test(permissions): use manage permission in relevant tests

2025-04-09 14:23:58 +00:00
parent e2542f39e1
commit 69b6c8f00e
31 changed files with 115 additions and 136 deletions
--- a/packages/backend/package.json
+++ b/packages/backend/package.json
@@ -112,5 +112,6 @@
      "src/"
    ],
    "ext": "js"
-  }
+  },
  "packageManager": "yarn@1.22.22+sha512.a6b2f7906b721bba3d67d4aff083df04dad64c399707841b7acf00f6b133b7ac24255f2652fa22ae3534329dc6180534e98d17432037ff6fd140556e2bb3137e"
 }
--- a/packages/backend/src/controllers/api/v1/admin/roles/update-role.ee.test.js
+++ b/packages/backend/src/controllers/api/v1/admin/roles/update-role.ee.test.js
@@ -74,7 +74,7 @@ describe('PATCH /api/v1/admin/roles/:roleId', () => {
  it('should return the updated role with sanitized permissions', async () => {
    const validPermission = {
-      action: 'create',
+      action: 'manage',
      subject: 'Connection',
      conditions: ['isCreator'],
    };
--- a/packages/backend/src/controllers/api/v1/apps/create-connection.test.js
+++ b/packages/backend/src/controllers/api/v1/apps/create-connection.test.js
@@ -22,7 +22,7 @@ describe('POST /api/v1/apps/:appKey/connections', () => {
    });
    await createPermission({
-      action: 'create',
+      action: 'manage',
      subject: 'Connection',
      roleId: role.id,
    });
--- a/packages/backend/src/controllers/api/v1/connections/delete-connection.test.js
+++ b/packages/backend/src/controllers/api/v1/connections/delete-connection.test.js
@@ -15,14 +15,7 @@ describe('DELETE /api/v1/connections/:connectionId', () => {
    currentUserRole = await currentUser.$relatedQuery('role');
    await createPermission({
-      action: 'delete',
+      action: 'manage',
      subject: 'Connection',
      roleId: currentUserRole.id,
      conditions: ['isCreator'],
    });
    await createPermission({
      action: 'update',
      subject: 'Connection',
      roleId: currentUserRole.id,
      conditions: ['isCreator'],
--- a/packages/backend/src/controllers/api/v1/connections/generate-auth-url.test.js
+++ b/packages/backend/src/controllers/api/v1/connections/generate-auth-url.test.js
@@ -14,7 +14,7 @@ describe('POST /api/v1/connections/:connectionId/auth-url', () => {
    currentUser = await createUser();
    await createPermission({
-      action: 'create',
+      action: 'manage',
      subject: 'Connection',
      roleId: currentUser.roleId,
      conditions: ['isCreator'],
--- a/packages/backend/src/controllers/api/v1/connections/reset-connection.test.js
+++ b/packages/backend/src/controllers/api/v1/connections/reset-connection.test.js
@@ -32,7 +32,7 @@ describe('POST /api/v1/connections/:connectionId/reset', () => {
    });
    await createPermission({
-      action: 'create',
+      action: 'manage',
      subject: 'Connection',
      roleId: currentUserRole.id,
      conditions: ['isCreator'],
@@ -68,7 +68,7 @@ describe('POST /api/v1/connections/:connectionId/reset', () => {
    });
    await createPermission({
-      action: 'create',
+      action: 'manage',
      subject: 'Connection',
      roleId: currentUserRole.id,
      conditions: [],
@@ -84,7 +84,7 @@ describe('POST /api/v1/connections/:connectionId/reset', () => {
    const notExistingConnectionUUID = Crypto.randomUUID();
    await createPermission({
-      action: 'create',
+      action: 'manage',
      subject: 'Connection',
      roleId: currentUserRole.id,
      conditions: ['isCreator'],
@@ -98,7 +98,7 @@ describe('POST /api/v1/connections/:connectionId/reset', () => {
  it('should return bad request response for invalid UUID', async () => {
    await createPermission({
-      action: 'create',
+      action: 'manage',
      subject: 'Connection',
      roleId: currentUserRole.id,
      conditions: ['isCreator'],
--- a/packages/backend/src/controllers/api/v1/connections/test-connection.test.js
+++ b/packages/backend/src/controllers/api/v1/connections/test-connection.test.js
@@ -32,7 +32,7 @@ describe('POST /api/v1/connections/:connectionId/test', () => {
    });
    await createPermission({
-      action: 'update',
+      action: 'manage',
      subject: 'Connection',
      roleId: currentUserRole.id,
      conditions: ['isCreator'],
@@ -63,7 +63,7 @@ describe('POST /api/v1/connections/:connectionId/test', () => {
    });
    await createPermission({
-      action: 'update',
+      action: 'manage',
      subject: 'Connection',
      roleId: currentUserRole.id,
      conditions: [],
@@ -88,7 +88,7 @@ describe('POST /api/v1/connections/:connectionId/test', () => {
