♻️ split get all credentials route

n8n-io · Jul 11, 2022 · 257f9a9 · 257f9a9
1 parent cd1a51b
commit 257f9a9
Show file tree

Hide file tree

Showing 2 changed files with 64 additions and 47 deletions.
diff --git a/packages/cli/src/credentials/credentials.controller.ts b/packages/cli/src/credentials/credentials.controller.ts
@@ -52,38 +52,9 @@ credentialsController.use('/', EECredentialsController);
 credentialsController.get(
 	'/',
 	ResponseHelper.send(async (req: CredentialRequest.GetAll): Promise<ICredentialsResponse[]> => {
-		let credentials: ICredentialsDb[] = [];
-
 		const filter = req.query.filter ? (JSON.parse(req.query.filter) as Record<string, string>) : {};
 
-		try {
-			if (req.user.globalRole.name === 'owner') {
-				credentials = await Db.collections.Credentials.find({
-					select: ['id', 'name', 'type', 'nodesAccess', 'createdAt', 'updatedAt'],
-					where: filter,
-				});
-			} else {
-				const shared = await Db.collections.SharedCredentials.find({
-					where: whereClause({
-						user: req.user,
-						entityType: 'credentials',
-					}),
-				});
-
-				if (!shared.length) return [];
-
-				credentials = await Db.collections.Credentials.find({
-					select: ['id', 'name', 'type', 'nodesAccess', 'createdAt', 'updatedAt'],
-					where: {
-						id: In(shared.map(({ credentialId }) => credentialId)),
-						...filter,
-					},
-				});
-			}
-		} catch (error) {
-			LoggerProxy.error('Request to list credentials failed', error);
-			throw error;
-		}
+		const credentials = await CredentialsService.getFilteredCredentials(req.user, filter);
 
 		return credentials.map((credential) => {
 			// eslint-disable-next-line no-param-reassign
@@ -122,20 +93,8 @@ credentialsController.post(
 	ResponseHelper.send(async (req: CredentialRequest.Test): Promise<INodeCredentialTestResult> => {
 		const { credentials, nodeToTestWith } = req.body;
 
-		let encryptionKey: string;
-		try {
-			encryptionKey = await UserSettings.getEncryptionKey();
-		} catch (error) {
-			throw new ResponseHelper.ResponseError(
-				RESPONSE_ERROR_MESSAGES.NO_ENCRYPTION_KEY,
-				undefined,
-				500,
-			);
-		}
-
-		const helper = new CredentialsHelper(encryptionKey);
-
-		return helper.testCredentials(req.user, credentials.type, credentials, nodeToTestWith);
+		const encryptionKey = await CredentialsService.getEncryptionKey();
+		return CredentialsService.testCredentials(req.user, encryptionKey, credentials, nodeToTestWith);
 	}),
 );
 

diff --git a/packages/cli/src/credentials/credentials.service.ts b/packages/cli/src/credentials/credentials.service.ts
@@ -1,11 +1,23 @@
 /* eslint-disable no-restricted-syntax */
 /* eslint-disable import/no-cycle */
 import { Credentials, UserSettings } from 'n8n-core';
-import { ICredentialDataDecryptedObject, LoggerProxy } from 'n8n-workflow';
-import { FindOneOptions } from 'typeorm';
+import {
+	ICredentialDataDecryptedObject,
+	ICredentialsDecrypted,
+	INodeCredentialTestResult,
+	LoggerProxy,
+} from 'n8n-workflow';
+import { FindOneOptions, In } from 'typeorm';
 import { clone } from 'lodash';
 
-import { createCredentialsFromCredentialsEntity, Db, ICredentialsDb, ResponseHelper } from '..';
+import {
+	createCredentialsFromCredentialsEntity,
+	CredentialsHelper,
+	Db,
+	ICredentialsDb,
+	ResponseHelper,
+	whereClause,
+} from '..';
 import { RESPONSE_ERROR_MESSAGES } from '../constants';
 import { CredentialsEntity } from '../databases/entities/CredentialsEntity';
 import { SharedCredentials } from '../databases/entities/SharedCredentials';
@@ -38,6 +50,41 @@ export class CredentialsService {
 		return Db.collections.SharedCredentials.findOne(options);
 	}
 
+	static async getFilteredCredentials(
+		user: User,
+		filter: Record<string, string>,
+	): Promise<ICredentialsDb[]> {
+		try {
+			if (user.globalRole.name === 'owner') {
+				return await Db.collections.Credentials.find({
+					select: ['id', 'name', 'type', 'nodesAccess', 'createdAt', 'updatedAt'],
+					where: filter,
+				});
+			}
+			const shared = await Db.collections.SharedCredentials.find({
+				where: whereClause({
+					user,
+					entityType: 'credentials',
+				}),
+			});
+
+			if (!shared.length) return [];
+
+			return await Db.collections.Credentials.find({
+				select: ['id', 'name', 'type', 'nodesAccess', 'createdAt', 'updatedAt'],
+				where: {
+					// The ordering is important here. If id is before the object spread then
+					// a user can control the id field
+					...filter,
+					id: In(shared.map(({ credentialId }) => credentialId)),
+				},
+			});
+		} catch (error) {
+			LoggerProxy.error('Request to list credentials failed', error);
+			throw error;
+		}
+	}
+
 	static createCredentialsFromCredentialsEntity(
 		credential: CredentialsEntity,
 		encrypt = false,
@@ -198,4 +245,15 @@ export class CredentialsService {
 
 		await Db.collections.Credentials.remove(credentials);
 	}
+
+	static async testCredentials(
+		user: User,
+		encryptionKey: string,
+		credentials: ICredentialsDecrypted,
+		nodeToTestWith: string | undefined,
+	): Promise<INodeCredentialTestResult> {
+		const helper = new CredentialsHelper(encryptionKey);
+
+		return helper.testCredentials(user, credentials.type, credentials, nodeToTestWith);
+	}
 }