review(): from PR #8656 (#8870)

This commit is contained in:
Antoine Moreaux 2024-12-05 10:46:13 +01:00 committed by GitHub
parent 99caab1412
commit 33e69805cb
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
36 changed files with 176 additions and 179 deletions

View File

@ -22,6 +22,7 @@ import { WorkspaceProviderEffect } from '@/workspace/components/WorkspaceProvide
import { StrictMode } from 'react';
import { Outlet, useLocation } from 'react-router-dom';
import { getPageTitleFromPath } from '~/utils/title-utils';
import { PageFavicon } from '@/ui/utilities/page-favicon/components/PageFavicon';
export const AppRouterProviders = () => {
const { pathname } = useLocation();
@ -49,6 +50,7 @@ export const AppRouterProviders = () => {
<PromiseRejectionEffect />
<GotoHotkeysEffectsProvider />
<PageTitle title={pageTitle} />
<PageFavicon />
<Outlet />
</StrictMode>
</DialogManager>

View File

@ -31,7 +31,7 @@ import { useReadCaptchaToken } from '@/captcha/hooks/useReadCaptchaToken';
import { signInUpModeState } from '@/auth/states/signInUpModeState';
import { useRequestFreshCaptchaToken } from '@/captcha/hooks/useRequestFreshCaptchaToken';
import { useUrlManager } from '@/url-manager/hooks/useUrlManager';
import { SignInUpMode } from '@/auth/types/signInUpMode.type';
import { SignInUpMode } from '@/auth/types/signInUpMode';
const StyledContentContainer = styled(motion.div)`
margin-bottom: ${({ theme }) => theme.spacing(8)};

View File

@ -5,7 +5,7 @@ import { motion } from 'framer-motion';
import { StyledText } from 'twenty-ui';
import { useTheme } from '@emotion/react';
import { Form } from '@/auth/sign-in-up/hooks/useSignInUpForm';
import { SignInUpMode } from '@/auth/types/signInUpMode.type';
import { SignInUpMode } from '@/auth/types/signInUpMode';
const StyledFullWidthMotionDiv = styled(motion.div)`
width: 100%;

View File

@ -14,7 +14,7 @@ import { useState, useMemo } from 'react';
import { captchaProviderState } from '@/client-config/states/captchaProviderState';
import { isRequestingCaptchaTokenState } from '@/captcha/states/isRequestingCaptchaTokenState';
import { FormProvider } from 'react-hook-form';
import { SignInUpMode } from '@/auth/types/signInUpMode.type';
import { SignInUpMode } from '@/auth/types/signInUpMode';
const StyledForm = styled.form`
align-items: center;

View File

@ -4,15 +4,12 @@ import { useSignInUpForm } from '@/auth/sign-in-up/hooks/useSignInUpForm';
import { SignInUpStep } from '@/auth/states/signInUpStepState';
import { authProvidersState } from '@/client-config/states/authProvidersState';
import styled from '@emotion/styled';
import { useCallback, useEffect } from 'react';
import { useRecoilState } from 'recoil';
import { ActionLink, HorizontalSeparator } from 'twenty-ui';
import { SignInUpWithGoogle } from '@/auth/sign-in-up/components/SignInUpWithGoogle';
import { SignInUpWithMicrosoft } from '@/auth/sign-in-up/components/SignInUpWithMicrosoft';
import { SignInUpWithSSO } from '@/auth/sign-in-up/components/SignInUpWithSSO';
import { SignInUpWithCredentials } from '@/auth/sign-in-up/components/SignInUpWithCredentials';
import { useLocation } from 'react-router-dom';
import { isDefined } from '~/utils/isDefined';
const StyledContentContainer = styled.div`
margin-bottom: ${({ theme }) => theme.spacing(8)};
@ -25,38 +22,7 @@ export const SignInUpWorkspaceScopeForm = () => {
const { form } = useSignInUpForm();
const { handleResetPassword } = useHandleResetPassword();
const { signInUpStep, continueWithEmail, continueWithCredentials } =
useSignInUp(form);
const location = useLocation();
const checkAuthProviders = useCallback(() => {
if (
signInUpStep === SignInUpStep.Init &&
!authProviders.google &&
!authProviders.microsoft &&
!authProviders.sso
) {
return continueWithEmail();
}
const searchParams = new URLSearchParams(location.search);
const email = searchParams.get('email');
if (isDefined(email) && authProviders.password) {
return continueWithCredentials();
}
}, [
continueWithCredentials,
location.search,
authProviders.google,
authProviders.microsoft,
authProviders.password,
authProviders.sso,
continueWithEmail,
signInUpStep,
]);
useEffect(() => {
checkAuthProviders();
}, [checkAuthProviders]);
const { signInUpStep } = useSignInUp(form);
return (
<>

