n8n/packages/cli/test/integration/external-secrets/external-secrets.api.test.ts

import { mock } from 'jest-mock-extended';
import { Cipher } from 'n8n-core';
import { jsonParse, type IDataObject } from 'n8n-workflow';
import { Container } from 'typedi';

import config from '@/config';
import { CREDENTIAL_BLANKING_VALUE } from '@/constants';
import { SettingsRepository } from '@/databases/repositories/settings.repository';
import type { EventService } from '@/events/event.service';
import { ExternalSecretsManager } from '@/external-secrets/external-secrets-manager.ee';
import { ExternalSecretsProviders } from '@/external-secrets/external-secrets-providers.ee';
import type { ExternalSecretsSettings, SecretsProviderState } from '@/interfaces';
import { License } from '@/license';

import {
	DummyProvider,
	FailedProvider,
	MockProviders,
	TestFailProvider,
} from '../../shared/external-secrets/utils';
import { mockInstance } from '../../shared/mocking';
import { createOwner, createUser } from '../shared/db/users';
import type { SuperAgentTest } from '../shared/types';
import { setupTestServer } from '../shared/utils';

let authOwnerAgent: SuperAgentTest;
let authMemberAgent: SuperAgentTest;

const mockProvidersInstance = new MockProviders();
mockInstance(ExternalSecretsProviders, mockProvidersInstance);

const testServer = setupTestServer({
	endpointGroups: ['externalSecrets'],
	enabledFeatures: ['feat:externalSecrets'],
});

const connectedDate = '2023-08-01T12:32:29.000Z';

async function setExternalSecretsSettings(settings: ExternalSecretsSettings) {
	return await Container.get(SettingsRepository).saveEncryptedSecretsProviderSettings(
		Container.get(Cipher).encrypt(settings),
	);
}

async function getExternalSecretsSettings(): Promise<ExternalSecretsSettings | null> {
	const encSettings = await Container.get(SettingsRepository).getEncryptedSecretsProviderSettings();
	if (encSettings === null) {
		return null;
	}
	return await jsonParse(Container.get(Cipher).decrypt(encSettings));
}

const eventService = mock<EventService>();

const resetManager = async () => {
	Container.get(ExternalSecretsManager).shutdown();
	Container.set(
		ExternalSecretsManager,
		new ExternalSecretsManager(
			mock(),
			Container.get(SettingsRepository),
			Container.get(License),
			mockProvidersInstance,
			Container.get(Cipher),
			eventService,
		),
	);

	await Container.get(ExternalSecretsManager).init();
};

const getDummyProviderData = ({
	data,
	includeProperties,
	connected,
	state,
	connectedAt,
	displayName,
}: {
	data?: IDataObject;
	includeProperties?: boolean;
	connected?: boolean;
	state?: SecretsProviderState;
	connectedAt?: string | null;
	displayName?: string;
} = {}) => {
	const dummy: IDataObject = {
		connected: connected ?? true,
		connectedAt: connectedAt === undefined ? connectedDate : connectedAt,
		data: data ?? {},
		name: 'dummy',
		displayName: displayName ?? 'Dummy Provider',
		icon: 'dummy',
		state: state ?? 'connected',
	};

	if (includeProperties) {
		dummy.properties = new DummyProvider().properties;
	}

	return dummy;
};

beforeAll(async () => {
	const owner = await createOwner();
	authOwnerAgent = testServer.authAgentFor(owner);
	const member = await createUser();
	authMemberAgent = testServer.authAgentFor(member);
	config.set('userManagement.isInstanceOwnerSetUp', true);
});

beforeEach(async () => {
	mockProvidersInstance.setProviders({
		dummy: DummyProvider,
	});

	await setExternalSecretsSettings({
		dummy: {
			connected: true,
			connectedAt: new Date(connectedDate),
			settings: {},
		},
	});

	await resetManager();
});

afterEach(async () => {
	Container.get(ExternalSecretsManager).shutdown();
});

describe('GET /external-secrets/providers', () => {
	test('can retrieve providers as owner', async () => {
		const resp = await authOwnerAgent.get('/external-secrets/providers');
		expect(resp.body).toEqual({
			data: [getDummyProviderData()],
		});
	});

