mohiit1502/Automata
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

feat: Add initial scope checks via decorators (#7737)

Browse Source
This commit is contained in:
Val
2023-11-28 11:41:34 +00:00
committed by GitHub
parent 753cbc1e96
commit a37f1cb0ba
22 changed files with 233 additions and 89 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
packages/cli/src/eventbus/eventBus.controller.ee.ts
View File

@@ -14,7 +14,7 @@ import type {
MessageEventBusDestinationOptions,
} from 'n8n-workflow';
import { MessageEventBusDestinationTypeNames } from 'n8n-workflow';
import { RestController, Get, Post, Delete, Authorized } from '@/decorators';
import { RestController, Get, Post, Delete, Authorized, RequireGlobalScope } from '@/decorators';
import type { MessageEventBusDestination } from './MessageEventBusDestination/MessageEventBusDestination.ee';
import type { DeleteResult } from 'typeorm';
import { AuthenticatedRequest } from '@/requests';
@@ -59,6 +59,7 @@ export class EventBusControllerEE {
// ----------------------------------------
@Get('/destination', { middlewares: [logStreamingLicensedMiddleware] })
@RequireGlobalScope('eventBusDestination:list')
async getDestination(req: express.Request): Promise<MessageEventBusDestinationOptions[]> {
if (isWithIdString(req.query)) {
return eventBus.findDestination(req.query.id);
@@ -67,8 +68,8 @@ export class EventBusControllerEE {
}
}
@Authorized(['global', 'owner'])
@Post('/destination', { middlewares: [logStreamingLicensedMiddleware] })
@RequireGlobalScope('eventBusDestination:create')
async postDestination(req: AuthenticatedRequest): Promise<any> {
let result: MessageEventBusDestination | undefined;
if (isMessageEventBusDestinationOptions(req.body)) {
@@ -112,6 +113,7 @@ export class EventBusControllerEE {
}
@Get('/testmessage', { middlewares: [logStreamingLicensedMiddleware] })
@RequireGlobalScope('eventBusDestination:test')
async sendTestMessage(req: express.Request): Promise<boolean> {
if (isWithIdString(req.query)) {
return eventBus.testDestination(req.query.id);
@@ -119,8 +121,8 @@ export class EventBusControllerEE {
return false;
}
@Authorized(['global', 'owner'])
@Delete('/destination', { middlewares: [logStreamingLicensedMiddleware] })
@RequireGlobalScope('eventBusDestination:delete')
async deleteDestination(req: AuthenticatedRequest): Promise<DeleteResult | undefined> {
if (isWithIdString(req.query)) {
return eventBus.removeDestination(req.query.id);