Skip to content

[permissions] Add permissions check layer in entityManager #11818

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 15 commits into from
May 5, 2025
Merged

[permissions] Add permissions check layer in entityManager #11818

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
15 commits
Select commit Hold shift + click to select a range
3c9a836
Update WorkspaceEntityManager to integrate permission check
ijreilly Apr 30, 2025
1d2b648
adapt entityManager.createQueryBuilder and bypass checks in seeds
ijreilly Apr 30, 2025
a327c23
update entityManager type
ijreilly Apr 30, 2025
c33a6d0
remove optional arg transactionManager from signature when it is neve…
ijreilly Apr 30, 2025
981a4cb
add test
ijreilly Apr 30, 2025
008d320
Merge branch 'main' of github.com:twentyhq/twenty into perm--repo
ijreilly Apr 30, 2025
4d639be
fix entity manager stale featureFlagMap issue + api key
ijreilly May 2, 2025
6928956
replace comments with explicity type declaration
ijreilly May 2, 2025
180d047
Merge branch 'main' of github.com:twentyhq/twenty into perm--repo
ijreilly May 2, 2025
c722d22
fix + missing methods in WorkspaceSelectQueryBuilder
ijreilly May 2, 2025
f42fea9
rename file entityManager -> workspaceEntityManager
ijreilly May 5, 2025
5770d52
minor fixes and improvements
ijreilly May 5, 2025
eb8f681
fix
ijreilly May 5, 2025
b8a2900
Merge branch 'main' of github.com:twentyhq/twenty into perm--repo
ijreilly May 5, 2025
55f914e
minor fixes
ijreilly May 5, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
5 changes: 3 additions & 2 deletions packages/twenty-server/src/database/commands/data-seed-dev-workspace.command.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,7 +1,7 @@
import { Logger } from '@nestjs/common';

import { Command, CommandRunner } from 'nest-commander';
import { DataSource, EntityManager } from 'typeorm';
import { DataSource } from 'typeorm';

import { seedCoreSchema } from 'src/database/typeorm-seeds/core';
import {
Expand Down Expand Up @@ -43,6 +43,7 @@ import { SURVEY_RESULTS_DATA_SEEDS } from 'src/engine/seeder/data-seeds/survey-r
import { PETS_METADATA_SEEDS } from 'src/engine/seeder/metadata-seeds/pets-metadata-seeds';
import { SURVEY_RESULTS_METADATA_SEEDS } from 'src/engine/seeder/metadata-seeds/survey-results-metadata-seeds';
import { SeederService } from 'src/engine/seeder/seeder.service';
import { WorkspaceEntityManager } from 'src/engine/twenty-orm/entity-manager/workspace-entity-manager';
import { shouldSeedWorkspaceFavorite } from 'src/engine/utils/should-seed-workspace-favorite';
import { createWorkspaceViews } from 'src/engine/workspace-manager/standard-objects-prefill-data/create-workspace-views';
import { seedViewWithDemoData } from 'src/engine/workspace-manager/standard-objects-prefill-data/seed-view-with-demo-data';
Expand Down Expand Up @@ -169,7 +170,7 @@ export class DataSeedWorkspaceCommand extends CommandRunner {
dataSourceMetadata: DataSourceEntity,
) {
await workspaceDataSource.transaction(
async (entityManager: EntityManager) => {
async (entityManager: WorkspaceEntityManager) => {
const { objectMetadataStandardIdToIdMap } =
await this.objectMetadataService.getObjectMetadataStandardIdToIdMap(
dataSourceMetadata.workspaceId,
Expand Down
8 changes: 5 additions & 3 deletions packages/twenty-server/src/database/typeorm-seeds/workspace/api-key.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,15 +1,17 @@
import { EntityManager } from 'typeorm';
import { WorkspaceEntityManager } from 'src/engine/twenty-orm/entity-manager/workspace-entity-manager';

const tableName = 'apiKey';

const API_KEY_ID = '20202020-f401-4d8a-a731-64d007c27bad';

export const seedApiKey = async (
entityManager: EntityManager,
entityManager: WorkspaceEntityManager,
schemaName: string,
) => {
await entityManager
.createQueryBuilder()
.createQueryBuilder(undefined, undefined, undefined, {
shouldBypassPermissionChecks: true,
})
.insert()
.into(`${schemaName}.${tableName}`, ['id', 'name', 'expiresAt'])
.orIgnore()
Expand Down
8 changes: 5 additions & 3 deletions .../twenty-server/src/database/typeorm-seeds/workspace/calendar-channel-event-association.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,13 +1,15 @@
import { EntityManager } from 'typeorm';
import { WorkspaceEntityManager } from 'src/engine/twenty-orm/entity-manager/workspace-entity-manager';

const tableName = 'calendarChannelEventAssociation';

