chore: better admin delete protection & more info in the status endpoint #49
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Description
This PR has 2 changes:
The status endpoint now returns an initialized value
Initialized
means the first admin user has been created for GoCert.The reason to report this in status is because gocert behaves differently in a subtle way when it hasn't been initialized, namely the fact that no authentication is needed to create this first account. Clients including the frontend need a stable way to query for this information, and the status endpoint is a good place to report it.
Admin delete protection
We previously blocked any
Delete
request to the user with the ID of 1 to prevent users from deleting the admin account. The issue with this is the fact that the user with account ID 1 may not always be the admin account.While this assumption is true for the current GoCert, it may not remain true when different auth methods and database connectors are added in the future. This is simply more stable.
Checklist: