(core) add minimal support for activation keys

Summary: For grist-ee, expect an activation key in environment variable `GRIST_ACTIVATION` or in a file pointed to by `GRIST_ACTIVATION_FILE`. In absence of key, start a 30-day trial, during which a banner is shown. Once trial expires, installation goes into document-read-only mode. Test Plan: added a test Reviewers: dsagal Reviewed By: dsagal Subscribers: jarek Differential Revision: https://phab.getgrist.com/D3426
2026-03-02 04:09:24 +00:00 · 2022-05-11 15:05:35 -04:00
parent f48d579f64
commit e4d47a2f3c
12 changed files with 153 additions and 8 deletions
--- a/app/gen-server/entity/Activation.ts
+++ b/app/gen-server/entity/Activation.ts
@@ -0,0 +1,17 @@
+import {BaseEntity, Column, Entity, PrimaryColumn} from "typeorm";
+
+@Entity({name: 'activations'})
+export class Activation extends BaseEntity {
+
+  @PrimaryColumn()
+  public id: string;
+
+  @Column({name: 'key', type: 'text', nullable: true})
+  public key: string|null;
+
+  @Column({name: 'created_at', default: () => "CURRENT_TIMESTAMP"})
+  public createdAt: Date;
+
+  @Column({name: 'updated_at', default: () => "CURRENT_TIMESTAMP"})
+  public updatedAt: Date;
+}
--- a/app/gen-server/lib/Activations.ts
+++ b/app/gen-server/lib/Activations.ts
@@ -0,0 +1,28 @@
+import { makeId } from 'app/server/lib/idUtils';
+import { Activation } from 'app/gen-server/entity/Activation';
+import { HomeDBManager } from 'app/gen-server/lib/HomeDBManager';
+
+/**
+ * Manage activations. Not much to do currently, there is at most one
+ * activation. The activation singleton establishes an id and creation
+ * time for the installation.
+ */
+export class Activations {
+  constructor(private _db: HomeDBManager) {
+  }
+
+  // Get the current activation row, creating one if necessary.
+  // It will be created with an empty key column, which will get
+  // filled in once an activation key is presented.
+  public current(): Promise<Activation> {
+    return this._db.connection.manager.transaction(async manager => {
+      let activation = await manager.findOne(Activation);
+      if (!activation) {
+        activation = manager.create(Activation);
+        activation.id = makeId();
+        await activation.save();
+      }
+      return activation;
+    });
+  }
+}
--- a/app/gen-server/lib/HomeDBManager.ts
+++ b/app/gen-server/lib/HomeDBManager.ts
@@ -253,6 +253,8 @@ export class HomeDBManager extends EventEmitter {
                                   // deployments on same subdomain.

  private _docAuthCache = new MapWithTTL<string, Promise<DocAuthResult>>(DOC_AUTH_CACHE_TTL);
+  // In restricted mode, documents should be read-only.
+  private _restrictedMode: boolean = false;

  public emit(event: NotifierEvent, ...args: any[]): boolean {
    return super.emit(event, ...args);
@@ -338,6 +340,10 @@ export class HomeDBManager extends EventEmitter {
    this._idPrefix = prefix;
  }

+  public setRestrictedMode(restricted: boolean) {
+    this._restrictedMode = restricted;
+  }
+
  public async connect(): Promise<void> {
    try {
      // If multiple servers are started within the same process, we
@@ -1104,7 +1110,7 @@ export class HomeDBManager extends EventEmitter {
      if (docs.length > 1) { throw new ApiError('ambiguous document request', 400); }
      doc = docs[0];
      const features = doc.workspace.org.billingAccount.product.features;
-      if (features.readOnlyDocs) {
+      if (features.readOnlyDocs || this._restrictedMode) {
        // Don't allow any access to docs that is stronger than "viewers".
        doc.access = roles.getWeakestRole('viewers', doc.access);
      }
--- a/app/gen-server/migration/1652273656610-Activations.ts
+++ b/app/gen-server/migration/1652273656610-Activations.ts
@@ -0,0 +1,39 @@
+import {MigrationInterface, QueryRunner, Table} from 'typeorm';
+
+export class Activations1652273656610 implements MigrationInterface {
+
+  public async up(queryRunner: QueryRunner): Promise<any> {
+    // created_at and updated_at code is based on *-Initial.ts
+    const sqlite = queryRunner.connection.driver.options.type === 'sqlite';
+    const datetime = sqlite ? "datetime" : "timestamp with time zone";
+    const now = "now()";
+    await queryRunner.createTable(new Table({
+      name: 'activations',
+      columns: [
+        {
+          name: "id",
+          type: "varchar",
+          isPrimary: true,
+        },
+        {
+          name: "key",
+          type: "varchar",
+          isNullable: true,
+        },
+        {
+          name: "created_at",
+          type: datetime,
+          default: now
+        },
+        {
+          name: "updated_at",
+          type: datetime,
+          default: now
+        },
+      ]}));
+  }
+
+  public async down(queryRunner: QueryRunner): Promise<any> {
+    await queryRunner.dropTable('activations');
+  }
+}