admin/twenty
1
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity

Migrate to a monorepo structure (#2909)

Browse Source
This commit is contained in:
Charles Bochet
2023-12-10 18:10:54 +01:00
committed by GitHub
parent a70a9281eb
commit 5bdca9de6c
2304 changed files with 37152 additions and 25869 deletions
Download Patch File Download Diff File Expand all files Collapse all files

116
packages/twenty-server/src/app.module.ts Normal file
View File

@ -0,0 +1,116 @@
import { Module } from '@nestjs/common';
import { GraphQLModule } from '@nestjs/graphql';
import { ConfigModule } from '@nestjs/config';
import { APP_FILTER, ContextIdFactory, ModuleRef } from '@nestjs/core';
import { GraphQLError, GraphQLSchema } from 'graphql';
import { YogaDriver, YogaDriverConfig } from '@graphql-yoga/nestjs';
import GraphQLJSON from 'graphql-type-json';
import { TokenExpiredError, JsonWebTokenError } from 'jsonwebtoken';
import { WorkspaceFactory } from 'src/workspace/workspace.factory';
import { TypeOrmExceptionFilter } from 'src/filters/typeorm-exception.filter';
import { HttpExceptionFilter } from 'src/filters/http-exception.filter';
import { GlobalExceptionFilter } from 'src/filters/global-exception.filter';
import { TokenService } from 'src/core/auth/services/token.service';
import { Workspace } from 'src/core/workspace/workspace.entity';
import { AppService } from './app.service';
import { CoreModule } from './core/core.module';
import { IntegrationsModule } from './integrations/integrations.module';
import { HealthModule } from './health/health.module';
import { WorkspaceModule } from './workspace/workspace.module';
@Module({
imports: [
ConfigModule.forRoot({
isGlobal: true,
}),
GraphQLModule.forRoot<YogaDriverConfig>({
context: ({ req }) => ({ req }),
driver: YogaDriver,
autoSchemaFile: true,
include: [CoreModule],
conditionalSchema: async (request) => {
try {
// Get TokenService from AppModule
const tokenService = AppModule.moduleRef.get(TokenService, {
strict: false,
});
let workspace: Workspace;
try {
workspace = await tokenService.validateToken(request.req);
} catch (err) {
return new GraphQLSchema({});
}
const contextId = ContextIdFactory.create();
AppModule.moduleRef.registerRequestByContextId(request, contextId);
// Get the SchemaGenerationService from the AppModule
const workspaceFactory = await AppModule.moduleRef.resolve(
WorkspaceFactory,
contextId,
{
strict: false,
},
);
return await workspaceFactory.createGraphQLSchema(workspace.id);
} catch (error) {
if (error instanceof JsonWebTokenError) {
//mockedUserJWT
throw new GraphQLError('Unauthenticated', {
extensions: {
code: 'UNAUTHENTICATED',
},
});
}
if (error instanceof TokenExpiredError) {
throw new GraphQLError('Unauthenticated', {
extensions: {
code: 'UNAUTHENTICATED',
},
});
}
throw error;
}
},
resolvers: { JSON: GraphQLJSON },
plugins: [],
}),
HealthModule,
IntegrationsModule,
CoreModule,
WorkspaceModule,
],
providers: [
AppService,
// Exceptions filters must be ordered from the least specific to the most specific
// If TypeOrmExceptionFilter handle something, HttpExceptionFilter will not handle it
// GlobalExceptionFilter will handle the rest of the exceptions
{
provide: APP_FILTER,
useClass: GlobalExceptionFilter,
},
{
provide: APP_FILTER,
useClass: HttpExceptionFilter,
},
{
provide: APP_FILTER,
useClass: TypeOrmExceptionFilter,
},
],
})
export class AppModule {
static moduleRef: ModuleRef;
constructor(private moduleRef: ModuleRef) {
AppModule.moduleRef = this.moduleRef;
}
}

8
packages/twenty-server/src/app.service.ts Normal file
View File

@ -0,0 +1,8 @@
import { Injectable } from '@nestjs/common';
@Injectable()
export class AppService {
health(): string {
return 'Healthy!';
}
}

18
packages/twenty-server/src/command.module.ts Normal file
View File

@ -0,0 +1,18 @@
import { Module } from '@nestjs/common';
import { DatabaseCommandModule } from 'src/database/commands/database-command.module';
import { AppModule } from './app.module';
import { WorkspaceSyncMetadataCommandsModule } from './workspace/workspace-sync-metadata/commands/workspace-sync-metadata-commands.module';
import { WorkspaceMigrationRunnerCommandsModule } from './workspace/workspace-migration-runner/commands/workspace-migration-runner-commands.module';
@Module({
imports: [
AppModule,
WorkspaceMigrationRunnerCommandsModule,
WorkspaceSyncMetadataCommandsModule,
DatabaseCommandModule,
],
})
export class CommandModule {}

9
packages/twenty-server/src/command.ts Normal file
View File

@ -0,0 +1,9 @@
import { CommandFactory } from 'nest-commander';
import { CommandModule } from './command.module';
async function bootstrap() {
// TODO: inject our own logger service to handle the output (Sentry, etc.)
await CommandFactory.run(CommandModule, ['warn', 'error']);
}
bootstrap();

12
packages/twenty-server/src/constants/settings/index.ts Normal file
View File

@ -0,0 +1,12 @@
import { Settings } from './interfaces/settings.interface';
export const settings: Settings = {
storage: {
imageCropSizes: {
'profile-picture': ['original'],
'workspace-logo': ['original'],
'person-picture': ['original'],
},
maxFileSize: '10MB',
},
};

14
packages/twenty-server/src/constants/settings/interfaces/settings.interface.ts Normal file
View File

@ -0,0 +1,14 @@
import { FileFolder } from 'src/core/file/interfaces/file-folder.interface';
import { ShortCropSize } from 'src/utils/image';
type ValueOfFileFolder = `${FileFolder}`;
export interface Settings {
storage: {
imageCropSizes: {
[key in ValueOfFileFolder]?: ShortCropSize[];
};
maxFileSize: `${number}MB`;
};
}

9
packages/twenty-server/src/core/analytics/analytics.entity.ts Normal file
View File

@ -0,0 +1,9 @@
import { ObjectType, Field } from '@nestjs/graphql';
@ObjectType()
export class Analytics {
@Field(() => Boolean, {
description: 'Boolean that confirms query was dispatched',
})
success: boolean;
}

9
packages/twenty-server/src/core/analytics/analytics.module.ts Normal file
View File

@ -0,0 +1,9 @@
import { Module } from '@nestjs/common';
import { AnalyticsService } from './analytics.service';
import { AnalyticsResolver } from './analytics.resolver';
@Module({
providers: [AnalyticsResolver, AnalyticsService],
})
export class AnalyticsModule {}

29
packages/twenty-server/src/core/analytics/analytics.resolver.spec.ts Normal file
View File

@ -0,0 +1,29 @@
import { Test, TestingModule } from '@nestjs/testing';
import { EnvironmentService } from 'src/integrations/environment/environment.service';
import { AnalyticsResolver } from './analytics.resolver';
import { AnalyticsService } from './analytics.service';
describe('AnalyticsResolver', () => {
let resolver: AnalyticsResolver;
beforeEach(async () => {
const module: TestingModule = await Test.createTestingModule({
providers: [
AnalyticsResolver,
AnalyticsService,
{
provide: EnvironmentService,
useValue: {},
},
],
}).compile();
resolver = module.get<AnalyticsResolver>(AnalyticsResolver);
});
it('should be defined', () => {
expect(resolver).toBeDefined();
});
});

28
packages/twenty-server/src/core/analytics/analytics.resolver.ts Normal file
View File

@ -0,0 +1,28 @@
import { Resolver, Mutation, Args } from '@nestjs/graphql';
import { UseGuards } from '@nestjs/common';
import { OptionalJwtAuthGuard } from 'src/guards/optional-jwt.auth.guard';
import { AuthWorkspace } from 'src/decorators/auth-workspace.decorator';
import { AuthUser } from 'src/decorators/auth-user.decorator';
import { Workspace } from 'src/core/workspace/workspace.entity';
import { User } from 'src/core/user/user.entity';
import { AnalyticsService } from './analytics.service';
import { Analytics } from './analytics.entity';
import { CreateAnalyticsInput } from './dto/create-analytics.input';
@UseGuards(OptionalJwtAuthGuard)
@Resolver(() => Analytics)
export class AnalyticsResolver {
constructor(private readonly analyticsService: AnalyticsService) {}
@Mutation(() => Analytics)
createEvent(
@Args() createEventInput: CreateAnalyticsInput,
@AuthWorkspace() workspace: Workspace | undefined,
@AuthUser() user: User | undefined,
) {
return this.analyticsService.create(createEventInput, user, workspace);
}
}

27
packages/twenty-server/src/core/analytics/analytics.service.spec.ts Normal file
View File

@ -0,0 +1,27 @@
import { Test, TestingModule } from '@nestjs/testing';
import { EnvironmentService } from 'src/integrations/environment/environment.service';
import { AnalyticsService } from './analytics.service';
describe('AnalyticsService', () => {
let service: AnalyticsService;
beforeEach(async () => {
const module: TestingModule = await Test.createTestingModule({
providers: [
AnalyticsService,
{
provide: EnvironmentService,
useValue: {},
},
],
}).compile();
service = module.get<AnalyticsService>(AnalyticsService);
});
it('should be defined', () => {
expect(service).toBeDefined();
});
});

58
packages/twenty-server/src/core/analytics/analytics.service.ts Normal file
View File

@ -0,0 +1,58 @@
import { Injectable } from '@nestjs/common';
import axios, { AxiosInstance } from 'axios';
import { anonymize } from 'src/utils/anonymize';
import { EnvironmentService } from 'src/integrations/environment/environment.service';
import { User } from 'src/core/user/user.entity';
import { Workspace } from 'src/core/workspace/workspace.entity';
import { CreateAnalyticsInput } from './dto/create-analytics.input';
@Injectable()
export class AnalyticsService {
private readonly httpService: AxiosInstance;
constructor(private readonly environmentService: EnvironmentService) {
this.httpService = axios.create({
baseURL: 'https://t.twenty.com/api/v1/s2s',
});
}
async create(
createEventInput: CreateAnalyticsInput,
user: User | undefined,
workspace: Workspace | undefined,
) {
if (!this.environmentService.isTelemetryEnabled()) {
return { success: true };
}
const anonymizationEnabled =
this.environmentService.isTelemetryAnonymizationEnabled();
const data = {
type: createEventInput.type,
data: {
userUUID: user
? anonymizationEnabled
? anonymize(user.id)
: user.id
: undefined,
workspaceUUID: workspace
? anonymizationEnabled
? anonymize(workspace.id)
: workspace.id
: undefined,
workspaceDomain: workspace ? workspace.domainName : undefined,
...createEventInput.data,
},
};
try {
await this.httpService.post('/event?noToken', data);
} catch {}
return { success: true };
}
}

16
packages/twenty-server/src/core/analytics/dto/create-analytics.input.ts Normal file
View File

@ -0,0 +1,16 @@
import { ArgsType, Field } from '@nestjs/graphql';
import graphqlTypeJson from 'graphql-type-json';
import { IsNotEmpty, IsString, IsObject } from 'class-validator';
@ArgsType()
export class CreateAnalyticsInput {
@Field({ description: 'Type of the event' })
@IsNotEmpty()
@IsString()
type: string;
@Field(() => graphqlTypeJson, { description: 'Event data in JSON format' })
@IsObject()
data: JSON;
}

46
packages/twenty-server/src/core/api-rest/api-rest-query-builder/api-rest-query-builder.factory.spec.ts Normal file
View File

@ -0,0 +1,46 @@
import { Test, TestingModule } from '@nestjs/testing';
import { ApiRestQueryBuilderFactory } from 'src/core/api-rest/api-rest-query-builder/api-rest-query-builder.factory';
import { DeleteQueryFactory } from 'src/core/api-rest/api-rest-query-builder/factories/delete-query.factory';
import { CreateQueryFactory } from 'src/core/api-rest/api-rest-query-builder/factories/create-query.factory';
import { UpdateQueryFactory } from 'src/core/api-rest/api-rest-query-builder/factories/update-query.factory';
import { FindOneQueryFactory } from 'src/core/api-rest/api-rest-query-builder/factories/find-one-query.factory';
import { FindManyQueryFactory } from 'src/core/api-rest/api-rest-query-builder/factories/find-many-query.factory';
import { DeleteVariablesFactory } from 'src/core/api-rest/api-rest-query-builder/factories/delete-variables.factory';
import { CreateVariablesFactory } from 'src/core/api-rest/api-rest-query-builder/factories/create-variables.factory';
import { UpdateVariablesFactory } from 'src/core/api-rest/api-rest-query-builder/factories/update-variables.factory';
import { GetVariablesFactory } from 'src/core/api-rest/api-rest-query-builder/factories/get-variables.factory';
import { ObjectMetadataService } from 'src/metadata/object-metadata/object-metadata.service';
import { TokenService } from 'src/core/auth/services/token.service';
import { EnvironmentService } from 'src/integrations/environment/environment.service';
describe('ApiRestQueryBuilderFactory', () => {
let service: ApiRestQueryBuilderFactory;
beforeEach(async () => {
const module: TestingModule = await Test.createTestingModule({
providers: [
ApiRestQueryBuilderFactory,
{ provide: DeleteQueryFactory, useValue: {} },
{ provide: CreateQueryFactory, useValue: {} },
{ provide: UpdateQueryFactory, useValue: {} },
{ provide: FindOneQueryFactory, useValue: {} },
{ provide: FindManyQueryFactory, useValue: {} },
{ provide: DeleteVariablesFactory, useValue: {} },
{ provide: CreateVariablesFactory, useValue: {} },
{ provide: UpdateVariablesFactory, useValue: {} },
{ provide: GetVariablesFactory, useValue: {} },
{ provide: ObjectMetadataService, useValue: {} },
{ provide: TokenService, useValue: {} },
{ provide: EnvironmentService, useValue: {} },
],
}).compile();
service = module.get<ApiRestQueryBuilderFactory>(
ApiRestQueryBuilderFactory,
);
});
it('should be defined', () => {
expect(service).toBeDefined();
});
});

143
packages/twenty-server/src/core/api-rest/api-rest-query-builder/api-rest-query-builder.factory.ts Normal file
View File

