UNPKG

n8n

Version:

n8n Workflow Automation Tool

n8n.io

n8n-io/n8n

111 lines 4.83 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
"use strict"; Object.defineProperty(exports, "__esModule", { value: true }); exports.isLicensed = exports.validLicenseWithUserQuota = exports.apiKeyHasScopeWithGlobalScopeFallback = exports.publicApiScope = exports.validCursor = exports.projectScope = exports.globalScope = void 0; const di_1 = require("@n8n/di"); const feature_not_licensed_error_1 = require("../../../../errors/feature-not-licensed.error"); const not_found_error_1 = require("../../../../errors/response-errors/not-found.error"); const license_1 = require("../../../../license"); const check_access_1 = require("../../../../permissions.ee/check-access"); const pagination_service_1 = require("../services/pagination.service"); const UNLIMITED_USERS_QUOTA = -1; const buildScopeMiddleware = (scopes, resource, { globalOnly } = { globalOnly: false }) => { return async (req, res, next) => { const params = {}; if (req.params.id) { if (resource === 'workflow') { params.workflowId = req.params.id; } else if (resource === 'credential') { params.credentialId = req.params.id; } } else if (req.params.dataTableId && resource === 'dataTable') { params.dataTableId = req.params.dataTableId; } try { if (!(await (0, check_access_1.userHasScopes)(req.user, scopes, globalOnly, params))) { return res.status(403).json({ message: 'Forbidden' }); } } catch (error) { if (error instanceof not_found_error_1.NotFoundError) { return res.status(404).json({ message: error.message }); } throw error; } return next(); }; }; const globalScope = (scopes) => buildScopeMiddleware(Array.isArray(scopes) ? scopes : [scopes], undefined, { globalOnly: true }); exports.globalScope = globalScope; const projectScope = (scopes, resource) => buildScopeMiddleware(Array.isArray(scopes) ? scopes : [scopes], resource, { globalOnly: false }); exports.projectScope = projectScope; const validCursor = (req, res, next) => { const paginatedReq = req; if (paginatedReq.query.cursor) { const { cursor } = paginatedReq.query; try { const paginationData = (0, pagination_service_1.decodeCursor)(cursor); if ('offset' in paginationData) { paginatedReq.query.offset = paginationData.offset; paginatedReq.query.limit = paginationData.limit; } else { paginatedReq.query.lastId = paginationData.lastId; paginatedReq.query.limit = paginationData.limit; } } catch (error) { return res.status(400).json({ message: 'An invalid cursor was provided', }); } } return next(); }; exports.validCursor = validCursor; function tagMiddleware(middleware, apiKeyScope) { const tagged = Object.assign((req, res, next) => middleware(req, res, next), { __apiKeyScope: apiKeyScope }); return tagged; } function makePublicApiScopeEnforcementMiddleware(endpointScope) { return async (req, res, next) => { const { tokenGrant } = req; if (!tokenGrant) { res.status(403).json({ message: 'Forbidden' }); return; } if (!tokenGrant.apiKeyScopes?.includes(endpointScope)) { res.status(403).json({ message: 'Forbidden' }); return; } next(); return; }; } const publicApiScope = (apiKeyScope) => tagMiddleware(makePublicApiScopeEnforcementMiddleware(apiKeyScope), apiKeyScope); exports.publicApiScope = publicApiScope; const apiKeyHasScopeWithGlobalScopeFallback = (config) => { const scope = 'scope' in config ? config.scope : config.apiKeyScope; return tagMiddleware(makePublicApiScopeEnforcementMiddleware(scope), scope); }; exports.apiKeyHasScopeWithGlobalScopeFallback = apiKeyHasScopeWithGlobalScopeFallback; const validLicenseWithUserQuota = (_, res, next) => { const license = di_1.Container.get(license_1.License); if (license.getUsersLimit() !== UNLIMITED_USERS_QUOTA) { return res.status(403).json({ message: '/users path can only be used with a valid license. See https://n8n.io/pricing/', }); } return next(); }; exports.validLicenseWithUserQuota = validLicenseWithUserQuota; const isLicensed = (feature) => { return async (_, res, next) => { if (di_1.Container.get(license_1.License).isLicensed(feature)) return next(); return res.status(403).json({ message: new feature_not_licensed_error_1.FeatureNotLicensedError(feature).message }); }; }; exports.isLicensed = isLicensed; //# sourceMappingURL=global.middleware.js.map