feat(core): Add workflowId filter to the test-definitions endpoint (no-changelog) (#11831)

2025-01-29 21:31:07 -08:00 · 2024-11-26 15:01:00 +01:00 · 2024-11-26 15:01:00 +01:00 · 6b23ad0c12
parent 3341267518
commit 6b23ad0c12
4 changed files with 73 additions and 5 deletions
--- a/packages/cli/src/databases/repositories/test-definition.repository.ee.ts
+++ b/packages/cli/src/databases/repositories/test-definition.repository.ee.ts
@ -3,6 +3,7 @@ import { DataSource, In, Repository } from '@n8n/typeorm';
 import { Service } from 'typedi';

 import { TestDefinition } from '@/databases/entities/test-definition.ee';
+import { ForbiddenError } from '@/errors/response-errors/forbidden.error';
 import type { ListQuery } from '@/requests';

@Service()
@ -14,12 +15,21 @@ export class TestDefinitionRepository extends Repository<TestDefinition> {
 	async getMany(accessibleWorkflowIds: string[], options?: ListQuery.Options) {
 		if (accessibleWorkflowIds.length === 0) return { tests: [], count: 0 };

-		const where: FindOptionsWhere<TestDefinition> = {
-			...options?.filter,
-			workflow: {
+		const where: FindOptionsWhere<TestDefinition> = {};
+
+		if (options?.filter?.workflowId) {
+			if (!accessibleWorkflowIds.includes(options.filter.workflowId as string)) {
+				throw new ForbiddenError('User does not have access to the workflow');
+			}
+
+			where.workflow = {
+				id: options.filter.workflowId as string,
+			};
+		} else {
+			where.workflow = {
 				id: In(accessibleWorkflowIds),
-			},
-		};
+			};
+		}

 		const findManyOptions: FindManyOptions<TestDefinition> = {
 			where,
--- a/packages/cli/src/middlewares/list-query/dtos/test-definitions.filter.dto.ts
+++ b/packages/cli/src/middlewares/list-query/dtos/test-definitions.filter.dto.ts
@ -0,0 +1,15 @@
+import { Expose } from 'class-transformer';
+import { IsOptional, IsString } from 'class-validator';
+
+import { BaseFilter } from './base.filter.dto';
+
+export class TestDefinitionsFilter extends BaseFilter {
+	@IsString()
+	@IsOptional()
+	@Expose()
+	workflowId?: string;
+
+	static async fromString(rawFilter: string) {
+		return await this.toFilter(rawFilter, TestDefinitionsFilter);
+	}
+}
--- a/packages/cli/src/middlewares/list-query/filter.ts
+++ b/packages/cli/src/middlewares/list-query/filter.ts
@ -5,6 +5,7 @@ import * as ResponseHelper from '@/response-helper';
 import { toError } from '@/utils';

 import { CredentialsFilter } from './dtos/credentials.filter.dto';
+import { TestDefinitionsFilter } from './dtos/test-definitions.filter.dto';
 import { UserFilter } from './dtos/user.filter.dto';
 import { WorkflowFilter } from './dtos/workflow.filter.dto';

@ -25,6 +26,8 @@ export const filterListQueryMiddleware = async (
 		Filter = CredentialsFilter;
 	} else if (req.baseUrl.endsWith('users')) {
 		Filter = UserFilter;
+	} else if (req.baseUrl.endsWith('test-definitions')) {
+		Filter = TestDefinitionsFilter;
 	} else {
 		return next();
 	}
--- a/packages/cli/test/integration/evaluation/test-definitions.api.test.ts
+++ b/packages/cli/test/integration/evaluation/test-definitions.api.test.ts
@ -14,6 +14,7 @@ import * as utils from './../shared/utils/';

 let authOwnerAgent: SuperAgentTest;
 let workflowUnderTest: WorkflowEntity;
+let workflowUnderTest2: WorkflowEntity;
 let evaluationWorkflow: WorkflowEntity;
 let otherWorkflow: WorkflowEntity;
 let ownerShell: User;
@ -29,6 +30,7 @@ beforeEach(async () => {
 	await testDb.truncate(['TestDefinition', 'Workflow', 'AnnotationTag']);

 	workflowUnderTest = await createWorkflow({ name: 'workflow-under-test' }, ownerShell);
+	workflowUnderTest2 = await createWorkflow({ name: 'workflow-under-test-2' }, ownerShell);
 	evaluationWorkflow = await createWorkflow({ name: 'evaluation-workflow' }, ownerShell);
 	otherWorkflow = await createWorkflow({ name: 'other-workflow' });
 	annotationTag = (await createAnnotationTags(['test-tag']))[0];
@ -90,6 +92,44 @@ describe('GET /evaluation/test-definitions', () => {
 		expect(resp.body.data.count).toBe(15);
 		expect(resp.body.data.testDefinitions).toHaveLength(5);
 	});
+
+	test('should retrieve test definitions list for a workflow', async () => {
+		// Add a bunch of test definitions for two different workflows
+		const testDefinitions = [];
+
+		for (let i = 0; i < 15; i++) {
+			const newTest = Container.get(TestDefinitionRepository).create({
+				name: `test-${i}`,
+				workflow: { id: workflowUnderTest.id },
+			});
+
+			const newTest2 = Container.get(TestDefinitionRepository).create({
+				name: `test-${i * 2}`,
+				workflow: { id: workflowUnderTest2.id },
+			});
+
+			testDefinitions.push(newTest, newTest2);
+		}
+
+		await Container.get(TestDefinitionRepository).save(testDefinitions);
+
+		// Fetch test definitions of a second workflow
+		let resp = await authOwnerAgent.get(
+			`/evaluation/test-definitions?filter=${JSON.stringify({ workflowId: workflowUnderTest2.id })}`,
+		);
+
+		expect(resp.statusCode).toBe(200);
+		expect(resp.body.data.count).toBe(15);
+	});
+
+	test('should return error if user has no access to the workflowId specified in filter', async () => {
+		let resp = await authOwnerAgent.get(
+			`/evaluation/test-definitions?filter=${JSON.stringify({ workflowId: otherWorkflow.id })}`,
+		);
+
+		expect(resp.statusCode).toBe(403);
+		expect(resp.body.message).toBe('User does not have access to the workflow');
+	});
 });

 describe('GET /evaluation/test-definitions/:id', () => {