YunoHost/yunohost
1
0
Fork 0
mirror of https://github.com/YunoHost/yunohost.git synced 2024-09-03 20:06:10 +02:00
Code Issues Projects Releases Packages Wiki Activity

[fix] Retrieve apps settings in a safer way (fix #61)

Browse source
This commit is contained in:
Jérôme Lebleu 2015-05-11 14:40:00 +02:00
parent c046cbe07d
commit e1ded25ed1
1 changed files with 22 additions and 24 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

22
lib/yunohost/app.py
View file

@ -898,33 +898,31 @@ def app_ssowatconf(auth):
except: except:
apps_list = [] apps_list = []
def _get_setting(settings, name):
s = settings.get(name, None)
return s.split(',') if s else []
for app in apps_list: for app in apps_list:
if _is_installed(app['id']): if _is_installed(app['id']):
with open(apps_setting_path + app['id'] +'/settings.yml') as f: with open(apps_setting_path + app['id'] +'/settings.yml') as f:
app_settings = yaml.load(f) app_settings = yaml.load(f)
if 'skipped_uris' in app_settings: for item in _get_setting(app_settings, 'skipped_uris'):
for item in app_settings['skipped_uris'].split(','):
if item[-1:] == '/': if item[-1:] == '/':
item = item[:-1] item = item[:-1]
skipped_urls.append(app_settings['domain'] + app_settings['path'][:-1] + item) skipped_urls.append(app_settings['domain'] + app_settings['path'][:-1] + item)
if 'skipped_regex' in app_settings: for item in _get_setting(app_settings, 'skipped_regex'):
for item in app_settings['skipped_regex'].split(','):
skipped_regex.append(item) skipped_regex.append(item)
if 'unprotected_uris' in app_settings: for item in _get_setting(app_settings, 'unprotected_uris'):
for item in app_settings['unprotected_uris'].split(','):
if item[-1:] == '/': if item[-1:] == '/':
item = item[:-1] item = item[:-1]
unprotected_urls.append(app_settings['domain'] + app_settings['path'][:-1] + item) unprotected_urls.append(app_settings['domain'] + app_settings['path'][:-1] + item)
if 'unprotected_regex' in app_settings: for item in _get_setting(app_settings, 'unprotected_regex'):
for item in app_settings['unprotected_regex'].split(','):
unprotected_regex.append(item) unprotected_regex.append(item)
if 'protected_uris' in app_settings: for item in _get_setting(app_settings, 'protected_uris'):
for item in app_settings['protected_uris'].split(','):
if item[-1:] == '/': if item[-1:] == '/':
item = item[:-1] item = item[:-1]
protected_urls.append(app_settings['domain'] + app_settings['path'][:-1] + item) protected_urls.append(app_settings['domain'] + app_settings['path'][:-1] + item)
if 'protected_regex' in app_settings: for item in _get_setting(app_settings, 'protected_regex'):
for item in app_settings['protected_regex'].split(','):
protected_regex.append(item) protected_regex.append(item)
if 'redirected_urls' in app_settings: if 'redirected_urls' in app_settings:
redirected_urls.update(app_settings['redirected_urls']) redirected_urls.update(app_settings['redirected_urls'])