YunoHost/yunohost
1
0
Fork 0
mirror of https://github.com/YunoHost/yunohost.git synced 2024-09-03 20:06:10 +02:00
Code Issues Projects Releases Packages Wiki Activity

Allow public apps with no sso tile

Browse source
This commit is contained in:
Kay0u 2020-03-22 20:51:32 +01:00
parent b7a61f35cc
commit b9aa5d143f
No known key found for this signature in database
GPG key ID: 7FF262C033518333
4 changed files with 1 additions and 36 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
locales/en.json
View file

@ -415,12 +415,10 @@
"pattern_positive_number": "Must be a positive number", "pattern_positive_number": "Must be a positive number",
"pattern_username": "Must be lower-case alphanumeric and underscore characters only", "pattern_username": "Must be lower-case alphanumeric and underscore characters only",
"pattern_password_app": "Sorry, passwords can not contain the following characters: {forbidden_chars}", "pattern_password_app": "Sorry, passwords can not contain the following characters: {forbidden_chars}",
"permission_all_users_implicitly_added": "The permission was also implicitly granted to 'all_users' because it is required to allow the special group 'visitors'",
"permission_already_allowed": "Group '{group}' already has permission '{permission}' enabled", "permission_already_allowed": "Group '{group}' already has permission '{permission}' enabled",
"permission_already_disallowed": "Group '{group}' already has permission '{permission}' disabled'", "permission_already_disallowed": "Group '{group}' already has permission '{permission}' disabled'",
"permission_already_exist": "Permission '{permission}' already exists", "permission_already_exist": "Permission '{permission}' already exists",
"permission_already_up_to_date": "The permission was not updated because the addition/removal requests already match the current state.", "permission_already_up_to_date": "The permission was not updated because the addition/removal requests already match the current state.",
"permission_cannot_remove_all_users_while_visitors_allowed": "You can't remove this permission for 'all_users' while it is still allowed for 'visitors'",
"permission_cannot_remove_main": "Removing a main permission is not allowed", "permission_cannot_remove_main": "Removing a main permission is not allowed",
"permission_created": "Permission '{permission:s}' created", "permission_created": "Permission '{permission:s}' created",
"permission_creation_failed": "Could not create permission '{permission}': {error}", "permission_creation_failed": "Could not create permission '{permission}': {error}",

2
src/yunohost/app.py
View file

@ -437,7 +437,7 @@ def app_map(app=None, raw=False, user=None):
logger.warning("Uhoh, no main permission was found for app %s ... sounds like an app was only partially removed due to another bug :/" % app_id) logger.warning("Uhoh, no main permission was found for app %s ... sounds like an app was only partially removed due to another bug :/" % app_id)
continue continue
main_perm = permissions[app_id + ".main"] main_perm = permissions[app_id + ".main"]
if user not in main_perm["corresponding_users"] and "visitors" not in main_perm["allowed"]: if user not in main_perm["corresponding_users"]:
continue continue
domain = app_settings['domain'] domain = app_settings['domain']

12
src/yunohost/permission.py
View file

@ -146,16 +146,6 @@ def user_permission_update(operation_logger, permission, add=None, remove=None,
if "visitors" not in new_allowed_groups or len(new_allowed_groups) >= 3: if "visitors" not in new_allowed_groups or len(new_allowed_groups) >= 3:
logger.warning(m18n.n("permission_currently_allowed_for_all_users")) logger.warning(m18n.n("permission_currently_allowed_for_all_users"))
# If visitors are to be added, we shall make sure that "all_users" are also allowed
# (e.g. if visitors are allowed to visit nextcloud, you still want to allow people to log in ...)
if add and "visitors" in groups_to_add and "all_users" not in new_allowed_groups:
new_allowed_groups.append("all_users")
logger.warning(m18n.n("permission_all_users_implicitly_added"))
# If all_users are to be added, yet visitors are still to allowed, then we
# refuse it (c.f. previous comment...)
if remove and "all_users" in groups_to_remove and "visitors" in new_allowed_groups:
raise YunohostError('permission_cannot_remove_all_users_while_visitors_allowed')
# Don't update LDAP if we update exactly the same values # Don't update LDAP if we update exactly the same values
if set(new_allowed_groups) == set(current_allowed_groups): if set(new_allowed_groups) == set(current_allowed_groups):
logger.warning(m18n.n("permission_already_up_to_date")) logger.warning(m18n.n("permission_already_up_to_date"))
@ -270,8 +260,6 @@ def permission_create(operation_logger, permission, url=None, allowed=None, sync
if allowed is not None: if allowed is not None:
if not isinstance(allowed, list): if not isinstance(allowed, list):
allowed = [allowed] allowed = [allowed]
if "visitors" in allowed and "all_users" not in allowed:
allowed.append("all_users")
# Validate that the groups to add actually exist # Validate that the groups to add actually exist
all_existing_groups = user_group_list()['groups'].keys() all_existing_groups = user_group_list()['groups'].keys()

21
src/yunohost/tests/test_permission.py
View file

@ -313,27 +313,6 @@ def test_permission_add_and_remove_group(mocker):
assert res['wiki.main']['corresponding_users'] == ["alice"] assert res['wiki.main']['corresponding_users'] == ["alice"]
def test_permission_adding_visitors_implicitly_add_all_users(mocker):
res = user_permission_list(full=True)['permissions']
assert res['blog.main']['allowed'] == ["alice"]
with message(mocker, "permission_updated", permission="blog.main"):
user_permission_update("blog.main", add="visitors")
res = user_permission_list(full=True)['permissions']
assert set(res['blog.main']['allowed']) == set(["alice", "visitors", "all_users"])
def test_permission_cant_remove_all_users_if_visitors_allowed(mocker):
with message(mocker, "permission_updated", permission="blog.main"):
user_permission_update("blog.main", add=["visitors", "all_users"])
with raiseYunohostError(mocker, 'permission_cannot_remove_all_users_while_visitors_allowed'):
user_permission_update("blog.main", remove="all_users")
def test_permission_add_group_already_allowed(mocker): def test_permission_add_group_already_allowed(mocker):
with message(mocker, "permission_already_allowed", permission="blog.main", group="alice"): with message(mocker, "permission_already_allowed", permission="blog.main", group="alice"):
user_permission_update("blog.main", add="alice") user_permission_update("blog.main", add="alice")