From 82bc7ab28046b61b24176a304c15437adeb3a941 Mon Sep 17 00:00:00 2001
From: "Patrik J. Braun" <bra.patrik@gmail.com>
Date: Fri, 6 Jan 2023 18:22:49 +0100
Subject: [PATCH] Improve enforced user configuration #575 #569

---
 package-lock.json                             | 28 +++++++++---------
 package.json                                  |  4 +--
 src/backend/model/database/SQLConnection.ts   | 14 ++-------
 src/common/config/private/Config.ts           | 29 +++++++++++++++++--
 src/common/config/private/PrivateConfig.ts    |  5 ++--
 src/common/config/public/ClientConfig.ts      |  2 +-
 .../settings-entry.component.html             |  8 +++++
 7 files changed, 57 insertions(+), 33 deletions(-)

diff --git a/package-lock.json b/package-lock.json
index 561d8a3b..b882286a 100644
--- a/package-lock.json
+++ b/package-lock.json
@@ -27,7 +27,7 @@
         "sharp": "0.31.2",
         "ts-exif-parser": "0.2.2",
         "ts-node-iptc": "1.0.11",
-        "typeconfig": "2.0.32",
+        "typeconfig": "2.0.37",
         "typeorm": "0.3.10",
         "xml2js": "0.4.23"
       },
@@ -116,7 +116,7 @@
         "rxjs": "7.5.5",
         "ts-helpers": "1.1.2",
         "ts-node": "10.7.0",
-        "webpack-bundle-analyzer": "4.5.0",
+        "webpack-bundle-analyzer": "4.7.0",
         "xlf-google-translate": "1.0.0-beta.22",
         "zone.js": "0.11.5"
       },
@@ -20825,9 +20825,9 @@
       }
     },
     "node_modules/typeconfig": {
-      "version": "2.0.32",
-      "resolved": "https://registry.npmjs.org/typeconfig/-/typeconfig-2.0.32.tgz",
-      "integrity": "sha512-hbdt3SG0q9Sv6aqPMdmubY/513YokbiLRpqiAOY1HgaROTTw+3QdqYh4uKBoeKVHFgGgT66zBu1tyUkU8xO1lA==",
+      "version": "2.0.37",
+      "resolved": "https://registry.npmjs.org/typeconfig/-/typeconfig-2.0.37.tgz",
+      "integrity": "sha512-IB45azVLIZH1Hzn+6jWTKiGef76MqYsAf2SgaqXd+rqaFLPEOkDS/OSp0fPSlOPO4vcSEYpsmd/AgaugpVDUmA==",
       "dependencies": {
         "minimist": "1.2.7"
       }
@@ -21634,9 +21634,9 @@
       }
     },
     "node_modules/webpack-bundle-analyzer": {
-      "version": "4.5.0",
-      "resolved": "https://registry.npmjs.org/webpack-bundle-analyzer/-/webpack-bundle-analyzer-4.5.0.tgz",
-      "integrity": "sha512-GUMZlM3SKwS8Z+CKeIFx7CVoHn3dXFcUAjT/dcZQQmfSZGvitPfMob2ipjai7ovFFqPvTqkEZ/leL4O0YOdAYQ==",
+      "version": "4.7.0",
+      "resolved": "https://registry.npmjs.org/webpack-bundle-analyzer/-/webpack-bundle-analyzer-4.7.0.tgz",
+      "integrity": "sha512-j9b8ynpJS4K+zfO5GGwsAcQX4ZHpWV+yRiHDiL+bE0XHJ8NiPYLTNVQdlFYWxtpg9lfAQNlwJg16J9AJtFSXRg==",
       "dev": true,
       "dependencies": {
         "acorn": "^8.0.4",
@@ -38126,9 +38126,9 @@
       }
     },
     "typeconfig": {
-      "version": "2.0.32",
-      "resolved": "https://registry.npmjs.org/typeconfig/-/typeconfig-2.0.32.tgz",
-      "integrity": "sha512-hbdt3SG0q9Sv6aqPMdmubY/513YokbiLRpqiAOY1HgaROTTw+3QdqYh4uKBoeKVHFgGgT66zBu1tyUkU8xO1lA==",
+      "version": "2.0.37",
+      "resolved": "https://registry.npmjs.org/typeconfig/-/typeconfig-2.0.37.tgz",
