From 88384a5468bdaa82cf68a0d4ffee993914e5e16a Mon Sep 17 00:00:00 2001
From: Jj! <jj@unicon.net>
Date: Tue, 5 Mar 2019 15:49:39 -0600
Subject: [PATCH] [NOISSUE] bootstrap root user into database

---
 .../configuration/auto/WebSecurityConfig.java | 27 +++++++++++++++++++
 1 file changed, 27 insertions(+)

diff --git a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/configuration/auto/WebSecurityConfig.java b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/configuration/auto/WebSecurityConfig.java
index 1dcdc6ce7..3858ad10e 100644
--- a/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/configuration/auto/WebSecurityConfig.java
+++ b/backend/src/main/java/edu/internet2/tier/shibboleth/admin/ui/configuration/auto/WebSecurityConfig.java
@@ -1,6 +1,9 @@
 package edu.internet2.tier.shibboleth.admin.ui.configuration.auto;
 
 import edu.internet2.tier.shibboleth.admin.ui.security.DefaultAuditorAware;
+import edu.internet2.tier.shibboleth.admin.ui.security.model.Role;
+import edu.internet2.tier.shibboleth.admin.ui.security.model.User;
+import edu.internet2.tier.shibboleth.admin.ui.security.repository.RoleRepository;
 import edu.internet2.tier.shibboleth.admin.ui.security.repository.UserRepository;
 import edu.internet2.tier.shibboleth.admin.ui.security.springsecurity.AdminUserService;
 import org.springframework.beans.factory.annotation.Autowired;
@@ -23,6 +26,8 @@
 import org.springframework.security.web.firewall.StrictHttpFirewall;
 import org.springframework.security.web.util.matcher.AntPathRequestMatcher;
 
+import java.util.Collections;
+
 /**
  * Web security configuration.
  * <p>
@@ -42,6 +47,9 @@ public class WebSecurityConfig {
     @Autowired
     private UserRepository userRepository;
 
+    @Autowired
+    private RoleRepository roleRepository;
+
     @Bean
     public HttpFirewall allowUrlEncodedSlashHttpFirewall() {
         StrictHttpFirewall firewall = new StrictHttpFirewall();
@@ -72,6 +80,25 @@ protected void configure(AuthenticationManagerBuilder auth) throws Exception {
                 // TODO: more configurable authentication
                 PasswordEncoder passwordEncoder = PasswordEncoderFactories.createDelegatingPasswordEncoder();
                 if (defaultPassword != null && !"".equals(defaultPassword)) {
+                    // TODO: yeah, this isn't good, but we gotta initialize this user for now
+                    Role adminRole = roleRepository.findByName("ROLE_ADMIN").orElseGet(() -> {
+                        Role r = new Role();
+                        r.setName("ROLE_ADMIN");
+                        return roleRepository.saveAndFlush(r);
+                    });
+                    User adminUser = userRepository.findByUsername("root").orElseGet(() ->{
+                        User u = new User();
+                        u.setUsername("root");
+                        u.setPassword(defaultPassword);
+                        u.setFirstName("admin");
+                        u.setLastName("user");
+                        u.setRoles(Collections.singleton(adminRole));
+                        u.setEmailAddress("admin@localhost");
+                        return userRepository.saveAndFlush(u);
+                    });
+                    adminUser.setPassword(defaultPassword);
+                    userRepository.saveAndFlush(adminUser);
+
                     auth
                             .inMemoryAuthentication()
                             .withUser("root")