mirror of
https://github.com/Abdulazizzn/n8n-enterprise-unlocked.git
synced 2025-12-17 18:12:04 +00:00
feat: RBAC (#8922)
Signed-off-by: Oleg Ivaniv <me@olegivaniv.com> Co-authored-by: Val <68596159+valya@users.noreply.github.com> Co-authored-by: कारतोफ्फेलस्क्रिप्ट™ <aditya@netroy.in> Co-authored-by: Valya Bullions <valya@n8n.io> Co-authored-by: Danny Martini <danny@n8n.io> Co-authored-by: Danny Martini <despair.blue@gmail.com> Co-authored-by: Iván Ovejero <ivov.src@gmail.com> Co-authored-by: Omar Ajoue <krynble@gmail.com> Co-authored-by: oleg <me@olegivaniv.com> Co-authored-by: Michael Kret <michael.k@radency.com> Co-authored-by: Michael Kret <88898367+michael-radency@users.noreply.github.com> Co-authored-by: Elias Meire <elias@meire.dev> Co-authored-by: Giulio Andreini <andreini@netseven.it> Co-authored-by: Giulio Andreini <g.andreini@gmail.com> Co-authored-by: Ayato Hayashi <go12limchangyong@gmail.com>
This commit is contained in:
Csaba Tuncsik
@@ -6,7 +6,6 @@ import type { INode } from 'n8n-workflow';
|
||||
import type { User } from '@db/entities/User';
|
||||
import { WorkflowHistoryRepository } from '@db/repositories/workflowHistory.repository';
|
||||
import { ActiveWorkflowManager } from '@/ActiveWorkflowManager';
|
||||
import { WorkflowSharingService } from '@/workflows/workflowSharing.service';
|
||||
|
||||
import { mockInstance } from '../../shared/mocking';
|
||||
import * as utils from '../shared/utils/';
|
||||
@@ -15,20 +14,29 @@ import type { SaveCredentialFunction } from '../shared/types';
|
||||
import { makeWorkflow } from '../shared/utils/';
|
||||
import { randomCredentialPayload } from '../shared/random';
|
||||
import { affixRoleToSaveCredential, shareCredentialWithUsers } from '../shared/db/credentials';
|
||||
import { createUser } from '../shared/db/users';
|
||||
import { createUser, createUserShell } from '../shared/db/users';
|
||||
import { createWorkflow, getWorkflowSharing, shareWorkflowWithUsers } from '../shared/db/workflows';
|
||||
import { License } from '@/License';
|
||||
import { UserManagementMailer } from '@/UserManagement/email';
|
||||
import config from '@/config';
|
||||
import type { WorkflowWithSharingsMetaDataAndCredentials } from '@/workflows/workflows.types';
|
||||
import type { Project } from '@/databases/entities/Project';
|
||||
import { ProjectRepository } from '@/databases/repositories/project.repository';
|
||||
import { createTag } from '../shared/db/tags';
|
||||
|
||||
let owner: User;
|
||||
let ownerPersonalProject: Project;
|
||||
let member: User;
|
||||
let memberPersonalProject: Project;
|
||||
let anotherMember: User;
|
||||
let anotherMemberPersonalProject: Project;
|
||||
let authOwnerAgent: SuperAgentTest;
|
||||
let authMemberAgent: SuperAgentTest;
|
||||
let authAnotherMemberAgent: SuperAgentTest;
|
||||
let saveCredential: SaveCredentialFunction;
|
||||
|
||||
let projectRepository: ProjectRepository;
|
||||
|
||||
const activeWorkflowManager = mockInstance(ActiveWorkflowManager);
|
||||
|
||||
const sharingSpy = jest.spyOn(License.prototype, 'isSharingEnabled').mockReturnValue(true);
|
||||
@@ -40,9 +48,16 @@ const license = testServer.license;
|
||||
const mailer = mockInstance(UserManagementMailer);
|
||||
|
||||
beforeAll(async () => {
|
||||
projectRepository = Container.get(ProjectRepository);
