From addb04b4d8b70173e88ca7d0f67e80b0e232f3d7 Mon Sep 17 00:00:00 2001 From: Julien Malik Date: Thu, 20 Mar 2014 23:13:32 +0100 Subject: [PATCH 1/3] register admin - wip, getting 403 --- conf/user_getmail.py | 4 ++++ conf/user_getname.py | 4 ++++ conf/user_list.py | 3 +++ manifest.json | 13 +++++++++++++ scripts/install | 22 ++++++++++++++++++++-- 5 files changed, 44 insertions(+), 2 deletions(-) create mode 100644 conf/user_getmail.py create mode 100644 conf/user_getname.py create mode 100644 conf/user_list.py diff --git a/conf/user_getmail.py b/conf/user_getmail.py new file mode 100644 index 0000000..1930a7f --- /dev/null +++ b/conf/user_getmail.py @@ -0,0 +1,4 @@ +import sys, json +for i in json.loads(sys.stdin.readlines()[0])["Users"]: + if i["Username"] == sys.argv[1]: + print i["Mail"] \ No newline at end of file diff --git a/conf/user_getname.py b/conf/user_getname.py new file mode 100644 index 0000000..852371b --- /dev/null +++ b/conf/user_getname.py @@ -0,0 +1,4 @@ +import sys, json +for i in json.loads(sys.stdin.readlines()[0])["Users"]: + if i["Username"] == sys.argv[1]: + print i["Fullname"] \ No newline at end of file diff --git a/conf/user_list.py b/conf/user_list.py new file mode 100644 index 0000000..52994aa --- /dev/null +++ b/conf/user_list.py @@ -0,0 +1,3 @@ +import sys, json +userlist=json.loads(sys.stdin.readlines()[0])["Users"] +print "{0}".format("\n".join(i["Username"] for i in userlist)) diff --git a/manifest.json b/manifest.json index 6a211b4..4e8cc00 100644 --- a/manifest.json +++ b/manifest.json @@ -34,6 +34,19 @@ }, "choices": ["Yes", "No"], "default": "Yes" + }, + { + "name": "admin", + "ask": { + "en": "Admin user (must be an existing Yunohost user login)" + }, + "default": "homer" + }, + { + "name": "password", + "ask": { + "en": "Admin user password" + } } ] } diff --git a/scripts/install b/scripts/install index b6e9c83..91f87bf 100644 --- a/scripts/install +++ b/scripts/install @@ -4,11 +4,20 @@ domain=$1 path=$2 is_public=$3 +admin=$4 +password=$5 # Check domain/path availability sudo yunohost app checkurl $domain$path -a ghostblog if [[ ! $? -eq 0 ]]; then - exit 1 + exit 1 +fi + +# Check that admin user is an existing account +sudo yunohost user list | python ../conf/user_list.py | grep "^$admin$" >/dev/null +if [[ ! $? -eq 0 ]]; then + echo "Error : the chosen admin user does not exist" + exit 1 fi echo "Install dependencies..." @@ -74,10 +83,19 @@ sudo update-rc.d ynh-ghostblog defaults sudo service ynh-ghostblog start sudo yunohost app service ynh-ghostblog -l $logfile +echo "Setting up logrotate configuration..." sed -i "s@YNH_LOGFILE@$logfile@g" ../conf/logrotate sudo cp ../conf/logrotate /etc/logrotate.d/ynh-ghostblog -echo "Reloading Nginx..." +echo "Registering admin..." +admin_name=$(sudo yunohost user list | python ../conf/user_getname.py $admin) +admin_mail=$(sudo yunohost user list | python ../conf/user_getmail.py $admin) +curl -kL -X POST https://$domain$path/ghost/signup --data-url-encode "name=$admin_name&email=$admin_mail&password=$password" > /dev/null 2>&1 +sudo yunohost app setting ghostblog admin -v $admin +sudo yunohost app setting ghostblog password -v $password +echo "Reloading Nginx..." sudo service nginx reload sudo yunohost app ssowatconf + +echo "Success ! You can go to https://$domain$path/ghost to write your posts" From 1af29171e1015818c8b7d003ba1952ad7b0d0e82 Mon Sep 17 00:00:00 2001 From: Julien Malik Date: Mon, 24 Mar 2014 17:53:06 +0100 Subject: [PATCH 2/3] fix wrong curl arg --- scripts/install | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/scripts/install b/scripts/install index 91f87bf..15689a8 100644 --- a/scripts/install +++ b/scripts/install @@ -90,7 +90,7 @@ sudo cp ../conf/logrotate /etc/logrotate.d/ynh-ghostblog echo "Registering admin..." admin_name=$(sudo yunohost user list | python ../conf/user_getname.py $admin) admin_mail=$(sudo yunohost user list | python ../conf/user_getmail.py $admin) -curl -kL -X POST https://$domain$path/ghost/signup --data-url-encode "name=$admin_name&email=$admin_mail&password=$password" > /dev/null 2>&1 +curl -kL -X POST https://$domain$path/ghost/signup --data-urlencode "name=$admin_name&email=$admin_mail&password=$password" > /dev/null 2>&1 sudo yunohost app setting ghostblog admin -v $admin sudo yunohost app setting ghostblog password -v $password From 905b75db096b84fd73f34a4216d30049488c984e Mon Sep 17 00:00:00 2001 From: Julien Malik Date: Mon, 24 Mar 2014 22:15:07 +0100 Subject: [PATCH 3/3] finish admin setup, handle CSRF token --- scripts/install | 22 +++++++++++++++------- 1 file changed, 15 insertions(+), 7 deletions(-) diff --git a/scripts/install b/scripts/install index 15689a8..7f99233 100644 --- a/scripts/install +++ b/scripts/install @@ -87,15 +87,23 @@ echo "Setting up logrotate configuration..." sed -i "s@YNH_LOGFILE@$logfile@g" ../conf/logrotate sudo cp ../conf/logrotate /etc/logrotate.d/ynh-ghostblog -echo "Registering admin..." -admin_name=$(sudo yunohost user list | python ../conf/user_getname.py $admin) -admin_mail=$(sudo yunohost user list | python ../conf/user_getmail.py $admin) -curl -kL -X POST https://$domain$path/ghost/signup --data-urlencode "name=$admin_name&email=$admin_mail&password=$password" > /dev/null 2>&1 -sudo yunohost app setting ghostblog admin -v $admin -sudo yunohost app setting ghostblog password -v $password - echo "Reloading Nginx..." sudo service nginx reload sudo yunohost app ssowatconf +echo "Registering admin..." +admin_name=$(sudo yunohost user list | python ../conf/user_getname.py $admin) +admin_mail=$(sudo yunohost user list | python ../conf/user_getmail.py $admin) +curl -kL -X GET https://$domain$path/ghost/signup --cookie-jar cookie.txt > signup_get +csrf_token=$(cat signup_get | egrep csrf-param | egrep "content=\".+\"" -o | egrep "\".+\"" -o | cut -d '"' -f 2) +curl -kL -X POST https://$domain$path/ghost/signup/ \ + --cookie cookie.txt --header "X-CSRF-Token: $csrf_token" \ + --data-urlencode "name=$admin_name" \ + --data-urlencode "email=$admin_mail" \ + --data-urlencode "password=$password" \ + > /dev/null 2>&1 +sudo yunohost app setting ghostblog admin -v $admin +sudo yunohost app setting ghostblog password -v $password + + echo "Success ! You can go to https://$domain$path/ghost to write your posts"