feat(editor): Add routing middleware, permission checks, RBAC store, RBAC component #7702
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
cstuncsik
reviewed
Nov 14, 2023
|
|
||
| let valid: boolean; | ||
| if (mode === 'allOf') { | ||
| valid = options.features.every((feature) => settingsStore.isEnterpriseFeatureEnabled(feature)); |
There was a problem hiding this comment.
just a nitpick (coming from my functional programming self :))
it could be pointfree (same below)
Suggested change
| valid = options.features.every((feature) => settingsStore.isEnterpriseFeatureEnabled(feature)); | |
| valid = options.features.every(settingsStore.isEnterpriseFeatureEnabled); |
cstuncsik
reviewed
Nov 14, 2023
| resourceId: string; | ||
| }, | ||
| ) { | ||
| if (!scopesByResourceId.value[context.resourceType][context.resourceId]) { |
There was a problem hiding this comment.
maybe you could save these long object accesses to a variable to avoid the repetition
cstuncsik
reviewed
Nov 14, 2023
| export function inferResourceTypeFromRoute(to: RouteLocationNormalized): Resource | undefined { | ||
| const routeParts = to.path.split('/'); | ||
|
|
||
| switch (true) { |
There was a problem hiding this comment.
you could reduce some repetition with just using an object and a forOf loop
const hash = {
workflow: 'workflows',
sourceControl: 'source-control',
}
for (const resource of hash) {
if(routeParts.includes(hash[resource])) {
return resource
}
}There was a problem hiding this comment.
Awesome idea! Thanks!
cstuncsik
previously approved these changes
Nov 14, 2023
|
|
2 flaky tests on run #3000 ↗︎
Details:
|
|||||||||||||||||||||||||||
| Test | Artifacts | |
|---|---|---|
| Canvas Node Manipulation and Navigation > should add merge node and test connections |
Screenshots
Video
|
|
26-resource-locator.cy.ts • 1 flaky test
| Test | Artifacts | |
|---|---|---|
| Resource Locator > should retrieve list options when other params throw errors |
Screenshots
Video
|
|
Review all test suite changes for PR #7702 ↗︎
alexgrozav
changed the title
alexgrozav
commented
Nov 15, 2023
Comment on lines
122
to
127
| const defaultScopes: Scope[] = []; | ||
| if (isInstanceOwner(user)) { | ||
| defaultScopes.push('tag:delete'); | ||
| } | ||
|
|
||
| useRBACStore().setGlobalScopes(user.globalScopes || defaultScopes); |
There was a problem hiding this comment.
@cstuncsik This code needs to be updated once Back End returns globalScopes.
cstuncsik
previously approved these changes
Nov 15, 2023
|
|
…permissions-overhaul
…permissions-overhaul
…permissions-overhaul
…n8n-io/n8n into pay-1005-front-end-permissions-overhaul
cstuncsik
previously approved these changes
Nov 21, 2023
|
|
cstuncsik
previously approved these changes
Nov 21, 2023
|
✅ All Cypress E2E specs passed |
cstuncsik
previously approved these changes
Nov 22, 2023
|
✅ All Cypress E2E specs passed |
…permissions-overhaul
cstuncsik
approved these changes
Nov 23, 2023
|
✅ All Cypress E2E specs passed |
Merged
ivov
added a commit
that referenced
this pull request
Nov 29, 2023
# [1.19.0](https://github.com/n8n-io/n8n/compare/n8n@1.18.0...n8n@1.19.0) (2023-11-29) ### Bug Fixes * **core:** Ensure member and admin cannot be promoted to owner ([#7830](#7830)) ([9b87a59](9b87a59)), closes [/linear.app/n8n/issue/PAY-985/add-user-role-modification-endpoint#comment-62355f6](https://github.com//linear.app/n8n/issue/PAY-985/add-user-role-modification-endpoint/issues/comment-62355f6) * **core:** Prevent error messages due to statistics about data loading ([#7824](#7824)) ([847f6ac](847f6ac)) * **core:** Tighten checks for multi-main setup usage ([#7788](#7788)) ([fdb2c18](fdb2c18)) * **core:** Use AbortController to notify nodes to abort execution ([#6141](#6141)) ([d2c18c5](d2c18c5)) * **editor:** Add telemetry to workflow history ([#7811](#7811)) ([d497041](d497041)) * **editor:** Allow owners and admins to share workflows and credentials they don't own ([#7833](#7833)) ([3ab3ec9](3ab3ec9)) * **editor:** Disable context menu actions in read-only mode ([#7789](#7789)) ([902beff](902beff)) * **editor:** Fix cloud plan data loading on instance ([#7841](#7841)) ([8b99384](8b99384)) * **editor:** Fix credential icon for old node type version ([#7843](#7843)) ([4074107](4074107)) * **editor:** Fix icon for unknown node type ([#7842](#7842)) ([28ac5a7](28ac5a7)) * **editor:** Fix mouse position in workflow previews ([#7853](#7853)) ([c063398](c063398)) * **editor:** Show nice error when environment is not set up ([#7778](#7778)) ([5835e05](5835e05)) * **editor:** Suppress dev server websocket messages in workflow view ([#7808](#7808)) ([685ffd7](685ffd7)) * **Google Sheets Node:** Read operation execute for each item ([#7800](#7800)) ([d548872](d548872)) * **HTTP Request Node:** Enable expressions for binary input data fields ([#7782](#7782)) ([6208af0](6208af0)) * **Microsoft SQL Node:** Prevent double escaping table name ([#7801](#7801)) ([73ec753](73ec753)) ### Features * Add AI tool building capabilities ([#7336](#7336)) ([87def60](87def60)) * Add initial scope checks via decorators ([#7737](#7737)) ([a37f1cb](a37f1cb)) * Ado 1296 spike credential setup in templates ([#7786](#7786)) ([aae45b0](aae45b0)) * **core:** Add Support for custom CORS origins for webhooks ([#7455](#7455)) ([99a9ea4](99a9ea4)) * **core:** Allow user role modification ([#7797](#7797)) ([7a86d36](7a86d36)) * **core:** Set up endpoint for all existing roles with license flag ([#7834](#7834)) ([2356fb0](2356fb0)) * **editor:** Add node name and version to NDV node settings ([#7731](#7731)) ([da85198](da85198)) * **editor:** Add routing middleware, permission checks, RBAC store, RBAC component ([#7702](#7702)) ([67a8891](67a8891)) * **editor:** Replace middleware for Role checks with Scope checks ([#7847](#7847)) ([72852a6](72852a6)) * **editor:** Show avatars for users currently working on the same workflow ([#7763](#7763)) ([77bc8ec](77bc8ec)) * **Notion Node:** Option to simplify output in getChildBlocks operation ([#7791](#7791)) ([d667bca](d667bca)) * **Slack Node:** Add support for getting the profile of a user ([#7829](#7829)) ([90bb6ba](90bb6ba)) Co-authored-by: ivov <ivov@users.noreply.github.com>
|
Got released with |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Github issue / Community forum post (link here to close automatically):