Service for managing system bootstrap mode state. More...
#include <bootstrap_mode_service.hpp>
Public Types | |
| using | context = ores::database::context |
Public Member Functions | |
| bootstrap_mode_service (database::context ctx, std::shared_ptr< authorization_service > auth_service) | |
| Constructs a bootstrap_mode_service with required repositories. | |
| bool | is_in_bootstrap_mode () |
| Checks if the system is currently in bootstrap mode. | |
| void | initialize_bootstrap_state () |
| Initializes the bootstrap mode state on system startup. | |
| void | exit_bootstrap_mode () |
| Transitions the system from bootstrap mode to secure mode. | |
Detailed Description
Service for managing system bootstrap mode state.
The bootstrap_mode_service manages the system's bootstrap mode, which is a special state where only the initial administrator account can be created. The service uses the feature_flags table to persist the bootstrap mode state with the flag name "system.bootstrap_mode".
Bootstrap mode logic:
- enabled=true: System is in bootstrap mode (no admin accounts exist)
- enabled=false: System is in secure mode (admin account exists)
The service provides methods to:
- Check if the system is currently in bootstrap mode
- Initialize bootstrap state on system startup
- Transition from bootstrap mode to secure mode
Constructor & Destructor Documentation
◆ bootstrap_mode_service()
|
explicit |
Constructs a bootstrap_mode_service with required repositories.
- Parameters
-
ctx The database context for repository access auth_service The authorization service for RBAC checks
Member Function Documentation
◆ is_in_bootstrap_mode()
| bool is_in_bootstrap_mode | ( | ) |
Checks if the system is currently in bootstrap mode.
Queries the feature_flags table for the system.bootstrap_mode flag. If the flag is enabled (true), the system is in bootstrap mode.
- Returns
- true if system is in bootstrap mode, false otherwise
◆ initialize_bootstrap_state()
| void initialize_bootstrap_state | ( | ) |
Initializes the bootstrap mode state on system startup.
This method should be called during service initialization. It ensures the bootstrap mode feature flag exists and is set correctly based on whether admin accounts exist in the system.
Logic:
- If flag doesn't exist and no admin accounts exist: create flag with enabled=true
- If flag doesn't exist and admin accounts exist: create flag with enabled=false
- If flag exists: verify it matches reality (admin accounts exist = flag should be false)
◆ exit_bootstrap_mode()
| void exit_bootstrap_mode | ( | ) |
Transitions the system from bootstrap mode to secure mode.
This method is called after the first admin account is successfully created. It updates the system.bootstrap_mode feature flag from enabled=true to enabled=false using bitemporal versioning.
This operation is idempotent - calling it when already in secure mode has no effect.