    });
    await createPermission({
-      action: 'update',
+      action: 'manage',
      subject: 'Connection',
      roleId: currentUserRole.id,
      conditions: ['isCreator'],
@@ -109,7 +109,7 @@ describe('POST /api/v1/connections/:connectionId/test', () => {
    });
    await createPermission({
-      action: 'update',
+      action: 'manage',
      subject: 'Connection',
      roleId: currentUserRole.id,
      conditions: ['isCreator'],
--- a/packages/backend/src/controllers/api/v1/connections/update-connection.test.js
+++ b/packages/backend/src/controllers/api/v1/connections/update-connection.test.js
@@ -34,7 +34,7 @@ describe('PATCH /api/v1/connections/:connectionId', () => {
    const currentUserConnection = await createConnection(connectionData);
    await createPermission({
-      action: 'update',
+      action: 'manage',
      subject: 'Connection',
      roleId: currentUserRole.id,
      conditions: ['isCreator'],
@@ -72,7 +72,7 @@ describe('PATCH /api/v1/connections/:connectionId', () => {
    });
    await createPermission({
-      action: 'update',
+      action: 'manage',
      subject: 'Connection',
      roleId: currentUserRole.id,
      conditions: [],
@@ -88,7 +88,7 @@ describe('PATCH /api/v1/connections/:connectionId', () => {
    const notExistingConnectionUUID = Crypto.randomUUID();
    await createPermission({
-      action: 'update',
+      action: 'manage',
      subject: 'Connection',
      roleId: currentUserRole.id,
      conditions: ['isCreator'],
@@ -102,7 +102,7 @@ describe('PATCH /api/v1/connections/:connectionId', () => {
  it('should return bad request response for invalid UUID', async () => {
    await createPermission({
-      action: 'update',
+      action: 'manage',
      subject: 'Connection',
      roleId: currentUserRole.id,
      conditions: ['isCreator'],
--- a/packages/backend/src/controllers/api/v1/connections/verify-connection.test.js
+++ b/packages/backend/src/controllers/api/v1/connections/verify-connection.test.js
@@ -26,7 +26,7 @@ describe('POST /api/v1/connections/:connectionId/verify', () => {
    });
    await createPermission({
-      action: 'create',
+      action: 'manage',
      subject: 'Connection',
      roleId: currentUserRole.id,
      conditions: ['isCreator'],
@@ -54,7 +54,7 @@ describe('POST /api/v1/connections/:connectionId/verify', () => {
    const notExistingConnectionUUID = Crypto.randomUUID();
    await createPermission({
-      action: 'create',
+      action: 'manage',
      subject: 'Connection',
      roleId: currentUserRole.id,
      conditions: ['isCreator'],
@@ -68,7 +68,7 @@ describe('POST /api/v1/connections/:connectionId/verify', () => {
  it('should return bad request response for invalid UUID', async () => {
    await createPermission({
-      action: 'create',
+      action: 'manage',
      subject: 'Connection',
      roleId: currentUserRole.id,
      conditions: ['isCreator'],
--- a/packages/backend/src/controllers/api/v1/flows/create-flow.test.js
+++ b/packages/backend/src/controllers/api/v1/flows/create-flow.test.js
@@ -20,7 +20,7 @@ describe('POST /api/v1/flows', () => {
  it('should create an empty flow when no templateId is provided', async () => {
    await createPermission({
-      action: 'create',
+      action: 'manage',
      subject: 'Flow',
      roleId: currentUserRole.id,
      conditions: ['isCreator'],
@@ -42,7 +42,7 @@ describe('POST /api/v1/flows', () => {
  it('should create a flow from template when templateId is provided', async () => {
    await createPermission({
-      action: 'create',
+      action: 'manage',
      subject: 'Flow',
      roleId: currentUserRole.id,
      conditions: ['isCreator'],
--- a/packages/backend/src/controllers/api/v1/flows/create-step.test.js
+++ b/packages/backend/src/controllers/api/v1/flows/create-step.test.js
@@ -36,7 +36,7 @@ describe('POST /api/v1/flows/:flowId/steps', () => {
    await createPermission({
      roleId: currentUser.roleId,
      subject: 'Flow',
-      action: 'update',
+      action: 'manage',
      conditions: ['isCreator'],
    });
@@ -78,7 +78,7 @@ describe('POST /api/v1/flows/:flowId/steps', () => {
    await createPermission({
      roleId: currentUser.roleId,
      subject: 'Flow',
-      action: 'update',
+      action: 'manage',
      conditions: [],
    });
@@ -109,7 +109,7 @@ describe('POST /api/v1/flows/:flowId/steps', () => {
    await createPermission({
      roleId: currentUser.roleId,
      subject: 'Flow',
-      action: 'update',
+      action: 'manage',
