admin/twenty
1
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity

[permissions V2] Remove feature flag (#12790)

Browse Source
This commit is contained in:
Marie
2025-06-23 17:22:57 +02:00
committed by GitHub
parent b6787c6fcd
commit 4c94fc2803
22 changed files with 99 additions and 407 deletions
Download Patch File Download Diff File Expand all files Collapse all files

31
packages/twenty-server/src/engine/twenty-orm/datasource/workspace.datasource.ts
View File

@ -15,7 +15,6 @@ import { EntityManagerFactory } from 'typeorm/entity-manager/EntityManagerFactor
import { FeatureFlagMap } from 'src/engine/core-modules/feature-flag/interfaces/feature-flag-map.interface';
import { WorkspaceInternalContext } from 'src/engine/twenty-orm/interfaces/workspace-internal-context.interface';
import { FeatureFlagKey } from 'src/engine/core-modules/feature-flag/enums/feature-flag-key.enum';
import {
PermissionsException,
PermissionsExceptionCode,
@ -168,28 +167,22 @@ export class WorkspaceDataSource extends DataSource {
): SelectQueryBuilder<any> {
let calledByWorkspaceEntityManager;
const isPermissionsV2Enabled =
this.featureFlagMap[FeatureFlagKey.IS_PERMISSIONS_V2_ENABLED];
const isCalledWithEntityTarget =
isDefined(aliasOrOptions) && typeof aliasOrOptions === 'string';
if (isPermissionsV2Enabled) {
if (isCalledWithEntityTarget) {
calledByWorkspaceEntityManager =
options?.calledByWorkspaceEntityManager;
} else {
calledByWorkspaceEntityManager = (
aliasOrOptions as CreateQueryBuilderOptions
)?.calledByWorkspaceEntityManager;
}
if (isCalledWithEntityTarget) {
calledByWorkspaceEntityManager = options?.calledByWorkspaceEntityManager;
} else {
calledByWorkspaceEntityManager = (
aliasOrOptions as CreateQueryBuilderOptions
)?.calledByWorkspaceEntityManager;
}
if (!(calledByWorkspaceEntityManager === true)) {
throw new PermissionsException(
'Method not allowed because permissions are not implemented at datasource level.',
PermissionsExceptionCode.METHOD_NOT_ALLOWED,
);
}
if (!(calledByWorkspaceEntityManager === true)) {
throw new PermissionsException(
'Method not allowed because permissions are not implemented at datasource level.',
PermissionsExceptionCode.METHOD_NOT_ALLOWED,
);
}
if (isCalledWithEntityTarget) {

13
packages/twenty-server/src/engine/twenty-orm/entity-manager/workspace-entity-manager.spec.ts
View File

@ -5,7 +5,6 @@ import { PlainObjectToDatabaseEntityTransformer } from 'typeorm/query-builder/tr
import { WorkspaceInternalContext } from 'src/engine/twenty-orm/interfaces/workspace-internal-context.interface';
import { FeatureFlagKey } from 'src/engine/core-modules/feature-flag/enums/feature-flag-key.enum';
import { WorkspaceDataSource } from 'src/engine/twenty-orm/datasource/workspace.datasource';
import { validateOperationIsPermittedOrThrow } from 'src/engine/twenty-orm/repository/permissions.utils';
@ -58,15 +57,10 @@ describe('WorkspaceEntityManager', () => {
objectMetadataMaps: {
idByNameSingular: {},
},
featureFlagsMap: {
[FeatureFlagKey.IS_PERMISSIONS_V2_ENABLED]: true,
},
} as WorkspaceInternalContext;
mockDataSource = {
featureFlagMap: {
[FeatureFlagKey.IS_PERMISSIONS_V2_ENABLED]: true,
},
featureFlagMap: {},
permissionsPerRoleId: {},
} as WorkspaceDataSource;
@ -141,11 +135,6 @@ describe('WorkspaceEntityManager', () => {
return entityName;
});
// Mock getFeatureFlagMap
jest.spyOn(entityManager as any, 'getFeatureFlagMap').mockReturnValue({
[FeatureFlagKey.IS_PERMISSIONS_V2_ENABLED]: true,
});
// Mock typeORM's EntityManager methods
jest
.spyOn(EntityManager.prototype, 'save')

54
packages/twenty-server/src/engine/twenty-orm/entity-manager/workspace-entity-manager.ts
View File

