From b9aa5d143f7b179373f8bc36ec3b7d147d1bb083 Mon Sep 17 00:00:00 2001 From: Kay0u Date: Sun, 22 Mar 2020 20:51:32 +0100 Subject: [PATCH] Allow public apps with no sso tile --- locales/en.json | 2 -- src/yunohost/app.py | 2 +- src/yunohost/permission.py | 12 ------------ src/yunohost/tests/test_permission.py | 21 --------------------- 4 files changed, 1 insertion(+), 36 deletions(-) diff --git a/locales/en.json b/locales/en.json index 17014cad0..d2972fa25 100644 --- a/locales/en.json +++ b/locales/en.json @@ -415,12 +415,10 @@ "pattern_positive_number": "Must be a positive number", "pattern_username": "Must be lower-case alphanumeric and underscore characters only", "pattern_password_app": "Sorry, passwords can not contain the following characters: {forbidden_chars}", - "permission_all_users_implicitly_added": "The permission was also implicitly granted to 'all_users' because it is required to allow the special group 'visitors'", "permission_already_allowed": "Group '{group}' already has permission '{permission}' enabled", "permission_already_disallowed": "Group '{group}' already has permission '{permission}' disabled'", "permission_already_exist": "Permission '{permission}' already exists", "permission_already_up_to_date": "The permission was not updated because the addition/removal requests already match the current state.", - "permission_cannot_remove_all_users_while_visitors_allowed": "You can't remove this permission for 'all_users' while it is still allowed for 'visitors'", "permission_cannot_remove_main": "Removing a main permission is not allowed", "permission_created": "Permission '{permission:s}' created", "permission_creation_failed": "Could not create permission '{permission}': {error}", diff --git a/src/yunohost/app.py b/src/yunohost/app.py index 0324a116a..c71162494 100644 --- a/src/yunohost/app.py +++ b/src/yunohost/app.py @@ -437,7 +437,7 @@ def app_map(app=None, raw=False, user=None): logger.warning("Uhoh, no main permission was found for app %s ... sounds like an app was only partially removed due to another bug :/" % app_id) continue main_perm = permissions[app_id + ".main"] - if user not in main_perm["corresponding_users"] and "visitors" not in main_perm["allowed"]: + if user not in main_perm["corresponding_users"]: continue domain = app_settings['domain'] diff --git a/src/yunohost/permission.py b/src/yunohost/permission.py index 775a8cd71..71472eeaf 100644 --- a/src/yunohost/permission.py +++ b/src/yunohost/permission.py @@ -146,16 +146,6 @@ def user_permission_update(operation_logger, permission, add=None, remove=None, if "visitors" not in new_allowed_groups or len(new_allowed_groups) >= 3: logger.warning(m18n.n("permission_currently_allowed_for_all_users")) - # If visitors are to be added, we shall make sure that "all_users" are also allowed - # (e.g. if visitors are allowed to visit nextcloud, you still want to allow people to log in ...) - if add and "visitors" in groups_to_add and "all_users" not in new_allowed_groups: - new_allowed_groups.append("all_users") - logger.warning(m18n.n("permission_all_users_implicitly_added")) - # If all_users are to be added, yet visitors are still to allowed, then we - # refuse it (c.f. previous comment...) - if remove and "all_users" in groups_to_remove and "visitors" in new_allowed_groups: - raise YunohostError('permission_cannot_remove_all_users_while_visitors_allowed') - # Don't update LDAP if we update exactly the same values if set(new_allowed_groups) == set(current_allowed_groups): logger.warning(m18n.n("permission_already_up_to_date")) @@ -270,8 +260,6 @@ def permission_create(operation_logger, permission, url=None, allowed=None, sync if allowed is not None: if not isinstance(allowed, list): allowed = [allowed] - if "visitors" in allowed and "all_users" not in allowed: - allowed.append("all_users") # Validate that the groups to add actually exist all_existing_groups = user_group_list()['groups'].keys() diff --git a/src/yunohost/tests/test_permission.py b/src/yunohost/tests/test_permission.py index 2e53f13a7..a4bd570e5 100644 --- a/src/yunohost/tests/test_permission.py +++ b/src/yunohost/tests/test_permission.py @@ -313,27 +313,6 @@ def test_permission_add_and_remove_group(mocker): assert res['wiki.main']['corresponding_users'] == ["alice"] -def test_permission_adding_visitors_implicitly_add_all_users(mocker): - - res = user_permission_list(full=True)['permissions'] - assert res['blog.main']['allowed'] == ["alice"] - - with message(mocker, "permission_updated", permission="blog.main"): - user_permission_update("blog.main", add="visitors") - - res = user_permission_list(full=True)['permissions'] - assert set(res['blog.main']['allowed']) == set(["alice", "visitors", "all_users"]) - - -def test_permission_cant_remove_all_users_if_visitors_allowed(mocker): - - with message(mocker, "permission_updated", permission="blog.main"): - user_permission_update("blog.main", add=["visitors", "all_users"]) - - with raiseYunohostError(mocker, 'permission_cannot_remove_all_users_while_visitors_allowed'): - user_permission_update("blog.main", remove="all_users") - - def test_permission_add_group_already_allowed(mocker): with message(mocker, "permission_already_allowed", permission="blog.main", group="alice"): user_permission_update("blog.main", add="alice")