diff --git a/data/actionsmap/yunohost.yml b/data/actionsmap/yunohost.yml index b7afe2703..73aa048bc 100644 --- a/data/actionsmap/yunohost.yml +++ b/data/actionsmap/yunohost.yml @@ -252,30 +252,6 @@ user: extra: pattern: *pattern_groupname - ### user_group_update() - update: - action_help: Update group - api: PUT /users/groups/ - arguments: - groupname: - help: Name of the group to be updated - extra: - pattern: *pattern_groupname - -a: - full: --add - help: User(s) to add in the group - nargs: "*" - metavar: USERNAME - extra: - pattern: *pattern_username - -r: - full: --remove - help: User(s) to remove in the group - nargs: "*" - metavar: USERNAME - extra: - pattern: *pattern_username - ### user_group_info() info: action_help: Get information about a specific group @@ -286,6 +262,38 @@ user: extra: pattern: *pattern_username + ### user_group_add() + add: + action_help: Update group + api: PUT /users/groups//add/ + arguments: + groupname: + help: Name of the group to add user(s) to + extra: + pattern: *pattern_groupname + usernames: + help: User(s) to add in the group + nargs: "*" + metavar: USERNAME + extra: + pattern: *pattern_username + + ### user_group_remove() + remove: + action_help: Update group + api: PUT /users/groups//remove/ + arguments: + groupname: + help: Name of the group to remove user(s) from + extra: + pattern: *pattern_groupname + usernames: + help: User(s) to remove from the group + nargs: "*" + metavar: USERNAME + extra: + pattern: *pattern_username + permission: subcategory_help: Manage permissions actions: @@ -322,20 +330,6 @@ user: arguments: permission: help: Permission to manage (e.g. mail or nextcloud or wordpress.editors) (use "yunohost user permission list" and "yunohost user permission -f" to see all the current permissions) - -a: - full: --add - help: Group or usernames to grant this permission to - nargs: "*" - metavar: GROUP_OR_USER - extra: - pattern: *pattern_username - -r: - full: --remove - help: Group or usernames revoke this permission from - nargs: "*" - metavar: GROUP_OR_USER - extra: - pattern: *pattern_username -l: full: --label help: Label for this permission. This label will be shown on the SSO and in the admin @@ -346,10 +340,38 @@ user: - 'True' - 'False' + ## user_permission_add() + add: + action_help: Grant permission to group or user + api: PUT /users/permissions//add/ + arguments: + permission: + help: Permission to manage (e.g. mail or nextcloud or wordpress.editors) (use "yunohost user permission list" and "yunohost user permission -f" to see all the current permissions) + names: + help: Group or usernames to grant this permission to + nargs: "*" + metavar: GROUP_OR_USER + extra: + pattern: *pattern_username + + ## user_permission_remove() + remove: + action_help: Revoke permission to group or user + api: PUT /users/permissions//remove/ + arguments: + permission: + help: Permission to manage (e.g. mail or nextcloud or wordpress.editors) (use "yunohost user permission list" and "yunohost user permission -f" to see all the current permissions) + names: + help: Group or usernames to revoke this permission to + nargs: "*" + metavar: GROUP_OR_USER + extra: + pattern: *pattern_username + ## user_permission_reset() reset: action_help: Reset allowed groups to the default (all_users) for a given permission - api: DELETE /users/permissions/ + api: DELETE /users/permissions/ arguments: permission: help: Permission to manage (e.g. mail or nextcloud or wordpress.editors) (use "yunohost user permission list" and "yunohost user permission -f" to see all the current permissions) @@ -485,7 +507,7 @@ domain: - maindomain api: - GET /domains/main - - PUT /domains/main + - PUT /domains//main arguments: -n: full: --new-main-domain @@ -496,7 +518,7 @@ domain: ### certificate_status() cert-status: action_help: List status of current certificates (all by default). - api: GET /domains/cert-status/ + api: GET /domains//cert arguments: domain_list: help: Domains to check @@ -508,7 +530,7 @@ domain: ### certificate_install() cert-install: action_help: Install Let's Encrypt certificates for given domains (all by