diff --git a/conf/data.dat b/conf/data.dat deleted file mode 100644 index 6f792d7..0000000 --- a/conf/data.dat +++ /dev/null @@ -1 +0,0 @@ -a:17:{s:10:"forgot_url";N;s:4:"host";s:0:"";s:6:"basedn";s:27:"ou=users,dc=yunohost,dc=org";s:4:"port";s:0:"";s:9:"ld_server";N;s:7:"ld_attr";s:3:"uid";s:8:"ld_group";s:0:"";s:14:"ld_group_class";N;s:22:"ld_group_member_attrib";N;s:9:"ld_binddn";s:0:"";s:9:"ld_bindpw";s:0:"";s:10:"ldap_debug";b:0;s:11:"ld_anonbind";b:0;s:10:"ld_use_ssl";b:0;s:14:"allow_newusers";b:1;s:28:"advertise_admin_new_ldapuser";b:1;s:26:"send_password_by_mail_ldap";b:1;} diff --git a/conf/ldap_plugin.src b/conf/ldap_plugin.src index fbf5976..153525a 100644 --- a/conf/ldap_plugin.src +++ b/conf/ldap_plugin.src @@ -1,5 +1,5 @@ -SOURCE_URL=https://github.com/VSLCatena/ldap_login/archive/92fa2fc1abc7cd18e8005583855e468b57689616.zip -SOURCE_SUM=9fe8d2fe3be234939a5dd3a92836202400a38a6d8b8a9b4250a8a522fe53d437 +SOURCE_URL=https://piwigo.org/ext/download.php?rid=7036 +SOURCE_SUM=3c22652f6c0653aaeebe239435796748ee57612ad44e8e5f2553277545d36e5e SOURCE_SUM_PRG=sha256sum SOURCE_FORMAT=zip SOURCE_IN_SUBDIR=true diff --git a/manifest.json b/manifest.json index 87408c6..0b82713 100644 --- a/manifest.json +++ b/manifest.json @@ -6,7 +6,7 @@ "en": "photo gallery", "fr": "Galerie photo" }, - "version": "2.10.1~ynh1", + "version": "2.10.1~ynh2", "url": "http://piwigo.org", "license": "GPL-2.0", "maintainer": { diff --git a/scripts/_ynh_local_curl b/scripts/_ynh_local_curl new file mode 100644 index 0000000..ad0d1f7 --- /dev/null +++ b/scripts/_ynh_local_curl @@ -0,0 +1,45 @@ +#!/bin/bash +# Curl abstraction to help with POST requests to local pages (such as installation forms) +# For multiple calls, cookies are persisted between each call for the same app +# +# $domain and $path_url should be defined externally (and correspond to the domain.tld and the /path (of the app?)) +# +# example: ynh_local_curl "/install.php?installButton" "foo=$var1" "bar=$var2" +# +# usage: ynh_local_curl "page_uri" "key1=value1" "key2=value2" ... +# | arg: page_uri - Path (relative to $path_url) of the page where POST data will be sent +# | arg: key1=value1 - (Optionnal) POST key and corresponding value +# | arg: key2=value2 - (Optionnal) Another POST key and corresponding value +# | arg: ... - (Optionnal) More POST keys and values +# +# Requires YunoHost version 2.6.4 or higher. +ynh_local_curl () { + # Define url of page to curl + local local_page=$(ynh_normalize_url_path $1) + local full_path=$path_url$local_page + + if [ "${path_url}" == "/" ]; then + full_path=$local_page + fi + + local full_page_url=https://localhost$full_path + + # Concatenate all other arguments with '&' to prepare POST data + local POST_data="" + local arg="" + for arg in "${@:2}" + do + POST_data="${POST_data}${arg}&" + done + if [ -n "$POST_data" ] + then + # Add --data arg and remove the last character, which is an unecessary '&' + POST_data="--data ${POST_data::-1}" + fi + + # Wait untils nginx has fully reloaded (avoid curl fail with http2) + sleep 2 + + # Curl the URL + curl --silent --show-error -kL -H "Host: $domain" --resolve $domain:443:127.0.0.1 $POST_data "$full_page_url" --cookie-jar /tmp/ynh-$app-cookie.txt --cookie /tmp/ynh-$app-cookie.txt +} diff --git a/scripts/install b/scripts/install index b0fe7ff..b9a029e 100644 --- a/scripts/install +++ b/scripts/install @@ -8,6 +8,7 @@ source _common.sh source /usr/share/yunohost/helpers +source _ynh_local_curl #================================================= # MANAGE SCRIPT FAILURE @@ -190,13 +191,30 @@ cp ../conf/database.inc.php $final_path/local/config/database.inc.php ynh_store_file_checksum --file="$final_path/local/config/database.inc.php" #================================================= -# ADD LDAP PLUGINS +# ADD LDAP PLUGIN #================================================= ynh_script_progression --message="Configuring