Creating a user with the role "SUPER_ADMIN"

[AbdelilahDerfoufi]

I want to create a superadmin account without the need to use fixtures or SQL request. While in developent I struggle with creating accounts with different roles. What's the best approach?

I want to make it as a contribution to people who struggled with user roles like me.

[weaverryan]

I think the best way would be to have a command like FOSUserBundle had where you could enter the user's email, then add/remove a role from it.

But I'm not sure where that command would live. We could generate one from MakerBundle... just not sure about that. We'll see what others think :)

[AbdelilahDerfoufi]

I believe an equivalent for that command or something similar to it in the makerbundle would be quite useful

[jrushlow]

I'm kind of mixed on this one. I can see it being useful to be able to generate a "super user" when running make:auth xor make:user. But MakerBundle is pretty oblivious to user roles and how they are used on an application level. The actual implementation of user roles varies greatly from app to app - we would have to ask a handful of questions/implement logic gates - in order to determine what the super admin role even is. Then we would have to create an actual user in persistence if one didnt exist.

The only solid way I could see this working natively in MakerBundle is if we had some sort of "default security scheme" where we were opinionated on how an app's security architecture should work.. And that is getting outside the realm of what maker is meant to be used for.

Another option potential option would be to have a one size fits all make:security type of command (similar to #1085) where we set everything up -> run migration(s) -> plop in a default user w/ an "admin" role... But this approach also has complexity issues from a maintainers standpoint as well...

Open to ideas!

[AbdelilahDerfoufi]

I was thinking, that I use Reflection and get the setters for non nullable fields. This way we don't have a problem for inserting into the database. For security. I think sending a mail with a onetime link to validate the user with a lifetime of 5min would be efficient enough without the need of changing security. Especialy since SUPER_USER can be a default role for the first time and the develepoment team for whatever app handle their roles the way they want to.

[jrushlow]

The problem with that approach is that mailer/notification services would need to be up and running when we generate and persist a "super user". Typically, those services are not setup and running at that stage in development.

If you mean to have an application deployed to a staging/production environment -> run a make:super-user type of command -> email the one-time passcode to a user to establish a password type of thing. That is outside of anything MakerBundle should be doing.

On another note that comes to mind, having "default" users built into an app with elevated privileges smells of a pretty big security concern from a "Symfony" standpoint. E.g. say we created a super user anytime someone ran make:auth. If the developer never removed that default account before deploying to production, that is a potential known attack vector that could be exploited. To put it another way - if your bank created a online banking account with the password as password and you never changed it; theres a pretty decent chance your account will get hacked...

The more I think about the best way to do this, the more I'm leaning towards leaving this functionality out of MakerBundle all together. Another alternative that may work for you - you can create your own maker command that extends AbstractMaker -> tailor it to suite your needs across many of the application / security strategies you commonly use -> and import (as a bundle or simply copy/paste) that into each of the app's you're developing.

[AbdelilahDerfoufi]

Rather than mail why not add an argument --dev or something like that to make it the use available only for dev.

[AbdelilahDerfoufi]

And maybe and in production mode --prod. We make te user connect to the database and enter its login and password to create the super user. What do you think?

[jrushlow]

I don't think we're going to move forward with this in MakerBundle anytime soon for the reasons stated above.