Paul Fitzpatrick 131fbbdb92 (core) check row-level permissions on incoming actions ... Summary: This improves support for access control on document modifications. It adds: * Checking of create/remove/update access for row-level changes. * Use of `newRec` variable in formulas. It is now possible to have distinct clients with read+write access to different rows of the same table. This is another incremental step. There are deficiencies in actions that include schema changes, and many other lacunae. But the overall flow is taking shape. Access control is done at the DocAction level, requiring the sandbox to process the UserActions, and then be reverted if the action proves unlawful. This could be optimized away in many simple and important cases, but I'm not sure it is possible to avoid in general. Test Plan: added tests Reviewers: dsagal Reviewed By: dsagal Differential Revision: https://phab.getgrist.com/D2677		2020-12-07 16:59:28 -05:00
..
client	(core) Implement much of the general AccessRules UI.	2020-12-07 14:48:41 -05:00
common	(core) Implement much of the general AccessRules UI.	2020-12-07 14:48:41 -05:00
gen-server	(core) distinguish open public documents from listing them	2020-11-27 09:56:25 -05:00
plugin	(core) hide long sequences of unchanged rows in diffs	2020-11-19 18:19:54 -05:00
server	(core) check row-level permissions on incoming actions	2020-12-07 16:59:28 -05:00
tsconfig.json	(core) move home server into core	2020-07-21 20:39:10 -04:00