(core) Fixing the ViewAs feature when the example user exists

Summary:
View as feature uses example.com emails for simulated users. This can break
when such a user already exists in the home db. Here we pretend that these users
don't exist during ACL checks.

Test Plan: Updated and existing

Reviewers: paulfitz

Reviewed By: paulfitz

Subscribers: paulfitz

Differential Revision: https://phab.getgrist.com/D3705
This commit is contained in:
Jarosław Sadziński 2022-11-17 15:14:49 +01:00
parent 7b7b26c983
commit af462fc938
2 changed files with 10 additions and 25 deletions

View File

@ -1837,7 +1837,11 @@ export class GranularAccess implements GranularAccessForBundle {
const dbUser = linkParameters.aclAsUserId ? const dbUser = linkParameters.aclAsUserId ?
(await this._homeDbManager.getUser(integerParam(linkParameters.aclAsUserId, 'aclAsUserId'))) : (await this._homeDbManager.getUser(integerParam(linkParameters.aclAsUserId, 'aclAsUserId'))) :
(await this._homeDbManager.getExistingUserByLogin(linkParameters.aclAsUser)); (await this._homeDbManager.getExistingUserByLogin(linkParameters.aclAsUser));
if (!dbUser && linkParameters.aclAsUser) { // If this is one of example users we will pretend that it doesn't exist, otherwise we would
// end up using permissions of the real user.
const isExampleUser = this.getExampleViewAsUsers().some(e => e.email === dbUser?.loginEmail);
const userExists = dbUser && !isExampleUser;
if (!userExists && linkParameters.aclAsUser) {
// Look further for the user, in user attribute tables or examples. // Look further for the user, in user attribute tables or examples.
const otherUsers = (await this.collectViewAsUsersFromUserAttributeTables()) const otherUsers = (await this.collectViewAsUsersFromUserAttributeTables())
.concat(this.getExampleViewAsUsers()); .concat(this.getExampleViewAsUsers());
@ -1854,12 +1858,12 @@ export class GranularAccess implements GranularAccessForBundle {
}; };
} }
} }
const docAuth = dbUser && await this._homeDbManager.getDocAuthCached({ const docAuth = userExists ? await this._homeDbManager.getDocAuthCached({
urlId: this._docId, urlId: this._docId,
userId: dbUser.id userId: dbUser.id
}); }) : null;
const access = docAuth?.access || null; const access = docAuth?.access || null;
const user = dbUser && this._homeDbManager.makeFullUser(dbUser) || null; const user = userExists ? this._homeDbManager.makeFullUser(dbUser) : null;
return { access, user }; return { access, user };
} }

View File

@ -1103,13 +1103,6 @@ export async function selectWidget(
await waitForServer(); await waitForServer();
} }
export async function changeWidget(type: string) {
await openWidgetPanel();
await driver.findContent('.test-right-panel button', /Change Widget/).click();
await selectWidget(type);
await waitForServer();
}
/** /**
* Toggle elem if not selected. Expects elem to be clickable and to have a class ending with * Toggle elem if not selected. Expects elem to be clickable and to have a class ending with
* -selected when selected. * -selected when selected.
@ -1336,14 +1329,6 @@ export async function openWidgetPanel() {
await driver.find('.test-right-tab-pagewidget').click(); await driver.find('.test-right-tab-pagewidget').click();
} }
/**
* Opens a Creator Panel on Widget/Table settings tab.
*/
export async function openColumnPanel() {
await toggleSidePanel('right', 'open');
await driver.find('.test-right-tab-field').click();
}
/** /**
* Moves a column from a hidden to visible section. * Moves a column from a hidden to visible section.
* Needs a visible Creator panel. * Needs a visible Creator panel.
@ -1536,17 +1521,13 @@ export async function deleteColumn(col: IColHeader|string) {
/** /**
* Sets the type of the currently selected field to value. * Sets the type of the currently selected field to value.
*/ */
export async function setType(type: RegExp|string, options: {skipWait?: boolean, apply?: boolean} = {}) { export async function setType(type: RegExp|string, options: {skipWait?: boolean} = {}) {
await toggleSidePanel('right', 'open'); await toggleSidePanel('right', 'open');
await driver.find('.test-right-tab-field').click(); await driver.find('.test-right-tab-field').click();
await driver.find('.test-fbuilder-type-select').click(); await driver.find('.test-fbuilder-type-select').click();
type = typeof type === 'string' ? exactMatch(type) : type; type = typeof type === 'string' ? exactMatch(type) : type;
await driver.findContentWait('.test-select-menu .test-select-row', type, 500).click(); await driver.findContentWait('.test-select-menu .test-select-row', type, 500).click();
if (!options.skipWait || options.apply) { await waitForServer(); } if (!options.skipWait) { await waitForServer(); }
if (options.apply) {
await driver.findWait('.test-type-transform-apply', 1000).click();
await waitForServer();
}
} }
/** /**