Merge branch 'feature/create-users' into 'master'

Feature/create users

See merge request la-crise/discourse-formula!1

discourse/config/file.sls

@@ -3,12 +3,12 @@
 
 {#- Get the `tplroot` from `tpldir` #}
 {%- set tplroot = tpldir.split('/')[0] %}
-{%- set sls_sources_clone = tplroot ~ '.sources.clone' %}
+{%- set sls_sources_hack = tplroot ~ '.sources.hack' %}
 {%- from tplroot | path_join("map.jinja") import discourse with context %}
 {%- from tplroot | path_join("libtofs.jinja") import files_switch with context %}
 
 include:
-  - {{ sls_sources_clone }}
+  - {{ sls_sources_hack }}
 
 {%- set config = discourse.directory | path_join('containers', 'app.yml') %}
 
@@ -28,4 +28,4 @@ discourse-config-file-file-managed:
     - context:
         discourse: {{ discourse | json }}
     - require:
-      - sls: {{ sls_sources_clone }}
+      - sls: {{ sls_sources_hack }}

discourse/config/files/default/app.yml.jinja

@@ -17,6 +17,7 @@ templates:
   - "templates/web.ssl.template.yml"
   - "templates/web.letsencrypt.ssl.template.yml"
 {%- endif %}
+  - "templates/rake.autosetup.template.yml"
 
 ## which TCP/IP ports should this container expose?
 ## If you want Discourse to share a port with another webserver like Apache or nginx,

discourse/init.sls

@@ -8,3 +8,4 @@ include:
   - .sources
   - .config
   - .service
+  - .setup

discourse/parameters/defaults.yaml

@@ -17,6 +17,7 @@ values:
   # letsencrypt:
   #   enabled: true
   #   account_email: 'me@example.net'
+  # users: {}
   launcher:
     rebuild_cmd: './launcher rebuild app'
     bootstrap_cmd: './launcher bootstrap app'
@@ -25,4 +26,5 @@ values:
     restart_cmd: './launcher restart app'
     cleanup_cmd: './launcher cleanup app'
     destroy_cmd: './launcher destroy app'
+    run_cmd: 'docker exec app /bin/bash -c'
 ...

discourse/service/rebuild.sls

@@ -5,12 +5,14 @@
 {%- set tplroot = tpldir.split('/')[0] %}
 {%- set sls_discourse_netcat_package_install = tplroot ~ '.netcat.install' %}
 {%- set sls_discourse_net_tools_package_install = tplroot ~ '.net-tools.install' %}
+{%- set sls_discourse_sources_hack = tplroot ~ '.sources.hack' %}
 {%- set sls_discourse_config_file = tplroot ~ '.config.file' %}
 {%- from tplroot | path_join("map.jinja") import discourse with context %}
 
 include:
   - {{ sls_discourse_netcat_package_install }}
   - {{ sls_discourse_net_tools_package_install }}
+  - {{ sls_discourse_sources_hack }}
   - {{ sls_discourse_config_file }}
 
 discourse-service-rebuild-cmd-run:
@@ -21,4 +23,5 @@ discourse-service-rebuild-cmd-run:
       - sls: {{ sls_discourse_netcat_package_install }}
       - sls: {{ sls_discourse_net_tools_package_install }}
     - onchanges:
+      - sls: {{ sls_discourse_sources_hack }}
       - sls: {{ sls_discourse_config_file }}

discourse/setup/init.sls

+# -*- coding: utf-8 -*-
+# vim: ft=sls
+
+include:
+  - .users

discourse/setup/users/create.sls

+# -*- coding: utf-8 -*-
+# vim: ft=sls
+
+{#- Get the `tplroot` from `tpldir` #}
+{%- set tplroot = tpldir.split('/')[0] %}
+{%- set sls_service_running = tplroot ~ '.service.running' %}
+{%- from tplroot | path_join("map.jinja") import discourse with context %}
+
+include:
+  - {{ sls_service_running }}
+
+{%- for user, params in discourse.get('users', {}).items() %}
+  {%- set email = params.get('email', '') %}
+  {%- set password = params.get('password', '') %}
+  {%- set enabled = params.get('enabled', 'True') %}
+  {%- set is_admin = params.get('admin', 'False') %}
+  {%- set create_user_cmd = 'cd /var/www/discourse/ && rake autosetup:createuser['
+                            ~ '"' ~ email ~ '"'
+                            ~ ',"' ~ password ~ '"'
+                            ~ ',"' ~ enabled ~ '"'
+                            ~ ',"' ~ is_admin ~ '"'
+                            ~ ']'
+    %}
+
+discourse-setup-users-create-{{ user }}-cmd-run:
+  cmd.run:
+    - name: {{ discourse | traverse('launcher:run_cmd')
+               ~ " '"
+               ~ create_user_cmd
+               ~ "'"
+             }}
+    - cwd: {{ discourse.directory }}
+    - require:
+      - sls: {{ sls_service_running }}
+{%- endfor %}

