Archives/gristlabs_grist-core
1
0
Fork 0
mirror of https://github.com/gristlabs/grist-core.git synced 2024-10-27 20:44:07 +00:00
Code Issues Projects Releases Wiki Activity
f91f45b26d
gristlabs_grist-core/app/server/lib
History
Paul Fitzpatrick f91f45b26d (core) support granular read access for attachments 
Summary:
When a user requests to read the contents of an attachment, only allow the request if there exists a cell in an attachment column that contains the attachment and which they have read access to.

This does not cover:
 * Granular write access for attachments. In particular, a user who can write to any attachment column should be considered to have full read access to all attachment columns, currently.
 * Access control of attachment metadata such as name and format.

The implementation uses a sql query that requires a scan, and some notes on how this could be optimized in future. The web client was updated to specify the cell to check for access, and performance seemed fine in casual testing on a doc with 1000s of attachments. I'm not sure how performance would hold up as the set of access rules grows as well.

Test Plan: added tests

Reviewers: alexmojaki

Reviewed By: alexmojaki

Differential Revision: https://phab.getgrist.com/D3490
2022-07-07 07:22:02 -04:00
..
ACLFormula.ts (core) add OWNERS='owners', EDITOR='editors', VIEWER='viewers' to condition formulas 2021-03-19 18:20:33 -04:00
ActionHistory.ts (core) do not look at content of recent actions when loading documents 2021-09-29 11:27:02 -04:00
ActionHistoryImpl.ts Correct spelling mistakes 2022-02-19 09:46:49 +00:00
ActionSummary.ts Correct spelling mistakes 2022-02-19 09:46:49 +00:00
ActiveDoc.ts (core) support granular read access for attachments 2022-07-07 07:22:02 -04:00
ActiveDocImport.ts (core) Faster builds all around. 2022-07-04 10:42:40 -04:00
AppEndpoint.ts (core) Faster builds all around. 2022-07-04 10:42:40 -04:00
AppSettings.ts (core) clean up interaction of forward auth with session 2022-06-15 13:06:12 -04:00
Authorizer.ts (core) Faster builds all around. 2022-07-04 10:42:40 -04:00
BrowserSession.ts (core) Faster builds all around. 2022-07-04 10:42:40 -04:00
checksumFile.ts (core) move home server into core 2020-07-21 20:39:10 -04:00
Client.ts (core) Faster builds all around. 2022-07-04 10:42:40 -04:00
Comm.ts (core) Faster builds all around. 2022-07-04 10:42:40 -04:00
dbUtils.ts (core) move DocUsageBanner to ext 2022-05-27 22:19:17 -04:00
DiscourseConnect.ts (core) Adding GristConnect login system 2022-05-18 20:28:25 +02:00
DocApi.ts (core) support granular read access for attachments 2022-07-07 07:22:02 -04:00
DocClients.ts (core) Converting server-side Comm.js to typescript 2022-06-07 15:47:17 -04:00
DocManager.ts (core) Faster builds all around. 2022-07-04 10:42:40 -04:00
DocPluginData.ts (core) move home server into core 2020-07-21 20:39:10 -04:00
DocPluginManager.ts (core) Faster builds all around. 2022-07-04 10:42:40 -04:00
DocSession.ts (core) add a user.SessionID value for trigger formulas and granular access rules 2022-02-22 12:50:43 -05:00
DocSnapshots.ts (core) Faster builds all around. 2022-07-04 10:42:40 -04:00
DocStorage.ts (core) support granular read access for attachments 2022-07-07 07:22:02 -04:00
