mirror of
https://github.com/n8n-io/n8n.git
synced 2024-09-20 06:47:32 -07:00
refactor(core): Move typeorm
operators from various sources into repositories (no-changelog) (#8174)
Follow-up to: #8165
This commit is contained in:
parent
405e26757e
commit
e418d42450
|
@ -31,7 +31,6 @@ import type { ActiveWorkflowRunner } from '@/ActiveWorkflowRunner';
|
|||
import type { WorkflowExecute } from 'n8n-core';
|
||||
|
||||
import type PCancelable from 'p-cancelable';
|
||||
import type { FindOperator } from 'typeorm';
|
||||
|
||||
import type { ChildProcess } from 'child_process';
|
||||
|
||||
|
@ -606,8 +605,6 @@ export interface IWorkflowStatisticsDataLoaded {
|
|||
dataLoaded: boolean;
|
||||
}
|
||||
|
||||
export type WhereClause = Record<string, { [key: string]: string | FindOperator<unknown> }>;
|
||||
|
||||
// ----------------------------------
|
||||
// community nodes
|
||||
// ----------------------------------
|
||||
|
|
|
@ -1,9 +1,4 @@
|
|||
import { In } from 'typeorm';
|
||||
import { Container } from 'typedi';
|
||||
import type { Scope } from '@n8n/permissions';
|
||||
|
||||
import type { WhereClause } from '@/Interfaces';
|
||||
import type { User } from '@db/entities/User';
|
||||
import { License } from '@/License';
|
||||
|
||||
export function isSharingEnabled(): boolean {
|
||||
|
@ -29,32 +24,3 @@ export function rightDiff<T1, T2>(
|
|||
return acc;
|
||||
}, []);
|
||||
}
|
||||
|
||||
/**
|
||||
* Build a `where` clause for a TypeORM entity search,
|
||||
* checking for member access if the user is not an owner.
|
||||
*/
|
||||
export function whereClause({
|
||||
user,
|
||||
entityType,
|
||||
globalScope,
|
||||
entityId = '',
|
||||
roles = [],
|
||||
}: {
|
||||
user: User;
|
||||
entityType: 'workflow' | 'credentials';
|
||||
globalScope: Scope;
|
||||
entityId?: string;
|
||||
roles?: string[];
|
||||
}): WhereClause {
|
||||
const where: WhereClause = entityId ? { [entityType]: { id: entityId } } : {};
|
||||
|
||||
if (!user.hasGlobalScope(globalScope)) {
|
||||
where.user = { id: user.id };
|
||||
if (roles?.length) {
|
||||
where.role = { name: In(roles) };
|
||||
}
|
||||
}
|
||||
|
||||
return where;
|
||||
}
|
||||
|
|
|
@ -418,7 +418,7 @@ export async function replaceInvalidCredentials(workflow: WorkflowEntity): Promi
|
|||
|
||||
/**
|
||||
* Get the IDs of the workflows that have been shared with the user.
|
||||
* Returns all IDs if user has the 'workflow:read' scope (see `whereClause`)
|
||||
* Returns all IDs if user has the 'workflow:read' scope.
