diff --git a/roles/wiki_js/defaults/main.json b/roles/wiki_js/defaults/main.json index 07a1bda..6e94256 100644 --- a/roles/wiki_js/defaults/main.json +++ b/roles/wiki_js/defaults/main.json @@ -27,5 +27,8 @@ "var_wiki_js_email_sending_sender_name": "Wiki.js", "var_wiki_js_email_sending_sender_email_address": "wiki-js@example.org", "var_wiki_js_admin_email_address": "wiki-js-admin@example.org", - "var_wiki_js_admin_password": "REPLACE_ME" + "var_wiki_js_admin_password": "REPLACE_ME", + "var_wiki_js_additional_locales": [], + "var_wiki_js_user_group_name": "Default", + "var_wiki_js_allow_guest_view": true } diff --git a/roles/wiki_js/files/cli.js b/roles/wiki_js/files/cli.js index bfa6cb8..dd1b87e 100644 --- a/roles/wiki_js/files/cli.js +++ b/roles/wiki_js/files/cli.js @@ -67,50 +67,6 @@ wiki_js.cli.helpers.file = (wiki_js.cli.helpers.file || {}); }) (wiki_js.cli.helpers.file) -var wiki_js; -wiki_js = (wiki_js || {}); -wiki_js.cli = (wiki_js.cli || {}); -wiki_js.cli.helpers = (wiki_js.cli.helpers || {}); -wiki_js.cli.helpers.http = (wiki_js.cli.helpers.http || {}); -(function (exports) { - - /** - */ - async function call( - http_request - ) - { - wiki_js.cli.helpers.log.write( - "debug", - "http_call_request", - http_request - ); - const fetch_request = new Request( - http_request.target, - { - "method": http_request.method, - "headers": http_request.headers, - "body": http_request.body, - } - ); - const fetch_response = await fetch(fetch_request); - const http_response = { - "status_code": fetch_response.status, - "headers": fetch_response.headers, - "body": await fetch_response.text(), - }; - wiki_js.cli.helpers.log.write( - "debug", - "http_call_response", - http_response - ); - return http_response; - } - exports.call = call; - -}) (wiki_js.cli.helpers.http) - - var wiki_js; wiki_js = (wiki_js || {}); wiki_js.cli = (wiki_js.cli || {}); @@ -174,6 +130,50 @@ wiki_js.cli.helpers.log = (wiki_js.cli.helpers.log || {}); }) (wiki_js.cli.helpers.log); +var wiki_js; +wiki_js = (wiki_js || {}); +wiki_js.cli = (wiki_js.cli || {}); +wiki_js.cli.helpers = (wiki_js.cli.helpers || {}); +wiki_js.cli.helpers.http = (wiki_js.cli.helpers.http || {}); +(function (exports) { + + /** + */ + async function call( + http_request + ) + { + wiki_js.cli.helpers.log.write( + "debug", + "http_call_request", + http_request + ); + const fetch_request = new Request( + http_request.target, + { + "method": http_request.method, + "headers": http_request.headers, + "body": http_request.body, + } + ); + const fetch_response = await fetch(fetch_request); + const http_response = { + "status_code": fetch_response.status, + "headers": fetch_response.headers, + "body": await fetch_response.text(), + }; + wiki_js.cli.helpers.log.write( + "debug", + "http_call_response", + http_response + ); + return http_response; + } + exports.call = call; + +}) (wiki_js.cli.helpers.http) + + var wiki_js; wiki_js = (wiki_js || {}); wiki_js.cli = (wiki_js.cli || {}); @@ -489,6 +489,146 @@ wiki_js.cli.api = (wiki_js.cli.api || {}); exports.call_email_settings_set = call_email_settings_set; + /** + */ + function call_locale_download( + locale + ) + { + wiki_js.cli.helpers.log.write( + "info", + "api_call_locale_download", + { + "locale": locale, + } + ); + return ( + call_generic_graphql( + "mutation ($locale: String!) {localization {downloadLocale(locale: $locale) {responseResult {succeeded errorCode slug message __typename} __typename}__typename}}", + { + "login_token": login_token, + "variables": { + "locale": locale, + } + } + ) + ); + } + exports.call_locale_download = call_locale_download; + + + /** + */ + function call_group_list( + login_token, + name + ) + { + wiki_js.cli.helpers.log.write( + "info", + "api_call_group_list", + { + } + ); + return ( + call_generic_graphql( + "{groups {list {id name isSystem userCount createdAt updatedAt __typename} __typename}}", + { + "login_token": login_token, + "variables": { + } + } + ) + ); + } + exports.call_group_list = call_group_list; + + + /** + */ + function call_group_create( + login_token, + name + ) + { + wiki_js.cli.helpers.log.write( + "info", + "api_call_group_create", + { + "name": name, + } + ); + return ( + call_generic_graphql( + "mutation ($name: String!) {groups {create(name: $name) {responseResult {succeeded errorCode slug message __typename} group {id name createdAt updatedAt __typename} __typename} __typename}}", + { + "login_token": login_token, + "variables": { + "name": name, + } + } + ) + ); + } + exports.call_group_create = call_group_create; + + + /** + * @param permissions_general { + * Array< + * string + * > + * } + * @param permissions_page_specific { + * Array< + * { + * id:string; + * path:string; + * roles:Array< + * string + * >; + * match:string; + * deny:boolean; + * locales:Array< + * string + * >; + * } + * > + * } + */ + function call_group_update( + login_token, + group_id, + name, + permissions_general, + permissions_page_specific + ) + { + wiki_js.cli.helpers.log.write( + "info", + "api_call_group_update", + { + } + ); + return ( + call_generic_graphql( + "mutation ($id: Int!, $name: String!, $redirectOnLogin: String!, $permissions: [String]!, $pageRules: [PageRuleInput]!) {groups {update(id: $id, name: $name, redirectOnLogin: $redirectOnLogin, permissions: $permissions, pageRules: $pageRules) {responseResult {succeeded errorCode slug message __typename} __typename} __typename}}", + { + "login_token": login_token, + "variables": { + "id": group_id, + "name": name, + "redirectOnLogin": "/", + "permissions": permissions_general, + "pageRules": permissions_page_specific, + } + } + ) + ); + } + exports.call_group_update = call_group_update; + + /** */ function call_authentication_strategy_list( @@ -580,7 +720,7 @@ wiki_js.cli.api = (wiki_js.cli.api || {}); ); } exports.call_theming_set = call_theming_set; - + }) (wiki_js.cli.api); @@ -658,6 +798,91 @@ wiki_js.cli.logic = (wiki_js.cli.logic || {}); exports.email_settings_set = email_settings_set; + /** + */ + async function group_identify( + name + ) + { + const data = await wiki_js.cli.api.call_group_list(); + const hits = ( + data["groups"]["list"] + .filter( + (entry) => (entry["name"] === name) + ) + ); + if (hits.length !== 1) { + return Promise.reject(new Error("not found or ambiguous")); + } + else { + return Promise.resolve(hits[0]["id"]); + } + } + exports.group_identify = group_identify; + + + /** + * returns the ID of the generated group + */ + async function group_add( + name, + options = {} + ) + { + options = Object.assign( + { + "permissions_general": [], + "permissions_specific": [], + }, + options + ); + const login_token = await wiki_js.cli.api.call_login_local( + ); + const result_1 = await wiki_js.cli.api.call_group_create( + login_token, + name + ); + const id = result_1["groups"]["create"]["group"]["id"]; + const result_2 = await wiki_js.cli.api.call_group_update( + login_token, + id, + name, + options.permissions_general, + options.permissions_specific + ); + return Promise.resolve(id); + } + exports.group_add = group_add; + + + /** + */ + async function group_modify( + id, + options = {} + ) + { + options = Object.assign( + { + "permissions_general": [], + "permissions_specific": [], + }, + options + ); + const login_token = await wiki_js.cli.api.call_login_local( + ); + const result = await wiki_js.cli.api.call_group_update( + login_token, + id, + name, + options.permissions_general, + options.permissions_specific + ); + return Promise.resolve(undefined); + } + exports.group_modify = group_modify; + + /** */ async function authentication_strategy_list( @@ -674,6 +899,17 @@ wiki_js.cli.logic = (wiki_js.cli.logic || {}); /** + * @param strategy { + * { + * key:string; + * name:string; + * client_id:string; + * client_secret:string; + * authorization_url:string; + * token_url:string; + * user_info_url:string; + * group_assignments:Array; + * } */ async function authentication_strategy_add( strategy @@ -787,7 +1023,10 @@ wiki_js.cli.logic = (wiki_js.cli.logic || {}); ], "selfRegistration": true, "domainWhitelist": [], - "autoEnrollGroups": [] + "autoEnrollGroups": ( + strategy.group_assignments + .map(x => group_identify(x)) + ), }, ] ) @@ -901,7 +1140,7 @@ wiki_js.cli = (wiki_js.cli || {}); // exec if (args.positional.length < 1) { - return Promise.reject("SYNTAX: [node] cli.js [-c ] [-b ] [-u ] [-p ] [ [ […]]]\n\n\t = init | email-settings-set | auth-strat-list | auth-strat-add-oauth2"); + return Promise.reject("SYNTAX: [node] cli.js [-c ] [-b ] [-u ] [-p ] [ [ […]]]\n\n\t = init | email-settings-set | group-add | auth-strat-list | auth-strat-add-oauth2 | theming-set"); } else { const action = args.positional[0]; @@ -957,6 +1196,68 @@ wiki_js.cli = (wiki_js.cli || {}); return Promise.resolve(undefined); } } + case "group-add": { + if (args.positional.length <= 1) { + return Promise.reject("SYNTAX: … group-add [ [ [ […]]]]"); + } + else { + const name = args.positional[1]; + const permissions = args.positional.slice(2); + const result = await wiki_js.cli.logic.group_add( + name, + { + "permissions_general": permissions, + "permissions_specific": [ + { + "id": "default", + "path": "", + "roles": permissions, + "match": "START", + "deny": false, + "locales": [] + } + ], + } + ); + process.stdout.write( + JSON.stringify( + result, + undefined, + "\t" + ) + + + "\n" + ); + } + break; + } + case "group-modify": { + if (args.positional.length <= 2) { + return Promise.reject("SYNTAX: … group-modify [ [ [ […]]]]"); + } + else { + const name = args.positional[1]; + const id = group_identify(name); + const permissions = args.positional.slice(2); + const result = await wiki_js.cli.logic.group_modify( + id, + { + "permissions_general": permissions, + "permissions_specific": [ + { + "id": "default", + "path": "", + "roles": permissions, + "match": "START", + "deny": false, + "locales": [] + } + ], + } + ); + } + break; + } case "auth-strat-list": { const result = await wiki_js.cli.logic.authentication_strategy_list(); process.stdout.write( @@ -973,7 +1274,7 @@ wiki_js.cli = (wiki_js.cli || {}); } case "auth-strat-add-oauth2": { if (args.positional.length <= 7) { - return Promise.reject("SYNTAX: … auth-strat-add-oauth2 "); + return Promise.reject("SYNTAX: … auth-strat-add-oauth2 [ [ [ […]]]]"); } else { await wiki_js.cli.logic.authentication_strategy_add( @@ -985,6 +1286,7 @@ wiki_js.cli = (wiki_js.cli || {}); "authorization_url": args.positional[5], "token_url": args.positional[6], "user_info_url": args.positional[7], + "group_assignments": args.positional.slice(8), } ); return Promise.resolve(undefined); diff --git a/roles/wiki_js/info.md b/roles/wiki_js/info.md index 55e275c..9730dc5 100644 --- a/roles/wiki_js/info.md +++ b/roles/wiki_js/info.md @@ -11,5 +11,4 @@ ## ToDo -- Locale -- Start Page +- start page diff --git a/roles/wiki_js/tasks/main.json b/roles/wiki_js/tasks/main.json index 57f4c47..9c5ecfd 100644 --- a/roles/wiki_js/tasks/main.json +++ b/roles/wiki_js/tasks/main.json @@ -116,7 +116,7 @@ } }, { - "name": "initialize", + "name": "setup | initialize", "become": true, "become_user": "{{var_wiki_js_user}}", "ansible.builtin.command": { @@ -125,7 +125,7 @@ } }, { - "name": "email settings", + "name": "setup | email settings", "become": true, "become_user": "{{var_wiki_js_user}}", "ansible.builtin.command": { @@ -134,22 +134,61 @@ } }, { - "name": "theming", + "name": "setup | locales", + "become": true, + "become_user": "{{var_wiki_js_user}}", + "loop": "{{var_wiki_js_additional_locales}}", + "ansible.builtin.command": { + "chdir": "{{var_wiki_js_directory}}", + "cmd": "node cli.js -b http://127.0.0.1:{{var_wiki_js_port | string}} -u {{var_wiki_js_admin_email_address}} -p {{var_wiki_js_admin_password}} locale-add {{item}}" + } + }, + { + "name": "setup | set guest access | negative", + "when": "not var_wiki_js_allow_guest_view", + "become": true, + "become_user": "{{var_wiki_js_user}}", + "ansible.builtin.command": { + "chdir": "{{var_wiki_js_directory}}", + "cmd": "node cli.js -b http://127.0.0.1:{{var_wiki_js_port | string}} -u {{var_wiki_js_admin_email_address}} -p {{var_wiki_js_admin_password}} group-modify Guests" + } + }, + { + "name": "setup | set guest access | positive", + "when": "var_wiki_js_allow_guest_view", + "become": true, + "become_user": "{{var_wiki_js_user}}", + "ansible.builtin.command": { + "chdir": "{{var_wiki_js_directory}}", + "cmd": "node cli.js -b http://127.0.0.1:{{var_wiki_js_port | string}} -u {{var_wiki_js_admin_email_address}} -p {{var_wiki_js_admin_password}} group-modify Guests read:pages read:assets read:comments" + } + }, + { + "name": "setup | define user group", + "become": true, + "become_user": "{{var_wiki_js_user}}", + "ansible.builtin.command": { + "chdir": "{{var_wiki_js_directory}}", + "cmd": "node cli.js -b http://127.0.0.1:{{var_wiki_js_port | string}} -u {{var_wiki_js_admin_email_address}} -p {{var_wiki_js_admin_password}} group-add {{var_wiki_js_user_group_name}} read:pages read:assets read:comments write:comments write:pages manage:pages delete:pages write:styles write:scripts read:source read:history write:assets manage:assets manage:comments" + } + }, + { + "name": "setup | authentication | authelia", + "when": "var_wiki_js_authentication_kind == 'authelia'", + "become": true, + "become_user": "{{var_wiki_js_user}}", + "ansible.builtin.command": { + "chdir": "{{var_wiki_js_directory}}", + "cmd": "node cli.js -b http://127.0.0.1:{{var_wiki_js_port | string}} -u {{var_wiki_js_admin_email_address}} -p {{var_wiki_js_admin_password}} auth-strat-add-oauth2 {{var_wiki_js_authentication_data_authelia_provider_id}} {{var_wiki_js_authentication_data_authelia_provider_name}} {{var_wiki_js_authentication_data_authelia_client_id}} {{var_wiki_js_authentication_data_authelia_client_secret}} {{var_wiki_js_authentication_data_authelia_url_base}}/api/oidc/authorization {{var_wiki_js_authentication_data_authelia_url_base}}/api/oidc/token {{var_wiki_js_authentication_data_authelia_url_base}}/api/oidc/userinfo {{var_wiki_js_user_group_name}}" + } + }, + { + "name": "setup | theming", "become": true, "become_user": "{{var_wiki_js_user}}", "ansible.builtin.command": { "chdir": "{{var_wiki_js_directory}}", "cmd": "node cli.js -b http://127.0.0.1:{{var_wiki_js_port | string}} -u {{var_wiki_js_admin_email_address}} -p {{var_wiki_js_admin_password}} theming-set 1 left" } - }, - { - "name": "authentication | authelia", - "when": "var_wiki_js_authentication_kind == 'authelia'", - "become": true, - "become_user": "{{var_wiki_js_user}}", - "ansible.builtin.command": { - "chdir": "{{var_wiki_js_directory}}", - "cmd": "node cli.js -b http://127.0.0.1:{{var_wiki_js_port | string}} -u {{var_wiki_js_admin_email_address}} -p {{var_wiki_js_admin_password}} auth-strat-add-oauth2 {{var_wiki_js_authentication_data_authelia_provider_id}} {{var_wiki_js_authentication_data_authelia_provider_name}} {{var_wiki_js_authentication_data_authelia_client_id}} {{var_wiki_js_authentication_data_authelia_client_secret}} {{var_wiki_js_authentication_data_authelia_url_base}}/api/oidc/authorization {{var_wiki_js_authentication_data_authelia_url_base}}/api/oidc/token {{var_wiki_js_authentication_data_authelia_url_base}}/api/oidc/userinfo" - } } ] diff --git a/roles/wiki_js/vardef.json b/roles/wiki_js/vardef.json index 805c1f1..3b68b3f 100644 --- a/roles/wiki_js/vardef.json +++ b/roles/wiki_js/vardef.json @@ -134,5 +134,21 @@ "admin_password": { "mandatory": false, "type": "string" + }, + "additional_locales": { + "mandatory": false, + "type": "array", + "items": { + "nullable": false, + "type": "string" + } + }, + "user_group_name": { + "mandatory": false, + "type": "string" + }, + "allow_guest_view": { + "mandatory": false, + "type": "boolean" } }