[Permissions] Implement getRoles (#9955)

In this PR - introducing roles module to separate roles logic (assign a Role, get a workspace's roles etc.) from permission logic (check if a user has a permission) - Introduces getRoles endpoint to fetch a workspace's roles - introduces the first permission check: getRoles in only accessible to users with permission on ROLE setting. Implemented validatesUserHasWorkspaceSettingPermissionOrThrow
2025-02-03 19:14:18 +01:00
parent caee5b1f89
commit 351e768038
18 changed files with 413 additions and 50 deletions
--- a/packages/twenty-server/src/engine/metadata-modules/role/role.entity.ts
+++ b/packages/twenty-server/src/engine/metadata-modules/role/role.entity.ts
@ -0,0 +1,44 @@
+import {
+  Column,
+  CreateDateColumn,
+  Entity,
+  OneToMany,
+  PrimaryGeneratedColumn,
+  Relation,
+  UpdateDateColumn,
+} from 'typeorm';
+
+import { UserWorkspaceRoleEntity } from 'src/engine/metadata-modules/role/user-workspace-role.entity';
+
+@Entity('role')
+export class RoleEntity {
+  @PrimaryGeneratedColumn('uuid')
+  id: string;
+
+  @Column({ nullable: false })
+  label: string;
+
+  @Column({ nullable: false, default: false })
+  canUpdateAllSettings: boolean;
+
+  @Column({ nullable: true, type: 'text' })
+  description: string;
+
+  @Column({ nullable: false, type: 'uuid' })
+  workspaceId: string;
+
+  @CreateDateColumn({ type: 'timestamptz' })
+  createdAt: Date;
+
+  @UpdateDateColumn({ type: 'timestamptz' })
+  updatedAt: Date;
+
+  @Column({ nullable: false, default: true })
+  isEditable: boolean;
+
+  @OneToMany(
+    () => UserWorkspaceRoleEntity,
+    (userWorkspaceRole: UserWorkspaceRoleEntity) => userWorkspaceRole.role,
+  )
+  userWorkspaceRoles: Relation<UserWorkspaceRoleEntity[]>;
+}