mudhorn/n8n
1
0
Fork 0
mirror of https://github.com/n8n-io/n8n.git synced 2024-09-21 07:17:38 -07:00
Code Issues Actions 2 Packages Projects Releases Wiki Activity
n8n/packages/cli/test/integration/audit/database.risk.test.ts
Michael Auerswald c3ba0123ad
feat: Migrate integer primary keys to nanoids (#6345) 
* first commit for postgres migration

* (not working)

* sqlite migration

* quicksave

* fix tests

* fix pg test

* fix postgres

* fix variables import

* fix execution saving

* add user settings fix

* change migration to single lines

* patch preferences endpoint

* cleanup

* improve variable import

* cleanup unusued code

* Update packages/cli/src/PublicApi/v1/handlers/workflows/workflows.handler.ts

Co-authored-by: Omar Ajoue <krynble@gmail.com>

* address review notes

* fix var update/import

* refactor: Separate execution data to its own table (#6323)

* wip: Temporary migration process

* refactor: Create boilerplate repository methods for executions

* fix: Lint issues

* refactor: Added search endpoint to repository

* refactor: Make the execution list work again

* wip: Updating how we create and update executions everywhere

* fix: Lint issues and remove most of the direct access to execution model

* refactor: Remove includeWorkflowData flag and fix more tests

* fix: Lint issues

* fix: Fixed ordering of executions for FE, removed transaction when saving execution and removed unnecessary update

* refactor: Add comment about missing feature

* refactor: Refactor counting executions

* refactor: Add migration for other dbms and fix issues found

* refactor: Fix lint issues

* refactor: Remove unnecessary comment and auto inject repo to internal hooks

* refactor: remove type assertion

* fix: Fix broken tests

* fix: Remove unnecessary import

* Remove unnecessary toString() call

Co-authored-by: Iván Ovejero <ivov.src@gmail.com>

* fix: Address comments after review

* refactor: Remove unused import

* fix: Lint issues

* fix: Add correct migration files

---------

Co-authored-by: Iván Ovejero <ivov.src@gmail.com>

* remove null values from credential export

* fix: Fix an issue with queue mode where all running execution would be returned

* fix: Update n8n node to allow for workflow ids with letters

* set upstream on set branch

* remove typo

* add nodeAccess to credentials

* fix unsaved run check for undefined id

* fix(core): Rename version control feature to source control (#6480)

* rename versionControl to sourceControl

* fix source control tooltip wording

---------

Co-authored-by: Romain Minaud <romain.minaud@gmail.com>

* fix(editor): Pay 548 hide the set up version control button (#6485)

* feat(DebugHelper Node): Fix and include in main app (#6406)

* improve node a bit

* fixing continueOnFail() ton contain error in json

* improve pairedItem

* fix random data returning object results

* fix nanoId length typo

* update pnpm-lock file

---------

Co-authored-by: Marcus <marcus@n8n.io>

* fix(editor): Remove setup source control CTA button

* fix(editor): Remove setup source control CTA button

---------

Co-authored-by: Michael Auerswald <michael.auerswald@gmail.com>
Co-authored-by: Marcus <marcus@n8n.io>

* fix(editor): Update source control docs links (#6488)

* feat(DebugHelper Node): Fix and include in main app (#6406)

* improve node a bit

* fixing continueOnFail() ton contain error in json

* improve pairedItem

* fix random data returning object results

* fix nanoId length typo

* update pnpm-lock file

---------

Co-authored-by: Marcus <marcus@n8n.io>

* feat(editor): Replace root events with event bus events (no-changelog) (#6454)

* feat: replace root events with event bus events

* fix: prevent cypress from replacing global with globalThis in import path

* feat: remove emitter mixin

* fix: replace component events with event bus

* fix: fix linting issue

* fix: fix breaking expression switch

* chore: prettify ndv e2e suite code

* fix(editor): Update source control docs links

---------

Co-authored-by: Michael Auerswald <michael.auerswald@gmail.com>
Co-authored-by: Marcus <marcus@n8n.io>
Co-authored-by: Alex Grozav <alex@grozav.com>

* fix tag endpoint regex

---------

Co-authored-by: Omar Ajoue <krynble@gmail.com>
Co-authored-by: Iván Ovejero <ivov.src@gmail.com>
Co-authored-by: Romain Minaud <romain.minaud@gmail.com>
Co-authored-by: Csaba Tuncsik <csaba@n8n.io>
Co-authored-by: Marcus <marcus@n8n.io>
Co-authored-by: Alex Grozav <alex@grozav.com>
2023-06-20 19:13:18 +02:00

