* Introduce ACTION_HISTORY env variables
* fix: env vars must be integers
* Use AppSettings and introduce minValue and maxValue
* Update README.md
* Start testing AppSettings
Co-authored-by: vviers <vincent.viers@beta.gouv.fr>
Summary:
A new set of endpoints for managing installation and site configuration have been added:
- GET `/api/install/configs/:key` - get the value of the configuration item with the specified key
- PUT `/api/install/configs/:key` - set the value of the configuration item with the specified key
- body: the JSON value of the configuration item
- DELETE `/api/install/configs/:key` - delete the configuration item with the specified key
- GET `/api/orgs/:oid/configs/:key` - get the value of the configuration item with the specified key
- PUT `/api/orgs/:oid/configs/:key` - set the value of the configuration item with the specified key
- body: the JSON value of the configuration item
- DELETE `/api/orgs/:oid/configs/:key` - delete the configuration item with the specified key
Configuration consists of key/value pairs, where keys are strings (e.g. `"audit_logs_streaming_destinations"`) and values are JSON, including literals like numbers and strings. Only installation admins and site owners are permitted to modify installation and site configuration, respectively.
The endpoints are planned to be used in an upcoming feature for enabling audit log streaming for an installation and/or site. Future functionality may use the endpoints as well, which may require extending the current capabilities (e.g. adding support for storing secrets, additional metadata fields, etc.).
Test Plan: Server tests
Reviewers: paulfitz, jarek
Reviewed By: paulfitz, jarek
Subscribers: jarek
Differential Revision: https://phab.getgrist.com/D4377
Summary:
Showing rename popup on group by column with disabled label section. It only allows to set description.
Unrelated:
- Fixing HostedMetadataManager test
Test Plan: Updated tests
Reviewers: Spoffy
Reviewed By: Spoffy
Subscribers: Spoffy
Differential Revision: https://phab.getgrist.com/D4371
## Context
Error is caused due to these steps:
- File is uploaded to Home server and attempts to import
- Import ends up in `claimDocument` in `HostedStorageManager`
- Tries to read doc metadata from DocWorkerMap, gets 'unknown' as md5 hash
- Thinks local doc is out of date and erases it.
- Downloads a non-existent file from S3, so import fails as it has no data.
## Proposed solution
This fixes it by checking for DummyDocWorker's special 'unknown' MD5, forcing an S3 check.
## Related issues
https://community.getgrist.com/t/no-metadata-for-imported-grist-document/6029/32
This checks whether code can successfully run in the
sandbox only when the admin panel needs to report that,
rather than at start up. This is motivated by two things:
- The desktop app became a lot slower to open with this
check, since it uses pyodide by default, and there's
been no work on optimizing the pyodide sandbox load
times (as opposed to gvisor, where a lot of work was
done, and it is also fundamentally faster).
- The messages logged by a test sandbox starting and
stopping have been confusing people.
There is a case for doing the check on startup, especially
on servers, so that we can fail early. Still, that isn't
what we were doing, and we'd also like to move away from the
server refusing to start because of a problem and
towards an always-reachable admin page that reports
the nature of problems in a clearer way.
Summary:
Adds the remaining batch of audit log events, and a CLI
utility to generate documentation for installation and
site audit events.
Test Plan: Manual.
Reviewers: jarek
Reviewed By: jarek
Differential Revision: https://phab.getgrist.com/D4356
Summary:
The scrollbar wasn't properly positioned inside the
bounds of the main panel.
Test Plan: Manual.
Reviewers: jarek
Reviewed By: jarek
Subscribers: paulfitz, jarek
Differential Revision: https://phab.getgrist.com/D4357
Grist has needed a job queue for some time. This adds one, using
BullMQ. BullMQ however requires Redis, meaning we couldn't use
jobs for the large subset of Grist that needs to be runnable without
Redis (e.g. for use on desktop, or on simple self-hosted sites).
So simple immediate, delayed, and repeated jobs are supported also
in a crude single-process form when Redis is not available.
This code isn't ready for actual use since an important issue
remains to be worked out, specifically how to handle draining
the queue during deployments to avoid mixing versions (or - if
allowing mixed versions - thinking through any extra support needed
for the developer to avoid introducing hard-to-test code paths).
Summary:
Adds a few additional audit events and enhances audit logging
to capture more data (request origin, active org, user type).
Test Plan: Server and manual tests.
Reviewers: jarek
Reviewed By: jarek
Subscribers: jarek
Differential Revision: https://phab.getgrist.com/D4348
Make a set of changes required for Desktop FS improvements, see
https://github.com/gristlabs/grist-desktop/pull/42
---------
Co-authored-by: Spoffy <contact@spoffy.net>
Co-authored-by: Spoffy <4805393+Spoffy@users.noreply.github.com>
* switch default LLM from a model that is going away
If an api key is provided, Grist can use an LLM as an assistant
for writing formulas. The LLM can be self-hosted or an external
service. The default external service is OpenAI. This commit
freshens the default model used, if this feature is enabled,
since the existing one is going away. Benchmarking suggests the
results are generally better, though not dramatically so.
