mirror of
https://github.com/Abdulazizzn/n8n-enterprise-unlocked.git
synced 2025-12-17 10:02:05 +00:00
refactor: Extract Invitation routes to InvitationController (no-changelog) (#7726)
This PR: - Creates `InvitationController` - Moves `POST /users` to `POST /invitations` and move related test to `invitations.api.tests` - Moves `POST /users/:id` to `POST /invitations/:id/accept` and move related test to `invitations.api.tests` - Adjusts FE to use new endpoints - Moves all the invitation logic to the `UserService` --------- Co-authored-by: कारतोफ्फेलस्क्रिप्ट™ <aditya@netroy.in>
This commit is contained in:
Ricardo Espinoza
@@ -1,12 +1,9 @@
|
||||
import validator from 'validator';
|
||||
import type { SuperAgentTest } from 'supertest';
|
||||
|
||||
import { CredentialsEntity } from '@db/entities/CredentialsEntity';
|
||||
import type { Role } from '@db/entities/Role';
|
||||
import type { User } from '@db/entities/User';
|
||||
import { WorkflowEntity } from '@db/entities/WorkflowEntity';
|
||||
import { compareHash } from '@/UserManagement/UserManagementHelper';
|
||||
import { UserManagementMailer } from '@/UserManagement/email/UserManagementMailer';
|
||||
|
||||
import Container from 'typedi';
|
||||
import { UserRepository } from '@db/repositories/user.repository';
|
||||
@@ -17,21 +14,14 @@ import { SharedWorkflowRepository } from '@db/repositories/sharedWorkflow.reposi
|
||||
|
||||
import { mockInstance } from '../shared/mocking';
|
||||
import { SUCCESS_RESPONSE_BODY } from './shared/constants';
|
||||
import {
|
||||
randomCredentialPayload,
|
||||
randomEmail,
|
||||
randomInvalidPassword,
|
||||
randomName,
|
||||
randomValidPassword,
|
||||
} from './shared/random';
|
||||
import { randomCredentialPayload, randomName } from './shared/random';
|
||||
import * as testDb from './shared/testDb';
|
||||
import * as utils from './shared/utils/';
|
||||
import { saveCredential } from './shared/db/credentials';
|
||||
import { getAllRoles } from './shared/db/roles';
|
||||
import { createMember, createOwner, createUser, createUserShell } from './shared/db/users';
|
||||
import { createMember, createOwner, createUser } from './shared/db/users';
|
||||
import { createWorkflow } from './shared/db/workflows';
|
||||
import type { PublicUser } from '@/Interfaces';
|
||||
import { ExternalHooks } from '@/ExternalHooks';
|
||||
import { InternalHooks } from '@/InternalHooks';
|
||||
|
||||
const { any } = expect;
|
||||
@@ -46,8 +36,6 @@ let authOwnerAgent: SuperAgentTest;
|
||||
let authlessAgent: SuperAgentTest;
|
||||
|
||||
mockInstance(InternalHooks);
|
||||
const externalHooks = mockInstance(ExternalHooks);
|
||||
const mailer = mockInstance(UserManagementMailer, { isEmailSetUp: true });
|
||||
|
||||
const testServer = utils.setupTestServer({ endpointGroups: ['users'] });
|
||||
|
||||
@@ -88,29 +76,6 @@ const validatePublicUser = (user: PublicUser) => {
|
||||
expect(user.globalRole).toBeDefined();
|
||||
};
|
||||
|
||||
const assertInviteUserSuccessResponse = (data: UserInvitationResponse) => {
|
||||
expect(validator.isUUID(data.user.id)).toBe(true);
|
||||
expect(data.user.inviteAcceptUrl).toBeUndefined();
|
||||
expect(data.user.email).toBeDefined();
|
||||
expect(data.user.emailSent).toBe(true);
|
||||
};
|
||||
|
||||
const assertInviteUserErrorResponse = (data: UserInvitationResponse) => {
|
||||
expect(validator.isUUID(data.user.id)).toBe(true);
|
||||
expect(data.user.inviteAcceptUrl).toBeDefined();
|
||||
expect(data.user.email).toBeDefined();
|
||||
expect(data.user.emailSent).toBe(false);
|
||||
expect(data.error).toBeDefined();
|
||||
};
|
||||
|
||||
const assertInvitedUsersOnDb = (user: User) => {
|
||||
expect(user.firstName).toBeNull();
|
||||
expect(user.lastName).toBeNull();
|
||||
expect(user.personalizationAnswers).toBeNull();
|
||||
expect(user.password).toBeNull();
|
||||
expect(user.isPending).toBe(true);
|
||||
};
|
||||
|
||||
describe('GET /users', () => {
|
||||
test('should return all users', async () => {
|
||||
const response = await authOwnerAgent.get('/users').expect(200);
|
||||
@@ -414,244 +379,3 @@ describe('DELETE /users/:id', () => {
|
||||
expect(deletedUser).toBeNull();
|
||||
});
|
||||
});
|
||||
|
||||
