Commit Graph

1496 Commits

Author SHA1 Message Date
Paul Fitzpatrick
5f9ecdcfe4 docstrings, moment import, fix log format 2024-07-03 15:03:14 -04:00
Paul Fitzpatrick
95b8134614 add a getSnapshotProgress implementation to DocStorageManager 2024-07-03 15:03:14 -04:00
Paul Fitzpatrick
4815a007ed log periodic per-document statistics about snapshot generation
This is to facilitate alerting to detect if snapshot generation were to
stall for a document.
2024-07-03 15:03:14 -04:00
Paul Fitzpatrick
919cff0398 (core) updates from grist-core 2024-07-01 09:37:47 -04:00
CamilleLegeron
61421e8251
Create user last connection datetime (#935)
Each time the a Grist page is reload the `last_connection_at` of the user is updated

resolve [#924](https://github.com/gristlabs/grist-core/issues/924)
2024-07-01 15:13:39 +02:00
Jarosław Sadziński
184be9387f (core) Enabling telemetry on /api/version endpoint
Summary:
Version API endpoint wasn't logging telemetry from POST requests. The issue was in registration
order, this endpoint was registered before `expressJson` and it couldn't read json body in the handler.

Test Plan: Added new test

Reviewers: paulfitz

Reviewed By: paulfitz

Subscribers: paulfitz

Differential Revision: https://phab.getgrist.com/D4277
2024-06-27 12:05:15 +02:00
Leslie H
24ce54b586
Improve session ID security (#1059)
Follow-up of #994. This PR revises the session ID generation logic to improve security in the absence of a secure session secret. It also adds a section in the admin panel "security" section to nag system admins when GRIST_SESSION_SECRET is not set.

Following is an excerpt from internal conversation.

TL;DR: Grist's current implementation generates semi-secure session IDs and uses a publicly known default signing key to sign them when the environment variable GRIST_SESSION_SECRET is not set. This PR generates cryptographically secure session IDs to dismiss security concerns around an insecure signing key, and encourages system admins to configure their own signing key anyway.

> The session secret is required by expressjs/session to sign its session IDs. It's designed as an extra protection against session hijacking by randomly guessing session IDs and hitting a valid one. While it is easy to encourage users to set a distinct session secret, this is unnecessary if session IDs are generated in a cryptographically secure way. As of now Grist uses version 4 UUIDs as session IDs (see app/server/lib/gristSessions.ts - it uses shortUUID.generate which invokes uuid.v4 under the hood). These contain 122 bits of entropy, technically insufficient to be considered cryptographically secure. In practice, this is never considered a real vulnerability. To compare, RSA2048 is still very commonly used in web servers, yet it only has 112 bits of security (>=128 bits = "secure", rule of thumb in cryptography). But for peace of mind I propose using crypto.getRandomValues to generate real 128-bit random values. This should render session ID signing unnecessary and hence dismiss security concerns around an insecure signing key.
2024-06-25 15:43:25 -04:00
Jordi Gutiérrez Hermoso
20035fd58f FlexServer: add new admin restart endpoint
This adds an endpoint for the admin user to be able to signal to a
controlling process to restart the server. This is intended for
`docker-runner.mjs`.
2024-06-19 11:56:45 -04:00
Paul Fitzpatrick
c0ce791e28 (core) updates from grist-core 2024-06-18 13:39:47 -04:00
Jarosław Sadziński
0549e46380 (core) Removing dry option from fixSiteProducts
Summary:
fixSiteProducts was always called with a dry option.
This option was just added for debuging test failure, it should
have been removed.

Test Plan:
Manual.
- on grist core, prepare site with `teamFree` product
- then to recreate run the previous version as
`GRIST_SINGLE_ORG=cool-beans GRIST_DEFAULT_PRODUCT=Free npm start`
- then to confirm it is fixed, run the same command as above
Site should be changed from `teamFree` to `Free`.

