Skip to content

disable user creation in non saas mode #1570

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
Artuomka merged 1 commit into from
Feb 6, 2026
Merged

disable user creation in non saas mode #1570

Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
124 changes: 62 additions & 62 deletions backend/src/entities/user/user-helper.service.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -14,71 +14,71 @@

@Injectable()
export class UserHelperService implements OnModuleInit {
constructor(
@InjectRepository(UserEntity)
private readonly userRepository: Repository<UserEntity>,
@InjectRepository(CompanyInfoEntity)
private readonly companyInfoRepository: Repository<CompanyInfoEntity>,
) {}
constructor(
@InjectRepository(UserEntity)
private readonly userRepository: Repository<UserEntity>,
@InjectRepository(CompanyInfoEntity)
private readonly companyInfoRepository: Repository<CompanyInfoEntity>,
) {}

public buildFoundUserInGroupDs(user: UserEntity): FoundUserInGroupDs {
return {
id: user.id,
email: user.email,
createdAt: user.createdAt,
isActive: user.isActive,
name: user.name,
suspended: user.suspended,
externalRegistrationProvider: user.externalRegistrationProvider,
};
}
public buildFoundUserInGroupDs(user: UserEntity): FoundUserInGroupDs {
return {
id: user.id,
email: user.email,
createdAt: user.createdAt,
isActive: user.isActive,
name: user.name,
suspended: user.suspended,
externalRegistrationProvider: user.externalRegistrationProvider,
};
}

public async buildFoundUserDs(user: UserEntity): Promise<FoundUserDto> {
const intercomHash = getUserIntercomHash(user.id);
return {
id: user.id,
createdAt: user.createdAt,
suspended: user.suspended,
isActive: user.isActive,
email: user.email,
intercom_hash: intercomHash,
name: user.name,
role: user.role,
is_2fa_enabled: user.otpSecretKey !== null && user.isOTPEnabled,
company: user.company ? { id: user.company.id } : null,
externalRegistrationProvider: user.externalRegistrationProvider,
show_test_connections: user.showTestConnections,
};
}
public async buildFoundUserDs(user: UserEntity): Promise<FoundUserDto> {
const intercomHash = getUserIntercomHash(user.id);
return {
id: user.id,
createdAt: user.createdAt,
suspended: user.suspended,
isActive: user.isActive,
email: user.email,
intercom_hash: intercomHash,
name: user.name,
role: user.role,
is_2fa_enabled: user.otpSecretKey !== null && user.isOTPEnabled,
company: user.company ? { id: user.company.id } : null,
externalRegistrationProvider: user.externalRegistrationProvider,
show_test_connections: user.showTestConnections,
};
}

public async onModuleInit(): Promise<void> {
if (isSaaS()) {
return;
}
const email = (process.env.ADMIN_EMAIL || 'admin@email.local').toLowerCase();
const password =
process.env.ADMIN_PASSWORD ||
(process.env.NODE_ENV === 'test' ? 'test12345' : Encryptor.generateRandomString(10));
public async onModuleInit(): Promise<void> {
if (isSaaS() || process.env.NODE_ENV !== 'test') {

Copilot AI Feb 6, 2026

Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The modified condition contradicts the PR title "disable user creation in non saas mode". The new logic if (isSaaS() || process.env.NODE_ENV !== 'test') only allows admin user creation in test mode for non-SaaS deployments. This means production self-hosted (non-SaaS) instances will NOT automatically create an admin user on startup.

This appears to be a critical breaking change for self-hosted production deployments. Previously, the admin user was created automatically for all non-SaaS instances. Now it will only be created in test environments.

If the intent is to disable automatic user creation in production non-SaaS mode and rely on the CreateInitialUserUseCase endpoint for user creation instead, this should be clarified in the PR description. However, this would be a breaking change that requires migration documentation.

Suggested change
if (isSaaS() || process.env.NODE_ENV !== 'test') {
if (isSaaS()) {

Copilot uses AI. Check for mistakes.
return;
}
Comment on lines +55 to +57

Copilot AI Feb 6, 2026

Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This change breaks the documented behavior in README.md lines 103-104, which states: "After installation rocketadmin will create a user with email admin@email.local and autogenerated password." With this change, automatic user creation will only happen in test environments, not in production self-hosted deployments.

If this is an intentional breaking change to force users to use the /selfhosted/initial-user API endpoint instead, the README documentation must be updated accordingly with migration instructions for existing deployments and new setup instructions.

Copilot uses AI. Check for mistakes.
const email = (process.env.ADMIN_EMAIL || 'admin@email.local').toLowerCase();
const password =
process.env.ADMIN_PASSWORD ||
(process.env.NODE_ENV === 'test' ? 'test12345' : Encryptor.generateRandomString(10));

Comment on lines +60 to 62

Copilot AI Feb 6, 2026

Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The logic at line 61 will never execute the Encryptor.generateRandomString(10) branch because the outer condition at line 55 already ensures process.env.NODE_ENV === 'test'. The ternary expression process.env.NODE_ENV === 'test' ? 'test12345' : Encryptor.generateRandomString(10) will always evaluate to 'test12345' since we only reach this code when NODE_ENV is 'test'.

This is dead code that should be simplified to just use 'test12345' or removed if the random password generation was intended for other environments.

Suggested change
process.env.ADMIN_PASSWORD ||
(process.env.NODE_ENV === 'test' ? 'test12345' : Encryptor.generateRandomString(10));
process.env.ADMIN_PASSWORD || 'test12345';

Copilot uses AI. Check for mistakes.
const foundTestUser = await this.userRepository.findOneBy({ email: email });
if (foundTestUser) {
return;
}
const foundTestUser = await this.userRepository.findOneBy({ email: email });
if (foundTestUser) {
return;
}

const registerUserData: RegisterUserDs = {
email: email,
password: password,
isActive: true,
gclidValue: null,
name: 'Admin',
role: UserRoleEnum.ADMIN,
};
const savedUser = await this.userRepository.save(buildRegisteringUser(registerUserData));
const newCompanyInfo = new CompanyInfoEntity();
newCompanyInfo.id = Encryptor.generateUUID();
const savedCompanyInfo = await this.companyInfoRepository.save(newCompanyInfo);
savedUser.company = savedCompanyInfo;
await this.userRepository.save(savedUser);
console.info(`Admin user created with email: "${email}" and password: "${password}"`);
}
const registerUserData: RegisterUserDs = {
email: email,
password: password,
isActive: true,
gclidValue: null,
name: 'Admin',
role: UserRoleEnum.ADMIN,
};
const savedUser = await this.userRepository.save(buildRegisteringUser(registerUserData));
const newCompanyInfo = new CompanyInfoEntity();
newCompanyInfo.id = Encryptor.generateUUID();
const savedCompanyInfo = await this.companyInfoRepository.save(newCompanyInfo);
savedUser.company = savedCompanyInfo;
await this.userRepository.save(savedUser);
console.info(`Admin user created with email: "${email}" and password: "${password}"`);
Comment thread Dismissed
}
}
Loading