From 2e775dad90289f390b841d95d1ea25deacbc8fc9 Mon Sep 17 00:00:00 2001
From: Houkime <>
Date: Wed, 27 Dec 2023 13:44:39 +0000
Subject: [PATCH] fix(users): handle no admin name defined when adding a user

---
 selfprivacy_api/actions/users.py                     | 10 ++++++++++
 selfprivacy_api/graphql/mutations/users_mutations.py |  6 ++++++
 tests/test_graphql/test_users.py                     | 11 ++++++++++-
 3 files changed, 26 insertions(+), 1 deletion(-)

diff --git a/selfprivacy_api/actions/users.py b/selfprivacy_api/actions/users.py
index 10ba29b..fafa84f 100644
--- a/selfprivacy_api/actions/users.py
+++ b/selfprivacy_api/actions/users.py
@@ -107,6 +107,12 @@ class PasswordIsEmpty(Exception):
     pass
 
 
+class InvalidConfiguration(Exception):
+    """The userdata is broken"""
+
+    pass
+
+
 def create_user(username: str, password: str):
     if password == "":
         raise PasswordIsEmpty("Password is empty")
@@ -124,6 +130,10 @@ def create_user(username: str, password: str):
 
     with ReadUserData() as user_data:
         ensure_ssh_and_users_fields_exist(user_data)
+        if "username" not in user_data.keys():
+            raise InvalidConfiguration(
+                "Broken config: Admin name is not defined. Consider recovery or add it manually"
+            )
         if username == user_data["username"]:
             raise UserAlreadyExists("User already exists")
         if username in [user["username"] for user in user_data["users"]]:
diff --git a/selfprivacy_api/graphql/mutations/users_mutations.py b/selfprivacy_api/graphql/mutations/users_mutations.py
index 57825bc..7644b90 100644
--- a/selfprivacy_api/graphql/mutations/users_mutations.py
+++ b/selfprivacy_api/graphql/mutations/users_mutations.py
@@ -69,6 +69,12 @@ class UsersMutations:
                 message=str(e),
                 code=400,
             )
+        except users_actions.InvalidConfiguration as e:
+            return UserMutationReturn(
+                success=False,
+                message=str(e),
+                code=400,
+            )
         except users_actions.UserAlreadyExists as e:
             return UserMutationReturn(
                 success=False,
diff --git a/tests/test_graphql/test_users.py b/tests/test_graphql/test_users.py
index 96ecb85..f3ba02d 100644
--- a/tests/test_graphql/test_users.py
+++ b/tests/test_graphql/test_users.py
@@ -467,7 +467,7 @@ def test_graphql_add_existing_user(authorized_client, one_user):
     assert output["user"]["sshKeys"][0] == "ssh-rsa KEY user1@pc"
 
 
-def test_graphql_add_main_user(authorized_client, one_user, mock_subprocess_popen):
+def test_graphql_add_main_user(authorized_client, one_user):
     output = api_add_user(authorized_client, "tester", password="12345678")
 
     assert_errorcode(output, code=409)
@@ -475,6 +475,15 @@ def test_graphql_add_main_user(authorized_client, one_user, mock_subprocess_pope
     assert output["user"]["sshKeys"][0] == "ssh-rsa KEY test@pc"
 
 
+def test_graphql_add_user_when_no_admin_defined(
+    authorized_client, no_users_no_admin_nobody
+):
+    output = api_add_user(authorized_client, "tester", password="12345678")
+
+    assert_errorcode(output, code=400)
+    assert output["user"] is None
+
+
 def test_graphql_add_long_username(authorized_client, one_user, mock_subprocess_popen):
     output = api_add_user(authorized_client, "a" * 32, password="12345678")