Reviewers: paulfitz

Reviewed By: paulfitz

Subscribers: paulfitz

Differential Revision: https://phab.getgrist.com/D4276
2024-06-18 19:30:27 +02:00
Florent
95b2459f25
HomeDBManager refactoration: extract method related to Users management in its own module (#1049)
The HomeDBManager remains the exposed class to the other parts of the code: any module under gen-server/lib/homedb like UsersManager is intended to be used solely by HomeDBManager, and in order to use their methods, an indirection has to be created to pass through HomeDBManager.
2024-06-18 10:57:06 -04:00
Dmitry S
51a34835c5 (core) Disable formula timing UI for non-owners
Summary:
For non-owners, the timing section of Document Settings is now disabled.
For non-editors, the "Reload" section is disabled.

Test Plan: Added a test case for timing being disabled.

Reviewers: jarek

Reviewed By: jarek

Differential Revision: https://phab.getgrist.com/D4275
2024-06-18 10:18:38 -04:00
Jarosław Sadziński
76d94483ad (core) Adding fixSiteProducts that changes orgs from teamFree to Free product if it was set be default
Summary:
After release on 2024-06-12 (1.1.15) the GRIST_DEFAULT_PRODUCT env variable wasn't respected by the
method that started the server in single org mode. In all deployments (apart from saas), the default product
used for new sites is set to `Free`, but the code that starts the server enforced `teamFree` product.

This change adds a fix routine that fixes this issue by rewriting team sites from `teamFree` product to `Free`
product only if:
- The default product is set to `Free`
- The deployment type is something other then 'saas'.

Additionally there is a test that will fail after 2024.10.01, as this fix should be removed before this date.

Test Plan: Added test

Reviewers: paulfitz

Reviewed By: paulfitz

Subscribers: paulfitz

Differential Revision: https://phab.getgrist.com/D4272
2024-06-18 15:05:57 +02:00
Jarosław Sadziński
1e2991519f (core) Restoring GRIST_DEFAULT_PRODUCT functionality
Summary: The GRIST_DEFAULT_PRODUCT wasn't used for grist-ee, now it is respected.

Test Plan:
I've build grist-ee docker image from github and run it using our instruction (both for recreating the issue and confirming it is fixed)
```
docker run -p 8484:8484 \
  -v $PWD:/persist \
  -e GRIST_SESSION_SECRET=invent-a-secret-here \
  -e GRIST_SINGLE_ORG=cool-beans
  -it gristlabs/grist-ee
```

For grist-core I recreated/confirmed it is fixed it just by `GRIST_SINGLE_ORG=team npm start` in the core folder.
I also created some team sites using stubbed UI and confirmed that they were using the GRIST_DEFAULT_PRODUCT product.

Reviewers: paulfitz

Reviewed By: paulfitz

Subscribers: paulfitz

Differential Revision: https://phab.getgrist.com/D4271
2024-06-14 19:56:49 +02:00
Spoffy
b98bad0b93 (core) Makes EE frontend behave as core if EE isn't activated
Summary:
- Makes EE decide which ActivationPage to use
- Makes ProductUpgrades use core implementation if not activated
- Changes banners to proxy to core implementation if EE not activated
- [Fix] Enables new site creation in EE as in Core:
    - Core enables people to freely create new team sites.
    - Enterprise currently redirects to the pricing page.
    - This enables enterprise to also create team sites, instead of
    redirecting.

Test Plan: Manually test in EE, unit tests in Jenkins

Reviewers: paulfitz, jordigh

Reviewed By: paulfitz

Differential Revision: https://phab.getgrist.com/D4264
2024-06-14 00:43:51 +01:00
Paul Fitzpatrick
e296e168e8 (core) updates from grist-core 2024-06-12 10:13:56 -04:00
Jarosław Sadziński
98176132b0 (core) Renaming installationId metadata for checkUpdateAPI telemetry endpoint.
Summary:
CheckUpdateAPI is now storing client's installation id in a new field called 'deploymentId'.
Previously it was using installationId which is reserved (and overriden) by the home server.

