feat(twenty-server): add trusted domain - backend crud

packages/twenty-emails/src/emails/validate-approved-access-domain.email.tsx

@@ -0,0 +1,67 @@
+import { t } from '@lingui/core/macro';
+import { Trans } from '@lingui/react/macro';
+import { Img } from '@react-email/components';
+import { emailTheme } from 'src/common-style';
+
+import { BaseEmail } from 'src/components/BaseEmail';
+import { CallToAction } from 'src/components/CallToAction';
+import { HighlightedContainer } from 'src/components/HighlightedContainer';
+import { HighlightedText } from 'src/components/HighlightedText';
+import { Link } from 'src/components/Link';
+import { MainText } from 'src/components/MainText';
+import { Title } from 'src/components/Title';
+import { WhatIsTwenty } from 'src/components/WhatIsTwenty';
+import { capitalize } from 'src/utils/capitalize';
+import { APP_LOCALES, getImageAbsoluteURI } from 'twenty-shared';
+
+type SendApprovedAccessDomainValidationProps = {
+  link: string;
+  domain: string;
+  workspace: { name: string | undefined; logo: string | undefined };
+  sender: {
+    email: string;
+    firstName: string;
+    lastName: string;
+  };
+  serverUrl: string;
+  locale: keyof typeof APP_LOCALES;
+};
+
+export const SendApprovedAccessDomainValidation = ({
+  link,
+  domain,
+  workspace,
+  sender,
+  serverUrl,
+  locale,
+}: SendApprovedAccessDomainValidationProps) => {
+  const workspaceLogo = workspace.logo
+    ? getImageAbsoluteURI({ imageUrl: workspace.logo, baseUrl: serverUrl })
+    : null;
+
+  return (
+    <BaseEmail width={333} locale={locale}>
+      <Title value={t`Validate domain`} />
+      <MainText>
+        {capitalize(sender.firstName)} (
+        <Link
+          href={`mailto:${sender.email}`}
+          value={sender.email}
+          color={emailTheme.font.colors.blue}
+        />
+        )
+        <Trans>
+          Please validate this domain to allow users with <b>@{domain}</b> email
+          addresses to join your workspace without requiring an invitation.
+        </Trans>
+        <br />
+      </MainText>
+      <HighlightedContainer>
+        {workspaceLogo && <Img src={workspaceLogo} width={40} height={40} />}
+        {workspace.name && <HighlightedText value={workspace.name} />}
+        <CallToAction href={link} value={t`Validate domain`} />
+      </HighlightedContainer>
+      <WhatIsTwenty />
+    </BaseEmail>
+  );
+};

packages/twenty-emails/src/index.ts

@@ -4,3 +4,4 @@ export * from './emails/password-update-notify.email';
 export * from './emails/send-email-verification-link.email';
 export * from './emails/send-invite-link.email';
 export * from './emails/warn-suspended-workspace.email';
+export * from './emails/validate-approved-access-domain.email';

packages/twenty-front/src/generated-metadata/graphql.ts

@@ -102,6 +102,14 @@ export type AppTokenEdge = {
   node: AppToken;
 };
 
+export type ApprovedAccessDomain = {
+  __typename?: 'ApprovedAccessDomain';
+  createdAt: Scalars['DateTime']['output'];
+  domain: Scalars['String']['output'];
+  id: Scalars['UUID']['output'];
+  isValidated: Scalars['Boolean']['output'];
+};
+
 export type AuthProviders = {
   __typename?: 'AuthProviders';
   google: Scalars['Boolean']['output'];
@@ -305,6 +313,11 @@ export type CreateAppTokenInput = {
   expiresAt: Scalars['DateTime']['input'];
 };
 
+export type CreateApprovedAccessDomainInput = {
+  domain: Scalars['String']['input'];
+  email: Scalars['String']['input'];
+};
+
 export type CreateDraftFromWorkflowVersionInput = {
   /** Workflow ID */
   workflowId: Scalars['String']['input'];
@@ -428,6 +441,10 @@ export type CustomDomainValidRecords = {
   records: Array<CustomDomainRecord>;
 };
 
