mirror of
https://framagit.org/YunoHost-Apps/gitea_ynh.git
synced 2024-11-21 18:41:35 +01:00
Add group-permission support
This commit is contained in:
parent
f933d40896
commit
3f8bc89834
@ -1,3 +1,6 @@
|
|||||||
INSERT INTO `__APP__`.`login_source` (`id`, `type`, `name`, `is_actived`, `cfg`, `created_unix`, `updated_unix`) VALUES
|
INSERT INTO `__APP__`.`login_source`
|
||||||
('1', '2', 'Yunohost LDAP', '1', '{"Name":"Yunohost LDAP","Host":"localhost","Port":389,"UseSSL":false,"BindDN":"","BindPassword":"","UserBase":"ou=users,dc=yunohost,dc=org","AttributeName":"givenName","AttributeSurname":"sn","AttributeMail":"mail","Filter":"(uid=%s)","AdminFilter":"(uid=__ADMIN__)","Enabled":true}', '1464014433', '1464015955')
|
(`id`, `type`, `name`, `is_actived`, `cfg`, `created_unix`, `updated_unix`)
|
||||||
ON DUPLICATE KEY UPDATE cfg='{"Name":"Yunohost LDAP","Host":"localhost","Port":389,"UseSSL":false,"BindDN":"","BindPassword":"","UserBase":"ou=users,dc=yunohost,dc=org","AttributeName":"givenName","AttributeSurname":"sn","AttributeMail":"mail","Filter":"(uid=%s)","AdminFilter":"(uid=__ADMIN__)","Enabled":true}'
|
VALUES
|
||||||
|
('1', '2', 'Yunohost LDAP', '1', '{"Name":"Yunohost LDAP","Host":"localhost","Port":389,"UseSSL":false,"BindDN":"","BindPassword":"","UserBase":"ou=users,dc=yunohost,dc=org","AttributeName":"givenName","AttributeSurname":"sn","AttributeMail":"mail","Filter":"(&(uid=%s)(objectClass=posixAccount)(permission=cn=__APP__.main,ou=permission,dc=yunohost,dc=org))","AdminFilter":"(permission=cn=__APP__.admin,ou=permission,dc=yunohost,dc=org)","Enabled":true}', '1464014433', '1464015955')
|
||||||
|
ON DUPLICATE KEY
|
||||||
|
UPDATE cfg='{"Name":"Yunohost LDAP","Host":"localhost","Port":389,"UseSSL":false,"BindDN":"","BindPassword":"","UserBase":"ou=users,dc=yunohost,dc=org","AttributeName":"givenName","AttributeSurname":"sn","AttributeMail":"mail","Filter":"(&(uid=%s)(objectClass=posixAccount)(permission=cn=__APP__.main,ou=permission,dc=yunohost,dc=org))","AdminFilter":"(permission=cn=__APP__.admin,ou=permission,dc=yunohost,dc=org)","Enabled":true}';
|
||||||
|
@ -20,7 +20,7 @@
|
|||||||
"mysql"
|
"mysql"
|
||||||
],
|
],
|
||||||
"requirements": {
|
"requirements": {
|
||||||
"yunohost": ">= 3.6.4"
|
"yunohost": ">= 3.7.0.6"
|
||||||
},
|
},
|
||||||
"arguments": {
|
"arguments": {
|
||||||
"install" : [
|
"install" : [
|
||||||
|
@ -87,10 +87,8 @@ set_permission() {
|
|||||||
}
|
}
|
||||||
|
|
||||||
set_access_settings() {
|
set_access_settings() {
|
||||||
if [ "$is_public" = '1' ]
|
if [ "$is_public" == '1' ];
|
||||||
then
|
then
|
||||||
ynh_app_setting_set --app $app --key unprotected_uris --value "/"
|
ynh_permission_update --permission "main" --add "visitors"
|
||||||
else
|
|
||||||
ynh_app_setting_delete --app $app --key skipped_regex
|
|
||||||
fi
|
fi
|
||||||
}
|
}
|
||||||
|
@ -90,14 +90,13 @@ ynh_script_progression --message="Configuring application, step 2/2..."
