diff --git a/locales/en.json b/locales/en.json index a1817047d..cb880b761 100644 --- a/locales/en.json +++ b/locales/en.json @@ -412,12 +412,13 @@ "migration_description_0016_php70_to_php73_pools": "Migrate php7.0-fpm 'pool' conf files to php7.3", "migration_description_0017_postgresql_9p6_to_11": "Migrate databases from PostgreSQL 9.6 to 11", "migration_description_0018_xtable_to_nftable": "Migrate old network traffic rules to the new nftable system", - "migration_0011_create_group": "Creating a group for each user…", - "migration_0011_LDAP_update_failed": "Could not update LDAP. Error: {error:s}", - "migration_0011_migrate_permission": "Migrating permissions from apps settings to LDAP...", - "migration_0011_update_LDAP_database": "Updating LDAP database...", - "migration_0011_update_LDAP_schema": "Updating LDAP schema...", - "migration_0011_failed_to_remove_stale_object": "Could not remove stale object {dn}: {error}", + "migration_description_0019_extends_permissions_features_1": "Extend/rework the app permission management system", + "migration_0019_create_group": "Creating a group for each user…", + "migration_0019_LDAP_update_failed": "Could not update LDAP. Error: {error:s}", + "migration_0019_migrate_permission": "Migrating permissions from apps settings to LDAP...", + "migration_0019_update_LDAP_database": "Updating LDAP database...", + "migration_0019_update_LDAP_schema": "Updating LDAP schema...", + "migration_0019_failed_to_remove_stale_object": "Could not remove stale object {dn}: {error}", "migration_0015_start" : "Starting migration to Buster", "migration_0015_patching_sources_list": "Patching the sources.lists...", "migration_0015_main_upgrade": "Starting main upgrade...", diff --git a/src/yunohost/app.py b/src/yunohost/app.py index f66fd4299..8f9933991 100644 --- a/src/yunohost/app.py +++ b/src/yunohost/app.py @@ -282,7 +282,7 @@ def app_map(app=None, raw=False, user=None): continue perm_label = perm_info['label'] - perm_all_urls = [] + (perm_info["url"] if perm_info["url"] else []) + perm_info['additional_urls'] + perm_all_urls = [] + ([perm_info["url"]] if perm_info["url"] else []) + perm_info['additional_urls'] for url in perm_all_urls: @@ -653,7 +653,7 @@ def app_install(operation_logger, app, label=None, args=None, no_remove_on_failu from yunohost.hook import hook_add, hook_remove, hook_exec, hook_callback from yunohost.log import OperationLogger - from yunohost.permission import user_permission_list, permission_create, permission_url, permission_delete, permission_sync_to_user + from yunohost.permission import user_permission_list, user_permission_update, permission_create, permission_url, permission_delete, permission_sync_to_user from yunohost.regenconf import manually_modified_files # Fetch or extract sources @@ -1308,7 +1308,6 @@ def app_ssowatconf(): """ from yunohost.domain import domain_list, _get_maindomain - from yunohost.user import user_list from yunohost.permission import user_permission_list main_domain = _get_maindomain() @@ -1476,6 +1475,7 @@ def app_ssowatconf(): def app_change_label(app, new_label): + from permission import user_permission_update installed = _is_installed(app) if not installed: raise YunohostError('app_not_installed', app=app, all_apps=_get_all_installed_apps_id()) diff --git a/src/yunohost/data_migrations/0019_extends_permissions_features_1.py b/src/yunohost/data_migrations/0019_extends_permissions_features_1.py index b6cab4806..d45209207 100644 --- a/src/yunohost/data_migrations/0019_extends_permissions_features_1.py +++ b/src/yunohost/data_migrations/0019_extends_permissions_features_1.py @@ -7,7 +7,7 @@ from moulinette.utils.log import getActionLogger from yunohost.tools import Migration from yunohost.app import app_setting, app_ssowatconf, _installed_apps -from yunohost.permission import user_permission_list, SYSTEM_PERMS, permission_sync_to_user +from yunohost.permission import user_permission_list logger = getActionLogger('yunohost.migration') @@ -46,14 +46,14 @@ class MyMigration(Migration): if permission.split('.')[0] == 'mail': ldap.update('cn=%s,ou=permission' % permission, { 'authHeader': ["FALSE"], - 'label': 'E-mail', + 'label': ['E-mail'], 'showTile': ["FALSE"], 'isProtected': ["TRUE"], }) elif permission.split('.')[0] == 'xmpp': ldap.update('cn=%s,ou=permission' % permission, { 'authHeader': ["FALSE"], - 'label': 'XMPP', + 'label': ['XMPP'], 'showTile': ["FALSE"], 'isProtected': ["TRUE"], }) diff --git a/src/yunohost/permission.py b/src/yunohost/permission.py index 225a5c315..edf948eeb 100644 --- a/src/yunohost/permission.py +++ b/src/yunohost/permission.py @@ -86,9 +86,9 @@ def user_permission_list(short=False, full=False, ignore_system_perms=False, ful perm["additional_urls"] = infos.get("additionalUrls", []) if full_path: - app_base_path = apps_base_path[app] + app_base_path = apps_base_path[app] if app in apps_base_path else "" # Meh in some situation where the app is currently installed/removed, this function may be called and we still need to act as if the corresponding permission indeed exists ... dunno if that's really the right way to proceed but okay. perm["url"] = _get_absolute_url(perm["url"], app_base_path) - perm["additional_urls"] = [_get_absolute_url(url, apps_base_path) for url in perm["additional_urls"]] + perm["additional_urls"] = [_get_absolute_url(url, app_base_path) for url in perm["additional_urls"]] permissions[name] = perm @@ -368,7 +368,7 @@ def permission_url(operation_logger, permission, """ from yunohost.app import app_setting from yunohost.utils.ldap import _get_ldap_interface - from yunohost.domain import _check_and_sanitize_permission_path, _get_conflicting_apps + from yunohost.domain import _check_and_sanitize_permission_path ldap = _get_ldap_interface() # By default, manipulate main permission