mirror of
https://github.com/Abdulazizzn/n8n-enterprise-unlocked.git
synced 2025-12-17 01:56:46 +00:00
feat: Add endpoint to retrieve single workflow from GH (#17220)
Co-authored-by: Guillaume Jacquart <jacquart.guillaume@gmail.com>
This commit is contained in:
Raúl Gómez Morales
committed by
GitHub
GitHub
parent
ac552e68fd
commit
c4ba31ef62
@@ -68,4 +68,41 @@ describe('SourceControlGitService', () => {
|
||||
});
|
||||
});
|
||||
});
|
||||
|
||||
describe('getFileContent', () => {
|
||||
it('should return file content at HEAD version', async () => {
|
||||
// Arrange
|
||||
const filePath = 'workflows/12345.json';
|
||||
const expectedContent = '{"id":"12345","name":"Test Workflow"}';
|
||||
const git = mock<SimpleGit>();
|
||||
const showSpy = jest.spyOn(git, 'show');
|
||||
showSpy.mockResolvedValue(expectedContent);
|
||||
sourceControlGitService.git = git;
|
||||
|
||||
// Act
|
||||
const content = await sourceControlGitService.getFileContent(filePath);
|
||||
|
||||
// Assert
|
||||
expect(showSpy).toHaveBeenCalledWith([`HEAD:${filePath}`]);
|
||||
expect(content).toBe(expectedContent);
|
||||
});
|
||||
|
||||
it('should return file content at specific commit', async () => {
|
||||
// Arrange
|
||||
const filePath = 'workflows/12345.json';
|
||||
const commitHash = 'abc123';
|
||||
const expectedContent = '{"id":"12345","name":"Test Workflow"}';
|
||||
const git = mock<SimpleGit>();
|
||||
const showSpy = jest.spyOn(git, 'show');
|
||||
showSpy.mockResolvedValue(expectedContent);
|
||||
sourceControlGitService.git = git;
|
||||
|
||||
// Act
|
||||
const content = await sourceControlGitService.getFileContent(filePath, commitHash);
|
||||
|
||||
// Assert
|
||||
expect(showSpy).toHaveBeenCalledWith([`${commitHash}:${filePath}`]);
|
||||
expect(content).toBe(expectedContent);
|
||||
});
|
||||
});
|
||||
});
|
||||
|
||||
@@ -6,6 +6,7 @@ import type {
|
||||
User,
|
||||
FolderRepository,
|
||||
TagRepository,
|
||||
WorkflowEntity,
|
||||
} from '@n8n/db';
|
||||
import { Container } from '@n8n/di';
|
||||
import { mock } from 'jest-mock-extended';
|
||||
@@ -15,7 +16,9 @@ import { SourceControlPreferencesService } from '@/environments.ee/source-contro
|
||||
import { SourceControlService } from '@/environments.ee/source-control/source-control.service.ee';
|
||||
import { ForbiddenError } from '@/errors/response-errors/forbidden.error';
|
||||
|
||||
import type { SourceControlGitService } from '../source-control-git.service.ee';
|
||||
import type { SourceControlImportService } from '../source-control-import.service.ee';
|
||||
import type { SourceControlScopedService } from '../source-control-scoped.service';
|
||||
import type { StatusExportableCredential } from '../types/exportable-credential';
|
||||
import type { SourceControlWorkflowVersionId } from '../types/source-control-workflow-version-id';
|
||||
|
||||
@@ -28,14 +31,17 @@ describe('SourceControlService', () => {
|
||||
mock(),
|
||||
);
|
||||
const sourceControlImportService = mock<SourceControlImportService>();
|
||||
const sourceControlScopedService = mock<SourceControlScopedService>();
|
||||
const tagRepository = mock<TagRepository>();
|
||||
const folderRepository = mock<FolderRepository>();
|
||||
const gitService = mock<SourceControlGitService>();
|
||||
const sourceControlService = new SourceControlService(
|
||||
mock(),
|
||||
mock(),
|
||||
gitService,
|
||||
preferencesService,
|
||||
mock(),
|
||||
sourceControlImportService,
|
||||
sourceControlScopedService,
|
||||
tagRepository,
|
||||
folderRepository,
|
||||
mock(),
|
||||
@@ -375,4 +381,65 @@ describe('SourceControlService', () => {
|
||||
).rejects.toThrowError(ForbiddenError);
|
||||
});
|
||||
});
|
||||
|
||||
describe('getFileContent', () => {
|
||||
it.each([{ type: 'workflow' as SourceControlledFile['type'], id: '1234', content: '{}' }])(
|
||||
'should return file content for $type',
|
||||
async ({ type, id, content }) => {
|
||||
jest.spyOn(gitService, 'getFileContent').mockResolvedValue(content);
|
||||
const user = mock<User>({ id: 'user-id', role: 'global:admin' });
