Handle restricted objects #1 refactor permissions map + return object permissions from gql (#12313)

## Context - Introduced objectPermissions in currentUserWorkspace which uses role permissions from cache so we can fetch granular permissions from the API - Refactored cached role permissions to map permissions with object metadata id instead of object metadata name singular to be more flexible New Cache <img width="574" alt="Screenshot 2025-05-27 at 11 59 06" src="https://github.com/user-attachments/assets/1a090134-1b8a-4681-a630-29f1472178bd" /> GQL <img width="977" alt="Screenshot 2025-05-27 at 11 58 53" src="https://github.com/user-attachments/assets/3b9a82b0-6019-4a25-a6e2-a9e0fb4bb8a0" /> Next steps: Use the updated API in the FE to fetch granular permissions and update useHasObjectReadOnlyPermission hook
2025-05-27 17:42:26 +02:00
parent 651ad38e79
commit 8051646567
14 changed files with 143 additions and 93 deletions
--- a/packages/twenty-front/src/modules/settings/roles/graphql/fragments/objectPermissionFragment.ts
+++ b/packages/twenty-front/src/modules/settings/roles/graphql/fragments/objectPermissionFragment.ts
@ -2,9 +2,7 @@ import { gql } from '@apollo/client';

 export const OBJECT_PERMISSION_FRAGMENT = gql`
  fragment ObjectPermissionFragment on ObjectPermission {
-    id
    objectMetadataId
-    roleId
    canReadObjectRecords
    canUpdateObjectRecords
    canSoftDeleteObjectRecords
--- a/packages/twenty-front/src/modules/settings/roles/role-permissions/object-level-permissions/components/SettingsRolePermissionsObjectLevelOverrideCell.tsx
+++ b/packages/twenty-front/src/modules/settings/roles/role-permissions/object-level-permissions/components/SettingsRolePermissionsObjectLevelOverrideCell.tsx
@ -36,15 +36,17 @@ const StyledSettingsRolePermissionsObjectLevelOverrideCell = styled.div`

 type SettingsRolePermissionsObjectLevelOverrideCellProps = {
  objectPermission: ObjectPermission;
+  roleId: string;
 };

 export const SettingsRolePermissionsObjectLevelOverrideCell = ({
  objectPermission,
+  roleId,
 }: SettingsRolePermissionsObjectLevelOverrideCellProps) => {
  const theme = useTheme();

  const settingsDraftRole = useRecoilValue(
-    settingsDraftRoleFamilyState(objectPermission.roleId),
+    settingsDraftRoleFamilyState(roleId),
  );

  const permissionMappings =
--- a/packages/twenty-front/src/modules/settings/roles/role-permissions/object-level-permissions/components/SettingsRolePermissionsObjectLevelSection.tsx
+++ b/packages/twenty-front/src/modules/settings/roles/role-permissions/object-level-permissions/components/SettingsRolePermissionsObjectLevelSection.tsx
@ -15,7 +15,6 @@ import { isDefined } from 'twenty-shared/utils';
 import { H2Title, IconPlus } from 'twenty-ui/display';
 import { Button } from 'twenty-ui/input';
 import { Section } from 'twenty-ui/layout';
-import { v4 } from 'uuid';
 import { useNavigateSettings } from '~/hooks/useNavigateSettings';

 const StyledCreateObjectOverrideSection = styled(Section)`
@ -81,11 +80,9 @@ export const SettingsRolePermissionsObjectLevelSection = ({
      ...draftRole,
      objectPermissions: [
        ...(draftRole.objectPermissions ?? []).filter(
-          (permission) =>
-            permission.objectMetadataId !== objectMetadataId ||
-            permission.roleId !== roleId,
+          (permission) => permission.objectMetadataId !== objectMetadataId,
        ),
-        { objectMetadataId, roleId, id: v4() },
+        { objectMetadataId, roleId },
      ],
    }));
    navigate(SettingsPath.RoleObjectLevel, {
@ -107,11 +104,12 @@ export const SettingsRolePermissionsObjectLevelSection = ({
          filteredObjectPermissions?.length > 0 ? (
            filteredObjectPermissions?.map((objectPermission) => (
              <SettingsRolePermissionsObjectLevelTableRow
-                key={objectPermission.id}
+                key={objectPermission.objectMetadataId}
                objectPermission={objectPermission}
                objectMetadataItem={
                  objectMetadataMap[objectPermission.objectMetadataId]
                }
+                roleId={roleId}
              />
            ))
          ) : (
--- a/packages/twenty-front/src/modules/settings/roles/role-permissions/object-level-permissions/components/SettingsRolePermissionsObjectLevelTableRow.tsx
+++ b/packages/twenty-front/src/modules/settings/roles/role-permissions/object-level-permissions/components/SettingsRolePermissionsObjectLevelTableRow.tsx
@ -27,11 +27,13 @@ const StyledNameLabel = styled.div`
 type SettingsRolePermissionsObjectLevelTableRowProps = {
  objectPermission: ObjectPermission;
  objectMetadataItem: ObjectMetadataItem;
+  roleId: string;
 };

 export const SettingsRolePermissionsObjectLevelTableRow = ({
  objectPermission,
  objectMetadataItem,
+  roleId,
 }: SettingsRolePermissionsObjectLevelTableRowProps) => {
  const { getIcon } = useIcons();
  const theme = useTheme();
@ -45,7 +47,7 @@ export const SettingsRolePermissionsObjectLevelTableRow = ({
  return (
    <TableRow
      to={getSettingsPath(SettingsPath.RoleObjectLevel, {
-        roleId: objectPermission.roleId,
+        roleId: roleId,
        objectMetadataId: objectPermission.objectMetadataId,
      })}
      gridAutoColumns="180px 1fr 1fr"
@ -65,6 +67,7 @@ export const SettingsRolePermissionsObjectLevelTableRow = ({
      <TableCell>
        <SettingsRolePermissionsObjectLevelOverrideCell
          objectPermission={objectPermission}
+          roleId={roleId}
        />
      </TableCell>
      <TableCell align={'right'}>