From 97c3a0fb9b2763cf297ea691c78d44f7c503b9ce Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Josu=C3=A9=20Tille?= <josue@tille.ch>
Date: Sat, 28 Dec 2019 22:29:52 +0100
Subject: [PATCH] Fix migration

---
 data/other/ldap_scheme.yml                    |  4 ++--
 .../0015_add_permission_protection.py         | 24 +++++++++++++------
 2 files changed, 19 insertions(+), 9 deletions(-)

diff --git a/data/other/ldap_scheme.yml b/data/other/ldap_scheme.yml
index 620a36a1c..769de0b2e 100644
--- a/data/other/ldap_scheme.yml
+++ b/data/other/ldap_scheme.yml
@@ -73,7 +73,7 @@ depends_children:
             - permissionYnh
         groupPermission:
             - "cn=all_users,ou=groups,dc=yunohost,dc=org"
-        isProtected: TRUE
+        isProtected: "TRUE"
     cn=xmpp.main,ou=permission:
         cn: xmpp.main
         gidNumber: "5002"
@@ -82,4 +82,4 @@ depends_children:
             - permissionYnh
         groupPermission:
             - "cn=all_users,ou=groups,dc=yunohost,dc=org"
-        isProtected: TRUE
+        isProtected: "TRUE"
diff --git a/src/yunohost/data_migrations/0015_add_permission_protection.py b/src/yunohost/data_migrations/0015_add_permission_protection.py
index 1b2965fb0..5f6ccc936 100644
--- a/src/yunohost/data_migrations/0015_add_permission_protection.py
+++ b/src/yunohost/data_migrations/0015_add_permission_protection.py
@@ -24,14 +24,24 @@ class MyMigration(Migration):
     def run(self):
 
         from yunohost.utils.ldap import _get_ldap_interface
+        from yunohost.regenconf import regen_conf, BACKUP_CONF_DIR
+
+        # Check if the migration can be processed
+        ldap_regen_conf_status = regen_conf(names=['slapd'], dry_run=True)
+        # By this we check if the have been customized
+        if ldap_regen_conf_status and ldap_regen_conf_status['slapd']['pending']:
+            logger.warning(m18n.n("migration_0011_slapd_config_will_be_overwritten", conf_backup_folder=BACKUP_CONF_DIR))
+
+        regen_conf(names=['slapd'], force=True)
+
         ldap = _get_ldap_interface()
 
-        permission_list = user_permission_list(short=True)
-        
+        permission_list = user_permission_list(short=True)["permissions"]
+
         for permission in permission_list:
-            if permission in SYSTEM_PERMS:
-                ldap.update('cn=%s,ou=permission' % permission, 'isProtected': "TRUE"})
-            elif permission.end_with(".main"):
-                ldap.update('cn=%s,ou=permission' % permission, 'isProtected': "FALSE"})
+            if permission.split('.')[0] in SYSTEM_PERMS:
+                ldap.update('cn=%s,ou=permission' % permission, {'isProtected': "TRUE"})
+            elif permission.endswith(".main"):
+                ldap.update('cn=%s,ou=permission' % permission, {'isProtected': "FALSE"})
             else:
-                ldap.update('cn=%s,ou=permission' % permission, 'isProtected': "TRUE"})
+                ldap.update('cn=%s,ou=permission' % permission, {'isProtected': "TRUE"})