Iván Ovejero
d21ad15c1f
fix(core): Fix 431 for large dynamic node parameters ( #9384 )
2024-05-21 19:11:02 +02:00
Csaba Tuncsik
596c472ecc
feat: RBAC ( #8922 )
...
Signed-off-by: Oleg Ivaniv <me@olegivaniv.com>
Co-authored-by: Val <68596159+valya@users.noreply.github.com>
Co-authored-by: कारतोफ्फेलस्क्रिप्ट™ <aditya@netroy.in>
Co-authored-by: Valya Bullions <valya@n8n.io>
Co-authored-by: Danny Martini <danny@n8n.io>
Co-authored-by: Danny Martini <despair.blue@gmail.com>
Co-authored-by: Iván Ovejero <ivov.src@gmail.com>
Co-authored-by: Omar Ajoue <krynble@gmail.com>
Co-authored-by: oleg <me@olegivaniv.com>
Co-authored-by: Michael Kret <michael.k@radency.com>
Co-authored-by: Michael Kret <88898367+michael-radency@users.noreply.github.com>
Co-authored-by: Elias Meire <elias@meire.dev>
Co-authored-by: Giulio Andreini <andreini@netseven.it>
Co-authored-by: Giulio Andreini <g.andreini@gmail.com>
Co-authored-by: Ayato Hayashi <go12limchangyong@gmail.com>
2024-05-17 10:53:15 +02:00
कारतोफ्फेलस्क्रिप्ट™
5025d209ca
fix(core): All calls to plainToInstance
should exclude extraneous values (no-changelog) ( #9338 )
2024-05-08 15:49:41 +02:00
Iván Ovejero
7b925ab871
refactor(core): Rename ActiveWorkflowRunner
to ActiveWorkflowManager
(no-changelog) ( #9280 )
2024-05-06 17:54:05 +02:00
Iván Ovejero
7bda92cc7c
refactor(core): Use logger for packages/cli
messages (no-changelog) ( #9302 )
2024-05-03 15:24:27 +02:00
Alex Grozav
a3eea3ac5e
feat(editor): Refactor and unify executions views (no-changelog) ( #8538 )
2024-04-19 07:50:18 +02:00
Danny Martini
3eb5be5f5a
fix(core): Don't create multiple owners when importing credentials or workflows ( #9112 )
2024-04-12 17:25:59 +02:00
Iván Ovejero
a3b59843d5
refactor(core): Lint for cyclomatic complexity in BE packages (no-changelog) ( #9111 )
2024-04-10 14:02:02 +02:00
कारतोफ्फेलस्क्रिप्ट™
9403657e46
refactor(core): Remove unnecessary indirection in SAML code (no-changelog) ( #9103 )
2024-04-10 10:55:49 +02:00
कारतोफ्फेलस्क्रिप्ट™
a7108d14f9
fix(core): Some more browser-id related fixes (no-changelog) ( #9102 )
2024-04-10 10:37:23 +02:00
Iván Ovejero
0c90c7c8c1
fix(API): Accept settings.executionOrder
in workflow creation ( #9072 )
2024-04-05 17:49:14 +02:00
कारतोफ्फेलस्क्रिप्ट™
ff77ef4b62
ci: Delete some duplicate code in cli tests (no-changelog) ( #9049 )
2024-04-05 13:47:49 +02:00
Iván Ovejero
b8ab049932
refactor(core, editor): Remove legacy nodesAccess
(no-changelog) ( #9016 )
2024-04-05 13:17:34 +02:00
कारतोफ्फेलस्क्रिप्ट™
76b73a27a0
refactor(core): Delete all auth exclusion config and checks (no-changelog) ( #9044 )
2024-04-03 16:56:36 +02:00
Iván Ovejero
260bc07ca9
fix(core): Assign credential ownership correctly in source control import ( #8955 )
2024-03-26 17:18:41 +01:00
कारतोफ्फेलस्क्रिप्ट™
372d5c7d01
ci: Upgrade eslint, prettier, typescript, and some other dev tooling (no-changelog) ( #8895 )
...
Co-authored-by: Iván Ovejero <ivov.src@gmail.com>
2024-03-26 14:22:57 +01:00
Iván Ovejero
ef45da95f1
test(core): Improve coverage for ActiveWorkflowRunner
(no-changelog) ( #8946 )
2024-03-25 17:59:59 +01:00
Iván Ovejero
69807a5efb
refactor(core): Unify failed
and error
execution status (no-changelog) ( #8943 )
2024-03-25 17:52:07 +01:00
कारतोफ्फेलस्क्रिप्ट™
71f1b23771
feat(core): Update some packages to address CVE-2022-29622 (no-changelog) ( #8877 )
2024-03-13 12:47:36 +01:00
Val
0e037add71
fix: PermissionChecker integration tests (no-changelog) ( #8776 )
2024-03-05 19:18:34 +01:00
कारतोफ्फेलस्क्रिप्ट™
db4a419c8d
refactor(core): Enforce authorization by default on all routes (no-changelog) ( #8762 )
2024-02-28 17:02:18 +01:00
कारतोफ्फेलस्क्रिप्ट™
56c8791aff
refactor(core): Remove all legacy auth middleware code (no-changelog) ( #8755 )
2024-02-28 13:12:28 +01:00
Omar Ajoue
737170893d
feat: Allow instance owners and admins to edit all credentials ( #8716 )
...
