settings: fix incorrect implementation of conditional user creation.

The change that implemented #3648 (7c099fef5e) was incorrect, and resulted
in disabling every user at startup.

The problem was twofold:
1. _.filter() on an object returns an array of the object's enumerable values
   and strips out the keys, see: https://stackoverflow.com/questions/11697702/how-to-use-underscore-js-filter-with-an-object
   To filter an object, the function that needs to be used is _.pick();

2. The logic condition on userProperties.password was plain wrong (it should
   have been an AND instead of an OR).

This change corrects 1) and 2), and writes more specific logs when something
goes wrong.

Closes #3661.
This commit is contained in:
muxator 2019-11-02 22:57:52 +01:00
parent c4564fba4b
commit 28a3bba4c1

View file

@ -637,14 +637,21 @@ exports.reloadSettings = function reloadSettings() {
* This is used by the settings.json in the default Dockerfile to eschew
* creating an admin user if no password is set.
*/
var filteredUsers = _.filter(exports.users, function(userProperties, username) {
if ((userProperties.hasOwnProperty("password")) || userProperties.password !== null) {
return true;
}
console.warn(`The password for ${username} is null. This means the user must not be created. Removing it.`);
var filteredUsers = _.pick(exports.users, function(userProperties, username) {
if (userProperties.hasOwnProperty("password") === false) {
console.warn(`Removing user "${username}", because it has no "password" field.`);
return false;
}
if (userProperties.password === null) {
console.warn(`Removing user "${username}", because its password is null.`);
return false;
}
// This user has a password, and its password is not null. Keep it.
return true;
});
exports.users = filteredUsers;