Go to file
Paul Fitzpatrick 45d2d5f897 (core) back-end support for tables that are accessible only by owners
Summary:
This makes it possible to serve a table or tables only to owners.

 * The _grist_ACLResources table is abused (temporarily) such that rows of the form `{colId: '~o', tableId}` are interpreted as meaning that `tableId` is private to owners.
 * Many websocket and api endpoints are updated to preserve the privacy of these tables.
 * In a document where some tables are private, a lot of capabilities are turned off for non-owners to avoid leaking info indirectly.
 * The client is tweaked minimally, to show '-' where a page with some private material would otherwise go.

No attempt is made to protect data from private tables pulled into non-private tables via formulas.

There are some known leaks remaining:
 * Changes to the schema of private tables are still broadcast to all clients (fixable).
 * Non-owner may be able to access snapshots or make forks or use other corners of API (fixable).
 * Changing name of table makes it public, since tableId in ACLResource is not updated (fixable).

Security will require some work, the attack surface is large.

Test Plan: added tests

Reviewers: dsagal

Reviewed By: dsagal

Differential Revision: https://phab.getgrist.com/D2604
2020-09-14 18:05:27 -04:00
app (core) back-end support for tables that are accessible only by owners 2020-09-14 18:05:27 -04:00
buildtools (core) move data engine code to core 2020-07-29 08:57:25 -04:00
sandbox (core) back-end support for tables that are accessible only by owners 2020-09-14 18:05:27 -04:00
static (core) move home server into core 2020-07-21 20:39:10 -04:00
stubs/app (core) more grist-core cleanup 2020-07-23 16:21:08 -04:00
.gitignore Update tsconfig files and switch to _build for outputs, for consistency with main grist repo 2020-05-22 02:14:28 -04:00
bin Initial config with a few files that build on client and server side. 2020-05-20 00:50:46 -04:00
LICENSE.txt (core) Add Apache-2.0 license to grist-core. 2020-08-06 10:59:48 -04:00
NOTICE.txt (core) Add Apache-2.0 license to grist-core. 2020-08-06 10:59:48 -04:00
ormconfig.js (core) move home server into core 2020-07-21 20:39:10 -04:00
package.json (core) move data engine code to core 2020-07-29 08:57:25 -04:00
README.md (core) Add Apache-2.0 license to grist-core. 2020-08-06 10:59:48 -04:00
tsconfig.json freshen app/client/ui2018/cssVars.ts 2020-06-23 16:16:38 -04:00
yarn.lock Initial config with a few files that build on client and server side. 2020-05-20 00:50:46 -04:00

Grist

Grist is a modern relational spreadsheet. It combine the flexibility of a spreadsheet with the robustness of a database to organize your data and make you more productive.

⚠️ This repository is in a pre-release state. Its release will be announced when it has all the planned components, and a solid independent build and test set-up. Currently, stand-alone server functionality is present. Release of our web client is planned, along with an extensive test suite.

This repository, grist-core, is maintained by Grist Labs. Our flagship product, available at https://www.getgrist.com, is built from the code you see here, combined with business-specific software designed to scale it to many users, handle billing, etc.

Why Open Source?

By opening its source code and offering an OSI-approved free license, Grist benefits its users:

  • Open Source Community. An active community is the main draw of open-source projects. Anyone can examine source code, and contribute bug fixes or even new features. This is a big deal for a general-purpose spreadsheet-like product, where there is a long tail of features vital to someone somewhere.
  • Increased Trust. Because anyone can examine the source code, “security by obscurity” is not an option. Vulnerabilities in the code can be found by others and reported before they can cause damage.
  • Independence. The published source code—and the product built from it—are available to you regardless of the fortunes of the Grist Labs business. Whatever happens to us, this repo or its forks can live on, so that you can continue to work on your data in Grist.
  • Price Flexibility. You can build Grist from source and use it for yourself all you want without paying us a cent. While you cant go wrong with our fully set-up and supported online service, some organizations may choose the do-it-yourself route and pay for their own server and maintenance, rather than a per-user price. DIY users are often the ones to develop new features, and can contribute them back to benefit all users of Grist.
  • Extensibility. For developers, having the source open makes it easier to build extensions (such as the experimental Custom Widget). You can more easily include Grist in your pipeline. And if a feature is missing, you can just take the source code and build on top of it!

How do I start?

For building from source, you can start with this:

npm install
npm run build:prod
npm run install:python
GRIST_DEFAULT_EMAIL=you@example.com npm start
# unauthenticated grist api available at http://localhost:8484/api/

Stay tuned for more instructions to come at release.

For using pre-built Grist, just head on over to https://www.getgrist.com.

License

This repository, grist-core, is released under the Apache License, Version 2.0, which is an OSI-approved free software license. See LICENSE.txt and NOTICE.txt for more information.