@saltcorn/server 0.9.6-beta.9 → 0.9.7-rc.0

package/app.js

@@ -50,6 +50,7 @@ const locales = Object.keys(available_languages);
 const i18n = new I18n({
   locales,
   directory: path.join(__dirname, "locales"),
+  mustacheConfig: { disable: true },
 });
 // jwt config
 const jwt_secret = db.connectObj.jwt_secret;
@@ -171,9 +172,13 @@ const getApp = async (opts = {}) => {
     const tenants = await getAllTenants();
     await init_multi_tenant(loadAllPlugins, opts.disableMigrate, tenants);
   }
+  const pruneSessionInterval = +getState().getConfig(
+    "prune_session_interval",
+    900
+  );
   //
   // todo ability to configure session_secret Age
-  app.use(getSessionStore());
+  app.use(getSessionStore(pruneSessionInterval));
 
   app.use(passport.initialize());
   app.use(passport.authenticate(["jwt", "session"]));
@@ -297,7 +302,9 @@ const getApp = async (opts = {}) => {
         if (
           u &&
           u.last_mobile_login &&
-          u.last_mobile_login <= jwt_payload.iat
+          (typeof u.last_mobile_login === "string"
+            ? new Date(u.last_mobile_login).valueOf()
+            : u.last_mobile_login) <= jwt_payload.iat
         ) {
           return done(null, {
             email: u.email,

package/auth/admin.js

@@ -99,6 +99,10 @@ const getUserFields = async (req) => {
         input_type: "email",
       };
     }
+    if (f.name === "role_id") {
+      f.fieldview = "role_select";
+      await f.fill_fkey_options();
+    }
   }
   return userFields;
 };
@@ -110,65 +114,59 @@ const getUserFields = async (req) => {
  * @param {User} user
  * @returns {Promise<Form>}
  */
-const userForm = contract(
-  is.fun(
-    [is.obj({}), is.maybe(is.class("User"))],
-    is.promise(is.class("Form"))
-  ),
-  async (req, user) => {
-    const roleField = new Field({
-      label: req.__("Role"),
-      name: "role_id",
-      type: "Key",
-      reftable_name: "roles",
-    });
-    const roles = (await User.get_roles()).filter((r) => r.role !== "public");
-    roleField.options = roles.map((r) => ({ label: r.role, value: r.id }));
-    const can_reset = getState().getConfig("smtp_host", "") !== "";
-    const userFields = await getUserFields(req);
-    const form = new Form({
-      fields: [roleField, ...userFields],
-      action: "/useradmin/save",
-      submitLabel: user ? req.__("Save") : req.__("Create"),
-    });
-    if (!user) {
+const userForm = async (req, user) => {
+  const roleField = new Field({
+    label: req.__("Role"),
+    name: "role_id",
+    type: "Key",
+    reftable_name: "roles",
+  });
+  const roles = (await User.get_roles()).filter((r) => r.role !== "public");
+  roleField.options = roles.map((r) => ({ label: r.role, value: r.id }));
+  const can_reset = getState().getConfig("smtp_host", "") !== "";
+  const userFields = await getUserFields(req);
+  const form = new Form({
+    fields: userFields,
+    action: "/useradmin/save",
+    submitLabel: user ? req.__("Save") : req.__("Create"),
+  });
+  if (!user) {
+    form.fields.push(
+      new Field({
+        label: req.__("Set random password"),
+        name: "rnd_password",
+        type: "Bool",
+        default: true,
+      })
+    );
+    form.fields.push(
+      new Field({
+        label: req.__("Password"),
+        name: "password",
+        input_type: "password",
+        showIf: { rnd_password: false },
+      })
+    );
+    can_reset &&
       form.fields.push(
         new Field({
-          label: req.__("Set random password"),
-          name: "rnd_password",
+          label: req.__("Send password reset email"),
+          name: "send_pwreset_email",
           type: "Bool",
           default: true,
+          showIf: { rnd_password: true },
         })
       );
-      form.fields.push(
-        new Field({
-          label: req.__("Password"),
-          name: "password",
-          input_type: "password",
-          showIf: { rnd_password: false },
-        })
-      );
-      can_reset &&
-        form.fields.push(
-          new Field({
-            label: req.__("Send password reset email"),
-            name: "send_pwreset_email",
-            type: "Bool",
-            default: true,
-            showIf: { rnd_password: true },
-          })
-        );
-    }
-    if (user) {
-      form.hidden("id");
-      form.values = user;
-      delete form.values.password;
-    } else {
-      form.values.role_id = roles[roles.length - 1].id;
-    }
-    return form;
   }
-);
+  if (user) {
+    form.hidden("id");
+    form.values = user;
+    delete form.values.password;
+  } else {
+    form.values.role_id = roles[roles.length - 1].id;
+  }
+  return form;
+};
 
