mirror of
https://github.com/gristlabs/grist-core.git
synced 2024-10-27 20:44:07 +00:00
(core) have user.Name come from database for websocket users
Summary: The name of a user for actions made using a websocket until now could be inconsistent with that seen by other means. This draws the name from the database, rather than from session information that may have been cached from an identity provider. Test Plan: added test Reviewers: dsagal Reviewed By: dsagal Subscribers: dsagal Differential Revision: https://phab.getgrist.com/D3379
This commit is contained in:
parent
dea1a8ba1b
commit
c1af5a9803
@ -85,6 +85,7 @@ function Comm(server, options) {
|
|||||||
|
|
||||||
this._settings = options.settings;
|
this._settings = options.settings;
|
||||||
this._hosts = options.hosts;
|
this._hosts = options.hosts;
|
||||||
|
this._dbManager = options.dbManager;
|
||||||
|
|
||||||
// This maps method names to their implementation.
|
// This maps method names to their implementation.
|
||||||
this.methods = {};
|
this.methods = {};
|
||||||
@ -155,13 +156,23 @@ Comm.prototype._broadcastMessage = function(type, data, clients) {
|
|||||||
/**
|
/**
|
||||||
* Returns a profile based on the request or session.
|
* Returns a profile based on the request or session.
|
||||||
*/
|
*/
|
||||||
Comm.prototype._getSessionProfile = function(scopedSession, req) {
|
Comm.prototype._getSessionProfile = async function(scopedSession, req) {
|
||||||
const profile = getRequestProfile(req);
|
const profile = getRequestProfile(req) || await scopedSession.getSessionProfile();
|
||||||
if (profile) {
|
if (this._dbManager && profile?.email) {
|
||||||
return Promise.resolve(profile);
|
try {
|
||||||
} else {
|
// Use latest user name in database, since user name is now exposed via
|
||||||
return scopedSession.getSessionProfile();
|
// user.Name in granular access support.
|
||||||
|
// TODO: might want to subscribe to changes to user information while
|
||||||
|
// the document is open.
|
||||||
|
const user = await this._dbManager.getUserByLogin(profile.email, {profile});
|
||||||
|
profile.name = user.name;
|
||||||
|
} catch (e) {
|
||||||
|
// Not an expected problem, log it and fail brutally.
|
||||||
|
log.debug(`Comm: failed to look up user in database ${profile.email}`);
|
||||||
|
throw e;
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
return profile;
|
||||||
};
|
};
|
||||||
|
|
||||||
|
|
||||||
|
@ -819,12 +819,13 @@ export class FlexServer implements GristServer {
|
|||||||
}
|
}
|
||||||
|
|
||||||
public addComm() {
|
public addComm() {
|
||||||
if (this._check('comm', 'start')) { return; }
|
if (this._check('comm', 'start', 'homedb')) { return; }
|
||||||
this._comm = new Comm(this.server, {
|
this._comm = new Comm(this.server, {
|
||||||
settings: this.settings,
|
settings: this.settings,
|
||||||
sessions: this._sessions,
|
sessions: this._sessions,
|
||||||
hosts: this._hosts,
|
hosts: this._hosts,
|
||||||
httpsServer: this.httpsServer,
|
httpsServer: this.httpsServer,
|
||||||
|
dbManager: this._dbManager,
|
||||||
});
|
});
|
||||||
}
|
}
|
||||||
/**
|
/**
|
||||||
|
Loading…
Reference in New Issue
Block a user