Fixes https://github.com/twentyhq/twenty/issues/8863
## Description
This PR fixes an issue with cursor-based pagination when dealing with
composite fields (like `fullName`). Previously, the pagination direction
was incorrectly determined for composite fields because the code wasn't
properly handling nested object structures in the `orderBy` parameter.
Refactored the code accordingly.
**TLDR:**
Solves (https://github.com/twentyhq/private-issues/issues/212)
Add command to sync customer data from stripe to BillingCustomerTable
for all active workspaces. Drop foreign key contraint on billingCustomer
in BillingSubscription (in order to not break the DB).
**In order to test:**
- Billing should be enabled
- Have some workspaces that are active and whose id's are not mentioned
in BillingCustomer (but the customer are present in stripe).
Run the command:
`npx nx run twenty-server:command billing:sync-customer-data`
Take into consideration
Due that all the previous subscriptions in Stripe have the workspaceId
in their metadata, we use that information as source of true for the
data sync
**Things to do:**
- Add tests for Billing utils
- Separate StripeService into multipleServices
(stripeSubscriptionService, stripePriceService etc) perhaps add them in
(https://github.com/twentyhq/private-issues/issues/201)?
Added validation to ensure refresh tokens include a workspaceId,
throwing an exception for malformed tokens. Included workspaceId in
payloads and introduced expiration handling for access tokens. This
enhances token security and prevents potential misuse.
Close#9126
As part of our rollout strategy, let's remove the workspaces gates,
which will trigger the creation of the field metadatas needed for the
aggregate queries features.
In a later release we will remove the feature flag completely, after all
fields have been created for all workspaces
Added new forbidden words and regex patterns to subdomain validation in
`update-workspace-input`. Enhanced the `ForbiddenWords` validator to
support both strings and regex matching. Updated tests to verify
regex-based forbidden subdomain validation.
Fix#9064
---------
Co-authored-by: Weiko <corentin@twenty.com>
Add support for setting a user's default workspace during sign-in if a
target workspace subdomain exists. Enhance error feedback by displaying
authentication error messages using a Snackbar in the front-end and
improving redirect logic for workspace-specific errors.
`No Value` view groups wasn't properly created when we select a group by
field metadata, this PR fix the issue.
Also a script is added to backfill the current view groups.
---------
Co-authored-by: Marie <51697796+ijreilly@users.noreply.github.com>
Introduce `defaultWorkspaceId` to improve workspace redirection logic.
Updated GraphQL schema, server logic, and frontend components
accordingly to prioritize default workspaces when available.
## Summary
This PR adds a mechanism to handle and prioritize default workspace
selection for users during authentication. It updates the logic in
multiple components and services to ensure users are redirected to their
default workspaces if no specific selection is provided.
### Main changes:
- **GraphQL Schema Updates**:
- Enhanced `UserExists` GraphQL entity with a new `defaultWorkspaceId`
field to specify the user's default workspace.
- Updated queries and mutations to handle the `defaultWorkspaceId`.
- **Client-Side Updates**:
- Enhanced `useAuth` hook to include logic for managing default
workspace redirection.
- Adjusted UI logic in `SignInUpGlobalScopeForm` to utilize the
`defaultWorkspaceId`.
- **Server-Side Adjustments**:
- Modified `AuthService` to include `defaultWorkspaceId` in
`checkUserExists`.
- Default workspace logic added to the backend flow for consistent
handling.
- **Tests/Helpers**:
- Added utility and type changes to integrate the new backend response
changes (e.g., `UserExists` GraphQL).
- **Subsequent function lifecycle** was adjusted to include recheck for
workspace token states when performing sign-in flows.
**TLDR**
Solves: https://github.com/twentyhq/private-issues/issues/199
Partially solves: https://github.com/twentyhq/private-issues/issues/221
(more details below)
Updates the BillingMeter and BillingPrice tables while listening to the
events "price.created" and "price.updated" from the stripe webhook. Also
added the foreign keys, that couldn't be added to the BillingEntities.
