YunoHost/yunohost
1
0
Fork 0
mirror of https://github.com/YunoHost/yunohost.git synced 2024-09-03 20:06:10 +02:00
Code Issues Projects Releases Packages Wiki Activity

app resources: implement permission update

Browse source
This commit is contained in:
Alexandre Aubin 2022-12-21 22:26:45 +01:00
parent fa2ef3e7ec
commit a50e73dc0f
2 changed files with 23 additions and 15 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

5
src/permission.py
View file

@ -479,6 +479,7 @@ def permission_url(
url=None,
add_url=None,
remove_url=None,
set_url=None,
auth_header=None,
clear_urls=False,
sync_perm=True,
@ -491,6 +492,7 @@ def permission_url(
url -- (optional) URL for which access will be allowed/forbidden.
add_url -- (optional) List of additional url to add for which access will be allowed/forbidden
remove_url -- (optional) List of additional url to remove for which access will be allowed/forbidden
set_url -- (optional) List of additional url to set/replace for which access will be allowed/forbidden
auth_header -- (optional) Define for the URL of this permission, if SSOwat pass the authentication header to the application
clear_urls -- (optional) Clean all urls (url and additional_urls)
"""
@ -556,6 +558,9 @@ def permission_url(
new_additional_urls = [u for u in new_additional_urls if u not in remove_url]
if set_url:
new_additional_urls = set_url
if auth_header is None:
auth_header = existing_permission["auth_header"]

33
src/utils/resources.py
View file

@ -258,7 +258,7 @@ class PermissionsResource(AppResource):
##### Provision/Update:
- Delete any permissions that may exist and be related to this app yet is not declared anymore
- Loop over the declared permissions and create them if needed or update them with the new values (FIXME : update ain't implemented yet >_>)
- Loop over the declared permissions and create them if needed or update them with the new values
##### Deprovision:
- Delete all permission related to this app
@ -312,7 +312,7 @@ class PermissionsResource(AppResource):
from yunohost.permission import (
permission_create,
# permission_url,
permission_url,
permission_delete,
user_permission_list,
user_permission_update,
@ -330,7 +330,8 @@ class PermissionsResource(AppResource):
permission_delete(perm, force=True, sync_perm=False)
for perm, infos in self.permissions.items():
if f"{self.app}.{perm}" not in existing_perms:
perm_id = f"{self.app}.{perm}"
if perm_id not in existing_perms:
# Use the 'allowed' key from the manifest,
# or use the 'init_{perm}_permission' from the install questions
# which is temporarily saved as a setting as an ugly hack to pass the info to this piece of code...
@ -340,7 +341,7 @@ class PermissionsResource(AppResource):
or []
)
permission_create(
f"{self.app}.{perm}",
perm_id,
allowed=init_allowed,
# This is why the ugly hack with self.manager exists >_>
label=self.manager.wanted["name"] if perm == "main" else perm,
@ -351,17 +352,19 @@ class PermissionsResource(AppResource):
)
self.delete_setting(f"init_{perm}_permission")
user_permission_update(
f"{self.app}.{perm}",
show_tile=infos["show_tile"],
protected=infos["protected"],
sync_perm=False,
)
else:
pass
# FIXME : current implementation of permission_url is hell for
# easy declarativeness of additional_urls >_> ...
# permission_url(f"{self.app}.{perm}", url=infos["url"], auth_header=infos["auth_header"], sync_perm=False)
user_permission_update(
perm_id,
show_tile=infos["show_tile"],
protected=infos["protected"],
sync_perm=False,
)
permission_url(
perm_id,
url=infos["url"],
set_url=infos["additional_urls"],
auth_header=infos["auth_header"],
sync_perm=False,
)
permission_sync_to_user()