feat: Add variables feature (#5602)

* feat: add variables db models and migrations

* feat: variables api endpoints

* feat: add $variables to expressions

* test: fix ActiveWorkflowRunner tests failing

* test: a different fix for the tests broken by $variables

* feat: variables licensing

* fix: could create one extra variable than licensed for

* feat: Add Variables UI page and $vars global property (#5750)

* feat: add support for row slot to datatable

* feat: add variables create, read, update, delete

* feat: add vars autocomplete

* chore: remove alert

* feat: add variables autocomplete for code and expressions

* feat: add tests for variable components

* feat: add variables search and sort

* test: update tests for variables view

* chore: fix test and linting issue

* refactor: review changes

* feat: add variable creation telemetry

* fix: Improve variables listing and disabled case, fix resource sorting (no-changelog) (#5903)

* fix: Improve variables disabled experience and fix sorting

* fix: update action box margin

* test: update tests for variables row and datatable

* fix: Add ee controller to base controller

* fix: variables.ee routes not being added

* feat: add variables validation

* fix: fix vue-fragment bug that breaks everything

* chore: Update lock

* feat: Add variables input validation and permissions (no-changelog) (#5910)

* feat: add input validation

* feat: handle variables view for non-instance-owner users

* test: update variables tests

* fix: fix data-testid pattern

* feat: improve overflow styles

* test: fix variables row snapshot

* feat: update sorting to take newly created variables into account

* fix: fix list layout overflow

* fix: fix adding variables on page other than 1. fix validation

* feat: add docs link

* fix: fix default displayName function for resource-list-layout

* feat: improve vars expressions ux, cm-tooltip

* test: fix datatable test

* feat: add MATCH_REGEX validation rule

* fix: overhaul how datatable pagination selector works

* feat: update  completer description

* fix: conditionally update usage syntax based on key validation

* test: update datatable snapshot

* fix: fix variables-row button margins

* fix: fix pagination overflow

* test: Fix broken test

* test: Update snapshot

* fix: Remove duplicate declaration

* feat: add custom variables icon

---------

Co-authored-by: Alex Grozav <alex@grozav.com>
Co-authored-by: Omar Ajoue <krynble@gmail.com>

packages/cli/test/integration/shared/testDb.ts

@@ -489,6 +489,33 @@ export async function getWorkflowSharing(workflow: WorkflowEntity) {
 	});
 }
 
+// ----------------------------------
+//             variables
+// ----------------------------------
+
+export async function createVariable(key: string, value: string) {
+	return Db.collections.Variables.save({
+		key,
+		value,
+	});
+}
+
+export async function getVariableByKey(key: string) {
+	return Db.collections.Variables.findOne({
+		where: {
+			key,
+		},
+	});
+}
+
+export async function getVariableById(id: number) {
+	return Db.collections.Variables.findOne({
+		where: {
+			id,
+		},
+	});
+}
+
 // ----------------------------------
 //        connection options
 // ----------------------------------

packages/cli/test/integration/shared/types.d.ts

@@ -24,7 +24,8 @@ type EndpointGroup =
 	| 'ldap'
 	| 'saml'
 	| 'eventBus'
-	| 'license';
+	| 'license'
+	| 'variables';
 
 export type CredentialPayload = {
 	name: string;

packages/cli/test/integration/shared/utils.ts

@@ -73,6 +73,7 @@ import { v4 as uuid } from 'uuid';
 import { InternalHooks } from '@/InternalHooks';
 import { LoadNodesAndCredentials } from '@/LoadNodesAndCredentials';
 import { PostHogClient } from '@/posthog';
+import { variablesController } from '@/environments/variables.controller';
 import { LdapManager } from '@/Ldap/LdapManager.ee';
 import { handleLdapInit } from '@/Ldap/helpers';
 import { Push } from '@/push';
@@ -151,6 +152,7 @@ export async function initTestServer({
 			credentials: { controller: credentialsController, path: 'credentials' },
 			workflows: { controller: workflowsController, path: 'workflows' },
 			license: { controller: licenseController, path: 'license' },
+			variables: { controller: variablesController, path: 'variables' },
 		};
 
 		if (enablePublicAPI) {
@@ -268,7 +270,7 @@ const classifyEndpointGroups = (endpointGroups: EndpointGroup[]) => {
 	const routerEndpoints: EndpointGroup[] = [];
 	const functionEndpoints: EndpointGroup[] = [];
 