|
||||
*/
|
||||
export async function getSharedWorkflowIds(user: User, roles?: RoleNames[]): Promise<string[]> {
|
||||
const where: FindOptionsWhere<SharedWorkflow> = {};
|
||||
|
|
|
@ -1,5 +1,4 @@
|
|||
import { Container } from 'typedi';
|
||||
import { Not } from 'typeorm';
|
||||
import type { CredentialsEntity } from '@db/entities/CredentialsEntity';
|
||||
import { User } from '@db/entities/User';
|
||||
import { CredentialsRepository } from '@db/repositories/credentials.repository';
|
||||
|
@ -25,20 +24,16 @@ export class Reset extends BaseCommand {
|
|||
async run(): Promise<void> {
|
||||
const owner = await this.getInstanceOwner();
|
||||
|
||||
const ownerWorkflowRole = await Container.get(RoleService).findWorkflowOwnerRole();
|
||||
const ownerCredentialRole = await Container.get(RoleService).findCredentialOwnerRole();
|
||||
const workflowOwnerRole = await Container.get(RoleService).findWorkflowOwnerRole();
|
||||
const credentialOwnerRole = await Container.get(RoleService).findCredentialOwnerRole();
|
||||
|
||||
await Container.get(SharedWorkflowRepository).update(
|
||||
{ userId: Not(owner.id), roleId: ownerWorkflowRole.id },
|
||||
{ user: owner },
|
||||
await Container.get(SharedWorkflowRepository).makeOwnerOfAllWorkflows(owner, workflowOwnerRole);
|
||||
await Container.get(SharedCredentialsRepository).makeOwnerOfAllCredentials(
|
||||
owner,
|
||||
credentialOwnerRole,
|
||||
);
|
||||
|
||||
await Container.get(SharedCredentialsRepository).update(
|
||||
{ userId: Not(owner.id), roleId: ownerCredentialRole.id },
|
||||
{ user: owner },
|
||||
);
|
||||
|
||||
await Container.get(UserRepository).delete({ id: Not(owner.id) });
|
||||
await Container.get(UserRepository).deleteAllExcept(owner);
|
||||
await Container.get(UserRepository).save(Object.assign(owner, defaultUserProps));
|
||||
|
||||
const danglingCredentials: CredentialsEntity[] = await Container.get(CredentialsRepository)
|
||||
|
@ -50,7 +45,7 @@ export class Reset extends BaseCommand {
|
|||
Container.get(SharedCredentialsRepository).create({
|
||||
credentials,
|
||||
user: owner,
|
||||
role: ownerCredentialRole,
|
||||
role: credentialOwnerRole,
|
||||
}),
|
||||
);
|
||||
await Container.get(SharedCredentialsRepository).save(newSharedCredentials);
|
||||
|
|
|
@ -2,8 +2,6 @@ import { Get, RestController } from '@/decorators';
|
|||
import { ActiveWorkflowRunner } from '@/ActiveWorkflowRunner';
|
||||
import { MultiMainSetup } from '@/services/orchestration/main/MultiMainSetup.ee';
|
||||
import { WorkflowRepository } from '@/databases/repositories/workflow.repository';
|
||||
import { In } from 'typeorm';
|
||||
import { WebhookEntity } from '@/databases/entities/WebhookEntity';
|
||||
|
||||
@RestController('/debug')
|
||||
export class DebugController {
|
||||
|
@ -17,16 +15,11 @@ export class DebugController {
|
|||
async getMultiMainSetupDetails() {
|
||||
const leaderKey = await this.multiMainSetup.fetchLeaderKey();
|
||||
|
||||
const triggersAndPollers = await this.workflowRepository.find({
|
||||
select: ['id', 'name'],
|
||||
where: { id: In(this.activeWorkflowRunner.allActiveInMemory()) },
|
||||
});
|
||||
const triggersAndPollers = await this.workflowRepository.findIn(
|
||||
this.activeWorkflowRunner.allActiveInMemory(),
|
||||
);
|
||||
|
||||
const webhooks = (await this.workflowRepository
|
||||
.createQueryBuilder('workflow')
|
||||
.select('DISTINCT workflow.id, workflow.name')
|
||||
.innerJoin(WebhookEntity, 'webhook_entity', 'workflow.id = webhook_entity.workflowId')
|
||||
