From b169fa67b30db9751d45845417ab74d0110b5616 Mon Sep 17 00:00:00 2001 From: "Patrik J. Braun" Date: Thu, 20 Jan 2022 19:45:25 +0100 Subject: [PATCH] Removing default enforced admin/admin user, only adding it if no admin is present. fixes #408 --- src/backend/model/database/sql/SQLConnection.ts | 11 +++++++++++ src/common/config/private/PrivateConfig.ts | 3 +-- 2 files changed, 12 insertions(+), 2 deletions(-) diff --git a/src/backend/model/database/sql/SQLConnection.ts b/src/backend/model/database/sql/SQLConnection.ts index ea23d9f0..825613db 100644 --- a/src/backend/model/database/sql/SQLConnection.ts +++ b/src/backend/model/database/sql/SQLConnection.ts @@ -118,6 +118,17 @@ export class SQLConnection { } } } + + // Add dummy Admin to the db + const admins = await userRepository.find({role: UserRoles.Admin}); + if (admins.length === 0) { + const a = new UserEntity(); + a.name = 'admin'; + a.password = PasswordHelper.cryptPassword('admin'); + a.role = UserRoles.Admin; + await userRepository.save(a); + } + const defAdmin = await userRepository.findOne({name: 'admin', role: UserRoles.Admin}); if (defAdmin && PasswordHelper.comparePassword('admin', defAdmin.password)) { NotificationManager.error('Using default admin user!', 'You are using the default admin/admin user/password, please change or remove it.'); diff --git a/src/common/config/private/PrivateConfig.ts b/src/common/config/private/PrivateConfig.ts index 9c563a7f..b8e0ba10 100644 --- a/src/common/config/private/PrivateConfig.ts +++ b/src/common/config/private/PrivateConfig.ts @@ -106,8 +106,7 @@ export class ServerDataBaseConfig { arrayType: UserConfig, description: 'Creates these users in the DB if they do not exist. If a user with this name exist, it wont be overwritten, even if the role is different.' }) - enforcedUsers: UserConfig[] = [new UserConfig('admin', 'admin', UserRoles.Admin)]; - + enforcedUsers: UserConfig[] = []; } @SubConfigClass()