YunoHost-Apps/seafile_ynh
1
0
Fork 0
mirror of https://github.com/YunoHost-Apps/seafile_ynh.git synced 2024-09-03 20:26:01 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions

Add group-permission support

Browse source
This commit is contained in:
Josué Tille 2020-03-25 22:58:25 +01:00
parent 5ca79c9d96
commit 02bf9f3468
No known key found for this signature in database
GPG key ID: 716A6C99B04194EF
8 changed files with 28 additions and 52 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

12
conf/add_sso_conf.py
View file

@ -1,12 +0,0 @@
import json
with open("/etc/ssowat/conf.json.persistent", "r", encoding='utf-8') as jsonFile:
data = json.load(jsonFile)
if "skipped_urls" in data:
data["skipped_urls"].append("/seafhttp")
else:
data["skipped_urls"] = ["/seafhttp"]
data["skipped_urls"].append("/seafdav")
with open("/etc/ssowat/conf.json.persistent", "w", encoding='utf-8') as jsonFile:
jsonFile.write(json.dumps(data, indent=4, sort_keys=True))

8
conf/add_sso_conf_webdav.py
View file

@ -1,8 +0,0 @@
import json
with open("/etc/ssowat/conf.json.persistent", "r", encoding='utf-8') as jsonFile:
data = json.load(jsonFile)
data["skipped_urls"].append("/seafdav")
with open("/etc/ssowat/conf.json.persistent", "w", encoding='utf-8') as jsonFile:
jsonFile.write(json.dumps(data, indent=4, sort_keys=True))

14
conf/update_sso_conf.py
View file

@ -1,14 +0,0 @@
import json
with open("/etc/ssowat/conf.json.persistent", "r", encoding='utf-8') as jsonFile:
data = json.load(jsonFile)
data["unprotected_urls"].remove("/seafhttp")
data["unprotected_urls"].remove("/seafdav")
if "skipped_urls" in data:
data["skipped_urls"].append("/seafhttp")
else:
data["skipped_urls"] = ["/seafhttp"]
data["skipped_urls"].append("/seafdav")
with open("/etc/ssowat/conf.json.persistent", "w", encoding='utf-8') as jsonFile:
jsonFile.write(json.dumps(data, indent=4, sort_keys=True))

2
manifest.json
View file

@ -23,7 +23,7 @@
"mysql" "mysql"
], ],
"requirements": { "requirements": {
"yunohost": ">= 3.5.2.2" "yunohost": ">= 3.7.0.6"
}, },
"arguments": { "arguments": {
"install": [ "install": [

16
scripts/install
View file

@ -136,6 +136,7 @@ echo '[LDAP]' | tee -a $final_path/conf/ccnet.conf
echo 'HOST = ldap://localhost:389' | tee -a $final_path/conf/ccnet.conf echo 'HOST = ldap://localhost:389' | tee -a $final_path/conf/ccnet.conf
echo 'BASE = ou=users,dc=yunohost,dc=org' | tee -a $final_path/conf/ccnet.conf echo 'BASE = ou=users,dc=yunohost,dc=org' | tee -a $final_path/conf/ccnet.conf
echo 'LOGIN_ATTR = mail' | tee -a $final_path/conf/ccnet.conf echo 'LOGIN_ATTR = mail' | tee -a $final_path/conf/ccnet.conf
echo 'FILTER = &(objectClass=posixAccount)(permission=cn='$app'.main,ou=permission,dc=yunohost,dc=org)' | tee -a $final_path/conf/ccnet.conf
# Enable manually wiki # Enable manually wiki
echo 'ENABLE_WIKI = True' | tee -a $final_path/conf/seahub_settings.py echo 'ENABLE_WIKI = True' | tee -a $final_path/conf/seahub_settings.py
@ -190,17 +191,14 @@ set_permission
ynh_script_progression --message="Configuring permissions..." ynh_script_progression --message="Configuring permissions..."
# Add sso config to unprotect domain.tld/seafhttp + domain.tld/seafdav do in /etc/ssowat/conf.json.persistent # unprotect media, seafhttp, seafdav
python3 ../conf/add_sso_conf.py || ynh_die --message="Your file /etc/ssowat/conf.json.persistent doesn't respect the json syntax. Please fix the syntax to install this app." ynh_permission_create --permission "media" --url '/media' --allowed 'visitors'
ynh_permission_create --permission "fileserver" --url "$domain/seafhttp" --allowed 'visitors'
ynh_permission_create --permission "webdav" --url "$domain/seafdav" --allowed 'visitors'
# unprotect media if [ "$is_public" == '1' ];
ynh_app_setting_set --app $app --key unprotected_uris --value "/media"
if [ "$is_public" = "0" ]
then then
ynh_app_setting_delete --app seafile --key unprotected_uris ynh_permission_update --permission "main" --add "visitors"
else
ynh_app_setting_set --app $app --key unprotected_uris --value "/"
fi fi
# Add logrotate # Add logrotate

