n8n-io · janober · Mar 14, 2022 · Feb 10, 2022 · Feb 11, 2022 · Feb 11, 2022
diff --git a/.eslintrc.js b/.eslintrc.js
@@ -257,6 +257,11 @@ module.exports = {
 		 */
 		'@typescript-eslint/no-floating-promises': ['error', { ignoreVoid: true }],
 
+		/**
+		 * https://github.com/typescript-eslint/typescript-eslint/blob/v4.33.0/packages/eslint-plugin/docs/rules/no-namespace.md
+		 */
+		'@typescript-eslint/no-namespace': 'off',
+
 		/**
 		 * https://eslint.org/docs/1.0.0/rules/no-throw-literal
 		 */

diff --git a/package-lock.json b/package-lock.json
diff --git a/packages/cli/commands/Interfaces.d.ts b/packages/cli/commands/Interfaces.d.ts
@@ -53,3 +53,14 @@ declare module 'json-diff' {
 	}
 	export function diff(obj1: unknown, obj2: unknown, diffOptions: IDiffOptions): string;
 }
+
+type SmtpConfig = {
+	host: string;
+	port: number;
+	secure: boolean;
+	auth: {
+		user: string;
+		pass: string;
+	};
+	sender: string;
+};
diff --git a/packages/cli/commands/execute.ts b/packages/cli/commands/execute.ts
@@ -28,6 +28,7 @@ import {
 
 import { getLogger } from '../src/Logger';
 import config = require('../config');
+import { getInstanceOwner } from '../src/UserManagement/UserManagementHelper';
 
 export class Execute extends Command {
 	static description = '\nExecutes a given workflow';
@@ -169,11 +170,13 @@ export class Execute extends Command {
 		}
 
 		try {
+			const user = await getInstanceOwner();
 			const runData: IWorkflowExecutionDataProcess = {
 				executionMode: 'cli',
 				startNodes: [startNode.name],
 				// eslint-disable-next-line @typescript-eslint/no-non-null-assertion
 				workflowData: workflowData!,
+				userId: user.id,
 			};
 
 			const workflowRunner = new WorkflowRunner();

diff --git a/packages/cli/commands/executeBatch.ts b/packages/cli/commands/executeBatch.ts
@@ -37,6 +37,8 @@ import {
 	WorkflowRunner,
 } from '../src';
 import config = require('../config');
+import { User } from '../src/databases/entities/User';
+import { getInstanceOwner } from '../src/UserManagement/UserManagementHelper';
 
 export class ExecuteBatch extends Command {
 	static description = '\nExecutes multiple workflows once';
@@ -57,6 +59,8 @@ export class ExecuteBatch extends Command {
 
 	static executionTimeout = 3 * 60 * 1000;
 
+	static instanceOwner: User;
+
 	static examples = [
 		`$ n8n executeBatch`,
 		`$ n8n executeBatch --concurrency=10 --skipList=/data/skipList.txt`,
@@ -279,6 +283,8 @@ export class ExecuteBatch extends Command {
 		// Wait till the database is ready
 		await startDbInitPromise;
 
+		ExecuteBatch.instanceOwner = await getInstanceOwner();
+
 		let allWorkflows;
 
 		const query = Db.collections.Workflow!.createQueryBuilder('workflows');
@@ -666,6 +672,7 @@ export class ExecuteBatch extends Command {
 					executionMode: 'cli',
 					startNodes: [startNode!.name],
 					workflowData,
+					userId: ExecuteBatch.instanceOwner.id,
 				};
 
 				const workflowRunner = new WorkflowRunner();

