The `Origin` header is produced by `getTransitiveHeaders` but we don't
need it here, as this is only for an internal request where no
cross-origin attacks are possible.
* Shutdown Doc worker when it is not considered as available in Redis
* Use isAffirmative for GRIST_MANAGED_WORKERS
* Upgrade Sinon for the tests
* Run Smoke test with pages in English
* Add logic in /status endpoint
The motivation for supporting an alternative to WebSockets is that while all browsers supported by Grist offer native WebSocket support, some networking environments do not allow WebSocket traffic.
Engine.IO is used as the underlying implementation of HTTP long polling. The Grist client will first attempt a regular WebSocket connection, using the same protocol and endpoints as before, but fall back to long polling using Engine.IO if the WebSocket connection fails.
Include these changes:
- CORS websocket requests are now rejected as a stronger security measure. This shouldn’t affect anything in practice; but previously it could be possible to make unauthenticated websocket requests from another origin.
- GRIST_HOST variable no longer affects CORS responses (also should not affect anything in practice, as it wasn't serving a useful purpose)
Summary:
When access rules are in effect on a document, non-owners currently
don't have access to snapshots. Previously when the document history
tab is opened in this situation, an error toast would appear, along
with a small message that was hard to see in dark mode. This change
removes the toast and improves the message somewhat.
Test Plan: updated test
Reviewers: jarek
Reviewed By: jarek
Differential Revision: https://phab.getgrist.com/D4218
Summary:
- Add InstallAdmin class to identify users who can manage Grist installation.
This is overridable by different Grist flavors (e.g. different in SaaS).
It generalizes previous logic used to decide who can control Activation
settings (e.g. enable telemetry).
- Implement a basic Admin Panel at /admin, and move items previously in the
"Support Grist" page into the "Support Grist" section of the Admin Panel.
- Replace "Support Grist" menu items with "Admin Panel" and show only to admins.
- Add "Support Grist" links to Github sponsorship to user-account menu.
- Add "Support Grist" button to top-bar, which
- for admins, replaces the previous "Contribute" button and reopens the "Support Grist / opt-in to telemetry" nudge (unchanged)
- for everyone else, links to Github sponsorship
- in either case, user can dismiss it.
Test Plan: Shuffled some test cases between Support Grist and the new Admin Panel, and added some new cases.
Reviewers: jarek, paulfitz
Reviewed By: jarek, paulfitz
Differential Revision: https://phab.getgrist.com/D4194
This adds a docker.io registry name, the lack of which will otherwise
cause image building to fail if podman is used rather than docker.
Common images like node are automatically aliased and don't need
the registry name. Based on a problem reported in discord.
https://discord.com/channels/1176642613022044301/1214877650108026881
Summary:
- Forms now have a reset button.
- Choice and Reference fields in forms now have an improved select menu.
- Formula and attachments column types are no longer mappable or visible in forms.
- Fields in a form widget are now removed if their column is deleted.
- The preview button in a published form widget has been replaced with a view button. It now opens the published form in a new tab.
- A new share menu for published form widgets, with options to copy a link or embed code.
- Forms can now have multiple sections.
- Form widgets now indicate when publishing is unavailable (e.g. in forks or unsaved documents).
- General improvements to form styling.
Test Plan: Browser tests.
Reviewers: jarek
Reviewed By: jarek
Subscribers: paulfitz
Differential Revision: https://phab.getgrist.com/D4203
Summary:
- Also move out reused helper methods out of test suites, to avoid inadvertently including some test suites into other suites.
- Add logging around onNewTab since that seems related to test failures.
- Skip several tests in Billing that fail particularly often.
Test Plan: Checking that tests pass, and how many. Compared to the last successful run on master, there are 4 new skips (this diff), and 3 fewer test cases (a test case run in triplicate was removed in https://github.com/gristlabs/grist-core/pull/899)
Reviewers: georgegevoian
Reviewed By: georgegevoian
Differential Revision: https://phab.getgrist.com/D4216
Summary:
If a table T contains a RefList:T showing RowId and there
are any empty cells, the table can't be removed.
Test Plan: Added new test
Reviewers: dsagal
Reviewed By: dsagal
Subscribers: dsagal
Differential Revision: https://phab.getgrist.com/D4215
Summary: Adds support for importing .dsv files (an April Fools 2024 easter egg), and options for exporting .dsv and .tsv files from the Share menu.
Test Plan: Browser and server tests.
Reviewers: jarek
Reviewed By: jarek
Differential Revision: https://phab.getgrist.com/D4210
The README document referenced a `GRIST_HOME_INCLUDE_STATIC` env variable, which seem to be used nowhere.
Also seem to be confusing with GRIST_SERVERS which can be set to `home,static`.
Summary:
Drag-and-drop was interfering with text selection in inputs for form
labels and paragraphs.
Test Plan: Manual.
Reviewers: jarek
Reviewed By: jarek
Subscribers: jarek
Differential Revision: https://phab.getgrist.com/D4209
Summary:
1. Set pageLoad timeout to 10s (default is 5 minutes)
2. Disable chrome's prompts to save credit card info, which may be
affecting Stripe pages
3. Periodically record of logs and screenshots for the most-failing test case
so that whenever it fails in a bad way (timeout with no indication of
what's wrong), we can hope to find out what's wrong.
Test Plan: Planning to celebrate if Billing tests pass.
Reviewers: georgegevoian
Reviewed By: georgegevoian
Subscribers: georgegevoian
Differential Revision: https://phab.getgrist.com/D4193