admin/n8n-enterprise-unlocked
1
0
Fork 0
mirror of https://github.com/Abdulazizzn/n8n-enterprise-unlocked.git synced 2025-12-17 01:56:46 +00:00
Code Issues Packages Projects Releases Wiki Activity

chore(core): Use roles from database in global roles (#18768)

Browse Source
This commit is contained in:
Andreas Fitzek
2025-08-26 17:53:46 +02:00
committed by GitHub
parent cff3f4a67e
commit ecad12b77a
117 changed files with 956 additions and 424 deletions
Download Patch File Download Diff File Expand all files Collapse all files

33
packages/cli/test/integration/ldap/ldap.api.test.ts
View File

@@ -7,7 +7,12 @@ import {
} from '@n8n/backend-test-utils';
import { LDAP_DEFAULT_CONFIGURATION } from '@n8n/constants';
import type { User } from '@n8n/db';
import { AuthProviderSyncHistoryRepository, UserRepository } from '@n8n/db';
import {
AuthProviderSyncHistoryRepository,
GLOBAL_MEMBER_ROLE,
GLOBAL_OWNER_ROLE,
UserRepository,
} from '@n8n/db';
import { Container } from '@n8n/di';
import { Not } from '@n8n/typeorm';
import type { Entry as LdapUser } from 'ldapts';
@@ -37,7 +42,7 @@ const testServer = utils.setupTestServer({
});
beforeAll(async () => {
owner = await createUser({ role: 'global:owner' });
owner = await createUser({ role: GLOBAL_OWNER_ROLE });
authOwnerAgent = testServer.authAgentFor(owner);
defaultLdapConfig.bindingAdminPassword = Container.get(Cipher).encrypt(
@@ -65,7 +70,7 @@ beforeEach(async () => {
});
test('Member role should not be able to access ldap routes', async () => {
const member = await createUser({ role: 'global:member' });
const member = await createUser({ role: { slug: 'global:member' } });
const authAgent = testServer.authAgentFor(member);
await authAgent.get('/ldap/config').expect(403);
await authAgent.put('/ldap/config').expect(403);
@@ -137,7 +142,7 @@ describe('PUT /ldap/config', () => {
const ldapConfig = await createLdapConfig();
Container.get(LdapService).setConfig(ldapConfig);
const member = await createLdapUser({ role: 'global:member' }, uniqueId());
const member = await createLdapUser({ role: { slug: 'global:member' } }, uniqueId());
const configuration = ldapConfig;
@@ -250,7 +255,7 @@ describe('POST /ldap/sync', () => {
const ldapUserId = uniqueId();
const member = await createLdapUser(
{ role: 'global:member', email: ldapUserEmail },
{ role: { slug: 'global:member' }, email: ldapUserEmail },
ldapUserId,
);
@@ -279,7 +284,7 @@ describe('POST /ldap/sync', () => {
const ldapUserId = uniqueId();
const member = await createLdapUser(
{ role: 'global:member', email: ldapUserEmail },
{ role: { slug: 'global:member' }, email: ldapUserEmail },
ldapUserId,
);
@@ -364,7 +369,7 @@ describe('POST /ldap/sync', () => {
await createLdapUser(
{
role: 'global:member',
role: { slug: 'global:member' },
email: ldapUser.mail,
firstName: ldapUser.givenName,
lastName: randomName(),
@@ -397,7 +402,7 @@ describe('POST /ldap/sync', () => {
await createLdapUser(
{
role: 'global:member',
role: { slug: 'global:member' },
email: ldapUser.mail,
firstName: ldapUser.givenName,
lastName: ldapUser.sn,
@@ -426,7 +431,7 @@ describe('POST /ldap/sync', () => {
});
test('should remove user instance access once the user is disabled during synchronization', async () => {
const member = await createLdapUser({ role: 'global:member' }, uniqueId());
const member = await createLdapUser({ role: { slug: 'global:member' } }, uniqueId());
jest.spyOn(LdapService.prototype, 'searchWithAdminBinding').mockResolvedValue([]);
@@ -485,7 +490,7 @@ describe('POST /ldap/sync', () => {
// Create user with valid email first
await createLdapUser(
{
role: 'global:member',
role: GLOBAL_MEMBER_ROLE,
email: originalEmail,
firstName: randomName(),
lastName: randomName(),
@@ -603,7 +608,7 @@ describe('POST /login', () => {
await createLdapUser(
{
role: 'global:member',
role: { slug: 'global:member' },
email: ldapUser.mail,
firstName: 'firstname',
lastName: 'lastname',
@@ -637,7 +642,7 @@ describe('POST /login', () => {
};
await createUser({
role: 'global:member',
role: GLOBAL_MEMBER_ROLE,
email: ldapUser.mail,
firstName: ldapUser.givenName,
lastName: 'lastname',
@@ -652,7 +657,7 @@ describe('Instance owner should able to delete LDAP users', () => {
const ldapConfig = await createLdapConfig();
Container.get(LdapService).setConfig(ldapConfig);
const member = await createLdapUser({ role: 'global:member' }, uniqueId());
const member = await createLdapUser({ role: { slug: 'global:member' } }, uniqueId());
await authOwnerAgent.post(`/users/${member.id}`);
});
@@ -661,7 +666,7 @@ describe('Instance owner should able to delete LDAP users', () => {
const ldapConfig = await createLdapConfig();
Container.get(LdapService).setConfig(ldapConfig);
const member = await createLdapUser({ role: 'global:member' }, uniqueId());
const member = await createLdapUser({ role: { slug: 'global:member' } }, uniqueId());
// delete the LDAP member and transfer its workflows/credentials to instance owner
await authOwnerAgent.post(`/users/${member.id}?transferId=${owner.id}`);