Commit Graph

2549 Commits

Author SHA1 Message Date
Jordi Gutiérrez Hermoso
400937fea3 uploads: do not use Origin header in fetchDoc
The `Origin` header is produced by `getTransitiveHeaders` but we don't
need it here, as this is only for an internal request where no
cross-origin attacks are possible.
2024-04-10 16:16:39 -04:00
Jordi Gutiérrez Hermoso
17ea97db78 requestUtils: add some logging to allowHost
I found it useful during my work to figure out what was going on in
this function and why some requests were being denied.
2024-04-10 16:16:39 -04:00
jarek
6f4637a8f0
Renaming invalid resource file and adding simple check in tests for the future. (#930) 2024-04-10 10:32:41 -07:00
Jarosław Sadziński
661f1c1804 (core) DuplicatePage function didn't duplicated collapsed widgets
Summary:
When one of 2 widget was collapsed, the resulting widget can become a root section. Then,
when a page was duplicated, the layout was duplicated incorrectly (with wrong collapsed
section). This resulted in a bug, when the root section was deleted, as it was the last
section in the saved layout, but not the last section on the visible layout.

Test Plan: Added 2 tests

Reviewers: dsagal

Reviewed By: dsagal

Subscribers: dsagal

Differential Revision: https://phab.getgrist.com/D4227
2024-04-10 18:19:37 +02:00
Jarosław Sadziński
bddbcddbef (core) Endpoint to report on the latest version of stable grist-core image
Summary:
New endpoint `/api/version` that returns latest version of stable docker image in format:
```
{"latestVersion":"1.1.12","
  updatedAt":"2024-03-06T06:28:25.752337Z","
  isCritical":false,
 "updateURL":"https://hub.docker.com/r/gristlabs/grist"
}
```

It connects to docker hub API and reads the version from the tag lists endpoint.
Stores telemetry passed from the client such us: current version, deployment type, installationId and others.

Test Plan: Added new test

Reviewers: georgegevoian

Reviewed By: georgegevoian

Differential Revision: https://phab.getgrist.com/D4220
2024-04-09 17:03:49 +02:00
George Gevoian
ddc28e327b (core) Use login email to match billing profile
Summary:
The login email was being used for the "email" parameter of a billing endpoint, but
the endpoint was checking it against the non-login email when looking for a matching
profile.

Test Plan: Manual.

Reviewers: dsagal

Reviewed By: dsagal

Subscribers: dsagal

Differential Revision: https://phab.getgrist.com/D4226
2024-04-08 13:56:11 -07:00
gallegonovato
5ae3c1819c
Translated using Weblate (Spanish)
Currently translated at 100.0% (1168 of 1168 strings)

Translation: Grist/client
Translate-URL: https://hosted.weblate.org/projects/grist/client/es/
2024-04-08 13:02:01 +02:00
Camille L
2203d67483
Translated using Weblate (French)
Currently translated at 98.2% (1147 of 1168 strings)

Translation: Grist/client
Translate-URL: https://hosted.weblate.org/projects/grist/client/fr/
2024-04-08 13:02:00 +02:00
Franček Prijatelj
efd8751bf9
Translated using Weblate (Slovenian)
Currently translated at 100.0% (1168 of 1168 strings)

Translation: Grist/client
Translate-URL: https://hosted.weblate.org/projects/grist/client/sl/
2024-04-05 18:02:01 +02:00
aleksej0R
fb979a5d1d
Translated using Weblate (French)
Currently translated at 97.0% (1134 of 1168 strings)

Translation: Grist/client
Translate-URL: https://hosted.weblate.org/projects/grist/client/fr/
2024-04-05 18:02:01 +02:00
Camille L
4d2b88c699
Translated using Weblate (French)
Currently translated at 97.0% (1134 of 1168 strings)

Translation: Grist/client
Translate-URL: https://hosted.weblate.org/projects/grist/client/fr/
2024-04-05 18:02:01 +02:00
jordigh
a681065c4f
docs: remove job ad (#929)
I have accepted this job!
2024-04-05 10:22:31 -04:00
Florent
a8a421c833
/status does not return a 500 HTTP code if docWorkerRegistered fails (#928) 2024-04-04 15:03:15 -04:00
DINH TUAN HAI
e28e1616ac
Translated using Weblate (Vietnamese)
Currently translated at 98.8% (1155 of 1168 strings)

