fix(API): PUT /credentials/:id should move the specified credential, not the first one in the database (#11365)

This commit is contained in:
Danny Martini 2024-10-23 14:21:11 +02:00 committed by GitHub
parent 5d0e0e0889
commit e6b2f8e7e6
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
3 changed files with 42 additions and 7 deletions

View file

@ -140,11 +140,7 @@ export declare namespace CredentialRequest {
type Delete = AuthenticatedRequest<{ id: string }, {}, {}, Record<string, string>>; type Delete = AuthenticatedRequest<{ id: string }, {}, {}, Record<string, string>>;
type Transfer = AuthenticatedRequest< type Transfer = AuthenticatedRequest<{ id: string }, {}, { destinationProjectId: string }>;
{ workflowId: string },
{},
{ destinationProjectId: string }
>;
} }
export type OperationID = 'getUsers' | 'getUser'; export type OperationID = 'getUsers' | 'getUser';

View file

@ -53,7 +53,7 @@ export = {
await Container.get(EnterpriseCredentialsService).transferOne( await Container.get(EnterpriseCredentialsService).transferOne(
req.user, req.user,
req.params.workflowId, req.params.id,
body.destinationProjectId, body.destinationProjectId,
); );

View file

@ -6,7 +6,11 @@ import { CredentialsRepository } from '@/databases/repositories/credentials.repo
import { SharedCredentialsRepository } from '@/databases/repositories/shared-credentials.repository'; import { SharedCredentialsRepository } from '@/databases/repositories/shared-credentials.repository';
import { createTeamProject } from '@test-integration/db/projects'; import { createTeamProject } from '@test-integration/db/projects';
import { affixRoleToSaveCredential, createCredentials } from '../shared/db/credentials'; import {
affixRoleToSaveCredential,
createCredentials,
getCredentialSharings,
} from '../shared/db/credentials';
import { createMemberWithApiKey, createOwnerWithApiKey } from '../shared/db/users'; import { createMemberWithApiKey, createOwnerWithApiKey } from '../shared/db/users';
import { randomName } from '../shared/random'; import { randomName } from '../shared/random';
import * as testDb from '../shared/test-db'; import * as testDb from '../shared/test-db';
@ -282,6 +286,41 @@ describe('PUT /credentials/:id/transfer', () => {
expect(response.statusCode).toBe(204); expect(response.statusCode).toBe(204);
}); });
test('should transfer the right credential, not the first one it finds', async () => {
// ARRANGE
const [firstProject, secondProject] = await Promise.all([
createTeamProject('first-project', owner),
createTeamProject('second-project', owner),
]);
const [firstCredential, secondCredential] = await Promise.all([
createCredentials({ name: 'Test', type: 'test', data: '' }, firstProject),
createCredentials({ name: 'Test', type: 'test', data: '' }, firstProject),
]);
// ACT
const response = await authOwnerAgent.put(`/credentials/${secondCredential.id}/transfer`).send({
destinationProjectId: secondProject.id,
});
// ASSERT
expect(response.statusCode).toBe(204);
{
// second credential was moved
const sharings = await getCredentialSharings(secondCredential);
expect(sharings).toHaveLength(1);
expect(sharings[0]).toMatchObject({ projectId: secondProject.id });
}
{
// first credential was untouched
const sharings = await getCredentialSharings(firstCredential);
expect(sharings).toHaveLength(1);
expect(sharings[0]).toMatchObject({ projectId: firstProject.id });
}
});
test('if no destination project, should reject', async () => { test('if no destination project, should reject', async () => {
/** /**
* Arrange * Arrange