|
||||
|
||||
const result = await sourceControlService.getRemoteFileEntity({ user, type, id });
|
||||
|
||||
expect(result).toEqual(JSON.parse(content));
|
||||
},
|
||||
);
|
||||
|
||||
it.each<SourceControlledFile['type']>(['folders', 'credential', 'tags', 'variables'])(
|
||||
'should throw an error if the file type is not handled',
|
||||
async (type) => {
|
||||
const user = mock<User>({ id: 'user-id', role: 'global:admin' });
|
||||
await expect(
|
||||
sourceControlService.getRemoteFileEntity({ user, type, id: 'unknown' }),
|
||||
).rejects.toThrow(`Unsupported file type: ${type}`);
|
||||
},
|
||||
);
|
||||
|
||||
it('should fail if the git service fails to get the file content', async () => {
|
||||
jest.spyOn(gitService, 'getFileContent').mockRejectedValue(new Error('Git service error'));
|
||||
const user = mock<User>({ id: 'user-id', role: 'global:admin' });
|
||||
|
||||
await expect(
|
||||
sourceControlService.getRemoteFileEntity({ user, type: 'workflow', id: '1234' }),
|
||||
).rejects.toThrow('Git service error');
|
||||
});
|
||||
|
||||
it('should throw an error if the user does not have access to the project', async () => {
|
||||
const user = mock<User>({
|
||||
id: 'user-id',
|
||||
role: 'global:member',
|
||||
});
|
||||
jest
|
||||
.spyOn(sourceControlScopedService, 'getWorkflowsInAdminProjectsFromContext')
|
||||
.mockResolvedValue([]);
|
||||
|
||||
await expect(
|
||||
sourceControlService.getRemoteFileEntity({ user, type: 'workflow', id: '1234' }),
|
||||
).rejects.toThrow('You are not allowed to access workflow with id 1234');
|
||||
});
|
||||
|
||||
it('should return content for an authorized workflow', async () => {
|
||||
const user = mock<User>({ id: 'user-id', role: 'global:member' });
|
||||
jest
|
||||
.spyOn(sourceControlScopedService, 'getWorkflowsInAdminProjectsFromContext')
|
||||
.mockResolvedValue([{ id: '1234' } as WorkflowEntity]);
|
||||
jest.spyOn(gitService, 'getFileContent').mockResolvedValue('{}');
|
||||
const result = await sourceControlService.getRemoteFileEntity({
|
||||
user,
|
||||
type: 'workflow',
|
||||
id: '1234',
|
||||
});
|
||||
expect(result).toEqual({});
|
||||
});
|
||||
});
|
||||
});
|
||||
|
||||
@@ -387,4 +387,20 @@ export class SourceControlGitService {
|
||||
const statusResult = await this.git.status();
|
||||
return statusResult;
|
||||
}
|
||||
|
||||
async getFileContent(filePath: string, commit: string = 'HEAD'): Promise<string> {
|
||||
if (!this.git) {
|
||||
throw new UnexpectedError('Git is not initialized (getFileContent)');
|
||||
}
|
||||
try {
|
||||
const content = await this.git.show([`${commit}:${filePath}`]);
|
||||
return content;
|
||||
} catch (error) {
|
||||
this.logger.error('Failed to get file content', { filePath, error });
|
||||
throw new UnexpectedError(
|
||||
`Could not get content for file: ${filePath}: ${(error as Error)?.message}`,
|
||||
{ cause: error },
|
||||
);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
@@ -12,10 +12,10 @@ import { hasGlobalScope } from '@n8n/permissions';
|
||||
// eslint-disable-next-line n8n-local-rules/misplaced-n8n-typeorm-import
|
||||
import type { FindOptionsWhere } from '@n8n/typeorm';
|
||||
|
||||
import { ForbiddenError } from '@/errors/response-errors/forbidden.error';
|
||||
|
||||
import { SourceControlContext } from './types/source-control-context';
|
||||
|
||||
import { ForbiddenError } from '@/errors/response-errors/forbidden.error';
|
||||
|
||||
@Service()
|
||||
export class SourceControlScopedService {
|
||||
constructor(
|
||||
@@ -65,17 +65,23 @@ export class SourceControlScopedService {
|
||||
|
||||
async getWorkflowsInAdminProjectsFromContext(
|
||||
context: SourceControlContext,
|
||||
id?: string,
|
||||
): Promise<WorkflowEntity[] | undefined> {
|
||||
if (context.hasAccessToAllProjects()) {
|
||||
// In case the user is a global admin or owner, we don't need a filter
|
||||
return;
|
||||
}
|
||||
|
||||
const where = this.getWorkflowsInAdminProjectsFromContextFilter(context);
|
||||
if (id) {
|
||||
where.id = id;
