sulu: 3.1.30

sulu:
  - a6653de add documentation for connection config, lint files
  - 3f2c5d8 add support for port: "auto" and protocol: "autoWs"
  - be73c12 allow hosting sulu in sub-directory
  - 5d625dd if visibilityControl=force only show widget when parent matches
  - 154313a fix labels for firmware submit buttons when in queue mode
  - cb5cdd2 add visibilityControl field to widgetinfo, add documentation, normalize widget filtering function
  - 7702142 better users widget ui
config:
  - Switch port to auto
  - Switch protocol to autoWS
  - Removed config option to disable RBAC
  - Use 8000 as redirect to https

sulu/sulu-base/Makefile

@@ -5,11 +5,11 @@
 include $(TOPDIR)/rules.mk
 
 PKG_NAME:=sulu-base
-PKG_VERSION:=3.1.29
+PKG_VERSION:=3.1.30
 
 PKG_SOURCE_PROTO:=git
 PKG_SOURCE_URL:=https://dev.iopsys.eu/websdk/sulu.git
-PKG_SOURCE_VERSION:=e8188382267970f60a5992c55ab9858c9069044c
+PKG_SOURCE_VERSION:=a6653de12a1b45758f75a1d833ada3489f9125f9
 PKG_MIRROR_HASH:=skip
 
 SULU_MOD:=core

sulu/sulu-builder/Makefile

@@ -5,12 +5,12 @@
 include $(TOPDIR)/rules.mk
 
 PKG_NAME:=sulu-builder
-PKG_VERSION:=3.1.29
+PKG_VERSION:=3.1.30
 PKG_RELEASE:=1
 
 PKG_SOURCE_PROTO:=git
 PKG_SOURCE_URL:=https://dev.iopsys.eu/websdk/sulu-builder.git
-PKG_SOURCE_VERSION:=ad61b28419343d3987bc6eeb259198201e8b0a67
+PKG_SOURCE_VERSION:=fa8e0cd297b38f8b1f964694fb990cf017d75223
 PKG_SOURCE_SUBDIR:=$(PKG_NAME)-$(PKG_SOURCE_VERSION)
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_SOURCE_VERSION).tar.gz
 PKG_BUILD_DIR:=$(BUILD_DIR)/sulu-$(PKG_VERSION)/sulu-builder-$(PKG_SOURCE_VERSION)

sulu/sulu-builder/files/etc/config/sulu

@@ -1,5 +1,4 @@
 config global 'global'
-	option role_based_access '1'
 	option SessionMode 'Allow'
 	list user 'admin'
 	list user 'user'

sulu/sulu-builder/files/etc/init.d/sulu

@@ -16,12 +16,11 @@ validate_sulu_global_section()
 {
 	uci_validate_section sulu global global \
 		'enabled:bool:1' \
-		'enable_system_credentials:bool:1' \
-		'role_based_access:bool:0'
+		'enable_system_credentials:bool:1'
 }
 
 start_service() {
-	local enabled enable_system_credentials role_based_access
+	local enabled enable_system_credentials
 
 	config_load sulu
 	procd_open_instance sulu
@@ -34,8 +33,8 @@ start_service() {
 	fi
 
 	update_nginx_template
-	configure_sulu "${enable_system_credentials}" "${role_based_access}" 1
-	generate_sulu_conn_config "${role_based_access}"
+	configure_sulu "${enable_system_credentials}" 1
+	generate_sulu_conn_config
 	procd_close_instance
 }
 

sulu/sulu-builder/files/etc/sulu/sulu.sh

@@ -82,16 +82,6 @@ function _get_sulu_acl_file()
 	echo "${file}"
 }
 
-function _get_sulu_tls_port()
-{
-	local port listen
-
-	listen="$(uci -q get nginx._sulu_s.listen)"
-	port="$(echo $listen|grep -Eo '[0-9]+'|head -n 1)"
-
-	echo "${port:-8443}"
-}
-
 function _get_sulu_http_port()
 {
 	local port listen
@@ -117,45 +107,25 @@ function update_nginx_template()
 
 function generate_sulu_conn_config()
 {
-	local rbac users SCONFIG session
+	local users SCONFIG session
 
