YunoHost-Apps/duniter_ynh
1
0
Fork 0
mirror of https://github.com/YunoHost-Apps/duniter_ynh.git synced 2024-09-03 18:26:35 +02:00
Code Issues Activity Actions

[fix] #89: Use new permission system

Browse source 
Use ynh_permission_* helpers
Keeping BMA accessible to visitors
and Duniter admin interface accessible to the selected admin
Remove deprecated permission system settings
This commit is contained in:
Moul 2020-10-02 20:26:21 +02:00
parent a32baa8b3e
commit 39f75cddff
1 changed files with 12 additions and 7 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

19
scripts/functions.sh
View file

@ -31,17 +31,22 @@ CONFIGURE_DUNITER () {
} }
CONFIG_SSOWAT () { CONFIG_SSOWAT () {
# Add admin to the allowed users # Protect senstive sub-routes to Duniter web admin interface, give access to choosen admin
yunohost app addaccess $app -u $admin if ! ynh_permission_exists --permission "admin"; then
ynh_permission_create --permission "admin" --url "/webui","/webmin" --allowed "$admin"
fi
# Protect senstive sub-routes # Add access to BMA
ynh_app_setting_set "$app" protected_uris "/webui","/webmin" ynh_permission_update --permission main --add visitors
# Duniter is public app, with only some parts restricted in nginx.conf
ynh_app_setting_set "$app" unprotected_uris "/","/modules"
# Set URL redirection from root to webadmin # Set URL redirection from root to webadmin
ynh_app_setting_set "$app" redirected_urls "{'$domain/':'$domain/webui'}" ynh_app_setting_set "$app" redirected_urls "{'$domain/':'$domain/webui'}"
# Remove deprecated permission system settings
if [ ! -z "$(ynh_app_setting_get --app=$app --key=protected_uris)" ]; then
ynh_app_setting_delete --app=$app --key=protected_uris
ynh_app_setting_delete --app=$app --key=unprotected_uris
fi
} }
CONFIG_NGINX () { CONFIG_NGINX () {