1
0
Fork 0
mirror of https://github.com/YunoHost-Apps/lutim_ynh.git synced 2024-09-03 19:36:24 +02:00

Use a new permission to allow visitors

This commit is contained in:
Kay0u 2020-02-11 15:59:59 +07:00
parent 512d8ef915
commit d3b4829d7c
No known key found for this signature in database
GPG key ID: 7FF262C033518333
5 changed files with 34 additions and 14 deletions

View file

@ -9,7 +9,13 @@ permission=$3
added_groups=$4
if [ "$app" == __APP__ ]; then
if [ "$permission" = "upload images" ]; then
if [ "$added_groups" = "visitors" ]; then
ynh_app_setting_delete --app=$app --key=protected_regex
yunohost app ssowatconf
else
ynh_print_warn --message="This app doesn't support this authorisation, you can only add or remove visitors group."
fi
fi
fi

View file

@ -9,10 +9,16 @@ permission=$3
removed_groups=$4
if [ "$app" == __APP__ ]; then
if [ "$permission" = "upload images" ]; then
if [ "$removed_groups" = "visitors" ]; then
domain=$(ynh_app_setting_get --app=$app --key=domain)
path_url=$(ynh_app_setting_get --app=$app --key=path)
domain_regex=$(echo "$domain" | sed 's@-@.@g')
ynh_app_setting_set --app=$app --key=protected_regex --value="$domain_regex$path_url/stats/?$","$domain_regex$path_url/manifest.webapp/?$","$domain_regex$path_url/?$","$domain_regex$path_url/[d-m]/.*$"
yunohost app ssowatconf
else
ynh_print_warn --message="This app doesn't support this authorisation, you can only add or remove visitors group."
fi
fi
fi

View file

@ -27,7 +27,6 @@ app=$YNH_APP_INSTANCE_NAME
ynh_script_progression --message="Loading installation settings..." --weight=2
final_path=$(ynh_app_setting_get --app=$app --key=final_path)
is_public=$(ynh_app_setting_get --app=$app --key=is_public)
port=$(ynh_app_setting_get --app=$app --key=port)
#=================================================
@ -122,7 +121,7 @@ fi
#=================================================
ynh_script_progression --message="Reconfiguring SSOwat..."
if [ $is_public -eq 0 ]
if [ ! -z $(ynh_app_setting_get --app=$app --key=protected_regex) ] # Only user with a yunohost account can upload an image
then
# If the app is private, viewing images stays publicly accessible.
if [ "$new_path" == "/" ]; then

View file

@ -198,11 +198,11 @@ yunohost service add $app --log $final_path/log/production.log
#=================================================
ynh_script_progression --message="Configuring SSOwat..."
ynh_app_setting_set --app=$app --key=unprotected_uris --value="/"
ynh_permission_update --permission="main" --add="visitors"
ynh_permission_url --permission="main"
ynh_permission_create --permission="upload images" --allowed="visitors"
if [ $fis_public -eq 0 ]
if [ $is_public -eq 0 ]
then
# If the app is private, viewing images stays publicly accessible.
if [ "$path_url" == "/" ]; then
@ -212,6 +212,8 @@ then
# Modify the domain to be used in a regex
domain_regex=$(echo "$domain" | sed 's@-@.@g')
ynh_app_setting_set --app=$app --key=protected_regex --value="$domain_regex$path_url/stats/?$","$domain_regex$path_url/manifest.webapp/?$","$domain_regex$path_url/?$","$domain_regex$path_url/[d-m]/.*$"
ynh_permission_update --permission="upload images" --remove="visitors"
fi
#=================================================

View file

@ -49,7 +49,6 @@ ynh_script_progression --message="Ensuring downward compatibility..." --weight=2
if [ ! -z "$skipped_uris" ]; then
ynh_app_setting_delete --app=$app --key=skipped_uris
ynh_app_setting_set --app=$app --key=unprotected_uris --value="/"
fi
# if final_path isn't set, which can happens with old scripts, set final_path.
@ -262,7 +261,15 @@ chown $app -R /var/log/$app
#=================================================
ynh_script_progression --message="Upgrading permission..."
ynh_permission_url --permission="main"
if ! ynh_permission_exists --permission="upload images"
then
if [ -z $(ynh_app_setting_get --app=$app --key=protected_regex) ] # Everyone can upload image
then
ynh_permission_create --permission="upload images" --allowed="visitors"
else # Only user with a yunohost account can upload an image
ynh_permission_create --permission="upload images" --allowed="all_users"
fi
fi
#=================================================
# RELOAD NGINX