fixed admin permissions of initial created scmadmin user account

scm-webapp/src/main/java/sonia/scm/boot/SetupContextListener.java

@@ -0,0 +1,71 @@
+package sonia.scm.boot;
+
+import com.google.common.annotations.VisibleForTesting;
+import org.apache.shiro.authc.credential.PasswordService;
+import sonia.scm.plugin.Extension;
+import sonia.scm.security.PermissionAssigner;
+import sonia.scm.security.PermissionDescriptor;
+import sonia.scm.user.User;
+import sonia.scm.user.UserManager;
+import sonia.scm.web.security.AdministrationContext;
+import sonia.scm.web.security.PrivilegedAction;
+
+import javax.inject.Inject;
+import javax.servlet.ServletContextEvent;
+import javax.servlet.ServletContextListener;
+import java.util.Collections;
+
+@Extension
+public class SetupContextListener implements ServletContextListener {
+
+  private final AdministrationContext administrationContext;
+
+  @Inject
+  public SetupContextListener(AdministrationContext administrationContext) {
+    this.administrationContext = administrationContext;
+  }
+
+  @Override
+  public void contextInitialized(ServletContextEvent sce) {
+    administrationContext.runAsAdmin(SetupAction.class);
+  }
+
+  @Override
+  public void contextDestroyed(ServletContextEvent sce) {}
+
+  @VisibleForTesting
+  static class SetupAction implements PrivilegedAction {
+
+    private final UserManager userManager;
+    private final PasswordService passwordService;
+    private final PermissionAssigner permissionAssigner;
+
+    @Inject
+    public SetupAction(UserManager userManager, PasswordService passwordService, PermissionAssigner permissionAssigner) {
+      this.userManager = userManager;
+      this.passwordService = passwordService;
+      this.permissionAssigner = permissionAssigner;
+    }
+
+    @Override
+    public void run() {
+      if (isFirstStart()) {
+        createAdminAccount();
+      }
+    }
+
+    private boolean isFirstStart() {
+      return userManager.getAll().isEmpty();
+    }
+
+    private void createAdminAccount() {
+      User scmadmin = new User("scmadmin", "SCM Administrator", "scm-admin@scm-manager.org");
+      String password = passwordService.encryptPassword("scmadmin");
+      scmadmin.setPassword(password);
+      userManager.create(scmadmin);
+
+      PermissionDescriptor descriptor = new PermissionDescriptor("*");
+      permissionAssigner.setPermissionsForUser("scmadmin", Collections.singleton(descriptor));
+    }
+  }
+}

scm-webapp/src/main/java/sonia/scm/user/DefaultUserManager.java

@@ -71,13 +71,6 @@ import java.util.List;
 public class DefaultUserManager extends AbstractUserManager
 {
 
-  /** Field description */
-  public static final String ADMIN_PATH = "/sonia/scm/config/admin-account.xml";
-
-  /** Field description */
-  public static final String ANONYMOUS_PATH =
-    "/sonia/scm/config/anonymous-account.xml";
-
   /** Field description */
   public static final String STORE_NAME = "users";
 
@@ -173,12 +166,6 @@ public class DefaultUserManager extends AbstractUserManager
   @Override
   public void init(SCMContextProvider context)
   {
-
-    // create default account only, if no other account is available
-    if (userDAO.getAll().isEmpty())
-    {
-      createDefaultAccounts();
-    }
   }
 
   /**
@@ -457,28 +444,6 @@ public class DefaultUserManager extends AbstractUserManager
     }
   }
 
-  /**
-   * Method description
-   *
-   */
-  private void createDefaultAccounts()
-  {
-    try
-    {
-      logger.info("create default accounts");
-
-      JAXBContext context = JAXBContext.newInstance(User.class);
-      Unmarshaller unmarshaller = context.createUnmarshaller();
-
-      createDefaultAccount(unmarshaller, ADMIN_PATH);
-      createDefaultAccount(unmarshaller, ANONYMOUS_PATH);
-    }
-    catch (JAXBException ex)
-    {
-      logger.error("could not create default accounts", ex);
-    }
-  }
-
   //~--- fields ---------------------------------------------------------------
 
   private final UserDAO userDAO;