      conditions: ['isCreator'],
    });
@@ -133,7 +133,7 @@ describe('POST /api/v1/flows/:flowId/steps', () => {
    await createPermission({
      roleId: currentUser.roleId,
      subject: 'Flow',
-      action: 'update',
+      action: 'manage',
      conditions: ['isCreator'],
    });
@@ -159,7 +159,7 @@ describe('POST /api/v1/flows/:flowId/steps', () => {
    await createPermission({
      roleId: currentUser.roleId,
      subject: 'Flow',
-      action: 'update',
+      action: 'manage',
      conditions: ['isCreator'],
    });
--- a/packages/backend/src/controllers/api/v1/flows/delete-flow.test.js
+++ b/packages/backend/src/controllers/api/v1/flows/delete-flow.test.js
@@ -28,7 +28,7 @@ describe('DELETE /api/v1/flows/:flowId', () => {
    });
    await createPermission({
-      action: 'delete',
+      action: 'manage',
      subject: 'Flow',
      roleId: currentUserRole.id,
      conditions: ['isCreator'],
@@ -52,7 +52,7 @@ describe('DELETE /api/v1/flows/:flowId', () => {
    });
    await createPermission({
-      action: 'delete',
+      action: 'manage',
      subject: 'Flow',
      roleId: currentUserRole.id,
      conditions: [],
@@ -73,7 +73,7 @@ describe('DELETE /api/v1/flows/:flowId', () => {
    });
    await createPermission({
-      action: 'delete',
+      action: 'manage',
      subject: 'Flow',
      roleId: currentUserRole.id,
      conditions: ['isCreator'],
@@ -96,7 +96,7 @@ describe('DELETE /api/v1/flows/:flowId', () => {
    });
    await createPermission({
-      action: 'delete',
+      action: 'manage',
      subject: 'Flow',
      roleId: currentUserRole.id,
      conditions: ['isCreator'],
--- a/packages/backend/src/controllers/api/v1/flows/duplicate-flow.test.js
+++ b/packages/backend/src/controllers/api/v1/flows/duplicate-flow.test.js
@@ -48,7 +48,7 @@ describe('POST /api/v1/flows/:flowId/duplicate', () => {
    });
    await createPermission({
-      action: 'create',
+      action: 'manage',
      subject: 'Flow',
      roleId: currentUserRole.id,
      conditions: ['isCreator'],
@@ -106,7 +106,7 @@ describe('POST /api/v1/flows/:flowId/duplicate', () => {
    });
    await createPermission({
-      action: 'create',
+      action: 'manage',
      subject: 'Flow',
      roleId: currentUserRole.id,
      conditions: [],
@@ -143,7 +143,7 @@ describe('POST /api/v1/flows/:flowId/duplicate', () => {
    });
    await createPermission({
-      action: 'create',
+      action: 'manage',
      subject: 'Flow',
      roleId: currentUserRole.id,
      conditions: ['isCreator'],
@@ -169,7 +169,7 @@ describe('POST /api/v1/flows/:flowId/duplicate', () => {
    });
    await createPermission({
-      action: 'create',
+      action: 'manage',
      subject: 'Flow',
      roleId: currentUserRole.id,
      conditions: ['isCreator'],
@@ -190,7 +190,7 @@ describe('POST /api/v1/flows/:flowId/duplicate', () => {
    });
    await createPermission({
-      action: 'create',
+      action: 'manage',
      subject: 'Flow',
      roleId: currentUserRole.id,
      conditions: ['isCreator'],
--- a/packages/backend/src/controllers/api/v1/flows/export-flow.test.js
+++ b/packages/backend/src/controllers/api/v1/flows/export-flow.test.js
@@ -56,7 +56,7 @@ describe('POST /api/v1/flows/:flowId/export', () => {
    });
    await createPermission({
-      action: 'update',
+      action: 'manage',
      subject: 'Flow',
      roleId: currentUserRole.id,
      conditions: ['isCreator'],
@@ -113,7 +113,7 @@ describe('POST /api/v1/flows/:flowId/export', () => {
    });
    await createPermission({
-      action: 'update',
+      action: 'manage',
      subject: 'Flow',
      roleId: currentUserRole.id,
      conditions: [],
@@ -141,7 +141,7 @@ describe('POST /api/v1/flows/:flowId/export', () => {
    });
    await createPermission({
-      action: 'update',
+      action: 'manage',
      subject: 'Flow',
      roleId: currentUserRole.id,
      conditions: ['isCreator'],
@@ -167,7 +167,7 @@ describe('POST /api/v1/flows/:flowId/export', () => {
    });
    await createPermission({
-      action: 'update',
+      action: 'manage',
      subject: 'Flow',
      roleId: currentUserRole.id,
      conditions: ['isCreator'],
@@ -188,7 +188,7 @@ describe('POST /api/v1/flows/:flowId/export', () => {
    });
    await createPermission({
-      action: 'update',
+      action: 'manage',
      subject: 'Flow',
      roleId: currentUserRole.id,
      conditions: ['isCreator'],
--- a/packages/backend/src/controllers/api/v1/flows/import-flow.test.js
