n8n/packages/cli/src/PublicApi/middlewares.ts

/* eslint-disable @typescript-eslint/no-unsafe-assignment */
/* eslint-disable @typescript-eslint/no-unsafe-call */
/* eslint-disable @typescript-eslint/no-unsafe-member-access */
/* eslint-disable import/no-cycle */
/* eslint-disable @typescript-eslint/no-unused-vars */
/* eslint-disable consistent-return */
/* eslint-disable @typescript-eslint/no-explicit-any */
import express = require('express');
import config = require('../../config');
import type { UserRequest } from '../requests';
import * as UserManagementMailer from '../UserManagement/email/UserManagementMailer';

import { decodeCursor, getGlobalMemberRole } from './helpers';

type Role = 'owner' | 'member';

const instanceOwnerSetup = (
	req: express.Request,
	res: express.Response,
	next: express.NextFunction,
): any => {
	if (!config.getEnv('userManagement.isInstanceOwnerSetUp')) {
		return res.status(500).json({ message: 'Instance owner is not set up' });
	}
	next();
};

const emailSetup = (
	req: express.Request,
	res: express.Response,
	next: express.NextFunction,
): any => {
	if (!config.getEnv('userManagement.emails.mode')) {
		return res.status(500).json({ message: 'Email is not set up' });
	}
	next();
};

const authorize =
	(role: [Role]) =>
	(req: express.Request, res: express.Response, next: express.NextFunction): any => {
		const {
			globalRole: { name: userRole },
		} = req.user as { globalRole: { name: Role } };
		if (role.includes(userRole)) {
			return next();
		}
		return res.status(403).json({
			message: 'Unauthorized',
		});
	};

const deletingOwnUser = (
	req: UserRequest.Delete,
	res: express.Response,
	next: express.NextFunction,
): any => {
	if (req.user.id === req.params.identifier) {
		return res.status(400).json({
			message: `Cannot delete your own user`,
		});
	}
	next();
};

const transferingToDeletedUser = (
	req: UserRequest.Delete,
	res: express.Response,
	next: express.NextFunction,
): any => {
	if (req.query.transferId === req.params.identifier) {
		return res.status(400).json({
			message: `Request to delete a user failed because the user to delete and the transferee are the same user`,
		});
	}
	next();
};

const validCursor = (
	req: UserRequest.Get,
	res: express.Response,
	next: express.NextFunction,
): any => {
	if (req.query.cursor) {
		const { cursor } = req.query;
		try {
			const { offset, limit } = decodeCursor(cursor);
			req.query.offset = offset;
			req.query.limit = limit;
		} catch (error) {
			return res.status(400).json({
				message: 'An invalid cursor was used',
			});
		}
	}
	next();
};

const getMailerInstance = async (
	req: UserRequest.Invite,
	res: express.Response,
	next: express.NextFunction,
): Promise<any> => {
	let mailer: UserManagementMailer.UserManagementMailer | undefined;
	try {
		mailer = await UserManagementMailer.getInstance();
		req.mailer = mailer;
	} catch (error) {
		if (error instanceof Error) {
			return res.status(500).json({
				message: 'There is a problem with your SMTP setup',
			});
		}
	}
	next();
};

const globalMemberRoleSetup = async (
	req: UserRequest.Invite,
	res: express.Response,
	next: express.NextFunction,
): Promise<any> => {
	try {
		const role = await getGlobalMemberRole();
		req.globalMemberRole = role;
	} catch (error) {
		return res.status(500).json({
			message: 'Members role not found in database - inconsistent state',
		});
	}
	next();
};

export const middlewares = {
	createUsers: [
		instanceOwnerSetup,
		emailSetup,
		authorize(['owner']),
		getMailerInstance,
		globalMemberRoleSetup,
	],
	deleteUsers: [
		instanceOwnerSetup,
		deletingOwnUser,
		transferingToDeletedUser,
		authorize(['owner']),
	],
	getUsers: [instanceOwnerSetup, validCursor, authorize(['owner'])],
	getUser: [instanceOwnerSetup, authorize(['owner'])],
};
:zap: General improvements :zap: asasas 2022-04-11 18:15:19 -07:00			`/* eslint-disable @typescript-eslint/no-unsafe-assignment */`
			`/* eslint-disable @typescript-eslint/no-unsafe-call */`
			`/* eslint-disable @typescript-eslint/no-unsafe-member-access */`
:zap: Refactor GET /users and /users/:identifier 2022-04-06 17:35:48 -07:00			`/* eslint-disable import/no-cycle */`
			`/* eslint-disable @typescript-eslint/no-unused-vars */`
:zap: Refactor POST /users 2022-04-04 18:57:18 -07:00			`/* eslint-disable consistent-return */`
			`/* eslint-disable @typescript-eslint/no-explicit-any */`
			`import express = require('express');`
			`import config = require('../../config');`
			`import type { UserRequest } from '../requests';`
:zap: Improvements 2022-04-13 18:15:11 -07:00			`import * as UserManagementMailer from '../UserManagement/email/UserManagementMailer';`

			`import { decodeCursor, getGlobalMemberRole } from './helpers';`
:zap: Possibility to add custom middleware 2022-03-30 20:11:26 -07:00
:zap: Refactor POST /users 2022-04-04 18:57:18 -07:00			`type Role = 'owner' \| 'member';`

			`const instanceOwnerSetup = (`
			`req: express.Request,`
			`res: express.Response,`
			`next: express.NextFunction,`
			`): any => {`
:zap: General improvements :zap: asasas 2022-04-11 18:15:19 -07:00			`if (!config.getEnv('userManagement.isInstanceOwnerSetUp')) {`
Debug public API tests 2022-04-12 07:25:56 -07:00			`return res.status(500).json({ message: 'Instance owner is not set up' });`
:zap: Refactor POST /users 2022-04-04 18:57:18 -07:00			`}`
:zap: General improvements :zap: asasas 2022-04-11 18:15:19 -07:00			`next();`
:zap: Refactor POST /users 2022-04-04 18:57:18 -07:00			`};`