Co-authored-by: Danny Martini <despair.blue@gmail.com>
2024-02-27 08:26:36 +00:00
कारतोफ्फेलस्क्रिप्ट™
059d281fd1
feat(core): Move execution permission checks earlier in the lifecycle ( #8677 )
2024-02-21 14:47:02 +01:00
कारतोफ्फेलस्क्रिप्ट™
b6c8a0c413
refactor(core): Reduce code duplication in DB config (no-changelog) ( #8679 )
2024-02-20 14:28:53 +01:00
Omar Ajoue
a743a40376
feat(API): Add tag support to public API ( #8588 )
...
Co-authored-by: Jesús Burgers <jesus.burgers@chakray.co.uk>
Co-authored-by: Jesús Burgers <43568066+jburgers-chakray@users.noreply.github.com>
2024-02-09 15:10:03 +00:00
Cornelius Suermann
cd151f1ba9
feat: Include totalUsers in usage metrics during license renewal (no-changelog) ( #8598 )
2024-02-09 14:15:05 +01:00
कारतोफ्फेलस्क्रिप्ट™
8e392cfc1d
feat(core): Migrate to n8n's typeorm fork ( #8590 )
2024-02-08 15:13:29 +01:00
कारतोफ्फेलस्क्रिप्ट™
40eee3aa49
ci(core): Avoid slow bcrypt calls in tests (no-changelog) ( #8570 )
2024-02-07 17:56:02 +01:00
Iván Ovejero
c4e39451db
refactor(core): Continue breaking dependency cycles (no-changelog) ( #8545 )
2024-02-06 10:08:46 +01:00
Iván Ovejero
dc5ec8f946
refactor(core): Streamline flows in multi-main mode (no-changelog) ( #8446 )
2024-02-05 09:26:55 +01:00
Iván Ovejero
92f939f827
fix(core): Fix workflow tagging failure due to unique constraint check ( #8505 )
2024-02-02 12:36:55 +01:00
कारतोफ्फेलस्क्रिप्ट™
5832d3ca46
fix(core): Fix PermissionChecker.check, and add additional unit tests ( #8528 )
2024-02-02 12:21:53 +01:00
Iván Ovejero
dac511b710
refactor(core): Modernize credentials controllers and services (no-changelog) ( #8488 )
...
Co-authored-by: कारतोफ्फेलस्क्रिप्ट™ <aditya@netroy.in>
2024-01-31 09:48:48 +01:00
Iván Ovejero
9e93980957
fix(core): Prevent calling internal hook email event if emailing is disabled ( #8462 )
...
Co-authored-by: कारतोफ्फेलस्क्रिप्ट™ <aditya@netroy.in>
2024-01-29 16:15:30 +01:00
Iván Ovejero
db48bdd6d1
fix(core): Handle zero execution statistics on metrics collection during license renewal ( #8463 )
2024-01-26 17:50:19 +01:00
कारतोफ्फेलस्क्रिप्ट™
c70fa66e76
refactor(core): Use DI for WorkflowRunner (no-changelog) ( #8372 )
2024-01-26 13:49:39 +01:00
कारतोफ्फेलस्क्रिप्ट™
7c49004018
refactor(core): Use DI for eventBus code - Part 1 (no-changelog) ( #8434 )
2024-01-26 12:21:15 +01:00
कारतोफ्फेलस्क्रिप्ट™
d6deceacde
refactor(core): Remove roleId indirection (no-changelog) ( #8413 )
2024-01-24 13:38:57 +01:00
Iván Ovejero
c0bc94c78f
refactor(core): Finish removing UserManagementHelper
(no-changelog) ( #8418 )
2024-01-23 13:58:31 +01:00
Iván Ovejero
a0a1830696
feat(core): Email recipients on resource shared ( #8408 )
2024-01-23 12:03:59 +01:00
Danny Martini
ae06fdeb62
fix(core): Fix update workflow cli command being unable to activate all workflows ( #8412 )
...
Co-authored-by: Daniel Schröder <daniel.schroeder@skriptfabrik.com>
2024-01-23 10:59:06 +01:00
कारतोफ्फेलस्क्रिप्ट™
913c8c6b0c
feat(core): Upgrade oclif (no-changelog) ( #8381 )
2024-01-22 18:25:36 +01:00
Cornelius Suermann
d597c2ab29
feat: Extend collection of usage metrics during license renewal (no-changelog) ( #8369 )
...