@ -0,0 +1,143 @@
import { BadRequestException, Injectable } from '@nestjs/common';
import { Request } from 'express';
import { DeleteQueryFactory } from 'src/core/api-rest/api-rest-query-builder/factories/delete-query.factory';
import { ObjectMetadataService } from 'src/metadata/object-metadata/object-metadata.service';
import { TokenService } from 'src/core/auth/services/token.service';
import { CreateQueryFactory } from 'src/core/api-rest/api-rest-query-builder/factories/create-query.factory';
import { UpdateQueryFactory } from 'src/core/api-rest/api-rest-query-builder/factories/update-query.factory';
import { FindOneQueryFactory } from 'src/core/api-rest/api-rest-query-builder/factories/find-one-query.factory';
import { FindManyQueryFactory } from 'src/core/api-rest/api-rest-query-builder/factories/find-many-query.factory';
import { DeleteVariablesFactory } from 'src/core/api-rest/api-rest-query-builder/factories/delete-variables.factory';
import { CreateVariablesFactory } from 'src/core/api-rest/api-rest-query-builder/factories/create-variables.factory';
import { UpdateVariablesFactory } from 'src/core/api-rest/api-rest-query-builder/factories/update-variables.factory';
import { GetVariablesFactory } from 'src/core/api-rest/api-rest-query-builder/factories/get-variables.factory';
import { parsePath } from 'src/core/api-rest/api-rest-query-builder/utils/parse-path.utils';
import { computeDepth } from 'src/core/api-rest/api-rest-query-builder/utils/compute-depth.utils';
import { ObjectMetadataEntity } from 'src/metadata/object-metadata/object-metadata.entity';
import { ApiRestQuery } from 'src/core/api-rest/types/api-rest-query.type';
import { EnvironmentService } from 'src/integrations/environment/environment.service';
@Injectable()
export class ApiRestQueryBuilderFactory {
constructor(
private readonly deleteQueryFactory: DeleteQueryFactory,
private readonly createQueryFactory: CreateQueryFactory,
private readonly updateQueryFactory: UpdateQueryFactory,
private readonly findOneQueryFactory: FindOneQueryFactory,
private readonly findManyQueryFactory: FindManyQueryFactory,
private readonly deleteVariablesFactory: DeleteVariablesFactory,
private readonly createVariablesFactory: CreateVariablesFactory,
private readonly updateVariablesFactory: UpdateVariablesFactory,
private readonly getVariablesFactory: GetVariablesFactory,
private readonly objectMetadataService: ObjectMetadataService,
private readonly tokenService: TokenService,
private readonly environmentService: EnvironmentService,
) {}
async getObjectMetadata(request: Request): Promise<{
objectMetadataItems: ObjectMetadataEntity[];
objectMetadataItem: ObjectMetadataEntity;
}> {
const workspace = await this.tokenService.validateToken(request);
const objectMetadataItems =
await this.objectMetadataService.findManyWithinWorkspace(workspace.id);
if (!objectMetadataItems.length) {
throw new BadRequestException(
`No object was found for the workspace associated with this API key. You may generate a new one here ${this.environmentService.getFrontBaseUrl()}/settings/developers/api-keys`,
);
}
const { object: parsedObject } = parsePath(request);
const [objectMetadata] = objectMetadataItems.filter(
(object) => object.namePlural === parsedObject,
);
if (!objectMetadata) {
const [wrongObjectMetadata] = objectMetadataItems.filter(
(object) => object.nameSingular === parsedObject,
);
let hint = 'eg: companies';
if (wrongObjectMetadata) {
hint = `Did you mean '${wrongObjectMetadata.namePlural}'?`;
}
throw new BadRequestException(
`object '${parsedObject}' not found. ${hint}`,
);
}
return {
objectMetadataItems,
objectMetadataItem: objectMetadata,
};
}
async delete(request: Request): Promise<ApiRestQuery> {
const objectMetadata = await this.getObjectMetadata(request);
const { id } = parsePath(request);
if (!id) {
throw new BadRequestException(
`delete ${objectMetadata.objectMetadataItem.nameSingular} query invalid. Id missing. eg: /rest/${objectMetadata.objectMetadataItem.namePlural}/0d4389ef-ea9c-4ae8-ada1-1cddc440fb56`,
);
}
return {
query: this.deleteQueryFactory.create(objectMetadata.objectMetadataItem),
variables: this.deleteVariablesFactory.create(id),
};
}
async create(request): Promise<ApiRestQuery> {
const objectMetadata = await this.getObjectMetadata(request);
const depth = computeDepth(request);
return {
query: this.createQueryFactory.create(objectMetadata, depth),
variables: this.createVariablesFactory.create(request),
};
}
async update(request): Promise<ApiRestQuery> {
const objectMetadata = await this.getObjectMetadata(request);
const depth = computeDepth(request);
const { id } = parsePath(request);
if (!id) {
throw new BadRequestException(
`update ${objectMetadata.objectMetadataItem.nameSingular} query invalid. Id missing. eg: /rest/${objectMetadata.objectMetadataItem.namePlural}/0d4389ef-ea9c-4ae8-ada1-1cddc440fb56`,
);
}
return {
query: this.updateQueryFactory.create(objectMetadata, depth),
variables: this.updateVariablesFactory.create(id, request),
};
}
async get(request): Promise<ApiRestQuery> {
const objectMetadata = await this.getObjectMetadata(request);
const depth = computeDepth(request);
const { id } = parsePath(request);
return {
query: id
? this.findOneQueryFactory.create(objectMetadata, depth)
: this.findManyQueryFactory.create(objectMetadata, depth),
variables: this.getVariablesFactory.create(id, request, objectMetadata),
};
}
}

13
packages/twenty-server/src/core/api-rest/api-rest-query-builder/api-rest-query-builder.module.ts Normal file
View File

@ -0,0 +1,13 @@
import { Module } from '@nestjs/common';
import { ApiRestQueryBuilderFactory } from 'src/core/api-rest/api-rest-query-builder/api-rest-query-builder.factory';
import { apiRestQueryBuilderFactories } from 'src/core/api-rest/api-rest-query-builder/factories/factories';
import { ObjectMetadataModule } from 'src/metadata/object-metadata/object-metadata.module';
import { AuthModule } from 'src/core/auth/auth.module';
@Module({
imports: [ObjectMetadataModule, AuthModule],
providers: [...apiRestQueryBuilderFactories, ApiRestQueryBuilderFactory],
exports: [ApiRestQueryBuilderFactory],
})
export class ApiRestQueryBuilderModule {}

30
packages/twenty-server/src/core/api-rest/api-rest-query-builder/factories/create-query.factory.ts Normal file
View File

@ -0,0 +1,30 @@
import { Injectable } from '@nestjs/common';
import { capitalize } from 'src/utils/capitalize';
import { mapFieldMetadataToGraphqlQuery } from 'src/core/api-rest/api-rest-query-builder/utils/map-field-metadata-to-graphql-query.utils';
@Injectable()
export class CreateQueryFactory {
create(objectMetadata, depth?: number): string {
const objectNameSingular = capitalize(
objectMetadata.objectMetadataItem.nameSingular,
);
return `
mutation Create${objectNameSingular}($data: ${objectNameSingular}CreateInput!) {
create${objectNameSingular}(data: $data) {
id
${objectMetadata.objectMetadataItem.fields
.map((field) =>
mapFieldMetadataToGraphqlQuery(
objectMetadata.objectMetadataItems,
field,
depth,
),
)
.join('\n')}
}
}
`;
}
}

12
packages/twenty-server/src/core/api-rest/api-rest-query-builder/factories/create-variables.factory.ts Normal file
View File

@ -0,0 +1,12 @@
import { Injectable } from '@nestjs/common';
import { ApiRestQueryVariables } from 'src/core/api-rest/types/api-rest-query-variables.type';
@Injectable()
export class CreateVariablesFactory {
create(request: Request): ApiRestQueryVariables {
return {
data: request.body,
};
}
}

18
packages/twenty-server/src/core/api-rest/api-rest-query-builder/factories/delete-query.factory.ts Normal file
View File

@ -0,0 +1,18 @@
import { Injectable } from '@nestjs/common';
import { capitalize } from 'src/utils/capitalize';
@Injectable()
export class DeleteQueryFactory {
create(objectMetadataItem): string {
const objectNameSingular = capitalize(objectMetadataItem.nameSingular);
return `
mutation Delete${objectNameSingular}($id: ID!) {
delete${objectNameSingular}(id: $id) {
id
}
}
`;
}
}

12
packages/twenty-server/src/core/api-rest/api-rest-query-builder/factories/delete-variables.factory.ts Normal file
View File

@ -0,0 +1,12 @@
import { Injectable } from '@nestjs/common';
import { ApiRestQueryVariables } from 'src/core/api-rest/types/api-rest-query-variables.type';
@Injectable()
export class DeleteVariablesFactory {
create(id: string): ApiRestQueryVariables {
return {
id: id,
};
}
}

29
packages/twenty-server/src/core/api-rest/api-rest-query-builder/factories/factories.ts Normal file
View File

@ -0,0 +1,29 @@
import { DeleteQueryFactory } from 'src/core/api-rest/api-rest-query-builder/factories/delete-query.factory';
import { CreateQueryFactory } from 'src/core/api-rest/api-rest-query-builder/factories/create-query.factory';
import { UpdateQueryFactory } from 'src/core/api-rest/api-rest-query-builder/factories/update-query.factory';
import { FindOneQueryFactory } from 'src/core/api-rest/api-rest-query-builder/factories/find-one-query.factory';
import { FindManyQueryFactory } from 'src/core/api-rest/api-rest-query-builder/factories/find-many-query.factory';
import { DeleteVariablesFactory } from 'src/core/api-rest/api-rest-query-builder/factories/delete-variables.factory';
import { CreateVariablesFactory } from 'src/core/api-rest/api-rest-query-builder/factories/create-variables.factory';
import { UpdateVariablesFactory } from 'src/core/api-rest/api-rest-query-builder/factories/update-variables.factory';
import { GetVariablesFactory } from 'src/core/api-rest/api-rest-query-builder/factories/get-variables.factory';
import { LastCursorInputFactory } from 'src/core/api-rest/api-rest-query-builder/factories/input-factories/last-cursor-input.factory';
import { LimitInputFactory } from 'src/core/api-rest/api-rest-query-builder/factories/input-factories/limit-input.factory';
import { OrderByInputFactory } from 'src/core/api-rest/api-rest-query-builder/factories/input-factories/order-by-input.factory';
import { FilterInputFactory } from 'src/core/api-rest/api-rest-query-builder/factories/input-factories/filter-input.factory';
export const apiRestQueryBuilderFactories = [
DeleteQueryFactory,
CreateQueryFactory,
UpdateQueryFactory,
FindOneQueryFactory,
FindManyQueryFactory,
DeleteVariablesFactory,
CreateVariablesFactory,
UpdateVariablesFactory,
GetVariablesFactory,
LastCursorInputFactory,
LimitInputFactory,
OrderByInputFactory,
FilterInputFactory,
];

48
packages/twenty-server/src/core/api-rest/api-rest-query-builder/factories/find-many-query.factory.ts Normal file
View File

@ -0,0 +1,48 @@
import { Injectable } from '@nestjs/common';
import { capitalize } from 'src/utils/capitalize';
import { mapFieldMetadataToGraphqlQuery } from 'src/core/api-rest/api-rest-query-builder/utils/map-field-metadata-to-graphql-query.utils';
@Injectable()
export class FindManyQueryFactory {
create(objectMetadata, depth?: number): string {
const objectNameSingular = capitalize(
objectMetadata.objectMetadataItem.nameSingular,
);
const objectNamePlural = objectMetadata.objectMetadataItem.namePlural;
return `
query FindMany${capitalize(objectNamePlural)}(
$filter: ${objectNameSingular}FilterInput,
$orderBy: ${objectNameSingular}OrderByInput,
$lastCursor: String,
$limit: Float = 60
) {
${objectNamePlural}(
filter: $filter, orderBy: $orderBy, first: $limit, after: $lastCursor
) {
edges {
node {
id
${objectMetadata.objectMetadataItem.fields
.map((field) =>
mapFieldMetadataToGraphqlQuery(
objectMetadata.objectMetadataItems,
field,
depth,
),
)
.join('\n')}
}
cursor
}
pageInfo {
hasNextPage
startCursor
endCursor
}
}
}
`;
}
}

30
packages/twenty-server/src/core/api-rest/api-rest-query-builder/factories/find-one-query.factory.ts Normal file
View File

@ -0,0 +1,30 @@
import { Injectable } from '@nestjs/common';
import { capitalize } from 'src/utils/capitalize';
import { mapFieldMetadataToGraphqlQuery } from 'src/core/api-rest/api-rest-query-builder/utils/map-field-metadata-to-graphql-query.utils';
@Injectable()
export class FindOneQueryFactory {
create(objectMetadata, depth?: number): string {
const objectNameSingular = objectMetadata.objectMetadataItem.nameSingular;
return `
query FindOne${capitalize(objectNameSingular)}(
$filter: ${capitalize(objectNameSingular)}FilterInput!,
) {
${objectNameSingular}(filter: $filter) {
id
${objectMetadata.objectMetadataItem.fields
.map((field) =>
mapFieldMetadataToGraphqlQuery(
objectMetadata.objectMetadataItems,
field,
depth,
),
)
.join('\n')}
}
}
`;
}
}

36
packages/twenty-server/src/core/api-rest/api-rest-query-builder/factories/get-variables.factory.ts Normal file
View File

@ -0,0 +1,36 @@
import { Injectable } from '@nestjs/common';
import { Request } from 'express';
import { LastCursorInputFactory } from 'src/core/api-rest/api-rest-query-builder/factories/input-factories/last-cursor-input.factory';
import { LimitInputFactory } from 'src/core/api-rest/api-rest-query-builder/factories/input-factories/limit-input.factory';
import { OrderByInputFactory } from 'src/core/api-rest/api-rest-query-builder/factories/input-factories/order-by-input.factory';
import { FilterInputFactory } from 'src/core/api-rest/api-rest-query-builder/factories/input-factories/filter-input.factory';
import { ApiRestQueryVariables } from 'src/core/api-rest/types/api-rest-query-variables.type';
@Injectable()
export class GetVariablesFactory {
constructor(
private readonly lastCursorInputFactory: LastCursorInputFactory,
private readonly limitInputFactory: LimitInputFactory,
private readonly orderByInputFactory: OrderByInputFactory,
private readonly filterInputFactory: FilterInputFactory,
) {}
create(
id: string | undefined,
request: Request,
objectMetadata,
): ApiRestQueryVariables {
if (id) {
return { filter: { id: { eq: id } } };
}
return {
filter: this.filterInputFactory.create(request, objectMetadata),
orderBy: this.orderByInputFactory.create(request, objectMetadata),
limit: this.limitInputFactory.create(request),
lastCursor: this.lastCursorInputFactory.create(request),
};
}
}

120
packages/twenty-server/src/core/api-rest/api-rest-query-builder/factories/input-factories/__tests__/filter-input.factory.spec.ts Normal file
View File

@ -0,0 +1,120 @@
import { Test, TestingModule } from '@nestjs/testing';
import { objectMetadataItem } from 'src/core/api-rest/api-rest-query-builder/utils/__tests__/utils';
import { FilterInputFactory } from 'src/core/api-rest/api-rest-query-builder/factories/input-factories/filter-input.factory';
describe('FilterInputFactory', () => {
const objectMetadata = { objectMetadataItem: objectMetadataItem };
let service: FilterInputFactory;
beforeEach(async () => {
const module: TestingModule = await Test.createTestingModule({
providers: [FilterInputFactory],
}).compile();
service = module.get<FilterInputFactory>(FilterInputFactory);
});
it('should be defined', () => {
expect(service).toBeDefined();
});
describe('create', () => {
it('should return default if filter missing', () => {
const request: any = { query: {} };
expect(service.create(request, objectMetadata)).toEqual({});
});
it('should throw when wrong field provided', () => {
const request: any = {
query: {
filter: 'wrongField[eq]:1',
},
};
expect(() => service.create(request, objectMetadata)).toThrow(
"field 'wrongField' does not exist in 'testingObject' object",
);
});
it('should throw when wrong comparator provided', () => {
const request: any = {
query: {
filter: 'fieldNumber[wrongComparator]:1',
},
};
expect(() => service.create(request, objectMetadata)).toThrow(
"'filter' invalid for 'fieldNumber[wrongComparator]:1', comparator wrongComparator not in eq,neq,in,is,gt,gte,lt,lte,startsWith,like,ilike",
);
});
it('should throw when wrong filter provided', () => {
const request: any = {
query: {
filter: 'fieldNumber[wrongComparator:1',
},
};
expect(() => service.create(request, objectMetadata)).toThrow(
"'filter' invalid for 'fieldNumber[wrongComparator:1'. eg: price[gte]:10",
);
});
it('should throw when parenthesis are not closed', () => {
const request: any = {
query: {
filter: 'and(fieldNumber[eq]:1,not(fieldNumber[neq]:1)',
},
};
expect(() => service.create(request, objectMetadata)).toThrow(
"'filter' invalid. 1 close bracket is missing in the query",
);
});
it('should create filter parser properly', () => {
const request: any = {
query: {
filter: 'fieldNumber[eq]:1,fieldString[eq]:"Test"',
},
};
expect(service.create(request, objectMetadata)).toEqual({
and: [{ fieldNumber: { eq: 1 } }, { fieldString: { eq: 'Test' } }],
});
});
it('should create complex filter parser properly', () => {
const request: any = {
query: {
filter:
'and(fieldNumber[eq]:1,fieldString[gte]:"Test",not(fieldString[ilike]:"%val%"),or(not(and(fieldString[startsWith]:"test",fieldNumber[in]:[2,4,5])),fieldCurrency.amountMicros[gt]:1))',
},
};
expect(service.create(request, objectMetadata)).toEqual({
and: [
{ fieldNumber: { eq: 1 } },
{ fieldString: { gte: 'Test' } },
{ not: { fieldString: { ilike: '%val%' } } },
{
or: [
{
not: {
and: [
{ fieldString: { startsWith: 'test' } },
{ fieldNumber: { in: [2, 4, 5] } },
],
},
},
{ fieldCurrency: { amountMicros: { gt: '1' } } },
],
},
],
});
});
});
});

