From 28a135492855947cfedc28a0d6c9c38a66404b20 Mon Sep 17 00:00:00 2001 From: Thomas Trompette Date: Wed, 23 Apr 2025 17:28:41 +0200 Subject: [PATCH] Allow webhook only on active versions (#11705) - webhook call should only be allow on active versions - fixing exceptions that are wrongly sent to sentry --- .../controllers/workflow-trigger.controller.ts | 14 ++++++++++++-- .../jobs/workflow-trigger.job.ts | 17 +++++++++++++++-- 2 files changed, 27 insertions(+), 4 deletions(-) diff --git a/packages/twenty-server/src/engine/core-modules/workflow/controllers/workflow-trigger.controller.ts b/packages/twenty-server/src/engine/core-modules/workflow/controllers/workflow-trigger.controller.ts index db975ed23..34fb47938 100644 --- a/packages/twenty-server/src/engine/core-modules/workflow/controllers/workflow-trigger.controller.ts +++ b/packages/twenty-server/src/engine/core-modules/workflow/controllers/workflow-trigger.controller.ts @@ -6,7 +6,10 @@ import { isDefined } from 'twenty-shared/utils'; import { WorkflowTriggerRestApiExceptionFilter } from 'src/engine/core-modules/workflow/filters/workflow-trigger-rest-api-exception.filter'; import { FieldActorSource } from 'src/engine/metadata-modules/field-metadata/composite-types/actor.composite-type'; import { TwentyORMManager } from 'src/engine/twenty-orm/twenty-orm.manager'; -import { WorkflowVersionWorkspaceEntity } from 'src/modules/workflow/common/standard-objects/workflow-version.workspace-entity'; +import { + WorkflowVersionStatus, + WorkflowVersionWorkspaceEntity, +} from 'src/modules/workflow/common/standard-objects/workflow-version.workspace-entity'; import { WorkflowWorkspaceEntity } from 'src/modules/workflow/common/standard-objects/workflow.workspace-entity'; import { WorkflowTriggerException, @@ -64,7 +67,7 @@ export class WorkflowTriggerController { workflow.lastPublishedVersionId === '' ) { throw new WorkflowTriggerException( - 'Workflow not activated', + 'Workflow has not been activated', WorkflowTriggerExceptionCode.INVALID_WORKFLOW_STATUS, ); } @@ -91,6 +94,13 @@ export class WorkflowTriggerController { ); } + if (workflowVersion.status !== WorkflowVersionStatus.ACTIVE) { + throw new WorkflowTriggerException( + 'Workflow version is not active', + WorkflowTriggerExceptionCode.INVALID_WORKFLOW_STATUS, + ); + } + const { workflowRunId } = await this.workflowTriggerWorkspaceService.runWorkflowVersion({ workflowVersionId: workflow.lastPublishedVersionId, diff --git a/packages/twenty-server/src/modules/workflow/workflow-trigger/jobs/workflow-trigger.job.ts b/packages/twenty-server/src/modules/workflow/workflow-trigger/jobs/workflow-trigger.job.ts index eb7eba7f0..cda96fd05 100644 --- a/packages/twenty-server/src/modules/workflow/workflow-trigger/jobs/workflow-trigger.job.ts +++ b/packages/twenty-server/src/modules/workflow/workflow-trigger/jobs/workflow-trigger.job.ts @@ -46,10 +46,17 @@ export class WorkflowTriggerJob { 'workflow', ); - const workflow = await workflowRepository.findOneByOrFail({ + const workflow = await workflowRepository.findOneBy({ id: data.workflowId, }); + if (!workflow) { + throw new WorkflowTriggerException( + 'Workflow not found', + WorkflowTriggerExceptionCode.NOT_FOUND, + ); + } + if (!workflow.lastPublishedVersionId) { throw new WorkflowTriggerException( 'Workflow has no published version', @@ -62,10 +69,16 @@ export class WorkflowTriggerJob { 'workflowVersion', ); - const workflowVersion = await workflowVersionRepository.findOneByOrFail({ + const workflowVersion = await workflowVersionRepository.findOneBy({ id: workflow.lastPublishedVersionId, }); + if (!workflowVersion) { + throw new WorkflowTriggerException( + 'Workflow version not found', + WorkflowTriggerExceptionCode.NOT_FOUND, + ); + } if (workflowVersion.status !== WorkflowVersionStatus.ACTIVE) { throw new WorkflowTriggerException( 'Workflow version is not active',