YunoHost/doc
1
0
Fork 0
mirror of https://github.com/YunoHost/doc.git synced 2024-09-03 20:06:26 +02:00
Code Issues Projects Releases Packages Wiki Activity

Updating documentation following changes in the PRs

Browse source
This commit is contained in:
Alexandre Aubin 2019-10-09 23:31:50 +02:00
parent 6a9746c32d
commit 1376de666b
1 changed files with 19 additions and 19 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

38
groups_and_permissions.md
View file

@ -12,13 +12,13 @@ Using groups is however useful for semantic, for example if you host multiple gr
### List existing groups
To list the currently existing groups :
To list the currently existing groups :
```bash
$ yunohost user group list
groups:
all_users:
members:
groups:
all_users:
members:
- alice
- bob
- charlie
@ -43,7 +43,7 @@ $ yunohost user group update yolo_crew --add charlie delphine
(similarly, `--remove` can be used to remove members from a group)
Now in the group list we should see :
Now in the group list we should see :
```bash
$ yunohost user group list
@ -79,14 +79,14 @@ To list permissions and corresponding accesses:
```bash
$ yunohost user permission list
permissions:
mail.main:
permissions:
mail.main:
allowed: all_users
wordpress.admin:
allowed:
wordpress.main:
wordpress.admin:
allowed:
wordpress.main:
allowed: all_users
xmpp.main:
xmpp.main:
allowed: all_users
```
@ -108,7 +108,7 @@ Note that you can also allow a single user:
$ yunohost user permission update wordpress.admin --add alice
```
And now we may see that both the YoloCrew and Alice have access to the wordpress admin interface :
And now we may see that both the YoloCrew and Alice have access to the wordpress admin interface :
```bash
$ yunohost user permission list
@ -120,7 +120,7 @@ $ yunohost user permission list
[...]
```
Note that, for example, if we want to restrict permission for email so that only Bob, we should also remove `all_users` from the permission :
Note that, for example, if we want to restrict permission for email so that only Bob, we should also remove `all_users` from the permission :
```bash
$ yunohost user permission update mail --remove all_users --add bob
@ -129,17 +129,17 @@ $ yunohost user permission update mail --remove all_users --add bob
### Notes for apps packagers
By default, installing an app creates the permission `$app.main` with `all_users` allowed by default.
If you want to create a custom permission for your app (e.g. to restrict access to an admin interface) you may use the following helpers:
If you wish to make the application publicly available, instead of the old `unprotected_urls` mechanism, you should give access to the special groups `visitors`:
```bash
ynh_permission_create --permission "admin" --urls "$domain$path_url/admin"
ynh_permission_update --permission "admin" --add "$admin_user"
ynh_permission_update --permission "main" --remove "all_users" --add "visitors"
```
For now, inside the `change_url` script, you need to take care of updating the url corresponding to your permission:
If you wish to create a custom permission for your app (e.g. to restrict access to an admin interface) you may use the following helpers:
```bash
ynh_permission_urls --permission "admin" --remove "$old_domain$old_path_url/admin" --add "$domain$path_url/admin"
ynh_permission_create --permission "admin" --url "/admin" --allowed "$admin_user"
```
However, you don't need to take care of removing permissions or backing up/restoring them as it is handled by the core of YunoHost.
You don't need to take care of removing permissions or backing up/restoring them as it is handled by the core of YunoHost.