projects / arvados.git / commitdiff
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: c5c8c88)
When auto_admin_first_user is set to true (default false), the first
authorWard Vandewege <ward@curoverse.com>
Mon, 3 Nov 2014 22:32:28 +0000 (17:32 -0500)
committerWard Vandewege <ward@curoverse.com>
Mon, 3 Nov 2014 22:32:28 +0000 (17:32 -0500)
user to sign in on a new installation will be an admin.

refs #4383

docker/api/application.yml.in patch | blob | history
services/api/app/models/user.rb patch | blob | history
services/api/config/application.default.yml patch | blob | history

diff --git a/docker/api/application.yml.in b/docker/api/application.yml.in
index 4cd374db79c82e49a5f065f33d6d0a2b9cf10b11..7f419853cd68dbd70f4f500683d4b5c79388e694 100644 (file)
--- a/docker/api/application.yml.in
+++ b/docker/api/application.yml.in
@@ -60,6 +60,8 @@ production:
 
   auto_setup_new_users: true
 
+  auto_admin_first_user: true
+
 test:
   uuid_prefix: zzzzz
   secret_token: <%= rand(2**512).to_s(36) %>
diff --git a/services/api/app/models/user.rb b/services/api/app/models/user.rb
index e48693be249f13753c2c4e79a6535a169e820240..3b201b5babd90ee9244263737e499b8a381b35a6 100644 (file)
--- a/services/api/app/models/user.rb
+++ b/services/api/app/models/user.rb
@@ -234,8 +234,10 @@ class User < ArvadosModel
   end
 
   def check_auto_admin
-    if User.where("uuid not like '%-000000000000000'").where(:is_admin => true).count == 0 and Rails.configuration.auto_admin_user
-      if self.email == Rails.configuration.auto_admin_user
+    if not self.uuid.end_with?('anonymouspublic') and
+       User.where("uuid not like '%-000000000000000'").where(:is_admin => true).count == 0
+      if (Rails.configuration.auto_admin_user and self.email == Rails.configuration.auto_admin_user) or
+         Rails.configuration.auto_admin_first_user
         self.is_admin = true
         self.is_active = true
       end
diff --git a/services/api/config/application.default.yml b/services/api/config/application.default.yml
index 6c77f26c9a20e9a254bf9f27f83800f7c594ae62..92b3ca1fa688a75043f36a67540fb748ef3cc5ad 100644 (file)
--- a/services/api/config/application.default.yml
+++ b/services/api/config/application.default.yml
@@ -133,6 +133,10 @@ common:
   # should be an address associated with a Google account.
   auto_admin_user: false
 
+  # If auto_admin_first_user is set to true, the first user to log in when no
+  # other admin users exist will automatically become an admin user.
+  auto_admin_first_user: false
+
   ## Set Time.zone default to the specified zone and make Active
   ## Record auto-convert to this zone.  Run "rake -D time" for a list
   ## of tasks for finding time zone names. Default is UTC.