mirror of
https://github.com/YunoHost/yunohost.git
synced 2024-09-03 20:06:10 +02:00
permission_add/remove becomes create/delete to be consistent with user and group create/delete. In the context of permissions, add/remove shall instead be related to adding/removing an existing permission for a user or group.
This commit is contained in:
Alexandre Aubin
parent
34df84e222
commit
f60af2053f
6 changed files with 23 additions and 23 deletions
|
|
@ -249,7 +249,7 @@ ynh_permission_create() {
|
||||||
if [[ -n ${urls:-} ]]; then
|
if [[ -n ${urls:-} ]]; then
|
||||||
urls=",urls=['${urls//';'/"','"}']"
|
urls=",urls=['${urls//';'/"','"}']"
|
||||||
fi
|
fi
|
||||||
yunohost tools shell -c "from yunohost.permission import permission_add; permission_add('$app', '$permission' ${defaultdisallow:-} ${urls:-}, sync_perm=False)"
|
yunohost tools shell -c "from yunohost.permission import permission_create; permission_create('$app', '$permission' ${defaultdisallow:-} ${urls:-}, sync_perm=False)"
|
||||||
}
|
}
|
||||||
|
|
||||||
# Remove a permission for the app (note that when the app is removed all permission is automatically removed)
|
# Remove a permission for the app (note that when the app is removed all permission is automatically removed)
|
||||||
|
|
@ -263,7 +263,7 @@ ynh_permission_remove() {
|
||||||
local permission
|
local permission
|
||||||
ynh_handle_getopts_args "$@"
|
ynh_handle_getopts_args "$@"
|
||||||
|
|
||||||
yunohost tools shell -c "from yunohost.permission import permission_remove; permission_remove('$app', '$permission', sync_perm=False)"
|
yunohost tools shell -c "from yunohost.permission import permission_delete; permission_delete('$app', '$permission', sync_perm=False)"
|
||||||
}
|
}
|
||||||
|
|
||||||
# Add a path managed by the SSO
|
# Add a path managed by the SSO
|
||||||
|
|
|
||||||
|
|
@ -738,7 +738,7 @@ def app_install(operation_logger, app, label=None, args=None, no_remove_on_failu
|
||||||
from yunohost.utils.ldap import _get_ldap_interface
|
from yunohost.utils.ldap import _get_ldap_interface
|
||||||
from yunohost.hook import hook_add, hook_remove, hook_exec, hook_callback
|
from yunohost.hook import hook_add, hook_remove, hook_exec, hook_callback
|
||||||
from yunohost.log import OperationLogger
|
from yunohost.log import OperationLogger
|
||||||
from yunohost.permission import permission_add, permission_update, permission_remove, permission_sync_to_user
|
from yunohost.permission import permission_create, permission_update, permission_delete, permission_sync_to_user
|
||||||
ldap = _get_ldap_interface()
|
ldap = _get_ldap_interface()
|
||||||
|
|
||||||
# Fetch or extract sources
|
# Fetch or extract sources
|
||||||
|
|
@ -875,7 +875,7 @@ def app_install(operation_logger, app, label=None, args=None, no_remove_on_failu
|
||||||
# Create permission before the install (useful if the install script redefine the permission)
|
# Create permission before the install (useful if the install script redefine the permission)
|
||||||
# Note that sync_perm is disabled to avoid triggering a whole bunch of code and messages
|
# Note that sync_perm is disabled to avoid triggering a whole bunch of code and messages
|
||||||
# can't be sure that we don't have one case when it's needed
|
# can't be sure that we don't have one case when it's needed
|
||||||
permission_add(app=app_instance_name, permission="main", sync_perm=False)
|
permission_create(app=app_instance_name, permission="main", sync_perm=False)
|
||||||
|
|
||||||
# Execute the app install script
|
# Execute the app install script
|
||||||
install_retcode = 1
|
install_retcode = 1
|
||||||
|
|
@ -914,7 +914,7 @@ def app_install(operation_logger, app, label=None, args=None, no_remove_on_failu
|
||||||