|
|||||||
# Start gitea for building mysql tables
|
# Start gitea for building mysql tables
|
||||||
systemctl start "$app".service
|
systemctl start "$app".service
|
||||||
|
|
||||||
# Wait till login_source mysql table is created
|
# Wait untill login_source mysql table is created
|
||||||
while ! $(ynh_mysql_connect_as "$dbuser" "$dbpass" "$dbname" <<< "SELECT * FROM login_source;" &>/dev/null)
|
while ! $(ynh_mysql_connect_as "$dbuser" "$dbpass" "$dbname" <<< "SELECT * FROM login_source;" &>/dev/null)
|
||||||
do
|
do
|
||||||
sleep 2
|
sleep 2
|
||||||
done
|
done
|
||||||
|
|
||||||
# Add ldap config
|
# Add ldap config
|
||||||
ynh_replace_string --match_string "__ADMIN__" --replace_string "$admin" --target_file ../conf/login_source.sql
|
|
||||||
ynh_replace_string --match_string "__APP__" --replace_string "$app" --target_file ../conf/login_source.sql
|
ynh_replace_string --match_string "__APP__" --replace_string "$app" --target_file ../conf/login_source.sql
|
||||||
ynh_mysql_connect_as "$dbuser" "$dbpass" "$dbname" < ../conf/login_source.sql
|
ynh_mysql_connect_as "$dbuser" "$dbpass" "$dbname" < ../conf/login_source.sql
|
||||||
|
|
||||||
@ -113,6 +112,10 @@ ynh_add_fail2ban_config --logpath "/var/log/$app/gitea.log" --failregex ".*Faile
|
|||||||
ynh_script_progression --message="Protecting directory"
|
ynh_script_progression --message="Protecting directory"
|
||||||
set_access_settings
|
set_access_settings
|
||||||
|
|
||||||
|
# Create permission
|
||||||
|
ynh_script_progression --message="Configuring permissions"
|
||||||
|
ynh_permission_create --permission="admin" --allowed=$admin
|
||||||
|
|
||||||
# Add gitea to YunoHost's monitored services
|
# Add gitea to YunoHost's monitored services
|
||||||
ynh_script_progression --message="Register gitea service..."
|
ynh_script_progression --message="Register gitea service..."
|
||||||
yunohost service add "$app" --log "/var/log/$app/gitea.log"
|
yunohost service add "$app" --log "/var/log/$app/gitea.log"
|
||||||
|
@ -65,7 +65,6 @@ if [[ $migration_process -eq 1 ]]; then
|
|||||||
ynh_secure_remove --file=$final_path/custom/conf/auth.d
|
ynh_secure_remove --file=$final_path/custom/conf/auth.d
|
||||||
|
|
||||||
# Restore authentication from SQL database
|
# Restore authentication from SQL database
|
||||||
ynh_replace_string --match_string __ADMIN__ --replace_string "$admin" --target_file ../conf/login_source.sql
|
|
||||||
ynh_replace_string --match_string __APP__ --replace_string "$app" --target_file ../conf/login_source.sql
|
ynh_replace_string --match_string __APP__ --replace_string "$app" --target_file ../conf/login_source.sql
|
||||||
ynh_mysql_connect_as "$dbuser" "$dbpass" "$dbname" < ../conf/login_source.sql
|
ynh_mysql_connect_as "$dbuser" "$dbpass" "$dbname" < ../conf/login_source.sql
|
||||||
|
|
||||||
@ -189,6 +188,20 @@ ynh_add_fail2ban_config --logpath "/var/log/$app/gitea.log" --failregex ".*Faile
|
|||||||
# GENERIC FINALIZATION
|
# GENERIC FINALIZATION
|
||||||
#=================================================
|
#=================================================
|
||||||
|
|
||||||
|
# Set all permissions
|
||||||
|
ynh_script_progression --message="Update permission..."
|
||||||
|
if ! ynh_permission_exists --permission admin; then
|
||||||
|
ynh_app_setting_delete --app $app --key unprotected_uris
|
||||||
|
ynh_permission_create --permission 'admin' --allowed "$admin"
|
||||||
|
# Update ldap config
|
||||||
|
ynh_replace_string --match_string "__APP__" --replace_string "$app" --target_file ../conf/login_source.sql
|
||||||
|
ynh_mysql_connect_as "$dbuser" "$dbpass" "$dbname" < ../conf/login_source.sql
|
||||||
|
fi
|
||||||
|
if [ "$is_public" == '1' ];
|
||||||
|
then
|
||||||
|
ynh_permission_update --permission "main" --add "visitors"
|
||||||
|
fi
|
||||||
|
|
||||||
# Set permissions
|
# Set permissions
|
||||||
ynh_script_progression --message="Protecting directory"
|
ynh_script_progression --message="Protecting directory"
|
||||||
set_permission
|
set_permission
|
||||||
|
Loading…
Reference in New Issue
Block a user