admin/n8n-enterprise-unlocked
1
0
Fork 0
mirror of https://github.com/Abdulazizzn/n8n-enterprise-unlocked.git synced 2025-12-20 19:32:15 +00:00
Code Issues Packages Projects Releases Wiki Activity

fix(editor): sending data as query on DELETE method (#3972)

Browse Source 
* 🐛 fix sending data as query on DELETE method

* 👕 add type to imports

* 💪 enhance test
This commit is contained in:
Ben Hesseldieck
2022-08-30 11:54:50 +02:00
committed by GitHub
parent c2e97a89f9
commit fc2ff35c41
9 changed files with 89 additions and 115 deletions
Download Patch File Download Diff File Expand all files Collapse all files

65
packages/cli/test/integration/credentials.api.test.ts
View File

@@ -1,7 +1,7 @@
import express from 'express';
import { UserSettings } from 'n8n-core';
import { Db } from '../../src';
import { randomName, randomString } from './shared/random';
import { randomCredentialPayload, randomName, randomString } from './shared/random';
import * as utils from './shared/utils';
import type { CredentialPayload, SaveCredentialFunction } from './shared/types';
import type { Role } from '../../src/databases/entities/Role';
@@ -49,7 +49,7 @@ test('POST /credentials should create cred', async () => {
const ownerShell = await testDb.createUserShell(globalOwnerRole);
const authOwnerAgent = utils.createAgent(app, { auth: true, user: ownerShell });
const payload = credentialPayload();
const payload = randomCredentialPayload();
const response = await authOwnerAgent.post('/credentials').send(payload);
@@ -97,7 +97,7 @@ test('POST /credentials should fail with missing encryption key', async () => {
const ownerShell = await testDb.createUserShell(globalOwnerRole);
const authOwnerAgent = utils.createAgent(app, { auth: true, user: ownerShell });
const response = await authOwnerAgent.post('/credentials').send(credentialPayload());
const response = await authOwnerAgent.post('/credentials').send(randomCredentialPayload());
expect(response.statusCode).toBe(500);
@@ -110,13 +110,13 @@ test('POST /credentials should ignore ID in payload', async () => {
const firstResponse = await authOwnerAgent
.post('/credentials')
.send({ id: '8', ...credentialPayload() });
.send({ id: '8', ...randomCredentialPayload() });
expect(firstResponse.body.data.id).not.toBe('8');
const secondResponse = await authOwnerAgent
.post('/credentials')
.send({ id: 8, ...credentialPayload() });
.send({ id: 8, ...randomCredentialPayload() });
expect(secondResponse.body.data.id).not.toBe(8);
});
@@ -124,7 +124,7 @@ test('POST /credentials should ignore ID in payload', async () => {
test('DELETE /credentials/:id should delete owned cred for owner', async () => {
const ownerShell = await testDb.createUserShell(globalOwnerRole);
const authOwnerAgent = utils.createAgent(app, { auth: true, user: ownerShell });
const savedCredential = await saveCredential(credentialPayload(), { user: ownerShell });
const savedCredential = await saveCredential(randomCredentialPayload(), { user: ownerShell });
const response = await authOwnerAgent.delete(`/credentials/${savedCredential.id}`);
@@ -144,7 +144,7 @@ test('DELETE /credentials/:id should delete non-owned cred for owner', async ()
const ownerShell = await testDb.createUserShell(globalOwnerRole);
const authOwnerAgent = utils.createAgent(app, { auth: true, user: ownerShell });
const member = await testDb.createUser({ globalRole: globalMemberRole });
const savedCredential = await saveCredential(credentialPayload(), { user: member });
const savedCredential = await saveCredential(randomCredentialPayload(), { user: member });
const response = await authOwnerAgent.delete(`/credentials/${savedCredential.id}`);
@@ -163,7 +163,7 @@ test('DELETE /credentials/:id should delete non-owned cred for owner', async ()
test('DELETE /credentials/:id should delete owned cred for member', async () => {
const member = await testDb.createUser({ globalRole: globalMemberRole });
const authMemberAgent = utils.createAgent(app, { auth: true, user: member });
const savedCredential = await saveCredential(credentialPayload(), { user: member });
const savedCredential = await saveCredential(randomCredentialPayload(), { user: member });
const response = await authMemberAgent.delete(`/credentials/${savedCredential.id}`);
@@ -183,7 +183,7 @@ test('DELETE /credentials/:id should not delete non-owned cred for member', asyn
const ownerShell = await testDb.createUserShell(globalOwnerRole);
const member = await testDb.createUser({ globalRole: globalMemberRole });
