n8n/packages/cli/test/integration/role.api.test.ts

import { Container } from 'typedi';
import type { Scope } from '@n8n/permissions';

import type { GlobalRole } from '@db/entities/User';
import type { ProjectRole } from '@db/entities/ProjectRelation';
import type { CredentialSharingRole } from '@db/entities/SharedCredentials';
import type { WorkflowSharingRole } from '@db/entities/SharedWorkflow';
import { RoleService } from '@/services/role.service';

import * as utils from './shared/utils/';
import { createMember } from './shared/db/users';
import type { SuperAgentTest } from './shared/types';

const testServer = utils.setupTestServer({
	endpointGroups: ['role'],
});

let memberAgent: SuperAgentTest;

const expectedCategories = ['global', 'project', 'credential', 'workflow'] as const;
let expectedGlobalRoles: Array<{
	name: string;
	role: GlobalRole;
	scopes: Scope[];
	licensed: boolean;
}>;
let expectedProjectRoles: Array<{
	name: string;
	role: ProjectRole;
	scopes: Scope[];
	licensed: boolean;
}>;
let expectedCredentialRoles: Array<{
	name: string;
	role: CredentialSharingRole;
	scopes: Scope[];
	licensed: boolean;
}>;
let expectedWorkflowRoles: Array<{
	name: string;
	role: WorkflowSharingRole;
	scopes: Scope[];
	licensed: boolean;
}>;

beforeAll(async () => {
	memberAgent = testServer.authAgentFor(await createMember());

	expectedGlobalRoles = [
		{
			name: 'Owner',
			role: 'global:owner',
			scopes: Container.get(RoleService).getRoleScopes('global:owner'),
			licensed: true,
		},
		{
			name: 'Admin',
			role: 'global:admin',
			scopes: Container.get(RoleService).getRoleScopes('global:admin'),
			licensed: false,
		},
		{
			name: 'Member',
			role: 'global:member',
			scopes: Container.get(RoleService).getRoleScopes('global:member'),
			licensed: true,
		},
	];
	expectedProjectRoles = [
		{
			name: 'Project Owner',
			role: 'project:personalOwner',
			scopes: Container.get(RoleService).getRoleScopes('project:personalOwner'),
			licensed: true,
		},
		{
			name: 'Project Admin',
			role: 'project:admin',
			scopes: Container.get(RoleService).getRoleScopes('project:admin'),
			licensed: false,
		},
		{
			name: 'Project Editor',
			role: 'project:editor',
			scopes: Container.get(RoleService).getRoleScopes('project:editor'),
			licensed: false,
		},
	];
	expectedCredentialRoles = [
		{
			name: 'Credential Owner',
			role: 'credential:owner',
			scopes: Container.get(RoleService).getRoleScopes('credential:owner'),
			licensed: true,
		},
		{
			name: 'Credential User',
			role: 'credential:user',
			scopes: Container.get(RoleService).getRoleScopes('credential:user'),
			licensed: true,
		},
	];
	expectedWorkflowRoles = [
		{
			name: 'Workflow Owner',
			role: 'workflow:owner',
			scopes: Container.get(RoleService).getRoleScopes('workflow:owner'),
			licensed: true,
		},
		{
			name: 'Workflow Editor',
			role: 'workflow:editor',
			scopes: Container.get(RoleService).getRoleScopes('workflow:editor'),
			licensed: true,
		},
	];
});

describe('GET /roles/', () => {
	test('should return all role categories', async () => {
		const resp = await memberAgent.get('/roles/');

		expect(resp.status).toBe(200);

		const data: Record<string, string[]> = resp.body.data;

		const categories = [...Object.keys(data)];
		expect(categories.length).toBe(expectedCategories.length);
		expect(expectedCategories.every((c) => categories.includes(c))).toBe(true);
	});

	test('should return fixed global roles', async () => {
		const resp = await memberAgent.get('/roles/');

		expect(resp.status).toBe(200);
		for (const role of expectedGlobalRoles) {
			expect(resp.body.data.global).toContainEqual(role);
		}
	});

	test('should return fixed project roles', async () => {
		const resp = await memberAgent.get('/roles/');

		expect(resp.status).toBe(200);
		for (const role of expectedProjectRoles) {
			expect(resp.body.data.project).toContainEqual(role);
		}
	});