export const seedCalendarChannelEventAssociations = async (
entityManager: EntityManager,
entityManager: WorkspaceEntityManager,
schemaName: string,
) => {
await entityManager
.createQueryBuilder()
.createQueryBuilder(undefined, undefined, undefined, {
shouldBypassPermissionChecks: true,
})
.insert()
.into(`${schemaName}.${tableName}`, [
'id',
Expand Down
9 changes: 5 additions & 4 deletions packages/twenty-server/src/database/typeorm-seeds/workspace/calendar-channel.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,16 +1,17 @@
import { EntityManager } from 'typeorm';

import { DEV_SEED_CONNECTED_ACCOUNT_IDS } from 'src/database/typeorm-seeds/workspace/connected-account';
import { WorkspaceEntityManager } from 'src/engine/twenty-orm/entity-manager/workspace-entity-manager';
import { CalendarChannelVisibility } from 'src/modules/calendar/common/standard-objects/calendar-channel.workspace-entity';

const tableName = 'calendarChannel';

export const seedCalendarChannels = async (
entityManager: EntityManager,
entityManager: WorkspaceEntityManager,
schemaName: string,
) => {
await entityManager
.createQueryBuilder()
.createQueryBuilder(undefined, undefined, undefined, {
shouldBypassPermissionChecks: true,
})
.insert()
.into(`${schemaName}.${tableName}`, [
'id',
Expand Down
9 changes: 5 additions & 4 deletions packages/twenty-server/src/database/typeorm-seeds/workspace/calendar-event-participants.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,17 +1,18 @@
import { EntityManager } from 'typeorm';

import { DEV_SEED_PERSON_IDS } from 'src/database/typeorm-seeds/workspace/seedPeople';
import { DEV_SEED_WORKSPACE_MEMBER_IDS } from 'src/database/typeorm-seeds/workspace/workspace-members';
import { WorkspaceEntityManager } from 'src/engine/twenty-orm/entity-manager/workspace-entity-manager';
import { CalendarEventParticipantResponseStatus } from 'src/modules/calendar/common/standard-objects/calendar-event-participant.workspace-entity';

const tableName = 'calendarEventParticipant';

export const seedCalendarEventParticipants = async (
entityManager: EntityManager,
entityManager: WorkspaceEntityManager,
schemaName: string,
) => {
await entityManager
.createQueryBuilder()
.createQueryBuilder(undefined, undefined, undefined, {
shouldBypassPermissionChecks: true,
})
.insert()
.into(`${schemaName}.${tableName}`, [
'id',
Expand Down
8 changes: 5 additions & 3 deletions packages/twenty-server/src/database/typeorm-seeds/workspace/calendar-events.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,13 +1,15 @@
import { EntityManager } from 'typeorm';
import { WorkspaceEntityManager } from 'src/engine/twenty-orm/entity-manager/workspace-entity-manager';

const tableName = 'calendarEvent';

export const seedCalendarEvents = async (
entityManager: EntityManager,
entityManager: WorkspaceEntityManager,
schemaName: string,
) => {
await entityManager
.createQueryBuilder()
.createQueryBuilder(undefined, undefined, undefined, {
shouldBypassPermissionChecks: true,
})
.insert()
.into(`${schemaName}.${tableName}`, [
'id',
Expand Down
9 changes: 5 additions & 4 deletions packages/twenty-server/src/database/typeorm-seeds/workspace/companies.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,6 +1,5 @@
import { EntityManager } from 'typeorm';

import { DEV_SEED_WORKSPACE_MEMBER_IDS } from 'src/database/typeorm-seeds/workspace/workspace-members';
import { WorkspaceEntityManager } from 'src/engine/twenty-orm/entity-manager/workspace-entity-manager';

const tableName = 'company';

Expand All @@ -21,11 +20,13 @@ export const DEV_SEED_COMPANY_IDS = {
};

export const seedCompanies = async (
entityManager: EntityManager,
entityManager: WorkspaceEntityManager,
schemaName: string,
) => {
await entityManager
.createQueryBuilder()
.createQueryBuilder(undefined, undefined, undefined, {
shouldBypassPermissionChecks: true,
})
.insert()
.into(`${schemaName}.${tableName}`, [
'id',
Expand Down
9 changes: 5 additions & 4 deletions packages/twenty-server/src/database/typeorm-seeds/workspace/connected-account.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,6 +1,5 @@
import { EntityManager } from 'typeorm';

import { DEV_SEED_WORKSPACE_MEMBER_IDS } from 'src/database/typeorm-seeds/workspace/workspace-members';
import { WorkspaceEntityManager } from 'src/engine/twenty-orm/entity-manager/workspace-entity-manager';

const tableName = 'connectedAccount';

