mirror of
https://github.com/BookStackApp/BookStack.git
synced 2025-10-29 16:09:29 +03:00
Commands: Updated create admin comment to accept extra flags
Added flags to target changes to the first default admin user, and to generate a password. This is related to #4575.
This commit is contained in:
Dan Brown
@@ -21,7 +21,9 @@ class CreateAdminCommand extends Command
|
|||||||
{--email= : The email address for the new admin user}
|
{--email= : The email address for the new admin user}
|
||||||
{--name= : The name of the new admin user}
|
{--name= : The name of the new admin user}
|
||||||
{--password= : The password to assign to the new admin user}
|
{--password= : The password to assign to the new admin user}
|
||||||
{--external-auth-id= : The external authentication system id for the new admin user (SAML2/LDAP/OIDC)}';
|
{--external-auth-id= : The external authentication system id for the new admin user (SAML2/LDAP/OIDC)}
|
||||||
|
{--generate-password : Generate a random password for the new admin user}
|
||||||
|
{--first-admin : Indicate if this should set/update the details of the initial admin user}';
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* The console command description.
|
* The console command description.
|
||||||
@@ -35,23 +37,9 @@ class CreateAdminCommand extends Command
|
|||||||
*/
|
*/
|
||||||
public function handle(UserRepo $userRepo): int
|
public function handle(UserRepo $userRepo): int
|
||||||
{
|
{
|
||||||
$details = $this->snakeCaseOptions();
|
$firstAdminOnly = $this->option('first-admin');
|
||||||
|
$shouldGeneratePassword = $this->option('generate-password');
|
||||||
if (empty($details['email'])) {
|
$details = $this->gatherDetails($shouldGeneratePassword);
|
||||||
$details['email'] = $this->ask('Please specify an email address for the new admin user');
|
|
||||||
}
|
|
||||||
|
|
||||||
if (empty($details['name'])) {
|
|
||||||
$details['name'] = $this->ask('Please specify a name for the new admin user');
|
|
||||||
}
|
|
||||||
|
|
||||||
if (empty($details['password'])) {
|
|
||||||
if (empty($details['external_auth_id'])) {
|
|
||||||
$details['password'] = $this->ask('Please specify a password for the new admin user (8 characters min)');
|
|
||||||
} else {
|
|
||||||
$details['password'] = Str::random(32);
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
$validator = Validator::make($details, [
|
$validator = Validator::make($details, [
|
||||||
'email' => ['required', 'email', 'min:5', new Unique('users', 'email')],
|
'email' => ['required', 'email', 'min:5', new Unique('users', 'email')],
|
||||||
@@ -68,16 +56,81 @@ class CreateAdminCommand extends Command
|
|||||||
return 1;
|
return 1;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
$adminRole = Role::getSystemRole('admin');
|
||||||
|
|
||||||
|
if ($firstAdminOnly) {
|
||||||
|
$handled = $this->handleFirstAdminIfExists($userRepo, $details, $shouldGeneratePassword, $adminRole);
|
||||||
|
if ($handled) {
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
$user = $userRepo->createWithoutActivity($validator->validated());
|
$user = $userRepo->createWithoutActivity($validator->validated());
|
||||||
$user->attachRole(Role::getSystemRole('admin'));
|
$user->attachRole($adminRole);
|
||||||
$user->email_confirmed = true;
|
$user->email_confirmed = true;
|
||||||
$user->save();
|
$user->save();
|
||||||
|
|
||||||
$this->info("Admin account with email \"{$user->email}\" successfully created!");
|
if ($shouldGeneratePassword) {
|
||||||
|
$this->line($details['password']);
|
||||||
|
} else {
|
||||||
|
$this->info("Admin account with email \"{$user->email}\" successfully created!");
|
||||||
|
}
|
||||||
|
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Handle updates to the first admin if exists.
|
||||||
|
* Returns true if the action has been handled (user updated or already a non-default admin user) otherwise
|
||||||
|
* returns false if no action has been taken, and we therefore need to proceed with a normal account creation.
