mirror of
https://github.com/Abdulazizzn/n8n-enterprise-unlocked.git
synced 2025-12-18 02:21:13 +00:00
feat(core): Add ownership, sharing and credential details to GET /workflows (#4510)
* ⚡ Abstract into `getMany()` * ⚡ Use `getMany()` from free controller * ⚡ Use `getMany()` from paid controller * 🧪 Add tests * 🧪 Fix tests * ⚡ Add credential usage info * 🧪 Update tests * ⚡ Add type and adjust test
This commit is contained in:
Iván Ovejero
@@ -2,10 +2,9 @@
|
||||
/* eslint-disable import/no-cycle */
|
||||
|
||||
import express from 'express';
|
||||
import { INode, IPinData, JsonObject, jsonParse, LoggerProxy, Workflow } from 'n8n-workflow';
|
||||
import { INode, IPinData, LoggerProxy, Workflow } from 'n8n-workflow';
|
||||
|
||||
import axios from 'axios';
|
||||
import { FindManyOptions, In } from 'typeorm';
|
||||
import {
|
||||
ActiveWorkflowRunner,
|
||||
Db,
|
||||
@@ -31,32 +30,13 @@ import { InternalHooksManager } from '../InternalHooksManager';
|
||||
import { externalHooks } from '../Server';
|
||||
import { getLogger } from '../Logger';
|
||||
import type { WorkflowRequest } from '../requests';
|
||||
import { getSharedWorkflowIds, isBelowOnboardingThreshold } from '../WorkflowHelpers';
|
||||
import { isBelowOnboardingThreshold } from '../WorkflowHelpers';
|
||||
import { EEWorkflowController } from './workflows.controller.ee';
|
||||
import { WorkflowsService } from './workflows.services';
|
||||
import { validate as jsonSchemaValidate } from 'jsonschema';
|
||||
|
||||
const activeWorkflowRunner = ActiveWorkflowRunner.getInstance();
|
||||
export const workflowsController = express.Router();
|
||||
|
||||
const schemaGetWorkflowsQueryFilter = {
|
||||
$id: '/IGetWorkflowsQueryFilter',
|
||||
type: 'object',
|
||||
properties: {
|
||||
id: { anyOf: [{ type: 'integer' }, { type: 'string' }] },
|
||||
name: { type: 'string' },
|
||||
active: { type: 'boolean' },
|
||||
},
|
||||
};
|
||||
|
||||
const allowedWorkflowsQueryFilterFields = Object.keys(schemaGetWorkflowsQueryFilter.properties);
|
||||
|
||||
interface IGetWorkflowsQueryFilter {
|
||||
id?: number | string;
|
||||
name?: string;
|
||||
active?: boolean;
|
||||
}
|
||||
|
||||
/**
|
||||
* Initialize Logger if needed
|
||||
*/
|
||||
@@ -155,83 +135,13 @@ workflowsController.post(
|
||||
}),
|
||||
);
|
||||
|
||||
// Returns workflows
|
||||
/**
|
||||
* GET /workflows
|
||||
*/
|
||||
workflowsController.get(
|
||||
`/`,
|
||||
'/',
|
||||
ResponseHelper.send(async (req: WorkflowRequest.GetAll) => {
|
||||
const sharedWorkflowIds = await getSharedWorkflowIds(req.user);
|
||||
if (sharedWorkflowIds.length === 0) {
|
||||
// return early since without shared workflows there can be no hits
|
||||
// (note: getSharedWorkflowIds() returns _all_ workflow ids for global owners)
|
||||
return [];
|
||||
}
|
||||
|
||||
// parse incoming filter object and remove non-valid fields
|
||||
let filter: IGetWorkflowsQueryFilter | undefined = undefined;
|
||||
if (req.query.filter) {
|
||||
try {
|
||||
const filterJson: JsonObject = jsonParse(req.query.filter);
|
||||
if (filterJson) {
|
||||
Object.keys(filterJson).map((key) => {
|
||||
if (!allowedWorkflowsQueryFilterFields.includes(key)) delete filterJson[key];
|
||||
});
|
||||
if (jsonSchemaValidate(filterJson, schemaGetWorkflowsQueryFilter).valid) {
|
||||
filter = filterJson as IGetWorkflowsQueryFilter;
|
||||
}
|
||||
}
|
||||
} catch (error) {
|
||||
LoggerProxy.error('Failed to parse filter', {
|
||||
userId: req.user.id,
|
||||
filter: req.query.filter,
|
||||
});
|
||||
throw new ResponseHelper.ResponseError(
|
||||
`Parameter "filter" contained invalid JSON string.`,
|
||||
500,
|
||||
500,
|
||||
);
|
||||
}
|
||||
}
|
||||
|
||||
// safeguard against querying ids not shared with the user
|
||||
if (filter?.id !== undefined) {
|
||||
const workflowId = parseInt(filter.id.toString());
|
||||
if (workflowId && !sharedWorkflowIds.includes(workflowId)) {
|
||||
LoggerProxy.verbose(
|
||||
`User ${req.user.id} attempted to query non-shared workflow ${workflowId}`,
|
||||
);
|
||||
return [];
|
||||
}
|
||||
}
|
||||
|
||||
const query: FindManyOptions<WorkflowEntity> = {
|
||||
select: ['id', 'name', 'active', 'createdAt', 'updatedAt'],
|
||||
relations: ['tags'],
|
||||
};
|
||||
|
||||
if (config.getEnv('workflowTagsDisabled')) {
|
||||
delete query.relations;
|
||||
}
|
||||
|
||||
const workflows = await Db.collections.Workflow.find(
|
||||
Object.assign(query, {
|
||||
where: {
|
||||
id: In(sharedWorkflowIds),
|
||||
...filter,
|
||||
},
|
||||
}),
|
||||
);
|
||||
|
||||
return workflows.map((workflow) => {
|
||||
const { id, ...rest } = workflow;
|
||||
|
||||
return {
|
||||
id: id.toString(),
|
||||
...rest,
|
||||
};
|
||||
});
|
||||
return WorkflowsService.getMany(req.user, req.query.filter);
|
||||
}),
|
||||
);
|
||||
|
||||
|
||||
Reference in New Issue
Block a user