Add simple user-management tool for emailsignin …

Currently, administrators of closed instances need to manually fiddle in
their databases for user-management.
This commit adds a small commandline utility that allows to create and
delete users.

Signed-off-by: Dario Ernst <dario@kanojo.de>

README.md

@@ -188,7 +188,7 @@ There are some configs you need to change in the files below
 | HMD_IMGUR_CLIENTID | no example | Imgur API client id |
 | HMD_EMAIL | `true` or `false` | set to allow email signin |
 | HMD_ALLOW_PDF_EXPORT | `true` or `false` | Enable or disable PDF exports |
-| HMD_ALLOW_EMAIL_REGISTER | `true` or `false` | set to allow email register (only applied when email is set, default is `true`) |
+| HMD_ALLOW_EMAIL_REGISTER | `true` or `false` | set to allow email register (only applied when email is set, default is `true`. Note `bin/manage_users` might help you if registration is `false`.) |
 | HMD_IMAGE_UPLOAD_TYPE | `imgur`, `s3`, `minio` or `filesystem` | Where to upload image. For S3, see our Image Upload Guides for [S3](docs/guides/s3-image-upload.md) or [Minio](docs/guides/minio-image-upload.md) |
 | HMD_S3_ACCESS_KEY_ID | no example | AWS access key id |
 | HMD_S3_SECRET_ACCESS_KEY | no example | AWS secret key |
@@ -246,7 +246,7 @@ There are some configs you need to change in the files below
 | heartbeattimeout | `10000` | socket.io heartbeat timeout |
 | documentmaxlength | `100000` | note max length |
 | email | `true` or `false` | set to allow email signin |
-| allowemailregister  | `true` or `false` | set to allow email register (only applied when email is set, default is `true`) |
+| allowemailregister  | `true` or `false` | set to allow email register (only applied when email is set, default is `true`. Note `bin/manage_users` might help you if registration is `false`.) |
 | imageuploadtype | `imgur`(default), `s3`, `minio` or `filesystem` | Where to upload image
 | minio | `{ "accessKey": "YOUR_MINIO_ACCESS_KEY", "secretKey": "YOUR_MINIO_SECRET_KEY", "endpoint": "YOUR_MINIO_HOST", port: 9000, secure: true }` | When `imageuploadtype` is set to `minio`, you need to set this key. Also checkout our [Minio Image Upload Guide](docs/guides/minio-image-upload.md) |
 | s3 | `{ "accessKeyId": "YOUR_S3_ACCESS_KEY_ID", "secretAccessKey": "YOUR_S3_ACCESS_KEY", "region": "YOUR_S3_REGION" }` | When `imageuploadtype` be set to `s3`, you would also need to setup this key, check our [S3 Image Upload Guide](docs/guides/s3-image-upload.md) |

bin/manage_users

@@ -0,0 +1,89 @@
+#!/usr/bin/env node
+
+// First configure the logger so it does not spam the console
+const logger = require("../lib/logger");
+logger.transports.console.level = "warning";
+
+const models = require("../lib/models/");
+const readline = require("readline-sync");
+const minimist = require("minimist");
+
+var usage = `
+
+Command-line utility to create users for email-signin.
+
+Usage: bin/manage_users [--pass password] (--add | --del) user-email
+	Options:
+		--add 	Add user with the specified user-email
+		--del 	Delete user with specified user-email
+		--pass	Use password from cmdline rather than prompting
+`
+
+// Using an async function to be able to use await inside
+async function createUser(argv) {
+	var existing_user = await models.User.findOne({where: {email: argv["add"]}});
+	// Cannot create already-existing users
+	if(existing_user != undefined) {
+		console.log("User with e-mail "+existing_user.email+" already exists! Aborting ...");
+		process.exit(1);
+	}
+
+	// Find whether we use cmdline or prompt password
+	if(argv["pass"] == undefined) {
+		var pass = readline.question("Password for "+argv["add"]+":", {hideEchoBack: true});
+	} else {
+		console.log("Using password from commandline...");
+		var pass = argv["pass"];
+	}
+
+	// Lets try to create, and check success
+	var ref = await models.User.create({email: argv["add"], password: pass});
+	if(ref == undefined) {
+		console.log("Could not create user with email "+argv["add"]);
+		process.exit(1);
+	} else
+		console.log("Created user with email "+argv["add"]);
+}
+
+// Using an async function to be able to use await inside
+async function deleteUser(argv) {
+	// Cannot delete non-existing users
+	var existing_user = await models.User.findOne({where: {email: argv["del"]}});
+	if(existing_user == undefined) {
+		console.log("User with e-mail "+argv["del"]+" does not exist, cannot delete");
+		process.exit(1);
+	}
+
+	// Sadly .destroy() does not return any success value with all
+	// backends. See sequelize #4124
+	await existing_user.destroy();
+	console.log("Deleted user "+argv["del"]+" ...");
+}
+
+// Perform commandline-parsing
+var argv = minimist(process.argv.slice(2));
+
+// Check for add/delete missing
+if (argv["add"] == undefined && argv["del"] == undefined) {
+	console.log("You did not specify either --add or --del!");
+	console.log(usage);
+	process.exit(1);
+}
+
+// Check if both are specified
+if (argv["add"] != undefined && argv["del"] != undefined) {
+	console.log("You cannot add and delete at the same time!");
+	console.log(usage);
+	process.exit(1);
+}
+
+// Call respective processing functions
+if (argv["add"] != undefined) {
+	createUser(argv).then(function() {
+		process.exit(0);
+	});
+} else if (argv["del"] != undefined) {
+	deleteUser(argv).then(function() {
+		process.exit(0);
+	})
+}

package.json

@@ -79,6 +79,7 @@
     "mattermost": "^3.4.0",
     "meta-marked": "^0.4.2",
     "method-override": "^2.3.7",
+    "minimist": "^1.2.0",
     "minio": "^3.1.3",
     "moment": "^2.17.1",
     "morgan": "^1.7.0",
@@ -103,6 +104,7 @@
     "prismjs": "^1.6.0",
     "randomcolor": "^0.4.4",
     "raphael": "git+https://github.com/dmitrybaranovskiy/raphael",
+    "readline-sync": "^1.4.7",
     "request": "^2.79.0",
     "reveal.js": "~3.6.0",
     "scrypt": "^6.0.3",