+++ b/packages/backend/src/controllers/api/v1/flows/import-flow.test.js
@@ -48,7 +48,7 @@ describe('POST /api/v1/flows/import', () => {
    });
    await createPermission({
-      action: 'create',
+      action: 'manage',
      subject: 'Flow',
      roleId: currentUserRole.id,
      conditions: ['isCreator'],
@@ -124,7 +124,7 @@ describe('POST /api/v1/flows/import', () => {
    });
    await createPermission({
-      action: 'create',
+      action: 'manage',
      subject: 'Flow',
      roleId: currentUserRole.id,
      conditions: ['isCreator'],
@@ -206,7 +206,7 @@ describe('POST /api/v1/flows/import', () => {
    });
    await createPermission({
-      action: 'create',
+      action: 'manage',
      subject: 'Flow',
      roleId: currentUserRole.id,
      conditions: ['isCreator'],
@@ -279,7 +279,7 @@ describe('POST /api/v1/flows/import', () => {
    });
    await createPermission({
-      action: 'create',
+      action: 'manage',
      subject: 'Flow',
      roleId: currentUserRole.id,
      conditions: ['isCreator'],
@@ -330,7 +330,7 @@ describe('POST /api/v1/flows/import', () => {
    const currentUserFlow = await createFlow({ userId: currentUser.id });
    await createPermission({
-      action: 'create',
+      action: 'manage',
      subject: 'Flow',
      roleId: currentUserRole.id,
      conditions: ['isCreator'],
--- a/packages/backend/src/controllers/api/v1/flows/update-flow-folder.test.js
+++ b/packages/backend/src/controllers/api/v1/flows/update-flow-folder.test.js
@@ -45,7 +45,7 @@ describe('PATCH /api/v1/flows/:flowId/folder', () => {
    });
    await createPermission({
-      action: 'update',
+      action: 'manage',
      subject: 'Flow',
      roleId: currentUserRole.id,
      conditions: ['isCreator'],
@@ -77,7 +77,7 @@ describe('PATCH /api/v1/flows/:flowId/folder', () => {
    const anotherUserFlow = await createFlow({ userId: anotherUser.id });
    await createPermission({
-      action: 'update',
+      action: 'manage',
      subject: 'Flow',
      roleId: currentUserRole.id,
      conditions: [],
@@ -96,7 +96,7 @@ describe('PATCH /api/v1/flows/:flowId/folder', () => {
    const anotherUserFolder = await createFolder({ userId: anotherUser.id });
    await createPermission({
-      action: 'update',
+      action: 'manage',
      subject: 'Flow',
      roleId: currentUserRole.id,
      conditions: [],
@@ -111,7 +111,7 @@ describe('PATCH /api/v1/flows/:flowId/folder', () => {
  it('should return not found response for not existing flow UUID', async () => {
    await createPermission({
-      action: 'update',
+      action: 'manage',
      subject: 'Flow',
      roleId: currentUserRole.id,
      conditions: ['isCreator'],
@@ -130,7 +130,7 @@ describe('PATCH /api/v1/flows/:flowId/folder', () => {
    const flow = await createFlow({ userId: currentUser.id });
    await createPermission({
-      action: 'update',
+      action: 'manage',
      subject: 'Flow',
      roleId: currentUserRole.id,
      conditions: ['isCreator'],
@@ -147,7 +147,7 @@ describe('PATCH /api/v1/flows/:flowId/folder', () => {
  it('should return bad request response for invalid flow UUID', async () => {
    await createPermission({
-      action: 'update',
+      action: 'manage',
      subject: 'Flow',
      roleId: currentUserRole.id,
    });
@@ -160,7 +160,7 @@ describe('PATCH /api/v1/flows/:flowId/folder', () => {
  it('should return bad request response for invalid folder UUID', async () => {
    await createPermission({
-      action: 'update',
+      action: 'manage',
      subject: 'Flow',
      roleId: currentUserRole.id,
    });
--- a/packages/backend/src/controllers/api/v1/flows/update-flow-status.test.js
+++ b/packages/backend/src/controllers/api/v1/flows/update-flow-status.test.js
@@ -51,7 +51,7 @@ describe('PATCH /api/v1/flows/:flowId/status', () => {
    });
    await createPermission({
-      action: 'publish',
+      action: 'manage',
      subject: 'Flow',
      roleId: currentUserRole.id,
      conditions: ['isCreator'],
@@ -114,7 +114,7 @@ describe('PATCH /api/v1/flows/:flowId/status', () => {
    });
    await createPermission({
-      action: 'publish',
+      action: 'manage',
      subject: 'Flow',
      roleId: currentUserRole.id,
      conditions: [],
@@ -152,7 +152,7 @@ describe('PATCH /api/v1/flows/:flowId/status', () => {
    });
    await createPermission({
-      action: 'publish',
+      action: 'manage',
      subject: 'Flow',
      roleId: currentUserRole.id,
      conditions: ['isCreator'],