	test('can not retrieve providers as non-owner', async () => {
		const resp = await authMemberAgent.get('/external-secrets/providers');
		expect(resp.status).toBe(403);
	});

	test('does obscure passwords', async () => {
		await setExternalSecretsSettings({
			dummy: {
				connected: true,
				connectedAt: new Date(connectedDate),
				settings: {
					username: 'testuser',
					password: 'testpass',
				},
			},
		});

		await resetManager();

		const resp = await authOwnerAgent.get('/external-secrets/providers');
		expect(resp.body).toEqual({
			data: [
				getDummyProviderData({
					data: {
						username: 'testuser',
						password: CREDENTIAL_BLANKING_VALUE,
					},
				}),
			],
		});
	});
});

describe('GET /external-secrets/providers/:provider', () => {
	test('can retrieve provider as owner', async () => {
		const resp = await authOwnerAgent.get('/external-secrets/providers/dummy');
		expect(resp.body.data).toEqual(getDummyProviderData({ includeProperties: true }));
	});

	test('can not retrieve provider as non-owner', async () => {
		const resp = await authMemberAgent.get('/external-secrets/providers/dummy');
		expect(resp.status).toBe(403);
	});

	test('does obscure passwords', async () => {
		await setExternalSecretsSettings({
			dummy: {
				connected: true,
				connectedAt: new Date(connectedDate),
				settings: {
					username: 'testuser',
					password: 'testpass',
				},
			},
		});

		await resetManager();

		const resp = await authOwnerAgent.get('/external-secrets/providers/dummy');
		expect(resp.body.data).toEqual(
			getDummyProviderData({
				data: {
					username: 'testuser',
					password: CREDENTIAL_BLANKING_VALUE,
				},
				includeProperties: true,
			}),
		);
	});
});

describe('POST /external-secrets/providers/:provider', () => {
	test('can update provider settings', async () => {
		const testData = {
			username: 'testuser',
			other: 'testother',
		};
		const resp = await authOwnerAgent.post('/external-secrets/providers/dummy').send(testData);
		expect(resp.status).toBe(200);

		const confirmResp = await authOwnerAgent.get('/external-secrets/providers/dummy');
		expect(confirmResp.body.data).toEqual(
			getDummyProviderData({ data: testData, includeProperties: true }),
		);
	});

	test('can update provider settings with blanking value', async () => {
		await setExternalSecretsSettings({
			dummy: {
				connected: true,
				connectedAt: new Date(connectedDate),
				settings: {
					username: 'testuser',
					password: 'testpass',
				},
			},
		});

		await resetManager();

		const testData = {
			username: 'newuser',
			password: CREDENTIAL_BLANKING_VALUE,
		};
		const resp = await authOwnerAgent.post('/external-secrets/providers/dummy').send(testData);
		expect(resp.status).toBe(200);

		await authOwnerAgent.get('/external-secrets/providers/dummy');
		expect((await getExternalSecretsSettings())?.dummy.settings).toEqual({
			username: 'newuser',
			password: 'testpass',
		});
	});
});

describe('POST /external-secrets/providers/:provider/connect', () => {
	test('can change provider connected state', async () => {
		const testData = {
			connected: false,
		};
		const resp = await authOwnerAgent
			.post('/external-secrets/providers/dummy/connect')
			.send(testData);
		expect(resp.status).toBe(200);

		const confirmResp = await authOwnerAgent.get('/external-secrets/providers/dummy');
		expect(confirmResp.body.data).toEqual(
			getDummyProviderData({
				includeProperties: true,
				connected: false,
				state: 'initializing',
			}),
		);
	});
});

describe('POST /external-secrets/providers/:provider/test', () => {
	test('can test provider', async () => {
		const testData = {
			username: 'testuser',
			other: 'testother',
		};
		const resp = await authOwnerAgent.post('/external-secrets/providers/dummy/test').send(testData);
		expect(resp.status).toBe(200);
		expect(resp.body.data.success).toBe(true);
		expect(resp.body.data.testState).toBe('connected');
	});

	test('can test provider fail', async () => {
		mockProvidersInstance.setProviders({
			dummy: TestFailProvider,
		});

		await resetManager();

