feat(API): Implement users account quota guards (#6434)

* feat(cli): Implement users account quota guards Signed-off-by: Oleg Ivaniv <me@olegivaniv.com> * Remove comment Signed-off-by: Oleg Ivaniv <me@olegivaniv.com> * Address PR comments - Getting `usersQuota` from `Settings` repo - Revert `isUserManagementEnabled` helper - Fix FE listing of users Signed-off-by: Oleg Ivaniv <me@olegivaniv.com> * Refactor isWithinUserQuota getter and fix tests Signed-off-by: Oleg Ivaniv <me@olegivaniv.com> * Revert testDb.ts changes Signed-off-by: Oleg Ivaniv <me@olegivaniv.com> * Cleanup & improve types Signed-off-by: Oleg Ivaniv <me@olegivaniv.com> * Fix duplicated method * Fix failing test * Remove `isUserManagementEnabled` completely Signed-off-by: Oleg Ivaniv <me@olegivaniv.com> * Check for globalRole.name to determine if user is owner Signed-off-by: Oleg Ivaniv <me@olegivaniv.com> * Fix unit tests Signed-off-by: Oleg Ivaniv <me@olegivaniv.com> * Set isInstanceOwnerSetUp in specs * Fix SettingsUserView UM Signed-off-by: Oleg Ivaniv <me@olegivaniv.com> * refactor: License typings suggestions for users quota guards (#6636) refactor: License typings suggestions * Update packages/cli/src/Ldap/helpers.ts Co-authored-by: Iván Ovejero <ivov.src@gmail.com> * Update packages/cli/test/integration/shared/utils.ts Co-authored-by: Iván Ovejero <ivov.src@gmail.com> * Address PR comments Signed-off-by: Oleg Ivaniv <me@olegivaniv.com> * Use 403 for all user quota related errors Signed-off-by: Oleg Ivaniv <me@olegivaniv.com> --------- Signed-off-by: Oleg Ivaniv <me@olegivaniv.com> Co-authored-by: Iván Ovejero <ivov.src@gmail.com>
2025-12-17 01:56:46 +00:00 · 2023-07-12 14:11:46 +02:00
parent 26046f6fe8
commit e5620ab1e4
33 changed files with 271 additions and 94 deletions
--- a/packages/cli/src/constants.ts
+++ b/packages/cli/src/constants.ts
@@ -47,6 +47,7 @@ export const RESPONSE_ERROR_MESSAGES = {
 	PACKAGE_DOES_NOT_CONTAIN_NODES: 'The specified package does not contain any nodes',
 	PACKAGE_LOADING_FAILED: 'The specified package could not be loaded',
 	DISK_IS_FULL: 'There appears to be insufficient disk space',
+	USERS_QUOTA_REACHED: 'Maximum number of users reached',
 };

 export const AUTH_COOKIE_NAME = 'n8n-auth';
@@ -68,21 +69,22 @@ export const WORKFLOW_REACTIVATE_MAX_TIMEOUT = 24 * 60 * 60 * 1000; // 1 day

 export const SETTINGS_LICENSE_CERT_KEY = 'license.cert';

-export const enum LICENSE_FEATURES {
-	SHARING = 'feat:sharing',
-	LDAP = 'feat:ldap',
-	SAML = 'feat:saml',
-	LOG_STREAMING = 'feat:logStreaming',
-	ADVANCED_EXECUTION_FILTERS = 'feat:advancedExecutionFilters',
-	VARIABLES = 'feat:variables',
-	SOURCE_CONTROL = 'feat:sourceControl',
-	API_DISABLED = 'feat:apiDisabled',
-}
+export const LICENSE_FEATURES = {
+	SHARING: 'feat:sharing',
+	LDAP: 'feat:ldap',
+	SAML: 'feat:saml',
+	LOG_STREAMING: 'feat:logStreaming',
+	ADVANCED_EXECUTION_FILTERS: 'feat:advancedExecutionFilters',
+	VARIABLES: 'feat:variables',
+	SOURCE_CONTROL: 'feat:sourceControl',
+	API_DISABLED: 'feat:apiDisabled',
+} as const;

-export const enum LICENSE_QUOTAS {
-	TRIGGER_LIMIT = 'quota:activeWorkflows',
-	VARIABLES_LIMIT = 'quota:maxVariables',
-	USERS_LIMIT = 'quota:users',
-}
+export const LICENSE_QUOTAS = {
+	TRIGGER_LIMIT: 'quota:activeWorkflows',
+	VARIABLES_LIMIT: 'quota:maxVariables',
+	USERS_LIMIT: 'quota:users',
+} as const;
+export const UNLIMITED_LICENSE_QUOTA = -1;

 export const CREDENTIAL_BLANKING_VALUE = '__n8n_BLANK_VALUE_e5362baf-c777-4d57-a609-6eaf1f9e87f6';