diff --git a/packages/twenty-server/@types/jest.d.ts b/packages/twenty-server/@types/jest.d.ts index 83a2358e7..de92be010 100644 --- a/packages/twenty-server/@types/jest.d.ts +++ b/packages/twenty-server/@types/jest.d.ts @@ -5,11 +5,12 @@ declare module '@jest/types' { namespace Config { interface ConfigGlobals { APP_PORT: number; - ADMIN_ACCESS_TOKEN: string; + APPLE_JANE_ADMIN_ACCESS_TOKEN: string; EXPIRED_ACCESS_TOKEN: string; INVALID_ACCESS_TOKEN: string; - MEMBER_ACCESS_TOKEN: string; - GUEST_ACCESS_TOKEN: string; + APPLE_JONY_MEMBER_ACCESS_TOKEN: string; + APPLE_PHIL_GUEST_ACCESS_TOKEN: string; + ACME_JONY_MEMBER_ACCESS_TOKEN: string; API_KEY_ACCESS_TOKEN: string; testDataSource?: DataSource; } @@ -18,12 +19,13 @@ declare module '@jest/types' { declare global { const APP_PORT: number; - const ADMIN_ACCESS_TOKEN: string; + const APPLE_JANE_ADMIN_ACCESS_TOKEN: string; const EXPIRED_ACCESS_TOKEN: string; const INVALID_ACCESS_TOKEN: string; - const MEMBER_ACCESS_TOKEN: string; - const GUEST_ACCESS_TOKEN: string; + const APPLE_JONY_MEMBER_ACCESS_TOKEN: string; + const APPLE_PHIL_GUEST_ACCESS_TOKEN: string; const API_KEY_ACCESS_TOKEN: string; + const ACME_JONY_MEMBER_ACCESS_TOKEN: string; const WORKSPACE_AGNOSTIC_TOKEN: string; const testDataSource: DataSource; } diff --git a/packages/twenty-server/jest-integration.config.ts b/packages/twenty-server/jest-integration.config.ts index c19447766..9b8bc53b9 100644 --- a/packages/twenty-server/jest-integration.config.ts +++ b/packages/twenty-server/jest-integration.config.ts @@ -74,16 +74,18 @@ const jestConfig: JestConfigWithTsJest = { globals: { APP_PORT: 4000, NODE_ENV: NodeEnvironment.TEST, - ADMIN_ACCESS_TOKEN: + APPLE_JANE_ADMIN_ACCESS_TOKEN: 'eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIyMDIwMjAyMC1lNmI1LTQ2ODAtOGEzMi1iODIwOTczNzE1NmIiLCJ1c2VySWQiOiIyMDIwMjAyMC1lNmI1LTQ2ODAtOGEzMi1iODIwOTczNzE1NmIiLCJ3b3Jrc3BhY2VJZCI6IjIwMjAyMDIwLTFjMjUtNGQwMi1iZjI1LTZhZWNjZjdlYTQxOSIsIndvcmtzcGFjZU1lbWJlcklkIjoiMjAyMDIwMjAtNDYzZi00MzViLTgyOGMtMTA3ZTAwN2EyNzExIiwidXNlcldvcmtzcGFjZUlkIjoiMjAyMDIwMjAtMWU3Yy00M2Q5LWE1ZGItNjg1YjUwNjlkODE2IiwidHlwZSI6IkFDQ0VTUyIsImF1dGhQcm92aWRlciI6InBhc3N3b3JkIiwiaWF0IjoxNzUxMjgxNzA0LCJleHAiOjIwNjY4NTc3MDR9.HMGqCsVlOAPVUBhKSGlD1X86VoHKt4LIUtET3CGIdik', EXPIRED_ACCESS_TOKEN: 'eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIyMDIwMjAyMC05ZTNiLTQ2ZDQtYTU1Ni04OGI5ZGRjMmIwMzQiLCJ3b3Jrc3BhY2VJZCI6IjIwMjAyMDIwLTFjMjUtNGQwMi1iZjI1LTZhZWNjZjdlYTQxOSIsIndvcmtzcGFjZU1lbWJlcklkIjoiMjAyMDIwMjAtMDY4Ny00YzQxLWI3MDctZWQxYmZjYTk3MmE3IiwiaWF0IjoxNzM4MzIzODc5LCJleHAiOjE3MzgzMjU2Nzl9.m73hHVpnw5uGNGrSuKxn6XtKEUK3Wqkp4HsQdYfZiHo', INVALID_ACCESS_TOKEN: 'eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIyMDIwMjAyMC05ZTNiLTQ2ZDQtYTU1Ni04OGI5ZGRjMmIwMzQiLCJ3b3Jrc3BhY2VJZCI6IjIwMjAyMDIwLTFjMjUtNGQwMi1iZjI1LTZhZWNjZjdlYTQxOSIsIndvcmtzcGFjZU1lbWJlcklkIjoiMjAyMDIwMjAtMDY4Ny00YzQxLWI3MDctZWQxYmZjYTk3MmE3IiwiaWF0IjoxNzM4MzIzODc5LCJleHAiOjE3MzgzMjU2Nzl9.m73hHVpnw5uGNGrSuKxn6XtKEUK3Wqkp4HsQdYfZiHp', - MEMBER_ACCESS_TOKEN: + APPLE_JONY_MEMBER_ACCESS_TOKEN: 'eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIyMDIwMjAyMC0zOTU3LTQ5MDgtOWMzNi0yOTI5YTIzZjgzNTciLCJ3b3Jrc3BhY2VJZCI6IjIwMjAyMDIwLTFjMjUtNGQwMi1iZjI1LTZhZWNjZjdlYTQxOSIsIndvcmtzcGFjZU1lbWJlcklkIjoiMjAyMDIwMjAtNzdkNS00Y2I2LWI2MGEtZjRhODM1YTg1ZDYxIiwidXNlcldvcmtzcGFjZUlkIjoiMjAyMDIwMjAtMzk1Ny00OTA4LTljMzYtMjkyOWEyM2Y4MzUzIiwiaWF0IjoxNzM5NDU5NTcwLCJleHAiOjMzMjk3MDU5NTcwfQ.Er7EEU4IP4YlGN79jCLR_6sUBqBfKx2M3G_qGiDpPRo', - GUEST_ACCESS_TOKEN: + APPLE_PHIL_GUEST_ACCESS_TOKEN: 'eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIyMDIwMjAyMC03MTY5LTQyY2YtYmM0Ny0xY2ZlZjE1MjY0YjgiLCJ3b3Jrc3BhY2VJZCI6IjIwMjAyMDIwLTFjMjUtNGQwMi1iZjI1LTZhZWNjZjdlYTQxOSIsIndvcmtzcGFjZU1lbWJlcklkIjoiMjAyMDIwMjAtMTU1My00NWM2LWEwMjgtNWE5MDY0Y2NlMDdmIiwidXNlcldvcmtzcGFjZUlkIjoiMjAyMDIwMjAtNzE2OS00MmNmLWJjNDctMWNmZWYxNTI2NGIxIiwiaWF0IjoxNzM5ODg4NDcwLCJleHAiOjMzMjk3NDg4NDcwfQ.0NEu-AWGv3l77rs-56Z5Gt0UTU7HDl6qUTHUcMWNrCc', + ACME_JONY_MEMBER_ACCESS_TOKEN: + 'eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIyMDIwMjAyMC0zOTU3LTQ5MDgtOWMzNi0yOTI5YTIzZjgzNTciLCJ1c2VySWQiOiIyMDIwMjAyMC0zOTU3LTQ5MDgtOWMzNi0yOTI5YTIzZjgzNTciLCJ3b3Jrc3BhY2VJZCI6IjNiOGU2NDU4LTVmYzEtNGU2My04NTYzLTAwOGNjZGRhYTZkYiIsIndvcmtzcGFjZU1lbWJlcklkIjoiMjAyMDIwMjAtNzdkNS00Y2I2LWI2MGEtZjRhODM1YTg1ZDYxIiwidXNlcldvcmtzcGFjZUlkIjoiMjAyMDIwMjAtZTEwYS00YzI3LWE5MGItYjA4YzU3YjAyZDQ1IiwidHlwZSI6IkFDQ0VTUyIsImF1dGhQcm92aWRlciI6InBhc3N3b3JkIiwiaWF0IjoxNzUyMDc4MDA0LCJleHAiOjMzMzA5Njc4MDA0fQ.JBtQCkNWsqAkzouxhcVjCEikV6A_-qr3IflE67NYQYY', API_KEY_ACCESS_TOKEN: 'eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIyMDIwMjAyMC0xYzI1LTRkMDItYmYyNS02YWVjY2Y3ZWE0MTkiLCJ0eXBlIjoiQVBJX0tFWSIsIndvcmtzcGFjZUlkIjoiMjAyMDIwMjAtMWMyNS00ZDAyLWJmMjUtNmFlY2NmN2VhNDE5IiwiaWF0IjoxNzQ0OTgzNzUwLCJleHAiOjQ4OTg1ODM2OTMsImp0aSI6IjIwMjAyMDIwLWY0MDEtNGQ4YS1hNzMxLTY0ZDAwN2MyN2JhZCJ9.4xkkwz_uu2xzs_V8hJSaM15fGziT5zS3vq2lM48OHr0', }, diff --git a/packages/twenty-server/src/engine/api/graphql/workspace-query-runner/utils/workspace-query-runner-graphql-api-exception-handler.util.ts b/packages/twenty-server/src/engine/api/graphql/workspace-query-runner/utils/workspace-query-runner-graphql-api-exception-handler.util.ts index 10bb15945..ff2ceee1a 100644 --- a/packages/twenty-server/src/engine/api/graphql/workspace-query-runner/utils/workspace-query-runner-graphql-api-exception-handler.util.ts +++ b/packages/twenty-server/src/engine/api/graphql/workspace-query-runner/utils/workspace-query-runner-graphql-api-exception-handler.util.ts @@ -9,12 +9,14 @@ import { handleDuplicateKeyError } from 'src/engine/api/graphql/workspace-query- import { PostgresException } from 'src/engine/api/graphql/workspace-query-runner/utils/postgres-exception'; import { workspaceExceptionHandler } from 'src/engine/api/graphql/workspace-query-runner/utils/workspace-exception-handler.util'; import { WorkspaceQueryRunnerException } from 'src/engine/api/graphql/workspace-query-runner/workspace-query-runner.exception'; +import { AuthException } from 'src/engine/core-modules/auth/auth.exception'; import { RecordTransformerException } from 'src/engine/core-modules/record-transformer/record-transformer.exception'; import { recordTransformerGraphqlApiExceptionHandler } from 'src/engine/core-modules/record-transformer/utils/record-transformer-graphql-api-exception-handler.util'; import { PermissionsException } from 'src/engine/metadata-modules/permissions/permissions.exception'; import { permissionGraphqlApiExceptionHandler } from 'src/engine/metadata-modules/permissions/utils/permission-graphql-api-exception-handler.util'; import { TwentyORMException } from 'src/engine/twenty-orm/exceptions/twenty-orm.exception'; import { twentyORMGraphqlApiExceptionHandler } from 'src/engine/twenty-orm/utils/twenty-orm-graphql-api-exception-handler.util'; +import { authGraphqlApiExceptionHandler } from 'src/engine/core-modules/auth/utils/auth-graphql-api-exception-handler.util'; interface QueryFailedErrorWithCode extends QueryFailedError { code: string; @@ -48,6 +50,8 @@ export const workspaceQueryRunnerGraphqlApiExceptionHandler = ( return graphqlQueryRunnerExceptionHandler(error); case error instanceof TwentyORMException: return twentyORMGraphqlApiExceptionHandler(error); + case error instanceof AuthException: + return authGraphqlApiExceptionHandler(error); default: throw error; } diff --git a/packages/twenty-server/src/engine/core-modules/auth/filters/auth-graphql-api-exception.filter.ts b/packages/twenty-server/src/engine/core-modules/auth/filters/auth-graphql-api-exception.filter.ts index 5e0b407ce..a86810fe5 100644 --- a/packages/twenty-server/src/engine/core-modules/auth/filters/auth-graphql-api-exception.filter.ts +++ b/packages/twenty-server/src/engine/core-modules/auth/filters/auth-graphql-api-exception.filter.ts @@ -1,63 +1,11 @@ import { Catch, ExceptionFilter } from '@nestjs/common'; -import { t } from '@lingui/core/macro'; - -import { - AuthException, - AuthExceptionCode, -} from 'src/engine/core-modules/auth/auth.exception'; -import { - AuthenticationError, - ForbiddenError, - NotFoundError, - UserInputError, -} from 'src/engine/core-modules/graphql/utils/graphql-errors.util'; +import { AuthException } from 'src/engine/core-modules/auth/auth.exception'; +import { authGraphqlApiExceptionHandler } from 'src/engine/core-modules/auth/utils/auth-graphql-api-exception-handler.util'; @Catch(AuthException) export class AuthGraphqlApiExceptionFilter implements ExceptionFilter { catch(exception: AuthException) { - switch (exception.code) { - case AuthExceptionCode.CLIENT_NOT_FOUND: - throw new NotFoundError(exception); - case AuthExceptionCode.INVALID_INPUT: - throw new UserInputError(exception); - case AuthExceptionCode.FORBIDDEN_EXCEPTION: - case AuthExceptionCode.INSUFFICIENT_SCOPES: - case AuthExceptionCode.OAUTH_ACCESS_DENIED: - case AuthExceptionCode.SSO_AUTH_FAILED: - case AuthExceptionCode.USE_SSO_AUTH: - case AuthExceptionCode.SIGNUP_DISABLED: - case AuthExceptionCode.MISSING_ENVIRONMENT_VARIABLE: - case AuthExceptionCode.INVALID_JWT_TOKEN_TYPE: - throw new ForbiddenError(exception); - case AuthExceptionCode.GOOGLE_API_AUTH_DISABLED: - case AuthExceptionCode.MICROSOFT_API_AUTH_DISABLED: - throw new ForbiddenError(exception.message, { - userFriendlyMessage: t`Authentication is not enabled with this provider.`, - subCode: exception.code, - }); - case AuthExceptionCode.EMAIL_NOT_VERIFIED: - case AuthExceptionCode.INVALID_DATA: - throw new ForbiddenError(exception.message, { - subCode: AuthExceptionCode.EMAIL_NOT_VERIFIED, - userFriendlyMessage: t`Email is not verified.`, - }); - case AuthExceptionCode.UNAUTHENTICATED: - throw new AuthenticationError(exception.message, { - userFriendlyMessage: t`You must be authenticated to perform this action.`, - subCode: exception.code, - }); - case AuthExceptionCode.USER_NOT_FOUND: - case AuthExceptionCode.WORKSPACE_NOT_FOUND: - throw new AuthenticationError(exception); - case AuthExceptionCode.INTERNAL_SERVER_ERROR: - case AuthExceptionCode.USER_WORKSPACE_NOT_FOUND: - throw exception; - default: { - const _exhaustiveCheck: never = exception.code; - - throw exception; - } - } + return authGraphqlApiExceptionHandler(exception); } } diff --git a/packages/twenty-server/src/engine/core-modules/auth/strategies/jwt.auth.strategy.ts b/packages/twenty-server/src/engine/core-modules/auth/strategies/jwt.auth.strategy.ts index 98c5e53f7..2cb34d85a 100644 --- a/packages/twenty-server/src/engine/core-modules/auth/strategies/jwt.auth.strategy.ts +++ b/packages/twenty-server/src/engine/core-modules/auth/strategies/jwt.auth.strategy.ts @@ -2,6 +2,7 @@ import { Injectable } from '@nestjs/common'; import { PassportStrategy } from '@nestjs/passport'; import { InjectRepository } from '@nestjs/typeorm'; +import { t } from '@lingui/core/macro'; import { Strategy } from 'passport-jwt'; import { Repository } from 'typeorm'; @@ -149,6 +150,9 @@ export class JwtAuthStrategy extends PassportStrategy(Strategy, 'jwt') { new AuthException( 'UserWorkspace not found', AuthExceptionCode.USER_WORKSPACE_NOT_FOUND, + { + userFriendlyMessage: t`User does not have access to this workspace`, + }, ), ); diff --git a/packages/twenty-server/src/engine/core-modules/auth/utils/auth-graphql-api-exception-handler.util.ts b/packages/twenty-server/src/engine/core-modules/auth/utils/auth-graphql-api-exception-handler.util.ts new file mode 100644 index 000000000..43870b31e --- /dev/null +++ b/packages/twenty-server/src/engine/core-modules/auth/utils/auth-graphql-api-exception-handler.util.ts @@ -0,0 +1,58 @@ +import { t } from '@lingui/core/macro'; + +import { + AuthException, + AuthExceptionCode, +} from 'src/engine/core-modules/auth/auth.exception'; +import { + AuthenticationError, + ForbiddenError, + NotFoundError, + UserInputError, +} from 'src/engine/core-modules/graphql/utils/graphql-errors.util'; + +export const authGraphqlApiExceptionHandler = (exception: AuthException) => { + switch (exception.code) { + case AuthExceptionCode.CLIENT_NOT_FOUND: + throw new NotFoundError(exception); + case AuthExceptionCode.INVALID_INPUT: + throw new UserInputError(exception); + case AuthExceptionCode.FORBIDDEN_EXCEPTION: + case AuthExceptionCode.INSUFFICIENT_SCOPES: + case AuthExceptionCode.OAUTH_ACCESS_DENIED: + case AuthExceptionCode.SSO_AUTH_FAILED: + case AuthExceptionCode.USE_SSO_AUTH: + case AuthExceptionCode.SIGNUP_DISABLED: + case AuthExceptionCode.MISSING_ENVIRONMENT_VARIABLE: + case AuthExceptionCode.INVALID_JWT_TOKEN_TYPE: + throw new ForbiddenError(exception); + case AuthExceptionCode.GOOGLE_API_AUTH_DISABLED: + case AuthExceptionCode.MICROSOFT_API_AUTH_DISABLED: + throw new ForbiddenError(exception.message, { + userFriendlyMessage: t`Authentication is not enabled with this provider.`, + subCode: exception.code, + }); + case AuthExceptionCode.EMAIL_NOT_VERIFIED: + case AuthExceptionCode.INVALID_DATA: + throw new ForbiddenError(exception.message, { + subCode: AuthExceptionCode.EMAIL_NOT_VERIFIED, + userFriendlyMessage: t`Email is not verified.`, + }); + case AuthExceptionCode.UNAUTHENTICATED: + throw new AuthenticationError(exception.message, { + userFriendlyMessage: t`You must be authenticated to perform this action.