describe('POST /users/:id', () => {
|
||||
test('should fill out a user shell', async () => {
|
||||
const memberShell = await createUserShell(globalMemberRole);
|
||||
|
||||
const memberData = {
|
||||
inviterId: owner.id,
|
||||
firstName: randomName(),
|
||||
lastName: randomName(),
|
||||
password: randomValidPassword(),
|
||||
};
|
||||
|
||||
const response = await authlessAgent.post(`/users/${memberShell.id}`).send(memberData);
|
||||
|
||||
const {
|
||||
id,
|
||||
email,
|
||||
firstName,
|
||||
lastName,
|
||||
personalizationAnswers,
|
||||
password,
|
||||
globalRole,
|
||||
isPending,
|
||||
apiKey,
|
||||
} = response.body.data;
|
||||
|
||||
expect(validator.isUUID(id)).toBe(true);
|
||||
expect(email).toBeDefined();
|
||||
expect(firstName).toBe(memberData.firstName);
|
||||
expect(lastName).toBe(memberData.lastName);
|
||||
expect(personalizationAnswers).toBeNull();
|
||||
expect(password).toBeUndefined();
|
||||
expect(isPending).toBe(false);
|
||||
expect(globalRole).toBeDefined();
|
||||
expect(apiKey).not.toBeDefined();
|
||||
|
||||
const authToken = utils.getAuthToken(response);
|
||||
expect(authToken).toBeDefined();
|
||||
|
||||
const member = await Container.get(UserRepository).findOneByOrFail({ id: memberShell.id });
|
||||
expect(member.firstName).toBe(memberData.firstName);
|
||||
expect(member.lastName).toBe(memberData.lastName);
|
||||
expect(member.password).not.toBe(memberData.password);
|
||||
});
|
||||
|
||||
test('should fail with invalid inputs', async () => {
|
||||
const memberShellEmail = randomEmail();
|
||||
|
||||
const memberShell = await Container.get(UserRepository).save({
|
||||
email: memberShellEmail,
|
||||
globalRole: globalMemberRole,
|
||||
});
|
||||
|
||||
const invalidPayloads = [
|
||||
{
|
||||
firstName: randomName(),
|
||||
lastName: randomName(),
|
||||
password: randomValidPassword(),
|
||||
},
|
||||
{
|
||||
inviterId: owner.id,
|
||||
firstName: randomName(),
|
||||
password: randomValidPassword(),
|
||||
},
|
||||
{
|
||||
inviterId: owner.id,
|
||||
firstName: randomName(),
|
||||
password: randomValidPassword(),
|
||||
},
|
||||
{
|
||||
inviterId: owner.id,
|
||||
firstName: randomName(),
|
||||
lastName: randomName(),
|
||||
},
|
||||
{
|
||||
inviterId: owner.id,
|
||||
firstName: randomName(),
|
||||
lastName: randomName(),
|
||||
password: randomInvalidPassword(),
|
||||
},
|
||||
];
|
||||
|
||||
for (const invalidPayload of invalidPayloads) {
|
||||
const response = await authlessAgent.post(`/users/${memberShell.id}`).send(invalidPayload);
|
||||
expect(response.statusCode).toBe(400);
|
||||
|
||||
const storedUser = await Container.get(UserRepository).findOneOrFail({
|
||||
where: { email: memberShellEmail },
|
||||
});
|
||||
|
||||
expect(storedUser.firstName).toBeNull();
|
||||
expect(storedUser.lastName).toBeNull();
|
||||
expect(storedUser.password).toBeNull();
|
||||
}
|
||||
});
|
||||
|
||||
test('should fail with already accepted invite', async () => {
|
||||
const member = await createUser({ globalRole: globalMemberRole });
|
||||
|
||||
const newMemberData = {
|
||||
inviterId: owner.id,
|
||||
firstName: randomName(),
|
||||
lastName: randomName(),
|
||||
password: randomValidPassword(),
|
||||
};
|
||||
|
||||
const response = await authlessAgent.post(`/users/${member.id}`).send(newMemberData);
|
||||
|
||||
expect(response.statusCode).toBe(400);
|
||||
|
||||
const storedMember = await Container.get(UserRepository).findOneOrFail({
|
||||
where: { email: member.email },
|
||||
});
|
||||
expect(storedMember.firstName).not.toBe(newMemberData.firstName);
|
||||
expect(storedMember.lastName).not.toBe(newMemberData.lastName);
|
||||
|
||||
const comparisonResult = await compareHash(member.password, storedMember.password);
|
||||
expect(comparisonResult).toBe(false);
|
||||
expect(storedMember.password).not.toBe(newMemberData.password);
|
||||
});
|
||||
});
|
||||
|
||||
describe('POST /users', () => {
|
||||
test('should fail with invalid inputs', async () => {
|
||||
const invalidPayloads = [
|
||||
randomEmail(),
|
||||
[randomEmail()],
|
||||
{},
|
||||
[{ name: randomName() }],
|
||||
[{ email: randomName() }],
|
||||
];
|
||||
|
||||
await Promise.all(
|
||||
