From 8776676aab31d07044b51868c2460eceebb5d907 Mon Sep 17 00:00:00 2001 From: Gofannon <17145502+Gofannon@users.noreply.github.com> Date: Sat, 25 Mar 2023 18:45:17 +0100 Subject: [PATCH] clean and add doc for auth ldap conf file --- ...hldap_single.json => plugin_authldap.json} | 0 conf/sql/multisite.sql | 1 - conf/sql/single.sql | 1 - scripts/install | 21 ++++++------------- scripts/upgrade | 16 ++------------ 5 files changed, 8 insertions(+), 31 deletions(-) rename conf/{plugin_authldap_single.json => plugin_authldap.json} (100%) delete mode 100644 conf/sql/multisite.sql delete mode 100644 conf/sql/single.sql diff --git a/conf/plugin_authldap_single.json b/conf/plugin_authldap.json similarity index 100% rename from conf/plugin_authldap_single.json rename to conf/plugin_authldap.json diff --git a/conf/sql/multisite.sql b/conf/sql/multisite.sql deleted file mode 100644 index 0968968..0000000 --- a/conf/sql/multisite.sql +++ /dev/null @@ -1 +0,0 @@ -REPLACE INTO __DB_PREFIX__sitemeta VALUES(NULL,1,'authLDAPOptions','a:22:{s:7:"Enabled";s:1:"1";s:7:"CachePW";b:0;s:3:"URI";s:44:"ldap://localhost/ou=users,dc=yunohost,dc=org";s:12:"URISeparator";s:1:" ";s:6:"Filter";s:__LENGTH__:"(&(objectclass=posixAccount)(|(uid=%1$s)(mail=%1$s))(permission=cn=__APP__.admin,ou=permission,dc=yunohost,dc=org))";s:8:"NameAttr";s:9:"givenName";s:7:"SecName";s:2:"sn";s:7:"UidAttr";s:3:"uid";s:8:"MailAttr";s:4:"mail";s:7:"WebAttr";s:0:"";s:6:"Groups";a:5:{s:13:"administrator";s:0:"";s:6:"editor";s:0:"";s:6:"author";s:0:"";s:11:"contributor";s:0:"";s:10:"subscriber";s:0:"";}s:5:"Debug";b:0;s:9:"GroupAttr";s:0:"";s:11:"GroupFilter";s:0:"";s:11:"DefaultRole";s:10:"subscriber";s:11:"GroupEnable";b:0;s:13:"GroupOverUser";b:0;s:7:"Version";i:1;s:26:"DoNotOverwriteNonLdapUsers";b:0;s:8:"StartTLS";b:0;s:14:"GroupSeparator";s:0:"";s:9:"GroupBase";s:0:"";}'); diff --git a/conf/sql/single.sql b/conf/sql/single.sql deleted file mode 100644 index 3d9887d..0000000 --- a/conf/sql/single.sql +++ /dev/null @@ -1 +0,0 @@ -REPLACE INTO __DB_PREFIX__options VALUES(NULL,'authLDAPOptions','a:22:{s:7:"Enabled";s:1:"1";s:7:"CachePW";b:0;s:3:"URI";s:44:"ldap://localhost/ou=users,dc=yunohost,dc=org";s:12:"URISeparator";s:1:" ";s:6:"Filter";s:__LENGTH__:"(&(objectclass=posixAccount)(|(uid=%1$s)(mail=%1$s))(permission=cn=__APP__.admin,ou=permission,dc=yunohost,dc=org))";s:8:"NameAttr";s:9:"givenName";s:7:"SecName";s:2:"sn";s:7:"UidAttr";s:3:"uid";s:8:"MailAttr";s:4:"mail";s:7:"WebAttr";s:0:"";s:6:"Groups";a:5:{s:13:"administrator";s:0:"";s:6:"editor";s:0:"";s:6:"author";s:0:"";s:11:"contributor";s:0:"";s:10:"subscriber";s:0:"";}s:5:"Debug";b:0;s:9:"GroupAttr";s:0:"";s:11:"GroupFilter";s:0:"";s:11:"DefaultRole";s:10:"subscriber";s:11:"GroupEnable";b:0;s:13:"GroupOverUser";b:0;s:7:"Version";i:1;s:26:"DoNotOverwriteNonLdapUsers";b:0;s:8:"StartTLS";b:0;s:14:"GroupSeparator";s:0:"";s:9:"GroupBase";s:0:"";}','yes'); diff --git a/scripts/install b/scripts/install index f85aa49..6d73f00 100644 --- a/scripts/install +++ b/scripts/install @@ -220,20 +220,8 @@ then # Activate multisite in wordpress config ynh_replace_string --match_string="//--MULTISITE2--define" --replace_string="define" --target_file=$final_path/wp-config.php - db_prefix="wp_" - ynh_replace_string --match_string="__DB_PREFIX__" --replace_string="$db_prefix" --target_file=../conf/sql/multisite.sql - ynh_replace_string --match_string="__APP__" --replace_string="$app" --target_file=../conf/sql/multisite.sql - ynh_replace_string --match_string="__LENGTH__" --replace_string="$((${#app} + 108))" --target_file=../conf/sql/multisite.sql - - ynh_mysql_connect_as --user=$db_name --password=$db_pwd --database=$db_name < ../conf/sql/multisite.sql plugin_network="--network" else - #db_prefix="wp_" - #ynh_replace_string --match_string="__DB_PREFIX__" --replace_string="$db_prefix" --target_file=../conf/sql/single.sql - #ynh_replace_string --match_string="__APP__" --replace_string="$app" --target_file=../conf/sql/single.sql - #ynh_replace_string --match_string="__LENGTH__" --replace_string="$((${#app} + 