Commit graph

224 commits

Author SHA1 Message Date
Iván Ovejero c2f4d7d796
fix(core): Fix isLeader check in WaitTracker constructor (#9100) 2024-04-09 15:50:10 +02:00
कारतोफ्फेलस्क्रिप्ट™ 28261047c3
feat(core): Prevent session hijacking (#9057) 2024-04-09 11:20:35 +02:00
Iván Ovejero 7bf0f900f1
fix(core): Remove binary data when deleting executions by filter (#9056) 2024-04-05 18:00:35 +02:00
Iván Ovejero ff81de3313
fix(core): Ensure TTL safeguard for test webhooks applies only to multi-main setup (#9062) 2024-04-05 14:15:49 +02:00
कारतोफ्फेलस्क्रिप्ट™ ff77ef4b62
ci: Delete some duplicate code in cli tests (no-changelog) (#9049) 2024-04-05 13:47:49 +02:00
Iván Ovejero b8ab049932
refactor(core, editor): Remove legacy nodesAccess (no-changelog) (#9016) 2024-04-05 13:17:34 +02:00
Iván Ovejero 217b07d735
fix(core): Ensure only leader handles waiting executions (#9014) 2024-04-04 13:28:20 +02:00
कारतोफ्फेलस्क्रिप्ट™ 072c3db97d
refactor(core): Rename push sessionId to pushRef (#8905) 2024-04-03 13:43:14 +02:00
कारतोफ्फेलस्क्रिप्ट™ a6446fe057 feat(core): Rate-limit login endpoint to mitigate brute force password guessing attacks (#9028) 2024-04-03 12:15:19 +02:00
Iván Ovejero 079a1147d4
fix(core): Ensure the generic OAuth2 API credential uses the OAuth2 credential test (#8941) 2024-03-21 13:49:34 +01:00
Alex Grozav 948c383999
feat: Add AI Error Debugging using OpenAI (#8805) 2024-03-13 16:48:00 +02:00
Danny Martini 11173a0114
fix: Ignore semver range when upgrading comunity packages (#8863) 2024-03-11 17:12:20 +00:00
Omar Ajoue c6f6254c0e
fix: Always register webhooks on startup (#8830) 2024-03-07 09:25:12 +00:00
कारतोफ्फेलस्क्रिप्ट™ 0818824a72
feat(core)!: Set the secure flag on issued cookies (#8812) 2024-03-05 18:57:41 +01:00
कारतोफ्फेलस्क्रिप्ट™ 2b0e14e936
fix(core): Refactor push sessionid validation, and add unit tests (no-changelog) (#8815) 2024-03-05 18:57:29 +01:00
कारतोफ्फेलस्क्रिप्ट™ cdec7c9334
feat(core): Update hashing strategy for JWTs (#8810) 2024-03-05 15:06:29 +01:00
कारतोफ्फेलस्क्रिप्ट™ d1b48ddcac
fix(core): Remove sensitive data from User entity during serialization (no-changelog) (#8773) 2024-02-29 14:20:39 +01:00
कारतोफ्फेलस्क्रिप्ट™ db4a419c8d
refactor(core): Enforce authorization by default on all routes (no-changelog) (#8762) 2024-02-28 17:02:18 +01:00
कारतोफ्फेलस्क्रिप्ट™ 56c8791aff
refactor(core): Remove all legacy auth middleware code (no-changelog) (#8755) 2024-02-28 13:12:28 +01:00
Jan Oberhauser a29b41ec55
fix(core): Fix pairedItem issue with partial manual executions (#8575)
Co-authored-by: Danny Martini <danny@n8n.io>
Co-authored-by: कारतोफ्फेलस्क्रिप्ट™ <aditya@netroy.in>
2024-02-23 11:43:08 +01:00
कारतोफ्फेलस्क्रिप्ट™ 059d281fd1
feat(core): Move execution permission checks earlier in the lifecycle (#8677) 2024-02-21 14:47:02 +01:00
Tomi Turtiainen 05e13a68ea
fix: Fix typeorm .save usage (no-changelog) (#8678) 2024-02-20 17:34:54 +02:00
Omar Ajoue 7501ad8f3c
feat: Add support for AI log streaming (#8526)
Co-authored-by: Oleg Ivaniv <me@olegivaniv.com>
2024-02-09 09:41:01 +00:00
कारतोफ्फेलस्क्रिप्ट™ 8e392cfc1d
feat(core): Migrate to n8n's typeorm fork (#8590) 2024-02-08 15:13:29 +01:00
Iván Ovejero dc068ce2e6
build: Fix outdated import to fix build (no-changelog) (#8558) 2024-02-06 10:45:30 +01:00
