admin/n8n-enterprise-unlocked
1
0
Fork 0
mirror of https://github.com/Abdulazizzn/n8n-enterprise-unlocked.git synced 2025-12-18 02:21:13 +00:00
Code Issues Packages Projects Releases Wiki Activity

feat: Replace owner checks with scope checks (no-changelog) (#7846)

Browse Source 
Github issue / Community forum post (link here to close automatically):
This commit is contained in:
Val
2023-11-29 14:48:36 +00:00
committed by GitHub
parent d5762a7539
commit 1cb92ffe16
26 changed files with 136 additions and 78 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
packages/cli/src/credentials/credentials.controller.ee.ts
View File

@@ -50,7 +50,7 @@ EECredentialsController.get(
const userSharing = credential.shared?.find((shared) => shared.user.id === req.user.id);
if (!userSharing && req.user.globalRole.name !== 'owner') {
if (!userSharing && !(await req.user.hasGlobalScope('credential:read'))) {
throw new UnauthorizedError('Forbidden.');
}
@@ -82,7 +82,10 @@ EECredentialsController.post(
const credentialId = credentials.id;
const { ownsCredential } = await EECredentials.isOwned(req.user, credentialId);
const sharing = await EECredentials.getSharing(req.user, credentialId);
const sharing = await EECredentials.getSharing(req.user, credentialId, {
allowGlobalScope: true,
globalScope: 'credential:read',
});
if (!ownsCredential) {
if (!sharing) {
throw new UnauthorizedError('Forbidden');