@@ -178,7 +178,7 @@ describe('PATCH /api/v1/flows/:flowId/status', () => {
    });
    await createPermission({
-      action: 'publish',
+      action: 'manage',
      subject: 'Flow',
      roleId: currentUserRole.id,
      conditions: ['isCreator'],
@@ -199,7 +199,7 @@ describe('PATCH /api/v1/flows/:flowId/status', () => {
    });
    await createPermission({
-      action: 'publish',
+      action: 'manage',
      subject: 'Flow',
      roleId: currentUserRole.id,
      conditions: ['isCreator'],
--- a/packages/backend/src/controllers/api/v1/flows/update-flow.test.js
+++ b/packages/backend/src/controllers/api/v1/flows/update-flow.test.js
@@ -29,7 +29,7 @@ describe('PATCH /api/v1/flows/:flowId', () => {
    });
    await createPermission({
-      action: 'update',
+      action: 'manage',
      subject: 'Flow',
      roleId: currentUserRole.id,
      conditions: ['isCreator'],
@@ -65,7 +65,7 @@ describe('PATCH /api/v1/flows/:flowId', () => {
    });
    await createPermission({
-      action: 'update',
+      action: 'manage',
      subject: 'Flow',
      roleId: currentUserRole.id,
      conditions: [],
@@ -98,7 +98,7 @@ describe('PATCH /api/v1/flows/:flowId', () => {
    });
    await createPermission({
-      action: 'update',
+      action: 'manage',
      subject: 'Flow',
      roleId: currentUserRole.id,
      conditions: ['isCreator'],
@@ -121,7 +121,7 @@ describe('PATCH /api/v1/flows/:flowId', () => {
    });
    await createPermission({
-      action: 'update',
+      action: 'manage',
      subject: 'Flow',
      roleId: currentUserRole.id,
      conditions: ['isCreator'],
@@ -144,7 +144,7 @@ describe('PATCH /api/v1/flows/:flowId', () => {
    });
    await createPermission({
-      action: 'update',
+      action: 'manage',
      subject: 'Flow',
      roleId: currentUserRole.id,
      conditions: ['isCreator'],
--- a/packages/backend/src/controllers/api/v1/folders/create-folder.test.js
+++ b/packages/backend/src/controllers/api/v1/folders/create-folder.test.js
@@ -18,7 +18,7 @@ describe('POST /api/v1/folders', () => {
  it('should return created flow', async () => {
    await createPermission({
-      action: 'create',
+      action: 'manage',
      subject: 'Flow',
      roleId: currentUserRole.id,
      conditions: ['isCreator'],
--- a/packages/backend/src/controllers/api/v1/folders/delete-folder.test.js
+++ b/packages/backend/src/controllers/api/v1/folders/delete-folder.test.js
@@ -21,7 +21,7 @@ describe('DELETE /api/v1/folders/:folderId', () => {
    const currentUserFolder = await createFolder({ userId: currentUser.id });
    await createPermission({
-      action: 'create',
+      action: 'manage',
      subject: 'Flow',
      roleId: currentUserRole.id,
    });
@@ -34,7 +34,7 @@ describe('DELETE /api/v1/folders/:folderId', () => {
  it('should return not found response for not existing folder UUID', async () => {
    await createPermission({
-      action: 'create',
+      action: 'manage',
      subject: 'Flow',
      roleId: currentUserRole.id,
    });
@@ -49,7 +49,7 @@ describe('DELETE /api/v1/folders/:folderId', () => {
  it('should return bad request response for invalid UUID', async () => {
    await createPermission({
-      action: 'create',
+      action: 'manage',
      subject: 'Flow',
      roleId: currentUserRole.id,
    });
--- a/packages/backend/src/controllers/api/v1/folders/update-folder.test.js
+++ b/packages/backend/src/controllers/api/v1/folders/update-folder.test.js
@@ -22,7 +22,7 @@ describe('PATCH /api/v1/folders/:folderId', () => {
    const currentUserFolder = await createFolder({ userId: currentUser.id });
    await createPermission({
-      action: 'create',
+      action: 'manage',
      subject: 'Flow',
      roleId: currentUserRole.id,
    });
@@ -47,7 +47,7 @@ describe('PATCH /api/v1/folders/:folderId', () => {
  it('should return not found response for not existing folder UUID', async () => {
    await createPermission({
-      action: 'create',
+      action: 'manage',
      subject: 'Flow',
      roleId: currentUserRole.id,
    });
@@ -62,7 +62,7 @@ describe('PATCH /api/v1/folders/:folderId', () => {
  it('should return bad request response for invalid UUID', async () => {
    await createPermission({
-      action: 'create',
+      action: 'manage',
      subject: 'Flow',
      roleId: currentUserRole.id,
    });
@@ -77,7 +77,7 @@ describe('PATCH /api/v1/folders/:folderId', () => {
    const currentUserFolder = await createFolder({ userId: currentUser.id });
    await createPermission({
-      action: 'create',
