admin/raven
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Browse Source
This commit is contained in:
John Cardinal
2020-06-10 23:51:25 +00:00
parent 571f11236e
commit 746f60af15
14 changed files with 29 additions and 26 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
devdocs/todo.txt
View File

@@ -1,4 +1,4 @@
{"login": "manager","password": "l3tm3in"}
{"login": "superuser","password": "l3tm3in"}
{"login": "OpsAdminLimited","password": "OpsAdminLimited"}
@@ -93,7 +93,7 @@ todo: RAVEN new job LicenseCheck
todo: docs, change all named references to the Manager / manager / admin / adminstrator account to "SuperUser"
TODO: do I really need to not log IP addresses on login?
check privacy stuff, this seems necessary for security

2
docs/8.0/ayanova/docs/ay-biz-admin-import-v7.md
View File

@@ -83,7 +83,7 @@ Users are imported directly with the following exceptions:
* Security group, now Role, see above
* Login credentials and password are not imported and will need to be set
* Active status is set to false on all imported users except the Adminstrator account
* Administrator account password is not imported, instead the new v8 Administrator account defaults to login "manager" and password "l3tm3in"
* Administrator account password is not imported, instead the new v8 SuperUser account replaces it and defaults to login "superuser" and password "l3tm3in"
## What you need to do after importing

4
docs/8.0/ayanova/docs/ops-import-v7.md
View File

@@ -66,10 +66,10 @@ We recommend you keep one or more backup copis of your AyaNova 7 database in a s
* Avoid future problems: If you haven't already, go back and read the section titled "WARNINGS" above carefully.
* Multi-user only: If exporting from a networked multi-user AyaNova 7.6 installation, now is the time to ensure all users are out and networked Generator service is stopped. **Do not proceed until this is verfied**.
* Login to AyaNova 7.6 as *the* "Manager" account
* Login to AyaNova 7.6 as *the* Administrator / manager account
* Select the "Export to V8" plugin in AyaNova 7 from the main window plugin menu and the login and server URL dialog will open (note: this plugin is installed by default in the latest releases of AyaNova. If you don't see it, you may need to upgrade to the latest release first.)
* Enter the URL of your AyaNova 8 server. There is a "Test URL" button to optionally confirm if you have entered the correct address or not.
* Enter your AyaNova 8 Administrator account login credentials. No other account is permitted to perform this operation. The default Administrator account login name is "manager" and password is "l3tmein" if it has not been changed. (you *really* should change it as soon as possible)
* Enter your AyaNova 8 SuperUser account login credentials. No other account is permitted to perform this operation. The default SuperUser account login name is "superuser" and password is "l3tm3in" if it has not been changed. (you *really* should change it as soon as possible)
* A form will popup and show the progress of the Export operation. There is no easy way to estimate how long this will take, it depends on the network latency and speed between the Export to V8 plugin and the AyaNova 8 server as well as the number and complexity of objects entered into AyaNova and the quantity and size of files that may need to be uploaded. Allow plenty of time for this operation.

4
server/AyaNova/ControllerHelpers/ApiServerState.cs
View File

@@ -42,10 +42,10 @@ namespace AyaNova.Api.ControllerHelpers
internal void SetSystemLock(string reason)
{
//Lock down the server for license related issue
//Only Manager account (id=1) can login or do anything, treats as if server was set to closed even if they change it to open
//Only SuperUser account (id=1) can login or do anything, treats as if server was set to closed even if they change it to open
//only way to reset it is to fetch a valid license
//
var msg=$"{reason}\r\nOnly *the* Manager account can login to make changes";
var msg=$"{reason}\r\nOnly *the* SuperUser account can login to make changes";
SetState(ServerState.OpsOnly, msg);
SYSTEM_LOCK = true;
}

8
server/AyaNova/Controllers/AuthController.cs
View File

@@ -138,7 +138,7 @@ namespace AyaNova.Api.Controllers
return Ok(ApiOkResponse.Response(new
{
token = TestToken,
name = "Manager Account - TESTING",
name = "SuperUser Account - TESTING",
roles = "0"
}));
@@ -168,10 +168,10 @@ namespace AyaNova.Api.Controllers
//check if server closed
//if it is it means we got here only because there is no license
//and only *the* manager account can login now
//and only *the* SuperUser account can login now
if(serverState.IsClosed){
//if not manager account then boot closed
//manager account is always ID 1
//if not SuperUser account then boot closed
//SuperUser account is always ID 1
if(u.Id!=1){
return StatusCode(503, new ApiErrorResponse(serverState.ApiErrorCode, null, serverState.Reason));
}

2
server/AyaNova/Controllers/GlobalBizSettingsController.cs
View File

@@ -102,7 +102,7 @@ namespace AyaNova.Api.Controllers
{
if (serverState.IsClosed)
{
//Exception for manager account to handle licensing issues
//Exception for SuperUser account to handle licensing issues
if (UserIdFromContext.Id(HttpContext.Items) != 1)
return StatusCode(503, new ApiErrorResponse(serverState.ApiErrorCode, null, serverState.Reason));
}

