feat: check for cred when updating workflow and remove credential_usage table (#4350) (no-changelog)

* feat: check for cred when updating workflow and remove credential_usage table
2022-10-26 10:49:43 -03:00
parent e8935de3b2
commit c65deb2949
19 changed files with 781 additions and 210 deletions
--- a/packages/cli/src/workflows/workflows.controller.ee.ts
+++ b/packages/cli/src/workflows/workflows.controller.ee.ts
@@ -11,7 +11,6 @@ import { SharedWorkflow } from '../databases/entities/SharedWorkflow';
 import { LoggerProxy } from 'n8n-workflow';
 import * as TagHelpers from '../TagHelpers';
 import { EECredentialsService as EECredentials } from '../credentials/credentials.service.ee';
-import { CredentialUsage } from '../databases/entities/CredentialUsage';

 // eslint-disable-next-line @typescript-eslint/naming-convention
 export const EEWorkflowController = express.Router();
@@ -155,29 +154,6 @@ EEWorkflowController.post(
 			});

 			await transactionManager.save<SharedWorkflow>(newSharedWorkflow);
-
-			const credentialUsage: CredentialUsage[] = [];
-			newWorkflow.nodes.forEach((node) => {
-				if (!node.credentials) {
-					return;
-				}
-				Object.keys(node.credentials).forEach((credentialType) => {
-					const credentialId = node.credentials?.[credentialType].id;
-					if (credentialId) {
-						const newCredentialusage = new CredentialUsage();
-						Object.assign(newCredentialusage, {
-							credentialId,
-							nodeId: node.id,
-							workflowId: savedWorkflow?.id,
-						});
-						credentialUsage.push(newCredentialusage);
-					}
-				});
-			});
-
-			if (credentialUsage.length) {
-				await transactionManager.save<CredentialUsage>(credentialUsage);
-			}
 		});

 		if (!savedWorkflow) {
@@ -202,3 +178,28 @@ EEWorkflowController.post(
 		};
 	}),
 );
+
+EEWorkflowController.patch(
+	'/:id(\\d+)',
+	ResponseHelper.send(async (req: WorkflowRequest.Update) => {
+		const { id: workflowId } = req.params;
+
+		const updateData = new WorkflowEntity();
+		const { tags, ...rest } = req.body;
+		Object.assign(updateData, rest);
+
+		const updatedWorkflow = await EEWorkflows.updateWorkflow(
+			req.user,
+			updateData,
+			workflowId,
+			tags,
+		);
+
+		const { id, ...remainder } = updatedWorkflow;
+
+		return {
+			id: id.toString(),
+			...remainder,
+		};
+	}),
+);
--- a/packages/cli/src/workflows/workflows.controller.ts
+++ b/packages/cli/src/workflows/workflows.controller.ts
@@ -33,6 +33,7 @@ import { getLogger } from '../Logger';
 import type { WorkflowRequest } from '../requests';
 import { getSharedWorkflowIds, isBelowOnboardingThreshold } from '../WorkflowHelpers';
 import { EEWorkflowController } from './workflows.controller.ee';
+import { WorkflowsService } from './workflows.services';
 import { validate as jsonSchemaValidate } from 'jsonschema';

 const activeWorkflowRunner = ActiveWorkflowRunner.getInstance();
@@ -364,128 +365,12 @@ workflowsController.patch(
 		const { tags, ...rest } = req.body;
 		Object.assign(updateData, rest);