33
packages/twenty-server/src/core/api-rest/api-rest-query-builder/factories/input-factories/__tests__/last-cursor-input.factory.spec.ts Normal file
View File

@ -0,0 +1,33 @@
import { Test, TestingModule } from '@nestjs/testing';
import { LastCursorInputFactory } from 'src/core/api-rest/api-rest-query-builder/factories/input-factories/last-cursor-input.factory';
describe('LastCursorInputFactory', () => {
let service: LastCursorInputFactory;
beforeEach(async () => {
const module: TestingModule = await Test.createTestingModule({
providers: [LastCursorInputFactory],
}).compile();
service = module.get<LastCursorInputFactory>(LastCursorInputFactory);
});
it('should be defined', () => {
expect(service).toBeDefined();
});
describe('create', () => {
it('should return default if last_cursor missing', () => {
const request: any = { query: {} };
expect(service.create(request)).toEqual(undefined);
});
it('should return last_cursor', () => {
const request: any = { query: { last_cursor: 'uuid' } };
expect(service.create(request)).toEqual('uuid');
});
});
});

49
packages/twenty-server/src/core/api-rest/api-rest-query-builder/factories/input-factories/__tests__/limit-input.factory.spec.ts Normal file
View File

@ -0,0 +1,49 @@
import { Test, TestingModule } from '@nestjs/testing';
import { LimitInputFactory } from 'src/core/api-rest/api-rest-query-builder/factories/input-factories/limit-input.factory';
describe('LimitInputFactory', () => {
let service: LimitInputFactory;
beforeEach(async () => {
const module: TestingModule = await Test.createTestingModule({
providers: [LimitInputFactory],
}).compile();
service = module.get<LimitInputFactory>(LimitInputFactory);
});
it('should be defined', () => {
expect(service).toBeDefined();
});
describe('create', () => {
it('should return default if limit missing', () => {
const request: any = { query: {} };
expect(service.create(request)).toEqual(60);
});
it('should return limit', () => {
const request: any = { query: { limit: '10' } };
expect(service.create(request)).toEqual(10);
});
it('should throw if not integer', () => {
const request: any = { query: { limit: 'aaa' } };
expect(() => service.create(request)).toThrow(
"limit 'aaa' is invalid. Should be an integer",
);
});
it('should throw if limit negative', () => {
const request: any = { query: { limit: -1 } };
expect(() => service.create(request)).toThrow(
"limit '-1' is invalid. Should be an integer",
);
});
});
});

119
packages/twenty-server/src/core/api-rest/api-rest-query-builder/factories/input-factories/__tests__/order-by-input.factory.spec.ts Normal file
View File

@ -0,0 +1,119 @@
import { Test, TestingModule } from '@nestjs/testing';
import { OrderByDirection } from 'src/workspace/workspace-query-builder/interfaces/record.interface';
import { OrderByInputFactory } from 'src/core/api-rest/api-rest-query-builder/factories/input-factories/order-by-input.factory';
import { objectMetadataItem } from 'src/core/api-rest/api-rest-query-builder/utils/__tests__/utils';
describe('OrderByInputFactory', () => {
const objectMetadata = { objectMetadataItem: objectMetadataItem };
let service: OrderByInputFactory;
beforeEach(async () => {
const module: TestingModule = await Test.createTestingModule({
providers: [OrderByInputFactory],
}).compile();
service = module.get<OrderByInputFactory>(OrderByInputFactory);
});
it('should be defined', () => {
expect(service).toBeDefined();
});
describe('create', () => {
it('should return default if order by missing', () => {
const request: any = { query: {} };
expect(service.create(request, objectMetadata)).toEqual({});
});
it('should create order by parser properly', () => {
const request: any = {
query: {
order_by: 'fieldNumber[AscNullsFirst],fieldString[DescNullsLast]',
},
};
expect(service.create(request, objectMetadata)).toEqual({
fieldNumber: OrderByDirection.AscNullsFirst,
fieldString: OrderByDirection.DescNullsLast,
});
});
it('should choose default direction if missing', () => {
const request: any = {
query: {
order_by: 'fieldNumber',
},
};
expect(service.create(request, objectMetadata)).toEqual({
fieldNumber: OrderByDirection.AscNullsFirst,
});
});
it('should handler complex fields', () => {
const request: any = {
query: {
order_by: 'fieldCurrency.amountMicros',
},
};
expect(service.create(request, objectMetadata)).toEqual({
fieldCurrency: { amountMicros: OrderByDirection.AscNullsFirst },
});
});
it('should handler complex fields with direction', () => {
const request: any = {
query: {
order_by: 'fieldCurrency.amountMicros[DescNullsLast]',
},
};
expect(service.create(request, objectMetadata)).toEqual({
fieldCurrency: { amountMicros: OrderByDirection.DescNullsLast },
});
});
it('should handler multiple complex fields with direction', () => {
const request: any = {
query: {
order_by:
'fieldCurrency.amountMicros[DescNullsLast],fieldLink.label[AscNullsLast]',
},
};
expect(service.create(request, objectMetadata)).toEqual({
fieldCurrency: { amountMicros: OrderByDirection.DescNullsLast },
fieldLink: { label: OrderByDirection.AscNullsLast },
});
});
it('should throw if direction invalid', () => {
const request: any = {
query: {
order_by: 'fieldString[invalid]',
},
};
expect(() => service.create(request, objectMetadata)).toThrow(
"'order_by' direction 'invalid' invalid. Allowed values are 'AscNullsFirst', 'AscNullsLast', 'DescNullsFirst', 'DescNullsLast'. eg: ?order_by=field_1[AscNullsFirst],field_2[DescNullsLast],field_3",
);
});
it('should throw if field invalid', () => {
const request: any = {
query: {
order_by: 'wrongField[DescNullsLast]',
},
};
expect(() => service.create(request, objectMetadata)).toThrow(
"field 'wrongField' does not exist in 'testingObject' object",
);
});
});
});

25
packages/twenty-server/src/core/api-rest/api-rest-query-builder/factories/input-factories/filter-input.factory.ts Normal file
View File

@ -0,0 +1,25 @@
import { Injectable } from '@nestjs/common';
import { Request } from 'express';
import { addDefaultConjunctionIfMissing } from 'src/core/api-rest/api-rest-query-builder/factories/input-factories/filter-utils/add-default-conjunction.utils';
import { checkFilterQuery } from 'src/core/api-rest/api-rest-query-builder/factories/input-factories/filter-utils/check-filter-query.utils';
import { parseFilter } from 'src/core/api-rest/api-rest-query-builder/factories/input-factories/filter-utils/parse-filter.utils';
import { FieldValue } from 'src/core/api-rest/types/api-rest-field-value.type';
@Injectable()
export class FilterInputFactory {
create(request: Request, objectMetadata): Record<string, FieldValue> {
let filterQuery = request.query.filter;
if (typeof filterQuery !== 'string') {
return {};
}
checkFilterQuery(filterQuery);
filterQuery = addDefaultConjunctionIfMissing(filterQuery);
return parseFilter(filterQuery, objectMetadata.objectMetadataItem);
}
}

15
packages/twenty-server/src/core/api-rest/api-rest-query-builder/factories/input-factories/filter-utils/__tests__/add-default-conjunction.utils.spec.ts Normal file
View File

@ -0,0 +1,15 @@
import { addDefaultConjunctionIfMissing } from 'src/core/api-rest/api-rest-query-builder/factories/input-factories/filter-utils/add-default-conjunction.utils';
describe('addDefaultConjunctionIfMissing', () => {
it('should add default conjunction if missing', () => {
expect(addDefaultConjunctionIfMissing('field[eq]:1')).toEqual(
'and(field[eq]:1)',
);
});
it('should not add default conjunction if not missing', () => {
expect(addDefaultConjunctionIfMissing('and(field[eq]:1)')).toEqual(
'and(field[eq]:1)',
);
});
});

33
packages/twenty-server/src/core/api-rest/api-rest-query-builder/factories/input-factories/filter-utils/__tests__/check-filter-query.utils.spec.ts Normal file
View File

@ -0,0 +1,33 @@
import { checkFilterQuery } from 'src/core/api-rest/api-rest-query-builder/factories/input-factories/filter-utils/check-filter-query.utils';
describe('checkFilterQuery', () => {
it('should check filter query', () => {
expect(() => checkFilterQuery('(')).toThrow(
"'filter' invalid. 1 close bracket is missing in the query",
);
expect(() => checkFilterQuery(')')).toThrow(
"'filter' invalid. 1 open bracket is missing in the query",
);
expect(() => checkFilterQuery('(()')).toThrow(
"'filter' invalid. 1 close bracket is missing in the query",
);
expect(() => checkFilterQuery('()))')).toThrow(
"'filter' invalid. 2 open brackets are missing in the query",
);
expect(() =>
checkFilterQuery(
'and(or(fieldNumber[eq]:1,fieldNumber[eq]:2)),fieldNumber[eq]:3)',
),
).toThrow("'filter' invalid. 1 open bracket is missing in the query");
expect(() =>
checkFilterQuery(
'and(or(fieldNumber[eq]:1,fieldNumber[eq]:2),fieldNumber[eq]:3)',
),
).not.toThrow();
});
});

56
packages/twenty-server/src/core/api-rest/api-rest-query-builder/factories/input-factories/filter-utils/__tests__/format-field-values.utils.spec.ts Normal file
View File

@ -0,0 +1,56 @@
import { FieldMetadataType } from 'src/metadata/field-metadata/field-metadata.entity';
import { formatFieldValue } from 'src/core/api-rest/api-rest-query-builder/factories/input-factories/filter-utils/format-field-values.utils';
describe('formatFieldValue', () => {
it('should format fieldNumber value', () => {
expect(formatFieldValue('1', FieldMetadataType.NUMBER)).toEqual(1);
expect(formatFieldValue('a', FieldMetadataType.NUMBER)).toEqual(NaN);
expect(formatFieldValue('true', FieldMetadataType.BOOLEAN)).toEqual(true);
expect(formatFieldValue('True', FieldMetadataType.BOOLEAN)).toEqual(true);
expect(formatFieldValue('false', FieldMetadataType.BOOLEAN)).toEqual(false);
expect(formatFieldValue('value', FieldMetadataType.TEXT)).toEqual('value');
expect(formatFieldValue('"value"', FieldMetadataType.TEXT)).toEqual(
'value',
);
expect(formatFieldValue("'value'", FieldMetadataType.TEXT)).toEqual(
'value',
);
expect(formatFieldValue('value', FieldMetadataType.DATE_TIME)).toEqual(
'value',
);
expect(formatFieldValue('"value"', FieldMetadataType.DATE_TIME)).toEqual(
'value',
);
expect(formatFieldValue("'value'", FieldMetadataType.DATE_TIME)).toEqual(
'value',
);
expect(
formatFieldValue(
'["2023-12-01T14:23:23.914Z","2024-12-01T14:23:23.914Z"]',
undefined,
'in',
),
).toEqual(['2023-12-01T14:23:23.914Z', '2024-12-01T14:23:23.914Z']);
expect(formatFieldValue('[1,2]', FieldMetadataType.NUMBER, 'in')).toEqual([
1, 2,
]);
expect(() =>
formatFieldValue('2024-12-01T14:23:23.914Z', undefined, 'in'),
).toThrow(
"'filter' invalid for 'in' operator. Received '2024-12-01T14:23:23.914Z' but array value expected eg: 'field[in]:[value_1,value_2]'",
);
});
});

49
packages/twenty-server/src/core/api-rest/api-rest-query-builder/factories/input-factories/filter-utils/__tests__/parse-base-filter.utils.spec.ts Normal file
View File

@ -0,0 +1,49 @@
import { parseBaseFilter } from 'src/core/api-rest/api-rest-query-builder/factories/input-factories/filter-utils/parse-base-filter.utils';
describe('parseBaseFilter', () => {
it('should parse simple filter string test 1', () => {
expect(parseBaseFilter('price[lte]:100')).toEqual({
fields: ['price'],
comparator: 'lte',
value: '100',
});
});
it('should parse simple filter string test 2', () => {
expect(parseBaseFilter('date[gt]:2023-12-01T14:23:23.914Z')).toEqual({
fields: ['date'],
comparator: 'gt',
value: '2023-12-01T14:23:23.914Z',
});
});
it('should parse simple filter string test 3', () => {
expect(parseBaseFilter('fieldNumber[gt]:valStart]:[valEnd')).toEqual({
fields: ['fieldNumber'],
comparator: 'gt',
value: 'valStart]:[valEnd',
});
});
it('should parse simple filter string test 4', () => {
expect(
parseBaseFilter('person.createdAt[gt]:"2023-12-01T14:23:23.914Z"'),
).toEqual({
fields: ['person', 'createdAt'],
comparator: 'gt',
value: '"2023-12-01T14:23:23.914Z"',
});
});
it('should parse simple filter string test 5', () => {
expect(
parseBaseFilter(
'person.createdAt[in]:["2023-12-01T14:23:23.914Z","2024-12-01T14:23:23.914Z"]',
),
).toEqual({
fields: ['person', 'createdAt'],
comparator: 'in',
value: '["2023-12-01T14:23:23.914Z","2024-12-01T14:23:23.914Z"]',
});
});
});

54
packages/twenty-server/src/core/api-rest/api-rest-query-builder/factories/input-factories/filter-utils/__tests__/parse-filter-content.utils.spec.ts Normal file
View File

@ -0,0 +1,54 @@
import { parseFilterContent } from 'src/core/api-rest/api-rest-query-builder/factories/input-factories/filter-utils/parse-filter-content.utils';
describe('parseFilterContent', () => {
it('should parse query filter test 1', () => {
expect(parseFilterContent('and(fieldNumber[eq]:1)')).toEqual([
'fieldNumber[eq]:1',
]);
});
it('should parse query filter test 2', () => {
expect(
parseFilterContent('and(fieldNumber[eq]:1,fieldNumber[eq]:2)'),
).toEqual(['fieldNumber[eq]:1', 'fieldNumber[eq]:2']);
});
it('should parse query filter test 3', () => {
expect(
parseFilterContent(
'and(fieldNumber[eq]:1,or(fieldNumber[eq]:2,fieldNumber[eq]:3))',
),
).toEqual(['fieldNumber[eq]:1', 'or(fieldNumber[eq]:2,fieldNumber[eq]:3)']);
});
it('should parse query filter test 4', () => {
expect(
parseFilterContent(
'and(fieldNumber[eq]:1,or(fieldNumber[eq]:2,not(fieldNumber[eq]:3)),fieldNumber[eq]:4,not(fieldNumber[eq]:5))',
),
).toEqual([
'fieldNumber[eq]:1',
'or(fieldNumber[eq]:2,not(fieldNumber[eq]:3))',
'fieldNumber[eq]:4',
'not(fieldNumber[eq]:5)',
]);
});
it('should parse query filter test 5', () => {
expect(
parseFilterContent('and(fieldNumber[in]:[1,2],fieldNumber[eq]:4)'),
).toEqual(['fieldNumber[in]:[1,2]', 'fieldNumber[eq]:4']);
});
it('should parse query filter with comma in value ', () => {
expect(parseFilterContent('and(fieldString[eq]:"val,ue")')).toEqual([
'fieldString[eq]:"val,ue"',
]);
});
it('should parse query filter with comma in value ', () => {
expect(parseFilterContent("and(fieldString[eq]:'val,ue')")).toEqual([
"fieldString[eq]:'val,ue'",
]);
});
});

92
packages/twenty-server/src/core/api-rest/api-rest-query-builder/factories/input-factories/filter-utils/__tests__/parse-filter.utils.spec.ts Normal file
View File

