admin/n8n-enterprise-unlocked
1
0
Fork 0
mirror of https://github.com/Abdulazizzn/n8n-enterprise-unlocked.git synced 2025-12-17 10:02:05 +00:00
Code Issues Packages Projects Releases Wiki Activity

ci: Refactor cli tests to speed up CI (no-changelog) (#5718)

Browse Source 
* ci: Refactor cli tests to speed up CI (no-changelog)

* upgrade jest to address memory leaks
This commit is contained in:
कारतोफ्फेलस्क्रिप्ट™
2023-03-17 17:24:05 +01:00
committed by GitHub
parent be172cb720
commit 6242cac53b
29 changed files with 4229 additions and 4762 deletions
Download Patch File Download Diff File Expand all files Collapse all files

422
packages/cli/test/integration/workflows.controller.ee.test.ts
View File

@@ -1,89 +1,89 @@
import express from 'express';
import type { SuperAgentTest } from 'supertest';
import { v4 as uuid } from 'uuid';
import { INode } from 'n8n-workflow';
import type { INode } from 'n8n-workflow';
import * as UserManagementHelpers from '@/UserManagement/UserManagementHelper';
import type { User } from '@db/entities/User';
import config from '@/config';
import * as utils from './shared/utils';
import * as testDb from './shared/testDb';
import { createWorkflow } from './shared/testDb';
import * as UserManagementHelpers from '@/UserManagement/UserManagementHelper';
import type { Role } from '@db/entities/Role';
import config from '@/config';
import type { AuthAgent, SaveCredentialFunction } from './shared/types';
import type { SaveCredentialFunction } from './shared/types';
import { makeWorkflow } from './shared/utils';
import { randomCredentialPayload } from './shared/random';
import { ActiveWorkflowRunner } from '@/ActiveWorkflowRunner';
let app: express.Application;
let globalOwnerRole: Role;
let globalMemberRole: Role;
let credentialOwnerRole: Role;
let authAgent: AuthAgent;
let owner: User;
let member: User;
let anotherMember: User;
let authOwnerAgent: SuperAgentTest;
let authMemberAgent: SuperAgentTest;
let authAnotherMemberAgent: SuperAgentTest;
let saveCredential: SaveCredentialFunction;
let isSharingEnabled: jest.SpyInstance<boolean>;
let workflowRunner: ActiveWorkflowRunner;
let sharingSpy: jest.SpyInstance<boolean>;
beforeAll(async () => {
app = await utils.initTestServer({ endpointGroups: ['workflows'] });
const app = await utils.initTestServer({ endpointGroups: ['workflows'] });
globalOwnerRole = await testDb.getGlobalOwnerRole();
globalMemberRole = await testDb.getGlobalMemberRole();
credentialOwnerRole = await testDb.getCredentialOwnerRole();
const globalOwnerRole = await testDb.getGlobalOwnerRole();
const globalMemberRole = await testDb.getGlobalMemberRole();
const credentialOwnerRole = await testDb.getCredentialOwnerRole();
owner = await testDb.createUser({ globalRole: globalOwnerRole });
member = await testDb.createUser({ globalRole: globalMemberRole });
anotherMember = await testDb.createUser({ globalRole: globalMemberRole });
const authAgent = utils.createAuthAgent(app);
authOwnerAgent = authAgent(owner);
authMemberAgent = authAgent(member);
authAnotherMemberAgent = authAgent(anotherMember);
saveCredential = testDb.affixRoleToSaveCredential(credentialOwnerRole);
authAgent = utils.createAuthAgent(app);
isSharingEnabled = jest.spyOn(UserManagementHelpers, 'isSharingEnabled').mockReturnValue(true);
sharingSpy = jest.spyOn(UserManagementHelpers, 'isSharingEnabled').mockReturnValue(true);
await utils.initNodeTypes();
workflowRunner = await utils.initActiveWorkflowRunner();
config.set('enterprise.features.sharing', true);
sharingSpy = jest.spyOn(UserManagementHelpers, 'isSharingEnabled').mockReturnValue(true); // @TODO: Remove on release
});
beforeEach(async () => {
await testDb.truncate(['User', 'Workflow', 'SharedWorkflow']);
await testDb.truncate(['Workflow', 'SharedWorkflow']);
});
afterAll(async () => {
await testDb.terminate();
});
test('Router should switch dynamically', async () => {
const owner = await testDb.createUser({ globalRole: globalOwnerRole });
const member = await testDb.createUser({ globalRole: globalMemberRole });
describe('router should switch based on flag', () => {
let savedWorkflowId: string;
const createWorkflowResponse = await authAgent(owner).post('/workflows').send(makeWorkflow());
const { id } = createWorkflowResponse.body.data;
beforeEach(async () => {
