From f0773968d1a7e5fb762544e8e79ba1da39dc27bd Mon Sep 17 00:00:00 2001 From: navanchauhan Date: Tue, 27 Dec 2022 17:11:31 -0500 Subject: [PATCH] remove admin/pwd --- conf/config.toml | 4 ++-- scripts/install | 8 ++++---- scripts/upgrade | 21 +++++++++++++++------ 3 files changed, 21 insertions(+), 12 deletions(-) diff --git a/conf/config.toml b/conf/config.toml index 566e417..5ca5112 100644 --- a/conf/config.toml +++ b/conf/config.toml @@ -9,8 +9,8 @@ address = "127.0.0.1:__PORT__" # be replaced with a better multi-user, role-based authentication system. # IMPORTANT: Leave both values empty to disable authentication on admin # only where an external authentication is already setup. -admin_username = "__ADMIN__" -admin_password = "__PASSWORD__" +admin_username = "" +admin_password = "" # Database. [db] diff --git a/scripts/install b/scripts/install index 28325fa..81d5a7b 100755 --- a/scripts/install +++ b/scripts/install @@ -28,8 +28,8 @@ ynh_abort_if_errors domain=$YNH_APP_ARG_DOMAIN path_url="/" is_public=$YNH_APP_ARG_IS_PUBLIC -admin=$YNH_APP_ARG_ADMIN -password=$YNH_APP_ARG_PASSWORD +admin="" +password="" app=$YNH_APP_INSTANCE_NAME @@ -209,12 +209,12 @@ then fi # Only the admin can access the admin panel of the app (if the app has an admin panel) -ynh_permission_create --permission="admin" --url="/admin" --allowed=$admin --auth_header=false +ynh_permission_create --permission="admin" --url="/admin" --additional_urls="/admin /api" --allowed=$admin --auth_header=false # Everyone can access the API part # We don't want to display the tile in the SSO so we put --show_tile="false" # And we don't want the YunoHost admin to be able to remove visitors group to this permission, so we put --protected="true" -ynh_permission_create --permission="api" --url="/api" --allowed="visitors" --show_tile="false" --protected="true" +ynh_permission_create --permission="api" --url="/public" --additional_urls="/api/public" --allowed="visitors" --show_tile="false" --protected="true" #================================================= # RELOAD NGINX diff --git a/scripts/upgrade b/scripts/upgrade index 8f4f7e7..7fc45db 100644 --- a/scripts/upgrade +++ b/scripts/upgrade @@ -70,14 +70,23 @@ fi if ! ynh_permission_exists --permission="admin"; then # Create the required permissions - ynh_permission_create --permission="admin" --url="/admin" --allowed=$admin --auth_header=false + ynh_permission_create --permission="admin" --url="/admin" --additional_urls="/admin /api" --allowed=$admin --auth_header=false fi # Create a permission if needed if ! ynh_permission_exists --permission="api"; then - ynh_permission_create --permission="api" --url="/api" --allowed="visitors" --show_tile="false" --protected="true" + ynh_permission_create --permission="api" --url="/public" --additional_urls="/api/public" --allowed="visitors" --show_tile="false" --protected="true" fi +if ynh_compare_current_package_version --comparison le --version 2.3.0~ynh1 + ynh_permission_delete --permission="admin" + ynh_permission_delete --permission="api" + + ynh_permission_create --permission="admin" --url="/admin" --additional_urls="/admin /api" --allowed=$admin --auth_header=false + ynh_permission_create --permission="api" --url="/public" --additional_urls="/api/public" --allowed="visitors" --show_tile="false" --protected="true" +then + + #================================================= # CREATE DEDICATED USER #================================================= @@ -144,12 +153,12 @@ ynh_exec_warn_less ynh_install_app_dependencies $pkg_dependencies #================================================= # UPDATE A CONFIG FILE #================================================= -# ynh_script_progression --message="Updating a configuration file..." --time --weight=1 +ynh_script_progression --message="Updating a configuration file..." --time --weight=1 -# ynh_add_config --template="../conf/config.toml" --destination="$final_path/config.toml" +ynh_add_config --template="../conf/config.toml" --destination="$final_path/config.toml" -# chmod 400 "$final_path/config.toml" -# chown $app:$app "$final_path/config.toml" +chmod 400 "$final_path/config.toml" +chown $app:$app "$final_path/config.toml" #================================================= # DATABASE CONFIGURATION