|
||||||
|
*/
|
||||||
|
protected function handleFirstAdminIfExists(UserRepo $userRepo, array $data, bool $generatePassword, Role $adminRole): bool
|
||||||
|
{
|
||||||
|
$defaultAdmin = $userRepo->getByEmail('admin@admin.com');
|
||||||
|
if ($defaultAdmin && $defaultAdmin->hasSystemRole('admin')) {
|
||||||
|
$userRepo->updateWithoutActivity($defaultAdmin, $data, true);
|
||||||
|
if ($generatePassword) {
|
||||||
|
$this->line($data['password']);
|
||||||
|
} else {
|
||||||
|
$this->info("The default admin user has been updated with the provided details!");
|
||||||
|
}
|
||||||
|
|
||||||
|
return true;
|
||||||
|
} else if ($adminRole->users()->count() > 0) {
|
||||||
|
$this->warn('Non-default admin user already exists. Skipping creation of new admin user.');
|
||||||
|
return true;
|
||||||
|
}
|
||||||
|
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
|
||||||
|
protected function gatherDetails(bool $generatePassword): array
|
||||||
|
{
|
||||||
|
$details = $this->snakeCaseOptions();
|
||||||
|
|
||||||
|
if (empty($details['email'])) {
|
||||||
|
$details['email'] = $this->ask('Please specify an email address for the new admin user');
|
||||||
|
}
|
||||||
|
|
||||||
|
if (empty($details['name'])) {
|
||||||
|
$details['name'] = $this->ask('Please specify a name for the new admin user');
|
||||||
|
}
|
||||||
|
|
||||||
|
if (empty($details['password'])) {
|
||||||
|
if (empty($details['external_auth_id'])) {
|
||||||
|
if ($generatePassword) {
|
||||||
|
$details['password'] = Str::random(32);
|
||||||
|
} else {
|
||||||
|
$details['password'] = $this->ask('Please specify a password for the new admin user (8 characters min)');
|
||||||
|
}
|
||||||
|
} else {
|
||||||
|
$details['password'] = Str::random(32);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
return $details;
|
||||||
|
}
|
||||||
|
|
||||||
protected function snakeCaseOptions(): array
|
protected function snakeCaseOptions(): array
|
||||||
{
|
{
|
||||||
$returnOpts = [];
|
$returnOpts = [];
|
||||||
|
|||||||
@@ -100,13 +100,13 @@ class UserRepo
|
|||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Update the given user with the given data.
|
* Update the given user with the given data, but do not create an activity.
|
||||||
*
|
*
|
||||||
* @param array{name: ?string, email: ?string, external_auth_id: ?string, password: ?string, roles: ?array<int>, language: ?string} $data
|
* @param array{name: ?string, email: ?string, external_auth_id: ?string, password: ?string, roles: ?array<int>, language: ?string} $data
|
||||||
*
|
*
|
||||||
* @throws UserUpdateException
|
* @throws UserUpdateException
|
||||||
*/
|
*/
|
||||||
public function update(User $user, array $data, bool $manageUsersAllowed): User
|
public function updateWithoutActivity(User $user, array $data, bool $manageUsersAllowed): User
|
||||||
{
|
{
|
||||||
if (!empty($data['name'])) {
|
if (!empty($data['name'])) {
|
||||||
$user->name = $data['name'];
|
$user->name = $data['name'];
|
||||||
@@ -134,6 +134,21 @@ class UserRepo
|
|||||||
}
|
}
|
||||||
|
|
||||||
$user->save();
|
$user->save();
|
||||||
|
|
||||||
|
return $user;
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Update the given user with the given data.
|
||||||
|
*
|
||||||
|
* @param array{name: ?string, email: ?string, external_auth_id: ?string, password: ?string, roles: ?array<int>, language: ?string} $data
|
||||||
|
*
|
||||||
|
* @throws UserUpdateException
|
||||||
|
*/
|
||||||
|
public function update(User $user, array $data, bool $manageUsersAllowed): User
|
||||||
|
{
|
||||||
|
$user = $this->updateWithoutActivity($user, $data, $manageUsersAllowed);
|
||||||
|
|
||||||
Activity::add(ActivityType::USER_UPDATE, $user);
|
Activity::add(ActivityType::USER_UPDATE, $user);
|
||||||
|
|
||||||
return $user;
|
return $user;
|
||||||
|
|||||||
Reference in New Issue
Block a user