feat: Replace owner checks with scope checks (no-changelog) (#7846)

Github issue / Community forum post (link here to close automatically):
2025-12-19 19:11:13 +00:00 · 2023-11-29 14:48:36 +00:00
parent d5762a7539
commit 1cb92ffe16
26 changed files with 136 additions and 78 deletions
--- a/packages/cli/src/WorkflowHelpers.ts
+++ b/packages/cli/src/WorkflowHelpers.ts
@@ -415,11 +415,11 @@ export async function replaceInvalidCredentials(workflow: WorkflowEntity): Promi

 /**
 * Get the IDs of the workflows that have been shared with the user.
- * Returns all IDs if user is global owner (see `whereClause`)
+ * Returns all IDs if user has the 'workflow:read' scope (see `whereClause`)
 */
 export async function getSharedWorkflowIds(user: User, roles?: RoleNames[]): Promise<string[]> {
 	const where: FindOptionsWhere<SharedWorkflow> = {};
-	if (user.globalRole?.name !== 'owner') {
+	if (!(await user.hasGlobalScope('workflow:read'))) {
 		where.userId = user.id;
 	}
 	if (roles?.length) {