Вшил пользователя admin. Его нельзя удалить, отредактировать. Пересоздается при каждом перезапуске приложения

2020-08-08 23:01:04 +03:00
parent 221368874e
commit f0100ba084
2 changed files with 38 additions and 1 deletions
--- a/src/main.ts
+++ b/src/main.ts
@ -1,7 +1,33 @@
 import {NestFactory} from '@nestjs/core';
 import {AppModule} from './app.module';
 import {SwaggerModule, DocumentBuilder} from '@nestjs/swagger';
-import {USERS_CONTROLLER, AUTH_CONTROLLER} from './consts';
+import {USERS_CONTROLLER, AUTH_CONTROLLER, MONGO_URL, DB_NAME} from './consts';
+import * as mongoose from 'mongoose';
+import * as bcrypt from 'bcrypt';
+
+const initAdmin = async () => {
+    mongoose.connect(`${MONGO_URL}/${DB_NAME}`, {useNewUrlParser: true});
+    const schema = new mongoose.Schema({
+        login: String,
+        avatar: String,
+        password: String,
+        is_admin: Boolean,
+    });
+    
+    const Model = mongoose.model('users', schema);
+    await Model.deleteOne({login: 'admin'});
+    const salt = await bcrypt.genSalt(10);
+    const password = await bcrypt.hash('Monawko900', salt);
+    const admin = new Model({
+        login: 'admin',
+        avatar: 'https://s.starladder.com/uploads/team_logo/4/3/5/e/meta_tag_7e51261a8844f9636aec079a0cab756f.png',
+        password,
+        is_admin: true,
+    });
+    admin.save();
+};
+initAdmin();
+

 async function bootstrap() {
    const app = await NestFactory.create(AppModule);
--- a/src/users/users.service.ts
+++ b/src/users/users.service.ts
@ -96,6 +96,10 @@ export class UserService {
    }

    async update(user: UpdateUserRequest): Promise<UserResponse> {
+        if (user.login === 'admin') {
+            throw new BadRequestException('Запрещено менять пользователя admin');
+        }
+
        const searchUser = await this.userModel().findOne({login: user.login});

        if (!searchUser) {
@ -127,6 +131,10 @@ export class UserService {
    }

    async removeOne(login: string): Promise<UserResponse> {
+        if (login === 'admin') {
+            throw new BadRequestException('Запрещено удалять пользователя admin');
+        }
+
        const searchUser = await this.userModel().findOne({login});

        if (!searchUser) {
@ -219,6 +227,9 @@ export class UserService {

    async changePassword(access_token: string, old_password: string, new_password: string): Promise<string> {
        const {login} = jwt.decode(access_token) as Token;
+        if (login === 'admin') {
+            throw new BadRequestException('Запрещено менять пароль пользователя admin');
+        }
        const user = await this.userModel().findOne({login});
        if (user && await this.checkPassword(old_password, user.password)) {
            const salt = user.salt;