def _clear_dummy_app_settings():
# Clean dummy app settings
for app in _installed_apps():
if _get_app_settings(app).get('dummy_permission_app', False):
app_setting_path = os.path.join(APPS_SETTING_PATH, app)
if os.path.exists(app_setting_path):
shutil.rmtree(app_setting_path)
def migrate_legacy_permission_settings(app=None):
logger.info(m18n.n("migrating_legacy_permission_settings"))
apps = _installed_apps()
if app:
if app not in apps:
logger.error(
"Can't migrate permission for app %s because it ain't installed..."
% app)
apps = []
else:
apps = [app]
for app in apps:
settings = _get_app_settings(app) or {}
if settings.get("label"):
user_permission_update(app + ".main",
label=settings["label"],
sync_perm=False)
del settings["label"]
def _setting(name):
s = settings.get(name)
return s.split(',') if s else []
skipped_urls = [uri for uri in _setting('skipped_uris') if uri != '/']
skipped_urls += ['re:' + regex for regex in _setting('skipped_regex')]
unprotected_urls = [
uri for uri in _setting('unprotected_uris') if uri != '/'
]
unprotected_urls += [
're:' + regex for regex in _setting('unprotected_regex')
]
protected_urls = [
uri for uri in _setting('protected_uris') if uri != '/'
]
protected_urls += [
're:' + regex for regex in _setting('protected_regex')
]
if skipped_urls != []:
permission_create(app + ".legacy_skipped_uris",
additional_urls=skipped_urls,
auth_header=False,
label=legacy_permission_label(app, "skipped"),
show_tile=False,
allowed='visitors',
protected=True,
sync_perm=False)
if unprotected_urls != []:
permission_create(app + ".legacy_unprotected_uris",
additional_urls=unprotected_urls,
auth_header=True,
label=legacy_permission_label(
app, "unprotected"),
show_tile=False,
allowed='visitors',
protected=True,
sync_perm=False)
if protected_urls != []:
permission_create(app + ".legacy_protected_uris",
additional_urls=protected_urls,
auth_header=True,
label=legacy_permission_label(app, "protected"),
show_tile=False,
allowed=user_permission_list()['permissions'][
app + ".main"]['allowed'],
protected=True,
sync_perm=False)
legacy_permission_settings = [
"skipped_uris", "unprotected_uris", "protected_uris",
"skipped_regex", "unprotected_regex", "protected_regex"
]
for key in legacy_permission_settings:
if key in settings:
del settings[key]
_set_app_settings(app, settings)
permission_sync_to_user()
def domain_remove(operation_logger, domain, remove_apps=False, force=False):
"""
Delete domains
Keyword argument:
domain -- Domain to delete
remove_apps -- Remove applications installed on the domain
force -- Force the domain removal and don't not ask confirmation to
remove apps if remove_apps is specified
"""
from yunohost.hook import hook_callback
from yunohost.app import app_ssowatconf, app_info, app_remove
from yunohost.utils.ldap import _get_ldap_interface
# the 'force' here is related to the exception happening in domain_add ...
# we don't want to check the domain exists because the ldap add may have
# failed
if not force and domain not in domain_list()['domains']:
raise YunohostError('domain_name_unknown', domain=domain)
# Check domain is not the main domain
if domain == _get_maindomain():
other_domains = domain_list()["domains"]
other_domains.remove(domain)
if other_domains:
raise YunohostError(
"domain_cannot_remove_main",
domain=domain,
other_domains="\n * " + ("\n * ".join(other_domains)),
)
else:
raise YunohostError("domain_cannot_remove_main_add_new_one",
domain=domain)
# Check if apps are installed on the domain
apps_on_that_domain = []
for app in _installed_apps():
settings = _get_app_settings(app)
label = app_info(app)["name"]
if settings.get("domain") == domain:
apps_on_that_domain.append(
(app, " - %s \"%s\" on https://%s%s" %
(app, label, domain, settings["path"])
if "path" in settings else app))
if apps_on_that_domain:
if remove_apps:
if msettings.get('interface') == "cli" and not force:
answer = msignals.prompt(m18n.n(
'domain_remove_confirm_apps_removal',
apps="\n".join([x[1] for x in apps_on_that_domain]),
answers='y/N'),
color="yellow")
if answer.upper() != "Y":
raise YunohostError("aborting")
for app, _ in apps_on_that_domain:
app_remove(app)
else:
raise YunohostError('domain_uninstall_app_first',
apps="\n".join(
[x[1] for x in apps_on_that_domain]))
operation_logger.start()
ldap = _get_ldap_interface()
try:
ldap.remove("virtualdomain=" + domain + ",ou=domains")
except Exception as e:
raise YunohostError("domain_deletion_failed", domain=domain, error=e)
os.system("rm -rf /etc/yunohost/certs/%s" % domain)
