(core) add minimal support for activation keys

Summary: For grist-ee, expect an activation key in environment variable `GRIST_ACTIVATION` or in a file pointed to by `GRIST_ACTIVATION_FILE`. In absence of key, start a 30-day trial, during which a banner is shown. Once trial expires, installation goes into document-read-only mode. Test Plan: added a test Reviewers: dsagal Reviewed By: dsagal Subscribers: jarek Differential Revision: https://phab.getgrist.com/D3426
2026-03-02 04:09:24 +00:00 · 2022-05-11 15:05:35 -04:00
parent f48d579f64
commit e4d47a2f3c
12 changed files with 153 additions and 8 deletions
--- a/app/server/lib/Authorizer.ts
+++ b/app/server/lib/Authorizer.ts
@@ -1,6 +1,7 @@
 import {ApiError} from 'app/common/ApiError';
 import {OpenDocMode} from 'app/common/DocListAPI';
 import {ErrorWithCode} from 'app/common/ErrorWithCode';
+import {ActivationState} from 'app/common/gristUrls';
 import {FullUser, UserProfile} from 'app/common/LoginSessionAPI';
 import {canEdit, canView, getWeakestRole, Role} from 'app/common/roles';
 import {UserOptions} from 'app/common/UserAPI';
@@ -34,6 +35,7 @@ export interface RequestWithLogin extends Request {
  docAuth?: DocAuthResult;      // For doc requests, the docId and the user's access level.
  specialPermit?: Permit;
  altSessionId?: string;   // a session id for use in trigger formulas and granular access rules
+  activation?: ActivationState;
 }

 /**
--- a/app/server/lib/FlexServer.ts
+++ b/app/server/lib/FlexServer.ts
@@ -12,6 +12,7 @@ import {ApiServer} from 'app/gen-server/ApiServer';
 import {Document} from "app/gen-server/entity/Document";
 import {Organization} from "app/gen-server/entity/Organization";
 import {Workspace} from 'app/gen-server/entity/Workspace';
+import {Activations} from 'app/gen-server/lib/Activations';
 import {DocApiForwarder} from 'app/gen-server/lib/DocApiForwarder';
 import {getDocWorkerMap} from 'app/gen-server/lib/DocWorkerMap';
 import {HomeDBManager} from 'app/gen-server/lib/HomeDBManager';
@@ -470,6 +471,9 @@ export class FlexServer implements GristServer {
    await this._dbManager.initializeSpecialIds();
    // Report which database we are using, without sensitive credentials.
    this.info.push(['database', getDatabaseUrl(this._dbManager.connection.options, false)]);
+    // If the installation appears to be new, give it an id and a creation date.
+    const activations = new Activations(this._dbManager);
+    await activations.current();
  }

  public addDocWorkerMap() {
@@ -566,6 +570,12 @@ export class FlexServer implements GristServer {
    this._billing.addEventHandlers();
  }

+  public async addBillingMiddleware() {
+    if (this._check('activation', 'homedb')) { return; }
+    this._getBilling();
+    await this._billing.addMiddleware?.(this.app);
+  }
+
  /**
   * Add a /api/log endpoint that simply outputs client errors to our
   * logs.  This is a minimal placeholder for a special-purpose
--- a/app/server/lib/IBilling.ts
+++ b/app/server/lib/IBilling.ts
@@ -4,4 +4,5 @@ export interface IBilling {
  addEndpoints(app: express.Express): void;
  addEventHandlers(): void;
  addWebhooks(app: express.Express): void;
+  addMiddleware?(app: express.Express): Promise<void>;
 }
--- a/app/server/lib/ICreate.ts
+++ b/app/server/lib/ICreate.ts
@@ -9,6 +9,7 @@ import {INotifier} from 'app/server/lib/INotifier';
 import {ISandbox, ISandboxCreationOptions} from 'app/server/lib/ISandbox';
 import {IShell} from 'app/server/lib/IShell';
 import {createSandbox} from 'app/server/lib/NSandbox';
+import * as express from 'express';

 export interface ICreate {

@@ -48,13 +49,18 @@ export interface ICreateStorageOptions {
 export function makeSimpleCreator(opts: {
  sessionSecret?: string,
  storage?: ICreateStorageOptions[],
+  activationMiddleware?: (db: HomeDBManager, app: express.Express) => Promise<void>,
 }): ICreate {
  return {
-    Billing() {
+    Billing(db) {
      return {
        addEndpoints() { /* do nothing */ },
        addEventHandlers() { /* do nothing */ },
-        addWebhooks() { /* do nothing */ }
+        addWebhooks() { /* do nothing */ },
+        async addMiddleware(app) {
+          // add activation middleware, if needed.
+          return opts?.activationMiddleware?.(db, app);
+        }
      };
    },
    Notifier() {
--- a/app/server/lib/sendAppPage.ts
+++ b/app/server/lib/sendAppPage.ts
@@ -1,6 +1,6 @@
 import {GristLoadConfig} from 'app/common/gristUrls';
 import {getTagManagerSnippet} from 'app/common/tagManager';
-import {isAnonymousUser} from 'app/server/lib/Authorizer';
+import {isAnonymousUser, RequestWithLogin} from 'app/server/lib/Authorizer';
 import {RequestWithOrg} from 'app/server/lib/extractOrg';
 import {GristServer} from 'app/server/lib/GristServer';
 import {getSupportedEngineChoices} from 'app/server/lib/serverUtils';
@@ -49,6 +49,7 @@ export function makeGristConfig(homeUrl: string|null, extra: Partial<GristLoadCo
    enableWidgetRepository: Boolean(process.env.GRIST_WIDGET_LIST_URL),
    survey: Boolean(process.env.DOC_ID_NEW_USER_INFO),
    tagManagerId: process.env.GOOGLE_TAG_MANAGER_ID,
+    activation: (mreq as RequestWithLogin|undefined)?.activation,
    ...extra,
  };
 }
@@ -91,7 +92,22 @@ export function makeSendAppPage(opts: {
    const staticOrigin = process.env.APP_STATIC_URL || "";
    const staticBaseUrl = `${staticOrigin}/v/${options.tag || tag}/`;
    const customHeadHtmlSnippet = server?.create.getExtraHeadHtml?.() ?? "";
-    const warning = testLogin ? "<div class=\"dev_warning\">Authentication is not enforced</div>" : "";
+    // TODO: Temporary changes until there is a handy banner to put this in.
+    let warning = testLogin ? "<div class=\"dev_warning\">Authentication is not enforced</div>" : "";
+    const activation = config.activation;
+    if (!warning && activation) {
+      if (activation.trial) {
+        warning = `Trial: ${activation.trial.daysLeft} day(s) left`;
+      } else if (activation.needKey) {
+        warning = 'Activation key needed. Documents in read-only mode.';
+      } else if (activation.key?.daysLeft && activation.key.daysLeft < 30) {
+        warning = `Need reactivation in ${activation.key.daysLeft} day(s)`;
+      }
+      if (warning) {
+        warning = `<div class="dev_warning activation-msg">${warning}</div>`;
+      }
+    }
+    // Temporary changes end.
    const content = fileContent
      .replace("<!-- INSERT WARNING -->", warning)
      .replace("<!-- INSERT BASE -->", `<base href="${staticBaseUrl}">` + tagManagerSnippet)
--- a/app/server/mergedServerMain.ts
+++ b/app/server/mergedServerMain.ts
@@ -98,6 +98,7 @@ export async function main(port: number, serverTypes: ServerType[],

  server.addAccessMiddleware();
  server.addApiMiddleware();
+  await server.addBillingMiddleware();

  await server.start();