mirror of
https://github.com/YunoHost/yunohost.git
synced 2024-09-03 20:06:10 +02:00
Move legacy permission setting migration to legacy.py
This commit is contained in:
parent
2cb6f4e2c2
commit
e047b67b1d
4 changed files with 68 additions and 67 deletions
|
@ -415,6 +415,7 @@
|
|||
"mail_unavailable": "This e-mail address is reserved and shall be automatically allocated to the very first user",
|
||||
"main_domain_change_failed": "Unable to change the main domain",
|
||||
"main_domain_changed": "The main domain has been changed",
|
||||
"migrating_legacy_permission_settings": "Migrating legacy permission settings...",
|
||||
"migration_description_0015_migrate_to_buster": "Upgrade the system to Debian Buster and YunoHost 4.x",
|
||||
"migration_description_0016_php70_to_php73_pools": "Migrate php7.0-fpm 'pool' conf files to php7.3",
|
||||
"migration_description_0017_postgresql_9p6_to_11": "Migrate databases from PostgreSQL 9.6 to 11",
|
||||
|
@ -446,7 +447,6 @@
|
|||
"migration_0018_failed_to_migrate_iptables_rules": "Failed to migrate legacy iptables rules to nftables: {error}",
|
||||
"migration_0018_failed_to_reset_legacy_rules": "Failed to reset legacy iptables rules: {error}",
|
||||
"migration_0019_add_new_attributes_in_ldap": "Add new attributes for permissions in LDAP database",
|
||||
"migration_0019_migrate_old_app_settings": "Migrate old apps settings 'skipped_uris', 'unprotected_uris', 'protected_uris' in permissions system.",
|
||||
"migration_0019_backup_before_migration": "Creating a backup of LDAP database and apps settings prior to the actual migration.",
|
||||
"migration_0019_can_not_backup_before_migration": "The backup of the system could not be completed before the migration failed. Error: {error:s}",
|
||||
"migration_0019_migration_failed_trying_to_rollback": "Could not migrate... trying to roll back the system.",
|
||||
|
|
|
@ -1364,9 +1364,8 @@ class RestoreManager():
|
|||
"protected_regex"
|
||||
]
|
||||
if any(app_setting(app_instance_name, setting) is not None for setting in legacy_permission_settings):
|
||||
from yunohost.tools import _get_migration_by_name
|
||||
extends_permissions_features_1 = _get_migration_by_name("extends_permissions_features_1")
|
||||
extends_permissions_features_1.migrate_skipped_unprotected_protected_uris(app=app_instance_name)
|
||||
from yunohost.utils.legacy import migrate_legacy_permission_settings
|
||||
migrate_legacy_permission_settings(app=app_instance_name)
|
||||
|
||||
# Prepare env. var. to pass to script
|
||||
env_dict = self._get_env_var(app_instance_name)
|
||||
|
|
|
@ -6,9 +6,9 @@ from yunohost.utils.error import YunohostError
|
|||
from moulinette.utils.log import getActionLogger
|
||||
|
||||
from yunohost.tools import Migration
|
||||
from yunohost.app import app_setting, _installed_apps, _get_app_settings, _set_app_settings
|
||||
from yunohost.permission import user_permission_list, permission_create, permission_sync_to_user
|
||||
from yunohost.utils.legacy import legacy_permission_label
|
||||
from yunohost.app import app_setting, _installed_apps
|
||||
from yunohost.permission import user_permission_list
|
||||
from yunohost.utils.legacy import migrate_legacy_permission_settings
|
||||
|
||||
logger = getActionLogger('yunohost.migration')
|
||||
|
||||
|
@ -91,63 +91,6 @@ class MyMigration(Migration):
|
|||
'isProtected': ["TRUE"]
|
||||
})
|
||||
|
||||
def migrate_skipped_unprotected_protected_uris(self, app=None):
|
||||
|
||||
logger.info(m18n.n("migration_0019_migrate_old_app_settings"))
|
||||
apps = _installed_apps()
|
||||
|
||||
if app:
|
||||
if app not in apps:
|
||||
logger.error("Can't migrate permission for app %s because it ain't installed..." % app)
|
||||
apps = []
|
||||
else:
|
||||
apps = [app]
|
||||
|
||||
for app in apps:
|
||||
|
||||
settings = _get_app_settings(app) or {}
|
||||
|
||||
def _setting(name):
|
||||
s = settings.get(name)
|
||||
return s.split(',') if s else []
|
||||
|
||||
skipped_urls = [uri for uri in _setting('skipped_uris') if uri != '/']
|
||||
skipped_urls += ['re:' + regex for regex in _setting('skipped_regex')]
|
||||
unprotected_urls = [uri for uri in _setting('unprotected_uris') if uri != '/']
|
||||
unprotected_urls += ['re:' + regex for regex in _setting('unprotected_regex')]
|
||||
protected_urls = [uri for uri in _setting('protected_uris') if uri != '/']
|
||||
protected_urls += ['re:' + regex for regex in _setting('protected_regex')]
|
||||
|
||||
if skipped_urls != []:
|
||||
permission_create(app + ".legacy_skipped_uris", additional_urls=skipped_urls,
|
||||
auth_header=False, label=legacy_permission_label(app, "skipped"),
|
||||
show_tile=False, allowed='visitors', protected=True, sync_perm=False)
|
||||
if unprotected_urls != []:
|
||||
permission_create(app + ".legacy_unprotected_uris", additional_urls=unprotected_urls,
|
||||
auth_header=True, label=legacy_permission_label(app, "unprotected"),
|
||||
show_tile=False, allowed='visitors', protected=True, sync_perm=False)
|
||||
if protected_urls != []:
|
||||
permission_create(app + ".legacy_protected_uris", additional_urls=protected_urls,
|
||||
auth_header=True, label=legacy_permission_label(app, "protected"),
|
||||
show_tile=False, allowed=user_permission_list()['permissions'][app + ".main"]['allowed'],
|
||||
protected=True, sync_perm=False)
|
||||
|
||||
legacy_permission_settings = [
|
||||
"skipped_uris",
|
||||
"unprotected_uris",
|
||||
"protected_uris",
|
||||
"skipped_regex",
|
||||
"unprotected_regex",
|
||||
"protected_regex"
|
||||
]
|
||||
for key in legacy_permission_settings:
|
||||
if key in settings:
|
||||
del settings[key]
|
||||
|
||||
_set_app_settings(app, settings)
|
||||
|
||||
permission_sync_to_user()
|
||||
|
||||
def run(self):