Iván Ovejero c4e39451db
refactor(core): Continue breaking dependency cycles (no-changelog) (#8545) 2024-02-06 10:08:46 +01:00
कारतोफ्फेलस्क्रिप्ट™ 5832d3ca46
fix(core): Fix PermissionChecker.check, and add additional unit tests (#8528) 2024-02-02 12:21:53 +01:00
कारतोफ्फेलस्क्रिप्ट™ d2d0ae6c5d
ci: Fix DB tests (no-changelog) (#8513) 2024-01-31 17:36:50 +01:00
कारतोफ्फेलस्क्रिप्ट™ 839dd96c7d
refactor(core): Move all code related to onServerStarted into InternalHooks (no-changelog) (#8500) 2024-01-31 13:29:17 +01:00
कारतोफ्फेलस्क्रिप्ट™ 121a55b691
feat(core): Remove own execution-process mode (#8490) 2024-01-30 12:51:40 +01:00
Iván Ovejero 9e93980957
fix(core): Prevent calling internal hook email event if emailing is disabled (#8462)
Co-authored-by: कारतोफ्फेलस्क्रिप्ट™ <aditya@netroy.in>
2024-01-29 16:15:30 +01:00
कारतोफ्फेलस्क्रिप्ट™ c70fa66e76
refactor(core): Use DI for WorkflowRunner (no-changelog) (#8372) 2024-01-26 13:49:39 +01:00
कारतोफ्फेलस्क्रिप्ट™ 7c49004018
refactor(core): Use DI for eventBus code - Part 1 (no-changelog) (#8434) 2024-01-26 12:21:15 +01:00
कारतोफ्फेलस्क्रिप्ट™ d6deceacde
refactor(core): Remove roleId indirection (no-changelog) (#8413) 2024-01-24 13:38:57 +01:00
Iván Ovejero c0bc94c78f
refactor(core): Finish removing UserManagementHelper (no-changelog) (#8418) 2024-01-23 13:58:31 +01:00
Iván Ovejero 49b52c4f1d
refactor(core): Bring active executions into executions controller (no-changelog) (#8371) 2024-01-23 09:48:50 +01:00
Iván Ovejero f35d4fcbd8
refactor(core): Simplify OrchestrationService (no-changelog) (#8364) 2024-01-22 11:16:29 +01:00
Danny Martini 07e6705256
feat(core): Custom session timeout and refresh configuration (#8342) 2024-01-22 09:54:13 +01:00
Iván Ovejero 749ac2b407
fix(core): Adjust starter node priority for manual executions with pinned activators (#8386) 2024-01-19 10:18:04 +01:00
Tomi Turtiainen 9a1cc56806
fix: Set '@typescript-eslint/return-await' rule to 'always' for node code (no-changelog) (#8363)
Co-authored-by: कारतोफ्फेलस्क्रिप्ट™ <aditya@netroy.in>
2024-01-17 17:08:50 +02:00
कारतोफ्फेलस्क्रिप्ट™ 7cdbb424e3
refactor(core): Move methods from WorkflowHelpers into various workflow services (no-changelog) (#8348) 2024-01-17 10:16:13 +01:00
कारतोफ्फेलस्क्रिप्ट™ 64ceb16af6
refactor(core): Use DI in PermissionChecker (no-changelog) (#8344) 2024-01-16 14:15:29 +01:00
Omar Ajoue e1acb5911a
refactor: Make execution IDs mandatory in BE (#8299)
Co-authored-by: Iván Ovejero <ivov.src@gmail.com>
2024-01-16 09:53:17 +00:00
Iván Ovejero 0f4f472a72
refactor(core): Eliminate dead Redis code (no-changelog) (#8292) 2024-01-16 09:31:45 +01:00
Iván Ovejero 5fbd7971e0
fix(core): Account for immediate confirmation request during test webhook creation (#8329) 2024-01-16 09:17:41 +01:00
Iván Ovejero 1a0e285553
feat(core): Implement inter-main communication for test webhooks in multi-main setup (#8267) 2024-01-12 11:48:58 +01:00
Iván Ovejero 5032bf0e34
fix(core): Fix test webhook deregistration (#8247) 2024-01-09 16:02:32 +01:00
Tomi Turtiainen 3b996a7da0
feat(core): Validate shutdown handlers on startup (#8260) 2024-01-08 17:46:45 +02:00
Iván Ovejero f53c482939
perf(core): Improve caching service (#8213)
Story: https://linear.app/n8n/issue/PAY-1188