Translation: Grist/client
Translate-URL: https://hosted.weblate.org/projects/grist/client/vi/
2024-04-04 17:18:53 +02:00
Paul Janzen
d4a056c8d3
Translated using Weblate (German)
Currently translated at 100.0% (1168 of 1168 strings)

Translation: Grist/client
Translate-URL: https://hosted.weblate.org/projects/grist/client/de/
2024-04-04 17:18:53 +02:00
Paul Janzen
8437e7c8e1
Translated using Weblate (Portuguese (Brazil))
Currently translated at 100.0% (1168 of 1168 strings)

Translation: Grist/client
Translate-URL: https://hosted.weblate.org/projects/grist/client/pt_BR/
2024-04-04 17:18:52 +02:00
Camille L
6cec5d072d
Translated using Weblate (French)
Currently translated at 96.4% (1126 of 1168 strings)

Translation: Grist/client
Translate-URL: https://hosted.weblate.org/projects/grist/client/fr/
2024-04-04 17:18:52 +02:00
Florent
4a9b6fea9d
Shutdown Doc worker when it is not considered as available in Redis #831 (#856)
* Shutdown Doc worker when it is not considered as available in Redis
* Use isAffirmative for GRIST_MANAGED_WORKERS
* Upgrade Sinon for the tests
* Run Smoke test with pages in English
* Add logic in /status endpoint
2024-04-04 10:25:42 -04:00
Jarosław Sadziński
03ead0d1ca (core) Adding a flag for the UI to check if emails are enabled
Summary:
Front-end code can now test if emails are enabled
and hide some parts of UI based on it.

Test Plan:
Only secondery text was hidden on add users dialog.
Tested manually.

Reviewers: georgegevoian

Reviewed By: georgegevoian

Subscribers: georgegevoian

Differential Revision: https://phab.getgrist.com/D4221
2024-04-03 09:50:17 +02:00
George Gevoian
c87d835533 (core) Update WS deps after grist-core sync
Summary:
Some WS-related code was touched in a recent PR to grist-core. This extends
those changes to the rest of the codebase so that builds work again.

Test Plan: N/A

Reviewers: dsagal

Reviewed By: dsagal

Subscribers: dsagal

Differential Revision: https://phab.getgrist.com/D4224
2024-04-02 23:08:39 -07:00
DINH TUAN HAI
dd83b7f678
Translated using Weblate (Vietnamese)
Currently translated at 100.0% (1155 of 1155 strings)

Translation: Grist/client
Translate-URL: https://hosted.weblate.org/projects/grist/client/vi/
2024-04-03 07:02:17 +02:00
github-actions[bot]
e23f83c1b0
automated update to translation keys (#912)
Co-authored-by: Paul's Grist Bot <paul+bot@getgrist.com>
2024-04-02 16:19:47 -04:00
George Gevoian
b505d21e79 (core) Disable headers shortcut in summary tables
Summary: Summary tables have restrictions on which columns can be renamed.

Test Plan: Browser tests.

Reviewers: jarek

Reviewed By: jarek

Subscribers: jarek

Differential Revision: https://phab.getgrist.com/D4222
2024-04-02 12:44:27 -07:00
Dmitry
3405ce902e
When restarting test server with resetting the database, don't forget to close it (#923) 2024-04-01 16:35:00 -04:00
NGUYEN QUOC ANH
2140900d58
Added translation using Weblate (Vietnamese) 2024-04-01 16:55:09 +02:00
Paul Fitzpatrick
4736ca490c (core) updates from grist-core 2024-04-01 09:22:25 -04:00
Владимир В
c6f53ea15e
Translated using Weblate (Russian)
Currently translated at 99.5% (1150 of 1155 strings)

Translation: Grist/client
Translate-URL: https://hosted.weblate.org/projects/grist/client/ru/
2024-03-31 23:09:13 +02:00
Franček Prijatelj
dcd323201a
Translated using Weblate (Slovenian)
Currently translated at 100.0% (1155 of 1155 strings)

Translation: Grist/client
Translate-URL: https://hosted.weblate.org/projects/grist/client/sl/
2024-03-29 17:02:17 +01:00
Jonathan Perret
96b652fb52
Support HTTP long polling as an alternative to WebSockets (#859)
The motivation for supporting an alternative to WebSockets is that while all browsers supported by Grist offer native WebSocket support, some networking environments do not allow WebSocket traffic.

