From 3a91417db3fbece6ce4fcaf9288749b080c2d034 Mon Sep 17 00:00:00 2001
From: garrettmills <shout@garrettmills.dev>
Date: Mon, 15 Mar 2021 17:45:18 -0500
Subject: [PATCH] Add default user to allow for default groups and IAM

---
 app/controllers/api/v1/Auth.controller.js |  2 ++
 app/models/auth/User.model.js             | 15 +++++++++++++++
 app/unit/SettingsUnit.js                  | 16 ++++++++++++++++
 3 files changed, 33 insertions(+)

diff --git a/app/controllers/api/v1/Auth.controller.js b/app/controllers/api/v1/Auth.controller.js
index 530ea31..9c6b633 100644
--- a/app/controllers/api/v1/Auth.controller.js
+++ b/app/controllers/api/v1/Auth.controller.js
@@ -91,6 +91,7 @@ class AuthController extends Controller {
         if ( !(await User.findOne()) ) user.promote('root')
 
         await user.save()
+        await user.grant_defaults()
 
         // Log in the user automatically
         await this.auth.get_provider().session(req, user)
@@ -321,6 +322,7 @@ class AuthController extends Controller {
 
         await user.reset_password(req.body.password, 'create')
         await user.save()
+        await user.grant_defaults()
         return res.api(await user.to_api())
     }
 
diff --git a/app/models/auth/User.model.js b/app/models/auth/User.model.js
index 9ee4d25..eecaf8a 100644
--- a/app/models/auth/User.model.js
+++ b/app/models/auth/User.model.js
@@ -40,9 +40,24 @@ class User extends AuthUser {
             notify_config: NotifyConfig,
             uid_number: Number,
             login_shell: String,
+
+            is_default_user_for_coreid: { type: Boolean, default: false },
         }}
     }
 
+    async grant_defaults() {
+        const default_user = await this.constructor.findOne({is_default_user_for_coreid: true, active: true})
+        this.login_shell = default_user.login_shell
+        this.roles = default_user.roles
+        this.permissions = default_user.permissions
+
+        const groups = await default_user.groups()
+        for ( const group of groups ) {
+            group.user_ids.push(this.id)
+            await group.save()
+        }
+    }
+
     async get_uid_number() {
         if ( !this.uid_number ) {
             const Setting = this.models.get('Setting')
diff --git a/app/unit/SettingsUnit.js b/app/unit/SettingsUnit.js
index 9c7f04b..f80187b 100644
--- a/app/unit/SettingsUnit.js
+++ b/app/unit/SettingsUnit.js
@@ -13,6 +13,22 @@ class SettingsUnit extends Unit {
         Error.stackTraceLimit = 50
         app.express.set('trust proxy', true)
 
+        const User = this.models.get('auth:User')
+        const user = await User.findOne({is_default_user_for_coreid: true})
+        if ( !user ) {
+            const user = new User({
+                uid: '__coreid_default_user__',
+                provider: 'flitter',
+                block_login: true,
+                first_name: 'Default_User',
+                last_name: 'Default_User',
+                ldap_visible: false,
+                is_default_user_for_coreid: true,
+            })
+
+            await user.save()
+        }
+
         const Setting = this.models.get('Setting')
         const default_settings = this.configs.get('setting.settings')
         for ( const key in default_settings ) {