RDISCROWD-6112 Onboarding: Install local instance GIGwork #851
Conversation
Add a cli function to create the first super user admin
Pull Request Test Coverage Report for Build 5358975422
💛 - Coveralls |
| from pybossa.model.user import User | ||
| if not user_repo.get_all(): | ||
| user = User(email_addr='user@user.com', name='user', fullname='user', admin=True) | ||
| user.set_password('test') |
There was a problem hiding this comment.
I am wondering if we should consider omitting this due to exposing the account credentials openly. We could instead opt to allow local installs to follow documentation for creating the accounts. Thoughts?
There was a problem hiding this comment.
Yes, I think that is a good suggestion. I was considering this change in the context of running a local dev environment, but this function is agnostic to that aspect and users may not adopt best practices and change the credentials in production.
There was a problem hiding this comment.
I just had a thought: we could also prompt the user for info like so:
fullname = input("Enter your full name: ")
email = input("Enter your email address: ")
name = input("Choose a username: ")
password = input("Choose a password: ")
There was a problem hiding this comment.
This could be reasonable Can we ensure that create_su() is only called manually by dev? Even just the password from input.
There was a problem hiding this comment.
Considering valid security concerns raised by Kory/Noor and since its only for local instance, this could be part of internal documentation rather than code.
| from pybossa.model.user import User | ||
| if not user_repo.get_all(): | ||
| user = User(email_addr='user@user.com', name='user', fullname='user', admin=True) | ||
| user.set_password('test') |
|
After second thought, I think the suggestions of using internal docs and relying on pre-existing utils like |
Issue number of the reported bug or feature request: RDISCROWD-6112
Describe your changes
Add a cli function to create the first super user admin. It will only do so if there are no other users, which is the case when we first create the app.
Testing performed
Tested locally
Additional context
This function is useful to call when initializing the app for the first time.