Git/yunohost-gitea_ynh
1
0
Fork 0
mirror of https://framagit.org/YunoHost-Apps/gitea_ynh.git synced 2025-10-30 05:15:30 +01:00
Code Issues Packages Projects Releases Wiki Activity

Add group-permission support

Browse Source
This commit is contained in:
Josué Tille
2020-03-25 16:33:19 +01:00
parent f933d40896
commit 3f8bc89834
5 changed files with 28 additions and 11 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
conf/login_source.sql
View File

@@ -1,3 +1,6 @@
INSERT INTO `__APP__`.`login_source` (`id`, `type`, `name`, `is_actived`, `cfg`, `created_unix`, `updated_unix`) VALUES
('1', '2', 'Yunohost LDAP', '1', '{"Name":"Yunohost LDAP","Host":"localhost","Port":389,"UseSSL":false,"BindDN":"","BindPassword":"","UserBase":"ou=users,dc=yunohost,dc=org","AttributeName":"givenName","AttributeSurname":"sn","AttributeMail":"mail","Filter":"(uid=%s)","AdminFilter":"(uid=__ADMIN__)","Enabled":true}', '1464014433', '1464015955')
ON DUPLICATE KEY UPDATE cfg='{"Name":"Yunohost LDAP","Host":"localhost","Port":389,"UseSSL":false,"BindDN":"","BindPassword":"","UserBase":"ou=users,dc=yunohost,dc=org","AttributeName":"givenName","AttributeSurname":"sn","AttributeMail":"mail","Filter":"(uid=%s)","AdminFilter":"(uid=__ADMIN__)","Enabled":true}'
INSERT INTO `__APP__`.`login_source`
(`id`, `type`, `name`, `is_actived`, `cfg`, `created_unix`, `updated_unix`)
VALUES
('1', '2', 'Yunohost LDAP', '1', '{"Name":"Yunohost LDAP","Host":"localhost","Port":389,"UseSSL":false,"BindDN":"","BindPassword":"","UserBase":"ou=users,dc=yunohost,dc=org","AttributeName":"givenName","AttributeSurname":"sn","AttributeMail":"mail","Filter":"(&(uid=%s)(objectClass=posixAccount)(permission=cn=__APP__.main,ou=permission,dc=yunohost,dc=org))","AdminFilter":"(permission=cn=__APP__.admin,ou=permission,dc=yunohost,dc=org)","Enabled":true}', '1464014433', '1464015955')
ON DUPLICATE KEY
UPDATE cfg='{"Name":"Yunohost LDAP","Host":"localhost","Port":389,"UseSSL":false,"BindDN":"","BindPassword":"","UserBase":"ou=users,dc=yunohost,dc=org","AttributeName":"givenName","AttributeSurname":"sn","AttributeMail":"mail","Filter":"(&(uid=%s)(objectClass=posixAccount)(permission=cn=__APP__.main,ou=permission,dc=yunohost,dc=org))","AdminFilter":"(permission=cn=__APP__.admin,ou=permission,dc=yunohost,dc=org)","Enabled":true}';

2
manifest.json
View File

@@ -20,7 +20,7 @@
"mysql"
],
"requirements": {
"yunohost": ">= 3.6.4"
"yunohost": ">= 3.7.0.6"
},
"arguments": {
"install" : [

6
scripts/_common.sh
View File

@@ -87,10 +87,8 @@ set_permission() {
}
set_access_settings() {
if [ "$is_public" = '1' ]
if [ "$is_public" == '1' ];
then
ynh_app_setting_set --app $app --key unprotected_uris --value "/"
else
ynh_app_setting_delete --app $app --key skipped_regex
ynh_permission_update --permission "main" --add "visitors"
fi
}

7
scripts/install
View File

@@ -90,14 +90,13 @@ ynh_script_progression --message="Configuring application, step 2/2..."
# Start gitea for building mysql tables
systemctl start "$app".service
# Wait till login_source mysql table is created
# Wait untill login_source mysql table is created
while ! $(ynh_mysql_connect_as "$dbuser" "$dbpass" "$dbname" <<< "SELECT * FROM login_source;" &>/dev/null)
do
sleep 2
done
# Add ldap config
ynh_replace_string --match_string "__ADMIN__" --replace_string "$admin" --target_file ../conf/login_source.sql
ynh_replace_string --match_string "__APP__" --replace_string "$app" --target_file ../conf/login_source.sql
ynh_mysql_connect_as "$dbuser" "$dbpass" "$dbname" < ../conf/login_source.sql
@@ -113,6 +112,10 @@ ynh_add_fail2ban_config --logpath "/var/log/$app/gitea.log" --failregex ".*Faile
ynh_script_progression --message="Protecting directory"
set_access_settings
# Create permission
ynh_script_progression --message="Configuring permissions"
ynh_permission_create --permission="admin" --allowed=$admin
# Add gitea to YunoHost's monitored services
ynh_script_progression --message="Register gitea service..."
yunohost service add "$app" --log "/var/log/$app/gitea.log"

15
scripts/upgrade
View File

@@ -65,7 +65,6 @@ if [[ $migration_process -eq 1 ]]; then
ynh_secure_remove --file=$final_path/custom/conf/auth.d
# Restore authentication from SQL database
ynh_replace_string --match_string __ADMIN__ --replace_string "$admin" --target_file ../conf/login_source.sql
ynh_replace_string --match_string __APP__ --replace_string "$app" --target_file ../conf/login_source.sql
ynh_mysql_connect_as "$dbuser" "$dbpass" "$dbname" < ../conf/login_source.sql
@@ -189,6 +188,20 @@ ynh_add_fail2ban_config --logpath "/var/log/$app/gitea.log" --failregex ".*Faile
# GENERIC FINALIZATION
#=================================================
# Set all permissions
ynh_script_progression --message="Update permission..."
if ! ynh_permission_exists --permission admin; then
ynh_app_setting_delete --app $app --key unprotected_uris
ynh_permission_create --permission 'admin' --allowed "$admin"
# Update ldap config
ynh_replace_string --match_string "__APP__" --replace_string "$app" --target_file ../conf/login_source.sql
ynh_mysql_connect_as "$dbuser" "$dbpass" "$dbname" < ../conf/login_source.sql
fi
if [ "$is_public" == '1' ];
then
ynh_permission_update --permission "main" --add "visitors"
fi
# Set permissions
ynh_script_progression --message="Protecting directory"
set_permission