@ -32,7 +32,6 @@ import { InstanceChecker } from 'typeorm/util/InstanceChecker';
import { FeatureFlagMap } from 'src/engine/core-modules/feature-flag/interfaces/feature-flag-map.interface';
import { WorkspaceInternalContext } from 'src/engine/twenty-orm/interfaces/workspace-internal-context.interface';
import { FeatureFlagKey } from 'src/engine/core-modules/feature-flag/enums/feature-flag-key.enum';
import {
PermissionsException,
PermissionsExceptionCode,
@ -94,25 +93,18 @@ export class WorkspaceEntityManager extends EntityManager {
let objectPermissions = {};
const featureFlagMap = this.getFeatureFlagMap();
const isPermissionsV2Enabled =
featureFlagMap[FeatureFlagKey.IS_PERMISSIONS_V2_ENABLED];
if (permissionOptions?.roleId) {
const objectPermissionsByRoleId = dataSource.permissionsPerRoleId;
if (!isDefined(objectPermissionsByRoleId?.[permissionOptions.roleId])) {
if (isPermissionsV2Enabled) {
throw new PermissionsException(
`No permissions found for role in datasource (missing ${
!isDefined(objectPermissionsByRoleId)
? 'objectPermissionsByRoleId object'
: `roleId in objectPermissionsByRoleId object (${permissionOptions.roleId})`
})`,
PermissionsExceptionCode.NO_PERMISSIONS_FOUND_IN_DATASOURCE,
);
}
throw new PermissionsException(
`No permissions found for role in datasource (missing ${
!isDefined(objectPermissionsByRoleId)
? 'objectPermissionsByRoleId object'
: `roleId in objectPermissionsByRoleId object (${permissionOptions.roleId})`
})`,
PermissionsExceptionCode.NO_PERMISSIONS_FOUND_IN_DATASOURCE,
);
} else {
objectPermissions = objectPermissionsByRoleId[permissionOptions.roleId];
}
@ -165,21 +157,12 @@ export class WorkspaceEntityManager extends EntityManager {
);
}
const featureFlagMap = this.getFeatureFlagMap();
const isPermissionsV2Enabled =
featureFlagMap[FeatureFlagKey.IS_PERMISSIONS_V2_ENABLED];
if (!isPermissionsV2Enabled) {
return queryBuilder;
} else {
return new WorkspaceSelectQueryBuilder(
queryBuilder,
options?.objectRecordsPermissions ?? {},
this.internalContext,
options?.shouldBypassPermissionChecks ?? false,
);
}
return new WorkspaceSelectQueryBuilder(
queryBuilder,
options?.objectRecordsPermissions ?? {},
this.internalContext,
options?.shouldBypassPermissionChecks ?? false,
);
}
override insert<Entity extends ObjectLiteral>(
@ -391,15 +374,6 @@ export class WorkspaceEntityManager extends EntityManager {
objectRecordsPermissions?: ObjectRecordsPermissions;
},
): void {
const featureFlagMap = this.getFeatureFlagMap();
const isPermissionsV2Enabled =
featureFlagMap[FeatureFlagKey.IS_PERMISSIONS_V2_ENABLED];
if (!isPermissionsV2Enabled) {
return;
}
if (permissionOptions?.shouldBypassPermissionChecks === true) {
return;
}

25
packages/twenty-server/src/engine/twenty-orm/repository/workspace.repository.ts
View File

@ -23,7 +23,6 @@ import { UpsertOptions } from 'typeorm/repository/UpsertOptions';
import { FeatureFlagMap } from 'src/engine/core-modules/feature-flag/interfaces/feature-flag-map.interface';
import { WorkspaceInternalContext } from 'src/engine/twenty-orm/interfaces/workspace-internal-context.interface';
import { FeatureFlagKey } from 'src/engine/core-modules/feature-flag/enums/feature-flag-key.enum';
import {
PermissionsException,
PermissionsExceptionCode,
@ -70,23 +69,17 @@ export class WorkspaceRepository<
alias,
queryRunner,
) as unknown as WorkspaceSelectQueryBuilder<U>;
const isPermissionsV2Enabled =
this.featureFlagMap[FeatureFlagKey.IS_PERMISSIONS_V2_ENABLED];
if (!isPermissionsV2Enabled) {
return queryBuilder;
} else {
if (!this.objectRecordsPermissions) {
throw new Error('Object records permissions are required');
}
return new WorkspaceSelectQueryBuilder(
queryBuilder,
this.objectRecordsPermissions,
this.internalContext,
this.shouldBypassPermissionChecks,
);
if (!this.objectRecordsPermissions) {
throw new Error('Object records permissions are required');
}
return new WorkspaceSelectQueryBuilder(
queryBuilder,
this.objectRecordsPermissions,
this.internalContext,
this.shouldBypassPermissionChecks,
);
}
/**