mirror of
https://github.com/YunoHost/yunohost.git
synced 2024-09-03 20:06:10 +02:00
Try to uh simplify the whole full_path=True / False thing, most of the time internally we want it set to False
This commit is contained in:
Alexandre Aubin
parent
de96b094b2
commit
fb44bd1c66
7 changed files with 48 additions and 56 deletions
|
|
@ -177,7 +177,7 @@ def app_info(app, full=False):
|
|||
ret['supports_backup_restore'] = (os.path.exists(os.path.join(APPS_SETTING_PATH, app, "scripts", "backup")) and
|
||||
os.path.exists(os.path.join(APPS_SETTING_PATH, app, "scripts", "restore")))
|
||||
ret['supports_multi_instance'] = is_true(local_manifest.get("multi_instance", False))
|
||||
permissions = user_permission_list(full=True, full_path=True)["permissions"]
|
||||
permissions = user_permission_list(full=True, absolute_urls=True)["permissions"]
|
||||
ret['permissions'] = {p: i for p, i in permissions.items() if p.startswith(app + ".") and (i["url"] or i['additional_urls'])}
|
||||
return ret
|
||||
|
||||
|
|
@ -249,7 +249,7 @@ def app_map(app=None, raw=False, user=None):
|
|||
else:
|
||||
apps = os.listdir(APPS_SETTING_PATH)
|
||||
|
||||
permissions = user_permission_list(full=True, full_path=True)["permissions"]
|
||||
permissions = user_permission_list(full=True, absolute_urls=True)["permissions"]
|
||||
for app_id in apps:
|
||||
app_settings = _get_app_settings(app_id)
|
||||
if not app_settings:
|
||||
|
|
@ -640,7 +640,7 @@ def app_install(operation_logger, app, label=None, args=None, no_remove_on_failu
|
|||
|
||||
from yunohost.hook import hook_add, hook_remove, hook_exec, hook_callback
|
||||
from yunohost.log import OperationLogger
|
||||
from yunohost.permission import user_permission_list, user_permission_update, permission_create, permission_url, permission_delete, permission_sync_to_user
|
||||
from yunohost.permission import user_permission_list, user_permission_info, user_permission_update, permission_create, permission_url, permission_delete, permission_sync_to_user
|
||||
from yunohost.regenconf import manually_modified_files
|
||||
|
||||
# Fetch or extract sources
|
||||
|
|
@ -926,7 +926,7 @@ def app_install(operation_logger, app, label=None, args=None, no_remove_on_failu
|
|||
app_settings = _get_app_settings(app_instance_name)
|
||||
domain = app_settings.get('domain', None)
|
||||
path = app_settings.get('path', None)
|
||||
if domain and path and user_permission_list(full=True, full_path=False)['permissions'][app_instance_name + '.main']['url'] is None:
|
||||
if domain and path and user_permission_info(app_instance_name + '.main')['url'] is None:
|
||||
permission_url(app_instance_name + ".main", url='/', sync_perm=False)
|
||||
user_permission_update(app_instance_name + ".main", show_tile=True, sync_perm=False)
|
||||
|
||||
|
|
@ -1199,7 +1199,7 @@ def app_setting(app, key, value=None, delete=False):
|
|||
|
||||
logger.warning("/!\\ Packagers! This app is still using the skipped/protected/unprotected_uris/regex settings which are now obsolete and deprecated... Instead, you should use the new helpers 'ynh_permission_{create,urls,update,delete}' and the 'visitors' group to initialize the public/private access. Check out the documentation at the bottom of yunohost.org/groups_and_permissions to learn how to use the new permission mechanism.")