|
||||
|
||||
owner = await createUser({ role: 'global:owner' });
|
||||
ownerPersonalProject = await projectRepository.getPersonalProjectForUserOrFail(owner.id);
|
||||
member = await createUser({ role: 'global:member' });
|
||||
memberPersonalProject = await projectRepository.getPersonalProjectForUserOrFail(member.id);
|
||||
anotherMember = await createUser({ role: 'global:member' });
|
||||
anotherMemberPersonalProject = await projectRepository.getPersonalProjectForUserOrFail(
|
||||
anotherMember.id,
|
||||
);
|
||||
|
||||
authOwnerAgent = testServer.authAgentFor(owner);
|
||||
authMemberAgent = testServer.authAgentFor(member);
|
||||
@@ -57,7 +72,7 @@ beforeEach(async () => {
|
||||
activeWorkflowManager.add.mockReset();
|
||||
activeWorkflowManager.remove.mockReset();
|
||||
|
||||
await testDb.truncate(['Workflow', 'SharedWorkflow', 'WorkflowHistory']);
|
||||
await testDb.truncate(['Workflow', 'SharedWorkflow', 'WorkflowHistory', 'Tag']);
|
||||
});
|
||||
|
||||
afterEach(() => {
|
||||
@@ -77,14 +92,14 @@ describe('router should switch based on flag', () => {
|
||||
|
||||
await authOwnerAgent
|
||||
.put(`/workflows/${savedWorkflowId}/share`)
|
||||
.send({ shareWithIds: [member.id] })
|
||||
.send({ shareWithIds: [memberPersonalProject.id] })
|
||||
.expect(404);
|
||||
});
|
||||
|
||||
test('when sharing is enabled', async () => {
|
||||
await authOwnerAgent
|
||||
.put(`/workflows/${savedWorkflowId}/share`)
|
||||
.send({ shareWithIds: [member.id] })
|
||||
.send({ shareWithIds: [memberPersonalProject.id] })
|
||||
.expect(200);
|
||||
});
|
||||
});
|
||||
@@ -95,13 +110,20 @@ describe('PUT /workflows/:id', () => {
|
||||
|
||||
const response = await authOwnerAgent
|
||||
.put(`/workflows/${workflow.id}/share`)
|
||||
.send({ shareWithIds: [member.id] });
|
||||
.send({ shareWithIds: [memberPersonalProject.id] });
|
||||
|
||||
expect(response.statusCode).toBe(200);
|
||||
|
||||
const sharedWorkflows = await getWorkflowSharing(workflow);
|
||||
expect(sharedWorkflows).toHaveLength(2);
|
||||
expect(mailer.notifyWorkflowShared).toHaveBeenCalledTimes(1);
|
||||
expect(mailer.notifyWorkflowShared).toHaveBeenCalledWith(
|
||||
expect.objectContaining({
|
||||
newShareeIds: [member.id],
|
||||
sharer: expect.objectContaining({ id: owner.id }),
|
||||
workflow: expect.objectContaining({ id: workflow.id }),
|
||||
}),
|
||||
);
|
||||
});
|
||||
|
||||
test('PUT /workflows/:id/share should succeed when sharing with invalid user-id', async () => {
|
||||
@@ -117,12 +139,30 @@ describe('PUT /workflows/:id', () => {
|
||||
expect(sharedWorkflows).toHaveLength(1);
|
||||
});
|
||||
|
||||
test('PUT /workflows/:id/share should allow sharing with pending users', async () => {
|
||||
const workflow = await createWorkflow({}, owner);
|
||||
const memberShell = await createUserShell('global:member');
|
||||
const memberShellPersonalProject = await projectRepository.getPersonalProjectForUserOrFail(
|
||||
memberShell.id,
|
||||
);
|
||||
|
||||
const response = await authOwnerAgent
|
||||
.put(`/workflows/${workflow.id}/share`)
|
||||
.send({ shareWithIds: [memberShellPersonalProject.id] });
|
||||
|
||||
expect(response.statusCode).toBe(200);
|
||||
|
||||
const sharedWorkflows = await getWorkflowSharing(workflow);
|
||||