-	const ROUTER_GROUP = ['credentials', 'workflows', 'publicApi', 'license'];
+	const ROUTER_GROUP = ['credentials', 'workflows', 'publicApi', 'license', 'variables'];
 
 	endpointGroups.forEach((group) =>
 		(ROUTER_GROUP.includes(group) ? routerEndpoints : functionEndpoints).push(group),

packages/cli/test/integration/variables.test.ts

@@ -0,0 +1,379 @@
+import type { Application } from 'express';
+
+import type { User } from '@/databases/entities/User';
+import * as testDb from './shared/testDb';
+import * as utils from './shared/utils';
+
+import type { AuthAgent } from './shared/types';
+import type { ClassLike, MockedClass } from 'jest-mock';
+import { License } from '@/License';
+
+// mock that credentialsSharing is not enabled
+let app: Application;
+let ownerUser: User;
+let memberUser: User;
+let authAgent: AuthAgent;
+let variablesSpy: jest.SpyInstance<boolean>;
+let licenseLike = {
+	isVariablesEnabled: jest.fn().mockReturnValue(true),
+	getVariablesLimit: jest.fn().mockReturnValue(-1),
+};
+
+beforeAll(async () => {
+	app = await utils.initTestServer({ endpointGroups: ['variables'] });
+
+	utils.initConfigFile();
+	utils.mockInstance(License, licenseLike);
+
+	ownerUser = await testDb.createOwner();
+	memberUser = await testDb.createUser();
+
+	authAgent = utils.createAuthAgent(app);
+});
+
+beforeEach(async () => {
+	await testDb.truncate(['Variables']);
+	licenseLike.isVariablesEnabled.mockReturnValue(true);
+	licenseLike.getVariablesLimit.mockReturnValue(-1);
+});
+
+afterAll(async () => {
+	await testDb.terminate();
+});
+
+// ----------------------------------------
+// GET /variables - fetch all variables
+// ----------------------------------------
+
+test('GET /variables should return all variables for an owner', async () => {
+	await Promise.all([
+		testDb.createVariable('test1', 'value1'),
+		testDb.createVariable('test2', 'value2'),
+	]);
+
+	const response = await authAgent(ownerUser).get('/variables');
+	expect(response.statusCode).toBe(200);
+	expect(response.body.data.length).toBe(2);
+});
+
+test('GET /variables should return all variables for a member', async () => {
+	await Promise.all([
+		testDb.createVariable('test1', 'value1'),
+		testDb.createVariable('test2', 'value2'),
+	]);
+
+	const response = await authAgent(memberUser).get('/variables');
+	expect(response.statusCode).toBe(200);
+	expect(response.body.data.length).toBe(2);
+});
+
+// ----------------------------------------
+// GET /variables/:id - get a single variable
+// ----------------------------------------
+
+test('GET /variables/:id should return a single variable for an owner', async () => {
+	const [var1, var2] = await Promise.all([
+		testDb.createVariable('test1', 'value1'),
+		testDb.createVariable('test2', 'value2'),
+	]);
+
+	const response1 = await authAgent(ownerUser).get(`/variables/${var1.id}`);
+	expect(response1.statusCode).toBe(200);
+	expect(response1.body.data.key).toBe('test1');
+
+	const response2 = await authAgent(ownerUser).get(`/variables/${var2.id}`);
+	expect(response2.statusCode).toBe(200);
+	expect(response2.body.data.key).toBe('test2');
+});
+
+test('GET /variables/:id should return a single variable for a member', async () => {
+	const [var1, var2] = await Promise.all([
+		testDb.createVariable('test1', 'value1'),
+		testDb.createVariable('test2', 'value2'),
+	]);
+