108))" --target_file=../conf/sql/single.sql - - #ynh_mysql_connect_as --user=$db_name --password=$db_pwd --database=$db_name < ../conf/sql/single.sql plugin_network="" fi @@ -244,16 +232,19 @@ ynh_script_progression --message="Activating plugins..." --weight=4 $wpcli_alias plugin activate authldap $plugin_network # configure the plugin from a json config file -ynh_replace_string --match_string="__APP__" --replace_string="$app" --target_file=../conf/plugin_authldap_single.json -$wpcli_alias option update authLDAPOptions --format=json < ../conf/plugin_authldap_single.json +ynh_replace_string --match_string="__APP__" --replace_string="$app" --target_file=../conf/plugin_authldap.json +$wpcli_alias option update authLDAPOptions --format=json < ../conf/plugin_authldap.json # To display the list of all the possibles options for this plugin, from your server, enter: # $ php8.0 ./wp-cli.phar --path=/var/www/wordpress --allow-root option get authLDAPOptions --json | jq # ^ you might need to download it from the projet +# Sources for writing the json file and permission management +# - https://moulinette.readthedocs.io/en/latest/ldap.html +# - https://github.com/YunoHost-Apps/nextcloud_ynh/blob/master/conf/config.json # Set "default user role" as 'subscriber' if no permision (aka LDAP group) found for the user. (Same settings as previous "permission managment" system. So it should no break stuff...) # -# This setting is not included in the "plugin_authldap_single.json script" so the json file can be used for "install" and "upgrade" +# This setting is not included in the "plugin_authldap.json script" so the json file can be used for "install" and "upgrade" # - Install => Set "default user role" choosen by the packager # - Upgrade => Do not modify the default setting as the Wordpress administrator could have changed the defaut role for its use case. # TODO: could be asked to the admin while installing the app and set it up here somehow? diff --git a/scripts/upgrade b/scripts/upgrade index b7fd401..f5e509b 100644 --- a/scripts/upgrade +++ b/scripts/upgrade @@ -250,21 +250,9 @@ then db_prefix=$(grep '^$table_prefix' "$final_path/wp-config.php" | sed "s/.*'\(.*\)'.*/\1/" ) - ynh_replace_string --match_string="__DB_PREFIX__" --replace_string="$db_prefix" --target_file=../conf/sql/multisite.sql - ynh_replace_string --match_string="__APP__" --replace_string="$app" --target_file=../conf/sql/multisite.sql - ynh_replace_string --match_string="__LENGTH__" --replace_string="$((${#app} + 108))" --target_file=../conf/sql/multisite.sql - - ynh_mysql_connect_as --user=$db_name --password=$db_pwd --database=$db_name < ../conf/sql/multisite.sql plugin_network="--network" else multisite=0 - db_prefix=$(grep '^$table_prefix' "$final_path/wp-config.php" | sed "s/.*'\(.*\)'.*/\1/" ) - - ynh_replace_string --match_string="__DB_PREFIX__" --replace_string="$db_prefix" --target_file=../conf/sql/single.sql - ynh_replace_string --match_string="__APP__" --replace_string="$app" --target_file=../conf/sql/single.sql - ynh_replace_string --match_string="__LENGTH__" --replace_string="$((${#app} + 108))" --target_file=../conf/sql/single.sql - - ynh_mysql_connect_as --user=$db_name --password=$db_pwd --database=$db_name < ../conf/sql/single.sql plugin_network="" if ynh_permission_has_user --permission="main" --user="visitor" then @@ -286,8 +274,8 @@ update_plugin () { update_plugin authldap $wpcli_alias plugin activate authldap $plugin_network # re-apply the default LDAP configuration, hoping that admininstrator did not change these settings. -ynh_replace_string --match_string="__APP__" --replace_string="$app" --target_file=../conf/plugin_authldap_single.json -$wpcli_alias option update authLDAPOptions --format=json < ../conf/plugin_authldap_single.json +ynh_replace_string --match_string="__APP__" --replace_string="$app" --target_file=../conf/plugin_authldap.json +$wpcli_alias option update authLDAPOptions --format=json < ../conf/plugin_authldap.json update_plugin companion-auto-update $wpcli_alias plugin activate companion-auto-update $plugin_network