expect(sharedWorkflows).toHaveLength(2);
|
||||
expect(mailer.notifyWorkflowShared).toHaveBeenCalledTimes(1);
|
||||
});
|
||||
|
||||
test('PUT /workflows/:id/share should allow sharing with multiple users', async () => {
|
||||
const workflow = await createWorkflow({}, owner);
|
||||
|
||||
const response = await authOwnerAgent
|
||||
.put(`/workflows/${workflow.id}/share`)
|
||||
.send({ shareWithIds: [member.id, anotherMember.id] });
|
||||
.send({ shareWithIds: [memberPersonalProject.id, anotherMemberPersonalProject.id] });
|
||||
|
||||
expect(response.statusCode).toBe(200);
|
||||
|
||||
@@ -136,7 +176,7 @@ describe('PUT /workflows/:id', () => {
|
||||
|
||||
const response = await authOwnerAgent
|
||||
.put(`/workflows/${workflow.id}/share`)
|
||||
.send({ shareWithIds: [member.id, anotherMember.id] });
|
||||
.send({ shareWithIds: [memberPersonalProject.id, anotherMemberPersonalProject.id] });
|
||||
|
||||
expect(response.statusCode).toBe(200);
|
||||
|
||||
@@ -145,7 +185,7 @@ describe('PUT /workflows/:id', () => {
|
||||
|
||||
const secondResponse = await authOwnerAgent
|
||||
.put(`/workflows/${workflow.id}/share`)
|
||||
.send({ shareWithIds: [member.id] });
|
||||
.send({ shareWithIds: [memberPersonalProject.id] });
|
||||
expect(secondResponse.statusCode).toBe(200);
|
||||
|
||||
const secondSharedWorkflows = await getWorkflowSharing(workflow);
|
||||
@@ -158,7 +198,7 @@ describe('PUT /workflows/:id', () => {
|
||||
|
||||
const response = await authMemberAgent
|
||||
.put(`/workflows/${workflow.id}/share`)
|
||||
.send({ shareWithIds: [anotherMember.id] });
|
||||
.send({ shareWithIds: [anotherMemberPersonalProject.id] });
|
||||
|
||||
expect(response.statusCode).toBe(200);
|
||||
|
||||
@@ -172,7 +212,7 @@ describe('PUT /workflows/:id', () => {
|
||||
|
||||
const response = await authOwnerAgent
|
||||
.put(`/workflows/${workflow.id}/share`)
|
||||
.send({ shareWithIds: [anotherMember.id] });
|
||||
.send({ shareWithIds: [anotherMemberPersonalProject.id] });
|
||||
|
||||
expect(response.statusCode).toBe(200);
|
||||
|
||||
@@ -188,7 +228,7 @@ describe('PUT /workflows/:id', () => {
|
||||
|
||||
const response = await authAnotherMemberAgent
|
||||
.put(`/workflows/${workflow.id}/share`)
|
||||
.send({ shareWithIds: [anotherMember.id, owner.id] });
|
||||
.send({ shareWithIds: [anotherMemberPersonalProject.id, ownerPersonalProject.id] });
|
||||
|
||||
expect(response.statusCode).toBe(403);
|
||||
|
||||
@@ -202,7 +242,7 @@ describe('PUT /workflows/:id', () => {
|
||||
|
||||
const response = await authAnotherMemberAgent
|
||||
.put(`/workflows/${workflow.id}/share`)
|
||||
.send({ shareWithIds: [anotherMember.id] });
|
||||
.send({ shareWithIds: [anotherMemberPersonalProject.id] });
|
||||
|
||||
expect(response.statusCode).toBe(403);
|
||||
|
||||
@@ -215,10 +255,13 @@ describe('PUT /workflows/:id', () => {
|
||||
const workflow = await createWorkflow({}, member);
|
||||
|
||||
const tempUser = await createUser({ role: 'global:member' });
|
||||
const tempUserPersonalProject = await projectRepository.getPersonalProjectForUserOrFail(
|
||||
tempUser.id,
|
||||
);
|
||||
|
||||
const response = await authAnotherMemberAgent
|
||||
.put(`/workflows/${workflow.id}/share`)
|
||||
.send({ shareWithIds: [tempUser.id] });
|
||||
.send({ shareWithIds: [tempUserPersonalProject.id] });