Test Plan: Existing and manual

Reviewers: paulfitz

Reviewed By: paulfitz

Subscribers: paulfitz

Differential Revision: https://phab.getgrist.com/D4268
2024-06-12 16:01:45 +02:00
Paul Fitzpatrick
856dbef3df
make the example key on admin panel without auth work when insecure (#1024)
The example key shown on the admin panel to users who are not known to be
administrators is generated using a method that is only available in secure
environments. This adds a fallback for insecure environments. The key is less
solid but again, it is just an example, and for an insecure environment.

Tested manually running locally and using a hostname set in /etc/hosts.
2024-06-12 09:34:31 -04:00
Paul Fitzpatrick
f071d91a0a (core) updates from grist-core 2024-06-11 09:18:23 -04:00
Jordi Gutiérrez Hermoso
c3e23ca81e admin: fix warning in websocket probe
This is a small thing, but when visiting the admin, the websocket test
doesn't send valid JSON, which the receiving endpoint expects. This
results in a harmless exception being thrown.

While this test should eventually be modified to be run from the
frontend, for now let's just make a small fix and send valid JSON in
order to avoid that JSON parsing exception.
2024-06-06 18:25:27 -04:00
George Gevoian
b555bf5d8d
Add user id middleware to form pages (#1020) 2024-06-05 09:18:02 -07:00
George Gevoian
72066bf0e4 (core) Support user variable in dropdown conditions
Summary:
Dropdown conditions can now reference a `user` variable, similar to the
one available in Access Rules.

Test Plan: Browser test.

Reviewers: jarek, paulfitz

Reviewed By: jarek, paulfitz

Differential Revision: https://phab.getgrist.com/D4255
2024-06-04 06:56:55 -07:00
Paul Fitzpatrick
50077540e2 (core) updates from grist-core 2024-06-03 12:31:22 -04:00
Leslie H
9c90da7398
Bump minio to v8.0.0 (#991) 2024-06-03 15:20:10 +00:00
Spoffy
587d187453
Removes spacing from admin page auth translation key (#1001)
Updates the authentication message on the admin page, removing newlines and tabs. 

This cleans up the formatting of the resulting translation key (in `en.client.json`). 

Context: https://github.com/gristlabs/grist-core/pull/987#discussion_r1603799796
2024-05-30 15:32:32 +01:00
CamilleLegeron
5956c20c29
feat: add new translations (#1004) 2024-05-29 11:02:00 -07:00
George Gevoian
c469a68d6e (core) Removing virtual tables when they are not needed
Summary:
Clearing virtual tables after user navigates away from the pages
that show them. Leaving them behind will reveal them on the Raw
Data page, with a buggy experience as user can't view the data
there.

Test Plan: Extended tests.

Reviewers: paulfitz

Reviewed By: paulfitz

Subscribers: jarek, georgegevoian

Differential Revision: https://phab.getgrist.com/D4258
2024-05-29 08:46:49 -07:00
Paul Fitzpatrick
06acc47cdb (core) updates from grist-core 2024-05-28 11:43:45 -04:00
Jarosław Sadziński
0262ad7a47 (core) Fix for ACL page for temporary documents.
Summary:
When the ACL page was visited by an anonymous user (for a temporary doc), it
tried to load the "View as" list, which failed. Apart from example users, it was
also trying to load all users the document is shared with by checking the home db.
However, since the document is not persisted, it failed.

Test Plan: Added new test

Reviewers: Spoffy

Reviewed By: Spoffy

Subscribers: Spoffy

Differential Revision: https://phab.getgrist.com/D4257
2024-05-24 15:14:00 +02:00
Spoffy
e56b416c7a
Moves core create object and core getLoginSystem to server/lib (#994)
This enables code in ext/ to be able to access it (e.g for proxying / interception).

