Try to uh simplify the whole full_path=True / False thing, most of the time internally we want it set to False

2024-09-03 20:06:10 +02:00 · 2020-10-01 23:47:39 +02:00 · 2020-10-01 23:47:39 +02:00 · fb44bd1c66
commit fb44bd1c66
parent de96b094b2
7 changed files with 48 additions and 56 deletions
--- a/src/yunohost/app.py
+++ b/src/yunohost/app.py
@ -177,7 +177,7 @@ def app_info(app, full=False):
    ret['supports_backup_restore'] = (os.path.exists(os.path.join(APPS_SETTING_PATH, app, "scripts", "backup")) and
                                      os.path.exists(os.path.join(APPS_SETTING_PATH, app, "scripts", "restore")))
    ret['supports_multi_instance'] = is_true(local_manifest.get("multi_instance", False))
-    permissions = user_permission_list(full=True, full_path=True)["permissions"]
+    permissions = user_permission_list(full=True, absolute_urls=True)["permissions"]
    ret['permissions'] = {p: i for p, i in permissions.items() if p.startswith(app + ".") and (i["url"] or i['additional_urls'])}
    return ret
@ -249,7 +249,7 @@ def app_map(app=None, raw=False, user=None):
    else:
        apps = os.listdir(APPS_SETTING_PATH)
-    permissions = user_permission_list(full=True, full_path=True)["permissions"]
+    permissions = user_permission_list(full=True, absolute_urls=True)["permissions"]
    for app_id in apps:
        app_settings = _get_app_settings(app_id)
        if not app_settings:
@ -640,7 +640,7 @@ def app_install(operation_logger, app, label=None, args=None, no_remove_on_failu
    from yunohost.hook import hook_add, hook_remove, hook_exec, hook_callback
    from yunohost.log import OperationLogger
-    from yunohost.permission import user_permission_list, user_permission_update, permission_create, permission_url, permission_delete, permission_sync_to_user
+    from yunohost.permission import user_permission_list, user_permission_info, user_permission_update, permission_create, permission_url, permission_delete, permission_sync_to_user
    from yunohost.regenconf import manually_modified_files
    # Fetch or extract sources
@ -926,7 +926,7 @@ def app_install(operation_logger, app, label=None, args=None, no_remove_on_failu
    app_settings = _get_app_settings(app_instance_name)
    domain = app_settings.get('domain', None)
    path = app_settings.get('path', None)
-    if domain and path and user_permission_list(full=True, full_path=False)['permissions'][app_instance_name + '.main']['url'] is None:
+    if domain and path and user_permission_info(app_instance_name + '.main')['url'] is None:
        permission_url(app_instance_name + ".main", url='/', sync_perm=False)
    user_permission_update(app_instance_name + ".main", show_tile=True, sync_perm=False)
@ -1199,7 +1199,7 @@ def app_setting(app, key, value=None, delete=False):
        logger.warning("/!\\ Packagers! This app is still using the skipped/protected/unprotected_uris/regex settings which are now obsolete and deprecated... Instead, you should use the new helpers 'ynh_permission_{create,urls,update,delete}' and the 'visitors' group to initialize the public/private access. Check out the documentation at the bottom of yunohost.org/groups_and_permissions to learn how to use the new permission mechanism.")
