YunoHost/yunohost
1
0
Fork 0
mirror of https://github.com/YunoHost/yunohost.git synced 2024-09-03 20:06:10 +02:00
Code Issues Projects Releases Packages Wiki Activity

Change MoulinetteError to YunohostError

Browse source
This commit is contained in:
Josué Tille 2018-12-15 20:27:22 +01:00
parent f22e7144b4
commit ad3d8786d6
No known key found for this signature in database
GPG key ID: D5E068C6DFA8681D
4 changed files with 34 additions and 37 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
src/yunohost/app.py
View file

@ -1088,7 +1088,7 @@ def app_makedefault(operation_logger, auth, app, domain=None):
operation_logger.start() operation_logger.start()
if '/' in app_map(auth, raw=True)[domain]: if '/' in app_map(auth, raw=True)[domain]:
raise YunohostError('app_make_default_location_already_used', app=app, domain=app_domain, raise YunohostError('app_make_default_location_already_used', app=app, domain=app_domain,
other_app=app_map(auth, raw=True)[domain]["/"]["id"])) other_app=app_map(auth, raw=True)[domain]["/"]["id"])
try: try:
with open('/etc/ssowat/conf.json.persistent') as json_conf: with open('/etc/ssowat/conf.json.persistent') as json_conf:

6
src/yunohost/data_migrations/0009_setup_group_permission.py
View file

@ -1,8 +1,8 @@
import yaml import yaml
import errno
from moulinette import m18n from moulinette import m18n
from moulinette.core import MoulinetteError, init_authenticator from moulinette.core import init_authenticator
from yunohost.utils.error import YunohostError
from moulinette.utils.log import getActionLogger from moulinette.utils.log import getActionLogger
from yunohost.tools import Migration from yunohost.tools import Migration
@ -39,7 +39,7 @@ def migrate_LDAP_db(auth):
for rdn, attr_dict in ldap_map['depends_children'].items(): for rdn, attr_dict in ldap_map['depends_children'].items():
auth.add(rdn, attr_dict) auth.add(rdn, attr_dict)
except Exception as e: except Exception as e:
raise MoulinetteError(errno.EINVAL, m18n.n(("LDAP_update_failled"))) raise YunohostError("LDAP_update_failled")
logger.info(m18n.n("migration_0009_create_group")) logger.info(m18n.n("migration_0009_create_group"))

37
src/yunohost/permission.py
View file

@ -24,13 +24,12 @@
Manage permissions Manage permissions
""" """
import errno
import grp import grp
import random import random
from moulinette import m18n from moulinette import m18n
from moulinette.core import MoulinetteError
from moulinette.utils.log import getActionLogger from moulinette.utils.log import getActionLogger
from yunohost.utils.error import YunohostError
from yunohost.user import user_list, user_group_list from yunohost.user import user_list, user_group_list
from yunohost.log import is_unit_operation from yunohost.log import is_unit_operation
@ -163,23 +162,23 @@ def user_permission_update(operation_logger, auth, app=[], permission=None, add_
# Validate that the group exist # Validate that the group exist
for g in add_group: for g in add_group:
if not g in user_group_list(auth, ['cn'])['groups']: if not g in user_group_list(auth, ['cn'])['groups']:
raise MoulinetteError(errno.EINVAL, m18n.n('group_unknown', group=g)) raise YunohostError('group_unknown', group=g)
for u in add_username: for u in add_username:
if not u in user_list(auth, ['uid'])['users']: if not u in user_list(auth, ['uid'])['users']:
raise MoulinetteError(errno.EINVAL, m18n.n('user_unknown', user=u)) raise YunohostError('user_unknown', user=u)
for g in del_group: for g in del_group:
if not g in user_group_list(auth, ['cn'])['groups']: if not g in user_group_list(auth, ['cn'])['groups']:
raise MoulinetteError(errno.EINVAL, m18n.n('group_unknown', group=g)) raise YunohostError('group_unknown', group=g)
for u in del_username: for u in del_username:
if not u in user_list(auth, ['uid'])['users']: if not u in user_list(auth, ['uid'])['users']:
raise MoulinetteError(errno.EINVAL, m18n.n('user_unknown', user=u)) raise YunohostError('user_unknown', user=u)
# Merge user and group (note that we consider all user as a group) # Merge user and group (note that we consider all user as a group)
add_group.extend(add_username) add_group.extend(add_username)
del_group.extend(del_username) del_group.extend(del_username)
if 'all_users' in add_group or 'all_users' in del_group: if 'all_users' in add_group or 'all_users' in del_group:
raise MoulinetteError(errno.EINVAL, m18n.n('edit_permission_with_group_all_users_not_allowed')) raise YunohostError('edit_permission_with_group_all_users_not_allowed')
# Populate permission informations # Populate permission informations
permission_attrs = [ permission_attrs = [
@ -196,14 +195,14 @@ def user_permission_update(operation_logger, auth, app=[], permission=None, add_
for per in permission: for per in permission:
permission_name = per + '.' + a permission_name = per + '.' + a
if not permission_name in result: if not permission_name in result:
raise MoulinetteError(errno.EINVAL, m18n.n('permission_not_found', permission=per, app=a)) raise YunohostError('permission_not_found', permission=per, app=a)
new_per_dict[permission_name] = set() new_per_dict[permission_name] = set()
if 'groupPermission' in result[permission_name]: if 'groupPermission' in result[permission_name]:
new_per_dict[permission_name] = set(result[permission_name]['groupPermission']) new_per_dict[permission_name] = set(result[permission_name]['groupPermission'])
for g in del_group: for g in del_group:
if 'cn=all_users,ou=groups,dc=yunohost,dc=org' in new_per_dict[permission_name]: if 'cn=all_users,ou=groups,dc=yunohost,dc=org' in new_per_dict[permission_name]:
raise MoulinetteError(errno.EINVAL, m18n.n('need_define_permission_before')) raise YunohostError('need_define_permission_before')
group_name = 'cn=' + g + ',ou=groups,dc=yunohost,dc=org' group_name = 'cn=' + g + ',ou=groups,dc=yunohost,dc=org'
if not group_name in new_per_dict[permission_name]: if not group_name in new_per_dict[permission_name]:
logger.warning(m18n.n('group_alread_disallowed', permission=per, app=a, group=g)) logger.warning(m18n.n('group_alread_disallowed', permission=per, app=a, group=g))
@ -229,7 +228,7 @@ def user_permission_update(operation_logger, auth, app=[], permission=None, add_
p = per.split('.') p = per.split('.')
logger.success(m18n.n('permission_updated', permission=p[0], app=p[1])) logger.success(m18n.n('permission_updated', permission=p[0], app=p[1]))
else: else:
raise MoulinetteError(169, m18n.n('permission_update_failed')) raise YunohostError('permission_update_failed')
if sync_perm: if sync_perm:
permission_sync_to_user(auth) permission_sync_to_user(auth)
@ -290,14 +289,14 @@ def user_permission_clear(operation_logger, auth, app=[], permission=None, sync_
for per in permission: for per in permission:
permission_name = per + '.' + a permission_name = per + '.' + a
if not permission_name in result: if not permission_name in result:
raise MoulinetteError(errno.EINVAL, m18n.n('permission_not_found', permission=per, app=a)) raise YunohostError('permission_not_found', permission=per, app=a)
