diff --git a/packages/twenty-server/src/database/typeorm/metadata/migrations/1742232505943-generatePermissionsV2Tables.ts b/packages/twenty-server/src/database/typeorm/metadata/migrations/1742232505943-generatePermissionsV2Tables.ts new file mode 100644 index 000000000..ce050fa10 --- /dev/null +++ b/packages/twenty-server/src/database/typeorm/metadata/migrations/1742232505943-generatePermissionsV2Tables.ts @@ -0,0 +1,39 @@ +import { MigrationInterface, QueryRunner } from 'typeorm'; + +export class GeneratePermissionsV2Tables1742232505943 + implements MigrationInterface +{ + name = 'GeneratePermissionsV2Tables1742232505943'; + + public async up(queryRunner: QueryRunner): Promise { + await queryRunner.query( + `CREATE TABLE "metadata"."objectPermissions" ("id" uuid NOT NULL DEFAULT uuid_generate_v4(), "roleId" uuid NOT NULL, "objectMetadataId" uuid NOT NULL, "canReadObjectRecords" boolean, "canUpdateObjectRecords" boolean, "canSoftDeleteObjectRecords" boolean, "canDestroyObjectRecords" boolean, "workspaceId" uuid NOT NULL, "createdAt" TIMESTAMP WITH TIME ZONE NOT NULL DEFAULT now(), "updatedAt" TIMESTAMP WITH TIME ZONE NOT NULL DEFAULT now(), CONSTRAINT "IndexOnObjectPermissionsUnique" UNIQUE ("objectMetadataId", "roleId"), CONSTRAINT "PK_ea2c5c9a2dfa3d674da8b1350cd" PRIMARY KEY ("id"))`, + ); + await queryRunner.query( + `CREATE TABLE "metadata"."settingsPermissions" ("id" uuid NOT NULL DEFAULT uuid_generate_v4(), "roleId" uuid NOT NULL, "setting" character varying NOT NULL, "canUpdateSetting" boolean, "workspaceId" uuid NOT NULL, "createdAt" TIMESTAMP WITH TIME ZONE NOT NULL DEFAULT now(), "updatedAt" TIMESTAMP WITH TIME ZONE NOT NULL DEFAULT now(), CONSTRAINT "IndexOnSettingsPermissionsUnique" UNIQUE ("setting", "roleId"), CONSTRAINT "PK_44f120f1e527e62efa3fec8a846" PRIMARY KEY ("id"))`, + ); + await queryRunner.query( + `ALTER TABLE "metadata"."objectPermissions" ADD CONSTRAINT "FK_770297c03e386df4c9fa4986ee1" FOREIGN KEY ("roleId") REFERENCES "metadata"."role"("id") ON DELETE CASCADE ON UPDATE NO ACTION`, + ); + await queryRunner.query( + `ALTER TABLE "metadata"."objectPermissions" ADD CONSTRAINT "FK_ddad09b4fdf32c88283ae815074" FOREIGN KEY ("objectMetadataId") REFERENCES "metadata"."objectMetadata"("id") ON DELETE CASCADE ON UPDATE NO ACTION`, + ); + await queryRunner.query( + `ALTER TABLE "metadata"."settingsPermissions" ADD CONSTRAINT "FK_712bf97e56c4040026dd887ed4a" FOREIGN KEY ("roleId") REFERENCES "metadata"."role"("id") ON DELETE CASCADE ON UPDATE NO ACTION`, + ); + } + + public async down(queryRunner: QueryRunner): Promise { + await queryRunner.query( + `ALTER TABLE "metadata"."settingsPermissions" DROP CONSTRAINT "FK_712bf97e56c4040026dd887ed4a"`, + ); + await queryRunner.query( + `ALTER TABLE "metadata"."objectPermissions" DROP CONSTRAINT "FK_ddad09b4fdf32c88283ae815074"`, + ); + await queryRunner.query( + `ALTER TABLE "metadata"."objectPermissions" DROP CONSTRAINT "FK_770297c03e386df4c9fa4986ee1"`, + ); + await queryRunner.query(`DROP TABLE "metadata"."settingsPermissions"`); + await queryRunner.query(`DROP TABLE "metadata"."objectPermissions"`); + } +} diff --git a/packages/twenty-server/src/engine/metadata-modules/object-metadata/object-metadata.entity.ts b/packages/twenty-server/src/engine/metadata-modules/object-metadata/object-metadata.entity.ts index f55990b96..1b660c0e1 100644 --- a/packages/twenty-server/src/engine/metadata-modules/object-metadata/object-metadata.entity.ts +++ b/packages/twenty-server/src/engine/metadata-modules/object-metadata/object-metadata.entity.ts @@ -16,6 +16,7 @@ import { WorkspaceEntityDuplicateCriteria } from 'src/engine/api/graphql/workspa import { DataSourceEntity } from 'src/engine/metadata-modules/data-source/data-source.entity'; import { FieldMetadataEntity } from 'src/engine/metadata-modules/field-metadata/field-metadata.entity'; import { IndexMetadataEntity } from 'src/engine/metadata-modules/index-metadata/index-metadata.entity'; +import { ObjectPermissionsEntity } from 'src/engine/metadata-modules/object-permissions/object-permissions.entity'; import { RelationMetadataEntity } from 'src/engine/metadata-modules/relation-metadata/relation-metadata.entity'; @Entity('objectMetadata') @@ -135,4 +136,11 @@ export class ObjectMetadataEntity implements ObjectMetadataInterface { @UpdateDateColumn({ type: 'timestamptz' }) updatedAt: Date; + + @OneToMany( + () => ObjectPermissionsEntity, + (objectPermissions: ObjectPermissionsEntity) => + objectPermissions.objectMetadata, + ) + objectPermissions: Relation; } diff --git a/packages/twenty-server/src/engine/metadata-modules/object-permissions/object-permissions.entity.ts