CLI: Provide the list of admins if the admin with the default ID was not found (#92217)

* Provide the list of admins if the admin with the default ID was not found * Clean up * Update docs * Update docs/sources/cli.md Co-authored-by: Dan Cech <dcech@grafana.com> * Update pkg/cmd/grafana-cli/commands/reset_password_command.go Co-authored-by: Dan Cech <dcech@grafana.com> * Lint --------- Co-authored-by: Dan Cech <dcech@grafana.com>
2025-08-01 11:02:13 +08:00 · 2024-08-27 16:01:33 +02:00
parent a884e03dc5
commit a3d688c8ed
3 changed files with 83 additions and 3 deletions
--- a/pkg/cmd/grafana-cli/commands/reset_password_command.go
+++ b/pkg/cmd/grafana-cli/commands/reset_password_command.go
@ -3,6 +3,7 @@ package commands
 import (
 	"bufio"
 	"context"
+	"errors"
 	"fmt"
 	"os"

@ -16,6 +17,11 @@ import (

 const DefaultAdminUserId = 1

+var (
+	ErrMustBeAdmin        = fmt.Errorf("reset-admin-password can only be used to reset an admin user account")
+	ErrAdminCannotBeFound = errors.New("admin user cannot be found")
+)
+
 func resetPasswordCommand(c utils.CommandLine, runner server.Runner) error {
 	var newPassword user.Password
 	adminId := int64(c.Int("user-id"))
@ -44,15 +50,35 @@ func resetPasswordCommand(c utils.CommandLine, runner server.Runner) error {
 		logger.Infof("\n")
 		logger.Infof("Admin password changed successfully %s", color.GreenString("✔"))
 	}
-	return err
+
+	if errors.Is(err, ErrAdminCannotBeFound) {
+		logger.Infof("\n")
+		logger.Infof("Admin user cannot be found %s. \n", color.RedString("✘"))
+		admins, err := listAdminUsers(runner.UserService)
+		if err != nil {
+			return fmt.Errorf("failed to list admin users: %w", err)
+		}
+
+		logger.Infof("\n")
+		logger.Infof("Please try to run the command again specifying a user-id (--user-id) from the list below:\n")
+		for _, u := range admins {
+			logger.Infof("\t Username: %s ID: %d\n", u.Login, u.ID)
+		}
+	}
+
+	return nil
 }

 func resetPassword(adminId int64, password user.Password, userSvc user.Service) error {
 	userQuery := user.GetUserByIDQuery{ID: adminId}
 	usr, err := userSvc.GetByID(context.Background(), &userQuery)
 	if err != nil {
+		if errors.Is(err, user.ErrUserNotFound) {
+			return ErrAdminCannotBeFound
+		}
 		return fmt.Errorf("could not read user from database. Error: %v", err)
 	}
+
 	if !usr.IsAdmin {
 		return ErrMustBeAdmin
 	}
@ -64,4 +90,34 @@ func resetPassword(adminId int64, password user.Password, userSvc user.Service)
 	return nil
 }

-var ErrMustBeAdmin = fmt.Errorf("reset-admin-password can only be used to reset an admin user account")
+func listAdminUsers(userSvc user.Service) ([]*user.UserSearchHitDTO, error) {
+	searchAdminsQuery := user.SearchUsersQuery{
+		Filters: []user.Filter{&adminFilter{}},
+		SignedInUser: &user.SignedInUser{
+			Permissions: map[int64]map[string][]string{0: {"users:read": {"global.users:*"}}},
+		},
+	}
+
+	admins, err := userSvc.Search(context.Background(), &searchAdminsQuery)
+	if err != nil {
+		return nil, fmt.Errorf("could not read user from database. Error: %v", err)
+	}
+
+	return admins.Users, nil
+}
+
+type adminFilter struct{}
+
+func (f *adminFilter) WhereCondition() *user.WhereCondition {
+	return &user.WhereCondition{
+		Condition: "is_admin = 1",
+	}
+}
+
+func (f *adminFilter) JoinCondition() *user.JoinCondition {
+	return nil
+}
+
+func (f *adminFilter) InCondition() *user.InCondition {
+	return nil
+}