Tweaks for new 'admins' group

2024-09-03 20:06:15 +02:00 · 2022-10-07 16:09:42 +02:00 · 2022-10-07 16:09:42 +02:00 · bc3131c826
commit bc3131c826
parent 0c4e536fd9
2 changed files with 11 additions and 2 deletions
--- a/app/src/i18n/locales/en.json
+++ b/app/src/i18n/locales/en.json
@ -228,10 +228,12 @@
    "group_name": "Group name",
    "group_all_users": "All users",
    "group_visitors": "Visitors",
+    "group_admins": "Admins",
    "group_format_name_help": "You can use alpha-numeric chars and underscore",
    "group_add_member": "Add a user",
    "group_add_permission": "Add a permission",
    "group_new": "New group",
+    "group_explain_admins": "This is a special group corresponding to admin users. Users in this group can access YunoHost's webadmin, connect to the server with SSH and use the `sudo` command. You should only add people you absolutely trust in this group!",
    "group_explain_all_users": "This is a special group containing all users accounts on the server",
    "group_explain_visitors": "This is a special group representing anonymous visitors",
    "group_explain_visitors_needed_for_external_client": "Be careful that you need to keep some applications allowed to visitors if you intend to use them with external clients. For example, this is the case for Nextcloud if you intend to use a synchronization client on your smartphone or desktop computer.",
--- a/app/src/views/group/GroupList.vue
+++ b/app/src/views/group/GroupList.vue
@ -43,7 +43,7 @@
              <em>{{ $t('group_explain_visitors_needed_for_external_client') }}</em>
            </p>
          </template>
-          <template v-else>
+          <template v-if="groupName == 'admins' || !group.isSpecial">
            <tags-selectize-item
              v-model="group.members" :options="usersOptions"
              :id="groupName + '-users'" :label="$t('group_add_member')"
@ -173,7 +173,7 @@ export default {
          continue
        }

-        group.isSpecial = ['visitors', 'all_users'].includes(groupName)
+        group.isSpecial = ['visitors', 'all_users', 'admins'].includes(groupName)

        if (groupName === 'visitors') {
          // Forbid to add or remove a protected permission on group `visitors`
@ -189,6 +189,13 @@ export default {
          }).map(({ id }) => permsDict[id].label)
        }

+        if (groupName === 'admins') {
+          // Forbid to add ssh and sftp permission on group `admins`
+          group.disabledItems = permissions.filter(({ id }) => {
+            return ['ssh.main', 'sftp.main'].includes(id)
+          }).map(({ id }) => permsDict[id].label)
+        }
+
        primaryGroups[groupName] = group
      }