Simplify migration / be more explicit about what new rdn to inject

locales/en.json

@@ -451,7 +451,6 @@
     "migration_0018_failed_to_reset_legacy_rules": "Failed to reset legacy iptables rules: {error}",
     "migration_0019_add_new_attributes_in_ldap": "Add new attributes for permissions in LDAP database",
     "migration_0019_slapd_config_will_be_overwritten": "It looks like you manually edited the slapd configuration. For this critical migration, YunoHost needs to force the update of the slapd configuration. The original files will be backuped in {conf_backup_folder}.",
-    "migration_0020_ssh_sftp_permissions": "SSH/SFTP permissions",
     "migrations_already_ran": "Those migrations are already done: {ids}",
     "migrations_cant_reach_migration_file": "Could not access migrations files at the path '%s'",
     "migrations_dependencies_not_satisfied": "Run these migrations: '{dependencies_id}', before migration {id}.",

src/yunohost/data_migrations/0020_ssh_sftp_permissions.py

@@ -19,25 +19,19 @@ class MyMigration(Migration):
         Add new permissions around SSH/SFTP features
     """
 
+    dependencies = ["extend_permissions_features"]
+
     @ldap_migration
     def run(self, *args):
-        logger.info(m18n.n("migration_0020_ssh_sftp_permissions"))
 
         from yunohost.utils.ldap import _get_ldap_interface
         ldap = _get_ldap_interface()
 
-        add_perm_to_users = False
-
         # Add SSH and SFTP permissions
         ldap_map = read_yaml('/usr/share/yunohost/yunohost-config/moulinette/ldap_scheme.yml')
-        for rdn, attr_dict in ldap_map['depends_children'].items():
+
-            try:
+        ldap.add("cn=ssh.main,ou=permission", ldap_map['depends_children']["cn=ssh.main,ou=permission"])
-                ldap.search(rdn + ",dc=yunohost,dc=org")
+        ldap.add("cn=sftp.main,ou=permission", ldap_map['depends_children']["cn=sftp.main,ou=permission"])
-            # ldap search will raise an exception if no corresponding object is found >.> ...
-            except Exception:
-                if rdn == "cn=ssh.main,ou=permission":
-                    add_perm_to_users = True
-                ldap.add(rdn, attr_dict)
 
         # Add a bash terminal to each users
         users = ldap.search('ou=users,dc=yunohost,dc=org', filter="(loginShell=*)", attrs=["dn", "uid", "loginShell"])
@@ -45,9 +39,12 @@ class MyMigration(Migration):
             if user['loginShell'][0] == '/bin/false':
                 dn=user['dn'][0].replace(',dc=yunohost,dc=org', '')
                 ldap.update(dn, {'loginShell': ['/bin/bash']})
-            elif add_perm_to_users:
+            else:
                 user_permission_update("ssh.main", add=user["uid"][0], sync_perm=False)
 
+        permission_sync_to_user()
+
+
         # Somehow this is needed otherwise the PAM thing doesn't forget about the
         # old loginShell value ?
         subprocess.call(['nscd', '-i', 'passwd'])