ryan/lunarfront-app
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix: assign Admin RBAC role to initial user on seed
All checks were successful
Build & Release / build (push) Successful in 22s
Details

Browse Source 
Without this, the initial user has no permissions and sees no modules.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
This commit is contained in:
ryan
2026-04-05 17:38:53 +00:00
parent 67f1e4a26a
commit 666ae8d59b
1 changed files with 9 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
packages/backend/src/main.ts
View File

@@ -37,8 +37,10 @@ import { RbacService } from './services/rbac.service.js'
import { ModuleService } from './services/module.service.js' import { ModuleService } from './services/module.service.js'
import { AppConfigService } from './services/config.service.js' import { AppConfigService } from './services/config.service.js'
import { SettingsService } from './services/settings.service.js' import { SettingsService } from './services/settings.service.js'
import { eq } from 'drizzle-orm'
import { users } from './db/schema/users.js' import { users } from './db/schema/users.js'
import { companies } from './db/schema/stores.js' import { companies } from './db/schema/stores.js'
import { roles, userRoles } from './db/schema/rbac.js'
import { EmailService } from './services/email.service.js' import { EmailService } from './services/email.service.js'
import bcrypt from 'bcryptjs' import bcrypt from 'bcryptjs'
@@ -55,6 +57,13 @@ async function seedInitialUser(app: Awaited<ReturnType<typeof buildApp>>) {
const tempPassword = crypto.randomUUID() const tempPassword = crypto.randomUUID()
const passwordHash = await bcrypt.hash(tempPassword, 10) const passwordHash = await bcrypt.hash(tempPassword, 10)
const [user] = await app.db.insert(users).values({ email, passwordHash, firstName, lastName, role: 'admin' }).returning({ id: users.id }) const [user] = await app.db.insert(users).values({ email, passwordHash, firstName, lastName, role: 'admin' }).returning({ id: users.id })
// Assign the Admin RBAC role
const [adminRole] = await app.db.select({ id: roles.id }).from(roles).where(eq(roles.name, 'Admin')).limit(1)
if (adminRole) {
await app.db.insert(userRoles).values({ userId: user.id, roleId: adminRole.id })
}
app.log.info({ email }, 'Initial admin user created') app.log.info({ email }, 'Initial admin user created')
// Send welcome email with password setup link // Send welcome email with password setup link