mudhorn/n8n
1
0
Fork 0
mirror of https://github.com/n8n-io/n8n.git synced 2025-03-05 20:50:17 -08:00
Code Issues Actions Packages Projects Releases Wiki Activity

feat: Implement runtine check for enterprise features (no-changelog) (#4676)

Browse source 
* feat: Implement runtine check for enterprise features
This commit is contained in:
Omar Ajoue 2022-11-22 14:24:29 +01:00 committed by GitHub
parent 78119c9f22
commit 7b00d6e731
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
2 changed files with 28 additions and 10 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

27
packages/cli/src/UserManagement/PermissionChecker.ts
View file

@ -1,6 +1,9 @@
import { INode, NodeOperationError, Workflow } from 'n8n-workflow'; import { INode, NodeOperationError, Workflow } from 'n8n-workflow';
import { In } from 'typeorm'; import { FindManyOptions, In, ObjectLiteral } from 'typeorm';
import * as Db from '@/Db'; import * as Db from '@/Db';
import config from '@/config';
import type { SharedCredentials } from '@db/entities/SharedCredentials';
import { getRole } from './UserManagementHelper';
export class PermissionChecker { export class PermissionChecker {
/** /**
@ -26,23 +29,29 @@ export class PermissionChecker {
// allow if all creds used in this workflow are a subset of // allow if all creds used in this workflow are a subset of
// all creds accessible to users who have access to this workflow // all creds accessible to users who have access to this workflow
let workflowUserIds: string[] = []; let workflowUserIds = [userId];
if (workflow.id) { if (workflow.id && config.getEnv('enterprise.workflowSharingEnabled')) {
const workflowSharings = await Db.collections.SharedWorkflow.find({ const workflowSharings = await Db.collections.SharedWorkflow.find({
relations: ['workflow'], relations: ['workflow'],
where: { workflow: { id: Number(workflow.id) } }, where: { workflow: { id: Number(workflow.id) } },
}); });
workflowUserIds = workflowSharings.map((s) => s.userId); workflowUserIds = workflowSharings.map((s) => s.userId);
} else {
// unsaved workflows have no id, so only get credentials for current user
workflowUserIds = [userId];
} }
const credentialSharings = await Db.collections.SharedCredentials.find({ const credentialsWhereCondition: FindManyOptions<SharedCredentials> & { where: ObjectLiteral } =
{
where: { user: In(workflowUserIds) }, where: { user: In(workflowUserIds) },
}); };
if (!config.getEnv('enterprise.features.sharing')) {
// If credential sharing is not enabled, get only credentials owned by this user
credentialsWhereCondition.where.role = await getRole('credential', 'owner');
}
const credentialSharings = await Db.collections.SharedCredentials.find(
credentialsWhereCondition,
);
const accessibleCredIds = credentialSharings.map((s) => s.credentialId.toString()); const accessibleCredIds = credentialSharings.map((s) => s.credentialId.toString());

9
packages/cli/src/UserManagement/UserManagementHelper.ts
View file

@ -78,6 +78,15 @@ export async function getInstanceOwner(): Promise<User> {
return owner; return owner;
} }
export async function getRole(scope: Role['scope'], name: Role['name']): Promise<Role> {
return Db.collections.Role.findOneOrFail({
where: {
name,
scope,
},
});
}
/** /**
* Return the n8n instance base URL without trailing slash. * Return the n8n instance base URL without trailing slash.
*/ */