		const testData = {
			username: 'testuser',
			other: 'testother',
		};
		const resp = await authOwnerAgent.post('/external-secrets/providers/dummy/test').send(testData);
		expect(resp.status).toBe(400);
		expect(resp.body.data.success).toBe(false);
		expect(resp.body.data.testState).toBe('error');
	});
});

describe('POST /external-secrets/providers/:provider/update', () => {
	test('can update provider', async () => {
		const updateSpy = jest.spyOn(
			Container.get(ExternalSecretsManager).getProvider('dummy')!,
			'update',
		);

		const resp = await authOwnerAgent.post('/external-secrets/providers/dummy/update');
		expect(resp.status).toBe(200);
		expect(resp.body.data).toEqual({ updated: true });
		expect(updateSpy).toBeCalled();
	});

	test('can not update errored provider', async () => {
		mockProvidersInstance.setProviders({
			dummy: FailedProvider,
		});

		await resetManager();

		const updateSpy = jest.spyOn(
			Container.get(ExternalSecretsManager).getProvider('dummy')!,
			'update',
		);

		const resp = await authOwnerAgent.post('/external-secrets/providers/dummy/update');
		expect(resp.status).toBe(400);
		expect(resp.body.data).toEqual({ updated: false });
		expect(updateSpy).not.toBeCalled();
	});

	test('can not update provider without a valid license', async () => {
		const updateSpy = jest.spyOn(
			Container.get(ExternalSecretsManager).getProvider('dummy')!,
			'update',
		);

		testServer.license.disable('feat:externalSecrets');

		const resp = await authOwnerAgent.post('/external-secrets/providers/dummy/update');
		expect(resp.status).toBe(400);
		expect(resp.body.data).toEqual({ updated: false });
		expect(updateSpy).not.toBeCalled();
	});
});

describe('GET /external-secrets/secrets', () => {
	test('can get secret names as owner', async () => {
		const resp = await authOwnerAgent.get('/external-secrets/secrets');
		expect(resp.status).toBe(200);
		expect(resp.body.data).toEqual({
			dummy: ['test1', 'test2'],
		});
	});

	test('can not get secret names as non-owner', async () => {
		const resp = await authMemberAgent.get('/external-secrets/secrets');
		expect(resp.status).toBe(403);
		expect(resp.body.data).not.toEqual({
			dummy: ['test1', 'test2'],
		});
	});
});
refactor(core): Enable import/order eslint rule (#10794) 2024-09-12 09:07:18 -07:00			`import { mock } from 'jest-mock-extended';`
refactor(core): Update supertest, and fix some typing errors (no-changelog) (#9527) 2024-05-31 00:40:03 -07:00			`import { Cipher } from 'n8n-core';`
			`import { jsonParse, type IDataObject } from 'n8n-workflow';`
refactor(core): Enable import/order eslint rule (#10794) 2024-09-12 09:07:18 -07:00			`import { Container } from 'typedi';`
refactor(core): Update supertest, and fix some typing errors (no-changelog) (#9527) 2024-05-31 00:40:03 -07:00
feat: External Secrets storage for credentials (#6477) Github issue / Community forum post (link here to close automatically): --------- Co-authored-by: Romain Minaud <romain.minaud@gmail.com> Co-authored-by: Valya Bullions <valya@n8n.io> Co-authored-by: Csaba Tuncsik <csaba@n8n.io> Co-authored-by: Giulio Andreini <g.andreini@gmail.com> Co-authored-by: Omar Ajoue <krynble@gmail.com> 2023-08-25 01:33:46 -07:00			`import config from '@/config';`
			`import { CREDENTIAL_BLANKING_VALUE } from '@/constants';`
refactor(core): Enable import/order eslint rule (#10794) 2024-09-12 09:07:18 -07:00			`import { SettingsRepository } from '@/databases/repositories/settings.repository';`
			`import type { EventService } from '@/events/event.service';`
			`import { ExternalSecretsManager } from '@/external-secrets/external-secrets-manager.ee';`
			`import { ExternalSecretsProviders } from '@/external-secrets/external-secrets-providers.ee';`
			`import type { ExternalSecretsSettings, SecretsProviderState } from '@/interfaces';`
			`import { License } from '@/license';`
ci(core): Reduce memory usage in tests (part-2) (no-changelog) (#7671) This also gets rid of `Db.collection`, which was another source of circular dependencies. 2023-11-10 06:04:26 -08:00
			`import {`
			`DummyProvider,`
			`FailedProvider,`
			`MockProviders,`
			`TestFailProvider,`
refactor(core): Standardize filename casing for services and Public API (no-changelog) (#10579) 2024-08-28 04:59:27 -07:00			`} from '../../shared/external-secrets/utils';`
refactor(core): Enable import/order eslint rule (#10794) 2024-09-12 09:07:18 -07:00			`import { mockInstance } from '../../shared/mocking';`
			`import { createOwner, createUser } from '../shared/db/users';`
refactor(core): Update supertest, and fix some typing errors (no-changelog) (#9527) 2024-05-31 00:40:03 -07:00			`import type { SuperAgentTest } from '../shared/types';`
refactor(core): Enable import/order eslint rule (#10794) 2024-09-12 09:07:18 -07:00			`import { setupTestServer } from '../shared/utils';`
feat: External Secrets storage for credentials (#6477) Github issue / Community forum post (link here to close automatically): --------- Co-authored-by: Romain Minaud <romain.minaud@gmail.com> Co-authored-by: Valya Bullions <valya@n8n.io> Co-authored-by: Csaba Tuncsik <csaba@n8n.io> Co-authored-by: Giulio Andreini <g.andreini@gmail.com> Co-authored-by: Omar Ajoue <krynble@gmail.com> 2023-08-25 01:33:46 -07:00
			`let authOwnerAgent: SuperAgentTest;`
			`let authMemberAgent: SuperAgentTest;`