# Sometime we have weird issues with the regenconf where some files
# appears as manually modified even though they weren't touched ...
# There are a few ideas why this happens (like backup/restore nginx
# conf ... which we shouldnt do ...). This in turns creates funky
# situation where the regenconf may refuse to re-create the conf
# (when re-creating a domain..)
#
# So here we force-clear the has out of the regenconf if it exists.
# This is a pretty ad hoc solution and only applied to nginx
# because it's one of the major service, but in the long term we
# should identify the root of this bug...
_force_clear_hashes(["/etc/nginx/conf.d/%s.conf" % domain])
# And in addition we even force-delete the file Otherwise, if the file was
# manually modified, it may not get removed by the regenconf which leads to
# catastrophic consequences of nginx breaking because it can't load the
# cert file which disappeared etc..
if os.path.exists("/etc/nginx/conf.d/%s.conf" % domain):
_process_regen_conf("/etc/nginx/conf.d/%s.conf" % domain,
new_conf=None,
save=True)
regen_conf(names=["nginx", "metronome", "dnsmasq", "postfix"])
app_ssowatconf()
hook_callback("post_domain_remove", args=[domain])
logger.success(m18n.n("domain_deleted"))
def domain_remove(operation_logger, domain, force=False):
"""
Delete domains
Keyword argument:
domain -- Domain to delete
force -- Force the domain removal
"""
from yunohost.hook import hook_callback
from yunohost.app import app_ssowatconf, app_info
from yunohost.utils.ldap import _get_ldap_interface
if not force and domain not in domain_list()['domains']:
raise YunohostError('domain_name_unknown', domain=domain)
# Check domain is not the main domain
if domain == _get_maindomain():
other_domains = domain_list()["domains"]
other_domains.remove(domain)
if other_domains:
raise YunohostError('domain_cannot_remove_main',
domain=domain,
other_domains="\n * " +
("\n * ".join(other_domains)))
else:
raise YunohostError('domain_cannot_remove_main_add_new_one',
domain=domain)
# Check if apps are installed on the domain
apps_on_that_domain = []
for app in _installed_apps():
settings = _get_app_settings(app)
label = app_info(app)["name"]
if settings.get("domain") == domain:
apps_on_that_domain.append(" - %s \"%s\" on https://%s%s" %
(app, label, domain, settings["path"])
if "path" in settings else app)
if apps_on_that_domain:
raise YunohostError('domain_uninstall_app_first',
apps="\n".join(apps_on_that_domain))
operation_logger.start()
ldap = _get_ldap_interface()
try:
ldap.remove('virtualdomain=' + domain + ',ou=domains')
except Exception as e:
raise YunohostError('domain_deletion_failed', domain=domain, error=e)
os.system('rm -rf /etc/yunohost/certs/%s' % domain)
# Sometime we have weird issues with the regenconf where some files
# appears as manually modified even though they weren't touched ...
# There are a few ideas why this happens (like backup/restore nginx
# conf ... which we shouldnt do ...). This in turns creates funky
# situation where the regenconf may refuse to re-create the conf
# (when re-creating a domain..)
#
# So here we force-clear the has out of the regenconf if it exists.
# This is a pretty ad hoc solution and only applied to nginx
# because it's one of the major service, but in the long term we
# should identify the root of this bug...
_force_clear_hashes(["/etc/nginx/conf.d/%s.conf" % domain])
# And in addition we even force-delete the file Otherwise, if the file was
# manually modified, it may not get removed by the regenconf which leads to
# catastrophic consequences of nginx breaking because it can't load the
# cert file which disappeared etc..
if os.path.exists("/etc/nginx/conf.d/%s.conf" % domain):
_process_regen_conf("/etc/nginx/conf.d/%s.conf" % domain,
new_conf=None,
save=True)
regen_conf(names=['nginx', 'metronome', 'dnsmasq', 'postfix'])
app_ssowatconf()
hook_callback('post_domain_remove', args=[domain])
logger.success(m18n.n('domain_deleted'))