if 'groupPermission' in result[permission_name] and 'cn=all_users,ou=groups,dc=yunohost,dc=org' in result[permission_name]['groupPermission']: if 'groupPermission' in result[permission_name] and 'cn=all_users,ou=groups,dc=yunohost,dc=org' in result[permission_name]['groupPermission']:
logger.warning(m18n.n('permission_already_clear', permission=per, app=a)) logger.warning(m18n.n('permission_already_clear', permission=per, app=a))
continue continue
if auth.update('cn=%s,ou=permission' % permission_name, default_permission): if auth.update('cn=%s,ou=permission' % permission_name, default_permission):
logger.success(m18n.n('permission_updated', permission=per, app=a)) logger.success(m18n.n('permission_updated', permission=per, app=a))
else: else:
raise MoulinetteError(169, m18n.n('permission_update_failed')) raise YunohostError('permission_update_failed')
permission_sync_to_user(auth) permission_sync_to_user(auth)
@ -332,7 +331,7 @@ def permission_add(operation_logger, auth, app, permission, url=None, default_al
'cn': permission_name 'cn': permission_name
}, base_dn='ou=permission,dc=yunohost,dc=org') }, base_dn='ou=permission,dc=yunohost,dc=org')
if conflict: if conflict:
raise MoulinetteError(errno.EEXIST, m18n.n('permission_already_exist', permission=permission, app=app)) raise YunohostError('permission_already_exist', permission=permission, app=app)
# Get random GID # Get random GID
all_gid = {x.gr_gid for x in grp.getgrall()} all_gid = {x.gr_gid for x in grp.getgrall()}
@ -365,7 +364,7 @@ def permission_add(operation_logger, auth, app, permission, url=None, default_al
logger.success(m18n.n('permission_created', permission=permission, app=app)) logger.success(m18n.n('permission_created', permission=permission, app=app))
return user_permission_list(auth, app, permission) return user_permission_list(auth, app, permission)
raise MoulinetteError(169, m18n.n('premission_creation_failled')) raise YunohostError('premission_creation_failled')
@is_unit_operation(['permission','app']) @is_unit_operation(['permission','app'])
@ -388,7 +387,7 @@ def permission_update(operation_logger, auth, app, permission, add_url=None, rem
result = auth.search(base='ou=permission,dc=yunohost,dc=org', result = auth.search(base='ou=permission,dc=yunohost,dc=org',
filter='cn=' + permission_name, attrs=['URL']) filter='cn=' + permission_name, attrs=['URL'])
if not result: if not result:
raise MoulinetteError(errno.EINVAL, m18n.n('permission_not_found', permission=permission, app=app)) raise YunohostError('permission_not_found', permission=permission, app=app)
permission_obj = result[0] permission_obj = result[0]
if not 'URL' in permission_obj: if not 'URL' in permission_obj:
@ -420,7 +419,7 @@ def permission_update(operation_logger, auth, app, permission, add_url=None, rem
logger.success(m18n.n('permission_updated', permission=permission, app=app)) logger.success(m18n.n('permission_updated', permission=permission, app=app))
return user_permission_list(auth, app, permission) return user_permission_list(auth, app, permission)
raise MoulinetteError(169, m18n.n('premission_update_failled')) raise YunohostError('premission_update_failled')
@is_unit_operation(['permission','app']) @is_unit_operation(['permission','app'])
@ -435,11 +434,11 @@ def permission_remove(operation_logger, auth, app, permission, force=False, sync
""" """
if permission == "main" and not force: if permission == "main" and not force:
raise MoulinetteError(errno.EPERM, m18n.n('remove_main_permission_not_allowed')) raise YunohostError('remove_main_permission_not_allowed')
operation_logger.start() operation_logger.start()
if not auth.remove('cn=%s,ou=permission' % str(permission + '.' + app)): if not auth.remove('cn=%s,ou=permission' % str(permission + '.' + app)):
raise MoulinetteError(169, m18n.n('permission_deletion_failed', permission=permission, app=app)) raise YunohostError('permission_deletion_failed', permission=permission, app=app)
if sync_perm: if sync_perm:
permission_sync_to_user(auth) permission_sync_to_user(auth)
logger.success(m18n.n('permission_deleted', permission=permission, app=app)) logger.success(m18n.n('permission_deleted', permission=permission, app=app))
@ -487,7 +486,7 @@ def permission_sync_to_user(auth):
uid_val = [v.split("=")[1].split(",")[0] for v in val] uid_val = [v.split("=")[1].split(",")[0] for v in val]
inheritPermission = {'inheritPermission': val, 'memberUid': uid_val} inheritPermission = {'inheritPermission': val, 'memberUid': uid_val}
if not auth.update('cn=%s,ou=permission' % per['cn'][0], inheritPermission): if not auth.update('cn=%s,ou=permission' % per['cn'][0], inheritPermission):
raise MoulinetteError(169, m18n.n('permission_update_failed')) raise YunohostError('permission_update_failed')
logger.success(m18n.n('permission_generated')) logger.success(m18n.n('permission_generated'))
app_ssowatconf(auth) app_ssowatconf(auth)