+	const response1 = await authAgent(memberUser).get(`/variables/${var1.id}`);
+	expect(response1.statusCode).toBe(200);
+	expect(response1.body.data.key).toBe('test1');
+
+	const response2 = await authAgent(memberUser).get(`/variables/${var2.id}`);
+	expect(response2.statusCode).toBe(200);
+	expect(response2.body.data.key).toBe('test2');
+});
+
+// ----------------------------------------
+// POST /variables - create a new variable
+// ----------------------------------------
+
+test('POST /variables should create a new credential and return it for an owner', async () => {
+	const toCreate = {
+		key: 'create1',
+		value: 'createvalue1',
+	};
+	const response = await authAgent(ownerUser).post('/variables').send(toCreate);
+	expect(response.statusCode).toBe(200);
+	expect(response.body.data.key).toBe(toCreate.key);
+	expect(response.body.data.value).toBe(toCreate.value);
+
+	const [byId, byKey] = await Promise.all([
+		testDb.getVariableById(response.body.data.id),
+		testDb.getVariableByKey(toCreate.key),
+	]);
+
+	expect(byId).not.toBeNull();
+	expect(byId!.key).toBe(toCreate.key);
+	expect(byId!.value).toBe(toCreate.value);
+
+	expect(byKey).not.toBeNull();
+	expect(byKey!.id).toBe(response.body.data.id);
+	expect(byKey!.value).toBe(toCreate.value);
+});
+
+test('POST /variables should not create a new credential and return it for a member', async () => {
+	const toCreate = {
+		key: 'create1',
+		value: 'createvalue1',
+	};
+	const response = await authAgent(memberUser).post('/variables').send(toCreate);
+	expect(response.statusCode).toBe(401);
+	expect(response.body.data?.key).not.toBe(toCreate.key);
+	expect(response.body.data?.value).not.toBe(toCreate.value);
+
+	const byKey = await testDb.getVariableByKey(toCreate.key);
+	expect(byKey).toBeNull();
+});
+
+test("POST /variables should not create a new credential and return it if the instance doesn't have a license", async () => {
+	licenseLike.isVariablesEnabled.mockReturnValue(false);
+	const toCreate = {
+		key: 'create1',
+		value: 'createvalue1',
+	};
+	const response = await authAgent(ownerUser).post('/variables').send(toCreate);
+	expect(response.statusCode).toBe(400);
+	expect(response.body.data?.key).not.toBe(toCreate.key);
+	expect(response.body.data?.value).not.toBe(toCreate.value);
+
+	const byKey = await testDb.getVariableByKey(toCreate.key);
+	expect(byKey).toBeNull();
+});
+
+test('POST /variables should fail to create a new credential and if one with the same key exists', async () => {
+	const toCreate = {
+		key: 'create1',
+		value: 'createvalue1',
+	};
+	await testDb.createVariable(toCreate.key, toCreate.value);
+	const response = await authAgent(ownerUser).post('/variables').send(toCreate);
+	expect(response.statusCode).toBe(500);
+	expect(response.body.data?.key).not.toBe(toCreate.key);
+	expect(response.body.data?.value).not.toBe(toCreate.value);
+});
+
+test('POST /variables should not fail if variable limit not reached', async () => {
+	licenseLike.getVariablesLimit.mockReturnValue(5);
+	let i = 1;
+	let toCreate = {
+		key: `create${i}`,
+		value: `createvalue${i}`,
+	};
+	while (i < 3) {
+		await testDb.createVariable(toCreate.key, toCreate.value);
+		i++;
+		toCreate = {
+			key: `create${i}`,
+			value: `createvalue${i}`,
+		};
+	}
+	const response = await authAgent(ownerUser).post('/variables').send(toCreate);
+	expect(response.statusCode).toBe(200);
