mirror of
https://github.com/Abdulazizzn/n8n-enterprise-unlocked.git
synced 2025-12-16 17:46:45 +00:00
fix(core): Move /module-settings behind auth (#18492)
This commit is contained in:
Tomi Turtiainen
16
packages/cli/src/controllers/module-settings.controller.ts
Normal file
16
packages/cli/src/controllers/module-settings.controller.ts
Normal file
@@ -0,0 +1,16 @@
|
||||
import { Get, RestController } from '@n8n/decorators';
|
||||
|
||||
import { FrontendService } from '@/services/frontend.service';
|
||||
|
||||
@RestController('/module-settings')
|
||||
export class ModuleSettingsController {
|
||||
constructor(private readonly frontendService: FrontendService) {}
|
||||
|
||||
/**
|
||||
* @returns settings for all loaded modules
|
||||
*/
|
||||
@Get('/')
|
||||
getModuleSettings() {
|
||||
return this.frontendService.getModuleSettings();
|
||||
}
|
||||
}
|
||||
@@ -64,7 +64,6 @@ import '@/workflows/workflows.controller';
|
||||
import '@/webhooks/webhooks.controller';
|
||||
|
||||
import { ChatServer } from './chat/chat-server';
|
||||
|
||||
import { MfaService } from './mfa/mfa.service';
|
||||
import { CommunityPackagesConfig } from './community-packages/community-packages.config';
|
||||
|
||||
@@ -92,6 +91,7 @@ export class Server extends AbstractServer {
|
||||
if (!this.globalConfig.endpoints.disableUi) {
|
||||
const { FrontendService } = await import('@/services/frontend.service');
|
||||
this.frontendService = Container.get(FrontendService);
|
||||
await import('@/controllers/module-settings.controller');
|
||||
}
|
||||
|
||||
this.presetCredentialsLoaded = false;
|
||||
@@ -280,12 +280,6 @@ export class Server extends AbstractServer {
|
||||
ResponseHelper.send(async () => frontendService.getSettings()),
|
||||
);
|
||||
|
||||
// Returns settings for all loaded modules
|
||||
this.app.get(
|
||||
`/${this.restEndpoint}/module-settings`,
|
||||
ResponseHelper.send(async () => frontendService.getModuleSettings()),
|
||||
);
|
||||
|
||||
this.app.get(`/${this.restEndpoint}/config.js`, (_req, res) => {
|
||||
const frontendSentryConfig = JSON.stringify({
|
||||
dsn: this.globalConfig.sentry.frontendDsn,
|
||||
|
||||
@@ -0,0 +1,61 @@
|
||||
import { mockInstance } from '@n8n/backend-test-utils';
|
||||
import type { ModuleSettings } from '@n8n/decorators';
|
||||
|
||||
import { createMember, createOwner } from '../shared/db/users';
|
||||
import type { SuperAgentTest } from '../shared/types';
|
||||
import { setupTestServer } from '../shared/utils';
|
||||
|
||||
import { FrontendService } from '@/services/frontend.service';
|
||||
|
||||
describe('ModuleSettingsController', () => {
|
||||
const frontendService = mockInstance(FrontendService);
|
||||
|
||||
const testServer = setupTestServer({ endpointGroups: ['module-settings'] });
|
||||
let ownerAgent: SuperAgentTest;
|
||||
let memberAgent: SuperAgentTest;
|
||||
|
||||
beforeAll(async () => {
|
||||
const owner = await createOwner();
|
||||
const member = await createMember();
|
||||
ownerAgent = testServer.authAgentFor(owner);
|
||||
memberAgent = testServer.authAgentFor(member);
|
||||
});
|
||||
|
||||
beforeEach(() => {
|
||||
jest.clearAllMocks();
|
||||
});
|
||||
|
||||
describe('GET /module-settings', () => {
|
||||
const mockSettings: { [key: string]: ModuleSettings } = { module: { some: 'settings' } };
|
||||
|
||||
it('should require authentication', async () => {
|
||||
await testServer.authlessAgent.get('/module-settings').expect(401);
|
||||
});
|
||||
|
||||
it('should allow authenticated owner to get module settings', async () => {
|
||||
frontendService.getModuleSettings.mockReturnValue(mockSettings);
|
||||
|
||||
const response = await ownerAgent.get('/module-settings').expect(200);
|
||||
|
||||
expect(response.body).toEqual({ data: mockSettings });
|
||||
expect(frontendService.getModuleSettings).toHaveBeenCalledTimes(1);
|
||||
});
|
||||
|
||||
it('should allow authenticated member to get module settings', async () => {
|
||||
frontendService.getModuleSettings.mockReturnValue(mockSettings);
|
||||
|
||||
const response = await memberAgent.get('/module-settings').expect(200);
|
||||
|
||||
expect(response.body).toEqual({ data: mockSettings });
|
||||
expect(frontendService.getModuleSettings).toHaveBeenCalledTimes(1);
|
||||
});
|
||||
|
||||
it('should handle service errors gracefully', async () => {
|
||||
frontendService.getModuleSettings.mockImplementation(() => {
|
||||
throw new Error('Service error');
|
||||
});
|
||||
|
||||
await ownerAgent.get('/module-settings').expect(500);
|
||||
});
|
||||
});
|
||||
});
|
||||
@@ -43,7 +43,8 @@ type EndpointGroup =
|
||||
| 'ai'
|
||||
| 'folder'
|
||||
| 'insights'
|
||||
| 'data-store';
|
||||
| 'data-store'
|
||||
| 'module-settings';
|
||||
|
||||
type ModuleName = 'insights' | 'external-secrets' | 'data-store';
|
||||
|
||||
|
||||
@@ -309,6 +309,10 @@ export const setupTestServer = ({
|
||||
case 'data-store':
|
||||
await import('@/modules/data-store/data-store.module');
|
||||
break;
|
||||
|
||||
case 'module-settings':
|
||||
await import('@/controllers/module-settings.controller');
|
||||
break;
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
Reference in New Issue
Block a user