[permissions V2] Add integration tests on relations and objectRecord permissions (#12450)

In this PR 1. adding tests on relations and nested relations to make sure that if any permission is missing, the query fails 2. adding tests on objectRecord permissions to make sure that permissions granted or restricted by objectPermissions take precedence on the role's allObjectRecords permissions
2025-06-10 16:38:38 +02:00
parent 78ecb01c90
commit 264861e020
8 changed files with 635 additions and 25 deletions
--- a/packages/twenty-server/test/integration/graphql/utils/update-workspace-member-role.util.ts
+++ b/packages/twenty-server/test/integration/graphql/utils/update-workspace-member-role.util.ts
@ -0,0 +1,31 @@
+export const updateWorkspaceMemberRole = async ({
+  client,
+  roleId,
+  workspaceMemberId,
+}: {
+  client: any;
+  roleId: string;
+  workspaceMemberId: string;
+}) => {
+  const updateMemberRoleQuery = {
+    query: `
+          mutation UpdateWorkspaceMemberRole {
+            updateWorkspaceMemberRole(
+              workspaceMemberId: "${workspaceMemberId}"
+              roleId: "${roleId}"
+            ) {
+              id
+              roles {
+                id
+                label
+              }
+            }
+          }
+        `,
+  };
+
+  await client
+    .post('/graphql')
+    .set('Authorization', `Bearer ${ADMIN_ACCESS_TOKEN}`)
+    .send(updateMemberRoleQuery);
+};