			`const mockProvidersInstance = new MockProviders();`
ci(core): Reduce memory usage in tests (part-2) (no-changelog) (#7671) This also gets rid of `Db.collection`, which was another source of circular dependencies. 2023-11-10 06:04:26 -08:00			`mockInstance(ExternalSecretsProviders, mockProvidersInstance);`
feat: External Secrets storage for credentials (#6477) Github issue / Community forum post (link here to close automatically): --------- Co-authored-by: Romain Minaud <romain.minaud@gmail.com> Co-authored-by: Valya Bullions <valya@n8n.io> Co-authored-by: Csaba Tuncsik <csaba@n8n.io> Co-authored-by: Giulio Andreini <g.andreini@gmail.com> Co-authored-by: Omar Ajoue <krynble@gmail.com> 2023-08-25 01:33:46 -07:00
refactor(core): Add central license mock for integration tests (no-changelog) (#7871) Github issue / Community forum post (link here to close automatically): 2023-11-30 00:23:09 -08:00			`const testServer = setupTestServer({`
			`endpointGroups: ['externalSecrets'],`
			`enabledFeatures: ['feat:externalSecrets'],`
			`});`
feat: External Secrets storage for credentials (#6477) Github issue / Community forum post (link here to close automatically): --------- Co-authored-by: Romain Minaud <romain.minaud@gmail.com> Co-authored-by: Valya Bullions <valya@n8n.io> Co-authored-by: Csaba Tuncsik <csaba@n8n.io> Co-authored-by: Giulio Andreini <g.andreini@gmail.com> Co-authored-by: Omar Ajoue <krynble@gmail.com> 2023-08-25 01:33:46 -07:00
			`const connectedDate = '2023-08-01T12:32:29.000Z';`

			`async function setExternalSecretsSettings(settings: ExternalSecretsSettings) {`
fix: Set '@typescript-eslint/return-await' rule to 'always' for node code (no-changelog) (#8363) Co-authored-by: कारतोफ्फेलस्क्रिप्ट™ <aditya@netroy.in> 2024-01-17 07:08:50 -08:00			`return await Container.get(SettingsRepository).saveEncryptedSecretsProviderSettings(`
refactor(core): Abstract away InstanceSettings and `encryptionKey` into injectable services (no-changelog) (#7471) This change ensures that things like `encryptionKey` and `instanceId` are always available directly where they are needed, instead of passing them around throughout the code. 2023-10-23 04:39:35 -07:00			`Container.get(Cipher).encrypt(settings),`
feat: External Secrets storage for credentials (#6477) Github issue / Community forum post (link here to close automatically): --------- Co-authored-by: Romain Minaud <romain.minaud@gmail.com> Co-authored-by: Valya Bullions <valya@n8n.io> Co-authored-by: Csaba Tuncsik <csaba@n8n.io> Co-authored-by: Giulio Andreini <g.andreini@gmail.com> Co-authored-by: Omar Ajoue <krynble@gmail.com> 2023-08-25 01:33:46 -07:00			`);`
			`}`

