Fix emailThread not loading and rest batch api forbidden
This commit is contained in:
Charles Bochet
@ -4,10 +4,11 @@ import { Request, Response } from 'express';
|
||||
|
||||
import { RestApiCoreService } from 'src/engine/api/rest/core/rest-api-core.service';
|
||||
import { cleanGraphQLResponse } from 'src/engine/api/rest/utils/clean-graphql-response.utils';
|
||||
import { JwtAuthGuard } from 'src/engine/guards/jwt-auth.guard';
|
||||
import { WorkspaceAuthGuard } from 'src/engine/guards/workspace-auth.guard';
|
||||
|
||||
@Controller('rest/batch/*')
|
||||
@UseGuards(WorkspaceAuthGuard)
|
||||
@UseGuards(JwtAuthGuard, WorkspaceAuthGuard)
|
||||
export class RestApiCoreBatchController {
|
||||
constructor(private readonly restApiCoreService: RestApiCoreService) {}
|
||||
|
||||
|
||||
@ -115,8 +115,12 @@ export class AuthResolver {
|
||||
@UseGuards(WorkspaceAuthGuard, UserAuthGuard)
|
||||
async generateTransientToken(
|
||||
@AuthUser() user: User,
|
||||
@AuthWorkspace() workspace: Workspace,
|
||||
): Promise<TransientToken | void> {
|
||||
const workspaceMember = await this.userService.loadWorkspaceMember(user);
|
||||
const workspaceMember = await this.userService.loadWorkspaceMember(
|
||||
user,
|
||||
workspace,
|
||||
);
|
||||
|
||||
if (!workspaceMember) {
|
||||
return;
|
||||
|
||||
@ -32,12 +32,12 @@ import { UserExists } from 'src/engine/core-modules/auth/dto/user-exists.entity'
|
||||
import { Verify } from 'src/engine/core-modules/auth/dto/verify.entity';
|
||||
import { WorkspaceInviteHashValid } from 'src/engine/core-modules/auth/dto/workspace-invite-hash-valid.entity';
|
||||
import { SignInUpService } from 'src/engine/core-modules/auth/services/sign-in-up.service';
|
||||
import { EmailService } from 'src/engine/core-modules/email/email.service';
|
||||
import { EnvironmentService } from 'src/engine/core-modules/environment/environment.service';
|
||||
import { WorkspaceMember } from 'src/engine/core-modules/user/dtos/workspace-member.dto';
|
||||
import { UserService } from 'src/engine/core-modules/user/services/user.service';
|
||||
import { User } from 'src/engine/core-modules/user/user.entity';
|
||||
import { Workspace } from 'src/engine/core-modules/workspace/workspace.entity';
|
||||
import { EmailService } from 'src/engine/core-modules/email/email.service';
|
||||
import { EnvironmentService } from 'src/engine/core-modules/environment/environment.service';
|
||||
|
||||
import { TokenService } from './token.service';
|
||||
|
||||
@ -150,7 +150,10 @@ export class AuthService {
|
||||
|
||||
// passwordHash is hidden for security reasons
|
||||
user.passwordHash = '';
|
||||
const workspaceMember = await this.userService.loadWorkspaceMember(user);
|
||||
const workspaceMember = await this.userService.loadWorkspaceMember(
|
||||
user,
|
||||
user.defaultWorkspace,
|
||||
);
|
||||
|
||||
if (workspaceMember) {
|
||||
user.workspaceMember = workspaceMember as WorkspaceMember;
|
||||
|
||||
@ -9,7 +9,9 @@ import { TimelineThreadsWithTotal } from 'src/engine/core-modules/messaging/dtos
|
||||
import { GetMessagesService } from 'src/engine/core-modules/messaging/services/get-messages.service';
|
||||
import { UserService } from 'src/engine/core-modules/user/services/user.service';
|
||||
import { User } from 'src/engine/core-modules/user/user.entity';
|
||||
import { Workspace } from 'src/engine/core-modules/workspace/workspace.entity';
|
||||
import { AuthUser } from 'src/engine/decorators/auth/auth-user.decorator';
|
||||
import { AuthWorkspace } from 'src/engine/decorators/auth/auth-workspace.decorator';
|
||||
import { UserAuthGuard } from 'src/engine/guards/user-auth.guard';
|
||||
import { WorkspaceAuthGuard } from 'src/engine/guards/workspace-auth.guard';
