diff --git a/doc/ADMIN.md b/doc/ADMIN.md index 14f1bed..13ad761 100644 --- a/doc/ADMIN.md +++ b/doc/ADMIN.md @@ -46,7 +46,7 @@ client_max_body_size 200M; Don't forget to restart Gitea: ```bash -sudo systemctl restart __APP__.service`. +sudo systemctl restart __APP__.service. ``` > These settings are restored to the default configuration when updating Gitea. Remember to restore your configuration after all updates. @@ -65,6 +65,20 @@ If you want to bypass the safety backup before upgrading, run: yunohost app upgrade --no-safety-backup __APP__ ``` +## Group management + +Gitea support Yunohost group sync with Gitea Organisation Team. +As the organisation link to the group depends of the instance this should be configured by the admin on the gitea configuration interface in `DOMAIN/GITEA_PATH/admin/auths/1`. +Normally the admin just need to set the correct value of the `LDAP Group Team Map` parameter with something like this: +```json +{"cn=GROUPE_A_YNH,ou=groups,dc=yunohost,dc=org": {"gitea_organisation": ["gitea_team_A"]}, + "cn=GROUPE_B_YNH,ou=groups,dc=yunohost,dc=org": {"gitea_organisation": ["gitea_team_B"]}} +``` + +By this all members of the Yunohost groupe `GROUPE_A_YNH` will be member of the gitea team `gitea_team_A` of the organisation `gitea_organisation`. + +**Note all others parameter are managed by the Yunohost package and should not be changed.** + ## Backup This application now uses the core-only feature of the backup. To keep the integrity of the data and to have a better guarantee of the restoration it is recommended to proceed as follows: diff --git a/scripts/install b/scripts/install index 3bf2ce3..8ed9a0d 100644 --- a/scripts/install +++ b/scripts/install @@ -88,6 +88,7 @@ ynh_systemd_action --service_name="$app" --action=start --log_path="/var/log/$ap # Add ldap config ynh_replace_string --match_string=__APP__ --replace_string="$app" --target_file=./login_source.sql +ynh_replace_string --match_string=__GROUP_TEAM_MAP__ --replace_string='""' --target_file=./login_source.sql ynh_mysql_connect_as "$db_user" "$db_pwd" "$db_name" < ./login_source.sql # Stop the service to restart it just afterwards diff --git a/scripts/login_source.sql b/scripts/login_source.sql index 4afde52..25c71eb 100644 --- a/scripts/login_source.sql +++ b/scripts/login_source.sql @@ -34,7 +34,7 @@ VALUES "GroupDN": "ou=groups,dc=yunohost,dc=org", "GroupFilter": "", "GroupMemberUID": "memberUid", - "GroupTeamMap": "", + "GroupTeamMap": __GROUP_TEAM_MAP__, "GroupTeamMapRemoval": true, "UserUID": "uid" }', @@ -73,7 +73,7 @@ UPDATE "GroupDN": "ou=groups,dc=yunohost,dc=org", "GroupFilter": "", "GroupMemberUID": "memberUid", - "GroupTeamMap": "", + "GroupTeamMap": __GROUP_TEAM_MAP__, "GroupTeamMapRemoval": true, "UserUID": "uid" }', diff --git a/scripts/upgrade b/scripts/upgrade index 7719d42..4512cc2 100644 --- a/scripts/upgrade +++ b/scripts/upgrade @@ -109,6 +109,12 @@ ynh_add_config --template=app.ini --destination="$install_dir/custom/conf/app.in _set_permissions # Update ldap config + +# Note that the 'GroupTeamMap' depends of the user need so we can't apply a generic values for all instances +# So to avoid to override the value after each update we retrive and apply the user value +group_team_map_config=$(mysql --user="$db_user" --password="$db_pwd" --batch --raw "$db_name" <<< 'SELECT `cfg` FROM `'$app'`.`login_source` WHERE `id`=1;' \ + | tail -n+2 | jq '.GroupTeamMap') +sed -i 's|__GROUP_TEAM_MAP__|'"${group_team_map_config//\\/\\\\\\\\}"'|g' ./login_source.sql ynh_replace_string --match_string=__APP__ --replace_string="$app" --target_file=./login_source.sql ynh_mysql_connect_as "$db_user" "$db_pwd" "$db_name" < ./login_source.sql