`, + subCode: exception.code, + }); + case AuthExceptionCode.USER_NOT_FOUND: + case AuthExceptionCode.WORKSPACE_NOT_FOUND: + case AuthExceptionCode.USER_WORKSPACE_NOT_FOUND: + throw new AuthenticationError(exception); + case AuthExceptionCode.INTERNAL_SERVER_ERROR: + throw exception; + default: { + const _exhaustiveCheck: never = exception.code; + + throw exception; + } + } +}; diff --git a/packages/twenty-server/src/modules/workspace-member/query-hooks/workspace-member-create-many.pre-query.hook.ts b/packages/twenty-server/src/modules/workspace-member/query-hooks/workspace-member-create-many.pre-query.hook.ts index 2d126e3dc..b73893b20 100644 --- a/packages/twenty-server/src/modules/workspace-member/query-hooks/workspace-member-create-many.pre-query.hook.ts +++ b/packages/twenty-server/src/modules/workspace-member/query-hooks/workspace-member-create-many.pre-query.hook.ts @@ -3,35 +3,27 @@ import { CreateManyResolverArgs } from 'src/engine/api/graphql/workspace-resolve import { WorkspaceQueryHook } from 'src/engine/api/graphql/workspace-query-runner/workspace-query-hook/decorators/workspace-query-hook.decorator'; import { AuthContext } from 'src/engine/core-modules/auth/types/auth-context.type'; -import { WorkspaceMemberPreQueryHookService } from 'src/modules/workspace-member/query-hooks/workspace-member-pre-query-hook.service'; import { workspaceValidator } from 'src/engine/core-modules/workspace/workspace.validate'; +import { + PermissionsException, + PermissionsExceptionCode, + PermissionsExceptionMessage, +} from 'src/engine/metadata-modules/permissions/permissions.exception'; @WorkspaceQueryHook(`workspaceMember.createMany`) export class WorkspaceMemberCreateManyPreQueryHook implements WorkspacePreQueryHookInstance { - constructor( - private readonly workspaceMemberPreQueryHookService: WorkspaceMemberPreQueryHookService, - ) {} + constructor() {} - async execute( - authContext: AuthContext, - objectName: string, - payload: CreateManyResolverArgs, - ): Promise { + async execute(authContext: AuthContext): Promise { const workspace = authContext.workspace; workspaceValidator.assertIsDefinedOrThrow(workspace); - await this.workspaceMemberPreQueryHookService.validateWorkspaceMemberUpdatePermissionOrThrow( - { - userWorkspaceId: authContext.userWorkspaceId, - workspaceId: workspace.id, - apiKey: authContext.apiKey, - workspaceMemberId: authContext.workspaceMemberId, - }, + throw new PermissionsException( + PermissionsExceptionMessage.PERMISSION_DENIED, + PermissionsExceptionCode.PERMISSION_DENIED, ); - - return payload; } } diff --git a/packages/twenty-server/src/modules/workspace-member/query-hooks/workspace-member-create-one.pre-query.hook.ts b/packages/twenty-server/src/modules/workspace-member/query-hooks/workspace-member-create-one.pre-query.hook.ts index 322c3d088..64d8a3d79 100644 --- a/packages/twenty-server/src/modules/workspace-member/query-hooks/workspace-member-create-one.pre-query.hook.ts +++ b/packages/twenty-server/src/modules/workspace-member/query-hooks/workspace-member-create-one.pre-query.hook.ts @@ -3,35 +3,27 @@ import { CreateOneResolverArgs } from 'src/engine/api/graphql/workspace-resolver import { WorkspaceQueryHook } from 'src/engine/api/graphql/workspace-query-runner/workspace-query-hook/decorators/workspace-query-hook.decorator'; import { AuthContext } from 'src/engine/core-modules/auth/types/auth-context.type'; -import { WorkspaceMemberPreQueryHookService } from 'src/modules/workspace-member/query-hooks/workspace-member-pre-query-hook.service'; import { workspaceValidator } from 'src/engine/core-modules/workspace/workspace.validate'; +import { + PermissionsException, + PermissionsExceptionCode, + PermissionsExceptionMessage, +} from 'src/engine/metadata-modules/permissions/permissions.exception'; @WorkspaceQueryHook(`workspaceMember.createOne`) export class WorkspaceMemberCreateOnePreQueryHook implements WorkspacePreQueryHookInstance { - constructor( - private readonly workspaceMemberPreQueryHookService: WorkspaceMemberPreQueryHookService, - ) {} + constructor() {} - async execute( - authContext: AuthContext, - objectName: string, - payload: CreateOneResolverArgs, - ): Promise { + async execute(authContext: AuthContext): Promise { const workspace = authContext.workspace; workspaceValidator.assertIsDefinedOrThrow(workspace); - await this.workspaceMemberPreQueryHookService.validateWorkspaceMemberUpdatePermissionOrThrow( - { - userWorkspaceId: authContext.userWorkspaceId, - workspaceId: workspace.id, - apiKey: authContext.apiKey, - workspaceMemberId: authContext.workspaceMemberId, - }, + throw new PermissionsException( + PermissionsExceptionMessage.PERMISSION_DENIED, + PermissionsExceptionCode.PERMISSION_DENIED, ); - - return payload; } } diff --git a/packages/twenty-server/src/modules/workspace-member/query-hooks/workspace-member-delete-many.pre-query.hook.ts b/packages/twenty-server/src/modules/workspace-member/query-hooks/workspace-member-delete-many.pre-query.hook.ts index 23849b2c3..0843dfcd5 100644 --- a/packages/twenty-server/src/modules/workspace-member/query-hooks/workspace-member-delete-many.pre-query.hook.ts +++ b/packages/twenty-server/src/modules/workspace-member/query-hooks/workspace-member-delete-many.pre-query.hook.ts @@ -3,35 +3,27 @@ import { DeleteManyResolverArgs } from 'src/engine/api/graphql/workspace-resolve import { WorkspaceQueryHook } from 'src/engine/api/graphql/workspace-query-runner/workspace-query-hook/decorators/workspace-query-hook.decorator'; import { AuthContext } from 'src/engine/core-modules/auth/types/auth-context.type'; -import { WorkspaceMemberPreQueryHookService } from 'src/modules/workspace-member/query-hooks/workspace-member-pre-query-hook.service'; import { workspaceValidator } from 'src/engine/core-modules/workspace/workspace.validate'; +import { + PermissionsException, + PermissionsExceptionCode, + PermissionsExceptionMessage, +} from 'src/engine/metadata-modules/permissions/permissions.exception'; @WorkspaceQueryHook(`workspaceMember.deleteMany`) export class WorkspaceMemberDeleteManyPreQueryHook implements WorkspacePreQueryHookInstance { - constructor( - private readonly workspaceMemberPreQueryHookService: WorkspaceMemberPreQueryHookService, - ) {} + constructor() {} - async execute( - authContext: AuthContext, - objectName: string, - payload: DeleteManyResolverArgs, - ): Promise { + async execute(authContext: AuthContext): Promise { const workspace = authContext.workspace; workspaceValidator.assertIsDefinedOrThrow(workspace); - await this.workspaceMemberPreQueryHookService.validateWorkspaceMemberUpdatePermissionOrThrow( - { - userWorkspaceId: authContext.userWorkspaceId, - workspaceId: workspace.id, - apiKey: authContext.apiKey, - workspaceMemberId: authContext.workspaceMemberId, - }, + throw new PermissionsException( + PermissionsExceptionMessage.PERMISSION_DENIED, + PermissionsExceptionCode.PERMISSION_DENIED, ); - - return payload; } } diff --git a/packages/twenty-server/src/modules/workspace-member/query-hooks/workspace-member-delete-one.pre-query.hook.ts b/packages/twenty-server/src/modules/workspace-member/query-hooks/workspace-member-delete-one.pre-query.hook.ts index db2350084..4dd501336 100644 --- a/packages/twenty-server/src/modules/workspace-member/query-hooks/workspace-member-delete-one.pre-query.hook.ts +++ b/packages/twenty-server/src/modules/workspace-member/query-hooks/workspace-member-delete-one.pre-query.hook.ts @@ -1,12 +1,23 @@ +import { InjectRepository } from '@nestjs/typeorm'; + +import { isDefined } from 'twenty-shared/utils'; +import { Repository } from 'typeorm'; + import { WorkspacePreQueryHookInstance } from 'src/engine/api/graphql/workspace-query-runner/workspace-query-hook/interfaces/workspace-query-hook.interface'; import { DeleteOneResolverArgs } from 'src/engine/api/graphql/workspace-resolver-builder/interfaces/workspace-resolvers-builder.interface'; import { WorkspaceQueryHook } from 'src/engine/api/graphql/workspace-query-runner/workspace-query-hook/decorators/workspace-query-hook.decorator'; import { AuthContext } from 'src/engine/core-modules/auth/types/auth-context.type'; +import { UserWorkspace } from 'src/engine/core-modules/user-workspace/user-workspace.entity'; +import { workspaceValidator } from 'src/engine/core-modules/workspace/workspace.validate'; +import { + PermissionsException, + PermissionsExceptionCode, +} from 'src/engine/metadata-modules/permissions/permissions.exception'; import { TwentyORMManager } from 'src/engine/twenty-orm/twenty-orm.manager'; import { AttachmentWorkspaceEntity } from 'src/modules/attachment/standard-objects/attachment.workspace-entity'; import { WorkspaceMemberPreQueryHookService } from 'src/modules/workspace-member/query-hooks/workspace-member-pre-query-hook.service'; -import { workspaceValidator } from 'src/engine/core-modules/workspace/workspace.validate'; +import { WorkspaceMemberWorkspaceEntity } from 'src/modules/workspace-member/standard-objects/workspace-member.workspace-entity'; @WorkspaceQueryHook(`workspaceMember.deleteOne`) export class WorkspaceMemberDeleteOnePreQueryHook @@ -14,6 +25,8 @@ export class WorkspaceMemberDeleteOnePreQueryHook { constructor( private readonly twentyORMManager: TwentyORMManager, + @InjectRepository(UserWorkspace, 'core') + private readonly userWorkspaceRepository: Repository, private readonly workspaceMemberPreQueryHookService: WorkspaceMemberPreQueryHookService, ) {} @@ -49,6 +62,41 @@ export class WorkspaceMemberDeleteOnePreQueryHook authorId, }); + const workspaceMemberRepository = + await this.twentyORMManager.getRepository( + 'workspaceMember', + ); + + const workspaceMember = await workspaceMemberRepository.findOne({ + where: { + id: targettedWorkspaceMemberId, + }, + }); + + if (!isDefined(workspaceMember)) { + // TODO: once this is migrated to userWorkspace service we should throw UserWorkspaceException + throw new PermissionsException( + 'Workspace member not found', + PermissionsExceptionCode.WORKSPACE_MEMBER_NOT_FOUND, + ); + } + + const userWorkspace = await this.userWorkspaceRepository.findOne({ + where: { + workspaceId: workspace.id, + userId: workspaceMember.userId, + }, + }); + + if (!isDefined(userWorkspace)) { + throw new PermissionsException( + 'User workspace not found', + PermissionsExceptionCode.USER_WORKSPACE_NOT_FOUND, + ); + } + + await this.userWorkspaceRepository.delete(userWorkspace.id); + return payload; } } diff --git a/packages/twenty-server/src/modules/workspace-member/query-hooks/workspace-member-destroy-many.pre-query.hook.ts b/packages/twenty-server/src/modules/workspace-member/query-hooks/workspace-member-destroy-many.pre-query.hook.ts index f7d40db42..01c12add2 100644 --- a/packages/twenty-server/src/modules/workspace-member/query-hooks/workspace-member-destroy-many.pre-query.hook.ts +++ b/packages/twenty-server/src/modules/workspace-member/query-hooks/workspace-member-destroy-many.pre-query.hook.ts @@ -3,35 +3,27 @@ import { DeleteManyResolverArgs } from 'src/engine/api/graphql/workspace-resolve import { WorkspaceQueryHook } from 'src/engine/api/graphql/workspace-query-runner/workspace-query-hook/decorators/workspace-query-hook.decorator'; import { AuthContext } from 'src/engine/core-modules/auth/types/auth-context.type'; -import { WorkspaceMemberPreQueryHookService } from 'src/modules/workspace-member/query-hooks/workspace-member-pre-query-hook.service'; import { workspaceValidator } from 'src/engine/core-modules/workspace/workspace.validate'; +import { + PermissionsException, + PermissionsExceptionCode, + PermissionsExceptionMessage, +} from 'src/engine/metadata-modules/permissions/permissions.exception'; @WorkspaceQueryHook(`workspaceMember.destroyMany`) export class WorkspaceMemberDestroyManyPreQueryHook implements WorkspacePreQueryHookInstance { - constructor( - private readonly workspaceMemberPreQueryHookService: WorkspaceMemberPreQueryHookService, - ) {} + constructor() {} - async execute( - authContext: AuthContext, - objectName: string, - payload: DeleteManyResolverArgs, - ): Promise { + async execute(authContext: AuthContext): Promise { const workspace = authContext.workspace; workspaceValidator.assertIsDefinedOrThrow(workspace); - await this.workspaceMemberPreQueryHookService.validateWorkspaceMemberUpdatePermissionOrThrow( - { - userWorkspaceId: authContext.userWorkspaceId, - workspaceId: workspace.id, - apiKey: authContext.apiKey, - workspaceMemberId: authContext.workspaceMemberId, - }, + throw new PermissionsException( + PermissionsExceptionMessage.PERMISSION_DENIED, + PermissionsExceptionCode.PERMISSION_DENIED, ); - - return payload; } } diff --git a/packages/twenty-server/src/modules/workspace-member/query-hooks/workspace-member-destroy-one.pre-query.hook.ts b/packages/twenty-server/src/modules/workspace-member/query-hooks/workspace-member-destroy-one.pre-query.hook.ts index ebe04740a..2be270b2d 100644 --- a/packages/twenty-server/src/modules/workspace-member/query-hooks/workspace-member-destroy-one.pre-query.hook.ts +++ b/packages/twenty-server/src/modules/workspace-member/query-hooks/workspace-member-destroy-one.pre-query.hook.ts @@ -3,36 +3,27 @@ import { DeleteOneResolverArgs } from 