Co-authored-by: Iván Ovejero <ivov.src@gmail.com>
2024-01-22 12:29:28 +01:00
Iván Ovejero
f35d4fcbd8
refactor(core): Simplify OrchestrationService
(no-changelog) ( #8364 )
2024-01-22 11:16:29 +01:00
Tomi Turtiainen
99457019f7
feat: Nudge users to become template creators if eligible ( #8357 )
2024-01-17 19:07:34 +02:00
Tomi Turtiainen
9a1cc56806
fix: Set '@typescript-eslint/return-await' rule to 'always' for node code (no-changelog) ( #8363 )
...
Co-authored-by: कारतोफ्फेलस्क्रिप्ट™ <aditya@netroy.in>
2024-01-17 17:08:50 +02:00
Iván Ovejero
2eb829a6b4
refactor(core): Use DI in execution services (no-changelog) ( #8358 )
2024-01-17 15:42:19 +01:00
कारतोफ्फेलस्क्रिप्ट™
7cdbb424e3
refactor(core): Move methods from WorkflowHelpers into various workflow services (no-changelog) ( #8348 )
2024-01-17 10:16:13 +01:00
Iván Ovejero
7bb2d1799e
refactor(core): Consolidate executions controllers (no-changelog) ( #8349 )
2024-01-16 16:52:21 +01:00
Ricardo Espinoza
3c2a4000ae
refactor(core): Use DI for LDAP code (no-changelog) ( #8248 )
...
Co-authored-by: कारतोफ्फेलस्क्रिप्ट™ <aditya@netroy.in>
2024-01-15 09:01:48 -05:00
Iván Ovejero
1a0e285553
feat(core): Implement inter-main communication for test webhooks in multi-main setup ( #8267 )
2024-01-12 11:48:58 +01:00
Omar Ajoue
8a7c629ea1
fix: Store workflow settings when saving an execution ( #8288 )
2024-01-10 14:20:37 +00:00
Iván Ovejero
0dabe5c74e
fix: Fix user reinvites on FE and BE ( #8261 )
2024-01-09 13:52:34 +01:00
Tomi Turtiainen
8affdf680d
fix: Hide cred setup button from canvas (no-changelog) ( #8255 )
2024-01-08 13:59:04 +02:00
Iván Ovejero
90c065e999
refactor(core): Convert workflows controller to DI (no-changelog) ( #8253 )
2024-01-08 12:54:23 +01:00
Iván Ovejero
f2939568cf
perf(core): Optimize workflow activation errors ( #8242 )
...
At https://github.com/n8n-io/n8n/pull/8213 we introduced Redis hashes
for workflow ownership and manual webhooks...
- to remove clutter from multiple related keys at the top level,
- to improve performance by preventing serializing-deserializing, and
- to guarantee atomicity during concurrent updates in multi-main setup.
Workflow activation errors can also benefit from this. Added test
coverage as well.
To test manually, create a workflow with a trigger with an invalid
credential, edit the workflow's `active` column to `true`, and restart.
The activation error should show as a red triangle on canvas and in the
workflow list.
2024-01-05 13:06:42 +01:00
Iván Ovejero
f53c482939
perf(core): Improve caching service ( #8213 )
...
Story: https://linear.app/n8n/issue/PAY-1188
- Implement Redis hashes on the caching service, based on Micha's work
in #7747 , adapted from `node-cache-manager-ioredis-yet`. Optimize
workflow ownership lookups and manual webhook lookups with Redis hashes.
- Simplify the caching service by removing all currently unused methods
and options: `enable`, `disable`, `getCache`, `keys`, `keyValues`,
`refreshFunctionEach`, `refreshFunctionMany`, `refreshTtl`, etc.
- Remove the flag `N8N_CACHE_ENABLED`. Currently some features on
`master` are broken with caching disabled, and test webhooks now rely
entirely on caching, for multi-main setup support. We originally
introduced this flag to protect against excessive memory usage, but
total cache usage is low enough that we decided to drop this setting.
Apparently this flag was also never documented.
- Overall caching service refactor: use generics, reduce branching, add
discriminants for cache kinds for better type safety, type caching
events, improve readability, remove outdated docs, etc. Also refactor
and expand caching service tests.
Follow-up to: https://github.com/n8n-io/n8n/pull/8176
---------
Co-authored-by: Michael Auerswald <michael.auerswald@gmail.com>
2024-01-05 11:52:44 +01:00
कारतोफ्फेलस्क्रिप्ट™
cfe9525dd4
fix(core): Better input validation for the changeRole endpoint ( #8189 )
...
also refactored the code to
1. stop passing around `scope === 'global'`, since this code can be used
only for changing globalRole.
