diff --git a/conf/config.json b/conf/config.json index 95880f4..70efa3f 100644 --- a/conf/config.json +++ b/conf/config.json @@ -30,7 +30,7 @@ "ldap_groupfilter_objectclass": "posixGroup", "ldap_group_member_assoc_attribute": "memberUid", "ldap_host": "localhost", - "ldap_login_filter": "(&(|(objectclass=posixAccount))(uid=%uid))", + "ldap_login_filter": "(&(|(objectclass=posixAccount))(uid=%uid)(permission=cn=__APP__.main,ou=permission,dc=yunohost,dc=org))", "ldap_login_filter_mode": "0", "ldap_port": "389", "ldap_quota_attr": "userquota", diff --git a/scripts/install b/scripts/install index fdc279e..6b49c74 100755 --- a/scripts/install +++ b/scripts/install @@ -184,6 +184,7 @@ ynh_secure_remove --file="$nc_conf" nc_conf="$final_path/config.json" cp ../conf/config.json "$nc_conf" +ynh_replace_string --match_string="__APP__" --replace_string="$app" --target_file="$nc_conf" exec_occ config:import "$nc_conf" # Then remove the config file @@ -341,9 +342,7 @@ ynh_add_fail2ban_config --logpath="/home/yunohost.app/$app/data/nextcloud.log" - #================================================= ynh_script_progression --message="Configuring SSOwat..." -ynh_app_setting_set --app=$app --key=unprotected_uris --value="/" -ynh_app_setting_set --app=$app --key=skipped_regex \ - --value="$(sed 's/[\.\-]/\%&/g' <<< $domain)/%.well%-known/.*" +ynh_permission_create --permission="api" --label="api" --url="re:$(sed 's/[\.\-]/\%&/g' <<< $domain)/%.well%-known/.*" --allowed="visitors" "all_users" --auth_header="false" --show_tile="false" --protected="true" #================================================= # RELOAD NGINX diff --git a/scripts/upgrade b/scripts/upgrade index ebae4ab..eea4379 100755 --- a/scripts/upgrade +++ b/scripts/upgrade @@ -102,6 +102,12 @@ fi # Exit if an error occurs during the execution of the script ynh_abort_if_errors +if ynh_legacy_permissions_exists; then + ynh_legacy_permissions_delete_all + + ynh_permission_create --permission="api" --label="api" --url="re:$(sed 's/[\.\-]/\%&/g' <<< $domain)/%.well%-known/.*" --allowed="visitors" "all_users" --auth_header="false" --show_tile="false" --protected="true" +fi + #================================================= # UPGRADE DEPENDENCIES #================================================= @@ -328,8 +334,7 @@ then nc_conf="${final_path}/config.json" cp ../conf/config.json "$nc_conf" - ynh_replace_string --match_string="__DOMAIN__" --replace_string="$domain" --target_file="$nc_conf" - ynh_replace_string --match_string="__DATADIR__" --replace_string="$datadir" --target_file="$nc_conf" + ynh_replace_string --match_string="__APP__" --replace_string="$app" --target_file="$nc_conf" # Reneable the mail app if [ $mail_app_must_be_reactived -eq 1 ]; then @@ -458,15 +463,6 @@ ynh_add_fail2ban_config --logpath="/home/yunohost.app/$app/data/nextcloud.log" - #================================================= # GENERIC FINALIZATION -#================================================= -# SETUP SSOWAT -#================================================= -ynh_script_progression --message="Upgrading SSOwat configuration..." --weight=2 - -ynh_app_setting_set --app=$app --key=unprotected_uris --value="/" -ynh_app_setting_set --app=$app --key=skipped_regex \ - --value="$(sed 's/[\.\-]/\%&/g' <<< $domain)/%.well%-known/.*" - #================================================= # RELOAD NGINX #=================================================