fix(plugin-workflow): fix admin role with workflow plugin permission can not delete executions (#4961)

* test(plugin-workflow): add test case for acl

* fix(plugin-workflow): fix acl snippets
This commit is contained in:
Junyi 2024-07-30 14:42:59 +08:00 committed by GitHub
parent 9adfd4cbab
commit 8f6d2d5426
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
2 changed files with 43 additions and 3 deletions

View File

@ -223,6 +223,7 @@ export default class PluginWorkflowServer extends Plugin {
'executions:list',
'executions:get',
'executions:cancel',
'executions:destroy',
'flow_nodes:update',
'flow_nodes:destroy',
],

View File

@ -19,10 +19,15 @@ describe('workflow > actions > executions', () => {
let PostRepo;
let WorkflowModel;
let workflow;
let users;
let userAgents;
beforeEach(async () => {
app = await getApp();
agent = app.agent();
app = await getApp({
plugins: ['users', 'acl', 'auth', 'data-source-manager'],
acl: true,
});
agent = app.agent().loginUsingId(1);
db = app.db;
WorkflowModel = db.getCollection('workflows').model;
PostRepo = db.getCollection('posts').repository;
@ -35,6 +40,14 @@ describe('workflow > actions > executions', () => {
collection: 'posts',
},
});
const UserRepo = db.getCollection('users').repository;
users = await UserRepo.createMany({
records: [
{ id: 2, nickname: 'a', roles: ['admin'] },
{ id: 3, nickname: 'b' },
],
});
userAgents = users.map((user) => app.agent().login(user));
});
afterEach(async () => await app.destroy());
@ -48,11 +61,12 @@ describe('workflow > actions > executions', () => {
expect(e1.length).toBe(1);
expect(e1[0].get('status')).toBe(EXECUTION_STATUS.RESOLVED);
await agent.resource('executions').destroy({
const res1 = await agent.resource('executions').destroy({
filter: {
key: workflow.key,
},
});
expect(res1.status).toBe(200);
const e2 = await workflow.getExecutions();
expect(e2.length).toBe(0);
@ -79,6 +93,31 @@ describe('workflow > actions > executions', () => {
const e2 = await workflow.getExecutions();
expect(e2.length).toBe(1);
});
it('role as admin could delete execution', async () => {
const post = await PostRepo.create({ values: { title: 't1' } });
await sleep(500);
const e1 = await workflow.getExecutions();
expect(e1.length).toBe(1);
expect(e1[0].get('status')).toBe(EXECUTION_STATUS.RESOLVED);
const res1 = await userAgents[1].resource('executions').destroy({
filter: {
key: workflow.key,
},
});
expect(res1.status).toBe(403);
const res2 = await userAgents[0].resource('executions').destroy({
filter: {
key: workflow.key,
},
});
expect(res2.status).toBe(200);
const e2 = await workflow.getExecutions();
expect(e2.length).toBe(0);
});
});
describe('cancel', () => {