diff --git a/packages/backend/package.json b/packages/backend/package.json index 79b43b59..a832402e 100644 --- a/packages/backend/package.json +++ b/packages/backend/package.json @@ -112,5 +112,6 @@ "src/" ], "ext": "js" - } + }, + "packageManager": "yarn@1.22.22+sha512.a6b2f7906b721bba3d67d4aff083df04dad64c399707841b7acf00f6b133b7ac24255f2652fa22ae3534329dc6180534e98d17432037ff6fd140556e2bb3137e" } diff --git a/packages/backend/src/controllers/api/v1/admin/roles/update-role.ee.test.js b/packages/backend/src/controllers/api/v1/admin/roles/update-role.ee.test.js index 8d6a3636..b5e5961f 100644 --- a/packages/backend/src/controllers/api/v1/admin/roles/update-role.ee.test.js +++ b/packages/backend/src/controllers/api/v1/admin/roles/update-role.ee.test.js @@ -74,7 +74,7 @@ describe('PATCH /api/v1/admin/roles/:roleId', () => { it('should return the updated role with sanitized permissions', async () => { const validPermission = { - action: 'create', + action: 'manage', subject: 'Connection', conditions: ['isCreator'], }; diff --git a/packages/backend/src/controllers/api/v1/apps/create-connection.test.js b/packages/backend/src/controllers/api/v1/apps/create-connection.test.js index 0465458f..7edcc94e 100644 --- a/packages/backend/src/controllers/api/v1/apps/create-connection.test.js +++ b/packages/backend/src/controllers/api/v1/apps/create-connection.test.js @@ -22,7 +22,7 @@ describe('POST /api/v1/apps/:appKey/connections', () => { }); await createPermission({ - action: 'create', + action: 'manage', subject: 'Connection', roleId: role.id, }); diff --git a/packages/backend/src/controllers/api/v1/connections/delete-connection.test.js b/packages/backend/src/controllers/api/v1/connections/delete-connection.test.js index bbac5403..3b948cc1 100644 --- a/packages/backend/src/controllers/api/v1/connections/delete-connection.test.js +++ b/packages/backend/src/controllers/api/v1/connections/delete-connection.test.js @@ -15,14 +15,7 @@ describe('DELETE /api/v1/connections/:connectionId', () => { currentUserRole = await currentUser.$relatedQuery('role'); await createPermission({ - action: 'delete', - subject: 'Connection', - roleId: currentUserRole.id, - conditions: ['isCreator'], - }); - - await createPermission({ - action: 'update', + action: 'manage', subject: 'Connection', roleId: currentUserRole.id, conditions: ['isCreator'], diff --git a/packages/backend/src/controllers/api/v1/connections/generate-auth-url.test.js b/packages/backend/src/controllers/api/v1/connections/generate-auth-url.test.js index 8dee64e3..c7bb382c 100644 --- a/packages/backend/src/controllers/api/v1/connections/generate-auth-url.test.js +++ b/packages/backend/src/controllers/api/v1/connections/generate-auth-url.test.js @@ -14,7 +14,7 @@ describe('POST /api/v1/connections/:connectionId/auth-url', () => { currentUser = await createUser(); await createPermission({ - action: 'create', + action: 'manage', subject: 'Connection', roleId: currentUser.roleId, conditions: ['isCreator'], diff --git a/packages/backend/src/controllers/api/v1/connections/reset-connection.test.js b/packages/backend/src/controllers/api/v1/connections/reset-connection.test.js index 2e94c5d6..956896c6 100644 --- a/packages/backend/src/controllers/api/v1/connections/reset-connection.test.js +++ b/packages/backend/src/controllers/api/v1/connections/reset-connection.test.js @@ -32,7 +32,7 @@ describe('POST /api/v1/connections/:connectionId/reset', () => { }); await createPermission({ - action: 'create', + action: 'manage', subject: 'Connection', roleId: currentUserRole.id, conditions: ['isCreator'], @@ -68,7 +68,7 @@ describe('POST /api/v1/connections/:connectionId/reset', () => { }); await createPermission({ - action: 'create', + action: 'manage', subject: 'Connection', roleId: currentUserRole.id, conditions: [], @@ -84,7 +84,7 @@ describe('POST /api/v1/connections/:connectionId/reset', () => { const notExistingConnectionUUID = Crypto.randomUUID(); await createPermission({ - action: 'create', + action: 'manage', subject: 'Connection', roleId: currentUserRole.id, conditions: ['isCreator'], @@ -98,7 +98,7 @@ describe('POST /api/v1/connections/:connectionId/reset', () => { it('should return bad request response for invalid UUID', async () => { await createPermission({ - action: 'create', + action: 'manage', subject: 'Connection', roleId: currentUserRole.id, conditions: ['isCreator'], diff --git a/packages/backend/src/controllers/api/v1/connections/test-connection.test.js b/packages/backend/src/controllers/api/v1/connections/test-connection.test.js index 8d11f907..8fb9d821 100644 --- a/packages/backend/src/controllers/api/v1/connections/test-connection.test.js +++ b/packages/backend/src/controllers/api/v1/connections/test-connection.test.js @@ -32,7 +32,7 @@ describe('POST /api/v1/connections/:connectionId/test', () => { }); await createPermission({ - action: 'update', + action: 'manage', subject: 'Connection', roleId: currentUserRole.id, conditions: ['isCreator'], @@ -63,7 +63,7 @@ describe('POST /api/v1/connections/:connectionId/test', () => { }); await createPermission({ - action: 'update', + action: 'manage', subject: 'Connection', roleId: currentUserRole.id, conditions: [], @@ -88,7 +88,7 @@ describe('POST /api/v1/connections/:connectionId/test', () => { }); await createPermission({ - action: 'update', + action: 'manage', subject: 'Connection', roleId: currentUserRole.id, conditions: ['isCreator'], @@ -109,7 +109,7 @@ describe('POST /api/v1/connections/:connectionId/test', () => { }); await createPermission({ - action: 'update', + action: 'manage', subject: 'Connection', roleId: currentUserRole.id, conditions: ['isCreator'], diff --git a/packages/backend/src/controllers/api/v1/connections/update-connection.test.js b/packages/backend/src/controllers/api/v1/connections/update-connection.test.js index 5902e361..65e494ea 100644 --- a/packages/backend/src/controllers/api/v1/connections/update-connection.test.js +++ b/packages/backend/src/controllers/api/v1/connections/update-connection.test.js @@ -34,7 +34,7 @@ describe('PATCH /api/v1/connections/:connectionId', () => { const currentUserConnection = await createConnection(connectionData); await createPermission({ - action: 'update', + action: 'manage', subject: 'Connection', roleId: currentUserRole.id, conditions: ['isCreator'], @@ -72,7 +72,7 @@ describe('PATCH /api/v1/connections/:connectionId', () => { }); await createPermission({ - action: 'update', + action: 'manage', subject: 'Connection', roleId: currentUserRole.id, conditions: [], @@ -88,7 +88,7 @@ describe('PATCH /api/v1/connections/:connectionId', () => { const notExistingConnectionUUID = Crypto.randomUUID(); await createPermission({ - action: 'update', + action: 'manage', subject: 'Connection', roleId: currentUserRole.id, conditions: ['isCreator'], @@ -102,7 +102,7 @@ describe('PATCH /api/v1/connections/:connectionId', () => { it('should return bad request response for invalid UUID', async () => { await createPermission({ - action: 'update', + action: 'manage', subject: 'Connection', roleId: currentUserRole.id, conditions: ['isCreator'], diff --git a/packages/backend/src/controllers/api/v1/connections/verify-connection.test.js b/packages/backend/src/controllers/api/v1/connections/verify-connection.test.js index 4fd6f974..544f203f 100644 --- a/packages/backend/src/controllers/api/v1/connections/verify-connection.test.js +++ b/packages/backend/src/controllers/api/v1/connections/verify-connection.test.js @@ -26,7 +26,7 @@ describe('POST /api/v1/connections/:connectionId/verify', () => { }); await createPermission({ - action: 'create', + action: 'manage', subject: 'Connection', roleId: currentUserRole.id, conditions: ['isCreator'], @@ -54,7 +54,7 @@ describe('POST /api/v1/connections/:connectionId/verify', () => { const notExistingConnectionUUID = Crypto.randomUUID(); await createPermission({ - action: 'create', + action: 'manage', subject: 'Connection', roleId: currentUserRole.id, conditions: ['isCreator'], @@ -68,7 +68,7 @@ describe('POST /api/v1/connections/:connectionId/verify', () => { it('should return bad request response for invalid UUID', async () => { await createPermission({ - action: 'create', + action: 'manage', subject: 'Connection', roleId: currentUserRole.id, conditions: ['isCreator'], diff --git a/packages/backend/src/controllers/api/v1/flows/create-flow.test.js b/packages/backend/src/controllers/api/v1/flows/create-flow.test.js index 2c55f8ef..3a370cf4 100644 --- a/packages/backend/src/controllers/api/v1/flows/create-flow.test.js +++ b/packages/backend/src/controllers/api/v1/flows/create-flow.test.js @@ -20,7 +20,7 @@ describe('POST /api/v1/flows', () => { it('should create an empty flow when no templateId is provided', async () => { await createPermission({ - action: 'create', + action: 'manage', subject: 'Flow', roleId: currentUserRole.id, conditions: ['isCreator'], @@ -42,7 +42,7 @@ describe('POST /api/v1/flows', () => { it('should create a flow from template when templateId is provided', async () => { await createPermission({ - action: 'create', + action: 'manage', subject: 'Flow', roleId: currentUserRole.id, conditions: ['isCreator'], diff --git a/packages/backend/src/controllers/api/v1/flows/create-step.test.js b/packages/backend/src/controllers/api/v1/flows/create-step.test.js index efc599b5..a4c15fb5 100644 --- a/packages/backend/src/controllers/api/v1/flows/create-step.test.js +++ b/packages/backend/src/controllers/api/v1/flows/create-step.test.js @@ -36,7 +36,7 @@ describe('POST /api/v1/flows/:flowId/steps', () => { await createPermission({ roleId: currentUser.roleId, subject: 'Flow', - action: 'update', + action: 'manage', conditions: ['isCreator'], }); @@ -78,7 +78,7 @@ describe('POST /api/v1/flows/:flowId/steps', () => { await createPermission({ roleId: currentUser.roleId, subject: 'Flow', - action: 'update', + action: 'manage', conditions: [], }); @@ -109,7 +109,7 @@ describe('POST /api/v1/flows/:flowId/steps', () => { await createPermission({ roleId: currentUser.roleId, subject: 'Flow', - action: 'update', + action: 'manage', conditions: ['isCreator'], }); @@ -133,7 +133,7 @@ describe('POST /api/v1/flows/:flowId/steps', () => { await createPermission({ roleId: currentUser.roleId, subject: 'Flow', - action: 'update', + action: 'manage', conditions: ['isCreator'], }); @@ -159,7 +159,7 @@ describe('POST /api/v1/flows/:flowId/steps', () => { await createPermission({ roleId: currentUser.roleId, subject: 'Flow', - action: 'update', + action: 'manage', conditions: ['isCreator'], }); diff --git a/packages/backend/src/controllers/api/v1/flows/delete-flow.test.js b/packages/backend/src/controllers/api/v1/flows/delete-flow.test.js index 84103120..9226ce6e 100644 --- a/packages/backend/src/controllers/api/v1/flows/delete-flow.test.js +++ b/packages/backend/src/controllers/api/v1/flows/delete-flow.test.js @@ -28,7 +28,7 @@ describe('DELETE /api/v1/flows/:flowId', () => { }); await createPermission({ - action: 'delete', + action: 'manage', subject: 'Flow', roleId: currentUserRole.id, conditions: ['isCreator'], @@ -52,7 +52,7 @@ describe('DELETE /api/v1/flows/:flowId', () => { }); await createPermission({ - action: 'delete', + action: 'manage', subject: 'Flow', roleId: currentUserRole.id, conditions: [], @@ -73,7 +73,7 @@ describe('DELETE /api/v1/flows/:flowId', () => { }); await createPermission({ - action: 'delete', + action: 'manage', subject: 'Flow', roleId: currentUserRole.id, conditions: ['isCreator'], @@ -96,7 +96,7 @@ describe('DELETE /api/v1/flows/:flowId', () => { }); await createPermission({ - action: 'delete', + action: 'manage', subject: 'Flow', roleId: currentUserRole.id, conditions: ['isCreator'], diff --git a/packages/backend/src/controllers/api/v1/flows/duplicate-flow.test.js b/packages/backend/src/controllers/api/v1/flows/duplicate-flow.test.js index 924b4f10..349c65f8 100644 --- a/packages/backend/src/controllers/api/v1/flows/duplicate-flow.test.js +++ b/packages/backend/src/controllers/api/v1/flows/duplicate-flow.test.js @@ -48,7 +48,7 @@ describe('POST /api/v1/flows/:flowId/duplicate', () => { }); await createPermission({ - action: 'create', + action: 'manage', subject: 'Flow', roleId: currentUserRole.id, conditions: ['isCreator'], @@ -106,7 +106,7 @@ describe('POST /api/v1/flows/:flowId/duplicate', () => { }); await createPermission({ - action: 'create', + action: 'manage', subject: 'Flow', roleId: currentUserRole.id, conditions: [], @@ -143,7 +143,7 @@ describe('POST /api/v1/flows/:flowId/duplicate', () => { }); await createPermission({ - action: 'create', + action: 'manage', subject: 'Flow', roleId: currentUserRole.id, conditions: ['isCreator'], @@ -169,7 +169,7 @@ describe('POST /api/v1/flows/:flowId/duplicate', () => { }); await createPermission({ - action: 'create', + action: 'manage', subject: 'Flow', roleId: currentUserRole.id, conditions: ['isCreator'], @@ -190,7 +190,7 @@ describe('POST /api/v1/flows/:flowId/duplicate', () => { }); await createPermission({ - action: 'create', + action: 'manage', subject: 'Flow', roleId: currentUserRole.id, conditions: ['isCreator'], diff --git a/packages/backend/src/controllers/api/v1/flows/export-flow.test.js b/packages/backend/src/controllers/api/v1/flows/export-flow.test.js index add5ae12..315bec13 100644 --- a/packages/backend/src/controllers/api/v1/flows/export-flow.test.js +++ b/packages/backend/src/controllers/api/v1/flows/export-flow.test.js @@ -56,7 +56,7 @@ describe('POST /api/v1/flows/:flowId/export', () => { }); await createPermission({ - action: 'update', + action: 'manage', subject: 'Flow', roleId: currentUserRole.id, conditions: ['isCreator'], @@ -113,7 +113,7 @@ describe('POST /api/v1/flows/:flowId/export', () => { }); await createPermission({ - action: 'update', + action: 'manage', subject: 'Flow', roleId: currentUserRole.id, conditions: [], @@ -141,7 +141,7 @@ describe('POST /api/v1/flows/:flowId/export', () => { }); await createPermission({ - action: 'update', + action: 'manage', subject: 'Flow', roleId: currentUserRole.id, conditions: ['isCreator'], @@ -167,7 +167,7 @@ describe('POST /api/v1/flows/:flowId/export', () => { }); await createPermission({ - action: 'update', + action: 'manage', subject: 'Flow', roleId: currentUserRole.id, conditions: ['isCreator'], @@ -188,7 +188,7 @@ describe('POST /api/v1/flows/:flowId/export', () => { }); await createPermission({ - action: 'update', + action: 'manage', subject: 'Flow', roleId: currentUserRole.id, conditions: ['isCreator'], diff --git a/packages/backend/src/controllers/api/v1/flows/import-flow.test.js b/packages/backend/src/controllers/api/v1/flows/import-flow.test.js index 9e76c934..21f89a4f 100644 --- a/packages/backend/src/controllers/api/v1/flows/import-flow.test.js +++ b/packages/backend/src/controllers/api/v1/flows/import-flow.test.js @@ -48,7 +48,7 @@ describe('POST /api/v1/flows/import', () => { }); await createPermission({ - action: 'create', + action: 'manage', subject: 'Flow', roleId: currentUserRole.id, conditions: ['isCreator'], @@ -124,7 +124,7 @@ describe('POST /api/v1/flows/import', () => { }); await createPermission({ - action: 'create', + action: 'manage', subject: 'Flow', roleId: currentUserRole.id, conditions: ['isCreator'], @@ -206,7 +206,7 @@ describe('POST /api/v1/flows/import', () => { }); await createPermission({ - action: 'create', + action: 'manage', subject: 'Flow', roleId: currentUserRole.id, conditions: ['isCreator'], @@ -279,7 +279,7 @@ describe('POST /api/v1/flows/import', () => { }); await createPermission({ - action: 'create', + action: 'manage', subject: 'Flow', roleId: currentUserRole.id, conditions: ['isCreator'], @@ -330,7 +330,7 @@ describe('POST /api/v1/flows/import', () => { const currentUserFlow = await createFlow({ userId: currentUser.id }); await createPermission({ - action: 'create', + action: 'manage', subject: 'Flow', roleId: currentUserRole.id, conditions: ['isCreator'], diff --git a/packages/backend/src/controllers/api/v1/flows/update-flow-folder.test.js b/packages/backend/src/controllers/api/v1/flows/update-flow-folder.test.js index 0abdef5d..1be8bf30 100644 --- a/packages/backend/src/controllers/api/v1/flows/update-flow-folder.test.js +++ b/packages/backend/src/controllers/api/v1/flows/update-flow-folder.test.js @@ -45,7 +45,7 @@ describe('PATCH /api/v1/flows/:flowId/folder', () => { }); await createPermission({ - action: 'update', + action: 'manage', subject: 'Flow', roleId: currentUserRole.id, conditions: ['isCreator'], @@ -77,7 +77,7 @@ describe('PATCH /api/v1/flows/:flowId/folder', () => { const anotherUserFlow = await createFlow({ userId: anotherUser.id }); await createPermission({ - action: 'update', + action: 'manage', subject: 'Flow', roleId: currentUserRole.id, conditions: [], @@ -96,7 +96,7 @@ describe('PATCH /api/v1/flows/:flowId/folder', () => { const anotherUserFolder = await createFolder({ userId: anotherUser.id }); await createPermission({ - action: 'update', + action: 'manage', subject: 'Flow', roleId: currentUserRole.id, conditions: [], @@ -111,7 +111,7 @@ describe('PATCH /api/v1/flows/:flowId/folder', () => { it('should return not found response for not existing flow UUID', async () => { await createPermission({ - action: 'update', + action: 'manage', subject: 'Flow', roleId: currentUserRole.id, conditions: ['isCreator'], @@ -130,7 +130,7 @@ describe('PATCH /api/v1/flows/:flowId/folder', () => { const flow = await createFlow({ userId: currentUser.id }); await createPermission({ - action: 'update', + action: 'manage', subject: 'Flow', roleId: currentUserRole.id, conditions: ['isCreator'], @@ -147,7 +147,7 @@ describe('PATCH /api/v1/flows/:flowId/folder', () => { it('should return bad request response for invalid flow UUID', async () => { await createPermission({ - action: 'update', + action: 'manage', subject: 'Flow', roleId: currentUserRole.id, }); @@ -160,7 +160,7 @@ describe('PATCH /api/v1/flows/:flowId/folder', () => { it('should return bad request response for invalid folder UUID', async () => { await createPermission({ - action: 'update', + action: 'manage', subject: 'Flow', roleId: currentUserRole.id, }); diff --git a/packages/backend/src/controllers/api/v1/flows/update-flow-status.test.js b/packages/backend/src/controllers/api/v1/flows/update-flow-status.test.js index c36f0110..ff9a11d8 100644 --- a/packages/backend/src/controllers/api/v1/flows/update-flow-status.test.js +++ b/packages/backend/src/controllers/api/v1/flows/update-flow-status.test.js @@ -51,7 +51,7 @@ describe('PATCH /api/v1/flows/:flowId/status', () => { }); await createPermission({ - action: 'publish', + action: 'manage', subject: 'Flow', roleId: currentUserRole.id, conditions: ['isCreator'], @@ -114,7 +114,7 @@ describe('PATCH /api/v1/flows/:flowId/status', () => { }); await createPermission({ - action: 'publish', + action: 'manage', subject: 'Flow', roleId: currentUserRole.id, conditions: [], @@ -152,7 +152,7 @@ describe('PATCH /api/v1/flows/:flowId/status', () => { }); await createPermission({ - action: 'publish', + action: 'manage', subject: 'Flow', roleId: currentUserRole.id, conditions: ['isCreator'], @@ -178,7 +178,7 @@ describe('PATCH /api/v1/flows/:flowId/status', () => { }); await createPermission({ - action: 'publish', + action: 'manage', subject: 'Flow', roleId: currentUserRole.id, conditions: ['isCreator'], @@ -199,7 +199,7 @@ describe('PATCH /api/v1/flows/:flowId/status', () => { }); await createPermission({ - action: 'publish', + action: 'manage', subject: 'Flow', roleId: currentUserRole.id, conditions: ['isCreator'], diff --git a/packages/backend/src/controllers/api/v1/flows/update-flow.test.js b/packages/backend/src/controllers/api/v1/flows/update-flow.test.js index 9bc72158..59fa3a8e 100644 --- a/packages/backend/src/controllers/api/v1/flows/update-flow.test.js +++ b/packages/backend/src/controllers/api/v1/flows/update-flow.test.js @@ -29,7 +29,7 @@ describe('PATCH /api/v1/flows/:flowId', () => { }); await createPermission({ - action: 'update', + action: 'manage', subject: 'Flow', roleId: currentUserRole.id, conditions: ['isCreator'], @@ -65,7 +65,7 @@ describe('PATCH /api/v1/flows/:flowId', () => { }); await createPermission({ - action: 'update', + action: 'manage', subject: 'Flow', roleId: currentUserRole.id, conditions: [], @@ -98,7 +98,7 @@ describe('PATCH /api/v1/flows/:flowId', () => { }); await createPermission({ - action: 'update', + action: 'manage', subject: 'Flow', roleId: currentUserRole.id, conditions: ['isCreator'], @@ -121,7 +121,7 @@ describe('PATCH /api/v1/flows/:flowId', () => { }); await createPermission({ - action: 'update', + action: 'manage', subject: 'Flow', roleId: currentUserRole.id, conditions: ['isCreator'], @@ -144,7 +144,7 @@ describe('PATCH /api/v1/flows/:flowId', () => { }); await createPermission({ - action: 'update', + action: 'manage', subject: 'Flow', roleId: currentUserRole.id, conditions: ['isCreator'], diff --git a/packages/backend/src/controllers/api/v1/folders/create-folder.test.js b/packages/backend/src/controllers/api/v1/folders/create-folder.test.js index 02b3329e..8ad563b2 100644 --- a/packages/backend/src/controllers/api/v1/folders/create-folder.test.js +++ b/packages/backend/src/controllers/api/v1/folders/create-folder.test.js @@ -18,7 +18,7 @@ describe('POST /api/v1/folders', () => { it('should return created flow', async () => { await createPermission({ - action: 'create', + action: 'manage', subject: 'Flow', roleId: currentUserRole.id, conditions: ['isCreator'], diff --git a/packages/backend/src/controllers/api/v1/folders/delete-folder.test.js b/packages/backend/src/controllers/api/v1/folders/delete-folder.test.js index c7ea71b8..e1f14be7 100644 --- a/packages/backend/src/controllers/api/v1/folders/delete-folder.test.js +++ b/packages/backend/src/controllers/api/v1/folders/delete-folder.test.js @@ -21,7 +21,7 @@ describe('DELETE /api/v1/folders/:folderId', () => { const currentUserFolder = await createFolder({ userId: currentUser.id }); await createPermission({ - action: 'create', + action: 'manage', subject: 'Flow', roleId: currentUserRole.id, }); @@ -34,7 +34,7 @@ describe('DELETE /api/v1/folders/:folderId', () => { it('should return not found response for not existing folder UUID', async () => { await createPermission({ - action: 'create', + action: 'manage', subject: 'Flow', roleId: currentUserRole.id, }); @@ -49,7 +49,7 @@ describe('DELETE /api/v1/folders/:folderId', () => { it('should return bad request response for invalid UUID', async () => { await createPermission({ - action: 'create', + action: 'manage', subject: 'Flow', roleId: currentUserRole.id, }); diff --git a/packages/backend/src/controllers/api/v1/folders/update-folder.test.js b/packages/backend/src/controllers/api/v1/folders/update-folder.test.js index f0e3cd95..4478c050 100644 --- a/packages/backend/src/controllers/api/v1/folders/update-folder.test.js +++ b/packages/backend/src/controllers/api/v1/folders/update-folder.test.js @@ -22,7 +22,7 @@ describe('PATCH /api/v1/folders/:folderId', () => { const currentUserFolder = await createFolder({ userId: currentUser.id }); await createPermission({ - action: 'create', + action: 'manage', subject: 'Flow', roleId: currentUserRole.id, }); @@ -47,7 +47,7 @@ describe('PATCH /api/v1/folders/:folderId', () => { it('should return not found response for not existing folder UUID', async () => { await createPermission({ - action: 'create', + action: 'manage', subject: 'Flow', roleId: currentUserRole.id, }); @@ -62,7 +62,7 @@ describe('PATCH /api/v1/folders/:folderId', () => { it('should return bad request response for