YunoHost/yunohost
1
0
Fork 0
mirror of https://github.com/YunoHost/yunohost.git synced 2024-09-03 20:06:10 +02:00
Code Issues Projects Releases Packages Wiki Activity

Attempt to clarify/simplify some complex pieces of code

Browse source
This commit is contained in:
Alexandre Aubin 2020-09-08 19:49:56 +02:00
parent 33e1567c54
commit 9792cfed22
2 changed files with 48 additions and 38 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

49
src/yunohost/app.py
View file

@ -221,13 +221,27 @@ def app_map(app=None, raw=False, user=None):
"other.tld/": "bar", "other.tld/": "bar",
"sub.other.tld/pwet": "pwet", "sub.other.tld/pwet": "pwet",
} }
When using "raw", the structure changes to :
{
"domain.tld": {
"/foo": {"label": "App foo", "id": "foo__2"},
"/mail": {"label": "Rainloop", "id: "rainloop"},
},
"other.tld": {
"/": {"label": "Bar", "id": "bar"},
},
"sub.other.tld": {
"/pwet": {"label": "Pwet", "id": "pwet"}
}
}
""" """
from yunohost.permission import user_permission_list from yunohost.permission import user_permission_list
apps = [] apps = []
result = {} result = {}
permissions = user_permission_list(full=True, full_path=True)["permissions"]
if app is not None: if app is not None:
if not _is_installed(app): if not _is_installed(app):
@ -236,6 +250,7 @@ def app_map(app=None, raw=False, user=None):
else: else:
apps = os.listdir(APPS_SETTING_PATH) apps = os.listdir(APPS_SETTING_PATH)
permissions = user_permission_list(full=True, full_path=True)["permissions"]
for app_id in apps: for app_id in apps:
app_settings = _get_app_settings(app_id) app_settings = _get_app_settings(app_id)
if not app_settings: if not app_settings:
@ -258,7 +273,7 @@ def app_map(app=None, raw=False, user=None):
if user not in main_perm["corresponding_users"]: if user not in main_perm["corresponding_users"]:
continue continue
this_app_perms = {p: i for p, i in permissions.items() if p.startswith(app_id + ".") and (i["url"] or i['additional_urls'] != [None])} this_app_perms = {p: i for p, i in permissions.items() if p.startswith(app_id + ".") and (i["url"] or i['additional_urls'])}
for perm_name, perm_info in this_app_perms.items(): for perm_name, perm_info in this_app_perms.items():
# If we're building the map for a specific user, check the user # If we're building the map for a specific user, check the user
@ -266,29 +281,22 @@ def app_map(app=None, raw=False, user=None):
if user and user not in perm_info["corresponding_users"]: if user and user not in perm_info["corresponding_users"]:
continue continue
# The challenge with this is (beside actually implementing it)
# to migrate all the legacy stuff like
# protected/unprotected/skipped uris and regexes
perm_label = perm_info['label'] perm_label = perm_info['label']
perm_all_urls = [perm_info["url"]] + perm_info['additional_urls'] perm_all_urls = [] + (perm_info["url"] if perm_info["url"] else []) + perm_info['additional_urls']
for url in perm_all_urls: for url in perm_all_urls:
if url is None:
# Happens when 'additional_urls' is empty !!
continue
if not raw:
result[url] = perm_label
else:
perm_domain, perm_path = url.split("/", 1) perm_domain, perm_path = url.split("/", 1)
perm_path = '/' + perm_path perm_path = '/' + perm_path
if raw:
if perm_domain not in result: if perm_domain not in result:
result[perm_domain] = {} result[perm_domain] = {}
result[perm_domain][perm_path] = { result[perm_domain][perm_path] = {
'label': perm_label, 'label': perm_label,
'id': app_id 'id': app_id
} }
else:
result[perm_domain + perm_path] = perm_label
return result return result
@ -1430,20 +1438,17 @@ def app_ssowatconf():
# New permission system # New permission system
for perm_name, perm_info in all_permissions.items(): for perm_name, perm_info in all_permissions.items():
# Ignore permissions for which there's no url defined
if perm_info["url"] is None and perm_info['additional_urls'] == [None]:
continue
uris = [] uris = [] + ([perm_info['url']] if perm_info['url'] else []) + perm_info['additional_urls']
if perm_info['url'] is not None:
uris += [perm_info['url'].rstrip('/')] # Ignore permissions for which there's no url defined
if perm_info['additional_urls'] != [None]: if not uris:
uris += [uri.rstrip('/') for uri in perm_info['additional_urls']] continue
permissions[perm_name] = { permissions[perm_name] = {
"users": perm_info['corresponding_users'], "users": perm_info['corresponding_users'],
"label": perm_info['label'], "label": perm_info['label'],
"show_tile": perm_info['show_tile'] if perm_info['url'] and not perm_info["url"].startswith('re:') else False, "show_tile": perm_info['show_tile'] and perm_info['url'] and (not perm_info["url"].startswith('re:')),
"auth_header": perm_info['auth_header'], "auth_header": perm_info['auth_header'],
"public": "visitors" in perm_info["allowed"], "public": "visitors" in perm_info["allowed"],
"uris": uris "uris": uris

