mudhorn/n8n
1
0
Fork 0
mirror of https://github.com/n8n-io/n8n.git synced 2024-12-27 13:39:44 -08:00
Code Issues Actions 2 Packages Projects Releases Wiki Activity
10799 commits 1143 branches 1610 tags 354 MiB
Commit graph

28 commits

Author SHA1 Message Date
Csaba Tuncsik 596c472ecc
feat: RBAC (#8922) 
Signed-off-by: Oleg Ivaniv <me@olegivaniv.com>
Co-authored-by: Val <68596159+valya@users.noreply.github.com>
Co-authored-by: कारतोफ्फेलस्क्रिप्ट™ <aditya@netroy.in>
Co-authored-by: Valya Bullions <valya@n8n.io>
Co-authored-by: Danny Martini <danny@n8n.io>
Co-authored-by: Danny Martini <despair.blue@gmail.com>
Co-authored-by: Iván Ovejero <ivov.src@gmail.com>
Co-authored-by: Omar Ajoue <krynble@gmail.com>
Co-authored-by: oleg <me@olegivaniv.com>
Co-authored-by: Michael Kret <michael.k@radency.com>
Co-authored-by: Michael Kret <88898367+michael-radency@users.noreply.github.com>
Co-authored-by: Elias Meire <elias@meire.dev>
Co-authored-by: Giulio Andreini <andreini@netseven.it>
Co-authored-by: Giulio Andreini <g.andreini@gmail.com>
Co-authored-by: Ayato Hayashi <go12limchangyong@gmail.com>
 2024-05-17 10:53:15 +02:00
Danny Martini 1efeeccc5b
fix(core): Fix browser session refreshes not working (#9212) 
Co-authored-by: कारतोफ्फेलस्क्रिप्ट™ <aditya@netroy.in>
 2024-04-24 18:28:19 +02:00
कारतोफ्फेलस्क्रिप्ट™ ff9ae549fd
fix(core): Improve browserId checks, and add logging (#9161) 2024-04-18 15:53:19 +02:00
कारतोफ्फेलस्क्रिप्ट™ 46e432b177
fix(core): Exclude oAuth callback urls from browser-id checks (#9158) 2024-04-17 19:20:51 +02:00
कारतोफ्फेलस्क्रिप्ट™ a7108d14f9
fix(core): Some more browser-id related fixes (no-changelog) (#9102) 2024-04-10 10:37:23 +02:00
कारतोफ्फेलस्क्रिप्ट™ 28261047c3
feat(core): Prevent session hijacking (#9057) 2024-04-09 11:20:35 +02:00
कारतोफ्फेलस्क्रिप्ट™ 0818824a72
feat(core)!: Set the secure flag on issued cookies (#8812) 2024-03-05 18:57:41 +01:00
कारतोफ्फेलस्क्रिप्ट™ cdec7c9334
feat(core): Update hashing strategy for JWTs (#8810) 2024-03-05 15:06:29 +01:00
कारतोफ्फेलस्क्रिप्ट™ db4a419c8d
refactor(core): Enforce authorization by default on all routes (no-changelog) (#8762) 2024-02-28 17:02:18 +01:00
कारतोफ्फेलस्क्रिप्ट™ 56c8791aff
refactor(core): Remove all legacy auth middleware code (no-changelog) (#8755) 2024-02-28 13:12:28 +01:00
कारतोफ्फेलस्क्रिप्ट™ d6deceacde
refactor(core): Remove roleId indirection (no-changelog) (#8413) 2024-01-24 13:38:57 +01:00
Danny Martini 07e6705256
feat(core): Custom session timeout and refresh configuration (#8342) 2024-01-22 09:54:13 +01:00
Tomi Turtiainen 9a1cc56806
fix: Set '@typescript-eslint/return-await' rule to 'always' for node code (no-changelog) (#8363) 
Co-authored-by: कारतोफ्फेलस्क्रिप्ट™ <aditya@netroy.in>
 2024-01-17 17:08:50 +02:00
Ricardo Espinoza 3c2a4000ae
refactor(core): Use DI for LDAP code (no-changelog) (#8248) 
Co-authored-by: कारतोफ्फेलस्क्रिप्ट™ <aditya@netroy.in>
 2024-01-15 09:01:48 -05:00
Iván Ovejero c378f60a25
refactor(core): Introduce password utility (no-changelog) (#7979) 
## Summary
Provide details about your pull request and what it adds, fixes, or
changes. Photos and videos are recommended.
Continue breaking down `UserManagementHelper.ts`
...

