When a document has too many requests, one may want to force a document to be reopened. However, the /force-reload endpoint may raise a 429 (TOO_MANY_REQUESTS) error, because it uses the throttled middleware.
Context
HomeDBManager lacks of direct tests, which makes hard to make rework or refactorations.
Proposed solution
Specifically here, I introduce tests which call exposed UsersManager methods directly and check their result.
Also:
I removed updateUserName which seems to me useless (updateUser does the same work)
Taking a look at the getUserByLogin methods, it appears that Typescirpt infers it returns a Promise<User|null> while in no case it may resolve a nullish value, therefore I have forced to return a Promise<User> and have changed the call sites to reflect the change.
Related issues
I make this change for then working on #870
Summary:
Also tweaks the bottom margin of a few Markdown
element types when they are the last element in a
cell, and fixes an alignment issue with list items
containing paragraphs.
Test Plan: Browser and manual tests.
Reviewers: jarek
Reviewed By: jarek
Subscribers: jarek
Differential Revision: https://phab.getgrist.com/D4334
Summary:
Before this change we would always say there are 14 days remaining,
regardless of how many actually are remaining. Let's pass around a
different `dataLimitsInfo` object that also reports the number of days
remaining.
Test Plan: Ensure the test suite passes.
Reviewers: georgegevoian
Reviewed By: georgegevoian
Differential Revision: https://phab.getgrist.com/D4332
Summary:
- When sandbox is down, report failing UpdateCurrentTime calls as warnings instead of errors.
- When applying system actions (such as updating current time), don't treat
them as user activity for the purpose of keeping the doc open.
Test Plan: Added a test case for the fixed behavior.
Reviewers: georgegevoian
Reviewed By: georgegevoian
Differential Revision: https://phab.getgrist.com/D4324
Add body in log requests.
GRIST_LOG_SKIP_HTTP is a badly named environment variable and its
expected values are confusing (to log the requests, you actually have to
set its value to "", and setting to "false" actually is equivalent to
setting to "true").
We deprecate this env variable in favor of GRIST_LOG_HTTP which is more
convenient and understandable:
- by default, its undefined, so nothing is logged;
- to enable the logs, you just have to set GRIST_LOG_HTTP=true
Also this commit removes the default value for GRIST_LOG_SKIP_HTTP,
because we don't have to set it to "true" to actually disable the
requests logging thanks to GRIST_LOG_HTTP. FlexServer now handles
the historical behavior for this deprecated variable.
---------
Co-authored-by: Jonathan Perret <j-github@jonathanperret.net>
Summary:
Text columns can now display their values as Markdown-formatted text
by changing their cell format to "Markdown". A minimal subset of the
Markdown specification is currently supported.
Test Plan: Browser tests.
Reviewers: Spoffy, dsagal
Reviewed By: Spoffy, dsagal
Subscribers: dsagal, Spoffy
Differential Revision: https://phab.getgrist.com/D4326
Summary:
A project test began failing because of an incompatibility with pointer-events
being disabled. This gets us back to green.
Test Plan: Existing tests.
Reviewers: jordigh
Reviewed By: jordigh
Subscribers: jordigh
Differential Revision: https://phab.getgrist.com/D4325
Summary:
In the pure OSS `grist-oss` image, the `ActivationPage` module from
stubs is used, as the `ext` code is completely missing. We can easily
just always return `false` here.
In the case when the `ext` directory exists, this may mean we're in
the standard `grist` image or the `grist-ee` image. The latter is
distinguished by having `GRIST_FORCE_ENABLE_ENTERPRISE` so we check if
that's on, and hide the toggle accordingly if so.
Test Plan:
Use these changes to build the three Docker images
(`grist-oss`, `grist`, and `grist-ee`) and verify that only `grist`
shows the toggle.
Reviewers: jarek
Reviewed By: jarek
Subscribers: jarek
Differential Revision: https://phab.getgrist.com/D4321
Summary:
This includes two fixes: one to ensure that any exception from websocket
upgrade handlers are handled (by destroying the socket). A test case is
added for this.
The other is to ensure verifyClient returns false instead of failing; this
should lead to a better error to the client (Forbidden, rather than just socket
close). This is only tested manually with a curl request.
Test Plan: Added a test case for the more sensitive half of the fix.
Reviewers: georgegevoian
Reviewed By: georgegevoian
Subscribers: georgegevoian
Differential Revision: https://phab.getgrist.com/D4323
Summary:
Custom widgets are now shown in a gallery.
The gallery is automatically opened when a new custom widget is
added to a page.
Descriptions, authors, and update times are pulled from the widget
manifest.
Test Plan: Browser tests.
Reviewers: jarek
Reviewed By: jarek
Subscribers: dsagal
Differential Revision: https://phab.getgrist.com/D4309
Summary:
The name of this env var has bothered me for a little while.
Let's rename it more meaningfully.
Test Plan: No need to test, cosmetic change only.
Reviewers: jarek
Reviewed By: jarek
Differential Revision: https://phab.getgrist.com/D4320
Summary:
Page is now hidden when any of its ancestor (or the page itself)
is censored.
