admin/n8n-enterprise-unlocked
1
0
Fork 0
mirror of https://github.com/Abdulazizzn/n8n-enterprise-unlocked.git synced 2025-12-18 10:31:15 +00:00
Code Issues Packages Projects Releases Wiki Activity

Revert "chore(core): Use roles from database in global roles (#17853)" (#18738)

Browse Source
This commit is contained in:
Andreas Fitzek
2025-08-25 14:29:28 +02:00
committed by GitHub
parent b62c957c71
commit a21a03d4b0
117 changed files with 410 additions and 875 deletions
Download Patch File Download Diff File Expand all files Collapse all files

33
packages/cli/src/controllers/users.controller.ts
View File

@@ -15,8 +15,6 @@ import {
SharedWorkflowRepository,
UserRepository,
AuthenticatedRequest,
GLOBAL_ADMIN_ROLE,
GLOBAL_OWNER_ROLE,
} from '@n8n/db';
import {
GlobalScope,
@@ -117,9 +115,6 @@ export class UsersController {
withInviteUrl,
inviterId: req.user.id,
});
if (listQueryOptions.select && !listQueryOptions.select?.includes('role')) {
delete user.role;
}
return {
...user,
projectRelations: u.projectRelations?.map((pr) => ({
@@ -142,16 +137,12 @@ export class UsersController {
async getUserPasswordResetLink(req: UserRequest.PasswordResetLink) {
const user = await this.userRepository.findOneOrFail({
where: { id: req.params.id },
relations: ['role'],
});
if (!user) {
throw new NotFoundError('User not found');
}
if (
req.user.role.slug === GLOBAL_ADMIN_ROLE.slug &&
user.role.slug === GLOBAL_OWNER_ROLE.slug
) {
if (req.user.role === 'global:admin' && user.role === 'global:owner') {
throw new ForbiddenError('Admin cannot reset password of global owner');
}
@@ -195,10 +186,7 @@ export class UsersController {
const { transferId } = req.query;
const userToDelete = await this.userRepository.findOne({
where: { id: idToDelete },
relations: ['role'],
});
const userToDelete = await this.userRepository.findOneBy({ id: idToDelete });
if (!userToDelete) {
throw new NotFoundError(
@@ -206,7 +194,7 @@ export class UsersController {
);
}
if (userToDelete.role.slug === GLOBAL_OWNER_ROLE.slug) {
if (userToDelete.role === 'global:owner') {
throw new ForbiddenError('Instance owner cannot be deleted.');
}
@@ -314,25 +302,16 @@ export class UsersController {
const { NO_ADMIN_ON_OWNER, NO_USER, NO_OWNER_ON_OWNER } =
UsersController.ERROR_MESSAGES.CHANGE_ROLE;
const targetUser = await this.userRepository.findOne({
where: { id },
relations: ['role'],
});
const targetUser = await this.userRepository.findOneBy({ id });
if (targetUser === null) {
throw new NotFoundError(NO_USER);
}
if (
req.user.role.slug === GLOBAL_ADMIN_ROLE.slug &&
targetUser.role.slug === GLOBAL_OWNER_ROLE.slug
) {
if (req.user.role === 'global:admin' && targetUser.role === 'global:owner') {
throw new ForbiddenError(NO_ADMIN_ON_OWNER);
}
if (
req.user.role.slug === GLOBAL_OWNER_ROLE.slug &&
targetUser.role.slug === GLOBAL_OWNER_ROLE.slug
) {
if (req.user.role === 'global:owner' && targetUser.role === 'global:owner') {
throw new ForbiddenError(NO_OWNER_ON_OWNER);
}