iger
/
engelsystem
9
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Set initial admin password if configured 

Resolves #806 (Allow admins to configure the initial password of the admin user)
Closes #809 PR (Allow to configure initial admin pw)
This commit is contained in:
Igor Scheller 2021-05-23 11:24:01 +02:00
parent d7eb3b9c5b
commit 3912b4e93e
6 changed files with 63 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
.gitlab-ci.yml
View File

@ -313,11 +313,12 @@ deploy:
- export CI_INGRESS_DOMAIN=$(echo "$CI_ENVIRONMENT_URL" | grep -oP '(?:https?://)?\K([^/]+)' | head -n1) - export CI_INGRESS_DOMAIN=$(echo "$CI_ENVIRONMENT_URL" | grep -oP '(?:https?://)?\K([^/]+)' | head -n1)
- export CI_INGRESS_PATH=$(echo "$CI_ENVIRONMENT_URL" | grep -oP '(?:https?://)?(?:[^/])+\K(.*)') - export CI_INGRESS_PATH=$(echo "$CI_ENVIRONMENT_URL" | grep -oP '(?:https?://)?(?:[^/])+\K(.*)')
- export CI_KUBE_NAMESPACE=$KUBE_NAMESPACE - export CI_KUBE_NAMESPACE=$KUBE_NAMESPACE
# Any available storage class like longhorn # Any available storage class like default, local-path (if you know what you are doing ;), longhorn etc.
- export CI_PVC_SC=${CI_PVC_SC:-"${CI_PVC_SC_LOCAL:-local-path}"} - export CI_PVC_SC=${CI_PVC_SC:-"${CI_PVC_SC_LOCAL:-local-path}"}
- export CI_REPLICAS=${CI_REPLICAS_REVIEW:-${CI_REPLICAS:-2}} - export CI_REPLICAS=${CI_REPLICAS_REVIEW:-${CI_REPLICAS:-2}}
- export CI_APP_NAME=${CI_APP_NAME:-Engelsystem} - export CI_APP_NAME=${CI_APP_NAME:-Engelsystem}
- export CI_CLUSTER_ISSUER=${CI_CLUSTER_ISSUER:-letsencrypt} - export CI_CLUSTER_ISSUER=${CI_CLUSTER_ISSUER:-letsencrypt}
- export CI_SETUP_ADMIN_PASSWORD=${CI_SETUP_ADMIN_PASSWORD}
- cp deployment.tpl.yaml deployment.yaml - cp deployment.tpl.yaml deployment.yaml
- for env in ${!CI_*}; do sed -i "s#<${env}>#$(echo "${!env}"|head -n1)#g" deployment.yaml; done - for env in ${!CI_*}; do sed -i "s#<${env}>#$(echo "${!env}"|head -n1)#g" deployment.yaml; done

7
config/config.default.php
View File

@ -66,6 +66,9 @@ return [
'sendmail' => env('MAIL_SENDMAIL', '/usr/sbin/sendmail -bs'), 'sendmail' => env('MAIL_SENDMAIL', '/usr/sbin/sendmail -bs'),
], ],
// Initial admin password
'setup_admin_password' => env('SETUP_ADMIN_PASSWORD', null),
'oauth' => [ 'oauth' => [
// '[name]' => [config] // '[name]' => [config]
/* /*
@ -231,7 +234,7 @@ return [
// Shifts overview // Shifts overview
// Set max number of hours that can be shown at once // Set max number of hours that can be shown at once
// 0 means no limit // 0 means no limit
'filter_max_duration' => env('FILTER_MAX_DURATION', 0), 'filter_max_duration' => env('FILTER_MAX_DURATION', 0),
// Session config // Session config
'session' => [ 'session' => [
@ -266,7 +269,7 @@ return [
], ],
// var dump server // var dump server
'var_dump_server' => [ 'var_dump_server' => [
'host' => '127.0.0.1', 'host' => '127.0.0.1',
'port' => '9912', 'port' => '9912',
'enable' => false, 'enable' => false,

48
db/migrations/2021_05_23_000000_set_admin_password.php Normal file
View File

@ -0,0 +1,48 @@
<?php
namespace Engelsystem\Migrations;
use Engelsystem\Config\Config;
use Engelsystem\Database\Migration\Migration;
use Engelsystem\Helpers\Authenticator;
use Engelsystem\Models\User\User;
use Illuminate\Database\Schema\Builder as SchemaBuilder;
class SetAdminPassword extends Migration
{
use Reference;
/** @var Authenticator */
protected $auth;
/** @var Config */
protected $config;
/**
* @param SchemaBuilder $schemaBuilder
* @param Authenticator $auth
* @param Config $config
*/
public function __construct(SchemaBuilder $schemaBuilder, Authenticator $auth, Config $config)
{
parent::__construct($schemaBuilder);
$this->auth = $auth;
$this->config = $config;
}
/**
* Run the migration
*/
public function up()
{
/** @var User $admin */
$admin = $this->auth->authenticate('admin', 'asdfasdf');
$setupPassword = $this->config->get('setup_admin_password');
if (!$admin || !$setupPassword) {
return;
}
$this->auth->setPassword($admin, $setupPassword);
}
}

2
deployment.tpl.yaml
View File

@ -127,6 +127,8 @@ spec:
value: engelsystem value: engelsystem
- name: MYSQL_PASSWORD - name: MYSQL_PASSWORD
value: engelsystem value: engelsystem
- name: SETUP_ADMIN_PASSWORD
value: '<CI_SETUP_ADMIN_PASSWORD>'
containers: containers:
- image: <CI_IMAGE> - image: <CI_IMAGE>
name: engelsystem-fpm name: engelsystem-fpm

4
src/Helpers/Authenticator.php
View File

@ -175,8 +175,8 @@ class Authenticator
} }
/** /**
* @param UserRepository $user * @param User $user
* @param string $password * @param string $password
*/ */
public function setPassword(User $user, string $password) public function setPassword(User $user, string $password)
{ {

4
tests/Unit/HasDatabase.php
View File

@ -5,8 +5,10 @@ namespace Engelsystem\Test\Unit;
use Engelsystem\Database\Database; use Engelsystem\Database\Database;
use Engelsystem\Database\Migration\Migrate; use Engelsystem\Database\Migration\Migrate;
use Engelsystem\Database\Migration\MigrationServiceProvider; use Engelsystem\Database\Migration\MigrationServiceProvider;
use Engelsystem\Http\Request;
use Illuminate\Database\Capsule\Manager as CapsuleManager; use Illuminate\Database\Capsule\Manager as CapsuleManager;
use PDO; use PDO;
use Psr\Http\Message\ServerRequestInterface;
trait HasDatabase trait HasDatabase
{ {
@ -29,6 +31,8 @@ trait HasDatabase
$this->app->instance(Database::class, $this->database); $this->app->instance(Database::class, $this->database);
$this->app->register(MigrationServiceProvider::class); $this->app->register(MigrationServiceProvider::class);
$this->app->instance(ServerRequestInterface::class, new Request());
/** @var Migrate $migration */ /** @var Migrate $migration */
$migration = $this->app->get('db.migration'); $migration = $this->app->get('db.migration');
$migration->initMigration(); $migration->initMigration();