admin/twenty
1
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity

Permission checks on twentyORM global manager (#11477)

Browse Source 
In this PR we are handling permissions when using
twentyORMGlobalManager,
and handling permissions for rest api and api key
This commit is contained in:
Marie
2025-04-23 17:57:48 +02:00
committed by GitHub
parent 28a1354928
commit 4257f30f12
54 changed files with 547 additions and 116 deletions
Download Patch File Download Diff File Expand all files Collapse all files

16
packages/twenty-server/src/engine/twenty-orm/twenty-orm.manager.ts
View File

@ -30,8 +30,12 @@ export class TwentyORMManager {
async getRepository<T extends ObjectLiteral>(
workspaceEntityOrobjectMetadataName: Type<T> | string,
): Promise<WorkspaceRepository<T>> {
const { workspaceId, workspaceMetadataVersion, userWorkspaceId } =
this.scopedWorkspaceContextFactory.create();
const {
workspaceId,
workspaceMetadataVersion,
userWorkspaceId,
isExecutedByApiKey,
} = this.scopedWorkspaceContextFactory.create();
let objectMetadataName: string;
@ -65,7 +69,13 @@ export class TwentyORMManager {
roleId = userWorkspaceRole?.roleId;
}
return workspaceDataSource.getRepository<T>(objectMetadataName, roleId);
const shouldBypassPermissionChecks = !!isExecutedByApiKey;
return workspaceDataSource.getRepository<T>(
objectMetadataName,
shouldBypassPermissionChecks,
roleId,
);
}
async getDatasource() {