const createWorkflowResponse = await authOwnerAgent.post('/workflows').send(makeWorkflow());
savedWorkflowId = createWorkflowResponse.body.data.id;
});
// free router
test('when sharing is disabled', async () => {
sharingSpy.mockReturnValueOnce(false);
isSharingEnabled.mockReturnValueOnce(false);
await authOwnerAgent
.put(`/workflows/${savedWorkflowId}/share`)
.send({ shareWithIds: [member.id] })
.expect(404);
});
const freeShareResponse = await authAgent(owner)
.put(`/workflows/${id}/share`)
.send({ shareWithIds: [member.id] });
expect(freeShareResponse.status).toBe(404);
// EE router
const paidShareResponse = await authAgent(owner)
.put(`/workflows/${id}/share`)
.send({ shareWithIds: [member.id] });
expect(paidShareResponse.status).toBe(200);
test('when sharing is enabled', async () => {
await authOwnerAgent
.put(`/workflows/${savedWorkflowId}/share`)
.send({ shareWithIds: [member.id] })
.expect(200);
});
});
describe('PUT /workflows/:id', () => {
test('PUT /workflows/:id/share should save sharing with new users', async () => {
const owner = await testDb.createUser({ globalRole: globalOwnerRole });
const member = await testDb.createUser({ globalRole: globalMemberRole });
const workflow = await createWorkflow({}, owner);
const response = await authAgent(owner)
const response = await authOwnerAgent
.put(`/workflows/${workflow.id}/share`)
.send({ shareWithIds: [member.id] });
@@ -94,10 +94,9 @@ describe('PUT /workflows/:id', () => {
});
test('PUT /workflows/:id/share should succeed when sharing with invalid user-id', async () => {
const owner = await testDb.createUser({ globalRole: globalOwnerRole });
const workflow = await createWorkflow({}, owner);
const response = await authAgent(owner)
const response = await authOwnerAgent
.put(`/workflows/${workflow.id}/share`)
.send({ shareWithIds: [uuid()] });
@@ -108,12 +107,9 @@ describe('PUT /workflows/:id', () => {
});
test('PUT /workflows/:id/share should allow sharing with multiple users', async () => {
const owner = await testDb.createUser({ globalRole: globalOwnerRole });
const member = await testDb.createUser({ globalRole: globalMemberRole });
const anotherMember = await testDb.createUser({ globalRole: globalMemberRole });
const workflow = await createWorkflow({}, owner);
const response = await authAgent(owner)
const response = await authOwnerAgent
.put(`/workflows/${workflow.id}/share`)
.send({ shareWithIds: [member.id, anotherMember.id] });
@@ -124,13 +120,8 @@ describe('PUT /workflows/:id', () => {
});
test('PUT /workflows/:id/share should override sharing', async () => {
const owner = await testDb.createUser({ globalRole: globalOwnerRole });
const member = await testDb.createUser({ globalRole: globalMemberRole });
const anotherMember = await testDb.createUser({ globalRole: globalMemberRole });
const workflow = await createWorkflow({}, owner);
const authOwnerAgent = authAgent(owner);
const response = await authOwnerAgent
.put(`/workflows/${workflow.id}/share`)
.send({ shareWithIds: [member.id, anotherMember.id] });
@@ -152,8 +143,6 @@ describe('PUT /workflows/:id', () => {
describe('GET /workflows', () => {
test('should return workflows without nodes, sharing and credential usage details', async () => {
const owner = await testDb.createUser({ globalRole: globalOwnerRole });
const member = await testDb.createUser({ globalRole: globalMemberRole });
const tag = await testDb.createTag({ name: 'test' });
const savedCredential = await saveCredential(randomCredentialPayload(), { user: owner });
@@ -183,7 +172,7 @@ describe('GET /workflows', () => {
await testDb.shareWorkflowWithUsers(workflow, [member]);
const response = await authAgent(owner).get('/workflows');
const response = await authOwnerAgent.get('/workflows');
const [fetchedWorkflow] = response.body.data;
@@ -192,42 +181,37 @@ describe('GET /workflows', () => {
id: owner.id,
});
expect(fetchedWorkflow.sharedWith).not.toBeDefined()
expect(fetchedWorkflow.usedCredentials).not.toBeDefined()
expect(fetchedWorkflow.nodes).not.toBeDefined()
expect(fetchedWorkflow.sharedWith).not.toBeDefined();
expect(fetchedWorkflow.usedCredentials).not.toBeDefined();
expect(fetchedWorkflow.nodes).not.toBeDefined();
expect(fetchedWorkflow.tags).toEqual(
expect.arrayContaining([
expect.objectContaining({
id: expect.any(String),
name: expect.any(String)
})
])
)
name: expect.any(String),
}),
]),
);
});
});
