-
-
Notifications
You must be signed in to change notification settings - Fork 1.8k
/
auth_user_default.go
111 lines (100 loc) Β· 2.62 KB
/
auth_user_default.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
package entity
import (
"github.com/photoprism/photoprism/internal/acl"
"github.com/photoprism/photoprism/internal/event"
"github.com/photoprism/photoprism/pkg/authn"
)
// Role defaults.
const (
AdminUserName = "admin"
AdminDisplayName = "Admin"
VisitorDisplayName = "Visitor"
UnknownDisplayName = "Unknown"
)
// Admin is the default admin user.
var Admin = User{
ID: 1,
UserName: AdminUserName,
AuthProvider: authn.ProviderLocal.String(),
UserRole: acl.RoleAdmin.String(),
DisplayName: AdminDisplayName,
SuperAdmin: true,
CanLogin: true,
WebDAV: true,
CanInvite: true,
InviteToken: GenerateToken(),
PreviewToken: GenerateToken(),
DownloadToken: GenerateToken(),
}
// UnknownUser is an anonymous, public user without own account.
var UnknownUser = User{
ID: -1,
UserUID: "u000000000000001",
UserName: "",
AuthProvider: authn.ProviderNone.String(),
UserRole: acl.RoleNone.String(),
CanLogin: false,
WebDAV: false,
CanInvite: false,
DisplayName: UnknownDisplayName,
InviteToken: "",
PreviewToken: "",
DownloadToken: "",
}
// Visitor is a user without own account e.g. for link sharing.
var Visitor = User{
ID: -2,
UserUID: "u000000000000002",
UserName: "",
AuthProvider: authn.ProviderLink.String(),
UserRole: acl.RoleVisitor.String(),
DisplayName: VisitorDisplayName,
CanLogin: false,
WebDAV: false,
CanInvite: false,
InviteToken: "",
PreviewToken: "",
DownloadToken: "",
}
// CreateDefaultUsers initializes the database with default user accounts.
func CreateDefaultUsers() {
if admin := FindUser(Admin); admin != nil {
Admin = *admin
} else {
// Set legacy values.
if leg := FindLegacyUser(Admin); leg != nil {
Admin.UserUID = leg.UserUID
if leg.UserName != "" {
Admin.UserName = leg.UserName
}
if leg.PrimaryEmail != "" {
Admin.UserEmail = leg.PrimaryEmail
}
if leg.FullName != "" {
Admin.DisplayName = leg.FullName
}
if leg.LoginAt != nil {
Admin.LoginAt = leg.LoginAt
}
log.Infof("users: migrating %s account", Admin.UserName)
}
// Set default values.
Admin.SuperAdmin = true
Admin.CanLogin = true
Admin.WebDAV = true
// Username is required.
if Admin.UserName == "" {
Admin.UserName = "admin"
}
// Add initial admin account.
if err := Admin.Create(); err != nil {
event.AuditErr([]string{"user", "failed to create", "%s"}, err)
}
}
if user := FirstOrCreateUser(&UnknownUser); user != nil {
UnknownUser = *user
}
if user := FirstOrCreateUser(&Visitor); user != nil {
Visitor = *user
}
}