From 0a17a81f9c9fa9fad063669c44862600b943e0b4 Mon Sep 17 00:00:00 2001 From: ericgaspar Date: Mon, 8 Feb 2021 11:06:37 +0100 Subject: [PATCH] Fix permissions --- scripts/install | 13 +++++-------- scripts/upgrade | 16 +++++++++++++--- 2 files changed, 18 insertions(+), 11 deletions(-) diff --git a/scripts/install b/scripts/install index e0ef92b..698a9f6 100644 --- a/scripts/install +++ b/scripts/install @@ -146,11 +146,10 @@ phpversion=$(ynh_app_setting_get --app=$app --key=phpversion) #================================================= ynh_script_progression --message="Installing Piwigo with cURL..." --weight=5 -ynh_app_setting_set --app=$app --key=unprotected_uris --value="/" -# Reload SSOwat config -yunohost app ssowatconf +# Set the app as temporarily public for cURL call +ynh_permission_update --permission="main" --add="visitors" -# Reload Nginx +# Reload NGINX ynh_systemd_action --service_name=nginx --action=reload # Generate random password for admin @@ -238,11 +237,9 @@ ynh_add_fail2ban_config --logpath="/var/log/${app}FailedLogins.log" --failregex= ynh_script_progression --message="Configuring permissions..." # Make app public if necessary -if [ $is_public -eq 1 ] +if [ $is_public -eq 0 ] then - # Everyone can access the app. - # The "main" permission is automatically created before the install script. - ynh_permission_update --permission="main" --add="visitors" + ynh_permission_update --permission="main" --remove="visitors" fi #================================================= diff --git a/scripts/upgrade b/scripts/upgrade index 4539840..72ff468 100644 --- a/scripts/upgrade +++ b/scripts/upgrade @@ -190,9 +190,8 @@ chmod 755 -R $final_path/_data #================================================= ynh_script_progression --message="Upgrading Piwigo with cURL..." --weight=6 -ynh_app_setting_set --app=$app --key=unprotected_uris --value="/" -# Reload SSOwat config -yunohost app ssowatconf +# Set the app as temporarily public for cURL call +ynh_permission_update --permission="main" --add="visitors" # Reload NGINX ynh_systemd_action --service_name=nginx --action=reload @@ -279,6 +278,17 @@ chown $app: "/var/log/${app}FailedLogins.log" ynh_add_fail2ban_config --logpath="/var/log/${app}FailedLogins.log" --failregex="ip=" --max_retry=6 +#================================================= +# SETUP SSOWAT +#================================================= +ynh_script_progression --message="Configuring permissions..." + +# Make app public if necessary +if [ $is_public -eq 0 ] +then + ynh_permission_update --permission="main" --remove="visitors" +fi + #================================================= # GENERIC FINALIZATION #=================================================