Merge pull request #531 from goblogplatform/fix/wizard-when-no-admin-user

Auto-promote first OAuth login to admin when no admin exists

Author: compscidr

auth/auth.go

@@ -189,6 +189,16 @@ func (a *Auth) LoginPostHandler(c *gin.Context) {
 		existingUser = *user
 	}
 
+	// On a fresh install where the operator has pre-populated .env (e.g. via
+	// configuration management), the install wizard's UI flow is bypassed and
+	// no admin user is ever created. Promote the first successful OAuth login
+	// to admin so the operator can administer the site without re-running the
+	// wizard. Same trust model as the wizard: whoever first completes OAuth
+	// against the server's client_secret becomes the admin.
+	if err := a.EnsureAdmin(user.ID); err != nil {
+		log.Println("Error ensuring admin user: " + err.Error())
+	}
+
 	//save the access token in the session
 	session := sessions.Default(c)
 	session.Set("token", data.AccessToken)
@@ -197,6 +207,27 @@ func (a *Auth) LoginPostHandler(c *gin.Context) {
 	c.JSON(http.StatusOK, existingUser)
 }
 
+// EnsureAdmin promotes the given BlogUser to admin if and only if no admin
+// user currently exists. Idempotent and safe to call on every login.
+//
+// The check-and-create runs inside a transaction so two concurrent first
+// logins can't both observe an empty admin_users table and both create a
+// row. Lookup errors other than "record not found" are surfaced rather
+// than swallowed as if no admin existed.
+func (a *Auth) EnsureAdmin(blogUserID int) error {
+	return (*a.db).Transaction(func(tx *gorm.DB) error {
+		var existing AdminUser
+		err := tx.First(&existing).Error
+		if err == nil {
+			return nil // an admin already exists; nothing to do
+		}
+		if !errors.Is(err, gorm.ErrRecordNotFound) {
+			return err
+		}
+		return tx.Create(&AdminUser{BlogUserID: blogUserID}).Error
+	})
+}
+
 // DisplayUserTable is a debug function, shows the user table
 func (a *Auth) DisplayUserTable() {
 	var users []BlogUser

auth/auth_test.go

@@ -60,3 +60,48 @@ func TestIsWizardMode_WithAdminUser_ReturnsFalse(t *testing.T) {
 		t.Fatal("IsWizardMode must be false once an admin_users row exists")
 	}
 }
+
+func TestEnsureAdmin_NoAdmin_CreatesRow(t *testing.T) {
+	a, db := newAuth(t)
+	user := auth.BlogUser{ID: 42, Login: "operator"}
+	db.Create(&user)
+
+	if err := a.EnsureAdmin(user.ID); err != nil {
+		t.Fatalf("EnsureAdmin: %v", err)
+	}
+
+	var count int64
+	db.Model(&auth.AdminUser{}).Count(&count)
+	if count != 1 {
+		t.Fatalf("expected 1 admin_users row, got %d", count)
+	}
+	var got auth.AdminUser
+	db.First(&got)
+	if got.BlogUserID != user.ID {
+		t.Fatalf("expected admin BlogUserID=%d, got %d", user.ID, got.BlogUserID)
+	}
+}
+
+func TestEnsureAdmin_AdminExists_NoOp(t *testing.T) {
+	a, db := newAuth(t)
+	first := auth.BlogUser{ID: 1, Login: "first"}
+	second := auth.BlogUser{ID: 2, Login: "second"}
+	db.Create(&first)
+	db.Create(&second)
+	db.Create(&auth.AdminUser{BlogUserID: first.ID, BlogUser: first})
+
+	if err := a.EnsureAdmin(second.ID); err != nil {
+		t.Fatalf("EnsureAdmin: %v", err)
+	}
+
+	var count int64
+	db.Model(&auth.AdminUser{}).Count(&count)
+	if count != 1 {
+		t.Fatalf("expected EnsureAdmin to be a no-op when an admin exists, got %d admin rows", count)
+	}
+	var got auth.AdminUser
+	db.First(&got)
+	if got.BlogUserID != first.ID {
+		t.Fatalf("expected first admin to remain (id=%d), got id=%d", first.ID, got.BlogUserID)
+	}
+}