iger
/
engelsystem
9
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Set initial admin password if configured 

Resolves  (Allow admins to configure the initial password of the admin user)
Closes  PR (Allow to configure initial admin pw)
This commit is contained in:
Igor Scheller 2021-05-23 11:24:01 +02:00
parent d7eb3b9c5b
commit 3912b4e93e
6 changed files with 63 additions and 5 deletions

3
.gitlab-ci.yml
View File

@ -313,11 +313,12 @@ deploy:
- export CI_INGRESS_DOMAIN=$(echo "$CI_ENVIRONMENT_URL" | grep -oP '(?:https?://)?\K([^/]+)' | head -n1) - export CI_INGRESS_DOMAIN=$(echo "$CI_ENVIRONMENT_URL" | grep -oP '(?:https?://)?\K([^/]+)' | head -n1)
- export CI_INGRESS_PATH=$(echo "$CI_ENVIRONMENT_URL" | grep -oP '(?:https?://)?(?:[^/])+\K(.*)') - export CI_INGRESS_PATH=$(echo "$CI_ENVIRONMENT_URL" | grep -oP '(?:https?://)?(?:[^/])+\K(.*)')
- export CI_KUBE_NAMESPACE=$KUBE_NAMESPACE - export CI_KUBE_NAMESPACE=$KUBE_NAMESPACE
# Any available storage class like longhorn # Any available storage class like default, local-path (if you know what you are doing ;), longhorn etc.
- export CI_PVC_SC=${CI_PVC_SC:-"${CI_PVC_SC_LOCAL:-local-path}"} - export CI_PVC_SC=${CI_PVC_SC:-"${CI_PVC_SC_LOCAL:-local-path}"}
- export CI_REPLICAS=${CI_REPLICAS_REVIEW:-${CI_REPLICAS:-2}} - export CI_REPLICAS=${CI_REPLICAS_REVIEW:-${CI_REPLICAS:-2}}
- export CI_APP_NAME=${CI_APP_NAME:-Engelsystem} - export CI_APP_NAME=${CI_APP_NAME:-Engelsystem}
- export CI_CLUSTER_ISSUER=${CI_CLUSTER_ISSUER:-letsencrypt} - export CI_CLUSTER_ISSUER=${CI_CLUSTER_ISSUER:-letsencrypt}
- export CI_SETUP_ADMIN_PASSWORD=${CI_SETUP_ADMIN_PASSWORD}
- cp deployment.tpl.yaml deployment.yaml - cp deployment.tpl.yaml deployment.yaml
- for env in ${!CI_*}; do sed -i "s#<${env}>#$(echo "${!env}"|head -n1)#g" deployment.yaml; done - for env in ${!CI_*}; do sed -i "s#<${env}>#$(echo "${!env}"|head -n1)#g" deployment.yaml; done

7
config/config.default.php
View File

@ -66,6 +66,9 @@ return [
'sendmail' => env('MAIL_SENDMAIL', '/usr/sbin/sendmail -bs'), 'sendmail' => env('MAIL_SENDMAIL', '/usr/sbin/sendmail -bs'),
], ],
// Initial admin password
'setup_admin_password' => env('SETUP_ADMIN_PASSWORD', null),
'oauth' => [ 'oauth' => [
// '[name]' => [config] // '[name]' => [config]
/* /*
@ -231,7 +234,7 @@ return [
// Shifts overview // Shifts overview
// Set max number of hours that can be shown at once // Set max number of hours that can be shown at once
// 0 means no limit // 0 means no limit
'filter_max_duration' => env('FILTER_MAX_DURATION', 0), 'filter_max_duration' => env('FILTER_MAX_DURATION', 0),
// Session config // Session config
'session' => [ 'session' => [
@ -266,7 +269,7 @@ return [
], ],
// var dump server // var dump server
'var_dump_server' => [ 'var_dump_server' => [
'host' => '127.0.0.1', 'host' => '127.0.0.1',
'port' => '9912', 'port' => '9912',
'enable' => false, 'enable' => false,

48
db/migrations/2021_05_23_000000_set_admin_password.php Normal file
View File

@ -0,0 +1,48 @@
<?php
namespace Engelsystem\Migrations;
use Engelsystem\Config\Config;
use Engelsystem\Database\Migration\Migration;
use Engelsystem\Helpers\Authenticator;
use Engelsystem\Models\User\User;
use Illuminate\Database\Schema\Builder as SchemaBuilder;
class SetAdminPassword extends Migration
{
use Reference;
/** @var Authenticator */
protected $auth;
/** @var Config */
protected $config;
/**
* @param SchemaBuilder $schemaBuilder
* @param Authenticator $auth
* @param Config $config
*/
public function __construct(SchemaBuilder $schemaBuilder, Authenticator $auth, Config $config)
{
parent::__construct($schemaBuilder);
$this->auth = $auth;
$this->config = $config;
}
/**
* Run the migration
*/
public function up()
{
/** @var User $admin */
$admin = $this->auth->authenticate('admin', 'asdfasdf');
$setupPassword = $this->config->get('setup_admin_password');
if (!$admin || !$setupPassword) {
return;
}
$this->auth->setPassword($admin, $setupPassword);
}
}

2
deployment.tpl.yaml
View File

@ -127,6 +127,8 @@ spec:
value: engelsystem value: engelsystem
- name: MYSQL_PASSWORD - name: MYSQL_PASSWORD
value: engelsystem value: engelsystem
- name: SETUP_ADMIN_PASSWORD
value: '<CI_SETUP_ADMIN_PASSWORD>'
containers: containers:
- image: <CI_IMAGE> - image: <CI_IMAGE>
name: engelsystem-fpm name: engelsystem-fpm

4
src/Helpers/Authenticator.php
View File

@ -175,8 +175,8 @@ class Authenticator
} }
/** /**
* @param UserRepository $user * @param User $user
* @param string $password * @param string $password
*/ */
public function setPassword(User $user, string $password) public function setPassword(User $user, string $password)
{ {

4
tests/Unit/HasDatabase.php
View File

@ -5,8 +5,10 @@ namespace Engelsystem\Test\Unit;
use Engelsystem\Database\Database; use Engelsystem\Database\Database;
use Engelsystem\Database\Migration\Migrate; use Engelsystem\Database\Migration\Migrate;
use Engelsystem\Database\Migration\MigrationServiceProvider; use Engelsystem\Database\Migration\MigrationServiceProvider;
use Engelsystem\Http\Request;
use Illuminate\Database\Capsule\Manager as CapsuleManager; use Illuminate\Database\Capsule\Manager as CapsuleManager;
use PDO; use PDO;
use Psr\Http\Message\ServerRequestInterface;
trait HasDatabase trait HasDatabase
{ {
@ -29,6 +31,8 @@ trait HasDatabase
$this->app->instance(Database::class, $this->database); $this->app->instance(Database::class, $this->database);
$this->app->register(MigrationServiceProvider::class); $this->app->register(MigrationServiceProvider::class);
$this->app->instance(ServerRequestInterface::class, new Request());
/** @var Migrate $migration */ /** @var Migrate $migration */
$migration = $this->app->get('db.migration'); $migration = $this->app->get('db.migration');
$migration->initMigration(); $migration->initMigration();