Move legacy permission setting migration to legacy.py

locales/en.json

@@ -415,6 +415,7 @@
     "mail_unavailable": "This e-mail address is reserved and shall be automatically allocated to the very first user",
     "main_domain_change_failed": "Unable to change the main domain",
     "main_domain_changed": "The main domain has been changed",
+    "migrating_legacy_permission_settings": "Migrating legacy permission settings...",
     "migration_description_0015_migrate_to_buster": "Upgrade the system to Debian Buster and YunoHost 4.x",
     "migration_description_0016_php70_to_php73_pools": "Migrate php7.0-fpm 'pool' conf files to php7.3",
     "migration_description_0017_postgresql_9p6_to_11": "Migrate databases from PostgreSQL 9.6 to 11",
@@ -446,7 +447,6 @@
     "migration_0018_failed_to_migrate_iptables_rules": "Failed to migrate legacy iptables rules to nftables: {error}",
     "migration_0018_failed_to_reset_legacy_rules": "Failed to reset legacy iptables rules: {error}",
     "migration_0019_add_new_attributes_in_ldap": "Add new attributes for permissions in LDAP database",
-    "migration_0019_migrate_old_app_settings": "Migrate old apps settings 'skipped_uris', 'unprotected_uris', 'protected_uris' in permissions system.",
     "migration_0019_backup_before_migration": "Creating a backup of LDAP database and apps settings prior to the actual migration.",
     "migration_0019_can_not_backup_before_migration": "The backup of the system could not be completed before the migration failed. Error: {error:s}",
     "migration_0019_migration_failed_trying_to_rollback": "Could not migrate... trying to roll back the system.",

src/yunohost/backup.py

@@ -1364,9 +1364,8 @@ class RestoreManager():
                 "protected_regex"
             ]
             if any(app_setting(app_instance_name, setting) is not None for setting in legacy_permission_settings):
-                from yunohost.tools import _get_migration_by_name
-                extends_permissions_features_1 = _get_migration_by_name("extends_permissions_features_1")
-                extends_permissions_features_1.migrate_skipped_unprotected_protected_uris(app=app_instance_name)
+                from yunohost.utils.legacy import migrate_legacy_permission_settings
+                migrate_legacy_permission_settings(app=app_instance_name)
 
             # Prepare env. var. to pass to script
             env_dict = self._get_env_var(app_instance_name)

src/yunohost/data_migrations/0019_extends_permissions_features_1.py

@@ -6,9 +6,9 @@ from yunohost.utils.error import YunohostError
 from moulinette.utils.log import getActionLogger
 
 from yunohost.tools import Migration
-from yunohost.app import app_setting, _installed_apps, _get_app_settings, _set_app_settings
-from yunohost.permission import user_permission_list, permission_create, permission_sync_to_user
-from yunohost.utils.legacy import legacy_permission_label
+from yunohost.app import app_setting, _installed_apps
+from yunohost.permission import user_permission_list
+from yunohost.utils.legacy import migrate_legacy_permission_settings
 
 logger = getActionLogger('yunohost.migration')
 
@@ -91,63 +91,6 @@ class MyMigration(Migration):
                         'isProtected': ["TRUE"]
                     })
 
-    def migrate_skipped_unprotected_protected_uris(self, app=None):
-
-        logger.info(m18n.n("migration_0019_migrate_old_app_settings"))
-        apps = _installed_apps()
-
-        if app:
-            if app not in apps:
-                logger.error("Can't migrate permission for app %s because it ain't installed..." % app)
-                apps = []
-            else:
-                apps = [app]
-
-        for app in apps:
-
-            settings = _get_app_settings(app) or {}
-
-            def _setting(name):
-                s = settings.get(name)
-                return s.split(',') if s else []
-
-            skipped_urls = [uri for uri in _setting('skipped_uris') if uri != '/']
-            skipped_urls += ['re:' + regex for regex in _setting('skipped_regex')]
-            unprotected_urls = [uri for uri in _setting('unprotected_uris') if uri != '/']
-            unprotected_urls += ['re:' + regex for regex in _setting('unprotected_regex')]
-            protected_urls = [uri for uri in _setting('protected_uris') if uri != '/']
-            protected_urls += ['re:' + regex for regex in _setting('protected_regex')]
-
-            if skipped_urls != []:
-                permission_create(app + ".legacy_skipped_uris", additional_urls=skipped_urls,
-                                  auth_header=False, label=legacy_permission_label(app, "skipped"),
-                                  show_tile=False, allowed='visitors', protected=True, sync_perm=False)
-            if unprotected_urls != []:
-                permission_create(app + ".legacy_unprotected_uris", additional_urls=unprotected_urls,
-                                  auth_header=True, label=legacy_permission_label(app, "unprotected"),
-                                  show_tile=False, allowed='visitors', protected=True, sync_perm=False)
-            if protected_urls != []:
-                permission_create(app + ".legacy_protected_uris", additional_urls=protected_urls,
-                                  auth_header=True, label=legacy_permission_label(app, "protected"),
-                                  show_tile=False, allowed=user_permission_list()['permissions'][app + ".main"]['allowed'],
-                                  protected=True, sync_perm=False)
-
-            legacy_permission_settings = [
-                "skipped_uris",
-                "unprotected_uris",
-                "protected_uris",
-                "skipped_regex",
-                "unprotected_regex",
-                "protected_regex"
-            ]
-            for key in legacy_permission_settings:
-                if key in settings:
-                    del settings[key]
-
-            _set_app_settings(app, settings)
-
-        permission_sync_to_user()
-
     def run(self):
 
