feat: RBAC (#8922)

Signed-off-by: Oleg Ivaniv <me@olegivaniv.com> Co-authored-by: Val <68596159+valya@users.noreply.github.com> Co-authored-by: कारतोफ्फेलस्क्रिप्ट™ <aditya@netroy.in> Co-authored-by: Valya Bullions <valya@n8n.io> Co-authored-by: Danny Martini <danny@n8n.io> Co-authored-by: Danny Martini <despair.blue@gmail.com> Co-authored-by: Iván Ovejero <ivov.src@gmail.com> Co-authored-by: Omar Ajoue <krynble@gmail.com> Co-authored-by: oleg <me@olegivaniv.com> Co-authored-by: Michael Kret <michael.k@radency.com> Co-authored-by: Michael Kret <88898367+michael-radency@users.noreply.github.com> Co-authored-by: Elias Meire <elias@meire.dev> Co-authored-by: Giulio Andreini <andreini@netseven.it> Co-authored-by: Giulio Andreini <g.andreini@gmail.com> Co-authored-by: Ayato Hayashi <go12limchangyong@gmail.com>
2025-12-18 10:31:15 +00:00 · 2024-05-17 10:53:15 +02:00
parent b1f977ebd0
commit 596c472ecc
292 changed files with 14129 additions and 3989 deletions
--- a/packages/cli/src/PublicApi/v1/handlers/credentials/credentials.handler.ts
+++ b/packages/cli/src/PublicApi/v1/handlers/credentials/credentials.handler.ts
@@ -4,9 +4,8 @@ import type express from 'express';
 import { CredentialsHelper } from '@/CredentialsHelper';
 import { CredentialTypes } from '@/CredentialTypes';
 import type { CredentialsEntity } from '@db/entities/CredentialsEntity';
-import type { CredentialRequest } from '@/requests';
-import type { CredentialTypeRequest } from '../../../types';
-import { authorize } from '../../shared/middlewares/global.middleware';
+import type { CredentialTypeRequest, CredentialRequest } from '../../../types';
+import { projectScope } from '../../shared/middlewares/global.middleware';
 import { validCredentialsProperties, validCredentialType } from './credentials.middleware';

 import {
@@ -23,7 +22,6 @@ import { Container } from 'typedi';

 export = {
 	createCredential: [
-		authorize(['global:owner', 'global:admin', 'global:member']),
 		validCredentialType,
 		validCredentialsProperties,
 		async (
@@ -47,7 +45,7 @@ export = {
 		},
 	],
 	deleteCredential: [
-		authorize(['global:owner', 'global:admin', 'global:member']),
+		projectScope('credential:delete', 'credential'),
 		async (
 			req: CredentialRequest.Delete,
 			res: express.Response,
@@ -75,7 +73,6 @@ export = {
 	],

 	getCredentialType: [
-		authorize(['global:owner', 'global:admin', 'global:member']),
 		async (req: CredentialTypeRequest.Get, res: express.Response): Promise<express.Response> => {
 			const { credentialTypeName } = req.params;