@ -0,0 +1,92 @@
import { objectMetadataItem } from 'src/core/api-rest/api-rest-query-builder/utils/__tests__/utils';
import { parseFilter } from 'src/core/api-rest/api-rest-query-builder/factories/input-factories/filter-utils/parse-filter.utils';
describe('parseFilter', () => {
it('should parse string filter test 1', () => {
expect(
parseFilter(
'and(fieldNumber[eq]:1,fieldNumber[eq]:2)',
objectMetadataItem,
),
).toEqual({
and: [{ fieldNumber: { eq: 1 } }, { fieldNumber: { eq: 2 } }],
});
});
it('should parse string filter test 2', () => {
expect(
parseFilter(
'and(fieldNumber[eq]:1,or(fieldNumber[eq]:2,fieldNumber[eq]:3))',
objectMetadataItem,
),
).toEqual({
and: [
{ fieldNumber: { eq: 1 } },
{ or: [{ fieldNumber: { eq: 2 } }, { fieldNumber: { eq: 3 } }] },
],
});
});
it('should parse string filter test 3', () => {
expect(
parseFilter(
'and(fieldNumber[eq]:1,or(fieldNumber[eq]:2,fieldNumber[eq]:3,and(fieldNumber[eq]:6,fieldNumber[eq]:7)),or(fieldNumber[eq]:4,fieldNumber[eq]:5))',
objectMetadataItem,
),
).toEqual({
and: [
{ fieldNumber: { eq: 1 } },
{
or: [
{ fieldNumber: { eq: 2 } },
{ fieldNumber: { eq: 3 } },
{ and: [{ fieldNumber: { eq: 6 } }, { fieldNumber: { eq: 7 } }] },
],
},
{ or: [{ fieldNumber: { eq: 4 } }, { fieldNumber: { eq: 5 } }] },
],
});
});
it('should parse string filter test 4', () => {
expect(
parseFilter(
'and(fieldString[gt]:"val,ue",or(fieldNumber[is]:NOT_NULL,not(fieldString[startsWith]:"val"),and(fieldNumber[eq]:6,fieldString[ilike]:"%val%")),or(fieldNumber[eq]:4,fieldString[is]:NULL))',
objectMetadataItem,
),
).toEqual({
and: [
{ fieldString: { gt: 'val,ue' } },
{
or: [
{ fieldNumber: { is: 'NOT_NULL' } },
{ not: { fieldString: { startsWith: 'val' } } },
{
and: [
{ fieldNumber: { eq: 6 } },
{ fieldString: { ilike: '%val%' } },
],
},
],
},
{ or: [{ fieldNumber: { eq: 4 } }, { fieldString: { is: 'NULL' } }] },
],
});
});
it('should handler not', () => {
expect(
parseFilter(
'and(fieldNumber[eq]:1,not(fieldNumber[eq]:2))',
objectMetadataItem,
),
).toEqual({
and: [
{ fieldNumber: { eq: 1 } },
{
not: { fieldNumber: { eq: 2 } },
},
],
});
});
});

7
packages/twenty-server/src/core/api-rest/api-rest-query-builder/factories/input-factories/filter-utils/add-default-conjunction.utils.ts Normal file
View File

@ -0,0 +1,7 @@
export const addDefaultConjunctionIfMissing = (filterQuery: string): string => {
if (!(filterQuery.includes('(') && filterQuery.includes(')'))) {
return `and(${filterQuery})`;
}
return filterQuery;
};

22
packages/twenty-server/src/core/api-rest/api-rest-query-builder/factories/input-factories/filter-utils/check-filter-query.utils.ts Normal file
View File

@ -0,0 +1,22 @@
import { BadRequestException } from '@nestjs/common';
export const checkFilterQuery = (filterQuery: string): void => {
const countOpenedBrackets = (filterQuery.match(/\(/g) || []).length;
const countClosedBrackets = (filterQuery.match(/\)/g) || []).length;
const diff = countOpenedBrackets - countClosedBrackets;
if (diff !== 0) {
const hint =
diff > 0
? `${diff} close bracket${diff > 1 ? 's are' : ' is'}`
: `${Math.abs(diff)} open bracket${
Math.abs(diff) > 1 ? 's are' : ' is'
}`;
throw new BadRequestException(
`'filter' invalid. ${hint} missing in the query`,
);
}
return;
};

41
packages/twenty-server/src/core/api-rest/api-rest-query-builder/factories/input-factories/filter-utils/format-field-values.utils.ts Normal file
View File

@ -0,0 +1,41 @@
import { BadRequestException } from '@nestjs/common';
import { FieldMetadataType } from 'src/metadata/field-metadata/field-metadata.entity';
import { FieldValue } from 'src/core/api-rest/types/api-rest-field-value.type';
export const formatFieldValue = (
value: string,
fieldType?: FieldMetadataType,
comparator?: string,
): FieldValue => {
if (comparator === 'in') {
if (value[0] !== '[' || value[value.length - 1] !== ']') {
throw new BadRequestException(
`'filter' invalid for 'in' operator. Received '${value}' but array value expected eg: 'field[in]:[value_1,value_2]'`,
);
}
const stringValues = value.substring(1, value.length - 1);
return stringValues
.split(',')
.map((value) => formatFieldValue(value, fieldType));
}
if (comparator === 'is') {
return value;
}
if (fieldType === FieldMetadataType.NUMBER) {
return parseInt(value);
}
if (fieldType === FieldMetadataType.BOOLEAN) {
return value.toLowerCase() === 'true';
}
if (
(value[0] === '"' || value[0] === "'") &&
(value.charAt(value.length - 1) === '"' ||
value.charAt(value.length - 1) === "'")
) {
return value.substring(1, value.length - 1);
}
return value;
};

67
packages/twenty-server/src/core/api-rest/api-rest-query-builder/factories/input-factories/filter-utils/parse-base-filter.utils.ts Normal file
View File

@ -0,0 +1,67 @@
import { BadRequestException } from '@nestjs/common';
enum FilterComparators {
eq = 'eq',
neq = 'neq',
in = 'in',
is = 'is',
gt = 'gt',
gte = 'gte',
lt = 'lt',
lte = 'lte',
startsWith = 'startsWith',
like = 'like',
ilike = 'ilike',
// Not handled rigth now
// regex = 'regex',
// iregex = 'iregex',
}
export const parseBaseFilter = (
baseFilter: string,
): {
fields: string[];
comparator: string;
value: string;
} => {
if (!baseFilter.match(`^(.+)\\[(.+)\\]:(.+)$`)) {
throw new BadRequestException(
`'filter' invalid for '${baseFilter}'. eg: price[gte]:10`,
);
}
let fields = '';
let comparator = '';
let value = '';
let fillFields = true;
let fillComparator = false;
let fillValue = false;
// baseFilter = field_1.subfield[in]:["2023-00-00 OO:OO:OO","2024-00-00 OO:OO:OO"]
for (const c of baseFilter) {
if (fillValue) value += c;
if (c === ']' && !fillValue) fillComparator = false;
if (c === ':' && !fillComparator) fillValue = true;
if (fillComparator) comparator += c;
if (c === '[' && fillFields) {
fillFields = false;
fillComparator = true;
}
if (fillFields) fields += c;
}
// field = field_1.subfield ; comparator = in ; value = ["2023-00-00 OO:OO:OO","2024-00-00 OO:OO:OO"]
if (!Object.keys(FilterComparators).includes(comparator)) {
throw new BadRequestException(
`'filter' invalid for '${baseFilter}', comparator ${comparator} not in ${Object.keys(
FilterComparators,
).join(',')}`,
);
}
return { fields: fields.split('.'), comparator, value };
};

45
packages/twenty-server/src/core/api-rest/api-rest-query-builder/factories/input-factories/filter-utils/parse-filter-content.utils.ts Normal file
View File

@ -0,0 +1,45 @@
export const parseFilterContent = (filterQuery: string): string[] => {
let isWithinBrackets = false;
let isWithinDoubleQuotes = false;
let isWithinSingleQuotes = false;
let parenthesisCounter = 0;
const predicates: string[] = [];
let currentPredicates = '';
for (const c of filterQuery) {
let shouldPersistCharacter = parenthesisCounter >= 1;
if (c === '(') {
parenthesisCounter++;
}
if (c === ')') {
parenthesisCounter--;
shouldPersistCharacter = parenthesisCounter >= 1;
}
if (['[', ']'].includes(c)) isWithinBrackets = !isWithinBrackets;
if (c === '"') isWithinDoubleQuotes = !isWithinDoubleQuotes;
if (c === "'") isWithinSingleQuotes = !isWithinSingleQuotes;
if (
c === ',' &&
parenthesisCounter === 1 &&
!isWithinBrackets &&
!isWithinDoubleQuotes &&
!isWithinSingleQuotes
) {
predicates.push(currentPredicates);
currentPredicates = '';
shouldPersistCharacter = false;
}
if (shouldPersistCharacter) currentPredicates += c;
}
predicates.push(currentPredicates);
return predicates;
};

64
packages/twenty-server/src/core/api-rest/api-rest-query-builder/factories/input-factories/filter-utils/parse-filter.utils.ts Normal file
View File

@ -0,0 +1,64 @@
import { BadRequestException } from '@nestjs/common';
import { parseFilterContent } from 'src/core/api-rest/api-rest-query-builder/factories/input-factories/filter-utils/parse-filter-content.utils';
import { parseBaseFilter } from 'src/core/api-rest/api-rest-query-builder/factories/input-factories/filter-utils/parse-base-filter.utils';
import {
checkFields,
getFieldType,
} from 'src/core/api-rest/api-rest-query-builder/utils/fields.utils';
import { formatFieldValue } from 'src/core/api-rest/api-rest-query-builder/factories/input-factories/filter-utils/format-field-values.utils';
import { FieldValue } from 'src/core/api-rest/types/api-rest-field-value.type';
enum Conjunctions {
or = 'or',
and = 'and',
not = 'not',
}
export const parseFilter = (
filterQuery: string,
objectMetadataItem,
): Record<string, FieldValue> => {
const result = {};
const match = filterQuery.match(
`^(${Object.values(Conjunctions).join('|')})((.+))$`,
);
if (match) {
const conjunction = match?.[1];
if (!conjunction) {
throw new BadRequestException(
'Error while matching filter query. Conjunction not found',
);
}
const subResult = parseFilterContent(filterQuery).map((elem) =>
parseFilter(elem, objectMetadataItem),
);
if (conjunction === Conjunctions.not) {
if (subResult.length > 1) {
throw new BadRequestException(
`'filter' invalid. 'not' conjunction should contain only 1 condition. eg: not(field[eq]:1)`,
);
}
result[conjunction] = subResult[0];
} else {
result[conjunction] = subResult;
}
return result;
}
const { fields, comparator, value } = parseBaseFilter(filterQuery);
checkFields(objectMetadataItem, fields);
const fieldType = getFieldType(objectMetadataItem, fields[0]);
const formattedValue = formatFieldValue(value, fieldType, comparator);
return fields.reverse().reduce(
(acc, currentValue) => {
return { [currentValue]: acc };
},
{ [comparator]: formattedValue },
);
};

16
packages/twenty-server/src/core/api-rest/api-rest-query-builder/factories/input-factories/last-cursor-input.factory.ts Normal file
View File

@ -0,0 +1,16 @@
import { Injectable } from '@nestjs/common';
import { Request } from 'express';
@Injectable()
export class LastCursorInputFactory {
create(request: Request): string | undefined {
const cursorQuery = request.query.last_cursor;
if (typeof cursorQuery !== 'string') {
return undefined;
}
return cursorQuery;
}
}

21
packages/twenty-server/src/core/api-rest/api-rest-query-builder/factories/input-factories/limit-input.factory.ts Normal file
View File

@ -0,0 +1,21 @@
import { BadRequestException, Injectable } from '@nestjs/common';
import { Request } from 'express';
@Injectable()
export class LimitInputFactory {
create(request: Request): number {
if (!request.query.limit) {
return 60;
}
const limit = +request.query.limit;
if (isNaN(limit) || limit < 0) {
throw new BadRequestException(
`limit '${request.query.limit}' is invalid. Should be an integer`,
);
}
return limit;
}
}

75
packages/twenty-server/src/core/api-rest/api-rest-query-builder/factories/input-factories/order-by-input.factory.ts Normal file
View File

@ -0,0 +1,75 @@
import { BadRequestException, Injectable } from '@nestjs/common';
import { Request } from 'express';
import {
OrderByDirection,
RecordOrderBy,
} from 'src/workspace/workspace-query-builder/interfaces/record.interface';
import { checkFields } from 'src/core/api-rest/api-rest-query-builder/utils/fields.utils';
const DEFAULT_ORDER_DIRECTION = OrderByDirection.AscNullsFirst;
@Injectable()
export class OrderByInputFactory {
create(request: Request, objectMetadata): RecordOrderBy {
const orderByQuery = request.query.order_by;
if (typeof orderByQuery !== 'string') {
return {};
}
//orderByQuery = field_1[AscNullsFirst],field_2[DescNullsLast],field_3
const orderByItems = orderByQuery.split(',');
let result = {};
let itemDirection = '';
let itemFields = '';
for (const orderByItem of orderByItems) {
// orderByItem -> field_1[AscNullsFirst]
if (orderByItem.includes('[') && orderByItem.includes(']')) {
const [fieldsString, direction] = orderByItem
.replace(']', '')
.split('[');
// fields -> [field_1] ; direction -> AscNullsFirst
if (!(direction in OrderByDirection)) {
throw new BadRequestException(
`'order_by' direction '${direction}' invalid. Allowed values are '${Object.values(
OrderByDirection,
).join(
"', '",
)}'. eg: ?order_by=field_1[AscNullsFirst],field_2[DescNullsLast],field_3`,
);
}
itemDirection = direction;
itemFields = fieldsString;
} else {
// orderByItem -> field_3
itemDirection = DEFAULT_ORDER_DIRECTION;
itemFields = orderByItem;
}
let fieldResult = {};
itemFields
.split('.')
.reverse()
.forEach((field) => {
if (Object.keys(fieldResult).length) {
fieldResult = { [field]: fieldResult };
} else {
fieldResult[field] = itemDirection;
}
}, itemDirection);
result = { ...result, ...fieldResult };
}
checkFields(objectMetadata.objectMetadataItem, Object.keys(result));
return result;
}
}

30
packages/twenty-server/src/core/api-rest/api-rest-query-builder/factories/update-query.factory.ts Normal file
View File

@ -0,0 +1,30 @@
import { Injectable } from '@nestjs/common';
import { capitalize } from 'src/utils/capitalize';
import { mapFieldMetadataToGraphqlQuery } from 'src/core/api-rest/api-rest-query-builder/utils/map-field-metadata-to-graphql-query.utils';
@Injectable()
export class UpdateQueryFactory {
create(objectMetadata, depth?: number): string {
const objectNameSingular = objectMetadata.objectMetadataItem.nameSingular;
return `
mutation Update${capitalize(
objectNameSingular,
)}($id: ID!, $data: ${capitalize(objectNameSingular)}UpdateInput!) {
update${capitalize(objectNameSingular)}(id: $id, data: $data) {
id
${objectMetadata.objectMetadataItem.fields
.map((field) =>
mapFieldMetadataToGraphqlQuery(
objectMetadata.objectMetadataItems,
field,
depth,
),
)
.join('\n')}
}
}
`;
}
}

13
packages/twenty-server/src/core/api-rest/api-rest-query-builder/factories/update-variables.factory.ts Normal file
View File

@ -0,0 +1,13 @@
import { Injectable } from '@nestjs/common';
import { ApiRestQueryVariables } from 'src/core/api-rest/types/api-rest-query-variables.type';
@Injectable()
export class UpdateVariablesFactory {
create(id: string, request: Request): ApiRestQueryVariables {
return {
id,
data: request.body,
};
}
}

26
packages/twenty-server/src/core/api-rest/api-rest-query-builder/utils/__tests__/compute-depth.utils.spec.ts Normal file
View File

@ -0,0 +1,26 @@
import { computeDepth } from 'src/core/api-rest/api-rest-query-builder/utils/compute-depth.utils';
describe('computeDepth', () => {
it('should compute depth from query', () => {
const request: any = {
query: { depth: '1' },
};
expect(computeDepth(request)).toEqual(1);
});
it('should return default depth if missing', () => {
const request: any = { query: {} };
expect(computeDepth(request)).toEqual(undefined);
});
it('should raise if wrong depth', () => {
const request: any = { query: { depth: '100' } };
expect(() => computeDepth(request)).toThrow();
request.query.depth = '0';
expect(() => computeDepth(request)).toThrow();
});
});

30
packages/twenty-server/src/core/api-rest/api-rest-query-builder/utils/__tests__/fields.utils.spec.ts Normal file
View File