26
src/yunohost/user.py
View file

@ -496,8 +496,7 @@ def user_group_list(auth, fields=None):
if attr in keys: if attr in keys:
attrs.append(attr) attrs.append(attr)
else: else:
raise MoulinetteError(errno.EINVAL, raise YunohostError('field_invalid', attr)
m18n.n('field_invalid', attr))
else: else:
attrs = ['cn', 'member'] attrs = ['cn', 'member']
@ -551,12 +550,12 @@ def user_group_add(operation_logger, auth, groupname,gid=None, sync_perm=True):
'cn': groupname 'cn': groupname
}, base_dn='ou=groups,dc=yunohost,dc=org') }, base_dn='ou=groups,dc=yunohost,dc=org')
if conflict: if conflict:
raise MoulinetteError(errno.EEXIST, m18n.n('group_name_already_exist', name=groupname)) raise YunohostError('group_name_already_exist', name=groupname)
# Validate uniqueness of groupname in system group # Validate uniqueness of groupname in system group
all_existing_groupnames = {x.gr_name for x in grp.getgrall()} all_existing_groupnames = {x.gr_name for x in grp.getgrall()}
if groupname in all_existing_groupnames: if groupname in all_existing_groupnames:
raise MoulinetteError(errno.EEXIST, m18n.n('system_groupname_exists')) raise YunohostError('system_groupname_exists')
if not gid: if not gid:
# Get random GID # Get random GID
@ -579,7 +578,7 @@ def user_group_add(operation_logger, auth, groupname,gid=None, sync_perm=True):
permission_sync_to_user(auth) permission_sync_to_user(auth)
return {'name': groupname} return {'name': groupname}
raise MoulinetteError(169, m18n.n('group_creation_failed')) raise YunohostError('group_creation_failed')
@is_unit_operation([('groupname', 'user')]) @is_unit_operation([('groupname', 'user')])
@ -594,11 +593,11 @@ def user_group_delete(operation_logger, auth, groupname, force=False, sync_perm=
from yunohost.permission import permission_sync_to_user from yunohost.permission import permission_sync_to_user
if not force and (groupname == 'all_users' or groupname == 'admins' or groupname in user_list(auth, ['uid'])['users']): if not force and (groupname == 'all_users' or groupname == 'admins' or groupname in user_list(auth, ['uid'])['users']):
raise MoulinetteError(errno.EPERM, m18n.n('group_deletion_not_allowed', user=groupname)) raise YunohostError('group_deletion_not_allowed', user=groupname)
operation_logger.start() operation_logger.start()
if not auth.remove('cn=%s,ou=groups' % groupname): if not auth.remove('cn=%s,ou=groups' % groupname):
raise MoulinetteError(169, m18n.n('group_deletion_failed')) raise YunohostError('group_deletion_failed')
logger.success(m18n.n('group_deleted')) logger.success(m18n.n('group_deleted'))
if sync_perm: if sync_perm:
@ -622,13 +621,13 @@ def user_group_update(operation_logger, auth, groupname, add_user=None, remove_u
attrs_to_fetch = ['member'] attrs_to_fetch = ['member']
if (groupname == 'all_users' or groupname == 'admins') and not force: if (groupname == 'all_users' or groupname == 'admins') and not force:
raise MoulinetteError(errno.EINVAL, m18n.n('edit_group_not_allowed', group=groupname)) raise YunohostError('edit_group_not_allowed', group=groupname)
# Populate group informations # Populate group informations
result = auth.search(base='ou=groups,dc=yunohost,dc=org', result = auth.search(base='ou=groups,dc=yunohost,dc=org',
filter='cn=' + groupname, attrs=attrs_to_fetch) filter='cn=' + groupname, attrs=attrs_to_fetch)
if not result: if not result:
raise MoulinetteError(errno.EINVAL, m18n.n('group_unknown', group=groupname)) raise YunohostError('group_unknown', group=groupname)
group = result[0] group = result[0]
new_group_list = {'member': set(), 'memberUid': set()} new_group_list = {'member': set(), 'memberUid': set()}
@ -644,7 +643,7 @@ def user_group_update(operation_logger, auth, groupname, add_user=None, remove_u
add_user = [add_user] add_user = [add_user]
for user in add_user: for user in add_user:
if not user in user_l: if not user in user_l:
raise MoulinetteError(errno.EINVAL, m18n.n('user_unknown', user=user)) raise YunohostError('user_unknown', user=user)
userDN = "uid=" + user + ",ou=users,dc=yunohost,dc=org" userDN = "uid=" + user + ",ou=users,dc=yunohost,dc=org"
if userDN in group['member']: if userDN in group['member']:
logger.warning(m18n.n('user_alread_in_group', user=user, group=groupname)) logger.warning(m18n.n('user_alread_in_group', user=user, group=groupname))
@ -656,8 +655,7 @@ def user_group_update(operation_logger, auth, groupname, add_user=None, remove_u
for user in remove_user: for user in remove_user:
userDN = "uid=" + user + ",ou=users,dc=yunohost,dc=org" userDN = "uid=" + user + ",ou=users,dc=yunohost,dc=org"
if user == groupname: if user == groupname:
raise MoulinetteError(errno.EINVAL, raise YunohostError('remove_user_of_group_not_allowed', user=user, group=groupname)
m18n.n('remove_user_of_group_not_allowed', user=user, group=groupname))
if 'member' in group and userDN in group['member']: if 'member' in group and userDN in group['member']:
new_group_list['member'].remove(userDN) new_group_list['member'].remove(userDN)
else: else:
@ -677,7 +675,7 @@ def user_group_update(operation_logger, auth, groupname, add_user=None, remove_u
if new_group_list['member'] != set(group['member']): if new_group_list['member'] != set(group['member']):
if not auth.update('cn=%s,ou=groups' % groupname, new_group_list): if not auth.update('cn=%s,ou=groups' % groupname, new_group_list):
raise MoulinetteError(169, m18n.n('group_update_failed')) raise YunohostError('group_update_failed')
logger.success(m18n.n('group_updated')) logger.success(m18n.n('group_updated'))
if sync_perm: if sync_perm:
@ -699,7 +697,7 @@ def user_group_info(auth, groupname):
result = auth.search('ou=groups,dc=yunohost,dc=org', "cn=" + groupname, group_attrs) result = auth.search('ou=groups,dc=yunohost,dc=org', "cn=" + groupname, group_attrs)
if not result: if not result:
raise MoulinetteError(errno.EINVAL, m18n.n('group_unknown', group=groupname)) raise YunohostError('group_unknown', group=groupname)
else: else:
group = result[0] group = result[0]