invalid UUID', async () => { await createPermission({ - action: 'create', + action: 'manage', subject: 'Flow', roleId: currentUserRole.id, }); @@ -77,7 +77,7 @@ describe('PATCH /api/v1/folders/:folderId', () => { const currentUserFolder = await createFolder({ userId: currentUser.id }); await createPermission({ - action: 'create', + action: 'manage', subject: 'Flow', roleId: currentUserRole.id, }); diff --git a/packages/backend/src/controllers/api/v1/steps/create-dynamic-data.test.js b/packages/backend/src/controllers/api/v1/steps/create-dynamic-data.test.js index af3f22e2..1d05ba16 100644 --- a/packages/backend/src/controllers/api/v1/steps/create-dynamic-data.test.js +++ b/packages/backend/src/controllers/api/v1/steps/create-dynamic-data.test.js @@ -63,7 +63,7 @@ describe('POST /api/v1/steps/:stepId/dynamic-data', () => { }); await createPermission({ - action: 'update', + action: 'manage', subject: 'Flow', roleId: currentUserRole.id, conditions: ['isCreator'], @@ -102,7 +102,7 @@ describe('POST /api/v1/steps/:stepId/dynamic-data', () => { }); await createPermission({ - action: 'update', + action: 'manage', subject: 'Flow', roleId: currentUserRole.id, conditions: [], @@ -156,7 +156,7 @@ describe('POST /api/v1/steps/:stepId/dynamic-data', () => { }); await createPermission({ - action: 'update', + action: 'manage', subject: 'Flow', roleId: currentUserRole.id, conditions: ['isCreator'], @@ -177,7 +177,7 @@ describe('POST /api/v1/steps/:stepId/dynamic-data', () => { it('should return not found response for not existing step UUID', async () => { await createPermission({ - action: 'update', + action: 'manage', subject: 'Flow', roleId: currentUserRole.id, conditions: [], @@ -200,7 +200,7 @@ describe('POST /api/v1/steps/:stepId/dynamic-data', () => { it('should return not found response for existing step UUID without app key', async () => { await createPermission({ - action: 'update', + action: 'manage', subject: 'Flow', roleId: currentUserRole.id, conditions: [], @@ -223,7 +223,7 @@ describe('POST /api/v1/steps/:stepId/dynamic-data', () => { it('should return bad request response for invalid UUID', async () => { await createPermission({ - action: 'update', + action: 'manage', subject: 'Flow', roleId: currentUserRole.id, conditions: [], diff --git a/packages/backend/src/controllers/api/v1/steps/create-dynamic-fields.test.js b/packages/backend/src/controllers/api/v1/steps/create-dynamic-fields.test.js index 49d7f57f..0f1f6ced 100644 --- a/packages/backend/src/controllers/api/v1/steps/create-dynamic-fields.test.js +++ b/packages/backend/src/controllers/api/v1/steps/create-dynamic-fields.test.js @@ -37,7 +37,7 @@ describe('POST /api/v1/steps/:stepId/dynamic-fields', () => { }); await createPermission({ - action: 'update', + action: 'manage', subject: 'Flow', roleId: currentUserRole.id, conditions: ['isCreator'], @@ -78,7 +78,7 @@ describe('POST /api/v1/steps/:stepId/dynamic-fields', () => { }); await createPermission({ - action: 'update', + action: 'manage', subject: 'Flow', roleId: currentUserRole.id, conditions: [], @@ -102,7 +102,7 @@ describe('POST /api/v1/steps/:stepId/dynamic-fields', () => { it('should return not found response for not existing step UUID', async () => { await createPermission({ - action: 'update', + action: 'manage', subject: 'Flow', roleId: currentUserRole.id, conditions: [], @@ -125,7 +125,7 @@ describe('POST /api/v1/steps/:stepId/dynamic-fields', () => { it('should return not found response for existing step UUID without app key', async () => { await createPermission({ - action: 'update', + action: 'manage', subject: 'Flow', roleId: currentUserRole.id, conditions: [], @@ -149,7 +149,7 @@ describe('POST /api/v1/steps/:stepId/dynamic-fields', () => { it('should return bad request response for invalid UUID', async () => { await createPermission({ - action: 'update', + action: 'manage', subject: 'Flow', roleId: currentUserRole.id, conditions: [], diff --git a/packages/backend/src/controllers/api/v1/steps/delete-step.test.js b/packages/backend/src/controllers/api/v1/steps/delete-step.test.js index 756eb4af..a57751ca 100644 --- a/packages/backend/src/controllers/api/v1/steps/delete-step.test.js +++ b/packages/backend/src/controllers/api/v1/steps/delete-step.test.js @@ -41,7 +41,7 @@ describe('DELETE /api/v1/steps/:stepId', () => { }); await createPermission({ - action: 'update', + action: 'manage', subject: 'Flow', roleId: currentUserRole.id, conditions: ['isCreator'], @@ -76,7 +76,7 @@ describe('DELETE /api/v1/steps/:stepId', () => { }); await createPermission({ - action: 'update', + action: 'manage', subject: 'Flow', roleId: currentUserRole.id, conditions: [], @@ -90,7 +90,7 @@ describe('DELETE /api/v1/steps/:stepId', () => { it('should return not found response for not existing step UUID', async () => { await createPermission({ - action: 'update', + action: 'manage', subject: 'Flow', roleId: currentUserRole.id, conditions: [], @@ -113,7 +113,7 @@ describe('DELETE /api/v1/steps/:stepId', () => { it('should return bad request response for invalid step UUID', async () => { await createPermission({ - action: 'update', + action: 'manage', subject: 'Flow', roleId: currentUserRole.id, conditions: [], diff --git a/packages/backend/src/controllers/api/v1/steps/get-previous-steps.test.js b/packages/backend/src/controllers/api/v1/steps/get-previous-steps.test.js index b40446e3..8057015c 100644 --- a/packages/backend/src/controllers/api/v1/steps/get-previous-steps.test.js +++ b/packages/backend/src/controllers/api/v1/steps/get-previous-steps.test.js @@ -54,7 +54,7 @@ describe('GET /api/v1/steps/:stepId/previous-steps', () => { }); await createPermission({ - action: 'update', + action: 'manage', subject: 'Flow', roleId: currentUserRole.id, conditions: ['isCreator'], @@ -108,7 +108,7 @@ describe('GET /api/v1/steps/:stepId/previous-steps', () => { }); await createPermission({ - action: 'update', + action: 'manage', subject: 'Flow', roleId: currentUserRole.id, conditions: [], @@ -129,7 +129,7 @@ describe('GET /api/v1/steps/:stepId/previous-steps', () => { it('should return not found response for not existing step UUID', async () => { await createPermission({ - action: 'update', + action: 'manage', subject: 'Flow', roleId: currentUserRole.id, conditions: [], @@ -152,7 +152,7 @@ describe('GET /api/v1/steps/:stepId/previous-steps', () => { it('should return bad request response for invalid UUID', async () => { await createPermission({ - action: 'update', + action: 'manage', subject: 'Flow', roleId: currentUserRole.id, conditions: [], diff --git a/packages/backend/src/controllers/api/v1/steps/test-step.test.js b/packages/backend/src/controllers/api/v1/steps/test-step.test.js index b7574e85..491ada75 100644 --- a/packages/backend/src/controllers/api/v1/steps/test-step.test.js +++ b/packages/backend/src/controllers/api/v1/steps/test-step.test.js @@ -69,7 +69,7 @@ describe('POST /api/v1/steps/:stepId/test', () => { }); await createPermission({ - action: 'update', + action: 'manage', subject: 'Flow', roleId: currentUserRole.id, conditions: ['isCreator'], @@ -140,7 +140,7 @@ describe('POST /api/v1/steps/:stepId/test', () => { }); await createPermission({ - action: 'update', + action: 'manage', subject: 'Flow', roleId: currentUserRole.id, conditions: [], @@ -165,7 +165,7 @@ describe('POST /api/v1/steps/:stepId/test', () => { it('should return not found response for not existing step UUID', async () => { await createPermission({ - action: 'update', + action: 'manage', subject: 'Flow', roleId: currentUserRole.id, conditions: [], @@ -188,7 +188,7 @@ describe('POST /api/v1/steps/:stepId/test', () => { it('should return bad request response for invalid step UUID', async () => { await createPermission({ - action: 'update', + action: 'manage', subject: 'Flow', roleId: currentUserRole.id, conditions: [], diff --git a/packages/backend/src/controllers/api/v1/steps/update-step.test.js b/packages/backend/src/controllers/api/v1/steps/update-step.test.js index c219dee0..22cdb15d 100644 --- a/packages/backend/src/controllers/api/v1/steps/update-step.test.js +++ b/packages/backend/src/controllers/api/v1/steps/update-step.test.js @@ -46,7 +46,7 @@ describe('PATCH /api/v1/steps/:stepId', () => { }); await createPermission({ - action: 'update', + action: 'manage', subject: 'Flow', roleId: currentUser.roleId, conditions: ['isCreator'], @@ -96,7 +96,7 @@ describe('PATCH /api/v1/steps/:stepId', () => { }); await createPermission({ - action: 'update', + action: 'manage', subject: 'Flow', roleId: currentUser.roleId, conditions: [], @@ -145,7 +145,7 @@ describe('PATCH /api/v1/steps/:stepId', () => { }); await createPermission({ - action: 'update', + action: 'manage', subject: 'Flow', roleId: currentUser.roleId, conditions: ['isCreator'], @@ -169,7 +169,7 @@ describe('PATCH /api/v1/steps/:stepId', () => { it('should return not found response for not existing step UUID', async () => { await createPermission({ - action: 'update', + action: 'manage', subject: 'Flow', roleId: currentUser.roleId, conditions: [], @@ -192,7 +192,7 @@ describe('PATCH /api/v1/steps/:stepId', () => { it('should return bad request response for invalid step UUID', async () => { await createPermission({ - action: 'update', + action: 'manage', subject: 'Flow', roleId: currentUser.roleId, conditions: [], diff --git a/packages/backend/src/controllers/api/v1/templates/get-templates.ee.test.js