mirror of
https://github.com/gristlabs/grist-core.git
synced 2024-10-27 20:44:07 +00:00
(core) Fixing the ViewAs feature when the example user exists
Summary: View as feature uses example.com emails for simulated users. This can break when such a user already exists in the home db. Here we pretend that these users don't exist during ACL checks. Test Plan: Updated and existing Reviewers: paulfitz Reviewed By: paulfitz Subscribers: paulfitz Differential Revision: https://phab.getgrist.com/D3705
This commit is contained in:
parent
7b7b26c983
commit
af462fc938
@ -1837,7 +1837,11 @@ export class GranularAccess implements GranularAccessForBundle {
|
|||||||
const dbUser = linkParameters.aclAsUserId ?
|
const dbUser = linkParameters.aclAsUserId ?
|
||||||
(await this._homeDbManager.getUser(integerParam(linkParameters.aclAsUserId, 'aclAsUserId'))) :
|
(await this._homeDbManager.getUser(integerParam(linkParameters.aclAsUserId, 'aclAsUserId'))) :
|
||||||
(await this._homeDbManager.getExistingUserByLogin(linkParameters.aclAsUser));
|
(await this._homeDbManager.getExistingUserByLogin(linkParameters.aclAsUser));
|
||||||
if (!dbUser && linkParameters.aclAsUser) {
|
// If this is one of example users we will pretend that it doesn't exist, otherwise we would
|
||||||
|
// end up using permissions of the real user.
|
||||||
|
const isExampleUser = this.getExampleViewAsUsers().some(e => e.email === dbUser?.loginEmail);
|
||||||
|
const userExists = dbUser && !isExampleUser;
|
||||||
|
if (!userExists && linkParameters.aclAsUser) {
|
||||||
// Look further for the user, in user attribute tables or examples.
|
// Look further for the user, in user attribute tables or examples.
|
||||||
const otherUsers = (await this.collectViewAsUsersFromUserAttributeTables())
|
const otherUsers = (await this.collectViewAsUsersFromUserAttributeTables())
|
||||||
.concat(this.getExampleViewAsUsers());
|
.concat(this.getExampleViewAsUsers());
|
||||||
@ -1854,12 +1858,12 @@ export class GranularAccess implements GranularAccessForBundle {
|
|||||||
};
|
};
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
const docAuth = dbUser && await this._homeDbManager.getDocAuthCached({
|
const docAuth = userExists ? await this._homeDbManager.getDocAuthCached({
|
||||||
urlId: this._docId,
|
urlId: this._docId,
|
||||||
userId: dbUser.id
|
userId: dbUser.id
|
||||||
});
|
}) : null;
|
||||||
const access = docAuth?.access || null;
|
const access = docAuth?.access || null;
|
||||||
const user = dbUser && this._homeDbManager.makeFullUser(dbUser) || null;
|
const user = userExists ? this._homeDbManager.makeFullUser(dbUser) : null;
|
||||||
return { access, user };
|
return { access, user };
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -1103,13 +1103,6 @@ export async function selectWidget(
|
|||||||
await waitForServer();
|
await waitForServer();
|
||||||
}
|
}
|
||||||
|
|
||||||
export async function changeWidget(type: string) {
|
|
||||||
await openWidgetPanel();
|
|
||||||
await driver.findContent('.test-right-panel button', /Change Widget/).click();
|
|
||||||
await selectWidget(type);
|
|
||||||
await waitForServer();
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Toggle elem if not selected. Expects elem to be clickable and to have a class ending with
|
* Toggle elem if not selected. Expects elem to be clickable and to have a class ending with
|
||||||
* -selected when selected.
|
* -selected when selected.
|
||||||
@ -1336,14 +1329,6 @@ export async function openWidgetPanel() {
|
|||||||
await driver.find('.test-right-tab-pagewidget').click();
|
await driver.find('.test-right-tab-pagewidget').click();
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
|
||||||
* Opens a Creator Panel on Widget/Table settings tab.
|
|
||||||
*/
|
|
||||||
export async function openColumnPanel() {
|
|
||||||
await toggleSidePanel('right', 'open');
|
|
||||||
await driver.find('.test-right-tab-field').click();
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Moves a column from a hidden to visible section.
|
* Moves a column from a hidden to visible section.
|
||||||
* Needs a visible Creator panel.
|
* Needs a visible Creator panel.
|
||||||
@ -1536,17 +1521,13 @@ export async function deleteColumn(col: IColHeader|string) {
|
|||||||
/**
|
/**
|
||||||
* Sets the type of the currently selected field to value.
|
* Sets the type of the currently selected field to value.
|
||||||
*/
|
*/
|
||||||
export async function setType(type: RegExp|string, options: {skipWait?: boolean, apply?: boolean} = {}) {
|
export async function setType(type: RegExp|string, options: {skipWait?: boolean} = {}) {
|
||||||
await toggleSidePanel('right', 'open');
|
await toggleSidePanel('right', 'open');
|
||||||
await driver.find('.test-right-tab-field').click();
|
await driver.find('.test-right-tab-field').click();
|
||||||
await driver.find('.test-fbuilder-type-select').click();
|
await driver.find('.test-fbuilder-type-select').click();
|
||||||
type = typeof type === 'string' ? exactMatch(type) : type;
|
type = typeof type === 'string' ? exactMatch(type) : type;
|
||||||
await driver.findContentWait('.test-select-menu .test-select-row', type, 500).click();
|
await driver.findContentWait('.test-select-menu .test-select-row', type, 500).click();
|
||||||
if (!options.skipWait || options.apply) { await waitForServer(); }
|
if (!options.skipWait) { await waitForServer(); }
|
||||||
if (options.apply) {
|
|
||||||
await driver.findWait('.test-type-transform-apply', 1000).click();
|
|
||||||
await waitForServer();
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
Loading…
Reference in New Issue
Block a user