@ -0,0 +1,30 @@
import {
checkFields,
getFieldType,
} from 'src/core/api-rest/api-rest-query-builder/utils/fields.utils';
import { objectMetadataItem } from 'src/core/api-rest/api-rest-query-builder/utils/__tests__/utils';
import { FieldMetadataType } from 'src/metadata/field-metadata/field-metadata.entity';
describe('FieldUtils', () => {
describe('getFieldType', () => {
it('should get field type', () => {
expect(getFieldType(objectMetadataItem, 'fieldNumber')).toEqual(
FieldMetadataType.NUMBER,
);
});
});
describe('checkFields', () => {
it('should check field types', () => {
expect(() =>
checkFields(objectMetadataItem, ['fieldNumber']),
).not.toThrow();
expect(() => checkFields(objectMetadataItem, ['wrongField'])).toThrow();
expect(() =>
checkFields(objectMetadataItem, ['fieldNumber', 'wrongField']),
).toThrow();
});
});
});

35
packages/twenty-server/src/core/api-rest/api-rest-query-builder/utils/__tests__/map-field-metadata-to-graphql-query.utils.spec.ts Normal file
View File

@ -0,0 +1,35 @@
import { mapFieldMetadataToGraphqlQuery } from 'src/core/api-rest/api-rest-query-builder/utils/map-field-metadata-to-graphql-query.utils';
import {
fieldCurrency,
fieldLink,
fieldNumber,
fieldString,
objectMetadataItem,
} from 'src/core/api-rest/api-rest-query-builder/utils/__tests__/utils';
describe('mapFieldMetadataToGraphqlQuery', () => {
it('should map properly', () => {
expect(
mapFieldMetadataToGraphqlQuery(objectMetadataItem, fieldNumber),
).toEqual('fieldNumber');
expect(
mapFieldMetadataToGraphqlQuery(objectMetadataItem, fieldString),
).toEqual('fieldString');
expect(mapFieldMetadataToGraphqlQuery(objectMetadataItem, fieldLink))
.toEqual(`
fieldLink
{
label
url
}
`);
expect(mapFieldMetadataToGraphqlQuery(objectMetadataItem, fieldCurrency))
.toEqual(`
fieldCurrency
{
amountMicros
currencyCode
}
`);
});
});

21
packages/twenty-server/src/core/api-rest/api-rest-query-builder/utils/__tests__/parse-path.utils.spec.ts Normal file
View File

@ -0,0 +1,21 @@
import { parsePath } from 'src/core/api-rest/api-rest-query-builder/utils/parse-path.utils';
describe('parsePath', () => {
it('should parse object from request path', () => {
const request: any = { path: '/rest/companies/uuid' };
expect(parsePath(request)).toEqual({
object: 'companies',
id: 'uuid',
});
});
it('should parse object from request path', () => {
const request: any = { path: '/rest/companies' };
expect(parsePath(request)).toEqual({
object: 'companies',
id: undefined,
});
});
});

33
packages/twenty-server/src/core/api-rest/api-rest-query-builder/utils/__tests__/utils.ts Normal file
View File

@ -0,0 +1,33 @@
import { FieldMetadataType } from 'src/metadata/field-metadata/field-metadata.entity';
export const fieldNumber = {
name: 'fieldNumber',
type: FieldMetadataType.NUMBER,
targetColumnMap: { value: 'fieldNumber' },
};
export const fieldString = {
name: 'fieldString',
type: FieldMetadataType.TEXT,
targetColumnMap: { value: 'fieldString' },
};
export const fieldLink = {
name: 'fieldLink',
type: FieldMetadataType.LINK,
targetColumnMap: { label: 'fieldLinkLabel', url: 'fieldLinkUrl' },
};
export const fieldCurrency = {
name: 'fieldCurrency',
type: FieldMetadataType.CURRENCY,
targetColumnMap: {
amountMicros: 'fieldCurrencyAmountMicros',
currencyCode: 'fieldCurrencyCurrencyCode',
},
};
export const objectMetadataItem = {
targetTableName: 'testingObject',
fields: [fieldNumber, fieldString, fieldLink, fieldCurrency],
};

25
packages/twenty-server/src/core/api-rest/api-rest-query-builder/utils/compute-depth.utils.ts Normal file
View File

@ -0,0 +1,25 @@
import { BadRequestException } from '@nestjs/common';
import { Request } from 'express';
const ALLOWED_DEPTH_VALUES = [1, 2];
export const computeDepth = (request: Request): number | undefined => {
if (!request.query.depth) {
return undefined;
}
const depth = +request.query.depth;
if (isNaN(depth) || !ALLOWED_DEPTH_VALUES.includes(depth)) {
throw new BadRequestException(
`'depth=${
request.query.depth
}' parameter invalid. Allowed values are ${ALLOWED_DEPTH_VALUES.join(
', ',
)}`,
);
}
return depth;
};

35
packages/twenty-server/src/core/api-rest/api-rest-query-builder/utils/fields.utils.ts Normal file
View File

@ -0,0 +1,35 @@
import { BadRequestException } from '@nestjs/common';
import { FieldMetadataType } from 'src/metadata/field-metadata/field-metadata.entity';
export const getFieldType = (
objectMetadataItem,
fieldName,
): FieldMetadataType | undefined => {
for (const itemField of objectMetadataItem.fields) {
if (fieldName === itemField.name) {
return itemField.type;
}
}
};
export const checkFields = (objectMetadataItem, fieldNames): void => {
for (const fieldName of fieldNames) {
if (
!objectMetadataItem.fields
.reduce(
(acc, itemField) => [
...acc,
itemField.name,
...Object.keys(itemField.targetColumnMap),
],
[],
)
.includes(fieldName)
) {
throw new BadRequestException(
`field '${fieldName}' does not exist in '${objectMetadataItem.targetTableName}' object`,
);
}
}
};

107
packages/twenty-server/src/core/api-rest/api-rest-query-builder/utils/map-field-metadata-to-graphql-query.utils.ts Normal file
View File

@ -0,0 +1,107 @@
import { FieldMetadataType } from 'src/metadata/field-metadata/field-metadata.entity';
import { RelationMetadataType } from 'src/metadata/relation-metadata/relation-metadata.entity';
const DEFAULT_DEPTH_VALUE = 2;
export const mapFieldMetadataToGraphqlQuery = (
objectMetadataItems,
field,
maxDepthForRelations = DEFAULT_DEPTH_VALUE,
): string | undefined => {
if (maxDepthForRelations <= 0) {
return '';
}
const fieldType = field.type;
const fieldIsSimpleValue = [
FieldMetadataType.UUID,
FieldMetadataType.TEXT,
FieldMetadataType.PHONE,
FieldMetadataType.DATE_TIME,
FieldMetadataType.EMAIL,
FieldMetadataType.NUMBER,
FieldMetadataType.BOOLEAN,
].includes(fieldType);
if (fieldIsSimpleValue) {
return field.name;
} else if (
fieldType === FieldMetadataType.RELATION &&
field.toRelationMetadata?.relationType === RelationMetadataType.ONE_TO_MANY
) {
const relationMetadataItem = objectMetadataItems.find(
(objectMetadataItem) =>
objectMetadataItem.id ===
(field.toRelationMetadata as any)?.fromObjectMetadata?.id,
);
return `${field.name}
{
id
${(relationMetadataItem?.fields ?? [])
.filter((field) => field.type !== FieldMetadataType.RELATION)
.map((field) =>
mapFieldMetadataToGraphqlQuery(
objectMetadataItems,
field,
maxDepthForRelations - 1,
),
)
.join('\n')}
}`;
} else if (
fieldType === FieldMetadataType.RELATION &&
field.fromRelationMetadata?.relationType ===
RelationMetadataType.ONE_TO_MANY
) {
const relationMetadataItem = objectMetadataItems.find(
(objectMetadataItem) =>
objectMetadataItem.id ===
(field.fromRelationMetadata as any)?.toObjectMetadata?.id,
);
return `${field.name}
{
edges {
node {
id
${(relationMetadataItem?.fields ?? [])
.filter((field) => field.type !== FieldMetadataType.RELATION)
.map((field) =>
mapFieldMetadataToGraphqlQuery(
objectMetadataItems,
field,
maxDepthForRelations - 1,
),
)
.join('\n')}
}
}
}`;
} else if (fieldType === FieldMetadataType.LINK) {
return `
${field.name}
{
label
url
}
`;
} else if (fieldType === FieldMetadataType.CURRENCY) {
return `
${field.name}
{
amountMicros
currencyCode
}
`;
} else if (fieldType === FieldMetadataType.FULL_NAME) {
return `
${field.name}
{
firstName
lastName
}
`;
}
};

21
packages/twenty-server/src/core/api-rest/api-rest-query-builder/utils/parse-path.utils.ts Normal file
View File

@ -0,0 +1,21 @@
import { BadRequestException } from '@nestjs/common';
import { Request } from 'express';
export const parsePath = (
request: Request,
): { object: string; id?: string } => {
const queryAction = request.path.replace('/rest/', '').split('/');
if (queryAction.length > 2) {
throw new BadRequestException(
`Query path '${request.path}' invalid. Valid examples: /rest/companies/id or /rest/companies`,
);
}
if (queryAction.length === 1) {
return { object: queryAction[0] };
}
return { object: queryAction[0], id: queryAction[1] };
};

41
packages/twenty-server/src/core/api-rest/api-rest.controller.ts Normal file
View File

@ -0,0 +1,41 @@
import { Controller, Delete, Get, Post, Put, Req, Res } from '@nestjs/common';
import { Request, Response } from 'express';
import { ApiRestService } from 'src/core/api-rest/api-rest.service';
import { ApiRestResponse } from 'src/core/api-rest/types/api-rest-response.type';
const handleResult = (res: Response, result: ApiRestResponse) => {
if (result.data.error) {
res
.status(result.data.status || 400)
.send({ error: `${result.data.error}` });
} else {
res.send(result.data);
}
};
@Controller('rest/*')
export class ApiRestController {
constructor(private readonly apiRestService: ApiRestService) {}
@Get()
async handleApiGet(@Req() request: Request, @Res() res: Response) {
handleResult(res, await this.apiRestService.get(request));
}
@Delete()
async handleApiDelete(@Req() request: Request, @Res() res: Response) {
handleResult(res, await this.apiRestService.delete(request));
}
@Post()
async handleApiPost(@Req() request: Request, @Res() res: Response) {
handleResult(res, await this.apiRestService.create(request));
}
@Put()
async handleApiPut(@Req() request: Request, @Res() res: Response) {
handleResult(res, await this.apiRestService.update(request));
}
}

13
packages/twenty-server/src/core/api-rest/api-rest.module.ts Normal file
View File

@ -0,0 +1,13 @@
import { Module } from '@nestjs/common';
import { ApiRestController } from 'src/core/api-rest/api-rest.controller';
import { ApiRestService } from 'src/core/api-rest/api-rest.service';
import { ApiRestQueryBuilderModule } from 'src/core/api-rest/api-rest-query-builder/api-rest-query-builder.module';
import { AuthModule } from 'src/core/auth/auth.module';
@Module({
imports: [ApiRestQueryBuilderModule, AuthModule],
controllers: [ApiRestController],
providers: [ApiRestService],
})
export class ApiRestModule {}

35
packages/twenty-server/src/core/api-rest/api-rest.service.spec.ts Normal file
View File

@ -0,0 +1,35 @@
import { Test, TestingModule } from '@nestjs/testing';
import { ApiRestService } from 'src/core/api-rest/api-rest.service';
import { EnvironmentService } from 'src/integrations/environment/environment.service';
import { TokenService } from 'src/core/auth/services/token.service';
import { ApiRestQueryBuilderFactory } from 'src/core/api-rest/api-rest-query-builder/api-rest-query-builder.factory';
describe('ApiRestService', () => {
let service: ApiRestService;
beforeEach(async () => {
const module: TestingModule = await Test.createTestingModule({
providers: [
ApiRestService,
{
provide: ApiRestQueryBuilderFactory,
useValue: {},
},
{
provide: EnvironmentService,
useValue: {},
},
{
provide: TokenService,
useValue: {},
},
],
}).compile();
service = module.get<ApiRestService>(ApiRestService);
});
it('should be defined', () => {
expect(service).toBeDefined();
});
});

83
packages/twenty-server/src/core/api-rest/api-rest.service.ts Normal file
View File

@ -0,0 +1,83 @@
import { Injectable } from '@nestjs/common';
import axios from 'axios';
import { Request } from 'express';
import { EnvironmentService } from 'src/integrations/environment/environment.service';
import { ApiRestQueryBuilderFactory } from 'src/core/api-rest/api-rest-query-builder/api-rest-query-builder.factory';
import { TokenService } from 'src/core/auth/services/token.service';
import { ApiRestResponse } from 'src/core/api-rest/types/api-rest-response.type';
import { ApiRestQuery } from 'src/core/api-rest/types/api-rest-query.type';
@Injectable()
export class ApiRestService {
constructor(
private readonly tokenService: TokenService,
private readonly environmentService: EnvironmentService,
private readonly apiRestQueryBuilderFactory: ApiRestQueryBuilderFactory,
) {}
async callGraphql(
request: Request,
data: ApiRestQuery,
): Promise<ApiRestResponse> {
const baseUrl =
this.environmentService.getServerUrl() ||
`${request.protocol}://${request.get('host')}`;
try {
return await axios.post(`${baseUrl}/graphql`, data, {
headers: {
Authorization: request.headers.authorization,
},
});
} catch (err) {
return {
data: {
error: `AxiosError: please double check your query and your API key (to generate a new one, see here: ${this.environmentService.getFrontBaseUrl()}/settings/developers/api-keys)`,
status: 400,
},
};
}
}
async get(request: Request): Promise<ApiRestResponse> {
try {
const data = await this.apiRestQueryBuilderFactory.get(request);
return await this.callGraphql(request, data);
} catch (err) {
return { data: { error: err, status: err.status } };
}
}
async delete(request: Request): Promise<ApiRestResponse> {
try {
const data = await this.apiRestQueryBuilderFactory.delete(request);
return await this.callGraphql(request, data);
} catch (err) {
return { data: { error: err, status: err.status } };
}
}
async create(request: Request): Promise<ApiRestResponse> {
try {
const data = await this.apiRestQueryBuilderFactory.create(request);
return await this.callGraphql(request, data);
} catch (err) {
return { data: { error: err, status: err.status } };
}
}
async update(request: Request): Promise<ApiRestResponse> {
try {
const data = await this.apiRestQueryBuilderFactory.update(request);
return await this.callGraphql(request, data);
} catch (err) {
return { data: { error: err, status: err.status } };
}
}
}

6
packages/twenty-server/src/core/api-rest/types/api-rest-field-value.type.ts Normal file
View File

@ -0,0 +1,6 @@
export type FieldValue =
| string
| boolean
| number
| FieldValue[]
| { [key: string]: FieldValue };

8
packages/twenty-server/src/core/api-rest/types/api-rest-query-variables.type.ts Normal file
View File

@ -0,0 +1,8 @@
export type ApiRestQueryVariables = {
id?: string;
data?: object | null;
filter?: object;
orderBy?: object;
limit?: number;
lastCursor?: string;
};

4
packages/twenty-server/src/core/api-rest/types/api-rest-query.type.ts Normal file
View File

@ -0,0 +1,4 @@
export type ApiRestQuery = {
query: string;
variables: object;
};

5
packages/twenty-server/src/core/api-rest/types/api-rest-response.type.ts Normal file
View File

@ -0,0 +1,5 @@
import { HttpException } from '@nestjs/common';
export type ApiRestResponse = {
data: { error?: HttpException | string; status?: number };
};

