Fix: default admin tenant (#12964)

### What problem does this PR solve? Add tenant for default admin, and allow login to ragflow server as default admin. ### Type of change - [x] Bug Fix (non-breaking change which fixes an issue)
2026-02-03 17:15:08 +08:00 · 2026-02-03 15:37:36 +08:00
parent f11ca54e0e
commit 32f9a87b2e
2 changed files with 39 additions and 3 deletions
--- a/admin/server/auth.py
+++ b/admin/server/auth.py
@ -27,6 +27,8 @@ from itsdangerous.url_safe import URLSafeTimedSerializer as Serializer
 from api.common.exceptions import AdminException, UserNotFoundError
 from api.common.base64 import encode_to_base64
 from api.db.services import UserService
+from api.db import UserTenantRole
+from api.db.services.user_service import TenantService, UserTenantService
 from common.constants import ActiveEnum, StatusEnum
 from api.utils.crypt import decrypt
 from common.misc_utils import get_uuid
@ -85,8 +87,44 @@ def init_default_admin():
        }
        if not UserService.save(**default_admin):
            raise AdminException("Can't init admin.", 500)
+        add_tenant_for_admin(default_admin, UserTenantRole.OWNER)
    elif not any([u.is_active == ActiveEnum.ACTIVE.value for u in users]):
        raise AdminException("No active admin. Please update 'is_active' in db manually.", 500)
+    else:
+        default_admin_rows = [u for u in users if u.email == "admin@ragflow.io"]
+        if default_admin_rows:
+            default_admin = default_admin_rows[0].to_dict()
+            exist, default_admin_tenant = TenantService.get_by_id(default_admin["id"])
+            if not exist:
+                add_tenant_for_admin(default_admin, UserTenantRole.OWNER)
+
+
+def add_tenant_for_admin(user_info: dict, role: str):
+    from api.db.services.tenant_llm_service import TenantLLMService
+    from api.db.services.llm_service import get_init_tenant_llm
+
+    tenant = {
+        "id": user_info["id"],
+        "name": user_info["nickname"] + "‘s Kingdom",
+        "llm_id": settings.CHAT_MDL,
+        "embd_id": settings.EMBEDDING_MDL,
+        "asr_id": settings.ASR_MDL,
+        "parser_ids": settings.PARSERS,
+        "img2txt_id": settings.IMAGE2TEXT_MDL
+    }
+    usr_tenant = {
+        "tenant_id": user_info["id"],
+        "user_id": user_info["id"],
+        "invited_by": user_info["id"],
+        "role": role
+    }
+
+    tenant_llm = get_init_tenant_llm(user_info["id"])
+    TenantService.insert(**tenant)
+    UserTenantService.insert(**usr_tenant)
+    TenantLLMService.insert_many(tenant_llm)
+    logging.info(
+        f"Added tenant for email: {user_info['email']}, A default tenant has been set; changing the default models after login is strongly recommended.")


 def check_admin_auth(func):
--- a/api/apps/user_app.py
+++ b/api/apps/user_app.py
@ -98,9 +98,7 @@ async def login():
        return get_json_result(data=False, code=RetCode.AUTHENTICATION_ERROR, message="Unauthorized!")

    email = json_body.get("email", "")
-    if email == "admin@ragflow.io":
-        return get_json_result(data=False, code=RetCode.AUTHENTICATION_ERROR, message="Default admin account cannot be used to login normal services!")
-    
+
    users = UserService.query(email=email)
    if not users:
        return get_json_result(