|
||||
from permission import user_permission_list, user_permission_update, permission_create, permission_delete, permission_url
|
||||
permissions = user_permission_list(full=True, full_path=False)['permissions']
|
||||
permissions = user_permission_list(full=True)['permissions']
|
||||
permission_name = "%s.legacy_%s_uris" % (app, key.split('_')[0])
|
||||
permission = permissions.get(permission_name)
|
||||
|
||||
|
|
@ -1331,7 +1331,7 @@ def app_ssowatconf():
|
|||
|
||||
main_domain = _get_maindomain()
|
||||
domains = domain_list()['domains']
|
||||
all_permissions = user_permission_list(full=True, ignore_system_perms=True, full_path=True)['permissions']
|
||||
all_permissions = user_permission_list(full=True, ignore_system_perms=True, absolute_urls=True)['permissions']
|
||||
|
||||
permissions = {
|
||||
'core_skipped': {
|
||||
|
|
|
|||
|
|
@ -697,7 +697,7 @@ class BackupManager():
|
|||
|
||||
# backup permissions
|
||||
logger.debug(m18n.n('backup_permission', app=app))
|
||||
permissions = user_permission_list(full=True, full_path=False)["permissions"]
|
||||
permissions = user_permission_list(full=True)["permissions"]
|
||||
this_app_permissions = {name: infos for name, infos in permissions.items() if name.startswith(app + ".")}
|
||||
write_to_yaml("%s/permissions.yml" % settings_dir, this_app_permissions)
|
||||
|
||||
|
|
@ -1158,7 +1158,7 @@ class RestoreManager():
|
|||
|
||||
# Backup old permission for apps
|
||||
# We need to do that because in case of an app is installed we can't remove the permission for this app
|
||||
old_apps_permission = user_permission_list(ignore_system_perms=True, full=True, full_path=False)["permissions"]
|
||||
old_apps_permission = user_permission_list(ignore_system_perms=True, full=True)["permissions"]
|
||||
|
||||
# Start register change on system
|
||||
operation_logger = OperationLogger('backup_restore_system')
|
||||
|
|
|
|||
|
|
@ -37,7 +37,7 @@ class MyMigration(Migration):
|
|||
|
||||
logger.info(m18n.n("migration_0019_add_new_attributes_in_ldap"))
|
||||
ldap = _get_ldap_interface()
|
||||
permission_list = user_permission_list(short=True, full_path=False)["permissions"]
|
||||
permission_list = user_permission_list(short=True)["permissions"]
|
||||
|
||||
labels = {}
|
||||
for app in _installed_apps():
|
||||
|
|
|
|||
|
|
@ -45,7 +45,7 @@ SYSTEM_PERMS = ["mail", "xmpp", "sftp", "ssh"]
|
|||
#
|
||||
|
||||
|
||||
def user_permission_list(short=False, full=False, ignore_system_perms=False, full_path=True):
|
||||
def user_permission_list(short=False, full=False, ignore_system_perms=False, absolute_urls=False):
|
||||
"""
|
||||
List permissions and corresponding accesses
|
||||
"""
|
||||
|
|
@ -86,7 +86,7 @@ def user_permission_list(short=False, full=False, ignore_system_perms=False, ful
|
|||
perm["url"] = infos.get("URL", [None])[0]
|
||||
perm["additional_urls"] = infos.get("additionalUrls", [])
|
||||
|
||||
if full_path:
|
||||
if absolute_urls:
|
||||
app_base_path = apps_base_path[app] if app in apps_base_path else "" # Meh in some situation where the app is currently installed/removed, this function may be called and we still need to act as if the corresponding permission indeed exists ... dunno if that's really the right way to proceed but okay.
|
||||
perm["url"] = _get_absolute_url(perm["url"], app_base_path)
|
||||
perm["additional_urls"] = [_get_absolute_url(url, app_base_path) for url in perm["additional_urls"]]
|
||||
|
|
@ -132,7 +132,7 @@ def user_permission_update(operation_logger, permission, add=None, remove=None,
|
|||
if "." not in permission:
|
||||
permission = permission + ".main"
|
||||
|
||||
existing_permission = user_permission_list(full=True, full_path=False)["permissions"].get(permission, None)
|
||||
existing_permission = user_permission_info(permission)
