Recompute cached permissions at feature flag update (#12554)

If permissionsV2 feature flag is toggled, we should recompute the permissions. We decided to make each WorkspaceXxCacheService Xx-specific (feature flag, permissions...), so we are not recomputing permission cache from workspaceFeatureFlagCacheService where feature flags are recomputed, even if that would be a lower level than FeatureFlagService. This allows to avoid complex circuclar dependency and keeps a clear purpose for each service.
2025-06-12 16:33:52 +02:00
parent 7e6d3295d6
commit 6efadd330f
5 changed files with 36 additions and 11 deletions
--- a/packages/twenty-server/src/engine/metadata-modules/workspace-permissions-cache/workspace-permissions-cache.module.ts
+++ b/packages/twenty-server/src/engine/metadata-modules/workspace-permissions-cache/workspace-permissions-cache.module.ts
@ -1,11 +1,11 @@
 import { Module } from '@nestjs/common';
 import { TypeOrmModule } from '@nestjs/typeorm';

-import { FeatureFlagModule } from 'src/engine/core-modules/feature-flag/feature-flag.module';
 import { Workspace } from 'src/engine/core-modules/workspace/workspace.entity';
 import { ObjectMetadataEntity } from 'src/engine/metadata-modules/object-metadata/object-metadata.entity';
 import { RoleEntity } from 'src/engine/metadata-modules/role/role.entity';
 import { UserWorkspaceRoleEntity } from 'src/engine/metadata-modules/role/user-workspace-role.entity';
+import { WorkspaceFeatureFlagsMapCacheModule } from 'src/engine/metadata-modules/workspace-feature-flags-map-cache/workspace-feature-flags-map-cache.module';
 import { WorkspacePermissionsCacheStorageService } from 'src/engine/metadata-modules/workspace-permissions-cache/workspace-permissions-cache-storage.service';
 import { WorkspaceCacheStorageModule } from 'src/engine/workspace-cache-storage/workspace-cache-storage.module';

@ -19,7 +19,7 @@ import { WorkspacePermissionsCacheService } from './workspace-permissions-cache.
      'core',
    ),
    WorkspaceCacheStorageModule,
-    FeatureFlagModule,
+    WorkspaceFeatureFlagsMapCacheModule,
  ],
  providers: [
    WorkspacePermissionsCacheService,
--- a/packages/twenty-server/src/engine/metadata-modules/workspace-permissions-cache/workspace-permissions-cache.service.ts
+++ b/packages/twenty-server/src/engine/metadata-modules/workspace-permissions-cache/workspace-permissions-cache.service.ts
@ -9,16 +9,15 @@ import { isDefined } from 'twenty-shared/utils';
 import { In, Repository } from 'typeorm';

 import { FeatureFlagKey } from 'src/engine/core-modules/feature-flag/enums/feature-flag-key.enum';
-import { FeatureFlagService } from 'src/engine/core-modules/feature-flag/services/feature-flag.service';
 import { ObjectMetadataEntity } from 'src/engine/metadata-modules/object-metadata/object-metadata.entity';
 import { SettingPermissionType } from 'src/engine/metadata-modules/permissions/constants/setting-permission-type.constants';
 import { RoleEntity } from 'src/engine/metadata-modules/role/role.entity';
 import { UserWorkspaceRoleEntity } from 'src/engine/metadata-modules/role/user-workspace-role.entity';
+import { WorkspaceFeatureFlagsMapCacheService } from 'src/engine/metadata-modules/workspace-feature-flags-map-cache/workspace-feature-flags-map-cache.service';
 import { UserWorkspaceRoleMap } from 'src/engine/metadata-modules/workspace-permissions-cache/types/user-workspace-role-map.type';
 import { WorkspacePermissionsCacheStorageService } from 'src/engine/metadata-modules/workspace-permissions-cache/workspace-permissions-cache-storage.service';
 import { TwentyORMExceptionCode } from 'src/engine/twenty-orm/exceptions/twenty-orm.exception';
 import { getFromCacheWithRecompute } from 'src/engine/utils/get-data-from-cache-with-recompute.util';
-import { WorkspaceCacheStorageService } from 'src/engine/workspace-cache-storage/workspace-cache-storage.service';
 import { STANDARD_OBJECT_IDS } from 'src/engine/workspace-manager/workspace-sync-metadata/constants/standard-object-ids';

 type CacheResult<T, U> = {
@ -41,8 +40,7 @@ export class WorkspacePermissionsCacheService {
    @InjectRepository(UserWorkspaceRoleEntity, 'core')
    private readonly userWorkspaceRoleRepository: Repository<UserWorkspaceRoleEntity>,
    private readonly workspacePermissionsCacheStorageService: WorkspacePermissionsCacheStorageService,
-    private readonly workspaceCacheStorageService: WorkspaceCacheStorageService,
-    private readonly featureFlagService: FeatureFlagService,
+    private readonly workspaceFeatureFlagsMapCacheService: WorkspaceFeatureFlagsMapCacheService,
  ) {}

  async recomputeRolesPermissionsCache({
@ -87,12 +85,14 @@ export class WorkspacePermissionsCacheService {
          );
      }

-      const isPermissionsV2Enabled =
-        await this.featureFlagService.isFeatureEnabled(
-          FeatureFlagKey.IS_PERMISSIONS_V2_ENABLED,
-          workspaceId,
+      const workspaceFeatureFlagsMap =
+        await this.workspaceFeatureFlagsMapCacheService.getWorkspaceFeatureFlagsMap(
+          { workspaceId },
        );

+      const isPermissionsV2Enabled =
+        !!workspaceFeatureFlagsMap[FeatureFlagKey.IS_PERMISSIONS_V2_ENABLED];
+
      const recomputedRolesPermissions =
        await this.getObjectRecordPermissionsForRoles({
          workspaceId,