Archives/gristlabs_grist-core
1
0
Fork 0
mirror of https://github.com/gristlabs/grist-core.git synced 2024-10-27 20:44:07 +00:00
Code Issues Projects Releases Wiki Activity
69ac8fb4b3
gristlabs_grist-core/sandbox/grist
History
Paul Fitzpatrick d0d3d3d0c9 (core) discount indirect changes for access control purposes 
Summary:
This diff discounts indirect changes for access control purposes.  A UserAction that updates a cell A, which in turn causes changes in other dependent cells, will be considered a change to cell A for access control purposes.

The `engine.apply_user_actions` method now returns a `direct` array, with a boolean for each `stored` action, set to `true` if the action is attributed to the user or `false` if it is attributed to the engine.  `GranularAccess` ignores actions attributed to the engine when checking for edit rights.

Subtleties:
 * Removal of references to a removed row are considered direct changes.
 * Doesn't play well with undos as yet.  An action that indirectly modifies a cell the user doesn't have rights to may succeed, but it will not be reversible.

Test Plan: added tests, updated tests

Reviewers: dsagal

Reviewed By: dsagal

Differential Revision: https://phab.getgrist.com/D2806
2021-05-12 11:26:21 -04:00
..
functions (core) add SELF_HYPERLINK() function for generating links to the current document 2021-03-18 19:37:07 -04:00
imports
acl_formula.py (core) fix up newRec when column names change; autocomplete after newRec 2021-05-12 08:29:39 -04:00
acl.py (core) discount indirect changes for access control purposes 2021-05-12 11:26:21 -04:00
action_obj.py (core) discount indirect changes for access control purposes 2021-05-12 11:26:21 -04:00
action_summary.py (core) Allow using negative rowIds to add records and refer to them in Reference values. 2020-12-15 16:39:56 -05:00
actions.py
autocomplete_context.py
codebuilder.py
column.py (core) Add ChoiceList type, cell widget, and editor widget. 2021-05-12 10:38:32 -04:00
csv_patch.py
depend.py
docactions.py (core) Fix another cause of inconsistency that can be triggered by bad DocActions. 2021-01-28 10:21:58 -05:00
docmodel.py (core) Update ACL resources/rules when tables/columns get renamed 2021-01-04 22:03:01 -05:00
engine.py (core) discount indirect changes for access control purposes 2021-05-12 11:26:21 -04:00
gencode.py
gpath.py
grist.py (core) Add ChoiceList type, cell widget, and editor widget. 2021-05-12 10:38:32 -04:00
identifiers.py
import_actions.py
logger.py
lookup.py
main.py (core) Checks that an ACL formula can be parsed, and prevent saving unparsable ACL rules. 2020-12-15 09:43:37 -05:00
match_counter.py
migrations.py (core) Implement new representation of ACL rules. 2020-11-18 08:58:03 -05:00
moment_parse.py
moment.py
objtypes.py (core) Be more careful with avoiding actions which don't change encoded values 2020-12-10 09:09:45 -05:00
records.py (core) Store formula values in DB, and include them into .stored/.undo fields of actions. 2020-11-04 16:45:47 -05:00
relabeling.py
relation.py
repl.py
runtests.py (core) Store formula values in DB, and include them into .stored/.undo fields of actions. 2020-11-04 16:45:47 -05:00
sandbox.py
schema.py (core) When checking for metadata consistency, check for stray column records too 2021-01-27 18:10:11 -05:00
summary.py
table_data_set.py
table.py (core) Store formula values in DB, and include them into .stored/.undo fields of actions. 2020-11-04 16:45:47 -05:00
test_acl_formula.py (core) give more detailed reasons for access denied when memos are present 2021-02-15 17:02:24 -05:00
test_acl_renames.py (core) Update ACL resources/rules when tables/columns get renamed 2021-01-04 22:03:01 -05:00
test_actions.py
test_codebuilder.py
test_column_actions.py
test_completion.py
test_default_formulas.py
test_derived.py (core) Store formula values in DB, and include them into .stored/.undo fields of actions. 2020-11-04 16:45:47 -05:00
test_display_cols.py (core) discount indirect changes for access control purposes 2021-05-12 11:26:21 -04:00
test_docmodel.py
test_engine.py (core) discount indirect changes for access control purposes 2021-05-12 11:26:21 -04:00
test_find_col.py
test_formula_error.py (core) Store formula values in DB, and include them into .stored/.undo fields of actions. 2020-11-04 16:45:47 -05:00
test_formula_undo.py (core) discount indirect changes for access control purposes 2021-05-12 11:26:21 -04:00
test_functions.py (core) add SELF_HYPERLINK() function for generating links to the current document 2021-03-18 19:37:07 -04:00
test_gencode.py
test_gpath.py
test_import_actions.py (core) Store formula values in DB, and include them into .stored/.undo fields of actions. 2020-11-04 16:45:47 -05:00
test_import_transform.py (core) Store formula values in DB, and include them into .stored/.undo fields of actions. 2020-11-04 16:45:47 -05:00
test_logger.py
test_lookups.py (core) Store formula values in DB, and include them into .stored/.undo fields of actions. 2020-11-04 16:45:47 -05:00
test_match_counter.py
test_migrations.py
test_moment.py
test_record_func.py
test_reflist_rel.py (core) Fix a bug that occurs after remaing a table containing a RefList column. 2020-11-26 22:29:37 -05:00
test_relabeling.py
test_renames2.py (core) Store formula values in DB, and include them into .stored/.undo fields of actions. 2020-11-04 16:45:47 -05:00
test_renames.py (core) Store formula values in DB, and include them into .stored/.undo fields of actions. 2020-11-04 16:45:47 -05:00
test_side_effects.py (core) Store formula values in DB, and include them into .stored/.undo fields of actions. 2020-11-04 16:45:47 -05:00
test_summary2.py (core) Store formula values in DB, and include them into .stored/.undo fields of actions. 2020-11-04 16:45:47 -05:00
test_summary.py (core) Store formula values in DB, and include them into .stored/.undo fields of actions. 2020-11-04 16:45:47 -05:00
test_table_actions.py
test_table_data_set.py
test_temp_rowids.py (core) Allow using negative rowIds to add records and refer to them in Reference values. 2020-12-15 16:39:56 -05:00
test_textbuilder.py
test_treeview.py
test_twowaymap.py
test_types.py (core) Be more careful with avoiding actions which don't change encoded values 2020-12-10 09:09:45 -05:00
test_undo.py (core) Fix another cause of inconsistency that can be triggered by bad DocActions. 2021-01-28 10:21:58 -05:00
test_useractions.py (core) Remove the old attempt at ACLs implemented in Python. 2020-11-12 09:35:08 -05:00
testsamples.py
testscript.json (core) discount indirect changes for access control purposes 2021-05-12 11:26:21 -04:00
testutil.py
textbuilder.py
treeview.py
twowaymap.py
tzdata.data
useractions.py (core) discount indirect changes for access control purposes 2021-05-12 11:26:21 -04:00
usercode.py
usertypes.py (core) Add ChoiceList type, cell widget, and editor widget. 2021-05-12 10:38:32 -04:00