DocStorageManager.ts (core) Faster builds all around. 2022-07-04 10:42:40 -04:00
docUtils.d.ts (core) move home server into core 2020-07-21 20:39:10 -04:00
docUtils.js Correct spelling mistakes 2022-02-19 09:46:49 +00:00
DocWorker.ts (core) support granular read access for attachments 2022-07-07 07:22:02 -04:00
DocWorkerMap.ts (core) Add flexibility to daily API usage limit 2022-04-28 16:22:18 +02:00
ExcelFormatter.ts (core) Faster builds all around. 2022-07-04 10:42:40 -04:00
ExpandedQuery.ts Correct spelling mistakes 2022-02-19 09:46:49 +00:00
Export.ts (core) Use MetaTableData more 2021-12-07 17:09:58 +02:00
ExportCSV.ts (core) Faster builds all around. 2022-07-04 10:42:40 -04:00
ExportXLSX.ts (core) Faster builds all around. 2022-07-04 10:42:40 -04:00
expressWrap.ts (core) Faster builds all around. 2022-07-04 10:42:40 -04:00
ExternalStorage.ts (core) Faster builds all around. 2022-07-04 10:42:40 -04:00
extractOrg.ts (core) Converting server-side Comm.js to typescript 2022-06-07 15:47:17 -04:00
FileParserElement.ts (core) move home server into core 2020-07-21 20:39:10 -04:00
filterUtils.ts (core) uncheck FullCopy special when copying/forking a document 2021-04-29 08:56:54 -04:00
FlexServer.ts (core) Faster builds all around. 2022-07-04 10:42:40 -04:00
ForwardAuthLogin.ts (core) clean up interaction of forward auth with session 2022-06-15 13:06:12 -04:00
GoogleAuth.ts (core) Faster builds all around. 2022-07-04 10:42:40 -04:00
GoogleExport.ts (core) Faster builds all around. 2022-07-04 10:42:40 -04:00
GoogleImport.ts (core) Faster builds all around. 2022-07-04 10:42:40 -04:00
GranularAccess.ts (core) support granular read access for attachments 2022-07-07 07:22:02 -04:00
GristServer.ts (core) clean up interaction of forward auth with session 2022-06-15 13:06:12 -04:00
gristSessions.ts (core) Faster builds all around. 2022-07-04 10:42:40 -04:00
guessExt.ts (core) Switch excel import parsing from messytables+xlrd to openpyxl, and ignore empty rows 2022-05-12 14:43:21 +02:00
HashUtil.ts (core) add more detail to /compare endpoint 2020-09-18 16:31:29 -04:00
HostedMetadataManager.ts (core) Faster builds all around. 2022-07-04 10:42:40 -04:00
HostedStorageManager.ts (core) Faster builds all around. 2022-07-04 10:42:40 -04:00
httpEncoding.ts (core) External requests 2022-06-17 21:53:20 +02:00
IBilling.ts (core) Product update popups and hosted stripe integration 2022-06-08 21:10:49 +02:00
IChecksumStore.ts (core) revamp snapshot inventory 2020-10-30 13:52:46 -04:00
ICreate.ts (core) make it easier to enable Azure storage without setting GRIST_DOCS_S3_BUCKET 2022-06-03 14:50:31 -04:00
IDocStorageManager.ts (core) Add API endpoint to get site usage summary 2022-05-16 11:16:19 -07:00
idUtils.ts (core) Move Notifier to /ext 2022-05-18 08:02:32 -07:00
IElectionStore.ts (core) move some material to core that slipped through in a rebase 2020-07-23 11:29:05 -04:00
initialDocSql.ts (core) Show summary tables on Raw Data page 2022-07-06 09:41:48 -07:00
INotifier.ts (core) Speed up and upgrade build. 2022-06-27 16:10:10 -04:00
ISandbox.ts (core) Faster builds all around. 2022-07-04 10:42:40 -04:00
IShell.ts (core) move home server into core 2020-07-21 20:39:10 -04:00
ITestingHooks-ti.ts (core) Converting server-side Comm.js to typescript 2022-06-07 15:47:17 -04:00
