mudhorn/n8n
1
0
Fork 0
mirror of https://github.com/n8n-io/n8n.git synced 2024-11-09 22:24:05 -08:00
Code Issues Actions Packages Projects Releases Wiki Activity

fix(editor): Show MFA section to instance owner, even when external auth is enabled (#9301)

Browse source
This commit is contained in:
कारतोफ्फेलस्क्रिप्ट™ 2024-05-03 15:03:59 +02:00 committed by GitHub
parent d92f994913
commit b65e0e2811
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
2 changed files with 43 additions and 23 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

27
packages/editor-ui/src/views/SettingsPersonalView.vue
View file

@ -32,7 +32,7 @@
/> />
</div> </div>
</div> </div>
<div v-if="!signInWithLdap && !signInWithSaml"> <div v-if="isPersonalSecurityEnabled">
<div class="mb-s"> <div class="mb-s">
<n8n-heading size="large">{{ i18n.baseText('settings.personal.security') }}</n8n-heading> <n8n-heading size="large">{{ i18n.baseText('settings.personal.security') }}</n8n-heading>
</div> </div>
@ -43,7 +43,7 @@
}}</n8n-link> }}</n8n-link>
</n8n-input-label> </n8n-input-label>
</div> </div>
<div v-if="isMfaFeatureEnabled"> <div v-if="isMfaFeatureEnabled" data-test-id="mfa-section">
<div class="mb-xs"> <div class="mb-xs">
<n8n-input-label :label="$locale.baseText('settings.personal.mfa.section.title')" /> <n8n-input-label :label="$locale.baseText('settings.personal.mfa.section.title')" />
<n8n-text :bold="false" :class="$style.infoText"> <n8n-text :bold="false" :class="$style.infoText">
@ -171,7 +171,7 @@ export default defineComponent({
required: true, required: true,
autocomplete: 'given-name', autocomplete: 'given-name',
capitalize: true, capitalize: true,
disabled: this.isLDAPFeatureEnabled && this.signInWithLdap, disabled: this.isExternalAuthEnabled,
}, },
}, },
{ {
@ -183,7 +183,7 @@ export default defineComponent({
required: true, required: true,
autocomplete: 'family-name', autocomplete: 'family-name',
capitalize: true, capitalize: true,
disabled: this.isLDAPFeatureEnabled && this.signInWithLdap, disabled: this.isExternalAuthEnabled,
}, },
}, },
{ {
@ -196,7 +196,7 @@ export default defineComponent({
validationRules: [{ name: 'VALID_EMAIL' }], validationRules: [{ name: 'VALID_EMAIL' }],
autocomplete: 'email', autocomplete: 'email',
capitalize: true, capitalize: true,
disabled: (this.isLDAPFeatureEnabled && this.signInWithLdap) || this.signInWithSaml, disabled: !this.isPersonalSecurityEnabled,
}, },
}, },
]; ];
@ -206,16 +206,15 @@ export default defineComponent({
currentUser(): IUser | null { currentUser(): IUser | null {
return this.usersStore.currentUser; return this.usersStore.currentUser;
}, },
signInWithLdap(): boolean { isExternalAuthEnabled(): boolean {
return this.currentUser?.signInType === 'ldap'; const isLdapEnabled =
this.settingsStore.settings.enterprise.ldap && this.currentUser?.signInType === 'ldap';
const isSamlEnabled =
this.settingsStore.isSamlLoginEnabled && this.settingsStore.isDefaultAuthenticationSaml;
return isLdapEnabled || isSamlEnabled;
}, },
isLDAPFeatureEnabled(): boolean { isPersonalSecurityEnabled(): boolean {
return this.settingsStore.settings.enterprise.ldap; return this.usersStore.isInstanceOwner || !this.isExternalAuthEnabled;
},
signInWithSaml(): boolean {
return (
this.settingsStore.isSamlLoginEnabled && this.settingsStore.isDefaultAuthenticationSaml
);
}, },
mfaDisabled(): boolean { mfaDisabled(): boolean {
return !this.usersStore.mfaEnabled; return !this.usersStore.mfaEnabled;

39
packages/editor-ui/src/views/__tests__/SettingsPersonalView.test.ts
View file

@ -57,16 +57,37 @@ describe('SettingsPersonalView', () => {
expect(getByTestId('change-password-link')).toBeInTheDocument(); expect(getByTestId('change-password-link')).toBeInTheDocument();
}); });
it('should disable email and pw change when SAML login is enabled', async () => { describe('when external auth is enabled, email and password change', () => {
vi.spyOn(settingsStore, 'isSamlLoginEnabled', 'get').mockReturnValue(true); beforeEach(() => {
vi.spyOn(settingsStore, 'isDefaultAuthenticationSaml', 'get').mockReturnValue(true); vi.spyOn(settingsStore, 'isSamlLoginEnabled', 'get').mockReturnValue(true);
vi.spyOn(settingsStore, 'isDefaultAuthenticationSaml', 'get').mockReturnValue(true);
vi.spyOn(settingsStore, 'isMfaFeatureEnabled', 'get').mockReturnValue(true);
});
const { queryByTestId, getAllByRole } = renderComponent({ pinia }); it('should not be disabled for the instance owner', async () => {
await waitAllPromises(); vi.spyOn(usersStore, 'isInstanceOwner', 'get').mockReturnValue(true);
expect( const { queryByTestId, getAllByRole } = renderComponent({ pinia });
getAllByRole('textbox').find((el) => el.getAttribute('type') === 'email'), await waitAllPromises();
).toBeDisabled();
expect(queryByTestId('change-password-link')).not.toBeInTheDocument(); expect(
getAllByRole('textbox').find((el) => el.getAttribute('type') === 'email'),
).toBeEnabled();
expect(queryByTestId('change-password-link')).toBeInTheDocument();
expect(queryByTestId('mfa-section')).toBeInTheDocument();
});
it('should be disabled for members', async () => {
vi.spyOn(usersStore, 'isInstanceOwner', 'get').mockReturnValue(false);
const { queryByTestId, getAllByRole } = renderComponent({ pinia });
await waitAllPromises();
expect(
getAllByRole('textbox').find((el) => el.getAttribute('type') === 'email'),
).toBeDisabled();
expect(queryByTestId('change-password-link')).not.toBeInTheDocument();
expect(queryByTestId('mfa-section')).not.toBeInTheDocument();
});
}); });
}); });