Skip to content

Commit

Permalink
Fix overwriting superadmin password on container start (#2494)
Browse files Browse the repository at this point in the history 
* Fix overwriting superadmin password

* style

* Reorder tests such that default PW stays active

* Actually fetch the user to compare password

* Assert logout after init-data to fix other tests
  • Loading branch information
@peb-adr
peb-adr authored Jun 27, 2024
1 parent c7e9741 commit 1f9692b
Show file tree
Hide file tree
Showing 2 changed files with 24 additions and 0 deletions.
1 change: 1 addition & 0 deletions openslides_backend/http/application.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -71,6 +71,7 @@ def create_initial_data(self) -> None:
)
except ActionException as e:
self.logger.error(f"Initial data creation failed: {e}")
return

# in prod mode, set superadmin password
if not self.env.is_dev_mode():
Expand Down
23 changes: 23 additions & 0 deletions tests/system/action/test_create_initial_data.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -34,6 +34,29 @@ def test_initial_data_error(self, mock: MagicMock) -> None:
self.logger.info.assert_any_call("Creating initial data...")
self.logger.error.assert_called_with("Initial data creation failed: test")

def test_initial_data_prod_mode_changed_superadmin_password(self) -> None:
with tempfile.NamedTemporaryFile(delete=False) as fp:
fp.write(b"password123")
self.env.vars["OPENSLIDES_DEVELOPMENT"] = "false"
self.env.vars["SUPERADMIN_PASSWORD_FILE"] = fp.name
self.app.create_initial_data()
self.logger.info.assert_any_call("Creating initial data...")
self.logger.error.assert_not_called()
self.assert_model_exists("organization/1", {"name": "[Your organization]"})
user = self.assert_model_exists("user/1", {"username": "superadmin"})
assert self.auth.is_equal("password123", user["password"])
self.request(
"user.set_password",
{
"id": 1,
"password": "password456",
},
)
self.app.create_initial_data()
user = self.assert_model_exists("user/1", {"username": "superadmin"})
assert self.auth.is_equal("password456", user["password"])
self.assert_logged_out()

def test_initial_data_prod_mode(self) -> None:
with tempfile.NamedTemporaryFile(delete=False) as fp:
fp.write(b"password123")
Expand Down

0 comments on commit 1f9692b

Please sign in to comment.