diff --git a/packages/cli/commands/import/credentials.ts b/packages/cli/commands/import/credentials.ts
@@ -1,3 +1,9 @@
+/* eslint-disable no-restricted-syntax */
+/* eslint-disable @typescript-eslint/no-shadow */
+/* eslint-disable @typescript-eslint/no-unsafe-call */
+/* eslint-disable no-await-in-loop */
+/* eslint-disable @typescript-eslint/no-non-null-assertion */
+/* eslint-disable @typescript-eslint/no-unsafe-assignment */
 /* eslint-disable @typescript-eslint/no-unsafe-member-access */
 /* eslint-disable no-console */
 import { Command, flags } from '@oclif/command';
@@ -9,15 +15,25 @@ import { LoggerProxy } from 'n8n-workflow';
 import * as fs from 'fs';
 import * as glob from 'fast-glob';
 import * as path from 'path';
+import { EntityManager, getConnection } from 'typeorm';
 import { getLogger } from '../../src/Logger';
 import { Db } from '../../src';
+import { User } from '../../src/databases/entities/User';
+import { SharedCredentials } from '../../src/databases/entities/SharedCredentials';
+import { Role } from '../../src/databases/entities/Role';
+import { CredentialsEntity } from '../../src/databases/entities/CredentialsEntity';
+
+const FIX_INSTRUCTION =
+	'Please fix the database by running ./packages/cli/bin/n8n user-management:reset';
 
 export class ImportCredentialsCommand extends Command {
 	static description = 'Import credentials';
 
 	static examples = [
-		`$ n8n import:credentials --input=file.json`,
-		`$ n8n import:credentials --separate --input=backups/latest/`,
+		'$ n8n import:credentials --input=file.json',
+		'$ n8n import:credentials --separate --input=backups/latest/',
+		'$ n8n import:credentials --input=file.json --userId=1d64c3d2-85fe-4a83-a649-e446b07b3aae',
+		'$ n8n import:credentials --separate --input=backups/latest/ --userId=1d64c3d2-85fe-4a83-a649-e446b07b3aae',
 	];
 
 	static flags = {
@@ -29,87 +45,161 @@ export class ImportCredentialsCommand extends Command {
 		separate: flags.boolean({
 			description: 'Imports *.json files from directory provided by --input',
 		}),
+		userId: flags.string({
+			description: 'The ID of the user to assign the imported credentials to',
+		}),
 	};
 
-	// eslint-disable-next-line @typescript-eslint/explicit-module-boundary-types
-	async run() {
+	ownerCredentialRole: Role;
+
+	transactionManager: EntityManager;
+
+	async run(): Promise<void> {
 		const logger = getLogger();
 		LoggerProxy.init(logger);
 
-		// eslint-disable-next-line @typescript-eslint/no-shadow
 		const { flags } = this.parse(ImportCredentialsCommand);
 
 		if (!flags.input) {
-			console.info(`An input file or directory with --input must be provided`);
+			console.info('An input file or directory with --input must be provided');
 			return;
 		}
 
 		if (flags.separate) {
 			if (fs.existsSync(flags.input)) {
 				if (!fs.lstatSync(flags.input).isDirectory()) {
-					console.info(`The paramenter --input must be a directory`);
+					console.info('The argument to --input must be a directory');
 					return;
 				}
 			}
 		}
 
+		let totalImported = 0;
+
 		try {
 			await Db.init();
 
+			await this.initOwnerCredentialRole();
+			const user = flags.userId ? await this.getAssignee(flags.userId) : await this.getOwner();
+
 			// Make sure the settings exist
 			await UserSettings.prepareUserSettings();
-			let i;
 
 			const encryptionKey = await UserSettings.getEncryptionKey();
 			if (encryptionKey === undefined) {
-				throw new Error('No encryption key got found to encrypt the credentials!');
+				throw new Error('No encryption key found to encrypt the credentials!');
 			}
 
 			if (flags.separate) {
 				const files = await glob(
 					`${flags.input.endsWith(path.sep) ? flags.input : flags.input + path.sep}*.json`,
 				);
-				for (i = 0; i < files.length; i++) {
-					// eslint-disable-next-line @typescript-eslint/no-unsafe-assignment
-					const credential = JSON.parse(fs.readFileSync(files[i], { encoding: 'utf8' }));
 
-					// eslint-disable-next-line @typescript-eslint/no-unsafe-member-access
-					if (typeof credential.data === 'object') {
-						// plain data / decrypted input. Should be encrypted first.
-						// eslint-disable-next-line @typescript-eslint/no-unsafe-member-access
-						Credentials.prototype.setData.call(credential, credential.data, encryptionKey);
+				totalImported = files.length;
+
+				await getConnection().transaction(async (transactionManager) => {
+					this.transactionManager = transactionManager;
+					for (const file of files) {
+						const credential = JSON.parse(fs.readFileSync(file, { encoding: 'utf8' }));
+
+						if (typeof credential.data === 'object') {
+							// plain data / decrypted input. Should be encrypted first.
+							Credentials.prototype.setData.call(credential, credential.data, encryptionKey);
+						}
+
+						await this.storeCredential(credential, user);
 					}
+				});
 