'src/engine/api/graphql/workspace-resolver import { WorkspaceQueryHook } from 'src/engine/api/graphql/workspace-query-runner/workspace-query-hook/decorators/workspace-query-hook.decorator'; import { AuthContext } from 'src/engine/core-modules/auth/types/auth-context.type'; -import { WorkspaceMemberPreQueryHookService } from 'src/modules/workspace-member/query-hooks/workspace-member-pre-query-hook.service'; import { workspaceValidator } from 'src/engine/core-modules/workspace/workspace.validate'; +import { + PermissionsException, + PermissionsExceptionCode, + PermissionsExceptionMessage, +} from 'src/engine/metadata-modules/permissions/permissions.exception'; @WorkspaceQueryHook(`workspaceMember.destroyOne`) export class WorkspaceMemberDestroyOnePreQueryHook implements WorkspacePreQueryHookInstance { - constructor( - private readonly workspaceMemberPreQueryHookService: WorkspaceMemberPreQueryHookService, - ) {} + constructor() {} - async execute( - authContext: AuthContext, - objectName: string, - payload: DeleteOneResolverArgs, - ): Promise { + async execute(authContext: AuthContext): Promise { const workspace = authContext.workspace; workspaceValidator.assertIsDefinedOrThrow(workspace); - await this.workspaceMemberPreQueryHookService.validateWorkspaceMemberUpdatePermissionOrThrow( - { - userWorkspaceId: authContext.userWorkspaceId, - targettedWorkspaceMemberId: payload.id, - workspaceId: workspace.id, - apiKey: authContext.apiKey, - workspaceMemberId: authContext.workspaceMemberId, - }, + throw new PermissionsException( + PermissionsExceptionMessage.PERMISSION_DENIED, + PermissionsExceptionCode.PERMISSION_DENIED, ); - - return payload; } } diff --git a/packages/twenty-server/src/modules/workspace-member/query-hooks/workspace-member-restore-many.pre-query.hook.ts b/packages/twenty-server/src/modules/workspace-member/query-hooks/workspace-member-restore-many.pre-query.hook.ts index 37065c302..e2e3a502e 100644 --- a/packages/twenty-server/src/modules/workspace-member/query-hooks/workspace-member-restore-many.pre-query.hook.ts +++ b/packages/twenty-server/src/modules/workspace-member/query-hooks/workspace-member-restore-many.pre-query.hook.ts @@ -3,35 +3,27 @@ import { RestoreManyResolverArgs } from 'src/engine/api/graphql/workspace-resolv import { WorkspaceQueryHook } from 'src/engine/api/graphql/workspace-query-runner/workspace-query-hook/decorators/workspace-query-hook.decorator'; import { AuthContext } from 'src/engine/core-modules/auth/types/auth-context.type'; -import { WorkspaceMemberPreQueryHookService } from 'src/modules/workspace-member/query-hooks/workspace-member-pre-query-hook.service'; import { workspaceValidator } from 'src/engine/core-modules/workspace/workspace.validate'; +import { + PermissionsException, + PermissionsExceptionCode, + PermissionsExceptionMessage, +} from 'src/engine/metadata-modules/permissions/permissions.exception'; @WorkspaceQueryHook(`workspaceMember.restoreMany`) export class WorkspaceMemberRestoreManyPreQueryHook implements WorkspacePreQueryHookInstance { - constructor( - private readonly workspaceMemberPreQueryHookService: WorkspaceMemberPreQueryHookService, - ) {} + constructor() {} - async execute( - authContext: AuthContext, - objectName: string, - payload: RestoreManyResolverArgs, - ): Promise { + async execute(authContext: AuthContext): Promise { const workspace = authContext.workspace; workspaceValidator.assertIsDefinedOrThrow(workspace); - await this.workspaceMemberPreQueryHookService.validateWorkspaceMemberUpdatePermissionOrThrow( - { - userWorkspaceId: authContext.userWorkspaceId, - workspaceId: workspace.id, - apiKey: authContext.apiKey, - workspaceMemberId: authContext.workspaceMemberId, - }, + throw new PermissionsException( + PermissionsExceptionMessage.PERMISSION_DENIED, + PermissionsExceptionCode.PERMISSION_DENIED, ); - - return payload; } } diff --git a/packages/twenty-server/src/modules/workspace-member/query-hooks/workspace-member-restore-one.pre-query.hook.ts b/packages/twenty-server/src/modules/workspace-member/query-hooks/workspace-member-restore-one.pre-query.hook.ts index 8ed3d49dc..7f43f7330 100644 --- a/packages/twenty-server/src/modules/workspace-member/query-hooks/workspace-member-restore-one.pre-query.hook.ts +++ b/packages/twenty-server/src/modules/workspace-member/query-hooks/workspace-member-restore-one.pre-query.hook.ts @@ -3,36 +3,27 @@ import { RestoreOneResolverArgs } from 'src/engine/api/graphql/workspace-resolve import { WorkspaceQueryHook } from 'src/engine/api/graphql/workspace-query-runner/workspace-query-hook/decorators/workspace-query-hook.decorator'; import { AuthContext } from 'src/engine/core-modules/auth/types/auth-context.type'; -import { WorkspaceMemberPreQueryHookService } from 'src/modules/workspace-member/query-hooks/workspace-member-pre-query-hook.service'; import { workspaceValidator } from 'src/engine/core-modules/workspace/workspace.validate'; +import { + PermissionsException, + PermissionsExceptionCode, + PermissionsExceptionMessage, +} from 'src/engine/metadata-modules/permissions/permissions.exception'; @WorkspaceQueryHook(`workspaceMember.restoreOne`) export class WorkspaceMemberRestoreOnePreQueryHook implements WorkspacePreQueryHookInstance { - constructor( - private readonly workspaceMemberPreQueryHookService: WorkspaceMemberPreQueryHookService, - ) {} + constructor() {} - async execute( - authContext: AuthContext, - objectName: string, - payload: RestoreOneResolverArgs, - ): Promise { + async execute(authContext: AuthContext): Promise { const workspace = authContext.workspace; workspaceValidator.assertIsDefinedOrThrow(workspace); - await this.workspaceMemberPreQueryHookService.validateWorkspaceMemberUpdatePermissionOrThrow( - { - userWorkspaceId: authContext.userWorkspaceId, - targettedWorkspaceMemberId: payload.id, - workspaceId: workspace.id, - apiKey: authContext.apiKey, - workspaceMemberId: authContext.workspaceMemberId, - }, + throw new PermissionsException( + PermissionsExceptionMessage.PERMISSION_DENIED, + PermissionsExceptionCode.PERMISSION_DENIED, ); - - return payload; } } diff --git a/packages/twenty-server/src/modules/workspace-member/query-hooks/workspace-member-update-many.pre-query.hook.ts b/packages/twenty-server/src/modules/workspace-member/query-hooks/workspace-member-update-many.pre-query.hook.ts index c09224505..c383be8ff 100644 --- a/packages/twenty-server/src/modules/workspace-member/query-hooks/workspace-member-update-many.pre-query.hook.ts +++ b/packages/twenty-server/src/modules/workspace-member/query-hooks/workspace-member-update-many.pre-query.hook.ts @@ -3,35 +3,27 @@ import { UpdateManyResolverArgs } from 'src/engine/api/graphql/workspace-resolve import { WorkspaceQueryHook } from 'src/engine/api/graphql/workspace-query-runner/workspace-query-hook/decorators/workspace-query-hook.decorator'; import { AuthContext } from 'src/engine/core-modules/auth/types/auth-context.type'; -import { WorkspaceMemberPreQueryHookService } from 'src/modules/workspace-member/query-hooks/workspace-member-pre-query-hook.service'; import { workspaceValidator } from 'src/engine/core-modules/workspace/workspace.validate'; +import { + PermissionsException, + PermissionsExceptionCode, + PermissionsExceptionMessage, +} from 'src/engine/metadata-modules/permissions/permissions.exception'; @WorkspaceQueryHook(`workspaceMember.updateMany`) export class WorkspaceMemberUpdateManyPreQueryHook implements WorkspacePreQueryHookInstance { - constructor( - private readonly workspaceMemberPreQueryHookService: WorkspaceMemberPreQueryHookService, - ) {} + constructor() {} - async execute( - authContext: AuthContext, - objectName: string, - payload: UpdateManyResolverArgs, - ): Promise { + async execute(authContext: AuthContext): Promise { const workspace = authContext.workspace; workspaceValidator.assertIsDefinedOrThrow(workspace); - await this.workspaceMemberPreQueryHookService.validateWorkspaceMemberUpdatePermissionOrThrow( - { - userWorkspaceId: authContext.userWorkspaceId, - workspaceId: workspace.id, - apiKey: authContext.apiKey, - workspaceMemberId: authContext.workspaceMemberId, - }, + throw new PermissionsException( + PermissionsExceptionMessage.PERMISSION_DENIED, + PermissionsExceptionCode.PERMISSION_DENIED, ); - - return payload; } } diff --git a/packages/twenty-server/test/integration/billing/suites/billing-controller.integration-spec.ts b/packages/twenty-server/test/integration/billing/suites/billing-controller.integration-spec.ts index 8b67e0c39..5eeb503ea 100644 --- a/packages/twenty-server/test/integration/billing/suites/billing-controller.integration-spec.ts +++ b/packages/twenty-server/test/integration/billing/suites/billing-controller.integration-spec.ts @@ -19,7 +19,7 @@ describe('BillingController (integration)', () => { await client .post('/webhooks/stripe') - .set('Authorization', `Bearer ${ADMIN_ACCESS_TOKEN}`) + .set('Authorization', `Bearer ${APPLE_JANE_ADMIN_ACCESS_TOKEN}`) .set('stripe-signature', 'correct-signature') .set('Content-Type', 'application/json') .send(JSON.stringify(productUpdatedPayload)) @@ -30,7 +30,7 @@ describe('BillingController (integration)', () => { await client .post('/webhooks/stripe') - .set('Authorization', `Bearer ${ADMIN_ACCESS_TOKEN}`) + .set('Authorization', `Bearer ${APPLE_JANE_ADMIN_ACCESS_TOKEN}`) .set('stripe-signature', 'correct-signature') .set('Content-Type', 'application/json') .send(JSON.stringify(priceCreatedPayload)) @@ -52,7 +52,7 @@ describe('BillingController (integration)', () => { await client .post('/webhooks/stripe') - .set('Authorization', `Bearer ${ADMIN_ACCESS_TOKEN}`) + .set('Authorization', `Bearer ${APPLE_JANE_ADMIN_ACCESS_TOKEN}`) .set('stripe-signature', 'correct-signature') .set('Content-Type', 'application/json') .send(JSON.stringify(subscriptionCreatedPayload)) @@ -64,7 +64,7 @@ describe('BillingController (integration)', () => { await client .post('/webhooks/stripe') - .set('Authorization', `Bearer ${ADMIN_ACCESS_TOKEN}`) + .set('Authorization', `Bearer ${APPLE_JANE_ADMIN_ACCESS_TOKEN}`) .set('stripe-signature', 'correct-signature') .set('Content-Type', 'application/json') .send(JSON.stringify(entitlementUpdatedPayload)) @@ -84,7 +84,7 @@ describe('BillingController (integration)', () => { await client .post('/webhooks/stripe') - .set('Authorization', `Bearer ${ADMIN_ACCESS_TOKEN}`) + .set('Authorization', `Bearer ${APPLE_JANE_ADMIN_ACCESS_TOKEN}`) .set('stripe-signature', 'correct-signature') .set('Content-Type', 'application/json') .send(JSON.stringify(entitlementUpdatedPayload)) @@ -103,7 +103,7 @@ describe('BillingController (integration)', () => { await client .post('/webhooks/stripe') - .set('Authorization', `Bearer ${ADMIN_ACCESS_TOKEN}`) + .set('Authorization', `Bearer ${APPLE_JANE_ADMIN_ACCESS_TOKEN}`) .set('stripe-signature', 'invalid-signature') .set('Content-Type', 'application/json') .send(JSON.stringify(entitlementUpdatedPayload)) diff --git a/packages/twenty-server/test/integration/graphql/codegen/index.ts b/packages/twenty-server/test/integration/graphql/codegen/index.ts index a184be542..f1e1307fd 100644 --- a/packages/twenty-server/test/integration/graphql/codegen/index.ts +++ b/packages/twenty-server/test/integration/graphql/codegen/index.ts @@ -91,7 +91,7 @@ describe('${queryName}Resolver (e2e)', () => { return client .post('/graphql') - .set('Authorization', \`Bearer \${ADMIN_ACCESS_TOKEN}\`) + .set('Authorization', \`Bearer \${APPLE_JANE_ADMIN_ACCESS_TOKEN}\`) .send(queryData) .expect(200) .expect((res) => { diff --git a/packages/twenty-server/test/integration/graphql/suites/object-generated/attachments.integration-spec.ts b/packages/twenty-server/test/integration/graphql/suites/object-generated/attachments.integration-spec.ts index 6ca3b5ce4..5c173a138 100644 --- a/packages/twenty-server/test/integration/graphql/suites/object-generated/attachments.integration-spec.ts +++ b/packages/twenty-server/test/integration/graphql/suites/object-generated/attachments.integration-spec.ts @@ -34,7 +34,7 @@ describe('attachmentsResolver (e2e)', () => { return client .post('/graphql') - .set('Authorization', `Bearer ${ADMIN_ACCESS_TOKEN}`) + .set('Authorization', `Bearer ${APPLE_JANE_ADMIN_ACCESS_TOKEN}`) .send(queryData) .expect(200) .expect((res) => { diff --git a/packages/twenty-server/test/integration/graphql/suites/object-generated/blocklists.integration-spec.ts b/packages/twenty-server/test/integration/graphql/suites/object-generated/blocklists.integration-spec.ts index 2a0ac5eb2..50bd5bd7a 100644 --- a/packages/twenty-server/test/integration/graphql/suites/object-generated/blocklists.integration-spec.ts +++ b/packages/twenty-server/test/integration/graphql/suites/object-generated/blocklists.integration-spec.ts @@ -25,7 +25,7 @@ describe('blocklistsResolver (e2e)', () => { return client .post('/graphql') - .set('Authorization', `Bearer ${ADMIN_ACCESS_TOKEN}`) + .set('Authorization', `Bearer ${APPLE_JANE_ADMIN_ACCESS_TOKEN}`) .send(queryData) .expect(200) .expect((res) => { diff --git a/packages/twenty-server/test/integration/graphql/suites/object-generated/calendar-channel-event-associations.integration-spec.ts