From b74c5ac88395e39a9a81711f0613e1ff95f645d6 Mon Sep 17 00:00:00 2001 From: HugoPoi Date: Thu, 29 Aug 2019 22:52:48 +0200 Subject: [PATCH] Use Email header from SSOWat --- scripts/install | 6 ++++-- scripts/upgrade | 3 ++- sources/patches/arm-force_domain_email.patch | 1 - sources/patches/x86-64-force_domain_email.patch | 16 ---------------- 4 files changed, 6 insertions(+), 20 deletions(-) delete mode 120000 sources/patches/arm-force_domain_email.patch delete mode 100644 sources/patches/x86-64-force_domain_email.patch diff --git a/scripts/install b/scripts/install index 2de776f..bbbaec1 100644 --- a/scripts/install +++ b/scripts/install @@ -123,8 +123,9 @@ echo "TIME_ZONE = \"$(cat /etc/timezone)\"" | tee -a $final_path/conf/seahub_set # SSO authentication echo 'ENABLE_REMOTE_USER_AUTHENTICATION = True' | tee -a $final_path/conf/seahub_settings.py +echo "REMOTE_USER_HEADER = 'HTTP_EMAIL'" | tee -a $final_path/conf/seahub_settings.py echo 'REMOTE_USER_CREATE_UNKNOWN_USER = False' | tee -a $final_path/conf/seahub_settings.py -echo "REMOTE_USER_DOMAIN = '$domain'" | tee -a $final_path/conf/seahub_settings.py +echo "REMOTE_USER_DOMAIN = ''" | tee -a $final_path/conf/seahub_settings.py echo "REMOTE_USER_PROTECTED_PATH = ['$path_url', '$path_url/accounts/login']" | tee -a $final_path/conf/seahub_settings.py # LDAP configuration @@ -171,7 +172,8 @@ sleep 5 su - $seafile_user -s /bin/bash -c "$final_path/seafile-server-$seafile_version/seafile.sh start" # We escape all char witch needed. ynh_replace_special_string --match_string __ADMIN_PASSWORD__ --replace_string "$admin_password" --target_file $final_path/first_launch.exp -su - $seafile_user -s /bin/bash -c "$final_path/first_launch.exp $final_path/seafile-server-$seafile_version $admin@$domain" +admin_email=$(ynh_user_get_info $admin 'mail') +su - $seafile_user -s /bin/bash -c "$final_path/first_launch.exp $final_path/seafile-server-$seafile_version $admin_email" ynh_secure_remove --file="$final_path/first_launch.exp" #================================================= diff --git a/scripts/upgrade b/scripts/upgrade index 9590977..23b3cf4 100644 --- a/scripts/upgrade +++ b/scripts/upgrade @@ -141,8 +141,9 @@ case $installed_version in expect_scripts/upgrade_7.0.exp $final_path/seafile-server-$seafile_version $root_pwd # SSO authentication echo 'ENABLE_REMOTE_USER_AUTHENTICATION = True' | tee -a $final_path/conf/seahub_settings.py + echo "REMOTE_USER_HEADER = 'HTTP_EMAIL'" | tee -a $final_path/conf/seahub_settings.py echo 'REMOTE_USER_CREATE_UNKNOWN_USER = False' | tee -a $final_path/conf/seahub_settings.py - echo "REMOTE_USER_DOMAIN = '$domain'" | tee -a $final_path/conf/seahub_settings.py + echo "REMOTE_USER_DOMAIN = ''" | tee -a $final_path/conf/seahub_settings.py echo "REMOTE_USER_PROTECTED_PATH = ['$path_url', '$path_url/accounts/login']" | tee -a $final_path/conf/seahub_settings.py # Clean connexion from the SSO. If we don't do this we could have some when the user was loged by the old SSO auth mecanisme diff --git a/sources/patches/arm-force_domain_email.patch b/sources/patches/arm-force_domain_email.patch deleted file mode 120000 index 53cd67a..0000000 --- a/sources/patches/arm-force_domain_email.patch +++ /dev/null @@ -1 +0,0 @@ -x86-64-force_domain_email.patch \ No newline at end of file diff --git a/sources/patches/x86-64-force_domain_email.patch b/sources/patches/x86-64-force_domain_email.patch deleted file mode 100644 index 4feca54..0000000 --- a/sources/patches/x86-64-force_domain_email.patch +++ /dev/null @@ -1,16 +0,0 @@ -diff --git a/seahub/base/accounts.py b/seahub/base/accounts.py -index 4ebbb98c4..ba468d073 100644 ---- a/seahub/seahub/base/accounts.py -+++ b/seahub/seahub/base/accounts.py -@@ -540,7 +540,11 @@ class User(object): - - class AuthBackend(object): - -+ allowed_domain = settings.REMOTE_USER_DOMAIN -+ - def get_user_with_import(self, username): -+ if '@' in username and self.allowed_domain != username.split('@')[1]: -+ raise User.DoesNotExist, 'Invalid domain for the email. Please use the seafile domain for the domain part of the email.' - emailuser = seaserv.get_emailuser_with_import(username) - if not emailuser: - raise User.DoesNotExist, 'User matching query does not exits.'