remove salt generation from users handler

It causes issues, because users handler is operating with service user,
but writtinng salt requires root privileges

src/ahriman/application/ahriman.py

@@ -923,8 +923,6 @@ def _set_user_add_parser(root: SubParserAction) -> argparse.ArgumentParser:
     parser = root.add_parser("user-add", help="create or update user",
                              description="update user for web services with the given password and role. "
                                          "In case if password was not entered it will be asked interactively",
-                             epilog="In case of first run (i.e. if password salt is not set yet) this action requires "
-                                    "root privileges because it performs write to filesystem configuration.",
                              formatter_class=_formatter)
     parser.add_argument("username", help="username for web service")
     parser.add_argument("--key", help="optional PGP key used by this user. The private key must be imported")
@@ -934,7 +932,6 @@ def _set_user_add_parser(root: SubParserAction) -> argparse.ArgumentParser:
                                                  "which is in particular must be used for OAuth2 authorization type.")
     parser.add_argument("-r", "--role", help="user access level",
                         type=UserAccess, choices=enum_values(UserAccess), default=UserAccess.Read)
-    parser.add_argument("-s", "--secure", help="set file permissions to user-only", action="store_true")
     parser.set_defaults(handler=handlers.Users, action=Action.Update, architecture=[""], lock=None, report=False,
                         quiet=True)
     return parser

src/ahriman/application/handlers/users.py

@@ -20,8 +20,6 @@
 import argparse
 import getpass
 
-from pathlib import Path
-
 from ahriman.application.handlers import Handler
 from ahriman.core.configuration import Configuration
 from ahriman.core.database import SQLite
@@ -54,13 +52,9 @@ class Users(Handler):
         database = SQLite.load(configuration)
 
         if args.action == Action.Update:
-            old_salt, salt = Users.get_salt(configuration)
             user = Users.user_create(args)
-
-            if old_salt is None:
-                auth_configuration = Users.configuration_get(configuration.include)
-                Users.configuration_create(auth_configuration, salt, args.secure)
-
+            # if password is left blank we are not going to require salt to be set
+            salt = configuration.get("auth", "salt") if user.password else ""
             database.user_update(user.hash_password(salt))
         elif args.action == Action.List:
             users = database.user_list(args.username, args.role)
@@ -70,70 +64,6 @@ class Users(Handler):
         elif args.action == Action.Remove:
             database.user_remove(args.username)
 
-    @staticmethod
-    def configuration_create(configuration: Configuration, salt: str, secure: bool) -> None:
-        """
-        enable configuration if it has been disabled
-
-        Args:
-            configuration(Configuration): configuration instance
-            salt(str): password hash salt
-            secure(bool): if true then set file permissions to 0o600
-        """
-        configuration.set_option("auth", "salt", salt)
-        Users.configuration_write(configuration, secure)
-
-    @staticmethod
-    def configuration_get(include_path: Path) -> Configuration:
-        """
-        create configuration instance
-
-        Args:
-            include_path(Path): path to directory with configuration includes
-
-        Returns:
-            Configuration: configuration instance. In case if there are local settings they will be loaded
-        """
-        target = include_path / "00-auth.ini"
-        configuration = Configuration()
-        configuration.load(target)
-
-        configuration.architecture = ""  # not user anyway
-
-        return configuration
-
-    @staticmethod
-    def configuration_write(configuration: Configuration, secure: bool) -> None:
-        """
-        write configuration file
-
-        Args:
-            configuration(Configuration): configuration instance
-            secure(bool): if true then set file permissions to 0o600
-        """
-        path, _ = configuration.check_loaded()
-        with path.open("w") as ahriman_configuration:
-            configuration.write(ahriman_configuration)
-        if secure:
-            path.chmod(0o600)
-
-    @staticmethod
-    def get_salt(configuration: Configuration, salt_length: int = 20) -> tuple[str | None, str]:
-        """
-        get salt from configuration or create new string
-
-        Args:
-            configuration(Configuration): configuration instance
-            salt_length(int, optional): salt length (Default value = 20)
-
-        Returns:
-            tuple[str | None, str]: tuple containing salt from configuration if any and actual salt which must be
-                used for password hash
-        """
-        if salt := configuration.get("auth", "salt", fallback=None):
-            return salt, salt
-        return None, User.generate_password(salt_length)
-
     @staticmethod
     def user_create(args: argparse.Namespace) -> User:
         """