|
||||
|
||||
# Refuse to add "visitors" to mail, xmpp ... they require an account to make sense.
|
||||
if add and "visitors" in add and permission.split(".")[0] in SYSTEM_PERMS:
|
||||
|
|
@ -145,9 +145,6 @@ def user_permission_update(operation_logger, permission, add=None, remove=None,
|
|||
|
||||
# Fetch currently allowed groups for this permission
|
||||
|
||||
if existing_permission is None:
|
||||
raise YunohostError('permission_not_found', permission=permission)
|
||||
|
||||
current_allowed_groups = existing_permission["allowed"]
|
||||
operation_logger.related_to.append(('app', permission.split(".")[0]))
|
||||
|
||||
|
|
@ -223,9 +220,7 @@ def user_permission_reset(operation_logger, permission, sync_perm=True):
|
|||
|
||||
# Fetch existing permission
|
||||
|
||||
existing_permission = user_permission_list(full=True, full_path=False)["permissions"].get(permission, None)
|
||||
if existing_permission is None:
|
||||
raise YunohostError('permission_not_found', permission=permission)
|
||||
existing_permission = user_permission_info(permission)
|
||||
|
||||
if existing_permission["allowed"] == ["all_users"]:
|
||||
logger.warning(m18n.n("permission_already_up_to_date"))
|
||||
|
|
@ -400,9 +395,7 @@ def permission_url(operation_logger, permission,
|
|||
|
||||
# Fetch existing permission
|
||||
|
||||
existing_permission = user_permission_list(full=True, full_path=False)["permissions"].get(permission, None)
|
||||
if not existing_permission:
|
||||
raise YunohostError('permission_not_found', permission=permission)
|
||||
existing_permission = user_permission_info(permission)
|
||||
|
||||
show_tile = existing_permission['show_tile']
|
||||
|
||||
|
|
@ -461,7 +454,7 @@ def permission_url(operation_logger, permission,
|
|||
permission_sync_to_user()
|
||||
|
||||
logger.debug(m18n.n('permission_updated', permission=permission))
|
||||
return user_permission_list(full=True)["permissions"][permission]
|
||||
return user_permission_info(permission)
|
||||
|
||||
|
||||
@is_unit_operation()
|
||||
|
|
@ -485,9 +478,7 @@ def permission_delete(operation_logger, permission, force=False, sync_perm=True)
|
|||
|
||||
# Make sure this permission exists
|
||||
|
||||
existing_permission = user_permission_list(full=True)["permissions"].get(permission, None)
|
||||
if not existing_permission:
|
||||
raise YunohostError('permission_not_found', permission=permission)
|
||||
_ = user_permission_info(permission)
|
||||
|
||||
# Actually delete the permission
|
||||
|
||||
|
|
@ -516,7 +507,7 @@ def permission_sync_to_user():
|
|||
ldap = _get_ldap_interface()
|
||||
|
||||
groups = user_group_list(full=True)["groups"]
|
||||
permissions = user_permission_list(full=True, full_path=False)["permissions"]
|
||||
permissions = user_permission_list(full=True)["permissions"]
|
||||
|
||||
for permission_name, permission_infos in permissions.items():
|
||||
|
||||
|
|
@ -575,7 +566,7 @@ def _update_ldap_group_permission(permission, allowed,
|
|||
from yunohost.utils.ldap import _get_ldap_interface
|
||||
ldap = _get_ldap_interface()
|
||||
|
||||
existing_permission = user_permission_list(full=True, full_path=False)["permissions"][permission]
|
||||
existing_permission = user_permission_info(permission)
|
||||
|
||||
update = {}
|
||||
|
||||
|
|
@ -612,7 +603,7 @@ def _update_ldap_group_permission(permission, allowed,
|
|||
if sync_perm:
|
||||
permission_sync_to_user()
|
||||
|
||||
new_permission = user_permission_list(full=True)["permissions"][permission]
|
||||
new_permission = user_permission_info(permission)
|
||||
|
||||
# Trigger app callbacks
|
||||
|
