1
0
Fork 0
mirror of https://github.com/YunoHost-Apps/synapse_ynh.git synced 2024-09-03 20:26:38 +02:00

Use permission to protectect CAS server access

This commit is contained in:
Josué Tille 2020-02-22 00:48:55 +01:00
parent 80252cffd5
commit 875638ff36
No known key found for this signature in database
GPG key ID: 716A6C99B04194EF
5 changed files with 20 additions and 4 deletions

View file

@ -2,10 +2,14 @@ import json
with open("/etc/ssowat/conf.json.persistent", "r", encoding='utf-8') as jsonFile:
data = json.load(jsonFile)
if "skipped_urls" in data:
if "skipped_urls" in data and "/_matrix" not in data:
data["skipped_urls"].append("/_matrix")
else:
data["skipped_urls"] = ["/_matrix"]
if "protected_urls" in data and "/_matrix/cas_server.php/login" not in data:
data["protected_urls"].append("/_matrix/cas_server.php/login")
else:
data["protected_urls"] = ["/_matrix/cas_server.php/login"]
with open("/etc/ssowat/conf.json.persistent", "w", encoding='utf-8') as jsonFile:
jsonFile.write(json.dumps(data, indent=4, sort_keys=True))

View file

@ -3,6 +3,7 @@ import json
with open("/etc/ssowat/conf.json.persistent", "r", encoding='utf-8') as jsonFile:
data = json.load(jsonFile)
data["skipped_urls"].remove("/_matrix")
data["protected_urls"].remove("/_matrix/cas_server.php/login")
with open("/etc/ssowat/conf.json.persistent", "w", encoding='utf-8') as jsonFile:
jsonFile.write(json.dumps(data, indent=4, sort_keys=True))

View file

@ -14,7 +14,7 @@
"email": "josue@tille.ch"
},
"requirements": {
"yunohost": ">= 3.6"
"yunohost": ">= 3.7.0.4"
},
"multi_instance": true,
"services": [

View file

@ -391,6 +391,7 @@ ynh_script_progression --message="Configuring SSOwat..." --weight=1
# Open access to server without a button the home
# The script "add_sso_conf.py" will just add en entry for the path "/_matrix" in the sso conf.json.persistent file in the cathegory "skipped_urls".
python3 ../conf/add_sso_conf.py || ynh_die --message="Your file /etc/ssowat/conf.json.persistent doesn't respect the json syntax. Please fix the syntax to install this app. For more information see here: https://github.com/YunoHost-Apps/synapse_ynh/issues/32"
ynh_permission_url --permission main --url /_matrix/cas_server.php/login
#=================================================
# UPDATE HOOKS

View file

@ -431,6 +431,16 @@ ynh_add_fail2ban_config --use_template
#=================================================
# GENERIC FINALIZATION
#=================================================
# SETUP SSOWAT
#=================================================
ynh_script_progression --message="Configuring SSOwat..." --weight=1
# Open access to server without a button the home
# The script "add_sso_conf.py" will just add en entry for the path "/_matrix" in the sso conf.json.persistent file in the cathegory "skipped_urls".
python3 ../conf/add_sso_conf.py || ynh_die --message="Your file /etc/ssowat/conf.json.persistent doesn't respect the json syntax. Please fix the syntax to install this app. For more information see here: https://github.com/YunoHost-Apps/synapse_ynh/issues/32"
ynh_permission_url --permission main --url /_matrix/cas_server.php/login
#=================================================
# SECURE FILES AND DIRECTORIES
#=================================================