mirror of
https://framagit.org/YunoHost-Apps/gitea_ynh.git
synced 2024-12-22 09:35:06 +01:00
Add group-permission support
This commit is contained in:
parent
f933d40896
commit
3f8bc89834
@ -1,3 +1,6 @@
|
||||
INSERT INTO `__APP__`.`login_source` (`id`, `type`, `name`, `is_actived`, `cfg`, `created_unix`, `updated_unix`) VALUES
|
||||
('1', '2', 'Yunohost LDAP', '1', '{"Name":"Yunohost LDAP","Host":"localhost","Port":389,"UseSSL":false,"BindDN":"","BindPassword":"","UserBase":"ou=users,dc=yunohost,dc=org","AttributeName":"givenName","AttributeSurname":"sn","AttributeMail":"mail","Filter":"(uid=%s)","AdminFilter":"(uid=__ADMIN__)","Enabled":true}', '1464014433', '1464015955')
|
||||
ON DUPLICATE KEY UPDATE cfg='{"Name":"Yunohost LDAP","Host":"localhost","Port":389,"UseSSL":false,"BindDN":"","BindPassword":"","UserBase":"ou=users,dc=yunohost,dc=org","AttributeName":"givenName","AttributeSurname":"sn","AttributeMail":"mail","Filter":"(uid=%s)","AdminFilter":"(uid=__ADMIN__)","Enabled":true}'
|
||||
INSERT INTO `__APP__`.`login_source`
|
||||
(`id`, `type`, `name`, `is_actived`, `cfg`, `created_unix`, `updated_unix`)
|
||||
VALUES
|
||||
('1', '2', 'Yunohost LDAP', '1', '{"Name":"Yunohost LDAP","Host":"localhost","Port":389,"UseSSL":false,"BindDN":"","BindPassword":"","UserBase":"ou=users,dc=yunohost,dc=org","AttributeName":"givenName","AttributeSurname":"sn","AttributeMail":"mail","Filter":"(&(uid=%s)(objectClass=posixAccount)(permission=cn=__APP__.main,ou=permission,dc=yunohost,dc=org))","AdminFilter":"(permission=cn=__APP__.admin,ou=permission,dc=yunohost,dc=org)","Enabled":true}', '1464014433', '1464015955')
|
||||
ON DUPLICATE KEY
|
||||
UPDATE cfg='{"Name":"Yunohost LDAP","Host":"localhost","Port":389,"UseSSL":false,"BindDN":"","BindPassword":"","UserBase":"ou=users,dc=yunohost,dc=org","AttributeName":"givenName","AttributeSurname":"sn","AttributeMail":"mail","Filter":"(&(uid=%s)(objectClass=posixAccount)(permission=cn=__APP__.main,ou=permission,dc=yunohost,dc=org))","AdminFilter":"(permission=cn=__APP__.admin,ou=permission,dc=yunohost,dc=org)","Enabled":true}';
|
||||
|
@ -20,7 +20,7 @@
|
||||
"mysql"
|
||||
],
|
||||
"requirements": {
|
||||
"yunohost": ">= 3.6.4"
|
||||
"yunohost": ">= 3.7.0.6"
|
||||
},
|
||||
"arguments": {
|
||||
"install" : [
|
||||
|
@ -87,10 +87,8 @@ set_permission() {
|
||||
}
|
||||
|
||||
set_access_settings() {
|
||||
if [ "$is_public" = '1' ]
|
||||
if [ "$is_public" == '1' ];
|
||||
then
|
||||
ynh_app_setting_set --app $app --key unprotected_uris --value "/"
|
||||
else
|
||||
ynh_app_setting_delete --app $app --key skipped_regex
|
||||
ynh_permission_update --permission "main" --add "visitors"
|
||||
fi
|
||||
}
|
||||
|
@ -90,14 +90,13 @@ ynh_script_progression --message="Configuring application, step 2/2..."
|
||||
# Start gitea for building mysql tables
|
||||
systemctl start "$app".service
|
||||
|
||||
# Wait till login_source mysql table is created
|
||||
# Wait untill login_source mysql table is created
|
||||
while ! $(ynh_mysql_connect_as "$dbuser" "$dbpass" "$dbname" <<< "SELECT * FROM login_source;" &>/dev/null)
|
||||
do
|
||||
sleep 2
|
||||
done
|
||||
|
||||
# Add ldap config
|
||||
ynh_replace_string --match_string "__ADMIN__" --replace_string "$admin" --target_file ../conf/login_source.sql
|
||||
ynh_replace_string --match_string "__APP__" --replace_string "$app" --target_file ../conf/login_source.sql
|
||||
ynh_mysql_connect_as "$dbuser" "$dbpass" "$dbname" < ../conf/login_source.sql
|
||||
|
||||
@ -113,6 +112,10 @@ ynh_add_fail2ban_config --logpath "/var/log/$app/gitea.log" --failregex ".*Faile
|
||||
ynh_script_progression --message="Protecting directory"
|
||||
set_access_settings
|
||||
|
||||
# Create permission
|
||||
ynh_script_progression --message="Configuring permissions"
|
||||
ynh_permission_create --permission="admin" --allowed=$admin
|
||||
|
||||
# Add gitea to YunoHost's monitored services
|
||||
ynh_script_progression --message="Register gitea service..."
|
||||
yunohost service add "$app" --log "/var/log/$app/gitea.log"
|
||||
|
@ -65,7 +65,6 @@ if [[ $migration_process -eq 1 ]]; then
|
||||
ynh_secure_remove --file=$final_path/custom/conf/auth.d
|
||||
|
||||
# Restore authentication from SQL database
|
||||
ynh_replace_string --match_string __ADMIN__ --replace_string "$admin" --target_file ../conf/login_source.sql
|
||||
ynh_replace_string --match_string __APP__ --replace_string "$app" --target_file ../conf/login_source.sql
|
||||
ynh_mysql_connect_as "$dbuser" "$dbpass" "$dbname" < ../conf/login_source.sql
|
||||
|
||||
@ -189,6 +188,20 @@ ynh_add_fail2ban_config --logpath "/var/log/$app/gitea.log" --failregex ".*Faile
|
||||
# GENERIC FINALIZATION
|
||||
#=================================================
|
||||
|
||||
# Set all permissions
|
||||
ynh_script_progression --message="Update permission..."
|
||||
if ! ynh_permission_exists --permission admin; then
|
||||
ynh_app_setting_delete --app $app --key unprotected_uris
|
||||
ynh_permission_create --permission 'admin' --allowed "$admin"
|
||||
# Update ldap config
|
||||
ynh_replace_string --match_string "__APP__" --replace_string "$app" --target_file ../conf/login_source.sql
|
||||
ynh_mysql_connect_as "$dbuser" "$dbpass" "$dbname" < ../conf/login_source.sql
|
||||
fi
|
||||
if [ "$is_public" == '1' ];
|
||||
then
|
||||
ynh_permission_update --permission "main" --add "visitors"
|
||||
fi
|
||||
|
||||
# Set permissions
|
||||
ynh_script_progression --message="Protecting directory"
|
||||
set_permission
|
||||
|
Loading…
Reference in New Issue
Block a user