(core) add initial support for special shares

Summary: This gives a mechanism for controlling access control within a document that is distinct from (though implemented with the same machinery as) granular access rules. It was hard to find a good way to insert this that didn't dissolve in a soup of complications, so here's what I went with: * When reading rules, if there are shares, extra rules are added. * If there are shares, all rules are made conditional on a "ShareRef" user property. * "ShareRef" is null when a doc is accessed in normal way, and the row id of a share when accessed via a share. There's no UI for controlling shares (George is working on it for forms), but you can do it by editing a `_grist_Shares` table in a document. Suppose you make a fresh document with a single page/table/widget, then to create an empty share you can do: ``` gristDocPageModel.gristDoc.get().docData.sendAction(['AddRecord', '_grist_Shares', null, {linkId: 'xyz', options: '{"publish": true}'}]) ``` If you look at the home db now there should be something in the `shares` table: ``` $ sqlite3 -table landing.db "select * from shares" +----+------------------------+------------------------+--------------+---------+ | id | key | doc_id | link_id | options | +----+------------------------+------------------------+--------------+---------+ | 1 | gSL4g38PsyautLHnjmXh2K | 4qYuace1xP2CTcPunFdtan | xyz | ... | +----+------------------------+------------------------+--------------+---------+ ``` If you take the key from that (gSL4g38PsyautLHnjmXh2K in this case) and replace the document's urlId in its URL with `s.<key>` (in this case `s.gSL4g38PsyautLHnjmXh2K` then you can use the regular document landing page (it will be quite blank initially) or API endpoint via the share. E.g. for me `http://localhost:8080/o/docs/s0gSL4g38PsyautLHnjmXh2K/share-inter-3` accesses the doc. To actually share some material - useful commands: ``` gristDocPageModel.gristDoc.get().docData.getMetaTable('_grist_Views_section').getRecords() gristDocPageModel.gristDoc.get().docData.sendAction(['UpdateRecord', '_grist_Views_section', 1, {shareOptions: '{"publish": true, "form": true}'}]) gristDocPageModel.gristDoc.get().docData.getMetaTable('_grist_Pages').getRecords() gristDocPageModel.gristDoc.get().docData.sendAction(['UpdateRecord', '_grist_Pages', 1, {shareRef: 1}]) ``` For a share to be effective, at least one page needs to have its shareRef set to the rowId of the share, and at least one widget on one of those pages needs to have its shareOptions set to {"publish": "true", "form": "true"} (meaning turn on sharing, and include form sharing), and the share itself needs {"publish": true} on its options. I think special shares are kind of incompatible with public sharing, since by their nature (allowing access to all endpoints) they easily expose the docId, and changing that would be hard. Test Plan: tests added Reviewers: dsagal, georgegevoian Reviewed By: dsagal, georgegevoian Subscribers: jarek, dsagal Differential Revision: https://phab.getgrist.com/D4144
2026-03-02 04:09:24 +00:00 · 2024-01-03 11:53:20 -05:00
parent f079d4b340
commit 2a206dfcf8
39 changed files with 897 additions and 68 deletions
--- a/sandbox/grist/migrations.py
+++ b/sandbox/grist/migrations.py
@@ -1289,3 +1289,21 @@ def migration40(tdset):
    new_view_section_id += 1

  return tdset.apply_doc_actions(doc_actions)
+
+@migration(schema_version=41)
+def migration41(tdset):
+  """
+  Add a table for tracking special shares.
+  """
+  doc_actions = [
+    actions.AddTable("_grist_Shares", [
+      schema.make_column("linkId", "Text"),
+      schema.make_column("options", "Text"),
+      schema.make_column("label", "Text"),
+      schema.make_column("description", "Text"),
+    ]),
+    add_column('_grist_Pages', 'shareRef', 'Ref:_grist_Shares'),
+    add_column('_grist_Views_section', 'shareOptions', 'Text'),
+  ]
+
+  return tdset.apply_doc_actions(doc_actions)
--- a/sandbox/grist/schema.py
+++ b/sandbox/grist/schema.py
@@ -15,7 +15,7 @@ import six

 import actions

-SCHEMA_VERSION = 40
+SCHEMA_VERSION = 41

 def make_column(col_id, col_type, formula='', isFormula=False):
  return {
@@ -163,6 +163,7 @@ def schema_create_actions():
      make_column("viewRef", "Ref:_grist_Views"),
      make_column("indentation", "Int"),
      make_column("pagePos", "PositionNumber"),
+      make_column("shareRef", "Ref:_grist_Shares"),
    ]),

    # All user views.
@@ -199,6 +200,7 @@ def schema_create_actions():
      make_column("embedId",            "Text"),
      # Points to formula columns that hold conditional formatting rules for this view section.
      make_column("rules",              "RefList:_grist_Tables_column"),
+      make_column("shareOptions",       "Text"),
    ]),
    # The fields of a view section.
    actions.AddTable("_grist_Views_section_field", [
@@ -350,6 +352,14 @@ def schema_create_actions():
      make_column("content",        "Text"),
      make_column("userRef",        "Text"),
    ]),
+
+    actions.AddTable('_grist_Shares', [
+      make_column('linkId',         'Text'),   # Used to match records in home db without
+                                               # necessarily trusting the document much.
+      make_column('options',        'Text'),
+      make_column('label',          'Text'),
+      make_column('description',    'Text'),
+    ]),
  ]