b/packages/twenty-server/test/integration/graphql/suites/object-generated/calendar-channel-event-associations.integration-spec.ts index 8257d5941..8f298129c 100644 --- a/packages/twenty-server/test/integration/graphql/suites/object-generated/calendar-channel-event-associations.integration-spec.ts +++ b/packages/twenty-server/test/integration/graphql/suites/object-generated/calendar-channel-event-associations.integration-spec.ts @@ -27,7 +27,7 @@ describe('calendarChannelEventAssociationsResolver (e2e)', () => { return client .post('/graphql') - .set('Authorization', `Bearer ${ADMIN_ACCESS_TOKEN}`) + .set('Authorization', `Bearer ${APPLE_JANE_ADMIN_ACCESS_TOKEN}`) .send(queryData) .expect(200) .expect((res) => { diff --git a/packages/twenty-server/test/integration/graphql/suites/object-generated/calendar-channels.integration-spec.ts b/packages/twenty-server/test/integration/graphql/suites/object-generated/calendar-channels.integration-spec.ts index 28f7d0d82..7edf87b53 100644 --- a/packages/twenty-server/test/integration/graphql/suites/object-generated/calendar-channels.integration-spec.ts +++ b/packages/twenty-server/test/integration/graphql/suites/object-generated/calendar-channels.integration-spec.ts @@ -35,7 +35,7 @@ describe('calendarChannelsResolver (e2e)', () => { return client .post('/graphql') - .set('Authorization', `Bearer ${ADMIN_ACCESS_TOKEN}`) + .set('Authorization', `Bearer ${APPLE_JANE_ADMIN_ACCESS_TOKEN}`) .send(queryData) .expect(200) .expect((res) => { diff --git a/packages/twenty-server/test/integration/graphql/suites/object-generated/calendar-event-participants.integration-spec.ts b/packages/twenty-server/test/integration/graphql/suites/object-generated/calendar-event-participants.integration-spec.ts index f704fb11b..5b9fdd483 100644 --- a/packages/twenty-server/test/integration/graphql/suites/object-generated/calendar-event-participants.integration-spec.ts +++ b/packages/twenty-server/test/integration/graphql/suites/object-generated/calendar-event-participants.integration-spec.ts @@ -30,7 +30,7 @@ describe('calendarEventParticipantsResolver (e2e)', () => { return client .post('/graphql') - .set('Authorization', `Bearer ${ADMIN_ACCESS_TOKEN}`) + .set('Authorization', `Bearer ${APPLE_JANE_ADMIN_ACCESS_TOKEN}`) .send(queryData) .expect(200) .expect((res) => { diff --git a/packages/twenty-server/test/integration/graphql/suites/object-generated/companies.integration-spec.ts b/packages/twenty-server/test/integration/graphql/suites/object-generated/companies.integration-spec.ts index c1c99157a..73eb456b8 100644 --- a/packages/twenty-server/test/integration/graphql/suites/object-generated/companies.integration-spec.ts +++ b/packages/twenty-server/test/integration/graphql/suites/object-generated/companies.integration-spec.ts @@ -32,7 +32,7 @@ describe('companiesResolver (e2e)', () => { return client .post('/graphql') - .set('Authorization', `Bearer ${ADMIN_ACCESS_TOKEN}`) + .set('Authorization', `Bearer ${APPLE_JANE_ADMIN_ACCESS_TOKEN}`) .send(queryData) .expect(200) .expect((res) => { diff --git a/packages/twenty-server/test/integration/graphql/suites/object-generated/connected-accounts.integration-spec.ts b/packages/twenty-server/test/integration/graphql/suites/object-generated/connected-accounts.integration-spec.ts index cb61563a2..45ee425f4 100644 --- a/packages/twenty-server/test/integration/graphql/suites/object-generated/connected-accounts.integration-spec.ts +++ b/packages/twenty-server/test/integration/graphql/suites/object-generated/connected-accounts.integration-spec.ts @@ -32,7 +32,7 @@ describe('connectedAccountsResolver (e2e)', () => { return client .post('/graphql') - .set('Authorization', `Bearer ${ADMIN_ACCESS_TOKEN}`) + .set('Authorization', `Bearer ${APPLE_JANE_ADMIN_ACCESS_TOKEN}`) .send(queryData) .expect(200) .expect((res) => { diff --git a/packages/twenty-server/test/integration/graphql/suites/object-generated/favorites.integration-spec.ts b/packages/twenty-server/test/integration/graphql/suites/object-generated/favorites.integration-spec.ts index 4c466fc16..52f119604 100644 --- a/packages/twenty-server/test/integration/graphql/suites/object-generated/favorites.integration-spec.ts +++ b/packages/twenty-server/test/integration/graphql/suites/object-generated/favorites.integration-spec.ts @@ -36,7 +36,7 @@ describe('favoritesResolver (e2e)', () => { return client .post('/graphql') - .set('Authorization', `Bearer ${ADMIN_ACCESS_TOKEN}`) + .set('Authorization', `Bearer ${APPLE_JANE_ADMIN_ACCESS_TOKEN}`) .send(queryData) .expect(200) .expect((res) => { diff --git a/packages/twenty-server/test/integration/graphql/suites/object-generated/index-metadatas.integration-spec.ts b/packages/twenty-server/test/integration/graphql/suites/object-generated/index-metadatas.integration-spec.ts index ce72f09d9..521ade015 100644 --- a/packages/twenty-server/test/integration/graphql/suites/object-generated/index-metadatas.integration-spec.ts +++ b/packages/twenty-server/test/integration/graphql/suites/object-generated/index-metadatas.integration-spec.ts @@ -27,7 +27,7 @@ describe('indexMetadatasResolver (e2e)', () => { return client .post('/graphql') - .set('Authorization', `Bearer ${ADMIN_ACCESS_TOKEN}`) + .set('Authorization', `Bearer ${APPLE_JANE_ADMIN_ACCESS_TOKEN}`) .send(queryData) .expect(200) .expect((res) => { diff --git a/packages/twenty-server/test/integration/graphql/suites/object-generated/message-channel-message-associations.integration-spec.ts b/packages/twenty-server/test/integration/graphql/suites/object-generated/message-channel-message-associations.integration-spec.ts index 64645ec2e..c1ad9b908 100644 --- a/packages/twenty-server/test/integration/graphql/suites/object-generated/message-channel-message-associations.integration-spec.ts +++ b/packages/twenty-server/test/integration/graphql/suites/object-generated/message-channel-message-associations.integration-spec.ts @@ -28,7 +28,7 @@ describe('messageChannelMessageAssociationsResolver (e2e)', () => { return client .post('/graphql') - .set('Authorization', `Bearer ${ADMIN_ACCESS_TOKEN}`) + .set('Authorization', `Bearer ${APPLE_JANE_ADMIN_ACCESS_TOKEN}`) .send(queryData) .expect(200) .expect((res) => { diff --git a/packages/twenty-server/test/integration/graphql/suites/object-generated/message-channels.integration-spec.ts b/packages/twenty-server/test/integration/graphql/suites/object-generated/message-channels.integration-spec.ts index c7c055512..f03a27eac 100644 --- a/packages/twenty-server/test/integration/graphql/suites/object-generated/message-channels.integration-spec.ts +++ b/packages/twenty-server/test/integration/graphql/suites/object-generated/message-channels.integration-spec.ts @@ -38,7 +38,7 @@ describe('messageChannelsResolver (e2e)', () => { return client .post('/graphql') - .set('Authorization', `Bearer ${ADMIN_ACCESS_TOKEN}`) + .set('Authorization', `Bearer ${APPLE_JANE_ADMIN_ACCESS_TOKEN}`) .send(queryData) .expect(200) .expect((res) => { diff --git a/packages/twenty-server/test/integration/graphql/suites/object-generated/message-participants.integration-spec.ts b/packages/twenty-server/test/integration/graphql/suites/object-generated/message-participants.integration-spec.ts index ecdedf06e..5016378e4 100644 --- a/packages/twenty-server/test/integration/graphql/suites/object-generated/message-participants.integration-spec.ts +++ b/packages/twenty-server/test/integration/graphql/suites/object-generated/message-participants.integration-spec.ts @@ -29,7 +29,7 @@ describe('messageParticipantsResolver (e2e)', () => { return client .post('/graphql') - .set('Authorization', `Bearer ${ADMIN_ACCESS_TOKEN}`) + .set('Authorization', `Bearer ${APPLE_JANE_ADMIN_ACCESS_TOKEN}`) .send(queryData) .expect(200) .expect((res) => { diff --git a/packages/twenty-server/test/integration/graphql/suites/object-generated/message-threads.integration-spec.ts b/packages/twenty-server/test/integration/graphql/suites/object-generated/message-threads.integration-spec.ts index 667f54007..dd84b4049 100644 --- a/packages/twenty-server/test/integration/graphql/suites/object-generated/message-threads.integration-spec.ts +++ b/packages/twenty-server/test/integration/graphql/suites/object-generated/message-threads.integration-spec.ts @@ -23,7 +23,7 @@ describe('messageThreadsResolver (e2e)', () => { return client .post('/graphql') - .set('Authorization', `Bearer ${ADMIN_ACCESS_TOKEN}`) + .set('Authorization', `Bearer ${APPLE_JANE_ADMIN_ACCESS_TOKEN}`) .send(queryData) .expect(200) .expect((res) => { diff --git a/packages/twenty-server/test/integration/graphql/suites/object-generated/note-targets.integration-spec.ts b/packages/twenty-server/test/integration/graphql/suites/object-generated/note-targets.integration-spec.ts index 0794d9378..7b575b457 100644 --- a/packages/twenty-server/test/integration/graphql/suites/object-generated/note-targets.integration-spec.ts +++ b/packages/twenty-server/test/integration/graphql/suites/object-generated/note-targets.integration-spec.ts @@ -29,7 +29,7 @@ describe('noteTargetsResolver (e2e)', () => { return client .post('/graphql') - .set('Authorization', `Bearer ${ADMIN_ACCESS_TOKEN}`) + .set('Authorization', `Bearer ${APPLE_JANE_ADMIN_ACCESS_TOKEN}`) .send(queryData) .expect(200) .expect((res) => { diff --git a/packages/twenty-server/test/integration/graphql/suites/object-generated/notes.integration-spec.ts b/packages/twenty-server/test/integration/graphql/suites/object-generated/notes.integration-spec.ts index 8fb10a828..ab2028ba4 100644 --- a/packages/twenty-server/test/integration/graphql/suites/object-generated/notes.integration-spec.ts +++ b/packages/twenty-server/test/integration/graphql/suites/object-generated/notes.integration-spec.ts @@ -26,7 +26,7 @@ describe('notesResolver (e2e)', () => { return client .post('/graphql') - .set('Authorization', `Bearer ${ADMIN_ACCESS_TOKEN}`) + .set('Authorization', `Bearer ${APPLE_JANE_ADMIN_ACCESS_TOKEN}`) .send(queryData) .expect(200) .expect((res) => { diff --git a/packages/twenty-server/test/integration/graphql/suites/object-generated/objects.integration-spec.ts b/packages/twenty-server/test/integration/graphql/suites/object-generated/objects.integration-spec.ts index 4c50ead6e..b7a8e82b2 100644 --- a/packages/twenty-server/test/integration/graphql/suites/object-generated/objects.integration-spec.ts +++ b/packages/twenty-server/test/integration/graphql/suites/object-generated/objects.integration-spec.ts @@ -35,7 +35,7 @@ describe('objectsResolver (e2e)', () => { return client .post('/graphql') - .set('Authorization', `Bearer ${ADMIN_ACCESS_TOKEN}`) + .set('Authorization', `Bearer ${APPLE_JANE_ADMIN_ACCESS_TOKEN}`) .send(queryData) .expect(200) .expect((res) => { diff --git a/packages/twenty-server/test/integration/graphql/suites/object-generated/opportunities.integration-spec.ts b/packages/twenty-server/test/integration/graphql/suites/object-generated/opportunities.integration-spec.ts index 478bc630a..2f1288f8e 100644 --- a/packages/twenty-server/test/integration/graphql/suites/object-generated/opportunities.integration-spec.ts +++ b/packages/twenty-server/test/integration/graphql/suites/object-generated/opportunities.integration-spec.ts @@ -30,7 +30,7 @@ describe('opportunitiesResolver (e2e)', () => { return client .post('/graphql') - .set('Authorization', `Bearer ${ADMIN_ACCESS_TOKEN}`) + .set('Authorization', `Bearer ${APPLE_JANE_ADMIN_ACCESS_TOKEN}`) .send(queryData) .expect(200) .expect((res) => { diff --git a/packages/twenty-server/test/integration/graphql/suites/object-generated/people.integration-spec.ts b/packages/twenty-server/test/integration/graphql/suites/object-generated/people.integration-spec.ts index cd2ad16c0..6c71a37ae 100644 --- a/packages/twenty-server/test/integration/graphql/suites/object-generated/people.integration-spec.ts +++ b/packages/twenty-server/test/integration/graphql/suites/object-generated/people.integration-spec.ts @@ -32,7 +32,7 @@ describe('peopleResolver (e2e)', () => { return client .post('/graphql') - .set('Authorization', `Bearer ${ADMIN_ACCESS_TOKEN}`) + .set('Authorization', `Bearer ${APPLE_JANE_ADMIN_ACCESS_TOKEN}`) .send(queryData) .expect(200) .expect((res) => { diff --git a/packages/twenty-server/test/integration/graphql/suites/object-generated/rockets.integration-spec.ts b/packages/twenty-server/test/integration/graphql/suites/object-generated/rockets.integration-spec.ts index cacdf6a1f..342663647 100644 --- a/packages/twenty-server/test/integration/graphql/suites/object-generated/rockets.integration-spec.ts +++ b/packages/twenty-server/test/integration/graphql/suites/object-generated/rockets.integration-spec.ts @@ -26,7 +26,7 @@ describe('petsResolver (e2e)', () => { return client .post('/graphql') - .set('Authorization', `Bearer ${ADMIN_ACCESS_TOKEN}`) + .set('Authorization', `Bearer ${APPLE_JANE_ADMIN_ACCESS_TOKEN}`) .send(queryData) .expect(200) .expect((res) => { diff --git a/packages/twenty-server/test/integration/graphql/suites/object-generated/serverless-functions.integration-spec.ts b/packages/twenty-server/test/integration/graphql/suites/object-generated/serverless-functions.integration-spec.ts index 2e93e1996..30b4a6556 100644 --- a/packages/twenty-server/test/integration/graphql/suites/object-generated/serverless-functions.integration-spec.ts +++ b/packages/twenty-server/test/integration/graphql/suites/object-generated/serverless-functions.integration-spec.ts @@ -23,7 +23,7 @@ describe('serverlessFunctionsResolver (e2e)', () => { return client .post('/graphql') - .set('Authorization', `Bearer ${ADMIN_ACCESS_TOKEN}`) + .set('Authorization', `Bearer ${APPLE_JANE_ADMIN_ACCESS_TOKEN}`) .send(queryData) .expect(200) .expect((res) => { diff --git a/packages/twenty-server/test/integration/graphql/suites/object-generated/task-targets.integration-spec.ts b/packages/twenty-server/test/integration/graphql/suites/object-generated/task-targets.integration-spec.ts index c5dc1e2c0..b3c7496bc 100644 --- a/packages/twenty-server/test/integration/graphql/suites/object-generated/task-targets.integration-spec.ts +++ b/packages/twenty-server/test/integration/graphql/suites/object-generated/task-targets.integration-spec.ts @@ -29,7 +29,7 @@ describe('taskTargetsResolver (e2e)', () => { return client .post('/graphql') - .set('Authorization', `Bearer ${ADMIN_ACCESS_TOKEN}`) + .set('Authorization', `Bearer ${APPLE_JANE_ADMIN_ACCESS_TOKEN}`) .send(queryData) .expect(200) .expect((res) => { diff --git a/packages/twenty-server/test/integration/graphql/suites/object-generated/tasks.integration-spec.ts b/packages/twenty-server/test/integration/graphql/suites/object-generated/tasks.integration-spec.ts index 7c2feb4bf..9e2908027 100644 --- a/packages/twenty-server/test/integration/graphql/suites/object-generated/tasks.integration-spec.ts +++ b/packages/twenty-server/test/integration/graphql/suites/object-generated/tasks.integration-spec.ts @@ -29,7 +29,7 @@ describe('tasksResolver (e2e)', () => { return client .post('/graphql') - .set('Authorization', `Bearer ${ADMIN_ACCESS_TOKEN}`) + .set('Authorization', `Bearer ${APPLE_JANE_ADMIN_ACCESS_TOKEN}`) .send(queryData) .expect(200) .expect((res) => { diff --git a/packages/twenty-server/test/integration/graphql/suites/object-generated/timeline-activities.integration-spec.ts b/packages/twenty-server/test/integration/graphql/suites/object-generated/timeline-activities.integration-spec.ts index 9711d53ed..69c7c8b01 100644 --- a/packages/twenty-server/test/integration/graphql/suites/object-generated/timeline-activities.integration-spec.ts +++ b/packages/twenty-server/test/integration/graphql/suites/object-generated/timeline-activities.integration-spec.ts @@ -40,7 +40,7 @@ describe('timelineActivitiesResolver (e2e)', () => { return client .post('/graphql') - .set('Authorization', `Bearer ${ADMIN_ACCESS_TOKEN}`) + .set('Authorization', `Bearer ${APPLE_JANE_ADMIN_ACCESS_TOKEN}`) .send(queryData) .expect(200) .expect((res) => { diff --git a/packages/twenty-server/test/integration/graphql/suites/object-generated/view-fields.integration-spec.ts b/packages/twenty-server/test/integration/graphql/suites/object-generated/view-fields.integration-spec.ts index 2dc382fa1..56f3c9783 100644 --- a/packages/twenty-server/test/integration/graphql/suites/object-generated/view-fields.integration-spec.ts +++ b/packages/twenty-server/test/integration/graphql/suites/object-generated/view-fields.integration-spec.ts @@ -28,7 +28,7 @@ describe('viewFieldsResolver (e2e)', () => { return client .post('/graphql') - .set('Authorization', `Bearer ${ADMIN_ACCESS_TOKEN}`) + .set('Authorization', `Bearer ${APPLE_JANE_ADMIN_ACCESS_TOKEN}`) .send(queryData) .expect(200) .expect((res) => { diff --git a/packages/twenty-server/test/integration/graphql/suites/object-generated/view-filters.integration-spec.ts b/packages/twenty-server/test/integration/graphql/suites/object-generated/view-filters.integration-spec.ts index 90e6c7a02..ad58438c0 100644 --- a/packages/twenty-server/test/integration/graphql/suites/object-generated/view-filters.integration-spec.ts +++ b/packages/twenty-server/test/integration/graphql/suites/object-generated/view-filters.integration-spec.ts @@ -28,7 +28,7 @@ describe('viewFiltersResolver (e2e)', () => { return client .post('/graphql') - .set('Authorization', `Bearer ${ADMIN_ACCESS_TOKEN}`) + .set('Authorization', `Bearer ${APPLE_JANE_ADMIN_ACCESS_TOKEN}`) .send(queryData) .expect(200) .expect((res) => { diff --git a/packages/twenty-server/test/integration/graphql/suites/object-generated/view-sorts.integration-spec.ts b/packages/twenty-server/test/integration/graphql/suites/object-generated/view-sorts.integration-spec.ts index 763ec32cf..2aa830abd 100644 --- a/packages/twenty-server/test/integration/graphql/suites/object-generated/view-sorts.integration-spec.ts +++ b/packages/twenty-server/test/integration/graphql/suites/object-generated/view-sorts.integration-spec.ts @@ -26,7 +26,7 @@ describe('viewSortsResolver (e2e)', () => { return client .post('/graphql') - .set('Authorization', `Bearer ${ADMIN_ACCESS_TOKEN}`) + .set('Authorization', `Bearer ${APPLE_JANE_ADMIN_ACCESS_TOKEN}`) .send(queryData) .expect(200) .expect((res) => { diff --git a/packages/twenty-server/test/integration/graphql/suites/object-generated/views.integration-spec.ts b/packages/twenty-server/test/integration/graphql/suites/object-generated/views.integration-spec.ts index 4343139d1..689134b0c 100644 --- a/packages/twenty-server/test/integration/graphql/suites/object-generated/views.integration-spec.ts +++ b/packages/twenty-server/test/integration/graphql/suites/object-generated/views.integration-spec.ts @@ -31,7 +31,7 @@ describe('viewsResolver (e2e)', () => { return client .post('/graphql') - .set('Authorization', `Bearer ${ADMIN_ACCESS_TOKEN}`) + .set('Authorization', `Bearer ${APPLE_JANE_ADMIN_ACCESS_TOKEN}`) .send(queryData) .expect(200) .expect((res) => { diff --git a/packages/twenty-server/test/integration/graphql/suites/object-generated/workflow-automated-triggers.integration-spec.ts b/packages/twenty-server/test/integration/graphql/suites/object-generated/workflow-automated-triggers.integration-spec.ts index 83c4f6547..bc16bdf71 100644 --- a/packages/twenty-server/test/integration/graphql/suites/object-generated/workflow-automated-triggers.integration-spec.ts +++ b/packages/twenty-server/test/integration/graphql/suites/object-generated/workflow-automated-triggers.integration-spec.ts @@ -26,7 +26,7 @@ describe('workflowAutomatedTriggersResolver (e2e)', () => { return client .post('/graphql') - .set('Authorization', `Bearer ${ADMIN_ACCESS_TOKEN}`) + .set('Authorization', `Bearer ${APPLE_JANE_ADMIN_ACCESS_TOKEN}`) .send(queryData) .expect(200) .expect((res) => { diff --git a/packages/twenty-server/test/integration/graphql/suites/object-generated/workflow-versions.integration-spec.ts b/packages/twenty-server/test/integration/graphql/suites/object-generated/workflow-versions.integration-spec.ts index 1b529a77f..262c98fb2 100644 --- a/packages/twenty-server/test/integration/graphql/suites/object-generated/workflow-versions.integration-spec.ts +++ b/packages/twenty-server/test/integration/graphql/suites/object-generated/workflow-versions.integration-spec.ts @@ -29,7 +29,7 @@ describe('workflowVersionsResolver (e2e)', () => { return client .post('/graphql') - .set('Authorization', `Bearer ${ADMIN_ACCESS_TOKEN}`) + .set('Authorization', `Bearer ${APPLE_JANE_ADMIN_ACCESS_TOKEN}`) .send(queryData) .expect(200) .expect((res) => { diff --git a/packages/twenty-server/test/integration/graphql/suites/object-generated/workflows.integration-spec.ts b/packages/twenty-server/test/integration/graphql/suites/object-generated/workflows.integration-spec.ts index 5cc56a41c..75c27e1c7 100644 --- a/packages/twenty-server/test/integration/graphql/suites/object-generated/workflows.integration-spec.ts +++ b/packages/twenty-server/test/integration/graphql/suites/object-generated/workflows.integration-spec.ts @@ -27,7 +27,7 @@ describe('workflowsResolver (e2e)', () => { return client .post('/graphql') - .set('Authorization', `Bearer ${ADMIN_ACCESS_TOKEN}`) + .set('Authorization', `Bearer ${APPLE_JANE_ADMIN_ACCESS_TOKEN}`) .send(queryData) .expect(200) .expect((res) => { diff --git a/packages/twenty-server/test/integration/graphql/suites/object-generated/workspace-members.integration-spec.ts b/packages/twenty-server/test/integration/graphql/suites/object-generated/workspace-members.integration-spec.ts index ef24a431b..719c48b2b 100644 --- a/packages/twenty-server/test/integration/graphql/suites/object-generated/workspace-members.integration-spec.ts +++ b/packages/twenty-server/test/integration/graphql/suites/object-generated/workspace-members.integration-spec.ts @@ -31,7 +31,7 @@ describe('workspaceMembersResolver (e2e)', () => { return client .post('/graphql') - .set('Authorization', `Bearer ${ADMIN_ACCESS_TOKEN}`) + .set('Authorization', `Bearer ${APPLE_JANE_ADMIN_ACCESS_TOKEN}`) .send(queryData) .expect(200) .expect((res) => { diff --git a/packages/twenty-server/test/integration/graphql/suites/object-records-permissions/granular-object-records-permissions.integration-spec.ts b/packages/twenty-server/test/integration/graphql/suites/object-records-permissions/granular-object-records-permissions.integration-spec.ts index afc0ad72a..d855ed848 100644 --- a/packages/twenty-server/test/integration/graphql/suites/object-records-permissions/granular-object-records-permissions.integration-spec.ts +++ b/packages/twenty-server/test/integration/graphql/suites/object-records-permissions/granular-object-records-permissions.integration-spec.ts @@ -31,7 +31,7 @@ describe('granularObjectRecordsPermissions', () => { const rolesResponse = await client .post('/graphql') - .set('Authorization', `Bearer ${ADMIN_ACCESS_TOKEN}`) + .set('Authorization', `Bearer ${APPLE_JANE_ADMIN_ACCESS_TOKEN}`) .send(getRolesQuery); originalMemberRoleId = rolesResponse.body.data.getRoles.find( @@ -55,7 +55,7 @@ describe('granularObjectRecordsPermissions', () => { await client .post('/graphql') - .set('Authorization', `Bearer ${ADMIN_ACCESS_TOKEN}`) + .set('Authorization', `Bearer ${APPLE_JANE_ADMIN_ACCESS_TOKEN}`) .send(restoreMemberRoleQuery); }); diff --git a/packages/twenty-server/test/integration/graphql/suites/object-records-permissions/permissions-on-relations.integration-spec.ts b/packages/twenty-server/test/integration/graphql/suites/object-records-permissions/permissions-on-relations.integration-spec.ts index 278c8f8e3..a97f0a6c5 100644 --- a/packages/twenty-server/test/integration/graphql/suites/object-records-permissions/permissions-on-relations.integration-spec.ts +++ b/packages/twenty-server/test/integration/graphql/suites/object-records-permissions/permissions-on-relations.integration-spec.ts @@ -37,7 +37,7 @@ describe('permissionsOnRelations', () => { const rolesResponse = await client .post('/graphql') - .set('Authorization', `Bearer ${ADMIN_ACCESS_TOKEN}`) + .set('Authorization', `Bearer ${APPLE_JANE_ADMIN_ACCESS_TOKEN}`) .send(getRolesQuery); originalMemberRoleId = rolesResponse.body.data.getRoles.find( @@ -91,7 +91,7 @@ describe('permissionsOnRelations', () => { await client .post('/graphql') - .set('Authorization', `Bearer ${ADMIN_ACCESS_TOKEN}`) + .set('Authorization', `Bearer ${APPLE_JANE_ADMIN_ACCESS_TOKEN}`) .send(restoreMemberRoleQuery); }); diff --git a/packages/twenty-server/test/integration/graphql/suites/settings-permissions/api-key-webhooks.integration-spec.ts b/packages/twenty-server/test/integration/graphql/suites/settings-permissions/api-key-webhooks.integration-spec.ts index fe876fb38..45fed8f62 100644 --- a/packages/twenty-server/test/integration/graphql/suites/settings-permissions/api-key-webhooks.integration-spec.ts +++ b/packages/twenty-server/test/integration/graphql/suites/settings-permissions/api-key-webhooks.integration-spec.ts @@ -20,7 +20,7 @@ describe('api key and webhooks permissions', () => { await client .post('/graphql') - .set('Authorization', `Bearer ${MEMBER_ACCESS_TOKEN}`) + .set('Authorization', `Bearer ${APPLE_JONY_MEMBER_ACCESS_TOKEN}`) .send(queryData) .expect(200) .expect((res) => { diff --git a/packages/twenty-server/test/integration/graphql/suites/settings-permissions/granular-settings-permissions.integration-spec.ts b/packages/twenty-server/test/integration/graphql/suites/settings-permissions/granular-settings-permissions.integration-spec.ts index fc7a25594..7de00cb7f 100644 --- a/packages/twenty-server/test/integration/graphql/suites/settings-permissions/granular-settings-permissions.integration-spec.ts +++ b/packages/twenty-server/test/integration/graphql/suites/settings-permissions/granular-settings-permissions.integration-spec.ts @@ -32,7 +32,7 @@ describe('Granular settings permissions', () => { const rolesResponse = await client .post('/graphql') - .set('Authorization', `Bearer ${ADMIN_ACCESS_TOKEN}`) + .set('Authorization', `Bearer ${APPLE_JANE_ADMIN_ACCESS_TOKEN}`) .send(getRolesQuery); originalMemberRoleId = rolesResponse.body.data.getRoles.find( @@ -62,7 +62,7 @@ describe('Granular settings permissions', () => { const createRoleResponse = await client .post('/graphql') - .set('Authorization', `Bearer ${ADMIN_ACCESS_TOKEN}`) + .set('Authorization', `Bearer ${APPLE_JANE_ADMIN_ACCESS_TOKEN}`) .send(createRoleQuery); customRoleId = createRoleResponse.body.data.createOneRole.id; @@ -85,10 +85,10 @@ describe('Granular settings permissions', () => { await client .post('/graphql') - .set('Authorization', `Bearer ${ADMIN_ACCESS_TOKEN}`) + .set('Authorization', `Bearer ${APPLE_JANE_ADMIN_ACCESS_TOKEN}`) .send(upsertSettingPermissionsQuery); - // Assign the custom role to JONY (who uses MEMBER_ACCESS_TOKEN) + // Assign the custom role to JONY (who uses APPLE_JONY_MEMBER_ACCESS_TOKEN) await updateWorkspaceMemberRole({ client, roleId: customRoleId, @@ -113,7 +113,7 @@ describe('Granular settings permissions', () => { await client .post('/graphql') - .set('Authorization', `Bearer ${ADMIN_ACCESS_TOKEN}`) + .set('Authorization', `Bearer ${APPLE_JANE_ADMIN_ACCESS_TOKEN}`) .send(restoreMemberRoleQuery); // Delete the custom role @@ -121,7 +121,7 @@ describe('Granular settings permissions', () => { await client .post('/graphql') - .set('Authorization', `Bearer ${ADMIN_ACCESS_TOKEN}`) + .set('Authorization', `Bearer ${APPLE_JANE_ADMIN_ACCESS_TOKEN}`) .send(deleteRoleQuery); }); @@ -147,7 +147,7 @@ describe('Granular settings permissions', () => { const response = await client .post('/metadata') - .set('Authorization', `Bearer ${MEMBER_ACCESS_TOKEN}`) + .set('Authorization', `Bearer ${APPLE_JONY_MEMBER_ACCESS_TOKEN}`) .send({ query: print(createObjectQuery), variables }); expect(response.status).toBe(200); @@ -166,7 +166,7 @@ describe('Granular settings permissions', () => { await client .post('/graphql') - .set('Authorization', `Bearer ${ADMIN_ACCESS_TOKEN}`) + .set('Authorization', `Bearer ${APPLE_JANE_ADMIN_ACCESS_TOKEN}`) .send({ query: print(deleteObjectQuery), variables: deleteObjectVariables, @@ -192,7 +192,7 @@ describe('Granular settings permissions', () => { const response = await client .post('/graphql') - .set('Authorization', `Bearer ${MEMBER_ACCESS_TOKEN}`) + .set('Authorization', `Bearer ${APPLE_JONY_MEMBER_ACCESS_TOKEN}`) .send(updateWorkspaceQuery); expect(response.status).toBe(200); @@ -218,7 +218,7 @@ describe('Granular settings permissions', () => { await client .post('/graphql') - .set('Authorization', `Bearer ${ADMIN_ACCESS_TOKEN}`) + .set('Authorization', `Bearer ${APPLE_JANE_ADMIN_ACCESS_TOKEN}`) .send(restoreWorkspaceQuery); }); }); @@ -241,7 +241,7 @@ describe('Granular settings permissions', () => { const response = await client .post('/graphql') - .set('Authorization', `Bearer ${MEMBER_ACCESS_TOKEN}`) + .set('Authorization', `Bearer ${APPLE_JONY_MEMBER_ACCESS_TOKEN}`) .send(createWorkflowQuery); expect(response.status).toBe(200); @@ -260,7 +260,7 @@ describe('Granular settings permissions', () => { await client .post('/graphql') - .set('Authorization', `Bearer ${ADMIN_ACCESS_TOKEN}`) + .set('Authorization', `Bearer ${APPLE_JANE_ADMIN_ACCESS_TOKEN}`) .send(graphqlOperation); }); }); @@ -282,7 +282,7 @@ describe('Granular settings permissions', () => { const response = await client .post('/graphql') - .set('Authorization', `Bearer ${MEMBER_ACCESS_TOKEN}`) + .set('Authorization', `Bearer ${APPLE_JONY_MEMBER_ACCESS_TOKEN}`) .send(createRoleQuery); expect(response.status).toBe(200); @@ -308,7 +308,7 @@ describe('Granular settings permissions', () => { const response = await client .post('/graphql') - .set('Authorization', `Bearer ${MEMBER_ACCESS_TOKEN}`) + .set('Authorization', `Bearer ${APPLE_JONY_MEMBER_ACCESS_TOKEN}`) .send(inviteWorkspaceMemberQuery); expect(response.status).toBe(200); @@ -334,7 +334,7 @@ describe('Granular settings permissions', () => { const response = await client .post('/graphql') - .set('Authorization', `Bearer ${MEMBER_ACCESS_TOKEN}`) + .set('Authorization', `Bearer ${APPLE_JONY_MEMBER_ACCESS_TOKEN}`) .send(createApiKeyQuery); expect(response.status).toBe(200); @@ -367,7 +367,7 @@ describe('Granular settings permissions', () => { const response = await client .post('/graphql') - .set('Authorization', `Bearer ${ADMIN_ACCESS_TOKEN}`) + .set('Authorization', `Bearer ${APPLE_JANE_ADMIN_ACCESS_TOKEN}`) .send(getRoleQuery); const customRole = response.body.data.getRoles.find( @@ -406,7 +406,7 @@ describe('Granular settings permissions', () => { const response = await client .post('/graphql') - .set('Authorization', `Bearer ${ADMIN_ACCESS_TOKEN}`) + .set('Authorization', `Bearer ${APPLE_JANE_ADMIN_ACCESS_TOKEN}`) .send(upsertSecurityPermissionQuery); expect(response.status).toBe(200); @@ -431,7 +431,7 @@ describe('Granular settings permissions', () => { const roleResponse = await client .post('/graphql') - .set('Authorization', `Bearer ${ADMIN_ACCESS_TOKEN}`) + .set('Authorization', `Bearer ${APPLE_JANE_ADMIN_ACCESS_TOKEN}`) .send(getRoleQuery); const updatedRole = roleResponse.body.data.getRoles.find( @@ -463,7 +463,7 @@ describe('Granular settings permissions', () => { const response = await client .post('/graphql') - .set('Authorization', `Bearer ${ADMIN_ACCESS_TOKEN}`) + .set('Authorization', `Bearer ${APPLE_JANE_ADMIN_ACCESS_TOKEN}`) .send(upsertReducedPermissionsQuery); expect(response.status).toBe(200); @@ -486,7 +486,7 @@ describe('Granular settings permissions', () => { const roleResponse = await client .post('/graphql') - .set('Authorization', `Bearer ${ADMIN_ACCESS_TOKEN}`) + .set('Authorization', `Bearer ${APPLE_JANE_ADMIN_ACCESS_TOKEN}`) .send(getRoleQuery); const updatedRole = roleResponse.body.data.getRoles.find( diff --git a/packages/twenty-server/test/integration/graphql/suites/settings-permissions/roles.integration-spec.ts b/packages/twenty-server/test/integration/graphql/suites/settings-permissions/roles.integration-spec.ts index 02a727553..9693d2a54 100644 --- a/packages/twenty-server/test/integration/graphql/suites/settings-permissions/roles.integration-spec.ts +++ b/packages/twenty-server/test/integration/graphql/suites/settings-permissions/roles.integration-spec.ts @@ -18,7 +18,7 @@ async function assertPermissionDeniedForMemberWithMemberRole({ }) { await client .post('/graphql') - .set('Authorization', `Bearer ${MEMBER_ACCESS_TOKEN}`) + .set('Authorization', `Bearer ${APPLE_JONY_MEMBER_ACCESS_TOKEN}`) .send(query) .expect(200) .expect((res) => { @@ -49,7 +49,7 @@ describe('roles permissions', () => { const resp = await client .post('/graphql') - .set('Authorization', `Bearer ${ADMIN_ACCESS_TOKEN}`) + .set('Authorization', `Bearer ${APPLE_JANE_ADMIN_ACCESS_TOKEN}`) .send(query); adminRoleId = resp.body.data.getRoles.find( @@ -84,7 +84,7 @@ describe('roles permissions', () => { const resp = await client .post('/graphql') - .set('Authorization', `Bearer ${ADMIN_ACCESS_TOKEN}`) + .set('Authorization', `Bearer ${APPLE_JANE_ADMIN_ACCESS_TOKEN}`) .send(query); expect(resp.status).toBe(200); @@ -193,7 +193,7 @@ describe('roles permissions', () => { await client .post('/graphql') - .set('Authorization', `Bearer ${ADMIN_ACCESS_TOKEN}`) + .set('Authorization', `Bearer ${APPLE_JANE_ADMIN_ACCESS_TOKEN}`) .send(query) .expect(200) .expect((res) => { @@ -221,7 +221,7 @@ describe('roles permissions', () => { const resp = await client .post('/graphql') - .set('Authorization', `Bearer ${ADMIN_ACCESS_TOKEN}`) + .set('Authorization', `Bearer ${APPLE_JANE_ADMIN_ACCESS_TOKEN}`) .send(getRolesQuery); const memberRoleId = resp.body.data.getRoles.find( @@ -247,7 +247,7 @@ describe('roles permissions', () => { // Act and assert await client .post('/graphql') - .set('Authorization', `Bearer ${ADMIN_ACCESS_TOKEN}`) + .set('Authorization', `Bearer ${APPLE_JANE_ADMIN_ACCESS_TOKEN}`) .send(updateRoleQuery) .expect(200) .expect((res) => { @@ -271,7 +271,7 @@ describe('roles permissions', () => { await client .post('/graphql') - .set('Authorization', `Bearer ${ADMIN_ACCESS_TOKEN}`) + .set('Authorization', `Bearer ${APPLE_JANE_ADMIN_ACCESS_TOKEN}`) .send(rollbackRoleUpdateQuery) .expect(200) .expect((res) => { @@ -313,7 +313,7 @@ describe('roles permissions', () => { const result = await client .post('/graphql') - .set('Authorization', `Bearer ${ADMIN_ACCESS_TOKEN}`) + .set('Authorization', `Bearer ${APPLE_JANE_ADMIN_ACCESS_TOKEN}`) .send(query) .expect(200) .expect((res) => { @@ -328,7 +328,7 @@ describe('roles permissions', () => { await client .post('/graphql') - .set('Authorization', `Bearer ${ADMIN_ACCESS_TOKEN}`) + .set('Authorization', `Bearer ${APPLE_JANE_ADMIN_ACCESS_TOKEN}`) .send(deleteOneRoleQuery); }); }); @@ -349,7 +349,7 @@ describe('roles permissions', () => { await client .post('/graphql') - .set('Authorization', `Bearer ${ADMIN_ACCESS_TOKEN}`) + .set('Authorization', `Bearer ${APPLE_JANE_ADMIN_ACCESS_TOKEN}`) .send(query) .then((res) => { createdEditableRoleId = res.body.data.createOneRole.id; @@ -363,7 +363,7 @@ describe('roles permissions', () => { await client .post('/graphql') - .set('Authorization', `Bearer ${ADMIN_ACCESS_TOKEN}`) + .set('Authorization', `Bearer ${APPLE_JANE_ADMIN_ACCESS_TOKEN}`) .send(deleteOneRoleQuery); }); @@ -395,7 +395,7 @@ describe('roles permissions', () => { await client .post('/graphql') - .set('Authorization', `Bearer ${ADMIN_ACCESS_TOKEN}`) + .set('Authorization', `Bearer ${APPLE_JANE_ADMIN_ACCESS_TOKEN}`) .send(query) .expect(200) .expect((res) => { @@ -424,7 +424,7 @@ describe('roles permissions', () => { await client .post('/graphql') - .set('Authorization', `Bearer ${ADMIN_ACCESS_TOKEN}`) + .set('Authorization', `Bearer ${APPLE_JANE_ADMIN_ACCESS_TOKEN}`) .send(query) .expect(200) .expect((res) => { @@ -497,7 +497,7 @@ describe('roles permissions', () => { await client .post('/graphql') - .set('Authorization', `Bearer ${ADMIN_ACCESS_TOKEN}`) + .set('Authorization', `Bearer ${APPLE_JANE_ADMIN_ACCESS_TOKEN}`) .send(query) .expect(200) .expect((res) => { @@ -522,7 +522,7 @@ describe('roles permissions', () => { await client .post('/graphql') - .set('Authorization', `Bearer ${ADMIN_ACCESS_TOKEN}`) + .set('Authorization', `Bearer ${APPLE_JANE_ADMIN_ACCESS_TOKEN}`) .send(query) .expect(200) .expect((res) => { @@ -595,7 +595,7 @@ describe('roles permissions', () => { await client .post('/graphql') - .set('Authorization', `Bearer ${ADMIN_ACCESS_TOKEN}`) + .set('Authorization', `Bearer ${APPLE_JANE_ADMIN_ACCESS_TOKEN}`) .send(query) .expect(200) .expect((res) => { @@ -619,7 +619,7 @@ describe('roles permissions', () => { await client .post('/graphql') - .set('Authorization', `Bearer ${ADMIN_ACCESS_TOKEN}`) + .set('Authorization', `Bearer ${APPLE_JANE_ADMIN_ACCESS_TOKEN}`) .send(query) .expect(200) .expect((res) => { diff --git a/packages/twenty-server/test/integration/graphql/suites/settings-permissions/security.integration-spec.ts b/packages/twenty-server/test/integration/graphql/suites/settings-permissions/security.integration-spec.ts index dbf62b1ba..7315eb449 100644 --- a/packages/twenty-server/test/integration/graphql/suites/settings-permissions/security.integration-spec.ts +++ b/packages/twenty-server/test/integration/graphql/suites/settings-permissions/security.integration-spec.ts @@ -69,7 +69,7 @@ describe('Security permissions', () => { return client .post('/graphql') - .set('Authorization', `Bearer ${ADMIN_ACCESS_TOKEN}`) + .set('Authorization', `Bearer ${APPLE_JANE_ADMIN_ACCESS_TOKEN}`) .send(queryData) .expect(200) .expect((res) => { @@ -98,7 +98,7 @@ describe('Security permissions', () => { await client .post('/graphql') - .set('Authorization', `Bearer ${MEMBER_ACCESS_TOKEN}`) + .set('Authorization', `Bearer ${APPLE_JONY_MEMBER_ACCESS_TOKEN}`) .send(queryData) .expect(200) .expect((res) => { @@ -129,7 +129,7 @@ describe('Security permissions', () => { return client .post('/graphql') - .set('Authorization', `Bearer ${ADMIN_ACCESS_TOKEN}`) + .set('Authorization', `Bearer ${APPLE_JANE_ADMIN_ACCESS_TOKEN}`) .send(queryData) .expect(200) .expect((res) => { @@ -158,7 +158,7 @@ describe('Security permissions', () => { await client .post('/graphql') - .set('Authorization', `Bearer ${MEMBER_ACCESS_TOKEN}`) + .set('Authorization', `Bearer ${APPLE_JONY_MEMBER_ACCESS_TOKEN}`) .send(queryData) .expect(200) .expect((res) => { @@ -189,7 +189,7 @@ describe('Security permissions', () => { return client .post('/graphql') - .set('Authorization', `Bearer ${ADMIN_ACCESS_TOKEN}`) + .set('Authorization', `Bearer ${APPLE_JANE_ADMIN_ACCESS_TOKEN}`) .send(queryData) .expect(200) .expect((res) => { @@ -218,7 +218,7 @@ describe('Security permissions', () => { await client .post('/graphql') - .set('Authorization', `Bearer ${MEMBER_ACCESS_TOKEN}`) + .set('Authorization', `Bearer ${APPLE_JONY_MEMBER_ACCESS_TOKEN}`) .send(queryData) .expect(200) .expect((res) => { @@ -248,7 +248,7 @@ describe('Security permissions', () => { return client .post('/graphql') - .set('Authorization', `Bearer ${ADMIN_ACCESS_TOKEN}`) + .set('Authorization', `Bearer ${APPLE_JANE_ADMIN_ACCESS_TOKEN}`) .send(queryData) .expect(200) .expect((res) => { @@ -277,7 +277,7 @@ describe('Security permissions', () => { await client .post('/graphql') - .set('Authorization', `Bearer ${MEMBER_ACCESS_TOKEN}`) + .set('Authorization', `Bearer ${APPLE_JONY_MEMBER_ACCESS_TOKEN}`) .send(queryData) .expect(200) .expect((res) => { @@ -310,7 +310,7 @@ describe('Security permissions', () => { await client .post('/graphql') - .set('Authorization', `Bearer ${MEMBER_ACCESS_TOKEN}`) + .set('Authorization', `Bearer ${APPLE_JONY_MEMBER_ACCESS_TOKEN}`) .send(queryData) .expect(200) .expect((res) => { @@ -340,7 +340,7 @@ describe('Security permissions', () => { return client .post('/graphql') - .set('Authorization', `Bearer ${ADMIN_ACCESS_TOKEN}`) + .set('Authorization', `Bearer ${APPLE_JANE_ADMIN_ACCESS_TOKEN}`) .send(queryData) .expect(200) .expect((res) => { @@ -369,7 +369,7 @@ describe('Security permissions', () => { await client .post('/graphql') - .set('Authorization', `Bearer ${MEMBER_ACCESS_TOKEN}`) + .set('Authorization', `Bearer ${APPLE_JONY_MEMBER_ACCESS_TOKEN}`) .send(queryData) .expect(200) .expect((res) => { @@ -400,7 +400,7 @@ describe('Security permissions', () => { return client .post('/graphql') - .set('Authorization', `Bearer ${ADMIN_ACCESS_TOKEN}`) + .set('Authorization', `Bearer ${APPLE_JANE_ADMIN_ACCESS_TOKEN}`) .send(queryData) .expect(200) .expect((res) => { @@ -429,7 +429,7 @@ describe('Security permissions', () => { await client .post('/graphql') - .set('Authorization', `Bearer ${MEMBER_ACCESS_TOKEN}`) + .set('Authorization', `Bearer ${APPLE_JONY_MEMBER_ACCESS_TOKEN}`) .send(queryData) .expect(200) .expect((res) => { @@ -460,7 +460,7 @@ describe('Security permissions', () => { return client .post('/graphql') - .set('Authorization', `Bearer ${ADMIN_ACCESS_TOKEN}`) + .set('Authorization', `Bearer ${APPLE_JANE_ADMIN_ACCESS_TOKEN}`) .send(queryData) .expect(200) .expect((res) => { @@ -489,7 +489,7 @@ describe('Security permissions', () => { await client .post('/graphql') - .set('Authorization', `Bearer ${MEMBER_ACCESS_TOKEN}`) + .set('Authorization', `Bearer ${APPLE_JONY_MEMBER_ACCESS_TOKEN}`) .send(queryData) .expect(200) .expect((res) => { @@ -520,7 +520,7 @@ describe('Security permissions', () => { return client .post('/graphql') - .set('Authorization', `Bearer ${ADMIN_ACCESS_TOKEN}`) + .set('Authorization', `Bearer ${APPLE_JANE_ADMIN_ACCESS_TOKEN}`) .send(queryData) .expect(200) .expect((res) => { @@ -549,7 +549,7 @@ describe('Security permissions', () => { await client .post('/graphql') - .set('Authorization', `Bearer ${MEMBER_ACCESS_TOKEN}`) + .set('Authorization', `Bearer ${APPLE_JONY_MEMBER_ACCESS_TOKEN}`) .send(queryData) .expect(200) .expect((res) => { diff --git a/packages/twenty-server/test/integration/graphql/suites/settings-permissions/workspace-invitation.integration-spec.ts b/packages/twenty-server/test/integration/graphql/suites/settings-permissions/workspace-invitation.integration-spec.ts index 0eb56f3be..41d392230 100644 --- a/packages/twenty-server/test/integration/graphql/suites/settings-permissions/workspace-invitation.integration-spec.ts +++ b/packages/twenty-server/test/integration/graphql/suites/settings-permissions/workspace-invitation.integration-spec.ts @@ -19,7 +19,7 @@ describe('workspace invitation permissions', () => { await client .post('/graphql') - .set('Authorization', `Bearer ${MEMBER_ACCESS_TOKEN}`) + .set('Authorization', `Bearer ${APPLE_JONY_MEMBER_ACCESS_TOKEN}`) .send(queryData) .expect(200) .expect((res) => { @@ -45,7 +45,7 @@ describe('workspace invitation permissions', () => { await client .post('/graphql') - .set('Authorization', `Bearer ${MEMBER_ACCESS_TOKEN}`) + .set('Authorization', `Bearer ${APPLE_JONY_MEMBER_ACCESS_TOKEN}`) .send(queryData) .expect(200) .expect((res) => { @@ -72,7 +72,7 @@ describe('workspace invitation permissions', () => { await client .post('/graphql') - .set('Authorization', `Bearer ${MEMBER_ACCESS_TOKEN}`) + .set('Authorization', `Bearer ${APPLE_JONY_MEMBER_ACCESS_TOKEN}`) .send(queryData) .expect(200) .expect((res) => { @@ -96,7 +96,7 @@ describe('workspace invitation permissions', () => { await client .post('/graphql') - .set('Authorization', `Bearer ${MEMBER_ACCESS_TOKEN}`) + .set('Authorization', `Bearer ${APPLE_JONY_MEMBER_ACCESS_TOKEN}`) .send(queryData) .expect(200) .expect((res) => { diff --git a/packages/twenty-server/test/integration/graphql/suites/settings-permissions/workspace-members.integration-spec.ts b/packages/twenty-server/test/integration/graphql/suites/settings-permissions/workspace-members.integration-spec.ts index bfb623cd5..d85951354 100644 --- a/packages/twenty-server/test/integration/graphql/suites/settings-permissions/workspace-members.integration-spec.ts +++ b/packages/twenty-server/test/integration/graphql/suites/settings-permissions/workspace-members.integration-spec.ts @@ -1,8 +1,6 @@ -import { createOneOperationFactory } from 'test/integration/graphql/utils/create-one-operation-factory.util'; import { deleteOneOperationFactory } from 'test/integration/graphql/utils/delete-one-operation-factory.util'; +import { makeGraphqlAPIRequestWithAcmeMemberRole } from 'test/integration/graphql/utils/make-graphql-api-request-with-acme-member-role.util'; import { makeGraphqlAPIRequestWithMemberRole } from 'test/integration/graphql/utils/make-graphql-api-request-with-member-role.util'; -import { makeGraphqlAPIRequest } from 'test/integration/graphql/utils/make-graphql-api-request.util'; -import { restoreOneOperationFactory } from 'test/integration/graphql/utils/restore-one-operation-factory.util'; import { updateOneOperationFactory } from 'test/integration/graphql/utils/update-one-operation-factory.util'; import { ErrorCode } from 'src/engine/core-modules/graphql/utils/graphql-errors.util'; @@ -68,37 +66,6 @@ describe('workspace members permissions', () => { }); describe('deleteOne', () => { - afterEach(async () => { - // Restore the deleted user to maintain test isolation - const restoreOperation = restoreOneOperationFactory({ - objectMetadataSingularName: 'workspaceMember', - gqlFields: WORKSPACE_MEMBER_GQL_FIELDS, - recordId: WORKSPACE_MEMBER_DATA_SEED_IDS.JONY, - }); - - await makeGraphqlAPIRequest(restoreOperation); - }); - it('should allow delete when user is deleting themself (member role)', async () => { - const deleteOperation = deleteOneOperationFactory({ - objectMetadataSingularName: 'workspaceMember', - gqlFields: WORKSPACE_MEMBER_GQL_FIELDS, - recordId: WORKSPACE_MEMBER_DATA_SEED_IDS.JONY, - }); - - const deleteResponse = - await makeGraphqlAPIRequestWithMemberRole(deleteOperation); - - expect(deleteResponse.body.data).toStrictEqual({ - deleteWorkspaceMember: { - id: WORKSPACE_MEMBER_DATA_SEED_IDS.JONY, - name: { - firstName: 'Jony', - }, - }, - }); - expect(deleteResponse.body.errors).toBeUndefined(); - }); - it('should throw when user does not have permission (member role)', async () => { const graphqlOperation = deleteOneOperationFactory({ objectMetadataSingularName: 'workspaceMember', @@ -116,75 +83,26 @@ describe('workspace members permissions', () => { ); expect(response.body.errors[0].extensions.code).toBe(ErrorCode.FORBIDDEN); }); - }); - describe('restoreOne', () => { - it('should allow restore when user is restoring themself (member role)', async () => { - const restoreOperation = restoreOneOperationFactory({ + it('should allow delete when user is deleting themself (member role)', async () => { + const deleteOperation = deleteOneOperationFactory({ objectMetadataSingularName: 'workspaceMember', gqlFields: WORKSPACE_MEMBER_GQL_FIELDS, recordId: WORKSPACE_MEMBER_DATA_SEED_IDS.JONY, }); - const response = - await makeGraphqlAPIRequestWithMemberRole(restoreOperation); + const deleteResponse = + await makeGraphqlAPIRequestWithAcmeMemberRole(deleteOperation); - expect(response.body.data).toStrictEqual({ - restoreWorkspaceMember: { + expect(deleteResponse.body.data).toStrictEqual({ + deleteWorkspaceMember: { id: WORKSPACE_MEMBER_DATA_SEED_IDS.JONY, name: { firstName: 'Jony', }, }, }); - expect(response.body.errors).toBeUndefined(); - }); - - it('should throw when user does not have permission (member role)', async () => { - const restoreOperation = restoreOneOperationFactory({ - objectMetadataSingularName: 'workspaceMember', - gqlFields: WORKSPACE_MEMBER_GQL_FIELDS, - recordId: WORKSPACE_MEMBER_DATA_SEED_IDS.TIM, - }); - - const response = - await makeGraphqlAPIRequestWithMemberRole(restoreOperation); - - expect(response.body.data).toStrictEqual({ - restoreWorkspaceMember: null, - }); - expect(response.body.errors).toBeDefined(); - expect(response.body.errors[0].message).toBe( - PermissionsExceptionMessage.PERMISSION_DENIED, - ); - expect(response.body.errors[0].extensions.code).toBe(ErrorCode.FORBIDDEN); - }); - }); - - describe('createOne', () => { - it('should throw when user does not have permission (member role)', async () => { - const createOperation = createOneOperationFactory({ - objectMetadataSingularName: 'workspaceMember', - gqlFields: WORKSPACE_MEMBER_GQL_FIELDS, - data: { - userId: 'cc80c2e9-3002-46ac-bcc6-24e524713f21', - name: { - firstName: 'New', - }, - }, - }); - - const response = - await makeGraphqlAPIRequestWithMemberRole(createOperation); - - expect(response.body.data).toStrictEqual({ - createWorkspaceMember: null, - }); - expect(response.body.errors).toBeDefined(); - expect(response.body.errors[0].message).toBe( - PermissionsExceptionMessage.PERMISSION_DENIED, - ); - expect(response.body.errors[0].extensions.code).toBe(ErrorCode.FORBIDDEN); + expect(deleteResponse.body.errors).toBeUndefined(); }); }); }); diff --git a/packages/twenty-server/test/integration/graphql/suites/settings-permissions/workspace.integration-spec.ts b/packages/twenty-server/test/integration/graphql/suites/settings-permissions/workspace.integration-spec.ts index bafe8d09b..b5db1f24c 100644 --- a/packages/twenty-server/test/integration/graphql/suites/settings-permissions/workspace.integration-spec.ts +++ b/packages/twenty-server/test/integration/graphql/suites/settings-permissions/workspace.integration-spec.ts @@ -69,7 +69,7 @@ describe('workspace permissions', () => { await client .post('/graphql') - .set('Authorization', `Bearer ${MEMBER_ACCESS_TOKEN}`) + .set('Authorization', `Bearer ${APPLE_JONY_MEMBER_ACCESS_TOKEN}`) .send(queryData) .expect(200) .expect((res) => { @@ -99,7 +99,7 @@ describe('workspace permissions', () => { return client .post('/graphql') - .set('Authorization', `Bearer ${ADMIN_ACCESS_TOKEN}`) + .set('Authorization', `Bearer ${APPLE_JANE_ADMIN_ACCESS_TOKEN}`) .send(queryData) .expect(200) .expect((res) => { @@ -128,7 +128,7 @@ describe('workspace permissions', () => { await client .post('/graphql') - .set('Authorization', `Bearer ${MEMBER_ACCESS_TOKEN}`) + .set('Authorization', `Bearer ${APPLE_JONY_MEMBER_ACCESS_TOKEN}`) .send(queryData) .expect(200) .expect((res) => { @@ -159,7 +159,7 @@ describe('workspace permissions', () => { return client .post('/graphql') - .set('Authorization', `Bearer ${ADMIN_ACCESS_TOKEN}`) + .set('Authorization', `Bearer ${APPLE_JANE_ADMIN_ACCESS_TOKEN}`) .send(queryData) .expect(200) .expect((res) => { @@ -188,7 +188,7 @@ describe('workspace permissions', () => { await client .post('/graphql') - .set('Authorization', `Bearer ${MEMBER_ACCESS_TOKEN}`) + .set('Authorization', `Bearer ${APPLE_JONY_MEMBER_ACCESS_TOKEN}`) .send(queryData) .expect(200) .expect((res) => { @@ -219,7 +219,7 @@ describe('workspace permissions', () => { return client .post('/graphql') - .set('Authorization', `Bearer ${ADMIN_ACCESS_TOKEN}`) + .set('Authorization', `Bearer ${APPLE_JANE_ADMIN_ACCESS_TOKEN}`) .send(queryData) .expect(200) .expect((res) => { @@ -248,7 +248,7 @@ describe('workspace permissions', () => { await client .post('/graphql') - .set('Authorization', `Bearer ${MEMBER_ACCESS_TOKEN}`) + .set('Authorization', `Bearer ${APPLE_JONY_MEMBER_ACCESS_TOKEN}`) .send(queryData) .expect(200) .expect((res) => { @@ -279,7 +279,7 @@ describe('workspace permissions', () => { return client .post('/graphql') - .set('Authorization', `Bearer ${ADMIN_ACCESS_TOKEN}`) + .set('Authorization', `Bearer ${APPLE_JANE_ADMIN_ACCESS_TOKEN}`) .send(queryData) .expect(200) .expect((res) => { @@ -308,7 +308,7 @@ describe('workspace permissions', () => { await client .post('/graphql') - .set('Authorization', `Bearer ${MEMBER_ACCESS_TOKEN}`) + .set('Authorization', `Bearer ${APPLE_JONY_MEMBER_ACCESS_TOKEN}`) .send(queryData) .expect(200) .expect((res) => { @@ -340,7 +340,7 @@ describe('workspace permissions', () => { await client .post('/graphql') - .set('Authorization', `Bearer ${MEMBER_ACCESS_TOKEN}`) + .set('Authorization', `Bearer ${APPLE_JONY_MEMBER_ACCESS_TOKEN}`) .send(queryData) .expect(200) .expect((res) => { @@ -373,7 +373,7 @@ describe('workspace permissions', () => { await client .post('/graphql') - .set('Authorization', `Bearer ${MEMBER_ACCESS_TOKEN}`) + .set('Authorization', `Bearer ${APPLE_JONY_MEMBER_ACCESS_TOKEN}`) .send(queryData) .expect(200) .expect((res) => { @@ -419,7 +419,7 @@ describe('workspace permissions', () => { await client .post('/graphql') - .set('Authorization', `Bearer ${MEMBER_ACCESS_TOKEN}`) + .set('Authorization', `Bearer ${APPLE_JONY_MEMBER_ACCESS_TOKEN}`) .send(queryData) .expect(200) .expect((res) => { @@ -460,7 +460,7 @@ describe('workspace permissions', () => { await client .post('/graphql') - .set('Authorization', `Bearer ${ADMIN_ACCESS_TOKEN}`) + .set('Authorization', `Bearer ${APPLE_JANE_ADMIN_ACCESS_TOKEN}`) .send(queryData) .expect((res) => { expect(res.body.data).toBeDefined(); @@ -493,7 +493,7 @@ describe('workspace permissions', () => { await client .post('/graphql') - .set('Authorization', `Bearer ${MEMBER_ACCESS_TOKEN}`) + .set('Authorization', `Bearer ${APPLE_JONY_MEMBER_ACCESS_TOKEN}`) .send(queryData) .expect(200) .expect((res) => { diff --git