app_ssowatconf: generate per domain portal config with available apps

2024-09-03 20:06:10 +02:00 · 2023-10-18 18:29:55 +02:00 · 2023-10-18 18:29:55 +02:00 · 8d366e67b0
commit 8d366e67b0
parent 827fbe337d
1 changed files with 44 additions and 5 deletions
--- a/src/app.py
+++ b/src/app.py
@ -29,6 +29,7 @@ import copy
 from typing import List, Tuple, Dict, Any, Iterator, Optional
 from packaging import version
 from logging import getLogger
+from pathlib import Path

 from moulinette import Moulinette, m18n
 from moulinette.utils.process import run_commands, check_output
@ -36,7 +37,6 @@ from moulinette.utils.filesystem import (
    read_file,
    read_json,
    read_toml,
-    read_yaml,
    write_to_file,
    write_to_json,
    cp,
@ -1606,12 +1606,16 @@ def app_ssowatconf():


    """
-    from yunohost.domain import domain_list, _get_maindomain, domain_config_get, _get_domain_portal_dict
+    from yunohost.domain import (
+        domain_list,
+        domain_config_get,
+        _get_domain_portal_dict,
+    )
    from yunohost.permission import user_permission_list
-    from yunohost.settings import settings_get
+    from yunohost.portal import PORTAL_SETTINGS_DIR

-    main_domain = _get_maindomain()
    domains = domain_list()["domains"]
+    portal_domains = domain_list(exclude_subdomains=True)["domains"]
    all_permissions = user_permission_list(
        full=True, ignore_system_perms=True, absolute_urls=True
    )["permissions"]
@ -1633,7 +1637,6 @@ def app_ssowatconf():
        }
    }

-
    apps_using_remote_user_var_in_nginx = (
        check_output(
            "grep -nri '$remote_user' /etc/yunohost/apps/*/conf/*nginx*conf | awk -F/ '{print $5}' || true"
@ -1655,6 +1658,9 @@ def app_ssowatconf():
            if domain + "/" != app_domain + app_path:
                redirected_urls[domain + "/"] = app_domain + app_path

+    # Will organize apps by portal domain
+    portal_domains_apps = {domain: {} for domain in portal_domains}
+
    # New permission system
    for perm_name, perm_info in all_permissions.items():
        uris = (
@ -1678,6 +1684,23 @@ def app_ssowatconf():
            "uris": uris,
        }

+        # Next: portal related
+        # No need to keep apps that aren't supposed to be displayed in portal
+        if not perm_info.get("show_tile", False):
+            continue
+
+        app_domain = uris[0].split("/")[0]
+        # get "topest" domain
+        app_portal_domain = next(
+            domain for domain in portal_domains if domain in app_domain
+        )
+        portal_domains_apps[app_portal_domain][app_id] = {
+            "label": perm_info["label"],
+            "users": perm_info["corresponding_users"],
+            "public": "visitors" in perm_info["allowed"],
+            "url": uris[0],
+        }
+
    conf_dict = {
        "cookie_secret_file": "/etc/yunohost/.ssowat_cookie_secret",
        "cookie_name": "yunohost.portal",
@ -1688,6 +1711,22 @@ def app_ssowatconf():

    write_to_json("/etc/ssowat/conf.json", conf_dict, sort_keys=True, indent=4)

+    # Generate a file per possible portal with available apps
+    for domain, apps in portal_domains_apps.items():
+        portal_settings = {}
+
+        portal_settings_path = Path(f"{PORTAL_SETTINGS_DIR}/{domain}.json")
+        if portal_settings_path.exists():
+            portal_settings.update(read_json(str(portal_settings_path)))
+
+        # Do no override anything else than "apps" since the file is shared
+        # with domain's config panel "portal" options
+        portal_settings["apps"] = apps
+
+        write_to_json(
+            str(portal_settings_path), portal_settings, sort_keys=True, indent=4
+        )
+
    logger.debug(m18n.n("ssowat_conf_generated"))