mirror of
https://github.com/gristlabs/grist-core.git
synced 2024-10-27 20:44:07 +00:00
307966e84f
Summary: Backstory: to make examples easier to play with, we: * Add a special FullCopies permission to let anyone fork/copy them regardless of other access rules * Open the examples in "prefork" mode by default That means a random person can open an example and already feel like an owner of it. Getting to this point requires some gymnastics on the back end. As soon as the person makes any change to the document they become truly the owner (of their fork), and life is simple for the back end. But, if that person does "View As" to look at the preforked document, that is a step too far for the back end - a user, with a special somewhat complicated exception allowing them to act as an owner for some purposes, now wants to pretend to be another user. The logic for this on the back end was doable, but looked hard to review and be confident of, with now three identities with subtle nuances in their interrelationship. So with this diff, if a non-owner attempts to "View As" another user on a prefork, the client will just fork the document first. This is in principle not necessary, but is much simpler from a security perspective. Test Plan: extended test Reviewers: georgegevoian Reviewed By: georgegevoian Differential Revision: https://phab.getgrist.com/D3179
155 lines
6.3 KiB
TypeScript
155 lines
6.3 KiB
TypeScript
import {copyToClipboard} from 'app/client/lib/copyToClipboard';
|
|
import {DocPageModel} from 'app/client/models/DocPageModel';
|
|
import {urlState} from 'app/client/models/gristUrlState';
|
|
import {createUserImage} from 'app/client/ui/UserImage';
|
|
import {cssMemberImage, cssMemberListItem, cssMemberPrimary,
|
|
cssMemberSecondary, cssMemberText} from 'app/client/ui/UserItem';
|
|
import {basicButton, basicButtonLink} from 'app/client/ui2018/buttons';
|
|
import {colors, testId} from 'app/client/ui2018/cssVars';
|
|
import {icon} from 'app/client/ui2018/icons';
|
|
import {menuCssClass, menuDivider} from 'app/client/ui2018/menus';
|
|
import {PermissionDataWithExtraUsers} from 'app/common/ActiveDocAPI';
|
|
import {userOverrideParams} from 'app/common/gristUrls';
|
|
import {FullUser} from 'app/common/LoginSessionAPI';
|
|
import * as roles from 'app/common/roles';
|
|
import {ANONYMOUS_USER_EMAIL, EVERYONE_EMAIL} from 'app/common/UserAPI';
|
|
import {getRealAccess, UserAccessData} from 'app/common/UserAPI';
|
|
import {Disposable, dom, Observable, styled} from 'grainjs';
|
|
import {cssMenu, cssMenuWrap, defaultMenuOptions, IOpenController, setPopupToCreateDom} from 'popweasel';
|
|
|
|
const roleNames: {[role: string]: string} = {
|
|
[roles.OWNER]: 'Owner',
|
|
[roles.EDITOR]: 'Editor',
|
|
[roles.VIEWER]: 'Viewer',
|
|
};
|
|
|
|
function isSpecialEmail(email: string) {
|
|
return email === ANONYMOUS_USER_EMAIL || email === EVERYONE_EMAIL;
|
|
}
|
|
|
|
export class ACLUsersPopup extends Disposable {
|
|
public readonly isInitialized = Observable.create(this, false);
|
|
private _shareUsers: UserAccessData[] = []; // Users doc is shared with.
|
|
private _attributeTableUsers: UserAccessData[] = []; // Users mentioned in attribute tables.
|
|
private _exampleUsers: UserAccessData[] = []; // Example users.
|
|
private _currentUser: FullUser|null = null;
|
|
private _pageModel: DocPageModel|null = null;
|
|
|
|
public init(pageModel: DocPageModel, permissionData: PermissionDataWithExtraUsers|null) {
|
|
this._currentUser = pageModel.userOverride.get()?.user || pageModel.appModel.currentValidUser;
|
|
this._pageModel = pageModel;
|
|
if (permissionData) {
|
|
this._shareUsers = permissionData.users.map(user => ({
|
|
...user,
|
|
access: getRealAccess(user, permissionData),
|
|
}))
|
|
.filter(user => user.access && !isSpecialEmail(user.email));
|
|
this._attributeTableUsers = permissionData.attributeTableUsers;
|
|
this._exampleUsers = permissionData.exampleUsers;
|
|
this.isInitialized.set(true);
|
|
}
|
|
}
|
|
|
|
public attachPopup(elem: Element) {
|
|
setPopupToCreateDom(elem, (ctl) => {
|
|
const buildRow = (user: UserAccessData) => this._buildUserRow(user, this._currentUser, ctl);
|
|
return cssMenuWrap(cssMenu(
|
|
dom.cls(menuCssClass),
|
|
cssUsers.cls(''),
|
|
dom.forEach(this._shareUsers, buildRow),
|
|
// Add a divider between users-from-shares and users from attribute tables.