 /**
  * Dropdown for User Info in left menu
@@ -390,6 +388,7 @@ const http_settings_form = async (req) =>
       "cross_domain_iframe",
       "body_limit",
       "url_encoded_limit",
+      ...(!db.isSQLite ? ["prune_session_interval"] : []),
     ],
     action: "/useradmin/http",
     submitLabel: req.__("Save"),

package/auth/roleadmin.js

@@ -145,7 +145,9 @@ router.get(
       active_sub: "Roles",
       contents: {
         type: "card",
-        title: req.__("Roles"),
+        title:
+          req.__("Roles") +
+          `<a href="javascript:ajax_modal('/admin/help/User%20roles?')"><i class="fas fa-question-circle ms-1"></i></a>`,
         contents: [
           mkTable(
             [
@@ -198,7 +200,9 @@ router.get(
       sub2_page: "New",
       contents: {
         type: "card",
-        title: req.__("Roles"),
+        title:
+          req.__("Roles") +
+          `<a href="javascript:ajax_modal('/admin/help/User%20roles?')"><i class="fas fa-question-circle ms-1"></i></a>`,
         contents: [renderForm(form, req.csrfToken())],
       },
     });

package/auth/routes.js

@@ -1103,15 +1103,20 @@ router.post(
       res.redirect("/auth/twofa/login/totp");
       return;
     }
+    let maxAge = null;
     if (req.session.cookie)
       if (req.body.remember) {
-        const setDur = +getState().getConfig("cookie_duration_remember", 0);
-        if (setDur) req.session.cookie.maxAge = setDur * 60 * 60 * 1000;
-        else req.session.cookie.expires = false;
+        const setDur = +getState().getConfig("cookie_duration_remember", 720);
+        if (setDur) {
+          maxAge = setDur * 60 * 60 * 1000;
+          req.session.cookie.maxAge = maxAge;
+        } else req.session.cookie.expires = false;
       } else {
-        const setDur = +getState().getConfig("cookie_duration", 0);
-        if (setDur) req.session.cookie.maxAge = setDur * 60 * 60 * 1000;
-        else req.session.cookie.expires = false;
+        const setDur = +getState().getConfig("cookie_duration", 720);
+        if (setDur) {
+          maxAge = setDur * 60 * 60 * 1000;
+          req.session.cookie.maxAge = maxAge;
+        } else req.session.cookie.expires = false;
       }
     const session_id = getSessionId(req);
 