describe('GET /workflows/:id', () => {
test('GET should fail with invalid id due to route rule', async () => {
const owner = await testDb.createUser({ globalRole: globalOwnerRole });
const response = await authAgent(owner).get('/workflows/potatoes');
const response = await authOwnerAgent.get('/workflows/potatoes');
expect(response.statusCode).toBe(404);
});
test('GET should return 404 for non existing workflow', async () => {
const owner = await testDb.createUser({ globalRole: globalOwnerRole });
const response = await authAgent(owner).get('/workflows/9001');
const response = await authOwnerAgent.get('/workflows/9001');
expect(response.statusCode).toBe(404);
});
test('GET should return a workflow with owner', async () => {
const owner = await testDb.createUser({ globalRole: globalOwnerRole });
const workflow = await createWorkflow({}, owner);
const response = await authAgent(owner).get(`/workflows/${workflow.id}`);
const response = await authOwnerAgent.get(`/workflows/${workflow.id}`);
expect(response.statusCode).toBe(200);
expect(response.body.data.ownedBy).toMatchObject({
@@ -241,12 +225,10 @@ describe('GET /workflows/:id', () => {
});
test('GET should return shared workflow with user data', async () => {
const owner = await testDb.createUser({ globalRole: globalOwnerRole });
const member = await testDb.createUser({ globalRole: globalMemberRole });
const workflow = await createWorkflow({}, owner);
await testDb.shareWorkflowWithUsers(workflow, [member]);
const response = await authAgent(owner).get(`/workflows/${workflow.id}`);
const response = await authOwnerAgent.get(`/workflows/${workflow.id}`);
expect(response.statusCode).toBe(200);
expect(response.body.data.ownedBy).toMatchObject({
@@ -266,13 +248,10 @@ describe('GET /workflows/:id', () => {
});
test('GET should return all sharees', async () => {
const owner = await testDb.createUser({ globalRole: globalOwnerRole });
const member1 = await testDb.createUser({ globalRole: globalMemberRole });
const member2 = await testDb.createUser({ globalRole: globalMemberRole });
const workflow = await createWorkflow({}, owner);
await testDb.shareWorkflowWithUsers(workflow, [member1, member2]);
await testDb.shareWorkflowWithUsers(workflow, [member, anotherMember]);
const response = await authAgent(owner).get(`/workflows/${workflow.id}`);
const response = await authOwnerAgent.get(`/workflows/${workflow.id}`);
expect(response.statusCode).toBe(200);
expect(response.body.data.ownedBy).toMatchObject({
@@ -286,7 +265,6 @@ describe('GET /workflows/:id', () => {
});
test('GET should return workflow with credentials owned by user', async () => {
const owner = await testDb.createUser({ globalRole: globalOwnerRole });
const savedCredential = await saveCredential(randomCredentialPayload(), { user: owner });
const workflowPayload = makeWorkflow({
@@ -295,7 +273,7 @@ describe('GET /workflows/:id', () => {
});
const workflow = await createWorkflow(workflowPayload, owner);
const response = await authAgent(owner).get(`/workflows/${workflow.id}`);
const response = await authOwnerAgent.get(`/workflows/${workflow.id}`);
expect(response.statusCode).toBe(200);
expect(response.body.data.usedCredentials).toMatchObject([
@@ -310,8 +288,6 @@ describe('GET /workflows/:id', () => {
});
test('GET should return workflow with credentials saying owner does not have access when not shared', async () => {
const owner = await testDb.createUser({ globalRole: globalOwnerRole });
const member = await testDb.createUser({ globalRole: globalMemberRole });
const savedCredential = await saveCredential(randomCredentialPayload(), { user: member });
const workflowPayload = makeWorkflow({
@@ -320,7 +296,7 @@ describe('GET /workflows/:id', () => {
});
const workflow = await createWorkflow(workflowPayload, owner);
const response = await authAgent(owner).get(`/workflows/${workflow.id}`);
const response = await authOwnerAgent.get(`/workflows/${workflow.id}`);
expect(response.statusCode).toBe(200);
expect(response.body.data.usedCredentials).toMatchObject([
@@ -335,18 +311,16 @@ describe('GET /workflows/:id', () => {
});
test('GET should return workflow with credentials for all users with or without access', async () => {
const member1 = await testDb.createUser({ globalRole: globalMemberRole });
const member2 = await testDb.createUser({ globalRole: globalMemberRole });