|
||||
}
|
||||
|
||||
return await this.workflowRepository.find({
|
||||
select: {
|
||||
id: true,
|
||||
},
|
||||
where: this.getWorkflowsInAdminProjectsFromContextFilter(context),
|
||||
where,
|
||||
});
|
||||
}
|
||||
|
||||
|
||||
@@ -1,3 +1,4 @@
|
||||
import { IWorkflowToImport } from '@/interfaces';
|
||||
import { PullWorkFolderRequestDto, PushWorkFolderRequestDto } from '@n8n/api-types';
|
||||
import type { SourceControlledFile } from '@n8n/api-types';
|
||||
import { AuthenticatedRequest } from '@n8n/db';
|
||||
@@ -5,9 +6,6 @@ import { Get, Post, Patch, RestController, GlobalScope, Body } from '@n8n/decora
|
||||
import express from 'express';
|
||||
import type { PullResult } from 'simple-git';
|
||||
|
||||
import { BadRequestError } from '@/errors/response-errors/bad-request.error';
|
||||
import { EventService } from '@/events/event.service';
|
||||
|
||||
import { SOURCE_CONTROL_DEFAULT_BRANCH } from './constants';
|
||||
import {
|
||||
sourceControlLicensedMiddleware,
|
||||
@@ -22,6 +20,10 @@ import { SourceControlRequest } from './types/requests';
|
||||
import { SourceControlGetStatus } from './types/source-control-get-status';
|
||||
import type { SourceControlPreferences } from './types/source-control-preferences';
|
||||
|
||||
import { BadRequestError } from '@/errors/response-errors/bad-request.error';
|
||||
import { ForbiddenError } from '@/errors/response-errors/forbidden.error';
|
||||
import { EventService } from '@/events/event.service';
|
||||
|
||||
@RestController('/source-control')
|
||||
export class SourceControlController {
|
||||
constructor(
|
||||
@@ -252,4 +254,24 @@ export class SourceControlController {
|
||||
throw new BadRequestError((error as { message: string }).message);
|
||||
}
|
||||
}
|
||||
|
||||
@Get('/remote-content/:type/:id', { middlewares: [sourceControlLicensedAndEnabledMiddleware] })
|
||||
async getFileContent(
|
||||
req: AuthenticatedRequest & { params: { type: SourceControlledFile['type']; id: string } },
|
||||
): Promise<{ content: IWorkflowToImport; type: SourceControlledFile['type'] }> {
|
||||
try {
|
||||
const { type, id } = req.params;
|
||||
const content = await this.sourceControlService.getRemoteFileEntity({
|
||||
user: req.user,
|
||||
type,
|
||||
id,
|
||||
});
|
||||
return { content, type };
|
||||
} catch (error) {
|
||||
if (error instanceof ForbiddenError) {
|
||||
throw error;
|
||||
}
|
||||
throw new BadRequestError((error as { message: string }).message);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
@@ -1,3 +1,4 @@
|
||||
import { IWorkflowToImport } from '@/interfaces';
|
||||
import type {
|
||||
PullWorkFolderRequestDto,
|
||||
PushWorkFolderRequestDto,
|
||||
@@ -14,18 +15,15 @@ import {
|
||||
import { Service } from '@n8n/di';
|
||||
import { hasGlobalScope } from '@n8n/permissions';
|
||||
import { writeFileSync } from 'fs';
|
||||
import { UnexpectedError, UserError } from 'n8n-workflow';
|
||||
import { UnexpectedError, UserError, jsonParse } from 'n8n-workflow';
|
||||
import path from 'path';
|
||||
import type { PushResult } from 'simple-git';
|
||||
|
||||
import { BadRequestError } from '@/errors/response-errors/bad-request.error';
|
||||
import { ForbiddenError } from '@/errors/response-errors/forbidden.error';
|
||||
import { EventService } from '@/events/event.service';
|
||||
|
||||
import {
|
||||
SOURCE_CONTROL_DEFAULT_EMAIL,
|
||||
SOURCE_CONTROL_DEFAULT_NAME,
|
||||
SOURCE_CONTROL_README,
|
||||
SOURCE_CONTROL_WORKFLOW_EXPORT_FOLDER,
|
||||
} from './constants';
|
||||
import { SourceControlExportService } from './source-control-export.service.ee';
|
||||
import { SourceControlGitService } from './source-control-git.service.ee';
|
||||
@@ -42,6 +40,7 @@ import {
|
||||
} from './source-control-helper.ee';
|
||||
import { SourceControlImportService } from './source-control-import.service.ee';
|
||||
import { SourceControlPreferencesService } from './source-control-preferences.service.ee';
|
||||
import { SourceControlScopedService } from './source-control-scoped.service';
