gristlabs_grist-core/app/client
Paul Fitzpatrick c879393a8e (core) support adding user characteristic tables for granular ACLs
Summary:
This is a prototype for expanding the conditions that can be used in granular ACLs.

When processing ACLs, the following variables (called "characteristics") are now available in conditions:
 * UserID
 * Email
 * Name
 * Access (owners, editors, viewers)

The set of variables can be expanded by adding a "characteristic" clause.  This is a clause which specifies:
 * A tableId
 * The name of an existing characteristic
 * A colId
The effect of the clause is to expand the available characteristics with all the columns in the table, with values taken from the record where there is a match between the specified characteristic and the specified column.

Existing clauses are generalized somewhat to demonstrate and test the use these variables. That isn't the main point of this diff though, and I propose to leave generalizing+systematizing those clauses for a future diff.

Issues I'm not dealing with here:
 * How clauses combine.  (The scope on GranularAccessRowClause is a hack to save me worrying about that yet).
 * The full set of matching methods we'll allow.
 * Refreshing row access in clients when the tables mentioned in characteristic tables change.
 * Full CRUD permission control.
 * Default rules (part of combination).
 * Reporting errors in access rules.

That said, with this diff it is possible to e.g. assign a City to editors by their email address or name, and have only rows for those Cities be visible in their client. Ability to modify those rows, and remain updates about them, remains under incomplete control.

Test Plan: added tests

Reviewers: dsagal

Reviewed By: dsagal

Differential Revision: https://phab.getgrist.com/D2642
2020-10-19 13:33:47 -04:00
..
components (core) switch to newer download endpoint in client 2020-10-19 12:44:03 -04:00
lib (core) Ask the user some questions after they sign up and set their name. 2020-10-15 23:36:00 -04:00
models (core) mitigate csrf by requiring custom header for unsafe methods 2020-10-08 14:19:25 -04:00
ui (core) support adding user characteristic tables for granular ACLs 2020-10-19 13:33:47 -04:00
ui2018 (core) Implement 'Print widget' option to print individual view sections. 2020-10-10 00:35:33 -04:00
widgets (core) move client code to core 2020-10-02 13:24:21 -04:00
app.css (core) Cleanup removing some old unused files, fixing logo.css, and removing #grist-app. 2020-10-09 17:04:09 -04:00
app.js (core) Cleanup removing some old unused files, fixing logo.css, and removing #grist-app. 2020-10-09 17:04:09 -04:00
declarations.d.ts (core) Implement 'Print widget' option to print individual view sections. 2020-10-10 00:35:33 -04:00
exposeModulesForTests.js (core) move client code to core 2020-10-02 13:24:21 -04:00
logo.css (core) Cleanup removing some old unused files, fixing logo.css, and removing #grist-app. 2020-10-09 17:04:09 -04:00
tsconfig.json freshen app/client/ui2018/cssVars.ts 2020-06-23 16:16:38 -04:00