Expand All @@ -11,11 +10,13 @@ export const DEV_SEED_CONNECTED_ACCOUNT_IDS = {
};

export const seedConnectedAccount = async (
entityManager: EntityManager,
entityManager: WorkspaceEntityManager,
schemaName: string,
) => {
await entityManager
.createQueryBuilder()
.createQueryBuilder(undefined, undefined, undefined, {
shouldBypassPermissionChecks: true,
})
.insert()
.into(`${schemaName}.${tableName}`, [
'id',
Expand Down
9 changes: 6 additions & 3 deletions packages/twenty-server/src/database/typeorm-seeds/workspace/favorites.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,15 +1,18 @@
import { EntityManager } from 'typeorm';
import { v4 } from 'uuid';

import { WorkspaceEntityManager } from 'src/engine/twenty-orm/entity-manager/workspace-entity-manager';

const tableName = 'favorite';

export const seedWorkspaceFavorites = async (
viewIds: string[],
entityManager: EntityManager,
entityManager: WorkspaceEntityManager,
schemaName: string,
) => {
await entityManager
.createQueryBuilder()
.createQueryBuilder(undefined, undefined, undefined, {
shouldBypassPermissionChecks: true,
})
.insert()
.into(`${schemaName}.${tableName}`, ['id', 'viewId', 'position'])
.values(
Expand Down
9 changes: 5 additions & 4 deletions ...wenty-server/src/database/typeorm-seeds/workspace/message-channel-message-associations.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,7 +1,6 @@
import { EntityManager } from 'typeorm';

import { DEV_SEED_MESSAGE_CHANNEL_IDS } from 'src/database/typeorm-seeds/workspace/message-channels';
import { DEV_SEED_MESSAGE_IDS } from 'src/database/typeorm-seeds/workspace/messages';
import { WorkspaceEntityManager } from 'src/engine/twenty-orm/entity-manager/workspace-entity-manager';
import { MessageDirection } from 'src/modules/messaging/common/enums/message-direction.enum';

const tableName = 'messageChannelMessageAssociation';
Expand All @@ -13,11 +12,13 @@ export const DEV_SEED_MESSAGE_CHANNEL_MESSAGE_ASSOCIATION_IDS = {
};

export const seedMessageChannelMessageAssociation = async (
entityManager: EntityManager,
entityManager: WorkspaceEntityManager,
schemaName: string,
) => {
await entityManager
.createQueryBuilder()
.createQueryBuilder(undefined, undefined, undefined, {
shouldBypassPermissionChecks: true,
})
.insert()
.into(`${schemaName}.${tableName}`, [
'id',
Expand Down
9 changes: 5 additions & 4 deletions packages/twenty-server/src/database/typeorm-seeds/workspace/message-channels.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,6 +1,5 @@
import { EntityManager } from 'typeorm';

import { DEV_SEED_CONNECTED_ACCOUNT_IDS } from 'src/database/typeorm-seeds/workspace/connected-account';
import { WorkspaceEntityManager } from 'src/engine/twenty-orm/entity-manager/workspace-entity-manager';
import {
MessageChannelSyncStage,
MessageChannelVisibility,
Expand All @@ -15,11 +14,13 @@ export const DEV_SEED_MESSAGE_CHANNEL_IDS = {
};

export const seedMessageChannel = async (
entityManager: EntityManager,
entityManager: WorkspaceEntityManager,
schemaName: string,
) => {
await entityManager
.createQueryBuilder()
.createQueryBuilder(undefined, undefined, undefined, {
shouldBypassPermissionChecks: true,
})
.insert()
.into(`${schemaName}.${tableName}`, [
'id',
Expand Down
9 changes: 5 additions & 4 deletions packages/twenty-server/src/database/typeorm-seeds/workspace/message-participants.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,8 +1,7 @@
import { EntityManager } from 'typeorm';

import { DEV_SEED_MESSAGE_IDS } from 'src/database/typeorm-seeds/workspace/messages';
import { DEV_SEED_PERSON_IDS } from 'src/database/typeorm-seeds/workspace/seedPeople';
import { DEV_SEED_WORKSPACE_MEMBER_IDS } from 'src/database/typeorm-seeds/workspace/workspace-members';
import { WorkspaceEntityManager } from 'src/engine/twenty-orm/entity-manager/workspace-entity-manager';

const tableName = 'messageParticipant';

Expand All @@ -16,11 +15,13 @@ export const DEV_SEED_MESSAGE_PARTICIPANT_IDS = {
};

export const seedMessageParticipant = async (
entityManager: EntityManager,
entityManager: WorkspaceEntityManager,
schemaName: string,
) => {
await entityManager
.createQueryBuilder()
.createQueryBuilder(undefined, undefined, undefined, {
shouldBypassPermissionChecks: true,
})
.insert()
.into(`${schemaName}.${tableName}`, [
'id',
Expand Down
8 changes: 5 additions & 3 deletions packages/twenty-server/src/database/typeorm-seeds/workspace/message-thread-subscribers.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
import { EntityManager } from 'typeorm';
import { WorkspaceEntityManager } from 'src/engine/twenty-orm/entity-manager/workspace-entity-manager';

const tableName = 'messageThreadSubscriber';

