Permalink
Browse files

fix(api): check if admin user already exists when calling the /users/…

…admin/init endpoint (#494)
  • Loading branch information...
1 parent 2bdc932 commit 27e584fc143b136a5cdcce4e75d9be371013021a @deviantony deviantony committed on GitHub Jan 12, 2017
Showing with 22 additions and 11 deletions.
  1. +2 −1 api/errors.go
  2. +20 −10 api/http/user_handler.go
View
@@ -7,7 +7,8 @@ const (
// User errors.
const (
- ErrUserNotFound = Error("User not found")
+ ErrUserNotFound = Error("User not found")
+ ErrAdminAlreadyInitialized = Error("Admin user already initialized")
)
// Endpoint errors.
@@ -227,18 +227,28 @@ func (handler *UserHandler) handlePostAdminInit(w http.ResponseWriter, r *http.R
return
}
- user := &portainer.User{
- Username: "admin",
- }
- user.Password, err = handler.CryptoService.Hash(req.Password)
- if err != nil {
- Error(w, portainer.ErrCryptoHashFailure, http.StatusBadRequest, handler.Logger)
+ user, err := handler.UserService.User("admin")
+ if err == portainer.ErrUserNotFound {
+ user := &portainer.User{
+ Username: "admin",
+ }
+ user.Password, err = handler.CryptoService.Hash(req.Password)
+ if err != nil {
+ Error(w, portainer.ErrCryptoHashFailure, http.StatusBadRequest, handler.Logger)
+ return
+ }
+
+ err = handler.UserService.UpdateUser(user)
+ if err != nil {
+ Error(w, err, http.StatusInternalServerError, handler.Logger)
+ return
+ }
+ } else if err != nil {
+ Error(w, err, http.StatusInternalServerError, handler.Logger)
return
}
-
- err = handler.UserService.UpdateUser(user)
- if err != nil {
- Error(w, err, http.StatusInternalServerError, handler.Logger)
+ if user != nil {
+ Error(w, portainer.ErrAdminAlreadyInitialized, http.StatusForbidden, handler.Logger)
return
}
}

0 comments on commit 27e584f

Please sign in to comment.