-		const shared = await Db.collections.SharedWorkflow.findOne({
-			relations: ['workflow'],
-			where: whereClause({
-				user: req.user,
-				entityType: 'workflow',
-				entityId: workflowId,
-			}),
-		});
-
-		if (!shared) {
-			LoggerProxy.info('User attempted to update a workflow without permissions', {
-				workflowId,
-				userId: req.user.id,
-			});
-			throw new ResponseHelper.ResponseError(
-				`Workflow with ID "${workflowId}" could not be found to be updated.`,
-				undefined,
-				404,
-			);
-		}
-
-		// check credentials for old format
-		await WorkflowHelpers.replaceInvalidCredentials(updateData);
-
-		WorkflowHelpers.addNodeIds(updateData);
-
-		await externalHooks.run('workflow.update', [updateData]);
-
-		if (shared.workflow.active) {
-			// When workflow gets saved always remove it as the triggers could have been
-			// changed and so the changes would not take effect
-			await activeWorkflowRunner.remove(workflowId);
-		}
-
-		if (updateData.settings) {
-			if (updateData.settings.timezone === 'DEFAULT') {
-				// Do not save the default timezone
-				delete updateData.settings.timezone;
-			}
-			if (updateData.settings.saveDataErrorExecution === 'DEFAULT') {
-				// Do not save when default got set
-				delete updateData.settings.saveDataErrorExecution;
-			}
-			if (updateData.settings.saveDataSuccessExecution === 'DEFAULT') {
-				// Do not save when default got set
-				delete updateData.settings.saveDataSuccessExecution;
-			}
-			if (updateData.settings.saveManualExecutions === 'DEFAULT') {
-				// Do not save when default got set
-				delete updateData.settings.saveManualExecutions;
-			}
-			if (
-				parseInt(updateData.settings.executionTimeout as string, 10) ===
-				config.get('executions.timeout')
-			) {
-				// Do not save when default got set
-				delete updateData.settings.executionTimeout;
-			}
-		}
-
-		if (updateData.name) {
-			updateData.updatedAt = new Date(); // required due to atomic update
-			await validateEntity(updateData);
-		}
-
-		await Db.collections.Workflow.update(workflowId, updateData);
-
-		if (tags && !config.getEnv('workflowTagsDisabled')) {
-			const tablePrefix = config.getEnv('database.tablePrefix');
-			await TagHelpers.removeRelations(workflowId, tablePrefix);
-
-			if (tags.length) {
-				await TagHelpers.createRelations(workflowId, tags, tablePrefix);
-			}
-		}
-
-		const options: FindManyOptions<WorkflowEntity> = {
-			relations: ['tags'],
-		};
-
-		if (config.getEnv('workflowTagsDisabled')) {
-			delete options.relations;
-		}
-
-		// We sadly get nothing back from "update". Neither if it updated a record
-		// nor the new value. So query now the hopefully updated entry.
-		const updatedWorkflow = await Db.collections.Workflow.findOne(workflowId, options);
-
-		if (updatedWorkflow === undefined) {
-			throw new ResponseHelper.ResponseError(
-				`Workflow with ID "${workflowId}" could not be found to be updated.`,
-				undefined,
-				400,
-			);
-		}
-
-		if (updatedWorkflow.tags?.length && tags?.length) {
-			updatedWorkflow.tags = TagHelpers.sortByRequestOrder(updatedWorkflow.tags, {
-				requestOrder: tags,
-			});
-		}
-
-		await externalHooks.run('workflow.afterUpdate', [updatedWorkflow]);
-		void InternalHooksManager.getInstance().onWorkflowSaved(req.user.id, updatedWorkflow, false);
-
-		if (updatedWorkflow.active) {
-			// When the workflow is supposed to be active add it again
-			try {
-				await externalHooks.run('workflow.activate', [updatedWorkflow]);
-				await activeWorkflowRunner.add(workflowId, shared.workflow.active ? 'update' : 'activate');
-			} catch (error) {
-				// If workflow could not be activated set it again to inactive
-				updateData.active = false;
-				await Db.collections.Workflow.update(workflowId, updateData);
-
-				// Also set it in the returned data
-				updatedWorkflow.active = false;
-
-				// Now return the original error for UI to display
-				throw error;
-			}
-		}
+		const updatedWorkflow = await WorkflowsService.updateWorkflow(
+			req.user,
+			updateData,
+			workflowId,
+			tags,
+		);

 		const { id, ...remainder } = updatedWorkflow;