a/packages/twenty-server/test/integration/graphql/suites/user.integration-spec.ts b/packages/twenty-server/test/integration/graphql/suites/user.integration-spec.ts index a1ee14569..13f35f625 100644 --- a/packages/twenty-server/test/integration/graphql/suites/user.integration-spec.ts +++ b/packages/twenty-server/test/integration/graphql/suites/user.integration-spec.ts @@ -18,7 +18,7 @@ describe('deleteUser', () => { await client .post('/graphql') - .set('Authorization', `Bearer ${ADMIN_ACCESS_TOKEN}`) + .set('Authorization', `Bearer ${APPLE_JANE_ADMIN_ACCESS_TOKEN}`) .send(query) .expect((res) => { expect(res.body.data).toBeNull(); diff --git a/packages/twenty-server/test/integration/graphql/suites/workflow/workflow-resolver.integration-spec.ts b/packages/twenty-server/test/integration/graphql/suites/workflow/workflow-resolver.integration-spec.ts index 165585f35..19bfc8c52 100644 --- a/packages/twenty-server/test/integration/graphql/suites/workflow/workflow-resolver.integration-spec.ts +++ b/packages/twenty-server/test/integration/graphql/suites/workflow/workflow-resolver.integration-spec.ts @@ -23,7 +23,7 @@ describe('workflowResolver', () => { await client .post('/graphql') - .set('Authorization', `Bearer ${ADMIN_ACCESS_TOKEN}`) + .set('Authorization', `Bearer ${APPLE_JANE_ADMIN_ACCESS_TOKEN}`) .send(queryData); }); @@ -40,7 +40,7 @@ describe('workflowResolver', () => { await client .post('/graphql') - .set('Authorization', `Bearer ${ADMIN_ACCESS_TOKEN}`) + .set('Authorization', `Bearer ${APPLE_JANE_ADMIN_ACCESS_TOKEN}`) .send(queryData); }); @@ -67,7 +67,7 @@ describe('workflowResolver', () => { const response = await client .post('/graphql') - .set('Authorization', `Bearer ${ADMIN_ACCESS_TOKEN}`) + .set('Authorization', `Bearer ${APPLE_JANE_ADMIN_ACCESS_TOKEN}`) .send(queryData); expect(response.status).toBe(200); @@ -94,7 +94,7 @@ describe('workflowResolver', () => { const deleteResponse = await client .post('/graphql') - .set('Authorization', `Bearer ${ADMIN_ACCESS_TOKEN}`) + .set('Authorization', `Bearer ${APPLE_JANE_ADMIN_ACCESS_TOKEN}`) .send(deleteQueryData); expect(deleteResponse.status).toBe(200); @@ -115,7 +115,7 @@ describe('workflowResolver', () => { const response = await client .post('/graphql') - .set('Authorization', `Bearer ${ADMIN_ACCESS_TOKEN}`) + .set('Authorization', `Bearer ${APPLE_JANE_ADMIN_ACCESS_TOKEN}`) .send(queryData); expect(response.status).toBe(200); @@ -146,7 +146,7 @@ describe('workflowResolver', () => { const workflowVersionsResponse = await client .post('/graphql') - .set('Authorization', `Bearer ${ADMIN_ACCESS_TOKEN}`) + .set('Authorization', `Bearer ${APPLE_JANE_ADMIN_ACCESS_TOKEN}`) .send(queryWorkflowVersionsData); expect(workflowVersionsResponse.status).toBe(200); @@ -172,7 +172,7 @@ describe('workflowResolver', () => { const restoreResponse = await client .post('/graphql') - .set('Authorization', `Bearer ${ADMIN_ACCESS_TOKEN}`) + .set('Authorization', `Bearer ${APPLE_JANE_ADMIN_ACCESS_TOKEN}`) .send(restoreQueryData); expect(restoreResponse.status).toBe(200); @@ -199,7 +199,7 @@ describe('workflowResolver', () => { const response = await client .post('/graphql') - .set('Authorization', `Bearer ${ADMIN_ACCESS_TOKEN}`) + .set('Authorization', `Bearer ${APPLE_JANE_ADMIN_ACCESS_TOKEN}`) .send(queryData); expect(response.status).toBe(200); diff --git a/packages/twenty-server/test/integration/graphql/utils/delete-one-role.util.ts b/packages/twenty-server/test/integration/graphql/utils/delete-one-role.util.ts index 2dbd4c844..25b14621d 100644 --- a/packages/twenty-server/test/integration/graphql/utils/delete-one-role.util.ts +++ b/packages/twenty-server/test/integration/graphql/utils/delete-one-role.util.ts @@ -5,6 +5,6 @@ export const deleteRole = async (client: any, roleId: string) => { await client .post('/graphql') - .set('Authorization', `Bearer ${ADMIN_ACCESS_TOKEN}`) + .set('Authorization', `Bearer ${APPLE_JANE_ADMIN_ACCESS_TOKEN}`) .send(deleteRoleQuery); }; diff --git a/packages/twenty-server/test/integration/graphql/utils/make-graphql-api-request-with-acme-member-role.util.ts b/packages/twenty-server/test/integration/graphql/utils/make-graphql-api-request-with-acme-member-role.util.ts new file mode 100644 index 000000000..eda495c69 --- /dev/null +++ b/packages/twenty-server/test/integration/graphql/utils/make-graphql-api-request-with-acme-member-role.util.ts @@ -0,0 +1,21 @@ +import { ASTNode, print } from 'graphql'; +import request from 'supertest'; + +type GraphqlOperation = { + query: ASTNode; + variables?: Record; +}; + +export const makeGraphqlAPIRequestWithAcmeMemberRole = ( + graphqlOperation: GraphqlOperation, +) => { + const client = request(`http://localhost:${APP_PORT}`); + + return client + .post('/graphql') + .set('Authorization', `Bearer ${ACME_JONY_MEMBER_ACCESS_TOKEN}`) + .send({ + query: print(graphqlOperation.query), + variables: graphqlOperation.variables || {}, + }); +}; diff --git a/packages/twenty-server/test/integration/graphql/utils/make-graphql-api-request-with-guest-role.util.ts b/packages/twenty-server/test/integration/graphql/utils/make-graphql-api-request-with-guest-role.util.ts index 9a5f0eeb1..1af906cfd 100644 --- a/packages/twenty-server/test/integration/graphql/utils/make-graphql-api-request-with-guest-role.util.ts +++ b/packages/twenty-server/test/integration/graphql/utils/make-graphql-api-request-with-guest-role.util.ts @@ -13,7 +13,7 @@ export const makeGraphqlAPIRequestWithGuestRole = ( return client .post('/graphql') - .set('Authorization', `Bearer ${GUEST_ACCESS_TOKEN}`) + .set('Authorization', `Bearer ${APPLE_PHIL_GUEST_ACCESS_TOKEN}`) .send({ query: print(graphqlOperation.query), variables: graphqlOperation.variables || {}, diff --git a/packages/twenty-server/test/integration/graphql/utils/make-graphql-api-request-with-member-role.util.ts b/packages/twenty-server/test/integration/graphql/utils/make-graphql-api-request-with-member-role.util.ts index 24dea5939..19cb5abc3 100644 --- a/packages/twenty-server/test/integration/graphql/utils/make-graphql-api-request-with-member-role.util.ts +++ b/packages/twenty-server/test/integration/graphql/utils/make-graphql-api-request-with-member-role.util.ts @@ -13,7 +13,7 @@ export const makeGraphqlAPIRequestWithMemberRole = ( return client .post('/graphql') - .set('Authorization', `Bearer ${MEMBER_ACCESS_TOKEN}`) + .set('Authorization', `Bearer ${APPLE_JONY_MEMBER_ACCESS_TOKEN}`) .send({ query: print(graphqlOperation.query), variables: graphqlOperation.variables || {}, diff --git a/packages/twenty-server/test/integration/graphql/utils/make-graphql-api-request.util.ts b/packages/twenty-server/test/integration/graphql/utils/make-graphql-api-request.util.ts index 2f620f748..396a9989f 100644 --- a/packages/twenty-server/test/integration/graphql/utils/make-graphql-api-request.util.ts +++ b/packages/twenty-server/test/integration/graphql/utils/make-graphql-api-request.util.ts @@ -11,7 +11,7 @@ export const makeGraphqlAPIRequest = (graphqlOperation: GraphqlOperation) => { return client .post('/graphql') - .set('Authorization', `Bearer ${ADMIN_ACCESS_TOKEN}`) + .set('Authorization', `Bearer ${APPLE_JANE_ADMIN_ACCESS_TOKEN}`) .send({ query: print(graphqlOperation.query), variables: graphqlOperation.variables || {}, diff --git a/packages/twenty-server/test/integration/graphql/utils/update-workspace-member-role.util.ts b/packages/twenty-server/test/integration/graphql/utils/update-workspace-member-role.util.ts index aa1652c1d..c12a51716 100644 --- a/packages/twenty-server/test/integration/graphql/utils/update-workspace-member-role.util.ts +++ b/packages/twenty-server/test/integration/graphql/utils/update-workspace-member-role.util.ts @@ -26,6 +26,6 @@ export const updateWorkspaceMemberRole = async ({ await client .post('/graphql') - .set('Authorization', `Bearer ${ADMIN_ACCESS_TOKEN}`) + .set('Authorization', `Bearer ${APPLE_JANE_ADMIN_ACCESS_TOKEN}`) .send(updateMemberRoleQuery); }; diff --git a/packages/twenty-server/test/integration/metadata/suites/object-metadata/__snapshots__/failing-update-one-object-metadata.integration-spec.ts.snap b/packages/twenty-server/test/integration/metadata/suites/object-metadata/__snapshots__/failing-update-one-object-metadata.integration-spec.ts.snap index 8315d047f..93acdff07 100644 --- a/packages/twenty-server/test/integration/metadata/suites/object-metadata/__snapshots__/failing-update-one-object-metadata.integration-spec.ts.snap +++ b/packages/twenty-server/test/integration/metadata/suites/object-metadata/__snapshots__/failing-update-one-object-metadata.integration-spec.ts.snap @@ -5,6 +5,7 @@ exports[`Object metadata update should fail when labelIdentifier is not a TEXT o { "extensions": { "code": "BAD_USER_INPUT", + "subCode": "INVALID_OBJECT_INPUT", "userFriendlyMessage": "An error occurred.", }, "message": "labelIdentifierFieldMetadataId validation failed: it must be a TEXT or FULL_NAME field metadata type id", @@ -18,6 +19,7 @@ exports[`Object metadata update should fail when labelIdentifier is not a known { "extensions": { "code": "BAD_USER_INPUT", + "subCode": "INVALID_OBJECT_INPUT", "userFriendlyMessage": "An error occurred.", }, "message": "labelIdentifierFieldMetadataId validation failed: related field metadata not found", diff --git a/packages/twenty-server/test/integration/metadata/suites/utils/make-metadata-api-request-with-member-role.util.ts b/packages/twenty-server/test/integration/metadata/suites/utils/make-metadata-api-request-with-member-role.util.ts index 79dfa3d37..a8fbee56f 100644 --- a/packages/twenty-server/test/integration/metadata/suites/utils/make-metadata-api-request-with-member-role.util.ts +++ b/packages/twenty-server/test/integration/metadata/suites/utils/make-metadata-api-request-with-member-role.util.ts @@ -13,7 +13,7 @@ export const makeMetadataAPIRequestWithMemberRole = ( return client .post('/metadata') - .set('Authorization', `Bearer ${MEMBER_ACCESS_TOKEN}`) + .set('Authorization', `Bearer ${APPLE_JONY_MEMBER_ACCESS_TOKEN}`) .send({ query: print(graphqlOperation.query), variables: graphqlOperation.variables || {}, diff --git a/packages/twenty-server/test/integration/metadata/suites/utils/make-metadata-api-request.util.ts b/packages/twenty-server/test/integration/metadata/suites/utils/make-metadata-api-request.util.ts index bb0582dd8..0c5770721 100644 --- a/packages/twenty-server/test/integration/metadata/suites/utils/make-metadata-api-request.util.ts +++ b/packages/twenty-server/test/integration/metadata/suites/utils/make-metadata-api-request.util.ts @@ -11,7 +11,7 @@ export const makeMetadataAPIRequest = (graphqlOperation: GraphqlOperation) => { return client .post('/metadata') - .set('Authorization', `Bearer ${ADMIN_ACCESS_TOKEN}`) + .set('Authorization', `Bearer ${APPLE_JANE_ADMIN_ACCESS_TOKEN}`) .send({ query: print(graphqlOperation.query), variables: graphqlOperation.variables || {}, diff --git a/packages/twenty-server/test/integration/rest/suites/rest-api-core-create-many.integration-spec.ts b/packages/twenty-server/test/integration/rest/suites/rest-api-core-create-many.integration-spec.ts index b20cbcd9e..3e87cbee4 100644 --- a/packages/twenty-server/test/integration/rest/suites/rest-api-core-create-many.integration-spec.ts +++ b/packages/twenty-server/test/integration/rest/suites/rest-api-core-create-many.integration-spec.ts @@ -102,7 +102,7 @@ describe('Core REST API Create Many endpoint', () => { method: 'post', path: `/batch/people`, body: requestBody, - bearer: ADMIN_ACCESS_TOKEN, + bearer: APPLE_JANE_ADMIN_ACCESS_TOKEN, }) .expect(201) .expect((res) => { diff --git a/packages/twenty-server/test/integration/rest/suites/rest-api-core-create-one.integration-spec.ts b/packages/twenty-server/test/integration/rest/suites/rest-api-core-create-one.integration-spec.ts index 6ba09bd05..b08c890ce 100644 --- a/packages/twenty-server/test/integration/rest/suites/rest-api-core-create-one.integration-spec.ts +++ b/packages/twenty-server/test/integration/rest/suites/rest-api-core-create-one.integration-spec.ts @@ -87,7 +87,7 @@ describe('Core REST API Create One endpoint', () => { method: 'post', path: `/people`, body: requestBody, - bearer: ADMIN_ACCESS_TOKEN, + bearer: APPLE_JANE_ADMIN_ACCESS_TOKEN, }) .expect(201) .expect((res) => { diff --git a/packages/twenty-server/test/integration/twenty-config/utils/make-admin-panel-api-request.util.ts b/packages/twenty-server/test/integration/twenty-config/utils/make-admin-panel-api-request.util.ts index 809b28a72..490516b01 100644 --- a/packages/twenty-server/test/integration/twenty-config/utils/make-admin-panel-api-request.util.ts +++ b/packages/twenty-server/test/integration/twenty-config/utils/make-admin-panel-api-request.util.ts @@ -1,7 +1,7 @@ import { ASTNode, print } from 'graphql'; import request from 'supertest'; -/* global APP_PORT, ADMIN_ACCESS_TOKEN */ +/* global APP_PORT, APPLE_JANE_ADMIN_ACCESS_TOKEN */ type GraphqlOperation = { query: ASTNode; @@ -15,7 +15,7 @@ export const makeAdminPanelAPIRequest = ( return client .post('/graphql') - .set('Authorization', `Bearer ${ADMIN_ACCESS_TOKEN}`) + .set('Authorization', `Bearer ${APPLE_JANE_ADMIN_ACCESS_TOKEN}`) .send({ query: print(graphqlOperation.query), variables: graphqlOperation.variables || {},