## Summary Provide details about your pull request and what it adds, fixes, or changes. Photos and videos are recommended. Continue breaking down `UserManagementHelper.ts` ... #### How to test the change: 1. ... ## Issues fixed Include links to Github issue or Community forum post or **Linear ticket**: > Important in order to close automatically and provide context to reviewers ... ## Review / Merge checklist - [ ] PR title and summary are descriptive. **Remember, the title automatically goes into the changelog. Use `(no-changelog)` otherwise.** ([conventions](https://github.com/n8n-io/n8n/blob/master/.github/pull_request_title_conventions.md)) - [ ] [Docs updated](https://github.com/n8n-io/n8n-docs) or follow-up ticket created. - [ ] Tests included. > A bug is not considered fixed, unless a test is added to prevent it from happening again. A feature is not complete without tests. > > *(internal)* You can use Slack commands to trigger [e2e tests](https://www.notion.so/n8n/How-to-use-Test-Instances-d65f49dfc51f441ea44367fb6f67eb0a?pvs=4#a39f9e5ba64a48b58a71d81c837e8227) or [deploy test instance](https://www.notion.so/n8n/How-to-use-Test-Instances-d65f49dfc51f441ea44367fb6f67eb0a?pvs=4#f6a177d32bde4b57ae2da0b8e454bfce) or [deploy early access version on Cloud](https://www.notion.so/n8n/Cloudbot-3dbe779836004972b7057bc989526998?pvs=4#fef2d36ab02247e1a0f65a74f6fb534e).
115 lines
3.6 KiB
TypeScript
115 lines
3.6 KiB
TypeScript
import validator from 'validator';
|
|
import { validateEntity } from '@/GenericHelpers';
|
|
import { Authorized, Post, RestController } from '@/decorators';
|
|
import { PasswordUtility } from '@/services/password.utility';
|
|
import { issueCookie } from '@/auth/jwt';
|
|
import { Response } from 'express';
|
|
import { Config } from '@/config';
|
|
import { OwnerRequest } from '@/requests';
|
|
import { IInternalHooksClass } from '@/Interfaces';
|
|
import { SettingsRepository } from '@db/repositories/settings.repository';
|
|
import { PostHogClient } from '@/posthog';
|
|
import { UserService } from '@/services/user.service';
|
|
import { Logger } from '@/Logger';
|
|
import { BadRequestError } from '@/errors/response-errors/bad-request.error';
|
|
|
|
@Authorized(['global', 'owner'])
|
|
@RestController('/owner')
|
|
export class OwnerController {
|
|
constructor(
|
|
private readonly config: Config,
|
|
private readonly logger: Logger,
|
|
private readonly internalHooks: IInternalHooksClass,
|
|
private readonly settingsRepository: SettingsRepository,
|
|
private readonly userService: UserService,
|
|
private readonly passwordUtility: PasswordUtility,
|
|
private readonly postHog?: PostHogClient,
|
|
) {}
|
|
|
|
/**
|
|
* Promote a shell into the owner of the n8n instance,
|
|
* and enable `isInstanceOwnerSetUp` setting.
|
|
*/
|
|
@Post('/setup')
|
|
async setupOwner(req: OwnerRequest.Post, res: Response) {
|
|
const { email, firstName, lastName, password } = req.body;
|
|
const { id: userId, globalRole } = req.user;
|
|
|
|
if (this.config.getEnv('userManagement.isInstanceOwnerSetUp')) {
|
|
this.logger.debug(
|
|
'Request to claim instance ownership failed because instance owner already exists',
|
|
{
|
|
userId,
|
|
},
|
|
);
|
|
throw new BadRequestError('Instance owner already setup');
|
|
}
|
|
|
|
if (!email || !validator.isEmail(email)) {
|
|
this.logger.debug('Request to claim instance ownership failed because of invalid email', {
|
|
userId,
|
|
invalidEmail: email,
|
|
});
|
|
throw new BadRequestError('Invalid email address');
|
|
}
|
|
|
|
const validPassword = this.passwordUtility.validate(password);
|
|
|
|
if (!firstName || !lastName) {
|
|
this.logger.debug(
|
|
'Request to claim instance ownership failed because of missing first name or last name in payload',
|
|
{ userId, payload: req.body },
|
|
);
|
|
throw new BadRequestError('First and last names are mandatory');
|
|
}
|
|
|
|
// TODO: This check should be in a middleware outside this class
|
|
if (globalRole.scope === 'global' && globalRole.name !== 'owner') {
|
|
this.logger.debug(
|
|
'Request to claim instance ownership failed because user shell does not exist or has wrong role!',
|
|
{
|
|
userId,
|
|
},
|
|
);
|
|
throw new BadRequestError('Invalid request');
|
|
}
|
|
|
|
let owner = req.user;
|
|
|
|
Object.assign(owner, {
|
|
email,
|
|
firstName,
|
|
lastName,
|
|
password: await this.passwordUtility.hash(validPassword),
|
|
});
|
|
|
|
await validateEntity(owner);
|
|
|
|
owner = await this.userService.save(owner);
|
|
|
|
this.logger.info('Owner was set up successfully', { userId });
|
|
|
|
await this.settingsRepository.update(
|
|
{ key: 'userManagement.isInstanceOwnerSetUp' },
|
|
{ value: JSON.stringify(true) },
|
|
);
|
|
|
|
this.config.set('userManagement.isInstanceOwnerSetUp', true);
|
|
|
|
this.logger.debug('Setting isInstanceOwnerSetUp updated successfully', { userId });
|
|
|
|
await issueCookie(res, owner);
|
|
|
|
void this.internalHooks.onInstanceOwnerSetup({ user_id: userId });
|
|
|
|
return this.userService.toPublic(owner, { posthog: this.postHog, withScopes: true });
|
|
}
|
|
|
|
@Post('/dismiss-banner')
|
|
async dismissBanner(req: OwnerRequest.DismissBanner) {
|
|
const bannerName = 'banner' in req.body ? (req.body.banner as string) : '';
|
|
const response = await this.settingsRepository.dismissBanner({ bannerName });
|
|
return response;
|
|
}
|
|
}
|