			`const emailSetup = (`
			`req: express.Request,`
			`res: express.Response,`
			`next: express.NextFunction,`
			`): any => {`
:zap: General improvements :zap: asasas 2022-04-11 18:15:19 -07:00			`if (!config.getEnv('userManagement.emails.mode')) {`
Debug public API tests 2022-04-12 07:25:56 -07:00			`return res.status(500).json({ message: 'Email is not set up' });`
:zap: Refactor POST /users 2022-04-04 18:57:18 -07:00			`}`
:zap: General improvements :zap: asasas 2022-04-11 18:15:19 -07:00			`next();`
:zap: Refactor POST /users 2022-04-04 18:57:18 -07:00			`};`

			`const authorize =`
			`(role: [Role]) =>`
			`(req: express.Request, res: express.Response, next: express.NextFunction): any => {`
			`const {`
			`globalRole: { name: userRole },`
			`} = req.user as { globalRole: { name: Role } };`
			`if (role.includes(userRole)) {`
			`return next();`
			`}`
:zap: General improvements :zap: asasas 2022-04-11 18:15:19 -07:00			`return res.status(403).json({`
Debug public API tests 2022-04-12 07:25:56 -07:00			`message: 'Unauthorized',`
:zap: Refactor POST /users 2022-04-04 18:57:18 -07:00			`});`
			`};`

:zap: Refactor DELETE /users 2022-04-05 16:24:23 -07:00			`const deletingOwnUser = (`
			`req: UserRequest.Delete,`
			`res: express.Response,`
			`next: express.NextFunction,`
			`): any => {`
			`if (req.user.id === req.params.identifier) {`
			`return res.status(400).json({`
			message: `Cannot delete your own user`,
			`});`
			`}`
			`next();`
			`};`

			`const transferingToDeletedUser = (`
			`req: UserRequest.Delete,`
			`res: express.Response,`
			`next: express.NextFunction,`
			`): any => {`
			`if (req.query.transferId === req.params.identifier) {`
			`return res.status(400).json({`
			message: `Request to delete a user failed because the user to delete and the transferee are the same user`,
			`});`
			`}`
			`next();`
			`};`

:zap: Refactor GET /users and /users/:identifier 2022-04-06 17:35:48 -07:00			`const validCursor = (`
			`req: UserRequest.Get,`
			`res: express.Response,`
			`next: express.NextFunction,`
			`): any => {`
			`if (req.query.cursor) {`
			`const { cursor } = req.query;`
			`try {`
:zap: Improvements 2022-04-13 18:15:11 -07:00			`const { offset, limit } = decodeCursor(cursor);`
			`req.query.offset = offset;`
			`req.query.limit = limit;`
:zap: Refactor GET /users and /users/:identifier 2022-04-06 17:35:48 -07:00			`} catch (error) {`
			`return res.status(400).json({`
:zap: Improvements 2022-04-13 18:15:11 -07:00			`message: 'An invalid cursor was used',`
			`});`
			`}`
			`}`
			`next();`
			`};`

			`const getMailerInstance = async (`
			`req: UserRequest.Invite,`
			`res: express.Response,`
			`next: express.NextFunction,`
			`): Promise<any> => {`
			`let mailer: UserManagementMailer.UserManagementMailer \| undefined;`
			`try {`
			`mailer = await UserManagementMailer.getInstance();`
			`req.mailer = mailer;`
			`} catch (error) {`
			`if (error instanceof Error) {`
			`return res.status(500).json({`
:zap: Improvements 2022-04-14 15:09:31 -07:00			`message: 'There is a problem with your SMTP setup',`
:zap: Refactor GET /users and /users/:identifier 2022-04-06 17:35:48 -07:00			`});`
			`}`
			`}`
:zap: Improvements 2022-04-13 18:15:11 -07:00			`next();`
			`};`

			`const globalMemberRoleSetup = async (`
			`req: UserRequest.Invite,`
			`res: express.Response,`
			`next: express.NextFunction,`
			`): Promise<any> => {`
			`try {`
			`const role = await getGlobalMemberRole();`
			`req.globalMemberRole = role;`
			`} catch (error) {`
			`return res.status(500).json({`
			`message: 'Members role not found in database - inconsistent state',`
			`});`
			`}`
:zap: Refactor GET /users and /users/:identifier 2022-04-06 17:35:48 -07:00			`next();`
			`};`

:zap: Possibility to add custom middleware 2022-03-30 20:11:26 -07:00			`export const middlewares = {`
:zap: Improvements 2022-04-13 18:15:11 -07:00			`createUsers: [`
			`instanceOwnerSetup,`
			`emailSetup,`
			`authorize(['owner']),`
			`getMailerInstance,`
			`globalMemberRoleSetup,`
			`],`
:zap: Refactor DELETE /users 2022-04-05 16:24:23 -07:00			`deleteUsers: [`
			`instanceOwnerSetup,`
			`deletingOwnUser,`
			`transferingToDeletedUser,`
			`authorize(['owner']),`
			`],`
:zap: General improvements :zap: asasas 2022-04-11 18:15:19 -07:00			`getUsers: [instanceOwnerSetup, validCursor, authorize(['owner'])],`
			`getUser: [instanceOwnerSetup, authorize(['owner'])],`
:zap: Possibility to add custom middleware 2022-03-30 20:11:26 -07:00			`};`