b/packages/backend/src/controllers/api/v1/templates/get-templates.ee.test.js index c5634c02..730c7e37 100644 --- a/packages/backend/src/controllers/api/v1/templates/get-templates.ee.test.js +++ b/packages/backend/src/controllers/api/v1/templates/get-templates.ee.test.js @@ -24,7 +24,7 @@ describe('GET /api/v1/templates', () => { it('should return templates when templates are enabled and user has create flow permission', async () => { await createPermission({ - action: 'create', + action: 'manage', subject: 'Flow', roleId: currentUserRole.id, conditions: [], @@ -45,7 +45,7 @@ describe('GET /api/v1/templates', () => { it('should return 403 when templates are disabled', async () => { await createPermission({ - action: 'create', + action: 'manage', subject: 'Flow', roleId: currentUserRole.id, conditions: [], diff --git a/packages/backend/src/models/permission.test.js b/packages/backend/src/models/permission.test.js index c53b8218..b3376958 100644 --- a/packages/backend/src/models/permission.test.js +++ b/packages/backend/src/models/permission.test.js @@ -14,10 +14,10 @@ describe('Permission model', () => { it('filter should return only valid permissions based on permission catalog', () => { const permissions = [ { action: 'read', subject: 'Flow', conditions: ['isCreator'] }, - { action: 'delete', subject: 'Connection', conditions: [] }, - { action: 'publish', subject: 'Flow', conditions: ['isCreator'] }, - { action: 'update', subject: 'Execution', conditions: [] }, // Invalid subject - { action: 'read', subject: 'Execution', conditions: ['invalid'] }, // Invalid condition + { action: 'manage', subject: 'Connection', conditions: [] }, + { action: 'manage', subject: 'Flow', conditions: ['isCreator'] }, + { action: 'manage', subject: 'Execution', conditions: [] }, // Invalid subject + { action: 'manage', subject: 'Execution', conditions: ['invalid'] }, // Invalid condition { action: 'invalid', subject: 'Execution', conditions: [] }, // Invalid action ]; @@ -25,15 +25,15 @@ describe('Permission model', () => { expect(result).toStrictEqual([ { action: 'read', subject: 'Flow', conditions: ['isCreator'] }, - { action: 'delete', subject: 'Connection', conditions: [] }, - { action: 'publish', subject: 'Flow', conditions: ['isCreator'] }, + { action: 'manage', subject: 'Connection', conditions: [] }, + { action: 'manage', subject: 'Flow', conditions: ['isCreator'] }, ]); }); describe('findAction', () => { it('should return action from permission catalog', () => { - const action = Permission.findAction('create'); - expect(action.key).toStrictEqual('create'); + const action = Permission.findAction('manage'); + expect(action.key).toStrictEqual('manage'); }); it('should return undefined for invalid actions', () => { @@ -45,7 +45,7 @@ describe('Permission model', () => { describe('isSubjectValid', () => { it('should return true for valid subjects', () => { const validAction = permissionCatalog.actions.find( - (action) => action.key === 'create' + (action) => action.key === 'manage' ); const validSubject = Permission.isSubjectValid('Connection', validAction); @@ -54,7 +54,7 @@ describe('Permission model', () => { it('should return false for invalid subjects', () => { const validAction = permissionCatalog.actions.find( - (action) => action.key === 'create' + (action) => action.key === 'manage' ); const invalidSubject = Permission.isSubjectValid( diff --git a/packages/backend/src/models/role.test.js b/packages/backend/src/models/role.test.js index 780c8f0d..afd56aaf 100644 --- a/packages/backend/src/models/role.test.js +++ b/packages/backend/src/models/role.test.js @@ -166,7 +166,7 @@ describe('Role model', () => { description: 'Updated description', permissions: [ { - action: 'update', + action: 'manage', subject: 'Flow', conditions: [], }, diff --git a/packages/backend/test/mocks/rest/api/v1/admin/permissions/get-permissions-catalog.ee.js b/packages/backend/test/mocks/rest/api/v1/admin/permissions/get-permissions-catalog.ee.js index 627bfa33..f097f9cc 100644 --- a/packages/backend/test/mocks/rest/api/v1/admin/permissions/get-permissions-catalog.ee.js +++ b/packages/backend/test/mocks/rest/api/v1/admin/permissions/get-permissions-catalog.ee.js @@ -1,31 +1,16 @@ const getPermissionsCatalogMock = async () => { const data = { actions: [ - { - key: 'create', - label: 'Create', - subjects: ['Connection', 'Flow'], - }, { key: 'read', label: 'Read', subjects: ['Connection', 'Execution', 'Flow'], }, { - key: 'update', - label: 'Update', + key: 'manage', + label: 'Manage', subjects: ['Connection', 'Flow'], }, - { - key: 'delete', - label: 'Delete', - subjects: ['Connection', 'Flow'], - }, - { - key: 'publish', - label: 'Publish', - subjects: ['Flow'], - }, ], conditions: [ {