default). - api: POST /domains/cert-install/ + api: PUT /domains//cert arguments: domain_list: help: Domains for which to install the certificates @@ -529,7 +551,7 @@ domain: ### certificate_renew() cert-renew: action_help: Renew the Let's Encrypt certificates for given domains (all by default). - api: POST /domains/cert-renew/ + api: PUT /domains//cert/renew arguments: domain_list: help: Domains for which to renew the certificates @@ -550,7 +572,7 @@ domain: ### domain_url_available() url-available: action_help: Check availability of a web path - api: GET /domain/urlavailable + api: GET /domain//urlavailable arguments: domain: help: The domain for the web path (e.g. your.domain.tld) @@ -559,20 +581,6 @@ domain: path: help: The path to check (e.g. /coffee) - - ### domain_info() -# info: -# action_help: Get domain informations -# api: GET /domains/ -# arguments: -# domain: -# help: "" -# extra: -# pattern: -# - '^([a-zA-Z0-9]{1}([a-zA-Z0-9\-]*[a-zA-Z0-9])*)(\.[a-zA-Z0-9]{1}([a-zA-Z0-9\-]*[a-zA-Z0-9])*)*(\.[a-zA-Z]{1}([a-zA-Z0-9\-]*[a-zA-Z0-9])*)$' -# - "Must be a valid domain name (e.g. my-domain.org)" - - ############################# # App # ############################# @@ -582,7 +590,7 @@ app: catalog: action_help: Show the catalog of installable application - api: GET /appscatalog + api: GET /apps/catalog arguments: -f: full: --full @@ -592,7 +600,7 @@ app: full: --with-categories help: Also return a list of app categories action: store_true - + ### app_search() search: action_help: Search installable apps @@ -634,7 +642,7 @@ app: ### app_map() map: action_help: Show the mapping between urls and apps - api: GET /appsmap + api: GET /apps/map arguments: -a: full: --app @@ -682,7 +690,7 @@ app: ### app_upgrade() upgrade: action_help: Upgrade app - api: PUT /upgrade/apps + api: PUT /apps//upgrade arguments: app: help: App(s) to upgrade (default all) @@ -740,7 +748,6 @@ app: ### app_register_url() register-url: action_help: Book/register a web path for a given app - api: PUT /tools/registerurl arguments: app: help: App which will use the web path @@ -764,7 +771,6 @@ app: ### app_ssowatconf() ssowatconf: action_help: Regenerate SSOwat configuration file - api: PUT /ssowatconf ### app_change_label() change-label: @@ -779,7 +785,6 @@ app: ### app_addaccess() TODO: Write help addaccess: action_help: Grant access right to users (everyone by default) - api: PUT /access deprecated: true arguments: apps: @@ -791,7 +796,6 @@ app: ### app_removeaccess() TODO: Write help removeaccess: action_help: Revoke access right to users (everyone by default) - api: DELETE /access deprecated: true arguments: apps: @@ -803,7 +807,6 @@ app: ### app_clearaccess() clearaccess: action_help: Reset access rights for the app - api: POST /access deprecated: true arguments: apps: @@ -851,7 +854,7 @@ app: ### app_config_apply() apply: action_help: apply the new configuration - api: POST /apps//config + api: PUT /apps//config arguments: app: help: App name @@ -869,7 +872,7 @@ backup: ### backup_create() create: action_help: Create a backup local archive. If neither --apps or --system are given, this will backup all apps and all system parts. If only --apps if given, this will only backup apps and no system parts. Similarly, if only --system is given, this will only backup system parts and no apps. - api: POST /backup + api: POST /backups arguments: -n: full: --name @@ -897,7 +900,7 @@ backup: ### backup_restore() restore: action_help: Restore from a local backup archive. If neither --apps or --system are given, this will restore all apps and all system parts in the archive. If only --apps if given, this will only restore apps and no system parts. Similarly, if only --system is given, this will only restore system parts and no apps. - api: POST /backup/restore/ + api: PUT /backups//restore arguments: name: help: Name of the local backup archive @@ -914,7 +917,7 @@ backup: ### backup_list() list: action_help: List available local backup archives - api: GET /backup/archives + api: GET /backups arguments: -i: full: --with-info @@ -928,7 +931,7 @@ backup: ### backup_info() info: action_help: Show info about a local backup archive - api: GET /backup/archives/ + api: GET /backups/ arguments: name: help: Name of the local backup archive @@ -944,7 +947,7 @@ backup: ### backup_download() download: action_help: (API only) Request to download the file - api: GET /backup/download/ + api: GET /backups//download arguments: name: help: Name of the local backup archive @@ -952,7 +955,7 @@ backup: ### backup_delete() delete: action_help: Delete a backup archive - api: DELETE /backup/archives/ + api: DELETE /backups/ arguments: name: help: Name of the archive to delete @@ -1019,7 +1022,6 @@ service: ### service_add() add: action_help: Add a service - # api: POST /services arguments: name: help: Service name to add @@ -1057,7 +1059,6 @@ service: ### service_remove() remove: action_help: Remove a service - # api: DELETE /services arguments: name: help: Service name to remove @@ -1065,7 +1066,7 @@ service: ### service_start() start: action_help: Start one or more services - api: PUT /services/ + api: PUT /services//start arguments: names: help: Service name to start @@ -1075,7 +1076,7 @@ service: ### service_stop() stop: action_help: Stop one or more services - api: DELETE /services/ + api: PUT /services//stop arguments: names: help: Service name to stop @@ -1123,7 +1124,7 @@ service: ### service_disable() disable: action_help: Disable one or more services - api: DELETE /services//enable + api: PUT /services//disable arguments: names: help: Service name to disable @@ -1158,7 +1159,6 @@ service: ### service_regen_conf() regen-conf: action_help: Regenerate the configuration file(s) for a service - api: PUT /services/regenconf deprecated_alias: - regenconf arguments: @@ -1210,19 +1210,10 @@ firewall: help: List forwarded ports with UPnP action: store_true - ### firewall_reload() - reload: - action_help: Reload all firewall rules - api: PUT /firewall - arguments: - --skip-upnp: - help: Do not refresh port forwarding using UPnP - action: store_true - ### firewall_allow() allow: action_help: Allow connections on a port - api: POST /firewall/port + api: PUT /firewall//allow/ arguments: protocol: help: "Protocol type to allow (TCP/UDP/Both)" @@ -1252,11 +1243,10 @@ firewall: help: Do not reload firewall rules action: store_true - ### firewall_disallow() disallow: action_help: Disallow connections on a port - api: DELETE /firewall/port + api: PUT /firewall//disallow/ arguments: protocol: help: "Protocol type to allow (TCP/UDP/Both)" @@ -1284,11 +1274,10 @@ firewall: help: Do not reload firewall rules action: store_true - ### firewall_upnp() upnp: action_help: Manage port forwarding using UPnP - api: GET /firewall/upnp + api: PUT /firewall/upnp/ arguments: action: choices: @@ -1302,10 +1291,19 @@ firewall: help: Do not refresh port forwarding action: store_true + + ### firewall_reload() + reload: + action_help: Reload all firewall rules + arguments: + --skip-upnp: + help: Do not refresh port forwarding using UPnP + action: store_true + ### firewall_stop() stop: action_help: Stop iptables and ip6tables - api: DELETE /firewall + @@ -1319,7 +1317,6 @@ dyndns: ### dyndns_subscribe() subscribe: action_help: Subscribe to a DynDNS service - api: POST /dyndns arguments: --subscribe-host: help: Dynette HTTP API to subscribe to @@ -1336,7 +1333,6 @@ dyndns: ### dyndns_update() update: action_help: Update IP on DynDNS platform - api: PUT /dyndns arguments: --dyn-host: help: Dynette DNS server to inform @@ -1440,25 +1436,40 @@ tools: ### tools_update() update: action_help: YunoHost update - api: PUT /update + api: PUT /update/ arguments: + target: + help: What to update, "apps" (application catalog) or "system" (fetch available package upgrades, equivalent to apt update), "all" for both + choices: + - apps + - system + - all + nargs: "?" + metavar: TARGET + default: all --apps: - help: Fetch the application list to check which apps can be upgraded + help: (Deprecated, see first positional arg) Fetch the application list to check which apps can be upgraded action: store_true --system: - help: Fetch available system packages upgrades (equivalent to apt update) + help: (Deprecated, see first positional arg) Fetch available system packages upgrades (equivalent to apt update) action: store_true ### tools_upgrade() upgrade: action_help: YunoHost upgrade - api: PUT /upgrade + api: PUT /upgrade/ arguments: + target: + help: What to upgrade, either "apps" (all apps) or "system" (all system packages) + choices: + - apps + - system + nargs: "?" --apps: - help: List of apps to upgrade (all by default) - nargs: "*" + help: (Deprecated, see first positional arg) Upgrade all applications + action: store_true --system: - help: Upgrade only the system packages + help: (Deprecated, see first positional arg) Upgrade only the system packages action: store_true ### tools_shell() @@ -1492,7 +1503,9 @@ tools: ### tools_regen_conf() regen-conf: action_help: Regenerate the configuration file(s) - api: PUT /tools/regenconf + api: + - PUT /regenconf + - PUT /regenconf/ arguments: names: help: Categories to regenerate configuration of (all by default) @@ -1541,7 +1554,9 @@ tools: ### tools_migrations_run() run: action_help: Run migrations - api: POST /migrations/run + api: + - PUT /migrations + - PUT /migrations/ deprecated_alias: - migrate arguments: @@ -1564,7 +1579,6 @@ tools: ### tools_migrations_state() state: action_help: Show current migrations state - api: GET /migrations/state ############################# @@ -1593,7 +1607,6 @@ hook: ### hook_info() info: action_help: Get information about a given hook - api: GET /hooks// arguments: action: help: Action name @@ -1623,7 +1636,6 @@ hook: ### hook_callback() callback: action_help: Execute all scripts binded to an action - api: POST /hooks/ arguments: action: help: Action name @@ -1719,7 +1731,7 @@ log: ### log_share() share: action_help: Share the full log on yunopaste (alias to show --share) - api: GET /logs/share + api: GET /logs//share arguments: path: help: Log file to share @@ -1734,11 +1746,11 @@ diagnosis: list: action_help: List diagnosis categories - api: GET /diagnosis/list + api: GET /diagnosis/categories show: action_help: Show most recents diagnosis results - api: GET /diagnosis/show + api: GET /diagnosis arguments: categories: help: Diagnosis categories to display (all by default) @@ -1756,9 +1768,20 @@ diagnosis: help: Show a human-readable output action: store_true + get: + action_help: Low-level command to fetch raw data and status about a specific diagnosis test + api: GET /diagnosis/ + arguments: + category: + help: Diagnosis category to fetch results from + item: + help: "List of criteria describing the test. Must correspond exactly to the 'meta' infos in 'yunohost diagnosis show'" + metavar: CRITERIA + nargs: "*" + run: action_help: Run diagnosis - api: POST /diagnosis/run + api: PUT /diagnosis/run arguments: categories: help: Diagnosis categories to run (all by default) @@ -1775,27 +1798,21 @@ diagnosis: ignore: action_help: Configure some diagnosis results to be ignored and therefore not considered as actual issues - api: POST /diagnosis/ignore + api: PUT /diagnosis/ignore arguments: - --add-filter: + --filter: help: "Add a filter. The first element should be a diagnosis category, and other criterias can be provided using the infos from the 'meta' sections in 'yunohost diagnosis show'. For example: 'dnsrecords domain=yolo.test category=xmpp'" nargs: "*" metavar: CRITERIA - --remove-filter: - help: Remove a filter (it should be an existing filter as listed with --list) - nargs: "*" - metavar: CRITERIA --list: help: List active ignore filters action: store_true - get: - action_help: Low-level command to fetch raw data and status about a specific diagnosis test - api: GET /diagnosis/item/ + unignore: + action_help: Configure some diagnosis results to be unignored and therefore considered as actual issues + api: PUT /diagnosis/unignore arguments: - category: - help: Diagnosis category to fetch results from - item: - help: "List of criteria describing the test. Must correspond exactly to the 'meta' infos in 'yunohost diagnosis show'" - metavar: CRITERIA + --filter: + help: Remove a filter (it should be an existing filter as listed with --list) nargs: "*" + metavar: CRITERIA diff --git a/src/yunohost/app.py b/src/yunohost/app.py index 394def0ba..8d334677f 100644 --- a/src/yunohost/app.py +++ b/src/yunohost/app.py @@ -144,7 +144,7 @@ def app_fetchlist(): ) from yunohost.tools import tools_update - tools_update(apps=True) + tools_update(target="apps") def app_list(full=False, installed=False, filter=None): diff --git a/src/yunohost/data_migrations/0015_migrate_to_buster.py b/src/yunohost/data_migrations/0015_migrate_to_buster.py index e87c83087..4f2d4caf8 100644 --- a/src/yunohost/data_migrations/0015_migrate_to_buster.py +++ b/src/yunohost/data_migrations/0015_migrate_to_buster.py @@ -43,7 +43,7 @@ class MyMigration(Migration): # logger.info(m18n.n("migration_0015_patching_sources_list")) self.patch_apt_sources_list() - tools_update(system=True) + tools_update(target="system") # Tell libc6 it's okay to restart system stuff during the upgrade os.system( @@ -88,7 +88,7 @@ class MyMigration(Migration): apps_packages = self.get_apps_equivs_packages() self.hold(apps_packages) - tools_upgrade(system=True, allow_yunohost_upgrade=False) + tools_upgrade(target="system", allow_yunohost_upgrade=False) if self.debian_major_version() == 9: raise YunohostError("migration_0015_still_on_stretch_after_main_upgrade") @@ -103,7 +103,7 @@ class MyMigration(Migration): # logger.info(m18n.n("migration_0015_yunohost_upgrade")) self.unhold(apps_packages) - tools_upgrade(system=True) + tools_upgrade(target="system") def debian_major_version(self): # The python module "platform" and lsb_release are not reliable because @@ -141,7 +141,7 @@ class MyMigration(Migration): # (but we don't if 'stretch' is already in the sources.list ... # which means maybe a previous upgrade crashed and we're re-running it) if " buster " not in read_file("/etc/apt/sources.list"): - tools_update(system=True) + tools_update(target="system") upgradable_system_packages = list(_list_upgradable_apt_packages()) if upgradable_system_packages: raise YunohostError("migration_0015_system_not_fully_up_to_date") diff --git a/src/yunohost/diagnosis.py b/src/yunohost/diagnosis.py index cc0035755..b8a4a1f8a 100644 --- a/src/yunohost/diagnosis.py +++ b/src/yunohost/diagnosis.py @@ -221,7 +221,15 @@ def diagnosis_run( logger.warning(m18n.n("diagnosis_display_tip")) -def diagnosis_ignore(add_filter=None, remove_filter=None, list=False): +def diagnosis_ignore(filter, list=False): + return _diagnosis_ignore(add_filter=filter, list=list) + + +def diagnosis_unignore(filter): + return _diagnosis_ignore(remove_filter=filter) + + +def _diagnosis_ignore(add_filter=None, remove_filter=None, list=False): """ This action is meant for the admin to ignore issues reported by the diagnosis system if they are known and understood by the admin. For diff --git a/src/yunohost/tools.py b/src/yunohost/tools.py index 52762932d..07a2dc231 100644 --- a/src/yunohost/tools.py +++ b/src/yunohost/tools.py @@ -405,22 +405,29 @@ def tools_regen_conf( return regen_conf(names, with_diff, force, dry_run, list_pending) -def tools_update(apps=False, system=False): +def tools_update(target=None, apps=False, system=False): """ Update apps & system package cache - - Keyword arguments: - system -- Fetch available system packages upgrades (equivalent to apt update) - apps -- Fetch the application list to check which apps can be upgraded """ - # If neither --apps nor --system specified, do both - if not apps and not system: - apps = True - system = True + # Legacy options (--system, --apps) + if apps or system: + logger.warning("Using 'yunohost tools update' with --apps / --system is deprecated, just write 'yunohost tools update apps system' (no -- prefix anymore)") + if apps and system: + target = "all" + elif apps: + target = "apps" + else: + target = "system" + + elif not target: + target = "all" + + if target not in ["system", "apps", "all"]: + raise YunohostError("Unknown target %s, should be 'system', 'apps' or 'all'" % target, raw_msg=True) upgradable_system_packages = [] - if system: + if target in ["system", "all"]: # Update APT cache # LC_ALL=C is here to make sure the results are in