2. leak less details when input validation fails.
## Review / Merge checklist
- [x] PR title and summary are descriptive
- [x] Tests included
2024-01-03 09:33:35 +01:00
Iván Ovejero
ece48d6a13
refactor(core): Unify workflow controllers (no-changelog) ( #8175 )
...
Combine EE workflows controller into main workflows controller,
protecting paid functionality behind feature flag checks.
2023-12-29 14:23:58 +01:00
Iván Ovejero
e418d42450
refactor(core): Move typeorm
operators from various sources into repositories (no-changelog) ( #8174 )
...
Follow-up to: #8165
2023-12-28 13:14:10 +01:00
Iván Ovejero
2c6ffb0153
fix(core): Minor improvements to multi-main setup (no-changelog) ( #8012 )
...
- Move webhook, poller and trigger activation logs closer to activation
event
- Enrich response of `/debug/multi-main-setup`
- Ensure workflow updates broadcast activation state changes only if
state changed
- Fix bug on workflow activation after leadership change
- Ensure debug controller is not available in production
---------
Co-authored-by: Omar Ajoue <krynble@gmail.com>
2023-12-27 16:55:01 +01:00
कारतोफ्फेलस्क्रिप्ट™
f69ddcd796
refactor(core): Use Dependency Injection for all Controller classes (no-changelog) ( #8146 )
...
## Review / Merge checklist
- [x] PR title and summary are descriptive
2023-12-27 11:50:43 +01:00
कारतोफ्फेलस्क्रिप्ट™
4007163651
refactor(core): Delete unused code, and fix typings in tests (no-changelog) ( #8142 )
2023-12-22 15:41:29 +01:00
कारतोफ्फेलस्क्रिप्ट™
021add0f39
refactor(core): Move active workflows endpoints to a decorated controller class (no-changelog) ( #8101 )
...
This is a continuation of migrating all rest endpoints to decorated controller classes
2023-12-22 11:28:42 +01:00
Iván Ovejero
9ac8825a67
refactor(core): Move error execution creation to execution service (no-changelog) ( #8006 )
...
Continue breaking down legacy helpers.
Note: `getUserById` is unused.
2023-12-21 14:15:46 +01:00
Iván Ovejero
38d1336fa7
refactor: Add telemetry for RBAC (no-changelog) ( #8056 )
...
https://linear.app/n8n/issue/PAY-1142
2023-12-19 17:02:52 +01:00
कारतोफ्फेलस्क्रिप्ट™
a63d94f28c
refactor(core): Move license endpoints to a decorated controller class (no-changelog) ( #8074 )
2023-12-19 12:13:19 +01:00
Iván Ovejero
73d400a1bf
refactor(core): Inject dependencies into workflow services (no-changelog) ( #8066 )
...
Inject dependencies into workflow services (no-changelog)
Up next:
- ~~Make workflow services injectable~~ #8033
- ~~Inject dependencies into workflow services~~ (current)
- Consolidate workflow controllers into one
- Make workflow controller injectable
- Inject dependencies into workflow controller
2023-12-18 16:10:30 +01:00
Iván Ovejero
1e7a309e63
refactor(core): Make workflow services injectable (no-changelog) ( #8033 )
...
Refactor static workflow service classes into DI-compatible classes
Context: https://n8nio.slack.com/archives/C069HS026UF/p1702466571648889
Up next:
- Inject dependencies into workflow services
- Consolidate workflow controllers into one
- Make workflow controller injectable
- Inject dependencies into workflow controller
---------
Co-authored-by: कारतोफ्फेलस्क्रिप्ट™ <aditya@netroy.in>
2023-12-15 12:59:56 +01:00
Iván Ovejero
c5e6ba8cdd
fix(core): Restore workflow ID during execution creation ( #8031 )
...
## Summary
Restore workflow ID during execution creation removed by [this
PR](https://github.com/n8n-io/n8n/pull/8002/files#diff-c8cbb62ca9ab2ae45e5f565cd8c63fff6475809a6241ea0b90acc575615224af ).
The missing workflow ID, and more generally the fact that `workflow.id`
is optional when it should not be, causes `PermissionChecker.check` to
misreport a credential as inaccessible when it should be accessible.
More generally, start reporting ID-less workflows so we can root them
out and prevent this at type level.
## Related tickets and issues
https://n8nio.slack.com/archives/C035KBDA917/p1702539465555529
2023-12-14 18:13:12 +01:00
Iván Ovejero
53c0b49d15
fix(core): Initialize queue once in queue mode ( #8025 )
...
We're initializing the queue twice because of a [bad
merge](2c63474538
).
No associated known bugs but no need to init the queue twice. We should
follow up by investigating if any pending bugs can be associated to
this.