View File

@ -0,0 +1,48 @@
import { SignInUpStep } from '@/auth/states/signInUpStepState';
import { isDefined } from '~/utils/isDefined';
import { useSignInUp } from '@/auth/sign-in-up/hooks/useSignInUp';
import { authProvidersState } from '@/client-config/states/authProvidersState';
import { useSignInUpForm } from '@/auth/sign-in-up/hooks/useSignInUpForm';
import { useRecoilState } from 'recoil';
import { useCallback, useEffect } from 'react';
const searchParams = new URLSearchParams(window.location.search);
const email = searchParams.get('email');
export const SignInUpWorkspaceScopeFormEffect = () => {
const [authProviders] = useRecoilState(authProvidersState);
const { form } = useSignInUpForm();
const { signInUpStep, continueWithEmail, continueWithCredentials } =
useSignInUp(form);
const checkAuthProviders = useCallback(() => {
if (
signInUpStep === SignInUpStep.Init &&
!authProviders.google &&
!authProviders.microsoft &&
!authProviders.sso
) {
return continueWithEmail();
}
if (isDefined(email) && authProviders.password) {
return continueWithCredentials();
}
}, [
signInUpStep,
authProviders.google,
authProviders.microsoft,
authProviders.sso,
authProviders.password,
continueWithEmail,
continueWithCredentials,
]);
useEffect(() => {
checkAuthProviders();
}, [checkAuthProviders]);
return <></>;
};

View File

@ -16,7 +16,7 @@ import {
import { AppPath } from '@/types/AppPath';
import { useAuth } from '../../hooks/useAuth';
import { signInUpModeState } from '@/auth/states/signInUpModeState';
import { SignInUpMode } from '@/auth/types/signInUpMode.type';
import { SignInUpMode } from '@/auth/types/signInUpMode';
export const useSignInUp = (form: UseFormReturn<Form>) => {
const { enqueueSnackBar } = useSnackBar();

View File

@ -58,8 +58,10 @@ export const useSignInUpForm = () => {
useEffect(() => {
if (isDefined(prefilledEmail)) {
form.setValue('email', prefilledEmail);
} else if (isDeveloperDefaultSignInPrefilled === true) {
form.setValue('email', 'tim@apple.dev');
}
if (isDeveloperDefaultSignInPrefilled === true) {
form.setValue('email', prefilledEmail ?? 'tim@apple.dev');
form.setValue('password', 'Applecar2025');
}
}, [
@ -68,5 +70,5 @@ export const useSignInUpForm = () => {
prefilledEmail,
location.search,
]);
return { form, validationSchema };
return { form: form, validationSchema };
};

View File

@ -1,5 +1,5 @@
import { createState } from 'twenty-ui';
import { SignInUpMode } from '@/auth/types/signInUpMode.type';
import { SignInUpMode } from '@/auth/types/signInUpMode';
export const signInUpModeState = createState<SignInUpMode>({
key: 'signInUpModeState',