			`async function getExternalSecretsSettings(): Promise<ExternalSecretsSettings \| null> {`
			`const encSettings = await Container.get(SettingsRepository).getEncryptedSecretsProviderSettings();`
			`if (encSettings === null) {`
			`return null;`
			`}`
fix: Set '@typescript-eslint/return-await' rule to 'always' for node code (no-changelog) (#8363) Co-authored-by: कारतोफ्फेलस्क्रिप्ट™ <aditya@netroy.in> 2024-01-17 07:08:50 -08:00			`return await jsonParse(Container.get(Cipher).decrypt(encSettings));`
feat: External Secrets storage for credentials (#6477) Github issue / Community forum post (link here to close automatically): --------- Co-authored-by: Romain Minaud <romain.minaud@gmail.com> Co-authored-by: Valya Bullions <valya@n8n.io> Co-authored-by: Csaba Tuncsik <csaba@n8n.io> Co-authored-by: Giulio Andreini <g.andreini@gmail.com> Co-authored-by: Omar Ajoue <krynble@gmail.com> 2023-08-25 01:33:46 -07:00			`}`

refactor(core): Rename `EventRelay` to `EventService` (no-changelog) (#10110) 2024-07-19 03:55:38 -07:00			`const eventService = mock<EventService>();`
refactor(core): More decouplings from internal hooks (no-changelog) (#10099) 2024-07-19 01:33:13 -07:00
feat: External Secrets storage for credentials (#6477) Github issue / Community forum post (link here to close automatically): --------- Co-authored-by: Romain Minaud <romain.minaud@gmail.com> Co-authored-by: Valya Bullions <valya@n8n.io> Co-authored-by: Csaba Tuncsik <csaba@n8n.io> Co-authored-by: Giulio Andreini <g.andreini@gmail.com> Co-authored-by: Omar Ajoue <krynble@gmail.com> 2023-08-25 01:33:46 -07:00			`const resetManager = async () => {`
			`Container.get(ExternalSecretsManager).shutdown();`
			`Container.set(`
			`ExternalSecretsManager,`
			`new ExternalSecretsManager(`
refactor(core): Make Logger a service (no-changelog) (#7494) 2023-10-25 07:35:22 -07:00			`mock(),`
feat: External Secrets storage for credentials (#6477) Github issue / Community forum post (link here to close automatically): --------- Co-authored-by: Romain Minaud <romain.minaud@gmail.com> Co-authored-by: Valya Bullions <valya@n8n.io> Co-authored-by: Csaba Tuncsik <csaba@n8n.io> Co-authored-by: Giulio Andreini <g.andreini@gmail.com> Co-authored-by: Omar Ajoue <krynble@gmail.com> 2023-08-25 01:33:46 -07:00			`Container.get(SettingsRepository),`
refactor(core): Add central license mock for integration tests (no-changelog) (#7871) Github issue / Community forum post (link here to close automatically): 2023-11-30 00:23:09 -08:00			`Container.get(License),`
feat: External Secrets storage for credentials (#6477) Github issue / Community forum post (link here to close automatically): --------- Co-authored-by: Romain Minaud <romain.minaud@gmail.com> Co-authored-by: Valya Bullions <valya@n8n.io> Co-authored-by: Csaba Tuncsik <csaba@n8n.io> Co-authored-by: Giulio Andreini <g.andreini@gmail.com> Co-authored-by: Omar Ajoue <krynble@gmail.com> 2023-08-25 01:33:46 -07:00			`mockProvidersInstance,`
refactor(core): Abstract away InstanceSettings and `encryptionKey` into injectable services (no-changelog) (#7471) This change ensures that things like `encryptionKey` and `instanceId` are always available directly where they are needed, instead of passing them around throughout the code. 2023-10-23 04:39:35 -07:00			`Container.get(Cipher),`
refactor(core): Rename `EventRelay` to `EventService` (no-changelog) (#10110) 2024-07-19 03:55:38 -07:00			`eventService,`
feat: External Secrets storage for credentials (#6477) Github issue / Community forum post (link here to close automatically): --------- Co-authored-by: Romain Minaud <romain.minaud@gmail.com> Co-authored-by: Valya Bullions <valya@n8n.io> Co-authored-by: Csaba Tuncsik <csaba@n8n.io> Co-authored-by: Giulio Andreini <g.andreini@gmail.com> Co-authored-by: Omar Ajoue <krynble@gmail.com> 2023-08-25 01:33:46 -07:00			`),`
			`);`