const savedCredential = await saveCredential(randomCredentialPayload(), { user: member1 });
const savedCredential = await saveCredential(randomCredentialPayload(), { user: member });
const workflowPayload = makeWorkflow({
withPinData: false,
withCredential: { id: savedCredential.id, name: savedCredential.name },
});
const workflow = await createWorkflow(workflowPayload, member1);
await testDb.shareWorkflowWithUsers(workflow, [member2]);
const workflow = await createWorkflow(workflowPayload, member);
await testDb.shareWorkflowWithUsers(workflow, [anotherMember]);
const responseMember1 = await authAgent(member1).get(`/workflows/${workflow.id}`);
const responseMember1 = await authMemberAgent.get(`/workflows/${workflow.id}`);
expect(responseMember1.statusCode).toBe(200);
expect(responseMember1.body.data.usedCredentials).toMatchObject([
{
@@ -357,7 +331,7 @@ describe('GET /workflows/:id', () => {
]);
expect(responseMember1.body.data.sharedWith).toHaveLength(1);
const responseMember2 = await authAgent(member2).get(`/workflows/${workflow.id}`);
const responseMember2 = await authAnotherMemberAgent.get(`/workflows/${workflow.id}`);
expect(responseMember2.statusCode).toBe(200);
expect(responseMember2.body.data.usedCredentials).toMatchObject([
{
@@ -370,20 +344,18 @@ describe('GET /workflows/:id', () => {
});
test('GET should return workflow with credentials for all users with access', async () => {
const member1 = await testDb.createUser({ globalRole: globalMemberRole });
const member2 = await testDb.createUser({ globalRole: globalMemberRole });
const savedCredential = await saveCredential(randomCredentialPayload(), { user: member1 });
const savedCredential = await saveCredential(randomCredentialPayload(), { user: member });
// Both users have access to the credential (none is owner)
await testDb.shareCredentialWithUsers(savedCredential, [member2]);
await testDb.shareCredentialWithUsers(savedCredential, [anotherMember]);
const workflowPayload = makeWorkflow({
withPinData: false,
withCredential: { id: savedCredential.id, name: savedCredential.name },
});
const workflow = await createWorkflow(workflowPayload, member1);
await testDb.shareWorkflowWithUsers(workflow, [member2]);
const workflow = await createWorkflow(workflowPayload, member);
await testDb.shareWorkflowWithUsers(workflow, [anotherMember]);
const responseMember1 = await authAgent(member1).get(`/workflows/${workflow.id}`);
const responseMember1 = await authMemberAgent.get(`/workflows/${workflow.id}`);
expect(responseMember1.statusCode).toBe(200);
expect(responseMember1.body.data.usedCredentials).toMatchObject([
{
@@ -394,7 +366,7 @@ describe('GET /workflows/:id', () => {
]);
expect(responseMember1.body.data.sharedWith).toHaveLength(1);
const responseMember2 = await authAgent(member2).get(`/workflows/${workflow.id}`);
const responseMember2 = await authAnotherMemberAgent.get(`/workflows/${workflow.id}`);
expect(responseMember2.statusCode).toBe(200);
expect(responseMember2.body.data.usedCredentials).toMatchObject([
{
@@ -409,33 +381,26 @@ describe('GET /workflows/:id', () => {
describe('POST /workflows', () => {
it('Should create a workflow that uses no credential', async () => {
const owner = await testDb.createUser({ globalRole: globalOwnerRole });
const workflow = makeWorkflow({ withPinData: false });
const response = await authAgent(owner).post('/workflows').send(workflow);
const response = await authOwnerAgent.post('/workflows').send(workflow);
expect(response.statusCode).toBe(200);
});
it('Should save a new workflow with credentials', async () => {
const owner = await testDb.createUser({ globalRole: globalOwnerRole });
const savedCredential = await saveCredential(randomCredentialPayload(), { user: owner });
const workflow = makeWorkflow({
withPinData: false,
withCredential: { id: savedCredential.id, name: savedCredential.name },
});
const response = await authAgent(owner).post('/workflows').send(workflow);
const response = await authOwnerAgent.post('/workflows').send(workflow);
expect(response.statusCode).toBe(200);
});
it('Should not allow saving a workflow using credential you have no access', async () => {
const owner = await testDb.createUser({ globalRole: globalOwnerRole });
const member = await testDb.createUser({ globalRole: globalMemberRole });
// Credential belongs to owner, member cannot use it.