||||
|
|
|
|||
|
|
@ -518,7 +518,7 @@ def test_backup_and_restore_with_ynh_restore(mocker):
|
|||
@pytest.mark.with_permission_app_installed
|
||||
def test_backup_and_restore_permission_app(mocker):
|
||||
|
||||
res = user_permission_list(full=True, full_path=False)['permissions']
|
||||
res = user_permission_list(full=True)['permissions']
|
||||
assert "permissions_app.main" in res
|
||||
assert "permissions_app.admin" in res
|
||||
assert "permissions_app.dev" in res
|
||||
|
|
@ -533,7 +533,7 @@ def test_backup_and_restore_permission_app(mocker):
|
|||
|
||||
_test_backup_and_restore_app(mocker, "permissions_app")
|
||||
|
||||
res = user_permission_list(full=True, full_path=False)['permissions']
|
||||
res = user_permission_list(full=True)['permissions']
|
||||
assert "permissions_app.main" in res
|
||||
assert "permissions_app.admin" in res
|
||||
assert "permissions_app.dev" in res
|
||||
|
|
|
|||
|
|
@ -305,12 +305,10 @@ def test_permission_list():
|
|||
assert set(res['wiki.main']['corresponding_users']) == set(["alice", "bob"])
|
||||
assert res['blog.main']['corresponding_users'] == ["alice"]
|
||||
assert res['blog.api']['corresponding_users'] == []
|
||||
assert res['wiki.main']['url'] == maindomain + "/wiki"
|
||||
assert res['blog.main']['url'] == maindomain + "/blog"
|
||||
assert res['wiki.main']['url'] == "/"
|
||||
assert res['blog.main']['url'] == "/"
|
||||
assert res['blog.api']['url'] == None
|
||||
assert set(res['wiki.main']['additional_urls']) == {maindomain + '/wiki/whatever', maindomain + '/wiki/idontnow'}
|
||||
assert res['blog.main']['additional_urls'] == []
|
||||
assert res['blog.api']['additional_urls'] == []
|
||||
assert set(res['wiki.main']['additional_urls']) == {'/whatever', '/idontnow'}
|
||||
assert res['wiki.main']['protected'] == False
|
||||
assert res['blog.main']['protected'] == False
|
||||
assert res['blog.api']['protected'] == True
|
||||
|
|
@ -324,10 +322,13 @@ def test_permission_list():
|
|||
assert res['blog.main']['auth_header'] == True
|
||||
assert res['blog.api']['auth_header'] == True
|
||||
|
||||
res = user_permission_list(full=True, full_path=False)['permissions']
|
||||
assert res['wiki.main']['url'] == "/"
|
||||
assert res['blog.main']['url'] == "/"
|
||||
assert set(res['wiki.main']['additional_urls']) == {'/whatever', '/idontnow'}
|
||||
res = user_permission_list(full=True, absolute_urls=True)['permissions']
|
||||
assert res['wiki.main']['url'] == maindomain + "/wiki"
|
||||
assert res['blog.main']['url'] == maindomain + "/blog"
|
||||
assert res['blog.api']['url'] == None
|
||||
assert set(res['wiki.main']['additional_urls']) == {maindomain + '/wiki/whatever', maindomain + '/wiki/idontnow'}
|
||||
assert res['blog.main']['additional_urls'] == []
|
||||
assert res['blog.api']['additional_urls'] == []
|
||||
|
||||
|
||||
#
|
||||
|
|
@ -416,7 +417,7 @@ def test_permission_create_with_urls_management_simple_domain(mocker):
|
|||
url="/", additional_urls=['/whatever','/idontnow'], auth_header=False,
|
||||
domain=maindomain, path='/site')
|
||||
|
||||
res = user_permission_list(full=True)['permissions']
|
||||
res = user_permission_list(full=True, absolute_urls=True)['permissions']
|
||||
assert "site.main" in res
|
||||
assert res['site.main']['url'] == maindomain + "/site"
|
||||
assert set(res['site.main']['additional_urls']) == {maindomain + "/site/whatever", maindomain + "/site/idontnow"}
|
||||
|
|
@ -433,7 +434,7 @@ def test_permission_create_with_urls_management_multiple_domain(mocker):
|
|||
auth_header=True,
|
||||
domain=maindomain, path='/site')
|
||||
|
||||
