mirror of
https://github.com/gristlabs/grist-core.git
synced 2024-10-27 20:44:07 +00:00
(core) Show a clearer message when actions are blocked by ACL rules
Summary: - This replaces the message "Unexpected Error / Access Denied / Report a problem" with a one-line "Blocked by access rules". Test Plan: Only tested manually Reviewers: paulfitz Reviewed By: paulfitz Differential Revision: https://phab.getgrist.com/D2712
This commit is contained in:
parent
7a91d49ea1
commit
6f9b85fc8c
@ -83,7 +83,7 @@ export function reportError(err: Error|string): void {
|
||||
_notifier.createUserError(message, options);
|
||||
} else if (err.name === 'NeedUpgradeError') {
|
||||
_notifier.createUserError(err.message, {actions: ['upgrade'], key: 'NEED_UPGRADE'});
|
||||
} else if (code === 'AUTH_NO_EDIT') {
|
||||
} else if (code === 'AUTH_NO_EDIT' || code === 'ACL_DENY') {
|
||||
_notifier.createUserError(message, {key: code});
|
||||
} else {
|
||||
// If we don't recognize it, consider it an application error (bug) that the user should be
|
||||
|
@ -28,6 +28,7 @@ import {toTableDataAction} from 'app/common/DocActions';
|
||||
import {DocData} from 'app/common/DocData';
|
||||
import {DocSnapshots} from 'app/common/DocSnapshot';
|
||||
import {EncActionBundleFromHub} from 'app/common/EncActionBundle';
|
||||
import {ErrorWithCode} from 'app/common/ErrorWithCode';
|
||||
import {byteString, countIf} from 'app/common/gutil';
|
||||
import {InactivityTimer} from 'app/common/InactivityTimer';
|
||||
import * as marshal from 'app/common/marshal';
|
||||
@ -1183,7 +1184,7 @@ export class ActiveDoc extends EventEmitter {
|
||||
options: ApplyUAOptions = {}): Promise<ApplyUAResult> {
|
||||
|
||||
if (!await this._granularAccess.canMaybeApplyUserActions(docSession, actions)) {
|
||||
throw new Error('cannot perform a requested action');
|
||||
throw new ErrorWithCode('ACL_DENY', 'Action blocked by access rules');
|
||||
}
|
||||
|
||||
const client = docSession.client;
|
||||
|
@ -844,15 +844,15 @@ export class GranularAccess {
|
||||
} else {
|
||||
// Look up user information in database.
|
||||
if (!this._homeDbManager) { throw new Error('database required'); }
|
||||
const user = linkParameters.aclAsUserId ?
|
||||
const dbUser = linkParameters.aclAsUserId ?
|
||||
(await this._homeDbManager.getUser(integerParam(linkParameters.aclAsUserId))) :
|
||||
(await this._homeDbManager.getUserByLogin(linkParameters.aclAsUser));
|
||||
const docAuth = user && await this._homeDbManager.getDocAuthCached({
|
||||
const docAuth = dbUser && await this._homeDbManager.getDocAuthCached({
|
||||
urlId: this._docId,
|
||||
userId: user.id
|
||||
userId: dbUser.id
|
||||
});
|
||||
access = docAuth?.access || null;
|
||||
fullUser = user && this._homeDbManager.makeFullUser(user) || null;
|
||||
fullUser = dbUser && this._homeDbManager.makeFullUser(dbUser) || null;
|
||||
attrs.override = { access, user: fullUser };
|
||||
}
|
||||
} else {
|
||||
@ -1195,7 +1195,7 @@ function getAccessForActionType(a: DocAction): AccessFn {
|
||||
function denyIsFatal(fn: AccessFn): AccessFn {
|
||||
return (ps) => {
|
||||
const result = fn(ps);
|
||||
if (result === 'deny') { throw new Error('access denied'); }
|
||||
if (result === 'deny') { throw new ErrorWithCode('ACL_DENY', 'Blocked by access rules'); }
|
||||
return result;
|
||||
};
|
||||
}
|
||||
|
Loading…
Reference in New Issue
Block a user