Merge pull request #814 from YunoHost/spookier-warnings-for-app-install

Spookier warnings for dangerous app install
2024-09-03 20:06:10 +02:00 · 2019-10-04 19:42:23 +02:00 · 2019-10-04 19:42:23 +02:00 · 692ba7c5cd
commit 692ba7c5cd
parent 69062db8f2 babaf541b6
2 changed files with 30 additions and 9 deletions
--- a/locales/en.json
+++ b/locales/en.json
@ -144,8 +144,8 @@
    "certmanager_self_ca_conf_file_not_found": "Could not find configuration file for self-signing authority (file: {file:s})",
    "certmanager_unable_to_parse_self_CA_name": "Could not parse name of self-signing authority (file: {file:s})",
    "confirm_app_install_warning": "Warning: This application may work, but is not well-integrated in YunoHost. Some features such as single sign-on and backup/restore might not be available. Install anyway? [{answers:s}] ",
-    "confirm_app_install_danger": "WARNING! This application is still experimental (if not explicitly not working) and it is likely to break your system! You should probably NOT install it unless you know what you are doing. Are you willing to take that risk? [{answers:s}] ",
-    "confirm_app_install_thirdparty": "WARNING! Installing third-party applications may compromise the integrity and security of your system. You should probably NOT install it unless you know what you are doing. Are you willing to take that risk? [{answers:s}] ",
+    "confirm_app_install_danger": "DANGER! This application is known to be still experimental (if not explicitly not working)! You should probably NOT install it unless you know what you are doing. NO SUPPORT will be provided if this app doesn't work or break your system... If you are willing to take that risk anyway, type '{answers:s}'",
+    "confirm_app_install_thirdparty": "DANGER! This application is not part of Yunohost's application catalog. Installing third-party applications may compromise the integrity and security of your system. You should probably NOT install it unless you know what you are doing. NO SUPPORT will be provided if this app doesn't work or break your system... If you are willing to take that risk anyway, type '{answers:s}'",
    "custom_app_url_required": "You must provide a URL to upgrade your custom app {app:s}",
    "custom_appslist_name_required": "You must provide a name for your custom app list",
    "diagnosis_debian_version_error": "Could not retrieve the Debian version: {error}",
--- a/src/yunohost/app.py
+++ b/src/yunohost/app.py
@ -789,20 +789,41 @@ def app_install(operation_logger, app, label=None, args=None, no_remove_on_failu
        if confirm is None or force or msettings.get('interface') == 'api':
            return

-        answer = msignals.prompt(m18n.n('confirm_app_install_' + confirm,
-                                   answers='Y/N'))
-        if answer.upper() != "Y":
-            raise YunohostError("aborting")
+        if confirm in ["danger", "thirdparty"]:
+            answer = msignals.prompt(m18n.n('confirm_app_install_' + confirm,
+                                       answers='Yes, I understand'),
+                                    color="red")
+            if answer != "Yes, I understand":
+                raise YunohostError("aborting")
+
+        else:
+            answer = msignals.prompt(m18n.n('confirm_app_install_' + confirm,
+                                       answers='Y/N'),
+                                    color="yellow")
+            if answer.upper() != "Y":
+                raise YunohostError("aborting")
+
+

    raw_app_list = app_list(raw=True)

    if app in raw_app_list or ('@' in app) or ('http://' in app) or ('https://' in app):
+
+        # If we got an app name directly (e.g. just "wordpress"), we gonna test this name
        if app in raw_app_list:
-            state = raw_app_list[app].get("state", "notworking")
-            level = raw_app_list[app].get("level", None)
+            app_name_to_test = app
+        # If we got an url like "https://github.com/foo/bar_ynh, we want to
+        # extract "bar" and test if we know this app
+        elif ('http://' in app) or ('https://' in app):
+            app_name_to_test = app.strip("/").split("/")[-1].replace("_ynh","")
+
+        if app_name_to_test in raw_app_list:
+
+            state = raw_app_list[app_name_to_test].get("state", "notworking")
+            level = raw_app_list[app_name_to_test].get("level", None)
            confirm = "danger"
            if state in ["working", "validated"]:
-                if isinstance(level, int) and level >= 3:
+                if isinstance(level, int) and level >= 5:
                    confirm = None
                elif isinstance(level, int) and level > 0:
                    confirm = "warning"