feat: refactoring casl permission checks for recursive nested operations (#778)

* feat: nested casl abilities * fix: remove unused packages * Fixes * Fix createMany broken * Fix lint * Fix lint * Fix lint * Fix lint * Fixes * Fix CommentThread * Fix bugs * Fix lint * Fix bugs * Fixed auto routing * Fixed app path --------- Co-authored-by: Charles Bochet <charles@twenty.com> Co-authored-by: Lucas Bordeau <bordeau.lucas@gmail.com>
2023-07-26 01:37:22 +02:00
parent 92b9e987a5
commit 51cfc0d82c
69 changed files with 1192 additions and 883 deletions
--- a/server/src/core/auth/strategies/jwt.auth.strategy.ts
+++ b/server/src/core/auth/strategies/jwt.auth.strategy.ts
@ -24,7 +24,7 @@ export class JwtAuthStrategy extends PassportStrategy(Strategy, 'jwt') {
  }

  async validate(payload: JwtPayload): Promise<PassportUser> {
-    const user = await this.prismaService.user.findUniqueOrThrow({
+    const user = await this.prismaService.client.user.findUniqueOrThrow({
      where: { id: payload.sub },
    });

@ -32,9 +32,10 @@ export class JwtAuthStrategy extends PassportStrategy(Strategy, 'jwt') {
      throw new UnauthorizedException();
    }

-    const workspace = await this.prismaService.workspace.findUniqueOrThrow({
-      where: { id: payload.workspaceId },
-    });
+    const workspace =
+      await this.prismaService.client.workspace.findUniqueOrThrow({
+        where: { id: payload.workspaceId },
+      });

    if (!workspace) {
      throw new UnauthorizedException();