From dda4b8fce4e36a8248e0fbb7423d304783ea67b2 Mon Sep 17 00:00:00 2001 From: Ralf Haferkamp Date: Wed, 4 May 2022 10:07:55 +0200 Subject: [PATCH] Rename ADMIN_USER_ID env var to OCIS_ADMIN_USER_ID Also let the top-level ocis config validator error out if admin_user_id is unset at start. --- .vscode/launch.json | 9 +++++---- ocis-pkg/config/config.go | 2 +- ocis-pkg/config/parser/parse.go | 4 ++++ ocis-pkg/shared/shared_types.go | 2 +- 4 files changed, 11 insertions(+), 6 deletions(-) diff --git a/.vscode/launch.json b/.vscode/launch.json index 9ddc8cc6634..4d181ce3a0b 100644 --- a/.vscode/launch.json +++ b/.vscode/launch.json @@ -15,14 +15,16 @@ "OCIS_LOG_LEVEL": "debug", "OCIS_LOG_PRETTY": "true", "OCIS_LOG_COLOR": "true", - // enable basic auth for dev setup so that we can use curl for testing - "PROXY_ENABLE_BASIC_AUTH": "true", + // user id of "admin", for user creation and admin role assignement + "OCIS_ADMIN_USER_ID": "admin-user-id", // set insecure options because we don't have valid certificates in dev environments "OCIS_INSECURE": "true", // set some hardcoded secrets "OCIS_JWT_SECRET": "some-ocis-jwt-secret", - "STORAGE_TRANSFER_SECRET": "some-ocis-transfer-secret", "OCIS_MACHINE_AUTH_API_KEY": "some-ocis-machine-auth-api-key", + "STORAGE_TRANSFER_SECRET": "some-ocis-transfer-secret", + // enable basic auth for dev setup so that we can use curl for testing + "PROXY_ENABLE_BASIC_AUTH": "true", // idm ldap "IDM_SVC_PASSWORD": "some-ldap-idm-password", "GRAPH_LDAP_BIND_PASSWORD": "some-ldap-idm-password", @@ -36,7 +38,6 @@ "IDP_LDAP_BIND_PASSWORD": "some-ldap-idp-password", // admin user default password "IDM_ADMIN_PASSWORD": "admin", - "ADMIN_USER_ID": "admin", // demo users "IDM_CREATE_DEMO_USERS": "true", // metadata storage diff --git a/ocis-pkg/config/config.go b/ocis-pkg/config/config.go index 4377e9b2618..2da3e077a7e 100644 --- a/ocis-pkg/config/config.go +++ b/ocis-pkg/config/config.go @@ -70,7 +70,7 @@ type Config struct { MachineAuthAPIKey string `yaml:"machine_auth_api_key" env:"OCIS_MACHINE_AUTH_API_KEY"` TransferSecret string `yaml:"transfer_secret" env:"STORAGE_TRANSFER_SECRET"` SystemUserID string `yaml:"system_user_id" env:"OCIS_SYSTEM_USER_ID"` - AdminUserID string `yaml:"admin_user_id" env:"ADMIN_USER_ID"` + AdminUserID string `yaml:"admin_user_id" env:"OCIS_ADMIN_USER_ID"` Runtime Runtime `yaml:"runtime"` Accounts *accounts.Config `yaml:"accounts"` diff --git a/ocis-pkg/config/parser/parse.go b/ocis-pkg/config/parser/parse.go index e1ba596646d..b5381afc563 100644 --- a/ocis-pkg/config/parser/parse.go +++ b/ocis-pkg/config/parser/parse.go @@ -122,5 +122,9 @@ func Validate(cfg *config.Config) error { return shared.MissingSystemUserID("ocis") } + if cfg.AdminUserID == "" { + return shared.MissingAdminUserID("ocis") + } + return nil } diff --git a/ocis-pkg/shared/shared_types.go b/ocis-pkg/shared/shared_types.go index cdaa5327448..33aa70b9e3e 100644 --- a/ocis-pkg/shared/shared_types.go +++ b/ocis-pkg/shared/shared_types.go @@ -45,5 +45,5 @@ type Commons struct { MachineAuthAPIKey string `yaml:"machine_auth_api_key" env:"OCIS_MACHINE_AUTH_API_KEY"` TransferSecret string `yaml:"transfer_secret,omitempty" env:"REVA_TRANSFER_SECRET"` SystemUserID string `yaml:"system_user_id" env:"OCIS_SYSTEM_USER_ID"` - AdminUserID string `yaml:"admin_user_id" env:"ADMIN_USER_ID"` + AdminUserID string `yaml:"admin_user_id" env:"OCIS_ADMIN_USER_ID"` }