From 1622f13c134134b9ef98982cce93b97baa8625bb Mon Sep 17 00:00:00 2001 From: Nils VAN ZUIJLEN Date: Fri, 26 Mar 2021 18:13:57 +0100 Subject: [PATCH] Use SQL to configure the LDAP plugin cURL is too complicated, and we already have to use SQL to update the user Also remove the need to ask for a password --- conf/ldap.sql | 32 ++++++++++++++++++++++++++++++++ manifest.json | 5 ----- scripts/install | 8 ++++++-- scripts/upgrade | 8 ++++++++ 4 files changed, 46 insertions(+), 7 deletions(-) create mode 100644 conf/ldap.sql diff --git a/conf/ldap.sql b/conf/ldap.sql new file mode 100644 index 0000000..2c35f17 --- /dev/null +++ b/conf/ldap.sql @@ -0,0 +1,32 @@ +BEGIN; + +DELETE FROM `qa_options` WHERE `title` IN ( + 'ldap_authentication_attribute', + 'ldap_login_ad', + 'ldap_login_allow_normal', + 'ldap_login_filter', + 'ldap_login_fname', + 'ldap_login_generic_search', + 'ldap_login_hostname', + 'ldap_login_mail', + 'ldap_login_port', + 'ldap_login_sname' +); + +INSERT INTO `qa_options` (`title`, `content`) VALUES +('ldap_authentication_attribute', 'uid'), +('ldap_login_ad', ''), +('ldap_login_allow_normal', ''), +('ldap_login_filter', '(objectClass=mailAccount)'), +('ldap_login_fname', 'givenname'), +('ldap_login_generic_search', 'uid=USERNAME,ou=users,dc=yunohost,dc=org/mail=USERNAME,ou=users,dc=yunohost,dc=org'), +('ldap_login_hostname', 'ldap://localhost'), +('ldap_login_mail', 'mail'), +('ldap_login_port', '389'), +('ldap_login_sname', 'sn'); + +UPDATE `qa_users` SET `sessionsource` = 'ldap'; +INSERT INTO `qa_userlogins` (`userid`, `source`, `identifier`, `identifiermd5`) VALUES +((SELECT userid FROM `qa_users` WHERE `handle` = '__ADMIN__'), 'ldap', '__ADMIN_EMAIL__', UNHEX(MD5('__ADMIN_EMAIL__'))); + +COMMIT; diff --git a/manifest.json b/manifest.json index 6385cb2..bf873be 100644 --- a/manifest.json +++ b/manifest.json @@ -67,11 +67,6 @@ "name": "admin", "type": "user", "example": "johndoe" - }, - { - "name": "password", - "type": "password", - "example": "Choose a password" } ] } diff --git a/scripts/install b/scripts/install index c38527c..9480c70 100755 --- a/scripts/install +++ b/scripts/install @@ -30,7 +30,6 @@ admin=$YNH_APP_ARG_ADMIN email=`ynh_user_get_info "$admin" 'mail'` is_public=$YNH_APP_ARG_IS_PUBLIC language=$YNH_APP_ARG_LANGUAGE -password=$YNH_APP_ARG_PASSWORD q2a_name=${YNH_APP_ARG_Q2A_NAME// /%20} ### If it's a multi-instance app, meaning it can be installed several times independently @@ -202,8 +201,10 @@ ynh_systemd_action --service_name=nginx --action=reload # Installation with curl ynh_script_progression --message="Finalizing installation..." --weight=4 +admin_temp_pass=$(ynh_string_random 10) + ynh_local_curl "/index.php?qa=install" "create=Set+up+the+Database+including+User+Management" -ynh_local_curl "/index.php?qa=install" "handle=$admin" "password=$password" "email=$email" "super=Set+up+the+Super+Administrator" +ynh_local_curl "/index.php?qa=install" "handle=$admin" "password=$admin_temp_pass" "email=$email" "super=Set+up+the+Super+Administrator" ynh_local_curl_csrf "/index.php?qa=admin&qa_1=general"\ "option_site_title=$q2a_name"\ "option_site_url=https%3A%2F%2F$domain$path_url"\ @@ -216,6 +217,9 @@ ynh_local_curl_csrf "/index.php?qa=admin&qa_1=general"\ "dosaveoptions=1"\ "has_js=0" +ynh_replace_string --match_string="__ADMIN__" --replace_string="$admin" --target_file="../conf/ldap.sql" +ynh_replace_string --match_string="__ADMIN_EMAIL__" --replace_string="$email" --target_file="../conf/ldap.sql" +mysql -u $db_user -p${db_pwd} $db_name < ../conf/ldap.sql # Remove the public access ynh_permission_update --permission="main" --remove="visitors" diff --git a/scripts/upgrade b/scripts/upgrade index 9824e1f..bfcc721 100644 --- a/scripts/upgrade +++ b/scripts/upgrade @@ -78,6 +78,14 @@ ynh_abort_if_errors # DOWNLOAD, CHECK AND UNPACK SOURCE #================================================= +if grep 'qa-ldap-login' "$final_path/qa-include/pages/login.php" +then + has_ldap=1 +else + has_ldap=0 + ynh_print_warn "The LDAP plugin will be installed, but not configured, you'll have to do it in the Question2Answer admin" +fi + if [ "$upgrade_type" == "UPGRADE_APP" ] then ynh_script_progression --message="Upgrading source files..." --time --weight=1