admins: bunch of fixes

src/migrations/0026_new_admins_group.py

@@ -19,6 +19,8 @@ class MyMigration(Migration):
     introduced_in_version = "11.1"  # FIXME?
     dependencies = []
 
+    ldap_migration_started = False
+
     @Migration.ldap_migration
     def run(self, *args):
 
@@ -48,9 +50,10 @@ yunohost tools migrations run""",
                     raw_msg=True
                 )
 
+        self.ldap_migration_started = True
+
         stuff_to_delete = [
             "cn=admin,ou=sudo",
-            "cn=admins,ou=sudo"
             "cn=admin",
             "cn=admins,ou=groups",
         ]
@@ -75,7 +78,7 @@ yunohost tools migrations run""",
             {
                 "cn": ["admins"],
                 "objectClass": ["top", "posixGroup", "groupOfNamesYnh", "mailGroup"],
-                "gidNumber": [4001],
+                "gidNumber": ["4001"],
                 "mail": ["root", "admin", "admins", "webmaster", "postmaster", "abuse"],
             }
         )

src/tests/test_ldapauth.py

@@ -2,7 +2,7 @@ import pytest
 import os
 
 from yunohost.authenticators.ldap_admin import Authenticator as LDAPAuth
-from yunohost.tools import tools_adminpw
+from yunohost.tools import tools_rootpw
 
 from moulinette import m18n
 from moulinette.core import MoulinetteError
@@ -13,7 +13,7 @@ def setup_function(function):
     if os.system("systemctl is-active slapd") != 0:
         os.system("systemctl start slapd && sleep 3")
 
-    tools_adminpw("yunohost", check_strength=False)
+    tools_rootpw("yunohost", check_strength=False)
 
 
 def test_authenticate():
@@ -47,7 +47,7 @@ def test_authenticate_change_password():
 
     LDAPAuth().authenticate_credentials(credentials="yunohost")
 
-    tools_adminpw("plopette", check_strength=False)
+    tools_rootpw("plopette", check_strength=False)
 
     with pytest.raises(MoulinetteError) as exception:
         LDAPAuth().authenticate_credentials(credentials="yunohost")

src/tests/test_user-group.py

@@ -11,7 +11,6 @@ from yunohost.user import (
     user_import,
     user_export,
     FIELDS_FOR_IMPORT,
-    FIRST_ALIASES,
     user_group_list,
     user_group_create,
     user_group_delete,
@@ -175,7 +174,6 @@ def test_import_user(mocker):
 
 def test_export_user(mocker):
     result = user_export()
-    aliases = ",".join([alias + maindomain for alias in FIRST_ALIASES])
     should_be = (
         "username;firstname;lastname;password;mail;mail-alias;mail-forward;mailbox-quota;groups\r\n"
         f"alice;Alice;White;;alice@{maindomain};{aliases};;0;dev\r\n"

src/tools.py

@@ -30,7 +30,7 @@ from typing import List
 from moulinette import Moulinette, m18n
 from moulinette.utils.log import getActionLogger
 from moulinette.utils.process import call_async_output
-from moulinette.utils.filesystem import read_yaml, write_to_yaml, cp, mkdir, rm
+from moulinette.utils.filesystem import read_yaml, write_to_yaml, cp, mkdir, rm, chown
 
 from yunohost.app import app_upgrade, app_list
 from yunohost.app_catalog import (
@@ -965,22 +965,28 @@ class Migration:
             try:
                 run(self, backup_folder)
             except Exception:
-                logger.warning(
+                if self.ldap_migration_started:
-                    m18n.n("migration_ldap_migration_failed_trying_to_rollback")
+                    logger.warning(
-                )
+                        m18n.n("migration_ldap_migration_failed_trying_to_rollback")
-                os.system("systemctl stop slapd")
+                    )
-                # To be sure that we don't keep some part of the old config
+                    os.system("systemctl stop slapd")
-                rm("/etc/ldap/slapd.d", force=True, recursive=True)
+                    # To be sure that we don't keep some part of the old config
-                cp(f"{backup_folder}/ldap_config", "/etc/ldap", recursive=True)
+                    rm("/etc/ldap", force=True, recursive=True)
-                cp(f"{backup_folder}/ldap_db", "/var/lib/ldap", recursive=True)
+                    cp(f"{backup_folder}/ldap_config", "/etc/ldap", recursive=True)
-                cp(
+                    chown("/etc/ldap/schema/", "openldap", "openldap", recursive=True)
-                    f"{backup_folder}/apps_settings",
+                    chown("/etc/ldap/slapd.d/", "openldap", "openldap", recursive=True)
-                    "/etc/yunohost/apps",
+                    rm("/var/lib/ldap", force=True, recursive=True)
-                    recursive=True,
+                    cp(f"{backup_folder}/ldap_db", "/var/lib/ldap", recursive=True)
-                )
+                    rm("/etc/yunohost/apps", force=True, recursive=True)
-                os.system("systemctl start slapd")
+                    chown("/var/lib/ldap/", "openldap", recursive=True)
-                rm(backup_folder, force=True, recursive=True)
+                    cp(
-                logger.info(m18n.n("migration_ldap_rollback_success"))
+                        f"{backup_folder}/apps_settings",
+                        "/etc/yunohost/apps",
+                        recursive=True,
+                    )
+                    os.system("systemctl start slapd")
+                    rm(backup_folder, force=True, recursive=True)
+                    logger.info(m18n.n("migration_ldap_rollback_success"))
                 raise
             else:
                 rm(backup_folder, force=True, recursive=True)