(core) add an access token mechanism to help with attachments in custom widgets

Summary: With this, a custom widget can render an attachment by doing: ``` const tokenInfo = await grist.docApi.getAccessToken({readOnly: true}); const img = document.getElementById('the_image'); const id = record.C[0]; // get an id of an attachment const src = `${tokenInfo.baseUrl}/attachments/${id}/download?auth=${tokenInfo.token}`; img.setAttribute('src', src) ``` The access token expires after a few mins, so if a user right-clicks on an image to save it, they may get access denied unless they refresh the page. A little awkward, but s3 pre-authorized links behave similarly and it generally isn't a deal-breaker. Test Plan: added tests Reviewers: dsagal Reviewed By: dsagal Subscribers: dsagal Differential Revision: https://phab.getgrist.com/D3488
2026-03-02 04:09:24 +00:00 · 2022-07-19 11:39:49 -04:00
parent 5c0a250309
commit dd8d2e18f5
22 changed files with 551 additions and 34 deletions
--- a/app/client/components/DocComm.ts
+++ b/app/client/components/DocComm.ts
@@ -46,6 +46,7 @@ export class DocComm extends Disposable implements ActiveDocAPI {
  public getAclResources = this._wrapMethod("getAclResources");
  public waitForInitialization = this._wrapMethod("waitForInitialization");
  public getUsersForViewAs = this._wrapMethod("getUsersForViewAs");
+  public getAccessToken = this._wrapMethod("getAccessToken");

  public changeUrlIdEmitter = this.autoDispose(new Emitter());

--- a/app/client/components/WidgetFrame.ts
+++ b/app/client/components/WidgetFrame.ts
@@ -6,7 +6,7 @@ import {AccessLevel, isSatisfied} from 'app/common/CustomWidget';
 import {DisposableWithEvents} from 'app/common/DisposableWithEvents';
 import {BulkColValues, fromTableDataAction, RowRecord} from 'app/common/DocActions';
 import {extractInfoFromColType, reencodeAsAny} from 'app/common/gristTypes';
-import {CustomSectionAPI, GristDocAPI, GristView,
+import {AccessTokenOptions, CustomSectionAPI, GristDocAPI, GristView,
        InteractionOptionsRequest, WidgetAPI, WidgetColumnMap} from 'app/plugin/grist-plugin-api';
 import {MsgType, Rpc} from 'grain-rpc';
 import {Computed, Disposable, dom, Observable} from 'grainjs';
@@ -318,6 +318,21 @@ export class GristDocAPIImpl implements GristDocAPI {
  public async applyUserActions(actions: any[][], options?: any) {
    return this._doc.docComm.applyUserActions(actions, {desc: undefined, ...options});
  }
+
+  // Get a token for out-of-band access to the document.
+  // Currently will require the custom widget to have full access to the
+  // document.
+  // It would be great to support this with read_table rights. This could be
+  // possible to do by adding a tableId setting to AccessTokenOptions,
+  // encoding that limitation in the access token, and ensuring the back-end
+  // respects it. But the current motivating use for adding access tokens is
+  // showing attachments, and they aren't currently something that logically
+  // lives within a specific table.
+  public async getAccessToken(options: AccessTokenOptions) {
+    return this._doc.docComm.getAccessToken({
+      readOnly: options.readOnly,
+    });
+  }
 }

 /**