.execute()) as Array<{ id: string; name: string }>;
|
||||
const webhooks = await this.workflowRepository.findWebhookBasedActiveWorkflows();
|
||||
|
||||
const activationErrors = await this.activeWorkflowRunner.getAllWorkflowActivationErrors();
|
||||
|
||||
|
|
|
@ -5,7 +5,6 @@ import { StatisticsNames } from '@db/entities/WorkflowStatistics';
|
|||
import { SharedWorkflowRepository } from '@db/repositories/sharedWorkflow.repository';
|
||||
import { WorkflowStatisticsRepository } from '@db/repositories/workflowStatistics.repository';
|
||||
import { ExecutionRequest } from '@/requests';
|
||||
import { whereClause } from '@/UserManagement/UserManagementHelper';
|
||||
import type { IWorkflowStatisticsDataLoaded } from '@/Interfaces';
|
||||
import { Logger } from '@/Logger';
|
||||
import { NotFoundError } from '@/errors/response-errors/not-found.error';
|
||||
|
@ -33,17 +32,10 @@ export class WorkflowStatisticsController {
|
|||
async hasWorkflowAccess(req: ExecutionRequest.Get, res: Response, next: NextFunction) {
|
||||
const { user } = req;
|
||||
const workflowId = req.params.id;
|
||||
const allowed = await this.sharedWorkflowRepository.exist({
|
||||
relations: ['workflow'],
|
||||
where: whereClause({
|
||||
user,
|
||||
globalScope: 'workflow:read',
|
||||
entityType: 'workflow',
|
||||
entityId: workflowId,
|
||||
}),
|
||||
});
|
||||
|
||||
if (allowed) {
|
||||
const hasAccess = await this.sharedWorkflowRepository.hasAccess(workflowId, user);
|
||||
|
||||
if (hasAccess) {
|
||||
next();
|
||||
} else {
|
||||
this.logger.verbose('User attempted to read a workflow without permissions', {
|
||||
|
|
|
@ -8,8 +8,7 @@ import type {
|
|||
} from 'n8n-workflow';
|
||||
import { CREDENTIAL_EMPTY_VALUE, deepCopy, NodeHelpers } from 'n8n-workflow';
|
||||
import { Container } from 'typedi';
|
||||
import type { FindManyOptions, FindOptionsWhere } from 'typeorm';
|
||||
import { In, Like } from 'typeorm';
|
||||
import type { FindOptionsWhere } from 'typeorm';
|
||||
|
||||
import type { Scope } from '@n8n/permissions';
|
||||
|
||||
|
@ -42,97 +41,35 @@ export class CredentialsService {
|
|||
});
|
||||
}
|
||||
|
||||
private static toFindManyOptions(listQueryOptions?: ListQuery.Options) {
|
||||
const findManyOptions: FindManyOptions<CredentialsEntity> = {};
|
||||
|
||||
type Select = Array<keyof CredentialsEntity>;
|
||||
|
||||
const defaultRelations = ['shared', 'shared.role', 'shared.user'];
|
||||
const defaultSelect: Select = ['id', 'name', 'type', 'nodesAccess', 'createdAt', 'updatedAt'];
|
||||
|
||||
if (!listQueryOptions) return { select: defaultSelect, relations: defaultRelations };
|
||||
|
||||
const { filter, select, take, skip } = listQueryOptions;
|
||||
|
||||
if (typeof filter?.name === 'string' && filter?.name !== '') {
|
||||
filter.name = Like(`%${filter.name}%`);
|
||||
}
|
||||
|
||||
if (typeof filter?.type === 'string' && filter?.type !== '') {
|
||||
filter.type = Like(`%${filter.type}%`);
|
||||
}
|
||||
|
||||
if (filter) findManyOptions.where = filter;
|
||||
if (select) findManyOptions.select = select;
|
||||
if (take) findManyOptions.take = take;
|
||||
if (skip) findManyOptions.skip = skip;
|
||||
|
||||
if (take && select && !select?.id) {
|
||||
findManyOptions.select = { ...findManyOptions.select, id: true }; // pagination requires id
|
||||
}
|
||||
|
||||
if (!findManyOptions.select) {
|
||||
findManyOptions.select = defaultSelect;
|
||||
findManyOptions.relations = defaultRelations;
|
||||
}
|
||||
|
||||
return findManyOptions;
|
||||
}
|
||||
|
||||