|
||||
|
||||
expect(response.statusCode).toBe(403);
|
||||
|
||||
@@ -234,7 +277,7 @@ describe('PUT /workflows/:id', () => {
|
||||
|
||||
const response = await authOwnerAgent
|
||||
.put(`/workflows/${workflow.id}/share`)
|
||||
.send({ shareWithIds: [member.id] });
|
||||
.send({ shareWithIds: [memberPersonalProject.id] });
|
||||
|
||||
expect(response.statusCode).toBe(200);
|
||||
|
||||
@@ -275,39 +318,49 @@ describe('GET /workflows/:id', () => {
|
||||
test('GET should return a workflow with owner', async () => {
|
||||
const workflow = await createWorkflow({}, owner);
|
||||
|
||||
const response = await authOwnerAgent.get(`/workflows/${workflow.id}`);
|
||||
const response = await authOwnerAgent.get(`/workflows/${workflow.id}`).expect(200);
|
||||
const responseWorkflow: WorkflowWithSharingsMetaDataAndCredentials = response.body.data;
|
||||
|
||||
expect(response.statusCode).toBe(200);
|
||||
expect(response.body.data.ownedBy).toMatchObject({
|
||||
id: owner.id,
|
||||
email: owner.email,
|
||||
firstName: owner.firstName,
|
||||
lastName: owner.lastName,
|
||||
expect(responseWorkflow.homeProject).toMatchObject({
|
||||
id: ownerPersonalProject.id,
|
||||
name: owner.createPersonalProjectName(),
|
||||
type: 'personal',
|
||||
});
|
||||
|
||||
expect(response.body.data.sharedWith).toHaveLength(0);
|
||||
expect(responseWorkflow.sharedWithProjects).toHaveLength(0);
|
||||
// eslint-disable-next-line @typescript-eslint/no-explicit-any
|
||||
expect((responseWorkflow as any).shared).toBeUndefined();
|
||||
});
|
||||
|
||||
test('should return tags', async () => {
|
||||
const tag = await createTag({ name: 'A' });
|
||||
const workflow = await createWorkflow({ tags: [tag] }, owner);
|
||||
|
||||
const response = await authOwnerAgent.get(`/workflows/${workflow.id}`).expect(200);
|
||||
|
||||
expect(response.body.data).toMatchObject({
|
||||
tags: [expect.objectContaining({ id: tag.id, name: tag.name })],
|
||||
});
|
||||
});
|
||||
|
||||
test('GET should return shared workflow with user data', async () => {
|
||||
const workflow = await createWorkflow({}, owner);
|
||||
await shareWorkflowWithUsers(workflow, [member]);
|
||||
|
||||
const response = await authOwnerAgent.get(`/workflows/${workflow.id}`);
|
||||
const response = await authOwnerAgent.get(`/workflows/${workflow.id}`).expect(200);
|
||||
const responseWorkflow: WorkflowWithSharingsMetaDataAndCredentials = response.body.data;
|
||||
|
||||
expect(response.statusCode).toBe(200);
|
||||
expect(response.body.data.ownedBy).toMatchObject({
|
||||
id: owner.id,
|
||||
email: owner.email,
|
||||
firstName: owner.firstName,
|
||||
lastName: owner.lastName,
|
||||
expect(responseWorkflow.homeProject).toMatchObject({
|
||||
id: ownerPersonalProject.id,
|
||||
name: owner.createPersonalProjectName(),
|
||||
type: 'personal',
|
||||
});
|
||||
|
||||
expect(response.body.data.sharedWith).toHaveLength(1);
|
||||
expect(response.body.data.sharedWith[0]).toMatchObject({
|
||||
id: member.id,
|
||||
email: member.email,
|
||||
firstName: member.firstName,
|
||||
lastName: member.lastName,
|
||||
expect(responseWorkflow.sharedWithProjects).toHaveLength(1);
|
||||
expect(responseWorkflow.sharedWithProjects[0]).toMatchObject({
|
||||
id: memberPersonalProject.id,
|
||||
