admin/twenty
1
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity

Forbid upsert of objectPermissions on system objects (#12382)

Browse Source 
Closes https://github.com/twentyhq/core-team-issues/issues/865
This commit is contained in:
Marie
2025-06-02 17:03:37 +02:00
committed by GitHub
parent e13d83b660
commit dc205370df
14 changed files with 358 additions and 125 deletions
Download Patch File Download Diff File Expand all files Collapse all files

28
packages/twenty-server/src/engine/metadata-modules/relation-metadata/relation-metadata.service.ts
View File

@ -25,14 +25,6 @@ import {
import { InvalidMetadataException } from 'src/engine/metadata-modules/utils/exceptions/invalid-metadata.exception';
import { validateFieldNameAvailabilityOrThrow } from 'src/engine/metadata-modules/utils/validate-field-name-availability.utils';
import { validateMetadataNameOrThrow } from 'src/engine/metadata-modules/utils/validate-metadata-name.utils';
import {
WorkspaceMetadataCacheException,
WorkspaceMetadataCacheExceptionCode,
} from 'src/engine/metadata-modules/workspace-metadata-cache/exceptions/workspace-metadata-cache.exception';
import {
WorkspaceMetadataVersionException,
WorkspaceMetadataVersionExceptionCode,
} from 'src/engine/metadata-modules/workspace-metadata-version/exceptions/workspace-metadata-version.exception';
import { WorkspaceMetadataVersionService } from 'src/engine/metadata-modules/workspace-metadata-version/services/workspace-metadata-version.service';
import { generateMigrationName } from 'src/engine/metadata-modules/workspace-migration/utils/generate-migration-name.util';
import {
@ -501,29 +493,11 @@ export class RelationMetadataService extends TypeOrmQueryService<RelationMetadat
>,
workspaceId: string,
): Promise<(RelationMetadataEntity | NotFoundException)[]> {
const metadataVersion =
await this.workspaceCacheStorageService.getMetadataVersion(workspaceId);
if (!isDefined(metadataVersion)) {
throw new WorkspaceMetadataVersionException(
`Metadata version not found for workspace ${workspaceId}`,
WorkspaceMetadataVersionExceptionCode.METADATA_VERSION_NOT_FOUND,
);
}
const objectMetadataMaps =
await this.workspaceCacheStorageService.getObjectMetadataMaps(
await this.workspaceCacheStorageService.getObjectMetadataMapsOrThrow(
workspaceId,
metadataVersion,
);
if (!objectMetadataMaps) {
throw new WorkspaceMetadataCacheException(
`Object metadata map not found for workspace ${workspaceId} and metadata version ${metadataVersion}`,
WorkspaceMetadataCacheExceptionCode.OBJECT_METADATA_MAP_NOT_FOUND,
);
}
const mappedResult = fieldMetadataItems.map((fieldMetadataItem) => {
const objectMetadata =
objectMetadataMaps.byId[fieldMetadataItem.objectMetadataId];