@@ -1119,7 +1124,7 @@ router.post(
       session_id,
       old_session_id: req.old_session_id,
     });
-    res?.cookie?.("loggedin", "true");
+    res?.cookie?.("loggedin", "true", maxAge ? { maxAge } : undefined);
     req.flash("success", req.__("Welcome, %s!", req.user.email));
     if (req.smr) {
       const dbUser = await User.findOne({ id: req.user.id });
@@ -1155,7 +1160,11 @@ router.get(
     } else {
       const auth = getState().auth_methods[method];
       if (auth) {
-        passport.authenticate(method, auth.parameters)(req, res, next);
+        const passportParams =
+          typeof auth.parameters === "function"
+            ? auth.parameters(req)
+            : auth.parameters;
+        passport.authenticate(method, passportParams)(req, res, next);
       } else {
         req.flash(
           "danger",
@@ -1189,7 +1198,11 @@ router.post(
     const { method } = req.params;
     const auth = getState().auth_methods[method];
     if (auth) {
-      passport.authenticate(method, auth.parameters)(
+      const passportParams =
+        typeof auth.parameters === "function"
+          ? auth.parameters(req)
+          : auth.parameters;
+      passport.authenticate(method, passportParams)(
         req,
         res,
         loginCallback(req, res)
@@ -1227,7 +1240,12 @@ const callbackFn = async (req, res, next) => {
   const { method } = req.params;
   const auth = getState().auth_methods[method];
   if (auth) {
-    passport.authenticate(method, { failureRedirect: "/auth/login" })(
+    const passportParams =
+      typeof auth.parameters === "function"
+        ? auth.parameters(req)
+        : auth.parameters;
+    passportParams.failureRedirect = "/auth/login";
+    passport.authenticate(method, passportParams)(
       req,
       res,
       loginCallback(req, res)

package/auth/testhelp.js

@@ -9,6 +9,8 @@ const app = require("../app");
 const getApp = require("../app");
 const fixtures = require("@saltcorn/data/db/fixtures");
 const reset = require("@saltcorn/data/db/reset_schema");
+const jsdom = require("jsdom");
+const { JSDOM, ResourceLoader } = jsdom;
 
 /**
  *
@@ -307,6 +309,89 @@ const notFound = (res) => {
   }
 };
 
+const load_url_dom = async (url) => {
+  const app = await getApp({ disableCsrf: true });
+  class CustomResourceLoader extends ResourceLoader {
+    async fetch(url, options) {
+      const url1 = url.replace("http://localhost", "");
+      //console.log("fetching", url, url1);
+      const res = await request(app).get(url1);
+
+      return Buffer.from(res.text);
+    }
+  }
+  const reqres = await request(app).get(url);
+  //console.log("rr1", reqres.text);
+  const virtualConsole = new jsdom.VirtualConsole();
+  virtualConsole.sendTo(console);
+  const dom = new JSDOM(reqres.text, {
+    url: "http://localhost" + url,
+    runScripts: "dangerously",
+    resources: new CustomResourceLoader(),
+    pretendToBeVisual: true,
+    virtualConsole,
+  });
+
+  class FakeXHR {
+    constructor() {
+      this.readyState = 0;
+      this.requestHeaders = [];
+      //return traceMethodCalls(this);
+    }
+    open(method, url) {
+      //console.log("open xhr", method, url);
+      this.method = method;
+      this.url = url;
+    }
+
+    addEventListener(ev, reqListener) {
+      if (ev === "load") this.reqListener = reqListener;
+    }
+    setRequestHeader(k, v) {
+      this.requestHeaders.push([k, v]);
+    }
+    overrideMimeType() {}
+    async send(body) {
+      //console.log("send1", this.url);
+      const url1 = this.url.replace("http://localhost", "");
+      //console.log("xhr fetching", url1);
+      let req =
+        this.method == "POST"
+          ? request(app).post(url1)
+          : request(app).get(url1);
+      for (const [k, v] of this.requestHeaders) {
+        req = req.set(k, v);
+      }
+      if (this.method === "POST" && body) req.send(body);
+      const res = await req;
+      this.responseHeaders = res.headers;
+      if (res.headers["content-type"].includes("json"))
+        this.responseType = "json";
+      this.response = res.text;
+      this.responseText = res.text;
+      this.status = res.status;
+      this.statusText = "OK";
+      this.readyState = 4;
+      if (this.reqListener) this.reqListener(res.text);
+      if (this.onload) this.onload(res.text);
+      //console.log("agent res", res);
+      //console.log("xhr", this);
+    }
+    getAllResponseHeaders() {
+      return Object.entries(this.responseHeaders)
+        .map(([k, v]) => `${k}: ${v}`)
+        .join("\n");
+    }
+  }
+  dom.window.XMLHttpRequest = FakeXHR;
+  await new Promise(function (resolve, reject) {
+    dom.window.addEventListener("DOMContentLoaded", (event) => {
+      resolve();
+    });
+  });
+  return dom;
+};
+
 module.exports = {
   getStaffLoginCookie,
   getAdminLoginCookie,
@@ -328,4 +413,5 @@ module.exports = {
   succeedJsonWithWholeBody,
   resToLoginCookie,
   itShouldIncludeTextForAdmin,
+  load_url_dom,
 };