#### How to test the change:
1. ...


## Issues fixed
Include links to Github issue or Community forum post or **Linear
ticket**:
> Important in order to close automatically and provide context to
reviewers

...


## Review / Merge checklist
- [ ] PR title and summary are descriptive. **Remember, the title
automatically goes into the changelog. Use `(no-changelog)` otherwise.**
([conventions](https://github.com/n8n-io/n8n/blob/master/.github/pull_request_title_conventions.md))
- [ ] [Docs updated](https://github.com/n8n-io/n8n-docs) or follow-up
ticket created.
- [ ] Tests included.
> A bug is not considered fixed, unless a test is added to prevent it
from happening again. A feature is not complete without tests.
  >
> *(internal)* You can use Slack commands to trigger [e2e
tests](https://www.notion.so/n8n/How-to-use-Test-Instances-d65f49dfc51f441ea44367fb6f67eb0a?pvs=4#a39f9e5ba64a48b58a71d81c837e8227)
or [deploy test
instance](https://www.notion.so/n8n/How-to-use-Test-Instances-d65f49dfc51f441ea44367fb6f67eb0a?pvs=4#f6a177d32bde4b57ae2da0b8e454bfce)
or [deploy early access version on
Cloud](https://www.notion.so/n8n/Cloudbot-3dbe779836004972b7057bc989526998?pvs=4#fef2d36ab02247e1a0f65a74f6fb534e).
 2023-12-11 18:23:42 +01:00
Iván Ovejero c08c5cc37b
refactor(core): Switch plain errors in cli to ApplicationError (#7857) 
Ensure all errors in `cli` are `ApplicationError` or children of it and
contain no variables in the message, to continue normalizing all the
errors we report to Sentry

Follow-up to: https://github.com/n8n-io/n8n/pull/7839
 2023-11-29 12:25:10 +01:00
Iván Ovejero 1c6178759c
refactor(core): Reorganize error hierarchy in cli package (no-changelog) (#7839) 
Ensure all errors in `cli` inherit from `ApplicationError` to continue
normalizing all the errors we report to Sentry

Follow-up to: https://github.com/n8n-io/n8n/pull/7820
 2023-11-28 10:19:27 +01:00
कारतोफ्फेलस्क्रिप्ट™ 3460eb5eeb
fix(core): Initialize JWT Secret before it's used anywhere (#7707) 
HELP-394
 2023-11-15 12:17:18 +01:00
कारतोफ्फेलस्क्रिप्ट™ 000e76e3b4
ci(core): Reduce memory usage in tests (part-2) (no-changelog) (#7671) 
This also gets rid of `Db.collection`, which was another source of
circular dependencies.
 2023-11-10 15:04:26 +01:00
कारतोफ्फेलस्क्रिप्ट™ 60314248f4
fix(core): Make password-reset urls valid only for single-use (#7622) 2023-11-07 15:35:43 +01:00
Jon 479f90231d
fix(core): Fix issue that prevents owner logging in when using ldap (#7408) 
This PR prioritises the internal email account over LDAP for the Owner.

