fix(editor): Replace isInstanceOwner checks with scopes where applicable (#7858)

Co-authored-by: Alex Grozav <alex@grozav.com>

packages/editor-ui/src/stores/cloudPlan.store.ts

@@ -8,6 +8,7 @@ import { useUsersStore } from '@/stores/users.store';
 import { getAdminPanelLoginCode, getCurrentPlan, getCurrentUsage } from '@/api/cloudPlans';
 import { DateTime } from 'luxon';
 import { CLOUD_TRIAL_CHECK_INTERVAL, STORES } from '@/constants';
+import { hasPermission } from '@/rbac/permissions';
 
 const DEFAULT_STATE: CloudPlanState = {
 	initialized: false,
@@ -55,13 +56,13 @@ export const useCloudPlanStore = defineStore(STORES.CLOUD_PLAN, () => {
 
 	const hasCloudPlan = computed(() => {
 		const cloudUserId = settingsStore.settings.n8nMetadata?.userId;
-		return usersStore.isInstanceOwner && settingsStore.isCloudDeployment && cloudUserId;
+		return hasPermission(['instanceOwner']) && settingsStore.isCloudDeployment && cloudUserId;
 	});
 
 	const getUserCloudAccount = async () => {
 		if (!hasCloudPlan.value) throw new Error('User does not have a cloud plan');
 		try {
-			if (useUsersStore().isInstanceOwner) {
+			if (hasPermission(['instanceOwner'])) {
 				await usersStore.fetchUserCloudAccount();
 				if (!usersStore.currentUserCloudInfo?.confirmed && !userIsTrialing.value) {
 					useUIStore().pushBannerToStack('EMAIL_CONFIRMATION');

packages/editor-ui/src/stores/externalSecrets.ee.store.ts

@@ -5,13 +5,13 @@ import { useRootStore } from '@/stores/n8nRoot.store';
 import { useSettingsStore } from '@/stores/settings.store';
 import * as externalSecretsApi from '@/api/externalSecrets.ee';
 import { connectProvider } from '@/api/externalSecrets.ee';
-import { useUsersStore } from '@/stores/users.store';
+import { useRBACStore } from '@/stores/rbac.store';
 import type { ExternalSecretsProvider } from '@/Interface';
 
 export const useExternalSecretsStore = defineStore('externalSecrets', () => {
 	const rootStore = useRootStore();
 	const settingsStore = useSettingsStore();
-	const usersStore = useUsersStore();
+	const rbacStore = useRBACStore();
 
 	const state = reactive({
 		providers: [] as ExternalSecretsProvider[],
@@ -65,7 +65,7 @@ export const useExternalSecretsStore = defineStore('externalSecrets', () => {
 	});
 
 	async function fetchAllSecrets() {
-		if (usersStore.isInstanceOwner) {
+		if (rbacStore.hasScope('externalSecret:list')) {
 			try {
 				state.secrets = await externalSecretsApi.getExternalSecrets(rootStore.getRestApiContext);
 			} catch (error) {

packages/editor-ui/src/stores/ui.store.ts

@@ -60,7 +60,7 @@ import { getCurlToJson } from '@/api/curlHelper';
 import { useCloudPlanStore } from '@/stores/cloudPlan.store';
 import { useWorkflowsStore } from '@/stores/workflows.store';
 import { useSettingsStore } from '@/stores/settings.store';
-import { useUsersStore } from '@/stores/users.store';
+import { hasPermission } from '@/rbac/permissions';
 import { useTelemetryStore } from '@/stores/telemetry.store';
 import { dismissBannerPermanently } from '@/api/ui';
 import type { BannerName } from 'n8n-workflow';
@@ -374,9 +374,7 @@ export const useUIStore = defineStore(STORES.UI, {
 
 				const searchParams = new URLSearchParams();
 
-				const isOwner = useUsersStore().isInstanceOwner;
-
-				if (deploymentType === 'cloud' && isOwner) {
+				if (deploymentType === 'cloud' && hasPermission(['instanceOwner'])) {
 					const adminPanelHost = new URL(window.location.href).host.split('.').slice(1).join('.');
 					const { code } = await useCloudPlanStore().getAutoLoginCode();
 					linkUrl = `https://${adminPanelHost}/login`;

packages/editor-ui/src/stores/users.store.ts

@@ -137,7 +137,7 @@ export const useUsersStore = defineStore(STORES.USERS, {
 						: undefined,
 					isDefaultUser: isDefaultUser(updatedUser),
 					isPendingUser: isPendingUser(updatedUser),
-					isOwner: updatedUser.globalRole?.name === ROLE.Owner,
+					isOwner: isInstanceOwner(updatedUser),
 				};
 
 				this.users = {