Tomato tomato. Doesn't really matter which way we do it. Of course it's no problem.
Force the generated admin user to change the password on the first login
db:seed we create an admin user with username
admin and password
admin. It is dangerous to have such default credentials (because users tend to forget to change the defaults).
This PR aims to make the admin change his password after his/her first login.
relates to: https://www.openproject.org/work_packages/5606
- 点赞 评论 复制链接分享
Tomato tomato. Doesn't really matter which way we do it.
Don't know the tomato joke, but as tessi explained there is a reason ^^ Otherwise my rationale would be to have things where they belong and not everywhere they do not belong.点赞 评论 复制链接分享
Ah yes, Tessi actually gave a good reason not to do it in
production. So there you go. We're gonna do it MY WAY.点赞 评论 复制链接分享
The password-change is not enforced in dev-mode now.点赞 评论 复制链接分享
Now I'm just wondering whether there are tests that rely on the seeded admin user and which might break if the admin has to change their password upon login. But I guess if travis is green this is not the case. So IMO we can merge it as soon as Travis gives their thumbs up.点赞 评论 复制链接分享
Thought about this too. But tests don't seed the database don't they? anyways, travis was green on the last commit :)
However, I wonder if I should somehow test the changes in this PR. But I'm not sure how to tests seeds.点赞 评论 复制链接分享
I suppose they don't. Perhaps you can write a test in which you require
seeds.rbwhile stubbing the Rails.env to be development and production respectively to check if the flag is correct.点赞 评论 复制链接分享
Then again that test would run forever for development. So better don't.点赞 评论 复制链接分享
I say if you have tried this locally by hand it is good enough.点赞 评论 复制链接分享
I say: "I have tried this locally by hand" :D点赞 评论 复制链接分享
Good. I will push the merge button as soon as travis shows green again.点赞 评论 复制链接分享
- weixin_39795292 4月前
This looks like a pretty good idea for production, but would be a pain for development - resetting the password to a 10-character or longer password after each database reset.
Any way we could not do this in development?点赞 评论 复制链接分享
Could we put code in
seeds/development.rbthat resets the flag so that you only have to change your password in production mode?点赞 评论 复制链接分享
No idea about ruby here, but my intution was: If there is
production.rband I want some behaviour to be present in my production environment, then I would add something to the
production.rbrather than adding it to
all.rband removing it in
But this is just my intuition... And you might say it is better to edit many files...点赞 评论 复制链接分享
The reason the admin is in
all.rbsurely is not wanting to copy that code for each environment. You want an admin for both development and production.点赞 评论 复制链接分享
Sounds like a good idea. gonna try this.
We don't need to care about the test env, don't we? What about testing this PR? I don't know a way to test seeds.
We create the admin user in
all.rbif it does not exist yet. In
production.rbwe don't know whether the admin user was recently created (but does not have the password-change-flag set) or if the user already existed and has it's password already changed.
The seed-command is executed after every update. And since we don't want to force an admin password change after every update, we can just follow 's approach.点赞 评论 复制链接分享
Could we put code in seeds/development.rb that resets the flag so that you only have to change your password in production mode?
~~If you are able to find the admin-user in
development.rband remove the flag, I don't see why it should be a problem to find him in
production.rband remove the flag.~~
Thanks for the explanation ^^点赞 评论 复制链接分享