name: member.createPersonalProjectName(),
|
||||
type: 'personal',
|
||||
});
|
||||
});
|
||||
|
||||
@@ -315,17 +368,16 @@ describe('GET /workflows/:id', () => {
|
||||
const workflow = await createWorkflow({}, owner);
|
||||
await shareWorkflowWithUsers(workflow, [member, anotherMember]);
|
||||
|
||||
const response = await authOwnerAgent.get(`/workflows/${workflow.id}`);
|
||||
const response = await authOwnerAgent.get(`/workflows/${workflow.id}`).expect(200);
|
||||
const responseWorkflow: WorkflowWithSharingsMetaDataAndCredentials = response.body.data;
|
||||
|
||||
expect(response.statusCode).toBe(200);
|
||||
expect(response.body.data.ownedBy).toMatchObject({
|
||||
id: owner.id,
|
||||
email: owner.email,
|
||||
firstName: owner.firstName,
|
||||
lastName: owner.lastName,
|
||||
expect(responseWorkflow.homeProject).toMatchObject({
|
||||
id: ownerPersonalProject.id,
|
||||
name: owner.createPersonalProjectName(),
|
||||
type: 'personal',
|
||||
});
|
||||
|
||||
expect(response.body.data.sharedWith).toHaveLength(2);
|
||||
expect(responseWorkflow.sharedWithProjects).toHaveLength(2);
|
||||
});
|
||||
|
||||
test('GET should return workflow with credentials owned by user', async () => {
|
||||
@@ -337,10 +389,11 @@ describe('GET /workflows/:id', () => {
|
||||
});
|
||||
const workflow = await createWorkflow(workflowPayload, owner);
|
||||
|
||||
const response = await authOwnerAgent.get(`/workflows/${workflow.id}`);
|
||||
const response = await authOwnerAgent.get(`/workflows/${workflow.id}`).expect(200);
|
||||
const responseWorkflow: WorkflowWithSharingsMetaDataAndCredentials = response.body.data;
|
||||
|
||||
expect(response.statusCode).toBe(200);
|
||||
expect(response.body.data.usedCredentials).toMatchObject([
|
||||
expect(responseWorkflow.usedCredentials).toMatchObject([
|
||||
{
|
||||
id: savedCredential.id,
|
||||
name: savedCredential.name,
|
||||
@@ -348,7 +401,7 @@ describe('GET /workflows/:id', () => {
|
||||
},
|
||||
]);
|
||||
|
||||
expect(response.body.data.sharedWith).toHaveLength(0);
|
||||
expect(responseWorkflow.sharedWithProjects).toHaveLength(0);
|
||||
});
|
||||
|
||||
test('GET should return workflow with credentials saying owner does not have access when not shared', async () => {
|
||||
@@ -360,10 +413,10 @@ describe('GET /workflows/:id', () => {
|
||||
});
|
||||
const workflow = await createWorkflow(workflowPayload, owner);
|
||||
|
||||
const response = await authOwnerAgent.get(`/workflows/${workflow.id}`);
|
||||
const response = await authOwnerAgent.get(`/workflows/${workflow.id}`).expect(200);
|
||||
const responseWorkflow: WorkflowWithSharingsMetaDataAndCredentials = response.body.data;
|
||||
|
||||
expect(response.statusCode).toBe(200);
|
||||
expect(response.body.data.usedCredentials).toMatchObject([
|
||||
expect(responseWorkflow.usedCredentials).toMatchObject([
|
||||
{
|
||||
id: savedCredential.id,
|
||||
name: savedCredential.name,
|
||||
@@ -371,7 +424,7 @@ describe('GET /workflows/:id', () => {
|
||||
},
|
||||
]);
|
||||
|
||||
expect(response.body.data.sharedWith).toHaveLength(0);
|
||||
expect(responseWorkflow.sharedWithProjects).toHaveLength(0);
|
||||
});
|
||||
|
||||
test('GET should return workflow with credentials for all users with or without access', async () => {
|
||||
@@ -384,27 +437,31 @@ describe('GET /workflows/:id', () => {