|
||||
import type { StatusExportableCredential } from './types/exportable-credential';
|
||||
import type { ExportableFolder } from './types/exportable-folders';
|
||||
import type { ImportResult } from './types/import-result';
|
||||
@@ -50,6 +49,10 @@ import type { SourceControlGetStatus } from './types/source-control-get-status';
|
||||
import type { SourceControlPreferences } from './types/source-control-preferences';
|
||||
import type { SourceControlWorkflowVersionId } from './types/source-control-workflow-version-id';
|
||||
|
||||
import { BadRequestError } from '@/errors/response-errors/bad-request.error';
|
||||
import { ForbiddenError } from '@/errors/response-errors/forbidden.error';
|
||||
import { EventService } from '@/events/event.service';
|
||||
|
||||
@Service()
|
||||
export class SourceControlService {
|
||||
/** Path to SSH private key in filesystem. */
|
||||
@@ -65,6 +68,7 @@ export class SourceControlService {
|
||||
private sourceControlPreferencesService: SourceControlPreferencesService,
|
||||
private sourceControlExportService: SourceControlExportService,
|
||||
private sourceControlImportService: SourceControlImportService,
|
||||
private sourceControlScopedService: SourceControlScopedService,
|
||||
private tagRepository: TagRepository,
|
||||
private folderRepository: FolderRepository,
|
||||
private readonly eventService: EventService,
|
||||
@@ -1048,4 +1052,39 @@ export class SourceControlService {
|
||||
await this.sanityCheck();
|
||||
await this.gitService.setGitUserDetails(name, email);
|
||||
}
|
||||
|
||||
async getRemoteFileEntity({
|
||||
user,
|
||||
type,
|
||||
id,
|
||||
commit = 'HEAD',
|
||||
}: {
|
||||
user: User;
|
||||
type: SourceControlledFile['type'];
|
||||
id?: string;
|
||||
commit?: string;
|
||||
}): Promise<IWorkflowToImport> {
|
||||
await this.sanityCheck();
|
||||
const context = new SourceControlContext(user);
|
||||
switch (type) {
|
||||
case 'workflow': {
|
||||
if (typeof id === 'undefined') {
|
||||
throw new BadRequestError('Workflow ID is required to fetch workflow content');
|
||||
}
|
||||
|
||||
const authorizedWorkflows =
|
||||
await this.sourceControlScopedService.getWorkflowsInAdminProjectsFromContext(context, id);
|
||||
if (authorizedWorkflows && authorizedWorkflows.length === 0) {
|
||||
throw new ForbiddenError(`You are not allowed to access workflow with id ${id}`);
|
||||
}
|
||||
const content = await this.gitService.getFileContent(
|
||||
`${SOURCE_CONTROL_WORKFLOW_EXPORT_FOLDER}/${id}.json`,
|
||||
commit,
|
||||
);
|
||||
return jsonParse<IWorkflowToImport>(content);
|
||||
}
|
||||
default:
|
||||
throw new BadRequestError(`Unsupported file type: ${type}`);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
@@ -27,6 +27,7 @@ import { SourceControlExportService } from '@/environments.ee/source-control/sou
|
||||
import type { SourceControlGitService } from '@/environments.ee/source-control/source-control-git.service.ee';
|
||||
import { SourceControlImportService } from '@/environments.ee/source-control/source-control-import.service.ee';
|
||||
import { SourceControlPreferencesService } from '@/environments.ee/source-control/source-control-preferences.service.ee';
|
||||
import { SourceControlScopedService } from '@/environments.ee/source-control/source-control-scoped.service';
|
||||
import { SourceControlService } from '@/environments.ee/source-control/source-control.service.ee';
|
||||
import type { ExportableCredential } from '@/environments.ee/source-control/types/exportable-credential';
|
||||
import type { ExportableFolder } from '@/environments.ee/source-control/types/exportable-folders';
|
||||
@@ -428,6 +429,7 @@ describe('SourceControlService', () => {
|
||||
sourceControlPreferencesService,
|
||||
Container.get(SourceControlExportService),
|
||||
Container.get(SourceControlImportService),
|
||||
Container.get(SourceControlScopedService),
|
||||
Container.get(TagRepository),
|
||||
Container.get(FolderRepository),
|
||||
Container.get(EventService),
|
||||
|
||||
Reference in New Issue
Block a user