static async getMany(
|
||||
user: User,
|
||||
options: { listQueryOptions?: ListQuery.Options; onlyOwn?: boolean } = {},
|
||||
) {
|
||||
const findManyOptions = this.toFindManyOptions(options.listQueryOptions);
|
||||
|
||||
const returnAll = user.hasGlobalScope('credential:list') && !options.onlyOwn;
|
||||
const isDefaultSelect = !options.listQueryOptions?.select;
|
||||
|
||||
if (returnAll) {
|
||||
const credentials = await Container.get(CredentialsRepository).find(findManyOptions);
|
||||
const credentials = await Container.get(CredentialsRepository).findMany(
|
||||
options.listQueryOptions,
|
||||
);
|
||||
|
||||
return isDefaultSelect
|
||||
? credentials.map((c) => Container.get(OwnershipService).addOwnedByAndSharedWith(c))
|
||||
: credentials;
|
||||
}
|
||||
|
||||
const ids = await this.getAccessibleCredentials(user.id);
|
||||
const ids = await Container.get(SharedCredentialsRepository).getAccessibleCredentials(user.id);
|
||||
|
||||
const credentials = await Container.get(CredentialsRepository).find({
|
||||
...findManyOptions,
|
||||
where: { ...findManyOptions.where, id: In(ids) }, // only accessible credentials
|
||||
});
|
||||
const credentials = await Container.get(CredentialsRepository).findMany(
|
||||
options.listQueryOptions,
|
||||
ids, // only accessible credentials
|
||||
);
|
||||
|
||||
return isDefaultSelect
|
||||
? credentials.map((c) => Container.get(OwnershipService).addOwnedByAndSharedWith(c))
|
||||
: credentials;
|
||||
}
|
||||
|
||||
/**
|
||||
* Get the IDs of all credentials owned by or shared with a user.
|
||||
*/
|
||||
private static async getAccessibleCredentials(userId: string) {
|
||||
const sharings = await Container.get(SharedCredentialsRepository).find({
|
||||
relations: ['role'],
|
||||
where: {
|
||||
userId,
|
||||
role: { name: In(['owner', 'user']), scope: 'credential' },
|
||||
},
|
||||
});
|
||||
|
||||
return sharings.map((s) => s.credentialsId);
|
||||
}
|
||||
|
||||
static async getManyByIds(ids: string[], { withSharings } = { withSharings: false }) {
|
||||
const options: FindManyOptions<CredentialsEntity> = { where: { id: In(ids) } };
|
||||
|
||||
if (withSharings) {
|
||||
options.relations = ['shared', 'shared.user', 'shared.role'];
|
||||
}
|
||||
|
||||
return Container.get(CredentialsRepository).find(options);
|
||||
}
|
||||
|
||||
/**
|
||||
* Retrieve the sharing that matches a user and a credential.
|
||||
*/
|
||||
|
|
|
@ -1,16 +1,9 @@
|
|||
import { Service } from 'typedi';
|
||||
import {
|
||||
DataSource,
|
||||
In,
|
||||
Not,
|
||||
Repository,
|
||||
type DeleteResult,
|
||||
type EntityManager,
|
||||
type FindOptionsWhere,
|
||||
Like,
|
||||
} from 'typeorm';
|
||||
import { DataSource, In, Not, Repository, Like } from 'typeorm';
|
||||
import type { FindManyOptions, DeleteResult, EntityManager, FindOptionsWhere } from 'typeorm';
|
||||
import { CredentialsEntity } from '../entities/CredentialsEntity';
|
||||
import { SharedCredentials } from '../entities/SharedCredentials';
|
||||
import type { ListQuery } from '@/requests';
|
||||
|
||||
@Service()
|
||||
export class CredentialsRepository extends Repository<CredentialsEntity> {
|
||||
|
@ -36,4 +29,61 @@ export class CredentialsRepository extends Repository<CredentialsEntity> {
|
|||
where: { name: Like(`${credentialName}%`) },
|
||||
});
|
||||
}
|
||||
|
||||
async findMany(listQueryOptions?: ListQuery.Options, credentialIds?: string[]) {
|
||||
const findManyOptions = this.toFindManyOptions(listQueryOptions);
|
||||
|
||||
if (credentialIds) {
|
||||
