Upgrade to seafile 8.0 and fix permissions

README.md

@@ -14,7 +14,7 @@ Seafile is an open Source Cloud Storage application.
 
 It's a Enterprise file sync and share platform with high reliability and performance. It's a file hosting platform with high reliability and performance. Put files on your own server. Sync and share files across different devices, or access all the files as a virtual disk.
 
-**Shipped version:** 7.1.5
+**Shipped version:** 8.0.3
 
 Screenshots
 -----------

conf/arm.src

@@ -1,5 +1,5 @@
-SOURCE_URL=https://github.com/haiwen/seafile-rpi/releases/download/v7.1.5/seafile-server-7.1.5-buster-armv7.tar.gz
+SOURCE_URL=https://github.com/haiwen/seafile-rpi/releases/download/v8.0.3/seafile-server-8.0.3-buster-armv7.tar.gz
-SOURCE_SUM=4baec21c1acaec6f50c7a1b229a728417d8fbf87fe3be98f128bc9d2ad399681
+SOURCE_SUM=36e3b72e036f2980ec97e2d9b0c68cf872f2bc091441b11e66780a9cc4b75421
 # (Optional) Program to check the integrity (sha256sum, md5sum...)
 # default: sha256
 SOURCE_SUM_PRG=sha256sum

conf/arm64.src

@@ -1,5 +1,5 @@
-SOURCE_URL=https://github.com/haiwen/seafile-rpi/releases/download/v7.1.5/seafile-server-7.1.5-buster-armv7.tar.gz
+SOURCE_URL=https://github.com/haiwen/seafile-rpi/releases/download/v8.0.3/seafile-server-8.0.3-buster-arm64v8.tar.gz
-SOURCE_SUM=4baec21c1acaec6f50c7a1b229a728417d8fbf87fe3be98f128bc9d2ad399681
+SOURCE_SUM=0af0c4653fbff99dc77cf72bc8938ca85424e54d4ed0ec553ebd7d6a9ee13d4c
 # (Optional) Program to check the integrity (sha256sum, md5sum...)
 # default: sha256
 SOURCE_SUM_PRG=sha256sum

conf/x86-64.src

@@ -1,5 +1,5 @@
-SOURCE_URL=https://s3.eu-central-1.amazonaws.com/download.seadrive.org/seafile-server_7.1.5_x86-64.tar.gz
+SOURCE_URL=https://s3.eu-central-1.amazonaws.com/download.seadrive.org/seafile-server_8.0.3_x86-64.tar.gz
-SOURCE_SUM=edf020de2324be33df3f6854c6383affca088807bfc1e27a375fbb0f44af0cb0
+SOURCE_SUM=fb87f1d9285df9087abef908de89b1bfceaef4b242f11e052771eb4e5fb2c7f1
 # (Optional) Program to check the integrity (sha256sum, md5sum...)
 # default: sha256
 SOURCE_SUM_PRG=sha256sum

manifest.json

@@ -4,7 +4,7 @@
     "packaging_format": 1,
     "license": "AGPL-3.0,Apache-2.0,MIT,GPL-2.0",
     "url": "https://www.seafile.com",
-    "version": "7.1.5~ynh1",
+    "version": "8.0.3~ynh1",
     "description": {
         "en": "Open Source Cloud Storage",
         "fr": "Stockage Cloud Open Source"

scripts/_common.sh

@@ -37,9 +37,7 @@ install_dependance() {
     # We need to do that because we can have some issue about the permission access to the pip cache without this
     set_permission
     # Note that we install imageio to force the dependance, without this imageio 2.8 is installed and it need python3.5
-    sudo -u $seafile_user pip3 install --user --upgrade Pillow pylibmc captcha jinja2 sqlalchemy psd-tools \
+    sudo -u $seafile_user pip3 install --user --upgrade django==2.2.* future mysqlclient pymysql Pillow pylibmc captcha jinja2 sqlalchemy psd-tools django-pylibmc django-simple-captcha
-        django-pylibmc django-simple-captcha python3-ldap \
-        pylibmc django-pylibmc # Memcached support
     ynh_del_swap
 }
 

scripts/expect_scripts/upgrade_8.0.exp

@@ -0,0 +1,11 @@
+#!/usr/bin/expect
+set timeout 5
+
+set seafile_dir [lindex $argv 0]
+
+spawn $seafile_dir/upgrade/upgrade_7.1_8.0.sh
+
+expect "to contiune"
+send "\r";
+
+interact

scripts/install

@@ -201,21 +201,19 @@ ynh_debug_exec ls /opt/yunohost/seafile/ccnet
 ynh_script_progression --message="Protecting directory..."
 set_permission
 
-# Add sso config to unprotect domain.tld/seafhttp + domain.tld/seafdav do in /etc/ssowat/conf.json.persistent
+# Add sso config to unprotect domain.tld/seafhttp + domain.tld/seafdav
 ynh_script_progression --message="Configuring permissions..."
-ynh_permission_create --permission=file_server --url=/seafhttp --auth_header=false \
+ynh_permission_create --permission=file_server --url=$domain/seafhttp --auth_header=false \
                       --label="File server" --protected=true --allowed=visitors
-ynh_permission_create --permission=webdav --url=/seafdav --auth_header=true \
+ynh_permission_create --permission=webdav --url=$domain/seafdav --auth_header=true \
                       --label="Webdav" --protected=true --allowed=visitors
-
 # unprotect media
-ynh_app_setting_set --app $app --key unprotected_uris --value "/media"
+ynh_permission_create --permission=media --url=/media --auth_header=true \
+                      --label="Media" --protected=true --allowed=visitors
 
