From c826a37aaace0459a2f3eff322008cbbe669e424 Mon Sep 17 00:00:00 2001
From: Kay0u <pierre.moltess@gmail.com>
Date: Sun, 10 Nov 2019 21:34:57 +0900
Subject: [PATCH] Improve permission helpers

---
 data/helpers.d/setting | 31 ++++++++++++++++++++++++++++++-
 1 file changed, 30 insertions(+), 1 deletion(-)

diff --git a/data/helpers.d/setting b/data/helpers.d/setting
index 185e6111f..bf4e804ec 100644
--- a/data/helpers.d/setting
+++ b/data/helpers.d/setting
@@ -257,6 +257,7 @@ ynh_webpath_register () {
 #    re:/api/[A-Z]*$               -> domain.tld/app/api/[A-Z]*$
 #    re:domain.tld/app/api/[A-Z]*$ -> domain.tld/app/api/[A-Z]*$
 #
+# Requires YunoHost version 3.7.0 or higher.
 ynh_permission_create() {
     declare -Ar args_array=( [p]=permission= [u]=url= [a]=allowed= )
     local permission
@@ -274,7 +275,18 @@ ynh_permission_create() {
         allowed=",allowed=['${allowed//';'/"','"}']"
     fi
 
-    yunohost tools shell -c "from yunohost.permission import permission_create; permission_create('$app.$permission', url=$url ${allowed:-} , sync_perm=False)"
+    # Check if permission already exists
+    if ynh_permission_exists --permission $permission; then
+        # If permission exits, update it
+        local add
+        if [[ -n ${add:-} ]]; then
+            add="--add ${allowed//';'/" "}"
+        fi
+        ynh_exec_warn_less ynh_permission_update --permission $permission ${add:-}
+    else
+        # If not, create it
+        yunohost tools shell -c "from yunohost.permission import permission_create; permission_create('$app.$permission', url=$url ${allowed:-} , sync_perm=False)"
+    fi
 }
 
 # Remove a permission for the app (note that when the app is removed all permission is automatically removed)
@@ -284,6 +296,7 @@ ynh_permission_create() {
 # usage: ynh_permission_delete --permission "permission"
 # | arg: permission - the name for the permission (by default a permission named "main" is removed automatically when the app is removed)
 #
+# Requires YunoHost version 3.7.0 or higher.
 ynh_permission_delete() {
     declare -Ar args_array=( [p]=permission= )
     local permission
@@ -292,12 +305,27 @@ ynh_permission_delete() {
     yunohost tools shell -c "from yunohost.permission import permission_delete; permission_delete('$app.$permission', sync_perm=False)"
 }
 
+# Check if a permission exists
+#
+# usage: ynh_permission_exists --permission=permission
+# | arg: -p, --permission - the permission to check
+#
+# Requires YunoHost version 3.7.0 or higher.
+ynh_permission_exists() {
+    declare -Ar args_array=( [p]=permission= )
+    local permission
+    ynh_handle_getopts_args "$@"
+
+    yunohost user permission list -s | grep -w -q "$app.$permission"
+}
+
 # Redefine the url associated to a permission
 #
 # usage: ynh_permission_url --permission "permission" --url "url"
 # | arg: permission - the name for the permission (by default a permission named "main" is removed automatically when the app is removed)
 # | arg: url - (optional) URL for which access will be allowed/forbidden
 #
+# Requires YunoHost version 3.7.0 or higher.
 ynh_permission_url() {
     declare -Ar args_array=([p]=permission= [u]=url=)
     local permission
@@ -322,6 +350,7 @@ ynh_permission_url() {
 # | arg: remove - the list of group or users to remove from the permission
 #
 # example: ynh_permission_update --permission admin --add samdoe --remove all_users
+# Requires YunoHost version 3.7.0 or higher.
 ynh_permission_update() {
     declare -Ar args_array=( [p]=permission= [a]=add= [r]=remove= )
     local permission