From 8f6d2d5426e2d18ec3fadf333283b7540675b99f Mon Sep 17 00:00:00 2001 From: Junyi Date: Tue, 30 Jul 2024 14:42:59 +0800 Subject: [PATCH] fix(plugin-workflow): fix admin role with workflow plugin permission can not delete executions (#4961) * test(plugin-workflow): add test case for acl * fix(plugin-workflow): fix acl snippets --- .../plugin-workflow/src/server/Plugin.ts | 1 + .../__tests__/actions/executions.test.ts | 45 +++++++++++++++++-- 2 files changed, 43 insertions(+), 3 deletions(-) diff --git a/packages/plugins/@nocobase/plugin-workflow/src/server/Plugin.ts b/packages/plugins/@nocobase/plugin-workflow/src/server/Plugin.ts index 98678c718b..6a87446f0a 100644 --- a/packages/plugins/@nocobase/plugin-workflow/src/server/Plugin.ts +++ b/packages/plugins/@nocobase/plugin-workflow/src/server/Plugin.ts @@ -223,6 +223,7 @@ export default class PluginWorkflowServer extends Plugin { 'executions:list', 'executions:get', 'executions:cancel', + 'executions:destroy', 'flow_nodes:update', 'flow_nodes:destroy', ], diff --git a/packages/plugins/@nocobase/plugin-workflow/src/server/__tests__/actions/executions.test.ts b/packages/plugins/@nocobase/plugin-workflow/src/server/__tests__/actions/executions.test.ts index 56ce16c6c5..c672aa863f 100644 --- a/packages/plugins/@nocobase/plugin-workflow/src/server/__tests__/actions/executions.test.ts +++ b/packages/plugins/@nocobase/plugin-workflow/src/server/__tests__/actions/executions.test.ts @@ -19,10 +19,15 @@ describe('workflow > actions > executions', () => { let PostRepo; let WorkflowModel; let workflow; + let users; + let userAgents; beforeEach(async () => { - app = await getApp(); - agent = app.agent(); + app = await getApp({ + plugins: ['users', 'acl', 'auth', 'data-source-manager'], + acl: true, + }); + agent = app.agent().loginUsingId(1); db = app.db; WorkflowModel = db.getCollection('workflows').model; PostRepo = db.getCollection('posts').repository; @@ -35,6 +40,14 @@ describe('workflow > actions > executions', () => { collection: 'posts', }, }); + const UserRepo = db.getCollection('users').repository; + users = await UserRepo.createMany({ + records: [ + { id: 2, nickname: 'a', roles: ['admin'] }, + { id: 3, nickname: 'b' }, + ], + }); + userAgents = users.map((user) => app.agent().login(user)); }); afterEach(async () => await app.destroy()); @@ -48,11 +61,12 @@ describe('workflow > actions > executions', () => { expect(e1.length).toBe(1); expect(e1[0].get('status')).toBe(EXECUTION_STATUS.RESOLVED); - await agent.resource('executions').destroy({ + const res1 = await agent.resource('executions').destroy({ filter: { key: workflow.key, }, }); + expect(res1.status).toBe(200); const e2 = await workflow.getExecutions(); expect(e2.length).toBe(0); @@ -79,6 +93,31 @@ describe('workflow > actions > executions', () => { const e2 = await workflow.getExecutions(); expect(e2.length).toBe(1); }); + + it('role as admin could delete execution', async () => { + const post = await PostRepo.create({ values: { title: 't1' } }); + await sleep(500); + + const e1 = await workflow.getExecutions(); + expect(e1.length).toBe(1); + expect(e1[0].get('status')).toBe(EXECUTION_STATUS.RESOLVED); + + const res1 = await userAgents[1].resource('executions').destroy({ + filter: { + key: workflow.key, + }, + }); + expect(res1.status).toBe(403); + const res2 = await userAgents[0].resource('executions').destroy({ + filter: { + key: workflow.key, + }, + }); + expect(res2.status).toBe(200); + + const e2 = await workflow.getExecutions(); + expect(e2.length).toBe(0); + }); }); describe('cancel', () => {