View File

@ -14,7 +14,7 @@ import { useRecoilValue, useRecoilState } from 'recoil';
import { IconKey } from 'twenty-ui';
import { useListSsoIdentityProvidersByWorkspaceIdQuery } from '~/generated/graphql';
import { SnackBarVariant } from '@/ui/feedback/snack-bar-manager/components/SnackBar';
import { SSOIdentitiesProvidersState } from '@/settings/security/states/SSOIdentitiesProviders.state';
import { SSOIdentitiesProvidersState } from '@/settings/security/states/SSOIdentitiesProvidersState';
import { useSnackBar } from '@/ui/feedback/snack-bar-manager/hooks/useSnackBar';
const StyledLink = styled(Link, {

View File

@ -6,7 +6,7 @@ import { getSettingsPagePath } from '@/settings/utils/getSettingsPagePath';
import { SettingsPath } from '@/types/SettingsPath';
import { SettingsListCard } from '@/settings/components/SettingsListCard';
import { useNavigate } from 'react-router-dom';
import { SSOIdentitiesProvidersState } from '@/settings/security/states/SSOIdentitiesProviders.state';
import { SSOIdentitiesProvidersState } from '@/settings/security/states/SSOIdentitiesProvidersState';
import { useRecoilValue } from 'recoil';
export const SettingsSSOIdentitiesProvidersListCardWrapper = () => {

View File

@ -1,7 +1,7 @@
/* @license Enterprise */
import { SettingsSecuritySSORowDropdownMenu } from '@/settings/security/components/SettingsSecuritySSORowDropdownMenu';
import { SSOIdentitiesProvidersState } from '@/settings/security/states/SSOIdentitiesProviders.state';
import { SSOIdentitiesProvidersState } from '@/settings/security/states/SSOIdentitiesProvidersState';
import { getColorBySSOIdentityProviderStatus } from '@/settings/security/utils/getColorBySSOIdentityProviderStatus';
import { Status } from 'twenty-ui';
import styled from '@emotion/styled';

View File

@ -14,7 +14,7 @@ import {
import { useUpdateWorkspaceMutation } from '~/generated/graphql';
import { AuthProviders } from '~/generated-metadata/graphql';
import { capitalize } from '~/utils/string/capitalize';
import { SSOIdentitiesProvidersState } from '@/settings/security/states/SSOIdentitiesProviders.state';
import { SSOIdentitiesProvidersState } from '@/settings/security/states/SSOIdentitiesProvidersState';
const StyledSettingsSecurityOptionsList = styled.div`
display: flex;

View File

@ -10,7 +10,7 @@ import {
import { useDeleteSSOIdentityProvider } from '@/settings/security/hooks/useDeleteSSOIdentityProvider';
import { useUpdateSSOIdentityProvider } from '@/settings/security/hooks/useUpdateSSOIdentityProvider';
import { SSOIdentitiesProvidersState } from '@/settings/security/states/SSOIdentitiesProviders.state';
import { SSOIdentitiesProvidersState } from '@/settings/security/states/SSOIdentitiesProvidersState';
import { SnackBarVariant } from '@/ui/feedback/snack-bar-manager/components/SnackBar';
import { useSnackBar } from '@/ui/feedback/snack-bar-manager/hooks/useSnackBar';
import { Dropdown } from '@/ui/layout/dropdown/components/Dropdown';

View File

@ -1,6 +1,6 @@
/* @license Enterprise */
import { SSOIdentitiesProvidersState } from '@/settings/security/states/SSOIdentitiesProviders.state';
import { SSOIdentitiesProvidersState } from '@/settings/security/states/SSOIdentitiesProvidersState';
import { useSetRecoilState } from 'recoil';
import {
CreateOidcIdentityProviderMutationVariables,

View File

@ -1,6 +1,6 @@
/* @license Enterprise */
import { SSOIdentitiesProvidersState } from '@/settings/security/states/SSOIdentitiesProviders.state';
import { SSOIdentitiesProvidersState } from '@/settings/security/states/SSOIdentitiesProvidersState';
import { useSetRecoilState } from 'recoil';
import {
DeleteSsoIdentityProviderMutationVariables,

