Add support to sync yunohost group to organisation teams

doc/ADMIN.md

@@ -46,7 +46,7 @@ client_max_body_size 200M;
 Don't forget to restart Gitea:
 
 ```bash
-sudo systemctl restart __APP__.service`.
+sudo systemctl restart __APP__.service.
 ```
 
 > These settings are restored to the default configuration when updating Gitea. Remember to restore your configuration after all updates.
@@ -65,6 +65,20 @@ If you want to bypass the safety backup before upgrading, run:
 yunohost app upgrade --no-safety-backup __APP__
 ```
 
+## Group management
+
+Gitea support Yunohost group sync with Gitea Organisation Team.
+As the organisation link to the group depends of the instance this should be configured by the admin on the gitea configuration interface in `DOMAIN/GITEA_PATH/admin/auths/1`.
+Normally the admin just need to set the correct value of the `LDAP Group Team Map` parameter with something like this:
+```json
+{"cn=GROUPE_A_YNH,ou=groups,dc=yunohost,dc=org": {"gitea_organisation": ["gitea_team_A"]},
+ "cn=GROUPE_B_YNH,ou=groups,dc=yunohost,dc=org": {"gitea_organisation": ["gitea_team_B"]}}
+```
+
+By this all members of the Yunohost groupe `GROUPE_A_YNH` will be member of the gitea team `gitea_team_A` of the organisation `gitea_organisation`.
+
+**Note all others parameter are managed by the Yunohost package and should not be changed.**
+
 ## Backup
 
 This application now uses the core-only feature of the backup. To keep the integrity of the data and to have a better guarantee of the restoration it is recommended to proceed as follows:

scripts/install

@@ -88,6 +88,7 @@ ynh_systemd_action --service_name="$app" --action=start --log_path="/var/log/$ap
 
 # Add ldap config
 ynh_replace_string --match_string=__APP__ --replace_string="$app" --target_file=./login_source.sql
+ynh_replace_string --match_string=__GROUP_TEAM_MAP__ --replace_string='""' --target_file=./login_source.sql
 ynh_mysql_connect_as "$db_user" "$db_pwd" "$db_name" < ./login_source.sql
 
 # Stop the service to restart it just afterwards

scripts/login_source.sql

@@ -34,7 +34,7 @@ VALUES
         "GroupDN": "ou=groups,dc=yunohost,dc=org",
         "GroupFilter": "",
         "GroupMemberUID": "memberUid",
-        "GroupTeamMap": "",
+        "GroupTeamMap": __GROUP_TEAM_MAP__,
         "GroupTeamMapRemoval": true,
         "UserUID": "uid"
     }',
@@ -73,7 +73,7 @@ UPDATE
         "GroupDN": "ou=groups,dc=yunohost,dc=org",
         "GroupFilter": "",
         "GroupMemberUID": "memberUid",
-        "GroupTeamMap": "",
+        "GroupTeamMap": __GROUP_TEAM_MAP__,
         "GroupTeamMapRemoval": true,
         "UserUID": "uid"
     }',

scripts/upgrade

@@ -109,6 +109,12 @@ ynh_add_config --template=app.ini --destination="$install_dir/custom/conf/app.in
 _set_permissions
 
 # Update ldap config
+
+# Note that the 'GroupTeamMap' depends of the user need so we can't apply a generic values for all instances
+# So to avoid to override the value after each update we retrive and apply the user value
+group_team_map_config=$(mysql --user="$db_user" --password="$db_pwd" --batch --raw "$db_name" <<< 'SELECT `cfg` FROM `'$app'`.`login_source` WHERE `id`=1;' \
+    | tail -n+2 | jq '.GroupTeamMap')
+sed -i 's|__GROUP_TEAM_MAP__|'"${group_team_map_config//\\/\\\\\\\\}"'|g' ./login_source.sql
 ynh_replace_string --match_string=__APP__ --replace_string="$app" --target_file=./login_source.sql
 ynh_mysql_connect_as "$db_user" "$db_pwd" "$db_name" < ./login_source.sql