From 6efbac307fb7b0e8436ad1dbd8662b8d1a2167f6 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=E0=A4=95=E0=A4=BE=E0=A4=B0=E0=A4=A4=E0=A5=8B=E0=A4=AB?=
 =?UTF-8?q?=E0=A5=8D=E0=A4=AB=E0=A5=87=E0=A4=B2=E0=A4=B8=E0=A5=8D=E0=A4=95?=
 =?UTF-8?q?=E0=A5=8D=E0=A4=B0=E0=A4=BF=E0=A4=AA=E0=A5=8D=E0=A4=9F=E2=84=A2?=
 <netroy@users.noreply.github.com>
Date: Tue, 27 Dec 2022 16:09:43 +0100
Subject: [PATCH] fix(core): Non owner should be permitted to use their own
 credentials (#5036)

---
 .../cli/src/UserManagement/PermissionChecker.ts   | 15 ++++++---------
 1 file changed, 6 insertions(+), 9 deletions(-)

diff --git a/packages/cli/src/UserManagement/PermissionChecker.ts b/packages/cli/src/UserManagement/PermissionChecker.ts
index eb1f9b06b9..db473bfe2b 100644
--- a/packages/cli/src/UserManagement/PermissionChecker.ts
+++ b/packages/cli/src/UserManagement/PermissionChecker.ts
@@ -5,7 +5,7 @@ import {
 	Workflow,
 	WorkflowOperationError,
 } from 'n8n-workflow';
-import { FindManyOptions, In, ObjectLiteral } from 'typeorm';
+import { FindConditions, In } from 'typeorm';
 import * as Db from '@/Db';
 import config from '@/config';
 import type { SharedCredentials } from '@db/entities/SharedCredentials';
@@ -47,19 +47,16 @@ export class PermissionChecker {
 			workflowUserIds = workflowSharings.map((s) => s.userId);
 		}
 
-		const credentialsWhereCondition: FindManyOptions<SharedCredentials> & { where: ObjectLiteral } =
-			{
-				where: { user: In(workflowUserIds) },
-			};
+		const credentialsWhere: FindConditions<SharedCredentials> = { userId: In(workflowUserIds) };
 
 		if (!isSharingEnabled()) {
 			// If credential sharing is not enabled, get only credentials owned by this user
-			credentialsWhereCondition.where.role = await getRole('credential', 'owner');
+			credentialsWhere.role = await getRole('credential', 'owner');
 		}
 
-		const credentialSharings = await Db.collections.SharedCredentials.find(
-			credentialsWhereCondition,
-		);
+		const credentialSharings = await Db.collections.SharedCredentials.find({
+			where: credentialsWhere,
+		});
 
 		const accessibleCredIds = credentialSharings.map((s) => s.credentialsId.toString());