filter='(&(objectclass=permissionYnh)(cn=*.%s))' % app_instance_name, attrs=['cn'])
|
filter='(&(objectclass=permissionYnh)(cn=*.%s))' % app_instance_name, attrs=['cn'])
|
||||||
permission_list = [p['cn'][0] for p in result]
|
permission_list = [p['cn'][0] for p in result]
|
||||||
for l in permission_list:
|
for l in permission_list:
|
||||||
permission_remove(app_instance_name, l.split('.')[0], force=True)
|
permission_delete(app_instance_name, l.split('.')[0], force=True)
|
||||||
|
|
||||||
if remove_retcode != 0:
|
if remove_retcode != 0:
|
||||||
msg = m18n.n('app_not_properly_removed',
|
msg = m18n.n('app_not_properly_removed',
|
||||||
|
|
@ -980,7 +980,7 @@ def app_remove(operation_logger, app):
|
||||||
"""
|
"""
|
||||||
from yunohost.utils.ldap import _get_ldap_interface
|
from yunohost.utils.ldap import _get_ldap_interface
|
||||||
from yunohost.hook import hook_exec, hook_remove, hook_callback
|
from yunohost.hook import hook_exec, hook_remove, hook_callback
|
||||||
from yunohost.permission import permission_remove, permission_sync_to_user
|
from yunohost.permission import permission_delete, permission_sync_to_user
|
||||||
if not _is_installed(app):
|
if not _is_installed(app):
|
||||||
raise YunohostError('app_not_installed', app=app, all_apps=_get_all_installed_apps_id())
|
raise YunohostError('app_not_installed', app=app, all_apps=_get_all_installed_apps_id())
|
||||||
|
|
||||||
|
|
@ -1031,7 +1031,7 @@ def app_remove(operation_logger, app):
|
||||||
filter='(&(objectclass=permissionYnh)(cn=*.%s))' % app, attrs=['cn'])
|
filter='(&(objectclass=permissionYnh)(cn=*.%s))' % app, attrs=['cn'])
|
||||||
permission_list = [p['cn'][0] for p in result]
|
permission_list = [p['cn'][0] for p in result]
|
||||||
for l in permission_list:
|
for l in permission_list:
|
||||||
permission_remove(app, l.split('.')[0], force=True, sync_perm=False)
|
permission_delete(app, l.split('.')[0], force=True, sync_perm=False)
|
||||||
|
|
||||||
permission_sync_to_user()
|
permission_sync_to_user()
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -1303,7 +1303,7 @@ class RestoreManager():
|
||||||
"""
|
"""
|
||||||
from moulinette.utils.filesystem import read_ldif
|
from moulinette.utils.filesystem import read_ldif
|
||||||
from yunohost.user import user_group_list
|
from yunohost.user import user_group_list
|
||||||
from yunohost.permission import permission_remove
|
from yunohost.permission import permission_delete
|
||||||
from yunohost.utils.ldap import _get_ldap_interface
|
from yunohost.utils.ldap import _get_ldap_interface
|
||||||
ldap = _get_ldap_interface()
|
ldap = _get_ldap_interface()
|
||||||
|
|
||||||
|
|
@ -1441,7 +1441,7 @@ class RestoreManager():
|
||||||
filter='(&(objectclass=permissionYnh)(cn=*.%s))' % app_instance_name, attrs=['cn'])
|
filter='(&(objectclass=permissionYnh)(cn=*.%s))' % app_instance_name, attrs=['cn'])
|
||||||
permission_list = [p['cn'][0] for p in result]
|
permission_list = [p['cn'][0] for p in result]
|
||||||
for l in permission_list:
|
for l in permission_list:
|
||||||
permission_remove(app_instance_name, l.split('.')[0], force=True)
|
permission_delete(app_instance_name, l.split('.')[0], force=True)
|
||||||
|
|
||||||
# TODO Cleaning app hooks
|
# TODO Cleaning app hooks
|
||||||
else:
|
else:
|
||||||
|
|
|
||||||
|
|
@ -10,7 +10,7 @@ from yunohost.tools import Migration
|
||||||
from yunohost.user import user_group_create, user_group_update
|
from yunohost.user import user_group_create, user_group_update
|
||||||
from yunohost.app import app_setting, app_list
|
from yunohost.app import app_setting, app_list
|
||||||
from yunohost.regenconf import regen_conf
|
from yunohost.regenconf import regen_conf
|
||||||
from yunohost.permission import permission_add, permission_sync_to_user
|