61
packages/twenty-server/src/core/auth/auth.module.ts Normal file
View File

@ -0,0 +1,61 @@
/* eslint-disable no-restricted-imports */
import { Module } from '@nestjs/common';
import { JwtModule } from '@nestjs/jwt';
import { TypeOrmModule } from '@nestjs/typeorm';
import { EnvironmentService } from 'src/integrations/environment/environment.service';
import { FileModule } from 'src/core/file/file.module';
import { Workspace } from 'src/core/workspace/workspace.entity';
import { User } from 'src/core/user/user.entity';
import { RefreshToken } from 'src/core/refresh-token/refresh-token.entity';
import { DataSourceModule } from 'src/metadata/data-source/data-source.module';
import { UserModule } from 'src/core/user/user.module';
import { WorkspaceManagerModule } from 'src/workspace/workspace-manager/workspace-manager.module';
import { TypeORMModule } from 'src/database/typeorm/typeorm.module';
import { GoogleAuthController } from 'src/core/auth/controllers/google-auth.controller';
import { GoogleGmailAuthController } from 'src/core/auth/controllers/google-gmail-auth.controller';
import { VerifyAuthController } from 'src/core/auth/controllers/verify-auth.controller';
import { TokenService } from 'src/core/auth/services/token.service';
import { GoogleGmailService } from 'src/core/auth/services/google-gmail.service';
import { AuthResolver } from './auth.resolver';
import { JwtAuthStrategy } from './strategies/jwt.auth.strategy';
import { AuthService } from './services/auth.service';
const jwtModule = JwtModule.registerAsync({
useFactory: async (environmentService: EnvironmentService) => {
return {
secret: environmentService.getAccessTokenSecret(),
signOptions: {
expiresIn: environmentService.getAccessTokenExpiresIn(),
},
};
},
inject: [EnvironmentService],
});
@Module({
imports: [
jwtModule,
FileModule,
DataSourceModule,
UserModule,
WorkspaceManagerModule,
TypeORMModule,
TypeOrmModule.forFeature([Workspace, User, RefreshToken], 'core'),
],
controllers: [
GoogleAuthController,
GoogleGmailAuthController,
VerifyAuthController,
],
providers: [
AuthService,
TokenService,
JwtAuthStrategy,
AuthResolver,
GoogleGmailService,
],
exports: [jwtModule, TokenService],
})
export class AuthModule {}

39
packages/twenty-server/src/core/auth/auth.resolver.spec.ts Normal file
View File

@ -0,0 +1,39 @@
import { Test, TestingModule } from '@nestjs/testing';
import { getRepositoryToken } from '@nestjs/typeorm';
import { Workspace } from 'src/core/workspace/workspace.entity';
import { AuthResolver } from './auth.resolver';
import { TokenService } from './services/token.service';
import { AuthService } from './services/auth.service';
describe('AuthResolver', () => {
let resolver: AuthResolver;
beforeEach(async () => {
const module: TestingModule = await Test.createTestingModule({
providers: [
AuthResolver,
{
provide: getRepositoryToken(Workspace, 'core'),
useValue: {},
},
{
provide: AuthService,
useValue: {},
},
{
provide: TokenService,
useValue: {},
},
],
}).compile();
resolver = module.get<AuthResolver>(AuthResolver);
});
it('should be defined', () => {
expect(resolver).toBeDefined();
});
});

153
packages/twenty-server/src/core/auth/auth.resolver.ts Normal file
View File

@ -0,0 +1,153 @@
import { Args, Mutation, Query, Resolver } from '@nestjs/graphql';
import {
BadRequestException,
ForbiddenException,
UseGuards,
} from '@nestjs/common';
import { InjectRepository } from '@nestjs/typeorm';
import { Repository } from 'typeorm';
import { JwtAuthGuard } from 'src/guards/jwt.auth.guard';
import { AuthUser } from 'src/decorators/auth-user.decorator';
import { assert } from 'src/utils/assert';
import { Workspace } from 'src/core/workspace/workspace.entity';
import { AuthWorkspace } from 'src/decorators/auth-workspace.decorator';
import { User } from 'src/core/user/user.entity';
import { ApiKeyTokenInput } from 'src/core/auth/dto/api-key-token.input';
import { TransientToken } from 'src/core/auth/dto/transient-token.entity';
import { UserService } from 'src/core/user/services/user.service';
import { ApiKeyToken, AuthTokens } from './dto/token.entity';
import { TokenService } from './services/token.service';
import { RefreshTokenInput } from './dto/refresh-token.input';
import { Verify } from './dto/verify.entity';
import { VerifyInput } from './dto/verify.input';
import { AuthService } from './services/auth.service';
import { LoginToken } from './dto/login-token.entity';
import { ChallengeInput } from './dto/challenge.input';
import { UserExists } from './dto/user-exists.entity';
import { CheckUserExistsInput } from './dto/user-exists.input';
import { WorkspaceInviteHashValid } from './dto/workspace-invite-hash-valid.entity';
import { WorkspaceInviteHashValidInput } from './dto/workspace-invite-hash.input';
import { SignUpInput } from './dto/sign-up.input';
import { ImpersonateInput } from './dto/impersonate.input';
@Resolver()
export class AuthResolver {
constructor(
@InjectRepository(Workspace, 'core')
private readonly workspaceRepository: Repository<Workspace>,
private authService: AuthService,
private tokenService: TokenService,
private userService: UserService,
) {}
@Query(() => UserExists)
async checkUserExists(
@Args() checkUserExistsInput: CheckUserExistsInput,
): Promise<UserExists> {
const { exists } = await this.authService.checkUserExists(
checkUserExistsInput.email,
);
return { exists };
}
@Query(() => WorkspaceInviteHashValid)
async checkWorkspaceInviteHashIsValid(
@Args() workspaceInviteHashValidInput: WorkspaceInviteHashValidInput,
): Promise<WorkspaceInviteHashValid> {
return await this.authService.checkWorkspaceInviteHashIsValid(
workspaceInviteHashValidInput.inviteHash,
);
}
@Query(() => Workspace)
async findWorkspaceFromInviteHash(
@Args() workspaceInviteHashValidInput: WorkspaceInviteHashValidInput,
) {
return await this.workspaceRepository.findOneBy({
inviteHash: workspaceInviteHashValidInput.inviteHash,
});
}
@Mutation(() => LoginToken)
async challenge(@Args() challengeInput: ChallengeInput): Promise<LoginToken> {
const user = await this.authService.challenge(challengeInput);
const loginToken = await this.tokenService.generateLoginToken(user.email);
return { loginToken };
}
@Mutation(() => LoginToken)
async signUp(@Args() signUpInput: SignUpInput): Promise<LoginToken> {
const user = await this.authService.signUp(signUpInput);
const loginToken = await this.tokenService.generateLoginToken(user.email);
return { loginToken };
}
@Mutation(() => TransientToken)
@UseGuards(JwtAuthGuard)
async generateTransientToken(
@AuthUser() user: User,
): Promise<TransientToken | void> {
const workspaceMember = await this.userService.loadWorkspaceMember(user);
const transientToken = await this.tokenService.generateTransientToken(
workspaceMember.id,
user.defaultWorkspace.id,
);
return { transientToken };
}
@Mutation(() => Verify)
async verify(@Args() verifyInput: VerifyInput): Promise<Verify> {
const email = await this.tokenService.verifyLoginToken(
verifyInput.loginToken,
);
const result = await this.authService.verify(email);
return result;
}
@Mutation(() => AuthTokens)
async renewToken(@Args() args: RefreshTokenInput): Promise<AuthTokens> {
if (!args.refreshToken) {
throw new BadRequestException('Refresh token is mendatory');
}
const tokens = await this.tokenService.generateTokensFromRefreshToken(
args.refreshToken,
);
return { tokens: tokens };
}
@UseGuards(JwtAuthGuard)
@Mutation(() => Verify)
async impersonate(
@Args() impersonateInput: ImpersonateInput,
@AuthUser() user: User,
): Promise<Verify> {
// Check if user can impersonate
assert(user.canImpersonate, 'User cannot impersonate', ForbiddenException);
return this.authService.impersonate(impersonateInput.userId);
}
@UseGuards(JwtAuthGuard)
@Mutation(() => ApiKeyToken)
async generateApiKeyToken(
@Args() args: ApiKeyTokenInput,
@AuthWorkspace() { id: workspaceId }: Workspace,
): Promise<ApiKeyToken | undefined> {
return await this.tokenService.generateApiKeyToken(
workspaceId,
args.apiKeyId,
args.expiresAt,
);
}
}

15
packages/twenty-server/src/core/auth/auth.util.ts Normal file
View File

@ -0,0 +1,15 @@
import * as bcrypt from 'bcrypt';
export const PASSWORD_REGEX = /^.{8,}$/;
const saltRounds = 10;
export const hashPassword = async (password: string) => {
const hash = await bcrypt.hash(password, saltRounds);
return hash;
};
export const compareHash = async (password: string, passwordHash: string) => {
return bcrypt.compare(password, passwordHash);
};

70
packages/twenty-server/src/core/auth/controllers/google-auth.controller.ts Normal file
View File

@ -0,0 +1,70 @@
import { Controller, Get, Req, Res, UseGuards } from '@nestjs/common';
import { InjectRepository } from '@nestjs/typeorm';
import { Response } from 'express';
import { Repository } from 'typeorm';
import { GoogleRequest } from 'src/core/auth/strategies/google.auth.strategy';
import { TokenService } from 'src/core/auth/services/token.service';
import { GoogleProviderEnabledGuard } from 'src/core/auth/guards/google-provider-enabled.guard';
import { GoogleOauthGuard } from 'src/core/auth/guards/google-oauth.guard';
import { User } from 'src/core/user/user.entity';
import { Workspace } from 'src/core/workspace/workspace.entity';
import { AuthService } from 'src/core/auth/services/auth.service';
import { TypeORMService } from 'src/database/typeorm/typeorm.service';
import { EnvironmentService } from 'src/integrations/environment/environment.service';
@Controller('auth/google')
export class GoogleAuthController {
constructor(
private readonly tokenService: TokenService,
private readonly environmentService: EnvironmentService,
private readonly typeORMService: TypeORMService,
private readonly authService: AuthService,
@InjectRepository(Workspace, 'core')
@InjectRepository(User, 'core')
private readonly userRepository: Repository<User>,
) {}
@Get()
@UseGuards(GoogleProviderEnabledGuard, GoogleOauthGuard)
async googleAuth() {
// As this method is protected by Google Auth guard, it will trigger Google SSO flow
return;
}
@Get('redirect')
@UseGuards(GoogleProviderEnabledGuard, GoogleOauthGuard)
async googleAuthRedirect(@Req() req: GoogleRequest, @Res() res: Response) {
const { firstName, lastName, email, picture, workspaceInviteHash } =
req.user;
const mainDataSource = await this.typeORMService.getMainDataSource();
const existingUser = await mainDataSource
.getRepository(User)
.findOneBy({ email: email });
if (existingUser) {
const loginToken = await this.tokenService.generateLoginToken(
existingUser.email,
);
return res.redirect(
this.tokenService.computeRedirectURI(loginToken.token),
);
}
const user = await this.authService.signUp({
email,
firstName,
lastName,
picture,
workspaceInviteHash,
});
const loginToken = await this.tokenService.generateLoginToken(user.email);
return res.redirect(this.tokenService.computeRedirectURI(loginToken.token));
}
}

48
packages/twenty-server/src/core/auth/controllers/google-gmail-auth.controller.ts Normal file
View File

@ -0,0 +1,48 @@
import { Controller, Get, Req, Res, UseGuards } from '@nestjs/common';
import { Response } from 'express';
import { GoogleGmailProviderEnabledGuard } from 'src/core/auth/guards/google-gmail-provider-enabled.guard';
import { GoogleGmailOauthGuard } from 'src/core/auth/guards/google-gmail-oauth.guard';
import { GoogleGmailRequest } from 'src/core/auth/strategies/google-gmail.auth.strategy';
import { GoogleGmailService } from 'src/core/auth/services/google-gmail.service';
import { TokenService } from 'src/core/auth/services/token.service';
@Controller('auth/google-gmail')
export class GoogleGmailAuthController {
constructor(
private readonly googleGmailService: GoogleGmailService,
private readonly tokenService: TokenService,
) {}
@Get()
@UseGuards(GoogleGmailProviderEnabledGuard, GoogleGmailOauthGuard)
async googleAuth() {
// As this method is protected by Google Auth guard, it will trigger Google SSO flow
return;
}
@Get('get-access-token')
@UseGuards(GoogleGmailProviderEnabledGuard, GoogleGmailOauthGuard)
async googleAuthGetAccessToken(
@Req() req: GoogleGmailRequest,
@Res() res: Response,
) {
const { user: gmailUser } = req;
const { accessToken, refreshToken, transientToken } = gmailUser;
const { workspaceMemberId, workspaceId } =
await this.tokenService.verifyTransientToken(transientToken);
this.googleGmailService.saveConnectedAccount({
workspaceMemberId: workspaceMemberId,
workspaceId: workspaceId,
type: 'gmail',
accessToken,
refreshToken,
});
return res.redirect('http://localhost:3001');
}
}

32
packages/twenty-server/src/core/auth/controllers/verify-auth.controller.spec.ts Normal file
View File

@ -0,0 +1,32 @@
import { Test, TestingModule } from '@nestjs/testing';
import { AuthService } from 'src/core/auth/services/auth.service';
import { TokenService } from 'src/core/auth/services/token.service';
import { VerifyAuthController } from './verify-auth.controller';
describe('VerifyAuthController', () => {
let controller: VerifyAuthController;
beforeEach(async () => {
const module: TestingModule = await Test.createTestingModule({
controllers: [VerifyAuthController],
providers: [
{
provide: AuthService,
useValue: {},
},
{
provide: TokenService,
useValue: {},
},
],
}).compile();
controller = module.get<VerifyAuthController>(VerifyAuthController);
});
it('should be defined', () => {
expect(controller).toBeDefined();
});
});

24
packages/twenty-server/src/core/auth/controllers/verify-auth.controller.ts Normal file
View File

@ -0,0 +1,24 @@
import { Body, Controller, Post } from '@nestjs/common';
import { AuthService } from 'src/core/auth/services/auth.service';
import { VerifyInput } from 'src/core/auth/dto/verify.input';
import { Verify } from 'src/core/auth/dto/verify.entity';
import { TokenService } from 'src/core/auth/services/token.service';
@Controller('auth/verify')
export class VerifyAuthController {
constructor(
private readonly authService: AuthService,
private readonly tokenService: TokenService,
) {}
@Post()
async verify(@Body() verifyInput: VerifyInput): Promise<Verify> {
const email = await this.tokenService.verifyLoginToken(
verifyInput.loginToken,
);
const result = await this.authService.verify(email);
return result;
}
}

15
packages/twenty-server/src/core/auth/dto/api-key-token.input.ts Normal file
View File

@ -0,0 +1,15 @@
import { ArgsType, Field } from '@nestjs/graphql';
import { IsNotEmpty, IsString } from 'class-validator';
@ArgsType()
export class ApiKeyTokenInput {
@Field(() => String)
@IsNotEmpty()
@IsString()
apiKeyId: string;
@Field(() => String)
@IsNotEmpty()
expiresAt: string;
}

16
packages/twenty-server/src/core/auth/dto/challenge.input.ts Normal file
View File

@ -0,0 +1,16 @@
import { ArgsType, Field } from '@nestjs/graphql';
import { IsEmail, IsNotEmpty, IsString } from 'class-validator';
@ArgsType()
export class ChallengeInput {
@Field(() => String)
@IsNotEmpty()
@IsEmail()
email: string;
@Field(() => String)
@IsNotEmpty()
@IsString()
password: string;
}

11
packages/twenty-server/src/core/auth/dto/impersonate.input.ts Normal file
View File

@ -0,0 +1,11 @@
import { ArgsType, Field } from '@nestjs/graphql';
import { IsNotEmpty, IsString } from 'class-validator';
@ArgsType()
export class ImpersonateInput {
@Field(() => String)
@IsNotEmpty()
@IsString()
userId: string;
}

9
packages/twenty-server/src/core/auth/dto/login-token.entity.ts Normal file
View File

@ -0,0 +1,9 @@
import { Field, ObjectType } from '@nestjs/graphql';
import { AuthToken } from './token.entity';
@ObjectType()
export class LoginToken {
@Field(() => AuthToken)
loginToken: AuthToken;
}

11
packages/twenty-server/src/core/auth/dto/refresh-token.input.ts Normal file
View File

@ -0,0 +1,11 @@
import { ArgsType, Field } from '@nestjs/graphql';
import { IsNotEmpty, IsString } from 'class-validator';
@ArgsType()
export class RefreshTokenInput {
@Field(() => String)
@IsNotEmpty()
@IsString()
refreshToken: string;
}

31
packages/twenty-server/src/core/auth/dto/save-connected-account.ts Normal file
View File