res = user_permission_list(full=True)['permissions']
|
||||
res = user_permission_list(full=True, absolute_urls=True)['permissions']
|
||||
assert "site.main" in res
|
||||
assert res['site.main']['url'] == maindomain + "/site/something"
|
||||
assert set(res['site.main']['additional_urls']) == {other_domains[0] + "/blabla", other_domains[1] + "/ahh"}
|
||||
|
|
@ -640,7 +641,7 @@ def test_permission_protected_update(mocker):
|
|||
def test_permission_redefine_url():
|
||||
permission_url("blog.main", url="/pwet")
|
||||
|
||||
res = user_permission_list(full=True, full_path=False)['permissions']
|
||||
res = user_permission_list(full=True)['permissions']
|
||||
assert res["blog.main"]["url"] == "/pwet"
|
||||
|
||||
|
||||
|
|
@ -654,10 +655,10 @@ def test_permission_remove_url():
|
|||
def test_permission_main_url_regex():
|
||||
permission_url("blog.main", url="re:/[a-z]+reboy/.*")
|
||||
|
||||
res = user_permission_list(full=True, full_path=False)['permissions']
|
||||
res = user_permission_list(full=True)['permissions']
|
||||
assert res["blog.main"]["url"] == "re:/[a-z]+reboy/.*"
|
||||
|
||||
res = user_permission_list(full=True, full_path=True)['permissions']
|
||||
res = user_permission_list(full=True, absolute_urls=True)['permissions']
|
||||
assert res["blog.main"]["url"] == "re:%s/blog/[a-z]+reboy/.*" % maindomain.replace('.', '\.')
|
||||
|
||||
|
||||
|
|
@ -670,7 +671,7 @@ def test_permission_main_url_bad_regex(mocker):
|
|||
def test_permission_add_additional_url():
|
||||
permission_url("wiki.main", add_url=[other_domains[0] + "/heyby", "/myhouse"])
|
||||
|
||||
res = user_permission_list(full=True)['permissions']
|
||||
res = user_permission_list(full=True, absolute_urls=True)['permissions']
|
||||
assert res['wiki.main']['url'] == maindomain + "/wiki"
|
||||
assert set(res['wiki.main']['additional_urls']) == {maindomain + '/wiki/whatever',
|
||||
maindomain + '/wiki/idontnow',
|
||||
|
|
@ -681,10 +682,10 @@ def test_permission_add_additional_url():
|
|||
def test_permission_add_additional_regex():
|
||||
permission_url("blog.main", add_url=["re:/[a-z]+reboy/.*"])
|
||||
|
||||
res = user_permission_list(full=True, full_path=False)['permissions']
|
||||
res = user_permission_list(full=True)['permissions']
|
||||
assert res["blog.main"]["additional_urls"] == ["re:/[a-z]+reboy/.*"]
|
||||
|
||||
res = user_permission_list(full=True, full_path=True)['permissions']
|
||||
res = user_permission_list(full=True, absolute_urls=True)['permissions']
|
||||
assert res["blog.main"]["additional_urls"] == ["re:%s/blog/[a-z]+reboy/.*" % maindomain.replace('.', '\.')]
|
||||
|
||||
|
||||
|
|
@ -696,7 +697,7 @@ def test_permission_add_additional_bad_regex(mocker):
|
|||
def test_permission_remove_additional_url():
|
||||
permission_url("wiki.main", remove_url=['/whatever'])
|
||||
|
||||
res = user_permission_list(full=True)['permissions']
|
||||
res = user_permission_list(full=True, absolute_urls=True)['permissions']
|
||||
assert res['wiki.main']['url'] == maindomain + "/wiki"
|
||||
assert res['wiki.main']['additional_urls'] == [maindomain + '/wiki/idontnow']
|
||||
|
||||
|
|
@ -705,7 +706,7 @@ def test_permssion_add_additional_url_already_exist():
|
|||
permission_url("wiki.main", add_url=['/whatever', "/myhouse"])
|
||||
permission_url("wiki.main", add_url=['/whatever'])
|
||||
|
||||
res = user_permission_list(full=True)['permissions']
|
||||
res = user_permission_list(full=True, absolute_urls=True)['permissions']
|
||||
assert res['wiki.main']['url'] == maindomain + "/wiki"
|
||||
assert set(res['wiki.main']['additional_urls']) == {maindomain + '/wiki/whatever',