View File

@ -1,6 +1,6 @@
/* @license Enterprise */
import { SSOIdentitiesProvidersState } from '@/settings/security/states/SSOIdentitiesProviders.state';
import { SSOIdentitiesProvidersState } from '@/settings/security/states/SSOIdentitiesProvidersState';
import { useSetRecoilState } from 'recoil';
import {
EditSsoIdentityProviderMutationVariables,

View File

@ -1,4 +0,0 @@
export type AuthProvidersKeys =
| 'isGoogleAuthEnabled'
| 'isMicrosoftAuthEnabled'
| 'isPasswordAuthEnabled';

View File

@ -0,0 +1,20 @@
import { Helmet } from 'react-helmet-async';
import { workspacePublicDataState } from '@/auth/states/workspacePublicDataState';
import { useRecoilValue } from 'recoil';
import { getImageAbsoluteURI } from '~/utils/image/getImageAbsoluteURI';
export const PageFavicon = () => {
const workspacePublicData = useRecoilValue(workspacePublicDataState);
return (
<Helmet>
{workspacePublicData?.logo && (
<link
rel="icon"
type="image/x-icon"
href={getImageAbsoluteURI(workspacePublicData.logo)}
/>
)}
</Helmet>
);
};

View File

@ -76,21 +76,5 @@ export const WorkspaceProviderEffect = () => {
redirectToWorkspace,
]);
useEffect(() => {
try {
if (isDefined(workspacePublicData?.logo)) {
const link: HTMLLinkElement =
document.querySelector("link[rel*='icon']") ||
document.createElement('link');
link.rel = 'icon';
link.href = workspacePublicData.logo;
document.getElementsByTagName('head')[0].appendChild(link);
}
} catch (err) {
// eslint-disable-next-line no-console
console.error(err);
}
}, [workspacePublicData]);
return <></>;
};

View File

@ -17,6 +17,7 @@ import {
} from '~/generated/graphql';
import { isDefined } from '~/utils/isDefined';
import { currentUserState } from '@/auth/states/currentUserState';
import { SignInUpWorkspaceScopeFormEffect } from '@/auth/sign-in-up/components/SignInUpWorkspaceScopeFormEffect';
const StyledContentContainer = styled.div`
margin-bottom: ${({ theme }) => theme.spacing(8)};
@ -93,7 +94,10 @@ export const Invite = () => {
<FooterNote />
</>
) : (
<>
<SignInUpWorkspaceScopeFormEffect />
<SignInUpWorkspaceScopeForm />
</>
)}
</>
);

View File

@ -17,6 +17,7 @@ import { isMultiWorkspaceEnabledState } from '@/client-config/states/isMultiWork
import { useUrlManager } from '@/url-manager/hooks/useUrlManager';
import { useMemo } from 'react';
import { isDefined } from '~/utils/isDefined';
import { SignInUpWorkspaceScopeFormEffect } from '@/auth/sign-in-up/components/SignInUpWorkspaceScopeFormEffect';
export const SignInUp = () => {
const { form } = useSignInUpForm();
@ -43,7 +44,12 @@ export const SignInUp = () => {
isDefined(workspacePublicData) &&
(!isMultiWorkspaceEnabled || isTwentyWorkspaceSubdomain)
) {
return <SignInUpWorkspaceScopeForm />;
return (
<>
<SignInUpWorkspaceScopeFormEffect />
<SignInUpWorkspaceScopeForm />
</>
);
}
return <SignInUpGlobalScopeForm />;