findManyOptions.where = { ...findManyOptions.where, id: In(credentialIds) };
|
||||
}
|
||||
|
||||
return this.find(findManyOptions);
|
||||
}
|
||||
|
||||
private toFindManyOptions(listQueryOptions?: ListQuery.Options) {
|
||||
const findManyOptions: FindManyOptions<CredentialsEntity> = {};
|
||||
|
||||
type Select = Array<keyof CredentialsEntity>;
|
||||
|
||||
const defaultRelations = ['shared', 'shared.role', 'shared.user'];
|
||||
const defaultSelect: Select = ['id', 'name', 'type', 'nodesAccess', 'createdAt', 'updatedAt'];
|
||||
|
||||
if (!listQueryOptions) return { select: defaultSelect, relations: defaultRelations };
|
||||
|
||||
const { filter, select, take, skip } = listQueryOptions;
|
||||
|
||||
if (typeof filter?.name === 'string' && filter?.name !== '') {
|
||||
filter.name = Like(`%${filter.name}%`);
|
||||
}
|
||||
|
||||
if (typeof filter?.type === 'string' && filter?.type !== '') {
|
||||
filter.type = Like(`%${filter.type}%`);
|
||||
}
|
||||
|
||||
if (filter) findManyOptions.where = filter;
|
||||
if (select) findManyOptions.select = select;
|
||||
if (take) findManyOptions.take = take;
|
||||
if (skip) findManyOptions.skip = skip;
|
||||
|
||||
if (take && select && !select?.id) {
|
||||
findManyOptions.select = { ...findManyOptions.select, id: true }; // pagination requires id
|
||||
}
|
||||
|
||||
if (!findManyOptions.select) {
|
||||
findManyOptions.select = defaultSelect;
|
||||
findManyOptions.relations = defaultRelations;
|
||||
}
|
||||
|
||||
return findManyOptions;
|
||||
}
|
||||
|
||||
async getManyByIds(ids: string[], { withSharings } = { withSharings: false }) {
|
||||
const findManyOptions: FindManyOptions<CredentialsEntity> = { where: { id: In(ids) } };
|
||||
|
||||
if (withSharings) {
|
||||
findManyOptions.relations = ['shared', 'shared.user', 'shared.role'];
|
||||
}
|
||||
|
||||
return this.find(findManyOptions);
|
||||
}
|
||||
}
|
||||
|
|
|
@ -187,17 +187,17 @@ export class ExecutionRepository extends Repository<ExecutionEntity> {
|
|||
where?: FindOptionsWhere<ExecutionEntity>;
|
||||
},
|
||||
): Promise<IExecutionFlattedDb | IExecutionResponse | IExecutionBase | undefined> {
|
||||
const whereClause: FindOneOptions<ExecutionEntity> = {
|
||||
const findOptions: FindOneOptions<ExecutionEntity> = {
|
||||
where: {
|
||||
id,
|
||||
...options?.where,
|
||||
},
|
||||
};
|
||||
if (options?.includeData) {
|
||||
whereClause.relations = ['executionData'];
|
||||
findOptions.relations = ['executionData'];
|
||||
}
|
||||
|
||||
const execution = await this.findOne(whereClause);
|
||||
const execution = await this.findOne(findOptions);
|
||||
|
||||
if (!execution) {
|
||||
return undefined;
|
||||
|
|
|
@ -1,7 +1,8 @@
|
|||
import { Service } from 'typedi';
|
||||
import { DataSource, In, Repository } from 'typeorm';
|
||||
import { DataSource, In, Not, Repository } from 'typeorm';
|
||||
import { SharedCredentials } from '../entities/SharedCredentials';
|
||||
import type { User } from '../entities/User';
|
||||
import type { Role } from '../entities/Role';
|
||||
|
||||
@Service()
|
||||
export class SharedCredentialsRepository extends Repository<SharedCredentials> {
|
||||
|
@ -30,4 +31,23 @@ export class SharedCredentialsRepository extends Repository<SharedCredentials> {
|
|||
},
|
||||
});
|
||||
}
|
||||
|
||||
async makeOwnerOfAllCredentials(user: User, role: Role) {
|
||||
return this.update({ userId: Not(user.id), roleId: role.id }, { user });
|
||||
}
|
||||
|
||||
/**
|
||||
* Get the IDs of all credentials owned by or shared with a user.