+	expect(response.body.data?.key).toBe(toCreate.key);
+	expect(response.body.data?.value).toBe(toCreate.value);
+});
+
+test('POST /variables should fail if variable limit reached', async () => {
+	licenseLike.getVariablesLimit.mockReturnValue(5);
+	let i = 1;
+	let toCreate = {
+		key: `create${i}`,
+		value: `createvalue${i}`,
+	};
+	while (i < 6) {
+		await testDb.createVariable(toCreate.key, toCreate.value);
+		i++;
+		toCreate = {
+			key: `create${i}`,
+			value: `createvalue${i}`,
+		};
+	}
+	const response = await authAgent(ownerUser).post('/variables').send(toCreate);
+	expect(response.statusCode).toBe(400);
+	expect(response.body.data?.key).not.toBe(toCreate.key);
+	expect(response.body.data?.value).not.toBe(toCreate.value);
+});
+
+test('POST /variables should fail if key too long', async () => {
+	const toCreate = {
+		// 51 'a's
+		key: 'aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa',
+		value: 'value',
+	};
+	const response = await authAgent(ownerUser).post('/variables').send(toCreate);
+	expect(response.statusCode).toBe(400);
+	expect(response.body.data?.key).not.toBe(toCreate.key);
+	expect(response.body.data?.value).not.toBe(toCreate.value);
+});
+
+test('POST /variables should fail if value too long', async () => {
+	const toCreate = {
+		key: 'key',
+		// 256 'a's
+		value:
+			'aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa',
+	};
+	const response = await authAgent(ownerUser).post('/variables').send(toCreate);
+	expect(response.statusCode).toBe(400);
+	expect(response.body.data?.key).not.toBe(toCreate.key);
+	expect(response.body.data?.value).not.toBe(toCreate.value);
+});
+
+test("POST /variables should fail if key contain's prohibited characters", async () => {
+	const toCreate = {
+		// 51 'a's
+		key: 'te$t',
+		value: 'value',
+	};
+	const response = await authAgent(ownerUser).post('/variables').send(toCreate);
+	expect(response.statusCode).toBe(400);
+	expect(response.body.data?.key).not.toBe(toCreate.key);
+	expect(response.body.data?.value).not.toBe(toCreate.value);
+});
+
+// ----------------------------------------
+// PATCH /variables/:id - change a variable
+// ----------------------------------------
+
+test('PATCH /variables/:id should modify existing credential if use is an owner', async () => {
+	const variable = await testDb.createVariable('test1', 'value1');
+	const toModify = {
+		key: 'create1',
+		value: 'createvalue1',
+	};
+	const response = await authAgent(ownerUser).patch(`/variables/${variable.id}`).send(toModify);
+	expect(response.statusCode).toBe(200);
+	expect(response.body.data.key).toBe(toModify.key);
+	expect(response.body.data.value).toBe(toModify.value);
+
+	const [byId, byKey] = await Promise.all([
+		testDb.getVariableById(response.body.data.id),
+		testDb.getVariableByKey(toModify.key),
+	]);
+
+	expect(byId).not.toBeNull();
+	expect(byId!.key).toBe(toModify.key);
+	expect(byId!.value).toBe(toModify.value);
+
+	expect(byKey).not.toBeNull();
+	expect(byKey!.id).toBe(response.body.data.id);
+	expect(byKey!.value).toBe(toModify.value);
+});
+
+test('PATCH /variables/:id should modify existing credential if use is an owner', async () => {
+	const variable = await testDb.createVariable('test1', 'value1');
+	const toModify = {
+		key: 'create1',
+		value: 'createvalue1',
+	};
+	const response = await authAgent(ownerUser).patch(`/variables/${variable.id}`).send(toModify);
