admin/twenty
1
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity
6,857 Commits 1 Branch 0 Tags
b1af98f93d08d474271af8ead8555e42cf16393d
Commit Graph

7 Commits

Author SHA1 Message Date
Antoine Moreaux
b1af98f93d refactor(auth): add workspaces selection (#12098) 2025-06-13 16:17:35 +02:00
Félix Malfait
ecf21774dd Fix workspace hydratation (#12452) 
We must separate the concept of hydratation which happens at the request
level (take the token and pass auth/user context), from the concept of
authorization which happens at the query/endpoint/mutation level.

Previously, hydratation exemption happened at the operation name level
which is not correct because the operation name is meaningless and
optional. Still this gave an impression of security by enforcing a
blacklist. So in this PR we introduce linting rule that aim to achieve a
similar behavior, now every api method has to have a guard. That way if
and endpoint is not protected by AuthUserGuard or AuthWorspaceGuard,
then it has to be stated explicitly next to its code.

---------

Co-authored-by: Charles Bochet <charles@twenty.com>
 2025-06-09 14:14:32 +02:00
Félix Malfait
49b7f5255f Update what is being audit logged (#11833) 
No need to audit log workflow runs as it's already a form of audit log.
Add more audit log for other objects
Rename MessagingTelemetry to MessagingMonitoring
Merge Analytics and Audit in one (Audit)

---------

Co-authored-by: greptile-apps[bot] <165735046+greptile-apps[bot]@users.noreply.github.com>
 2025-05-04 14:35:41 +02:00
Antoine Moreaux
e457ade362 chore(constants): add TrackAnalytics to excluded operations (#11617) 
Included TrackAnalytics in the list of excluded middleware operations.
This ensures consistent handling of operations that bypass middleware
processing.
 2025-04-17 11:24:45 +02:00
Antoine Moreaux
77d72e9b1c refactor(auth/sso): rename GetAuthorizationUrl for clarity (#10173) 
- Rename `GetAuthorizationUrl` to `GetAuthorizationUrlForSSO`
- Move `GetAuthorizationUrlForSSO` from `sso.resolver.ts` to
`auth.resolver.ts` to avoid the permission guard and let users use an
SSO provider.
- Fix an issue in OIDC guard that breaks the connection if you have
multiple SSO providers + add tests for OIDC guard.
 2025-02-13 11:15:22 +01:00
Antoine Moreaux
68183b7c85 feat(): enable custom domain usage (#9911) 
# Content
- Introduce the `workspaceUrls` property. It contains two
sub-properties: `customUrl, subdomainUrl`. These endpoints are used to
access the workspace. Even if the `workspaceUrls` is invalid for
multiple reasons, the `subdomainUrl` remains valid.
- Introduce `ResolveField` workspaceEndpoints to avoid unnecessary URL
computation on the frontend part.
- Add a `forceSubdomainUrl` to avoid custom URL using a query parameter
 2025-02-07 14:34:26 +01:00
P A C · 先生
66296a4787 [1/n]: Migrate deleteOne Rest API to use TwentyORM directly (#9784) 
# This PR

- Addressing #3644 
- Migrates the `DELETE /rest/*` endpoint to use TwentyORM
- Factorizes common middleware logic into a common module

---------

Co-authored-by: martmull <martmull@hotmail.fr>
 2025-01-31 16:12:20 +01:00