View File

@ -38,7 +38,6 @@ import {
} from 'src/engine/core-modules/auth/auth.exception';
import { OriginHeader } from 'src/engine/decorators/auth/origin-header.decorator';
import { AvailableWorkspaceOutput } from 'src/engine/core-modules/auth/dto/available-workspaces.output';
import { workspaceValidator } from 'src/engine/core-modules/workspace/workspace.validate';
import { DomainManagerService } from 'src/engine/core-modules/domain-manager/service/domain-manager.service';
import { ChallengeInput } from './dto/challenge.input';
@ -129,13 +128,7 @@ export class AuthResolver {
targetWorkspaceSubdomain:
this.domainManagerService.getWorkspaceSubdomainByOrigin(origin),
fromSSO: false,
isAuthEnabled: workspaceValidator.isAuthEnabled(
'password',
new AuthException(
'Password auth is not enabled for this workspace',
AuthExceptionCode.OAUTH_ACCESS_DENIED,
),
),
authProvider: 'password',
});
const loginToken = await this.loginTokenService.generateLoginToken(

View File

@ -18,13 +18,9 @@ import { GoogleProviderEnabledGuard } from 'src/engine/core-modules/auth/guards/
import { AuthService } from 'src/engine/core-modules/auth/services/auth.service';
import { GoogleRequest } from 'src/engine/core-modules/auth/strategies/google.auth.strategy';
import { LoginTokenService } from 'src/engine/core-modules/auth/token/services/login-token.service';
import {
AuthException,
AuthExceptionCode,
} from 'src/engine/core-modules/auth/auth.exception';
import { AuthException } from 'src/engine/core-modules/auth/auth.exception';
import { EnvironmentService } from 'src/engine/core-modules/environment/environment.service';
import { DomainManagerService } from 'src/engine/core-modules/domain-manager/service/domain-manager.service';
import { workspaceValidator } from 'src/engine/core-modules/workspace/workspace.validate';
import { Workspace } from 'src/engine/core-modules/workspace/workspace.entity';
@Controller('auth/google')
@ -70,13 +66,7 @@ export class GoogleAuthController {
workspacePersonalInviteToken,
targetWorkspaceSubdomain,
fromSSO: true,
isAuthEnabled: workspaceValidator.isAuthEnabled(
'google',
new AuthException(
'Google auth is not enabled for this workspace',
AuthExceptionCode.OAUTH_ACCESS_DENIED,
),
),
isAuthEnabled: 'google',
};
if (

View File

@ -15,12 +15,8 @@ import { MicrosoftProviderEnabledGuard } from 'src/engine/core-modules/auth/guar
import { AuthService } from 'src/engine/core-modules/auth/services/auth.service';
import { MicrosoftRequest } from 'src/engine/core-modules/auth/strategies/microsoft.auth.strategy';
import { LoginTokenService } from 'src/engine/core-modules/auth/token/services/login-token.service';
import {
AuthException,
AuthExceptionCode,
} from 'src/engine/core-modules/auth/auth.exception';
import { AuthException } from 'src/engine/core-modules/auth/auth.exception';
import { EnvironmentService } from 'src/engine/core-modules/environment/environment.service';
import { workspaceValidator } from 'src/engine/core-modules/workspace/workspace.validate';
import { DomainManagerService } from 'src/engine/core-modules/domain-manager/service/domain-manager.service';
@Controller('auth/microsoft')
@ -66,13 +62,7 @@ export class MicrosoftAuthController {
workspacePersonalInviteToken,
targetWorkspaceSubdomain,
fromSSO: true,
isAuthEnabled: workspaceValidator.isAuthEnabled(
'microsoft',
new AuthException(
'Microsoft auth is not enabled for this workspace',
AuthExceptionCode.OAUTH_ACCESS_DENIED,
),
),
authProvider: 'microsoft',
});
const loginToken = await this.loginTokenService.generateLoginToken(

