(core) limit access to list of snapshots for documents with granular access

Summary: Snapshots can now only be listed for users with non-nuanced access (no access rules, or owners on docs with rules). If a snapshot URL leaks, or is shared by a user who can list snapshots, that URL behaves as before -- it gives access to the snapshot according to access rules in that snapshot. Test Plan: added test Reviewers: georgegevoian, dsagal Reviewed By: georgegevoian, dsagal Subscribers: jarek Differential Revision: https://phab.getgrist.com/D3698
2026-03-02 04:09:24 +00:00 · 2022-11-15 10:58:25 -05:00
parent ea71312d0e
commit 7b7b26c983
4 changed files with 24 additions and 8 deletions
--- a/app/client/ui/DocHistory.ts
+++ b/app/client/ui/DocHistory.ts
@@ -68,11 +68,19 @@ export class DocHistory extends Disposable implements IDomComponent {
    }

    const snapshots = Observable.create<DocSnapshot[]>(owner, []);
+    const snapshotsDenied = Observable.create<boolean>(owner, false);
    const userApi = this._docPageModel.appModel.api;
    const docApi = userApi.getDocAPI(origUrlId);
    docApi.getSnapshots().then(result =>
-      snapshots.isDisposed() || snapshots.set(result.snapshots)).catch(reportError);
-    return dom('div',
+      snapshots.isDisposed() || snapshots.set(result.snapshots)).catch(err => {
+        snapshotsDenied.set(true);
+        reportError(err);
+      });
+    return dom(
+      'div',
+      dom.maybe(snapshotsDenied, () => cssSnapshotDenied(
+        t('SnapshotsUnavailable'),
+        testId('doc-history-error'))),
      // Note that most recent snapshots are first.
      dom.domComputed(snapshots, (snapshotList) => snapshotList.map((snapshot, index) => {
        const modified = moment(snapshot.lastModified);
@@ -118,6 +126,10 @@ const cssSnapshot = styled('div', `
  margin: 8px 16px;
 `);

+const cssSnapshotDenied = styled('div', `
+  margin: 8px 16px;
+`);
+
 const cssSnapshotTime = styled('div', `
  text-align: right;
  color: ${theme.lightText};