const savedCredential = await saveCredential(randomCredentialPayload(), { user: owner });
const workflow = makeWorkflow({
@@ -443,7 +408,7 @@ describe('POST /workflows', () => {
withCredential: { id: savedCredential.id, name: savedCredential.name },
});
const response = await authAgent(member).post('/workflows').send(workflow);
const response = await authMemberAgent.post('/workflows').send(workflow);
expect(response.statusCode).toBe(400);
expect(response.body.message).toBe(
@@ -452,9 +417,6 @@ describe('POST /workflows', () => {
});
it('Should allow owner to save a workflow using credential owned by others', async () => {
const owner = await testDb.createUser({ globalRole: globalOwnerRole });
const member = await testDb.createUser({ globalRole: globalMemberRole });
// Credential belongs to owner, member cannot use it.
const savedCredential = await saveCredential(randomCredentialPayload(), { user: member });
const workflow = makeWorkflow({
@@ -462,32 +424,27 @@ describe('POST /workflows', () => {
withCredential: { id: savedCredential.id, name: savedCredential.name },
});
const response = await authAgent(owner).post('/workflows').send(workflow);
const response = await authOwnerAgent.post('/workflows').send(workflow);
expect(response.statusCode).toBe(200);
});
it('Should allow saving a workflow using a credential owned by others and shared with you', async () => {
const member1 = await testDb.createUser({ globalRole: globalMemberRole });
const member2 = await testDb.createUser({ globalRole: globalMemberRole });
const savedCredential = await saveCredential(randomCredentialPayload(), { user: member1 });
await testDb.shareCredentialWithUsers(savedCredential, [member2]);
const savedCredential = await saveCredential(randomCredentialPayload(), { user: member });
await testDb.shareCredentialWithUsers(savedCredential, [anotherMember]);
const workflow = makeWorkflow({
withPinData: false,
withCredential: { id: savedCredential.id, name: savedCredential.name },
});
const response = await authAgent(member2).post('/workflows').send(workflow);
const response = await authAnotherMemberAgent.post('/workflows').send(workflow);
expect(response.statusCode).toBe(200);
});
});
describe('PATCH /workflows/:id - validate credential permissions to user', () => {
it('Should succeed when saving unchanged workflow nodes', async () => {
const owner = await testDb.createUser({ globalRole: globalOwnerRole });
const savedCredential = await saveCredential(randomCredentialPayload(), { user: owner });
const workflow = {
name: 'test',
@@ -511,10 +468,10 @@ describe('PATCH /workflows/:id - validate credential permissions to user', () =>
],
};
const createResponse = await authAgent(owner).post('/workflows').send(workflow);
const createResponse = await authOwnerAgent.post('/workflows').send(workflow);
const { id, versionId } = createResponse.body.data;
const response = await authAgent(owner).patch(`/workflows/${id}`).send({
const response = await authOwnerAgent.patch(`/workflows/${id}`).send({
name: 'new name',
versionId,
});
@@ -523,9 +480,6 @@ describe('PATCH /workflows/:id - validate credential permissions to user', () =>
});
it('Should allow owner to add node containing credential not shared with the owner', async () => {
const owner = await testDb.createUser({ globalRole: globalOwnerRole });
const member = await testDb.createUser({ globalRole: globalMemberRole });
const savedCredential = await saveCredential(randomCredentialPayload(), { user: member });
const workflow = {
name: 'test',
@@ -549,38 +503,33 @@ describe('PATCH /workflows/:id - validate credential permissions to user', () =>
],
};
const createResponse = await authAgent(owner).post('/workflows').send(workflow);
const createResponse = await authOwnerAgent.post('/workflows').send(workflow);
const { id, versionId } = createResponse.body.data;
const response = await authAgent(owner)
.patch(`/workflows/${id}`)
.send({
versionId,
nodes: [
{
id: 'uuid-1234',
name: 'Start',
parameters: {},
position: [-20, 260],
type: 'n8n-nodes-base.start',
typeVersion: 1,
credentials: {
default: {
id: savedCredential.id,
name: savedCredential.name,
