diff --git a/conf/local.yaml b/conf/local.yaml index ef8501e..23f621d 100644 --- a/conf/local.yaml +++ b/conf/local.yaml @@ -132,14 +132,14 @@ kimai: # The following example rule will be expanded to (for user "foo"): # (&(&(objectClass=groupOfNames))(member=foo)) # default: empty - filter: (&(objectClass=posixGroup)) + filter: (&(objectClass=posixGroup)(cn=__APP__*)) # The following field is taken from the LDAP user entry and its # value is used in the filter above as "valueOfUsernameAttribute". # The attribute must be given in lowercase! # The example below uses "posix group style memberUid". # default: dn - usernameAttribute: uid + usernameAttribute: cn # Field that holds the group name, which will be used to map the # LDAP groups with Kimai roles (see groups mapping below). @@ -157,8 +157,8 @@ kimai: groups: # - { ldap_value: group1, role: ROLE_TEAMLEAD } # - { ldap_value: kimai_admin, role: ROLE_ADMIN } - - { ldap_value: __APP__.main, role: ROLE_USER } - - { ldap_value: __APP__.teamlead, role: ROLE_TEAMLEAD } - - { ldap_value: __APP__.admin, role: ROLE_ADMIN } - - { ldap_value: __APP__.super_admin, role: ROLE_SUPER_ADMIN } + - { ldap_value: "__APP__.main", role: ROLE_USER } + - { ldap_value: "__APP__.teamlead", role: ROLE_TEAMLEAD } + - { ldap_value: "__APP__.admin, role": ROLE_ADMIN } + - { ldap_value: "__APP__.super_admin", role: ROLE_SUPER_ADMIN } diff --git a/scripts/install b/scripts/install index ba33256..74f6ba7 100755 --- a/scripts/install +++ b/scripts/install @@ -192,8 +192,9 @@ chown -R $app: $final_path #================================================= ynh_print_info --message="Configuring SSOwat..." -ynh_permission_create --permission="teamlead" -ynh_permission_create --permission="admin" +ynh_permission_update --permission "main" --add "$admin" +ynh_permission_create --permission="teamlead" --allowed "$admin" +ynh_permission_create --permission="admin" --allowed "$admin" ynh_permission_create --permission="super_admin" --allowed "$admin" # Make app public if necessary