+      action: 'manage',
      subject: 'Flow',
      roleId: currentUserRole.id,
    });
--- a/packages/backend/src/controllers/api/v1/steps/create-dynamic-data.test.js
+++ b/packages/backend/src/controllers/api/v1/steps/create-dynamic-data.test.js
@@ -63,7 +63,7 @@ describe('POST /api/v1/steps/:stepId/dynamic-data', () => {
      });
      await createPermission({
-        action: 'update',
+        action: 'manage',
        subject: 'Flow',
        roleId: currentUserRole.id,
        conditions: ['isCreator'],
@@ -102,7 +102,7 @@ describe('POST /api/v1/steps/:stepId/dynamic-data', () => {
      });
      await createPermission({
-        action: 'update',
+        action: 'manage',
        subject: 'Flow',
        roleId: currentUserRole.id,
        conditions: [],
@@ -156,7 +156,7 @@ describe('POST /api/v1/steps/:stepId/dynamic-data', () => {
      });
      await createPermission({
-        action: 'update',
+        action: 'manage',
        subject: 'Flow',
        roleId: currentUserRole.id,
        conditions: ['isCreator'],
@@ -177,7 +177,7 @@ describe('POST /api/v1/steps/:stepId/dynamic-data', () => {
  it('should return not found response for not existing step UUID', async () => {
    await createPermission({
-      action: 'update',
+      action: 'manage',
      subject: 'Flow',
      roleId: currentUserRole.id,
      conditions: [],
@@ -200,7 +200,7 @@ describe('POST /api/v1/steps/:stepId/dynamic-data', () => {
  it('should return not found response for existing step UUID without app key', async () => {
    await createPermission({
-      action: 'update',
+      action: 'manage',
      subject: 'Flow',
      roleId: currentUserRole.id,
      conditions: [],
@@ -223,7 +223,7 @@ describe('POST /api/v1/steps/:stepId/dynamic-data', () => {
  it('should return bad request response for invalid UUID', async () => {
    await createPermission({
-      action: 'update',
+      action: 'manage',
      subject: 'Flow',
      roleId: currentUserRole.id,
      conditions: [],
--- a/packages/backend/src/controllers/api/v1/steps/create-dynamic-fields.test.js
+++ b/packages/backend/src/controllers/api/v1/steps/create-dynamic-fields.test.js
@@ -37,7 +37,7 @@ describe('POST /api/v1/steps/:stepId/dynamic-fields', () => {
    });
    await createPermission({
-      action: 'update',
+      action: 'manage',
      subject: 'Flow',
      roleId: currentUserRole.id,
      conditions: ['isCreator'],
@@ -78,7 +78,7 @@ describe('POST /api/v1/steps/:stepId/dynamic-fields', () => {
    });
    await createPermission({
-      action: 'update',
+      action: 'manage',
      subject: 'Flow',
      roleId: currentUserRole.id,
      conditions: [],
@@ -102,7 +102,7 @@ describe('POST /api/v1/steps/:stepId/dynamic-fields', () => {
  it('should return not found response for not existing step UUID', async () => {
    await createPermission({
-      action: 'update',
+      action: 'manage',
      subject: 'Flow',
      roleId: currentUserRole.id,
      conditions: [],
@@ -125,7 +125,7 @@ describe('POST /api/v1/steps/:stepId/dynamic-fields', () => {
  it('should return not found response for existing step UUID without app key', async () => {
    await createPermission({
-      action: 'update',
+      action: 'manage',
      subject: 'Flow',
      roleId: currentUserRole.id,
      conditions: [],
@@ -149,7 +149,7 @@ describe('POST /api/v1/steps/:stepId/dynamic-fields', () => {
  it('should return bad request response for invalid UUID', async () => {
    await createPermission({
-      action: 'update',
+      action: 'manage',
      subject: 'Flow',
      roleId: currentUserRole.id,
      conditions: [],
--- a/packages/backend/src/controllers/api/v1/steps/delete-step.test.js
+++ b/packages/backend/src/controllers/api/v1/steps/delete-step.test.js
@@ -41,7 +41,7 @@ describe('DELETE /api/v1/steps/:stepId', () => {
    });
    await createPermission({
-      action: 'update',
+      action: 'manage',
      subject: 'Flow',
      roleId: currentUserRole.id,
      conditions: ['isCreator'],
@@ -76,7 +76,7 @@ describe('DELETE /api/v1/steps/:stepId', () => {
    });
    await createPermission({
-      action: 'update',
+      action: 'manage',
      subject: 'Flow',
      roleId: currentUserRole.id,
      conditions: [],
@@ -90,7 +90,7 @@ describe('DELETE /api/v1/steps/:stepId', () => {
  it('should return not found response for not existing step UUID', async () => {
    await createPermission({
-      action: 'update',
+      action: 'manage',
      subject: 'Flow',
