admin/n8n-enterprise-unlocked
1
0
Fork 0
mirror of https://github.com/Abdulazizzn/n8n-enterprise-unlocked.git synced 2025-12-17 01:56:46 +00:00
Code Issues Packages Projects Releases Wiki Activity

fix(core): Fix issue that prevents owner logging in when using ldap (#7408)

Browse Source 
This PR prioritises the internal email account over LDAP for the Owner.

---------

Co-authored-by: ricardo <ricardoespinoza105@gmail.com>
This commit is contained in:
Jon
2023-11-02 03:02:49 +00:00
committed by GitHub
parent 437c95e84e
commit 479f90231d
4 changed files with 45 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

34
packages/cli/test/integration/ldap/ldap.api.test.ts
View File

@@ -50,14 +50,12 @@ beforeAll(async () => {
globalMemberRole = fetchedGlobalMemberRole;
owner = await testDb.createUser({ globalRole: globalOwnerRole });
owner = await testDb.createUser({ globalRole: globalOwnerRole, password: 'password' });
authOwnerAgent = testServer.authAgentFor(owner);
defaultLdapConfig.bindingAdminPassword = Container.get(Cipher).encrypt(
defaultLdapConfig.bindingAdminPassword,
);
await setCurrentAuthenticationMethod('email');
});
beforeEach(async () => {
@@ -75,6 +73,8 @@ beforeEach(async () => {
jest.mock('@/telemetry');
config.set('userManagement.isInstanceOwnerSetUp', true);
await setCurrentAuthenticationMethod('email');
});
const createLdapConfig = async (attributes: Partial<LdapConfig> = {}): Promise<LdapConfig> => {
@@ -145,6 +145,19 @@ describe('PUT /ldap/config', () => {
expect(response.body.data.loginLabel).toBe('');
});
test('route should fail due to trying to enable LDAP login with SSO as current authentication method', async () => {
const validPayload = {
...LDAP_DEFAULT_CONFIGURATION,
loginEnabled: true,
};
config.set('userManagement.authenticationMethod', 'saml');
const response = await authOwnerAgent.put('/ldap/config').send(validPayload);
expect(response.statusCode).toBe(400);
});
test('should apply "Convert all LDAP users to email users" strategy when LDAP login disabled', async () => {
const ldapConfig = await createLdapConfig();
LdapManager.updateConfig(ldapConfig);
@@ -471,6 +484,8 @@ describe('POST /login', () => {
const ldapConfig = await createLdapConfig();
LdapManager.updateConfig(ldapConfig);
await setCurrentAuthenticationMethod('ldap');
jest.spyOn(LdapService.prototype, 'searchWithAdminBinding').mockResolvedValue([ldapUser]);
jest.spyOn(LdapService.prototype, 'validUser').mockResolvedValue();
@@ -528,6 +543,19 @@ describe('POST /login', () => {
await runTest(ldapUser);
});
test('should allow instance owner to sign in with email/password when LDAP is enabled', async () => {
const ldapConfig = await createLdapConfig();
LdapManager.updateConfig(ldapConfig);
const response = await testServer.authlessAgent
.post('/login')
.send({ email: owner.email, password: 'password' });
expect(response.status).toBe(200);
expect(response.body.data?.signInType).toBeDefined();
expect(response.body.data?.signInType).toBe('email');
});
test('should transform email user into LDAP user when match found', async () => {
const ldapUser = {
mail: randomEmail(),