fix(API): PUT /credentials/:id should move the specified credential, not the first one in the database (#11365)

2024-11-12 15:44:06 -08:00 · 2024-10-23 14:21:11 +02:00 · 2024-10-23 14:21:11 +02:00 · e6b2f8e7e6
parent 5d0e0e0889
commit e6b2f8e7e6
3 changed files with 42 additions and 7 deletions
--- a/packages/cli/src/public-api/types.ts
+++ b/packages/cli/src/public-api/types.ts
@ -140,11 +140,7 @@ export declare namespace CredentialRequest {

 	type Delete = AuthenticatedRequest<{ id: string }, {}, {}, Record<string, string>>;

-	type Transfer = AuthenticatedRequest<
-		{ workflowId: string },
-		{},
-		{ destinationProjectId: string }
-	>;
+	type Transfer = AuthenticatedRequest<{ id: string }, {}, { destinationProjectId: string }>;
 }

 export type OperationID = 'getUsers' | 'getUser';
--- a/packages/cli/src/public-api/v1/handlers/credentials/credentials.handler.ts
+++ b/packages/cli/src/public-api/v1/handlers/credentials/credentials.handler.ts
@ -53,7 +53,7 @@ export = {

 			await Container.get(EnterpriseCredentialsService).transferOne(
 				req.user,
-				req.params.workflowId,
+				req.params.id,
 				body.destinationProjectId,
 			);

--- a/packages/cli/test/integration/public-api/credentials.test.ts
+++ b/packages/cli/test/integration/public-api/credentials.test.ts
@ -6,7 +6,11 @@ import { CredentialsRepository } from '@/databases/repositories/credentials.repo
 import { SharedCredentialsRepository } from '@/databases/repositories/shared-credentials.repository';
 import { createTeamProject } from '@test-integration/db/projects';

-import { affixRoleToSaveCredential, createCredentials } from '../shared/db/credentials';
+import {
+	affixRoleToSaveCredential,
+	createCredentials,
+	getCredentialSharings,
+} from '../shared/db/credentials';
 import { createMemberWithApiKey, createOwnerWithApiKey } from '../shared/db/users';
 import { randomName } from '../shared/random';
 import * as testDb from '../shared/test-db';
@ -282,6 +286,41 @@ describe('PUT /credentials/:id/transfer', () => {
 		expect(response.statusCode).toBe(204);
 	});

+	test('should transfer the right credential, not the first one it finds', async () => {
+		// ARRANGE
+		const [firstProject, secondProject] = await Promise.all([
+			createTeamProject('first-project', owner),
+			createTeamProject('second-project', owner),
+		]);
+
+		const [firstCredential, secondCredential] = await Promise.all([
+			createCredentials({ name: 'Test', type: 'test', data: '' }, firstProject),
+			createCredentials({ name: 'Test', type: 'test', data: '' }, firstProject),
+		]);
+
+		// ACT
+		const response = await authOwnerAgent.put(`/credentials/${secondCredential.id}/transfer`).send({
+			destinationProjectId: secondProject.id,
+		});
+
+		// ASSERT
+		expect(response.statusCode).toBe(204);
+
+		{
+			// second credential was moved
+			const sharings = await getCredentialSharings(secondCredential);
+			expect(sharings).toHaveLength(1);
+			expect(sharings[0]).toMatchObject({ projectId: secondProject.id });
+		}
+
+		{
+			// first credential was untouched
+			const sharings = await getCredentialSharings(firstCredential);
+			expect(sharings).toHaveLength(1);
+			expect(sharings[0]).toMatchObject({ projectId: firstProject.id });
+		}
+	});
+
 	test('if no destination project, should reject', async () => {
 		/**
 		 * Arrange