33
src/yunohost/permission.py
View file

@ -60,7 +60,7 @@ def user_permission_list(short=False, full=False, ignore_system_perms=False, ful
# Parse / organize information to be outputed # Parse / organize information to be outputed
apps = [app["id"] for app in app_list()["apps"]] apps = [app["id"] for app in app_list()["apps"]]
apps_main_path = {app: app_setting(app, 'domain') + app_setting(app, 'path') apps_base_path = {app: app_setting(app, 'domain') + app_setting(app, 'path')
for app in apps for app in apps
if app_setting(app, 'domain') and app_setting(app, 'path')} if app_setting(app, 'domain') and app_setting(app, 'path')}
@ -73,21 +73,24 @@ def user_permission_list(short=False, full=False, ignore_system_perms=False, ful
app = name.split('.')[0] app = name.split('.')[0]
permissions[name] = {} perm = {}
permissions[name]["allowed"] = [_ldap_path_extract(p, "cn") for p in infos.get('groupPermission', [])] perm["allowed"] = [_ldap_path_extract(p, "cn") for p in infos.get('groupPermission', [])]
if full: if full:
permissions[name]["corresponding_users"] = [_ldap_path_extract(p, "uid") for p in infos.get('inheritPermission', [])] perm["corresponding_users"] = [_ldap_path_extract(p, "uid") for p in infos.get('inheritPermission', [])]
permissions[name]["auth_header"] = infos.get("authHeader", [False])[0] == "TRUE" perm["auth_header"] = infos.get("authHeader", [False])[0] == "TRUE"
permissions[name]["label"] = infos.get("label", [None])[0] perm["label"] = infos.get("label", [None])[0]
permissions[name]["show_tile"] = infos.get("showTile", [False])[0] == "TRUE" perm["show_tile"] = infos.get("showTile", [False])[0] == "TRUE"
permissions[name]["protected"] = infos.get("isProtected", [False])[0] == "TRUE" perm["protected"] = infos.get("isProtected", [False])[0] == "TRUE"
if full_path and app in apps_main_path: perm["url"] = infos.get("URL", [None])[0]
permissions[name]["url"] = _get_absolute_url(infos["URL"][0], apps_main_path[app]) if "URL" in infos else None perm["additional_urls"] = infos.get("additionalUrls", [])
permissions[name]["additional_urls"] = [_get_absolute_url(url, apps_main_path[app]) for url in infos.get("additionalUrls", [None]) if url]
else: if full_path:
permissions[name]["url"] = infos.get("URL", [None])[0] app_base_path = apps_base_path[app]
permissions[name]["additional_urls"] = infos.get("additionalUrls", []) perm["url"] = _get_absolute_url(perm["url"], app_base_path)
perm["additional_urls"] = [_get_absolute_url(url, apps_base_path) for url in perm["additional_urls"]]
permissions[name] = perm
if short: if short:
permissions = permissions.keys() permissions = permissions.keys()
@ -632,6 +635,8 @@ def _get_absolute_url(url, base_path):
# (re:/foo.*, domain.tld/app) into re:domain\.tld/app/foo.* # (re:/foo.*, domain.tld/app) into re:domain\.tld/app/foo.*
# (domain.tld/bar, domain.tld/app) into domain.tld/bar # (domain.tld/bar, domain.tld/app) into domain.tld/bar
# #
if url is None:
return None
if url.startswith('/'): if url.startswith('/'):
return base_path + url.rstrip("/") return base_path + url.rstrip("/")
if url.startswith('re:/'): if url.startswith('re:/'):