2023-12-14 16:16:12 +01:00
Iván Ovejero
7b5d0a9546
refactor(core): Introduce import service (no-changelog) ( #8001 )
...
Consolidate import logic into import service.
Also fixes:
- https://linear.app/n8n/issue/PAY-1086
- https://github.com/n8n-io/n8n/issues/7881
-
https://community.n8n.io/t/cli-workflow-imports-failing-after-upgrade-to-v1-18-0/33780
- https://linear.app/n8n/issue/PAY-221
- https://github.com/n8n-io/n8n/issues/5477
- https://community.n8n.io/t/export-workflows-with-tags-got-created/6161
2023-12-13 10:00:21 +01:00
Iván Ovejero
d0e44d450f
feat(core): Add multi-main setup debug endpoint (no-changelog) ( #7991 )
...
## Summary
Provide details about your pull request and what it adds, fixes, or
changes. Photos and videos are recommended.
Adi's idea here to help diagnose:
https://n8nio.slack.com/archives/C069KJBJ8HE/p1702300349277609?thread_ts=1702299930.728029&cid=C069KJBJ8HE
...
#### How to test the change:
1. ...
## Issues fixed
Include links to Github issue or Community forum post or **Linear
ticket**:
> Important in order to close automatically and provide context to
reviewers
...
## Review / Merge checklist
- [ ] PR title and summary are descriptive. **Remember, the title
automatically goes into the changelog. Use `(no-changelog)` otherwise.**
([conventions](https://github.com/n8n-io/n8n/blob/master/.github/pull_request_title_conventions.md ))
- [ ] [Docs updated](https://github.com/n8n-io/n8n-docs ) or follow-up
ticket created.
- [ ] Tests included.
> A bug is not considered fixed, unless a test is added to prevent it
from happening again. A feature is not complete without tests.
>
> *(internal)* You can use Slack commands to trigger [e2e
tests](https://www.notion.so/n8n/How-to-use-Test-Instances-d65f49dfc51f441ea44367fb6f67eb0a?pvs=4#a39f9e5ba64a48b58a71d81c837e8227 )
or [deploy test
instance](https://www.notion.so/n8n/How-to-use-Test-Instances-d65f49dfc51f441ea44367fb6f67eb0a?pvs=4#f6a177d32bde4b57ae2da0b8e454bfce )
or [deploy early access version on
Cloud](https://www.notion.so/n8n/Cloudbot-3dbe779836004972b7057bc989526998?pvs=4#fef2d36ab02247e1a0f65a74f6fb534e ).
2023-12-12 15:18:32 +01:00
कारतोफ्फेलस्क्रिप्ट™
1d870412ca
refactor(core): Don't use DB transactions on ExecutionRepository.createNewExecution ( #8002 )
...
Saving execution data is one of the slowest DB operations in the
application, and is likely behind some of the sqlite transaction
concurrency issues we've been seeing.
This not only remove the 2 separate transactions for saving
`ExecutionEntity` and `ExecutionData`, but also remove fields from
`ExecutionData.workflowData` that don't need to be saved (like `tags`,
`shared`, `statistics`, `triggerCount`, etc).
2023-12-12 14:36:56 +01:00
Iván Ovejero
c378f60a25
refactor(core): Introduce password utility (no-changelog) ( #7979 )
...
## Summary
Provide details about your pull request and what it adds, fixes, or
changes. Photos and videos are recommended.
Continue breaking down `UserManagementHelper.ts`
...
#### How to test the change:
1. ...
## Issues fixed
Include links to Github issue or Community forum post or **Linear
ticket**:
> Important in order to close automatically and provide context to
reviewers
...
## Review / Merge checklist
- [ ] PR title and summary are descriptive. **Remember, the title
automatically goes into the changelog. Use `(no-changelog)` otherwise.**
([conventions](https://github.com/n8n-io/n8n/blob/master/.github/pull_request_title_conventions.md ))
- [ ] [Docs updated](https://github.com/n8n-io/n8n-docs ) or follow-up
ticket created.
- [ ] Tests included.
> A bug is not considered fixed, unless a test is added to prevent it
from happening again. A feature is not complete without tests.
>
> *(internal)* You can use Slack commands to trigger [e2e
tests](https://www.notion.so/n8n/How-to-use-Test-Instances-d65f49dfc51f441ea44367fb6f67eb0a?pvs=4#a39f9e5ba64a48b58a71d81c837e8227 )
or [deploy test
instance](https://www.notion.so/n8n/How-to-use-Test-Instances-d65f49dfc51f441ea44367fb6f67eb0a?pvs=4#f6a177d32bde4b57ae2da0b8e454bfce )
or [deploy early access version on
Cloud](https://www.notion.so/n8n/Cloudbot-3dbe779836004972b7057bc989526998?pvs=4#fef2d36ab02247e1a0f65a74f6fb534e ).
