| 28 | }; |
| 29 | |
| 30 | export async function createAdmin( |
| 31 | schema: SchemaOverview, |
| 32 | admin?: { |
| 33 | email?: string | undefined; |
| 34 | password?: string | undefined; |
| 35 | first_name?: string | undefined; |
| 36 | last_name?: string | undefined; |
| 37 | }, |
| 38 | ): Promise<void> { |
| 39 | const logger = useLogger(); |
| 40 | const env = useEnv(); |
| 41 | |
| 42 | const adminEmail = admin?.email ?? env['ADMIN_EMAIL']; |
| 43 | const adminPassword = admin?.password ?? env['ADMIN_PASSWORD']; |
| 44 | |
| 45 | // Without credentials there's no admin user to create. Will happen in onboarding flow. |
| 46 | if (!adminEmail || !adminPassword) return; |
| 47 | |
| 48 | logger.info('Setting up first admin role...'); |
| 49 | const accessService = new AccessService({ schema }); |
| 50 | const policiesService = new PoliciesService({ schema }); |
| 51 | const rolesService = new RolesService({ schema }); |
| 52 | |
| 53 | const role = await rolesService.createOne(defaultAdminRole); |
| 54 | const policy = await policiesService.createOne(defaultAdminPolicy); |
| 55 | |
| 56 | await accessService.createOne({ policy, role }); |
| 57 | |
| 58 | const usersService = new UsersService({ schema }); |
| 59 | |
| 60 | const token = env['ADMIN_TOKEN'] ?? null; |
| 61 | |
| 62 | logger.info('Adding first admin user...'); |
| 63 | |
| 64 | await usersService.createOne({ |
| 65 | ...defaultAdminUser, |
| 66 | first_name: admin?.first_name ?? defaultAdminUser.first_name, |
| 67 | last_name: admin?.last_name ?? defaultAdminUser.last_name, |
| 68 | email: adminEmail, |
| 69 | password: adminPassword, |
| 70 | token, |
| 71 | role, |
| 72 | }); |
| 73 | } |