[fix] #89: Use new permission system
Use ynh_permission_* helpers Keeping BMA accessible to visitors and Duniter admin interface accessible to the selected admin Remove deprecated permission system settings
This commit is contained in:
Moul
parent
a32baa8b3e
commit
39f75cddff
|
|
@ -31,17 +31,22 @@ CONFIGURE_DUNITER () {
|
|||
}
|
||||
|
||||
CONFIG_SSOWAT () {
|
||||
# Add admin to the allowed users
|
||||
yunohost app addaccess $app -u $admin
|
||||
# Protect senstive sub-routes to Duniter web admin interface, give access to choosen admin
|
||||
if ! ynh_permission_exists --permission "admin"; then
|
||||
ynh_permission_create --permission "admin" --url "/webui","/webmin" --allowed "$admin"
|
||||
fi
|
||||
|
||||
# Protect senstive sub-routes
|
||||
ynh_app_setting_set "$app" protected_uris "/webui","/webmin"
|
||||
|
||||
# Duniter is public app, with only some parts restricted in nginx.conf
|
||||
ynh_app_setting_set "$app" unprotected_uris "/","/modules"
|
||||
# Add access to BMA
|
||||
ynh_permission_update --permission main --add visitors
|
||||
|
||||
# Set URL redirection from root to webadmin
|
||||
ynh_app_setting_set "$app" redirected_urls "{'$domain/':'$domain/webui'}"
|
||||
|
||||
# Remove deprecated permission system settings
|
||||
if [ ! -z "$(ynh_app_setting_get --app=$app --key=protected_uris)" ]; then
|
||||
ynh_app_setting_delete --app=$app --key=protected_uris
|
||||
ynh_app_setting_delete --app=$app --key=unprotected_uris
|
||||
fi
|
||||
}
|
||||
|
||||
CONFIG_NGINX () {
|
||||
|
|
|
|||
Loading…
Reference in New Issue