},
const response = await authOwnerAgent.patch(`/workflows/${id}`).send({
versionId,
nodes: [
{
id: 'uuid-1234',
name: 'Start',
parameters: {},
position: [-20, 260],
type: 'n8n-nodes-base.start',
typeVersion: 1,
credentials: {
default: {
id: savedCredential.id,
name: savedCredential.name,
},
},
],
});
},
],
});
expect(response.statusCode).toBe(200);
});
it('Should prevent member from adding node containing credential inaccessible to member', async () => {
const owner = await testDb.createUser({ globalRole: globalOwnerRole });
const member = await testDb.createUser({ globalRole: globalMemberRole });
const savedCredential = await saveCredential(randomCredentialPayload(), { user: owner });
const workflow = {
@@ -605,48 +554,43 @@ describe('PATCH /workflows/:id - validate credential permissions to user', () =>
],
};
const createResponse = await authAgent(owner).post('/workflows').send(workflow);
const createResponse = await authOwnerAgent.post('/workflows').send(workflow);
const { id, versionId } = createResponse.body.data;
const response = await authAgent(member)
.patch(`/workflows/${id}`)
.send({
versionId,
nodes: [
{
id: 'uuid-1234',
name: 'Start',
parameters: {},
position: [-20, 260],
type: 'n8n-nodes-base.start',
typeVersion: 1,
credentials: {},
},
{
id: 'uuid-12345',
name: 'Start',
parameters: {},
position: [-20, 260],
type: 'n8n-nodes-base.start',
typeVersion: 1,
credentials: {
default: {
id: savedCredential.id,
name: savedCredential.name,
},
const response = await authMemberAgent.patch(`/workflows/${id}`).send({
versionId,
nodes: [
{
id: 'uuid-1234',
name: 'Start',
parameters: {},
position: [-20, 260],
type: 'n8n-nodes-base.start',
typeVersion: 1,
credentials: {},
},
{
id: 'uuid-12345',
name: 'Start',
parameters: {},
position: [-20, 260],
type: 'n8n-nodes-base.start',
typeVersion: 1,
credentials: {
default: {
id: savedCredential.id,
name: savedCredential.name,
},
},
],
});
},
],
});
expect(response.statusCode).toBe(400);
});
it('Should succeed but prevent modifying node attributes other than position, name and disabled', async () => {
const member1 = await testDb.createUser({ globalRole: globalMemberRole });
const member2 = await testDb.createUser({ globalRole: globalMemberRole });
const savedCredential = await saveCredential(randomCredentialPayload(), { user: member1 });
const savedCredential = await saveCredential(randomCredentialPayload(), { user: member });
const originalNodes: INode[] = [
{
@@ -714,14 +658,12 @@ describe('PATCH /workflows/:id - validate credential permissions to user', () =>
nodes: originalNodes,
};
const createResponse = await authAgent(member1).post('/workflows').send(workflow);
const createResponse = await authMemberAgent.post('/workflows').send(workflow);
const { id, versionId } = createResponse.body.data;
await authAgent(member1)
.put(`/workflows/${id}/share`)
.send({ shareWithIds: [member2.id] });
await authMemberAgent.put(`/workflows/${id}/share`).send({ shareWithIds: [anotherMember.id] });
const response = await authAgent(member2).patch(`/workflows/${id}`).send({
const response = await authAnotherMemberAgent.patch(`/workflows/${id}`).send({
versionId,
nodes: changedNodes,
});
@@ -733,29 +675,24 @@ describe('PATCH /workflows/:id - validate credential permissions to user', () =>
describe('PATCH /workflows/:id - validate interim updates', () => {
it('should block owner updating workflow nodes on interim update by member', async () => {
const owner = await testDb.createUser({ globalRole: globalOwnerRole });
const member = await testDb.createUser({ globalRole: globalMemberRole });
// owner creates and shares workflow
const createResponse = await authAgent(owner).post('/workflows').send(makeWorkflow());
const createResponse = await authOwnerAgent.post('/workflows').send(makeWorkflow());
const { id, versionId: ownerVersionId } = createResponse.body.data;
await authAgent(owner)
.put(`/workflows/${id}/share`)
.send({ shareWithIds: [member.id] });
await authOwnerAgent.put(`/workflows/${id}/share`).send({ shareWithIds: [member.id] });
// member accesses and updates workflow name
const memberGetResponse = await authAgent(member).get(`/workflows/${id}`);