View File

@ -45,9 +45,9 @@ import { UserWorkspaceService } from 'src/engine/core-modules/user-workspace/use
import { WorkspaceInvitationService } from 'src/engine/core-modules/workspace-invitation/services/workspace-invitation.service';
import { AvailableWorkspaceOutput } from 'src/engine/core-modules/auth/dto/available-workspaces.output';
import { UserService } from 'src/engine/core-modules/user/services/user.service';
import { workspaceValidator } from 'src/engine/core-modules/workspace/workspace.validate';
import { userValidator } from 'src/engine/core-modules/user/user.validate';
import { DomainManagerService } from 'src/engine/core-modules/domain-manager/service/domain-manager.service';
import { WorkspaceAuthProvider } from 'src/engine/core-modules/workspace/types/workspace.type';
@Injectable()
// eslint-disable-next-line @nx/workspace-inject-workspace-repository
@ -161,7 +161,7 @@ export class AuthService {
lastName,
picture,
fromSSO,
isAuthEnabled,
authProvider,
}: {
email: string;
password?: string;
@ -172,7 +172,7 @@ export class AuthService {
picture?: string | null;
fromSSO: boolean;
targetWorkspaceSubdomain?: string;
isAuthEnabled?: ReturnType<(typeof workspaceValidator)['isAuthEnabled']>;
authProvider?: WorkspaceAuthProvider;
}) {
return await this.signInUpService.signInUp({
email,
@ -184,7 +184,7 @@ export class AuthService {
targetWorkspaceSubdomain,
picture,
fromSSO,
isAuthEnabled,
authProvider,
});
}
@ -201,7 +201,7 @@ export class AuthService {
where: { email },
});
userValidator.assertIsExist(
userValidator.assertIsDefinedOrThrow(
userWithIdAndDefaultWorkspaceId,
new AuthException('User not found', AuthExceptionCode.USER_NOT_FOUND),
);
@ -210,7 +210,7 @@ export class AuthService {
workspaceId &&
userWithIdAndDefaultWorkspaceId.defaultWorkspaceId !== workspaceId
) {
await this.userService.saveDefaultWorkspace(
await this.userService.saveDefaultWorkspaceIfUserHasAccessOrThrow(
userWithIdAndDefaultWorkspaceId.id,
workspaceId,
);
@ -223,7 +223,7 @@ export class AuthService {
relations: ['defaultWorkspace', 'workspaces', 'workspaces.workspace'],
});
userValidator.assertIsExist(
userValidator.assertIsDefinedOrThrow(
user,
new AuthException('User not found', AuthExceptionCode.USER_NOT_FOUND),
);
@ -254,7 +254,7 @@ export class AuthService {
email,
});
if (userValidator.isExist(user)) {
if (userValidator.isDefined(user)) {
return {
exists: true,
availableWorkspaces: await this.findAvailableWorkspacesByEmail(email),
@ -460,7 +460,7 @@ export class AuthService {
],
});
userValidator.assertIsExist(
userValidator.assertIsDefinedOrThrow(
user,
new AuthException('User not found', AuthExceptionCode.USER_NOT_FOUND),
);

View File

@ -32,6 +32,7 @@ import {
} from 'src/engine/core-modules/workspace/workspace.entity';
import { workspaceValidator } from 'src/engine/core-modules/workspace/workspace.validate';
import { getImageBufferFromUrl } from 'src/utils/image';
import { WorkspaceAuthProvider } from 'src/engine/core-modules/workspace/types/workspace.type';
export type SignInUpServiceInput = {
email: string;
@ -43,7 +44,7 @@ export type SignInUpServiceInput = {
picture?: string | null;
fromSSO: boolean;
targetWorkspaceSubdomain?: string;
isAuthEnabled?: ReturnType<(typeof workspaceValidator)['isAuthEnabled']>;
authProvider?: WorkspaceAuthProvider;
};
@Injectable()
@ -73,7 +74,7 @@ export class SignInUpService {
picture,
fromSSO,
targetWorkspaceSubdomain,
isAuthEnabled,
authProvider,
}: SignInUpServiceInput) {
if (!firstName) firstName = '';
if (!lastName) lastName = '';
@ -154,7 +155,7 @@ export class SignInUpService {
lastName,
picture,
existingUser,
isAuthEnabled,
authProvider,
});
await this.workspaceInvitationService.invalidateWorkspaceInvitation(
@ -187,7 +188,7 @@ export class SignInUpService {
lastName,
picture,
existingUser,
isAuthEnabled,
authProvider,
}: {
email: string;
passwordHash: string | undefined;
@ -196,7 +197,7 @@ export class SignInUpService {
lastName: string;
picture: SignInUpServiceInput['picture'];
existingUser: User | null;
isAuthEnabled?: ReturnType<(typeof workspaceValidator)['isAuthEnabled']>;
authProvider?: WorkspaceAuthProvider;
}) {
const isNewUser = !isDefined(existingUser);
let user = existingUser;
@ -217,8 +218,16 @@ export class SignInUpService {
),
);
if (isAuthEnabled)
workspaceValidator.validateAuth(isAuthEnabled, workspace);
if (authProvider) {
workspaceValidator.isAuthEnabledOrThrow(
authProvider,
workspace,
new AuthException(
`${authProvider} auth is not enabled for this workspace`,
AuthExceptionCode.OAUTH_ACCESS_DENIED,
),
);
}
if (isNewUser) {
const imagePath = await this.uploadPicture(picture, workspace.id);
@ -236,7 +245,7 @@ export class SignInUpService {
user = await this.userRepository.save(userToCreate);
}
userValidator.assertIsExist(
userValidator.assertIsDefinedOrThrow(
user,
new AuthException(
'User not found',

