Paul Fitzpatrick 7907467dbc (core) treat summary tables like formulas for access control purposes ... Summary: This unsets the `direct` flag for actions emitted when summary tables are updated. That means those actions will be ignored for access control purposes. So if a user has the right to change a source table, the resulting changes to the summary won't result in the overall action bundle being forbidden. I don't think I've actually seen the use case that inspired this issue being filed. I could imagine perhaps a user forbidden from creating rows globally making permitted updates that could add rows in a summary (and it being desirable to allow that). Test Plan: added tests Reviewers: jarek Reviewed By: jarek Subscribers: dsagal, alexmojaki, jarek Differential Revision: https://phab.getgrist.com/D3022		2021-09-16 18:44:50 -04:00
..
docker	(core) support python3 in grist-core, and running engine via docker and/or gvisor	2021-07-28 09:02:32 -04:00
grist	(core) treat summary tables like formulas for access control purposes	2021-09-16 18:44:50 -04:00
gen_js_schema.py	(core) Remove help, mkdocs, and the 'env' virtualenv	2021-06-30 16:59:08 +02:00
install_tz.js	(core) move data engine code to core	2020-07-29 08:57:25 -04:00
requirements3.txt	(core) support python3 in grist-core, and running engine via docker and/or gvisor	2021-07-28 09:02:32 -04:00
requirements.txt	(core) support python3 in grist-core, and running engine via docker and/or gvisor	2021-07-28 09:02:32 -04:00