Archives/gristlabs_grist-core
1
0
Fork 0
mirror of https://github.com/gristlabs/grist-core.git synced 2026-03-02 04:09:24 +00:00
Code Issues Projects Releases Wiki Activity
Files
7907467dbc20cfbec15534f43259d2df5234510d
gristlabs_grist-core/app/common
History
Paul Fitzpatrick 7907467dbc (core) treat summary tables like formulas for access control purposes 
Summary:
This unsets the `direct` flag for actions emitted when summary tables are updated. That means those actions will be ignored for access control purposes. So if a user has the right to change a source table, the resulting changes to the summary won't result in the overall action bundle being forbidden.

I don't think I've actually seen the use case that inspired this issue being filed. I could imagine perhaps a user forbidden from creating rows globally making permitted updates that could add rows in a summary (and it being desirable to allow that).

Test Plan: added tests

Reviewers: jarek

Reviewed By: jarek

Subscribers: dsagal, alexmojaki, jarek

Differential Revision: https://phab.getgrist.com/D3022
2021-09-16 18:44:50 -04:00
..
ACLPermissions.ts
(core) Add rules to eslint to better match our coding conventions.
2021-05-24 12:56:18 -04:00
ACLRuleCollection.ts
(core) Configure more comprehensive eslint rules for Typescript
2021-04-26 18:54:55 -04:00
ActionBundle.ts
(core) discount indirect changes for access control purposes
2021-05-12 11:26:21 -04:00
ActionDispatcher.ts
(core) move home server into core
2020-07-21 20:39:10 -04:00
ActionGroup.ts
(core) move home server into core
2020-07-21 20:39:10 -04:00
ActionRouter.ts
(core) move home server into core
2020-07-21 20:39:10 -04:00
ActionSummary.ts
(core) Add rules to eslint to better match our coding conventions.
2021-05-24 12:56:18 -04:00
ActiveDocAPI.ts
(core) treat summary tables like formulas for access control purposes
2021-09-16 18:44:50 -04:00
ApiError.ts
(core) give more detailed reasons for access denied when memos are present
2021-02-15 17:02:24 -05:00
arrayToString.ts
(core) move home server into core
2020-07-21 20:39:10 -04:00
AsyncCreate.ts
(core) add a python3 button
2021-09-16 10:06:04 -04:00
AsyncFlow.ts
(core) move home server into core
2020-07-21 20:39:10 -04:00
BaseAPI.ts
(core) give more detailed reasons for access denied when memos are present
2021-02-15 17:02:24 -05:00
BasketClientAPI.ts
(core) move home server into core
2020-07-21 20:39:10 -04:00
BigInt.ts
(core) move home server into core
2020-07-21 20:39:10 -04:00
BillingAPI.ts
(core) add tests for site deletion
2021-09-14 10:03:18 -04:00
BinaryIndexedTree.js
(core) move client code to core
2020-10-02 13:24:21 -04:00
BrowserSettings.ts
(core) Simple localization support and currency selector.
2021-08-26 13:36:49 -07:00
ColumnFilterFunc.ts
(core) Polish and enable Reference List widget
2021-08-12 11:51:21 -07:00
ColumnGetters.ts
(core) move home server into core
2020-07-21 20:39:10 -04:00
csvFormat.ts
(core) Add our very own implementation of tokenfield (aka pillbox, tag list)
2021-05-03 17:16:24 -04:00
declarations.d.ts
(core) Simple localization support and currency selector.
2021-08-26 13:36:49 -07:00
delay.ts
(core) move home server into core
2020-07-21 20:39:10 -04:00
DisposableWithEvents.ts
(core) move home server into core
2020-07-21 20:39:10 -04:00
DocActions.ts
(core) Add /columns endpoint to DocApi
2021-08-17 23:20:52 +02:00
DocData.ts
(core) implement cleaner row-level access control for outgoing messages
2020-11-30 16:28:33 -05:00
DocListAPI.ts
(core) Adding import from google drive to the home screen
2021-08-05 20:46:11 +02:00
DocSnapshot.ts
(core) revamp snapshot inventory
2020-10-30 13:52:46 -04:00
DocumentSettings.ts
(core) add a python3 button
2021-09-16 10:06:04 -04:00
emails.ts
(core) move home server into core
2020-07-21 20:39:10 -04:00
EncActionBundle.ts
(core) move home server into core
2020-07-21 20:39:10 -04:00
