(core) apply access control to code view

Summary: Names of private tables and columns were leaking via Code View. This plugs that leak. Test Plan: adds test Reviewers: dsagal Reviewed By: dsagal Differential Revision: https://phab.getgrist.com/D2840
2026-03-02 04:09:24 +00:00 · 2021-05-27 09:18:57 -04:00
parent 96fee73b70
commit 37698f9cb5
3 changed files with 28 additions and 4 deletions
--- a/app/server/lib/ActiveDoc.ts
+++ b/app/server/lib/ActiveDoc.ts
@@ -658,6 +658,12 @@ export class ActiveDoc extends EventEmitter {
   */
  public async fetchTableSchema(docSession: DocSession): Promise<string> {
    this.logInfo(docSession, "fetchTableSchema(%s)", docSession);
+    // Permit code view if user can read everything, or can download/copy (perhaps
+    // via an exceptional permission for sample documents)
+    if (!(await this._granularAccess.canReadEverything(docSession) ||
+          await this.canDownload(docSession))) {
+      throw new ApiError('Cannot view code, it may contain private material', 403);
+    }
    await this.waitForInitialization();
    return this._pyCall('fetch_table_schema');
  }