From 13857017d7cc3d8baa150a90f236b170812f28d8 Mon Sep 17 00:00:00 2001 From: Santeri Hurnanen Date: Thu, 14 Sep 2023 12:36:21 +0300 Subject: [PATCH] UHF-8875: generate random password for uid 1 user --- .../helfi_user_roles/helfi_user_roles.install | 28 +++++++++++++++++++ 1 file changed, 28 insertions(+) diff --git a/modules/helfi_user_roles/helfi_user_roles.install b/modules/helfi_user_roles/helfi_user_roles.install index b0c80a0e3..ef7f5e5ad 100644 --- a/modules/helfi_user_roles/helfi_user_roles.install +++ b/modules/helfi_user_roles/helfi_user_roles.install @@ -8,6 +8,7 @@ declare(strict_types = 1); use Drupal\user\Entity\Role; +use Drupal\user\Entity\User; /** * Grants required permissions. @@ -71,3 +72,30 @@ function helfi_user_roles_update_9001() : void { ]) ->save(); } + +/** + * Randomize password for uid 1 user. + */ +function helfi_user_roles_update_9002() : void { + try { + // Attempt to resolve active environment. If this throws an exception, this + // is not running in the main instances, and we don't want to change the + // password. + \Drupal::service('helfi_api_base.environment_resolver')->getActiveEnvironment(); + } + catch (\InvalidArgumentException) { + return; + } + + $user = User::load(1); + if (empty($user)) { + return; + } + + // Random password, 192 bits of entropy. + $password = base64_encode(random_bytes(24)); + + $user + ->setPassword($password) + ->save(); +}