wip

2024-09-03 20:06:10 +02:00 · 2022-01-30 00:37:07 +00:00 · 2022-01-30 00:37:07 +00:00 · 3fd14a420e
commit 3fd14a420e
parent b6085fef8d
4 changed files with 43 additions and 27 deletions
--- a/locales/en.json
+++ b/locales/en.json
@ -375,25 +375,39 @@
    "global_settings_key_doesnt_exists": "The key '{settings_key}' does not exist in the global settings, you can see all the available keys by running 'yunohost settings list'",
    "global_settings_reset_success": "Previous settings now backed up to {path}",
    "global_settings_setting_admin_strength": "Admin password strength",
-    "global_settings_setting_backup_compress_tar_archives": "When creating new backups, compress the archives (.tar.gz) instead of uncompressed archives (.tar). N.B. : enabling this option means create lighter backup archives, but the initial backup procedure will be significantly longer and heavy on CPU.",
-    "global_settings_setting_nginx_compatibility": "Compatibility vs. security tradeoff for the web server NGINX. Affects the ciphers (and other security-related aspects)",
-    "global_settings_setting_nginx_redirect_to_https": "Redirect HTTP requests to HTTPs by default (DO NOT TURN OFF unless you really know what you're doing!)",
-    "global_settings_setting_pop3_enabled": "Enable the POP3 protocol for the mail server",
-    "global_settings_setting_postfix_compatibility": "Compatibility vs. security tradeoff for the Postfix server. Affects the ciphers (and other security-related aspects)",
-    "global_settings_setting_security_experimental_enabled": "Enable experimental security features (don't enable this if you don't know what you're doing!)",
-    "global_settings_setting_smtp_allow_ipv6": "Allow the use of IPv6 to receive and send mail",
-    "global_settings_setting_smtp_relay_host": "SMTP relay host to use in order to send mail instead of this yunohost instance. Useful if you are in one of this situation: your 25 port is blocked by your ISP or VPS provider, you have a residential IP listed on DUHL, you are not able to configure reverse DNS or this server is not directly exposed on the internet and you want use an other one to send mails.",
-    "global_settings_setting_smtp_relay_password": "SMTP relay host password",
-    "global_settings_setting_smtp_relay_port": "SMTP relay port",
-    "global_settings_setting_smtp_relay_user": "SMTP relay user account",
-    "global_settings_setting_ssh_allow_deprecated_dsa_hostkey": "Allow the use of (deprecated) DSA hostkey for the SSH daemon configuration",
-    "global_settings_setting_ssh_compatibility": "Compatibility vs. security tradeoff for the SSH server. Affects the ciphers (and other security-related aspects)",
-    "global_settings_setting_ssh_password_authentication": "Allow password authentication for SSH",
+    "global_settings_setting_backup_compress_tar_archives": "Compress backups",
+    "global_settings_setting_backup_compress_tar_archives_help": "When creating new backups, compress the archives (.tar.gz) instead of uncompressed archives (.tar). N.B. : enabling this option means create lighter backup archives, but the initial backup procedure will be significantly longer and heavy on CPU.",
+    "global_settings_setting_nginx_compatibility": "Compatibility",
+    "global_settings_setting_nginx_compatibility_help": "Compatibility vs. security tradeoff for the web server NGINX. Affects the ciphers (and other security-related aspects)",
+    "global_settings_setting_nginx_redirect_to_https": "Force HTTPS",
+    "global_settings_setting_nginx_redirect_to_https_help": "Redirect HTTP requests to HTTPs by default (DO NOT TURN OFF unless you really know what you're doing!)",
+    "global_settings_setting_pop3_enabled": "Enable POP3",
+    "global_settings_setting_pop3_enabled_help": "Enable the POP3 protocol for the mail server",
+    "global_settings_setting_postfix_compatibility": "Compatibility",
+    "global_settings_setting_postfix_compatibility_help": "Compatibility vs. security tradeoff for the Postfix server. Affects the ciphers (and other security-related aspects)",
+    "global_settings_setting_security_experimental_enabled": "Experimental security features",
+    "global_settings_setting_security_experimental_enabled_help": "Enable experimental security features (don't enable this if you don't know what you're doing!)",
+    "global_settings_setting_smtp_allow_ipv6": "Allow IPv6",
+    "global_settings_setting_smtp_allow_ipv6_help": "Allow the use of IPv6 to receive and send mail",
+    "global_settings_setting_smtp_relay_enabled": "Enable SMTP relay",
+    "global_settings_setting_smtp_relay_enabled_help": "Enable the SMTP relay to use in order to send mail instead of this yunohost instance. Useful if you are in one of this situation: your 25 port is blocked by your ISP or VPS provider, you have a residential IP listed on DUHL, you are not able to configure reverse DNS or this server is not directly exposed on the internet and you want use an other one to send mails.",
+    "global_settings_setting_smtp_relay_host": "Relay host",
+    "global_settings_setting_smtp_relay_password": "Relay password",
+    "global_settings_setting_smtp_relay_port": "Relay port",
+    "global_settings_setting_smtp_relay_user": "Relay user",
+    "global_settings_setting_ssh_allow_deprecated_dsa_hostkey": "Allow DSA hostkey",
+    "global_settings_setting_ssh_allow_deprecated_dsa_hostkey_help": "Allow the use of (deprecated) DSA hostkey for the SSH daemon configuration",
+    "global_settings_setting_ssh_compatibility": "Compatibility",
+    "global_settings_setting_ssh_compatibility_help": "Compatibility vs. security tradeoff for the SSH server. Affects the ciphers (and other security-related aspects)",
+    "global_settings_setting_ssh_password_authentication": "Password authentication",
+    "global_settings_setting_ssh_password_authentication_help": "Allow password authentication for SSH",
    "global_settings_setting_ssh_port": "SSH port",
-    "global_settings_setting_ssowat_panel_overlay_enabled": "Enable SSOwat panel overlay",
+    "global_settings_setting_ssowat_panel_overlay_enabled": "SSOwat panel overlay",
    "global_settings_setting_user_strength": "User password strength",
-    "global_settings_setting_webadmin_allowlist": "IP adresses allowed to access the webadmin. Comma-separated.",
-    "global_settings_setting_webadmin_allowlist_enabled": "Allow only some IPs to access the webadmin.",
+    "global_settings_setting_webadmin_allowlist": "Webadmin IP allowlist",
+    "global_settings_setting_webadmin_allowlist_help": "IP adresses allowed to access the webadmin.",
+    "global_settings_setting_webadmin_allowlist_enabled": "Enable Webadmin IP allowlist",
+    "global_settings_setting_webadmin_allowlist_enabled_help": "Allow only some IPs to access the webadmin.",
    "global_settings_unknown_setting_from_settings_file": "Unknown key in settings: '{setting_key}', discard it and save it in /etc/yunohost/settings-unknown.json",
    "global_settings_unknown_type": "Unexpected situation, the setting {setting} appears to have the type {unknown_type} but it is not a type supported by the system.",
    "good_practices_about_admin_password": "You are now about to define a new administration password. The password should be at least 8 characters long—though it is good practice to use a longer password (i.e. a passphrase) and/or to use a variation of characters (uppercase, lowercase, digits and special characters).",
--- a/share/config_settings.toml
+++ b/share/config_settings.toml
@ -1,5 +1,5 @@
 version = "1.0"
-i18n = "global_settings"
+i18n = "global_settings_setting"

