From 54e346a2aa0dca7a1f3e6d2c832e682ff7f70406 Mon Sep 17 00:00:00 2001
From: Antoine Moreaux <moreaux.antoine@gmail.com>
Date: Mon, 24 Mar 2025 20:24:58 +0100
Subject: [PATCH] fix(auth): prevent workspace creation on signup with password
 with no authorized user + fix 10982 (#11128)

Updated the method to properly fetch and return workspace data with
related approved access domains. This ensures the correct handling of
workspace lookup and fixes potential issues with undefined returns.

Fix #10982
---
 .../src/modules/settings/components/SettingsListCard.tsx   | 2 +-
 .../engine/core-modules/auth/services/auth.service.spec.ts | 2 +-
 .../src/engine/core-modules/auth/services/auth.service.ts  | 7 ++++++-
 3 files changed, 8 insertions(+), 3 deletions(-)

diff --git a/packages/twenty-front/src/modules/settings/components/SettingsListCard.tsx b/packages/twenty-front/src/modules/settings/components/SettingsListCard.tsx
index c40f35f39..a93304e0c 100644
--- a/packages/twenty-front/src/modules/settings/components/SettingsListCard.tsx
+++ b/packages/twenty-front/src/modules/settings/components/SettingsListCard.tsx
@@ -85,7 +85,7 @@ export const SettingsListCard = <
           description={getItemDescription?.(item)}
           rightComponent={<RowRightComponent item={item} />}
           divider={index < items.length - 1}
-          onClick={() => onRowClick?.(item)}
+          onClick={onRowClick ? () => onRowClick?.(item) : undefined}
           to={to?.(item)}
         />
       ))}
diff --git a/packages/twenty-server/src/engine/core-modules/auth/services/auth.service.spec.ts b/packages/twenty-server/src/engine/core-modules/auth/services/auth.service.spec.ts
index d794fa434..c18b794ae 100644
--- a/packages/twenty-server/src/engine/core-modules/auth/services/auth.service.spec.ts
+++ b/packages/twenty-server/src/engine/core-modules/auth/services/auth.service.spec.ts
@@ -423,7 +423,7 @@ describe('AuthService', () => {
       });
 
       expect(result).toBeUndefined();
-      expect(spyWorkspaceRepository).toHaveBeenCalledTimes(0);
+      expect(spyWorkspaceRepository).toHaveBeenCalledTimes(1);
       expect(spyAuthSsoService).toHaveBeenCalledTimes(0);
     });
     it('findWorkspaceForSignInUp - signup password auth with workspaceInviteHash', async () => {
diff --git a/packages/twenty-server/src/engine/core-modules/auth/services/auth.service.ts b/packages/twenty-server/src/engine/core-modules/auth/services/auth.service.ts
index 2189782c9..af12da975 100644
--- a/packages/twenty-server/src/engine/core-modules/auth/services/auth.service.ts
+++ b/packages/twenty-server/src/engine/core-modules/auth/services/auth.service.ts
@@ -562,7 +562,12 @@ export class AuthService {
       );
     }
 
-    return undefined;
+    return await this.workspaceRepository.findOne({
+      where: {
+        id: params.workspaceId,
+      },
+      relations: ['approvedAccessDomains'],
+    });
   }
 
   formatUserDataPayload(