- Implement Redis hashes on the caching service, based on Micha's work
in #7747, adapted from `node-cache-manager-ioredis-yet`. Optimize
workflow ownership lookups and manual webhook lookups with Redis hashes.
- Simplify the caching service by removing all currently unused methods
and options: `enable`, `disable`, `getCache`, `keys`, `keyValues`,
`refreshFunctionEach`, `refreshFunctionMany`, `refreshTtl`, etc.
- Remove the flag `N8N_CACHE_ENABLED`. Currently some features on
`master` are broken with caching disabled, and test webhooks now rely
entirely on caching, for multi-main setup support. We originally
introduced this flag to protect against excessive memory usage, but
total cache usage is low enough that we decided to drop this setting.
Apparently this flag was also never documented.
- Overall caching service refactor: use generics, reduce branching, add
discriminants for cache kinds for better type safety, type caching
events, improve readability, remove outdated docs, etc. Also refactor
and expand caching service tests.

Follow-up to: https://github.com/n8n-io/n8n/pull/8176

---------

Co-authored-by: Michael Auerswald <michael.auerswald@gmail.com>
2024-01-05 11:52:44 +01:00
Iván Ovejero 22a5f5258d
feat(core): Cache test webhook registrations (#8176)
In a multi-main setup, we have the following issue. The user's client
connects to main A and runs a test webhook, so main A starts listening
for a webhook call. A third-party service sends a request to the test
webhook URL. The request is forwarded by the load balancer to main B,
who is not listening for this webhook call. Therefore, the webhook call
is unhandled.

To start addressing this, cache test webhook registrations, using Redis
for queue mode and in-memory for regular mode. When the third-party
service sends a request to the test webhook URL, the request is
forwarded by the load balancer to main B, who fetches test webhooks from
the cache and, if it finds a match, executes the test webhook. This
should be transparent - test webhook behavior should remain the same as
so far.

Notes:
- Test webhook timeouts are not cached. A timeout is only relevant to
the process it was created in, so another process retrieving from Redis
a "foreign" timeout will be unable to act on it. A timeout also has
circular references, so `cache-manager-ioredis-yet` is unable to
serialize it.
- In a single-main scenario, the timeout remains in the single process
and is cleared on test webhook expiration, successful execution, and
manual cancellation - all as usual.
- In a multi-main scenario, we will need to have the process who
received the webhook call send a message to the process who created the
webhook directing this originating process to clear the timeout. This
will likely be implemented via execution lifecycle hooks and Redis
channel messages checking session ID. This implementation is out of
scope for this PR and will come next.
- Additional data in test webhooks is not cached. From what I can tell,
additional data is not needed for test webhooks to be executed.
Additional data also has circular references, so
`cache-manager-ioredis-yet` is unable to serialize it.

Follow-up to: #8155
2024-01-03 16:58:33 +01:00