Engine.IO is used as the underlying implementation of HTTP long polling. The Grist client will first attempt a regular WebSocket connection, using the same protocol and endpoints as before, but fall back to long polling using Engine.IO if the WebSocket connection fails.

Include these changes:
- CORS websocket requests are now rejected as a stronger security measure. This shouldn’t affect anything in practice; but previously it could be possible to make unauthenticated websocket requests from another origin.
- GRIST_HOST variable no longer affects CORS responses (also should not affect anything in practice, as it wasn't serving a useful purpose)
2024-03-28 13:22:20 -04:00
gallegonovato
b4c2562029
Translated using Weblate (Spanish)
Currently translated at 100.0% (1155 of 1155 strings)

Translation: Grist/client
Translate-URL: https://hosted.weblate.org/projects/grist/client/es/
2024-03-28 15:02:01 +01:00
Paul Fitzpatrick
67afd74817 (core) clean up snapshot list when access rules are in effect
Summary:
When access rules are in effect on a document, non-owners currently
don't have access to snapshots. Previously when the document history
tab is opened in this situation, an error toast would appear, along
with a small message that was hard to see in dark mode. This change
removes the toast and improves the message somewhat.

Test Plan: updated test

Reviewers: jarek

Reviewed By: jarek

Differential Revision: https://phab.getgrist.com/D4218
2024-03-27 12:11:47 -04:00
Franček Prijatelj
40f88f3e9c
Translated using Weblate (Slovenian)
Currently translated at 100.0% (1126 of 1126 strings)

Translation: Grist/client
Translate-URL: https://hosted.weblate.org/projects/grist/client/sl/
2024-03-27 05:11:16 +01:00
Dmitry S
e380fcfa90 (core) Admin Panel and InstallAdmin class to identify installation admins.
Summary:
- Add InstallAdmin class to identify users who can manage Grist installation.

  This is overridable by different Grist flavors (e.g. different in SaaS).
  It generalizes previous logic used to decide who can control Activation
  settings (e.g. enable telemetry).

- Implement a basic Admin Panel at /admin, and move items previously in the
  "Support Grist" page into the "Support Grist" section of the Admin Panel.

- Replace "Support Grist" menu items with "Admin Panel" and show only to admins.

- Add "Support Grist" links to Github sponsorship to user-account menu.

- Add "Support Grist" button to top-bar, which
  - for admins, replaces the previous "Contribute" button and reopens the "Support Grist / opt-in to telemetry" nudge (unchanged)
  - for everyone else, links to Github sponsorship
  - in either case, user can dismiss it.

Test Plan: Shuffled some test cases between Support Grist and the new Admin Panel, and added some new cases.

Reviewers: jarek, paulfitz

Reviewed By: jarek, paulfitz

Differential Revision: https://phab.getgrist.com/D4194
2024-03-25 12:18:38 -04:00
github-actions[bot]
a86c5da5c5
automated update to translation keys (#911)
Co-authored-by: Paul's Grist Bot <paul+bot@getgrist.com>
2024-03-25 09:56:12 -04:00
Thomas Steen Rasmussen
c40fa180c1
fix shebang in various bash scripts (#910) 2024-03-25 09:55:20 -04:00
Paul Fitzpatrick
0c05f4cdc4 (core) updates from grist-core 2024-03-25 09:45:23 -04:00
Владимир В
4fcfd57fb8
Translated using Weblate (Russian)
Currently translated at 99.5% (1121 of 1126 strings)

Translation: Grist/client
Translate-URL: https://hosted.weblate.org/projects/grist/client/ru/
2024-03-25 14:02:00 +01:00
Paul Fitzpatrick
5607f41a91
tweak Dockerfile so image is buildable with podman (#907)
This adds a docker.io registry name, the lack of which will otherwise
cause image building to fail if podman is used rather than docker.
Common images like node are automatically aliased and don't need
the registry name. Based on a problem reported in discord.

