Adapt rest api to field permissions (#13314)

Closes https://github.com/twentyhq/core-team-issues/issues/1217 We should only query and return the fields that are readable when using the rest api. This is behind a feature flag.
2025-07-22 10:46:43 +02:00
parent f95573ab4c
commit c8753ae59e
81 changed files with 847 additions and 47 deletions
--- a/packages/twenty-server/test/integration/graphql/utils/update-feature-flag-factory.util.ts
+++ b/packages/twenty-server/test/integration/graphql/utils/update-feature-flag-factory.util.ts
@ -0,0 +1,26 @@
+import gql from 'graphql-tag';
+
+export const updateFeatureFlagFactory = (
+  workspaceId: string,
+  featureFlag: string,
+  value: boolean,
+) => ({
+  query: gql`
+    mutation UpdateWorkspaceFeatureFlag(
+      $workspaceId: String!
+      $featureFlag: String!
+      $value: Boolean!
+    ) {
+      updateWorkspaceFeatureFlag(
+        workspaceId: $workspaceId
+        featureFlag: $featureFlag
+        value: $value
+      )
+    }
+  `,
+  variables: {
+    workspaceId,
+    featureFlag,
+    value,
+  },
+});
--- a/packages/twenty-server/test/integration/graphql/utils/upsert-field-permissions-operation-factory.util.ts
+++ b/packages/twenty-server/test/integration/graphql/utils/upsert-field-permissions-operation-factory.util.ts
@ -0,0 +1,39 @@
+import gql from 'graphql-tag';
+
+export const createUpsertFieldPermissionsOperation = (
+  roleId: string,
+  fieldPermissions: Array<{
+    objectMetadataId: string;
+    fieldMetadataId: string;
+    canReadFieldValue?: boolean | null;
+    canUpdateFieldValue?: boolean | null;
+  }>,
+  selectedFields: string[] = [
+    'id',
+    'roleId',
+    'objectMetadataId',
+    'fieldMetadataId',
+    'canReadFieldValue',
+    'canUpdateFieldValue',
+  ],
+) => ({
+  query: gql`
+      mutation UpsertFieldPermissions(
+        $roleId: String!
+        $fieldPermissions: [FieldPermissionInput!]!
+      ) {
+        upsertFieldPermissions(
+          upsertFieldPermissionsInput: {
+            roleId: $roleId
+            fieldPermissions: $fieldPermissions
+          }
+        ) {
+          ${selectedFields.join('\n')}
+        }
+      }
+    `,
+  variables: {
+    roleId,
+    fieldPermissions,
+  },
+});
--- a/packages/twenty-server/test/integration/graphql/utils/upsert-field-permissions.util.ts
+++ b/packages/twenty-server/test/integration/graphql/utils/upsert-field-permissions.util.ts
@ -0,0 +1,30 @@
+import { createUpsertFieldPermissionsOperation } from 'test/integration/graphql/utils/upsert-field-permissions-operation-factory.util';
+import { makeMetadataAPIRequest } from 'test/integration/metadata/suites/utils/make-metadata-api-request.util';
+
+export const upsertFieldPermissions = async ({
+  roleId,
+  fieldPermissions,
+  selectedFields,
+}: {
+  roleId: string;
+  fieldPermissions: Array<{
+    objectMetadataId: string;
+    fieldMetadataId: string;
+    canReadFieldValue?: boolean | null;
+    canUpdateFieldValue?: boolean | null;
+  }>;
+  selectedFields?: string[];
+}) => {
+  const operation = createUpsertFieldPermissionsOperation(
+    roleId,
+    fieldPermissions,
+    selectedFields,
+  );
+
+  const response = await makeMetadataAPIRequest(operation);
+
+  return {
+    data: response.body.data,
+    errors: response.body.errors,
+  };
+};