(core) discount indirect changes for access control purposes

Summary: This diff discounts indirect changes for access control purposes. A UserAction that updates a cell A, which in turn causes changes in other dependent cells, will be considered a change to cell A for access control purposes. The `engine.apply_user_actions` method now returns a `direct` array, with a boolean for each `stored` action, set to `true` if the action is attributed to the user or `false` if it is attributed to the engine. `GranularAccess` ignores actions attributed to the engine when checking for edit rights. Subtleties: * Removal of references to a removed row are considered direct changes. * Doesn't play well with undos as yet. An action that indirectly modifies a cell the user doesn't have rights to may succeed, but it will not be reversible. Test Plan: added tests, updated tests Reviewers: dsagal Reviewed By: dsagal Differential Revision: https://phab.getgrist.com/D2806
2026-03-02 04:09:24 +00:00 · 2021-05-12 11:04:37 -04:00
parent 8d62a857e1
commit d0d3d3d0c9
14 changed files with 175 additions and 48 deletions
--- a/sandbox/grist/engine.py
+++ b/sandbox/grist/engine.py
@@ -1125,6 +1125,7 @@ class Engine(object):
      self._bring_all_up_to_date()

    self.out_actions.flush_calc_changes()
+    self.out_actions.check_sanity()
    return self.out_actions

  def acl_split(self, action_group):
@@ -1247,6 +1248,7 @@ class Engine(object):
      self.user_actions.ApplyUndoActions(map(actions.get_action_repr, undo_actions))
      del self.out_actions.calc[len_calc:]
      del self.out_actions.stored[len_stored:]
+      del self.out_actions.direct[len_stored:]
      del self.out_actions.undo[len_undo:]
      del self.out_actions.retValues[len_ret:]