			`await Container.get(ExternalSecretsManager).init();`
			`};`

			`const getDummyProviderData = ({`
			`data,`
			`includeProperties,`
			`connected,`
			`state,`
			`connectedAt,`
			`displayName,`
			`}: {`
			`data?: IDataObject;`
			`includeProperties?: boolean;`
			`connected?: boolean;`
			`state?: SecretsProviderState;`
			`connectedAt?: string \| null;`
			`displayName?: string;`
			`} = {}) => {`
			`const dummy: IDataObject = {`
			`connected: connected ?? true,`
			`connectedAt: connectedAt === undefined ? connectedDate : connectedAt,`
			`data: data ?? {},`
			`name: 'dummy',`
			`displayName: displayName ?? 'Dummy Provider',`
			`icon: 'dummy',`
			`state: state ?? 'connected',`
			`};`

			`if (includeProperties) {`
			`dummy.properties = new DummyProvider().properties;`
			`}`

			`return dummy;`
			`};`

			`beforeAll(async () => {`
ci(core): Reduce memory usage in tests (part-1) (no-changelog) (#7654) 2023-11-08 07:29:39 -08:00			`const owner = await createOwner();`
feat: External Secrets storage for credentials (#6477) Github issue / Community forum post (link here to close automatically): --------- Co-authored-by: Romain Minaud <romain.minaud@gmail.com> Co-authored-by: Valya Bullions <valya@n8n.io> Co-authored-by: Csaba Tuncsik <csaba@n8n.io> Co-authored-by: Giulio Andreini <g.andreini@gmail.com> Co-authored-by: Omar Ajoue <krynble@gmail.com> 2023-08-25 01:33:46 -07:00			`authOwnerAgent = testServer.authAgentFor(owner);`
ci(core): Reduce memory usage in tests (part-1) (no-changelog) (#7654) 2023-11-08 07:29:39 -08:00			`const member = await createUser();`
feat: External Secrets storage for credentials (#6477) Github issue / Community forum post (link here to close automatically): --------- Co-authored-by: Romain Minaud <romain.minaud@gmail.com> Co-authored-by: Valya Bullions <valya@n8n.io> Co-authored-by: Csaba Tuncsik <csaba@n8n.io> Co-authored-by: Giulio Andreini <g.andreini@gmail.com> Co-authored-by: Omar Ajoue <krynble@gmail.com> 2023-08-25 01:33:46 -07:00			`authMemberAgent = testServer.authAgentFor(member);`
			`config.set('userManagement.isInstanceOwnerSetUp', true);`
			`});`

			`beforeEach(async () => {`
			`mockProvidersInstance.setProviders({`
			`dummy: DummyProvider,`
			`});`

			`await setExternalSecretsSettings({`
			`dummy: {`
			`connected: true,`
			`connectedAt: new Date(connectedDate),`
			`settings: {},`
			`},`
			`});`

			`await resetManager();`
			`});`

			`afterEach(async () => {`
			`Container.get(ExternalSecretsManager).shutdown();`
			`});`

			`describe('GET /external-secrets/providers', () => {`
			`test('can retrieve providers as owner', async () => {`
			`const resp = await authOwnerAgent.get('/external-secrets/providers');`
			`expect(resp.body).toEqual({`
			`data: [getDummyProviderData()],`
			`});`
			`});`

			`test('can not retrieve providers as non-owner', async () => {`
			`const resp = await authMemberAgent.get('/external-secrets/providers');`
			`expect(resp.status).toBe(403);`
			`});`

			`test('does obscure passwords', async () => {`
			`await setExternalSecretsSettings({`
			`dummy: {`
			`connected: true,`
			`connectedAt: new Date(connectedDate),`
			`settings: {`
			`username: 'testuser',`
			`password: 'testpass',`
			`},`
			`},`
			`});`

