From dc5ee76124e016f912bb33bcd3007a067867efd0 Mon Sep 17 00:00:00 2001 From: Kay0u Date: Mon, 20 Jan 2020 22:55:53 +0700 Subject: [PATCH 1/5] Full permission url --- src/yunohost/app.py | 1 + 1 file changed, 1 insertion(+) diff --git a/src/yunohost/app.py b/src/yunohost/app.py index 8ce5ed783..0324a116a 100644 --- a/src/yunohost/app.py +++ b/src/yunohost/app.py @@ -1661,6 +1661,7 @@ def app_ssowatconf(): # FIXME : gotta handle regex-urls here... meh url = _sanitized_absolute_url(perm_info["url"]) + perm_info["url"] = url if "visitors" in perm_info["allowed"]: if url not in unprotected_urls: unprotected_urls.append(url) From c7506fd3a92ec1f4dd77406e4cc58b910b900391 Mon Sep 17 00:00:00 2001 From: "ljf (zamentur)" Date: Mon, 2 Dec 2019 22:32:59 +0100 Subject: [PATCH 2/5] [fix] This DNS resolver in ipv6 is unreachable --- data/templates/dnsmasq/plain/resolv.dnsmasq.conf | 1 - 1 file changed, 1 deletion(-) diff --git a/data/templates/dnsmasq/plain/resolv.dnsmasq.conf b/data/templates/dnsmasq/plain/resolv.dnsmasq.conf index 6b3bb95d3..ce8515054 100644 --- a/data/templates/dnsmasq/plain/resolv.dnsmasq.conf +++ b/data/templates/dnsmasq/plain/resolv.dnsmasq.conf @@ -32,7 +32,6 @@ nameserver 85.214.20.141 nameserver 195.160.173.53 # (DE) AS250 nameserver 194.150.168.168 -nameserver 2001:4ce8::53 # (DE) Ideal-Hosting nameserver 84.200.69.80 nameserver 2001:1608:10:25::1c04:b12f From c163ae2949368ebfaa44cb65102cda0d60c80ad6 Mon Sep 17 00:00:00 2001 From: Kay0u Date: Thu, 16 Jan 2020 00:34:11 +0700 Subject: [PATCH 3/5] fix legacy permission management --- data/helpers.d/setting | 10 ++++++++-- 1 file changed, 8 insertions(+), 2 deletions(-) diff --git a/data/helpers.d/setting b/data/helpers.d/setting index 9dbbe93fa..5bcd7af32 100644 --- a/data/helpers.d/setting +++ b/data/helpers.d/setting @@ -187,9 +187,15 @@ EOF # Fucking legacy permission management. # We need this because app temporarily set the app as unprotected to configure it with curl... - if [[ "$3" =~ ^(unprotected|skipped)_ ]] && [[ "${4:-}" == "/" ]] + if [[ "$3" =~ ^(unprotected|skipped)_ ]] then - ynh_permission_update --permission "main" --add "visitors" + if [[ "$1" == "set" ]] && [[ "${4:-}" == "/" ]] + then + ynh_permission_update --permission "main" --add "visitors" + elif [[ "$1" == "delete" ]] + then + ynh_permission_update --permission "main" --remove "visitors" + fi fi } From fc969ae1d448b4209c27c2cae8222fbcc12a5b64 Mon Sep 17 00:00:00 2001 From: Kay0u Date: Wed, 29 Jan 2020 14:24:59 +0700 Subject: [PATCH 4/5] remove visitors only for if current value is / --- data/helpers.d/setting | 9 +++++++-- 1 file changed, 7 insertions(+), 2 deletions(-) diff --git a/data/helpers.d/setting b/data/helpers.d/setting index 5bcd7af32..9f68cb5d9 100644 --- a/data/helpers.d/setting +++ b/data/helpers.d/setting @@ -158,7 +158,12 @@ ynh_add_protected_uris() { # ynh_app_setting() { - ACTION="$1" APP="$2" KEY="$3" VALUE="${4:-}" python - < Date: Wed, 29 Jan 2020 21:17:14 +0700 Subject: [PATCH 5/5] more informations in hooks permission --- src/yunohost/permission.py | 22 ++++++++++++++-------- 1 file changed, 14 insertions(+), 8 deletions(-) diff --git a/src/yunohost/permission.py b/src/yunohost/permission.py index 9cc7c7534..9d3d8feda 100644 --- a/src/yunohost/permission.py +++ b/src/yunohost/permission.py @@ -471,16 +471,22 @@ def _update_ldap_group_permission(permission, allowed, sync_perm=True): app = permission.split(".")[0] sub_permission = permission.split(".")[1] - old_allowed_users = set(existing_permission["corresponding_users"]) - new_allowed_users = set(new_permission["corresponding_users"]) + old_corresponding_users = set(existing_permission["corresponding_users"]) + new_corresponding_users = set(new_permission["corresponding_users"]) - effectively_added_users = new_allowed_users - old_allowed_users - effectively_removed_users = old_allowed_users - new_allowed_users + old_allowed_users = set(existing_permission["allowed"]) + new_allowed_users = set(new_permission["allowed"]) - if effectively_added_users: - hook_callback('post_app_addaccess', args=[app, ','.join(effectively_added_users), sub_permission]) - if effectively_removed_users: - hook_callback('post_app_removeaccess', args=[app, ','.join(effectively_removed_users), sub_permission]) + effectively_added_users = new_corresponding_users - old_corresponding_users + effectively_removed_users = old_corresponding_users - new_corresponding_users + + effectively_added_group = new_allowed_users - old_allowed_users - effectively_added_users + effectively_removed_group = old_allowed_users - new_allowed_users - effectively_removed_users + + if effectively_added_users or effectively_added_group: + hook_callback('post_app_addaccess', args=[app, ','.join(effectively_added_users), sub_permission, ','.join(effectively_added_group)]) + if effectively_removed_users or effectively_removed_group: + hook_callback('post_app_removeaccess', args=[app, ','.join(effectively_removed_users), sub_permission, ','.join(effectively_removed_group)]) return new_permission