2023-12-11 18:23:42 +01:00
Val
42e828d5c6
fix: Restrict updating/deleting of shared but not owned credentials ( #7950 )
...
## Summary
Fix shared members being able to edit and delete credentials they don't
own
#### How to test the change:
1. ...
## Issues fixed
Include links to Github issue or Community forum post or **Linear
ticket**:
> Important in order to close automatically and provide context to
reviewers
...
## Review / Merge checklist
- [x] PR title and summary are descriptive. **Remember, the title
automatically goes into the changelog. Use `(no-changelog)` otherwise.**
([conventions](https://github.com/n8n-io/n8n/blob/master/.github/pull_request_title_conventions.md ))
- [ ] [Docs updated](https://github.com/n8n-io/n8n-docs ) or follow-up
ticket created.
- [x] Tests included.
> A bug is not considered fixed, unless a test is added to prevent it
from happening again. A feature is not complete without tests.
>
> *(internal)* You can use Slack commands to trigger [e2e
tests](https://www.notion.so/n8n/How-to-use-Test-Instances-d65f49dfc51f441ea44367fb6f67eb0a?pvs=4#a39f9e5ba64a48b58a71d81c837e8227 )
or [deploy test
instance](https://www.notion.so/n8n/How-to-use-Test-Instances-d65f49dfc51f441ea44367fb6f67eb0a?pvs=4#f6a177d32bde4b57ae2da0b8e454bfce )
or [deploy early access version on
Cloud](https://www.notion.so/n8n/Cloudbot-3dbe779836004972b7057bc989526998?pvs=4#fef2d36ab02247e1a0f65a74f6fb534e ).
2023-12-07 10:35:40 +00:00
Ricardo Espinoza
f5502cc628
fix(core): Make sure mfa secret and recovery codes are not returned on login ( #7936 )
...
## Summary
What: Fix issue of login endpoint returning secret and recovery codes
when MFA is enabled. Bug was introduced in this
[PR](https://github.com/n8n-io/n8n/pull/6994 ), specifically in this
[line](https://github.com/n8n-io/n8n/pull/6994/files#diff-95a87cb029a3d26e6722df2e68132453fc254fc1f4540cbdaa95cfdbda1893deL91 ).
Why: We should not be filtering the secret and recovery codes
Same PR caused the issues on ticket ->
https://linear.app/n8n/issue/ADO-1494/on-user-list-copy-password-reset-link-and-copy-invite-link-are-broken
## Review / Merge checklist
- [x] PR title and summary are descriptive. **Remember, the title
automatically goes into the changelog. Use `(no-changelog)` otherwise.**
([conventions](https://github.com/n8n-io/n8n/blob/master/.github/pull_request_title_conventions.md ))
- [x] [Docs updated](https://github.com/n8n-io/n8n-docs ) or follow-up
ticket created.
- [x] Tests included.
> A bug is not considered fixed, unless a test is added to prevent it
from happening again. A feature is not complete without tests.
>
> *(internal)* You can use Slack commands to trigger [e2e
tests](https://www.notion.so/n8n/How-to-use-Test-Instances-d65f49dfc51f441ea44367fb6f67eb0a?pvs=4#a39f9e5ba64a48b58a71d81c837e8227 )
or [deploy test
instance](https://www.notion.so/n8n/How-to-use-Test-Instances-d65f49dfc51f441ea44367fb6f67eb0a?pvs=4#f6a177d32bde4b57ae2da0b8e454bfce )
or [deploy early access version on
Cloud](https://www.notion.so/n8n/Cloudbot-3dbe779836004972b7057bc989526998?pvs=4#fef2d36ab02247e1a0f65a74f6fb534e ).
2023-12-06 10:00:13 +01:00
Val
9604b87da9
fix: Return scopes on invitation accept endpoint (no-changelog) ( #7917 )
...
## Summary
Return scopes on the invitation accept endpoint. The UI uses information
until the user refreshes the pages so it's causing inconsistency for the
new admin role.
#### How to test the change:
1. ...
## Issues fixed
Include links to Github issue or Community forum post or **Linear
ticket**:
> Important in order to close automatically and provide context to
reviewers
...
## Review / Merge checklist
- [x] PR title and summary are descriptive. **Remember, the title
automatically goes into the changelog. Use `(no-changelog)` otherwise.**
([conventions](https://github.com/n8n-io/n8n/blob/master/.github/pull_request_title_conventions.md ))
- [ ] [Docs updated](https://github.com/n8n-io/n8n-docs ) or follow-up
ticket created.
- [ ] Tests included.
> A bug is not considered fixed, unless a test is added to prevent it
from happening again. A feature is not complete without tests.
