From 56ab3ea8936aa6792d786527413d8f926a96152e Mon Sep 17 00:00:00 2001
From: Dietrich <dietrich@teilgedanken.de>
Date: Tue, 9 Mar 2021 11:50:36 +0100
Subject: [PATCH] Fix: Create admin promote correct account

fixes #10
---
 Cargo.toml |  3 ++-
 src/cli.rs | 17 +++++++++++------
 2 files changed, 13 insertions(+), 7 deletions(-)

diff --git a/Cargo.toml b/Cargo.toml
index 8fbaccd..c5efe27 100644
--- a/Cargo.toml
+++ b/Cargo.toml
@@ -11,6 +11,7 @@ readme = "README.md"
 repository = "https://git.teilgedanken.de/dietrich/Pslink"
 build = "build.rs"
 
+
 # See more keys and their definitions at https://doc.rust-lang.org/cargo/reference/manifest.html
 
 [dependencies]
@@ -22,7 +23,7 @@ serde = "1.0"
 diesel = { version = "1.4", features = ["sqlite", "chrono"] }
 diesel_codegen = { version = "0.16.1", features = ["sqlite"] }
 diesel_migrations = "1.4"
-libsqlite3-sys = { version = "*", features = ["bundled"] }
+libsqlite3-sys = { version = "0.8", features = ["bundled"] }
 dotenv = "0.10.1"
 actix-identity = "0.3"
 chrono = { version = "0.4", features = ["serde"] }
diff --git a/src/cli.rs b/src/cli.rs
index 05c432d..d5f7703 100644
--- a/src/cli.rs
+++ b/src/cli.rs
@@ -255,9 +255,10 @@ pub(crate) fn setup() -> Result<Option<crate::ServerConfig>, ServerError> {
     }
 }
 
+/// Interactively create a new admin user.
 fn create_admin(config: &ServerConfig) -> Result<(), ServerError> {
     use schema::users;
-    use schema::users::dsl::{id, role};
+    use schema::users::dsl::{email, role, username};
     slog_info!(&config.log, "Creating an admin user.");
     let sin = io::stdin();
 
@@ -272,7 +273,7 @@ fn create_admin(config: &ServerConfig) -> Result<(), ServerError> {
 
     print!("Please enter the emailadress for {}: ", new_username);
     io::stdout().flush().unwrap();
-    let email = sin.lock().lines().next().unwrap().unwrap();
+    let new_email = sin.lock().lines().next().unwrap().unwrap();
 
     print!("Please enter the password for {}: ", new_username);
     io::stdout().flush().unwrap();
@@ -281,17 +282,21 @@ fn create_admin(config: &ServerConfig) -> Result<(), ServerError> {
         &config.log,
         "Creating {} ({}) with given password ",
         &new_username,
-        &email
+        &new_email
     );
 
-    let new_admin = NewUser::new(new_username, email, &password, config)?;
+    let new_admin = NewUser::new(new_username.clone(), new_email.clone(), &password, config)?;
 
     diesel::insert_into(users::table)
         .values(&new_admin)
         .execute(&connection)?;
 
-    // Add admin rights to the first user (which should be the only one)
-    diesel::update(users::dsl::users.filter(id.eq(&1)))
+    let created_user = users::table
+        .filter(username.eq(new_username))
+        .filter(email.eq(new_email));
+
+    // Add admin rights to the user identified by (username, email) this should be unique according to sqlite constraints
+    diesel::update(created_user)
         .set((role.eq(2),))
         .execute(&connection)?;
     slog_info!(&config.log, "Admin user created: {}", &new_admin.username);