Rocket.Chat/server/startup/initialData.coffee

Meteor.startup ->
	Meteor.defer ->

		if not RocketChat.models.Rooms.findOneById('GENERAL')?
			RocketChat.models.Rooms.createWithIdTypeAndName 'GENERAL', 'c', 'general',
				default: true

		if not RocketChat.models.Users.findOneById('rocket.cat')?
			RocketChat.models.Users.create
				_id: 'rocket.cat'
				name: "Rocket.Cat"
				username: 'rocket.cat'
				status: "online"
				statusDefault: "online"
				utcOffset: 0
				active: true
				type: 'bot'

			RocketChat.authz.addUserRoles('rocket.cat', 'bot')

			rs = RocketChatFile.bufferToStream new Buffer(Assets.getBinary('avatars/rocketcat.png'), 'utf8')
			RocketChatFileAvatarInstance.deleteFile "rocket.cat.jpg"
			ws = RocketChatFileAvatarInstance.createWriteStream "rocket.cat.jpg", 'image/png'
			ws.on 'end', Meteor.bindEnvironment ->
				RocketChat.models.Users.setAvatarOrigin 'rocket.cat', 'local'

			rs.pipe(ws)


		if process.env.ADMIN_PASS?
			if _.isEmpty(RocketChat.authz.getUsersInRole( 'admin' ).fetch())
				console.log 'Inserting admin user:'.green

				adminUser =
					name: "Administrator"
					username: "admin"
					status: "offline"
					statusDefault: "online"
					utcOffset: 0
					active: true

				if process.env.ADMIN_NAME?
					adminUser.name = process.env.ADMIN_NAME
				console.log "Name: #{adminUser.name}".green

				if process.env.ADMIN_EMAIL?
					re = /^[^@].*@[^@]+$/i
					if re.test process.env.ADMIN_EMAIL
						if not RocketChat.models.Users.findOneByEmailAddress process.env.ADMIN_EMAIL
							adminUser.emails = [
								address: process.env.ADMIN_EMAIL
								verified: true
							]
							console.log "Email: #{process.env.ADMIN_EMAIL}".green
						else
							console.log 'Email provided already exists; Ignoring environment variables ADMIN_EMAIL'.red
					else
						console.log 'Email provided is invalid; Ignoring environment variables ADMIN_EMAIL'.red

				if process.env.ADMIN_USERNAME?
					try
						nameValidation = new RegExp '^' + RocketChat.settings.get('UTF8_Names_Validation') + '$'
					catch
						nameValidation = new RegExp '^[0-9a-zA-Z-_.]+$'
					if nameValidation.test process.env.ADMIN_USERNAME
						if RocketChat.checkUsernameAvailability(process.env.ADMIN_USERNAME)
							adminUser.username = process.env.ADMIN_USERNAME
						else
							console.log 'Username provided already exists; Ignoring environment variables ADMIN_USERNAME'.red
					else
						console.log 'Username provided is invalid; Ignoring environment variables ADMIN_USERNAME'.red
				console.log "Username: #{adminUser.username}".green

				adminUser.type = 'user'

				id = RocketChat.models.Users.create adminUser

				Accounts.setPassword id, process.env.ADMIN_PASS
				console.log "Password: #{process.env.ADMIN_PASS}".green
				RocketChat.authz.addUserRoles( id, 'admin')

			else
				console.log 'Users with admin role already exist; Ignoring environment variables ADMIN_PASS'.red

		# Set oldest user as admin, if none exists yet
		if _.isEmpty( RocketChat.authz.getUsersInRole( 'admin' ).fetch())
			# get oldest user
			oldestUser = RocketChat.models.Users.findOne({ _id: { $ne: 'rocket.cat' }}, { fields: { username: 1 }, sort: {createdAt: 1}})
			if oldestUser
				RocketChat.authz.addUserRoles( oldestUser._id, 'admin')
				console.log "No admins are found. Set #{oldestUser.username} as admin for being the oldest user"
Init app with user admin 11 years ago			`Meteor.startup ->`
fixing migration issues 11 years ago			`Meteor.defer ->`
First attempt at cron 10 years ago
Fix the error on startup after you rename your general channel 10 years ago			`if not RocketChat.models.Rooms.findOneById('GENERAL')?`
Replace all ChatRoom.insert 10 years ago			`RocketChat.models.Rooms.createWithIdTypeAndName 'GENERAL', 'c', 'general',`
Create channel 'GENERAL' as default channel 11 years ago			`default: true`
fixing migration issues 11 years ago
Set 'rockat.cat' as the _id of user rocket.cat 10 years ago			`if not RocketChat.models.Users.findOneById('rocket.cat')?`
			`RocketChat.models.Users.create`
			`_id: 'rocket.cat'`
Create a user rocket.cat and set avatar on system initialization 10 years ago			`name: "Rocket.Cat"`
			`username: 'rocket.cat'`
Allow to set Name and Username for initial admin user via environment variables - Closes #2231 10 years ago			`status: "online"`
			`statusDefault: "online"`
Create a user rocket.cat and set avatar on system initialization 10 years ago			`utcOffset: 0`
			`active: true`
Hide livechat users and rooms from the admin pages (#2820) * New field 'type' for users * Show only default room types on Admin > Rooms * Rename migration 40 to 41 10 years ago			`type: 'bot'`
Create a user rocket.cat and set avatar on system initialization 10 years ago
Add back the role bot to rocket.cat - closes #3098 10 years ago			`RocketChat.authz.addUserRoles('rocket.cat', 'bot')`