--- a/packages/cli/src/workflows/workflows.services.ee.ts
+++ b/packages/cli/src/workflows/workflows.services.ee.ts
@@ -1,5 +1,5 @@
 import { DeleteResult, EntityManager, In, Not } from 'typeorm';
-import { Db, ICredentialsDb } from '..';
+import { Db, ICredentialsDb, ResponseHelper, WorkflowHelpers } from '..';
 import { SharedWorkflow } from '../databases/entities/SharedWorkflow';
 import { User } from '../databases/entities/User';
 import { WorkflowEntity } from '../databases/entities/WorkflowEntity';
@@ -7,6 +7,7 @@ import { RoleService } from '../role/role.service';
 import { UserService } from '../user/user.service';
 import { WorkflowsService } from './workflows.services';
 import { WorkflowWithSharings } from './workflows.types';
+import { EECredentialsService as EECredentials } from '../credentials/credentials.service.ee';

 export class EEWorkflowsService extends WorkflowsService {
 	static async isOwned(
@@ -114,4 +115,33 @@ export class EEWorkflowsService extends WorkflowsService {
 			});
 		});
 	}
+
+	static async updateWorkflow(
+		user: User,
+		workflow: WorkflowEntity,
+		workflowId: string,
+		tags?: string[],
+	): Promise<WorkflowEntity> {
+		const previousVersion = await EEWorkflowsService.get({ id: parseInt(workflowId, 10) });
+		if (!previousVersion) {
+			throw new ResponseHelper.ResponseError('Workflow not found', undefined, 404);
+		}
+		const allCredentials = await EECredentials.getAll(user);
+		try {
+			workflow = WorkflowHelpers.validateWorkflowCredentialUsage(
+				workflow,
+				previousVersion,
+				allCredentials,
+			);
+		} catch (error) {
+			console.log(error);
+			throw new ResponseHelper.ResponseError(
+				'Invalid workflow credentials - make sure you have access to all credentials and try again.',
+				undefined,
+				400,
+			);
+		}
+
+		return super.updateWorkflow(user, workflow, workflowId, tags);
+	}
 }
--- a/packages/cli/src/workflows/workflows.services.ts
+++ b/packages/cli/src/workflows/workflows.services.ts
@@ -1,8 +1,20 @@
-import { FindOneOptions, ObjectLiteral } from 'typeorm';
-import { Db } from '..';
+import { LoggerProxy } from 'n8n-workflow';
+import { FindManyOptions, FindOneOptions, ObjectLiteral } from 'typeorm';
+import {
+	ActiveWorkflowRunner,
+	Db,
+	InternalHooksManager,
+	ResponseHelper,
+	whereClause,
+	WorkflowHelpers,
+} from '..';
+import config from '../../config';
 import { SharedWorkflow } from '../databases/entities/SharedWorkflow';
 import { User } from '../databases/entities/User';
 import { WorkflowEntity } from '../databases/entities/WorkflowEntity';
+import { validateEntity } from '../GenericHelpers';
+import { externalHooks } from '../Server';
+import * as TagHelpers from '../TagHelpers';