package/help/Field label.tmd

@@ -0,0 +1,11 @@
+A table holds data organised by rows and columns, which you can visualise in a 
+two-dimensional grid. The rows hold the different cases, about which you have similar data.
+Each column is called a Field, and every field must have a label (and a type). 
+
+The field label allows you to recognize the meaning of the values in the column in a 
+human-readable name. In a spreadsheet with a lot of data, it is often used as the header for 
+each column.
+
+In Saltcorn, you can use spaces in field labels. Because we also need a valid identifier to use
+in formulae, a variable name is generated from the label by replacing spaces with underscores and
+converting all uppercase characters to lowercase. 

package/help/Field types.tmd

@@ -0,0 +1,39 @@
+Every field in a table stores values of a specific type. The type limits which
+values this field can take in each row. For instance, if a field has a type `Integer`
+then it cannot take the value `"Simon"` but the value `17` is admissible. 
+
+When building your table, you must therefore think carefully about not only which fields
+to include but also what the types are. Sometimes this is easy - you know that names 
+should be stored as as `String` type. But at other times you need to think ahead a bit 
+and think carefully about what data your table will hold
+
+Some types are more general than others. The `String` type and the `JSON` 
+type (from the json module) can hold values that can be represented by more specific types.
+For instance the number 17 can be stored in a string field where it will be represented by the 
+string `"17"`. You should always try to use the most specific type available. This will give 
+you access to user interface elements that are richer and more appropriate for the data in the 
+given field. For example, you could use `String` to store dates, but then you will not 
+be able to use an interactive date picker or to display dates in flexible formats.
+
+Most field types have some additional parameters that will be configured on the next screen.
+`Integer` types have minimum and maximum values and strings can be restricted to a set of 
+options or by a regular expression. This allows you to further narrow what data it is admissible
+in your table.
+
+These types are available in your current installation:
+
+{{# const tys = Object.values(scState.types) }}
+{{# for (const ty of tys) { }} 
+* {{ ty.name }}{{ty.description ? `: ${ty.description}` : ""}}
+{{# } }}
+
+Further types can be installed from moduels in the [Module store](/plugins)
+
+In addition, a field can have types File and Key to a table.
+
+A File field holds a reference to a file in the Saltcorn file system. This is stored by the,
+path to the file and if the file moves, the reference may become invalid.
+
+A field that is a Key to another table is a reference to a row in that table. This is also known 
+as a foreign key and is used to link data between tables and to create the relational structure 
+of your application.

package/help/Inclusion Formula.tmd

@@ -0,0 +1,38 @@
+{{# const srcTable = Table.findOne({ name: query.table_name }) }}
+
+The row inclusion formula allows you to put further restrictions on the rows that are
+included in the list or feed view. The restrictions from this formula are on top 
+of the filter state (from the URL, set by filters), so to be included a row must satisfy
+both the row inclusion Formula and the filter state.
+
+The row inclusion formula is a JavaScript expression that must evaluate to a boolean. Typically
+this involves an equality (`==`) or inequality (`<` or `>`) operator.
+
+In scope is the variables from your table accessed by their variable name. The fields in the current 
+table are: 
+
+| Field | Variable name | Type |
+| ----- | ------------- | ---- |
+{{# for (const field of srcTable.fields) { }} | {{ field.label }} | `{{ field.name }}` | {{ field.pretty_type }} | 
+{{# } }}
+
+In addition, you can use the function `today` to compare a Date field against a specific point in time. Depending
+on its argument, `today` will return different date values:
+
+* `today()` returns the current time
+* `today(x)` where `x` is a positive number returns the time `x` days in the future. Example: `today(1)` is this time, tomorrow.
+* `today(x)` where `x` is a negative number returns the time `x` days ago. Example: `today(-1)` is this time, yesterday.
+* `today({startOf: unit})` where `unit` is a string, one of: "year", "month", "quarter", "week", "day", "hour",
+   "minute" and "second", returns the time at the beginning of the current given time period. Example:
+   `today({startOf: "month"})` is the start of the current month.
+* `today({endOf: unit})` is similar to `today({startOf: unit})` but is the end of the given time unit. Example:
+   `today({endOf: "week"})` is the end of the current week.
+
+### Example
+
+If you have a tasks list with a boolean field `done` and a date field `due`, to display all fields where done is `false` 
+and are due this week:
+
+`done == false && 
+  due > today({startOf: "week"}) && 
+  due < today({endOf: "week"})`