 [security]
 name = "Security"
--- a/src/settings.py
+++ b/src/settings.py
@ -148,10 +148,6 @@ def settings_reset_all(operation_logger):
    return settings.reset(operation_logger=operation_logger)


-def _get_setting_description(key):
-    return m18n.n(f"global_settings_setting_{key.split('.')[-1]}")
-
-
 class SettingsConfigPanel(ConfigPanel):
    entity_type = "settings"
    save_path_tpl = SETTINGS_PATH
@ -173,6 +169,17 @@ class SettingsConfigPanel(ConfigPanel):
                logger.error(f"Post-change hook for setting failed : {e}")
                raise

+    def get(self, key="", mode="classic"):
+        result = super().get(key=key, mode=mode)
+
+        if mode == "full":
+            for panel, section, option in self._iterate():
+                if m18n.key_exists(self.config["i18n"] + "_" + option["id"] + "_help"):
+                    option["help"] = m18n.n(self.config["i18n"] + "_" + option["id"] + "_help")
+            return self.config
+
+        return result
+
    def reset(self, key = "", operation_logger=None):
        self.filter_key = key

--- a/src/utils/config.py
+++ b/src/utils/config.py
@ -801,11 +801,6 @@ class Question:

    def _prevalidate(self):
        if self.value in [None, ""] and not self.optional:
-            import traceback
-            error = m18n.n("unexpected_error", error="\n" + traceback.format_exc())
-            msg = m18n.n("unexpected_error", app=app_instance_name, error=error)
-            logger.error(msg)
-            operation_logger.error(msg)
            raise YunohostValidationError("app_argument_required", name=self.name)

        # we have an answer, do some post checks