			`await resetManager();`

			`const resp = await authOwnerAgent.get('/external-secrets/providers');`
			`expect(resp.body).toEqual({`
			`data: [`
			`getDummyProviderData({`
			`data: {`
			`username: 'testuser',`
			`password: CREDENTIAL_BLANKING_VALUE,`
			`},`
			`}),`
			`],`
			`});`
			`});`
			`});`

			`describe('GET /external-secrets/providers/:provider', () => {`
			`test('can retrieve provider as owner', async () => {`
			`const resp = await authOwnerAgent.get('/external-secrets/providers/dummy');`
			`expect(resp.body.data).toEqual(getDummyProviderData({ includeProperties: true }));`
			`});`

			`test('can not retrieve provider as non-owner', async () => {`
			`const resp = await authMemberAgent.get('/external-secrets/providers/dummy');`
			`expect(resp.status).toBe(403);`
			`});`

			`test('does obscure passwords', async () => {`
			`await setExternalSecretsSettings({`
			`dummy: {`
			`connected: true,`
			`connectedAt: new Date(connectedDate),`
			`settings: {`
			`username: 'testuser',`
			`password: 'testpass',`
			`},`
			`},`
			`});`

			`await resetManager();`

			`const resp = await authOwnerAgent.get('/external-secrets/providers/dummy');`
			`expect(resp.body.data).toEqual(`
			`getDummyProviderData({`
			`data: {`
			`username: 'testuser',`
			`password: CREDENTIAL_BLANKING_VALUE,`
			`},`
			`includeProperties: true,`
			`}),`
			`);`
			`});`
			`});`

			`describe('POST /external-secrets/providers/:provider', () => {`
			`test('can update provider settings', async () => {`
			`const testData = {`
			`username: 'testuser',`
			`other: 'testother',`
			`};`
			`const resp = await authOwnerAgent.post('/external-secrets/providers/dummy').send(testData);`
			`expect(resp.status).toBe(200);`

			`const confirmResp = await authOwnerAgent.get('/external-secrets/providers/dummy');`
			`expect(confirmResp.body.data).toEqual(`
			`getDummyProviderData({ data: testData, includeProperties: true }),`
			`);`
			`});`

			`test('can update provider settings with blanking value', async () => {`
			`await setExternalSecretsSettings({`
			`dummy: {`
			`connected: true,`
			`connectedAt: new Date(connectedDate),`
			`settings: {`
			`username: 'testuser',`
			`password: 'testpass',`
			`},`
			`},`
			`});`

			`await resetManager();`

			`const testData = {`
			`username: 'newuser',`
			`password: CREDENTIAL_BLANKING_VALUE,`
			`};`
			`const resp = await authOwnerAgent.post('/external-secrets/providers/dummy').send(testData);`
			`expect(resp.status).toBe(200);`

fix(core): Fix type errors (no-changelog) (#9571) 2024-05-31 05:06:13 -07:00			`await authOwnerAgent.get('/external-secrets/providers/dummy');`
feat: External Secrets storage for credentials (#6477) Github issue / Community forum post (link here to close automatically): --------- Co-authored-by: Romain Minaud <romain.minaud@gmail.com> Co-authored-by: Valya Bullions <valya@n8n.io> Co-authored-by: Csaba Tuncsik <csaba@n8n.io> Co-authored-by: Giulio Andreini <g.andreini@gmail.com> Co-authored-by: Omar Ajoue <krynble@gmail.com> 2023-08-25 01:33:46 -07:00			`expect((await getExternalSecretsSettings())?.dummy.settings).toEqual({`
			`username: 'newuser',`
			`password: 'testpass',`
			`});`
			`});`
			`});`

			`describe('POST /external-secrets/providers/:provider/connect', () => {`
			`test('can change provider connected state', async () => {`
			`const testData = {`
			`connected: false,`
			`};`
			`const resp = await authOwnerAgent`
			`.post('/external-secrets/providers/dummy/connect')`
			`.send(testData);`
			`expect(resp.status).toBe(200);`

