_id, 'default', $set_perms, true);
}
$this->con->commit();
}
catch (Exception $e)
@ -89,7 +121,7 @@ class ldapDcAuth extends dcAuth
error_log("Failed to connect with the user ".$user_id);
}
}
return parent::checkUser($user_id, $pwd);
return parent::checkUser($user_id, $pwd);
}
}
?>

105
config_panel.toml Normal file
View file

@ -0,0 +1,105 @@
version = "1.0"
[main]
name = "Dotclear2 configuration"
[main.super_user]
name = "Main permission for YunoHost users"
[main.super_user.admin]
ask = "Super Administrator"
type = "user"
bind = "super_user:__FINALPATH__/inc/class.auth.ldap.php"
[ynh_users]
name = "Yunohost users"
help = "These permissions apply to the first connection of the user, the super user can change them in dotclear."
[ynh_users.main_permission]
name = "Permissions for YunoHost users"
[ynh_users.main_permission.blog_admin]
ask = "Administrator"
type = "boolean"
yes = "true"
no = "false"
bind = "'admin':__FINALPATH__/inc/class.auth.ldap.php"
[ynh_users.content]
name = "Content permissions"
visible = "blog_admin != 'true'"
[ynh_users.content.blog_contentadmin]
ask = "Manage all entries and comments"
type = "boolean"
yes = "true"
no = "false"
bind = "'contentadmin':__FINALPATH__/inc/class.auth.ldap.php"
[ynh_users.content.blog_usage]
ask = "Manage their own entries and comments"
type = "boolean"
yes = "true"
no = "false"
bind = "'usage':__FINALPATH__/inc/class.auth.ldap.php"
visible = "blog_contentadmin != 'true'"
[ynh_users.content.blog_publish]
ask = "Publish entries and comments"
type = "boolean"
yes = "true"
no = "false"
bind = "'publish':__FINALPATH__/inc/class.auth.ldap.php"
visible = "blog_contentadmin != 'true'"
[ynh_users.content.blog_delete]
ask = "Delete entries and comments"
type = "boolean"
yes = "true"
no = "false"
bind = "'delete':__FINALPATH__/inc/class.auth.ldap.php"
visible = "blog_contentadmin != 'true'"
[ynh_users.media]
name = "Media permissions"
visible = "blog_admin != 'true'"
[ynh_users.media.blog_media_admin]
ask = "Manage all media items"
type = "boolean"
yes = "true"
no = "false"
bind = "'media_admin':__FINALPATH__/inc/class.auth.ldap.php"
[ynh_users.media.blog_media]
ask = "Manage their own media items"
type = "boolean"
yes = "true"
no = "false"
bind = "'media':__FINALPATH__/inc/class.auth.ldap.php"
visible = "blog_media_admin != 'true'"
[ynh_users.other_permissions]
name = "Other permissions"
visible = "blog_admin != 'true'"
[ynh_users.other_permissions.blog_categories]
ask = "Manage categories"
type = "boolean"
yes = "true"
no = "false"
bind = "'categories':__FINALPATH__/inc/class.auth.ldap.php"
[ynh_users.other_permissions.blog_pages]
ask = "Manage pages"
type = "boolean"
yes = "true"
no = "false"
bind = "'pages':__FINALPATH__/inc/class.auth.ldap.php"
[ynh_users.other_permissions.blog_blogroll]
ask = "Manage blogroll"
type = "boolean"
yes = "true"
no = "false"
bind = "'blogroll':__FINALPATH__/inc/class.auth.ldap.php"

4
manifest.json
View file

@ -6,7 +6,7 @@
"en": "Blog publishing application",
"fr": "Moteur de blog"
},
"version": "2.20.1~ynh1",
"version": "2.20.1~ynh2",
"license": "GPL-2.0-or-later",
"url": "https://dotclear.org/",
"maintainer": {
@ -14,7 +14,7 @@
"email": "pierre@kayou.io"
},
"requirements": {
"yunohost": ">= 4.2.4"
"yunohost": ">= 4.3.2"
},
"multi_instance": true,
"services": [

24
scripts/install
View file

@ -134,8 +134,28 @@ ynh_replace_string --match_string="'DC_ADMIN_URL', ''" --replace_string="'DC_ADM
ynh_replace_string --match_string="'DC_ADMIN_MAILFROM', ''" --replace_string="'DC_ADMIN_MAILFROM', '$email'" --target_file=$php_config
# Adding LDAP login
cp ../conf/class.auth.ldap.php $final_path/inc/class.auth.ldap.php
ynh_replace_string --match_string="__APP__" --replace_string="$app" --target_file="$final_path/inc/class.auth.ldap.php"
blog_admin="false"
blog_contentadmin="false"
blog_usage="true"
blog_publish="false"
blog_delete="false"
blog_categories="false"
blog_media_admin="false"
blog_media="false"
blog_pages="false"
blog_blogroll="false"
ynh_app_setting_set --app=$app --key=blog_admin --value=$blog_admin
ynh_app_setting_set --app=$app --key=blog_contentadmin --value=$blog_contentadmin
ynh_app_setting_set --app=$app --key=blog_usage --value=$blog_usage
ynh_app_setting_set --app=$app --key=blog_publish --value=$blog_publish
ynh_app_setting_set --app=$app --key=blog_delete --value=$blog_delete
ynh_app_setting_set --app=$app --key=blog_categories --value=$blog_categories
ynh_app_setting_set --app=$app --key=blog_media_admin --value=$blog_media_admin
ynh_app_setting_set --app=$app --key=blog_media --value=$blog_media
ynh_app_setting_set --app=$app --key=blog_pages --value=$blog_pages
ynh_app_setting_set --app=$app --key=blog_blogroll --value=$blog_blogroll
ynh_add_config --template="../conf/class.auth.ldap.php" --destination="$final_path/inc/class.auth.ldap.php"
cat << EOF >> $php_config

