Propagate changes on migration

This commit is contained in:
Alexandre Aubin 2019-09-12 02:25:52 +02:00
parent bbfc62cf3e
commit e40698ef20
2 changed files with 9 additions and 13 deletions

View file

@ -195,7 +195,6 @@
"dyndns_registration_failed": "Unable to register DynDNS domain: {error:s}",
"dyndns_domain_not_provided": "Dyndns provider {provider:s} cannot provide domain {domain:s}.",
"dyndns_unavailable": "Domain {domain:s} is not available.",
"error_when_removing_sftpuser_group": "Error when trying remove sftpusers group",
"executing_command": "Executing command '{command:s}'…",
"executing_script": "Executing script '{script:s}'…",
"extracting": "Extracting…",
@ -355,6 +354,7 @@
"migration_0011_can_not_backup_before_migration": "The backup of the system before the migration failed. Migration failed. Error: {error:s}",
"migration_0011_create_group": "Creating a group for each user...",
"migration_0011_done": "Migration successful. You are now able to manage groups of users.",
"migration_0011_error_when_removing_sftpuser_group": "Error when trying remove sftpusers group",
"migration_0011_LDAP_config_dirty": "It look like that you customized your LDAP configuration. For this migration the LDAP configuration need to be updated.\nYou need to save your actual configuration, reintialize the original configuration by the command 'yunohost tools regen-conf -f' and after retry the migration",
"migration_0011_LDAP_update_failed": "LDAP update failed. Error: {error:s}",
"migration_0011_migrate_permission": "Migrating permissions from apps settings to LDAP...",

View file

@ -1,17 +1,16 @@
import yaml
import time
import os
from moulinette import m18n
from yunohost.utils.error import YunohostError
from moulinette.utils.log import getActionLogger
from moulinette.utils.filesystem import read_yaml
from yunohost.tools import Migration
from yunohost.user import user_group_create, user_group_update
from yunohost.app import app_setting, app_list
from yunohost.regenconf import regen_conf
from yunohost.permission import permission_create, permission_sync_to_user
from yunohost.user import user_permission_add
from yunohost.permission import permission_create, user_permission_update, permission_sync_to_user
logger = getActionLogger('yunohost.migration')
@ -19,6 +18,7 @@ logger = getActionLogger('yunohost.migration')
# Tools used also for restoration
###################################################
class MyMigration(Migration):
"""
Update the LDAP DB to be able to store the permission
@ -38,10 +38,9 @@ class MyMigration(Migration):
try:
ldap.remove('cn=sftpusers,ou=groups')
except:
logger.warn(m18n.n("error_when_removing_sftpuser_group"))
logger.warn(m18n.n("migration_0011_error_when_removing_sftpuser_group"))
with open('/usr/share/yunohost/yunohost-config/moulinette/ldap_scheme.yml') as f:
ldap_map = yaml.load(f)
ldap_map = read_yaml('/usr/share/yunohost/yunohost-config/moulinette/ldap_scheme.yml')
try:
attr_dict = ldap_map['parents']['ou=permission']
@ -65,11 +64,9 @@ class MyMigration(Migration):
username = user_info['uid'][0]
ldap.update('uid=%s,ou=users' % username,
{'objectClass': ['mailAccount', 'inetOrgPerson', 'posixAccount', 'userPermissionYnh']})
user_group_create(username, gid=user_info['uidNumber'][0], sync_perm=False)
user_group_update(groupname=username, add=username, force=True, sync_perm=False)
user_group_create(username, gid=user_info['uidNumber'][0], primary_group=True, sync_perm=False)
user_group_update(groupname='all_users', add=username, force=True, sync_perm=False)
def migrate_app_permission(self, app=None):
logger.info(m18n.n("migration_0011_migrate_permission"))
@ -85,13 +82,12 @@ class MyMigration(Migration):
domain = app_setting(app, 'domain')
urls = [domain + path] if domain and path else None
permission_create(app, permission='main', urls=urls, default_allow=True, sync_perm=False)
permission_create(app+".main", urls=urls, sync_perm=False)
if permission:
allowed_group = permission.split(',')
user_permission_add([app], permission='main', group=allowed_group, sync_perm=False)
user_permission_update(app+".main", remove="all_users", add=allowed_group, sync_perm=False)
app_setting(app, 'allowed_users', delete=True)
def run(self):
# Check if the migration can be processed
ldap_regen_conf_status = regen_conf(names=['slapd'], dry_run=True)