From 93d65042f8db8a8f3798adc2908aee51a5adca97 Mon Sep 17 00:00:00 2001 From: yalh76 Date: Sun, 19 Apr 2020 03:48:52 +0200 Subject: [PATCH] Implement YunoHost permissions for Kimai Roles --- conf/local.yaml | 7 +++---- manifest.json | 2 +- scripts/install | 10 ++++------ scripts/upgrade | 5 ++--- scripts/ynh_composer__2 | 8 +++++--- 5 files changed, 15 insertions(+), 17 deletions(-) diff --git a/conf/local.yaml b/conf/local.yaml index 8b189bf..797cf81 100644 --- a/conf/local.yaml +++ b/conf/local.yaml @@ -132,14 +132,14 @@ kimai: # The following example rule will be expanded to (for user "foo"): # (&(&(objectClass=groupOfNames))(member=foo)) # default: empty - filter: (&(objectClass=posixGroup)(cn=__APP__*)) + filter: (&(objectClass=posixGroup)(cn=__APP__*)) # The following field is taken from the LDAP user entry and its # value is used in the filter above as "valueOfUsernameAttribute". # The attribute must be given in lowercase! # The example below uses "posix group style memberUid". # default: dn - usernameAttribute: cn + usernameAttribute: dn # Field that holds the group name, which will be used to map the # LDAP groups with Kimai roles (see groups mapping below). @@ -149,7 +149,7 @@ kimai: # Field that holds the users dn in your LDAP group definition. # Value of this configuration is used in the filter (see above). # default: member - userDnAttribute: groupPermission + userDnAttribute: inheritPermission # Convert LDAP group name (nameAttribute) to Kimai role # You will very likely have to define mappings, unless your groups @@ -157,7 +157,6 @@ kimai: groups: # - { ldap_value: group1, role: ROLE_TEAMLEAD } # - { ldap_value: kimai_admin, role: ROLE_ADMIN } - - { ldap_value: "__APP__.main", role: ROLE_USER } - { ldap_value: "__APP__.teamlead", role: ROLE_TEAMLEAD } - { ldap_value: "__APP__.admin", role: ROLE_ADMIN } - { ldap_value: "__APP__.super_admin", role: ROLE_SUPER_ADMIN } diff --git a/manifest.json b/manifest.json index 10b636f..52f5c83 100644 --- a/manifest.json +++ b/manifest.json @@ -58,7 +58,7 @@ "de": "Ist dies eine öffentliche Applikation?", "cs": "Je tato aplikace veřejná?" }, - "default": true + "default": false }, { "name": "database", diff --git a/scripts/install b/scripts/install index 74f6ba7..d90e626 100755 --- a/scripts/install +++ b/scripts/install @@ -153,9 +153,8 @@ fi #================================================= ynh_print_info --message="Building Kimai 2..." -ynh_install_composer --phpversion="7.3" --workdir="$final_path" -ynh_composer_exec --phpversion="7.3" --workdir="$final_path" --commands="install --no-dev --optimize-autoloader" -ynh_composer_exec --phpversion="7.3" --workdir="$final_path" --commands="require zendframework/zend-ldap" +ynh_install_composer --phpversion="7.3" --workdir="$final_path" --install_args="--optimize-autoloader" +ynh_composer_exec --phpversion="7.3" --workdir="$final_path" --commands="require laminas/laminas-ldap" pushd "$final_path" php7.3 bin/console kimai:install -n @@ -192,9 +191,8 @@ chown -R $app: $final_path #================================================= ynh_print_info --message="Configuring SSOwat..." -ynh_permission_update --permission "main" --add "$admin" -ynh_permission_create --permission="teamlead" --allowed "$admin" -ynh_permission_create --permission="admin" --allowed "$admin" +ynh_permission_create --permission="teamlead" +ynh_permission_create --permission="admin" ynh_permission_create --permission="super_admin" --allowed "$admin" # Make app public if necessary diff --git a/scripts/upgrade b/scripts/upgrade index 09606b5..0dbb5b4 100755 --- a/scripts/upgrade +++ b/scripts/upgrade @@ -195,9 +195,8 @@ fi #================================================= ynh_print_info --message="Upgrading Kimai 2..." -ynh_install_composer --phpversion="7.3" --workdir="$final_path" -ynh_composer_exec --phpversion="7.3" --workdir="$final_path" --commands="install --no-dev --optimize-autoloader" -ynh_composer_exec --phpversion="7.3" --workdir="$final_path" --commands="require zendframework/zend-ldap" +ynh_install_composer --phpversion="7.3" --workdir="$final_path" --install_args="--optimize-autoloader" +ynh_composer_exec --phpversion="7.3" --workdir="$final_path" --commands="require laminas/laminas-ldap" pushd "$final_path" php7.3 bin/console kimai:update diff --git a/scripts/ynh_composer__2 b/scripts/ynh_composer__2 index 1b6aa80..ed22cab 100644 --- a/scripts/ynh_composer__2 +++ b/scripts/ynh_composer__2 @@ -24,14 +24,16 @@ ynh_composer_exec () { # Install and initialize Composer in the given directory # -# usage: ynh_install_composer --phpversion=phpversion [--workdir=$final_path] +# usage: ynh_install_composer --phpversion=phpversion [--workdir=$final_path] [--install_args="--optimize-autoloader"] # | arg: -w, --workdir - The directory from where the command will be executed. Default $final_path. +# | arg: -a, --install_args - Additional arguments provided to the composer install. Argument --no-dev already include ynh_install_composer () { # Declare an array to define the options of this helper. local legacy_args=vw - declare -Ar args_array=( [v]=phpversion= [w]=workdir= ) + declare -Ar args_array=( [v]=phpversion= [w]=workdir= [a]=install_args=) local phpversion local workdir + local install_args # Manage arguments with getopts ynh_handle_getopts_args "$@" workdir="${workdir:-$final_path}" @@ -43,6 +45,6 @@ ynh_install_composer () { || ynh_die "Unable to install Composer." # update dependencies to create composer.lock - ynh_composer_exec --phpversion="${phpversion}" --workdir="$workdir" --commands="install --no-dev" \ + ynh_composer_exec --phpversion="${phpversion}" --workdir="$workdir" --commands="install --no-dev $install_args" \ || ynh_die "Unable to update core dependencies with Composer." }