|
||||
const workflow = await createWorkflow(workflowPayload, member);
|
||||
await shareWorkflowWithUsers(workflow, [anotherMember]);
|
||||
|
||||
const responseMember1 = await authMemberAgent.get(`/workflows/${workflow.id}`);
|
||||
expect(responseMember1.statusCode).toBe(200);
|
||||
expect(responseMember1.body.data.usedCredentials).toMatchObject([
|
||||
const responseMember1 = await authMemberAgent.get(`/workflows/${workflow.id}`).expect(200);
|
||||
const member1Workflow: WorkflowWithSharingsMetaDataAndCredentials = responseMember1.body.data;
|
||||
|
||||
expect(member1Workflow.usedCredentials).toMatchObject([
|
||||
{
|
||||
id: savedCredential.id,
|
||||
name: savedCredential.name,
|
||||
currentUserHasAccess: true, // one user has access
|
||||
},
|
||||
]);
|
||||
expect(responseMember1.body.data.sharedWith).toHaveLength(1);
|
||||
expect(member1Workflow.sharedWithProjects).toHaveLength(1);
|
||||
|
||||
const responseMember2 = await authAnotherMemberAgent.get(`/workflows/${workflow.id}`);
|
||||
expect(responseMember2.statusCode).toBe(200);
|
||||
expect(responseMember2.body.data.usedCredentials).toMatchObject([
|
||||
const responseMember2 = await authAnotherMemberAgent
|
||||
.get(`/workflows/${workflow.id}`)
|
||||
.expect(200);
|
||||
const member2Workflow: WorkflowWithSharingsMetaDataAndCredentials = responseMember2.body.data;
|
||||
|
||||
expect(member2Workflow.usedCredentials).toMatchObject([
|
||||
{
|
||||
id: savedCredential.id,
|
||||
name: savedCredential.name,
|
||||
currentUserHasAccess: false, // the other one doesn't
|
||||
},
|
||||
]);
|
||||
expect(responseMember2.body.data.sharedWith).toHaveLength(1);
|
||||
expect(member2Workflow.sharedWithProjects).toHaveLength(1);
|
||||
});
|
||||
|
||||
test('GET should return workflow with credentials for all users with access', async () => {
|
||||
@@ -419,27 +476,32 @@ describe('GET /workflows/:id', () => {
|
||||
const workflow = await createWorkflow(workflowPayload, member);
|
||||
await shareWorkflowWithUsers(workflow, [anotherMember]);
|
||||
|
||||
const responseMember1 = await authMemberAgent.get(`/workflows/${workflow.id}`);
|
||||
expect(responseMember1.statusCode).toBe(200);
|
||||
expect(responseMember1.body.data.usedCredentials).toMatchObject([
|
||||
{
|
||||
id: savedCredential.id,
|
||||
name: savedCredential.name,
|
||||
currentUserHasAccess: true,
|
||||
},
|
||||
]);
|
||||
expect(responseMember1.body.data.sharedWith).toHaveLength(1);
|
||||
const responseMember1 = await authMemberAgent.get(`/workflows/${workflow.id}`).expect(200);
|
||||
const member1Workflow: WorkflowWithSharingsMetaDataAndCredentials = responseMember1.body.data;
|
||||
|
||||
const responseMember2 = await authAnotherMemberAgent.get(`/workflows/${workflow.id}`);
|
||||
expect(responseMember2.statusCode).toBe(200);
|
||||
expect(responseMember2.body.data.usedCredentials).toMatchObject([
|
||||
expect(member1Workflow.usedCredentials).toMatchObject([
|
||||
{
|
||||
id: savedCredential.id,
|
||||
name: savedCredential.name,
|
||||
currentUserHasAccess: true,
|
||||
},
|
||||
]);
|
||||
expect(responseMember2.body.data.sharedWith).toHaveLength(1);
|
||||
expect(member1Workflow.sharedWithProjects).toHaveLength(1);
|
||||
|
||||
const responseMember2 = await authAnotherMemberAgent
|