View File

@ -47,7 +47,7 @@ describe('SwitchWorkspaceService', () => {
{
provide: UserService,
useValue: {
saveDefaultWorkspace: jest.fn(),
saveDefaultWorkspaceIfUserHasAccessOrThrow: jest.fn(),
},
},
],
@ -211,10 +211,9 @@ describe('SwitchWorkspaceService', () => {
refreshToken: mockRefreshToken,
},
});
expect(userService.saveDefaultWorkspace).toHaveBeenCalledWith(
mockUser.id,
mockWorkspace.id,
);
expect(
userService.saveDefaultWorkspaceIfUserHasAccessOrThrow,
).toHaveBeenCalledWith(mockUser.id, mockWorkspace.id);
expect(accessTokenService.generateAccessToken).toHaveBeenCalledWith(
mockUser.id,
mockWorkspace.id,

View File

@ -78,7 +78,10 @@ export class SwitchWorkspaceService {
user: User,
workspace: Workspace,
): Promise<AuthTokens> {
await this.userService.saveDefaultWorkspace(user.id, workspace.id);
await this.userService.saveDefaultWorkspaceIfUserHasAccessOrThrow(
user.id,
workspace.id,
);
const token = await this.accessTokenService.generateAccessToken(
user.id,

View File

@ -135,7 +135,7 @@ export class UserService extends TypeOrmQueryService<User> {
return user;
}
async saveDefaultWorkspace(userId: string, workspaceId: string) {
async hasUserAccessToWorkspaceOrThrow(userId: string, workspaceId: string) {
const user = await this.userRepository.findOne({
where: {
id: userId,
@ -146,13 +146,20 @@ export class UserService extends TypeOrmQueryService<User> {
relations: ['workspaces'],
});
userValidator.assertIsExist(
userValidator.assertIsDefinedOrThrow(
user,
new AuthException(
'User does not have access to this workspace',
AuthExceptionCode.FORBIDDEN_EXCEPTION,
),
);
}
async saveDefaultWorkspaceIfUserHasAccessOrThrow(
userId: string,
workspaceId: string,
) {
await this.hasUserAccessToWorkspaceOrThrow(userId, workspaceId);
return await this.userRepository.save({
id: userId,

View File

@ -77,7 +77,10 @@ export class UserResolver {
this.environmentService.get('IS_MULTIWORKSPACE_ENABLED') &&
workspaceId
) {
await this.userService.saveDefaultWorkspace(userId, workspaceId);
await this.userService.saveDefaultWorkspaceIfUserHasAccessOrThrow(
userId,
workspaceId,
);
}
const user = await this.userRepository.findOne({
@ -87,7 +90,7 @@ export class UserResolver {
relations: ['defaultWorkspace', 'workspaces', 'workspaces.workspace'],
});
userValidator.assertIsExist(
userValidator.assertIsDefinedOrThrow(
user,
new AuthException('User not found', AuthExceptionCode.USER_NOT_FOUND),
);