-	rbac="${1}"
 	users="$(_get_sulu_users)"
 	session="$(_get_sulu_session_mode)"
 	SCONFIG="$(_get_sulu_connection_config)"
 
 	json_init;
-	if [ "${rbac}" -eq "1" ]; then
-		json_add_string 'Current-connection' 'rbac';
-	else
 	json_add_string 'Current-connection' 'main';
-	fi
 	json_add_object 'Connections';
-		json_add_object 'rbac';
+		json_add_object 'main';
 		json_add_string 'toId' "$(_get_endpoint_id)";
-		json_add_int 'port' "$(_get_sulu_tls_port)";
+		json_add_string 'port' "auto";
 		json_add_string 'path' "/wss";
 
 		if [ "${session}" = "Require" ]; then
 			json_add_boolean 'useSession' 1;
 		fi
 
-		json_add_string 'protocol' 'wss';
-			json_add_array 'auth';
-			json_close_array;
-
-			json_add_array 'urlOverrides';
-				json_add_object "";
-					json_add_object 'match';
-						json_add_string 'protocol' 'http:'
-					json_close_object
-					json_add_object 'override';
-						json_add_string 'protocol' 'ws'
-						json_add_int 'port' "$(_get_sulu_http_port)";
-					json_close_object
-				json_close_object
-			json_close_array
-
+		json_add_string 'protocol' 'autoWs';
 		json_add_object 'overrides';
 		for f in ${users}; do
 			json_add_object "${f}";
@@ -166,100 +136,11 @@ function generate_sulu_conn_config()
 		done
 		json_close_object;
 		json_close_object;
-
-		# add the default connection
-		json_add_object 'main';
-		json_add_string 'fromId' 'proto::interop-usp-controller';
-		json_add_string 'toId' "$(_get_endpoint_id)";
-		json_add_int 'port' "$(_get_sulu_tls_port)";
-		json_add_string 'path' "/wss";
-		json_add_string 'protocol' 'wss';
-		json_add_string 'publishEndpoint' "/usp/endpoint";
-		json_add_string 'subscribeEndpoint' "/usp/controller";
-			json_add_array 'auth';
-			json_close_array;
-
-			json_add_array 'urlOverrides';
-				json_add_object "";
-					json_add_object 'match';
-						json_add_string 'protocol' 'http:'
-					json_close_object
-					json_add_object 'override';
-						json_add_string 'protocol' 'ws'
-						json_add_int 'port' "$(_get_sulu_http_port)";
-					json_close_object
-				json_close_object
-			json_close_array
-		json_close_object;
 	json_close_object;
 