english @@ -468,7 +475,7 @@ def tools_update(apps=False, system=False): logger.debug(m18n.n("done")) upgradable_apps = [] - if apps: + if target in ["apps", "all"]: try: _update_apps_catalog() except YunohostError as e: @@ -519,7 +526,7 @@ def _list_upgradable_apps(): @is_unit_operation() def tools_upgrade( - operation_logger, apps=None, system=False, allow_yunohost_upgrade=True + operation_logger, target=None, apps=False, system=False, allow_yunohost_upgrade=True ): """ Update apps & package cache, then display changelog @@ -537,26 +544,34 @@ def tools_upgrade( if not packages.dpkg_lock_available(): raise YunohostValidationError("dpkg_lock_not_available") - if system is not False and apps is not None: - raise YunohostValidationError("tools_upgrade_cant_both") + # Legacy options management (--system, --apps) + if target is None: - if system is False and apps is None: - raise YunohostValidationError("tools_upgrade_at_least_one") + logger.warning("Using 'yunohost tools upgrade' with --apps / --system is deprecated, just write 'yunohost tools upgrade apps' or 'system' (no -- prefix anymore)") + + if (system, apps) == (True, True): + raise YunohostValidationError("tools_upgrade_cant_both") + + if (system, apps) == (False, False): + raise YunohostValidationError("tools_upgrade_at_least_one") + + target = "apps" if apps else "system" + + if target not in ["apps", "system"]: + raise Exception("Uhoh ?! tools_upgrade should have 'apps' or 'system' value for argument target") # # Apps # This is basically just an alias to yunohost app upgrade ... # - if apps is not None: + if target == "apps": # Make sure there's actually something to upgrade upgradable_apps = [app["id"] for app in _list_upgradable_apps()] - if not upgradable_apps or ( - len(apps) and all(app not in upgradable_apps for app in apps) - ): + if not upgradable_apps: logger.info(m18n.n("apps_already_up_to_date")) return @@ -574,7 +589,7 @@ def tools_upgrade( # System # - if system is True: + if target == "system": # Check that there's indeed some packages to upgrade upgradables = list(_list_upgradable_apt_packages()) diff --git a/src/yunohost/user.py b/src/yunohost/user.py index 3cd5c8e81..1f5bdf548 100644 --- a/src/yunohost/user.py +++ b/src/yunohost/user.py @@ -862,6 +862,34 @@ def user_group_info(groupname): } +def user_group_add(groupname, usernames, force=False, sync_perm=True): + """ + Add user(s) to a group + + Keyword argument: + groupname -- Groupname to update + usernames -- User(s) to add in the group + + """ + return user_group_update( + groupname, add=usernames, force=force, sync_perm=sync_perm + ) + + +def user_group_remove(groupname, usernames, force=False, sync_perm=True): + """ + Remove user(s) from a group + + Keyword argument: + groupname -- Groupname to update + usernames -- User(s) to remove from the group + + """ + return user_group_update( + groupname, remove=usernames, force=force, sync_perm=sync_perm + ) + + # # Permission subcategory # @@ -873,18 +901,31 @@ def user_permission_list(short=False, full=False, apps=[]): return yunohost.permission.user_permission_list(short, full, absolute_urls=True, apps=apps) -def user_permission_update( - permission, add=None, remove=None, label=None, show_tile=None, sync_perm=True +def user_permission_update(permission, label=None, show_tile=None, sync_perm=True): + import yunohost.permission + + return yunohost.permission.user_permission_update( + permission, label=label, show_tile=show_tile, sync_perm=sync_perm + ) + + +def user_permission_add( + permission, names, protected=None, force=False, sync_perm=True ): import yunohost.permission return yunohost.permission.user_permission_update( - permission, - add=add, - remove=remove, - label=label, - show_tile=show_tile, - sync_perm=sync_perm, + permission, add=names, protected=protected, force=force, sync_perm=sync_perm + ) + + +def user_permission_remove( + permission, names, protected=None, force=False, sync_perm=True +): + import yunohost.permission + + return yunohost.permission.user_permission_update( + permission, remove=names, protected=protected, force=force, sync_perm=sync_perm )