From 6afbfe45183412e35e8e846fd0d4a9d846c8644b Mon Sep 17 00:00:00 2001
From: Matthew Somerville <matthew-github@dracos.co.uk>
Date: Wed, 6 Jul 2016 18:07:22 +0100
Subject: Use normal user authentication to control access to /admin

 - Adds is_superuser flag to User
 - Logged-in user must be a superuser or have from_body set in order to access
   anything within /admin
 - has_permission_to on a superuser will always return true
 - Only superusers can create/grant superusers
 - New `createsuperuser` command for creating superusers
---
 perllib/FixMyStreet/Script/CreateSuperuser.pm | 25 +++++++++++++++++++++++++
 1 file changed, 25 insertions(+)
 create mode 100644 perllib/FixMyStreet/Script/CreateSuperuser.pm

(limited to 'perllib/FixMyStreet/Script/CreateSuperuser.pm')

diff --git a/perllib/FixMyStreet/Script/CreateSuperuser.pm b/perllib/FixMyStreet/Script/CreateSuperuser.pm
new file mode 100644
index 000000000..69d165abb
--- /dev/null
+++ b/perllib/FixMyStreet/Script/CreateSuperuser.pm
@@ -0,0 +1,25 @@
+package FixMyStreet::Script::CreateSuperuser;
+
+use strict;
+use warnings;
+
+use FixMyStreet;
+use FixMyStreet::DB;
+
+sub createsuperuser {
+    die "Specify a single email address and optionally password to create a superuser or grant superuser status to." if (@ARGV < 1 || @ARGV > 2);
+
+    my $user = FixMyStreet::DB->resultset('User')->find_or_new({ email => $ARGV[0] });
+    if ( !$user->in_storage ) {
+        die "Specify a password for this new user." if (@ARGV < 2);
+        $user->password($ARGV[1]);
+        $user->is_superuser(1);
+        $user->insert;
+    } else {
+        $user->update({ is_superuser => 1 });
+    }
+    print $user->email . " is now a superuser.\n";
+}
+
+
+1;
\ No newline at end of file
-- 
cgit v1.2.3