invalidPayloads.map(async (invalidPayload) => {
|
||||
const response = await authOwnerAgent.post('/users').send(invalidPayload);
|
||||
expect(response.statusCode).toBe(400);
|
||||
|
||||
const users = await Container.get(UserRepository).find();
|
||||
expect(users.length).toBe(2); // DB unaffected
|
||||
}),
|
||||
);
|
||||
});
|
||||
|
||||
test('should ignore an empty payload', async () => {
|
||||
const response = await authOwnerAgent.post('/users').send([]);
|
||||
|
||||
const { data } = response.body;
|
||||
|
||||
expect(response.statusCode).toBe(200);
|
||||
expect(Array.isArray(data)).toBe(true);
|
||||
expect(data.length).toBe(0);
|
||||
|
||||
const users = await Container.get(UserRepository).find();
|
||||
expect(users.length).toBe(2);
|
||||
});
|
||||
|
||||
test('should succeed if emailing is not set up', async () => {
|
||||
mailer.invite.mockResolvedValueOnce({ emailSent: false });
|
||||
const usersToInvite = randomEmail();
|
||||
const response = await authOwnerAgent.post('/users').send([{ email: usersToInvite }]);
|
||||
|
||||
expect(response.statusCode).toBe(200);
|
||||
expect(response.body.data).toBeInstanceOf(Array);
|
||||
expect(response.body.data.length).toBe(1);
|
||||
const { user } = response.body.data[0];
|
||||
expect(user.inviteAcceptUrl).toBeDefined();
|
||||
const inviteUrl = new URL(user.inviteAcceptUrl);
|
||||
expect(inviteUrl.searchParams.get('inviterId')).toBe(owner.id);
|
||||
expect(inviteUrl.searchParams.get('inviteeId')).toBe(user.id);
|
||||
});
|
||||
|
||||
test('should email invites and create user shells but ignore existing', async () => {
|
||||
const internalHooks = Container.get(InternalHooks);
|
||||
|
||||
mailer.invite.mockImplementation(async () => ({ emailSent: true }));
|
||||
|
||||
const memberShell = await createUserShell(globalMemberRole);
|
||||
|
||||
const newUser = randomEmail();
|
||||
|
||||
const shellUsers = [memberShell.email];
|
||||
const usersToInvite = [newUser, ...shellUsers];
|
||||
const usersToCreate = [newUser];
|
||||
const existingUsers = [member.email];
|
||||
|
||||
const testEmails = [...usersToInvite, ...existingUsers];
|
||||
|
||||
const payload = testEmails.map((email) => ({ email }));
|
||||
|
||||
const response = await authOwnerAgent.post('/users').send(payload);
|
||||
|
||||
expect(response.statusCode).toBe(200);
|
||||
|
||||
expect(internalHooks.onUserTransactionalEmail).toHaveBeenCalledTimes(usersToInvite.length);
|
||||
|
||||
expect(externalHooks.run).toHaveBeenCalledTimes(1);
|
||||
const [hookName, hookData] = externalHooks.run.mock.calls[0];
|
||||
expect(hookName).toBe('user.invited');
|
||||
expect(hookData?.[0]).toStrictEqual(usersToCreate);
|
||||
|
||||
for (const invitationResponse of response.body.data as UserInvitationResponse[]) {
|
||||
const storedUser = await Container.get(UserRepository).findOneByOrFail({
|
||||
id: invitationResponse.user.id,
|
||||
});
|
||||
|
||||
assertInviteUserSuccessResponse(invitationResponse);
|
||||
|
||||
assertInvitedUsersOnDb(storedUser);
|
||||
}
|
||||
|
||||
for (const [onUserTransactionalEmailParameter] of internalHooks.onUserTransactionalEmail.mock
|
||||
.calls) {
|
||||
expect(onUserTransactionalEmailParameter.user_id).toBeDefined();
|
||||
expect(onUserTransactionalEmailParameter.message_type).toBe('New user invite');
|
||||
expect(onUserTransactionalEmailParameter.public_api).toBe(false);
|
||||
}
|
||||
});
|
||||
|
||||
test('should return error when invite method throws an error', async () => {
|
||||
const error = 'failed to send email';
|
||||
|
||||
mailer.invite.mockImplementation(async () => {
|
||||
throw new Error(error);
|
||||
});
|
||||
|
||||
const newUser = randomEmail();
|
||||
|
||||
const usersToCreate = [newUser];
|
||||
|
||||
const payload = usersToCreate.map((email) => ({ email }));
|
||||
|
||||
const response = await authOwnerAgent.post('/users').send(payload);
|
||||
|
||||
expect(response.body.data).toBeInstanceOf(Array);
|
||||
expect(response.body.data.length).toBe(1);
|
||||
expect(response.statusCode).toBe(200);
|
||||
const invitationResponse = response.body.data[0];
|
||||
|
||||
assertInviteUserErrorResponse(invitationResponse);
|
||||
});
|
||||
});
|
||||
|
||||
Reference in New Issue
Block a user