        from permission import user_permission_list, user_permission_update, permission_create, permission_delete, permission_url
-        permissions = user_permission_list(full=True, full_path=False)['permissions']
+        permissions = user_permission_list(full=True)['permissions']
        permission_name = "%s.legacy_%s_uris" % (app, key.split('_')[0])
        permission = permissions.get(permission_name)
@ -1331,7 +1331,7 @@ def app_ssowatconf():
    main_domain = _get_maindomain()
    domains = domain_list()['domains']
-    all_permissions = user_permission_list(full=True, ignore_system_perms=True, full_path=True)['permissions']
+    all_permissions = user_permission_list(full=True, ignore_system_perms=True, absolute_urls=True)['permissions']
    permissions = {
        'core_skipped': {
--- a/src/yunohost/backup.py
+++ b/src/yunohost/backup.py
@ -697,7 +697,7 @@ class BackupManager():
            # backup permissions
            logger.debug(m18n.n('backup_permission', app=app))
-            permissions = user_permission_list(full=True, full_path=False)["permissions"]
+            permissions = user_permission_list(full=True)["permissions"]
            this_app_permissions = {name: infos for name, infos in permissions.items() if name.startswith(app + ".")}
            write_to_yaml("%s/permissions.yml" % settings_dir, this_app_permissions)
@ -1158,7 +1158,7 @@ class RestoreManager():
        # Backup old permission for apps
        # We need to do that because in case of an app is installed we can't remove the permission for this app
-        old_apps_permission = user_permission_list(ignore_system_perms=True, full=True, full_path=False)["permissions"]
+        old_apps_permission = user_permission_list(ignore_system_perms=True, full=True)["permissions"]
        # Start register change on system
        operation_logger = OperationLogger('backup_restore_system')
--- a/src/yunohost/data_migrations/0019_extends_permissions_features_1.py
+++ b/src/yunohost/data_migrations/0019_extends_permissions_features_1.py
@ -37,7 +37,7 @@ class MyMigration(Migration):
        logger.info(m18n.n("migration_0019_add_new_attributes_in_ldap"))
        ldap = _get_ldap_interface()
-        permission_list = user_permission_list(short=True, full_path=False)["permissions"]
+        permission_list = user_permission_list(short=True)["permissions"]
        labels = {}
        for app in _installed_apps():
--- a/src/yunohost/permission.py
+++ b/src/yunohost/permission.py
@ -45,7 +45,7 @@ SYSTEM_PERMS = ["mail", "xmpp", "sftp", "ssh"]
 #
-def user_permission_list(short=False, full=False, ignore_system_perms=False, full_path=True):
+def user_permission_list(short=False, full=False, ignore_system_perms=False, absolute_urls=False):
    """
    List permissions and corresponding accesses
    """
@ -86,7 +86,7 @@ def user_permission_list(short=False, full=False, ignore_system_perms=False, ful
            perm["url"] = infos.get("URL", [None])[0]
            perm["additional_urls"] = infos.get("additionalUrls", [])
-            if full_path:
+            if absolute_urls:
                app_base_path = apps_base_path[app] if app in apps_base_path else ""  # Meh in some situation where the app is currently installed/removed, this function may be called and we still need to act as if the corresponding permission indeed exists ... dunno if that's really the right way to proceed but okay.
                perm["url"] = _get_absolute_url(perm["url"], app_base_path)
                perm["additional_urls"] = [_get_absolute_url(url, app_base_path) for url in perm["additional_urls"]]
@ -132,7 +132,7 @@ def user_permission_update(operation_logger, permission, add=None, remove=None,
    if "." not in permission:
        permission = permission + ".main"
-    existing_permission = user_permission_list(full=True, full_path=False)["permissions"].get(permission, None)
+    existing_permission = user_permission_info(permission)
    # Refuse to add "visitors" to mail, xmpp ... they require an account to make sense.
    if add and "visitors" in add and permission.split(".")[0] in SYSTEM_PERMS:
@ -145,9 +145,6 @@ def user_permission_update(operation_logger, permission, add=None, remove=None,
    # Fetch currently allowed groups for this permission
    if existing_permission is None:
        raise YunohostError('permission_not_found', permission=permission)
    current_allowed_groups = existing_permission["allowed"]