>
> *(internal)* You can use Slack commands to trigger [e2e
tests](https://www.notion.so/n8n/How-to-use-Test-Instances-d65f49dfc51f441ea44367fb6f67eb0a?pvs=4#a39f9e5ba64a48b58a71d81c837e8227 )
or [deploy test
instance](https://www.notion.so/n8n/How-to-use-Test-Instances-d65f49dfc51f441ea44367fb6f67eb0a?pvs=4#f6a177d32bde4b57ae2da0b8e454bfce )
or [deploy early access version on
Cloud](https://www.notion.so/n8n/Cloudbot-3dbe779836004972b7057bc989526998?pvs=4#fef2d36ab02247e1a0f65a74f6fb534e ).
2023-12-05 11:18:41 +01:00
Iván Ovejero
38b88b946b
fix(core): Consolidate ownership and sharing data on workflows and credentials ( #7920 )
...
## Summary
Ensure `ownedBy` and `sharedWith` are present and uniform for
credentials and workflows.
Details in story: https://linear.app/n8n/issue/PAY-987
2023-12-05 10:11:18 +01:00
Iván Ovejero
29e7a98f3e
test(core): Use license mocker in RBAC tests (no-changelog) ( #7912 )
...
## Summary
Provide details about your pull request and what it adds, fixes, or
changes. Photos and videos are recommended.
...
#### How to test the change:
1. ...
## Issues fixed
Include links to Github issue or Community forum post or **Linear
ticket**:
> Important in order to close automatically and provide context to
reviewers
...
## Review / Merge checklist
- [ ] PR title and summary are descriptive. **Remember, the title
automatically goes into the changelog. Use `(no-changelog)` otherwise.**
([conventions](https://github.com/n8n-io/n8n/blob/master/.github/pull_request_title_conventions.md ))
- [ ] [Docs updated](https://github.com/n8n-io/n8n-docs ) or follow-up
ticket created.
- [ ] Tests included.
> A bug is not considered fixed, unless a test is added to prevent it
from happening again. A feature is not complete without tests.
>
> *(internal)* You can use Slack commands to trigger [e2e
tests](https://www.notion.so/n8n/How-to-use-Test-Instances-d65f49dfc51f441ea44367fb6f67eb0a?pvs=4#a39f9e5ba64a48b58a71d81c837e8227 )
or [deploy test
instance](https://www.notion.so/n8n/How-to-use-Test-Instances-d65f49dfc51f441ea44367fb6f67eb0a?pvs=4#f6a177d32bde4b57ae2da0b8e454bfce )
or [deploy early access version on
Cloud](https://www.notion.so/n8n/Cloudbot-3dbe779836004972b7057bc989526998?pvs=4#fef2d36ab02247e1a0f65a74f6fb534e ).
2023-12-04 13:56:48 +01:00
Val
5f4a9524ec
refactor(core): Add central license mock for integration tests (no-changelog) ( #7871 )
...
Github issue / Community forum post (link here to close automatically):
2023-11-30 09:23:09 +01:00
Val
cd474f1562
feat: Allow owner to share workflows/credentials they don't own (no-changelog) ( #7869 )
...
Github issue / Community forum post (link here to close automatically):
2023-11-29 16:32:27 +00:00
Val
1cb92ffe16
feat: Replace owner checks with scope checks (no-changelog) ( #7846 )
...
Github issue / Community forum post (link here to close automatically):
2023-11-29 14:48:36 +00:00
Iván Ovejero
476806ebb0
feat(core): Allow admin creation ( #7837 )
...
https://linear.app/n8n/issue/PAY-1038
2023-11-29 13:55:41 +01:00
Val
e282ea242d
fix: Return scopes on owner setup endpoint (no-changelog) ( #7860 )
...
Github issue / Community forum post (link here to close automatically):
2023-11-29 11:33:32 +00:00
Iván Ovejero
2356fb0f0c
feat(core): Set up endpoint for all existing roles with license flag ( #7834 )
...
https://linear.app/n8n/issue/PAY-1034/create-endpoint-to-list-all-existing-roles
2023-11-28 14:16:47 +01:00
Iván Ovejero
9b87a596ca
fix(core): Ensure member and admin cannot be promoted to owner ( #7830 )
...
https://linear.app/n8n/issue/PAY-985/add-user-role-modification-endpoint#comment-62355f6b
2023-11-27 17:35:58 +01:00
Val
5acb7b94c0
refactor: Refactor variables controller into a RestController (no-changelog) ( #7822 )
...
Github issue / Community forum post (link here to close automatically):
2023-11-27 12:17:09 +00:00
Iván Ovejero
75a5807c72
perf(core): Make user controller tests faster (no-changelog) ( #7819 )
...
Before: `17.949 s`
After: `3.886 s`
Followup to:
https://github.com/n8n-io/n8n/pull/7797#discussion_r1404148034
2023-11-27 11:56:06 +01:00
कारतोफ्फेलस्क्रिप्ट™
1b60cfb8f1
ci: Fix new user patching endpoint tests (no-changelog) ( #7816 )
...
user ids are uuids, and in the future we should add proper input
validation to prevent invalid user ids reaching the DB like this.