|
||||
|
||||
@ -50,9 +52,13 @@ export class TimelineMessagingResolver {
|
||||
@Query(() => TimelineThreadsWithTotal)
|
||||
async getTimelineThreadsFromPersonId(
|
||||
@AuthUser() user: User,
|
||||
@AuthWorkspace() workspace: Workspace,
|
||||
@Args() { personId, page, pageSize }: GetTimelineThreadsFromPersonIdArgs,
|
||||
) {
|
||||
const workspaceMember = await this.userService.loadWorkspaceMember(user);
|
||||
const workspaceMember = await this.userService.loadWorkspaceMember(
|
||||
user,
|
||||
workspace,
|
||||
);
|
||||
|
||||
if (!workspaceMember) {
|
||||
return;
|
||||
@ -72,9 +78,13 @@ export class TimelineMessagingResolver {
|
||||
@Query(() => TimelineThreadsWithTotal)
|
||||
async getTimelineThreadsFromCompanyId(
|
||||
@AuthUser() user: User,
|
||||
@AuthWorkspace() workspace: Workspace,
|
||||
@Args() { companyId, page, pageSize }: GetTimelineThreadsFromCompanyIdArgs,
|
||||
) {
|
||||
const workspaceMember = await this.userService.loadWorkspaceMember(user);
|
||||
const workspaceMember = await this.userService.loadWorkspaceMember(
|
||||
user,
|
||||
workspace,
|
||||
);
|
||||
|
||||
if (!workspaceMember) {
|
||||
return;
|
||||
|
||||
@ -6,13 +6,13 @@ import { TypeOrmQueryService } from '@ptc-org/nestjs-query-typeorm';
|
||||
import { Repository } from 'typeorm';
|
||||
|
||||
import { TypeORMService } from 'src/database/typeorm/typeorm.service';
|
||||
import { ObjectRecordDeleteEvent } from 'src/engine/core-modules/event-emitter/types/object-record-delete.event';
|
||||
import { User } from 'src/engine/core-modules/user/user.entity';
|
||||
import { WorkspaceService } from 'src/engine/core-modules/workspace/services/workspace.service';
|
||||
import {
|
||||
Workspace,
|
||||
WorkspaceActivationStatus,
|
||||
} from 'src/engine/core-modules/workspace/workspace.entity';
|
||||
import { ObjectRecordDeleteEvent } from 'src/engine/core-modules/event-emitter/types/object-record-delete.event';
|
||||
import { DataSourceService } from 'src/engine/metadata-modules/data-source/data-source.service';
|
||||
import { TwentyORMGlobalManager } from 'src/engine/twenty-orm/twenty-orm-global.manager';
|
||||
import { WorkspaceEventEmitter } from 'src/engine/workspace-event-emitter/workspace-event-emitter';
|
||||
@ -32,17 +32,14 @@ export class UserService extends TypeOrmQueryService<User> {
|
||||
super(userRepository);
|
||||
}
|
||||
|
||||
async loadWorkspaceMember(user: User) {
|
||||
if (
|
||||
user.defaultWorkspace.activationStatus !==
|
||||
WorkspaceActivationStatus.ACTIVE
|
||||
) {
|
||||
async loadWorkspaceMember(user: User, workspace: Workspace) {
|
||||
if (workspace?.activationStatus !== WorkspaceActivationStatus.ACTIVE) {
|
||||
return null;
|
||||
}
|
||||
|
||||
const workspaceMemberRepository =
|
||||
await this.twentyORMGlobalManager.getRepositoryForWorkspace<WorkspaceMemberWorkspaceEntity>(
|
||||
user.defaultWorkspaceId,
|
||||
workspace.id,
|
||||
'workspaceMember',
|
||||
);
|
||||
|
||||
|
||||
@ -97,8 +97,14 @@ export class UserResolver {
|
||||
@ResolveField(() => WorkspaceMember, {
|
||||
nullable: true,
|
||||
})
|
||||
async workspaceMember(@Parent() user: User): Promise<WorkspaceMember | null> {
|
||||
const workspaceMember = await this.userService.loadWorkspaceMember(user);
|
||||
async workspaceMember(
|
||||
@Parent() user: User,
|
||||
@AuthWorkspace() workspace: Workspace,
|
||||
): Promise<WorkspaceMember | null> {
|
||||
const workspaceMember = await this.userService.loadWorkspaceMember(
|
||||
user,
|
||||
workspace,
|
||||
);
|
||||
|
||||
if (workspaceMember && workspaceMember.avatarUrl) {
|
||||
const avatarUrlToken = await this.fileService.encodeFileToken({
|
||||
|
||||
Reference in New Issue
Block a user