Fix permission check during onboarding (#11429)
## Context CurrentUser is fetched during onboarding however roles and permissions are not created yet during that stage so an error was thrown. We only want to fetch permissions after the onboarding of the workspace.
This commit is contained in:
Weiko
@ -14,6 +14,7 @@ import crypto from 'crypto';
|
|||||||
import { GraphQLJSONObject } from 'graphql-type-json';
|
import { GraphQLJSONObject } from 'graphql-type-json';
|
||||||
import { FileUpload, GraphQLUpload } from 'graphql-upload';
|
import { FileUpload, GraphQLUpload } from 'graphql-upload';
|
||||||
import { PermissionsOnAllObjectRecords } from 'twenty-shared/constants';
|
import { PermissionsOnAllObjectRecords } from 'twenty-shared/constants';
|
||||||
|
import { WorkspaceActivationStatus } from 'twenty-shared/workspace';
|
||||||
import { In, Repository } from 'typeorm';
|
import { In, Repository } from 'typeorm';
|
||||||
|
|
||||||
import { SupportDriver } from 'src/engine/core-modules/environment/interfaces/support.interface';
|
import { SupportDriver } from 'src/engine/core-modules/environment/interfaces/support.interface';
|
||||||
@ -106,11 +107,24 @@ export class UserResolver {
|
|||||||
if (!currentUserWorkspace) {
|
if (!currentUserWorkspace) {
|
||||||
throw new Error('Current user workspace not found');
|
throw new Error('Current user workspace not found');
|
||||||
}
|
}
|
||||||
const { settingsPermissions, objectRecordsPermissions } =
|
let settingsPermissions = {};
|
||||||
await this.permissionsService.getUserWorkspacePermissions({
|
let objectRecordsPermissions = {};
|
||||||
userWorkspaceId: currentUserWorkspace.id,
|
|
||||||
workspaceId: workspace.id,
|
if (
|
||||||
});
|
![
|
||||||
|
WorkspaceActivationStatus.PENDING_CREATION,
|
||||||
|
WorkspaceActivationStatus.ONGOING_CREATION,
|
||||||
|
].includes(workspace.activationStatus)
|
||||||
|
) {
|
||||||
|
const permissions =
|
||||||
|
await this.permissionsService.getUserWorkspacePermissions({
|
||||||
|
userWorkspaceId: currentUserWorkspace.id,
|
||||||
|
workspaceId: workspace.id,
|
||||||
|
});
|
||||||
|
|
||||||
|
settingsPermissions = permissions.settingsPermissions;
|
||||||
|
objectRecordsPermissions = permissions.objectRecordsPermissions;
|
||||||
|
}
|
||||||
|
|
||||||
const grantedSettingsPermissions: SettingPermissionType[] = (
|
const grantedSettingsPermissions: SettingPermissionType[] = (
|
||||||
Object.keys(settingsPermissions) as SettingPermissionType[]
|
Object.keys(settingsPermissions) as SettingPermissionType[]
|
||||||
|
|||||||
@ -1,13 +1,11 @@
|
|||||||
import { Module } from '@nestjs/common';
|
import { Module } from '@nestjs/common';
|
||||||
import { TypeOrmModule } from '@nestjs/typeorm';
|
import { TypeOrmModule } from '@nestjs/typeorm';
|
||||||
|
|
||||||
import { EnvironmentModule } from 'src/engine/core-modules/environment/environment.module';
|
|
||||||
import { FeatureFlagModule } from 'src/engine/core-modules/feature-flag/feature-flag.module';
|
import { FeatureFlagModule } from 'src/engine/core-modules/feature-flag/feature-flag.module';
|
||||||
import { UserWorkspace } from 'src/engine/core-modules/user-workspace/user-workspace.entity';
|
import { UserWorkspace } from 'src/engine/core-modules/user-workspace/user-workspace.entity';
|
||||||
import { PermissionsService } from 'src/engine/metadata-modules/permissions/permissions.service';
|
import { PermissionsService } from 'src/engine/metadata-modules/permissions/permissions.service';
|
||||||
import { RoleEntity } from 'src/engine/metadata-modules/role/role.entity';
|
import { RoleEntity } from 'src/engine/metadata-modules/role/role.entity';
|
||||||
import { UserWorkspaceRoleEntity } from 'src/engine/metadata-modules/role/user-workspace-role.entity';
|
import { UserWorkspaceRoleEntity } from 'src/engine/metadata-modules/role/user-workspace-role.entity';
|
||||||
import { SettingPermissionEntity } from 'src/engine/metadata-modules/setting-permission/setting-permission.entity';
|
|
||||||
import { UserRoleModule } from 'src/engine/metadata-modules/user-role/user-role.module';
|
import { UserRoleModule } from 'src/engine/metadata-modules/user-role/user-role.module';
|
||||||
|
|
||||||
@Module({
|
@Module({
|
||||||
@ -15,9 +13,7 @@ import { UserRoleModule } from 'src/engine/metadata-modules/user-role/user-role.