@ -0,0 +1,31 @@
import { ArgsType, Field } from '@nestjs/graphql';
import { IsNotEmpty, IsString } from 'class-validator';
@ArgsType()
export class SaveConnectedAccountInput {
@Field(() => String)
@IsNotEmpty()
@IsString()
workspaceMemberId: string;
@Field(() => String)
@IsNotEmpty()
@IsString()
workspaceId: string;
@Field(() => String)
@IsNotEmpty()
@IsString()
type: string;
@Field(() => String)
@IsNotEmpty()
@IsString()
accessToken: string;
@Field(() => String)
@IsNotEmpty()
@IsString()
refreshToken: string;
}

21
packages/twenty-server/src/core/auth/dto/sign-up.input.ts Normal file
View File

@ -0,0 +1,21 @@
import { ArgsType, Field } from '@nestjs/graphql';
import { IsEmail, IsNotEmpty, IsOptional, IsString } from 'class-validator';
@ArgsType()
export class SignUpInput {
@Field(() => String)
@IsNotEmpty()
@IsEmail()
email: string;
@Field(() => String)
@IsNotEmpty()
@IsString()
password: string;
@Field(() => String, { nullable: true })
@IsString()
@IsOptional()
workspaceInviteHash?: string;
}

31
packages/twenty-server/src/core/auth/dto/token.entity.ts Normal file
View File

@ -0,0 +1,31 @@
import { Field, ObjectType } from '@nestjs/graphql';
@ObjectType()
export class AuthToken {
@Field(() => String)
token: string;
@Field(() => Date)
expiresAt: Date;
}
@ObjectType()
export class ApiKeyToken {
@Field(() => String)
token: string;
}
@ObjectType()
export class AuthTokenPair {
@Field(() => AuthToken)
accessToken: AuthToken;
@Field(() => AuthToken)
refreshToken: AuthToken;
}
@ObjectType()
export class AuthTokens {
@Field(() => AuthTokenPair)
tokens: AuthTokenPair;
}

9
packages/twenty-server/src/core/auth/dto/transient-token.entity.ts Normal file
View File

@ -0,0 +1,9 @@
import { Field, ObjectType } from '@nestjs/graphql';
import { AuthToken } from './token.entity';
@ObjectType()
export class TransientToken {
@Field(() => AuthToken)
transientToken: AuthToken;
}

7
packages/twenty-server/src/core/auth/dto/user-exists.entity.ts Normal file
View File

@ -0,0 +1,7 @@
import { Field, ObjectType } from '@nestjs/graphql';
@ObjectType()
export class UserExists {
@Field(() => Boolean)
exists: boolean;
}

11
packages/twenty-server/src/core/auth/dto/user-exists.input.ts Normal file
View File

@ -0,0 +1,11 @@
import { ArgsType, Field } from '@nestjs/graphql';
import { IsNotEmpty, IsString } from 'class-validator';
@ArgsType()
export class CheckUserExistsInput {
@Field(() => String)
@IsString()
@IsNotEmpty()
email: string;
}

11
packages/twenty-server/src/core/auth/dto/verify.entity.ts Normal file
View File

@ -0,0 +1,11 @@
import { Field, ObjectType } from '@nestjs/graphql';
import { User } from 'src/core/user/user.entity';
import { AuthTokens } from './token.entity';
@ObjectType()
export class Verify extends AuthTokens {
@Field(() => User)
user: DeepPartial<User>;
}

11
packages/twenty-server/src/core/auth/dto/verify.input.ts Normal file
View File

@ -0,0 +1,11 @@
import { ArgsType, Field } from '@nestjs/graphql';
import { IsNotEmpty, IsString } from 'class-validator';
@ArgsType()
export class VerifyInput {
@Field(() => String)
@IsNotEmpty()
@IsString()
loginToken: string;
}

7
packages/twenty-server/src/core/auth/dto/workspace-invite-hash-valid.entity.ts Normal file
View File

@ -0,0 +1,7 @@
import { Field, ObjectType } from '@nestjs/graphql';
@ObjectType()
export class WorkspaceInviteHashValid {
@Field(() => Boolean)
isValid: boolean;
}

12
packages/twenty-server/src/core/auth/dto/workspace-invite-hash.input.ts Normal file
View File

@ -0,0 +1,12 @@
import { ArgsType, Field } from '@nestjs/graphql';
import { IsNotEmpty, IsString, MinLength } from 'class-validator';
@ArgsType()
export class WorkspaceInviteHashValidInput {
@Field(() => String)
@IsString()
@IsNotEmpty()
@MinLength(10)
inviteHash: string;
}

27
packages/twenty-server/src/core/auth/guards/google-gmail-oauth.guard.ts Normal file
View File

@ -0,0 +1,27 @@
import { ExecutionContext, Injectable } from '@nestjs/common';
import { AuthGuard } from '@nestjs/passport';
@Injectable()
export class GoogleGmailOauthGuard extends AuthGuard('google-gmail') {
constructor() {
super({
prompt: 'select_account',
});
}
async canActivate(context: ExecutionContext) {
try {
const request = context.switchToHttp().getRequest();
const transientToken = request.query.transientToken;
if (transientToken && typeof transientToken === 'string') {
request.params.transientToken = transientToken;
}
const activate = (await super.canActivate(context)) as boolean;
return activate;
} catch (ex) {
throw ex;
}
}
}

21
packages/twenty-server/src/core/auth/guards/google-gmail-provider-enabled.guard.ts Normal file
View File

@ -0,0 +1,21 @@
import { Injectable, CanActivate, NotFoundException } from '@nestjs/common';
import { Observable } from 'rxjs';
import { GoogleGmailStrategy } from 'src/core/auth/strategies/google-gmail.auth.strategy';
import { EnvironmentService } from 'src/integrations/environment/environment.service';
@Injectable()
export class GoogleGmailProviderEnabledGuard implements CanActivate {
constructor(private readonly environmentService: EnvironmentService) {}
canActivate(): boolean | Promise<boolean> | Observable<boolean> {
if (!this.environmentService.isMessagingProviderGmailEnabled()) {
throw new NotFoundException('Gmail auth is not enabled');
}
new GoogleGmailStrategy(this.environmentService);
return true;
}
}

27
packages/twenty-server/src/core/auth/guards/google-oauth.guard.ts Normal file
View File

@ -0,0 +1,27 @@
import { ExecutionContext, Injectable } from '@nestjs/common';
import { AuthGuard } from '@nestjs/passport';
@Injectable()
export class GoogleOauthGuard extends AuthGuard('google') {
constructor() {
super({
prompt: 'select_account',
});
}
async canActivate(context: ExecutionContext) {
try {
const request = context.switchToHttp().getRequest();
const workspaceInviteHash = request.query.inviteHash;
if (workspaceInviteHash && typeof workspaceInviteHash === 'string') {
request.params.workspaceInviteHash = workspaceInviteHash;
}
const activate = (await super.canActivate(context)) as boolean;
return activate;
} catch (ex) {
throw ex;
}
}
}

21
packages/twenty-server/src/core/auth/guards/google-provider-enabled.guard.ts Normal file
View File

@ -0,0 +1,21 @@
import { Injectable, CanActivate, NotFoundException } from '@nestjs/common';
import { Observable } from 'rxjs';
import { EnvironmentService } from 'src/integrations/environment/environment.service';
import { GoogleStrategy } from 'src/core/auth/strategies/google.auth.strategy';
@Injectable()
export class GoogleProviderEnabledGuard implements CanActivate {
constructor(private readonly environmentService: EnvironmentService) {}
canActivate(): boolean | Promise<boolean> | Observable<boolean> {
if (!this.environmentService.isAuthGoogleEnabled()) {
throw new NotFoundException('Google auth is not enabled');
}
new GoogleStrategy(this.environmentService);
return true;
}
}

53
packages/twenty-server/src/core/auth/services/auth.service.spec.ts Normal file
View File

@ -0,0 +1,53 @@
import { Test, TestingModule } from '@nestjs/testing';
import { getRepositoryToken } from '@nestjs/typeorm';
import { UserService } from 'src/core/user/services/user.service';
import { WorkspaceManagerService } from 'src/workspace/workspace-manager/workspace-manager.service';
import { FileUploadService } from 'src/core/file/services/file-upload.service';
import { Workspace } from 'src/core/workspace/workspace.entity';
import { User } from 'src/core/user/user.entity';
import { AuthService } from './auth.service';
import { TokenService } from './token.service';
describe('AuthService', () => {
let service: AuthService;
beforeEach(async () => {
const module: TestingModule = await Test.createTestingModule({
providers: [
AuthService,
{
provide: TokenService,
useValue: {},
},
{
provide: UserService,
useValue: {},
},
{
provide: WorkspaceManagerService,
useValue: {},
},
{
provide: FileUploadService,
useValue: {},
},
{
provide: getRepositoryToken(Workspace, 'core'),
useValue: {},
},
{
provide: getRepositoryToken(User, 'core'),
useValue: {},
},
],
}).compile();
service = module.get<AuthService>(AuthService);
});
it('should be defined', () => {
expect(service).toBeDefined();
});
});

230
packages/twenty-server/src/core/auth/services/auth.service.ts Normal file
View File

@ -0,0 +1,230 @@
import {
BadRequestException,
ForbiddenException,
Injectable,
NotFoundException,
} from '@nestjs/common';
import { InjectRepository } from '@nestjs/typeorm';
import FileType from 'file-type';
import { Repository } from 'typeorm';
import { v4 } from 'uuid';
import { FileFolder } from 'src/core/file/interfaces/file-folder.interface';
import { ChallengeInput } from 'src/core/auth/dto/challenge.input';
import { assert } from 'src/utils/assert';
import {
PASSWORD_REGEX,
compareHash,
hashPassword,
} from 'src/core/auth/auth.util';
import { Verify } from 'src/core/auth/dto/verify.entity';
import { UserExists } from 'src/core/auth/dto/user-exists.entity';
import { WorkspaceInviteHashValid } from 'src/core/auth/dto/workspace-invite-hash-valid.entity';
import { User } from 'src/core/user/user.entity';
import { Workspace } from 'src/core/workspace/workspace.entity';
import { UserService } from 'src/core/user/services/user.service';
import { WorkspaceManagerService } from 'src/workspace/workspace-manager/workspace-manager.service';
import { getImageBufferFromUrl } from 'src/utils/image';
import { FileUploadService } from 'src/core/file/services/file-upload.service';
import { TokenService } from './token.service';
export type UserPayload = {
firstName: string;
lastName: string;
email: string;
};
@Injectable()
export class AuthService {
constructor(
private readonly tokenService: TokenService,
private readonly userService: UserService,
private readonly workspaceManagerService: WorkspaceManagerService,
private readonly fileUploadService: FileUploadService,
@InjectRepository(Workspace, 'core')
private readonly workspaceRepository: Repository<Workspace>,
@InjectRepository(User, 'core')
private readonly userRepository: Repository<User>,
) {}
async challenge(challengeInput: ChallengeInput) {
const user = await this.userRepository.findOneBy({
email: challengeInput.email,
});
assert(user, "This user doesn't exist", NotFoundException);
assert(user.passwordHash, 'Incorrect login method', ForbiddenException);
const isValid = await compareHash(
challengeInput.password,
user.passwordHash,
);
assert(isValid, 'Wrong password', ForbiddenException);
return user;
}
async signUp({
email,
password,
workspaceInviteHash,
firstName,
lastName,
picture,
}: {
email: string;
password?: string;
firstName?: string | null;
lastName?: string | null;
workspaceInviteHash?: string | null;
picture?: string | null;
}) {
if (!firstName) firstName = '';
if (!lastName) lastName = '';
const existingUser = await this.userRepository.findOneBy({
email: email,
});
assert(!existingUser, 'This user already exists', ForbiddenException);
if (password) {
const isPasswordValid = PASSWORD_REGEX.test(password);
assert(isPasswordValid, 'Password too weak', BadRequestException);
}
const passwordHash = password ? await hashPassword(password) : undefined;
let workspace: Workspace | null;
if (workspaceInviteHash) {
workspace = await this.workspaceRepository.findOneBy({
inviteHash: workspaceInviteHash,
});
assert(
workspace,
'This workspace inviteHash is invalid',
ForbiddenException,
);
} else {
const workspaceToCreate = this.workspaceRepository.create({
displayName: '',
domainName: '',
inviteHash: v4(),
});
workspace = await this.workspaceRepository.save(workspaceToCreate);
await this.workspaceManagerService.init(workspace.id);
}
const userToCreate = this.userRepository.create({
email: email,
firstName: firstName,
lastName: lastName,
canImpersonate: false,
passwordHash,
defaultWorkspace: workspace,
});
const user = await this.userRepository.save(userToCreate);
let imagePath: string | undefined = undefined;
if (picture) {
const buffer = await getImageBufferFromUrl(picture);
const type = await FileType.fromBuffer(buffer);
const { paths } = await this.fileUploadService.uploadImage({
file: buffer,
filename: `${v4()}.${type?.ext}`,
mimeType: type?.mime,
fileFolder: FileFolder.ProfilePicture,
});
imagePath = paths[0];
}
await this.userService.createWorkspaceMember(user, imagePath);
return user;
}
async verify(email: string): Promise<Verify> {
const user = await this.userRepository.findOne({
where: {
email,
},
relations: ['defaultWorkspace'],
});
assert(user, "This user doesn't exist", NotFoundException);
assert(
user.defaultWorkspace,
'User has no default workspace',
NotFoundException,
);
// passwordHash is hidden for security reasons
user.passwordHash = '';
user.workspaceMember = await this.userService.loadWorkspaceMember(user);
const accessToken = await this.tokenService.generateAccessToken(user.id);
const refreshToken = await this.tokenService.generateRefreshToken(user.id);
return {
user,
tokens: {
accessToken,
refreshToken,
},
};
}
async checkUserExists(email: string): Promise<UserExists> {
const user = await this.userRepository.findOneBy({
email,
});
return { exists: !!user };
}
async checkWorkspaceInviteHashIsValid(
inviteHash: string,
): Promise<WorkspaceInviteHashValid> {
const workspace = await this.workspaceRepository.findOneBy({
inviteHash,
});
return { isValid: !!workspace };
}
async impersonate(userId: string) {
const user = await this.userRepository.findOne({
where: {
id: userId,
},
relations: ['defaultWorkspace'],
});
assert(user, "This user doesn't exist", NotFoundException);
if (!user.defaultWorkspace.allowImpersonation) {
throw new ForbiddenException('Impersonation not allowed');
}
const accessToken = await this.tokenService.generateAccessToken(user.id);
const refreshToken = await this.tokenService.generateRefreshToken(user.id);
return {
user,
tokens: {
accessToken,
refreshToken,
},
};
}
}

35
packages/twenty-server/src/core/auth/services/google-gmail.service.ts Normal file
View File

@ -0,0 +1,35 @@
import { Injectable } from '@nestjs/common';
import { DataSourceService } from 'src/metadata/data-source/data-source.service';
import { TypeORMService } from 'src/database/typeorm/typeorm.service';
import { SaveConnectedAccountInput } from 'src/core/auth/dto/save-connected-account';
@Injectable()
export class GoogleGmailService {
constructor(
private readonly dataSourceService: DataSourceService,
private readonly typeORMService: TypeORMService,
) {}
async saveConnectedAccount(
saveConnectedAccountInput: SaveConnectedAccountInput,
) {
const { workspaceId, type, accessToken, refreshToken } =
saveConnectedAccountInput;
const dataSourceMetadata =
await this.dataSourceService.getLastDataSourceMetadataFromWorkspaceIdOrFail(
workspaceId,
);
const workspaceDataSource = await this.typeORMService.connectToDataSource(
dataSourceMetadata,
);
await workspaceDataSource?.query(
`INSERT INTO ${dataSourceMetadata.schema}."connectedAccount" ("type", "accessToken", "refreshToken") VALUES ('${type}', '${accessToken}', '${refreshToken}')`,
);
return;
}
}

48
packages/twenty-server/src/core/auth/services/token.service.spec.ts Normal file
View File