||||
.get(`/workflows/${workflow.id}`)
|
||||
.expect(200);
|
||||
const member2Workflow: WorkflowWithSharingsMetaDataAndCredentials = responseMember2.body.data;
|
||||
|
||||
expect(responseMember2.statusCode).toBe(200);
|
||||
expect(member2Workflow.usedCredentials).toMatchObject([
|
||||
{
|
||||
id: savedCredential.id,
|
||||
name: savedCredential.name,
|
||||
currentUserHasAccess: true,
|
||||
},
|
||||
]);
|
||||
expect(member2Workflow.sharedWithProjects).toHaveLength(1);
|
||||
});
|
||||
});
|
||||
|
||||
@@ -739,7 +801,7 @@ describe('PATCH /workflows/:id - validate credential permissions to user', () =>
|
||||
},
|
||||
],
|
||||
});
|
||||
expect(response.statusCode).toBe(400);
|
||||
expect(response.statusCode).toBe(403);
|
||||
});
|
||||
|
||||
it('Should succeed but prevent modifying node attributes other than position, name and disabled', async () => {
|
||||
@@ -814,7 +876,10 @@ describe('PATCH /workflows/:id - validate credential permissions to user', () =>
|
||||
const createResponse = await authMemberAgent.post('/workflows').send(workflow);
|
||||
const { id, versionId } = createResponse.body.data;
|
||||
|
||||
await authMemberAgent.put(`/workflows/${id}/share`).send({ shareWithIds: [anotherMember.id] });
|
||||
await authMemberAgent
|
||||
.put(`/workflows/${id}/share`)
|
||||
.send({ shareWithIds: [anotherMemberPersonalProject.id] })
|
||||
.expect(200);
|
||||
|
||||
const response = await authAnotherMemberAgent.patch(`/workflows/${id}`).send({
|
||||
versionId,
|
||||
@@ -832,7 +897,9 @@ describe('PATCH /workflows/:id - validate interim updates', () => {
|
||||
|
||||
const createResponse = await authOwnerAgent.post('/workflows').send(makeWorkflow());
|
||||
const { id, versionId: ownerVersionId } = createResponse.body.data;
|
||||
await authOwnerAgent.put(`/workflows/${id}/share`).send({ shareWithIds: [member.id] });
|
||||
await authOwnerAgent
|
||||
.put(`/workflows/${id}/share`)
|
||||
.send({ shareWithIds: [memberPersonalProject.id] });
|
||||
|
||||
// member accesses and updates workflow name
|
||||
|
||||
@@ -865,7 +932,9 @@ describe('PATCH /workflows/:id - validate interim updates', () => {
|
||||
|
||||
const { versionId: ownerSecondVersionId } = updateResponse.body.data;
|
||||
|
||||
await authOwnerAgent.put(`/workflows/${id}/share`).send({ shareWithIds: [member.id] });
|
||||
await authOwnerAgent
|
||||
.put(`/workflows/${id}/share`)
|
||||
.send({ shareWithIds: [memberPersonalProject.id] });
|
||||
|
||||
// member accesses workflow
|
||||
|
||||
@@ -893,7 +962,9 @@ describe('PATCH /workflows/:id - validate interim updates', () => {
|
||||
|
||||
const createResponse = await authOwnerAgent.post('/workflows').send(makeWorkflow());
|
||||
const { id, versionId: ownerVersionId } = createResponse.body.data;
|
||||
await authOwnerAgent.put(`/workflows/${id}/share`).send({ shareWithIds: [member.id] });
|
||||
await authOwnerAgent
|
||||
.put(`/workflows/${id}/share`)
|
||||
.send({ shareWithIds: [memberPersonalProject.id] });
|
||||
|
||||
// member accesses and activates workflow
|
||||
|
||||
@@ -923,7 +994,9 @@ describe('PATCH /workflows/:id - validate interim updates', () => {
|
||||
.send({ name: 'Update by owner', versionId: ownerFirstVersionId });
|
||||
const { versionId: ownerSecondVersionId } = updateResponse.body.data;
|
