Add force option to EnsureNoderedRoles

Author: skadefro

OpenFlow/src/DBHelper.ts

@@ -218,7 +218,7 @@ export class DBHelper {
             await this.Save(user, jwt, span);
             const users: Role = await this.FindRoleByName("users", span);
             users.AddMember(user);
-            this.EnsureNoderedRoles(user, jwt, span);
+            this.EnsureNoderedRoles(user, jwt, false, span);
             await this.Save(users, jwt, span)
             await this.DecorateWithRoles(user, span);
             return user;
@@ -229,8 +229,8 @@ export class DBHelper {
             Logger.otel.endSpan(span);
         }
     }
-    public static async EnsureNoderedRoles(user: TokenUser | User, jwt: string, parent: Span): Promise<void> {
-        if (Config.auto_create_personal_nodered_group) {
+    public static async EnsureNoderedRoles(user: TokenUser | User, jwt: string, force: boolean, parent: Span): Promise<void> {
+        if (Config.auto_create_personal_nodered_group || force) {
             let name = user.username;
             name = name.split("@").join("").split(".").join("");
             name = name.toLowerCase();
@@ -241,7 +241,7 @@ export class DBHelper {
             noderedadmins.AddMember(user as User);
             await this.Save(noderedadmins, jwt, parent);
         }
-        if (Config.auto_create_personal_noderedapi_group) {
+        if (Config.auto_create_personal_noderedapi_group || force) {
             let name = user.username;
             name = name.split("@").join("").split(".").join("");
             name = name.toLowerCase();

OpenFlow/src/DatabaseConnection.ts

@@ -899,7 +899,7 @@ export class DatabaseConnection {
                 span.addEvent("Save");
                 await DBHelper.Save(users, Crypt.rootToken(), span);
                 const user2: TokenUser = item as any;
-                DBHelper.EnsureNoderedRoles(user2, Crypt.rootToken(), span);
+                DBHelper.EnsureNoderedRoles(user2, Crypt.rootToken(), false, span);
             }
             if (collectionname === "users" && item._type === "role") {
                 Base.addRight(item, item._id, item.name, [Rights.read]);

OpenFlow/src/Messages/Message.ts

@@ -1223,7 +1223,7 @@ export class Message {
             name = name.split("@").join("").split(".").join("");
             name = name.toLowerCase();
 
-            DBHelper.EnsureNoderedRoles(user, jwt, span);
+            DBHelper.EnsureNoderedRoles(user, jwt, false, span);
         } catch (error) {
             span.recordException(error);
             if (NoderedUtil.IsNullUndefinded(msg)) { (msg as any) = {}; }
@@ -1411,7 +1411,7 @@ export class Message {
                 const tuser: TokenUser = TokenUser.From(nodereduser);
                 const nodered_jwt: string = Crypt.createToken(tuser, Config.personalnoderedtoken_expires_in);
 
-                DBHelper.EnsureNoderedRoles(tuser, cli.jwt, span);
+                DBHelper.EnsureNoderedRoles(tuser, cli.jwt, true, span);
                 let saml_baseurl = Config.protocol + "://" + hostname + "/";
                 let _samlparsed = url.parse(Config.saml_federation_metadata);
                 if (_samlparsed.protocol == "http:" || _samlparsed.protocol == "ws:") {
@@ -1538,7 +1538,7 @@ export class Message {
             const tuser: TokenUser = TokenUser.From(nodereduser);
             const nodered_jwt: string = Crypt.createToken(tuser, Config.personalnoderedtoken_expires_in);
 
-            DBHelper.EnsureNoderedRoles(tuser, cli.jwt, span);
+            DBHelper.EnsureNoderedRoles(tuser, cli.jwt, true, span);
 
             const resources = new V1ResourceRequirements();
             let hasbilling: boolean = false;