diff --git a/data/actionsmap/yunohost.yml b/data/actionsmap/yunohost.yml index 290952aa3..b7afe2703 100644 --- a/data/actionsmap/yunohost.yml +++ b/data/actionsmap/yunohost.yml @@ -295,6 +295,9 @@ user: action_help: List permissions and corresponding accesses api: GET /users/permissions arguments: + apps: + help: Apps to list permission for (all by default) + nargs: "*" -s: full: --short help: Only list permission names diff --git a/data/helpers.d/permission b/data/helpers.d/permission index 995bff0eb..a5c09cded 100644 --- a/data/helpers.d/permission +++ b/data/helpers.d/permission @@ -182,7 +182,7 @@ ynh_permission_exists() { local permission ynh_handle_getopts_args "$@" - yunohost user permission list --output-as json --quiet \ + yunohost user permission list "$app" --output-as json --quiet \ | jq -e --arg perm "$app.$permission" '.permissions[$perm]' >/dev/null } diff --git a/src/yunohost/app.py b/src/yunohost/app.py index b4f162e17..394def0ba 100644 --- a/src/yunohost/app.py +++ b/src/yunohost/app.py @@ -194,7 +194,7 @@ def app_info(app, full=False): ) local_manifest = _get_manifest_of_app(os.path.join(APPS_SETTING_PATH, app)) - permissions = user_permission_list(full=True, absolute_urls=True)["permissions"] + permissions = user_permission_list(full=True, absolute_urls=True, apps=[app])["permissions"] settings = _get_app_settings(app) @@ -229,9 +229,7 @@ def app_info(app, full=False): local_manifest.get("multi_instance", False) ) - ret["permissions"] = { - p: i for p, i in permissions.items() if p.startswith(app + ".") - } + ret["permissions"] = permissions ret["label"] = permissions.get(app + ".main", {}).get("label") if not ret["label"]: @@ -1435,7 +1433,7 @@ def app_setting(app, key, value=None, delete=False): permission_url, ) - permissions = user_permission_list(full=True)["permissions"] + permissions = user_permission_list(full=True, apps=[app])["permissions"] permission_name = "%s.legacy_%s_uris" % (app, key.split("_")[0]) permission = permissions.get(permission_name) diff --git a/src/yunohost/permission.py b/src/yunohost/permission.py index e0a3c6be8..3ed9590d4 100644 --- a/src/yunohost/permission.py +++ b/src/yunohost/permission.py @@ -46,7 +46,7 @@ SYSTEM_PERMS = ["mail", "xmpp", "sftp", "ssh"] def user_permission_list( - short=False, full=False, ignore_system_perms=False, absolute_urls=False + short=False, full=False, ignore_system_perms=False, absolute_urls=False, apps=[] ): """ List permissions and corresponding accesses @@ -74,7 +74,9 @@ def user_permission_list( ) # Parse / organize information to be outputed - apps = sorted(_installed_apps()) + if apps: + ignore_system_perms = True + apps = apps if apps else sorted(_installed_apps()) apps_base_path = { app: app_setting(app, "domain") + app_setting(app, "path") for app in apps @@ -85,11 +87,14 @@ def user_permission_list( for infos in permissions_infos: name = infos["cn"][0] - if ignore_system_perms and name.split(".")[0] in SYSTEM_PERMS: - continue - app = name.split(".")[0] + if app in SYSTEM_PERMS: + if ignore_system_perms: + continue + elif app not in apps: + continue + perm = {} perm["allowed"] = [ _ldap_path_extract(p, "cn") for p in infos.get("groupPermission", []) diff --git a/src/yunohost/user.py b/src/yunohost/user.py index 089f2ba0e..aee5bf473 100644 --- a/src/yunohost/user.py +++ b/src/yunohost/user.py @@ -862,10 +862,10 @@ def user_group_info(groupname): # -def user_permission_list(short=False, full=False): +def user_permission_list(short=False, full=False, apps=[]): import yunohost.permission - return yunohost.permission.user_permission_list(short, full, absolute_urls=True) + return yunohost.permission.user_permission_list(short, full, absolute_urls=True, apps=apps) def user_permission_update(