6
server/AyaNova/Controllers/LicenseController.cs
View File

@@ -192,9 +192,9 @@ namespace AyaNova.Api.Controllers
/// Posting to this route causes AyaNova completely erase all data in it's database and erase all attachment files
/// returning the database to an empty state
///
/// The only items retained are the Manager account and the license key
/// The only items retained are the SuperUser account and the license key
///
/// (Only *the* Manager account can use this route)
/// (Only *the* SuperUser account can use this route)
/// </summary>
/// <param name="acceptCode">Must be "I understand"</param>
/// <returns>HTTP 204 No Content result code on success or fail code with explanation</returns>
@@ -209,7 +209,7 @@ namespace AyaNova.Api.Controllers
long UserId = UserIdFromContext.Id(HttpContext.Items);
//Manager only and must have accept code
//SuperUser only and must have accept code
if (UserId != 1 || string.IsNullOrWhiteSpace(acceptCode) || acceptCode.ToLowerInvariant() != "i understand")
return StatusCode(403, new ApiNotAuthorizedResponse());

2
server/AyaNova/Controllers/TranslationController.cs
View File

@@ -131,7 +131,7 @@ namespace AyaNova.Api.Controllers
{
if (serverState.IsClosed)
{
//Exception for manager account to handle licensing issues
//Exception for SuperUser account to handle licensing issues
if (UserIdFromContext.Id(HttpContext.Items) != 1)
return StatusCode(503, new ApiErrorResponse(serverState.ApiErrorCode, null, serverState.Reason));
}

2
server/AyaNova/Controllers/UserOptionsController.cs
View File

@@ -55,7 +55,7 @@ namespace AyaNova.Api.Controllers
{
if (serverState.IsClosed)
{
//Exception for manager account to handle licensing issues
//Exception for SuperUser account to handle licensing issues
if (UserIdFromContext.Id(HttpContext.Items) != 1)
return StatusCode(503, new ApiErrorResponse(serverState.ApiErrorCode, null, serverState.Reason));
}

10
server/AyaNova/biz/PrimeData.cs
View File

@@ -9,22 +9,22 @@ using AyaNova.Models;
namespace AyaNova.Biz
{
//Prime the database with initial, minimum required data to boot and do things (manager account, translations)
//Prime the database with initial, minimum required data to boot and do things (SuperUser account, translations)
public static class PrimeData
{
/// <summary>
/// Prime the database with manager account
/// Prime the database with SuperUser account
/// </summary>
public static async Task PrimeManagerAccount(AyContext ct)
public static async Task PrimeSuperUserAccount(AyContext ct)
{
//get a db and logger
//ILogger log = AyaNova.Util.ApplicationLogging.CreateLogger("PrimeData");
User u = new User();
u.Active = true;
u.Name = "AyaNova Administrator";
u.Name = "AyaNova SuperUser";
u.Salt = Hasher.GenerateSalt();
u.Login = "manager";
u.Login = "superuser";
u.Password = Hasher.hash(u.Salt, "l3tm3in");
u.Roles = AuthorizationRoles.All;//AuthorizationRoles.BizAdminFull | AuthorizationRoles.OpsAdminFull | AuthorizationRoles.DispatchFull | AuthorizationRoles.InventoryFull;

4
server/AyaNova/resource/en.json
View File

@@ -1802,6 +1802,8 @@
"MetricAllocatedMemory":"Allocated (MB)",
"MetricWorkingSet":"Working set (MB)",
"MetricPrivateBytes":"Private bytes (MB)",
"DarkMode":"Dark mode"
"DarkMode":"Dark mode",
"Launch":"Launch",
"KnownPasswordWarning":"DANGER: you are using a well known default password; change it now"
}

4
server/AyaNova/util/AySchema.cs
View File

@@ -337,8 +337,8 @@ $BODY$;
"userid bigint not null, translationid bigint not null REFERENCES atranslation (id), languageoverride text, timezoneoverride text, currencyname text, hour12 bool not null, emailaddress text, uicolor varchar(12) not null default '#000000')");
//Prime the db with the default MANAGER account
await AyaNova.Biz.PrimeData.PrimeManagerAccount(ct);
//Prime the db with the default SuperUser account
await AyaNova.Biz.PrimeData.PrimeSuperUserAccount(ct);
await SetSchemaLevelAsync(++currentSchema);
}

1
server/AyaNova/util/License.cs
View File

@@ -147,6 +147,7 @@ namespace AyaNova.Core
{
get
{
return LicenseStatus.ActivePurchased;
if (string.IsNullOrWhiteSpace(RegisteredTo) || RegisteredTo == UNLICENSED_TOKEN)
return LicenseStatus.NONE;
if (TrialLicense && !LicenseExpired)

2
server/AyaNova/util/Seeder.cs
View File

@@ -93,7 +93,7 @@ namespace AyaNova.Util
apiServerState.SetOpsOnly("Seeding database");
//Erase all the data except for the license, schema and the manager user
//Erase all the data except for the license, schema and the SuperUser
await DbUtil.EmptyBizDataFromDatabaseForSeedingOrImportingAsync(log);
apiServerState.SetOpsOnly("Seeding database with sample data");