ITestingHooks.ts (core) Converting server-side Comm.js to typescript 2022-06-07 15:47:17 -04:00
log.ts (core) give instructions on using Grist with docker 2020-10-28 13:59:13 -04:00
LogMethods.ts (core) Faster builds all around. 2022-07-04 10:42:40 -04:00
manifest.ts (core) move home server into core 2020-07-21 20:39:10 -04:00
MinimalLogin.ts (core) Adding GristConnect login system 2022-05-18 20:28:25 +02:00
NSandbox.ts (core) Faster builds all around. 2022-07-04 10:42:40 -04:00
OnDemandActions.ts (core) add GVISOR_LIMIT_MEMORY to cap memory available in sandbox 2022-05-18 14:26:27 -04:00
PermissionInfo.ts (core) Faster builds all around. 2022-07-04 10:42:40 -04:00
Permit.ts (core) Add new Grist login page 2022-04-01 15:24:19 -07:00
places.ts (core) fix docker packaging after core shuffle 2020-07-22 14:45:42 -04:00
PluginEndpoint.ts (core) Faster builds all around. 2022-07-04 10:42:40 -04:00
PluginManager.ts (core) Faster builds all around. 2022-07-04 10:42:40 -04:00
reportTimeTaken.ts (core) Faster builds all around. 2022-07-04 10:42:40 -04:00
Requests.ts (core) Faster builds all around. 2022-07-04 10:42:40 -04:00
requestUtils.ts (core) support granular read access for attachments 2022-07-07 07:22:02 -04:00
RowAccess.ts (core) Add rules to eslint to better match our coding conventions. 2021-05-24 12:56:18 -04:00
SafePythonComponent.ts (core) Faster builds all around. 2022-07-04 10:42:40 -04:00
SamlConfig.ts (core) Faster builds all around. 2022-07-04 10:42:40 -04:00
SandboxControl.ts (core) Faster builds all around. 2022-07-04 10:42:40 -04:00
sandboxUtil.ts (core) Faster builds all around. 2022-07-04 10:42:40 -04:00
sendAppPage.ts (core) Use new Banner component for activation messages 2022-06-13 10:20:31 -07:00
ServerColumnGetters.ts (core) Adding sort options for columns. 2021-11-03 15:31:39 +01:00
ServerLocale.ts (core) Converting server-side Comm.js to typescript 2022-06-07 15:47:17 -04:00
serverUtils.ts (core) Faster builds all around. 2022-07-04 10:42:40 -04:00
Sessions.ts (core) Converting server-side Comm.js to typescript 2022-06-07 15:47:17 -04:00
Sharing.ts (core) Faster builds all around. 2022-07-04 10:42:40 -04:00
shortDesc.ts (core) move home server into core 2020-07-21 20:39:10 -04:00
shutdown.js (core) move home server into core 2020-07-21 20:39:10 -04:00
SQLiteDB.ts (core) Faster builds all around. 2022-07-04 10:42:40 -04:00
TableMetadataLoader.ts (core) open documents without blocking on data engine 2021-10-01 10:18:56 -04:00
TagChecker.ts (core) move home server into core 2020-07-21 20:39:10 -04:00
TestingHooks.ts (core) Faster builds all around. 2022-07-04 10:42:40 -04:00
TestLogin.ts (core) Add new Grist login page 2022-04-01 15:24:19 -07:00
Throttle.ts (core) Faster builds all around. 2022-07-04 10:42:40 -04:00
TimeQuery.ts (core) Raw renames 2022-04-27 22:21:55 +02:00
Triggers.ts (core) Faster builds all around. 2022-07-04 10:42:40 -04:00
UnsafeNodeComponent.ts (core) Faster builds all around. 2022-07-04 10:42:40 -04:00
uploads.ts (core) Faster builds all around. 2022-07-04 10:42:40 -04:00
WidgetRepository.ts (core) Faster builds all around. 2022-07-04 10:42:40 -04:00
WorkCoordinator.ts (core) Faster builds all around. 2022-07-04 10:42:40 -04:00