(core) implement cleaner row-level access control for outgoing messages

Summary:
This implements row-level access control for outgoing messages, replacing the document reloading placeholder that was there before.

 * Prior to broadcasting messages, GranularAccess is notified of actions+undo.
 * While broadcasting messages to different sessions, if we find we need row level access control information, rows before and after the change are reconstructed.
 * Messages are rewritten if rows that were previously forbidden are now allowed, and vice versa.

The diff is somewhat under-tested and under-optimized. Next step would be to implement row-level access control for incoming actions, which may result in some rejiggering of the code from this diff to avoid duplication of effort under some conditions.

Test Plan: added test

Reviewers: dsagal

Reviewed By: dsagal

Differential Revision: https://phab.getgrist.com/D2670

app/server/lib/DocClients.ts

@@ -77,7 +77,7 @@ export class DocClients {
    */
   public async broadcastDocMessage(client: Client|null, type: string, messageData: any,
                                    filterMessage?: (docSession: OptDocSession,
-                                                    messageData: any) => any): Promise<void> {
+                                                    messageData: any) => Promise<any>): Promise<void> {
     await Promise.all(this._docSessions.map(async curr => {
       const fromSelf = (curr.client === client);
       try {
@@ -87,7 +87,7 @@ export class DocClients {
           sendDocMessage(curr.client, curr.fd, type, messageData, fromSelf);
         } else {
           try {
-            const filteredMessageData = filterMessage(curr, messageData);
+            const filteredMessageData = await filterMessage(curr, messageData);
             if (filteredMessageData) {
               sendDocMessage(curr.client, curr.fd, type, filteredMessageData, fromSelf);
             } else {