    operation_logger.related_to.append(('app', permission.split(".")[0]))
@ -223,9 +220,7 @@ def user_permission_reset(operation_logger, permission, sync_perm=True):
    # Fetch existing permission
-    existing_permission = user_permission_list(full=True, full_path=False)["permissions"].get(permission, None)
+    existing_permission = user_permission_info(permission)
    if existing_permission is None:
        raise YunohostError('permission_not_found', permission=permission)
    if existing_permission["allowed"] == ["all_users"]:
        logger.warning(m18n.n("permission_already_up_to_date"))
@ -400,9 +395,7 @@ def permission_url(operation_logger, permission,
    # Fetch existing permission
-    existing_permission = user_permission_list(full=True, full_path=False)["permissions"].get(permission, None)
+    existing_permission = user_permission_info(permission)
    if not existing_permission:
        raise YunohostError('permission_not_found', permission=permission)
    show_tile = existing_permission['show_tile']
@ -461,7 +454,7 @@ def permission_url(operation_logger, permission,
        permission_sync_to_user()
    logger.debug(m18n.n('permission_updated', permission=permission))
-    return user_permission_list(full=True)["permissions"][permission]
+    return user_permission_info(permission)
@is_unit_operation()
@ -485,9 +478,7 @@ def permission_delete(operation_logger, permission, force=False, sync_perm=True)
    # Make sure this permission exists
-    existing_permission = user_permission_list(full=True)["permissions"].get(permission, None)
+    _ = user_permission_info(permission)
    if not existing_permission:
        raise YunohostError('permission_not_found', permission=permission)
    # Actually delete the permission
@ -516,7 +507,7 @@ def permission_sync_to_user():
    ldap = _get_ldap_interface()
    groups = user_group_list(full=True)["groups"]
-    permissions = user_permission_list(full=True, full_path=False)["permissions"]
+    permissions = user_permission_list(full=True)["permissions"]
    for permission_name, permission_infos in permissions.items():
@ -575,7 +566,7 @@ def _update_ldap_group_permission(permission, allowed,
    from yunohost.utils.ldap import _get_ldap_interface
    ldap = _get_ldap_interface()
-    existing_permission = user_permission_list(full=True, full_path=False)["permissions"][permission]
+    existing_permission = user_permission_info(permission)
    update = {}
@ -612,7 +603,7 @@ def _update_ldap_group_permission(permission, allowed,
    if sync_perm:
        permission_sync_to_user()
-    new_permission = user_permission_list(full=True)["permissions"][permission]
+    new_permission = user_permission_info(permission)
    # Trigger app callbacks
--- a/src/yunohost/tests/test_backuprestore.py
+++ b/src/yunohost/tests/test_backuprestore.py
@ -518,7 +518,7 @@ def test_backup_and_restore_with_ynh_restore(mocker):
@pytest.mark.with_permission_app_installed
 def test_backup_and_restore_permission_app(mocker):
-    res = user_permission_list(full=True, full_path=False)['permissions']
+    res = user_permission_list(full=True)['permissions']
    assert "permissions_app.main" in res
    assert "permissions_app.admin" in res
    assert "permissions_app.dev" in res
@ -533,7 +533,7 @@ def test_backup_and_restore_permission_app(mocker):
    _test_backup_and_restore_app(mocker, "permissions_app")
-    res = user_permission_list(full=True, full_path=False)['permissions']
+    res = user_permission_list(full=True)['permissions']
    assert "permissions_app.main" in res
    assert "permissions_app.admin" in res
    assert "permissions_app.dev" in res
--- a/src/yunohost/tests/test_permission.py
+++ b/src/yunohost/tests/test_permission.py
@ -305,12 +305,10 @@ def test_permission_list():
    assert set(res['wiki.main']['corresponding_users']) == set(["alice", "bob"])
    assert res['blog.main']['corresponding_users'] == ["alice"]
    assert res['blog.api']['corresponding_users'] == []
-    assert res['wiki.main']['url'] == maindomain + "/wiki"
+    assert res['wiki.main']['url'] == "/"
-    assert res['blog.main']['url'] == maindomain + "/blog"
+    assert res['blog.main']['url'] == "/"
    assert res['blog.api']['url'] == None
-    assert set(res['wiki.main']['additional_urls']) == {maindomain + '/wiki/whatever', maindomain + '/wiki/idontnow'}
+    assert set(res['wiki.main']['additional_urls']) == {'/whatever', '/idontnow'}
