From ff59658d39e61f2834728a4c1defff784fe5cbbc Mon Sep 17 00:00:00 2001 From: Weiko Date: Mon, 7 Apr 2025 18:53:53 +0200 Subject: [PATCH] Fix permission check during onboarding (#11429) ## Context CurrentUser is fetched during onboarding however roles and permissions are not created yet during that stage so an error was thrown. We only want to fetch permissions after the onboarding of the workspace. --- .../engine/core-modules/user/user.resolver.ts | 24 +++++++++++++++---- .../permissions/permissions.module.ts | 4 ---- .../permissions/permissions.service.ts | 11 +-------- 3 files changed, 20 insertions(+), 19 deletions(-) diff --git a/packages/twenty-server/src/engine/core-modules/user/user.resolver.ts b/packages/twenty-server/src/engine/core-modules/user/user.resolver.ts index f3efad552..9ee22996e 100644 --- a/packages/twenty-server/src/engine/core-modules/user/user.resolver.ts +++ b/packages/twenty-server/src/engine/core-modules/user/user.resolver.ts @@ -14,6 +14,7 @@ import crypto from 'crypto'; import { GraphQLJSONObject } from 'graphql-type-json'; import { FileUpload, GraphQLUpload } from 'graphql-upload'; import { PermissionsOnAllObjectRecords } from 'twenty-shared/constants'; +import { WorkspaceActivationStatus } from 'twenty-shared/workspace'; import { In, Repository } from 'typeorm'; import { SupportDriver } from 'src/engine/core-modules/environment/interfaces/support.interface'; @@ -106,11 +107,24 @@ export class UserResolver { if (!currentUserWorkspace) { throw new Error('Current user workspace not found'); } - const { settingsPermissions, objectRecordsPermissions } = - await this.permissionsService.getUserWorkspacePermissions({ - userWorkspaceId: currentUserWorkspace.id, - workspaceId: workspace.id, - }); + let settingsPermissions = {}; + let objectRecordsPermissions = {}; + + if ( + ![ + WorkspaceActivationStatus.PENDING_CREATION, + WorkspaceActivationStatus.ONGOING_CREATION, + ].includes(workspace.activationStatus) + ) { + const permissions = + await this.permissionsService.getUserWorkspacePermissions({ + userWorkspaceId: currentUserWorkspace.id, + workspaceId: workspace.id, + }); + + settingsPermissions = permissions.settingsPermissions; + objectRecordsPermissions = permissions.objectRecordsPermissions; + } const grantedSettingsPermissions: SettingPermissionType[] = ( Object.keys(settingsPermissions) as SettingPermissionType[] diff --git a/packages/twenty-server/src/engine/metadata-modules/permissions/permissions.module.ts b/packages/twenty-server/src/engine/metadata-modules/permissions/permissions.module.ts index 577fd9c4a..12a865acb 100644 --- a/packages/twenty-server/src/engine/metadata-modules/permissions/permissions.module.ts +++ b/packages/twenty-server/src/engine/metadata-modules/permissions/permissions.module.ts @@ -1,13 +1,11 @@ import { Module } from '@nestjs/common'; import { TypeOrmModule } from '@nestjs/typeorm'; -import { EnvironmentModule } from 'src/engine/core-modules/environment/environment.module'; import { FeatureFlagModule } from 'src/engine/core-modules/feature-flag/feature-flag.module'; import { UserWorkspace } from 'src/engine/core-modules/user-workspace/user-workspace.entity'; import { PermissionsService } from 'src/engine/metadata-modules/permissions/permissions.service'; import { RoleEntity } from 'src/engine/metadata-modules/role/role.entity'; import { UserWorkspaceRoleEntity } from 'src/engine/metadata-modules/role/user-workspace-role.entity'; -import { SettingPermissionEntity } from 'src/engine/metadata-modules/setting-permission/setting-permission.entity'; import { UserRoleModule } from 'src/engine/metadata-modules/user-role/user-role.module'; @Module({ @@ -15,9 +13,7 @@ import { UserRoleModule } from 'src/engine/metadata-modules/user-role/user-role. TypeOrmModule.forFeature([RoleEntity, UserWorkspaceRoleEntity], 'metadata'), FeatureFlagModule, TypeOrmModule.forFeature([UserWorkspace], 'core'), - EnvironmentModule, UserRoleModule, - TypeOrmModule.forFeature([SettingPermissionEntity], 'metadata'), ], providers: [PermissionsService], exports: [PermissionsService], diff --git a/packages/twenty-server/src/engine/metadata-modules/permissions/permissions.service.ts b/packages/twenty-server/src/engine/metadata-modules/permissions/permissions.service.ts index 1164a08f1..840436bbf 100644 --- a/packages/twenty-server/src/engine/metadata-modules/permissions/permissions.service.ts +++ b/packages/twenty-server/src/engine/metadata-modules/permissions/permissions.service.ts @@ -1,15 +1,12 @@ import { Injectable } from '@nestjs/common'; -import { InjectRepository } from '@nestjs/typeorm'; import { PermissionsOnAllObjectRecords } from 'twenty-shared/constants'; import { isDefined } from 'twenty-shared/utils'; -import { Repository } from 'typeorm'; import { AuthException, AuthExceptionCode, } from 'src/engine/core-modules/auth/auth.exception'; -import { EnvironmentService } from 'src/engine/core-modules/environment/environment.service'; import { SettingPermissionType } from 'src/engine/metadata-modules/permissions/constants/setting-permission-type.constants'; import { PermissionsException, @@ -17,17 +14,11 @@ import { PermissionsExceptionMessage, } from 'src/engine/metadata-modules/permissions/permissions.exception'; import { RoleEntity } from 'src/engine/metadata-modules/role/role.entity'; -import { SettingPermissionEntity } from 'src/engine/metadata-modules/setting-permission/setting-permission.entity'; import { UserRoleService } from 'src/engine/metadata-modules/user-role/user-role.service'; @Injectable() export class PermissionsService { - constructor( - private readonly environmentService: EnvironmentService, - private readonly userRoleService: UserRoleService, - @InjectRepository(SettingPermissionEntity, 'metadata') - private readonly settingPermissionRepository: Repository, - ) {} + constructor(private readonly userRoleService: UserRoleService) {} public async getUserWorkspacePermissions({ userWorkspaceId,