	test('should return fixed credential sharing roles', async () => {
		const resp = await memberAgent.get('/roles/');

		expect(resp.status).toBe(200);
		for (const role of expectedCredentialRoles) {
			expect(resp.body.data.credential).toContainEqual(role);
		}
	});

	test('should return fixed workflow sharing roles', async () => {
		const resp = await memberAgent.get('/roles/');

		expect(resp.status).toBe(200);
		for (const role of expectedWorkflowRoles) {
			expect(resp.body.data.workflow).toContainEqual(role);
		}
	});
});
refactor(core): Update supertest, and fix some typing errors (no-changelog) (#9527) 2024-05-31 00:40:03 -07:00			`import { Container } from 'typedi';`
			`import type { Scope } from '@n8n/permissions';`

			`import type { GlobalRole } from '@db/entities/User';`
			`import type { ProjectRole } from '@db/entities/ProjectRelation';`
			`import type { CredentialSharingRole } from '@db/entities/SharedCredentials';`
			`import type { WorkflowSharingRole } from '@db/entities/SharedWorkflow';`
			`import { RoleService } from '@/services/role.service';`

feat: RBAC (#8922) Signed-off-by: Oleg Ivaniv <me@olegivaniv.com> Co-authored-by: Val <68596159+valya@users.noreply.github.com> Co-authored-by: कारतोफ्फेलस्क्रिप्ट™ <aditya@netroy.in> Co-authored-by: Valya Bullions <valya@n8n.io> Co-authored-by: Danny Martini <danny@n8n.io> Co-authored-by: Danny Martini <despair.blue@gmail.com> Co-authored-by: Iván Ovejero <ivov.src@gmail.com> Co-authored-by: Omar Ajoue <krynble@gmail.com> Co-authored-by: oleg <me@olegivaniv.com> Co-authored-by: Michael Kret <michael.k@radency.com> Co-authored-by: Michael Kret <88898367+michael-radency@users.noreply.github.com> Co-authored-by: Elias Meire <elias@meire.dev> Co-authored-by: Giulio Andreini <andreini@netseven.it> Co-authored-by: Giulio Andreini <g.andreini@gmail.com> Co-authored-by: Ayato Hayashi <go12limchangyong@gmail.com> 2024-05-17 01:53:15 -07:00			`import * as utils from './shared/utils/';`
			`import { createMember } from './shared/db/users';`
refactor(core): Update supertest, and fix some typing errors (no-changelog) (#9527) 2024-05-31 00:40:03 -07:00			`import type { SuperAgentTest } from './shared/types';`
feat: RBAC (#8922) Signed-off-by: Oleg Ivaniv <me@olegivaniv.com> Co-authored-by: Val <68596159+valya@users.noreply.github.com> Co-authored-by: कारतोफ्फेलस्क्रिप्ट™ <aditya@netroy.in> Co-authored-by: Valya Bullions <valya@n8n.io> Co-authored-by: Danny Martini <danny@n8n.io> Co-authored-by: Danny Martini <despair.blue@gmail.com> Co-authored-by: Iván Ovejero <ivov.src@gmail.com> Co-authored-by: Omar Ajoue <krynble@gmail.com> Co-authored-by: oleg <me@olegivaniv.com> Co-authored-by: Michael Kret <michael.k@radency.com> Co-authored-by: Michael Kret <88898367+michael-radency@users.noreply.github.com> Co-authored-by: Elias Meire <elias@meire.dev> Co-authored-by: Giulio Andreini <andreini@netseven.it> Co-authored-by: Giulio Andreini <g.andreini@gmail.com> Co-authored-by: Ayato Hayashi <go12limchangyong@gmail.com> 2024-05-17 01:53:15 -07:00
			`const testServer = utils.setupTestServer({`
			`endpointGroups: ['role'],`
			`});`

			`let memberAgent: SuperAgentTest;`

			`const expectedCategories = ['global', 'project', 'credential', 'workflow'] as const;`
			`let expectedGlobalRoles: Array<{`
			`name: string;`
			`role: GlobalRole;`
			`scopes: Scope[];`
			`licensed: boolean;`
			`}>;`
			`let expectedProjectRoles: Array<{`
			`name: string;`
			`role: ProjectRole;`
			`scopes: Scope[];`
			`licensed: boolean;`
			`}>;`
			`let expectedCredentialRoles: Array<{`
			`name: string;`
			`role: CredentialSharingRole;`
			`scopes: Scope[];`
			`licensed: boolean;`
			`}>;`
			`let expectedWorkflowRoles: Array<{`
			`name: string;`
			`role: WorkflowSharingRole;`
			`scopes: Scope[];`
			`licensed: boolean;`
			`}>;`