 export class WorkflowsService {
 	static async getSharing(
@@ -34,4 +46,139 @@ export class WorkflowsService {
 	static async get(workflow: Partial<WorkflowEntity>, options?: { relations: string[] }) {
 		return Db.collections.Workflow.findOne(workflow, options);
 	}
+
+	static async updateWorkflow(
+		user: User,
+		workflow: WorkflowEntity,
+		workflowId: string,
+		tags?: string[],
+	): Promise<WorkflowEntity> {
+		const shared = await Db.collections.SharedWorkflow.findOne({
+			relations: ['workflow'],
+			where: whereClause({
+				user,
+				entityType: 'workflow',
+				entityId: workflowId,
+			}),
+		});
+
+		if (!shared) {
+			LoggerProxy.info('User attempted to update a workflow without permissions', {
+				workflowId,
+				userId: user.id,
+			});
+			throw new ResponseHelper.ResponseError(
+				`Workflow with ID "${workflowId}" could not be found to be updated.`,
+				undefined,
+				404,
+			);
+		}
+
+		// check credentials for old format
+		await WorkflowHelpers.replaceInvalidCredentials(workflow);
+
+		WorkflowHelpers.addNodeIds(workflow);
+
+		await externalHooks.run('workflow.update', [workflow]);
+
+		if (shared.workflow.active) {
+			// When workflow gets saved always remove it as the triggers could have been
+			// changed and so the changes would not take effect
+			await ActiveWorkflowRunner.getInstance().remove(workflowId);
+		}
+
+		if (workflow.settings) {
+			if (workflow.settings.timezone === 'DEFAULT') {
+				// Do not save the default timezone
+				delete workflow.settings.timezone;
+			}
+			if (workflow.settings.saveDataErrorExecution === 'DEFAULT') {
+				// Do not save when default got set
+				delete workflow.settings.saveDataErrorExecution;
+			}
+			if (workflow.settings.saveDataSuccessExecution === 'DEFAULT') {
+				// Do not save when default got set
+				delete workflow.settings.saveDataSuccessExecution;
+			}
+			if (workflow.settings.saveManualExecutions === 'DEFAULT') {
+				// Do not save when default got set
+				delete workflow.settings.saveManualExecutions;
+			}
+			if (
+				parseInt(workflow.settings.executionTimeout as string, 10) ===
+				config.get('executions.timeout')
+			) {
+				// Do not save when default got set
+				delete workflow.settings.executionTimeout;
+			}
+		}
+
+		if (workflow.name) {
+			workflow.updatedAt = new Date(); // required due to atomic update
+			await validateEntity(workflow);
+		}
+
+		await Db.collections.Workflow.update(workflowId, workflow);
+
+		if (tags && !config.getEnv('workflowTagsDisabled')) {
+			const tablePrefix = config.getEnv('database.tablePrefix');
+			await TagHelpers.removeRelations(workflowId, tablePrefix);
+
+			if (tags.length) {
+				await TagHelpers.createRelations(workflowId, tags, tablePrefix);
+			}
+		}
+
+		const options: FindManyOptions<WorkflowEntity> = {
+			relations: ['tags'],
+		};
+
+		if (config.getEnv('workflowTagsDisabled')) {
+			delete options.relations;
+		}
+
+		// We sadly get nothing back from "update". Neither if it updated a record
+		// nor the new value. So query now the hopefully updated entry.
+		const updatedWorkflow = await Db.collections.Workflow.findOne(workflowId, options);
+
+		if (updatedWorkflow === undefined) {
+			throw new ResponseHelper.ResponseError(
+				`Workflow with ID "${workflowId}" could not be found to be updated.`,
+				undefined,
+				400,
+			);
+		}
+
+		if (updatedWorkflow.tags?.length && tags?.length) {
+			updatedWorkflow.tags = TagHelpers.sortByRequestOrder(updatedWorkflow.tags, {
+				requestOrder: tags,
+			});
+		}
+
+		await externalHooks.run('workflow.afterUpdate', [updatedWorkflow]);
+		void InternalHooksManager.getInstance().onWorkflowSaved(user.id, updatedWorkflow, false);
+
+		if (updatedWorkflow.active) {
+			// When the workflow is supposed to be active add it again
+			try {
+				await externalHooks.run('workflow.activate', [updatedWorkflow]);
+				await ActiveWorkflowRunner.getInstance().add(
+					workflowId,
+					shared.workflow.active ? 'update' : 'activate',
+				);
+			} catch (error) {
+				// If workflow could not be activated set it again to inactive
+				workflow.active = false;
+				await Db.collections.Workflow.update(workflowId, workflow);
+
+				// Also set it in the returned data
+				updatedWorkflow.active = false;
+
+				// Now return the original error for UI to display
+				throw error;
+			}
+		}
+
+		return updatedWorkflow;
+	}
 }