Optimize metadata queries (#7013)

In this PR: 1. Refactor guards to avoid duplicated queries: WorkspaceAuthGuard and UserAuthGuard only check for existence of workspace and user in the request without querying the database
2024-09-13 19:11:32 +02:00
parent cf8b1161cc
commit 523df5398a
132 changed files with 818 additions and 6372 deletions
--- a/packages/twenty-server/src/engine/metadata-modules/object-metadata/dtos/object-metadata.dto.ts
+++ b/packages/twenty-server/src/engine/metadata-modules/object-metadata/dtos/object-metadata.dto.ts
@ -16,7 +16,7 @@ import { BeforeDeleteOneObject } from 'src/engine/metadata-modules/object-metada
@ObjectType('object')
@Authorize({
  authorize: (context: any) => ({
-    workspaceId: { eq: context?.req?.user?.workspace?.id },
+    workspaceId: { eq: context?.req?.workspace?.id },
  }),
 })
@QueryOptions({
--- a/packages/twenty-server/src/engine/metadata-modules/object-metadata/hooks/before-create-one-object.hook.ts
+++ b/packages/twenty-server/src/engine/metadata-modules/object-metadata/hooks/before-create-one-object.hook.ts
@ -15,7 +15,7 @@ export class BeforeCreateOneObject<T extends CreateObjectInput>
    instance: CreateOneInputType<T>,
    context: any,
  ): Promise<CreateOneInputType<T>> {
-    const workspaceId = context?.req?.user?.workspace?.id;
+    const workspaceId = context?.req?.workspace?.id;

    if (!workspaceId) {
      throw new UnauthorizedException();
--- a/packages/twenty-server/src/engine/metadata-modules/object-metadata/hooks/before-delete-one-object.hook.ts
+++ b/packages/twenty-server/src/engine/metadata-modules/object-metadata/hooks/before-delete-one-object.hook.ts
@ -19,7 +19,7 @@ export class BeforeDeleteOneObject implements BeforeDeleteOneHook {
    instance: DeleteOneInputType,
    context: any,
  ): Promise<DeleteOneInputType> {
-    const workspaceId = context?.req?.user?.workspace?.id;
+    const workspaceId = context?.req?.workspace?.id;

    if (!workspaceId) {
      throw new UnauthorizedException();
--- a/packages/twenty-server/src/engine/metadata-modules/object-metadata/object-metadata.module.ts
+++ b/packages/twenty-server/src/engine/metadata-modules/object-metadata/object-metadata.module.ts
@ -11,7 +11,7 @@ import { NestjsQueryTypeOrmModule } from '@ptc-org/nestjs-query-typeorm';
 import { TypeORMModule } from 'src/database/typeorm/typeorm.module';
 import { FeatureFlagEntity } from 'src/engine/core-modules/feature-flag/feature-flag.entity';
 import { FeatureFlagModule } from 'src/engine/core-modules/feature-flag/feature-flag.module';
-import { JwtAuthGuard } from 'src/engine/guards/jwt.auth.guard';
+import { WorkspaceAuthGuard } from 'src/engine/guards/workspace-auth.guard';
 import { DataSourceModule } from 'src/engine/metadata-modules/data-source/data-source.module';
 import { FieldMetadataEntity } from 'src/engine/metadata-modules/field-metadata/field-metadata.entity';
 import { BeforeUpdateOneObject } from 'src/engine/metadata-modules/object-metadata/hooks/before-update-one-object.hook';
@ -64,7 +64,7 @@ import { UpdateObjectPayload } from './dtos/update-object.input';
          },
          update: { disabled: true },
          delete: { disabled: true },
-          guards: [JwtAuthGuard],
+          guards: [WorkspaceAuthGuard],
          interceptors: [ObjectMetadataGraphqlApiExceptionInterceptor],
        },
      ],
--- a/packages/twenty-server/src/engine/metadata-modules/object-metadata/object-metadata.resolver.ts
+++ b/packages/twenty-server/src/engine/metadata-modules/object-metadata/object-metadata.resolver.ts
@ -3,18 +3,18 @@ import { Args, Mutation, Resolver } from '@nestjs/graphql';

 import { Workspace } from 'src/engine/core-modules/workspace/workspace.entity';
 import { AuthWorkspace } from 'src/engine/decorators/auth/auth-workspace.decorator';
-import { JwtAuthGuard } from 'src/engine/guards/jwt.auth.guard';
-import { ObjectMetadataDTO } from 'src/engine/metadata-modules/object-metadata/dtos/object-metadata.dto';
+import { WorkspaceAuthGuard } from 'src/engine/guards/workspace-auth.guard';
 import { DeleteOneObjectInput } from 'src/engine/metadata-modules/object-metadata/dtos/delete-object.input';
-import { ObjectMetadataService } from 'src/engine/metadata-modules/object-metadata/object-metadata.service';
+import { ObjectMetadataDTO } from 'src/engine/metadata-modules/object-metadata/dtos/object-metadata.dto';
 import {
  UpdateObjectPayload,
  UpdateOneObjectInput,
 } from 'src/engine/metadata-modules/object-metadata/dtos/update-object.input';
 import { BeforeUpdateOneObject } from 'src/engine/metadata-modules/object-metadata/hooks/before-update-one-object.hook';
+import { ObjectMetadataService } from 'src/engine/metadata-modules/object-metadata/object-metadata.service';
 import { objectMetadataGraphqlApiExceptionHandler } from 'src/engine/metadata-modules/object-metadata/utils/object-metadata-graphql-api-exception-handler.util';

-@UseGuards(JwtAuthGuard)
+@UseGuards(WorkspaceAuthGuard)
@Resolver(() => ObjectMetadataDTO)
 export class ObjectMetadataResolver {
  constructor(
--- a/packages/twenty-server/src/engine/metadata-modules/object-metadata/utils/assert-mutation-not-on-remote-object.util.ts
+++ b/packages/twenty-server/src/engine/metadata-modules/object-metadata/utils/assert-mutation-not-on-remote-object.util.ts
@ -6,7 +6,7 @@ import {
 } from 'src/engine/metadata-modules/object-metadata/object-metadata.exception';

 export const assertMutationNotOnRemoteObject = (
-  objectMetadataItem: ObjectMetadataInterface,
+  objectMetadataItem: Pick<ObjectMetadataInterface, 'isRemote'>,
 ) => {
  if (objectMetadataItem.isRemote) {
    throw new ObjectMetadataException(