			`beforeAll(async () => {`
			`memberAgent = testServer.authAgentFor(await createMember());`

			`expectedGlobalRoles = [`
			`{`
			`name: 'Owner',`
			`role: 'global:owner',`
			`scopes: Container.get(RoleService).getRoleScopes('global:owner'),`
			`licensed: true,`
			`},`
			`{`
			`name: 'Admin',`
			`role: 'global:admin',`
			`scopes: Container.get(RoleService).getRoleScopes('global:admin'),`
			`licensed: false,`
			`},`
			`{`
			`name: 'Member',`
			`role: 'global:member',`
			`scopes: Container.get(RoleService).getRoleScopes('global:member'),`
			`licensed: true,`
			`},`
			`];`
			`expectedProjectRoles = [`
			`{`
			`name: 'Project Owner',`
			`role: 'project:personalOwner',`
			`scopes: Container.get(RoleService).getRoleScopes('project:personalOwner'),`
			`licensed: true,`
			`},`
			`{`
			`name: 'Project Admin',`
			`role: 'project:admin',`
			`scopes: Container.get(RoleService).getRoleScopes('project:admin'),`
			`licensed: false,`
			`},`
			`{`
			`name: 'Project Editor',`
			`role: 'project:editor',`
			`scopes: Container.get(RoleService).getRoleScopes('project:editor'),`
			`licensed: false,`
			`},`
			`];`
			`expectedCredentialRoles = [`
			`{`
			`name: 'Credential Owner',`
			`role: 'credential:owner',`
			`scopes: Container.get(RoleService).getRoleScopes('credential:owner'),`
			`licensed: true,`
			`},`
			`{`
			`name: 'Credential User',`
			`role: 'credential:user',`
			`scopes: Container.get(RoleService).getRoleScopes('credential:user'),`
			`licensed: true,`
			`},`
			`];`
			`expectedWorkflowRoles = [`
			`{`
			`name: 'Workflow Owner',`
			`role: 'workflow:owner',`
			`scopes: Container.get(RoleService).getRoleScopes('workflow:owner'),`
			`licensed: true,`
			`},`
			`{`
			`name: 'Workflow Editor',`
			`role: 'workflow:editor',`
			`scopes: Container.get(RoleService).getRoleScopes('workflow:editor'),`
			`licensed: true,`
			`},`
			`];`
			`});`

			`describe('GET /roles/', () => {`
			`test('should return all role categories', async () => {`
			`const resp = await memberAgent.get('/roles/');`

			`expect(resp.status).toBe(200);`

			`const data: Record<string, string[]> = resp.body.data;`

			`const categories = [...Object.keys(data)];`
			`expect(categories.length).toBe(expectedCategories.length);`
			`expect(expectedCategories.every((c) => categories.includes(c))).toBe(true);`
			`});`

			`test('should return fixed global roles', async () => {`
			`const resp = await memberAgent.get('/roles/');`

			`expect(resp.status).toBe(200);`
			`for (const role of expectedGlobalRoles) {`
			`expect(resp.body.data.global).toContainEqual(role);`
			`}`
			`});`

			`test('should return fixed project roles', async () => {`
			`const resp = await memberAgent.get('/roles/');`

			`expect(resp.status).toBe(200);`
			`for (const role of expectedProjectRoles) {`
			`expect(resp.body.data.project).toContainEqual(role);`
			`}`
			`});`

			`test('should return fixed credential sharing roles', async () => {`
			`const resp = await memberAgent.get('/roles/');`

			`expect(resp.status).toBe(200);`
			`for (const role of expectedCredentialRoles) {`
			`expect(resp.body.data.credential).toContainEqual(role);`
			`}`
			`});`

			`test('should return fixed workflow sharing roles', async () => {`
			`const resp = await memberAgent.get('/roles/');`

			`expect(resp.status).toBe(200);`
			`for (const role of expectedWorkflowRoles) {`
			`expect(resp.body.data.workflow).toContainEqual(role);`
			`}`
			`});`
			`});`