[field-level permissions] Upsert fieldPermission + use fieldPermission to compute permissions (#13050)

In this PR - introduction of fieldPermission entity - addition of upsertFieldPermission in role resolver - computing of permissions taking fieldPermission into account. In order to limit what is stored in Redis we only store fields restrictions. For instance for objectMetadata with id XXX with a restriction on field with id YYY we store: `"XXX":{"canRead":true,"canUpdate":false,"canSoftDelete":false,"canDestroy":false,"restrictedFields":{"YYY":{"canRead":false,"canUpdate":null}}}` --------- Co-authored-by: Charles Bochet <charlesBochet@users.noreply.github.com>
2025-07-09 10:47:59 +02:00
parent 6ba6860e1c
commit 1cb60f943e
49 changed files with 1343 additions and 47 deletions
--- a/packages/twenty-server/src/engine/workspace-manager/workspace-migration-runner/workspace-migration-runner.service.ts
+++ b/packages/twenty-server/src/engine/workspace-manager/workspace-migration-runner/workspace-migration-runner.service.ts
@ -3,7 +3,7 @@ import { Injectable, Logger } from '@nestjs/common';
 import { isDefined } from 'twenty-shared/utils';
 import { QueryRunner, Table, TableColumn } from 'typeorm';

-import { IndexType } from 'src/engine/metadata-modules/index-metadata/index-metadata.entity';
+import { IndexType } from 'src/engine/metadata-modules/index-metadata/types/indexType.types';
 import {
  WorkspaceMigrationColumnAction,
  WorkspaceMigrationColumnActionType,
--- a/packages/twenty-server/src/engine/workspace-manager/workspace-sync-metadata/factories/standard-index.factory.ts
+++ b/packages/twenty-server/src/engine/workspace-manager/workspace-sync-metadata/factories/standard-index.factory.ts
@ -3,10 +3,8 @@ import { Injectable, Logger } from '@nestjs/common';
 import { PartialIndexMetadata } from 'src/engine/workspace-manager/workspace-sync-metadata/interfaces/partial-index-metadata.interface';
 import { WorkspaceSyncContext } from 'src/engine/workspace-manager/workspace-sync-metadata/interfaces/workspace-sync-context.interface';

-import {
-  IndexMetadataEntity,
-  IndexType,
-} from 'src/engine/metadata-modules/index-metadata/index-metadata.entity';
+import { IndexMetadataEntity } from 'src/engine/metadata-modules/index-metadata/index-metadata.entity';
+import { IndexType } from 'src/engine/metadata-modules/index-metadata/types/indexType.types';
 import { generateDeterministicIndexName } from 'src/engine/metadata-modules/index-metadata/utils/generate-deterministic-index-name';
 import { ObjectMetadataEntity } from 'src/engine/metadata-modules/object-metadata/object-metadata.entity';
 import { BaseWorkspaceEntity } from 'src/engine/twenty-orm/base.workspace-entity';