4
scripts/remove
View file

@ -35,10 +35,6 @@ pkill -f seaf-server || true
pkill -f ccnet-server || true pkill -f ccnet-server || true
pkill -f seahub || true pkill -f seahub || true
# remove sso config to unprotect domain.tld/seafhttp in /etc/ssowat/conf.json.persistent
ynh_script_progression --message="Cleaning SSO configuration..."
python3 ../conf/remove_sso_conf.py
ynh_script_progression --message="Removing logs..." ynh_script_progression --message="Removing logs..."
ynh_secure_remove --file=/var/log/seafile ynh_secure_remove --file=/var/log/seafile
ynh_script_progression --message="Removing code..." ynh_script_progression --message="Removing code..."

4
scripts/restore
View file

@ -57,10 +57,6 @@ su -c "mysql -u ${app} -p$db_pwd seahubdb < ${YNH_CWD}/seahubdb.dmp"
# GENERIC FINALIZATION # GENERIC FINALIZATION
#================================================= #=================================================
# Restore sso persistent config
ynh_script_progression --message="Configuring permissions..."
python3 ../settings/conf/add_sso_conf.py || ynh_die --message="Your file /etc/ssowat/conf.json.persistent doesn't respect the json syntax. Please fix the syntax to install this app."
# Add logrotate # Add logrotate
ynh_script_progression --message="Configuring log rotation..." ynh_script_progression --message="Configuring log rotation..."
ynh_use_logrotate --logfile $final_path/logs ynh_use_logrotate --logfile $final_path/logs

20
scripts/upgrade
View file

@ -19,6 +19,7 @@ ynh_script_progression --message="Loading installation settings..."
# Retrieve arguments # Retrieve arguments
domain=$(ynh_app_setting_get --app $app --key domain) domain=$(ynh_app_setting_get --app $app --key domain)
path_url=$(ynh_normalize_url_path --path_url $(ynh_app_setting_get --app $app --key path)) path_url=$(ynh_normalize_url_path --path_url $(ynh_app_setting_get --app $app --key path))
is_public=$(ynh_app_setting_get --app $app --key is_public)
installed_version=$(ynh_app_setting_get --app $app --key installed_version) installed_version=$(ynh_app_setting_get --app $app --key installed_version)
seahub_port=$(ynh_app_setting_get --app $app --key seahub_port) seahub_port=$(ynh_app_setting_get --app $app --key seahub_port)
fileserver_port=$(ynh_app_setting_get --app $app --key fileserver_port) fileserver_port=$(ynh_app_setting_get --app $app --key fileserver_port)
@ -215,6 +216,11 @@ then
ynh_app_setting_set --app $app --key fileserver_port --value $fileserver_port ynh_app_setting_set --app $app --key fileserver_port --value $fileserver_port
fi fi
# Add filter settings if needed
if ! grep -q "FILTER" $final_path/conf/ccnet.conf; then
echo 'FILTER = &(objectClass=posixAccount)(permission=cn='$app'.main,ou=permission,dc=yunohost,dc=org)' | tee -a $final_path/conf/ccnet.conf
fi
#================================================= #=================================================
# STANDARD UPGRADE STEPS # STANDARD UPGRADE STEPS
#================================================= #=================================================
@ -231,6 +237,20 @@ ynh_add_systemd_config --service seahub --template seahub.service
# GENERIC FINALIZATION # GENERIC FINALIZATION
#================================================= #=================================================
# Set all permissions
ynh_script_progression --message="Update permission..."
if ! ynh_permission_exists --permission fileserver; then
ynh_app_setting_delete --app $app --key unprotected_uris
python3 ../conf/remove_sso_conf.py
ynh_permission_create --permission "media" --url '/media' --allowed 'visitors'
ynh_permission_create --permission "fileserver" --url "$domain/seafhttp" --allowed 'visitors'
ynh_permission_create --permission "webdav" --url "$domain/seafdav" --allowed 'visitors'
fi
if [ "$is_public" == '1' ];
then
ynh_permission_update --permission "main" --add "visitors"
fi
# Set all permissions # Set all permissions
ynh_script_progression --message="Protecting directory..." ynh_script_progression --message="Protecting directory..."
set_permission set_permission