Archives/gristlabs_grist-core
1
0
Fork 0
mirror of https://github.com/gristlabs/grist-core.git synced 2026-03-02 04:09:24 +00:00
Code Issues Projects Releases Wiki Activity

(core) Polish Access Details

Browse Source 
Summary:
Instead of showing a blank dialog for users whose access
is limited (e.g. public members), we now show the user's
role and a mention of whether their access is public.

Test Plan: Browser tests.

Reviewers: paulfitz

Reviewed By: paulfitz

Differential Revision: https://phab.getgrist.com/D3431
This commit is contained in:
George Gevoian
2022-05-18 21:51:48 -07:00
parent bad4c68569
commit a6063f570a
10 changed files with 250 additions and 89 deletions
Download Patch File Download Diff File Expand all files Collapse all files

34
app/gen-server/lib/HomeDBManager.ts
View File

@@ -4271,19 +4271,29 @@ export class HomeDBManager extends EventEmitter {
});
}
private _filterAccessData(scope: Scope, users: UserAccessData[],
maxInheritedRole: roles.BasicRole|null, docId?: string): { personal: true}|undefined {
private _filterAccessData(
scope: Scope,
users: UserAccessData[],
maxInheritedRole: roles.BasicRole|null,
docId?: string
): {personal: true, public: boolean}|undefined {
if (scope.userId === this.getPreviewerUserId()) { return; }
// Unless we have special access to the resource, or are an owner,
// limit user information returned to being about the current user.
const thisUser = users.find(user => user.id === scope.userId);
if ((scope.specialPermit?.docId !== docId || !docId) &&
(!thisUser || getRealAccess(thisUser, { maxInheritedRole, users }) !== 'owners')) {
// If not an owner, don't return information about other users.
users.length = 0;
if (thisUser) { users.push(thisUser); }
return { personal: true };
}
// If we have special access to the resource, don't filter user information.
if (scope.specialPermit?.docId === docId && docId) { return; }
const thisUser = this.getAnonymousUserId() === scope.userId
? null
: users.find(user => user.id === scope.userId);
const realAccess = thisUser ? getRealAccess(thisUser, { maxInheritedRole, users }) : null;
// If we are an owner, don't filter user information.
if (thisUser && realAccess === 'owners') { return; }
// Limit user information returned to being about the current user.
users.length = 0;
if (thisUser) { users.push(thisUser); }
return { personal: true, public: !realAccess };
}
}