mudhorn/n8n
1
0
Fork 0
mirror of https://github.com/n8n-io/n8n.git synced 2024-12-25 20:54:07 -08:00
Code Issues Actions Packages Projects Releases Wiki Activity

Enable external module imports in Function-node

Browse source 
Enable whitelist support to pick external modules which are allowed in
Function-node. The environment variable NODE_FUNCTION_ALLOW_EXTERNAL specifies
the list of modules to whitelist.
This commit is contained in:
Ram Yalamanchili 2019-12-26 18:49:48 -08:00
parent b3f3ce25dd
commit 04cdb08906
2 changed files with 16 additions and 7 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

13
docs/configuration.md
View file

@ -100,11 +100,13 @@ export N8N_CUSTOM_EXTENSIONS="/home/jim/n8n/custom-nodes;/data/n8n/nodes"
``` ```
## Use built-in modules in Function-Nodes ## Use built-in and external modules in Function-Nodes
By default is it for security reasons not allowed to import modules in Function-Nodes. For security reasons, importing modules is restricted by default in Function-Nodes.
It is, however, possible to lift that restriction for built-in modules by setting the It is, however, possible to lift that restriction for built-in and external modules by
environment variable `NODE_FUNCTION_ALLOW_BUILTIN`. setting the following environment variables:
`NODE_FUNCTION_ALLOW_BUILTIN`: For builtin modules
`NODE_FUNCTION_ALLOW_EXTERNAL`: For external modules sourced from n8n/node_modules directory. External module support is disabled when env variable is not set.
```bash ```bash
# Allows usage of all builtin modules # Allows usage of all builtin modules
@ -115,6 +117,9 @@ export NODE_FUNCTION_ALLOW_BUILTIN=crypto
# Allows usage of only crypto and fs # Allows usage of only crypto and fs
export NODE_FUNCTION_ALLOW_BUILTIN=crypto,fs export NODE_FUNCTION_ALLOW_BUILTIN=crypto,fs
# Allow usage of external npm modules. Wildcard matching is not supported.
export NODE_FUNCTION_ALLOW_EXTERNAL=moment,lodash
``` ```

10
packages/nodes-base/nodes/Function.node.ts
View file

@ -63,9 +63,8 @@ export class Function implements INodeType {
console: 'inherit', console: 'inherit',
sandbox, sandbox,
require: { require: {
external: false, external: false as boolean | { modules: string[] },
builtin: [] as string[], builtin: [] as string[],
root: './',
} }
}; };
@ -73,6 +72,11 @@ export class Function implements INodeType {
options.require.builtin = process.env.NODE_FUNCTION_ALLOW_BUILTIN.split(','); options.require.builtin = process.env.NODE_FUNCTION_ALLOW_BUILTIN.split(',');
} }
if (process.env.NODE_FUNCTION_ALLOW_EXTERNAL) {
options.require.external = { modules: process.env.NODE_FUNCTION_ALLOW_EXTERNAL.split(',') };
}
const vm = new NodeVM(options); const vm = new NodeVM(options);
// Get the code to execute // Get the code to execute
@ -80,7 +84,7 @@ export class Function implements INodeType {
try { try {
// Execute the function code // Execute the function code
items = (await vm.run(`module.exports = async function() {${functionCode}}()`)); items = (await vm.run(`module.exports = async function() {${functionCode}}()`, './'));
} catch (e) { } catch (e) {
return Promise.reject(e); return Promise.reject(e);
} }