From 0f688caccd33f425059081d0c283afce075e328b Mon Sep 17 00:00:00 2001
From: Alexandre Aubin <alex.aubin@mailoo.org>
Date: Tue, 10 Sep 2019 22:55:37 +0200
Subject: [PATCH] Swap 'main' in permission namespace

---
 data/other/ldap_scheme.yml                    | 8 ++++----
 data/templates/dovecot/dovecot-ldap.conf      | 4 ++--
 data/templates/metronome/domain.tpl.cfg.lua   | 2 +-
 data/templates/postfix/plain/ldap-accounts.cf | 2 +-
 data/templates/postfix/plain/ldap-aliases.cf  | 2 +-
 src/yunohost/app.py                           | 2 +-
 src/yunohost/backup.py                        | 2 +-
 7 files changed, 11 insertions(+), 11 deletions(-)

diff --git a/data/other/ldap_scheme.yml b/data/other/ldap_scheme.yml
index d013149af..caa8fffb2 100644
--- a/data/other/ldap_scheme.yml
+++ b/data/other/ldap_scheme.yml
@@ -59,16 +59,16 @@ children:
             - groupOfNamesYnh
 
 depends_children:
-    cn=main.mail,ou=permission:
-        cn: main.mail
+    cn=mail.main,ou=permission:
+        cn: mail.main
         gidNumber: "5001"
         objectClass:
             - posixGroup
             - permissionYnh
         groupPermission:
             - "cn=all_users,ou=groups,dc=yunohost,dc=org"
-    cn=main.xmpp,ou=permission:
-        cn: main.xmpp
+    cn=xmpp.main,ou=permission:
+        cn: xmpp.main
         gidNumber: "5002"
         objectClass:
             - posixGroup
diff --git a/data/templates/dovecot/dovecot-ldap.conf b/data/templates/dovecot/dovecot-ldap.conf
index c7c9785fd..3a80ba47f 100644
--- a/data/templates/dovecot/dovecot-ldap.conf
+++ b/data/templates/dovecot/dovecot-ldap.conf
@@ -3,7 +3,7 @@ auth_bind = yes
 ldap_version = 3
 base = ou=users,dc=yunohost,dc=org
 user_attrs = uidNumber=500,gidNumber=8,mailuserquota=quota_rule=*:bytes=%$
-user_filter = (&(objectClass=inetOrgPerson)(uid=%n)(permission=cn=main.mail,ou=permission,dc=yunohost,dc=org))
-pass_filter = (&(objectClass=inetOrgPerson)(uid=%n)(permission=cn=main.mail,ou=permission,dc=yunohost,dc=org))
+user_filter = (&(objectClass=inetOrgPerson)(uid=%n)(permission=cn=mail.main,ou=permission,dc=yunohost,dc=org))
+pass_filter = (&(objectClass=inetOrgPerson)(uid=%n)(permission=cn=mail.main,ou=permission,dc=yunohost,dc=org))
 default_pass_scheme = SSHA
 
diff --git a/data/templates/metronome/domain.tpl.cfg.lua b/data/templates/metronome/domain.tpl.cfg.lua
index d523365db..e7f6bcef7 100644
--- a/data/templates/metronome/domain.tpl.cfg.lua
+++ b/data/templates/metronome/domain.tpl.cfg.lua
@@ -8,7 +8,7 @@ VirtualHost "{{ domain }}"
      hostname      = "localhost",
      user = {
        basedn        = "ou=users,dc=yunohost,dc=org",
-       filter        = "(&(objectClass=posixAccount)(mail=*@{{ domain }})(permission=cn=main.xmpp,ou=permission,dc=yunohost,dc=org))",
+       filter        = "(&(objectClass=posixAccount)(mail=*@{{ domain }})(permission=cn=xmpp.main,ou=permission,dc=yunohost,dc=org))",
        usernamefield = "mail",
        namefield     = "cn",
        },
diff --git a/data/templates/postfix/plain/ldap-accounts.cf b/data/templates/postfix/plain/ldap-accounts.cf
index 9f6f94e6d..75f38cf58 100644
--- a/data/templates/postfix/plain/ldap-accounts.cf
+++ b/data/templates/postfix/plain/ldap-accounts.cf
@@ -1,5 +1,5 @@
 server_host = localhost
 server_port = 389
 search_base = dc=yunohost,dc=org
-query_filter = (&(objectClass=mailAccount)(mail=%s)(permission=cn=main.mail,ou=permission,dc=yunohost,dc=org))
+query_filter = (&(objectClass=mailAccount)(mail=%s)(permission=cn=mail.main,ou=permission,dc=yunohost,dc=org))
 result_attribute = uid
diff --git a/data/templates/postfix/plain/ldap-aliases.cf b/data/templates/postfix/plain/ldap-aliases.cf
index 5e7d3a6c1..46563ae22 100644
--- a/data/templates/postfix/plain/ldap-aliases.cf
+++ b/data/templates/postfix/plain/ldap-aliases.cf
@@ -1,5 +1,5 @@
 server_host = localhost
 server_port = 389
 search_base = dc=yunohost,dc=org
-query_filter = (&(objectClass=mailAccount)(mail=%s)(permission=cn=main.mail,ou=permission,dc=yunohost,dc=org))
+query_filter = (&(objectClass=mailAccount)(mail=%s)(permission=cn=mail.main,ou=permission,dc=yunohost,dc=org))
 result_attribute = maildrop
diff --git a/src/yunohost/app.py b/src/yunohost/app.py
index 4a14c5e4b..105d4faf7 100644
--- a/src/yunohost/app.py
+++ b/src/yunohost/app.py
@@ -432,7 +432,7 @@ def app_map(app=None, raw=False, user=None):
         if user is not None:
             ldap = _get_ldap_interface()
             if not ldap.search(base='ou=permission,dc=yunohost,dc=org',
-                               filter='(&(objectclass=permissionYnh)(cn=main.%s)(inheritPermission=uid=%s,ou=users,dc=yunohost,dc=org))' % (app_id, user),
+                               filter='(&(objectclass=permissionYnh)(cn=%s.main)(inheritPermission=uid=%s,ou=users,dc=yunohost,dc=org))' % (app_id, user),
                                attrs=['cn']):
                 continue
 
diff --git a/src/yunohost/backup.py b/src/yunohost/backup.py
index 55b6678b8..9a27031ae 100644
--- a/src/yunohost/backup.py
+++ b/src/yunohost/backup.py
@@ -1247,7 +1247,7 @@ class RestoreManager():
 
         # Remove all permission for all app which sill in the LDAP
         for per in ldap.search('ou=permission,dc=yunohost,dc=org',
-                               '(&(objectClass=permissionYnh)(!(cn=main.mail))(!(cn=main.xmpp))(!(cn=main.sftp)))',
+                               '(&(objectClass=permissionYnh)(!(cn=mail.main))(!(cn=xmpp.main))(!(cn=sftp.main)))',
                                ['cn']):
             if not ldap.remove('cn=%s,ou=permission' % per['cn'][0]):
                 raise YunohostError('permission_deletion_failed',