|
||||
maindomain + '/wiki/idontnow',
|
||||
|
|
@ -716,7 +717,7 @@ def test_permission_remove_additional_url_dont_exist():
|
|||
permission_url("wiki.main", remove_url=['/shouldntexist', '/whatever'])
|
||||
permission_url("wiki.main", remove_url=['/shouldntexist'])
|
||||
|
||||
res = user_permission_list(full=True)['permissions']
|
||||
res = user_permission_list(full=True, absolute_urls=True)['permissions']
|
||||
assert res['wiki.main']['url'] == maindomain + "/wiki"
|
||||
assert res['wiki.main']['additional_urls'] == [maindomain + '/wiki/idontnow']
|
||||
|
||||
|
|
@ -814,7 +815,7 @@ def test_show_tile_cant_be_enabled():
|
|||
allowed=["all_users"], protected=False, sync_perm=True,
|
||||
domain=maindomain, path="/web")
|
||||
|
||||
permissions = user_permission_list(full=True, full_path=False)['permissions']
|
||||
permissions = user_permission_list(full=True)['permissions']
|
||||
|
||||
assert permissions['site.main']['show_tile'] == False
|
||||
assert permissions['web.main']['show_tile'] == False
|
||||
|
|
@ -830,7 +831,7 @@ def test_permission_app_install():
|
|||
app_install(os.path.join(get_test_apps_dir(), "permissions_app_ynh"),
|
||||
args="domain=%s&domain_2=%s&path=%s&is_public=0&admin=%s" % (maindomain, other_domains[0], "/urlpermissionapp", "alice"), force=True)
|
||||
|
||||
res = user_permission_list(full=True, full_path=False)['permissions']
|
||||
res = user_permission_list(full=True)['permissions']
|
||||
assert "permissions_app.main" in res
|
||||
assert "permissions_app.admin" in res
|
||||
assert "permissions_app.dev" in res
|
||||
|
|
@ -871,14 +872,14 @@ def test_permission_app_change_url():
|
|||
args="domain=%s&domain_2=%s&path=%s&admin=%s" % (maindomain, other_domains[0], "/urlpermissionapp", "alice"), force=True)
|
||||
|
||||
# FIXME : should rework this test to look for differences in the generated app map / app tiles ...
|
||||
res = user_permission_list(full=True, full_path=False)['permissions']
|
||||
res = user_permission_list(full=True)['permissions']
|
||||
assert res['permissions_app.main']['url'] == "/"
|
||||
assert res['permissions_app.admin']['url'] == "/admin"
|
||||
assert res['permissions_app.dev']['url'] == "/dev"
|
||||
|
||||
app_change_url("permissions_app", maindomain, "/newchangeurl")
|
||||
|
||||
res = user_permission_list(full=True, full_path=False)['permissions']
|
||||
res = user_permission_list(full=True)['permissions']
|
||||
assert res['permissions_app.main']['url'] == "/"
|
||||
assert res['permissions_app.admin']['url'] == "/admin"
|
||||
assert res['permissions_app.dev']['url'] == "/dev"
|
||||
|
|
|
|||
|
|
@ -461,7 +461,7 @@ def user_info(username):
|
|||
|
||||
if service_status("dovecot")["status"] != "running":
|
||||
logger.warning(m18n.n('mailbox_used_space_dovecot_down'))
|
||||
elif username not in user_permission_list(full=True)["permissions"]["mail.main"]["corresponding_users"]:
|
||||
elif username not in user_permission_info("mail.main")["corresponding_users"]:
|
||||
logger.warning(m18n.n('mailbox_disabled', user=username))
|
||||
else:
|
||||
try:
|
||||
|
|
@ -768,7 +768,7 @@ def user_group_info(groupname):
|
|||
|
||||
def user_permission_list(short=False, full=False):
|
||||
import yunohost.permission
|
||||
return yunohost.permission.user_permission_list(short, full)
|
||||
return yunohost.permission.user_permission_list(short, full, absolute_urls=True)
|
||||
|
||||
|
||||
def user_permission_update(permission, add=None, remove=None, label=None, show_tile=None, sync_perm=True):
|
||||
|
|
|
|||
Loading…
Add table
Reference in a new issue