diff --git a/locales/en.json b/locales/en.json index a851543dc..3f17b576a 100644 --- a/locales/en.json +++ b/locales/en.json @@ -406,17 +406,13 @@ "mail_unavailable": "This e-mail address is reserved and shall be automatically allocated to the very first user", "main_domain_change_failed": "Unable to change the main domain", "main_domain_changed": "The main domain has been changed", - "migration_description_0011_setup_group_permission": "Set up user group and set up permission for apps and services", "migration_description_0015_migrate_to_buster": "Upgrade the system to Debian Buster and YunoHost 4.x", - "migration_0011_backup_before_migration": "Creating a backup of LDAP database and apps settings prior to the actual migration.", - "migration_0011_can_not_backup_before_migration": "The backup of the system could not be completed before the migration failed. Error: {error:s}", + "migration_description_0016_php70_to_php73_pools": "Migrate php7.0-fpm 'pool' conf files to php7.3", + "migration_description_0017_postgresql_9p6_to_11": "Migrate databases from PostgreSQL 9.6 to 11", + "migration_description_0018_xtable_to_nftable": "Migrate old network traffic rules to the new nftable system", "migration_0011_create_group": "Creating a group for each user…", - "migration_0011_done": "Migration completed. You are now able to manage usergroups.", - "migration_0011_slapd_config_will_be_overwritten": "It looks like you manually edited the slapd configuration. For this critical migration, YunoHost needs to force the update of the slapd configuration. The original files will be backuped in {conf_backup_folder}.", "migration_0011_LDAP_update_failed": "Could not update LDAP. Error: {error:s}", "migration_0011_migrate_permission": "Migrating permissions from apps settings to LDAP...", - "migration_0011_migration_failed_trying_to_rollback": "Could not migrate… trying to roll back the system.", - "migration_0011_rollback_success": "System rolled back.", "migration_0011_update_LDAP_database": "Updating LDAP database...", "migration_0011_update_LDAP_schema": "Updating LDAP schema...", "migration_0011_failed_to_remove_stale_object": "Could not remove stale object {dn}: {error}", diff --git a/src/yunohost/backup.py b/src/yunohost/backup.py index 449b52bd8..8a6ce4e7f 100644 --- a/src/yunohost/backup.py +++ b/src/yunohost/backup.py @@ -1244,12 +1244,11 @@ class RestoreManager(): # # Legacy code if not "all_users" in user_group_list()["groups"].keys(): - from yunohost.tools import _get_migration_by_name - setup_group_permission = _get_migration_by_name("setup_group_permission") + from yunohost.utils.legacy import SetupGroupPermissions # Update LDAP schema restart slapd logger.info(m18n.n("migration_0011_update_LDAP_schema")) regen_conf(names=['slapd'], force=True) - setup_group_permission.migrate_LDAP_db() + SetupGroupPermissions.migrate_LDAP_db() # Remove all permission for all app which is still in the LDAP for permission_name in user_permission_list(ignore_system_perms=True)["permissions"].keys(): @@ -1389,9 +1388,8 @@ class RestoreManager(): else: # Otherwise, we need to migrate the legacy permissions of this # app (included in its settings.yml) - from yunohost.tools import _get_migration_by_name - setup_group_permission = _get_migration_by_name("setup_group_permission") - setup_group_permission.migrate_app_permission(app=app_instance_name) + from yunohost.utils.legacy import SetupGroupPermissions + SetupGroupPermissions.migrate_app_permission(app=app_instance_name) # Prepare env. var. to pass to script env_dict = self._get_env_var(app_instance_name) diff --git a/src/yunohost/data_migrations/0011_setup_group_permission.py b/src/yunohost/utils/legacy.py similarity index 52% rename from src/yunohost/data_migrations/0011_setup_group_permission.py rename to src/yunohost/utils/legacy.py index c55e33cab..b7052b438 100644 --- a/src/yunohost/data_migrations/0011_setup_group_permission.py +++ b/src/yunohost/utils/legacy.py @@ -1,34 +1,19 @@ -import time -import os - from moulinette import m18n from yunohost.utils.error import YunohostError from moulinette.utils.log import getActionLogger from moulinette.utils.filesystem import read_yaml -from yunohost.tools import Migration from yunohost.user import user_list, user_group_create, user_group_update from yunohost.app import app_setting, _installed_apps -from yunohost.regenconf import regen_conf, BACKUP_CONF_DIR from yunohost.permission import permission_create, user_permission_update, permission_sync_to_user -logger = getActionLogger('yunohost.migration') - -################################################### -# Tools