Create objectPermissions and settingsPermissions tables (#10962)

Closes https://github.com/twentyhq/core-team-issues/issues/594
2025-03-18 10:45:31 +01:00
parent ecf24eb518
commit aa6fd90424
5 changed files with 171 additions and 0 deletions
--- a/packages/twenty-server/src/engine/metadata-modules/object-metadata/object-metadata.entity.ts
+++ b/packages/twenty-server/src/engine/metadata-modules/object-metadata/object-metadata.entity.ts
@ -16,6 +16,7 @@ import { WorkspaceEntityDuplicateCriteria } from 'src/engine/api/graphql/workspa
 import { DataSourceEntity } from 'src/engine/metadata-modules/data-source/data-source.entity';
 import { FieldMetadataEntity } from 'src/engine/metadata-modules/field-metadata/field-metadata.entity';
 import { IndexMetadataEntity } from 'src/engine/metadata-modules/index-metadata/index-metadata.entity';
+import { ObjectPermissionsEntity } from 'src/engine/metadata-modules/object-permissions/object-permissions.entity';
 import { RelationMetadataEntity } from 'src/engine/metadata-modules/relation-metadata/relation-metadata.entity';

@Entity('objectMetadata')
@ -135,4 +136,11 @@ export class ObjectMetadataEntity implements ObjectMetadataInterface {

  @UpdateDateColumn({ type: 'timestamptz' })
  updatedAt: Date;
+
+  @OneToMany(
+    () => ObjectPermissionsEntity,
+    (objectPermissions: ObjectPermissionsEntity) =>
+      objectPermissions.objectMetadata,
+  )
+  objectPermissions: Relation<ObjectPermissionsEntity[]>;
 }
--- a/packages/twenty-server/src/engine/metadata-modules/object-permissions/object-permissions.entity.ts
+++ b/packages/twenty-server/src/engine/metadata-modules/object-permissions/object-permissions.entity.ts
@ -0,0 +1,64 @@
+import {
+  Column,
+  CreateDateColumn,
+  Entity,
+  JoinColumn,
+  ManyToOne,
+  PrimaryGeneratedColumn,
+  Relation,
+  Unique,
+  UpdateDateColumn,
+} from 'typeorm';
+
+import { ObjectMetadataEntity } from 'src/engine/metadata-modules/object-metadata/object-metadata.entity';
+import { RoleEntity } from 'src/engine/metadata-modules/role/role.entity';
+
+@Entity('objectPermissions')
+@Unique('IndexOnObjectPermissionsUnique', ['objectMetadataId', 'roleId'])
+export class ObjectPermissionsEntity {
+  @PrimaryGeneratedColumn('uuid')
+  id: string;
+
+  @Column({ nullable: false, type: 'uuid' })
+  roleId: string;
+
+  @ManyToOne(() => RoleEntity, (role) => role.objectPermissions, {
+    onDelete: 'CASCADE',
+  })
+  @JoinColumn({ name: 'roleId' })
+  role: Relation<RoleEntity>;
+
+  @Column({ nullable: false, type: 'uuid' })
+  objectMetadataId: string;
+
+  @ManyToOne(
+    () => ObjectMetadataEntity,
+    (objectMetadata) => objectMetadata.objectPermissions,
+    {
+      onDelete: 'CASCADE',
+    },
+  )
+  @JoinColumn({ name: 'objectMetadataId' })
+  objectMetadata: Relation<ObjectMetadataEntity>;
+
+  @Column({ nullable: true, type: 'boolean' })
+  canReadObjectRecords?: boolean;
+
+  @Column({ nullable: true, type: 'boolean' })
+  canUpdateObjectRecords?: boolean;
+
+  @Column({ nullable: true, type: 'boolean' })
+  canSoftDeleteObjectRecords?: boolean;
+
+  @Column({ nullable: true, type: 'boolean' })
+  canDestroyObjectRecords?: boolean;
+
+  @Column({ nullable: false, type: 'uuid' })
+  workspaceId: string;
+
+  @CreateDateColumn({ type: 'timestamptz' })
+  createdAt: Date;
+
+  @UpdateDateColumn({ type: 'timestamptz' })
+  updatedAt: Date;
+}
--- a/packages/twenty-server/src/engine/metadata-modules/role/role.entity.ts
+++ b/packages/twenty-server/src/engine/metadata-modules/role/role.entity.ts
@ -8,7 +8,9 @@ import {
  UpdateDateColumn,
 } from 'typeorm';

+import { ObjectPermissionsEntity } from 'src/engine/metadata-modules/object-permissions/object-permissions.entity';
 import { UserWorkspaceRoleEntity } from 'src/engine/metadata-modules/role/user-workspace-role.entity';
+import { SettingsPermissionsEntity } from 'src/engine/metadata-modules/settings-permissions/settings-permissions.entity';

@Entity('role')
 export class RoleEntity {
@ -56,4 +58,17 @@ export class RoleEntity {
    (userWorkspaceRole: UserWorkspaceRoleEntity) => userWorkspaceRole.role,
  )
  userWorkspaceRoles: Relation<UserWorkspaceRoleEntity[]>;
+
+  @OneToMany(
+    () => ObjectPermissionsEntity,
+    (objectPermissions: ObjectPermissionsEntity) => objectPermissions.role,
+  )
+  objectPermissions: Relation<ObjectPermissionsEntity[]>;
+
+  @OneToMany(
+    () => SettingsPermissionsEntity,
+    (settingsPermissions: SettingsPermissionsEntity) =>
+      settingsPermissions.role,
+  )
+  settingsPermissions: Relation<SettingsPermissionsEntity[]>;
 }
--- a/packages/twenty-server/src/engine/metadata-modules/settings-permissions/settings-permissions.entity.ts
+++ b/packages/twenty-server/src/engine/metadata-modules/settings-permissions/settings-permissions.entity.ts
@ -0,0 +1,45 @@
+import {
+  Column,
+  CreateDateColumn,
+  Entity,
+  JoinColumn,
+  ManyToOne,
+  PrimaryGeneratedColumn,
+  Relation,
+  Unique,
+  UpdateDateColumn,
+} from 'typeorm';
+
+import { SettingsPermissions } from 'src/engine/metadata-modules/permissions/constants/settings-permissions.constants';
+import { RoleEntity } from 'src/engine/metadata-modules/role/role.entity';
+
+@Entity('settingsPermissions')
+@Unique('IndexOnSettingsPermissionsUnique', ['setting', 'roleId'])
+export class SettingsPermissionsEntity {
+  @PrimaryGeneratedColumn('uuid')
+  id: string;
+
+  @Column({ nullable: false, type: 'uuid' })
+  roleId: string;
+
+  @ManyToOne(() => RoleEntity, (role) => role.settingsPermissions, {
+    onDelete: 'CASCADE',
+  })
+  @JoinColumn({ name: 'roleId' })
+  role: Relation<RoleEntity>;
+
+  @Column({ nullable: false, type: 'varchar' })
+  setting: SettingsPermissions;
+
+  @Column({ nullable: true, type: 'boolean' })
+  canUpdateSetting?: boolean;
+
+  @Column({ nullable: false, type: 'uuid' })
+  workspaceId: string;
+
+  @CreateDateColumn({ type: 'timestamptz' })
+  createdAt: Date;
+
+  @UpdateDateColumn({ type: 'timestamptz' })
+  updatedAt: Date;
+}