|
||||
|
||||
# FIXME : what do we really want to do here ...
|
||||
|
@ -173,7 +116,7 @@ class MyMigration(Migration):
|
|||
self.add_new_ldap_attributes()
|
||||
|
||||
# Migrate old settings
|
||||
self.migrate_skipped_unprotected_protected_uris()
|
||||
migrate_legacy_permission_settings()
|
||||
|
||||
except Exception as e:
|
||||
logger.warn(m18n.n("migration_0019_migration_failed_trying_to_rollback"))
|
||||
|
|
|
@ -4,8 +4,8 @@ from moulinette.utils.log import getActionLogger
|
|||
from moulinette.utils.filesystem import read_yaml
|
||||
|
||||
from yunohost.user import user_list, user_group_create, user_group_update
|
||||
from yunohost.app import app_setting, _installed_apps
|
||||
from yunohost.permission import permission_create, user_permission_update, permission_sync_to_user
|
||||
from yunohost.app import app_setting, _installed_apps, _get_app_settings, _set_app_settings
|
||||
from yunohost.permission import permission_create, user_permission_list, user_permission_update, permission_sync_to_user
|
||||
|
||||
logger = getActionLogger('yunohost.legacy')
|
||||
|
||||
|
@ -145,3 +145,62 @@ LEGACY_PERMISSION_LABEL = {
|
|||
|
||||
def legacy_permission_label(app, permission_type):
|
||||
return LEGACY_PERMISSION_LABEL.get((app, permission_type), "Legacy %s urls" % permission_type)
|
||||
|
||||
|
||||
def migrate_legacy_permission_settings(app=None):
|
||||
|
||||
logger.info(m18n.n("migrating_legacy_permission_settings"))
|
||||
apps = _installed_apps()
|
||||
|
||||
if app:
|
||||
if app not in apps:
|
||||
logger.error("Can't migrate permission for app %s because it ain't installed..." % app)
|
||||
apps = []
|
||||
else:
|
||||
apps = [app]
|
||||
|
||||
for app in apps:
|
||||
|
||||
settings = _get_app_settings(app) or {}
|
||||
|
||||
def _setting(name):
|
||||
s = settings.get(name)
|
||||
return s.split(',') if s else []
|
||||
|
||||
skipped_urls = [uri for uri in _setting('skipped_uris') if uri != '/']
|
||||
skipped_urls += ['re:' + regex for regex in _setting('skipped_regex')]
|
||||
unprotected_urls = [uri for uri in _setting('unprotected_uris') if uri != '/']
|
||||
unprotected_urls += ['re:' + regex for regex in _setting('unprotected_regex')]
|
||||
protected_urls = [uri for uri in _setting('protected_uris') if uri != '/']
|
||||
protected_urls += ['re:' + regex for regex in _setting('protected_regex')]
|
||||
|
||||
if skipped_urls != []:
|
||||
permission_create(app + ".legacy_skipped_uris", additional_urls=skipped_urls,
|
||||
auth_header=False, label=legacy_permission_label(app, "skipped"),
|
||||
show_tile=False, allowed='visitors', protected=True, sync_perm=False)
|
||||
if unprotected_urls != []:
|
||||
permission_create(app + ".legacy_unprotected_uris", additional_urls=unprotected_urls,
|
||||
auth_header=True, label=legacy_permission_label(app, "unprotected"),
|
||||
show_tile=False, allowed='visitors', protected=True, sync_perm=False)
|
||||
if protected_urls != []:
|
||||
permission_create(app + ".legacy_protected_uris", additional_urls=protected_urls,
|
||||
auth_header=True, label=legacy_permission_label(app, "protected"),
|
||||
show_tile=False, allowed=user_permission_list()['permissions'][app + ".main"]['allowed'],
|
||||
protected=True, sync_perm=False)
|
||||
|
||||
legacy_permission_settings = [
|
||||
"skipped_uris",
|
||||
"unprotected_uris",
|
||||
"protected_uris",
|
||||
"skipped_regex",
|
||||
"unprotected_regex",
|
||||
"protected_regex"
|
||||
]
|
||||
for key in legacy_permission_settings:
|
||||
if key in settings:
|
||||
del settings[key]
|
||||
|
||||
_set_app_settings(app, settings)
|
||||
|
||||
permission_sync_to_user()
|
||||
|
||||
|
|
Loading…
Add table
Reference in a new issue