const authMemberAgent = utils.createAgent(app, { auth: true, user: member });
const savedCredential = await saveCredential(credentialPayload(), { user: ownerShell });
const savedCredential = await saveCredential(randomCredentialPayload(), { user: ownerShell });
const response = await authMemberAgent.delete(`/credentials/${savedCredential.id}`);
@@ -210,8 +210,8 @@ test('DELETE /credentials/:id should fail if cred not found', async () => {
test('PATCH /credentials/:id should update owned cred for owner', async () => {
const ownerShell = await testDb.createUserShell(globalOwnerRole);
const authOwnerAgent = utils.createAgent(app, { auth: true, user: ownerShell });
const savedCredential = await saveCredential(credentialPayload(), { user: ownerShell });
const patchPayload = credentialPayload();
const savedCredential = await saveCredential(randomCredentialPayload(), { user: ownerShell });
const patchPayload = randomCredentialPayload();
const response = await authOwnerAgent
.patch(`/credentials/${savedCredential.id}`)
@@ -245,8 +245,8 @@ test('PATCH /credentials/:id should update non-owned cred for owner', async () =
const ownerShell = await testDb.createUserShell(globalOwnerRole);
const authOwnerAgent = utils.createAgent(app, { auth: true, user: ownerShell });
const member = await testDb.createUser({ globalRole: globalMemberRole });
const savedCredential = await saveCredential(credentialPayload(), { user: member });
const patchPayload = credentialPayload();
const savedCredential = await saveCredential(randomCredentialPayload(), { user: member });
const patchPayload = randomCredentialPayload();
const response = await authOwnerAgent
.patch(`/credentials/${savedCredential.id}`)
@@ -279,8 +279,8 @@ test('PATCH /credentials/:id should update non-owned cred for owner', async () =
test('PATCH /credentials/:id should update owned cred for member', async () => {
const member = await testDb.createUser({ globalRole: globalMemberRole });
const authMemberAgent = utils.createAgent(app, { auth: true, user: member });
const savedCredential = await saveCredential(credentialPayload(), { user: member });
const patchPayload = credentialPayload();
const savedCredential = await saveCredential(randomCredentialPayload(), { user: member });
const patchPayload = randomCredentialPayload();
const response = await authMemberAgent
.patch(`/credentials/${savedCredential.id}`)
@@ -314,8 +314,8 @@ test('PATCH /credentials/:id should not update non-owned cred for member', async
const ownerShell = await testDb.createUserShell(globalOwnerRole);
const member = await testDb.createUser({ globalRole: globalMemberRole });
const authMemberAgent = utils.createAgent(app, { auth: true, user: member });
const savedCredential = await saveCredential(credentialPayload(), { user: ownerShell });
const patchPayload = credentialPayload();
const savedCredential = await saveCredential(randomCredentialPayload(), { user: ownerShell });
const patchPayload = randomCredentialPayload();
const response = await authMemberAgent
.patch(`/credentials/${savedCredential.id}`)
@@ -331,7 +331,7 @@ test('PATCH /credentials/:id should not update non-owned cred for member', async
test('PATCH /credentials/:id should fail with invalid inputs', async () => {
const ownerShell = await testDb.createUserShell(globalOwnerRole);
const authOwnerAgent = utils.createAgent(app, { auth: true, user: ownerShell });
const savedCredential = await saveCredential(credentialPayload(), { user: ownerShell });
const savedCredential = await saveCredential(randomCredentialPayload(), { user: ownerShell });
await Promise.all(
INVALID_PAYLOADS.map(async (invalidPayload) => {
@@ -348,7 +348,7 @@ test('PATCH /credentials/:id should fail if cred not found', async () => {
const ownerShell = await testDb.createUserShell(globalOwnerRole);
const authOwnerAgent = utils.createAgent(app, { auth: true, user: ownerShell });
const response = await authOwnerAgent.patch('/credentials/123').send(credentialPayload());
const response = await authOwnerAgent.patch('/credentials/123').send(randomCredentialPayload());
expect(response.statusCode).toBe(404);
});
@@ -357,11 +357,10 @@ test('PATCH /credentials/:id should fail with missing encryption key', async ()
const mock = jest.spyOn(UserSettings, 'getEncryptionKey');
mock.mockRejectedValue(new Error(RESPONSE_ERROR_MESSAGES.NO_ENCRYPTION_KEY));
const ownerShell = await testDb.createUserShell(globalOwnerRole);
const authOwnerAgent = utils.createAgent(app, { auth: true, user: ownerShell });