+export type DeleteApprovedAccessDomainInput = {
+  id: Scalars['String']['input'];
+};
+
 export type DeleteOneFieldInput = {
   /** The id of the field to delete. */
   id: Scalars['UUID']['input'];
@@ -550,6 +567,7 @@ export enum FeatureFlagKey {
   IsAdvancedFiltersEnabled = 'IsAdvancedFiltersEnabled',
   IsAirtableIntegrationEnabled = 'IsAirtableIntegrationEnabled',
   IsAnalyticsV2Enabled = 'IsAnalyticsV2Enabled',
+  IsApprovedAccessDomainsEnabled = 'IsApprovedAccessDomainsEnabled',
   IsBillingPlansEnabled = 'IsBillingPlansEnabled',
   IsCommandMenuV2Enabled = 'IsCommandMenuV2Enabled',
   IsCopilotEnabled = 'IsCopilotEnabled',
@@ -839,6 +857,7 @@ export type Mutation = {
   checkCustomDomainValidRecords?: Maybe<CustomDomainValidRecords>;
   checkoutSession: BillingSessionOutput;
   computeStepOutputSchema: Scalars['JSON']['output'];
+  createApprovedAccessDomain: ApprovedAccessDomain;
   createDraftFromWorkflowVersion: WorkflowVersion;
   createOIDCIdentityProvider: SetupSsoOutput;
   createOneAppToken: AppToken;
@@ -850,6 +869,7 @@ export type Mutation = {
   createSAMLIdentityProvider: SetupSsoOutput;
   createWorkflowVersionStep: WorkflowAction;
   deactivateWorkflowVersion: Scalars['Boolean']['output'];
+  deleteApprovedAccessDomain: Scalars['Boolean']['output'];
   deleteCurrentWorkspace: Workspace;
   deleteOneField: Field;
   deleteOneObject: Object;
@@ -900,6 +920,7 @@ export type Mutation = {
   uploadProfilePicture: Scalars['String']['output'];
   uploadWorkspaceLogo: Scalars['String']['output'];
   userLookupAdminPanel: UserLookup;
+  validateApprovedAccessDomain: ApprovedAccessDomain;
 };
 
 
@@ -938,6 +959,11 @@ export type MutationComputeStepOutputSchemaArgs = {
 };
 
 
+export type MutationCreateApprovedAccessDomainArgs = {
+  input: CreateApprovedAccessDomainInput;
+};
+
+
 export type MutationCreateDraftFromWorkflowVersionArgs = {
   input: CreateDraftFromWorkflowVersionInput;
 };
@@ -993,6 +1019,11 @@ export type MutationDeactivateWorkflowVersionArgs = {
 };
 
 
+export type MutationDeleteApprovedAccessDomainArgs = {
+  input: DeleteApprovedAccessDomainInput;
+};
+
+
 export type MutationDeleteOneFieldArgs = {
   input: DeleteOneFieldInput;
 };
@@ -1225,6 +1256,11 @@ export type MutationUserLookupAdminPanelArgs = {
   userIdentifier: Scalars['String']['input'];
 };
 
+
+export type MutationValidateApprovedAccessDomainArgs = {
+  input: ValidateApprovedAccessDomainInput;
+};
+
 export type Object = {
   __typename?: 'Object';
   createdAt: Scalars['DateTime']['output'];
@@ -1393,6 +1429,7 @@ export type Query = {
   findOneServerlessFunction: ServerlessFunction;
   findWorkspaceFromInviteHash: Workspace;
   findWorkspaceInvitations: Array<WorkspaceInvitation>;
+  getApprovedAccessDomains: Array<ApprovedAccessDomain>;
   getAvailablePackages: Scalars['JSON']['output'];
   getEnvironmentVariablesGrouped: EnvironmentVariablesOutput;
   getIndicatorHealthStatus: AdminPanelHealthServiceData;
@@ -2112,6 +2149,11 @@ export type UserWorkspace = {
   workspaceId: Scalars['String']['output'];
 };
 
+export type ValidateApprovedAccessDomainInput = {
+  approvedAccessDomainId: Scalars['String']['input'];
+  validationToken: Scalars['String']['input'];
+};
+
 export type ValidatePasswordResetToken = {
   __typename?: 'ValidatePasswordResetToken';
   email: Scalars['String']['output'];