+	expect(response.statusCode).toBe(200);
+	expect(response.body.data.key).toBe(toModify.key);
+	expect(response.body.data.value).toBe(toModify.value);
+
+	const [byId, byKey] = await Promise.all([
+		testDb.getVariableById(response.body.data.id),
+		testDb.getVariableByKey(toModify.key),
+	]);
+
+	expect(byId).not.toBeNull();
+	expect(byId!.key).toBe(toModify.key);
+	expect(byId!.value).toBe(toModify.value);
+
+	expect(byKey).not.toBeNull();
+	expect(byKey!.id).toBe(response.body.data.id);
+	expect(byKey!.value).toBe(toModify.value);
+});
+
+test('PATCH /variables/:id should not modify existing credential if use is a member', async () => {
+	const variable = await testDb.createVariable('test1', 'value1');
+	const toModify = {
+		key: 'create1',
+		value: 'createvalue1',
+	};
+	const response = await authAgent(memberUser).patch(`/variables/${variable.id}`).send(toModify);
+	expect(response.statusCode).toBe(401);
+	expect(response.body.data?.key).not.toBe(toModify.key);
+	expect(response.body.data?.value).not.toBe(toModify.value);
+
+	const byId = await testDb.getVariableById(variable.id);
+	expect(byId).not.toBeNull();
+	expect(byId!.key).not.toBe(toModify.key);
+	expect(byId!.value).not.toBe(toModify.value);
+});
+
+test('PATCH /variables/:id should not modify existing credential if one with the same key exists', async () => {
+	const toModify = {
+		key: 'create1',
+		value: 'createvalue1',
+	};
+	const [var1, var2] = await Promise.all([
+		testDb.createVariable('test1', 'value1'),
+		testDb.createVariable(toModify.key, toModify.value),
+	]);
+	const response = await authAgent(ownerUser).patch(`/variables/${var1.id}`).send(toModify);
+	expect(response.statusCode).toBe(500);
+	expect(response.body.data?.key).not.toBe(toModify.key);
+	expect(response.body.data?.value).not.toBe(toModify.value);
+
+	const byId = await testDb.getVariableById(var1.id);
+	expect(byId).not.toBeNull();
+	expect(byId!.key).toBe(var1.key);
+	expect(byId!.value).toBe(var1.value);
+});
+
+// ----------------------------------------
+// DELETE /variables/:id - change a variable
+// ----------------------------------------
+
+test('DELETE /variables/:id should delete a single credential for an owner', async () => {
+	const [var1, var2, var3] = await Promise.all([
+		testDb.createVariable('test1', 'value1'),
+		testDb.createVariable('test2', 'value2'),
+		testDb.createVariable('test3', 'value3'),
+	]);
+
+	const delResponse = await authAgent(ownerUser).delete(`/variables/${var1.id}`);
+	expect(delResponse.statusCode).toBe(200);
+
+	const byId = await testDb.getVariableById(var1.id);
+	expect(byId).toBeNull();
+
+	const getResponse = await authAgent(ownerUser).get('/variables');
+	expect(getResponse.body.data.length).toBe(2);
+});
+
+test('DELETE /variables/:id should not delete a single credential for a member', async () => {
+	const [var1, var2, var3] = await Promise.all([
+		testDb.createVariable('test1', 'value1'),
+		testDb.createVariable('test2', 'value2'),
+		testDb.createVariable('test3', 'value3'),
+	]);
+
+	const delResponse = await authAgent(memberUser).delete(`/variables/${var1.id}`);
+	expect(delResponse.statusCode).toBe(401);
+
+	const byId = await testDb.getVariableById(var1.id);
+	expect(byId).not.toBeNull();
+
+	const getResponse = await authAgent(memberUser).get('/variables');
+	expect(getResponse.body.data.length).toBe(3);
+});