Test Plan: Updated
Reviewers: georgegevoian
Reviewed By: georgegevoian
Differential Revision: https://phab.getgrist.com/D4319
Summary:
Each view type currently responsible for fitting appropriately within the box
it's given (e.g. deciding which container is scrollable). CustomView wasn't
doing a good job of it, particularly when showing "columns aren't mapped"
message.
Test Plan:
Only CSS affected. Checked manually on FF, Chrome, Safari that CustomViews take
the right amount of space, and scroll well, in 3 situations: not-mapped,
not-configured, and a functional widget.
Reviewers: jarek
Reviewed By: jarek
Subscribers: jarek
Differential Revision: https://phab.getgrist.com/D4316
Summary:
Since formula errors are typically obtained from the Python data engine, they
were not returning any info for errors in on-demand tables (not loaded into the
data engine). This change implements a detailed message to explain such errors,
mainly to point out that on-demand table is the reason.
Test Plan: Added a check to the OnDemand test that formula error details are shown.
Reviewers: jarek
Reviewed By: jarek
Differential Revision: https://phab.getgrist.com/D4317
Summary:
When video is opened from the app homepage, it opens in a popup, which stays
open when it ends. The rel=0 parameter limits the related videos shown at the
end to those from the same channel, avoiding surprising unrelated videos.
This doesn't affect the video shown during initial onboarding, since that once
auto-closes when it ends.
Test Plan: Tested manually
Reviewers: georgegevoian
Reviewed By: georgegevoian
Differential Revision: https://phab.getgrist.com/D4313
Summary:
1. Unclear why Embed fails often. Locally, it fails for me every time, and
this tweak makes it pass (while still keeping the test useful).
2. Reduced back main bundle's size by removing dependency of some common
elements on the full AdminPanel. Updated expected size of errorPages
bundle to the new reduced size.
Test Plan: No changes to functionality; relying on existing tests to verify that.
Reviewers: jordigh
Reviewed By: jordigh
Subscribers: georgegevoian, jordigh
Differential Revision: https://phab.getgrist.com/D4315
* Introduces new configuration variables for OIDC:
- GRIST_OIDC_IDP_ENABLED_PROTECTIONS
- GRIST_OIDC_IDP_ACR_VALUES
- GRIST_OIDC_IDP_EXTRA_CLIENT_METADATA
* Implements all supported protections in oidc/Protections.ts
* Includes a better error page for failed OIDC logins
* Includes some other improvements, e.g. to logging, to OIDC
* Adds a large unit test for OIDCConfig
* Adds support for SERVER_NODE_OPTIONS for running tests
* Adds to documentation/develop.md info about GREP_TESTS, VERBOSE, and SERVER_NODE_OPTIONS.
For #1140, I considered trying to use the existing fields in a better
way, but because we already use the activations table to store
preferences, we need to keep all of the existing data and its usage
as-is.
The enterprise code will use this new column to decide how long the
trial period should be.
We had `getgrist.com` hardcoded here, which only works for SaaS. The
base domain as well as the way that orgs are encoded in the URL can be
different in other circumstances.
If we are encoding orgs in the domain name, that's easy. We just do
`orgname.base.domain.name`. If we are not, then we first try a base
domain, and if that isn't set, we'll use the domain of the home
server.
Final ingredient. This surfaces the work in creating the backend
config API, the frontend model, the grainjs observable, and the
grainjs DOM and CSS components.
Strongly patterned after SupportGristPage. In fact, it has almost the
same structure.
Perhaps one day it would be possible to synchronise the logic between
the two toggles even further, but I couldn't see a simple way to do so
now. For now, some code structure duplication seemed easiest in lieau
of more abstractions.
Test Plan: Tested manually with a Date and DateTime column type.
Reviewers: paulfitz
Reviewed By: paulfitz
Subscribers: paulfitz
Differential Revision: https://phab.getgrist.com/D4305
The problem here is that making it this optional meant that it wasn't
supplied by [the enterprise creation
function](fb22d94878/ext/app/server/lib/create.ts (L10)).
This resulted in an odd situation where the secret was required for
the enterprise edition, even though it offers no additional security.
Without this key, the enterprise code crashes.
The requirement to supply a secret key would make a Grist instance
crash if you start in normal mode but switch to enterprise, as the
enterprise creator does not supply a default secret key.
Summary:
When last widget for a table is removed, user is informed
about that and can decide between removing the widget and removing
both table and widget
Test Plan: Updated
Reviewers: georgegevoian
Reviewed By: georgegevoian
Differential Revision: https://phab.getgrist.com/D4295
Access control for ConvertFromColumn in the presence of access rules had previously been left as a TODO. This change allows the action when the user has schema rights. Because schema rights let you create formulas, they let you read anything, so there is currently no value in nuance here.
Summary:
A new onboarding page is now shown to all new users visiting the doc
menu for the first time. Tutorial cards on the doc menu have been
replaced with a new version that tracks completion progress, alongside
a new card that opens the orientation video.
Test Plan: Browser tests.
Reviewers: jarek
Reviewed By: jarek
Differential Revision: https://phab.getgrist.com/D4296
