mukeshs/twenty_crm
1
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity
Files
cc71394863d94137749c68f9a324fbe5d3f30f0d
twenty_crm/packages/twenty-server/src/engine/metadata-modules/object-permission/object-permission.entity.ts
Marie 1cb60f943e [field-level permissions] Upsert fieldPermission + use fieldPermission to compute permissions (#13050) 
In this PR

- introduction of fieldPermission entity
- addition of upsertFieldPermission in role resolver
- computing of permissions taking fieldPermission into account. In order
to limit what is stored in Redis we only store fields restrictions. For
instance for objectMetadata with id XXX with a restriction on field with
id YYY we store:
`"XXX":{"canRead":true,"canUpdate":false,"canSoftDelete":false,"canDestroy":false,"restrictedFields":{"YYY":{"canRead":false,"canUpdate":null}}}`

---------

Co-authored-by: Charles Bochet <charlesBochet@users.noreply.github.com>
2025-07-09 08:47:59 +00:00

70 lines
1.7 KiB
TypeScript
Raw Blame History

import {
Column,
CreateDateColumn,
Entity,
Index,
JoinColumn,
ManyToOne,
PrimaryGeneratedColumn,
Relation,
Unique,
UpdateDateColumn,
} from 'typeorm';
import { ObjectMetadataEntity } from 'src/engine/metadata-modules/object-metadata/object-metadata.entity';
import { RoleEntity } from 'src/engine/metadata-modules/role/role.entity';
@Entity('objectPermission')
@Unique('IDX_OBJECT_PERMISSION_OBJECT_METADATA_ID_ROLE_ID_UNIQUE', [
'objectMetadataId',
'roleId',
])
@Index('IDX_OBJECT_PERMISSION_WORKSPACE_ID_ROLE_ID', ['workspaceId', 'roleId'])
export class ObjectPermissionEntity {
@PrimaryGeneratedColumn('uuid')
id: string;
@Column({ nullable: false, type: 'uuid' })
roleId: string;
@ManyToOne(() => RoleEntity, (role) => role.objectPermissions, {
onDelete: 'CASCADE',
})
@JoinColumn({ name: 'roleId' })
role: Relation<RoleEntity>;
@Column({ nullable: false, type: 'uuid' })
objectMetadataId: string;
@ManyToOne(
() => ObjectMetadataEntity,
(objectMetadata) => objectMetadata.objectPermissions,
{
onDelete: 'CASCADE',
},
)
@JoinColumn({ name: 'objectMetadataId' })
objectMetadata: Relation<ObjectMetadataEntity>;
@Column({ nullable: true, type: 'boolean' })
canReadObjectRecords?: boolean;
@Column({ nullable: true, type: 'boolean' })
canUpdateObjectRecords?: boolean;
@Column({ nullable: true, type: 'boolean' })
canSoftDeleteObjectRecords?: boolean;
@Column({ nullable: true, type: 'boolean' })
canDestroyObjectRecords?: boolean;
@Column({ nullable: false, type: 'uuid' })
workspaceId: string;
@CreateDateColumn({ type: 'timestamptz' })
createdAt: Date;
@UpdateDateColumn({ type: 'timestamptz' })
updatedAt: Date;
}
Reference in New Issue View Git Blame Copy Permalink