-
Notifications
You must be signed in to change notification settings - Fork 12
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
RDISCROWD-6112 Onboarding: Install local instance GIGwork #851
Conversation
Add a cli function to create the first super user admin
Pull Request Test Coverage Report for Build 5358975422
💛 - Coveralls |
from pybossa.model.user import User | ||
if not user_repo.get_all(): | ||
user = User(email_addr='user@user.com', name='user', fullname='user', admin=True) | ||
user.set_password('test') |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I am wondering if we should consider omitting this due to exposing the account credentials openly. We could instead opt to allow local installs to follow documentation for creating the accounts. Thoughts?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Yes, I think that is a good suggestion. I was considering this change in the context of running a local dev environment, but this function is agnostic to that aspect and users may not adopt best practices and change the credentials in production.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I just had a thought: we could also prompt the user for info like so:
fullname = input("Enter your full name: ")
email = input("Enter your email address: ")
name = input("Choose a username: ")
password = input("Choose a password: ")
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This could be reasonable Can we ensure that create_su()
is only called manually by dev? Even just the password from input.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
+1 to Kory's suggestion
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Considering valid security concerns raised by Kory/Noor and since its only for local instance, this could be part of internal documentation rather than code.
from pybossa.model.user import User | ||
if not user_repo.get_all(): | ||
user = User(email_addr='user@user.com', name='user', fullname='user', admin=True) | ||
user.set_password('test') |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
+1 to Kory's suggestion
After second thought, I think the suggestions of using internal docs and relying on pre-existing utils like |
Issue number of the reported bug or feature request: RDISCROWD-6112
Describe your changes
Add a cli function to create the first super user admin. It will only do so if there are no other users, which is the case when we first create the app.
Testing performed
Tested locally
Additional context
This function is useful to call when initializing the app for the first time.