---------

Co-authored-by: ricardo <ricardoespinoza105@gmail.com>
 2023-11-01 23:02:49 -04:00
Iván Ovejero 72523462ea
refactor: Clear unused ESLint directives from BE packages (no-changelog) (#6798) 2023-07-31 11:00:48 +02:00
Ricardo Espinoza 89f44021b9
fix(core): Use JWT as reset password token (#6714) 
* use jwt to reset password

* increase expiration time to 1d

* drop user id query string

* refactor

* use service instead of package in tests

* sqlite migration

* postgres migration

* mysql migration

* remove unused properties

* remove userId from FE

* fix test for users.api

* move migration to the common folder

* move type assertion to the jwt.service

* Add jwt secret as a readonly property

* use signData instead of sign in user.controller

* remove base class

* remove base class

* add tests
 2023-07-24 17:40:17 -04:00
OlegIvaniv e5620ab1e4
feat(API): Implement users account quota guards (#6434) 
* feat(cli): Implement users account quota guards

Signed-off-by: Oleg Ivaniv <me@olegivaniv.com>

* Remove comment

Signed-off-by: Oleg Ivaniv <me@olegivaniv.com>

* Address PR comments

- Getting `usersQuota` from `Settings` repo
- Revert `isUserManagementEnabled` helper
- Fix FE listing of users

Signed-off-by: Oleg Ivaniv <me@olegivaniv.com>

* Refactor isWithinUserQuota getter and fix tests

Signed-off-by: Oleg Ivaniv <me@olegivaniv.com>

* Revert testDb.ts changes

Signed-off-by: Oleg Ivaniv <me@olegivaniv.com>

* Cleanup & improve types

Signed-off-by: Oleg Ivaniv <me@olegivaniv.com>

* Fix duplicated method

* Fix failing test

* Remove `isUserManagementEnabled` completely

Signed-off-by: Oleg Ivaniv <me@olegivaniv.com>

* Check for globalRole.name to determine if user is owner

Signed-off-by: Oleg Ivaniv <me@olegivaniv.com>

* Fix unit tests

Signed-off-by: Oleg Ivaniv <me@olegivaniv.com>

* Set isInstanceOwnerSetUp in specs

* Fix SettingsUserView UM

Signed-off-by: Oleg Ivaniv <me@olegivaniv.com>

* refactor: License typings suggestions for users quota guards (#6636)

refactor: License typings suggestions

* Update packages/cli/src/Ldap/helpers.ts

Co-authored-by: Iván Ovejero <ivov.src@gmail.com>

* Update packages/cli/test/integration/shared/utils.ts

Co-authored-by: Iván Ovejero <ivov.src@gmail.com>

* Address PR comments

Signed-off-by: Oleg Ivaniv <me@olegivaniv.com>

* Use 403 for all user quota related errors

Signed-off-by: Oleg Ivaniv <me@olegivaniv.com>

---------

Signed-off-by: Oleg Ivaniv <me@olegivaniv.com>
Co-authored-by: Iván Ovejero <ivov.src@gmail.com>
 2023-07-12 14:11:46 +02:00
कारतोफ्फेलस्क्रिप्ट™ 52f740b9e8
refactor(core): Use an IoC container to manage singleton classes [Part-1] (no-changelog) (#5509) 
* add typedi

* convert ActiveWorkflowRunner into an injectable service

* convert ExternalHooks into an injectable service

* convert InternalHooks into an injectable service

* convert LoadNodesAndCredentials into an injectable service

* convert NodeTypes and CredentialTypes into an injectable service

* convert ActiveExecutions into an injectable service

* convert WaitTracker into an injectable service

* convert Push into an injectable service

* convert ActiveWebhooks and  TestWebhooks into an injectable services

* handle circular references, and log errors when a circular dependency is found
 2023-02-21 19:21:56 +01:00
Iván Ovejero 2ca959b383
refactor: Integrate consistent-type-imports in BE packages (no-changelog) (#5270) 2023-01-27 14:56:56 +01:00
कारतोफ्फेलस्क्रिप्ट™ 845f0f9d20
refactor(core): Switch over all user-management routes to use decorators (#5115) 2023-01-27 11:19:47 +01:00
Ricardo Espinoza 0c70a40317
feat(core): Add LDAP support (#3835) 2023-01-25 02:18:39 +01:00