mirror of
https://github.com/nextcloud/server.git
synced 2026-02-18 18:28:50 -05:00
feat(core): Add option to disable creating an admin user when installing
Signed-off-by: provokateurin <kate@provokateurin.de>
This commit is contained in:
provokateurin
Kate
parent
9a121269f3
commit
d11d5b765f
2 changed files with 48 additions and 38 deletions
|
|
@ -44,6 +44,7 @@ class Install extends Command {
|
|||
->addOption('database-user', null, InputOption::VALUE_REQUIRED, 'Login to connect to the database')
|
||||
->addOption('database-pass', null, InputOption::VALUE_OPTIONAL, 'Password of the database user', null)
|
||||
->addOption('database-table-space', null, InputOption::VALUE_OPTIONAL, 'Table space of the database (oci only)', null)
|
||||
->addOption('disable-admin-user', null, InputOption::VALUE_NONE, 'Disable the creation of an admin user')
|
||||
->addOption('admin-user', null, InputOption::VALUE_REQUIRED, 'Login of the admin account', 'admin')
|
||||
->addOption('admin-pass', null, InputOption::VALUE_REQUIRED, 'Password of the admin account')
|
||||
->addOption('admin-email', null, InputOption::VALUE_OPTIONAL, 'E-Mail of the admin account')
|
||||
|
|
@ -120,6 +121,7 @@ class Install extends Command {
|
|||
if ($input->hasParameterOption('--database-pass')) {
|
||||
$dbPass = (string)$input->getOption('database-pass');
|
||||
}
|
||||
$disableAdminUser = (bool)$input->getOption('disable-admin-user');
|
||||
$adminLogin = $input->getOption('admin-user');
|
||||
$adminPassword = $input->getOption('admin-pass');
|
||||
$adminEmail = $input->getOption('admin-email');
|
||||
|
|
@ -142,7 +144,7 @@ class Install extends Command {
|
|||
}
|
||||
}
|
||||
|
||||
if (is_null($adminPassword)) {
|
||||
if (!$disableAdminUser && $adminPassword === null) {
|
||||
/** @var QuestionHelper $helper */
|
||||
$helper = $this->getHelper('question');
|
||||
$question = new Question('What is the password you like to use for the admin account <' . $adminLogin . '>?');
|
||||
|
|
@ -151,7 +153,7 @@ class Install extends Command {
|
|||
$adminPassword = $helper->ask($input, $output, $question);
|
||||
}
|
||||
|
||||
if ($adminEmail !== null && !filter_var($adminEmail, FILTER_VALIDATE_EMAIL)) {
|
||||
if (!$disableAdminUser && $adminEmail !== null && !filter_var($adminEmail, FILTER_VALIDATE_EMAIL)) {
|
||||
throw new InvalidArgumentException('Invalid e-mail-address <' . $adminEmail . '> for <' . $adminLogin . '>.');
|
||||
}
|
||||
|
||||
|
|
@ -161,6 +163,7 @@ class Install extends Command {
|
|||
'dbpass' => $dbPass,
|
||||
'dbname' => $dbName,
|
||||
'dbhost' => $dbHost,
|
||||
'admindisable' => $disableAdminUser,
|
||||
'adminlogin' => $adminLogin,
|
||||
'adminpass' => $adminPassword,
|
||||
'adminemail' => $adminEmail,
|
||||
|
|
|
|||
|
|
@ -304,11 +304,15 @@ class Setup {
|
|||
$error = [];
|
||||
$dbType = $options['dbtype'];
|
||||
|
||||
if (empty($options['adminlogin'])) {
|
||||
$error[] = $l->t('Set an admin Login.');
|
||||
}
|
||||
if (empty($options['adminpass'])) {
|
||||
$error[] = $l->t('Set an admin password.');
|
||||
$disableAdminUser = (bool)($options['admindisable'] ?? false);
|
||||
|
||||
if (!$disableAdminUser) {
|
||||
if (empty($options['adminlogin'])) {
|
||||
$error[] = $l->t('Set an admin Login.');
|
||||
}
|
||||
if (empty($options['adminpass'])) {
|
||||
$error[] = $l->t('Set an admin password.');
|
||||
}
|
||||
}
|
||||
if (empty($options['directory'])) {
|
||||
$options['directory'] = \OC::$SERVERROOT . '/data';
|
||||
|
|
@ -318,8 +322,6 @@ class Setup {
|
|||
$dbType = 'sqlite';
|
||||
}
|
||||
|
||||
$username = htmlspecialchars_decode($options['adminlogin']);
|
||||
$password = htmlspecialchars_decode($options['adminpass']);