View File

@ -1,34 +1,24 @@
import { User } from 'src/engine/core-modules/user/user.entity';
import { CustomException } from 'src/utils/custom-exception';
import { isDefined } from 'src/utils/is-defined';
const assertIsExist = (
const assertIsDefinedOrThrow = (
user: User | undefined | null,
exceptionToThrow: CustomException,
): asserts user is User => {
if (!user) {
if (!isDefined(user)) {
throw exceptionToThrow;
}
};
const isExist = (user: User | undefined | null): user is User => {
return !!user;
};
const assertHasDefaultWorkspace = (
user: User,
exceptionToThrow?: CustomException,
): asserts user is User & { defaultWorkspaceId: string } => {
if (!user.defaultWorkspaceId) {
throw exceptionToThrow;
}
const isUserDefined = (user: User | undefined | null): user is User => {
return isDefined(user);
};
export const userValidator: {
assertIsExist: typeof assertIsExist;
assertHasDefaultWorkspace: typeof assertHasDefaultWorkspace;
isExist: typeof isExist;
assertIsDefinedOrThrow: typeof assertIsDefinedOrThrow;
isDefined: typeof isUserDefined;
} = {
assertIsExist,
assertHasDefaultWorkspace,
isExist,
assertIsDefinedOrThrow,
isDefined: isUserDefined,
};

View File

@ -0,0 +1 @@
export type WorkspaceAuthProvider = 'google' | 'microsoft' | 'password';

View File

@ -3,8 +3,8 @@ import {
WorkspaceActivationStatus,
} from 'src/engine/core-modules/workspace/workspace.entity';
import { CustomException } from 'src/utils/custom-exception';
type WorkspaceAuthProvider = 'google' | 'microsoft' | 'password';
import { AuthException } from 'src/engine/core-modules/auth/auth.exception';
import { WorkspaceAuthProvider } from 'src/engine/core-modules/workspace/types/workspace.type';
const assertIsExist = (
workspace: Workspace | undefined | null,
@ -25,40 +25,24 @@ const assertIsActive = (
throw exceptionToThrow;
};
type IsAuthEnabled = <P extends WorkspaceAuthProvider>(
provider: P,
exceptionToThrow: CustomException,
) => (
const isAuthEnabledOrThrow = (
provider: WorkspaceAuthProvider,
workspace: Workspace,
exceptionToThrowCustom?: CustomException,
) => boolean;
const isAuthEnabled: IsAuthEnabled = (provider, exceptionToThrow) => {
return (workspace, exceptionToThrowCustom = exceptionToThrow) => {
exceptionToThrowCustom: AuthException,
) => {
if (provider === 'google' && workspace.isGoogleAuthEnabled) return true;
if (provider === 'microsoft' && workspace.isMicrosoftAuthEnabled)
return true;
if (provider === 'microsoft' && workspace.isMicrosoftAuthEnabled) return true;
if (provider === 'password' && workspace.isPasswordAuthEnabled) return true;
if (exceptionToThrowCustom) {
throw exceptionToThrowCustom;
}
return false;
};
};
const validateAuth = (fn: ReturnType<IsAuthEnabled>, workspace: Workspace) =>
fn(workspace);
export const workspaceValidator: {
assertIsExist: typeof assertIsExist;
assertIsActive: typeof assertIsActive;
isAuthEnabled: IsAuthEnabled;
validateAuth: typeof validateAuth;
isAuthEnabledOrThrow: typeof isAuthEnabledOrThrow;
} = {
assertIsExist: assertIsExist,
assertIsActive: assertIsActive,
isAuthEnabled,
validateAuth,
isAuthEnabledOrThrow: isAuthEnabledOrThrow,
};