discourse/setup/users/init.sls

+# -*- coding: utf-8 -*-
+# vim: ft=sls
+
+include:
+  - .create

discourse/sources/files/default/rake.autosetup.template.yml

+run:
+  - file:
+     path: /var/www/discourse/lib/tasks/autosetup.rake
+     contents: |
+       desc "Creates a forum user"
+       task "autosetup:createuser", [:email, :password, :enabled, :is_admin] => :environment do |task, args|
+       
+         if args[:email].nil? or args[:email].empty?
+           puts "You must provide an email address"
+           exit 1
+         end
+       
+         enabled = args[:enabled] !~ /false/i
+         is_admin = args[:is_admin] =~ /true/i
+       
+         existing_user = User.find_by_email(args[:email])
+       
+         begin
+           # check if user account already exixts
+           if existing_user
+             puts "User #{args[:email]} already exists"
+             user = existing_user
+           elsif !enabled
+             puts "User #{args[:email]} does not exists, nothing to do"
+             exit 0
+           else
+             # create new user
+             user = User.new
+             user.email = args[:email]
+             user.username = UserNameSuggester.suggest(user.email)
+           end
+       
+           # save/update user account
+           saved = user.save
+           puts "User #{args[:email]}: #{user.errors.full_messages.join("\n")}" unless saved
+         end while !saved
+       
+         if !enabled
+           puts "User #{args[:email]}: ensuring account is not active!"
+           user.active = false
+         else
+           puts "User #{args[:email]}: ensuring account is active!"
+           user.active = true
+         end
+         user.save
+       
+         if existing_user
+           puts "User #{args[:email]}: account updated successfully!"
+         else
+           if enabled and (args[:password].nil? or args[:password].empty?)
+             puts "User #{args[:email]}: send password reset email"
+             email_token = user.email_tokens.create(email: user.email)
+             Jobs.enqueue(:critical_user_email, type: :forgot_password, user_id: user.id, email_token: email_token.token)
+           else
+             puts "User #{args[:email]}: set password"
+             password = password_confirmation = args[:password]
+             user.password = password
+             user.save
+           end
+       
+           puts "User #{args[:email]}: account created successfully with username #{user.username}"
+         end
+       
+         if is_admin
+           user.grant_admin!
+           if user.trust_level < 1
+             user.change_trust_level!(1)
+           end
+           user.email_tokens.update_all confirmed: true
+           user.activate
+       
+           puts "User #{args[:email]}: account now has Admin privileges!"
+         else
+           user.revoke_admin!
+           if user.trust_level < 1
+             user.change_trust_level!(0)
+           end
+           user.email_tokens.update_all confirmed: true
+           user.activate
+       
+           puts "User #{args[:email]}: account now has User privileges!"
+         end
+       end

discourse/sources/hack.sls

+# -*- coding: utf-8 -*-
+# vim: ft=sls
+
+{#- Get the `tplroot` from `tpldir` #}
+{%- set tplroot = tpldir.split('/')[0] %}
+{%- set sls_sources_clone = tplroot ~ '.sources.clone' %}
+{%- from tplroot | path_join("map.jinja") import discourse with context %}
+{%- from tplroot | path_join("libtofs.jinja") import files_switch with context %}
+
+include:
+  - {{ sls_sources_clone }}
+
+discourse-sources-hack-autosetup-template-file-managed:
+  file.managed:
+    - name: {{ discourse.directory | path_join('templates', 'rake.autosetup.template.yml') }}
+    - source: {{ files_switch(['rake.autosetup.template.yml'],
+                              lookup='discourse-sources-hack-autosetup-template-file-managed',
+                              use_subpath=True
+                 )
+              }}
+    - mode: '644'
+    - owner: 'root'
+    - group: 'root'
+    - require:
+      - sls: {{ sls_sources_clone }}

discourse/sources/init.sls

@@ -4,3 +4,4 @@
 include:
   - .package
   - .clone
+  - .hack

docs/README.rst

@@ -52,7 +52,7 @@ Available states
 This state will configure the deployement by generating the
 ``containers/app.yml`` file.
 
-It depends on ``discourse.sources.clone``.
+It depends on ``discourse.sources.hack``.
 
 ``discourse.service``
 ^^^^^^^^^^^^^^^^^^^^^
@@ -60,7 +60,25 @@ It depends on ``discourse.sources.clone``.
 *Meta-state (This is a state that includes other states)*.
 
 This state will rebuild the ``discourse`` application container if the
-configuration changes.
+``discourse.config`` has changes.
+
+``discourse.setup``
+^^^^^^^^^^^^^^^^^^^
+
+*Meta-state (This is a state that includes other states)*.
+
+This state will initialize the ``discourse`` application with sane
+defaults.
+
+``discourse.setup.users``
+^^^^^^^^^^^^^^^^^^^^^^^^^
+
+This state will manage a set of users:
+
+- create them if they don't exists
+- send password reset email by default or set their password if defined
+- set them active or not
+- set them ``admin`` or not.
 
 ``discourse.clean``
 ^^^^^^^^^^^^^^^^^^^
@@ -148,6 +166,7 @@ environment.
 
 - install the git package
 - clone the latest `discourse_docker`_ repository
+- install new rake tasks
 
 ``discourse.docker``
 ````````````````````

pillar.example

@@ -14,6 +14,12 @@ discourse:
   letsencrypt:
     enabled: true
     account_email: 'me@example.net'
+  users:
+    william:
+      # Password reset mail is sent by default
+      email: 'william.shakespears@example.net'
+      enabled: true
+      admin: true
 
   tofs:
     # The files_switch key serves as a selector for alternative