Create a user rocket.cat and set avatar on system initialization 10 years ago			`rs = RocketChatFile.bufferToStream new Buffer(Assets.getBinary('avatars/rocketcat.png'), 'utf8')`
			`RocketChatFileAvatarInstance.deleteFile "rocket.cat.jpg"`
			`ws = RocketChatFileAvatarInstance.createWriteStream "rocket.cat.jpg", 'image/png'`
			`ws.on 'end', Meteor.bindEnvironment ->`
Set 'rockat.cat' as the _id of user rocket.cat 10 years ago			`RocketChat.models.Users.setAvatarOrigin 'rocket.cat', 'local'`
Create a user rocket.cat and set avatar on system initialization 10 years ago
			`rs.pipe(ws)`


Allow to set Name and Username for initial admin user via environment variables - Closes #2231 10 years ago			`if process.env.ADMIN_PASS?`
			`if _.isEmpty(RocketChat.authz.getUsersInRole( 'admin' ).fetch())`
			`console.log 'Inserting admin user:'.green`
fixing migration issues 11 years ago
Allow to set Name and Username for initial admin user via environment variables - Closes #2231 10 years ago			`adminUser =`
			`name: "Administrator"`
			`username: "admin"`
			`status: "offline"`
			`statusDefault: "online"`
			`utcOffset: 0`
			`active: true`

			`if process.env.ADMIN_NAME?`
			`adminUser.name = process.env.ADMIN_NAME`
			`console.log "Name: #{adminUser.name}".green`

			`if process.env.ADMIN_EMAIL?`
Simplify and fix ADMIN_EMAIL verification regex. Fixes RocketChat/Rocket.Chat#2841 (#2890) * Email addresses start with something other than "@", have arbitrary characters, at least one "@", at least one character after that. 10 years ago			`re = /^[^@].*@[^@]+$/i`
Allow to set Name and Username for initial admin user via environment variables - Closes #2231 10 years ago			`if re.test process.env.ADMIN_EMAIL`
			`if not RocketChat.models.Users.findOneByEmailAddress process.env.ADMIN_EMAIL`
			`adminUser.emails = [`
Add admin user based on ADMIN_EMAIL and ADMIN_PASS if admin user doesn't exist 11 years ago			`address: process.env.ADMIN_EMAIL`
			`verified: true`
Allow to set Name and Username for initial admin user via environment variables - Closes #2231 10 years ago			`]`
			`console.log "Email: #{process.env.ADMIN_EMAIL}".green`
			`else`
Changed all "E-mail" to "Email" 10 years ago			`console.log 'Email provided already exists; Ignoring environment variables ADMIN_EMAIL'.red`
Allow to set Name and Username for initial admin user via environment variables - Closes #2231 10 years ago			`else`
Changed all "E-mail" to "Email" 10 years ago			`console.log 'Email provided is invalid; Ignoring environment variables ADMIN_EMAIL'.red`
Create RocketChat authorization package that handles role and permission based authorization Leverages alanning:roles package to associate a user to a role. Uses alanning:roles optional "group" parameter to limit the role's scope to either the global level or room level. The global level is applicable to users that can perform administrative functions. The room level is applicable to users that can perform room specific administrative functions (like a moderator). A role can have zero or more permissions. Permissions and their association to roles are defined by this package Authorization checks are based on whether or not the user has a role or permission. The roles, permissions, and their association are statically defined at this time. Eventually, there should be an API to dynamically create a role and associate it to static permission(s). Old 'isAdmin' and '.admin is true' checks have been replaced with corresponding hasPermission authorization checks. Additionally, code that automatically assigned admin privileges are updated to assign 'admin' role instead. channel/direct message/private group code checks authorization to edit properties (e.g. title) and edit/delete messages (regardless of the system level allow edit/delete settings). - user with 'admin' role are authorized to do anything - room creator is assigned 'moderator' role that can edit the room and edit/delete messages - members can only edit/delete their own messages IF system wide settings permit them to. v19 migration will - add 'admin' role to users with admin:true property - add 'moderator' role scoped to room for room creators - add 'user' role to all users. There are known issues unrelated to the changes made - If a user with edit/delete message room permissions logs out then a user without edit/delete message room permissions logs in, then they will see edit/delete icons. The server will deny execution - edit/delete icons are not reactive Thus if the system level allow edit/delete message setting is toggled, the icons will not reflect it. The server will deny execution. 10 years ago
Allow to set Name and Username for initial admin user via environment variables - Closes #2231 10 years ago			`if process.env.ADMIN_USERNAME?`
			`try`
			`nameValidation = new RegExp '^' + RocketChat.settings.get('UTF8_Names_Validation') + '$'`
			`catch`
			`nameValidation = new RegExp '^[0-9a-zA-Z-_.]+$'`
			`if nameValidation.test process.env.ADMIN_USERNAME`
			`if RocketChat.checkUsernameAvailability(process.env.ADMIN_USERNAME)`
			`adminUser.username = process.env.ADMIN_USERNAME`
			`else`
			`console.log 'Username provided already exists; Ignoring environment variables ADMIN_USERNAME'.red`
Add admin user based on ADMIN_EMAIL and ADMIN_PASS if admin user doesn't exist 11 years ago			`else`
Allow to set Name and Username for initial admin user via environment variables - Closes #2231 10 years ago			`console.log 'Username provided is invalid; Ignoring environment variables ADMIN_USERNAME'.red`
			`console.log "Username: #{adminUser.username}".green`