**In Order To test**
Billing:
- Set IS_BILLING_ENABLED to true
- Add your BILLING_STRIPE_SECRET and BILLING_STRIPE_API_KEY
- Add your BILLING_STRIPE_BASE_PLAN_PRODUCT_ID (use the one in testMode
> Base Plan)
Authenticate with your account in the stripe CLI
Run the command: stripe listen --forward-to
http://localhost:3000/billing/webhooks
Run the twenty workker
Authenticate yourself on the app choose a plan and run the app normally.
In stripe and in posgress the customer table data should be added.
**Take Into Consideration**
In a previous migration the foreign key to workpaceId was taken down
this was due to the separation of the migrations if billing is enabled.
Because we want to separate in these two categories: we will be
polluting the Common Migrations with relations to tables that don't
exists. This will be addressed in a PR in the next sprint (perhaps a
decorator?)
**Doing**
Testing migrations, when we are in main and when billing is enabled.
closes https://github.com/twentyhq/twenty/issues/8727
@Bonapara wants to keep the code for now so I ended up by setting the
`isFunctionSettingsEnabled` constants to false in the codebase
Added a unique constraint to the "subdomain" column in the workspace
entity to ensure no duplicate subdomains exist in the database. Included
a TypeORM migration script to enforce this change at the database level.
We have conflicts which prevents us from running demo seed command after
a database-reset or/and if dev seed has already been populated. This is
because we are trying to create Tim user twice (but due to the
insert()...onConflict() in the seed creation, it does not create the
second one), for seed-dev and seed-demo .
This PR fixes that by using the same user id, allowing us to use the
same Tim apple for both dev/demo seeds
Test
<img width="802" alt="Screenshot 2024-12-16 at 15 36 56"
src="https://github.com/user-attachments/assets/72244978-130f-4561-8709-43376453b247"
/>
<img width="780" alt="Screenshot 2024-12-16 at 15 37 17"
src="https://github.com/user-attachments/assets/01ce221b-34f6-4e48-ae30-d84bdf9d3cc2"
/>
## Summary
This Pull Request centralizes the redirection logic by introducing a
reusable `useRedirect` hook, which replaces direct usage of
`window.location.href` with more standardized and testable functionality
across multiple modules.
- Introduced a new `useRedirect` hook for handling redirection logic
with optional controlled delays.
- Refactored redirection implementations in various modules (`useAuth`,
workspace, and settings-related hooks, etc.) to use the newly introduced
`useRedirect` or related high-level hooks.
- Updated API and documentation to include or improve support for SSO,
particularly OIDC and SAML setup processes in server logic.
- Enhanced frontend and backend configurability with new environment
variable settings for SSO.
---------
Co-authored-by: Félix Malfait <felix@twenty.com>
Fixes https://github.com/twentyhq/twenty/issues/8810
Fixes https://github.com/twentyhq/twenty/issues/5268
Fixes https://github.com/twentyhq/twenty/issues/8971
- Fixing Task/Note creation not sending position during creation
- Adding a command to backfill position being null, using existing
backfill command.
- Removed unused backfill job.
- Updated workspace entities to set position non-nullable and set a
default value to make it non-required on the API
- Updated position factory to set a default position for all objects
having a POSITION field instead of only company/people
- Moved the try/catch in each resolver factory calling
GraphqlQueryRunnerException handler, makes more sense to call it in the
actual graphql-query-runner and removing some duplicate codes
- Adding validations for input in QueryRunnerArgs factories
- Allow sync-metadata to override and sync defaultValues for certain
field types (that can't be updated by users)
- Removing health-check from sync-metadata command during force mode to
improve performances
Solves (https://github.com/twentyhq/private-issues/issues/198)
**TLDR**
Updates the billingProduct table data using stripe webhooks event. It
saves all the updates/creates of the products, but ensuring that it has
the lastest version of the correct metadata attributes (typeof
BillingProductMetadata)
**In order to test**
Billing:
Set IS_BILLING_ENABLED to true
Add your BILLING_STRIPE_SECRET and BILLING_STRIPE_API_KEY
Add your BILLING_STRIPE_BASE_PLAN_PRODUCT_ID (use the one in testMode >
Base Plan)
Authenticate with your account in the stripe CLI
Run the command: stripe listen --forward-to
http://localhost:3000/billing/webhooks
Go to Stripe In test mode and update or create a product using a
metadata of type of BillingProductMetadata, you can also update it using
a different values for metadata.