			`const confirmResp = await authOwnerAgent.get('/external-secrets/providers/dummy');`
			`expect(confirmResp.body.data).toEqual(`
			`getDummyProviderData({`
			`includeProperties: true,`
			`connected: false,`
			`state: 'initializing',`
			`}),`
			`);`
			`});`
			`});`

			`describe('POST /external-secrets/providers/:provider/test', () => {`
			`test('can test provider', async () => {`
			`const testData = {`
			`username: 'testuser',`
			`other: 'testother',`
			`};`
			`const resp = await authOwnerAgent.post('/external-secrets/providers/dummy/test').send(testData);`
			`expect(resp.status).toBe(200);`
			`expect(resp.body.data.success).toBe(true);`
			`expect(resp.body.data.testState).toBe('connected');`
			`});`

			`test('can test provider fail', async () => {`
			`mockProvidersInstance.setProviders({`
			`dummy: TestFailProvider,`
			`});`

			`await resetManager();`

			`const testData = {`
			`username: 'testuser',`
			`other: 'testother',`
			`};`
			`const resp = await authOwnerAgent.post('/external-secrets/providers/dummy/test').send(testData);`
			`expect(resp.status).toBe(400);`
			`expect(resp.body.data.success).toBe(false);`
			`expect(resp.body.data.testState).toBe('error');`
			`});`
			`});`

			`describe('POST /external-secrets/providers/:provider/update', () => {`
			`test('can update provider', async () => {`
			`const updateSpy = jest.spyOn(`
			`Container.get(ExternalSecretsManager).getProvider('dummy')!,`
			`'update',`
			`);`

			`const resp = await authOwnerAgent.post('/external-secrets/providers/dummy/update');`
			`expect(resp.status).toBe(200);`
			`expect(resp.body.data).toEqual({ updated: true });`
			`expect(updateSpy).toBeCalled();`
			`});`

			`test('can not update errored provider', async () => {`
			`mockProvidersInstance.setProviders({`
			`dummy: FailedProvider,`
			`});`

			`await resetManager();`

			`const updateSpy = jest.spyOn(`
			`Container.get(ExternalSecretsManager).getProvider('dummy')!,`
			`'update',`
			`);`

			`const resp = await authOwnerAgent.post('/external-secrets/providers/dummy/update');`
			`expect(resp.status).toBe(400);`
			`expect(resp.body.data).toEqual({ updated: false });`
			`expect(updateSpy).not.toBeCalled();`
			`});`

			`test('can not update provider without a valid license', async () => {`
			`const updateSpy = jest.spyOn(`
			`Container.get(ExternalSecretsManager).getProvider('dummy')!,`
			`'update',`
			`);`

refactor(core): Add central license mock for integration tests (no-changelog) (#7871) Github issue / Community forum post (link here to close automatically): 2023-11-30 00:23:09 -08:00			`testServer.license.disable('feat:externalSecrets');`
feat: External Secrets storage for credentials (#6477) Github issue / Community forum post (link here to close automatically): --------- Co-authored-by: Romain Minaud <romain.minaud@gmail.com> Co-authored-by: Valya Bullions <valya@n8n.io> Co-authored-by: Csaba Tuncsik <csaba@n8n.io> Co-authored-by: Giulio Andreini <g.andreini@gmail.com> Co-authored-by: Omar Ajoue <krynble@gmail.com> 2023-08-25 01:33:46 -07:00
			`const resp = await authOwnerAgent.post('/external-secrets/providers/dummy/update');`
			`expect(resp.status).toBe(400);`
			`expect(resp.body.data).toEqual({ updated: false });`
			`expect(updateSpy).not.toBeCalled();`
			`});`
			`});`

			`describe('GET /external-secrets/secrets', () => {`
			`test('can get secret names as owner', async () => {`
			`const resp = await authOwnerAgent.get('/external-secrets/secrets');`
			`expect(resp.status).toBe(200);`
			`expect(resp.body.data).toEqual({`
			`dummy: ['test1', 'test2'],`
			`});`
			`});`

			`test('can not get secret names as non-owner', async () => {`
			`const resp = await authMemberAgent.get('/external-secrets/secrets');`
			`expect(resp.status).toBe(403);`
			`expect(resp.body.data).not.toEqual({`
			`dummy: ['test1', 'test2'],`
			`});`
			`});`
			`});`