librelad 898068a390 refactor(apps): make app tools + helpers fully self-contained per app
Each app now carries everything under containers/<app>/: Tools-tab actions in
tools/ (declaration <app>.tools.json + function <app>_<tool_id>.sh) and logic
helpers in scripts/ (e.g. <app>_auth.sh). The container scan live-sources every
.sh under the app (maxdepth 3, prunes only resources/) and webui_tools.sh
auto-merges the .tools.json, so an app is a true drop-in — no central edit, no
array regen.

- Empty the central webui_tools.sh heredoc; all 34 tools across 11 apps now
  come from per-app declarations (verified byte-identical to the old output).
- Retire the orphaned mattermost tool scripts to scripts/unused (there is no
  containers/mattermost; its install fn already lived in unused).
- Update the dispatch comment/error path, the auth-adapter doc, and
  DEVELOPMENT.md to the new convention.
- Regenerate static arrays (files_app.sh no longer lists app/containers/*).

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
Signed-off-by: librelad <librelad@digitalangels.vip>
2026-05-25 22:45:33 +01:00

65 lines
2.9 KiB
Bash

#!/bin/bash
_focalboardSqlite() {
runFileOp docker exec -i focalboard-service sqlite3 /data/focalboard.db "$1" 2>&1
}
_focalboardBcrypt() {
if ! command -v htpasswd >/dev/null 2>&1; then
isError "htpasswd is required to bcrypt the password."; return 1
fi
htpasswd -bnBC 10 "" "$1" | tr -d ':\n'
}
authAdapter_focalboard_setPassword() {
local user="$1" password="$2"
[[ -z "$user" ]] && { isError "Username is required."; return 1; }
[[ -z "$password" ]] && password=$(generateRandomPassword)
local hash; hash=$(_focalboardBcrypt "$password") || return 1
local out; out=$(_focalboardSqlite "UPDATE users SET password = '${hash//\'/\'\'}' WHERE username = '${user//\'/\'\'}'; SELECT changes();")
if [[ "$out" != "1" ]]; then isError "Focalboard reset failed (no user '$user'): $out"; return 1; fi
if [[ "$user" == "${CFG_FOCALBOARD_ADMIN_USER:-}" ]]; then
authPersistCfg focalboard ADMIN_PASSWORD "$password"
fi
isSuccessful "Focalboard password set for $user — New password: $password"
}
authAdapter_focalboard_createUser() {
local user="$1" password="$2" email="$3" isAdmin="$4"
[[ -z "$user" || -z "$email" ]] && { isError "Username and email are required."; return 1; }
[[ -z "$password" ]] && password=$(generateRandomPassword)
local hash; hash=$(_focalboardBcrypt "$password") || return 1
local id="ez_$(date +%s)_${RANDOM}"
local now=$(date +%s%N | cut -c1-13)
local sql="INSERT INTO users (id, username, email, password, props, create_at, update_at, delete_at) VALUES ('$id','${user//\'/\'\'}','${email//\'/\'\'}','${hash//\'/\'\'}','{}',$now,$now,0);"
local out; out=$(_focalboardSqlite "$sql")
if [[ -n "$out" && "$out" != *"changes"* ]]; then isError "Focalboard create failed: $out"; return 1; fi
if [[ "$isAdmin" == "true" && -z "${CFG_FOCALBOARD_ADMIN_USER:-}" ]]; then
authPersistCfg focalboard ADMIN_USER "$user"
authPersistCfg focalboard ADMIN_PASSWORD "$password"
fi
isSuccessful "Focalboard user created — User: $user — Email: $email — Password: $password"
}
authAdapter_focalboard_listUsers() {
_focalboardSqlite ".mode tabs
SELECT 'EZ_USER', email, username, '' FROM users WHERE delete_at = 0 ORDER BY username;"
}
authAdapter_focalboard_deleteUser() {
local user="$1"
[[ -z "$user" ]] && { isError "Username is required."; return 1; }
local now=$(date +%s%N | cut -c1-13)
local out; out=$(_focalboardSqlite "UPDATE users SET delete_at = $now WHERE username = '${user//\'/\'\'}'; SELECT changes();")
[[ "$out" != "1" ]] && { isError "Focalboard delete failed (no user '$user')."; return 1; }
isSuccessful "Focalboard user '$user' deleted (soft-delete)."
}
authAdapter_focalboard_setAdmin() {
local user="$1" isAdmin="$2"
isNotice "Focalboard admin toggle is not exposed via SQL — set in the workspace UI."
return 1
}