Fix user perm on new users

Author: skadefro

OpenFlow/src/LoginProvider.ts

@@ -409,7 +409,9 @@ export class LoginProvider {
                 }
                 _user.username = username;
                 if (Util.IsNullEmpty(_user.name)) { done("Cannot add new user, name is empty, please add displayname to claims", null); return; }
-                _user = await Config.db.InsertOne(_user, "users", 0, false, TokenUser.rootToken());
+                // _user = await Config.db.InsertOne(_user, "users", 0, false, TokenUser.rootToken());
+                var jwt: string = TokenUser.rootToken();
+                _user = await User.ensureUser(jwt, _user.name, _user.username, null, null);
             }
         }
 
@@ -440,10 +442,8 @@ export class LoginProvider {
                 if (!Util.IsNullEmpty(profile.displayName)) { _user.name = profile.displayName; }
                 _user.username = username;
                 if (Util.IsNullEmpty(_user.name)) { done("Cannot add new user, name is empty.", null); return; }
-                _user = await Config.db.InsertOne(_user, "users", 0, false, jwt);
-                var users: Role = await Role.FindByNameOrId("users", jwt);
-                users.AddMember(_user);
-                await users.Save(jwt)
+                var jwt: string = TokenUser.rootToken();
+                _user = await User.ensureUser(jwt, _user.name, _user.username, null, null);
             }
         }
         if (Util.IsNullUndefinded(_user)) {

OpenFlow/src/Messages/Message.ts

@@ -499,8 +499,8 @@ export class Message {
                     tuser = new TokenUser(user);
                 } else { // Autocreate user .... safe ?? we use this for autocreating nodered service accounts
                     if (Config.auto_create_users == true) {
-                        user = new User(); user.name = tuser.name; user.username = tuser.username;
-                        await user.Save(TokenUser.rootToken());
+                        var jwt: string = TokenUser.rootToken();
+                        user = await User.ensureUser(jwt, tuser.name, tuser.username, null, msg.password);
                         tuser = new TokenUser(user);
                     } else {
                         msg.error = "Unknown username or password";
@@ -599,12 +599,6 @@ export class Message {
             user = await User.ensureUser(jwt, msg.name, msg.username, null, msg.password);
             msg.user = new TokenUser(user);
 
-            user.addRight(WellknownIds.admins, "admins", [Rights.full_control]);
-            user.removeRight(WellknownIds.admins, [Rights.delete]);
-            user.addRight(user._id, user.name, [Rights.full_control]);
-            user.removeRight(user._id, [Rights.delete]);
-            await user.Save(jwt);
-
             jwt = Crypt.createToken(msg.user, "5m");
             var name = user.username;
             name = name.split("@").join("").split(".").join("");

OpenFlow/src/User.ts

@@ -1,4 +1,4 @@
-import { Base } from "./base";
+import { Base, WellknownIds, Rights } from "./base";
 import { Rolemember, Role } from "./Role";
 import { DatabaseConnection } from "./DatabaseConnection";
 import { TokenUser } from "./TokenUser";
@@ -45,6 +45,15 @@ export class User extends Base {
         }
         user = await Config.db.InsertOne(user, "users", 0, false, jwt);
         user = User.assign(user);
+        user.addRight(WellknownIds.admins, "admins", [Rights.full_control]);
+        user.removeRight(WellknownIds.admins, [Rights.delete]);
+        user.addRight(user._id, user.name, [Rights.full_control]);
+        user.removeRight(user._id, [Rights.delete]);
+        await user.Save(jwt);
+        var users: Role = await Role.FindByNameOrId("users", jwt);
+        users.AddMember(user);
+        await users.Save(jwt)
+        await user.DecorateWithRoles();
         return user;
     }
     public static async ensureRole(jwt: string, name: string, id: string): Promise<Role> {

VERSION

@@ -1 +1 @@
-0.0.322
+0.0.323