Archives/gristlabs_grist-core
1
0
Fork 0
mirror of https://github.com/gristlabs/grist-core.git synced 2024-10-27 20:44:07 +00:00
Code Issues Projects Releases Wiki Activity
8f023a6446
gristlabs_grist-core/app
History
Paul Fitzpatrick 8f023a6446 (core) implement authorization via query parameter 
Summary:
This adds any parameters in a document url whose key ends in '_'
into a `user.Link` object available in access control formulas
and in setting up characteristic tables.

This allows, for example, sending links to a document that contain
a hard-to-guess token, and having that link grant access to a
controlled part of the document (invoices for a specific customer
for example).

A `user.Origin` field is also added, set during rest api calls,
but is only tested manually at this point.  It could be elaborated
for embedding use-cases.

Test Plan: added test

Reviewers: dsagal

Reviewed By: dsagal

Differential Revision: https://phab.getgrist.com/D2680
2020-12-09 09:48:06 -05:00
..
client (core) implement authorization via query parameter 2020-12-09 09:48:06 -05:00
common (core) implement authorization via query parameter 2020-12-09 09:48:06 -05:00
gen-server (core) distinguish open public documents from listing them 2020-11-27 09:56:25 -05:00
plugin (core) hide long sequences of unchanged rows in diffs 2020-11-19 18:19:54 -05:00
server (core) implement authorization via query parameter 2020-12-09 09:48:06 -05:00
tsconfig.json (core) move home server into core 2020-07-21 20:39:10 -04:00