[permissions] Add permission gates on API & Webhooks + Security settings (#10133)

Closes https://github.com/twentyhq/core-team-issues/issues/312 Closes https://github.com/twentyhq/core-team-issues/issues/315
2025-02-12 10:40:26 +01:00
parent 08fd227049
commit e4ae76ac20
16 changed files with 220 additions and 44 deletions
--- a/packages/twenty-server/src/engine/api/graphql/graphql-config/graphql-config.service.ts
+++ b/packages/twenty-server/src/engine/api/graphql/graphql-config/graphql-config.service.ts
@ -70,7 +70,13 @@ export class GraphQLConfigService
        let workspace: Workspace | undefined;

        try {
-          const { user, workspace, apiKey, workspaceMemberId } = context.req;
+          const {
+            user,
+            workspace,
+            apiKey,
+            workspaceMemberId,
+            userWorkspaceId,
+          } = context.req;

          if (!workspace) {
            return new GraphQLSchema({});
@ -81,6 +87,7 @@ export class GraphQLConfigService
            workspace,
            apiKey,
            workspaceMemberId,
+            userWorkspaceId,
          });
        } catch (error) {
          if (error instanceof UnauthorizedException) {