mirror of
https://github.com/n8n-io/n8n.git
synced 2025-01-12 13:27:31 -08:00
fix(core): Non owner should be permitted to use their own credentials (#5036)
This commit is contained in:
parent
d0865e28ff
commit
6efbac307f
|
@ -5,7 +5,7 @@ import {
|
|||
Workflow,
|
||||
WorkflowOperationError,
|
||||
} from 'n8n-workflow';
|
||||
import { FindManyOptions, In, ObjectLiteral } from 'typeorm';
|
||||
import { FindConditions, In } from 'typeorm';
|
||||
import * as Db from '@/Db';
|
||||
import config from '@/config';
|
||||
import type { SharedCredentials } from '@db/entities/SharedCredentials';
|
||||
|
@ -47,19 +47,16 @@ export class PermissionChecker {
|
|||
workflowUserIds = workflowSharings.map((s) => s.userId);
|
||||
}
|
||||
|
||||
const credentialsWhereCondition: FindManyOptions<SharedCredentials> & { where: ObjectLiteral } =
|
||||
{
|
||||
where: { user: In(workflowUserIds) },
|
||||
};
|
||||
const credentialsWhere: FindConditions<SharedCredentials> = { userId: In(workflowUserIds) };
|
||||
|
||||
if (!isSharingEnabled()) {
|
||||
// If credential sharing is not enabled, get only credentials owned by this user
|
||||
credentialsWhereCondition.where.role = await getRole('credential', 'owner');
|
||||
credentialsWhere.role = await getRole('credential', 'owner');
|
||||
}
|
||||
|
||||
const credentialSharings = await Db.collections.SharedCredentials.find(
|
||||
credentialsWhereCondition,
|
||||
);
|
||||
const credentialSharings = await Db.collections.SharedCredentials.find({
|
||||
where: credentialsWhere,
|
||||
});
|
||||
|
||||
const accessibleCredIds = credentialSharings.map((s) => s.credentialsId.toString());
|
||||
|
||||
|
|
Loading…
Reference in a new issue