Introduce GRIST_ANON_PLAYGROUND variable #642 (#651)

* `GRIST_ANON_PLAYGROUND`: When set to 'false' deny anonymous users access to the home page * `GRIST_FORCE_LOGIN`: Much like `GRIST_ANON_PLAYGROUND` but don't support anonymous access at all (features like sharing docs publicly requires authentication) --------- Co-authored-by: Florent FAYOLLE <florent.fayolle@beta.gouv.fr>
2026-03-02 04:09:24 +00:00 · 2023-09-08 15:05:52 +02:00
parent dc5ddc27b0
commit 5ff79703b4
11 changed files with 149 additions and 12 deletions
--- a/app/server/lib/DocApi.ts
+++ b/app/server/lib/DocApi.ts
@@ -170,6 +170,7 @@ export class DocWorkerApi {
    const canView = expressWrap(this._assertAccess.bind(this, 'viewers', false));
    // check document exists (not soft deleted) and user can edit it
    const canEdit = expressWrap(this._assertAccess.bind(this, 'editors', false));
+    const checkAnonymousCreation = expressWrap(this._checkAnonymousCreation.bind(this));
    const isOwner = expressWrap(this._assertAccess.bind(this, 'owners', false));
    // check user can edit document, with soft-deleted documents being acceptable
    const canEditMaybeRemoved = expressWrap(this._assertAccess.bind(this, 'editors', true));
@@ -1234,7 +1235,7 @@ export class DocWorkerApi {
     *
     * TODO: unify this with the other document creation and import endpoints.
     */
-    this._app.post('/api/docs', expressWrap(async (req, res) => {
+    this._app.post('/api/docs', checkAnonymousCreation, expressWrap(async (req, res) => {
      const userId = getUserId(req);

      let uploadId: number|undefined;
@@ -1452,6 +1453,17 @@ export class DocWorkerApi {
    return await this._dbManager.increaseUsage(getDocScope(req), limit, {delta: 1});
  }

+  /**
+   * Disallow document creation for anonymous users if GRIST_ANONYMOUS_CREATION is set to false.
+   */
+  private async _checkAnonymousCreation(req: Request, res: Response, next: NextFunction) {
+    const isAnonPlayground = isAffirmative(process.env.GRIST_ANON_PLAYGROUND ?? true);
+    if (isAnonymousUser(req) && !isAnonPlayground) {
+      throw new ApiError('Anonymous document creation is disabled', 403);
+    }
+    next();
+  }
+
  private async _assertAccess(role: 'viewers'|'editors'|'owners'|null, allowRemoved: boolean,
                              req: Request, res: Response, next: NextFunction) {
    const scope = getDocScope(req);
--- a/app/server/lib/FlexServer.ts
+++ b/app/server/lib/FlexServer.ts
@@ -850,10 +850,11 @@ export class FlexServer implements GristServer {
      baseDomain: this._defaultBaseDomain,
    });

-    const isForced = appSettings.section('login').flag('forced').readBool({
+    const forceLogin = appSettings.section('login').flag('forced').readBool({
      envVar: 'GRIST_FORCE_LOGIN',
    });
-    const forcedLoginMiddleware = isForced ? this._redirectToLoginWithoutExceptionsMiddleware : noop;
+
+    const forcedLoginMiddleware = forceLogin ? this._redirectToLoginWithoutExceptionsMiddleware : noop;

    const welcomeNewUser: express.RequestHandler = isSingleUserMode() ?
      (req, res, next) => next() :
--- a/app/server/lib/sendAppPage.ts
+++ b/app/server/lib/sendAppPage.ts
@@ -56,6 +56,7 @@ export function makeGristConfig(options: MakeGristConfigOptons): GristLoadConfig
    helpCenterUrl: process.env.GRIST_HELP_CENTER || "https://support.getgrist.com",
    pathOnly,
    supportAnon: shouldSupportAnon(),
+    enableAnonPlayground: isAffirmative(process.env.GRIST_ANON_PLAYGROUND ?? true),
    supportEngines: getSupportedEngineChoices(),
    features: getFeatures(),
    pageTitleSuffix: configuredPageTitleSuffix(),