 	json_dump > ${SCONFIG}
 }
 
-function set_sulu_connection_mode()
-{
-	local rbac profile config SCONFIG
-
-	SCONFIG="$(_get_sulu_connection_config)"
-	rbac="${1}"
-
-	profile="$(jq '."Current-connection"' ${SCONFIG})"
-	if [ "$rbac" -eq "1" -a "${profile}" == "\"main\"" ]; then
-		config="$(jq '."Current-connection" = "rbac"' ${SCONFIG})"
-		echo "${config}" > ${SCONFIG}
-	elif [ "$rbac" -eq "0" -a "${profile}" == "\"rbac\"" ]; then
-		config="$(jq '."Current-connection" = "main"' ${SCONFIG})"
-		echo "${config}" > ${SCONFIG}
-	fi
-}
-
-function update_sulu_connection_port()
-{
-	local port ws_port SCONF
-
-	SCONF="$(_get_sulu_connection_config)"
-	ws_port="$(_get_sulu_tls_port)"
-
-	port="$(jq '.Connections.rbac.port' ${SCONF})"
-	if [ "${port}" -ne "${ws_port}" ]; then
-		jq ".Connections.main.port = ${ws_port} | .Connections.rbac.port = ${ws_port}" ${SCONF} > /tmp/sulu/ss_port.json
-		mv /tmp/sulu/ss_port.json ${SCONF}
-	fi
-}
-
-function _update_obuspa_config()
-{
-	local restart
-
-	restart=0
-	if ! uci_get obuspa localmqtt >/dev/null 2>&1; then
-		uci_add obuspa mqtt localmqtt
-		uci_set obuspa localmqtt BrokerAddress "127.0.0.1"
-		uci_set obuspa localmqtt BrokerPort "1883"
-		uci_set obuspa localmqtt TransportProtocol "TCP/IP"
-		restart=1
-	fi
-
-	if ! uci_get obuspa agent_mtp >/dev/null 2>&1; then
-		uci_add obuspa mtp agent_mtp
-		uci_set obuspa agent_mtp Protocol "MQTT"
-		uci_set obuspa agent_mtp ResponseTopicConfigured "/usp/endpoint"
-		uci_set obuspa agent_mtp mqtt "localmqtt"
-		restart=1
-	fi
-
-	if ! uci_get obuspa localcontroller >/dev/null 2>&1; then
-		uci_add obuspa controller localcontroller
-		uci_set obuspa localcontroller EndpointID "proto::interop-usp-controller"
-		uci_set obuspa localcontroller Protocol "MQTT"
-		uci_set obuspa localcontroller Topic "/usp/controller"
-		uci_set obuspa localcontroller mqtt "localmqtt"
-		uci_set obuspa localcontroller assigned_role_name "full_access"
-		restart=1
-	fi
-	return "${restart}"
-}
-
 function _remove_obuspa_config()
 {
 	local restart session
@@ -343,31 +224,14 @@ function _remove_sulu_sec()
 	return 0
 }
 
-function _remove_obuspa_config_rbac()
-{
-	local restart
-
-	restart=0
-	config_foreach _remove_sulu_sec mqtt
-	restart="$(( restart + $? ))"
-	config_foreach _remove_sulu_sec mtp
-	restart="$(( restart + $? ))"
-	config_foreach _remove_sulu_sec controller
-	restart="$(( restart + $? ))"
-	uci_set obuspa global role_file ""
-
-	return "${restart}"
-}
-
 function _create_acl() {
-        local agentid rbac users restart
+        local agentid users restart
 	local ACL_FILE
 
-	rbac="${1:-0}"
 	restart="0"
 
 	ACL_FILE="$(_get_sulu_acl_file)"
-	if [ -z "${ACL_FILE}" -o "${rbac}" -eq "0" ]; then
+	if [ -z "${ACL_FILE}" ]; then
 		return 0
 	fi
 
@@ -376,7 +240,6 @@ function _create_acl() {
 	fi
 	touch "${ACL_FILE}"
 
-	if [ "${rbac}" -eq "1" ]; then
 	users="$(_get_sulu_users)"
 	agentid="$(_get_agent_id)"
 	for f in ${users}; do
@@ -389,7 +252,6 @@ function _create_acl() {
 			restart="1"
 		fi
 	done
-	fi
 
 	if [ "${restart}" -gt "0" ]; then
 		slog "Restarting mosquitto..."
@@ -399,23 +261,15 @@ function _create_acl() {
 
 function update_obuspa_config()
 {
-	local rbac restart
+	local restart
 
-	rbac="${1}"
 	restart=0
 
 	uci_load obuspa
-	if [ "${rbac}" -eq "1" ]; then
 	_remove_obuspa_config
 	restart="$(( restart + $? ))"
 	_update_obuspa_config_rbac
 	restart="$(( restart + $? ))"
-	else
-		_remove_obuspa_config_rbac
-		restart="$(( restart + $? ))"
-		_update_obuspa_config
-		restart="$(( restart + $? ))"
-	fi
 	uci_commit obuspa
 
 	if [ "${_RESTART_SERVICES}" -eq "1" -a "${restart}" -gt "0" ]; then
@@ -426,20 +280,18 @@ function update_obuspa_config()
 
 function configure_sulu()
 {
-	local sys_cred rbac restart
+	local sys_cred restart
 
 	sys_cred="${1}"
-	rbac="${2}"
-	restart="${3:-0}"
+	restart="${2:-0}"
 