|
||||
*/
|
||||
async getAccessibleCredentials(userId: string) {
|
||||
const sharings = await this.find({
|
||||
relations: ['role'],
|
||||
where: {
|
||||
userId,
|
||||
role: { name: In(['owner', 'user']), scope: 'credential' },
|
||||
},
|
||||
});
|
||||
|
||||
return sharings.map((s) => s.credentialsId);
|
||||
}
|
||||
}
|
||||
|
|
|
@ -1,7 +1,9 @@
|
|||
import { Service } from 'typedi';
|
||||
import { DataSource, type FindOptionsWhere, Repository, In } from 'typeorm';
|
||||
import { DataSource, type FindOptionsWhere, Repository, In, Not } from 'typeorm';
|
||||
import { SharedWorkflow } from '../entities/SharedWorkflow';
|
||||
import { type User } from '../entities/User';
|
||||
import type { Scope } from '@n8n/permissions';
|
||||
import type { Role } from '../entities/Role';
|
||||
|
||||
@Service()
|
||||
export class SharedWorkflowRepository extends Repository<SharedWorkflow> {
|
||||
|
@ -41,4 +43,33 @@ export class SharedWorkflowRepository extends Repository<SharedWorkflow> {
|
|||
},
|
||||
});
|
||||
}
|
||||
|
||||
async findSharing(
|
||||
workflowId: string,
|
||||
user: User,
|
||||
scope: Scope,
|
||||
{ roles, extraRelations }: { roles?: string[]; extraRelations?: string[] } = {},
|
||||
) {
|
||||
const where: FindOptionsWhere<SharedWorkflow> = {
|
||||
workflow: { id: workflowId },
|
||||
};
|
||||
|
||||
if (!user.hasGlobalScope(scope)) {
|
||||
where.user = { id: user.id };
|
||||
}
|
||||
|
||||
if (roles) {
|
||||
where.role = { name: In(roles) };
|
||||
}
|
||||
|
||||
const relations = ['workflow', 'role'];
|
||||
|
||||
if (extraRelations) relations.push(...extraRelations);
|
||||
|
||||
return this.findOne({ relations, where });
|
||||
}
|
||||
|
||||
async makeOwnerOfAllWorkflows(user: User, role: Role) {
|
||||
return this.update({ userId: Not(user.id), roleId: role.id }, { user });
|
||||
}
|
||||
}
|
||||
|
|
|
@ -1,5 +1,5 @@
|
|||
import { Service } from 'typedi';
|
||||
import { DataSource, In, Repository } from 'typeorm';
|
||||
import { DataSource, In, Not, Repository } from 'typeorm';
|
||||
import { User } from '../entities/User';
|
||||
|
||||
@Service()
|
||||
|
@ -14,4 +14,8 @@ export class UserRepository extends Repository<User> {
|
|||
relations: ['globalRole'],
|
||||
});
|
||||
}
|
||||
|
||||
async deleteAllExcept(user: User) {
|
||||
await this.delete({ id: Not(user.id) });
|
||||
}
|
||||
}
|
||||
|
|
|
@ -17,6 +17,7 @@ import { isStringArray } from '@/utils';
|
|||
import config from '@/config';
|
||||
import { WorkflowEntity } from '../entities/WorkflowEntity';
|
||||
import { SharedWorkflow } from '../entities/SharedWorkflow';
|
||||
import { WebhookEntity } from '../entities/WebhookEntity';
|
||||
|
||||
@Service()
|
||||
export class WorkflowRepository extends Repository<WorkflowEntity> {
|
||||
|
@ -183,4 +184,18 @@ export class WorkflowRepository extends Repository<WorkflowEntity> {
|
|||
where: { name: Like(`${workflowName}%`) },
|
||||
});
|
||||
}
|
||||
|
||||
async findIn(workflowIds: string[]) {
|
||||
return this.find({
|
||||
select: ['id', 'name'],
|
||||
where: { id: In(workflowIds) },
|
||||
});
|
||||
}
|
||||
|
||||
async findWebhookBasedActiveWorkflows() {
