diff --git a/doc/manual/installation.xml b/doc/manual/installation.xml
index a1c410d5..4d1c6b2a 100644
--- a/doc/manual/installation.xml
+++ b/doc/manual/installation.xml
@@ -163,15 +163,16 @@ hydra-init
- To add a user root with
- admin privileges, execute:
-
-echo "INSERT INTO Users(userName, emailAddress, password) VALUES ('root', 'some@email.adress.com', '$(echo -n foobar | sha1sum | cut -c1-40)');" | psql hydra
-echo "INSERT INTO UserRoles(userName, role) values('root', 'admin');" | psql hydra
+ To create projects, you need to create a user with
+ admin privileges. This can be done using
+ the command hydra-create-user:
- For SQLite the same commands can be used, with psql
- hydra replaced by sqlite3
- /path/to/hydra.sqlite.
+
+$ hydra-create-user alice --full-name 'Alice Q. User' \
+ --email-address 'alice@example.org' --password foobar --role admin
+
+
+ Additional users can be created through the web interface.
diff --git a/src/script/Makefile.am b/src/script/Makefile.am
index 508e5fe1..c05c9a12 100644
--- a/src/script/Makefile.am
+++ b/src/script/Makefile.am
@@ -10,6 +10,7 @@ distributable_scripts = \
hydra-server \
hydra-update-gc-roots \
hydra-s3-backup-collect-garbage \
+ hydra-create-user \
nix-prefetch-git \
nix-prefetch-bzr \
nix-prefetch-hg
diff --git a/src/script/hydra-create-user b/src/script/hydra-create-user
new file mode 100755
index 00000000..1fcf4728
--- /dev/null
+++ b/src/script/hydra-create-user
@@ -0,0 +1,88 @@
+#! /var/run/current-system/sw/bin/perl -w
+
+use strict;
+use Hydra::Schema;
+use Hydra::Helper::Nix;
+use Hydra::Model::DB;
+use Getopt::Long qw(:config gnu_getopt);
+use Digest::SHA1 qw(sha1_hex);
+
+sub showHelp {
+ print < \$renameFrom,
+ "type=s" => \$type,
+ "full-name=s" => \$fullName,
+ "email-address=s" => \$emailAddress,
+ "password=s" => \$password,
+ "wipe-roles" => \$wipeRoles,
+ "role=s" => \@roles,
+ "help" => sub { showHelp() }
+ ) or exit 1;
+
+die "$0: one user name required\n" if scalar @ARGV != 1;
+my $userName = $ARGV[0];
+
+die "$0: type must be `hydra' or `persona'\n"
+ if defined $type && $type ne "hydra" && $type ne "persona";
+
+my $db = Hydra::Model::DB->new();
+
+txn_do($db, sub {
+ my $user = $db->resultset('Users')->find({ username => $renameFrom // $userName });
+ if ($renameFrom) {
+ die "$0: user `$renameFrom' does not exist\n" unless $user;
+ $user->update({ username => $userName });
+ } elsif ($user) {
+ print STDERR "updating existing user `$userName'\n";
+ } else {
+ print STDERR "creating new user `$userName'\n";
+ $user = $db->resultset('Users')->create(
+ { username => $userName, type => "hydra", emailaddress => "", password => "!" });
+ }
+
+ die "$0: Persona user names must be email addresses\n"
+ if $user->type eq "persona" && $userName !~ /\@/;
+
+ $user->update({ type => $type }) if defined $type;
+
+ $user->update({ fullname => $fullName eq "" ? undef : $fullName }) if defined $fullName;
+
+ if ($user->type eq "persona") {
+ die "$0: Persona accounts do not have an explicitly set email address.\n"
+ if defined $emailAddress;
+ die "$0: Persona accounts do not have a password.\n"
+ if defined $password;
+ $user->update({ emailaddress => $userName, password => "!" });
+ } else {
+ $user->update({ emailaddress => $emailAddress }) if defined $emailAddress;
+ $user->update({ password => sha1_hex($password) }) if defined $password;
+ }
+
+ $user->userroles->delete if $wipeRoles;
+ $user->userroles->update_or_create({ role => $_ }) foreach @roles;
+});