-					// eslint-disable-next-line no-await-in-loop, @typescript-eslint/no-non-null-assertion
-					await Db.collections.Credentials!.save(credential);
-				}
-			} else {
-				// eslint-disable-next-line @typescript-eslint/no-unsafe-assignment
-				const fileContents = JSON.parse(fs.readFileSync(flags.input, { encoding: 'utf8' }));
+				this.reportSuccess(totalImported);
+				process.exit();
+			}
 
-				if (!Array.isArray(fileContents)) {
-					throw new Error(`File does not seem to contain credentials.`);
-				}
+			const credentials = JSON.parse(fs.readFileSync(flags.input, { encoding: 'utf8' }));
+
+			totalImported = credentials.length;
+
+			if (!Array.isArray(credentials)) {
+				throw new Error(
+					'File does not seem to contain credentials. Make sure the credentials are contained in an array.',
+				);
+			}
 
-				for (i = 0; i < fileContents.length; i++) {
-					if (typeof fileContents[i].data === 'object') {
+			await getConnection().transaction(async (transactionManager) => {
+				this.transactionManager = transactionManager;
+				for (const credential of credentials) {
+					if (typeof credential.data === 'object') {
 						// plain data / decrypted input. Should be encrypted first.
-						Credentials.prototype.setData.call(
-							fileContents[i],
-							fileContents[i].data,
-							encryptionKey,
-						);
+						Credentials.prototype.setData.call(credential, credential.data, encryptionKey);
 					}
-					// eslint-disable-next-line no-await-in-loop, @typescript-eslint/no-non-null-assertion
-					await Db.collections.Credentials!.save(fileContents[i]);
+					await this.storeCredential(credential, user);
 				}
-			}
-			console.info(`Successfully imported ${i} ${i === 1 ? 'credential.' : 'credentials.'}`);
-			process.exit(0);
+			});
+
+			this.reportSuccess(totalImported);
+			process.exit();
 		} catch (error) {
-			console.error('An error occurred while exporting credentials. See log messages for details.');
-			logger.error(error.message);
+			console.error('An error occurred while importing credentials. See log messages for details.');
+			if (error instanceof Error) logger.error(error.message);
 			this.exit(1);
 		}
 	}
+
+	private reportSuccess(total: number) {
+		console.info(`Successfully imported ${total} ${total === 1 ? 'workflow.' : 'workflows.'}`);
+	}
+
+	private async initOwnerCredentialRole() {
+		const ownerCredentialRole = await Db.collections.Role!.findOne({
+			where: { name: 'owner', scope: 'credential' },
+		});
+
+		if (!ownerCredentialRole) {
+			throw new Error(`Failed to find owner credential role. ${FIX_INSTRUCTION}`);
+		}
+
+		this.ownerCredentialRole = ownerCredentialRole;
+	}
+
+	private async storeCredential(credential: object, user: User) {
+		const newCredential = new CredentialsEntity();
+
+		Object.assign(newCredential, credential);
+
+		const savedCredential = await this.transactionManager.save<CredentialsEntity>(newCredential);
+
+		const newSharedCredential = new SharedCredentials();
+
+		Object.assign(newSharedCredential, {
+			credentials: savedCredential,
+			user,
+			role: this.ownerCredentialRole,
+		});
+
+		await this.transactionManager.save<SharedCredentials>(newSharedCredential);
+	}
+
+	private async getOwner() {
+		const ownerGlobalRole = await Db.collections.Role!.findOne({
+			where: { name: 'owner', scope: 'global' },
+		});
+
+		const owner = await Db.collections.User!.findOne({ globalRole: ownerGlobalRole });
+
+		if (!owner) {
+			throw new Error(`Failed to find owner. ${FIX_INSTRUCTION}`);
+		}
+
+		return owner;
+	}
+
+	private async getAssignee(userId: string) {
+		const user = await Db.collections.User!.findOne(userId);
+
+		if (!user) {
+			throw new Error(`Failed to find user with ID ${userId}`);
+		}
+
+		return user;
+	}
 }