Additionally adds getCreate() to enable future refactoring of `const create` away from being a global singleton constant.
2024-05-23 23:07:46 +01:00
Paul Fitzpatrick
5dc4706dc7
reconcile boot and admin pages further (#963)
This adds some remaining parts of the boot page to the admin panel, and then removes the boot page.
2024-05-23 16:40:31 -04:00
Paul Fitzpatrick
76a43129f1 (core) updates from grist-core 2024-05-23 13:27:59 -04:00
George Gevoian
31722de2eb (core) Fix drag selection bug in add row
Summary:
Relaxes selection restrictions on the add row, which was causing a
bug where the row above the add row was also being selected
whenever drag selection was started from the add row.

Test Plan: Browser test.

Reviewers: jarek

Reviewed By: jarek

Differential Revision: https://phab.getgrist.com/D4253
2024-05-22 14:11:17 -07:00
Jarosław Sadziński
a6ffa6096a (core) Adding UI for timing API
Summary:
Adding new buttons to control the `timing` API and a way to view the results
using virtual table features.

Test Plan: Added new

Reviewers: georgegevoian

Reviewed By: georgegevoian

Subscribers: paulfitz

Differential Revision: https://phab.getgrist.com/D4252
2024-05-22 14:56:53 +02:00
Jarosław Sadziński
60423edc17 (core) Customizable stripe plans.
Summary:
- Reading plans from Stripe, and allowing Stripe to define custom plans.
- Storing product features (aka limits) in Stripe, that override those in db.
- Adding hierarchical data in Stripe. All features are defined at Product level but can be overwritten on Price levels.
- New options for Support user to
-- Override product for team site (if he is added as a billing manager)
-- Override subscription and customer id for a team site
-- Attach an "offer", an custom plan configured in stripe that a team site can use
-- Enabling wire transfer for subscription by allowing subscription to be created without a payment method (which is customizable)

Test Plan: Updated and new.

Reviewers: georgegevoian

Reviewed By: georgegevoian

Differential Revision: https://phab.getgrist.com/D4201
2024-05-19 09:09:19 +02:00
CamilleLegeron
6443c9f914
feat: add translation of vue types when added (#946) 2024-05-17 11:55:24 -07:00
Spoffy
b4acb157f8
Displays the current authentication mechanism in the admin panel (#981)
* Adds authentication mechanism to admin panel

Adds field to the "Security settings" admin display, showing the
currently configured authentication mechanism.

* Adds 14px margin to admin panel names
2024-05-16 18:09:38 +01:00
Grégoire Cutzach
d8f4e075fe
feat: ADD Terms of service link (#985)
Adds an optional terms of service link for sites that need it.

---------

Co-authored-by: Jonathan Perret <j-github@jonathanperret.net>
2024-05-16 11:31:37 -04:00
Grégoire Cutzach
bb249ff462
fix: cancel when escape (#986) 2024-05-16 17:15:14 +02:00
George Gevoian
ed9514bae0 (core) Revert Safari overflow fix
Summary: The fix introduced a regression.

Test Plan: Existing tests.

Reviewers: jarek

Reviewed By: jarek

Differential Revision: https://phab.getgrist.com/D4254
2024-05-15 12:29:51 -07:00
Dmitry S
3267012226 (core) Attempt to fix truncated div issues for menu popups on Safari
Summary:
This affects the "Add Column" submenu under the sort-and-filter dropdown. The
explicit overflow setting (which *should* be the default) seems to fix it.

Test Plan: Tested manually on Safari 17.3 on Mac

Reviewers: georgegevoian

Reviewed By: georgegevoian

Subscribers: jarek, georgegevoian

Differential Revision: https://phab.getgrist.com/D4249
2024-05-14 18:44:48 -04:00
Florent
5e3cd94177
Introduce APP_HOME_INTERNAL_URL and fix duplicate docs (#915)
Context:

On self-hosted instances, some places in the code rely on the fact that we resolves public domains while being behind reverse proxies. This leads to cases where features are not available, such as the "Duplicate document" one.

