feat: Use environment variables for default admin configuration

server/api/controllers/users/delete.js

@@ -26,6 +26,10 @@ module.exports = {
       throw Errors.USER_NOT_FOUND;
     }
 
+    if (user.email === sails.config.custom.defaultAdminEmail) {
+      throw Errors.USER_NOT_FOUND; // Forbidden
+    }
+
     user = await sails.helpers.users.deleteOne.with({
       record: user,
       request: this.req,

server/api/controllers/users/update-email.js

@@ -59,6 +59,10 @@ module.exports = {
       throw Errors.USER_NOT_FOUND;
     }
 
+    if (user.email === sails.config.custom.defaultAdminEmail) {
+      throw Errors.USER_NOT_FOUND; // Forbidden
+    }
+
     if (
       inputs.id === currentUser.id &&
       !bcrypt.compareSync(inputs.currentPassword, user.password)

server/api/controllers/users/update-password.js

@@ -58,6 +58,10 @@ module.exports = {
       throw Errors.USER_NOT_FOUND;
     }
 
+    if (user.email === sails.config.custom.defaultAdminEmail) {
+      throw Errors.USER_NOT_FOUND; // Forbidden
+    }
+
     if (
       inputs.id === currentUser.id &&
       !bcrypt.compareSync(inputs.currentPassword, user.password)

server/api/controllers/users/update-username.js

@@ -61,6 +61,10 @@ module.exports = {
       throw Errors.USER_NOT_FOUND;
     }
 
+    if (user.email === sails.config.custom.defaultAdminEmail) {
+      throw Errors.USER_NOT_FOUND; // Forbidden
+    }
+
     if (
       inputs.id === currentUser.id &&
       !bcrypt.compareSync(inputs.currentPassword, user.password)

server/api/controllers/users/update.js

@@ -67,6 +67,13 @@ module.exports = {
       throw Errors.USER_NOT_FOUND;
     }
 
+    if (user.email === sails.config.custom.defaultAdminEmail) {
+      /* eslint-disable no-param-reassign */
+      delete inputs.isAdmin;
+      delete inputs.name;
+      /* eslint-enable no-param-reassign */
+    }
+
     const values = {
       ..._.pick(inputs, [
         'isAdmin',