b/packages/twenty-server/src/engine/metadata-modules/object-permissions/object-permissions.entity.ts new file mode 100644 index 000000000..f5771a58d --- /dev/null +++ b/packages/twenty-server/src/engine/metadata-modules/object-permissions/object-permissions.entity.ts @@ -0,0 +1,64 @@ +import { + Column, + CreateDateColumn, + Entity, + JoinColumn, + ManyToOne, + PrimaryGeneratedColumn, + Relation, + Unique, + UpdateDateColumn, +} from 'typeorm'; + +import { ObjectMetadataEntity } from 'src/engine/metadata-modules/object-metadata/object-metadata.entity'; +import { RoleEntity } from 'src/engine/metadata-modules/role/role.entity'; + +@Entity('objectPermissions') +@Unique('IndexOnObjectPermissionsUnique', ['objectMetadataId', 'roleId']) +export class ObjectPermissionsEntity { + @PrimaryGeneratedColumn('uuid') + id: string; + + @Column({ nullable: false, type: 'uuid' }) + roleId: string; + + @ManyToOne(() => RoleEntity, (role) => role.objectPermissions, { + onDelete: 'CASCADE', + }) + @JoinColumn({ name: 'roleId' }) + role: Relation; + + @Column({ nullable: false, type: 'uuid' }) + objectMetadataId: string; + + @ManyToOne( + () => ObjectMetadataEntity, + (objectMetadata) => objectMetadata.objectPermissions, + { + onDelete: 'CASCADE', + }, + ) + @JoinColumn({ name: 'objectMetadataId' }) + objectMetadata: Relation; + + @Column({ nullable: true, type: 'boolean' }) + canReadObjectRecords?: boolean; + + @Column({ nullable: true, type: 'boolean' }) + canUpdateObjectRecords?: boolean; + + @Column({ nullable: true, type: 'boolean' }) + canSoftDeleteObjectRecords?: boolean; + + @Column({ nullable: true, type: 'boolean' }) + canDestroyObjectRecords?: boolean; + + @Column({ nullable: false, type: 'uuid' }) + workspaceId: string; + + @CreateDateColumn({ type: 'timestamptz' }) + createdAt: Date; + + @UpdateDateColumn({ type: 'timestamptz' }) + updatedAt: Date; +} diff --git a/packages/twenty-server/src/engine/metadata-modules/role/role.entity.ts b/packages/twenty-server/src/engine/metadata-modules/role/role.entity.ts index 9cc6d1eca..5b7fa4cc0 100644 --- a/packages/twenty-server/src/engine/metadata-modules/role/role.entity.ts +++ b/packages/twenty-server/src/engine/metadata-modules/role/role.entity.ts @@ -8,7 +8,9 @@ import { UpdateDateColumn, } from 'typeorm'; +import { ObjectPermissionsEntity } from 'src/engine/metadata-modules/object-permissions/object-permissions.entity'; import { UserWorkspaceRoleEntity } from 'src/engine/metadata-modules/role/user-workspace-role.entity'; +import { SettingsPermissionsEntity } from 'src/engine/metadata-modules/settings-permissions/settings-permissions.entity'; @Entity('role') export class RoleEntity { @@ -56,4 +58,17 @@ export class RoleEntity { (userWorkspaceRole: UserWorkspaceRoleEntity) => userWorkspaceRole.role, ) userWorkspaceRoles: Relation; + + @OneToMany( + () => ObjectPermissionsEntity, + (objectPermissions: ObjectPermissionsEntity) => objectPermissions.role, + ) + objectPermissions: Relation; + + @OneToMany( + () => SettingsPermissionsEntity, + (settingsPermissions: SettingsPermissionsEntity) => + settingsPermissions.role, + ) + settingsPermissions: Relation; } diff --git a/packages/twenty-server/src/engine/metadata-modules/settings-permissions/settings-permissions.entity.ts b/packages/twenty-server/src/engine/metadata-modules/settings-permissions/settings-permissions.entity.ts new file mode 100644 index 000000000..bc4af1916 --- /dev/null +++ b/packages/twenty-server/src/engine/metadata-modules/settings-permissions/settings-permissions.entity.ts @@ -0,0 +1,45 @@ +import { + Column, + CreateDateColumn, + Entity, + JoinColumn, + ManyToOne, + PrimaryGeneratedColumn, + Relation, + Unique, + UpdateDateColumn, +} from 'typeorm'; + +import { SettingsPermissions } from 'src/engine/metadata-modules/permissions/constants/settings-permissions.constants'; +import { RoleEntity } from 'src/engine/metadata-modules/role/role.entity'; + +@Entity('settingsPermissions') +@Unique('IndexOnSettingsPermissionsUnique', ['setting', 'roleId']) +export class SettingsPermissionsEntity { + @PrimaryGeneratedColumn('uuid') + id: string; + + @Column({ nullable: false, type: 'uuid' }) + roleId: string; + + @ManyToOne(() => RoleEntity, (role) => role.settingsPermissions, { + onDelete: 'CASCADE', + }) + @JoinColumn({ name: 'roleId' }) + role: Relation; + + @Column({ nullable: false, type: 'varchar' }) + setting: SettingsPermissions; + + @Column({ nullable: true, type: 'boolean' }) + canUpdateSetting?: boolean; + + @Column({ nullable: false, type: 'uuid' }) + workspaceId: string; + + @CreateDateColumn({ type: 'timestamptz' }) + createdAt: Date; + + @UpdateDateColumn({ type: 'timestamptz' }) + updatedAt: Date; +}