    assert res['blog.main']['additional_urls'] == []
    assert res['blog.api']['additional_urls'] == []
    assert res['wiki.main']['protected'] == False
    assert res['blog.main']['protected'] == False
    assert res['blog.api']['protected'] == True
@ -324,10 +322,13 @@ def test_permission_list():
    assert res['blog.main']['auth_header'] == True
    assert res['blog.api']['auth_header'] == True
-    res = user_permission_list(full=True, full_path=False)['permissions']
+    res = user_permission_list(full=True, absolute_urls=True)['permissions']
-    assert res['wiki.main']['url'] == "/"
+    assert res['wiki.main']['url'] == maindomain + "/wiki"
-    assert res['blog.main']['url'] == "/"
+    assert res['blog.main']['url'] == maindomain + "/blog"
-    assert set(res['wiki.main']['additional_urls']) == {'/whatever', '/idontnow'}
+    assert res['blog.api']['url'] == None
    assert set(res['wiki.main']['additional_urls']) == {maindomain + '/wiki/whatever', maindomain + '/wiki/idontnow'}
    assert res['blog.main']['additional_urls'] == []
    assert res['blog.api']['additional_urls'] == []
 #
@ -416,7 +417,7 @@ def test_permission_create_with_urls_management_simple_domain(mocker):
                                          url="/", additional_urls=['/whatever','/idontnow'], auth_header=False,
                                          domain=maindomain, path='/site')
-    res = user_permission_list(full=True)['permissions']
+    res = user_permission_list(full=True, absolute_urls=True)['permissions']
    assert "site.main" in res
    assert res['site.main']['url'] == maindomain + "/site"
    assert set(res['site.main']['additional_urls']) == {maindomain + "/site/whatever", maindomain + "/site/idontnow"}
@ -433,7 +434,7 @@ def test_permission_create_with_urls_management_multiple_domain(mocker):
                                          auth_header=True,
                                          domain=maindomain, path='/site')
-    res = user_permission_list(full=True)['permissions']
+    res = user_permission_list(full=True, absolute_urls=True)['permissions']
    assert "site.main" in res
    assert res['site.main']['url'] == maindomain + "/site/something"
    assert set(res['site.main']['additional_urls']) == {other_domains[0] + "/blabla", other_domains[1] + "/ahh"}
@ -640,7 +641,7 @@ def test_permission_protected_update(mocker):
 def test_permission_redefine_url():
    permission_url("blog.main", url="/pwet")
-    res = user_permission_list(full=True, full_path=False)['permissions']
+    res = user_permission_list(full=True)['permissions']
    assert res["blog.main"]["url"] == "/pwet"
@ -654,10 +655,10 @@ def test_permission_remove_url():
 def test_permission_main_url_regex():
    permission_url("blog.main", url="re:/[a-z]+reboy/.*")
-    res = user_permission_list(full=True, full_path=False)['permissions']
+    res = user_permission_list(full=True)['permissions']
    assert res["blog.main"]["url"] == "re:/[a-z]+reboy/.*"
-    res = user_permission_list(full=True, full_path=True)['permissions']
+    res = user_permission_list(full=True, absolute_urls=True)['permissions']
    assert res["blog.main"]["url"] == "re:%s/blog/[a-z]+reboy/.*" % maindomain.replace('.', '\.')
@ -670,7 +671,7 @@ def test_permission_main_url_bad_regex(mocker):
 def test_permission_add_additional_url():
    permission_url("wiki.main", add_url=[other_domains[0] + "/heyby", "/myhouse"])
-    res = user_permission_list(full=True)['permissions']
+    res = user_permission_list(full=True, absolute_urls=True)['permissions']
    assert res['wiki.main']['url'] == maindomain + "/wiki"
    assert set(res['wiki.main']['additional_urls']) == {maindomain + '/wiki/whatever',
                                                        maindomain + '/wiki/idontnow',
@ -681,10 +682,10 @@ def test_permission_add_additional_url():
 def test_permission_add_additional_regex():
    permission_url("blog.main", add_url=["re:/[a-z]+reboy/.*"])
-    res = user_permission_list(full=True, full_path=False)['permissions']
+    res = user_permission_list(full=True)['permissions']
    assert res["blog.main"]["additional_urls"] == ["re:/[a-z]+reboy/.*"]
-    res = user_permission_list(full=True, full_path=True)['permissions']
+    res = user_permission_list(full=True, absolute_urls=True)['permissions']
    assert res["blog.main"]["additional_urls"] == ["re:%s/blog/[a-z]+reboy/.*" % maindomain.replace('.', '\.')]