const memberGetResponse = await authMemberAgent.get(`/workflows/${id}`);
const { versionId: memberVersionId } = memberGetResponse.body.data;
await authAgent(member)
await authMemberAgent
.patch(`/workflows/${id}`)
.send({ name: 'Update by member', versionId: memberVersionId });
// owner blocked from updating workflow nodes
const updateAttemptResponse = await authAgent(owner)
const updateAttemptResponse = await authOwnerAgent
.patch(`/workflows/${id}`)
.send({ nodes: [], versionId: ownerVersionId });
@@ -764,38 +701,33 @@ describe('PATCH /workflows/:id - validate interim updates', () => {
});
it('should block member updating workflow nodes on interim update by owner', async () => {
const owner = await testDb.createUser({ globalRole: globalOwnerRole });
const member = await testDb.createUser({ globalRole: globalMemberRole });
// owner creates, updates and shares workflow
const createResponse = await authAgent(owner).post('/workflows').send(makeWorkflow());
const createResponse = await authOwnerAgent.post('/workflows').send(makeWorkflow());
const { id, versionId: ownerFirstVersionId } = createResponse.body.data;
const updateResponse = await authAgent(owner)
const updateResponse = await authOwnerAgent
.patch(`/workflows/${id}`)
.send({ name: 'Update by owner', versionId: ownerFirstVersionId });
const { versionId: ownerSecondVersionId } = updateResponse.body.data;
await authAgent(owner)
.put(`/workflows/${id}/share`)
.send({ shareWithIds: [member.id] });
await authOwnerAgent.put(`/workflows/${id}/share`).send({ shareWithIds: [member.id] });
// member accesses workflow
const memberGetResponse = await authAgent(member).get(`/workflows/${id}`);
const memberGetResponse = await authMemberAgent.get(`/workflows/${id}`);
const { versionId: memberVersionId } = memberGetResponse.body.data;
// owner re-updates workflow
await authAgent(owner)
await authOwnerAgent
.patch(`/workflows/${id}`)
.send({ name: 'Owner update again', versionId: ownerSecondVersionId });
// member blocked from updating workflow
const updateAttemptResponse = await authAgent(member)
const updateAttemptResponse = await authMemberAgent
.patch(`/workflows/${id}`)
.send({ nodes: [], versionId: memberVersionId });
@@ -804,28 +736,23 @@ describe('PATCH /workflows/:id - validate interim updates', () => {
});
it('should block owner activation on interim activation by member', async () => {
const owner = await testDb.createUser({ globalRole: globalOwnerRole });
const member = await testDb.createUser({ globalRole: globalMemberRole });
// owner creates and shares workflow
const createResponse = await authAgent(owner).post('/workflows').send(makeWorkflow());
const createResponse = await authOwnerAgent.post('/workflows').send(makeWorkflow());
const { id, versionId: ownerVersionId } = createResponse.body.data;
await authAgent(owner)
.put(`/workflows/${id}/share`)
.send({ shareWithIds: [member.id] });
await authOwnerAgent.put(`/workflows/${id}/share`).send({ shareWithIds: [member.id] });
// member accesses and activates workflow
const memberGetResponse = await authAgent(member).get(`/workflows/${id}`);
const memberGetResponse = await authMemberAgent.get(`/workflows/${id}`);
const { versionId: memberVersionId } = memberGetResponse.body.data;
await authAgent(member)
await authMemberAgent
.patch(`/workflows/${id}`)
.send({ active: true, versionId: memberVersionId });
// owner blocked from activating workflow
const activationAttemptResponse = await authAgent(owner)
const activationAttemptResponse = await authOwnerAgent
.patch(`/workflows/${id}`)
.send({ active: true, versionId: ownerVersionId });
@@ -834,37 +761,32 @@ describe('PATCH /workflows/:id - validate interim updates', () => {
});
it('should block member activation on interim activation by owner', async () => {
const owner = await testDb.createUser({ globalRole: globalOwnerRole });
const member = await testDb.createUser({ globalRole: globalMemberRole });
// owner creates, updates and shares workflow
const createResponse = await authAgent(owner).post('/workflows').send(makeWorkflow());
