Conversation
![greptile-apps[bot]](https://avatars.githubusercontent.com/in/867647?s=60&v=4){kind=small}
Contributor
There was a problem hiding this comment.
Greptile Overview
Greptile Summary
This PR completes the work started in PR #15547 by adding shouldBypassPermissionChecks: true to two remaining workspaceMember repository calls that were missed in the initial implementation.
Changes:
microsoft-apis.service.ts:161- Added bypass flag to workspaceMember repository call in the reconnection flowuser-role.service.ts:156- Added bypass flag to workspaceMember repository call when retrieving members assigned to a role
Context:
PR #15547 introduced the ability to work with workspaceMember as a non-system object for demo purposes. This requires bypassing permission checks for all workspaceMember repository calls. This PR ensures consistency across the codebase by adding the flag to two locations that were overlooked.
The changes are safe because:
workspaceMemberwas previously a system object with permissions already bypassed- System-level permissions for workspace member operations are checked elsewhere
- This maintains functional parity with the previous behavior while supporting the demo workspace configuration
Confidence Score: 5/5
- This PR is safe to merge with no risk - it completes a pattern established in PR #15547
- Score reflects that these are minimal, mechanical changes following an established and reviewed pattern from PR #15547. The changes add explicit permission bypass flags to workspaceMember repository calls, which maintains the same effective behavior as before (since workspaceMember was a system object). No logic changes, no new functionality, just consistency improvements.
- No files require special attention - both changes are straightforward parameter additions
Important Files Changed
File Analysis
| Filename | Score | Overview |
|---|---|---|
| packages/twenty-server/src/engine/core-modules/auth/services/microsoft-apis.service.ts | 5/5 | Added shouldBypassPermissionChecks: true to workspaceMember repository call on line 161, consistent with PR #15547 pattern |
| packages/twenty-server/src/engine/metadata-modules/user-role/user-role.service.ts | 5/5 | Added shouldBypassPermissionChecks: true to workspaceMember repository call on line 156, consistent with PR #15547 pattern |
Sequence Diagram
sequenceDiagram
participant Service as MicrosoftAPIsService/UserRoleService
participant ORM as TwentyORMGlobalManager
participant Repo as WorkspaceMemberRepository
participant DB as Database
Note over Service,DB: PR #15666: Adding shouldBypassPermissionChecks
Service->>ORM: getRepositoryForWorkspace(workspaceId, 'workspaceMember', {shouldBypassPermissionChecks: true})
Note over ORM: Before: No third parameter<br/>After: Added bypass flag
ORM->>Repo: Create repository with bypass flag
Repo-->>Service: WorkspaceMemberRepository
Service->>Repo: findOneOrFail() / find()
Note over Repo: Bypasses permission checks<br/>for demo workspace support
Repo->>DB: Query workspaceMember
DB-->>Repo: WorkspaceMember data
Repo-->>Service: WorkspaceMember entity
2 files reviewed, no comments
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
following #15547