mirror of
https://github.com/YunoHost-Apps/kimai2_ynh.git
synced 2024-09-03 19:26:26 +02:00
Fix ldap
This commit is contained in:
parent
bf7ffa001c
commit
b8f47351c6
4 changed files with 36 additions and 13 deletions
24
README.md
24
README.md
|
@ -25,16 +25,26 @@ Shipped Version: **1.8**
|
|||
### Guidelines
|
||||
|
||||
1. Require dedicated domain like **kimai.domain.tld**.
|
||||
1. No LDAP support (blocked until upstream implements it)
|
||||
1. This app is multi-instance (you can have more then one Kimai instance running on a YunoHost server)
|
||||
|
||||
### Install
|
||||
|
||||
1. **App can be installed by YunoHost admin interface or by the following command:**
|
||||
|
||||
$ sudo yunohost app install https://github.com/YunoHost-Apps/kimai2_ynh
|
||||
1. Login details will be sent to the admin email.
|
||||
|
||||
## Documentation
|
||||
|
||||
* Official documentation: https://www.kimai.org/documentation
|
||||
|
||||
## YunoHost specific features
|
||||
|
||||
#### Multi-users support
|
||||
|
||||
LDAP is supported
|
||||
HTTP auth is not supporter
|
||||
Defaul Kimai2 roles are:
|
||||
* ROLE_USER
|
||||
* ROLE_TEAMLEAD
|
||||
* ROLE_ADMIN
|
||||
* ROLE_SUPER_ADMIN
|
||||
Those roles are directly managed using YunoHost permission system. User choosen during installation is granted the ROLE_SUPER_ADMIN
|
||||
|
||||
#### Supported architectures
|
||||
|
||||
* x86-64b - [](https://ci-apps.yunohost.org/ci/apps/kimai2/)
|
||||
|
|
|
@ -123,7 +123,7 @@ kimai:
|
|||
role:
|
||||
# baseDn to query for groups, MUST be set to activate the "group import"
|
||||
# default: empty (deactivated)
|
||||
baseDn: ou=groups, dc=kimai, dc=org
|
||||
baseDn: ou=permission, dc=yunohost, dc=org
|
||||
|
||||
# Filter to query user groups, all results will be matched against
|
||||
# the configured "groups" mapping below.
|
||||
|
@ -132,7 +132,7 @@ kimai:
|
|||
# The following example rule will be expanded to (for user "foo"):
|
||||
# (&(&(objectClass=groupOfNames))(member=foo))
|
||||
# default: empty
|
||||
filter: (&(objectClass=groupOfNames))
|
||||
filter: (&(objectClass=posixGroup))
|
||||
|
||||
# The following field is taken from the LDAP user entry and its
|
||||
# value is used in the filter above as "valueOfUsernameAttribute".
|
||||
|
@ -154,7 +154,11 @@ kimai:
|
|||
# Convert LDAP group name (nameAttribute) to Kimai role
|
||||
# You will very likely have to define mappings, unless your groups
|
||||
# are called "teamlead", "admin" or "super_admin"
|
||||
#groups:
|
||||
groups:
|
||||
# - { ldap_value: group1, role: ROLE_TEAMLEAD }
|
||||
# - { ldap_value: kimai_admin, role: ROLE_ADMIN }
|
||||
- { ldap_value: __APP__.main, role: ROLE_USER }
|
||||
- { ldap_value: __APP__.teamlead, role: ROLE_TEAMLEAD }
|
||||
- { ldap_value: __APP__.admin, role: ROLE_ADMIN }
|
||||
- { ldap_value: __APP__.super_admin, role: ROLE_SUPER_ADMIN }
|
||||
|
||||
|
|
|
@ -119,6 +119,7 @@ ynh_print_info --message="Configuring Kimai 2..."
|
|||
|
||||
# Configure registration
|
||||
sudo cp ../conf/local.yaml $final_path/config/packages/local.yaml
|
||||
ynh_replace_string "__APP__" "$app" "$final_path/config/packages/local.yaml"
|
||||
if [ $registration -eq 1 ]
|
||||
then
|
||||
ynh_replace_string "__REGISTRATION__" "true" "$final_path/config/packages/local.yaml"
|
||||
|
@ -154,6 +155,7 @@ ynh_print_info --message="Building Kimai 2..."
|
|||
|
||||
ynh_install_composer --phpversion="7.3" --workdir="$final_path"
|
||||
ynh_composer_exec --phpversion="7.3" --workdir="$final_path" --commands="install --no-dev --optimize-autoloader"
|
||||
ynh_composer_exec --phpversion="7.3" --workdir="$final_path" --commands="require zendframework/zend-ldap"
|
||||
|
||||
pushd "$final_path"
|
||||
php7.3 bin/console kimai:install -n
|
||||
|
@ -190,11 +192,15 @@ chown -R $app: $final_path
|
|||
#=================================================
|
||||
ynh_print_info --message="Configuring SSOwat..."
|
||||
|
||||
ynh_permission_create --permission="teamlead"
|
||||
ynh_permission_create --permission="admin"
|
||||
ynh_permission_create --permission="super_admin" --allowed "$admin"
|
||||
|
||||
# Make app public if necessary
|
||||
if [ $is_public -eq 1 ]
|
||||
then
|
||||
# unprotected_uris allows SSO credentials to be passed anyway.
|
||||
ynh_app_setting_set --app=$app --key=unprotected_uris --value="/"
|
||||
ynh_permission_update --permission "main" --add "visitors"
|
||||
fi
|
||||
|
||||
#=================================================
|
||||
|
|
|
@ -197,6 +197,7 @@ ynh_print_info --message="Upgrading Kimai 2..."
|
|||
|
||||
ynh_install_composer --phpversion="7.3" --workdir="$final_path"
|
||||
ynh_composer_exec --phpversion="7.3" --workdir="$final_path" --commands="install --no-dev --optimize-autoloader"
|
||||
ynh_composer_exec --phpversion="7.3" --workdir="$final_path" --commands="require zendframework/zend-ldap"
|
||||
|
||||
pushd "$final_path"
|
||||
php7.3 bin/console kimai:update
|
||||
|
@ -226,11 +227,13 @@ chown -R $app: $final_path
|
|||
#=================================================
|
||||
ynh_print_info --message="Upgrading SSOwat configuration..."
|
||||
|
||||
ynh_permission_create --permission="super_admin" --allowed "$admin"
|
||||
|
||||
# Make app public if necessary
|
||||
if [ $is_public -eq 1 ]
|
||||
then
|
||||
# unprotected_uris allows SSO credentials to be passed anyway
|
||||
ynh_app_setting_set --app=$app --key=unprotected_uris --value="/"
|
||||
# unprotected_uris allows SSO credentials to be passed anyway.
|
||||
ynh_permission_update --permission "main" --add "visitors"
|
||||
fi
|
||||
|
||||
#=================================================
|
||||
|
|
Loading…
Add table
Reference in a new issue