From a959a97e8c7ba736bd87cf1c8a8e46ea8181dcee Mon Sep 17 00:00:00 2001
From: Kay0u <pierre.moltess@gmail.com>
Date: Wed, 20 Nov 2019 13:28:10 +0900
Subject: [PATCH 1/2] [Fix] permission create

---
 src/yunohost/permission.py | 9 ++++++---
 1 file changed, 6 insertions(+), 3 deletions(-)

diff --git a/src/yunohost/permission.py b/src/yunohost/permission.py
index 170019ee5..3f187a48c 100644
--- a/src/yunohost/permission.py
+++ b/src/yunohost/permission.py
@@ -273,9 +273,8 @@ def permission_create(operation_logger, permission, url=None, allowed=None, sync
     if allowed:
         if not isinstance(allowed, list):
             to_add = [allowed]
-    # For main permission, we add all users by default
-    elif permission.endswith(".main"):
-        to_add = "all_users"
+        else:
+            to_add = allowed
 
     new_permission = _update_ldap_group_permission(permission=permission, allowed=to_add, sync_perm=sync_perm)
 
@@ -295,6 +294,10 @@ def permission_url(operation_logger, permission, url=None, sync_perm=True):
     from yunohost.utils.ldap import _get_ldap_interface
     ldap = _get_ldap_interface()
 
+    # By default, manipulate main permission
+    if "." not in permission:
+        permission = permission + ".main"
+
     # Fetch existing permission
 
     existing_permission = user_permission_list(full=True)["permissions"].get(permission, None)

From 23489155fdca734a9de953a5516785aaea3dfa20 Mon Sep 17 00:00:00 2001
From: Kay0u <pierre.moltess@gmail.com>
Date: Thu, 21 Nov 2019 18:13:20 +0900
Subject: [PATCH 2/2] symplify premission_create

---
 src/yunohost/permission.py | 11 +----------
 1 file changed, 1 insertion(+), 10 deletions(-)

diff --git a/src/yunohost/permission.py b/src/yunohost/permission.py
index 3f187a48c..489c6da77 100644
--- a/src/yunohost/permission.py
+++ b/src/yunohost/permission.py
@@ -267,16 +267,7 @@ def permission_create(operation_logger, permission, url=None, allowed=None, sync
     except Exception as e:
         raise YunohostError('permission_creation_failed', permission=permission, error=e)
 
-    to_add = None
-
-    # If who should be allowed is explicitly provided, use this info
-    if allowed:
-        if not isinstance(allowed, list):
-            to_add = [allowed]
-        else:
-            to_add = allowed
-
-    new_permission = _update_ldap_group_permission(permission=permission, allowed=to_add, sync_perm=sync_perm)
+    new_permission = _update_ldap_group_permission(permission=permission, allowed=allowed, sync_perm=sync_perm)
 
     logger.debug(m18n.n('permission_created', permission=permission))
     return new_permission