nik/FreedomBox
1
0
Fork 0
mirror of https://github.com/freedombox/FreedomBox.git synced 2026-05-20 10:34:30 +00:00
Code Issues Packages Projects Releases Wiki Activity
FreedomBox/plinth/modules/searx/__init__.py
Joseph Nuthalapati e04ae48637
users: Add component for managing users and groups 
- Handle groups needed by an app.
- Handle reserved usernames for an app.
- Updated documentation
- Updated unit tests

Tests performed:
  - Reserved usernames: ez-ipupd, ejabberd, Debian-minetest, mldonkey,
    monkeysphere, mumble-server, privoxy, quasselcore, radicale, debian-tor,
    debian-transmission
  - Reserved usernames checks should work in the following forms:
    - Create user
    - Update user
    - First boot user creation
  - Full list of available groups should appear in following cases:
    - Create user form
    - Update user form
  - Full list of groups should get created in Django DB during:
    - Update user form display
    - First boot form save
  - When updating the last admin user, the 'admin' group choice is checked
    and disabled.
  - Following groups show up (sorted by group name):
    - bit-torrent: Download files using BitTorrent applications
    - git-access: Read-write access to Git repositories
    - i2p: Manage I2P application
    - wiki: View and edit wiki applications
    - minidlna: Media streaming server
    - ed2k: Download files using eDonkey applications
    - freedombox-share: Access to the private shares
    - web-search: Search the web
    - syncthing: Administer Syncthing application
    - feed-reader: Read and subscribe to news feeds
    - admin: Access to all services and system settings
  - Directory validation form checks for write permissions for following apps:
    - deluge with debian-deluged user
    - transmission with debian-transmission user
  - Sharing app should show all the groups in add/edit share forms
  - The following apps should get added to share group during setup:
    debian-transmission
    debian-deluged
  - Unit tests pass
  - Functional tests for users and groups pass
  - Test that an app (example syncthing) provides the necessary
    permissions to users in that group (but not in admin group).

Signed-off-by: Joseph Nuthalapati <njoseph@riseup.net>
[sunil: Fix i18n of group descriptions]
[sunil: Update developer documentation]
[sunil: Separate out cosmetic changes]
[sunil: Fix component ID for mumble]
[sunil: sharing: Remove unneeded dependency on users app]
[sunil: Implement better API for getting groups in component]
[sunil: Fix incorrect regression change ttrss app]
[sunil: Make iterating over gourps more readable]
[sunil: Improve tests, drop single use fixtures]
[sunil: Simplify test_view.py fixture]
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Tested-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
2020-04-04 09:31:35 -04:00

149 lines
4.9 KiB
Python
Raw Blame History

# SPDX-License-Identifier: AGPL-3.0-or-later
"""
FreedomBox app to configure Searx.
"""
import os
from django.utils.translation import ugettext_lazy as _
from plinth import actions
from plinth import app as app_module
from plinth import frontpage, menu
from plinth.modules.apache.components import Uwsgi, Webserver
from plinth.modules.firewall.components import Firewall
from plinth.modules.users.components import UsersAndGroups
from .manifest import (PUBLIC_ACCESS_SETTING_FILE, # noqa, pylint: disable=unused-import
backup, clients)
version = 4
managed_packages = ['searx', 'uwsgi', 'uwsgi-plugin-python3']
_description = [
_('Searx is a privacy-respecting Internet metasearch engine. '
'It aggregrates and displays results from multiple search engines.'),
_('Searx can be used to avoid tracking and profiling by search engines. '
'It stores no cookies by default.')
]
manual_page = 'Searx'
app = None
class SearxApp(app_module.App):
"""FreedomBox app for Searx."""
app_id = 'searx'
def __init__(self):
"""Create components for the app."""
super().__init__()
groups = {'web-search': _('Search the web')}
info = app_module.Info(app_id=self.app_id, version=version,
name=_('Searx'), icon_filename='searx',
short_description=_('Web Search'),
description=_description, manual_page='Searx',
clients=clients)
self.add(info)
menu_item = menu.Menu('menu-searx', info.name, info.short_description,
info.icon_filename, 'searx:index',
parent_url_name='apps')
self.add(menu_item)
shortcut = frontpage.Shortcut(
'shortcut-searx', info.name,
short_description=info.short_description, icon=info.icon_filename,
url='/searx/', clients=info.clients,
login_required=(not is_public_access_enabled()),
allowed_groups=list(groups))
self.add(shortcut)
firewall = Firewall('firewall-searx', info.name,
ports=['http', 'https'], is_external=True)
self.add(firewall)
webserver = Webserver('webserver-searx', 'searx-freedombox',
urls=['https://{host}/searx/'])
self.add(webserver)
webserver = SearxWebserverAuth('webserver-searx-auth',
'searx-freedombox-auth')
self.add(webserver)
uwsgi = Uwsgi('uwsgi-searx', 'searx')
self.add(uwsgi)
users_and_groups = UsersAndGroups('users-and-groups-searx',
groups=groups)
self.add(users_and_groups)
def set_shortcut_login_required(self, login_required):
"""Change the login_required property of shortcut."""
shortcut = self.remove('shortcut-searx')
shortcut.login_required = login_required
self.add(shortcut)
class SearxWebserverAuth(Webserver):
"""Component to handle Searx authentication webserver configuration."""
def is_enabled(self):
"""Return if configuration is enabled or public access is enabled."""
return is_public_access_enabled() or super().is_enabled()
def enable(self):
"""Enable apache configuration only if public access is disabled."""
if not is_public_access_enabled():
super().enable()
def init():
"""Initialize the module."""
global app
app = SearxApp()
setup_helper = globals()['setup_helper']
if setup_helper.get_state() != 'needs-setup' and app.is_enabled():
app.set_enabled(True)
def setup(helper, old_version=None):
"""Install and configure the module."""
helper.install(managed_packages)
helper.call('post', actions.superuser_run, 'searx', ['setup'])
if not old_version or old_version < 3:
helper.call('post', actions.superuser_run, 'searx',
['disable-public-access'])
helper.call('post', app.enable)
app.set_shortcut_login_required(True)
def get_safe_search_setting():
"""Get the current value of the safe search setting for Searx."""
value = actions.superuser_run('searx', ['get-safe-search'])
return int(value.strip())
def is_public_access_enabled():
"""Check whether public access is enabled for Searx."""
return os.path.exists(PUBLIC_ACCESS_SETTING_FILE)
def enable_public_access():
"""Allow Searx app to be accessed by anyone with access."""
actions.superuser_run('searx', ['enable-public-access'])
app.get_component('webserver-searx-auth').disable()
app.set_shortcut_login_required(False)
def disable_public_access():
"""Allow Searx app to be accessed by logged-in users only."""
actions.superuser_run('searx', ['disable-public-access'])
app.get_component('webserver-searx-auth').enable()
app.set_shortcut_login_required(True)
Reference in New Issue View Git Blame Copy Permalink