package/help/Ownership field.tmd

@@ -0,0 +1,76 @@
+The ability to read or write to tables is normally limited by the settings 
+for "Minimum role to read" and "Minimum role to write", which is compared 
+to the user's role.
+
+In some cases you want some users wo be able to read and write to some but 
+not to all rows. Some examples are:
+
+* On a blog, Users should be able to create comments and to edit comments they have made.
+  But you do not want users to be able to edit another user's comments.
+
+* In a todo list, Users should be able to create and edit new items for themselves but 
+  they should not be able to read or edit items for other users. 
+
+* In a project management app, you may only want you supposed to be able to see and 
+  contribute to projects they have been assigned to.
+
+Saltcorn contains an authorization system that can be very simple (limit everything by role),
+more flexible (rows have a user field and if you are that user, you can edit a row)
+to very complex (featuring many-to-many relationships, where the user field can be on a 
+different table; and inheritance, where authorization schemes propagate through relationship).
+
+### Role-based authorization
+
+In Saltcorn, every user has a role and the roles have a strictly hierachical ordering, 
+which you [can edit](/roleadmin). By 
+using the "Minimum role to read" and "Minimum role to write" settings for the table, you 
+can create a role cutoff limit for access. See the help topics for those settings for details.
+
+### Simple user field ownership
+
+In the simplest deviation from role-based authorization, you can grant access to edit 
+a row to users that match a Key to users field on the row. To use this, you should:
+
+1. Set the "Minimum role to read" and "Minimum role to write" to a role that would stop the 
+   user from accessing the row. 
+
+2. Create a field with type Key to users. This field should ideally not be labelled `User` or `user`, 
+   as this variable name will clash with access to logged-in user object in formulae.
+
+3. Make sure this is filled in when the user creates the row.
+   For instance in an Edit view under the "Fixed and blocked fields" settings, in the 
+   Preset for this field pick the LoggedIn preset.
+
+4. Pick this field as the Ownership field from the dropdown in the table settings.
+
+This is an additional access grant
+in addition to that given by the minimum roles to read and write. If your user does *not* 
+match the designated field, The decision to grant access reverts to the role-based settings. 
+You therefore cannot use ownership to limit access, only to grant additional access.
+
+### Authorization by inheritance
+
+If the table has a relationship (that is, has a field with Key type) with another table which
+has an ownership field (or ownership formula), it can instead inherit the onwership from that 
+table - essentially, take the ownership of the row the Key is pointing to. 
+
+For instance, you have a project management app with a Projects table that has an `owner` Key to users 
+field and this is set as the ownership field; and a Tasks table with a Key to Projects field. 
+In this case "Inherit Projects" is available as an option in the Ownership field dropdown.
+If you pick it and reload the page, you will See that it is in fact implemented as an ownership 
+formula which is created for you.
+
+### Authorization by user groups
+
+If you need to grant access to tables based not on user fields on this table (ownership field) 
+or on tables it has keys to (inheritance), you can declare a table to be a user group. 
+The user group should be a table that has a key to users, and may also have a key to this table. 
+Use this to grant ownership rights to a row to more than one user. For instance, if more than one 
+user is working on a project, you can declare that all users assigned to this project are owners. See 
+the help topic for the User group option.
+
+### Authorisation by formula
+
+You can also grant access to edit the row if an arbitrary formula is true. This can be used
+For very flexible authorisation schemes. Choose formula in the ownership field drop down and then see 
+help for the Ownership formula.