--- a/sandbox/grist/test_completion.py
+++ b/sandbox/grist/test_completion.py
@@ -18,7 +18,8 @@ class TestCompletion(test_engine.EngineTestCase):
    'Email': 'foo@example.com',
    'Access': 'owners',
    'SessionID': 'u1',
-    'IsLoggedIn': True
+    'IsLoggedIn': True,
+    'ShareRef': None
  }

  def setUp(self):
@@ -100,9 +101,10 @@ class TestCompletion(test_engine.EngineTestCase):
        ('user.Name', "'Foo'"),
        ('user.Origin', 'None'),
        ('user.SessionID', "'u1'"),
+        ('user.ShareRef', 'None'),
        ('user.StudentInfo', 'Students[1]'),
        ('user.UserID', '1'),
-        ('user.UserRef', "'1'"),
+        ('user.UserRef', "'1'")
      ]
    )
    # Should follow user attribute references and autocomplete those types.
@@ -133,7 +135,8 @@ class TestCompletion(test_engine.EngineTestCase):
      'UserRef': '2',
      'Access': 'owners',
      'SessionID': 'u2',
-      'IsLoggedIn': True
+      'IsLoggedIn': True,
+      'ShareRef': None
    }
    self.assertEqual(
      self.autocomplete("user.", "Schools", "lastModified", user2, row_id=2),
@@ -145,6 +148,7 @@ class TestCompletion(test_engine.EngineTestCase):
        ('user.Name', "'Bar'"),
        ('user.Origin', 'None'),
        ('user.SessionID', "'u2'"),
+        ('user.ShareRef', 'None'),
        ('user.UserID', '2'),
        ('user.UserRef', "'2'"),
      ]
--- a/sandbox/grist/test_renames.py
+++ b/sandbox/grist/test_renames.py
@@ -346,7 +346,8 @@ class TestRenames(test_engine.EngineTestCase):
      'Email': 'foo@example.com',
      'Access': 'owners',
      'SessionID': 'u1',
-      'IsLoggedIn': True
+      'IsLoggedIn': True,
+      'ShareRef': None
    }

    # Renaming a table should not leave the old name available for auto-complete.
--- a/sandbox/grist/test_trigger_formulas.py
+++ b/sandbox/grist/test_trigger_formulas.py
@@ -572,7 +572,8 @@ class TestTriggerFormulas(test_engine.EngineTestCase):
      'Email': 'foo.bar@getgrist.com',
      'Access': 'owners',
      'SessionID': 'u1',
-      'IsLoggedIn': True
+      'IsLoggedIn': True,
+      'ShareRef': None
    }
    user2 = {
      'Name': 'Baz Qux',
@@ -584,7 +585,8 @@ class TestTriggerFormulas(test_engine.EngineTestCase):
      'Email': 'baz.qux@getgrist.com',
      'Access': 'owners',
      'SessionID': 'u2',
-      'IsLoggedIn': True
+      'IsLoggedIn': True,
+      'ShareRef': None
    }
    # Use formula to store last modified by data (user name and email). Check that it works as expected.
    self.load_sample(self.sample)
--- a/sandbox/grist/test_user.py
+++ b/sandbox/grist/test_user.py
@@ -22,7 +22,8 @@ class TestUser(test_engine.EngineTestCase):
      'Origin': 'https://getgrist.com',
      'StudentInfo': ['Students', 1],
      'SessionID': 'u1',
-      'IsLoggedIn': True
+      'IsLoggedIn': True,
+      'ShareRef': None
    }
    u = User(data, self.engine.tables)
    self.assertEqual(u.Name, 'Foo Bar')
@@ -51,7 +52,8 @@ class TestUser(test_engine.EngineTestCase):
      'Origin': 'https://getgrist.com',
      'StudentInfo': ['Students', 1],
      'SessionID': 'u1',
-      'IsLoggedIn': True
+      'IsLoggedIn': True,
+      'ShareRef': None
    }
    u = User(data, self.engine.tables, is_sample=True)
    self.assertEqual(u.StudentInfo.id, 0)
--- a/sandbox/grist/user.py
+++ b/sandbox/grist/user.py
@@ -20,6 +20,7 @@ the following fields:
 - LinkKey: dictionary
 - SessionID: string or None
 - IsLoggedIn: boolean
+ - ShareRef: integer or None

 Additional keys may be included, which may have a value that is
 either None or of type tuple with the following shape:
@@ -44,7 +45,7 @@ class User(object):
  """
  def __init__(self, data, tables, is_sample=False):
    for attr in ('Access', 'UserID', 'Email', 'Name', 'Origin', 'SessionID',
-                 'IsLoggedIn', 'UserRef'):
+                 'IsLoggedIn', 'UserRef', 'ShareRef'):
      setattr(self, attr, data[attr])

    self.LinkKey = LinkKey(data['LinkKey'])