From e956199c8e7d8eba1fb4082be1c66708d714f212 Mon Sep 17 00:00:00 2001
From: "Patrik J. Braun" <bra.patrik@gmail.com>
Date: Thu, 13 Jan 2022 23:55:29 +0100
Subject: [PATCH] Creating enforced users in the config file fixes #220, fixes
 #393,

---
 .../model/database/sql/SQLConnection.ts       | 33 +++++++++++--------
 .../model/database/sql/enitites/UserEntity.ts |  2 +-
 src/common/config/private/PrivateConfig.ts    | 27 +++++++++++++++
 src/common/config/public/ClientConfig.ts      |  2 +-
 4 files changed, 49 insertions(+), 15 deletions(-)

diff --git a/src/backend/model/database/sql/SQLConnection.ts b/src/backend/model/database/sql/SQLConnection.ts
index eeee0da4..5869a8a1 100644
--- a/src/backend/model/database/sql/SQLConnection.ts
+++ b/src/backend/model/database/sql/SQLConnection.ts
@@ -96,22 +96,29 @@ export class SQLConnection {
   public static async init(): Promise<void> {
     const connection = await this.getConnection();
 
-    // Add dummy Admin to the db
+    // Adding enforced users to the db
     const userRepository = connection.getRepository(UserEntity);
-    const admins = await userRepository.find({role: UserRoles.Admin});
-    if (admins.length === 0) {
-      const a = new UserEntity();
-      a.name = 'admin';
-      a.password = PasswordHelper.cryptPassword('admin');
-      a.role = UserRoles.Admin;
-      await userRepository.save(a);
-    }
-    const defAdmins = await userRepository.find({name: 'admin', role: UserRoles.Admin});
-    for (const a of defAdmins) {
-      if (PasswordHelper.comparePassword('admin', a.password)) {
-        NotificationManager.error('Using default admin user!', 'You are using the default admin/admin user/password, please change or remove it.');
+    for (const uc of Config.Server.Database.enforcedUsers) {
+      const user = await userRepository.findOne({name: uc.name});
+      if (!user) {
+        Logger.info(LOG_TAG, 'Saving enforced user: ' + uc.name);
+        const a = new UserEntity();
+        a.name = uc.name;
+        // encrypt password and save back to the db
+        if (!uc.encryptedPassword) {
+          uc.encryptedPassword = PasswordHelper.cryptPassword(uc.password);
+          uc.password = '';
+          await Config.save();
+        }
+        a.password = uc.encryptedPassword;
+        a.role = uc.role;
+        await userRepository.save(a);
       }
     }
+    const defAdmin = await userRepository.findOne({name: 'admin', role: UserRoles.Admin});
+    if (PasswordHelper.comparePassword('admin', defAdmin.password)) {
+      NotificationManager.error('Using default admin user!', 'You are using the default admin/admin user/password, please change or remove it.');
+    }
 
   }
 
diff --git a/src/backend/model/database/sql/enitites/UserEntity.ts b/src/backend/model/database/sql/enitites/UserEntity.ts
index dd0bc9ca..8979e52b 100644
--- a/src/backend/model/database/sql/enitites/UserEntity.ts
+++ b/src/backend/model/database/sql/enitites/UserEntity.ts
@@ -8,7 +8,7 @@ export class UserEntity implements UserDTO {
   @PrimaryGeneratedColumn()
   id: number;
 
-  @Column()
+  @Column({unique: true})
   name: string;
 
   @Column()
diff --git a/src/common/config/private/PrivateConfig.ts b/src/common/config/private/PrivateConfig.ts
index 32a6d5e5..2d795e8c 100644
--- a/src/common/config/private/PrivateConfig.ts
+++ b/src/common/config/private/PrivateConfig.ts
@@ -7,6 +7,7 @@ import {ConfigProperty} from 'typeconfig/src/decorators/property/ConfigPropoerty
 import {DefaultsJobs} from '../../entities/job/JobDTO';
 import {SearchQueryDTO} from '../../entities/SearchQueryDTO';
 import {SortingMethods} from '../../entities/SortingMethods';
+import {UserRoles} from '../../entities/UserDTO';
 
 export enum DatabaseType {
   memory = 1, mysql = 2, sqlite = 3
@@ -56,6 +57,28 @@ export class SQLiteConfig {
   DBFileName: string = 'sqlite.db';
 }
 
+@SubConfigClass()
+export class UserConfig {
+
+  @ConfigProperty()
+  name: string;
+
+  @ConfigProperty({type: UserRoles})
+  role: UserRoles;
+
+  @ConfigProperty()
+  password: string;
+
+  @ConfigProperty()
+  encryptedPassword: string;
+
+
+  constructor(name: string, password: string, role: UserRoles) {
+    this.name = name;
+    this.role = role;
+    this.password = password;
+  }
+}
 
 @SubConfigClass()
 export class ServerDataBaseConfig {
@@ -78,6 +101,10 @@ export class ServerDataBaseConfig {
 
   @ConfigProperty()
   mysql?: MySQLConfig = new MySQLConfig();
+
+  @ConfigProperty({arrayType: UserConfig})
+  enforcedUsers: UserConfig[] = [new UserConfig('admin', 'admin', UserRoles.Admin)];
+
 }
 
 @SubConfigClass()
diff --git a/src/common/config/public/ClientConfig.ts b/src/common/config/public/ClientConfig.ts
index b2ec3e23..bee3c57a 100644
--- a/src/common/config/public/ClientConfig.ts
+++ b/src/common/config/public/ClientConfig.ts
@@ -3,7 +3,7 @@ import 'reflect-metadata';
 import {SortingMethods} from '../../entities/SortingMethods';
 import {UserRoles} from '../../entities/UserDTO';
 import {ConfigProperty, SubConfigClass} from 'typeconfig/common';
-import {DatabaseType, IPrivateConfig} from '../private/PrivateConfig';
+import {IPrivateConfig} from '../private/PrivateConfig';
 
 
 export enum MapProviders {