admin/twenty
1
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity
5,461 Commits 1 Branch 0 Tags
861face2a812632b78a2ebf582a89150d64f2db9
Commit Graph

4 Commits

Author SHA1 Message Date
Marie
861face2a8 [permissions] Enforce object-records permission checks in resolvers (#10304) 
Closes https://github.com/twentyhq/core-team-issues/issues/393

- enforcing object-records permission checks in resolvers for now. we
will move the logic to a lower level asap
- add integration tests that will still be useful when we have moved the
logic
- introduce guest seeded role to test limited permissions on
object-records
 2025-02-19 11:21:03 +01:00
Marie
cb3bd1353a [permissions] Add object records permissions to role entity (#10255) 
Closes https://github.com/twentyhq/core-team-issues/issues/388

- Add object records-related permissions to role entity
- Add it to queriable `currentUserWorkspace` (used in FE)
 2025-02-17 18:32:39 +01:00
Marie
8a660d5d3f [permissions] Avoid N+1 on roles (#10041) 2025-02-06 11:27:11 +01:00
Marie
e3182a145d Implement updateRole (#10009) 
In this PR, we are implementing the updateRole endpoint with the
following rules

1. A user can only update a member's role if they have the permission (=
the admin role)
2. Admin role can't be unassigned if there are no other admin in the
workspace
3. (For now) as members can only have one role for now, when they are
assigned a new role, they are first unassigned the other role (if any)
4. (For now) removing a member's admin role = leaving the member with no
role = calling updateRole with a null roleId
 2025-02-05 18:02:14 +01:00