from yunohost.permission import permission_create, permission_sync_to_user
|
||||||
from yunohost.user import user_permission_add
|
from yunohost.user import user_permission_add
|
||||||
|
|
||||||
logger = getActionLogger('yunohost.migration')
|
logger = getActionLogger('yunohost.migration')
|
||||||
|
|
@ -85,7 +85,7 @@ class MyMigration(Migration):
|
||||||
domain = app_setting(app, 'domain')
|
domain = app_setting(app, 'domain')
|
||||||
|
|
||||||
urls = [domain + path] if domain and path else None
|
urls = [domain + path] if domain and path else None
|
||||||
permission_add(app, permission='main', urls=urls, default_allow=True, sync_perm=False)
|
permission_create(app, permission='main', urls=urls, default_allow=True, sync_perm=False)
|
||||||
if permission:
|
if permission:
|
||||||
allowed_group = permission.split(',')
|
allowed_group = permission.split(',')
|
||||||
user_permission_add([app], permission='main', group=allowed_group, sync_perm=False)
|
user_permission_add([app], permission='main', group=allowed_group, sync_perm=False)
|
||||||
|
|
|
||||||
|
|
@ -317,7 +317,7 @@ def user_permission_clear(operation_logger, app=[], permission=None, sync_perm=T
|
||||||
|
|
||||||
|
|
||||||
@is_unit_operation(['permission', 'app'])
|
@is_unit_operation(['permission', 'app'])
|
||||||
def permission_add(operation_logger, app, permission, urls=None, default_allow=True, sync_perm=True):
|
def permission_create(operation_logger, app, permission, urls=None, default_allow=True, sync_perm=True):
|
||||||
"""
|
"""
|
||||||
Create a new permission for a specific application
|
Create a new permission for a specific application
|
||||||
|
|
||||||
|
|
@ -431,7 +431,7 @@ def permission_update(operation_logger, app, permission, add_url=None, remove_ur
|
||||||
|
|
||||||
|
|
||||||
@is_unit_operation(['permission', 'app'])
|
@is_unit_operation(['permission', 'app'])
|
||||||
def permission_remove(operation_logger, app, permission, force=False, sync_perm=True):
|
def permission_delete(operation_logger, app, permission, force=False, sync_perm=True):
|
||||||
"""
|
"""
|
||||||
Remove a permission for a specific application
|
Remove a permission for a specific application
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -3,7 +3,7 @@ import pytest
|
||||||
from moulinette.core import MoulinetteError
|
from moulinette.core import MoulinetteError
|
||||||
from yunohost.app import app_install, app_remove, app_change_url, app_list
|
from yunohost.app import app_install, app_remove, app_change_url, app_list
|
||||||
from yunohost.user import user_list, user_create, user_permission_list, user_delete, user_group_list, user_group_delete, user_permission_add, user_permission_remove, user_permission_clear
|
from yunohost.user import user_list, user_create, user_permission_list, user_delete, user_group_list, user_group_delete, user_permission_add, user_permission_remove, user_permission_clear
|
||||||
from yunohost.permission import permission_add, permission_update, permission_remove
|
from yunohost.permission import permission_create, permission_update, permission_delete
|
||||||
from yunohost.domain import _get_maindomain
|
from yunohost.domain import _get_maindomain
|
||||||
from yunohost.utils.error import YunohostError
|
from yunohost.utils.error import YunohostError
|
||||||
|
|
||||||
|
|
@ -21,15 +21,15 @@ def clean_user_groups_permission():
|
||||||
for a, per in user_permission_list()['permissions'].items():
|
for a, per in user_permission_list()['permissions'].items():
|
||||||
if a in ['wiki', 'blog', 'site']:
|
if a in ['wiki', 'blog', 'site']:
|
||||||
for p in per:
|
for p in per:
|
||||||
permission_remove(a, p, force=True, sync_perm=False)
|
permission_delete(a, p, force=True, sync_perm=False)
|
||||||
|
|
||||||
def setup_function(function):