      roleId: currentUserRole.id,
      conditions: [],
@@ -113,7 +113,7 @@ describe('DELETE /api/v1/steps/:stepId', () => {
  it('should return bad request response for invalid step UUID', async () => {
    await createPermission({
-      action: 'update',
+      action: 'manage',
      subject: 'Flow',
      roleId: currentUserRole.id,
      conditions: [],
--- a/packages/backend/src/controllers/api/v1/steps/get-previous-steps.test.js
+++ b/packages/backend/src/controllers/api/v1/steps/get-previous-steps.test.js
@@ -54,7 +54,7 @@ describe('GET /api/v1/steps/:stepId/previous-steps', () => {
    });
    await createPermission({
-      action: 'update',
+      action: 'manage',
      subject: 'Flow',
      roleId: currentUserRole.id,
      conditions: ['isCreator'],
@@ -108,7 +108,7 @@ describe('GET /api/v1/steps/:stepId/previous-steps', () => {
    });
    await createPermission({
-      action: 'update',
+      action: 'manage',
      subject: 'Flow',
      roleId: currentUserRole.id,
      conditions: [],
@@ -129,7 +129,7 @@ describe('GET /api/v1/steps/:stepId/previous-steps', () => {
  it('should return not found response for not existing step UUID', async () => {
    await createPermission({
-      action: 'update',
+      action: 'manage',
      subject: 'Flow',
      roleId: currentUserRole.id,
      conditions: [],
@@ -152,7 +152,7 @@ describe('GET /api/v1/steps/:stepId/previous-steps', () => {
  it('should return bad request response for invalid UUID', async () => {
    await createPermission({
-      action: 'update',
+      action: 'manage',
      subject: 'Flow',
      roleId: currentUserRole.id,
      conditions: [],
--- a/packages/backend/src/controllers/api/v1/steps/test-step.test.js
+++ b/packages/backend/src/controllers/api/v1/steps/test-step.test.js
@@ -69,7 +69,7 @@ describe('POST /api/v1/steps/:stepId/test', () => {
    });
    await createPermission({
-      action: 'update',
+      action: 'manage',
      subject: 'Flow',
      roleId: currentUserRole.id,
      conditions: ['isCreator'],
@@ -140,7 +140,7 @@ describe('POST /api/v1/steps/:stepId/test', () => {
    });
    await createPermission({
-      action: 'update',
+      action: 'manage',
      subject: 'Flow',
      roleId: currentUserRole.id,
      conditions: [],
@@ -165,7 +165,7 @@ describe('POST /api/v1/steps/:stepId/test', () => {
  it('should return not found response for not existing step UUID', async () => {
    await createPermission({
-      action: 'update',
+      action: 'manage',
      subject: 'Flow',
      roleId: currentUserRole.id,
      conditions: [],
@@ -188,7 +188,7 @@ describe('POST /api/v1/steps/:stepId/test', () => {
  it('should return bad request response for invalid step UUID', async () => {
    await createPermission({
-      action: 'update',
+      action: 'manage',
      subject: 'Flow',
      roleId: currentUserRole.id,
      conditions: [],
--- a/packages/backend/src/controllers/api/v1/steps/update-step.test.js
+++ b/packages/backend/src/controllers/api/v1/steps/update-step.test.js
@@ -46,7 +46,7 @@ describe('PATCH /api/v1/steps/:stepId', () => {
    });
    await createPermission({
-      action: 'update',
+      action: 'manage',
      subject: 'Flow',
      roleId: currentUser.roleId,
      conditions: ['isCreator'],
@@ -96,7 +96,7 @@ describe('PATCH /api/v1/steps/:stepId', () => {
    });
    await createPermission({
-      action: 'update',
+      action: 'manage',
      subject: 'Flow',
      roleId: currentUser.roleId,
      conditions: [],
@@ -145,7 +145,7 @@ describe('PATCH /api/v1/steps/:stepId', () => {
    });
    await createPermission({
-      action: 'update',
+      action: 'manage',
      subject: 'Flow',
      roleId: currentUser.roleId,
      conditions: ['isCreator'],
@@ -169,7 +169,7 @@ describe('PATCH /api/v1/steps/:stepId', () => {
  it('should return not found response for not existing step UUID', async () => {
    await createPermission({
-      action: 'update',
+      action: 'manage',
      subject: 'Flow',
      roleId: currentUser.roleId,
      conditions: [],
@@ -192,7 +192,7 @@ describe('PATCH /api/v1/steps/:stepId', () => {
  it('should return bad request response for invalid step UUID', async () => {
    await createPermission({
-      action: 'update',
+      action: 'manage',
      subject: 'Flow',
      roleId: currentUser.roleId,
      conditions: [],
--- a/packages/backend/src/controllers/api/v1/templates/get-templates.ee.test.js
+++ b/packages/backend/src/controllers/api/v1/templates/get-templates.ee.test.js