@ -696,7 +697,7 @@ def test_permission_add_additional_bad_regex(mocker):
 def test_permission_remove_additional_url():
    permission_url("wiki.main", remove_url=['/whatever'])
-    res = user_permission_list(full=True)['permissions']
+    res = user_permission_list(full=True, absolute_urls=True)['permissions']
    assert res['wiki.main']['url'] == maindomain + "/wiki"
    assert res['wiki.main']['additional_urls'] == [maindomain + '/wiki/idontnow']
@ -705,7 +706,7 @@ def test_permssion_add_additional_url_already_exist():
    permission_url("wiki.main", add_url=['/whatever', "/myhouse"])
    permission_url("wiki.main", add_url=['/whatever'])
-    res = user_permission_list(full=True)['permissions']
+    res = user_permission_list(full=True, absolute_urls=True)['permissions']
    assert res['wiki.main']['url'] == maindomain + "/wiki"
    assert set(res['wiki.main']['additional_urls']) == {maindomain + '/wiki/whatever',
                                                        maindomain + '/wiki/idontnow',
@ -716,7 +717,7 @@ def test_permission_remove_additional_url_dont_exist():
    permission_url("wiki.main", remove_url=['/shouldntexist', '/whatever'])
    permission_url("wiki.main", remove_url=['/shouldntexist'])
-    res = user_permission_list(full=True)['permissions']
+    res = user_permission_list(full=True, absolute_urls=True)['permissions']
    assert res['wiki.main']['url'] == maindomain + "/wiki"
    assert res['wiki.main']['additional_urls'] == [maindomain + '/wiki/idontnow']
@ -814,7 +815,7 @@ def test_show_tile_cant_be_enabled():
                                      allowed=["all_users"], protected=False, sync_perm=True,
                                      domain=maindomain, path="/web")
-    permissions = user_permission_list(full=True, full_path=False)['permissions']
+    permissions = user_permission_list(full=True)['permissions']
    assert permissions['site.main']['show_tile'] == False
    assert permissions['web.main']['show_tile'] == False
@ -830,7 +831,7 @@ def test_permission_app_install():
    app_install(os.path.join(get_test_apps_dir(), "permissions_app_ynh"),
                args="domain=%s&domain_2=%s&path=%s&is_public=0&admin=%s" % (maindomain, other_domains[0], "/urlpermissionapp", "alice"), force=True)
-    res = user_permission_list(full=True, full_path=False)['permissions']
+    res = user_permission_list(full=True)['permissions']
    assert "permissions_app.main" in res
    assert "permissions_app.admin" in res
    assert "permissions_app.dev" in res
@ -871,14 +872,14 @@ def test_permission_app_change_url():
                args="domain=%s&domain_2=%s&path=%s&admin=%s" % (maindomain, other_domains[0], "/urlpermissionapp", "alice"), force=True)
    # FIXME : should rework this test to look for differences in the generated app map / app tiles ...
-    res = user_permission_list(full=True, full_path=False)['permissions']
+    res = user_permission_list(full=True)['permissions']
    assert res['permissions_app.main']['url'] == "/"
    assert res['permissions_app.admin']['url'] == "/admin"
    assert res['permissions_app.dev']['url'] == "/dev"
    app_change_url("permissions_app", maindomain, "/newchangeurl")
-    res = user_permission_list(full=True, full_path=False)['permissions']
+    res = user_permission_list(full=True)['permissions']
    assert res['permissions_app.main']['url'] == "/"
    assert res['permissions_app.admin']['url'] == "/admin"
    assert res['permissions_app.dev']['url'] == "/dev"
--- a/src/yunohost/user.py
+++ b/src/yunohost/user.py
@ -461,7 +461,7 @@ def user_info(username):
        if service_status("dovecot")["status"] != "running":
            logger.warning(m18n.n('mailbox_used_space_dovecot_down'))
-        elif username not in user_permission_list(full=True)["permissions"]["mail.main"]["corresponding_users"]:
+        elif username not in user_permission_info("mail.main")["corresponding_users"]:
            logger.warning(m18n.n('mailbox_disabled', user=username))
        else:
            try:
@ -768,7 +768,7 @@ def user_group_info(groupname):
 def user_permission_list(short=False, full=False):
    import yunohost.permission
-    return yunohost.permission.user_permission_list(short, full)
+    return yunohost.permission.user_permission_list(short, full, absolute_urls=True)
 def user_permission_update(permission, add=None, remove=None, label=None, show_tile=None, sync_perm=True):