@ -0,0 +1,48 @@
import { Test, TestingModule } from '@nestjs/testing';
import { JwtService } from '@nestjs/jwt';
import { getRepositoryToken } from '@nestjs/typeorm';
import { EnvironmentService } from 'src/integrations/environment/environment.service';
import { RefreshToken } from 'src/core/refresh-token/refresh-token.entity';
import { User } from 'src/core/user/user.entity';
import { JwtAuthStrategy } from 'src/core/auth/strategies/jwt.auth.strategy';
import { TokenService } from './token.service';
describe('TokenService', () => {
let service: TokenService;
beforeEach(async () => {
const module: TestingModule = await Test.createTestingModule({
providers: [
TokenService,
{
provide: JwtService,
useValue: {},
},
{
provide: JwtAuthStrategy,
useValue: {},
},
{
provide: EnvironmentService,
useValue: {},
},
{
provide: getRepositoryToken(User, 'core'),
useValue: {},
},
{
provide: getRepositoryToken(RefreshToken, 'core'),
useValue: {},
},
],
}).compile();
service = module.get<TokenService>(TokenService);
});
it('should be defined', () => {
expect(service).toBeDefined();
});
});

309
packages/twenty-server/src/core/auth/services/token.service.ts Normal file
View File

@ -0,0 +1,309 @@
import {
ForbiddenException,
Injectable,
InternalServerErrorException,
NotFoundException,
UnauthorizedException,
UnprocessableEntityException,
} from '@nestjs/common';
import { JwtService } from '@nestjs/jwt';
import { InjectRepository } from '@nestjs/typeorm';
import { addMilliseconds } from 'date-fns';
import ms from 'ms';
import { JsonWebTokenError, TokenExpiredError } from 'jsonwebtoken';
import { Repository } from 'typeorm';
import { Request } from 'express';
import { ExtractJwt } from 'passport-jwt';
import {
JwtAuthStrategy,
JwtPayload,
} from 'src/core/auth/strategies/jwt.auth.strategy';
import { assert } from 'src/utils/assert';
import { ApiKeyToken, AuthToken } from 'src/core/auth/dto/token.entity';
import { EnvironmentService } from 'src/integrations/environment/environment.service';
import { User } from 'src/core/user/user.entity';
import { RefreshToken } from 'src/core/refresh-token/refresh-token.entity';
import { Workspace } from 'src/core/workspace/workspace.entity';
@Injectable()
export class TokenService {
constructor(
private readonly jwtService: JwtService,
private readonly jwtStrategy: JwtAuthStrategy,
private readonly environmentService: EnvironmentService,
@InjectRepository(User, 'core')
private readonly userRepository: Repository<User>,
@InjectRepository(RefreshToken, 'core')
private readonly refreshTokenRepository: Repository<RefreshToken>,
) {}
async generateAccessToken(userId: string): Promise<AuthToken> {
const expiresIn = this.environmentService.getAccessTokenExpiresIn();
assert(expiresIn, '', InternalServerErrorException);
const expiresAt = addMilliseconds(new Date().getTime(), ms(expiresIn));
const user = await this.userRepository.findOne({
where: { id: userId },
relations: ['defaultWorkspace'],
});
if (!user) {
throw new NotFoundException('User is not found');
}
if (!user.defaultWorkspace) {
throw new NotFoundException('User does not have a default workspace');
}
const jwtPayload: JwtPayload = {
sub: user.id,
workspaceId: user.defaultWorkspace.id,
};
return {
token: this.jwtService.sign(jwtPayload),
expiresAt,
};
}
async generateRefreshToken(userId: string): Promise<AuthToken> {
const secret = this.environmentService.getRefreshTokenSecret();
const expiresIn = this.environmentService.getRefreshTokenExpiresIn();
assert(expiresIn, '', InternalServerErrorException);
const expiresAt = addMilliseconds(new Date().getTime(), ms(expiresIn));
const refreshTokenPayload = {
userId,
expiresAt,
};
const jwtPayload = {
sub: userId,
};
const refreshToken =
this.refreshTokenRepository.create(refreshTokenPayload);
await this.refreshTokenRepository.save(refreshToken);
return {
token: this.jwtService.sign(jwtPayload, {
secret,
expiresIn,
// Jwtid will be used to link RefreshToken entity to this token
jwtid: refreshToken.id,
}),
expiresAt,
};
}
async generateLoginToken(email: string): Promise<AuthToken> {
const secret = this.environmentService.getLoginTokenSecret();
const expiresIn = this.environmentService.getLoginTokenExpiresIn();
assert(expiresIn, '', InternalServerErrorException);
const expiresAt = addMilliseconds(new Date().getTime(), ms(expiresIn));
const jwtPayload = {
sub: email,
};
return {
token: this.jwtService.sign(jwtPayload, {
secret,
expiresIn,
}),
expiresAt,
};
}
async generateTransientToken(
workspaceMemberId: string,
workspaceId: string,
): Promise<AuthToken> {
const secret = this.environmentService.getLoginTokenSecret();
const expiresIn = this.environmentService.getTransientTokenExpiresIn();
assert(expiresIn, '', InternalServerErrorException);
const expiresAt = addMilliseconds(new Date().getTime(), ms(expiresIn));
const jwtPayload = {
sub: workspaceMemberId,
workspaceId,
};
return {
token: this.jwtService.sign(jwtPayload, {
secret,
expiresIn,
}),
expiresAt,
};
}
async generateApiKeyToken(
workspaceId: string,
apiKeyId?: string,
expiresAt?: Date | string,
): Promise<Pick<ApiKeyToken, 'token'> | undefined> {
if (!apiKeyId) {
return;
}
const jwtPayload = {
sub: workspaceId,
};
const secret = this.environmentService.getAccessTokenSecret();
let expiresIn: string | number;
if (expiresAt) {
expiresIn = Math.floor(
(new Date(expiresAt).getTime() - new Date().getTime()) / 1000,
);
} else {
expiresIn = this.environmentService.getApiTokenExpiresIn();
}
const token = this.jwtService.sign(jwtPayload, {
secret,
expiresIn,
jwtid: apiKeyId,
});
return { token };
}
async validateToken(request: Request): Promise<Workspace> {
const token = ExtractJwt.fromAuthHeaderAsBearerToken()(request);
if (!token) {
throw new UnauthorizedException('missing authentication token');
}
const decoded = await this.verifyJwt(
token,
this.environmentService.getAccessTokenSecret(),
);
const { workspace } = await this.jwtStrategy.validate(
decoded as JwtPayload,
);
return workspace;
}
async verifyLoginToken(loginToken: string): Promise<string> {
const loginTokenSecret = this.environmentService.getLoginTokenSecret();
const payload = await this.verifyJwt(loginToken, loginTokenSecret);
return payload.sub;
}
async verifyTransientToken(transientToken: string): Promise<{
workspaceMemberId: string;
workspaceId: string;
}> {
const transientTokenSecret = this.environmentService.getLoginTokenSecret();
const payload = await this.verifyJwt(transientToken, transientTokenSecret);
return {
workspaceMemberId: payload.sub,
workspaceId: payload.workspaceId,
};
}
async verifyRefreshToken(refreshToken: string) {
const secret = this.environmentService.getRefreshTokenSecret();
const coolDown = this.environmentService.getRefreshTokenCoolDown();
const jwtPayload = await this.verifyJwt(refreshToken, secret);
assert(
jwtPayload.jti && jwtPayload.sub,
'This refresh token is malformed',
UnprocessableEntityException,
);
const token = await this.refreshTokenRepository.findOneBy({
id: jwtPayload.jti,
});
assert(token, "This refresh token doesn't exist", NotFoundException);
const user = await this.userRepository.findOneBy({
id: jwtPayload.sub,
});
assert(user, 'User not found', NotFoundException);
// Check if revokedAt is less than coolDown
if (
token.revokedAt &&
token.revokedAt.getTime() <= Date.now() - ms(coolDown)
) {
// Revoke all user refresh tokens
await Promise.all(
user.refreshTokens.map(
async ({ id }) =>
await this.refreshTokenRepository.update(
{ id },
{
revokedAt: new Date(),
},
),
),
);
throw new ForbiddenException(
'Suspicious activity detected, this refresh token has been revoked. All tokens has been revoked.',
);
}
return { user, token };
}
async generateTokensFromRefreshToken(token: string): Promise<{
accessToken: AuthToken;
refreshToken: AuthToken;
}> {
const {
user,
token: { id },
} = await this.verifyRefreshToken(token);
// Revoke old refresh token
await this.refreshTokenRepository.update(
{
id,
},
{
revokedAt: new Date(),
},
);
const accessToken = await this.generateAccessToken(user.id);
const refreshToken = await this.generateRefreshToken(user.id);
return {
accessToken,
refreshToken,
};
}
computeRedirectURI(loginToken: string): string {
return `${this.environmentService.getFrontAuthCallbackUrl()}?loginToken=${loginToken}`;
}
async verifyJwt(token: string, secret?: string) {
try {
return this.jwtService.verify(token, secret ? { secret } : undefined);
} catch (error) {
if (error instanceof TokenExpiredError) {
throw new UnauthorizedException('Token has expired.');
} else if (error instanceof JsonWebTokenError) {
throw new UnauthorizedException('Token invalid.');
} else {
throw new UnprocessableEntityException();
}
}
}
}

80
packages/twenty-server/src/core/auth/strategies/google-gmail.auth.strategy.ts Normal file
View File

@ -0,0 +1,80 @@
import { PassportStrategy } from '@nestjs/passport';
import { Injectable } from '@nestjs/common';
import { Strategy, VerifyCallback } from 'passport-google-oauth20';
import { Request } from 'express';
import { EnvironmentService } from 'src/integrations/environment/environment.service';
export type GoogleGmailRequest = Request & {
user: {
firstName?: string | null;
lastName?: string | null;
email: string;
picture: string | null;
workspaceInviteHash?: string;
accessToken: string;
refreshToken: string;
transientToken: string;
};
};
@Injectable()
export class GoogleGmailStrategy extends PassportStrategy(
Strategy,
'google-gmail',
) {
constructor(environmentService: EnvironmentService) {
super({
clientID: environmentService.getAuthGoogleClientId(),
clientSecret: environmentService.getAuthGoogleClientSecret(),
callbackURL: environmentService.getMessagingProviderGmailCallbackUrl(),
scope: [
'email',
'profile',
'https://www.googleapis.com/auth/gmail.readonly',
],
passReqToCallback: true,
});
}
authenticate(req: any, options: any) {
options = {
...options,
accessType: 'offline',
prompt: 'consent',
state: JSON.stringify({
transientToken: req.params.transientToken,
}),
};
return super.authenticate(req, options);
}
async validate(
request: GoogleGmailRequest,
accessToken: string,
refreshToken: string,
profile: any,
done: VerifyCallback,
): Promise<void> {
const { name, emails, photos } = profile;
const state =
typeof request.query.state === 'string'
? JSON.parse(request.query.state)
: undefined;
const user: GoogleGmailRequest['user'] = {
email: emails[0].value,
firstName: name.givenName,
lastName: name.familyName,
picture: photos?.[0]?.value,
accessToken,
refreshToken,
transientToken: state.transientToken,
};
done(null, user);
}
}

65
packages/twenty-server/src/core/auth/strategies/google.auth.strategy.ts Normal file
View File

@ -0,0 +1,65 @@
import { PassportStrategy } from '@nestjs/passport';
import { Injectable } from '@nestjs/common';
import { Strategy, VerifyCallback } from 'passport-google-oauth20';
import { Request } from 'express';
import { EnvironmentService } from 'src/integrations/environment/environment.service';
export type GoogleRequest = Request & {
user: {
firstName?: string | null;
lastName?: string | null;
email: string;
picture: string | null;
workspaceInviteHash?: string;
};
};
@Injectable()
export class GoogleStrategy extends PassportStrategy(Strategy, 'google') {
constructor(environmentService: EnvironmentService) {
super({
clientID: environmentService.getAuthGoogleClientId(),
clientSecret: environmentService.getAuthGoogleClientSecret(),
callbackURL: environmentService.getAuthGoogleCallbackUrl(),
scope: ['email', 'profile'],
passReqToCallback: true,
});
}
authenticate(req: any, options: any) {
options = {
...options,
state: JSON.stringify({
workspaceInviteHash: req.params.workspaceInviteHash,
}),
};
return super.authenticate(req, options);
}
async validate(
request: GoogleRequest,
accessToken: string,
refreshToken: string,
profile: any,
done: VerifyCallback,
): Promise<void> {
const { name, emails, photos } = profile;
const state =
typeof request.query.state === 'string'
? JSON.parse(request.query.state)
: undefined;
const user: GoogleRequest['user'] = {
email: emails[0].value,
firstName: name.givenName,
lastName: name.familyName,
picture: photos?.[0]?.value,
workspaceInviteHash: state.workspaceInviteHash,
};
done(null, user);
}
}

83
packages/twenty-server/src/core/auth/strategies/jwt.auth.strategy.ts Normal file
View File

@ -0,0 +1,83 @@
import { PassportStrategy } from '@nestjs/passport';
import {
ForbiddenException,
Injectable,
UnauthorizedException,
} from '@nestjs/common';
import { InjectRepository } from '@nestjs/typeorm';
import { Strategy, ExtractJwt } from 'passport-jwt';
import { Repository } from 'typeorm';
import { assert } from 'src/utils/assert';
import { EnvironmentService } from 'src/integrations/environment/environment.service';
import { Workspace } from 'src/core/workspace/workspace.entity';
import { User } from 'src/core/user/user.entity';
import { TypeORMService } from 'src/database/typeorm/typeorm.service';
import { DataSourceService } from 'src/metadata/data-source/data-source.service';
export type JwtPayload = { sub: string; workspaceId: string; jti?: string };
export type PassportUser = { user?: User; workspace: Workspace };
@Injectable()
export class JwtAuthStrategy extends PassportStrategy(Strategy, 'jwt') {
constructor(
private readonly environmentService: EnvironmentService,
private readonly typeORMService: TypeORMService,
private readonly dataSourceService: DataSourceService,
@InjectRepository(Workspace, 'core')
private readonly workspaceRepository: Repository<Workspace>,
@InjectRepository(User, 'core')
private readonly userRepository: Repository<User>,
) {
super({
jwtFromRequest: ExtractJwt.fromAuthHeaderAsBearerToken(),
ignoreExpiration: false,
secretOrKey: environmentService.getAccessTokenSecret(),
});
}
async validate(payload: JwtPayload): Promise<PassportUser> {
const workspace = await this.workspaceRepository.findOneBy({
id: payload.workspaceId ?? payload.sub,
});
if (!workspace) {
throw new UnauthorizedException();
}
if (payload.jti) {
const dataSourceMetadata =
await this.dataSourceService.getLastDataSourceMetadataFromWorkspaceIdOrFail(
workspace.id,
);
const workspaceDataSource = await this.typeORMService.connectToDataSource(
dataSourceMetadata,
);
const apiKey = await workspaceDataSource?.query(
`SELECT * FROM ${dataSourceMetadata.schema}."apiKey" WHERE id = '${payload.jti}'`,
);
assert(
apiKey.length === 1 && !apiKey?.[0].revokedAt,
'This API Key is revoked',
ForbiddenException,
);
}
let user;
if (payload.workspaceId) {
user = await this.userRepository.findOne({
where: { id: payload.sub },
relations: ['defaultWorkspace'],
});
if (!user) {
throw new UnauthorizedException();
}
}
return { user, workspace };
}
}

49
packages/twenty-server/src/core/client-config/client-config.entity.ts Normal file
View File

@ -0,0 +1,49 @@
import { Field, ObjectType } from '@nestjs/graphql';
@ObjectType()
class AuthProviders {
@Field(() => Boolean)
google: boolean;
@Field(() => Boolean)
magicLink: boolean;
@Field(() => Boolean)
password: boolean;
}
@ObjectType()
class Telemetry {
@Field(() => Boolean)
enabled: boolean;
@Field(() => Boolean)
anonymizationEnabled: boolean;
}
@ObjectType()
class Support {
@Field(() => String)
supportDriver: string;
@Field(() => String, { nullable: true })
supportFrontChatId: string | undefined;
}
@ObjectType()
export class ClientConfig {
@Field(() => AuthProviders, { nullable: false })
authProviders: AuthProviders;
@Field(() => Telemetry, { nullable: false })
telemetry: Telemetry;
@Field(() => Boolean)
signInPrefilled: boolean;
@Field(() => Boolean)
debugMode: boolean;
@Field(() => Support)
support: Support;
}

8
packages/twenty-server/src/core/client-config/client-config.module.ts Normal file
View File

@ -0,0 +1,8 @@
import { Module } from '@nestjs/common';
import { ClientConfigResolver } from './client-config.resolver';
@Module({
providers: [ClientConfigResolver],
})
export class ClientConfigModule {}

Some files were not shown because too many files have changed in this diff Show More