Increment/Decrement methods were broken and were executing a SELECT
query while selecting twice the same table so the id column reference
was not precise enough. For some reason it didn't recognise the builder
as an update builder AND aliases were not parsed properly
I've modified the code to re-use the existing update method that is
correctly implemented-
BEFORE
```sql
query failed: SELECT entity FROM "workspace_1wgvd1injqtife6y4rvfbu3h5"."viewField" "entity", "workspace_1wgvd1injqtife6y4rvfbu3h5"."viewField" "workspace_1wgvd1injqtife6y4rvfbu3h5.viewField" WHERE "id" IN ($1) -- PARAMETERS: ["cd665f5b-c3ce-44ec-a9b0-51a2d711287e"]
error: error: column reference "id" is ambiguous
```
AFTER
```sql
query: UPDATE "workspace_1wgvd1injqtife6y4rvfbu3h5"."viewField" SET "position" = "position" + 1, "updatedAt" = CURRENT_TIMESTAMP WHERE "id" IN ($1) -- PARAMETERS: ["cd665f5b-c3ce-44ec-a9b0-51a2d711287e"]
```
### Summary
This PR fixes an inconsistency in the display of application versions in
the Admin Panel. Previously, the "Current version" was displayed with a
"v" prefix (e.g., `v1.1.1`), while the "Latest version" was displayed
without it (e.g., `1.1.1`).
### Problem
The inconsistency originated from two different data sources being
handled differently in the backend:
- `currentVersion` was read directly from the `APP_VERSION`
configuration variable, which includes the "v" prefix.
- `latestVersion` was fetched from the Docker Hub API, and the
`semver.coerce()` function was used to parse it, which strips the "v"
prefix.
### Solution
The fix addresses the root cause in the [AdminPanelService] on the
backend. The `semver.coerce()` function is now also applied to the
`currentVersion`.
This ensures that both version numbers are normalized at the data
source, providing a consistent format before being sent to the frontend.
This is a cleaner approach than manipulating the data on the client
side.
**Before:**
- Current version: `v1.1.1`
- Latest version: `1.1.1`
**After:**
- Current version: `1.1.1`
- Latest version: `1.1.1`
---------
Co-authored-by: prastoin <paul@twenty.com>
In this PR, behind a feature flag, we add a permission layer check based
on the read permission.
It is done by computing a map of an object's fields, where keys are the
column names and values the fieldMetadata id, making them comparable to
the restricted fields ids list stored in the permission cache.
For mutations (create, update, delete, destroy), we need to check the
read permission on the returned field, as they may differ from the
updated field. The write field permission will be tackled in a different
PR.
## Problem
After migrating webhooks and API keys from workspace to core level, REST
API endpoints were still creating entities in workspace schema
(`workspace_*`) instead of core schema, causing webhooks to not fire.
## Solution
- Added dedicated REST controllers for webhooks (`/rest/webhooks`) and
API keys (`/rest/apiKeys`)
- Updated dynamic controller to block workspace-gated entities from
being processed
- Fixed OpenAPI documentation to exclude these endpoints from playground
- Ensured return formats match GraphQL resolvers exactly
## Testing
✅ All endpoints tested with provided auth token - webhooks and API keys
now correctly stored in `core` schema
This PR adds any field filter request generation utils with its unit
test.
It also calls this new util in the relevant requests for table and
board.
This PR also adds a new corresponding state in context store so that the
filter is handled in command menu and actions.
We also add this new filter to the aggregate queries.
The RecordShowPage story was also fixed.
Implementation is very simple
Established authentication dynamic is intercepted at
getAuthTokensFromLoginToken. If 2FA is required, a pattern similar to
EmailVerification is executed. That is, getAuthTokensFromLoginToken
mutation fails with either of the following errors:
1. TWO_FACTOR_AUTHENTICATION_VERIFICATION_REQUIRED
2. TWO_FACTOR_AUTHENTICATION_PROVISION_REQUIRED
UI knows how to respond accordingly.
2FA provisioning occurs at the 2FA resolver.
