forked from eXist-db/public-repo
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathpost-install.xq
67 lines (55 loc) · 2.49 KB
/
post-install.xq
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
xquery version "3.1";
(:~
: This post-install script sets permissions on the package data collection hierarchy.
: When pre-install creates the public-repo-data collection, its permissions are admin/dba.
: This ensures the collections are owned by the default user and group for the app.
: The script also builds the package metadata if it doesn't already exist.
:)
import module namespace config="http://exist-db.org/xquery/apps/config" at "modules/config.xqm";
import module namespace scanrepo="http://exist-db.org/xquery/admin/scanrepo" at "modules/scan.xqm";
declare namespace sm="http://exist-db.org/xquery/securitymanager";
declare namespace system="http://exist-db.org/xquery/system";
declare namespace xmldb="http://exist-db.org/xquery/xmldb";
(: The following external variables are set by the repo:deploy function :)
(: file path pointing to the exist installation directory :)
declare variable $home external;
(: path to the directory containing the unpacked .xar package :)
declare variable $dir external;
(: the target collection into which the app is deployed :)
declare variable $target external;
(: Until https://github.com/eXist-db/exist/issues/3734 is fixed, we hard code the default group name :)
declare variable $repo-group :=
(: config:repo-permissions()?group :)
"repo"
;
declare variable $repo-user :=
(: config:repo-permissions()?user :)
"repo"
;
(:~
: Set user and group to be owner by values in repo.xml
:)
declare function local:set-data-collection-permissions($resource as xs:string) {
if (sm:get-permissions(xs:anyURI($resource))/sm:permission/@group = $repo-group) then
()
else
(
sm:chown($resource, $repo-user),
sm:chgrp($resource, $repo-group),
sm:chmod(xs:anyURI($resource), "rwxrwxr-x")
)
};
(: Set user and group ownership on the package data collection hierarchy :)
for $col in ($config:app-data-col, xmldb:get-child-collections($config:app-data-col) ! ($config:app-data-col || "/" || .))
return
local:set-data-collection-permissions($col),
(: Build package metadata if missing :)
if (doc-available($config:raw-packages-doc) and doc-available($config:package-groups-doc)) then
()
else
(
scanrepo:rebuild-all-package-metadata(),
($config:raw-packages-doc, $config:package-groups-doc) ! local:set-data-collection-permissions(.)
),
(: execute get-package.xq as repo group, so that it can write to logs :)
sm:chmod(xs:anyURI($target || "/modules/get-package.xq"), "rwsrwxr-x")