         # FIXME : what do we really want to do here ...
@@ -173,7 +116,7 @@ class MyMigration(Migration):
             self.add_new_ldap_attributes()
 
             # Migrate old settings
-            self.migrate_skipped_unprotected_protected_uris()
+            migrate_legacy_permission_settings()
 
         except Exception as e:
             logger.warn(m18n.n("migration_0019_migration_failed_trying_to_rollback"))

src/yunohost/utils/legacy.py

@@ -4,8 +4,8 @@ from moulinette.utils.log import getActionLogger
 from moulinette.utils.filesystem import read_yaml
 
 from yunohost.user import user_list, user_group_create, user_group_update
-from yunohost.app import app_setting, _installed_apps
-from yunohost.permission import permission_create, user_permission_update, permission_sync_to_user
+from yunohost.app import app_setting, _installed_apps, _get_app_settings, _set_app_settings
+from yunohost.permission import permission_create, user_permission_list, user_permission_update, permission_sync_to_user
 
 logger = getActionLogger('yunohost.legacy')
 
@@ -145,3 +145,62 @@ LEGACY_PERMISSION_LABEL = {
 
 def legacy_permission_label(app, permission_type):
     return LEGACY_PERMISSION_LABEL.get((app, permission_type), "Legacy %s urls" % permission_type)
+
+
+def migrate_legacy_permission_settings(app=None):
+
+    logger.info(m18n.n("migrating_legacy_permission_settings"))
+    apps = _installed_apps()
+
+    if app:
+        if app not in apps:
+            logger.error("Can't migrate permission for app %s because it ain't installed..." % app)
+            apps = []
+        else:
+            apps = [app]
+
+    for app in apps:
+
+        settings = _get_app_settings(app) or {}
+
+        def _setting(name):
+            s = settings.get(name)
+            return s.split(',') if s else []
+
+        skipped_urls = [uri for uri in _setting('skipped_uris') if uri != '/']
+        skipped_urls += ['re:' + regex for regex in _setting('skipped_regex')]
+        unprotected_urls = [uri for uri in _setting('unprotected_uris') if uri != '/']
+        unprotected_urls += ['re:' + regex for regex in _setting('unprotected_regex')]
+        protected_urls = [uri for uri in _setting('protected_uris') if uri != '/']
+        protected_urls += ['re:' + regex for regex in _setting('protected_regex')]
+
+        if skipped_urls != []:
+            permission_create(app + ".legacy_skipped_uris", additional_urls=skipped_urls,
+                              auth_header=False, label=legacy_permission_label(app, "skipped"),
+                              show_tile=False, allowed='visitors', protected=True, sync_perm=False)
+        if unprotected_urls != []:
+            permission_create(app + ".legacy_unprotected_uris", additional_urls=unprotected_urls,
+                              auth_header=True, label=legacy_permission_label(app, "unprotected"),
+                              show_tile=False, allowed='visitors', protected=True, sync_perm=False)
+        if protected_urls != []:
+            permission_create(app + ".legacy_protected_uris", additional_urls=protected_urls,
+                              auth_header=True, label=legacy_permission_label(app, "protected"),
+                              show_tile=False, allowed=user_permission_list()['permissions'][app + ".main"]['allowed'],
+                              protected=True, sync_perm=False)
+
+        legacy_permission_settings = [
+            "skipped_uris",
+            "unprotected_uris",
+            "protected_uris",
+            "skipped_regex",
+            "unprotected_regex",
+            "protected_regex"
+        ]
+        for key in legacy_permission_settings:
+            if key in settings:
+                del settings[key]
+
+        _set_app_settings(app, settings)
+
+        permission_sync_to_user()
+