2FA verification, currently only OTP, is handled by auth.resolver's
getAuthTokensFromOTP
---------
Co-authored-by: Charles Bochet <charlesBochet@users.noreply.github.com>
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
Co-authored-by: github-actions <github-actions@twenty.com>
Co-authored-by: Jean-Baptiste Ronssin <65334819+jbronssin@users.noreply.github.com>
Co-authored-by: Lucas Bordeau <bordeau.lucas@gmail.com>
Co-authored-by: Félix Malfait <felix.malfait@gmail.com>
Co-authored-by: Félix Malfait <felix@twenty.com>
resolve#13168 , #8501
This PR fixes an issue where the onChange trigger was deleting all
attachments by removing the JWT token from their paths (if it existed)
and comparing the new body with the old body to identify deleted
attachments. It ensures that only attachments actually removed from the
body get deleted, preventing unintended deletion of attachments not
added directly through the body. It also handles updating attachment
names in the body so changes are reflected in Files, with related tests
updated accordingly.
https://github.com/user-attachments/assets/8d824a24-b257-4794-942e-3b2dceb9907d
---------
Co-authored-by: Lucas Bordeau <bordeau.lucas@gmail.com>
- add fieldMetadataId to step output schema
- use it to display FormFieldInput in Filter input
- few fixes for a few fields
Next step:
- Handle composite fields
- Design review
# Introduction
Following https://github.com/twentyhq/twenty/pull/13264, this PR
introduces several `fieldMetadataEntity` typing enhancement suggestions.
Mainly any nullable field metadata entity properties are now either
nullable or defined.
Or never if field is dynamically required or not depending on the field
metadata type
This enhance DevX
## Standards
- field enum ( `MULTI_SELECT`, `SELECT`, `RATING` ) will never have
`options` set to `NULL` in db
- field `RELATION` or `MORH_RELATION` won't ever have its relation
fields set to `NULL` in db
- field of any type `settings`, even if possibly defined, can still be
`NULL` in db
- field of any type `defaultValue`, even if possibly defined, can still
be `NULL` in db
It coud be interesting to guard these standards by adding dedicated pg
constraints on each field
## TypesScript type tests
added coverage for each `settings`, `defaultValue`, and `options`
depending on the current `fieldMetadata`
Honestly I don' know if this typescript assertions test file is not
overkill, but regarding metadata staticness it might be very interesting
to have this guard
## Possible improvements
- We could type as `unknown` instead of "all" on `FieldMetadataType`
inferrance
- We still need to deprecate remaining duplicated entities such as
`Index/Field/MetadataInterface` etc not a huge refactor neither urgent
## Problem
Previously, the newly created "message list fetch process" left the
message channel in an "ONGOING" status indefinitely.
## Why
Before only "fullSync" messageChannel were concerned by this method.
What happened it sometimes the providers gave empty messageExternalIds
during the initial fetch. Happens for a newly created email account on
gmail or microsoft (not sure which one)
Now that we gather both of sync methods (partial and full) we cannot use
this anly longer. Because after the first sync, if no new messages
arrived in the last 5 minutes, there will be none, so it was consiedered
as emptyMailbox (which is wrong)
## Solution
Removed this logic from the messageChannel since now we will rely on
each messageFolder (messageList) to handle the logic of going for a full
or not sync.
## Question
We might see some bugs in case some newly created email account without
messageList in case the provider does not give a nextSyncCursor at the
messageList level. Not easy to test
## Bonus
We also cleant a useless service method called getCursor that was not
used anywhere.
---------
Co-authored-by: prastoin <paul@twenty.com>
In this PR:
- Open filters in the side panel for **workflows**
- Open filters in the side panel for **workflow versions**
- Preparation for opening filters in the side panel for **workflow
runs**
- Add many tests to increase the coverage
Remaining to do:
- Open filters in the side panel for **workflow runs**
- Upon filter creation, open it in the side panel
---------
Co-authored-by: greptile-apps[bot] <165735046+greptile-apps[bot]@users.noreply.github.com>
## Bug description
All old messages were deleted after the first partial sync because the
diff between the existing messages and the messages returned from the
fetch was done considering that it was always a full sync (ie, that we
always retrieve the full list of message ids). But in a partial sync,
only the new messages appear in the list.
This bug was introduced by https://github.com/twentyhq/twenty/pull/13302
when trying to merge the logic between the full sync and the partial
sync.
## Fix
The fix is to adapt the behavior to the type of sync, by looking at the
presence of the sync cursor.
