From 679ead6994ae0f5959c8353a4fd3c55039932234 Mon Sep 17 00:00:00 2001
From: Andreas Perhab <andreas.perhab@wt-io-it.at>
Date: Wed, 16 Jun 2021 16:47:37 +0200
Subject: [PATCH] [FIX] permissions: refactor to plumbum

---
 build.d/800-permissions | 80 ++++++++++++++++++++++++++++++++++-------
 1 file changed, 68 insertions(+), 12 deletions(-)

diff --git a/build.d/800-permissions b/build.d/800-permissions
index 9c256c22..cf8e5c8b 100755
--- a/build.d/800-permissions
+++ b/build.d/800-permissions
@@ -1,17 +1,73 @@
-#!/bin/bash
-set -e
+#!/usr/bin/env python
+# -*- coding: utf-8 -*-
+import os.path
+
+from doodbalib import AUTO_DIR, CUSTOM_DIR
+
+from plumbum import FG, local
+
+find, xargs, chmod, chown = (
+    local.cmd.find,
+    local.cmd.xargs,
+    local.cmd.chmod,
+    local.cmd.chown,
+)
 
 # find all files where group or user are not odoo that are not a symlink, and fix permissions for those
 # we use find and xargs because chown -R can be very slow on certain systems: https://github.com/docker/for-linux/issues/388
-find /opt/odoo \( -not -user root -or -not -group odoo \) -and -not -type l -print0 | xargs -0 --no-run-if-empty chown root:odoo
-find /opt/odoo \( -type d -not -perm u=rwx,g=rx,o= \) -o \( -type f -not -perm u=rw,g=r,o= -not -perm u=rwx,g=rx,o= \) -print0 | xargs -0 --no-run-if-empty chmod u+rwX,g+rX-w,o=
+(
+    find[
+        "/opt/odoo",
+        "(",
+        "-not",
+        "-user",
+        "root",
+        "-or",
+        "-not",
+        "-group",
+        "odoo",
+        ")",
+        "-and",
+        "-not",
+        "-type",
+        "l",
+        "-print0",
+    ]
+    | xargs["-0", "--no-run-if-empty", "chown", "root:odoo"]
+) & FG
+(
+    find[
+        "/opt/odoo",
+        "(",
+        "-type",
+        "d",
+        "-not",
+        "-perm",
+        "u=rwx,g=rx,o=",
+        ")",
+        "-o",
+        "(",
+        "-type",
+        "f",
+        "-not",
+        "-perm",
+        "u=rw,g=r,o=",
+        "-not",
+        "-perm",
+        "u=rwx,g=rx,o=",
+        ")",
+        "-print0",
+    ]
+    | xargs["-0", "--no-run-if-empty", "chmod", "u+rwX,g+rX-w,o="]
+) & FG
+
+chmod["-R", "g+w", AUTO_DIR] & FG
 
-chmod -R g+w /opt/odoo/auto
+custom_ssh_dir = os.path.join(CUSTOM_DIR, "ssh")
+if os.path.isdir(custom_ssh_dir):
+    chmod["-R", "u=rwx,go=", custom_ssh_dir] & FG
 
-if [ -d /opt/odoo/custom/ssh ]; then
-    chmod -R u=rwX,go= /opt/odoo/custom/ssh
-fi
-if [ -d ~odoo/.ssh ]; then
-    chown -R odoo:odoo ~odoo/.ssh
-    chmod -R u=rwX,go= ~odoo/.ssh
-fi
+odoo_ssh_dir = '/home/odoo/.ssh'
+if os.path.isdir(odoo_ssh_dir):
+    chown["-R", "odoo:odoo", odoo_ssh_dir] & FG
+    chmod["-R", "u=rwx,go=", odoo_ssh_dir] & FG