|
||||
return this.createQueryBuilder('workflow')
|
||||
.select('DISTINCT workflow.id, workflow.name')
|
||||
.innerJoin(WebhookEntity, 'webhook_entity', 'workflow.id = webhook_entity.workflowId')
|
||||
.execute() as Promise<Array<{ id: string; name: string }>>;
|
||||
}
|
||||
}
|
||||
|
|
|
@ -18,6 +18,7 @@ import { SharedWorkflowRepository } from '@db/repositories/sharedWorkflow.reposi
|
|||
import { BadRequestError } from '@/errors/response-errors/bad-request.error';
|
||||
import { NotFoundError } from '@/errors/response-errors/not-found.error';
|
||||
import { WorkflowRepository } from '@/databases/repositories/workflow.repository';
|
||||
import { CredentialsRepository } from '@/databases/repositories/credentials.repository';
|
||||
|
||||
@Service()
|
||||
export class EnterpriseWorkflowService {
|
||||
|
@ -27,6 +28,7 @@ export class EnterpriseWorkflowService {
|
|||
private readonly roleService: RoleService,
|
||||
private readonly sharedWorkflowRepository: SharedWorkflowRepository,
|
||||
private readonly workflowRepository: WorkflowRepository,
|
||||
private readonly credentialsRepository: CredentialsRepository,
|
||||
) {}
|
||||
|
||||
async isOwned(
|
||||
|
@ -111,7 +113,7 @@ export class EnterpriseWorkflowService {
|
|||
credentialIdsUsedByWorkflow.add(credential.id);
|
||||
});
|
||||
});
|
||||
const workflowCredentials = await CredentialsService.getManyByIds(
|
||||
const workflowCredentials = await this.credentialsRepository.getManyByIds(
|
||||
Array.from(credentialIdsUsedByWorkflow),
|
||||
{ withSharings: true },
|
||||
);
|
||||
|
|
|
@ -20,7 +20,6 @@ import { NodeTypes } from '@/NodeTypes';
|
|||
import { WorkflowRunner } from '@/WorkflowRunner';
|
||||
import * as WorkflowExecuteAdditionalData from '@/WorkflowExecuteAdditionalData';
|
||||
import { TestWebhooks } from '@/TestWebhooks';
|
||||
import { whereClause } from '@/UserManagement/UserManagementHelper';
|
||||
import { InternalHooks } from '@/InternalHooks';
|
||||
import { WorkflowRepository } from '@db/repositories/workflow.repository';
|
||||
import { OwnershipService } from '@/services/ownership.service';
|
||||
|
@ -137,16 +136,12 @@ export class WorkflowService {
|
|||
forceSave?: boolean,
|
||||
roles?: string[],
|
||||
): Promise<WorkflowEntity> {
|
||||
const shared = await this.sharedWorkflowRepository.findOne({
|
||||
relations: ['workflow', 'role'],
|
||||
where: whereClause({
|
||||
const shared = await this.sharedWorkflowRepository.findSharing(
|
||||
workflowId,
|
||||
user,
|
||||
globalScope: 'workflow:update',
|
||||
entityType: 'workflow',
|
||||
entityId: workflowId,
|
||||
roles,
|
||||
}),
|
||||
});
|
||||
'workflow:update',
|
||||
{ roles },
|
||||
);
|
||||
|
||||
if (!shared) {
|
||||
this.logger.verbose('User attempted to update a workflow without permissions', {
|
||||
|
@ -403,16 +398,12 @@ export class WorkflowService {
|
|||
async delete(user: User, workflowId: string): Promise<WorkflowEntity | undefined> {
|
||||
await this.externalHooks.run('workflow.delete', [workflowId]);
|
||||
|
||||
const sharedWorkflow = await this.sharedWorkflowRepository.findOne({
|
||||
relations: ['workflow', 'role'],
|
||||