used also for restoration -################################################### +logger = getActionLogger('yunohost.legacy') -class MyMigration(Migration): - """ - Update the LDAP DB to be able to store the permission - Create a group for each yunohost user - Migrate app permission from apps setting to LDAP - """ +class SetupGroupPermissions(): - required = True - - def remove_if_exists(self, target): + @staticmethod + def remove_if_exists(target): from yunohost.utils.ldap import _get_ldap_interface ldap = _get_ldap_interface() @@ -50,7 +35,8 @@ class MyMigration(Migration): except Exception as e: raise YunohostError("migration_0011_failed_to_remove_stale_object", dn=dn, error=e) - def migrate_LDAP_db(self): + @staticmethod + def migrate_LDAP_db(): logger.info(m18n.n("migration_0011_update_LDAP_database")) @@ -60,8 +46,8 @@ class MyMigration(Migration): ldap_map = read_yaml('/usr/share/yunohost/yunohost-config/moulinette/ldap_scheme.yml') try: - self.remove_if_exists("ou=permission") - self.remove_if_exists('ou=groups') + SetupGroupPermissions.remove_if_exists("ou=permission") + SetupGroupPermissions.remove_if_exists('ou=groups') attr_dict = ldap_map['parents']['ou=permission'] ldap.add('ou=permission', attr_dict) @@ -93,7 +79,8 @@ class MyMigration(Migration): user_group_create(username, gid=user_info['uidNumber'][0], primary_group=True, sync_perm=False) user_group_update(groupname='all_users', add=username, force=True, sync_perm=False) - def migrate_app_permission(self, app=None): + @staticmethod + def migrate_app_permission(app=None): logger.info(m18n.n("migration_0011_migrate_permission")) apps = _installed_apps() @@ -116,66 +103,12 @@ class MyMigration(Migration): allowed = [user for user in permission.split(',') if user in known_users] else: allowed = ["all_users"] - permission_create(app+".main", url=url, allowed=allowed, sync_perm=False) + permission_create(app + ".main", url=url, allowed=allowed, sync_perm=False) app_setting(app, 'allowed_users', delete=True) # Migrate classic public app still using the legacy unprotected_uris if app_setting(app, "unprotected_uris") == "/" or app_setting(app, "skipped_uris") == "/": - user_permission_update(app+".main", add="visitors", sync_perm=False) + user_permission_update(app + ".main", add="visitors", sync_perm=False) permission_sync_to_user() - - def run(self): - - # FIXME : what do we really want to do here ... - # Imho we should just force-regen the conf in all case, and maybe - # just display a warning if we detect that the conf was manually modified - - # Check if the migration can be processed - ldap_regen_conf_status = regen_conf(names=['slapd'], dry_run=True) - # By this we check if the have been customized - if ldap_regen_conf_status and ldap_regen_conf_status['slapd']['pending']: - logger.warning(m18n.n("migration_0011_slapd_config_will_be_overwritten", conf_backup_folder=BACKUP_CONF_DIR)) - - # Backup LDAP and the apps settings before to do the migration - logger.info(m18n.n("migration_0011_backup_before_migration")) - try: - backup_folder = "/home/yunohost.backup/premigration/" + time.strftime('%Y%m%d-%H%M%S', time.gmtime()) - os.makedirs(backup_folder, 0o750) - os.system("systemctl stop slapd") - os.system("cp -r --preserve /etc/ldap %s/ldap_config" % backup_folder) - os.system("cp -r --preserve /var/lib/ldap %s/ldap_db" % backup_folder) - os.system("cp -r --preserve /etc/yunohost/apps %s/apps_settings" % backup_folder) - except Exception as e: - raise YunohostError("migration_0011_can_not_backup_before_migration", error=e) - finally: - os.system("systemctl start slapd") - - try: - # Update LDAP schema restart slapd - logger.info(m18n.n("migration_0011_update_LDAP_schema")) - regen_conf(names=['slapd'], force=True) - - # Update LDAP database - self.migrate_LDAP_db() - - # Migrate permission - self.migrate_app_permission() - - permission_sync_to_user() - except Exception as e: - logger.warn(m18n.n("migration_0011_migration_failed_trying_to_rollback")) - os.system("systemctl stop slapd") - os.system("rm -r /etc/ldap/slapd.d") # To be sure that we don't keep some part of the old config - os.system("cp -r --preserve %s/ldap_config/. /etc/ldap/" % backup_folder) - os.system("cp -r --preserve %s/ldap_db/. /var/lib/ldap/" % backup_folder) - os.system("cp -r --preserve %s/apps_settings/. /etc/yunohost/apps/" % backup_folder) - os.system("systemctl start slapd") - os.system("rm -r " + backup_folder) - logger.info(m18n.n("migration_0011_rollback_success")) - raise - else: - os.system("rm -r " + backup_folder) - - logger.info(m18n.n("migration_0011_done"))