7e7ba69982
This also adds the ability to change the client role if needed and improves the usage information and output of the CLI commands. Signed-off-by: Michael Mayer <michael@photoprism.app>
111 lines
2.6 KiB
Go
111 lines
2.6 KiB
Go
package entity
|
|
|
|
import (
|
|
"github.com/photoprism/photoprism/internal/acl"
|
|
"github.com/photoprism/photoprism/internal/event"
|
|
"github.com/photoprism/photoprism/pkg/authn"
|
|
)
|
|
|
|
// Role defaults.
|
|
const (
|
|
AdminUserName = "admin"
|
|
AdminDisplayName = "Admin"
|
|
VisitorDisplayName = "Visitor"
|
|
UnknownDisplayName = "Unknown"
|
|
)
|
|
|
|
// Admin is the default admin user.
|
|
var Admin = User{
|
|
ID: 1,
|
|
UserName: AdminUserName,
|
|
AuthProvider: authn.ProviderLocal.String(),
|
|
UserRole: acl.RoleAdmin.String(),
|
|
DisplayName: AdminDisplayName,
|
|
SuperAdmin: true,
|
|
CanLogin: true,
|
|
WebDAV: true,
|
|
CanInvite: true,
|
|
InviteToken: GenerateToken(),
|
|
PreviewToken: GenerateToken(),
|
|
DownloadToken: GenerateToken(),
|
|
}
|
|
|
|
// UnknownUser is an anonymous, public user without own account.
|
|
var UnknownUser = User{
|
|
ID: -1,
|
|
UserUID: "u000000000000001",
|
|
UserName: "",
|
|
AuthProvider: authn.ProviderNone.String(),
|
|
UserRole: acl.RoleNone.String(),
|
|
CanLogin: false,
|
|
WebDAV: false,
|
|
CanInvite: false,
|
|
DisplayName: UnknownDisplayName,
|
|
InviteToken: "",
|
|
PreviewToken: "",
|
|
DownloadToken: "",
|
|
}
|
|
|
|
// Visitor is a user without own account e.g. for link sharing.
|
|
var Visitor = User{
|
|
ID: -2,
|
|
UserUID: "u000000000000002",
|
|
UserName: "",
|
|
AuthProvider: authn.ProviderLink.String(),
|
|
UserRole: acl.RoleVisitor.String(),
|
|
DisplayName: VisitorDisplayName,
|
|
CanLogin: false,
|
|
WebDAV: false,
|
|
CanInvite: false,
|
|
InviteToken: "",
|
|
PreviewToken: "",
|
|
DownloadToken: "",
|
|
}
|
|
|
|
// CreateDefaultUsers initializes the database with default user accounts.
|
|
func CreateDefaultUsers() {
|
|
if admin := FindUser(Admin); admin != nil {
|
|
Admin = *admin
|
|
} else {
|
|
// Set legacy values.
|
|
if leg := FindLegacyUser(Admin); leg != nil {
|
|
Admin.UserUID = leg.UserUID
|
|
if leg.UserName != "" {
|
|
Admin.UserName = leg.UserName
|
|
}
|
|
if leg.PrimaryEmail != "" {
|
|
Admin.UserEmail = leg.PrimaryEmail
|
|
}
|
|
if leg.FullName != "" {
|
|
Admin.DisplayName = leg.FullName
|
|
}
|
|
if leg.LoginAt != nil {
|
|
Admin.LoginAt = leg.LoginAt
|
|
}
|
|
log.Infof("users: migrating %s account", Admin.UserName)
|
|
}
|
|
|
|
// Set default values.
|
|
Admin.SuperAdmin = true
|
|
Admin.CanLogin = true
|
|
Admin.WebDAV = true
|
|
|
|
// Username is required.
|
|
if Admin.UserName == "" {
|
|
Admin.UserName = "admin"
|
|
}
|
|
|
|
// Add initial admin account.
|
|
if err := Admin.Create(); err != nil {
|
|
event.AuditErr([]string{"user", "failed to create", "%s"}, err)
|
|
}
|
|
}
|
|
|
|
if user := FirstOrCreateUser(&UnknownUser); user != nil {
|
|
UnknownUser = *user
|
|
}
|
|
|
|
if user := FirstOrCreateUser(&Visitor); user != nil {
|
|
Visitor = *user
|
|
}
|
|
}
|