@@ -24,7 +24,7 @@ describe('GET /api/v1/templates', () => {
  it('should return templates when templates are enabled and user has create flow permission', async () => {
    await createPermission({
-      action: 'create',
+      action: 'manage',
      subject: 'Flow',
      roleId: currentUserRole.id,
      conditions: [],
@@ -45,7 +45,7 @@ describe('GET /api/v1/templates', () => {
  it('should return 403 when templates are disabled', async () => {
    await createPermission({
-      action: 'create',
+      action: 'manage',
      subject: 'Flow',
      roleId: currentUserRole.id,
      conditions: [],
--- a/packages/backend/src/models/permission.test.js
+++ b/packages/backend/src/models/permission.test.js
@@ -14,10 +14,10 @@ describe('Permission model', () => {
  it('filter should return only valid permissions based on permission catalog', () => {
    const permissions = [
      { action: 'read', subject: 'Flow', conditions: ['isCreator'] },
-      { action: 'delete', subject: 'Connection', conditions: [] },
+      { action: 'manage', subject: 'Connection', conditions: [] },
-      { action: 'publish', subject: 'Flow', conditions: ['isCreator'] },
+      { action: 'manage', subject: 'Flow', conditions: ['isCreator'] },
-      { action: 'update', subject: 'Execution', conditions: [] }, // Invalid subject
+      { action: 'manage', subject: 'Execution', conditions: [] }, // Invalid subject
-      { action: 'read', subject: 'Execution', conditions: ['invalid'] }, // Invalid condition
+      { action: 'manage', subject: 'Execution', conditions: ['invalid'] }, // Invalid condition
      { action: 'invalid', subject: 'Execution', conditions: [] }, // Invalid action
    ];
@@ -25,15 +25,15 @@ describe('Permission model', () => {
    expect(result).toStrictEqual([
      { action: 'read', subject: 'Flow', conditions: ['isCreator'] },
-      { action: 'delete', subject: 'Connection', conditions: [] },
+      { action: 'manage', subject: 'Connection', conditions: [] },
-      { action: 'publish', subject: 'Flow', conditions: ['isCreator'] },
+      { action: 'manage', subject: 'Flow', conditions: ['isCreator'] },
    ]);
  });
  describe('findAction', () => {
    it('should return action from permission catalog', () => {
-      const action = Permission.findAction('create');
+      const action = Permission.findAction('manage');
-      expect(action.key).toStrictEqual('create');
+      expect(action.key).toStrictEqual('manage');
    });
    it('should return undefined for invalid actions', () => {
@@ -45,7 +45,7 @@ describe('Permission model', () => {
  describe('isSubjectValid', () => {
    it('should return true for valid subjects', () => {
      const validAction = permissionCatalog.actions.find(
-        (action) => action.key === 'create'
+        (action) => action.key === 'manage'
      );
      const validSubject = Permission.isSubjectValid('Connection', validAction);
@@ -54,7 +54,7 @@ describe('Permission model', () => {
    it('should return false for invalid subjects', () => {
      const validAction = permissionCatalog.actions.find(
-        (action) => action.key === 'create'
+        (action) => action.key === 'manage'
      );
      const invalidSubject = Permission.isSubjectValid(
--- a/packages/backend/src/models/role.test.js
+++ b/packages/backend/src/models/role.test.js
@@ -166,7 +166,7 @@ describe('Role model', () => {
        description: 'Updated description',
        permissions: [
          {
-            action: 'update',
+            action: 'manage',
            subject: 'Flow',
            conditions: [],
          },
--- a/packages/backend/test/mocks/rest/api/v1/admin/permissions/get-permissions-catalog.ee.js
+++ b/packages/backend/test/mocks/rest/api/v1/admin/permissions/get-permissions-catalog.ee.js
@@ -1,31 +1,16 @@
 const getPermissionsCatalogMock = async () => {
  const data = {
    actions: [
      {
        key: 'create',
        label: 'Create',
        subjects: ['Connection', 'Flow'],
      },
      {
        key: 'read',
        label: 'Read',
        subjects: ['Connection', 'Execution', 'Flow'],
      },
      {
-        key: 'update',
+        key: 'manage',
-        label: 'Update',
+        label: 'Manage',
        subjects: ['Connection', 'Flow'],
      },
      {
        key: 'delete',
        label: 'Delete',
        subjects: ['Connection', 'Flow'],
      },
      {
        key: 'publish',
        label: 'Publish',
        subjects: ['Flow'],
      },
    ],
    conditions: [
      {