https://discord.com/channels/1176642613022044301/1214877650108026881
2024-03-23 10:58:41 -04:00
gallegonovato
4d016510a8
Translated using Weblate (Spanish)
Currently translated at 100.0% (1126 of 1126 strings)

Translation: Grist/client
Translate-URL: https://hosted.weblate.org/projects/grist/client/es/
2024-03-21 23:01:51 +01:00
George Gevoian
418681915e (core) Forms Improvements
Summary:
 - Forms now have a reset button.
 - Choice and Reference fields in forms now have an improved select menu.
 - Formula and attachments column types are no longer mappable or visible in forms.
 - Fields in a form widget are now removed if their column is deleted.
 - The preview button in a published form widget has been replaced with a view button. It now opens the published form in a new tab.
 - A new share menu for published form widgets, with options to copy a link or embed code.
 - Forms can now have multiple sections.
 - Form widgets now indicate when publishing is unavailable (e.g. in forks or unsaved documents).
 - General improvements to form styling.

Test Plan: Browser tests.

Reviewers: jarek

Reviewed By: jarek

Subscribers: paulfitz

Differential Revision: https://phab.getgrist.com/D4203
2024-03-21 13:01:25 -04:00
Dmitry S
aff9c7075c (core) Move Billing tests into a separate test suite, and skip some
Summary:
- Also move out reused helper methods out of test suites, to avoid inadvertently including some test suites into other suites.
- Add logging around onNewTab since that seems related to test failures.
- Skip several tests in Billing that fail particularly often.

Test Plan: Checking that tests pass, and how many. Compared to the last successful run on master, there are 4 new skips (this diff), and 3 fewer test cases (a test case run in triplicate was removed in https://github.com/gristlabs/grist-core/pull/899)

Reviewers: georgegevoian

Reviewed By: georgegevoian

Differential Revision: https://phab.getgrist.com/D4216
2024-03-20 20:07:56 -04:00
Camille L
a2a5caf85b
Translated using Weblate (French)
Currently translated at 100.0% (1125 of 1125 strings)

Translation: Grist/client
Translate-URL: https://hosted.weblate.org/projects/grist/client/fr/
2024-03-20 22:05:31 +01:00
Jarosław Sadziński
ff8477cbe4 (core) Bug with empty, self-referencing RefList columns.
Summary:
If a table T contains a RefList:T showing RowId and there
are any empty cells, the table can't be removed.

Test Plan: Added new test

Reviewers: dsagal

Reviewed By: dsagal

Subscribers: dsagal

Differential Revision: https://phab.getgrist.com/D4215
2024-03-20 20:55:24 +01:00
Sylvain Boulade
e944de5f6c
Add README entry for GRIST_INCLUDE_CUSTOM_SCRIPT_URL variable (#906) 2024-03-20 12:56:04 -04:00
George Gevoian
07fcce548b (core) Add TSV and DSV import/export
Summary: Adds support for importing .dsv files (an April Fools 2024 easter egg), and options for exporting .dsv and .tsv files from the Share menu.

Test Plan: Browser and server tests.

Reviewers: jarek

Reviewed By: jarek

Differential Revision: https://phab.getgrist.com/D4210
2024-03-20 10:57:21 -04:00
CamilleLegeron
f3f320a193
Feat: rename all column label from a given row with right click (#848) 2024-03-20 09:34:09 -04:00
Florent
8b267c1e00
Remove unused var GRIST_HOME_INCLUDE_STATIC (#902)
The README document referenced a `GRIST_HOME_INCLUDE_STATIC` env variable, which seem to be used nowhere.

Also seem to be confusing with GRIST_SERVERS which can be set to `home,static`.
2024-03-20 09:21:38 -04:00
Владимир В
0cc6135005
Translated using Weblate (Russian)
Currently translated at 99.6% (1121 of 1125 strings)

Translation: Grist/client
Translate-URL: https://hosted.weblate.org/projects/grist/client/ru/
2024-03-18 20:01:58 +01:00
Florent
e84c420a37
Don't require running docker with --init to stop with ^C (#892) 2024-03-18 09:49:42 -04:00
Paul Fitzpatrick
48a8af83fc (core) updates from grist-core 2024-03-18 09:14:25 -04:00