Administration Dashboard
Password Pusher bundles an Admin dashboard for self-hosted instances available at /admin. This dashboard allows for direct database access, so care should be taken.
It is only enabled when logins are enabled (enable_logins) and access is limited to accounts marked as “Administrator” only.
Note: Make sure you are running v1.40.3 or newer to have access to the Admin Dashboard.
Security & Access
Access to the Admin dashboard grants direct access to the application’s database.
Accessing the admin dashboard is accessible by accounts that you specifically mark as “Administrator”. Make sure to restrict access to authorized personnel only to prevent unauthorized access and potential security breaches.
To access the Admin dashboard, you must have:
- Logins enabled for your instance
- An account registered, confirmed and marked as an “Administrator”
For instructions on enabling logins and account registration, see previous sections above.
Managing Administrators
Via Application Console
Administrators can be managed via the application console.
Note: The following commands were added in v1.51.2. If you are running an older version, see Managing Administrators on Older Versions of Password Pusher.
Open an application shell by accessing the server (or Docker container) where the application code resides. For example, if using Docker, navigate to /opt/PasswordPusher:
docker exec -it <container_id> bash
cd /opt/PasswordPusher
There are four commands available:
| Command | Description |
|---|---|
./bin/create_admin |
Create a new administrator account |
./bin/promote_to_admin |
Promote an existing user to administrator |
./bin/demote_admin |
Demote an existing administrator |
./bin/list_admins |
List all administrators |
Create a new administrator account:
Usage: ./bin/create_admin <email>
This will create a new administrator account with the specified email address. The account will be marked as “confirmed” and will not require email confirmation.
Example:
Promote an existing user to administrator:
Usage: ./bin/promote_to_admin <pre-existing-email>
This will promote the specified user to administrator.
Example:
Demote an existing administrator:
Usage: ./bin/demote_admin <pre-existing-email>
This will demote the specified administrator.
Example:
List all administrators:
Usage: ./bin/list_admins
This will list all administrators.
Example:
Via SQL / Direct Database Access
If for some reason you are having trouble with the above or cannot access the application shell, you can alternatively directly access the database and set the admin field to true.
UPDATE users
SET admin = 1
WHERE email = 'myemail@example.com';
Make sure only the accounts you want are marked as admin.
You can re-validate which users are marked as “admin” with the following query:
select email from users where admin = 1;
Note: admin is a boolean column - you might have to use true instead depending on the DB type you are using.
On Older Versions of Password Pusher
If you are running a version of PasswordPusher prior to v1.51.2, you can still grant and revoke administrator privileges to a user by running the following command in the application console on pre-existing users:
PasswordPusher.grant_system_admin!('user@example.com')
To revoke administrator privileges, run the following command:
PasswordPusher.revoke_system_admin!('user@example.com')