-	if [ -z "${sys_cred}" -o -z "${rbac}" ]; then
+	if [ -z "${sys_cred}" ]; then
 		slog "Invalid inputs"
 		return 0
 	fi
 
 	_RESTART_SERVICES="${restart}"
 
-	set_sulu_connection_mode "${rbac}"
-	update_obuspa_config "${rbac}"
-	_create_acl "${rbac}"
+	update_obuspa_config
+	_create_acl
 }

sulu/sulu-builder/files/etc/uci-defaults/40-add-sulu-nginx-config

@@ -21,25 +21,28 @@ add_sulu_nginx_uci()
 		uci_set nginx _sulu_s error_log '/dev/null'
 	fi
 
-# To host on http, disable _suluredirect and enable _sulu_http
-#	if ! uci_get nginx _suluredirect >/dev/null 2>&1; then
-#		uci_add nginx server _suluredirect
-#		uci_add_list nginx _suluredirect listen "8080"
-#		uci_add_list nginx _suluredirect listen "[::]:8080"
-#		uci_set nginx _suluredirect server_name '_suluredirect'
-#		uci_set nginx _suluredirect return '302 https://$host:8443$request_uri'
-#	fi
-
-	if ! uci_get nginx _sulu_http >/dev/null 2>&1; then
-		uci_add nginx server _sulu_http
-		uci_set nginx _sulu_http root '/sulu'
-		uci_add_list nginx _sulu_http listen "8080"
-		uci_add_list nginx _sulu_http listen "[::]:8080"
-		uci_set nginx _sulu_http server_name '_sulu_http'
-		uci_add_list nginx _sulu_http include '/etc/sulu/nginx.locations'
-	        uci_set nginx _sulu_http ssl_session_cache 'none'
-		uci_set nginx _sulu_http access_log 'off; # logd openwrt'
+	# To host on http, disable _suluredirect and enable _sulu_http
+	if ! uci_get nginx _suluredirect >/dev/null 2>&1; then
+		uci_add nginx server _suluredirect
+		uci_add_list nginx _suluredirect listen "8080"
+		uci_add_list nginx _suluredirect listen "[::]:8080"
+		uci_set nginx _suluredirect server_name '_suluredirect'
+		uci_set nginx _suluredirect return '302 https://$host:8443$request_uri'
 	fi
+	
+	if uci_get nginx _sulu_http >/dev/null 2>&1; then
+		uci_remove nginx _sulu_http
+	fi
+#	if ! uci_get nginx _sulu_http >/dev/null 2>&1; then
+#		uci_add nginx server _sulu_http
+#		uci_set nginx _sulu_http root '/sulu'
+#		uci_add_list nginx _sulu_http listen "8080"
+#		uci_add_list nginx _sulu_http listen "[::]:8080"
+#		uci_set nginx _sulu_http server_name '_sulu_http'
+#		uci_add_list nginx _sulu_http include '/etc/sulu/nginx.locations'
+#	        uci_set nginx _sulu_http ssl_session_cache 'none'
+#		uci_set nginx _sulu_http access_log 'off; # logd openwrt'
+#	fi
 }
 
 

sulu/sulu-builder/files/etc/uci-defaults/99-fix-sulu-config

@@ -4,7 +4,6 @@
 
 config_load sulu
 config_get enable_system_credentials global enable_system_credentials 1
-config_get role_based_access global role_based_access 0
 
-configure_sulu "${enable_system_credentials}" "${role_based_access}" 0
-generate_sulu_conn_config "${role_based_access}"
+configure_sulu "${enable_system_credentials}" 0
+generate_sulu_conn_config