---------
Co-authored-by: Guillim <guillim@users.noreply.github.com>
This PR fixes a critical bug on record title cell opening when there was
no view loaded before.
This happened because the hook that opens the record title cell was
relying on a state that stored field definitions that were computed only
when a view was loaded.
Since there is no view on a record page, this wasn't working.
We should refactor field / column definitions so that they are always
derived from either view fields or an object metadata item's field
metadata items.
Fixes https://github.com/twentyhq/twenty/issues/13347
## TODO
- [ ] add dropdown to use records from outside the context
- [x] add loader for files chip
- [x] add roleId where it's necessary
- [x] Split AvatarChip in two components. One with the icon that will
call the second with leftComponent.
- [ ] Fix tests
- [x] Fix UI regression on Search
Fixes - #13307
**Description**
This PR adds the feature to create view from the command menu
**Key Changes**
- Added the command in the DEAFULT_RECORD_ACTION_CONFIG
- Created a component which is used in the action when the command is
clicked
**Files Changed**
-
packages/twenty-front/src/modules/action-menu/actions/record-actions/constants/DefaultRecordActionsConfig.tsx
-
packages/twenty-front/src/modules/action-menu/actions/record-actions/no-selection/components/SeeDeletedRecordsNoSelectionRecordAction.tsx
-
packages/twenty-front/src/modules/action-menu/actions/record-actions/no-selection/types/NoSelectionRecordActionsKeys.ts
-
packages/twenty-front/src/modules/views/view-picker/components/ViewPickerListContent.tsx
**Demo Video**
https://github.com/user-attachments/assets/8e3dc3dd-7f85-4da5-8c4a-6721abb29aff
---------
Co-authored-by: bosiraphael <raphael.bosi@gmail.com>
Closes#13277
## What I Did
- Enabled `multiple` attribute in the file input
- Updated the `handleFileChange` handler to loop through files
- Confirmed that each file is sent via `uploadAttachmentFile`
## Why
This change allows users to upload multiple files at once instead of
doing it one by one.
## Screenshot / Video (Optional)
[Screencast From 2025-07-18
23-58-36.webm](https://github.com/user-attachments/assets/ea191f25-1904-4643-afe2-7029785eebcb)
---
Let me know if you'd like any changes! 💪
---------
Co-authored-by: Félix Malfait <felix@twenty.com>
## Context
We would like to start leveraging more messageFolders during messageSync
which would allow users to select folders they want to sync on their
mailbox. MessageFolder is an abstraction that means folder for
Microsoft, labels for Gmail, not supported for IMAP.
## What
1) We do not aim to build a FE now but we would like to take it into a
consideration if they have been modified through API. So **out of
scope**
2) MessageFolders will be synced regularly from Gmail, Microsoft. This
is currently partially done and improving it is **out of scope**
3) Change: we were having two synchronization mechanism so far:
FULL_SYNC (first time, or when no cursor is present) and PARTIAL_SYNC
(when we have a cursor, we can fetch the diff since the last pull). This
Full vs Partial mode was a high level concept. We now think it's an
driver implementation detail (and can be inferred from the existence of
a cursor). Why making this change now: as we are trying to pull several
folders, a folder could need a full sync if it had no cursor, and
another a partial if it has one. It does not make sense anymore to have
this full vs partial difference at MessageChannel level
4) Once we are sure this work, we can start syncing different folders on
Gmail side (the case for the user it to be able to fetch Promotion
label)
## Implementation strategy
1) Re-use PartialMessageList implementation / API and rename it to
MessageList at it's more complete
2) re-use driver level fullMessageList methods and call them
messageListWithoutCursor
3) make sure that these method are folder specific
## Tests
### Gmail
- Fresh fetch (without cursor): OK
- Message import: OK
- Additional fetch (with messageChannel cursor): OK
### Microsoft
- Fresh fetch (without cursor): OK
- Message import: OK
- Additional fetch (with messageChannel cursor): OK
### Imap
- Fresh fetch (without cursor): OK
- Message import: OK
- Additional fetch (with messageChannel cursor): OK
# Introduction
Following https://github.com/twentyhq/twenty/pull/13310
> After this PR merge will create a new one removing the type and
replacing it to ObjectMetadataEntity.
This is it !
