mirror of
https://github.com/n8n-io/n8n.git
synced 2024-09-21 15:27:32 -07:00
e5620ab1e4
* feat(cli): Implement users account quota guards Signed-off-by: Oleg Ivaniv <me@olegivaniv.com> * Remove comment Signed-off-by: Oleg Ivaniv <me@olegivaniv.com> * Address PR comments - Getting `usersQuota` from `Settings` repo - Revert `isUserManagementEnabled` helper - Fix FE listing of users Signed-off-by: Oleg Ivaniv <me@olegivaniv.com> * Refactor isWithinUserQuota getter and fix tests Signed-off-by: Oleg Ivaniv <me@olegivaniv.com> * Revert testDb.ts changes Signed-off-by: Oleg Ivaniv <me@olegivaniv.com> * Cleanup & improve types Signed-off-by: Oleg Ivaniv <me@olegivaniv.com> * Fix duplicated method * Fix failing test * Remove `isUserManagementEnabled` completely Signed-off-by: Oleg Ivaniv <me@olegivaniv.com> * Check for globalRole.name to determine if user is owner Signed-off-by: Oleg Ivaniv <me@olegivaniv.com> * Fix unit tests Signed-off-by: Oleg Ivaniv <me@olegivaniv.com> * Set isInstanceOwnerSetUp in specs * Fix SettingsUserView UM Signed-off-by: Oleg Ivaniv <me@olegivaniv.com> * refactor: License typings suggestions for users quota guards (#6636) refactor: License typings suggestions * Update packages/cli/src/Ldap/helpers.ts Co-authored-by: Iván Ovejero <ivov.src@gmail.com> * Update packages/cli/test/integration/shared/utils.ts Co-authored-by: Iván Ovejero <ivov.src@gmail.com> * Address PR comments Signed-off-by: Oleg Ivaniv <me@olegivaniv.com> * Use 403 for all user quota related errors Signed-off-by: Oleg Ivaniv <me@olegivaniv.com> --------- Signed-off-by: Oleg Ivaniv <me@olegivaniv.com> Co-authored-by: Iván Ovejero <ivov.src@gmail.com>
51 lines
1.6 KiB
TypeScript
51 lines
1.6 KiB
TypeScript
import type { SuperAgentTest } from 'supertest';
|
|
import {
|
|
ROUTES_REQUIRING_AUTHENTICATION,
|
|
ROUTES_REQUIRING_AUTHORIZATION,
|
|
} from './shared/constants';
|
|
import * as testDb from './shared/testDb';
|
|
import * as utils from './shared/utils';
|
|
import config from '@/config';
|
|
|
|
let authlessAgent: SuperAgentTest;
|
|
let authMemberAgent: SuperAgentTest;
|
|
|
|
beforeAll(async () => {
|
|
const app = await utils.initTestServer({ endpointGroups: ['me', 'auth', 'owner', 'users'] });
|
|
const globalMemberRole = await testDb.getGlobalMemberRole();
|
|
const member = await testDb.createUser({ globalRole: globalMemberRole });
|
|
|
|
authlessAgent = utils.createAgent(app);
|
|
authMemberAgent = utils.createAuthAgent(app)(member);
|
|
|
|
config.set('userManagement.isInstanceOwnerSetUp', true);
|
|
});
|
|
|
|
afterAll(async () => {
|
|
await testDb.terminate();
|
|
});
|
|
|
|
ROUTES_REQUIRING_AUTHENTICATION.concat(ROUTES_REQUIRING_AUTHORIZATION).forEach((route) => {
|
|
const [method, endpoint] = getMethodAndEndpoint(route);
|
|
|
|
test(`${route} should return 401 Unauthorized if no cookie`, async () => {
|
|
const { statusCode } = await authlessAgent[method](endpoint);
|
|
expect(statusCode).toBe(401);
|
|
});
|
|
});
|
|
|
|
ROUTES_REQUIRING_AUTHORIZATION.forEach(async (route) => {
|
|
const [method, endpoint] = getMethodAndEndpoint(route);
|
|
|
|
test(`${route} should return 403 Forbidden for member`, async () => {
|
|
const { statusCode } = await authMemberAgent[method](endpoint);
|
|
expect(statusCode).toBe(403);
|
|
});
|
|
});
|
|
|
|
function getMethodAndEndpoint(route: string) {
|
|
return route.split(' ').map((segment, index) => {
|
|
return index % 2 === 0 ? segment.toLowerCase() : segment;
|
|
});
|
|
}
|