diff --git a/openmetadata-service/src/main/java/org/openmetadata/service/resources/teams/UserResource.java b/openmetadata-service/src/main/java/org/openmetadata/service/resources/teams/UserResource.java index 0377286c05b..5911e79c760 100644 --- a/openmetadata-service/src/main/java/org/openmetadata/service/resources/teams/UserResource.java +++ b/openmetadata-service/src/main/java/org/openmetadata/service/resources/teams/UserResource.java @@ -179,8 +179,9 @@ public class UserResource extends EntityResource { this.authenticationConfiguration = config.getAuthenticationConfiguration(); SmtpSettings smtpSettings = config.getSmtpSettings(); this.isEmailServiceEnabled = smtpSettings != null && smtpSettings.getEnableSmtpServer(); - this.dao.initializeUsers(config); + // Keep this before initializeUsers, else getUpdater() will fail SubjectCache.initialize(); + this.dao.initializeUsers(config); } public static class UserList extends ResultList { diff --git a/openmetadata-service/src/main/java/org/openmetadata/service/util/UserUtil.java b/openmetadata-service/src/main/java/org/openmetadata/service/util/UserUtil.java index 2034c16b433..3d5fbedad04 100644 --- a/openmetadata-service/src/main/java/org/openmetadata/service/util/UserUtil.java +++ b/openmetadata-service/src/main/java/org/openmetadata/service/util/UserUtil.java @@ -23,7 +23,6 @@ import static org.openmetadata.schema.auth.SSOAuthMechanism.SsoServiceType.OKTA; import static org.openmetadata.schema.entity.teams.AuthenticationMechanism.AuthType.JWT; import static org.openmetadata.schema.entity.teams.AuthenticationMechanism.AuthType.SSO; import static org.openmetadata.service.Entity.ADMIN_USER_NAME; -import static org.openmetadata.service.resources.teams.UserResource.USER_PROTECTED_FIELDS; import at.favre.lib.crypto.bcrypt.BCrypt; import java.io.IOException; @@ -76,24 +75,24 @@ public final class UserUtil { public static void addUserForBasicAuth(String username, String pwd, String domain) throws IOException { UserRepository userRepository = (UserRepository) Entity.getEntityRepository(Entity.USER); - User originalUser; try { - List fields = userRepository.getAllowedFieldsCopy(); - fields.add(USER_PROTECTED_FIELDS); - originalUser = userRepository.getByName(null, username, new EntityUtil.Fields(fields, String.join(",", fields))); + List fields = List.of("profile", "roles", "teams", "authenticationMechanism", "isEmailVerified"); + User originalUser = userRepository.getByName(null, username, new EntityUtil.Fields(fields)); if (originalUser.getAuthenticationMechanism() == null) { - updateUserWithHashedPwd(originalUser, pwd); + updateBasicAuthUser(originalUser, pwd); } - addOrUpdateUser(originalUser); } catch (EntityNotFoundException e) { - // TODO: Not the best way ! :( User user = user(username, domain, username).withIsAdmin(true).withIsEmailVerified(true); - updateUserWithHashedPwd(user, pwd); - addOrUpdateUser(user); - EmailUtil.sendInviteMailToAdmin(user, pwd); + updateBasicAuthUser(user, pwd); } } + private static void updateBasicAuthUser(User user, String pwd) { + updateUserWithHashedPwd(user, pwd); + addOrUpdateUser(user); + EmailUtil.sendInviteMailToAdmin(user, pwd); + } + public static void updateUserWithHashedPwd(User user, String pwd) { String hashedPwd = BCrypt.withDefaults().hashToString(12, pwd.toCharArray()); user.setAuthenticationMechanism(