From 4933b23b5b2779cd2b8a7e456d83ea8473feba06 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Josu=C3=A9=20Tille?= Date: Thu, 9 Apr 2020 15:40:20 +0200 Subject: [PATCH] Improve management of show_tile settings --- locales/en.json | 4 +++- src/yunohost/app.py | 3 ++- src/yunohost/permission.py | 26 +++++++++++++++++++++----- 3 files changed, 26 insertions(+), 7 deletions(-) diff --git a/locales/en.json b/locales/en.json index 922ad2c4e..3e776f1a2 100644 --- a/locales/en.json +++ b/locales/en.json @@ -501,7 +501,7 @@ "regenconf_dry_pending_applying": "Checking pending configuration which would have been applied for category '{category}'…", "regenconf_failed": "Could not regenerate the configuration for category(s): {categories}", "regenconf_pending_applying": "Applying pending configuration for category '{category}'…", - "regex_incompatible_with_tile": "/!\\ Packagers! You for the permission '{permission}' can't set the regex {regex} as main url and set 'show_tile' to 'true'", + "regex_incompatible_with_tile": "/!\\ Packagers! For the permission '{permission}' can't set the regex {regex} as main url and set 'show_tile' to 'true'", "regex_with_only_domain": "You can't use a regex for domain, only for path", "restore_already_installed_app": "An app with the ID '{app:s}' is already installed", "restore_app_failed": "Could not restore the app '{app:s}'", @@ -563,6 +563,8 @@ "service_stop_failed": "Could not stop the service '{service:s}'\n\nRecent service logs:{logs:s}", "service_stopped": "Service '{service:s}' stopped", "service_unknown": "Unknown service '{service:s}'", + "show_tile_cant_be_enabled_for_url_not_defined": "The url for the permission '{permission}' is not defined. So you can't enable the settings show_tile", + "show_tile_cant_be_enabled_for_regex": "The url for the permission '{permission}' is a regex. So you can't enable the settings show_tile", "ssowat_conf_generated": "SSOwat configuration generated", "ssowat_conf_updated": "SSOwat configuration updated", "system_upgraded": "System upgraded", diff --git a/src/yunohost/app.py b/src/yunohost/app.py index 9feb5bec9..33d63ba81 100644 --- a/src/yunohost/app.py +++ b/src/yunohost/app.py @@ -717,7 +717,7 @@ def app_install(operation_logger, app, label=None, args=None, no_remove_on_failu # Initialize the main permission for the app # After the install, if apps don't have a domain and path defined, the default url '/' is removed from the permission - permission_create(app_instance_name+".main", allowed=["all_users"], label=label, show_tile=True, protected=False) + permission_create(app_instance_name+".main", allowed=["all_users"], label=label, show_tile=False, protected=False) # Execute the app install script install_failed = True @@ -834,6 +834,7 @@ def app_install(operation_logger, app, label=None, args=None, no_remove_on_failu app_settings = _get_app_settings(app_instance_name) domain = app_settings.get('domain', None) path = app_settings.get('path', None) + user_permission_update(app_instance_name + ".main", show_tile=True, sync_perm=False) if domain and path and user_permission_list(full=True, full_path=False)['permissions'][app_instance_name + '.main']['url'] is None: permission_url(app_instance_name + ".main", url='/', sync_perm=False) diff --git a/src/yunohost/permission.py b/src/yunohost/permission.py index badd37ef3..972a863c5 100644 --- a/src/yunohost/permission.py +++ b/src/yunohost/permission.py @@ -169,6 +169,13 @@ def user_permission_update(operation_logger, permission, add=None, remove=None, if "visitors" not in new_allowed_groups or len(new_allowed_groups) >= 3: logger.warning(m18n.n("permission_currently_allowed_for_all_users")) + # Note that we can get is argument as string we it come from the CLI + if isinstance(show_tile, str): + if show_tile.lower() == "true": + show_tile = True + else: + show_tile = False + if existing_permission['url'] and existing_permission['url'].startswith('re:') and show_tile: logger.warning(m18n.n('regex_incompatible_with_tile', regex=existing_permission['url'], permission=permission)) @@ -307,12 +314,12 @@ def permission_create(operation_logger, permission, allowed=None, except Exception as e: raise YunohostError('permission_creation_failed', permission=permission, error=e) + permission_url(permission, url=url, add_url=additional_urls, auth_header=auth_header, + sync_perm=False) + new_permission = _update_ldap_group_permission(permission=permission, allowed=allowed, label=label, show_tile=show_tile, - protected=protected, sync_perm=False) - - permission_url(permission, url=url, add_url=additional_urls, auth_header=auth_header, - sync_perm=sync_perm) + protected=protected, sync_perm=sync_perm) logger.debug(m18n.n('permission_created', permission=permission)) return new_permission @@ -414,6 +421,7 @@ def permission_url(operation_logger, permission, if clear_urls: url = None new_additional_urls = [] + show_tile = False # Guarantee uniqueness of all values, which would otherwise make ldap.update angry. new_additional_urls = set(new_additional_urls) @@ -426,7 +434,8 @@ def permission_url(operation_logger, permission, try: ldap.update('cn=%s,ou=permission' % permission, {'URL': [url] if url is not None else [], 'additionalUrls': new_additional_urls, - 'authHeader': [str(auth_header).upper()]}) + 'authHeader': [str(auth_header).upper()], + 'showTile': [str(show_tile).upper()],}) except Exception as e: raise YunohostError('permission_update_failed', permission=permission, error=e) @@ -559,6 +568,13 @@ def _update_ldap_group_permission(permission, allowed, if show_tile is None: show_tile = existing_permission["show_tile"] + elif show_tile is True: + if not existing_permission['url']: + logger.warning(m18n.n('show_tile_cant_be_enabled_for_url_not_defined', permission=permission)) + show_tile = False + elif existing_permission['url'].startswith('re:'): + logger.warning(m18n.n('show_tile_cant_be_enabled_for_regex', permission=permission)) + show_tile = False if protected is None: protected = existing_permission["protected"]