YunoHost/yunohost
1
0
Fork 0
mirror of https://github.com/YunoHost/yunohost.git synced 2024-09-03 20:06:10 +02:00
Code Issues Projects Releases Packages Wiki Activity

app resources: implement permission update

Browse source
This commit is contained in:
Alexandre Aubin 2022-12-21 22:26:45 +01:00
parent fa2ef3e7ec
commit a50e73dc0f
2 changed files with 23 additions and 15 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

5
src/permission.py
View file

@ -479,6 +479,7 @@ def permission_url(
url=None, url=None,
add_url=None, add_url=None,
remove_url=None, remove_url=None,
set_url=None,
auth_header=None, auth_header=None,
clear_urls=False, clear_urls=False,
sync_perm=True, sync_perm=True,
@ -491,6 +492,7 @@ def permission_url(
url -- (optional) URL for which access will be allowed/forbidden. url -- (optional) URL for which access will be allowed/forbidden.
add_url -- (optional) List of additional url to add for which access will be allowed/forbidden add_url -- (optional) List of additional url to add for which access will be allowed/forbidden
remove_url -- (optional) List of additional url to remove for which access will be allowed/forbidden remove_url -- (optional) List of additional url to remove for which access will be allowed/forbidden
set_url -- (optional) List of additional url to set/replace for which access will be allowed/forbidden
auth_header -- (optional) Define for the URL of this permission, if SSOwat pass the authentication header to the application auth_header -- (optional) Define for the URL of this permission, if SSOwat pass the authentication header to the application
clear_urls -- (optional) Clean all urls (url and additional_urls) clear_urls -- (optional) Clean all urls (url and additional_urls)
""" """
@ -556,6 +558,9 @@ def permission_url(
new_additional_urls = [u for u in new_additional_urls if u not in remove_url] new_additional_urls = [u for u in new_additional_urls if u not in remove_url]
if set_url:
new_additional_urls = set_url
if auth_header is None: if auth_header is None:
auth_header = existing_permission["auth_header"] auth_header = existing_permission["auth_header"]

33
src/utils/resources.py
View file

@ -258,7 +258,7 @@ class PermissionsResource(AppResource):
##### Provision/Update: ##### Provision/Update:
- Delete any permissions that may exist and be related to this app yet is not declared anymore - Delete any permissions that may exist and be related to this app yet is not declared anymore
- Loop over the declared permissions and create them if needed or update them with the new values (FIXME : update ain't implemented yet >_>) - Loop over the declared permissions and create them if needed or update them with the new values
##### Deprovision: ##### Deprovision:
- Delete all permission related to this app - Delete all permission related to this app
@ -312,7 +312,7 @@ class PermissionsResource(AppResource):
from yunohost.permission import ( from yunohost.permission import (
permission_create, permission_create,
# permission_url, permission_url,
permission_delete, permission_delete,
user_permission_list, user_permission_list,
user_permission_update, user_permission_update,
@ -330,7 +330,8 @@ class PermissionsResource(AppResource):
permission_delete(perm, force=True, sync_perm=False) permission_delete(perm, force=True, sync_perm=False)
for perm, infos in self.permissions.items(): for perm, infos in self.permissions.items():
if f"{self.app}.{perm}" not in existing_perms: perm_id = f"{self.app}.{perm}"
if perm_id not in existing_perms:
# Use the 'allowed' key from the manifest, # Use the 'allowed' key from the manifest,
# or use the 'init_{perm}_permission' from the install questions # or use the 'init_{perm}_permission' from the install questions
# which is temporarily saved as a setting as an ugly hack to pass the info to this piece of code... # which is temporarily saved as a setting as an ugly hack to pass the info to this piece of code...
@ -340,7 +341,7 @@ class PermissionsResource(AppResource):
or [] or []
) )
permission_create( permission_create(
f"{self.app}.{perm}", perm_id,
allowed=init_allowed, allowed=init_allowed,
# This is why the ugly hack with self.manager exists >_> # This is why the ugly hack with self.manager exists >_>
label=self.manager.wanted["name"] if perm == "main" else perm, label=self.manager.wanted["name"] if perm == "main" else perm,
@ -351,17 +352,19 @@ class PermissionsResource(AppResource):
) )
self.delete_setting(f"init_{perm}_permission") self.delete_setting(f"init_{perm}_permission")
user_permission_update( user_permission_update(
f"{self.app}.{perm}", perm_id,
show_tile=infos["show_tile"], show_tile=infos["show_tile"],
protected=infos["protected"], protected=infos["protected"],
sync_perm=False, sync_perm=False,
) )
else: permission_url(
pass perm_id,
# FIXME : current implementation of permission_url is hell for url=infos["url"],
# easy declarativeness of additional_urls >_> ... set_url=infos["additional_urls"],
# permission_url(f"{self.app}.{perm}", url=infos["url"], auth_header=infos["auth_header"], sync_perm=False) auth_header=infos["auth_header"],
sync_perm=False,
)
permission_sync_to_user() permission_sync_to_user()