189 lines
4.2 KiB
TypeScript
Raw Blame History

import { v4 as uuid } from 'uuid';
import * as Db from '@/Db';
import { audit } from '@/audit';
import {
DATABASE_REPORT,
SQL_NODE_TYPES,
SQL_NODE_TYPES_WITH_QUERY_PARAMS,
} from '@/audit/constants';
import { getRiskSection, saveManualTriggerWorkflow } from './utils';
import * as testDb from '../shared/testDb';
import { generateNanoId } from '@/databases/utils/generators';
beforeAll(async () => {
await testDb.init();
});
beforeEach(async () => {
await testDb.truncate(['Workflow']);
});
afterAll(async () => {
await testDb.terminate();
});
test('should report expressions in queries', async () => {
const map = [...SQL_NODE_TYPES].reduce<{ [nodeType: string]: string }>((acc, cur) => {
return (acc[cur] = uuid()), acc;
}, {});
const promises = Object.entries(map).map(async ([nodeType, nodeId]) => {
const details = {
id: generateNanoId(),
name: 'My Test Workflow',
active: false,
connections: {},
nodeTypes: {},
nodes: [
{
id: nodeId,
name: 'My Node',
type: nodeType,
parameters: {
operation: 'executeQuery',
query: '=SELECT * FROM {{ $json.table }}',
additionalFields: {},
},
typeVersion: 1,
position: [0, 0] as [number, number],
},
],
};
return Db.collections.Workflow.save(details);
});
await Promise.all(promises);
const testAudit = await audit(['database']);
const section = getRiskSection(
testAudit,
DATABASE_REPORT.RISK,
DATABASE_REPORT.SECTIONS.EXPRESSIONS_IN_QUERIES,
);
expect(section.location).toHaveLength(SQL_NODE_TYPES.size);
for (const loc of section.location) {
if (loc.kind === 'node') {
expect(loc.nodeId).toBe(map[loc.nodeType]);
}
}
});
test('should report expressions in query params', async () => {
const map = [...SQL_NODE_TYPES_WITH_QUERY_PARAMS].reduce<{ [nodeType: string]: string }>(
(acc, cur) => {
return (acc[cur] = uuid()), acc;
},
{},
);
const promises = Object.entries(map).map(async ([nodeType, nodeId]) => {
const details = {
id: generateNanoId(),
name: 'My Test Workflow',
active: false,
connections: {},
nodeTypes: {},
nodes: [
{
id: nodeId,
name: 'My Node',
type: nodeType,
parameters: {
operation: 'executeQuery',
query: 'SELECT * FROM users WHERE id = $1;',
additionalFields: {
queryParams: '={{ $json.userId }}',
},
},
typeVersion: 1,
position: [0, 0] as [number, number],
},
],
};
return Db.collections.Workflow.save(details);
});
await Promise.all(promises);
const testAudit = await audit(['database']);
const section = getRiskSection(
testAudit,
DATABASE_REPORT.RISK,
DATABASE_REPORT.SECTIONS.EXPRESSIONS_IN_QUERY_PARAMS,
);
expect(section.location).toHaveLength(SQL_NODE_TYPES_WITH_QUERY_PARAMS.size);
for (const loc of section.location) {
if (loc.kind === 'node') {
expect(loc.nodeId).toBe(map[loc.nodeType]);
}
}
});
test('should report unused query params', async () => {
const map = [...SQL_NODE_TYPES_WITH_QUERY_PARAMS].reduce<{ [nodeType: string]: string }>(
(acc, cur) => {
return (acc[cur] = uuid()), acc;
},
{},
);
const promises = Object.entries(map).map(async ([nodeType, nodeId]) => {
const details = {
id: generateNanoId(),
name: 'My Test Workflow',
active: false,
connections: {},
nodeTypes: {},
nodes: [
{
id: nodeId,
name: 'My Node',
type: nodeType,
parameters: {
operation: 'executeQuery',
query: 'SELECT * FROM users WHERE id = 123;',
},
typeVersion: 1,
position: [0, 0] as [number, number],
},
],
};
return Db.collections.Workflow.save(details);
});
await Promise.all(promises);
const testAudit = await audit(['database']);
const section = getRiskSection(
testAudit,
DATABASE_REPORT.RISK,
DATABASE_REPORT.SECTIONS.UNUSED_QUERY_PARAMS,
);
expect(section.location).toHaveLength(SQL_NODE_TYPES_WITH_QUERY_PARAMS.size);
for (const loc of section.location) {
if (loc.kind === 'node') {
expect(loc.nodeId).toBe(map[loc.nodeType]);
}
}
});
test('should not report non-database node', async () => {
await saveManualTriggerWorkflow();
const testAudit = await audit(['database']);
expect(testAudit).toBeEmptyArray();
});
Reference in a new issue View git blame Copy permalink