|
|
(this._attributeTableUsers.length > 0) ? menuDivider() : null,
|
|
dom.forEach(this._attributeTableUsers, buildRow),
|
|
// Include example users only if there are not many "real" users.
|
|
// It might be better to have an expandable section with these users, collapsed
|
|
// by default, but that's beyond my UI ken.
|
|
(this._shareUsers.length + this._attributeTableUsers.length < 5) ? [
|
|
(this._exampleUsers.length > 0) ? menuDivider() : null,
|
|
dom.forEach(this._exampleUsers, buildRow)
|
|
] : null,
|
|
(el) => { setTimeout(() => el.focus(), 0); },
|
|
dom.onKeyDown({Escape: () => ctl.close()}),
|
|
));
|
|
}, {...defaultMenuOptions, placement: 'bottom-end'});
|
|
}
|
|
|
|
private _buildUserRow(user: UserAccessData, currentUser: FullUser|null, ctl: IOpenController) {
|
|
const isCurrentUser = Boolean(currentUser && user.id === currentUser.id);
|
|
return cssUserItem(
|
|
cssMemberImage(
|
|
createUserImage(user, 'large')
|
|
),
|
|
cssMemberText(
|
|
cssMemberPrimary(user.name || dom('span', user.email),
|
|
cssRole('(', roleNames[user.access!] || user.access || 'no access', ')', testId('acl-user-access')),
|
|
),
|
|
user.name ? cssMemberSecondary(user.email) : null
|
|
),
|
|
basicButton(cssUserButton.cls(''), icon('Copy'), 'Copy Email',
|
|
testId('acl-user-copy'),
|
|
dom.on('click', async (ev, elem) => { await copyToClipboard(user.email); ctl.close(); }),
|
|
),
|
|
basicButtonLink(cssUserButton.cls(''), cssUserButton.cls('-disabled', isCurrentUser),
|
|
testId('acl-user-view-as'),
|
|
icon('FieldLink'), 'View As',
|
|
this._viewAs(user),
|
|
),
|
|
testId('acl-user-item'),
|
|
);
|
|
}
|
|
|
|
private _viewAs(user: UserAccessData) {
|
|
if (this._pageModel?.isPrefork.get() &&
|
|
this._pageModel?.currentDoc.get()?.access !== 'owners') {
|
|
// "View As" is restricted to document owners on the back-end. Non-owners can be
|
|
// permitted to pretend to be owners of a pre-forked document, but if they want
|
|
// to do "View As", that would be layering pretence over pretense. Better to just
|
|
// go ahead and create the fork, so the user becomes a genuine owner, so the
|
|
// back-end doesn't have to become too metaphysical (and maybe hard to review).
|
|
return dom.on('click', async () => {
|
|
const forkResult = await this._pageModel?.gristDoc.get()?.docComm.fork();
|
|
if (!forkResult) { throw new Error('Failed to create fork'); }
|
|
window.location.assign(urlState().makeUrl(userOverrideParams(user.email,
|
|
{doc: forkResult.urlId,
|
|
docPage: undefined})));
|
|
});
|
|
} else {
|
|
// When forking isn't needed, we return a direct link to be maximally transparent
|
|
// about where button will go.
|
|
return urlState().setHref(userOverrideParams(user.email, {docPage: undefined}));
|
|
}
|
|
}
|
|
}
|
|
|
|
const cssUsers = styled('div', `
|
|
max-width: unset;
|
|
`);
|
|
|
|
const cssUserItem = styled(cssMemberListItem, `
|
|
width: auto;
|
|
padding: 8px 16px;
|
|
align-items: center;
|
|
&:hover {
|
|
background-color: ${colors.lightGrey};
|
|
}
|
|
`);
|
|
|
|
const cssRole = styled('span', `
|
|
margin: 0 8px;
|
|
font-weight: normal;
|
|
`);
|
|
|
|
const cssUserButton = styled('div', `
|
|
margin: 0 8px;
|
|
border: none;
|
|
display: inline-flex;
|
|
white-space: nowrap;
|
|
gap: 4px;
|
|
&:hover {
|
|
background-color: ${colors.darkGrey};
|
|
}
|
|
&-disabled {
|
|
visibility: hidden;
|
|
}
|
|
`);
|