From 708a1d9ae5d218c3575289661b4f655a8ff8487d Mon Sep 17 00:00:00 2001 From: Omar Ajoue Date: Tue, 1 Mar 2022 10:04:45 +0100 Subject: [PATCH 1/3] Handle error workflows permissions --- packages/cli/src/WorkflowHelpers.ts | 28 +++++++++++++++++++++++++++- 1 file changed, 27 insertions(+), 1 deletion(-) diff --git a/packages/cli/src/WorkflowHelpers.ts b/packages/cli/src/WorkflowHelpers.ts index 6302d373481cc..4f320783d4bd1 100644 --- a/packages/cli/src/WorkflowHelpers.ts +++ b/packages/cli/src/WorkflowHelpers.ts @@ -97,7 +97,33 @@ export async function executeErrorWorkflow( ): Promise { // Wrap everything in try/catch to make sure that no errors bubble up and all get caught here try { - const workflowData = await Db.collections.Workflow!.findOne({ id: Number(workflowId) }); + let workflowData; + if (workflowId.toString() !== workflowErrorData.workflow.id?.toString()) { + // To make this code easier to understand, we split it in 2 parts: + // 1) Fetch the owner of the errored workflows and then + // 2) if now instance owner, then check if the user has access to the + // triggered workflow. + + const user = await getWorkflowOwner(workflowErrorData.workflow.id!); + + if (user.globalRole.name === 'owner') { + workflowData = await Db.collections.Workflow!.findOne({ id: Number(workflowId) }); + } else { + const { id: userId } = user; + const sharedWorkflowData = await Db.collections.SharedWorkflow!.findOne({ + where: { + workflowId, + userId, + }, + relations: ['workflow'], + }); + if (sharedWorkflowData) { + workflowData = sharedWorkflowData.workflow; + } + } + } else { + workflowData = await Db.collections.Workflow!.findOne({ id: Number(workflowId) }); + } if (workflowData === undefined) { // The error workflow could not be found From 663cb16c5065f8d7ac07bf32ca072495b21da7ac Mon Sep 17 00:00:00 2001 From: Omar Ajoue Date: Wed, 2 Mar 2022 12:47:23 +0100 Subject: [PATCH 2/3] Fixed wrong query format --- packages/cli/src/WorkflowHelpers.ts | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/packages/cli/src/WorkflowHelpers.ts b/packages/cli/src/WorkflowHelpers.ts index 4f320783d4bd1..90232ecf5abf2 100644 --- a/packages/cli/src/WorkflowHelpers.ts +++ b/packages/cli/src/WorkflowHelpers.ts @@ -112,8 +112,8 @@ export async function executeErrorWorkflow( const { id: userId } = user; const sharedWorkflowData = await Db.collections.SharedWorkflow!.findOne({ where: { - workflowId, - userId, + workflow: { id: workflowId }, + user: { id: userId }, }, relations: ['workflow'], }); From 35ff34693b2f8c934dc2229bb8b416dfd3ed5242 Mon Sep 17 00:00:00 2001 From: Ben Hesseldieck <1849459+BHesseldieck@users.noreply.github.com> Date: Wed, 2 Mar 2022 12:51:10 +0100 Subject: [PATCH 3/3] =?UTF-8?q?=F0=9F=9B=A0=20refactor=20query?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- packages/cli/src/WorkflowHelpers.ts | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/packages/cli/src/WorkflowHelpers.ts b/packages/cli/src/WorkflowHelpers.ts index 90232ecf5abf2..d5a0f60e872f8 100644 --- a/packages/cli/src/WorkflowHelpers.ts +++ b/packages/cli/src/WorkflowHelpers.ts @@ -109,11 +109,10 @@ export async function executeErrorWorkflow( if (user.globalRole.name === 'owner') { workflowData = await Db.collections.Workflow!.findOne({ id: Number(workflowId) }); } else { - const { id: userId } = user; const sharedWorkflowData = await Db.collections.SharedWorkflow!.findOne({ where: { workflow: { id: workflowId }, - user: { id: userId }, + user, }, relations: ['workflow'], });