refactor credential import and remove redundant tests

There is no need to test the `--separate` flag in combination with the
`--userId` flag, because the check for the relationships is now
happening in one place

Author: despairblue

packages/cli/src/commands/import/credentials.ts

@@ -15,7 +15,6 @@ import type { ICredentialsEncrypted } from 'n8n-workflow';
 import { ApplicationError, jsonParse } from 'n8n-workflow';
 import { UM_FIX_INSTRUCTION } from '@/constants';
 import { UserRepository } from '@db/repositories/user.repository';
-import { SharedCredentialsRepository } from '@/databases/repositories/sharedCredentials.repository';
 
 export class ImportCredentialsCommand extends BaseCommand {
 	static description = 'Import credentials';
@@ -65,87 +64,103 @@ export class ImportCredentialsCommand extends BaseCommand {
 			}
 		}
 
-		let totalImported = 0;
-
-		const cipher = Container.get(Cipher);
 		const user = flags.userId ? await this.getAssignee(flags.userId) : await this.getOwner();
 
-		if (flags.separate) {
-			let { input: inputPath } = flags;
+		const credentials = await this.readCredentials(flags.input, flags.separate);
+
+		await Db.getConnection().transaction(async (transactionManager) => {
+			this.transactionManager = transactionManager;
+
+			const result = await this.checkRelations(credentials, flags.userId);
 
-			if (process.platform === 'win32') {
-				inputPath = inputPath.replace(/\\/g, '/');
+			if (!result.success) {
+				throw new ApplicationError(result.message);
 			}
 
-			const files = await glob('*.json', {
-				cwd: inputPath,
-				absolute: true,
-			});
+			for (const credential of credentials) {
+				await this.storeCredential(credential, user);
+			}
+		});
 
-			totalImported = files.length;
-
-			await Db.getConnection().transaction(async (transactionManager) => {
-				this.transactionManager = transactionManager;
-				for (const file of files) {
-					const credential = jsonParse<ICredentialsEncrypted>(
-						fs.readFileSync(file, { encoding: 'utf8' }),
-					);
-
-					if (credential.id && flags.userId) {
-						const credentialOwner = await this.getCredentialOwner(credential.id);
-
-						if (credentialOwner && credentialOwner !== flags.userId) {
-							throw new ApplicationError(
-								`The credential with id "${credential.id}" is already owned by the user with the id "${credentialOwner}". It can't be re-owned by the user with the id "${flags.userId}"`,
-							);
-						}
-					}
-
-					if (typeof credential.data === 'object') {
-						// plain data / decrypted input. Should be encrypted first.
-						credential.data = cipher.encrypt(credential.data);
-					}
-					await this.storeCredential(credential, user);
-				}
-			});
+		this.reportSuccess(credentials.length);
+	}
 
-			this.reportSuccess(totalImported);
-			return;
+	private async checkRelations(credentials: ICredentialsEncrypted[], userId?: string) {
+		if (!userId) {
+			return {
+				success: true as const,
+				message: undefined,
+			};
 		}
 
-		const credentials = jsonParse<ICredentialsEncrypted[]>(
-			fs.readFileSync(flags.input, { encoding: 'utf8' }),
-		);
+		for (const credential of credentials) {
+			if (credential.id === undefined) {
+				continue;
+			}
 
-		totalImported = credentials.length;
+			if (!(await this.credentialExists(credential.id))) {
+				continue;
+			}
 
-		if (!Array.isArray(credentials)) {
-			throw new ApplicationError(
-				'File does not seem to contain credentials. Make sure the credentials are contained in an array.',
-			);
+			const ownerId = await this.getCredentialOwner(credential.id);
+			if (!ownerId) {
+				continue;
+			}
+
+			if (ownerId !== userId) {
+				return {
+					success: false as const,
+					message: `The credential with id "${credential.id}" is already owned by the user with the id "${ownerId}". It can't be re-owned by the user with the id "${userId}"`,
+				};
+			}
 		}
 
-		await Db.getConnection().transaction(async (transactionManager) => {
-			this.transactionManager = transactionManager;
-			for (const credential of credentials) {
-				if (credential.id && flags.userId) {
-					const credentialOwner = await this.getCredentialOwner(credential.id);
-					if (credentialOwner && credentialOwner !== flags.userId) {
-						throw new ApplicationError(
-							`The credential with id "${credential.id}" is already owned by the user with the id "${credentialOwner}". It can't be re-owned by the user with the id "${flags.userId}"`,
-						);
-					}
-				}
+		return {
+			success: true as const,
+			message: undefined,
+		};
+	}
 
-				if (typeof credential.data === 'object') {
-					// plain data / decrypted input. Should be encrypted first.
-					credential.data = cipher.encrypt(credential.data);
-				}
-				await this.storeCredential(credential, user);
+	private async readCredentials(path: string, separate: boolean): Promise<ICredentialsEncrypted[]> {
+		const cipher = Container.get(Cipher);
+
+		if (process.platform === 'win32') {
+			path = path.replace(/\\/g, '/');
+		}
+
+		let credentials: ICredentialsEncrypted[];
+
+		if (separate) {
+			const files = await glob('*.json', {
+				cwd: path,
+				absolute: true,
+			});
+
+			credentials = files.map((file) =>
+				jsonParse<ICredentialsEncrypted>(fs.readFileSync(file, { encoding: 'utf8' })),
+			);
+		} else {
+			const credentialsUnchecked = jsonParse<ICredentialsEncrypted[]>(
+				fs.readFileSync(path, { encoding: 'utf8' }),
+			);
+
+			if (!Array.isArray(credentialsUnchecked)) {
+				throw new ApplicationError(
+					'File does not seem to contain credentials. Make sure the credentials are contained in an array.',
+				);
 			}
-		});
 
-		this.reportSuccess(totalImported);
+			credentials = credentialsUnchecked;
+		}
+
+		return credentials.map((credential) => {
+			if (typeof credential.data === 'object') {
+				// plain data / decrypted input. Should be encrypted first.
+				credential.data = cipher.encrypt(credential.data);
+			}
+
+			return credential;
+		});
 	}
 
 	async catch(error: Error) {
@@ -202,11 +217,15 @@ export class ImportCredentialsCommand extends BaseCommand {
 	}
 
 	private async getCredentialOwner(credentialsId: string) {
-		const sharedCredential = await Container.get(SharedCredentialsRepository).findOneBy({
+		const sharedCredential = await this.transactionManager.findOneBy(SharedCredentials, {
 			credentialsId,
 			role: 'credential:owner',
 		});
 
 		return sharedCredential?.userId;
 	}
+
+	private async credentialExists(credentialId: string) {
+		return await this.transactionManager.existsBy(CredentialsEntity, { id: credentialId });
+	}
 }