This PR ensures the correct usage of HTTP status codes (401 Unauthorized
and 403 Forbidden) for authentication and authorization errors, aligning
with standard HTTP semantics. The changes impact the handling of
AuthException across the application.
Changes Implemented
Updated Exception Handling Logic:
401 Unauthorized: Now used for cases where the user is unauthenticated
(e.g., missing JWT, expired JWT, invalid credentials).
403 Forbidden: Used strictly for cases where the user is authenticated
but lacks the required permissions.
2. Affected Files:
before :-
After:-
3. Frontend Impact:
Verified frontend token renewal and error-handling flows.
Updated logic for handling 401 responses to trigger re-authentication
(e.g., token refresh or redirect to login).
4.Issue Resolved: #9347
Updated the handling of `targetWorkspaceSubdomain` and `subdomain` to
enforce them as required fields. This prevents potential issues caused
by missing values during sign-in/up and workspace invitation processes.
Update `packages/twenty-docker/k8s/manifests/deployment-db.yaml` file to
match recent changes in docker-compose.yaml version.
- update postgresql docker image to Spilo version
- add important ENV vars
Updated SAML-specific callback URL handling to include the ID, while
OIDC URLs now use the server base URL from config. Also added a debug
log in SSO authentication and cleaned up redirection URL logic in the
frontend.
Removing labelIdentifierFieldMetadataId and
imageIdentifierFieldMetadataId that should not be part of
createObjectInput as they don't make sense for an object yet to create
and will break
# Introduction
For motivations and context please have a look to
https://github.com/twentyhq/twenty/pull/9394 whom this PR results from.
In this pull-request we remove any `metadataField` and `objectMetadata`
sluggification. We directly consume `objectMetadata.namePlural` and
`metadataField.name`, ***it seems like that historically the consumed
`metadataField.name`*** are we sure that we wanna change this behavior ?
## Notes
Unless I'm mistaken by reverting the `kebabcase` url formatting we might
be creating deadlinks that user could have save beforehand => Discussed
with Charles said it's controlled risk.
---------
Co-authored-by: Paul Rastoin <paulrastoin@Pauls-MacBook-Pro.local>
Remove redundant validation logic and streamline form handling by
leveraging react-hook-form's context. Simplify component props and
enhance consistency across the sign-in/up flow.
Fix https://github.com/twentyhq/twenty/issues/9380
There is a problem of hotkey scope not being passed to the relation
picker used for single record select fields.
Fixed it where we open a single record select.
# Introduction
Please find related ticket here #9382
To fix the issue the solution seems to be to stop searching for last
viewed `objectMetadata` using their slugged version `namePlural`
## Upcoming cleanup
After discussing with @charlesBochet it seems like a bad practice to
slug the `objectMetadata`, in this way in a following PR we will suggest
a cleanup of the remaining method that does within the
`useFilteredObjectMetadataItems.ts`
## Conclusion
As always any suggestions are welcomed !
Please let me know
closes#9382
---------
Co-authored-by: Paul Rastoin <paulrastoin@Pauls-MacBook-Pro.local>
Script is using here-string <<< which is not supported by sh, using bash
instead
Also removing "sh" from the command to actually use the bash from the
shebang
- In the `formatFieldMetadataValue` function, allow people to call
TypeORM's `save()` method with unserialized JSON data.
- Create an `overrideWorkflowDraftVersion` mutation that takes a
workflow id and the id of the workflow version to use as the new draft
- If no draft exists yet, create one
- If a draft already exists, deactivate its serverless functions
- Duplicate every step. For serverless function steps, it includes
duplicating the functions
- Save the data of the step in DB
- Call the `overrideWorkflowDraftVersion` mutation in the old workflow
header and in the new Cmd+K actions
- I chose to not update the Apollo cache manually as the information of
the new draft are going to be automatically fetched once the user lands
on the workflow's show page. Note that we redirect the user to this page
after overriding the draft version.
Replaced user-based parameterization with workspace-focused logic across
seed scripts, mocks, and billing services. Removed redundant `user`
references and standardized to `workspace` to align with updated
business rules. Adjusted mock data and tests to reflect these changes.
Fix https://github.com/twentyhq/twenty/issues/9295
tooltips are currently instantaneous. let's add some delay for better
user experience
After investigation, it looks like the open property prevents delays
from happening. Swithcing to hidden property
See https://discord.com/channels/1130383047699738754/1324678408684306486
- Fixed click outside for kanban not working (changed strategy)
- Tried a different approach for setting the context menu position
- Fixes https://github.com/twentyhq/twenty/issues/9336
There was a bug when selecting all records on the index page.
This was due to the fact that
`WorkflowRunRecordActionMenuEntrySetterEffect` was mounted when it
shouldn't have been.
"'TODO'" is the default value from the database and must be escaped in
the frontend. The issue was revealed by the "status" field of Tasks but
it would have been the same for the others
fix#9210
Fixes https://github.com/twentyhq/twenty/issues/8970
The context menu wasn't working because of wrong architecture with the
Dropdown component, as it's a unique behavior (no clickable component
and portal) it also required refactoring a bit the Dropdown component.
- Context menu now uses a portal
- Fixed dropdown offset without clickable component (now using a
fallback anchor component)
- Fixed React array key props
