mirror of
https://github.com/Abdulazizzn/n8n-enterprise-unlocked.git
synced 2025-12-17 18:12:04 +00:00
refactor(core): Remove roleId indirection (no-changelog) (#8413)
This commit is contained in:
कारतोफ्फेलस्क्रिप्ट™
committed by
GitHub
GitHub
parent
1affebd85e
commit
d6deceacde
@@ -1,12 +1,11 @@
|
||||
import { Container } from 'typedi';
|
||||
import { CredentialsEntity } from '@db/entities/CredentialsEntity';
|
||||
import type { User } from '@db/entities/User';
|
||||
import type { Role } from '@db/entities/Role';
|
||||
import type { ICredentialsDb } from '@/Interfaces';
|
||||
import { RoleService } from '@/services/role.service';
|
||||
import type { CredentialPayload } from '../types';
|
||||
import Container from 'typedi';
|
||||
import { CredentialsRepository } from '@db/repositories/credentials.repository';
|
||||
import { SharedCredentialsRepository } from '@db/repositories/sharedCredentials.repository';
|
||||
import type { CredentialSharingRole } from '@db/entities/SharedCredentials';
|
||||
import type { ICredentialsDb } from '@/Interfaces';
|
||||
import type { CredentialPayload } from '../types';
|
||||
|
||||
async function encryptCredentialData(credential: CredentialsEntity) {
|
||||
const { createCredentialsFromCredentialsEntity } = await import('@/CredentialsHelper');
|
||||
@@ -48,7 +47,7 @@ export async function createCredentials(attributes: Partial<CredentialsEntity> =
|
||||
*/
|
||||
export async function saveCredential(
|
||||
credentialPayload: CredentialPayload,
|
||||
{ user, role }: { user: User; role: Role },
|
||||
{ user, role }: { user: User; role: CredentialSharingRole },
|
||||
) {
|
||||
const newCredential = new CredentialsEntity();
|
||||
|
||||
@@ -72,18 +71,17 @@ export async function saveCredential(
|
||||
}
|
||||
|
||||
export async function shareCredentialWithUsers(credential: CredentialsEntity, users: User[]) {
|
||||
const role = await Container.get(RoleService).findCredentialUserRole();
|
||||
const newSharedCredentials = users.map((user) =>
|
||||
Container.get(SharedCredentialsRepository).create({
|
||||
userId: user.id,
|
||||
credentialsId: credential.id,
|
||||
roleId: role?.id,
|
||||
role: 'credential:user',
|
||||
}),
|
||||
);
|
||||
return await Container.get(SharedCredentialsRepository).save(newSharedCredentials);
|
||||
}
|
||||
|
||||
export function affixRoleToSaveCredential(role: Role) {
|
||||
export function affixRoleToSaveCredential(role: CredentialSharingRole) {
|
||||
return async (credentialPayload: CredentialPayload, { user }: { user: User }) =>
|
||||
await saveCredential(credentialPayload, { user, role });
|
||||
}
|
||||
|
||||
@@ -1,35 +0,0 @@
|
||||
import Container from 'typedi';
|
||||
import { RoleService } from '@/services/role.service';
|
||||
|
||||
export async function getGlobalOwnerRole() {
|
||||
return await Container.get(RoleService).findGlobalOwnerRole();
|
||||
}
|
||||
|
||||
export async function getGlobalMemberRole() {
|
||||
return await Container.get(RoleService).findGlobalMemberRole();
|
||||
}
|
||||
|
||||
export async function getGlobalAdminRole() {
|
||||
return await Container.get(RoleService).findGlobalAdminRole();
|
||||
}
|
||||
|
||||
export async function getWorkflowOwnerRole() {
|
||||
return await Container.get(RoleService).findWorkflowOwnerRole();
|
||||
}
|
||||
|
||||
export async function getWorkflowEditorRole() {
|
||||
return await Container.get(RoleService).findWorkflowEditorRole();
|
||||
}
|
||||
|
||||
export async function getCredentialOwnerRole() {
|
||||
return await Container.get(RoleService).findCredentialOwnerRole();
|
||||
}
|
||||
|
||||
export async function getAllRoles() {
|
||||
return await Promise.all([
|
||||
getGlobalOwnerRole(),
|
||||
getGlobalMemberRole(),
|
||||
getWorkflowOwnerRole(),
|
||||
getCredentialOwnerRole(),
|
||||
]);
|
||||
}
|
||||
@@ -1,28 +1,25 @@
|
||||
import Container from 'typedi';
|
||||
import { hash } from 'bcryptjs';
|
||||
import { AuthIdentity } from '@db/entities/AuthIdentity';
|
||||
import type { Role } from '@db/entities/Role';
|
||||
import type { User } from '@db/entities/User';
|
||||
import type { GlobalRole, User } from '@db/entities/User';
|
||||
import { AuthIdentityRepository } from '@db/repositories/authIdentity.repository';
|
||||
import { UserRepository } from '@db/repositories/user.repository';
|
||||
import { TOTPService } from '@/Mfa/totp.service';
|
||||
import { MfaService } from '@/Mfa/mfa.service';
|
||||
|
||||
import { randomApiKey, randomEmail, randomName, randomValidPassword } from '../random';
|
||||
import { getGlobalAdminRole, getGlobalMemberRole, getGlobalOwnerRole } from './roles';
|
||||
|
||||
/**
|
||||
* Store a user in the DB, defaulting to a `member`.
|
||||
*/
|
||||
export async function createUser(attributes: Partial<User> = {}): Promise<User> {
|
||||
const { email, password, firstName, lastName, globalRole, ...rest } = attributes;
|
||||
const { email, password, firstName, lastName, role, ...rest } = attributes;
|
||||
const user = Container.get(UserRepository).create({
|
||||
email: email ?? randomEmail(),
|
||||
password: await hash(password ?? randomValidPassword(), 10),
|
||||
firstName: firstName ?? randomName(),
|
||||
lastName: lastName ?? randomName(),
|
||||
globalRoleId: (globalRole ?? (await getGlobalMemberRole())).id,
|
||||
globalRole,
|
||||
role: role ?? 'global:member',
|
||||
...rest,
|
||||
});
|
||||
user.computeIsOwner();
|
||||
@@ -70,25 +67,21 @@ export async function createUserWithMfaEnabled(
|
||||
}
|
||||
|
||||
export async function createOwner() {
|
||||
return await createUser({ globalRole: await getGlobalOwnerRole() });
|
||||
return await createUser({ role: 'global:owner' });
|
||||
}
|
||||
|
||||
export async function createMember() {
|
||||
return await createUser({ globalRole: await getGlobalMemberRole() });
|
||||
return await createUser({ role: 'global:member' });
|
||||
}
|
||||
|
||||
export async function createAdmin() {
|
||||
return await createUser({ globalRole: await getGlobalAdminRole() });
|
||||
return await createUser({ role: 'global:admin' });
|
||||
}
|
||||
|
||||
export async function createUserShell(globalRole: Role): Promise<User> {
|
||||
if (globalRole.scope !== 'global') {
|
||||
throw new Error(`Invalid role received: ${JSON.stringify(globalRole)}`);
|
||||
}
|
||||
export async function createUserShell(role: GlobalRole): Promise<User> {
|
||||
const shell: Partial<User> = { role };
|
||||
|
||||
const shell: Partial<User> = { globalRoleId: globalRole.id };
|
||||
|
||||
if (globalRole.name !== 'owner') {
|
||||
if (role !== 'global:owner') {
|
||||
shell.email = randomEmail();
|
||||
}
|
||||
|
||||
@@ -102,10 +95,7 @@ export async function createManyUsers(
|
||||
amount: number,
|
||||
attributes: Partial<User> = {},
|
||||
): Promise<User[]> {
|
||||
let { email, password, firstName, lastName, globalRole, ...rest } = attributes;
|
||||
if (!globalRole) {
|
||||
globalRole = await getGlobalMemberRole();
|
||||
}
|
||||
let { email, password, firstName, lastName, role, ...rest } = attributes;
|
||||
|
||||
const users = await Promise.all(
|
||||
[...Array(amount)].map(async () =>
|
||||
@@ -114,7 +104,7 @@ export async function createManyUsers(
|
||||
password: await hash(password ?? randomValidPassword(), 10),
|
||||
firstName: firstName ?? randomName(),
|
||||
lastName: lastName ?? randomName(),
|
||||
globalRole,
|
||||
role: role ?? 'global:member',
|
||||
...rest,
|
||||
}),
|
||||
),
|
||||
@@ -130,13 +120,13 @@ export async function addApiKey(user: User): Promise<User> {
|
||||
|
||||
export const getAllUsers = async () =>
|
||||
await Container.get(UserRepository).find({
|
||||
relations: ['globalRole', 'authIdentities'],
|
||||
relations: ['authIdentities'],
|
||||
});
|
||||
|
||||
export const getUserById = async (id: string) =>
|
||||
await Container.get(UserRepository).findOneOrFail({
|
||||
where: { id },
|
||||
relations: ['globalRole', 'authIdentities'],
|
||||
relations: ['authIdentities'],
|
||||
});
|
||||
|
||||
export const getLdapIdentities = async () =>
|
||||
|
||||
@@ -1,10 +1,12 @@
|
||||
import Container from 'typedi';
|
||||
import type { DeepPartial } from 'typeorm';
|
||||
import { v4 as uuid } from 'uuid';
|
||||
|
||||
import type { User } from '@db/entities/User';
|
||||
import type { WorkflowEntity } from '@db/entities/WorkflowEntity';
|
||||
import { SharedWorkflowRepository } from '@db/repositories/sharedWorkflow.repository';
|
||||
import { WorkflowRepository } from '@db/repositories/workflow.repository';
|
||||
import { getWorkflowEditorRole, getWorkflowOwnerRole } from './roles';
|
||||
import type { SharedWorkflow } from '@db/entities/SharedWorkflow';
|
||||
|
||||
export async function createManyWorkflows(
|
||||
amount: number,
|
||||
@@ -49,18 +51,17 @@ export async function createWorkflow(attributes: Partial<WorkflowEntity> = {}, u
|
||||
await Container.get(SharedWorkflowRepository).save({
|
||||
user,
|
||||
workflow,
|
||||
role: await getWorkflowOwnerRole(),
|
||||
role: 'workflow:owner',
|
||||
});
|
||||
}
|
||||
return workflow;
|
||||
}
|
||||
|
||||
export async function shareWorkflowWithUsers(workflow: WorkflowEntity, users: User[]) {
|
||||
const role = await getWorkflowEditorRole();
|
||||
const sharedWorkflows = users.map((user) => ({
|
||||
user,
|
||||
workflow,
|
||||
role,
|
||||
const sharedWorkflows: Array<DeepPartial<SharedWorkflow>> = users.map((user) => ({
|
||||
userId: user.id,
|
||||
workflowId: workflow.id,
|
||||
role: 'workflow:editor',
|
||||
}));
|
||||
return await Container.get(SharedWorkflowRepository).save(sharedWorkflows);
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user