where: whereClause({
|
||||
const sharedWorkflow = await this.sharedWorkflowRepository.findSharing(
|
||||
workflowId,
|
||||
user,
|
||||
globalScope: 'workflow:delete',
|
||||
entityType: 'workflow',
|
||||
entityId: workflowId,
|
||||
roles: ['owner'],
|
||||
}),
|
||||
});
|
||||
'workflow:delete',
|
||||
{ roles: ['owner'] },
|
||||
);
|
||||
|
||||
if (!sharedWorkflow) {
|
||||
return;
|
||||
|
|
|
@ -16,7 +16,6 @@ import type { ListQuery, WorkflowRequest } from '@/requests';
|
|||
import { isBelowOnboardingThreshold } from '@/WorkflowHelpers';
|
||||
import { EEWorkflowController } from './workflows.controller.ee';
|
||||
import { WorkflowService } from './workflow.service';
|
||||
import { whereClause } from '@/UserManagement/UserManagementHelper';
|
||||
import { Container } from 'typedi';
|
||||
import { InternalHooks } from '@/InternalHooks';
|
||||
import { RoleService } from '@/services/role.service';
|
||||
|
@ -196,22 +195,14 @@ workflowsController.get(
|
|||
ResponseHelper.send(async (req: WorkflowRequest.Get) => {
|
||||
const { id: workflowId } = req.params;
|
||||
|
||||
let relations = ['workflow', 'workflow.tags', 'role'];
|
||||
const extraRelations = config.getEnv('workflowTagsDisabled') ? [] : ['workflow.tags'];
|
||||
|
||||
if (config.getEnv('workflowTagsDisabled')) {
|
||||
relations = relations.filter((relation) => relation !== 'workflow.tags');
|
||||
}
|
||||
|
||||
const shared = await Container.get(SharedWorkflowRepository).findOne({
|
||||
relations,
|
||||
where: whereClause({
|
||||
user: req.user,
|
||||
entityType: 'workflow',
|
||||
globalScope: 'workflow:read',
|
||||
entityId: workflowId,
|
||||
roles: ['owner'],
|
||||
}),
|
||||
});
|
||||
const shared = await Container.get(SharedWorkflowRepository).findSharing(
|
||||
workflowId,
|
||||
req.user,
|
||||
'workflow:read',
|
||||
{ extraRelations },
|
||||
);
|
||||
|
||||
if (!shared) {
|
||||
Container.get(Logger).verbose('User attempted to access a workflow without permissions', {
|
||||
|
|
|
@ -31,19 +31,11 @@ describe('DebugController', () => {
|
|||
const instanceId = 'main-71JdWtq306epIFki';
|
||||
const leaderKey = 'some-leader-key';
|
||||
|
||||
const createQueryBuilder = {
|
||||
select: () => createQueryBuilder,
|
||||
innerJoin: () => createQueryBuilder,
|
||||
execute: () => webhooks,
|
||||
};
|
||||
|
||||
workflowRepository.find.mockResolvedValue(triggersAndPollers);
|
||||
workflowRepository.findIn.mockResolvedValue(triggersAndPollers);
|
||||
workflowRepository.findWebhookBasedActiveWorkflows.mockResolvedValue(webhooks);
|
||||
activeWorkflowRunner.allActiveInMemory.mockReturnValue([workflowId]);
|
||||
activeWorkflowRunner.getAllWorkflowActivationErrors.mockResolvedValue(activationErrors);
|
||||
|
||||
jest
|
||||
.spyOn(workflowRepository, 'createQueryBuilder')
|
||||
.mockImplementation(() => createQueryBuilder);
|
||||
jest.spyOn(MultiMainSetup.prototype, 'instanceId', 'get').mockReturnValue(instanceId);
|
||||
jest.spyOn(MultiMainSetup.prototype, 'fetchLeaderKey').mockResolvedValue(leaderKey);
|
||||
jest.spyOn(MultiMainSetup.prototype, 'isLeader', 'get').mockReturnValue(true);
|
||||
|
|
Loading…
Reference in a new issue