From d5c61f2d27253bf79e69c39a9034c56d61a50ce3 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Josu=C3=A9=20Tille?= <josue@tille.ch>
Date: Thu, 2 Apr 2020 17:11:01 +0200
Subject: [PATCH] Manage skipped, unprotected uris in root path case

---
 locales/en.json                                      |  1 +
 .../0015_extends_permissions_features_1.py           | 12 ++++++------
 2 files changed, 7 insertions(+), 6 deletions(-)

diff --git a/locales/en.json b/locales/en.json
index 40a5eb52b..6df38e3e5 100644
--- a/locales/en.json
+++ b/locales/en.json
@@ -464,6 +464,7 @@
     "migration_0011_update_LDAP_schema": "Updating LDAP schema…",
     "migration_0011_failed_to_remove_stale_object": "Could not remove stale object {dn}: {error}",
     "migration_0015_add_new_attributes_in_ldap": "Add new attributes for permissions in LDAP database",
+    "migration_0015_migrate_old_app_settings": "Migrate old apps settings 'skipped_uris', 'unprotected_uris', 'protected_uris' in permissions system.",
     "migrations_already_ran": "Those migrations are already done: {ids}",
     "migrations_cant_reach_migration_file": "Could not access migrations files at the path '%s'",
     "migrations_dependencies_not_satisfied": "Run these migrations: '{dependencies_id}', before migration {id}.",
diff --git a/src/yunohost/data_migrations/0015_extends_permissions_features_1.py b/src/yunohost/data_migrations/0015_extends_permissions_features_1.py
index 69511761d..18077e1bf 100644
--- a/src/yunohost/data_migrations/0015_extends_permissions_features_1.py
+++ b/src/yunohost/data_migrations/0015_extends_permissions_features_1.py
@@ -92,12 +92,12 @@ class MyMigration(Migration):
             return s.split(',') if s else []
 
         for app in apps:
-            skipped_urls = [_sanitized_absolute_url(uri) for uri in  app_setting(app, 'skipped_uris')]
-            skipped_urls += ['re:' + regex for regex in  app_setting(app, 'skipped_regex')]
-            unprotected_urls = [_sanitized_absolute_url(uri) for uri in app_setting(app, 'unprotected_uris')]
-            unprotected_urls += ['re:' + regex for regex in  app_setting(app, 'unprotected_regex')]
-            protected_urls = [_sanitized_absolute_url(uri) for uri in  app_setting(app, 'protected_uris')]
-            protected_urls += ['re:' + regex for regex in  app_setting(app, 'protected_regex')]
+            skipped_urls = [_sanitized_absolute_url(uri) for uri in _get_setting(app, 'skipped_uris') if uri != '/']
+            skipped_urls += ['re:' + regex for regex in _get_setting(app, 'skipped_regex')]
+            unprotected_urls = [_sanitized_absolute_url(uri) for uri in _get_setting(app, 'unprotected_uris') if uri != '/']
+            unprotected_urls += ['re:' + regex for regex in _get_setting(app, 'unprotected_regex')]
+            protected_urls = [_sanitized_absolute_url(uri) for uri in _get_setting(app, 'protected_uris') if uri != '/']
+            protected_urls += ['re:' + regex for regex in _get_setting(app, 'protected_regex')]
 
             if skipped_urls != []:
                 permission_create(app+".legacy_skipped_uris", additional_urls=skipped_urls,