Expand Down Expand Up @@ -26,11 +26,13 @@ export const DEV_SEED_USER_IDS = {
};

export const seedMessageThreadSubscribers = async (
entityManager: EntityManager,
entityManager: WorkspaceEntityManager,
schemaName: string,
) => {
await entityManager
.createQueryBuilder()
.createQueryBuilder(undefined, undefined, undefined, {
shouldBypassPermissionChecks: true,
})
.insert()
.into(`${schemaName}.${tableName}`, [
'id',
Expand Down
8 changes: 5 additions & 3 deletions packages/twenty-server/src/database/typeorm-seeds/workspace/message-threads.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
import { EntityManager } from 'typeorm';
import { WorkspaceEntityManager } from 'src/engine/twenty-orm/entity-manager/workspace-entity-manager';

const tableName = 'messageThread';

Expand All @@ -11,11 +11,13 @@ export const DEV_SEED_MESSAGE_THREAD_IDS = {
};

export const seedMessageThread = async (
entityManager: EntityManager,
entityManager: WorkspaceEntityManager,
schemaName: string,
) => {
await entityManager
.createQueryBuilder()
.createQueryBuilder(undefined, undefined, undefined, {
shouldBypassPermissionChecks: true,
})
.insert()
.into(`${schemaName}.${tableName}`, [
'id',
Expand Down
9 changes: 5 additions & 4 deletions packages/twenty-server/src/database/typeorm-seeds/workspace/messages.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,6 +1,5 @@
import { EntityManager } from 'typeorm';

import { DEV_SEED_MESSAGE_THREAD_IDS } from 'src/database/typeorm-seeds/workspace/message-threads';
import { WorkspaceEntityManager } from 'src/engine/twenty-orm/entity-manager/workspace-entity-manager';

const tableName = 'message';

Expand All @@ -11,11 +10,13 @@ export const DEV_SEED_MESSAGE_IDS = {
};

export const seedMessage = async (
entityManager: EntityManager,
entityManager: WorkspaceEntityManager,
schemaName: string,
) => {
await entityManager
.createQueryBuilder()
.createQueryBuilder(undefined, undefined, undefined, {
shouldBypassPermissionChecks: true,
})
.insert()
.into(`${schemaName}.${tableName}`, [
'id',
Expand Down
9 changes: 5 additions & 4 deletions packages/twenty-server/src/database/typeorm-seeds/workspace/opportunities.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,8 +1,7 @@
import { EntityManager } from 'typeorm';

import { DEV_SEED_COMPANY_IDS } from 'src/database/typeorm-seeds/workspace/companies';
import { DEV_SEED_PERSON_IDS } from 'src/database/typeorm-seeds/workspace/seedPeople';
import { DEV_SEED_WORKSPACE_MEMBER_IDS } from 'src/database/typeorm-seeds/workspace/workspace-members';
import { WorkspaceEntityManager } from 'src/engine/twenty-orm/entity-manager/workspace-entity-manager';

const tableName = 'opportunity';

Expand All @@ -14,11 +13,13 @@ export const DEV_SEED_OPPORTUNITY_IDS = {
};

export const seedOpportunity = async (
entityManager: EntityManager,
entityManager: WorkspaceEntityManager,
schemaName: string,
) => {
await entityManager
.createQueryBuilder()
.createQueryBuilder(undefined, undefined, undefined, {
shouldBypassPermissionChecks: true,
})
.insert()
.into(`${schemaName}.${tableName}`, [
'id',
Expand Down
9 changes: 5 additions & 4 deletions packages/twenty-server/src/database/typeorm-seeds/workspace/seedPeople.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,7 +1,6 @@
import { EntityManager } from 'typeorm';

import { DEV_SEED_COMPANY_IDS } from 'src/database/typeorm-seeds/workspace/companies';
import { DEV_SEED_WORKSPACE_MEMBER_IDS } from 'src/database/typeorm-seeds/workspace/workspace-members';
import { WorkspaceEntityManager } from 'src/engine/twenty-orm/entity-manager/workspace-entity-manager';

const tableName = 'person';

Expand All @@ -24,11 +23,13 @@ export const DEV_SEED_PERSON_IDS = {
};

export const seedPeople = async (
entityManager: EntityManager,
entityManager: WorkspaceEntityManager,
schemaName: string,
) => {
await entityManager
.createQueryBuilder()
.createQueryBuilder(undefined, undefined, undefined, {
shouldBypassPermissionChecks: true,
})
.insert()
.into(`${schemaName}.${tableName}`, [
'id',
Expand Down
Loading
Loading