Add attachments (#733)

* Add attachments v1 * Refacto * Add Policy checks * Fix tests * Remove generated files from git --------- Co-authored-by: Charles Bochet <charles@twenty.com>
2023-07-19 00:24:03 +02:00
parent 84018efc7d
commit 10f7b08fdc
1130 changed files with 570 additions and 39762 deletions
--- a/server/src/ability/ability.factory.ts
+++ b/server/src/ability/ability.factory.ts
@ -14,6 +14,7 @@ import {
  Pipeline,
  PipelineStage,
  PipelineProgress,
+  Attachment,
 } from '@prisma/client';
 import { AbilityAction } from './ability.action';

@ -30,6 +31,7 @@ type SubjectsAbility = Subjects<{
  Pipeline: Pipeline;
  PipelineStage: PipelineStage;
  PipelineProgress: PipelineProgress;
+  Attachment: Attachment;
 }>;

 export type AppAbility = PureAbility<
@ -98,6 +100,11 @@ export class AbilityFactory {
    // CommentThreadTarget
    can(AbilityAction.Read, 'CommentThreadTarget');

+    // Attachment
+    can(AbilityAction.Read, 'Attachment', { workspaceId: workspace.id });
+    can(AbilityAction.Update, 'Attachment', { workspaceId: workspace.id });
+    can(AbilityAction.Create, 'Attachment', { workspaceId: workspace.id });
+
    // Pipeline
    can(AbilityAction.Read, 'Pipeline', { workspaceId: workspace.id });

--- a/server/src/ability/ability.module.ts
+++ b/server/src/ability/ability.module.ts
@ -85,6 +85,13 @@ import {
  UpdatePipelineProgressAbilityHandler,
  DeletePipelineProgressAbilityHandler,
 } from './handlers/pipeline-progress.ability-handler';
+import {
+  CreateAttachmentAbilityHandler,
+  DeleteAttachmentAbilityHandler,
+  ManageAttachmentAbilityHandler,
+  ReadAttachmentAbilityHandler,
+  UpdateAttachmentAbilityHandler,
+} from './handlers/attachment.ability-handler';

@Global()
@Module({
@ -145,6 +152,12 @@ import {
    CreateCommentThreadTargetAbilityHandler,
    UpdateCommentThreadTargetAbilityHandler,
    DeleteCommentThreadTargetAbilityHandler,
+    //Attachment
+    ManageAttachmentAbilityHandler,
+    ReadAttachmentAbilityHandler,
+    CreateAttachmentAbilityHandler,
+    UpdateAttachmentAbilityHandler,
+    DeleteAttachmentAbilityHandler,
    // Pipeline
    ManagePipelineAbilityHandler,
    ReadPipelineAbilityHandler,
@ -220,6 +233,12 @@ import {
    CreateCommentThreadTargetAbilityHandler,
    UpdateCommentThreadTargetAbilityHandler,
    DeleteCommentThreadTargetAbilityHandler,
+    //Attachment
+    ManageAttachmentAbilityHandler,
+    ReadAttachmentAbilityHandler,
+    CreateAttachmentAbilityHandler,
+    UpdateAttachmentAbilityHandler,
+    DeleteAttachmentAbilityHandler,
    // Pipeline
    ManagePipelineAbilityHandler,
    ReadPipelineAbilityHandler,
--- a/server/src/ability/handlers/attachment.ability-handler.ts
+++ b/server/src/ability/handlers/attachment.ability-handler.ts
@ -0,0 +1,67 @@
+import { PrismaService } from 'src/database/prisma.service';
+import { AbilityAction } from '../ability.action';
+import { AppAbility } from '../ability.factory';
+import { IAbilityHandler } from '../interfaces/ability-handler.interface';
+import {
+  ExecutionContext,
+  ForbiddenException,
+  Injectable,
+  NotFoundException,
+} from '@nestjs/common';
+import { assert } from 'src/utils/assert';
+import { GqlExecutionContext } from '@nestjs/graphql';
+import { subject } from '@casl/ability';
+
+class AttachmentArgs {
+  activityId?: string;
+}
+
+@Injectable()
+export class ManageAttachmentAbilityHandler implements IAbilityHandler {
+  async handle(ability: AppAbility) {
+    return ability.can(AbilityAction.Manage, 'Attachment');
+  }
+}
+
+@Injectable()
+export class ReadAttachmentAbilityHandler implements IAbilityHandler {
+  handle(ability: AppAbility) {
+    return ability.can(AbilityAction.Read, 'Attachment');
+  }
+}
+
+@Injectable()
+export class CreateAttachmentAbilityHandler implements IAbilityHandler {
+  constructor(private readonly prismaService: PrismaService) {}
+
+  async handle(ability: AppAbility, context: ExecutionContext) {
+    const gqlContext = GqlExecutionContext.create(context);
+    const args = gqlContext.getArgs<AttachmentArgs>();
+    assert(args.activityId, '', ForbiddenException);
+
+    const activity = await this.prismaService.commentThread.findUnique({
+      where: { id: args.activityId },
+      include: { workspace: true },
+    });
+    assert(activity, '', NotFoundException);
+
+    return ability.can(
+      AbilityAction.Update,
+      subject('Workspace', activity.workspace),
+    );
+  }
+}
+
+@Injectable()
+export class UpdateAttachmentAbilityHandler implements IAbilityHandler {
+  async handle(ability: AppAbility) {
+    return ability.can(AbilityAction.Update, 'Attachment');
+  }
+}
+
+@Injectable()
+export class DeleteAttachmentAbilityHandler implements IAbilityHandler {
+  async handle(ability: AppAbility) {
+    return ability.can(AbilityAction.Delete, 'Attachment');
+  }
+}