2023-11-27 09:35:09 +01:00
Iván Ovejero
7a86d36068
feat(core): Allow user role modification ( #7797 )
...
https://linear.app/n8n/issue/PAY-985
```
PATCH /users/:id/role
unauthenticated user
✓ should receive 401 (349 ms)
member
✓ should fail to demote owner to member (349 ms)
✓ should fail to demote owner to admin (359 ms)
✓ should fail to demote admin to member (381 ms)
✓ should fail to promote other member to owner (353 ms)
✓ should fail to promote other member to admin (377 ms)
✓ should fail to promote self to admin (354 ms)
✓ should fail to promote self to owner (371 ms)
admin
✓ should receive 400 on invalid payload (351 ms)
✓ should receive 404 on unknown target user (351 ms)
✓ should fail to demote owner to admin (349 ms)
✓ should fail to demote owner to member (347 ms)
✓ should fail to promote member to owner (384 ms)
✓ should fail to promote admin to owner (350 ms)
✓ should be able to demote admin to member (354 ms)
✓ should be able to demote self to member (350 ms)
✓ should be able to promote member to admin (349 ms)
owner
✓ should be able to promote member to admin (349 ms)
✓ should be able to demote admin to member (349 ms)
✓ should fail to demote self to admin (348 ms)
✓ should fail to demote self to member (354 ms)
```
2023-11-24 11:40:08 +01:00
Iván Ovejero
4c4082503c
feat(core): Coordinate manual workflow activation and deactivation in multi-main scenario ( #7643 )
...
Followup to #7566 | Story: https://linear.app/n8n/issue/PAY-926
### Manual workflow activation and deactivation
In a multi-main scenario, if the user manually activates or deactivates
a workflow, the process (whether leader or follower) that handles the
PATCH request and updates its internal state should send a message into
the command channel, so that all other main processes update their
internal state accordingly:
- Add to `ActiveWorkflows` if activating
- Remove from `ActiveWorkflows` if deactivating
- Remove and re-add to `ActiveWorkflows` if the update did not change
activation status.
After updating their internal state, if activating or deactivating, the
recipient main processes should push a message to all connected
frontends so that these can update their stores and so reflect the value
in the UI.
### Workflow activation errors
On failure to activate a workflow, the main instance should record the
error in Redis - main instances should always pull activation errors
from Redis in a multi-main scenario.
### Leadership change
On leadership change...
- The old leader should stop pruning and the new leader should start
pruning.
- The old leader should remove trigger- and poller-based workflows and
the new leader should add them.
2023-11-17 15:58:50 +01:00
Iván Ovejero
b4ebb1a28d
fix(core): Account for non-ASCII chars in filename on binary data download ( #7742 )
...
https://n8nio.sentry.io/issues/4641538638
2023-11-17 10:07:44 +01:00
Ricardo Espinoza
8e0ae3cf8c
refactor: Extract Invitation routes to InvitationController (no-changelog) ( #7726 )
...
This PR:
- Creates `InvitationController`
- Moves `POST /users` to `POST /invitations` and move related test to
`invitations.api.tests`
- Moves `POST /users/:id` to `POST /invitations/:id/accept` and move
related test to `invitations.api.tests`
- Adjusts FE to use new endpoints
- Moves all the invitation logic to the `UserService`
---------
Co-authored-by: कारतोफ्फेलस्क्रिप्ट™ <aditya@netroy.in>
2023-11-16 12:39:43 -05:00
Val
d39bb2540f
feat: Add scopes to /login endpoint (no-changelog) ( #7718 )
...
Github issue / Community forum post (link here to close automatically):
2023-11-16 11:11:55 +00:00
Ricardo Espinoza
4020c14d59
refactor: Use POST /users to re-invite users (no-changelog) ( #7714 )
2023-11-15 06:40:57 -05:00
कारतोफ्फेलस्क्रिप्ट™
3460eb5eeb
fix(core): Initialize JWT Secret before it's used anywhere ( #7707 )
...
HELP-394
2023-11-15 12:17:18 +01:00
Iván Ovejero
b2ca050031
perf(core): Lazyload security audit reporters ( #7696 )
...
Also converting to service.
Followup to https://github.com/n8n-io/n8n/pull/7663
2023-11-13 11:50:43 +01:00
Ricardo Espinoza
0ddafd2b82
test: Unify users.controller.test and users.api.test (no-changelog) ( #7658 )
...
Groundwork to be able to safely refactor and move the invitation logic
to the UserService.
Fixes ADO-1358
---------
Co-authored-by: कारतोफ्फेलस्क्रिप्ट™ <aditya@netroy.in>
2023-11-10 09:41:58 -05:00