Co-authored-by: Charles Bochet <charlesBochet@users.noreply.github.com>
We have recently introduced the possibility to specify workspace
specific auth providers.
I'm:
- introducing system wide auth providers (provided by clientConfig)
- making sure workspace specific auth providers belong to system wide
auth providers set
isLabelSyncedWithName should be nullable for fieldMetadata, as it is for
objectMetadata.
+ Adding missing validation on label and name sync in
fieldMetadataService for creation and update
+ adding metadata tests
- composite field need to be formatted before being saved
- repository.create() does not do it. So we simply lose the composite
fields on the way
- save() does it directly and doing create() before does not change
anything
Solves (https://github.com/twentyhq/private-issues/issues/194)
**TLDR**
Updates the billingCustomer table data using stripe webhooks event, also
updates the customer's metadata in stripe, in order to contain the
workspaceId associated to this customer.
**In order to test**
Billing:
- Set IS_BILLING_ENABLED to true
- Add your BILLING_STRIPE_SECRET and BILLING_STRIPE_API_KEY
- Add your BILLING_STRIPE_BASE_PLAN_PRODUCT_ID (use the one in testMode
> Base Plan)
-
Authenticate with your account in the stripe CLI
Run the command: stripe listen --forward-to
http://localhost:3000/billing/webhooks
Run the twenty workker
Authenticate yourself on the app choose a plan and run the app normally.
In stripe and in posgress the customer table data should be added.
**Next steps**
Learn more about integrations tests and implement some for this PR.
---------
Co-authored-by: Félix Malfait <felix@twenty.com>
removeBillingFKWithCore migration is in the wrong folder and is not
executed as intended.
Moving to billing folder to fix that and to be only run in billing mode
## Context
Fix add-subdomain-to-workspace command not included in global module
also fixing the command regex logic that was not generating subdomain
properly
## Summary
This Pull Request introduces a custom validator for checking forbidden
words in workspaces and refines how exceptions are handled within the
workspace module.
- Introduced `ForbiddenWords` custom class validator for validating
forbidden words against specific fields in `UpdateWorkspaceInput`.
- Added `EnvironmentService` usage in `WorkspaceService` to check
default subdomains.
- New file `workspaceGraphqlApiExceptionHandler` to handle GraphQL API
exceptions with specific error mappings.
- Expanded `WorkspaceExceptionCode` with `SUBDOMAIN_ALREADY_TAKEN`.
- Added new unit tests for validating forbidden words and exception
handler behavior.
Fixes#8601
We had 3 implementations of getImageAbsoluteURI: in twenty-front, in
twenty-ui and in twenty-emails. I was able to remove the one in
twenty-front but I could not remove it from twenty-emails as this is a
standalone for now. The vision is to introduce shared utils in a
twenty-shared package
Having a global record crud action adds complex logic.
We decided to split those actions. I only kept a common folder / module
in backend.
⚠️ this may break existing workflows if these were using previous
actions!
Implemented a feature to check the availability of subdomains when
updating workspace settings. This includes a new mutation,
`isSubdomainAvailable`, to validate subdomain availability through
GraphQL. The frontend now verifies if a subdomain is available to
prevent duplicates during updates.
---------
Co-authored-by: Weiko <corentin@twenty.com>
