From 19df43156eb70de3a732df861a456483e52c037e Mon Sep 17 00:00:00 2001
From: Weiko <corentin@twenty.com>
Date: Tue, 9 Apr 2024 11:18:48 +0200
Subject: [PATCH] [calendar] change api scope (#4888)

## Context
Calendar scope was too broad, this PR updates it to events only.
Also changing "Cannot connect Google account to demo workspace" error to
a 404 to avoid having a 500 for something expected
---
 .../auth/controllers/google-apis-auth.controller.ts | 13 +++++++++++--
 .../auth/strategies/google-apis.auth.strategy.ts    |  2 +-
 2 files changed, 12 insertions(+), 3 deletions(-)

diff --git a/packages/twenty-server/src/engine/core-modules/auth/controllers/google-apis-auth.controller.ts b/packages/twenty-server/src/engine/core-modules/auth/controllers/google-apis-auth.controller.ts
index dfafbb5835..8a3efc31f1 100644
--- a/packages/twenty-server/src/engine/core-modules/auth/controllers/google-apis-auth.controller.ts
+++ b/packages/twenty-server/src/engine/core-modules/auth/controllers/google-apis-auth.controller.ts
@@ -1,4 +1,11 @@
-import { Controller, Get, Req, Res, UseGuards } from '@nestjs/common';
+import {
+  Controller,
+  Get,
+  Req,
+  Res,
+  UnauthorizedException,
+  UseGuards,
+} from '@nestjs/common';
 
 import { Response } from 'express';
 
@@ -40,7 +47,9 @@ export class GoogleAPIsAuthController {
     const demoWorkspaceIds = this.environmentService.get('DEMO_WORKSPACE_IDS');
 
     if (demoWorkspaceIds.includes(workspaceId)) {
-      throw new Error('Cannot connect Google account to demo workspace');
+      throw new UnauthorizedException(
+        'Cannot connect Google account to demo workspace',
+      );
     }
 
     if (!workspaceId) {
diff --git a/packages/twenty-server/src/engine/core-modules/auth/strategies/google-apis.auth.strategy.ts b/packages/twenty-server/src/engine/core-modules/auth/strategies/google-apis.auth.strategy.ts
index de05b4aff8..c4b563bacc 100644
--- a/packages/twenty-server/src/engine/core-modules/auth/strategies/google-apis.auth.strategy.ts
+++ b/packages/twenty-server/src/engine/core-modules/auth/strategies/google-apis.auth.strategy.ts
@@ -35,7 +35,7 @@ export class GoogleAPIsStrategy extends PassportStrategy(
     }
 
     if (environmentService.get('CALENDAR_PROVIDER_GOOGLE_ENABLED')) {
-      scope.push('https://www.googleapis.com/auth/calendar');
+      scope.push('https://www.googleapis.com/auth/calendar.events');
     }
 
     super({