|
def setup_function(function):
|
||||||
clean_user_groups_permission()
|
clean_user_groups_permission()
|
||||||
|
|
||||||
user_create("alice", "Alice", "White", "alice@" + maindomain, "test123Ynh")
|
user_create("alice", "Alice", "White", "alice@" + maindomain, "test123Ynh")
|
||||||
user_create("bob", "Bob", "Snow", "bob@" + maindomain, "test123Ynh")
|
user_create("bob", "Bob", "Snow", "bob@" + maindomain, "test123Ynh")
|
||||||
permission_add("wiki", "main", [maindomain + "/wiki"], sync_perm=False)
|
permission_create("wiki", "main", [maindomain + "/wiki"], sync_perm=False)
|
||||||
permission_add("blog", "main", sync_perm=False)
|
permission_create("blog", "main", sync_perm=False)
|
||||||
|
|
||||||
user_permission_add(["blog"], "main", group="alice")
|
user_permission_add(["blog"], "main", group="alice")
|
||||||
|
|
||||||
|
|
@ -177,7 +177,7 @@ def test_list_permission():
|
||||||
#
|
#
|
||||||
|
|
||||||
def test_add_permission_1():
|
def test_add_permission_1():
|
||||||
permission_add("site", "test")
|
permission_create("site", "test")
|
||||||
|
|
||||||
res = user_permission_list()['permissions']
|
res = user_permission_list()['permissions']
|
||||||
assert "site" in res
|
assert "site" in res
|
||||||
|
|
@ -186,7 +186,7 @@ def test_add_permission_1():
|
||||||
assert set(["alice", "bob"]) == set(res['site']['test']['allowed_users'])
|
assert set(["alice", "bob"]) == set(res['site']['test']['allowed_users'])
|
||||||
|
|
||||||
def test_add_permission_2():
|
def test_add_permission_2():
|
||||||
permission_add("site", "main", default_allow=False)
|
permission_create("site", "main", default_allow=False)
|
||||||
|
|
||||||
res = user_permission_list()['permissions']
|
res = user_permission_list()['permissions']
|
||||||
assert "site" in res
|
assert "site" in res
|
||||||
|
|
@ -195,7 +195,7 @@ def test_add_permission_2():
|
||||||
assert [] == res['site']['main']['allowed_users']
|
assert [] == res['site']['main']['allowed_users']
|
||||||
|
|
||||||
def test_remove_permission():
|
def test_remove_permission():
|
||||||
permission_remove("wiki", "main", force=True)
|
permission_delete("wiki", "main", force=True)
|
||||||
|
|
||||||
res = user_permission_list()['permissions']
|
res = user_permission_list()['permissions']
|
||||||
assert "wiki" not in res
|
assert "wiki" not in res
|
||||||
|
|
@ -207,12 +207,12 @@ def test_remove_permission():
|
||||||
def test_add_bad_permission():
|
def test_add_bad_permission():
|
||||||
# Create permission with same name
|
# Create permission with same name
|
||||||
with pytest.raises(YunohostError):
|
with pytest.raises(YunohostError):
|
||||||
permission_add("wiki", "main")
|
permission_create("wiki", "main")
|
||||||
|
|
||||||
def test_remove_bad_permission():
|
def test_remove_bad_permission():
|
||||||
# Remove not existant permission
|
# Remove not existant permission
|
||||||
with pytest.raises(MoulinetteError):
|
with pytest.raises(MoulinetteError):
|
||||||
permission_remove("non_exit", "main", force=True)
|
permission_delete("non_exit", "main", force=True)
|
||||||
|
|
||||||
res = user_permission_list()['permissions']
|
res = user_permission_list()['permissions']
|
||||||
assert "wiki" in res
|
assert "wiki" in res
|
||||||
|
|
@ -226,7 +226,7 @@ def test_remove_bad_permission():
|
||||||
|
|
||||||
def test_remove_main_permission():
|
def test_remove_main_permission():
|
||||||
with pytest.raises(YunohostError):
|
with pytest.raises(YunohostError):
|
||||||
permission_remove("blog", "main")
|
permission_delete("blog", "main")
|
||||||
|
|
||||||
res = user_permission_list()['permissions']
|
res = user_permission_list()['permissions']
|
||||||
assert "mail" in res
|
assert "mail" in res
|
||||||
|
|
|
||||||
Loading…
Add table
Reference in a new issue