Paul Fitzpatrick dd8d2e18f5 (core) add an access token mechanism to help with attachments in custom widgets ... Summary: With this, a custom widget can render an attachment by doing: ``` const tokenInfo = await grist.docApi.getAccessToken({readOnly: true}); const img = document.getElementById('the_image'); const id = record.C[0]; // get an id of an attachment const src = `${tokenInfo.baseUrl}/attachments/${id}/download?auth=${tokenInfo.token}`; img.setAttribute('src', src) ``` The access token expires after a few mins, so if a user right-clicks on an image to save it, they may get access denied unless they refresh the page. A little awkward, but s3 pre-authorized links behave similarly and it generally isn't a deal-breaker. Test Plan: added tests Reviewers: dsagal Reviewed By: dsagal Subscribers: dsagal Differential Revision: https://phab.getgrist.com/D3488		2022-07-19 11:55:18 -04:00
..
entity	(core) Polishing upgrade plan UI	2022-06-29 18:28:37 +02:00
lib	(core) add an access token mechanism to help with attachments in custom widgets	2022-07-19 11:55:18 -04:00
migration	(core) add a yarn run cli tool, and add a sqlite gristify option	2022-07-14 12:00:30 -04:00
ApiServer.ts	(core) Faster builds all around.	2022-07-04 10:42:40 -04:00
sqlUtils.ts	(core) fix bug where sharing doc with everyone@ as viewer made it unlisted for site viewers	2021-10-28 12:48:31 -04:00