Feature #17298
closed
remove the need to run get_anonymous_user_token.rb during installation
Description
As part of ticket #16726 the services/api/script/get_anonymous_user_token.rb logic was changed. It currently takes the configured anonymous token from the config file and makes sure that the corresponding database record exists.
It is called from lib/boot/seed.go.
It needs to be run during manual installation in an awkward 2-step process: put a random string in config file; then run this script.
It would be much better to make the api server check the anonymous token as configured on startup, and if one is defined in the config file, make sure that the appropriate db record exists. If the token is not configured, it can do nothing. If a token is configured and other anonymous tokens exist in the database, those should be disabled. This is roughly the logic of the current services/api/script/get_anonymous_user_token.rb script.
Once this change is made, lib/boot/seed.go should be adapted and the documentation needs to be updated accordingly, in doc/install/install-keep-web.html.textile.liquid. Also update lib/config/config.default.yml and regenerate the reference.
Related issues
Updated by Ward Vandewege over 3 years ago
- Related to Bug #16726: other cluster's special users (root and anonymous) can appear in user list added
Updated by Peter Amstutz almost 3 years ago
- Target version deleted (
To Be Groomed)
Updated by Ward Vandewege about 2 years ago
- Related to Bug #18676: [api] handle anonymous token like system root token, removing need for db record added
Updated by Ward Vandewege about 2 years ago
- Status changed from New to Resolved
Resolved slightly differently but to the same effect in #18676