||||
|
||||
await authOwnerAgent.put(`/workflows/${id}/share`).send({ shareWithIds: [member.id] });
|
||||
await authOwnerAgent
|
||||
.put(`/workflows/${id}/share`)
|
||||
.send({ shareWithIds: [memberPersonalProject.id] });
|
||||
|
||||
// member accesses workflow
|
||||
|
||||
@@ -951,7 +1024,9 @@ describe('PATCH /workflows/:id - validate interim updates', () => {
|
||||
|
||||
const createResponse = await authOwnerAgent.post('/workflows').send(makeWorkflow());
|
||||
const { id, versionId: ownerVersionId } = createResponse.body.data;
|
||||
await authOwnerAgent.put(`/workflows/${id}/share`).send({ shareWithIds: [member.id] });
|
||||
await authOwnerAgent
|
||||
.put(`/workflows/${id}/share`)
|
||||
.send({ shareWithIds: [memberPersonalProject.id] });
|
||||
|
||||
// member accesses workflow
|
||||
|
||||
@@ -979,11 +1054,13 @@ describe('PATCH /workflows/:id - validate interim updates', () => {
|
||||
|
||||
const createResponse = await authOwnerAgent.post('/workflows').send(makeWorkflow());
|
||||
const { id, versionId: ownerVersionId } = createResponse.body.data;
|
||||
await authOwnerAgent.put(`/workflows/${id}/share`).send({ shareWithIds: [member.id] });
|
||||
await authOwnerAgent
|
||||
.put(`/workflows/${id}/share`)
|
||||
.send({ shareWithIds: [memberPersonalProject.id] });
|
||||
|
||||
// member accesses workflow
|
||||
|
||||
const memberGetResponse = await authMemberAgent.get(`/workflows/${id}`);
|
||||
const memberGetResponse = await authMemberAgent.get(`/workflows/${id}`).expect(200);
|
||||
const { versionId: memberVersionId } = memberGetResponse.body.data;
|
||||
|
||||
// owner updates workflow settings
|
||||
@@ -1003,33 +1080,6 @@ describe('PATCH /workflows/:id - validate interim updates', () => {
|
||||
});
|
||||
});
|
||||
|
||||
describe('getSharedWorkflowIds', () => {
|
||||
it('should show all workflows to owners', async () => {
|
||||
owner.role = 'global:owner';
|
||||
const workflow1 = await createWorkflow({}, member);
|
||||
const workflow2 = await createWorkflow({}, anotherMember);
|
||||
const sharedWorkflowIds =
|
||||
await Container.get(WorkflowSharingService).getSharedWorkflowIds(owner);
|
||||
expect(sharedWorkflowIds).toHaveLength(2);
|
||||
expect(sharedWorkflowIds).toContain(workflow1.id);
|
||||
expect(sharedWorkflowIds).toContain(workflow2.id);
|
||||
});
|
||||
|
||||
it('should show shared workflows to users', async () => {
|
||||
member.role = 'global:member';
|
||||
const workflow1 = await createWorkflow({}, anotherMember);
|
||||
const workflow2 = await createWorkflow({}, anotherMember);
|
||||
const workflow3 = await createWorkflow({}, anotherMember);
|
||||
await shareWorkflowWithUsers(workflow1, [member]);
|
||||
await shareWorkflowWithUsers(workflow3, [member]);
|
||||
const sharedWorkflowIds =
|
||||
await Container.get(WorkflowSharingService).getSharedWorkflowIds(member);
|
||||
expect(sharedWorkflowIds).toHaveLength(2);
|
||||
expect(sharedWorkflowIds).toContain(workflow1.id);
|
||||
expect(sharedWorkflowIds).toContain(workflow3.id);
|
||||
});
|
||||
});
|
||||
|
||||
describe('PATCH /workflows/:id - workflow history', () => {
|
||||
test('Should create workflow history version when licensed', async () => {
|
||||
license.enable('feat:workflowHistory');
|
||||
|
||||
Reference in New Issue
Block a user