admin/twenty
1
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity

Permission checks on twentyORM global manager (#11477)

Browse Source 
In this PR we are handling permissions when using
twentyORMGlobalManager,
and handling permissions for rest api and api key
This commit is contained in:
Marie
2025-04-23 17:57:48 +02:00
committed by GitHub
parent 28a1354928
commit 4257f30f12
54 changed files with 547 additions and 116 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
packages/twenty-server/src/modules/contact-creation-manager/services/create-company-and-contact.service.ts
View File

@ -55,6 +55,9 @@ export class CreateCompanyAndContactService {
await this.twentyORMGlobalManager.getRepositoryForWorkspace(
workspaceId,
PersonWorkspaceEntity,
{
shouldBypassPermissionChecks: true,
},
);
const workspaceMembers =

7
packages/twenty-server/src/modules/contact-creation-manager/services/create-company.service.ts
View File

@ -2,9 +2,9 @@ import { Injectable } from '@nestjs/common';
import axios, { AxiosInstance } from 'axios';
import uniqBy from 'lodash.uniqby';
import { DeepPartial, EntityManager, ILike } from 'typeorm';
import { ConnectedAccountProvider } from 'twenty-shared/types';
import { TWENTY_COMPANIES_BASE_URL } from 'twenty-shared/constants';
import { ConnectedAccountProvider } from 'twenty-shared/types';
import { DeepPartial, EntityManager, ILike } from 'typeorm';
import { FieldActorSource } from 'src/engine/metadata-modules/field-metadata/composite-types/actor.composite-type';
import { WorkspaceRepository } from 'src/engine/twenty-orm/repository/workspace.repository';
@ -49,6 +49,9 @@ export class CreateCompanyService {
await this.twentyORMGlobalManager.getRepositoryForWorkspace(
workspaceId,
CompanyWorkspaceEntity,
{
shouldBypassPermissionChecks: true,
},
);
// Avoid creating duplicate companies

5
packages/twenty-server/src/modules/contact-creation-manager/services/create-contact.service.ts
View File

@ -1,8 +1,8 @@
import { Injectable } from '@nestjs/common';
import { ConnectedAccountProvider } from 'twenty-shared/types';
import { DeepPartial, EntityManager } from 'typeorm';
import { v4 } from 'uuid';
import { ConnectedAccountProvider } from 'twenty-shared/types';
import { FieldActorSource } from 'src/engine/metadata-modules/field-metadata/composite-types/actor.composite-type';
import { WorkspaceRepository } from 'src/engine/twenty-orm/repository/workspace.repository';
@ -82,6 +82,9 @@ export class CreateContactService {
await this.twentyORMGlobalManager.getRepositoryForWorkspace(
workspaceId,
PersonWorkspaceEntity,
{
shouldBypassPermissionChecks: true,
},
);
const lastPersonPosition = await this.getLastPersonPosition(