const response = await authOwnerAgent.post('/credentials').send(credentialPayload());
const response = await authOwnerAgent.post('/credentials').send(randomCredentialPayload());
expect(response.statusCode).toBe(500);
@@ -373,12 +372,12 @@ test('GET /credentials should retrieve all creds for owner', async () => {
const authOwnerAgent = utils.createAgent(app, { auth: true, user: ownerShell });
for (let i = 0; i < 3; i++) {
await saveCredential(credentialPayload(), { user: ownerShell });
await saveCredential(randomCredentialPayload(), { user: ownerShell });
}
const member = await testDb.createUser({ globalRole: globalMemberRole });
await saveCredential(credentialPayload(), { user: member });
await saveCredential(randomCredentialPayload(), { user: member });
const response = await authOwnerAgent.get('/credentials');
@@ -402,7 +401,7 @@ test('GET /credentials should retrieve owned creds for member', async () => {
const authMemberAgent = utils.createAgent(app, { auth: true, user: member });
for (let i = 0; i < 3; i++) {
await saveCredential(credentialPayload(), { user: member });
await saveCredential(randomCredentialPayload(), { user: member });
}
const response = await authMemberAgent.get('/credentials');
@@ -428,7 +427,7 @@ test('GET /credentials should not retrieve non-owned creds for member', async ()
const authMemberAgent = utils.createAgent(app, { auth: true, user: member });
for (let i = 0; i < 3; i++) {
await saveCredential(credentialPayload(), { user: ownerShell });
await saveCredential(randomCredentialPayload(), { user: ownerShell });
}
const response = await authMemberAgent.get('/credentials');
@@ -440,7 +439,7 @@ test('GET /credentials should not retrieve non-owned creds for member', async ()
test('GET /credentials/:id should retrieve owned cred for owner', async () => {
const ownerShell = await testDb.createUserShell(globalOwnerRole);
const authOwnerAgent = utils.createAgent(app, { auth: true, user: ownerShell });
const savedCredential = await saveCredential(credentialPayload(), { user: ownerShell });
const savedCredential = await saveCredential(randomCredentialPayload(), { user: ownerShell });
const firstResponse = await authOwnerAgent.get(`/credentials/${savedCredential.id}`);
@@ -465,7 +464,7 @@ test('GET /credentials/:id should retrieve owned cred for owner', async () => {
test('GET /credentials/:id should retrieve owned cred for member', async () => {
const member = await testDb.createUser({ globalRole: globalMemberRole });
const authMemberAgent = utils.createAgent(app, { auth: true, user: member });
const savedCredential = await saveCredential(credentialPayload(), { user: member });
const savedCredential = await saveCredential(randomCredentialPayload(), { user: member });
const firstResponse = await authMemberAgent.get(`/credentials/${savedCredential.id}`);
@@ -492,7 +491,7 @@ test('GET /credentials/:id should not retrieve non-owned cred for member', async
const ownerShell = await testDb.createUserShell(globalOwnerRole);
const member = await testDb.createUser({ globalRole: globalMemberRole });
const authMemberAgent = utils.createAgent(app, { auth: true, user: member });
const savedCredential = await saveCredential(credentialPayload(), { user: ownerShell });
const savedCredential = await saveCredential(randomCredentialPayload(), { user: ownerShell });
const response = await authMemberAgent.get(`/credentials/${savedCredential.id}`);
@@ -503,12 +502,11 @@ test('GET /credentials/:id should not retrieve non-owned cred for member', async
test('GET /credentials/:id should fail with missing encryption key', async () => {
const ownerShell = await testDb.createUserShell(globalOwnerRole);
const authOwnerAgent = utils.createAgent(app, { auth: true, user: ownerShell });
const savedCredential = await saveCredential(credentialPayload(), { user: ownerShell });
const savedCredential = await saveCredential(randomCredentialPayload(), { user: ownerShell });
const mock = jest.spyOn(UserSettings, 'getEncryptionKey');
mock.mockRejectedValue(new Error(RESPONSE_ERROR_MESSAGES.NO_ENCRYPTION_KEY));
const response = await authOwnerAgent
.get(`/credentials/${savedCredential.id}`)
.query({ includeData: true });
@@ -527,13 +525,6 @@ test('GET /credentials/:id should return 404 if cred not found', async () => {
expect(response.statusCode).toBe(404);
});
const credentialPayload = () => ({
name: randomName(),
type: randomName(),
nodesAccess: [{ nodeType: randomName() }],
data: { accessToken: randomString(6, 16) },
});
const INVALID_PAYLOADS = [
{
type: randomName(),