|
|||||||
TypeOrmModule.forFeature([RoleEntity, UserWorkspaceRoleEntity], 'metadata'),
|
TypeOrmModule.forFeature([RoleEntity, UserWorkspaceRoleEntity], 'metadata'),
|
||||||
FeatureFlagModule,
|
FeatureFlagModule,
|
||||||
TypeOrmModule.forFeature([UserWorkspace], 'core'),
|
TypeOrmModule.forFeature([UserWorkspace], 'core'),
|
||||||
EnvironmentModule,
|
|
||||||
UserRoleModule,
|
UserRoleModule,
|
||||||
TypeOrmModule.forFeature([SettingPermissionEntity], 'metadata'),
|
|
||||||
],
|
],
|
||||||
providers: [PermissionsService],
|
providers: [PermissionsService],
|
||||||
exports: [PermissionsService],
|
exports: [PermissionsService],
|
||||||
|
|||||||
@ -1,15 +1,12 @@
|
|||||||
import { Injectable } from '@nestjs/common';
|
import { Injectable } from '@nestjs/common';
|
||||||
import { InjectRepository } from '@nestjs/typeorm';
|
|
||||||
|
|
||||||
import { PermissionsOnAllObjectRecords } from 'twenty-shared/constants';
|
import { PermissionsOnAllObjectRecords } from 'twenty-shared/constants';
|
||||||
import { isDefined } from 'twenty-shared/utils';
|
import { isDefined } from 'twenty-shared/utils';
|
||||||
import { Repository } from 'typeorm';
|
|
||||||
|
|
||||||
import {
|
import {
|
||||||
AuthException,
|
AuthException,
|
||||||
AuthExceptionCode,
|
AuthExceptionCode,
|
||||||
} from 'src/engine/core-modules/auth/auth.exception';
|
} from 'src/engine/core-modules/auth/auth.exception';
|
||||||
import { EnvironmentService } from 'src/engine/core-modules/environment/environment.service';
|
|
||||||
import { SettingPermissionType } from 'src/engine/metadata-modules/permissions/constants/setting-permission-type.constants';
|
import { SettingPermissionType } from 'src/engine/metadata-modules/permissions/constants/setting-permission-type.constants';
|
||||||
import {
|
import {
|
||||||
PermissionsException,
|
PermissionsException,
|
||||||
@ -17,17 +14,11 @@ import {
|
|||||||
PermissionsExceptionMessage,
|
PermissionsExceptionMessage,
|
||||||
} from 'src/engine/metadata-modules/permissions/permissions.exception';
|
} from 'src/engine/metadata-modules/permissions/permissions.exception';
|
||||||
import { RoleEntity } from 'src/engine/metadata-modules/role/role.entity';
|
import { RoleEntity } from 'src/engine/metadata-modules/role/role.entity';
|
||||||
import { SettingPermissionEntity } from 'src/engine/metadata-modules/setting-permission/setting-permission.entity';
|
|
||||||
import { UserRoleService } from 'src/engine/metadata-modules/user-role/user-role.service';
|
import { UserRoleService } from 'src/engine/metadata-modules/user-role/user-role.service';
|
||||||
|
|
||||||
@Injectable()
|
@Injectable()
|
||||||
export class PermissionsService {
|
export class PermissionsService {
|
||||||
constructor(
|
constructor(private readonly userRoleService: UserRoleService) {}
|
||||||
private readonly environmentService: EnvironmentService,
|
|
||||||
private readonly userRoleService: UserRoleService,
|
|
||||||
@InjectRepository(SettingPermissionEntity, 'metadata')
|
|
||||||
private readonly settingPermissionRepository: Repository<SettingPermissionEntity>,
|
|
||||||
) {}
|
|
||||||
|
|
||||||
public async getUserWorkspacePermissions({
|
public async getUserWorkspacePermissions({
|
||||||
userWorkspaceId,
|
userWorkspaceId,
|
||||||
|
|||||||
Reference in New Issue
Block a user