+      "integrity": "sha512-IB45azVLIZH1Hzn+6jWTKiGef76MqYsAf2SgaqXd+rqaFLPEOkDS/OSp0fPSlOPO4vcSEYpsmd/AgaugpVDUmA==",
       "requires": {
         "minimist": "1.2.7"
       }
@@ -38737,9 +38737,9 @@
       }
     },
     "webpack-bundle-analyzer": {
-      "version": "4.5.0",
-      "resolved": "https://registry.npmjs.org/webpack-bundle-analyzer/-/webpack-bundle-analyzer-4.5.0.tgz",
-      "integrity": "sha512-GUMZlM3SKwS8Z+CKeIFx7CVoHn3dXFcUAjT/dcZQQmfSZGvitPfMob2ipjai7ovFFqPvTqkEZ/leL4O0YOdAYQ==",
+      "version": "4.7.0",
+      "resolved": "https://registry.npmjs.org/webpack-bundle-analyzer/-/webpack-bundle-analyzer-4.7.0.tgz",
+      "integrity": "sha512-j9b8ynpJS4K+zfO5GGwsAcQX4ZHpWV+yRiHDiL+bE0XHJ8NiPYLTNVQdlFYWxtpg9lfAQNlwJg16J9AJtFSXRg==",
       "dev": true,
       "requires": {
         "acorn": "^8.0.4",
diff --git a/package.json b/package.json
index 68955c44..b7c5f5d2 100644
--- a/package.json
+++ b/package.json
@@ -49,7 +49,7 @@
     "sharp": "0.31.2",
     "ts-exif-parser": "0.2.2",
     "ts-node-iptc": "1.0.11",
-    "typeconfig": "2.0.32",
+    "typeconfig": "2.0.37",
     "xml2js": "0.4.23",
     "typeorm": "0.3.10"
   },
@@ -135,7 +135,7 @@
     "rxjs": "7.5.5",
     "ts-helpers": "1.1.2",
     "ts-node": "10.7.0",
-    "webpack-bundle-analyzer": "4.5.0",
+    "webpack-bundle-analyzer": "4.7.0",
     "xlf-google-translate": "1.0.0-beta.22",
     "zone.js": "0.11.5"
   },
diff --git a/src/backend/model/database/SQLConnection.ts b/src/backend/model/database/SQLConnection.ts
index ea39639f..97ce343c 100644
--- a/src/backend/model/database/SQLConnection.ts
+++ b/src/backend/model/database/SQLConnection.ts
@@ -109,19 +109,9 @@ export class SQLConnection {
       Array.isArray(Config.Users.enforcedUsers) &&
       Config.Users.enforcedUsers.length > 0
     ) {
-      for (const uc of Config.Users.enforcedUsers) {
+      for (let i = 0; i < Config.Users.enforcedUsers.length; ++i) {
+        const uc = Config.Users.enforcedUsers[i];
         const user = await userRepository.findOneBy({name: uc.name});
-
-        // encrypt password and save back to the config
-        if (uc.password) {
-          console.log(uc.password);
-          if (!uc.encryptedPassword) {
-            uc.encryptedPassword = PasswordHelper.cryptPassword(uc.password);
-          }
-          uc.encrypted = !!uc.encryptedPassword;
-          uc.password = '';
-          await Config.save();
-        }
         if (!user) {
           Logger.info(LOG_TAG, 'Saving enforced user: ' + uc.name);
           const a = new UserEntity();
diff --git a/src/common/config/private/Config.ts b/src/common/config/private/Config.ts
index 21ab3c96..cb189ac5 100644
--- a/src/common/config/private/Config.ts
+++ b/src/common/config/private/Config.ts
@@ -4,12 +4,14 @@ import * as crypto from 'crypto';
 import * as path from 'path';
 import {ConfigClass, ConfigClassBuilder} from 'typeconfig/node';
 import {IConfigClass} from 'typeconfig/common';
+import {PasswordHelper} from '../../../backend/model/PasswordHelper';
+import {TAGS} from '../public/ClientConfig';
 
 declare const process: any;
 
 const upTime = new Date().toISOString();
 
