mudhorn/n8n
1
0
Fork 0
mirror of https://github.com/n8n-io/n8n.git synced 2025-03-05 20:50:17 -08:00
Code Issues Actions Packages Projects Releases Wiki Activity
11328 commits 1276 branches 1649 tags 365 MiB
Commit graph

38 commits

Author SHA1 Message Date
Iván Ovejero aba1c64500
refactor(core): Rename EventRelay to EventService (no-changelog) (#10110) 2024-07-19 12:55:38 +02:00
Iván Ovejero 199dff4fb3
refactor(core): Decouple event bus from internal hooks (no-changelog) (#9724) 2024-06-20 12:32:22 +02:00
कारतोफ्फेलस्क्रिप्ट™ 7be616e583
feat(core): Allow customizing rate limits on a per-route basis, and add rate limiting to more endpoints (#9522) 
Co-authored-by: Omar Ajoue <krynble@gmail.com>
 2024-06-03 11:20:51 +02:00
Csaba Tuncsik 596c472ecc
feat: RBAC (#8922) 
Signed-off-by: Oleg Ivaniv <me@olegivaniv.com>
Co-authored-by: Val <68596159+valya@users.noreply.github.com>
Co-authored-by: कारतोफ्फेलस्क्रिप्ट™ <aditya@netroy.in>
Co-authored-by: Valya Bullions <valya@n8n.io>
Co-authored-by: Danny Martini <danny@n8n.io>
Co-authored-by: Danny Martini <despair.blue@gmail.com>
Co-authored-by: Iván Ovejero <ivov.src@gmail.com>
Co-authored-by: Omar Ajoue <krynble@gmail.com>
Co-authored-by: oleg <me@olegivaniv.com>
Co-authored-by: Michael Kret <michael.k@radency.com>
Co-authored-by: Michael Kret <88898367+michael-radency@users.noreply.github.com>
Co-authored-by: Elias Meire <elias@meire.dev>
Co-authored-by: Giulio Andreini <andreini@netseven.it>
Co-authored-by: Giulio Andreini <g.andreini@gmail.com>
Co-authored-by: Ayato Hayashi <go12limchangyong@gmail.com>
 2024-05-17 10:53:15 +02:00
Alex Grozav cd9bc44bdd
feat: Add Ask AI to HTTP Request Node (#8917) 2024-05-02 13:52:15 +03:00
कारतोफ्फेलस्क्रिप्ट™ 28261047c3
feat(core): Prevent session hijacking (#9057) 2024-04-09 11:20:35 +02:00
कारतोफ्फेलस्क्रिप्ट™ a6446fe057 feat(core): Rate-limit login endpoint to mitigate brute force password guessing attacks (#9028) 2024-04-03 12:15:19 +02:00
कारतोफ्फेलस्क्रिप्ट™ db4a419c8d
refactor(core): Enforce authorization by default on all routes (no-changelog) (#8762) 2024-02-28 17:02:18 +01:00
कारतोफ्फेलस्क्रिप्ट™ 56c8791aff
refactor(core): Remove all legacy auth middleware code (no-changelog) (#8755) 2024-02-28 13:12:28 +01:00
Ricardo Espinoza 3c2a4000ae
refactor(core): Use DI for LDAP code (no-changelog) (#8248) 
Co-authored-by: कारतोफ्फेलस्क्रिप्ट™ <aditya@netroy.in>
 2024-01-15 09:01:48 -05:00
Iván Ovejero 40c1eeeddd
refactor(core): Continue moving typeorm operators to repositories (no-changelog) (#8186) 
Follow-up to: #8163
 2024-01-02 17:53:24 +01:00
कारतोफ्फेलस्क्रिप्ट™ f69ddcd796
refactor(core): Use Dependency Injection for all Controller classes (no-changelog) (#8146) 
## Review / Merge checklist
- [x] PR title and summary are descriptive
 2023-12-27 11:50:43 +01:00
कारतोफ्फेलस्क्रिप्ट™ baee47a276
refactor(core): Move all base URLs to UrlService (no-changelog) (#8141) 
This change kept coming up in #6713, #7773, and #8135. 
So this PR moves the existing code without actually changing anything,
to help get rid of some of the circular dependencies.


## Review / Merge checklist
- [x] PR title and summary are descriptive.
 2023-12-22 15:19:50 +01:00
कारतोफ्फेलस्क्रिप्ट™ 464b565283
ci: Remove unnecessary async/await, enable await-thenable linting rule (no-changelog) (#8076) 
## Summary
We accidentally made some functions `async` in
https://github.com/n8n-io/n8n/pull/7846
This PR reverts that change. 

## Review / Merge checklist
- [x] PR title and summary are descriptive.
 2023-12-19 13:52:42 +01:00
Iván Ovejero c378f60a25
refactor(core): Introduce password utility (no-changelog) (#7979) 
## Summary
Provide details about your pull request and what it adds, fixes, or
changes. Photos and videos are recommended.
Continue breaking down `UserManagementHelper.ts`
...

#### How to test the change:
1. ...


## Issues fixed
Include links to Github issue or Community forum post or **Linear
ticket**:
> Important in order to close automatically and provide context to
reviewers

...


## Review / Merge checklist
- [ ] PR title and summary are descriptive. **Remember, the title
automatically goes into the changelog. Use `(no-changelog)` otherwise.**
([conventions](https://github.com/n8n-io/n8n/blob/master/.github/pull_request_title_conventions.md))
- [ ] [Docs updated](https://github.com/n8n-io/n8n-docs) or follow-up
ticket created.
- [ ] Tests included.
> A bug is not considered fixed, unless a test is added to prevent it
from happening again. A feature is not complete without tests.
  >
> *(internal)* You can use Slack commands to trigger [e2e
tests](https://www.notion.so/n8n/How-to-use-Test-Instances-d65f49dfc51f441ea44367fb6f67eb0a?pvs=4#a39f9e5ba64a48b58a71d81c837e8227)
or [deploy test
instance](https://www.notion.so/n8n/How-to-use-Test-Instances-d65f49dfc51f441ea44367fb6f67eb0a?pvs=4#f6a177d32bde4b57ae2da0b8e454bfce)
or [deploy early access version on
Cloud](https://www.notion.so/n8n/Cloudbot-3dbe779836004972b7057bc989526998?pvs=4#fef2d36ab02247e1a0f65a74f6fb534e).
 2023-12-11 18:23:42 +01:00
Val 1cb92ffe16
feat: Replace owner checks with scope checks (no-changelog) (#7846) 
Github issue / Community forum post (link here to close automatically):
 2023-11-29 14:48:36 +00:00
Iván Ovejero 1c6178759c
refactor(core): Reorganize error hierarchy in cli package (no-changelog) (#7839) 
Ensure all errors in `cli` inherit from `ApplicationError` to continue
normalizing all the errors we report to Sentry

Follow-up to: https://github.com/n8n-io/n8n/pull/7820
 2023-11-28 10:19:27 +01:00
कारतोफ्फेलस्क्रिप्ट™ 60314248f4
fix(core): Make password-reset urls valid only for single-use (#7622) 2023-11-07 15:35:43 +01:00
Ricardo Espinoza b3470fd64d
fix: Error handling on forgot password page (no-changelog) (#7633) 
fixes:
https://linear.app/n8n/issue/ADO-1339/fix-error-handling-on-forgot-password-page
 2023-11-07 08:45:58 -05:00
Ricardo Espinoza 5790e251b8
feat(core): Rate limit forgot password endpoint (#7604) 
Github issue / Community forum post (link here to close automatically):

---------

Co-authored-by: कारतोफ्फेलस्क्रिप्ट™ <netroy@users.noreply.github.com>
 2023-11-03 13:44:12 -04:00
Tomi Turtiainen 2aa7f6375a
fix(core): Decrease reset password token expire time (#7598) 
Decrease the expiration time from 1 day to 20 minutes

Github issue / Community forum post (link here to close automatically):
 2023-11-03 13:32:08 +02:00
कारतोफ्फेलस्क्रिप्ट™ 05586a900d
refactor(core): Make Logger a service (no-changelog) (#7494) 2023-10-25 16:35:22 +02:00
कारतोफ्फेलस्क्रिप्ट™ 55c6a1b0d3
fix(core): Do not return inviteAcceptUrl in response if email was sent (#7465) 2023-10-19 13:58:06 +02:00
Ricardo Espinoza 303bc8e71e
fix: Issue enforcing user limits on start plan (#7188) 2023-09-21 05:56:40 -04:00
Iván Ovejero 87cf1d9c1b
refactor(core): Make controller constructors consistent (no-changelog) (#7015) 2023-08-25 13:23:22 +02:00
Ricardo Espinoza 2b7ba6fdf1
feat(core): Add MFA (#4767) 
https://linear.app/n8n/issue/ADO-947/sync-branch-with-master-and-fix-fe-e2e-tets

---------

Co-authored-by: कारतोफ्फेलस्क्रिप्ट™ <aditya@netroy.in>
 2023-08-23 22:59:16 -04:00
Iván Ovejero 96a9de68a0
refactor(core): Move all user DB access to UserRepository (#6910) 
Prep for https://linear.app/n8n/issue/PAY-646
 2023-08-22 15:58:05 +02:00
Ricardo Espinoza 89f44021b9
fix(core): Use JWT as reset password token (#6714) 
* use jwt to reset password

* increase expiration time to 1d

* drop user id query string

* refactor

* use service instead of package in tests

* sqlite migration

* postgres migration

* mysql migration

* remove unused properties

* remove userId from FE

* fix test for users.api

* move migration to the common folder

* move type assertion to the jwt.service

* Add jwt secret as a readonly property

* use signData instead of sign in user.controller

* remove base class

* remove base class

* add tests
 2023-07-24 17:40:17 -04:00
OlegIvaniv e5620ab1e4
feat(API): Implement users account quota guards (#6434) 
* feat(cli): Implement users account quota guards

Signed-off-by: Oleg Ivaniv <me@olegivaniv.com>

* Remove comment

Signed-off-by: Oleg Ivaniv <me@olegivaniv.com>

* Address PR comments

- Getting `usersQuota` from `Settings` repo
- Revert `isUserManagementEnabled` helper
- Fix FE listing of users

Signed-off-by: Oleg Ivaniv <me@olegivaniv.com>

* Refactor isWithinUserQuota getter and fix tests

Signed-off-by: Oleg Ivaniv <me@olegivaniv.com>

* Revert testDb.ts changes

Signed-off-by: Oleg Ivaniv <me@olegivaniv.com>

* Cleanup & improve types

Signed-off-by: Oleg Ivaniv <me@olegivaniv.com>

* Fix duplicated method

* Fix failing test

* Remove `isUserManagementEnabled` completely

Signed-off-by: Oleg Ivaniv <me@olegivaniv.com>

* Check for globalRole.name to determine if user is owner

Signed-off-by: Oleg Ivaniv <me@olegivaniv.com>

* Fix unit tests

Signed-off-by: Oleg Ivaniv <me@olegivaniv.com>

* Set isInstanceOwnerSetUp in specs

* Fix SettingsUserView UM

Signed-off-by: Oleg Ivaniv <me@olegivaniv.com>

* refactor: License typings suggestions for users quota guards (#6636)

refactor: License typings suggestions

* Update packages/cli/src/Ldap/helpers.ts

Co-authored-by: Iván Ovejero <ivov.src@gmail.com>

* Update packages/cli/test/integration/shared/utils.ts

Co-authored-by: Iván Ovejero <ivov.src@gmail.com>

* Address PR comments

Signed-off-by: Oleg Ivaniv <me@olegivaniv.com>

* Use 403 for all user quota related errors

Signed-off-by: Oleg Ivaniv <me@olegivaniv.com>

---------

Signed-off-by: Oleg Ivaniv <me@olegivaniv.com>
Co-authored-by: Iván Ovejero <ivov.src@gmail.com>
 2023-07-12 14:11:46 +02:00
कारतोफ्फेलस्क्रिप्ट™ 9978e2760b
fix(core): Fix the url sent in the password-reset emails (#6466) 2023-06-17 10:23:22 +02:00
Michael Auerswald 77e3f1551d
feat: Add manual login option and password reset link for SSO (#6328) 
* consolidate IUserSettings in workflow and add allowSSOManualLogin

* add pw reset link to owners ui
 2023-05-30 12:52:02 +02:00
कारतोफ्फेलस्क्रिप्ट™ 1eeadc6114
refactor(core): Setup decorator based RBAC (no-changelog) (#5787) 2023-04-24 11:45:31 +02:00
कारतोफ्फेलस्क्रिप्ट™ 10f8c35dbb
refactor(core): Use injectable classes for db repositories (part-1) (no-changelog) (#5953) 
Co-authored-by: ricardo <ricardoespinoza105@gmail.com>
 2023-04-12 10:59:14 +02:00
कारतोफ्फेलस्क्रिप्ट™ 5bcab8fcbe
fix(core): Password reset should pass in the correct values to external hooks (#5842) 2023-03-30 16:44:39 +02:00
Michael Auerswald 2216455760
feat(core): Prevent non owners password reset when saml is enabled (#5788) 
* prevent non owners from pw reset when saml is enabled

* improve tests

* change error type
 2023-03-30 12:44:53 +02:00
कारतोफ्फेलस्क्रिप्ट™ 9bd7529193
refactor(core): Use an IoC container to manage singleton classes [Part-2] (no-changelog) (#5690) 
* use typedi for UserManagementMailer

* use typedi for SamlService

* fix typos

* use typedi for Queue

* use typedi for License

* convert some more code to use typedi
 2023-03-16 15:34:13 +01:00
Iván Ovejero 2ca959b383
refactor: Integrate consistent-type-imports in BE packages (no-changelog) (#5270) 2023-01-27 14:56:56 +01:00
कारतोफ्फेलस्क्रिप्ट™ 845f0f9d20
refactor(core): Switch over all user-management routes to use decorators (#5115) 2023-01-27 11:19:47 +01:00