Bugs that are solved - n self-hosted instances:

Impossible to open templates and tutorials right after having converted them;
Impossible to submit forms since version 1.1.13;
Impossible to restore a previous version of a document (snapshot);
Impossible to copy a document;

Solution:

Introduce the APP_HOME_INTERNAL_URL env variable, which is quite the same as APP_DOC_INTERNAL_URL except that it may point to any home worker;
Make /api/worker/:assignmentId([^/]+)/?* return not only the doc worker public url but also the internal one, and adapt the call points like fetchDocs;
Ensure that the home and doc worker internal urls are trusted by trustOrigin;

---------

Co-authored-by: jordigh <jordigh@octave.org>
2024-05-14 12:58:41 -04:00
George Gevoian
e299f4466b (core) Support reordering conditional styles
Summary: Conditional style rules can now be reordered by dragging and dropping them.

Test Plan: Browser test.

Reviewers: jarek

Reviewed By: jarek

Differential Revision: https://phab.getgrist.com/D4251
2024-05-13 14:45:11 -07:00
Paul Fitzpatrick
85f1040439 (core) updates from grist-core 2024-05-13 09:06:59 -04:00
Jarosław Sadziński
00c8343e8a (core) Updating UI for Document Settings
Summary: Updating UI for Document Settings, by reusing components from Admin panel

Test Plan: Existing

Reviewers: georgegevoian

Reviewed By: georgegevoian

Differential Revision: https://phab.getgrist.com/D4250
2024-05-13 08:54:04 +02:00
Spoffy
1e63c28a2a
Adds multiple missing translations (#972)
Adds several missing translations, mostly in Forms and the onboarding modals.
2024-05-10 14:31:54 +01:00
Paul Fitzpatrick
6299db6872
support $id in dropdown condition (#969)
This adds support for $id in dropdown conditions, using the same
method used for supporting referencedColumn.id, and extends a test
to exercise the variable. Without this, the dropdown editor gives
an error if $id or rec.id is used, stating that the column is invalid.
2024-05-07 17:52:51 -04:00
George Gevoian
50af681f47 (core) Use correct empty value in ChoiceEditor.getCellValue
Summary:
The default value of Choice columns is empty string, but ChoiceEditor was
saving nulls whenever a blank value was saved. This was causing unexpected
updates to trigger values due to the cell value changing internally, even
though null and empty string appear the same in the UI.

Test Plan: Browser test.

Reviewers: jarek

Reviewed By: jarek

Differential Revision: https://phab.getgrist.com/D4242
2024-04-30 11:24:36 -04:00
Paul Fitzpatrick
d431c1eb63 (core) add a sandbox check to admin panel, and start reconciling boot and admin pages
Summary:
This adds a basic sandbox check to the admin panel. It also makes
the "probes" used in the boot page available from the admin panel,
though they are not yet displayed. The sandbox check is built as
a probe.

In the interests of time, a lot of steps had to be deferred:
 * Reconcile fully the admin panel and boot page. Specifically, the
   admin panel should be equally robust to common configuration problems.
 * Add tests for the sandbox check.
 * Generalize to multi-server setups. The read-out will not yet be useful
   for setups where doc workers and home servers are configured
   separately.

Test Plan: Added new test

Reviewers: jarek, georgegevoian

Reviewed By: georgegevoian

Differential Revision: https://phab.getgrist.com/D4241
2024-04-29 20:52:39 -04:00
Jarosław Sadziński
ecf242c6c6 (core) Adding latest version section to the admin panel.
Summary:
Update for the admin page to show the latest available version information.
- Latest version is read from docs.getgrist.com by default
- It sends basic information (installationId, deployment type, and version)
- Checks are done only on the page itself
- The actual request is routed through the API (to avoid CORS)

Test Plan: Added new test

Reviewers: paulfitz

Reviewed By: paulfitz

Subscribers: paulfitz

Differential Revision: https://phab.getgrist.com/D4238
2024-04-29 21:59:36 +02:00