-if [ "$is_public" = "0" ]
+if [ "$is_public" == '1' ];
 then
-	ynh_app_setting_delete --app seafile --key unprotected_uris
+    ynh_permission_update --permission "main" --add "visitors"
-else
-	ynh_app_setting_set --app $app --key unprotected_uris --value "/"
 fi
 
 # Add logrotate
@@ -232,6 +230,7 @@ ynh_script_progression --message="Stoping services..." --weight=3
 # Start service
 ynh_script_progression --message="Starting seafile services..." --weight=3
 ynh_systemd_action --service_name seafile -l "spawned seaf-server, pid " -p /var/log/seafile/controller.log
+sleep 2
 ynh_systemd_action --service_name seahub -l "Started Seafile hub." -p "systemd"
 sleep 2
 

scripts/remove_sso_conf_persistent.py

@@ -1,9 +1,39 @@
 import json
+import sys
 
-with open("/etc/ssowat/conf.json.persistent", "r", encoding='utf-8') as jsonFile:
+with open("/etc/ssowat/" + "conf.json.persistent", "r", encoding='utf-8') as jsonFile:
     data = json.load(jsonFile)
-    data["skipped_urls"].remove("/seafhttp")
-    data["skipped_urls"].remove("/seafdav")
 
-with open("/etc/ssowat/conf.json.persistent", "w", encoding='utf-8') as jsonFile:
+    for domain in ("", sys.argv[1]):
+        for path in ("/seafhttp", "/seafdav"):
+            url = domain + path
+            try:
+                uri_list = data["skipped_urls"]
+                while url in uri_list:
+                    uri_list.remove(url)
+            except:
+                pass
+
+            try:
+                uri_list = data["protected_urls"]
+                while url in uri_list:
+                    uri_list.remove(url)
+            except:
+                pass
+
+            try:
+                uri_list = data["permissions"]["custom_protected"]["uris"]
+                while url in uri_list:
+                    uri_list.remove(url)
+            except:
+                pass
+
+            try:
+                uri_list = data["permissions"]["custom_skipped"]["uris"]
+                while url in uri_list:
+                    uri_list.remove(url)
+            except:
+                pass
+
+with open("/etc/ssowat/" + "conf.json.persistent", "w", encoding='utf-8') as jsonFile:
     jsonFile.write(json.dumps(data, indent=4, sort_keys=True))

scripts/upgrade

@@ -212,6 +212,9 @@ EOF
     fi
     ln -s $seafile_data $final_path/seafile-data
 ;&
+"7.1."* )
+	expect_scripts/upgrade_8.0.exp $final_path/seafile-server-$seafile_version
+;&
 esac
 
 expect_scripts/minor-upgrade.exp $final_path/seafile-server-$seafile_version
@@ -295,21 +298,25 @@ ynh_script_progression --message="Configuring fail2ban..." --weight=10
 ynh_add_fail2ban_config --use_template --others_var 'final_path'
 
 ynh_script_progression --message="Configuring permissions..." --weight=1
-if !ynh_permission_exists --permission=server_api; then
+ynh_legacy_permissions_delete_all
-    ynh_permission_create --permission=file_server --url=/seafhttp --auth_header=false \
+if ! ynh_permission_exists --permission=file_server; then
+    ynh_permission_create --permission=file_server --url=$domain/seafhttp --auth_header=false \
                           --label="File server" --protected=true --allowed=visitors
-    ynh_permission_create --permission=webdav --url=/seafdav --auth_header=true \
+    ynh_permission_create --permission=webdav --url=$domain/seafdav --auth_header=true \
                           --label="Webdav" --protected=true --allowed=visitors
-    python3 remove_sso_conf_persistent.py $domain $server_name \
+    ynh_permission_create --permission=media --url=/media --auth_header=true \
-        || ynh_print_warn --message="Your file /etc/ssowat/conf.json.persistent doesn't respect the json syntax. The config file wasn't cleaned. Please clean it manually."
+                          --label="Media" --protected=true --allowed=visitors
+    python3 remove_sso_conf_persistent.py $domain \
+        || ynh_print_warn --message="Your file /etc/ssowat/""conf.json.persistent doesn't respect the json syntax. The config file wasn't cleaned. Please clean it manually."
 else
-    ynh_permission_url --permission=file_server --url=/seafhttp --auth_header=false
+    ynh_permission_url --permission=file_server --url=$domain/seafhttp --auth_header=false
     ynh_permission_update --permission=file_server --label="File server" --show_tile=false --protected=true
-    ynh_permission_url --permission=webdav --url=/seafhttp --auth_header=false
+    ynh_permission_url --permission=webdav --url=$domain/seafhttp --auth_header=false
     ynh_permission_update --permission=webdav --label="Webdav" --show_tile=false --protected=true
+    ynh_permission_url --permission=media --url=/media --auth_header=true
+    ynh_permission_update --permission=media --label="Media" --show_tile=false --protected=true
 fi
 
-
 # register yunohost service
 ynh_script_progression --message="Register seafile service..."
 yunohost service add seafile