From 208cc7192e94d78c341bebaf8fd21f8072db89ca Mon Sep 17 00:00:00 2001
From: Valentin Tolmer <valentin@tolmer.fr>
Date: Tue, 12 Sep 2023 14:48:21 +0200
Subject: [PATCH] server: Only create the default admin if there are no admins

Fixes #563
---
 server/src/main.rs | 17 ++++++++++++++---
 1 file changed, 14 insertions(+), 3 deletions(-)

diff --git a/server/src/main.rs b/server/src/main.rs
index 83b85de..9047f89 100644
--- a/server/src/main.rs
+++ b/server/src/main.rs
@@ -9,7 +9,7 @@ use crate::{
     domain::{
         handler::{
             CreateUserRequest, GroupBackendHandler, GroupListerBackendHandler, GroupRequestFilter,
-            UserBackendHandler,
+            UserBackendHandler, UserListerBackendHandler, UserRequestFilter,
         },
         sql_backend_handler::SqlBackendHandler,
         sql_opaque_handler::register_password,
@@ -89,8 +89,19 @@ async fn set_up_server(config: Configuration) -> Result<ServerBuilder> {
     ensure_group_exists(&backend_handler, "lldap_admin").await?;
     ensure_group_exists(&backend_handler, "lldap_password_manager").await?;
     ensure_group_exists(&backend_handler, "lldap_strict_readonly").await?;
-    if let Err(e) = backend_handler.get_user_details(&config.ldap_user_dn).await {
-        warn!("Could not get admin user, trying to create it: {:#}", e);
+    let admin_present = if let Ok(admins) = backend_handler
+        .list_users(
+            Some(UserRequestFilter::MemberOf("lldap_admin".to_owned())),
+            false,
+        )
+        .await
+    {
+        !admins.is_empty()
+    } else {
+        false
+    };
+    if !admin_present {
+        warn!("Could not find an admin user, trying to create the user \"admin\" with the config-provided password");
         create_admin_user(&backend_handler, &config)
             .await
             .map_err(|e| anyhow!("Error setting up admin login/account: {:#}", e))