ErrorWithCode.ts
(core) give more detailed reasons for access denied when memos are present
2021-02-15 17:02:24 -05:00
Features.ts
(core) move home server into core
2020-07-21 20:39:10 -04:00
FilterState.ts
(core) Download as CSV button on sections
2021-05-27 15:48:12 +02:00
Formula.ts
(core) move home server into core
2020-07-21 20:39:10 -04:00
GranularAccessClause.ts
(core) Add 'user' variable to trigger formulas
2021-07-15 15:18:32 -07:00
GristServerAPI.ts
(core) Remove a bunch of dead code
2021-07-01 18:38:21 +02:00
gristTypes.ts
(core) Suggest correct table when converting to RefList
2021-08-20 23:04:48 +02:00
gristUrls.ts
(core) add a python3 button
2021-09-16 10:06:04 -04:00
gutil.ts
(core) Fixing anchor link navigation.
2021-07-23 11:02:07 +02:00
InactivityTimer.ts
(core) move home server into core
2020-07-21 20:39:10 -04:00
KeyedMutex.ts
(core) fix sync to s3 when doc is marked as dirty but proves to be clean
2020-11-10 08:12:31 -05:00
KeyedOps.ts
(core) start reconciling forking with granular access
2021-01-12 14:08:49 -05:00
Locales.ts
(core) Simple localization support and currency selector.
2021-08-26 13:36:49 -07:00
LoginSessionAPI.ts
(core) move home server into core
2020-07-21 20:39:10 -04:00
LoginState.ts
(core) move home server into core
2020-07-21 20:39:10 -04:00
marshal.ts
(core) Add rules to eslint to better match our coding conventions.
2021-05-24 12:56:18 -04:00
MemBuffer.js
(core) move home server into core
2020-07-21 20:39:10 -04:00
NumberFormat.ts
(core) Simple localization support and currency selector.
2021-08-26 13:36:49 -07:00
orgNameUtils.ts
(core) Subdomain can start from a number
2021-09-01 18:16:57 +02:00
parseDate.ts
(core) Fix a few issues with parsing of dates in DateEditor.
2021-08-20 14:54:41 -04:00
plugin.ts
(core) move home server into core
2020-07-21 20:39:10 -04:00
PluginInstance.ts
(core) Configure more comprehensive eslint rules for Typescript
2021-04-26 18:54:55 -04:00
Prefs.ts
(core) Enable auto triggering of Welcome Tour, and various improvements.
2021-07-30 14:17:54 -04:00
RefCountMap.ts
(core) Fix an insidious bug in RefCountMap, manifesting as JS errors some time after import.
2020-11-06 09:24:56 -05:00
resetOrg.ts
(core) move home server into core
2020-07-21 20:39:10 -04:00
roles.ts
(core) move home server into core
2020-07-21 20:39:10 -04:00
RowFilterFunc.ts
(core) Download as CSV button on sections
2021-05-27 15:48:12 +02:00
schema.ts
(core) Simple localization support and currency selector.
2021-08-26 13:36:49 -07:00
sharing.ts
(core) move home server into core
2020-07-21 20:39:10 -04:00
SortFunc.ts
(core) Use unicode-aware comparisons for user-visible strings.
2021-03-15 09:54:10 -04:00
StringUnion.ts
(core) Implement updated DocMenu UI: list/card mode and sort mode.
2020-08-19 11:31:42 -04:00
TableData.ts
(core) hide long sequences of unchanged rows in diffs
2020-11-19 18:19:54 -05:00
TabularDiff.ts
(core) move home server into core
2020-07-21 20:39:10 -04:00
tbind.ts
(core) Configure more comprehensive eslint rules for Typescript
2021-04-26 18:54:55 -04:00
TestState.ts
(core) move home server into core
2020-07-21 20:39:10 -04:00
timeFormat.ts
(core) move home server into core
2020-07-21 20:39:10 -04:00
tpromisified.ts
(core) Configure more comprehensive eslint rules for Typescript
2021-04-26 18:54:55 -04:00
tsconfig.json
(core) more grist-core cleanup
2020-07-23 16:21:08 -04:00
tsvFormat.ts
(core) move home server into core
2020-07-21 20:39:10 -04:00
uploads.ts
(core) move home server into core
2020-07-21 20:39:10 -04:00
urlUtils.ts
(core) remove metrics
2020-09-29 18:57:56 -04:00
UserAPI.ts
(core) treat summary tables like formulas for access control purposes
2021-09-16 18:44:50 -04:00
UserConfig.ts
(core) Remove REPL code
2021-07-20 15:17:03 +02:00
ValueFormatter.ts
(core) Simple localization support and currency selector.
2021-08-26 13:36:49 -07:00