Fix admin user creation via env vars Closes #2943 10 years ago			`adminUser.type = 'user'`

Allow to set Name and Username for initial admin user via environment variables - Closes #2231 10 years ago			`id = RocketChat.models.Users.create adminUser`

			`Accounts.setPassword id, process.env.ADMIN_PASS`
			`console.log "Password: #{process.env.ADMIN_PASS}".green`
			`RocketChat.authz.addUserRoles( id, 'admin')`

Add admin user based on ADMIN_EMAIL and ADMIN_PASS if admin user doesn't exist 11 years ago			`else`
Allow to set Name and Username for initial admin user via environment variables - Closes #2231 10 years ago			`console.log 'Users with admin role already exist; Ignoring environment variables ADMIN_PASS'.red`
Always set oldest user as admin when no admins are found. 11 years ago
			`# Set oldest user as admin, if none exists yet`
Create RocketChat authorization package that handles role and permission based authorization Leverages alanning:roles package to associate a user to a role. Uses alanning:roles optional "group" parameter to limit the role's scope to either the global level or room level. The global level is applicable to users that can perform administrative functions. The room level is applicable to users that can perform room specific administrative functions (like a moderator). A role can have zero or more permissions. Permissions and their association to roles are defined by this package Authorization checks are based on whether or not the user has a role or permission. The roles, permissions, and their association are statically defined at this time. Eventually, there should be an API to dynamically create a role and associate it to static permission(s). Old 'isAdmin' and '.admin is true' checks have been replaced with corresponding hasPermission authorization checks. Additionally, code that automatically assigned admin privileges are updated to assign 'admin' role instead. channel/direct message/private group code checks authorization to edit properties (e.g. title) and edit/delete messages (regardless of the system level allow edit/delete settings). - user with 'admin' role are authorized to do anything - room creator is assigned 'moderator' role that can edit the room and edit/delete messages - members can only edit/delete their own messages IF system wide settings permit them to. v19 migration will - add 'admin' role to users with admin:true property - add 'moderator' role scoped to room for room creators - add 'user' role to all users. There are known issues unrelated to the changes made - If a user with edit/delete message room permissions logs out then a user without edit/delete message room permissions logs in, then they will see edit/delete icons. The server will deny execution - edit/delete icons are not reactive Thus if the system level allow edit/delete message setting is toggled, the icons will not reflect it. The server will deny execution. 10 years ago			`if _.isEmpty( RocketChat.authz.getUsersInRole( 'admin' ).fetch())`
Always set oldest user as admin when no admins are found. 11 years ago			`# get oldest user`
Fix rocket.cat user messing up the first real user being made admin. 10 years ago			`oldestUser = RocketChat.models.Users.findOne({ _id: { $ne: 'rocket.cat' }}, { fields: { username: 1 }, sort: {createdAt: 1}})`
Always set oldest user as admin when no admins are found. 11 years ago			`if oldestUser`
Rework 10 years ago			`RocketChat.authz.addUserRoles( oldestUser._id, 'admin')`
Always set oldest user as admin when no admins are found. 11 years ago			`console.log "No admins are found. Set #{oldestUser.username} as admin for being the oldest user"`