Commit 4a5b3fe6 authored by Matija Obreza's avatar Matija Obreza

Merge branch '187-configurable-default-accounts' into 'master'

Resolve "Configurable default accounts"

Closes #187

See merge request genesys-pgr/genesys-server!94
parents 92d182c4 4378004a
......@@ -133,7 +133,7 @@ deploy for review:
fi
- echo Deploying ${CI_REGISTRY_IMAGE}:${IMAGE_TAG} for review as https\://${CI_ENVIRONMENT_SLUG}.review.genesys\-pgr.org
- envsubst < docker/review-compose-template.yml > review-composed.yml
- cat review-composed.yml
# - cat review-composed.yml
- ${DOCKER_CMD} stack rm ${CI_ENVIRONMENT_SLUG} || true
- ${DOCKER_CMD} stack deploy -c review-composed.yml ${CI_ENVIRONMENT_SLUG}
......
......@@ -15,7 +15,11 @@ services:
- db.password=
- db.showSql=false
- db.hbm2ddl=true
- default.admin.email=${DEFAULT_ADMIN_EMAIL}
- default.admin.password=${DEFAULT_ADMIN_PASSWORD}
- auto.createContent=true
- default.oauthclient.clientId=${DEFAULT_OAUTHCLIENT_ID}
- default.oauthclient.clientSecret=${DEFAULT_OAUTHCLIENT_SECRET}
- hibernate.dialect=org.genesys.blocks.util.BetterHSQLDialect
- base.cookie-secure=true
networks:
......
......@@ -26,6 +26,7 @@ import org.genesys2.server.model.UserRole;
import org.genesys2.server.model.impl.User;
import org.genesys2.server.service.UserService;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.data.domain.PageRequest;
import org.springframework.stereotype.Service;
......@@ -35,6 +36,12 @@ public class CreateAdminListener extends RunAsAdminListener {
@Autowired
private UserService userService;
@Value("${default.admin.email}")
private String defaultAdminEmail;
@Value("${default.admin.password}")
private String defaultAdminPassword;
@Override
public void init() throws Exception {
LOG.info("Checking for at least one account");
......@@ -50,8 +57,7 @@ public class CreateAdminListener extends RunAsAdminListener {
private void createDefaultAccounts() throws UserException, PasswordPolicyException {
createAdmin("SYSTEM", "SYSTEM", null, AccountType.SYSTEM);
// TODO read from props
createAdmin("admin@example.com", "First Admin", "Admin123!", AccountType.LOCAL);
createAdmin(defaultAdminEmail, "First Admin", defaultAdminPassword, AccountType.LOCAL);
}
private void createAdmin(String email, String fullName, String password, AccountType accountType) throws UserException, PasswordPolicyException {
......
......@@ -28,7 +28,10 @@ import com.fasterxml.jackson.databind.node.ArrayNode;
import com.fasterxml.jackson.databind.node.ObjectNode;
import org.apache.commons.lang.StringUtils;
import org.genesys.blocks.oauth.service.OAuthClientDetailsService;
import org.apache.commons.lang3.RandomStringUtils;
import org.genesys.blocks.oauth.model.OAuthClient;
import org.genesys.blocks.oauth.model.OAuthRole;
import org.genesys.blocks.oauth.persistence.OAuthClientRepository;
import org.genesys2.server.listener.RunAsAdminListener;
import org.genesys2.server.model.impl.FaoInstitute;
import org.genesys2.server.persistence.domain.AccessionRepository;
......@@ -60,6 +63,12 @@ public class FirstRunListener extends RunAsAdminListener {
// Must **not** be final!
private boolean createContent;
@Value("${default.oauthclient.clientId}")
private String defaultOAuthClientId;
@Value("${default.oauthclient.clientSecret}")
private String defaultOAuthClientSecret;
@Autowired
GeoService geoService;
......@@ -76,7 +85,7 @@ public class FirstRunListener extends RunAsAdminListener {
CropService cropService;
@Autowired
OAuthClientDetailsService oauthClientService;
OAuthClientRepository oauthClientRepository;
@Autowired
AccessionRepository accessionRepository;
......@@ -116,7 +125,7 @@ public class FirstRunListener extends RunAsAdminListener {
addCrop("sorghum");
}
if (oauthClientService.listClientDetails().isEmpty()) {
if (oauthClientRepository.count() == 0) {
addDefaultOAuthClient();
} else {
LOG.warn("Skipping creation of initial OAuth client");
......@@ -135,7 +144,28 @@ public class FirstRunListener extends RunAsAdminListener {
}
private void addDefaultOAuthClient() {
oauthClientService.addClient("Default Client", "System-generated initial OAuth client", "oob", null, null);
if (StringUtils.isBlank(defaultOAuthClientId)) {
defaultOAuthClientId = RandomStringUtils.randomAlphanumeric(5) + "." + RandomStringUtils.randomAlphanumeric(20);
}
if (StringUtils.isBlank(defaultOAuthClientSecret)) {
defaultOAuthClientSecret = RandomStringUtils.randomAlphanumeric(32);
}
LOG.warn("Creating default OAuth client id={} secret={}", defaultOAuthClientId, defaultOAuthClientSecret);
final OAuthClient client = new OAuthClient();
client.setClientId(defaultOAuthClientId);
client.setClientSecret(defaultOAuthClientSecret);
client.setTitle("Default OAuth client");
client.setDescription("This OAuth client was automatically created by the system.");
client.getAuthorizedGrantTypes().add("authorization_code");
client.getAuthorizedGrantTypes().add("password");
client.getAuthorizedGrantTypes().add("client_credentials");
client.getAuthorizedGrantTypes().add("implicit");
client.getRoles().add(OAuthRole.CLIENT);
client.getScope().add("read");
client.getScope().add("write");
client.getScope().add("trust");
oauthClientRepository.save(client);
}
private void addSomeAccessions() throws IOException {
......
......@@ -20,8 +20,11 @@ paginator.default.pageSize=50
paginator.default.fastStep=3
paginator.default.maxPage=4
#Admin
# Default account info
default.admin.email=admin@example.com
default.admin.password=Admin123!
default.oauthclient.clientId=
default.oauthclient.clientSecret=
build.version=${project.version}
build.artifactId=${project.artifactId}
......
......@@ -20,8 +20,11 @@ paginator.default.pageSize=2
paginator.default.fastStep=3
paginator.default.maxPage=4
#Admin
# Default account info
default.admin.email=admin@example.com
default.admin.password=Admin123!
default.oauthclient.clientId=oauth
default.oauthclient.clientSecret=changeme
build.name=${project.artifactId}-${buildNumber}
build.revision=${buildNumber}
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment