also refactored the code to
1. stop passing around `scope === 'global'`, since this code can be used
only for changing globalRole.
2. leak less details when input validation fails.
## Review / Merge checklist
- [x] PR title and summary are descriptive
- [x] Tests included
https://linear.app/n8n/issue/PAY-985
```
PATCH /users/:id/role
unauthenticated user
✓ should receive 401 (349 ms)
member
✓ should fail to demote owner to member (349 ms)
✓ should fail to demote owner to admin (359 ms)
✓ should fail to demote admin to member (381 ms)
✓ should fail to promote other member to owner (353 ms)
✓ should fail to promote other member to admin (377 ms)
✓ should fail to promote self to admin (354 ms)
✓ should fail to promote self to owner (371 ms)
admin
✓ should receive 400 on invalid payload (351 ms)
✓ should receive 404 on unknown target user (351 ms)
✓ should fail to demote owner to admin (349 ms)
✓ should fail to demote owner to member (347 ms)
✓ should fail to promote member to owner (384 ms)
✓ should fail to promote admin to owner (350 ms)
✓ should be able to demote admin to member (354 ms)
✓ should be able to demote self to member (350 ms)
✓ should be able to promote member to admin (349 ms)
owner
✓ should be able to promote member to admin (349 ms)
✓ should be able to demote admin to member (349 ms)
✓ should fail to demote self to admin (348 ms)
✓ should fail to demote self to member (354 ms)
```
This PR:
- Creates `InvitationController`
- Moves `POST /users` to `POST /invitations` and move related test to
`invitations.api.tests`
- Moves `POST /users/:id` to `POST /invitations/:id/accept` and move
related test to `invitations.api.tests`
- Adjusts FE to use new endpoints
- Moves all the invitation logic to the `UserService`
---------
Co-authored-by: कारतोफ्फेलस्क्रिप्ट™ <aditya@netroy.in>
Groundwork to be able to safely refactor and move the invitation logic
to the UserService.
Fixes ADO-1358
---------
Co-authored-by: कारतोफ्फेलस्क्रिप्ट™ <aditya@netroy.in>
* use jwt to reset password
* increase expiration time to 1d
* drop user id query string
* refactor
* use service instead of package in tests
* sqlite migration
* postgres migration
* mysql migration
* remove unused properties
* remove userId from FE
* fix test for users.api
* move migration to the common folder
* move type assertion to the jwt.service
* Add jwt secret as a readonly property
* use signData instead of sign in user.controller
* remove base class
* remove base class
* add tests
* 🔧 Adjust base ESLint config
* 🔧 Adjust `lint` and `lintfix` in `nodes-base`
* 🔧 Include `test` and `utils` in `nodes-base`
* 📘 Convert JS tests to TS
* 👕 Apply lintfixes
* use typedi for UserManagementMailer
* use typedi for SamlService
* fix typos
* use typedi for Queue
* use typedi for License
* convert some more code to use typedi
* feat: update n8n-users-list to no longer use preset list of actions
* feat: prepared users settings for invite links feature
* refactor: Return invite link URLs when inviting users (#5079)
* refactor: Return invite link URLs when inviting users
* test: Refactor and add tests to mailer
* feat: Add FE inviteAcceptUrl integration (#5085)
* feat: update n8n-users-list to no longer use preset list of actions
* feat: prepared users settings for invite links feature
* feat: add integration with new inviteAcceptUrl changes
* feat: Add inviteAcceptUrl to user list for pending users
Co-authored-by: Alex Grozav <alex@grozav.com>
* fix conflicts
* fix lint issue
* test: Make sure inviteAcceptUrl is defined
* feat: update smtp setup suggestion
* feat: add invite link summary when inviting multiple users
* refactor: Add telemetry flag for when email is sent
* fix: add email_sent correctly to telemetry event
* feat: move SMTP info-tip to invite modal
Co-authored-by: Omar Ajoue <krynble@gmail.com>
* fix: Prevent workflows with only manual trigger from being activated
* fix: Fix workflow id when sharing from workflows list
* fix: Update sharing modal translations
* fix: Allow sharees to disable workflows and fix issue with unique key when removing a user
* refactor: Improve error messages and change logging level to be less verbose
* fix: Broken user removal transfer issue
* feat: Implement workflow sharing BE telemetry
* chore: temporarily add sharing env vars
* feat: Implement BE telemetry for workflow sharing
* fix: Prevent issues with possibly missing workflow id
* feat: Replace WorkflowSharing flag references (no-changelog) (#4918)
* ci: Block all external network calls in tests (no-changelog) (#4930)
* setup nock to prevent tests from making any external requests
* mock all calls to posthog sdk
* feat: Replace WorkflowSharing flag references (no-changelog)
Co-authored-by: कारतोफ्फेलस्क्रिप्ट™ <netroy@users.noreply.github.com>
* refactor: Remove temporary feature flag for workflow sharing
* refactor: add sharing_role to both manual and node executions
* refactor: Allow changing name, position and disabled of read only nodes
* feat: Overhaul dynamic translations for local and cloud (#4943)
* feat: Overhaul dynamic translations for local and cloud
* fix: remove type casting
* chore: remove unused translations
* fix: fix workflow sharing translation
* test: Fix broken test
* refactor: remove unnecessary import
* refactor: Minor code improvements
* refactor: rename dynamicTranslations to contextBasedTranslationKeys
* fix: fix type imports
* refactor: Consolidate sharing feature check
* feat: update cred sharing unavailable translations
* feat: update upgrade message when user management not available
* fix: rename plan names to Pro and Power
* feat: update translations to no longer contain plan names
* wip: subworkflow permissions
* feat: add workflowsFromSameOwner caller policy
* feat: Fix subworkflow permissions
* shared entites should check for role when deleting users
* refactor: remove circular dependency
* role filter shouldn't be an array
* fixed role issue
* fix: Corrected behavior when removing users
* feat: show instance owner credential sharing message only if isnt sharee
* feat: update workflow caller policy caller ids labels
* feat: update upgrade plan links to contain instance ids
* fix: show check errors below creds message only to owner
* fix(editor): Hide usage page on cloud
* fix: update credential validation error message for sharee
* fix(core): Remove duplicate import
* fix(editor): Extending deployment types
* feat: Overhaul contextual translations (#4992)
feat: update how contextual translations work
* refactor: improve messageing for subworkflow permissions
* test: Fix issue with user deletion and transfer
* fix: Explicitly throw error message so it can be displayed in UI
Co-authored-by: Alex Grozav <alex@grozav.com>
Co-authored-by: कारतोफ्फेलस्क्रिप्ट™ <netroy@users.noreply.github.com>
Co-authored-by: freyamade <freya@n8n.io>
Co-authored-by: Csaba Tuncsik <csaba@n8n.io>
* 🎉 starting feature development
* ✨ sharing/unsharing a credential (#3601)
* 🎉 initial design
* ✨ sharing/unsharing of credentials
* ✅ add tests for EE credentials controller
* 💪 implement review comments
* 🛠 refactor agent creation and credential role locking
* 👕 linting adjustments (#3691)
* 👕 Adjust rule `naming-convention`
* 👕 Fix `naming-convention` config value
* 👕 Disregard casing for EE-prefixed vars
Co-authored-by: Iván Ovejero <ivov.src@gmail.com>
* 🛠 refactor authAgents in tests (#3725)
* 🛠 refactor authAgent
* 🛠 refactor authAgent
* 🛠 refactor authAgent
* 🛠 refactor authAgent
* 👕 fix ts issue
* 🐘 add migration for mysql and postgres + add AuthAgent type
Co-authored-by: Iván Ovejero <ivov.src@gmail.com>
* ⚡️ refactor existing credentials routes (#3672)
* 🎉 initial design
* ✨ sharing/unsharing of credentials
* ♻️ split credential update route into controller and service
* 🔥 remove credentials test that is no longer applicable
* ♻️ split credential creation route into controller and service
* ♻️ split single credential get
* ♻️ split delete credentials route
* ♻️ split get all credentials route
* 🔥 remove unused imports in credentials contoller
* 🔥 remove console.log
* :refactor: changes to credentials controller and service from review
- removed credentials from service function names
- made relations list optional
- put allowGlobalOwner in options objects
- check length of relations array so join doesn't happen if empty
- update some comments to further explain rationale
- remove unneeded `Object.assign`
- remove non-null assertion from test
* ♻️ move filtered credentials selected fields to variable
* ♻️ remove unneeded merges in credentials service
Co-authored-by: Ben Hesseldieck <b.hesseldieck@gmail.com>
Co-authored-by: Ben Hesseldieck <1849459+BHesseldieck@users.noreply.github.com>
* ✅ fix test
* 🐛 fix imports
* 👕 fix lint issue
* User Management: switch over to decorators to define routes (#3827)
* Add permissions details to credentials for User Management (#3863)
* ⚡ Open `GET /users`
* ⚡ Add permissions to cred service
* 🚚 Rename method
* ⚡ Refactor cred controller
* 🧪 Adjust test
* ✏️ Improve comment
* ✏️ Improve another comment
* ⚡ Account for multiple sharings
* 🐛 Fix access when user is editor
* 📘 Expand interface
* 📘 Relocate types
* 📘 Exempt cred entity with service-injected fields
* 📘 Adjust interface
* ♻️ Add permissions only in `GET /credentials`
* 🧪 Add expectations for `ownedBy`
* 🧪 Add sharing details test
* 🧪 Make `ownedBy` checks more granular
* 📘 Adjust interface
* 🚚 Rename cred getter
* ♻️ Refactor cred getter
* 🧪 Expand tests
* ♻️ Refactor to use guard
* 👕 Remove unneeded lint exception
* 🔥 Remove unneeded relation
* 🚚 Move relation to `GET /credentials/:id`
* 📘 Consolidate typings
* 🎨 Add multiline for readability
* 🔥 Remove unneeded type
* ✏️ Clarity comment
* ✏️ Make comments consistent
* 👕 Add exception to fix build
* 👕 Add more lint exceptions to fix build
* 🐛 Check for non-owner
* 📘 Improve typings
* 🧪 Temporarily skip tests
* 🔥 Remove `@ts-ignore`
* 👕 Move lint exceptions
* ♻️ Refactor cred service and controller
* ⚡ Simplify check
* ✏️ adjust naming to experimental
* ⚡️ add credentialsSharing flag to settings
* 🛠 add helper to check if UM is also enabled as dependency for CredentialsSharing
* 👕 fix lint error
* 🐘 change name of credential role
* 🚧 WIP batch sharing
* 🚧 WIP use put for sharing
* ✅ add tests for batch sharing, 🛠 implement review suggestions
* ✅ expand credential sharing tests for User Management (#3931)
* 🧪 Expand cred sharing tests
* ⚡ Add recently added flags
* ✅ fix and adjust tests for /credentials
Co-authored-by: Ben Hesseldieck <b.hesseldieck@gmail.com>
* ✨ User management v2 Front End (#3795)
* feat: Added responsive generic page view layout.
* feat: Added empty state.
* feat: Added credentials view empty state.
* test: Added unit tests for N8nActionBox
* feat: Added credentials list initial design.
* feat: Added credential actions. Started working on filters.
* feat: Updated InfoTip markup, added tests and changed stories to typescript.
* feat: Added credentials filtering by type. Added support for apply/reset filters.
* feat: Added credential sharing user select and user list. Added paywall component.
* feat: Updated credentials view permissions.
* feat: Added support for temporary sharing config for unsaved credentials.
* test: Fixed broken snapshots.
* feat: Added overflow styles to page-view-layout list.
* feat: Handled sharee specific views.
* feat: Integration between FE and BE to support real-world credential sharing scenario.
* feat: Added front end permissions table.
* feat: Refactored credential sharing flow. Updated design elements.
* feat: Added margin and padding auto spacer utilities.
* feat: Rehauled permissions to support instanceOwner role and action inheritance.
* feat: Updated credentials view to apply filters automatically.
* feat: Removed apply filters button and added active button state.
* test: Updated component snapshots.
* refactor: Renamed ResourceSharee to ResourceReader.
* feat: Credential sharing error handling, permissions improvement.
* feat: Updated permissions and error handling.
* chore: Removed console.log.
* 🛠 refactor enabling of credentialsSharing
* feat: Removed owner menu selector from credentials when sharing is disabled.
* refactor: Moved EE features into ee store module file.
* 🛠 add sharing info to GET credentials/:id
* fix: Fixed initial credential data loading for sharing.
* chore: Removed console.log.
* 🐛 owner can fetch any credential
* 🛠 refactor users test
* 👕 fix build type issue
* fix: Removed owner tag when credential sharing is disabled. Fixed small reactivity issue.
* chore: Removed console.log.
* 🚧 separate fetching credentials between EE and open
* fix: Fixed empty dropdown in users list.
* fix: Fixed error message and initialization when credential gets unshared.
* ✅ add tests for fetching single credential
* Revert decorators based controllers
* ⚡️ adjust credentials test route to also allow testing for sharees (#3999)
* ⚡️ pull data if user is sharee
* fix: Removed sharedWith and ownedBy from credentialData on testing credentials.
Co-authored-by: Alex Grozav <alex@grozav.com>
* 📈 add BE analytics
* 💪 improve credential test
* ⚡️ adjust tracking properties
* ⚡️ removed roles from tracking
* 🐛 fix build by removing imports
* 🐛 fix missed merge conflict
* feat: User management P2 Front End bug bash and improvements (#4014)
* fix: Fixed type select size after reopening dropdown.
* fix: Fixed template cards.
* fix: Fixed card content size and copy input.
* fix: Fixed horizontal overflow.
* fix: Hiding el-tags scrollbar in select.
* fix: Added fallback credential icon. Added oAuth credential owner check.
* feat: Added disabled state to user select.
* feat: Added fallback scenario for non-existent credential types.
* feat: Adjusted credentials empty state to show that there are shared credentials.
* fix: Fixed time title.
* feat: Added actionable empty state when shared credentials are present.
* fix: Made action box x padding smaller
* feat: Repositioned owner tag for credential card.
* feat: Updated message box styling to use n8n css variables.
* feat: Added confirmation for deleting sharee.
* fix: Fixed deleted credential types. Fixed select in dropdown bug.
* fix: Various code improvements. Addressed PR review comments.
* fix: Fixed credential deletion errors.
* fix: Various code quality improvements.
* feat: N8N-4531 update cloud coming soon features (#4025)
* feat: Showing different upcoming feature messages and format for cloud.
* fix: Changed url format.
* fix: Updated how cloud deployment is determined.
* feat: N8N-4527 implementing credential sharing FE telemetry (#4023)
* feat: Added credential sharing telemetry.
* chore: Renamed computed function for consistency.
* refactor: Simplified subview telemetry sending.
* fix: Changed to callDebounced() helper.
* 📧 update email text
* fix: Adjusted feature coming soon margin.
* chore: Fixed type and line height for delete sharee confirmation modal.
* refactor(editor-ui): Update telemetry (#4040)
* 🔥 Remove `identify` from BE
* ⚡ Add `versionCli`
* ⚡ Add node creator ignore input
* ⚡ Move obfuscators to editor-ui
* ⚡ Refactor `ph-no-capture`
* ⚡ Pass `user_id` to manual exec props
* 🚚 Relocate class in `SettingsApiView`
* ⚡ Add `userId` to BE PH `identify` call
* ⏪ Revert "⚡ Add `userId` to BE PH `identify` call"
This reverts commit 895aaa45e5.
* Revert "⏪ Revert "⚡ Add `userId` to BE PH `identify` call""
This reverts commit b86a098c20.
* 🐛 Fix `Promise` handling in `track()` call
* ⏪ Restore `Db.collections` call
* ⚡ Set up PH payload to mirror RS
* 🔥 Remove excess `userId`
* 📘 Remove `userId` from interface
* 🔥 Remove unused ref and method
* fix: Fixed bug causing instanceOwner to become credential owner on update. (#4079)
* 🐛 fix test for credential shared with member
* 👕 fix lint issues
* delete conflicting migration. this data is already seeded in CreateUserManagement
* feat: Expand obfuscation to User Management credential sharing (#4070)
⚡ Expand obfuscation
* feat: Added credential sharing infotip for instance owner.
* bring back the migration. add a check to avoid conflicts on inserts
* fix(cli): use a non-env config flag to detect of enterprise features are enabled (#4105)
* chore: Changed ampersand to and in translation.
* refactor(telemetry): Obfuscate code and JSON editors (#4118)
⚡ Obfuscate code and JSON editors
* feat(editor): improve design and functionality of coming soon features (#4116)
* feat: Improved coming soon feature design and functionality.
* style: Removed empty line.
* chore: Removed unused translation.
* fix: fix telemetry for credential creates and updates (#4125)
fix telemetry for credential creates and updates
* feat: Display errors due to missing credentials in the correct node (#4124)
feat: Display errors due to invalid credentials in the correct node when missing permissions
* fix: remove duplicate header for coming soon features in cloud deployment
* telemetry: fix the payload for `User viewed credential tab`
* telemetry: add credential_id to 'User selected credential from node modal'
* feat: update empty states for coming soon features
* Update ActionBox.spec.ts.snap
* replace UserSharingsDetails with a subset of User properties
* rename the CreateCredentialsEditorRole to CreateCredentialsUserRole
* move IUser to the workflow package
* use IUser in the frontend as well
Co-authored-by: Iván Ovejero <ivov.src@gmail.com>
Co-authored-by: Valya <68596159+valya@users.noreply.github.com>
Co-authored-by: कारतोफ्फेलस्क्रिप्ट™ <netroy@users.noreply.github.com>
Co-authored-by: Alex Grozav <alex@grozav.com>
Co-authored-by: कारतोफ्फेलस्क्रिप्ट™ <aditya@netroy.in>
Co-authored-by: Omar Ajoue <krynble@gmail.com>