|
||||
$dataDir = htmlspecialchars_decode($options['directory']);
|
||||
|
||||
$class = self::$dbSetupClasses[$dbType];
|
||||
|
|
@ -405,19 +407,22 @@ class Setup {
|
|||
return $error;
|
||||
}
|
||||
|
||||
$this->outputDebug($output, 'Create admin account');
|
||||
|
||||
// create the admin account and group
|
||||
$user = null;
|
||||
try {
|
||||
$user = Server::get(IUserManager::class)->createUser($username, $password);
|
||||
if (!$user) {
|
||||
$error[] = "Account <$username> could not be created.";
|
||||
if (!$disableAdminUser) {
|
||||
$username = htmlspecialchars_decode($options['adminlogin']);
|
||||
$password = htmlspecialchars_decode($options['adminpass']);
|
||||
$this->outputDebug($output, 'Create admin account');
|
||||
|
||||
try {
|
||||
$user = Server::get(IUserManager::class)->createUser($username, $password);
|
||||
if (!$user) {
|
||||
$error[] = "Account <$username> could not be created.";
|
||||
return $error;
|
||||
}
|
||||
} catch (Exception $exception) {
|
||||
$error[] = $exception->getMessage();
|
||||
return $error;
|
||||
}
|
||||
} catch (Exception $exception) {
|
||||
$error[] = $exception->getMessage();
|
||||
return $error;
|
||||
}
|
||||
|
||||
$config = Server::get(IConfig::class);
|
||||
|
|
@ -432,7 +437,7 @@ class Setup {
|
|||
}
|
||||
|
||||
$group = Server::get(IGroupManager::class)->createGroup('admin');
|
||||
if ($group instanceof IGroup) {
|
||||
if ($user !== null && $group instanceof IGroup) {
|
||||
$group->addUser($user);
|
||||
}
|
||||
|
||||
|
|
@ -464,26 +469,28 @@ class Setup {
|
|||
$bootstrapCoordinator = Server::get(\OC\AppFramework\Bootstrap\Coordinator::class);
|
||||
$bootstrapCoordinator->runInitialRegistration();
|
||||
|
||||
// Create a session token for the newly created user
|
||||
// The token provider requires a working db, so it's not injected on setup
|
||||
/** @var \OC\User\Session $userSession */
|
||||
$userSession = Server::get(IUserSession::class);
|
||||
$provider = Server::get(PublicKeyTokenProvider::class);
|
||||
$userSession->setTokenProvider($provider);
|
||||
$userSession->login($username, $password);
|
||||
$user = $userSession->getUser();
|
||||
if (!$user) {
|
||||
$error[] = 'No account found in session.';
|
||||
return $error;
|
||||
}
|
||||
$userSession->createSessionToken($request, $user->getUID(), $username, $password);
|
||||
if (!$disableAdminUser) {
|
||||
// Create a session token for the newly created user
|
||||
// The token provider requires a working db, so it's not injected on setup
|
||||
/** @var \OC\User\Session $userSession */
|
||||
$userSession = Server::get(IUserSession::class);
|
||||
$provider = Server::get(PublicKeyTokenProvider::class);
|
||||
$userSession->setTokenProvider($provider);
|
||||
$userSession->login($username, $password);
|
||||
$user = $userSession->getUser();
|
||||
if (!$user) {
|
||||
$error[] = 'No account found in session.';
|
||||
return $error;
|
||||
}
|
||||
$userSession->createSessionToken($request, $user->getUID(), $username, $password);
|
||||
|
||||
$session = $userSession->getSession();
|
||||
$session->set('last-password-confirm', Server::get(ITimeFactory::class)->getTime());
|
||||
$session = $userSession->getSession();
|
||||
$session->set('last-password-confirm', Server::get(ITimeFactory::class)->getTime());
|
||||
|
||||
// Set email for admin
|
||||
if (!empty($options['adminemail'])) {
|
||||
$user->setSystemEMailAddress($options['adminemail']);
|
||||
// Set email for admin
|
||||
if (!empty($options['adminemail'])) {
|
||||
$user->setSystemEMailAddress($options['adminemail']);
|
||||
}
|
||||
}
|
||||
|
||||
return $error;
|
||||
|
|
|
|||
Loading…
Reference in a new issue