Propagate changes on migration

2024-09-03 20:06:10 +02:00 · 2019-09-12 02:25:52 +02:00 · 2019-09-12 02:25:52 +02:00 · e40698ef20
commit e40698ef20
parent bbfc62cf3e
2 changed files with 9 additions and 13 deletions
--- a/locales/en.json
+++ b/locales/en.json
@ -195,7 +195,6 @@
    "dyndns_registration_failed": "Unable to register DynDNS domain: {error:s}",
    "dyndns_domain_not_provided": "Dyndns provider {provider:s} cannot provide domain {domain:s}.",
    "dyndns_unavailable": "Domain {domain:s} is not available.",
-    "error_when_removing_sftpuser_group": "Error when trying remove sftpusers group",
    "executing_command": "Executing command '{command:s}'…",
    "executing_script": "Executing script '{script:s}'…",
    "extracting": "Extracting…",
@ -355,6 +354,7 @@
    "migration_0011_can_not_backup_before_migration": "The backup of the system before the migration failed. Migration failed. Error: {error:s}",
    "migration_0011_create_group": "Creating a group for each user...",
    "migration_0011_done": "Migration successful. You are now able to manage groups of users.",
+    "migration_0011_error_when_removing_sftpuser_group": "Error when trying remove sftpusers group",
    "migration_0011_LDAP_config_dirty": "It look like that you customized your LDAP configuration. For this migration the LDAP configuration need to be updated.\nYou need to save your actual configuration, reintialize the original configuration by the command 'yunohost tools regen-conf -f' and after retry the migration",
    "migration_0011_LDAP_update_failed": "LDAP update failed. Error: {error:s}",
    "migration_0011_migrate_permission": "Migrating permissions from apps settings to LDAP...",
--- a/src/yunohost/data_migrations/0011_setup_group_permission.py
+++ b/src/yunohost/data_migrations/0011_setup_group_permission.py
@ -1,17 +1,16 @@
-import yaml
 import time
 import os

 from moulinette import m18n
 from yunohost.utils.error import YunohostError
 from moulinette.utils.log import getActionLogger
+from moulinette.utils.filesystem import read_yaml

 from yunohost.tools import Migration
 from yunohost.user import user_group_create, user_group_update
 from yunohost.app import app_setting, app_list
 from yunohost.regenconf import regen_conf
-from yunohost.permission import permission_create, permission_sync_to_user
-from yunohost.user import user_permission_add
+from yunohost.permission import permission_create, user_permission_update, permission_sync_to_user

 logger = getActionLogger('yunohost.migration')

@ -19,6 +18,7 @@ logger = getActionLogger('yunohost.migration')
 # Tools used also for restoration
 ###################################################

+
 class MyMigration(Migration):
    """
        Update the LDAP DB to be able to store the permission
@ -38,10 +38,9 @@ class MyMigration(Migration):
        try:
            ldap.remove('cn=sftpusers,ou=groups')
        except:
-            logger.warn(m18n.n("error_when_removing_sftpuser_group"))
+            logger.warn(m18n.n("migration_0011_error_when_removing_sftpuser_group"))

-        with open('/usr/share/yunohost/yunohost-config/moulinette/ldap_scheme.yml') as f:
-            ldap_map = yaml.load(f)
+        ldap_map = read_yaml('/usr/share/yunohost/yunohost-config/moulinette/ldap_scheme.yml')

        try:
            attr_dict = ldap_map['parents']['ou=permission']
@ -65,11 +64,9 @@ class MyMigration(Migration):
            username = user_info['uid'][0]
            ldap.update('uid=%s,ou=users' % username,
                        {'objectClass': ['mailAccount', 'inetOrgPerson', 'posixAccount', 'userPermissionYnh']})
-            user_group_create(username, gid=user_info['uidNumber'][0], sync_perm=False)
-            user_group_update(groupname=username, add=username, force=True, sync_perm=False)
+            user_group_create(username, gid=user_info['uidNumber'][0], primary_group=True, sync_perm=False)
            user_group_update(groupname='all_users', add=username, force=True, sync_perm=False)

-
    def migrate_app_permission(self, app=None):
        logger.info(m18n.n("migration_0011_migrate_permission"))

@ -85,13 +82,12 @@ class MyMigration(Migration):
            domain = app_setting(app, 'domain')

            urls = [domain + path] if domain and path else None
-            permission_create(app, permission='main', urls=urls, default_allow=True, sync_perm=False)
+            permission_create(app+".main", urls=urls, sync_perm=False)
            if permission:
                allowed_group = permission.split(',')
-                user_permission_add([app], permission='main', group=allowed_group, sync_perm=False)
+                user_permission_update(app+".main", remove="all_users", add=allowed_group, sync_perm=False)
            app_setting(app, 'allowed_users', delete=True)

-
    def run(self):
        # Check if the migration can be processed
        ldap_regen_conf_status = regen_conf(names=['slapd'], dry_run=True)