The feature of falling back on a longer context model is no longer
as important, but is retained since it could be useful for self-hosters.
* update long context model tests
Summary:
Adds machinery to support audit logging in the backend.
Logging is currently implemented by streaming events to external HTTP
endpoints. All flavors of Grist support a default "grist" payload format,
and Grist Enterprise additionally supports an HEC-compatible payload format.
Logging of all audit events will be added at a later date.
Test Plan: Server tests.
Reviewers: paulfitz
Reviewed By: paulfitz
Differential Revision: https://phab.getgrist.com/D4331
Summary:
Permissions for admin billing endpoints were changed
- Support user can't use admin subscription endpoints
- Installation admin (as support user) can see billing details on any site
- Installation admin (unlike support user) can replace subscription (or attach payment) on any site, regardless permissions
Installation admin is any user that belongs to a special `admin` org. If `admin` org is not defined, it defaults to
support user. In that case, with this diff, the support user receives admin's permissions, and now can replace subscription on
any site (without being billing manager).
Test Plan: Added new test
Reviewers: dsagal, paulfitz
Reviewed By: dsagal, paulfitz
Subscribers: dsagal
Differential Revision: https://phab.getgrist.com/D4338
Summary:
Adding support for 2-way references in data engine.
- Columns have an `reverseCol` field, which says "this is a reverse of the given column, update me when that one changes".
- At the time of setting `reverseCol`, we ensure that it's symmetrical to make a 2-way reference.
- Elsewhere we just implement syncing in one direction:
- When `reverseCol` is present, user code is generated with a type like `grist.ReferenceList("Tasks", reverse_of="Assignee")`
- On updating a ref column, we use `prepare_new_values()` method to generate corresponding updates to any column that's a reverse of it.
- The `prepare_new_values()` approach is extended to support this.
- We don't add (or remove) any mappings between rows, and rely on existing mappings (in a ref column's `_relation`) to create reverse updates.
NOTE This is polished version of https://phab.getgrist.com/D4307 with tests and 3 bug fixes
- Column transformation didn't work when transforming RefList to Ref, the reverse column became out of sync
- Tables with reverse columns couldn't be removed
- Setting json arrays to RefList didn't work if arrays contained other things besides ints
Those fixes are covered by new tests.
Test Plan: New tests
Reviewers: georgegevoian, paulfitz, dsagal
Reviewed By: georgegevoian, paulfitz
Subscribers: dsagal
Differential Revision: https://phab.getgrist.com/D4322
Summary:
Removing `createNewConnection` method that was used in tests to create a
"scoped" version of `HomeDbManager`. Currently this won't work as there are
many methods (like `Users.findOne`) that are using the default (global) connection.
Additionally `HomeDBManger` had couple of bugs that were causing locks, which
manifested themselves in postgresql tests (that are not serializing transactions).
Repository methods like `Users.findOne` or `user.save()`, even when wrapped in
transaction were using a separate connection from the pool (and a separate
transaction).
Some tests in `UsersManager` are still skipped or refactored, as sinon's `fakeTimers`
doesn't work well with postgresql driver (which is using `setTimout` a lot).
Date mappings in `User` entity were fixed, they were using `SQLite` configuration only,
which caused problems with postgresql database.
Test Plan: Refactored.
Reviewers: paulfitz
Reviewed By: paulfitz
Subscribers: paulfitz
Differential Revision: https://phab.getgrist.com/D4342
When a document has too many requests, one may want to force a document to be reopened. However, the /force-reload endpoint may raise a 429 (TOO_MANY_REQUESTS) error, because it uses the throttled middleware.
Context
HomeDBManager lacks of direct tests, which makes hard to make rework or refactorations.
Proposed solution
Specifically here, I introduce tests which call exposed UsersManager methods directly and check their result.
Also:
I removed updateUserName which seems to me useless (updateUser does the same work)
Taking a look at the getUserByLogin methods, it appears that Typescirpt infers it returns a Promise<User|null> while in no case it may resolve a nullish value, therefore I have forced to return a Promise<User> and have changed the call sites to reflect the change.
Related issues
I make this change for then working on #870
Summary:
Before this change we would always say there are 14 days remaining,
regardless of how many actually are remaining. Let's pass around a
different `dataLimitsInfo` object that also reports the number of days
remaining.
Test Plan: Ensure the test suite passes.
Reviewers: georgegevoian
Reviewed By: georgegevoian
Differential Revision: https://phab.getgrist.com/D4332
Summary:
- When sandbox is down, report failing UpdateCurrentTime calls as warnings instead of errors.
- When applying system actions (such as updating current time), don't treat
them as user activity for the purpose of keeping the doc open.