50
scripts/upgrade
View file

@ -26,6 +26,17 @@ db_pwd=$(ynh_app_setting_get --app=$app --key=mysqlpwd)
password=$(ynh_app_setting_get --app=$app --key=password)
master_key=$(ynh_app_setting_get --app=$app --key=master_key)
blog_admin=$(ynh_app_setting_get --app=$app --key=blog_admin)
blog_contentadmin=$(ynh_app_setting_get --app=$app --key=blog_contentadmin)
blog_usage=$(ynh_app_setting_get --app=$app --key=blog_usage)
blog_publish=$(ynh_app_setting_get --app=$app --key=blog_publish)
blog_delete=$(ynh_app_setting_get --app=$app --key=blog_delete)
blog_categories=$(ynh_app_setting_get --app=$app --key=blog_categories)
blog_media_admin=$(ynh_app_setting_get --app=$app --key=blog_media_admin)
blog_media=$(ynh_app_setting_get --app=$app --key=blog_media)
blog_pages=$(ynh_app_setting_get --app=$app --key=blog_pages)
blog_blogroll=$(ynh_app_setting_get --app=$app --key=blog_blogroll)
#=================================================
# CHECK VERSION
#=================================================
@ -86,6 +97,38 @@ if ! ynh_permission_exists --permission="admin"; then
ynh_permission_create --permission="admin" --url="/admin" --allowed=$admin
fi
if [ -z "$blog_admin" ] ||
[ -z "$blog_contentadmin" ] ||
[ -z "$blog_usage" ] ||
[ -z "$blog_publish" ] ||
[ -z "$blog_delete" ] ||
[ -z "$blog_categories" ] ||
[ -z "$blog_media_admin" ] ||
[ -z "$blog_media" ] ||
[ -z "$blog_pages" ] ||
[ -z "$blog_blogroll" ]; then
blog_admin="false"
blog_contentadmin="false"
blog_usage="true"
blog_publish="false"
blog_delete="false"
blog_categories="false"
blog_media_admin="false"
blog_media="false"
blog_pages="false"
blog_blogroll="false"
ynh_app_setting_set --app=$app --key=blog_admin --value=$blog_admin
ynh_app_setting_set --app=$app --key=blog_contentadmin --value=$blog_contentadmin
ynh_app_setting_set --app=$app --key=blog_usage --value=$blog_usage
ynh_app_setting_set --app=$app --key=blog_publish --value=$blog_publish
ynh_app_setting_set --app=$app --key=blog_delete --value=$blog_delete
ynh_app_setting_set --app=$app --key=blog_categories --value=$blog_categories
ynh_app_setting_set --app=$app --key=blog_media_admin --value=$blog_media_admin
ynh_app_setting_set --app=$app --key=blog_media --value=$blog_media
ynh_app_setting_set --app=$app --key=blog_pages --value=$blog_pages
ynh_app_setting_set --app=$app --key=blog_blogroll --value=$blog_blogroll
fi
#=================================================
# CREATE DEDICATED USER
#=================================================
@ -164,8 +207,7 @@ ynh_replace_string --match_string="'DC_ADMIN_URL', ''" --replace_string="'DC_ADM
ynh_replace_string --match_string="'DC_ADMIN_MAILFROM', ''" --replace_string="'DC_ADMIN_MAILFROM', '$email'" --target_file=$php_config
# Adding LDAP login
cp ../conf/class.auth.ldap.php $final_path/inc/class.auth.ldap.php
ynh_replace_string "__APP__" "$app" $final_path/inc/class.auth.ldap.php
ynh_add_config --template="../conf/class.auth.ldap.php" --destination="$final_path/inc/class.auth.ldap.php"
cat << EOF >> $php_config
@ -183,14 +225,10 @@ chown $app:$app "$php_config"
# UPDATING DATABASE
#=================================================
ynh_permission_update --permission "admin" --add "visitors"
# Navigate to the admin panel to upgrade the database: https://dotclear.org/documentation/2.0/admin/upgrades
adminUrl="/admin/auth.php"
ynh_local_curl $adminUrl
ynh_permission_update --permission "admin" --remove "visitors"
#=================================================
# GENERIC FINALIZATION
#=================================================