const createResponse = await authOwnerAgent.post('/workflows').send(makeWorkflow());
const { id, versionId: ownerFirstVersionId } = createResponse.body.data;
const updateResponse = await authAgent(owner)
const updateResponse = await authOwnerAgent
.patch(`/workflows/${id}`)
.send({ name: 'Update by owner', versionId: ownerFirstVersionId });
const { versionId: ownerSecondVersionId } = updateResponse.body.data;
await authAgent(owner)
.put(`/workflows/${id}/share`)
.send({ shareWithIds: [member.id] });
await authOwnerAgent.put(`/workflows/${id}/share`).send({ shareWithIds: [member.id] });
// member accesses workflow
const memberGetResponse = await authAgent(member).get(`/workflows/${id}`);
const memberGetResponse = await authMemberAgent.get(`/workflows/${id}`);
const { versionId: memberVersionId } = memberGetResponse.body.data;
// owner activates workflow
await authAgent(owner)
await authOwnerAgent
.patch(`/workflows/${id}`)
.send({ active: true, versionId: ownerSecondVersionId });
// member blocked from activating workflow
const updateAttemptResponse = await authAgent(member)
const updateAttemptResponse = await authMemberAgent
.patch(`/workflows/${id}`)
.send({ active: true, versionId: memberVersionId });
@@ -873,31 +795,26 @@ describe('PATCH /workflows/:id - validate interim updates', () => {
});
it('should block member updating workflow settings on interim update by owner', async () => {
const owner = await testDb.createUser({ globalRole: globalOwnerRole });
const member = await testDb.createUser({ globalRole: globalMemberRole });
// owner creates and shares workflow
const createResponse = await authAgent(owner).post('/workflows').send(makeWorkflow());
const createResponse = await authOwnerAgent.post('/workflows').send(makeWorkflow());
const { id, versionId: ownerVersionId } = createResponse.body.data;
await authAgent(owner)
.put(`/workflows/${id}/share`)
.send({ shareWithIds: [member.id] });
await authOwnerAgent.put(`/workflows/${id}/share`).send({ shareWithIds: [member.id] });
// member accesses workflow
const memberGetResponse = await authAgent(member).get(`/workflows/${id}`);
const memberGetResponse = await authMemberAgent.get(`/workflows/${id}`);
const { versionId: memberVersionId } = memberGetResponse.body.data;
// owner updates workflow name
await authAgent(owner)
await authOwnerAgent
.patch(`/workflows/${id}`)
.send({ name: 'Another name', versionId: ownerVersionId });
// member blocked from updating workflow settings
const updateAttemptResponse = await authAgent(member)
const updateAttemptResponse = await authMemberAgent
.patch(`/workflows/${id}`)
.send({ settings: { saveManualExecutions: true }, versionId: memberVersionId });
@@ -906,31 +823,26 @@ describe('PATCH /workflows/:id - validate interim updates', () => {
});
it('should block member updating workflow name on interim update by owner', async () => {
const owner = await testDb.createUser({ globalRole: globalOwnerRole });
const member = await testDb.createUser({ globalRole: globalMemberRole });
// owner creates and shares workflow
const createResponse = await authAgent(owner).post('/workflows').send(makeWorkflow());
const createResponse = await authOwnerAgent.post('/workflows').send(makeWorkflow());
const { id, versionId: ownerVersionId } = createResponse.body.data;
await authAgent(owner)
.put(`/workflows/${id}/share`)
.send({ shareWithIds: [member.id] });
await authOwnerAgent.put(`/workflows/${id}/share`).send({ shareWithIds: [member.id] });
// member accesses workflow
const memberGetResponse = await authAgent(member).get(`/workflows/${id}`);
const memberGetResponse = await authMemberAgent.get(`/workflows/${id}`);
const { versionId: memberVersionId } = memberGetResponse.body.data;
// owner updates workflow settings
await authAgent(owner)
await authOwnerAgent
.patch(`/workflows/${id}`)
.send({ settings: { saveManualExecutions: true }, versionId: ownerVersionId });
// member blocked from updating workflow name
const updateAttemptResponse = await authAgent(member)
const updateAttemptResponse = await authMemberAgent
.patch(`/workflows/${id}`)
.send({ settings: { saveManualExecutions: true }, versionId: memberVersionId });