Test Plan: Added a test case for the fixed behavior.
Reviewers: georgegevoian
Reviewed By: georgegevoian
Differential Revision: https://phab.getgrist.com/D4324
Add body in log requests.
GRIST_LOG_SKIP_HTTP is a badly named environment variable and its
expected values are confusing (to log the requests, you actually have to
set its value to "", and setting to "false" actually is equivalent to
setting to "true").
We deprecate this env variable in favor of GRIST_LOG_HTTP which is more
convenient and understandable:
- by default, its undefined, so nothing is logged;
- to enable the logs, you just have to set GRIST_LOG_HTTP=true
Also this commit removes the default value for GRIST_LOG_SKIP_HTTP,
because we don't have to set it to "true" to actually disable the
requests logging thanks to GRIST_LOG_HTTP. FlexServer now handles
the historical behavior for this deprecated variable.
---------
Co-authored-by: Jonathan Perret <j-github@jonathanperret.net>
Summary:
In the pure OSS `grist-oss` image, the `ActivationPage` module from
stubs is used, as the `ext` code is completely missing. We can easily
just always return `false` here.
In the case when the `ext` directory exists, this may mean we're in
the standard `grist` image or the `grist-ee` image. The latter is
distinguished by having `GRIST_FORCE_ENABLE_ENTERPRISE` so we check if
that's on, and hide the toggle accordingly if so.
Test Plan:
Use these changes to build the three Docker images
(`grist-oss`, `grist`, and `grist-ee`) and verify that only `grist`
shows the toggle.
Reviewers: jarek
Reviewed By: jarek
Subscribers: jarek
Differential Revision: https://phab.getgrist.com/D4321
Summary:
This includes two fixes: one to ensure that any exception from websocket
upgrade handlers are handled (by destroying the socket). A test case is
added for this.
The other is to ensure verifyClient returns false instead of failing; this
should lead to a better error to the client (Forbidden, rather than just socket
close). This is only tested manually with a curl request.
Test Plan: Added a test case for the more sensitive half of the fix.
Reviewers: georgegevoian
Reviewed By: georgegevoian
Subscribers: georgegevoian
Differential Revision: https://phab.getgrist.com/D4323
Summary:
The name of this env var has bothered me for a little while.
Let's rename it more meaningfully.
Test Plan: No need to test, cosmetic change only.
Reviewers: jarek
Reviewed By: jarek
Differential Revision: https://phab.getgrist.com/D4320
Summary:
Since formula errors are typically obtained from the Python data engine, they
were not returning any info for errors in on-demand tables (not loaded into the
data engine). This change implements a detailed message to explain such errors,
mainly to point out that on-demand table is the reason.
Test Plan: Added a check to the OnDemand test that formula error details are shown.
Reviewers: jarek
Reviewed By: jarek
Differential Revision: https://phab.getgrist.com/D4317
* Introduces new configuration variables for OIDC:
- GRIST_OIDC_IDP_ENABLED_PROTECTIONS
- GRIST_OIDC_IDP_ACR_VALUES
- GRIST_OIDC_IDP_EXTRA_CLIENT_METADATA
* Implements all supported protections in oidc/Protections.ts
* Includes a better error page for failed OIDC logins
* Includes some other improvements, e.g. to logging, to OIDC
* Adds a large unit test for OIDCConfig
* Adds support for SERVER_NODE_OPTIONS for running tests
* Adds to documentation/develop.md info about GREP_TESTS, VERBOSE, and SERVER_NODE_OPTIONS.
The problem here is that making it this optional meant that it wasn't
supplied by [the enterprise creation
function](fb22d94878/ext/app/server/lib/create.ts (L10)).
This resulted in an odd situation where the secret was required for
the enterprise edition, even though it offers no additional security.
Without this key, the enterprise code crashes.
The requirement to supply a secret key would make a Grist instance
crash if you start in normal mode but switch to enterprise, as the
enterprise creator does not supply a default secret key.
Access control for ConvertFromColumn in the presence of access rules had previously been left as a TODO. This change allows the action when the user has schema rights. Because schema rights let you create formulas, they let you read anything, so there is currently no value in nuance here.
Summary:
A new onboarding page is now shown to all new users visiting the doc
menu for the first time. Tutorial cards on the doc menu have been
replaced with a new version that tracks completion progress, alongside
a new card that opens the orientation video.
Test Plan: Browser tests.
Reviewers: jarek
Reviewed By: jarek
Differential Revision: https://phab.getgrist.com/D4296
I need to be able to read the config at module load time, which makes
async difficult if not impossible.
This will make read config operations synchronous, which is fine. The
file is tiny and seldom read.
Summary: Path for the HomeDbManager has beed updated after merging with core.
Test Plan: Existing
Reviewers: georgegevoian
Reviewed By: georgegevoian
Subscribers: georgegevoian
Differential Revision: https://phab.getgrist.com/D4288
