From da5a49f514cb4503cea398af96d4cff3ca9597af Mon Sep 17 00:00:00 2001
From: Danny Avila <danny@librechat.ai>
Date: Fri, 13 Dec 2024 11:33:01 -0500
Subject: [PATCH] =?UTF-8?q?=F0=9F=94=90=20fix:=20Assign=20ADMIN=20role=20b?=
 =?UTF-8?q?ased=20on=20first=20registration=20in=20LDAP=20strategy?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 api/strategies/ldapStrategy.js | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/api/strategies/ldapStrategy.js b/api/strategies/ldapStrategy.js
index 4d9124bb6ad..4a2c1b827ba 100644
--- a/api/strategies/ldapStrategy.js
+++ b/api/strategies/ldapStrategy.js
@@ -1,6 +1,8 @@
 const fs = require('fs');
 const LdapStrategy = require('passport-ldapauth');
+const { SystemRoles } = require('librechat-data-provider');
 const { findUser, createUser, updateUser } = require('~/models/userMethods');
+const { countUsers } = require('~/models/userMethods');
 const { isEnabled } = require('~/server/utils');
 const logger = require('~/utils/logger');
 
@@ -109,6 +111,7 @@ const ldapLogin = new LdapStrategy(ldapOptions, async (userinfo, done) => {
     }
 
     if (!user) {
+      const isFirstRegisteredUser = (await countUsers()) === 0;
       user = {
         provider: 'ldap',
         ldapId,
@@ -116,6 +119,7 @@ const ldapLogin = new LdapStrategy(ldapOptions, async (userinfo, done) => {
         email: mail,
         emailVerified: true, // The ldap server administrator should verify the email
         name: fullName,
+        role: isFirstRegisteredUser ? SystemRoles.ADMIN : SystemRoles.USER,
       };
       const userId = await createUser(user);
       user._id = userId;