(core) add OWNERS='owners', EDITOR='editors', VIEWER='viewers' to condition formulas

Summary: this adds constants for user access roles, to facilitate autocomplete.

Test Plan: updated tests

Reviewers: dsagal

Reviewed By: dsagal

Differential Revision: https://phab.getgrist.com/D2761
This commit is contained in:
Paul Fitzpatrick 2021-03-19 16:01:24 -04:00
parent 0c5f7cf0a7
commit afb83a4ff1
3 changed files with 12 additions and 3 deletions

View File

@ -42,6 +42,8 @@ export function aclFormulaEditor(options: ACLFormulaOptions) {
return [ return [
// The few Python keywords and constants we support. // The few Python keywords and constants we support.
'and', 'or', 'not', 'in', 'is', 'True', 'False', 'None', 'and', 'or', 'not', 'in', 'is', 'True', 'False', 'None',
// Some grist-specific constants:
'OWNER', 'EDITOR', 'VIEWER',
// The common variables. // The common variables.
'user', 'rec', 'user', 'rec',
// Other completions that depend on doc schema or other rules. // Other completions that depend on doc schema or other rules.

View File

@ -13,12 +13,12 @@ const DEFAULT_RULE_SET: RuleSet = {
tableId: '*', tableId: '*',
colIds: '*', colIds: '*',
body: [{ body: [{
aclFormula: "user.Access in ['editors', 'owners']", aclFormula: "user.Access in [EDITOR, OWNER]",
matchFunc: (input) => ['editors', 'owners'].includes(String(input.user.Access)), matchFunc: (input) => ['editors', 'owners'].includes(String(input.user.Access)),
permissions: parsePermissions('all'), permissions: parsePermissions('all'),
permissionsText: 'all', permissionsText: 'all',
}, { }, {
aclFormula: "user.Access in ['viewers']", aclFormula: "user.Access in [VIEWER]",
matchFunc: (input) => ['viewers'].includes(String(input.user.Access)), matchFunc: (input) => ['viewers'].includes(String(input.user.Access)),
permissions: parsePermissions('+R-CUDS'), permissions: parsePermissions('+R-CUDS'),
permissionsText: '+R', permissionsText: '+R',
@ -36,7 +36,7 @@ const EMERGENCY_RULE_SET: RuleSet = {
tableId: '*', tableId: '*',
colIds: '*', colIds: '*',
body: [{ body: [{
aclFormula: "user.Access in ['owners']", aclFormula: "user.Access in [OWNER]",
matchFunc: (input) => ['owners'].includes(String(input.user.Access)), matchFunc: (input) => ['owners'].includes(String(input.user.Access)),
permissions: parsePermissions('all'), permissions: parsePermissions('all'),
permissionsText: 'all', permissionsText: 'all',

View File

@ -13,6 +13,12 @@ import {ErrorWithCode} from 'app/common/ErrorWithCode';
import {AclMatchFunc, AclMatchInput, ParsedAclFormula} from 'app/common/GranularAccessClause'; import {AclMatchFunc, AclMatchInput, ParsedAclFormula} from 'app/common/GranularAccessClause';
import constant = require('lodash/constant'); import constant = require('lodash/constant');
const GRIST_CONSTANTS: Record<string, string> = {
EDITOR: 'editors',
OWNER: 'owners',
VIEWER: 'viewers',
};
/** /**
* Compile a parsed ACL formula into an actual function that can evaluate a request. * Compile a parsed ACL formula into an actual function that can evaluate a request.
*/ */
@ -55,6 +61,7 @@ function _compileNode(parsedAclFormula: ParsedAclFormula): AclEvalFunc {
case 'Const': return constant(parsedAclFormula[1] as CellValue); case 'Const': return constant(parsedAclFormula[1] as CellValue);
case 'Name': { case 'Name': {
const name = rawArgs[0] as keyof AclMatchInput; const name = rawArgs[0] as keyof AclMatchInput;
if (GRIST_CONSTANTS[name]) { return constant(GRIST_CONSTANTS[name]); }
if (!['user', 'rec', 'newRec'].includes(name)) { if (!['user', 'rec', 'newRec'].includes(name)) {
throw new Error(`Unknown variable '${name}'`); throw new Error(`Unknown variable '${name}'`);
} }