LDAP plugin..." -# Configure and activate LDAP plugin -ynh_mysql_connect_as --user=$db_name --password=$db_pwd --database=$db_name <<< "INSERT INTO plugins (id,state,version) VALUES ('Ldap_Login','active','1.1');" -cp ../conf/data.dat $final_path/plugins/Ldap_Login +# Activate the LDAP plugin using the WS API + +# Login with admin account +ynh_local_curl "/ws.php?format=json" "method=pwg.session.login" "username=$admin" "password=$adm_pwd" +# Get session token +status=$(ynh_local_curl "/ws.php?format=json" "method=pwg.session.getStatus") +pwg_token=$(jq --raw-output .result.pwg_token <<< $status) +# Install the Ldap_Login plugin +ynh_local_curl "/ws.php?format=json" "method=pwg.plugins.performAction" "action=install" "plugin=Ldap_Login" "pwg_token=$pwg_token" +# Activate the Ldap_Login plugin +ynh_local_curl "/ws.php?format=json" "method=pwg.plugins.performAction" "action=activate" "plugin=Ldap_Login" "pwg_token=$pwg_token" +# Log out +ynh_local_curl "/ws.php?format=json" "method=pwg.session.logout" + +# Edit Ldap_Login plugin configuration +ynh_mysql_connect_as --user=$db_name --password=$db_pwd --database=$db_name <<< "UPDATE piwigo_ldap_login_config SET value='ou=users,dc=yunohost,dc=org' WHERE param = 'ld_basedn'; +UPDATE piwigo_ldap_login_config SET value='uid' WHERE param = 'ld_user_attr'; +UPDATE piwigo_ldap_login_config SET value='' WHERE param = 'ld_binddn'; +UPDATE piwigo_ldap_login_config SET value='0' WHERE param = 'allow_new_users'; +UPDATE piwigo_ldap_login_config SET value='0' WHERE param = 'ld_group_user_active';" #================================================= # CONFIGURE FAIL2BAN diff --git a/scripts/upgrade b/scripts/upgrade index 7c3f91b..8fc0cec 100644 --- a/scripts/upgrade +++ b/scripts/upgrade @@ -8,6 +8,7 @@ source _common.sh source /usr/share/yunohost/helpers +source _ynh_local_curl #================================================= # LOAD SETTINGS @@ -232,13 +233,32 @@ cp ../conf/database.inc.php $final_path/local/config/database.inc.php ynh_store_file_checksum --file="$final_path/local/config/database.inc.php" #================================================= -# ADD LDAP PLUGINS +# CONFIGURE LDAP PLUGIN #================================================= ynh_script_progression --message="Configuring LDAP plugin..." -# Configure and activate LDAP plugin -ynh_mysql_connect_as --user=$db_name --password=$db_pwd --database=$db_name <<< "UPDATE plugins SET state='active' WHERE id='Ldap_Login';" -cp ../conf/data.dat $final_path/plugins/Ldap_Login +# Activate the LDAP plugin using the WS API + +# Login with admin account +ynh_local_curl "/ws.php?format=json" "method=pwg.session.login" "username=$admin" "password=$admin_pwd" +# Get session token +status=$(ynh_local_curl "/ws.php?format=json" "method=pwg.session.getStatus") +pwg_token=$(jq --raw-output .result.pwg_token <<< $status) +# Activate the Ldap_Login plugin +ynh_local_curl "/ws.php?format=json" "method=pwg.plugins.performAction" "action=activate" "plugin=Ldap_Login" "pwg_token=$pwg_token" +# Log out +ynh_local_curl "/ws.php?format=json" "method=pwg.session.logout" + +# Edit Ldap_Login plugin configuration +ynh_mysql_connect_as --user=$db_name --password=$db_pwd --database=$db_name <<< "UPDATE piwigo_ldap_login_config SET value='ou=users,dc=yunohost,dc=org' WHERE param = 'ld_basedn'; +UPDATE piwigo_ldap_login_config SET value='uid' WHERE param = 'ld_user_attr'; +UPDATE piwigo_ldap_login_config SET value='' WHERE param = 'ld_binddn'; +UPDATE piwigo_ldap_login_config SET value='0' WHERE param = 'allow_new_users'; +UPDATE piwigo_ldap_login_config SET value='0' WHERE param = 'ld_group_user_active';" +# Remove configuration file for older plugin version +if [ -f $final_path/plugins/Ldap_Login/data.dat ] ; then + ynh_secure_remove --file=$final_path/plugins/Ldap_Login/data.dat +fi #================================================= # UPGRADE FAIL2BAN