-@ConfigClass({
+@ConfigClass<IConfigClass<TAGS> & ServerConfig>({
   configPath: path.join(__dirname, './../../../../config.json'),
   saveIfNotExist: true,
   attachDescription: true,
@@ -30,6 +32,28 @@ const upTime = new Date().toISOString();
       enabled: true,
     },
   },
+  onLoadedSync: async (config) => {
+    let changed = false;
+    for (let i = 0; i < config.Users.enforcedUsers.length; ++i) {
+      const uc = config.Users.enforcedUsers[i];
+
+      // encrypt password and save back to the config
+      if (uc.password) {
+        if (!uc.encryptedPassword) {
+          uc.encryptedPassword = PasswordHelper.cryptPassword(uc.password);
+        }
+        uc.password = '';
+        changed = true;
+      }
+      if (!uc.encrypted) {
+        uc.encrypted = !!uc.encryptedPassword;
+        changed = true;
+      }
+    }
+    if (changed) {
+      config.saveSync();
+    }
+  }
 })
 export class PrivateConfigClass extends ServerConfig {
 
@@ -54,10 +78,11 @@ export class PrivateConfigClass extends ServerConfig {
   }
 
   async original(): Promise<PrivateConfigClass & IConfigClass> {
-    const pc = ConfigClassBuilder.attachInterface(new PrivateConfigClass());
+    const pc = ConfigClassBuilder.attachPrivateInterface(new PrivateConfigClass());
     await pc.load();
     return pc;
   }
+
 }
 
 export const Config = ConfigClassBuilder.attachInterface(
diff --git a/src/common/config/private/PrivateConfig.ts b/src/common/config/private/PrivateConfig.ts
index 3c096683..fbbc6f8f 100644
--- a/src/common/config/private/PrivateConfig.ts
+++ b/src/common/config/private/PrivateConfig.ts
@@ -174,7 +174,7 @@ export class UserConfig {
   })
   role: UserRoles = UserRoles.User;
 
-  @ConfigProperty({
+  @ConfigProperty<string, ServerConfig, TAGS>({
     tags:
       {
         name: $localize`Password`,
@@ -270,7 +270,8 @@ export class ServerUserConfig extends ClientUserConfig {
       {
         name: $localize`Enforced users`,
         priority: ConfigPriority.underTheHood,
-        uiOptional: true
+        uiOptional: true,
+        githubIssue: 575
       } as TAGS,
     description: $localize`Creates these users in the DB if they do not exist. If a user with this name exist, it won't be overwritten, even if the role is different.`,
   })
diff --git a/src/common/config/public/ClientConfig.ts b/src/common/config/public/ClientConfig.ts
index af7dae97..044fd310 100644
--- a/src/common/config/public/ClientConfig.ts
+++ b/src/common/config/public/ClientConfig.ts
@@ -28,7 +28,7 @@ export type TAGS = {
   client?: true,
   priority?: ConfigPriority,
   name?: string,
-  relevant?: (c: ClientConfig) => boolean,
+  relevant?: (c: any) => boolean,
   dockerSensitive?: boolean,
   hint?: string,// UI hint
   githubIssue?: number,
diff --git a/src/frontend/app/ui/settings/template/settings-entry/settings-entry.component.html b/src/frontend/app/ui/settings/template/settings-entry/settings-entry.component.html
index 5a94f3e9..3cbb6fd0 100644
--- a/src/frontend/app/ui/settings/template/settings-entry/settings-entry.component.html
+++ b/src/frontend/app/ui/settings/template/settings-entry/settings-entry.component.html
@@ -189,6 +189,7 @@
         <ng-container *ngSwitchCase="'UserConfig'">
           <div class="container ps-0 pe-0">
             <div class="row ms-0 me-0 mt-1 mb-1 bg-light" *ngFor="let item of state.value; let i = index">
+
               <div class="col ps-0">
                 <input type="text" class="form-control"
                        placeholder="Name"
@@ -217,6 +218,13 @@
                        [name]="'item_p_'+idName+i"
                        [id]="'item_p_'+idName+i"
                        required>
+                <input *ngIf="item.encrypted"
+                       type="password"
+                       class="form-control"
+                       value="*****"
+                       disabled
+                       [name]="'item_p_'+idName+i"
+                       [id]="'item_p_'+idName+i">
               </div>
               <div class="col-1 pe-0">
                 <button [disabled]="(state.value.length == 1 && !state.tags.uiOptional)"