package/help/Ownership formula.tmd

@@ -0,0 +1,75 @@
+An ownership formula on a table allows you to develop an extremely flexible
+Authorisation scheme. It is also the mechanism by which ownership inheritance 
+and ownership by user groups is implemented. If you pick one of these options
+in the Ownership field drop-down it will essentially generate the corresponding
+formula for you.
+
+The ownership formula is a JavaScript expression which should evaluate to a boolean 
+(true/false) value. If it evaluate to true (or a [truthy](https://developer.mozilla.org/en-US/docs/Glossary/Truthy) value), then the logged-in user is an owner and 
+can read and write the row. If it evaluate to false (or a [falsey](https://developer.mozilla.org/en-US/docs/Glossary/Falsy) value), 
+the user is not the owner. However, If they have a role equal or higher than that 
+required to read or write, they can still perform this operation. You cannot use the
+ownership formula to deny access to a user who satisfies the role condition.
+
+When evaluating the formula, the values in scope are as follows:
+
+#### Row fields
+
+All field values for the row being evaluated are in scope and can be addressed by 
+their variable name.
+
+#### Join fields on row keys
+
+For any fields on the current table that are Keys to another table, you can access the values 
+in the linked table by using the dot notation. For instance, if you have a field labelled 
+"Project" (variable name `project`) which is of type Key to Projects, and the Projects
+table has a `name` field, you can refer to this as `project.name`. However, if the Project field 
+is not required, this can trigger an error as accessing a subfield on a `null` variable is a
+JavaScript error. In that case, you can use [optional chaining](https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Operators/Optional_chaining)
+(`project?.name`) which will evaluate to `null` if `project` is `null`.
+
+#### User object
+
+You can refer to the logged in user using the variable name user. 
+This is an object and you must use the dot to access user fields,
+e.g. user.id for the logged in users id. 
+
+The user object has other fields than the primary key identifier.
+For your login session the user object is:
+
+```
+{{JSON.stringify(user, null, 2)}}
+```
+
+#### User groups
+
+If any tables have been designated as user groups (that is, if they User group option has been 
+checked in the table settings) then a value will appear in the user object, which is the list 
+of an array of user group rows to which the user belongs. The name of that field is 
+`{table name}_by_{user field in user group}`.
+
+Normally you don't have to write theownership formula, you select it from the Ownership field 
+drop-down and the formula is generated for you.
+
+When changes are made to user group membership, the user needs to login and log out again before these 
+changes are reflected in the user object. If you are removing user group membership you may need to force 
+log out those users.
+
+## Examples
+
+User table has a `String` field named `department` which can take options "Finance", "HR",
+or "Warp drive engineering". To give ownership to the Expenses table to users in the Finance 
+department:
+
+`user.department === "Finance"`
+
+Same as above, but the Expenses table also has a `filled_by` field which is Key to user, and
+you want to give ownership to that user or any user in the Finance department:
+
+`user.department === "Finance" || user.id === filled_by`
+
+Similar to above, however department membership is not stored as User field but as in a table 
+named "User In Department" with a Key to user field labelled "Employee" and a string field "Name" for
+the department name.
+
+`user.UserinDepartment_by_employee.map(d=>d.name).includes("Finance") || user.id === filled_by`

package/help/Table roles.tmd

@@ -0,0 +1,20 @@
+You can restrict which users can read or write to this table by their role.
+
+Each user in Saltcorn has a role and the roles have a strictly hierachical ordering, 
+which you [can edit](/roleadmin). The ordering means that users in a role can access
+everything the users in the role "below" then can acceess, but the users in the role
+"above" have further access. 
+
+Assigning access by role is a quick way to give users more or less access based on how
+much you trust them.
+
+Using the settings for "Minimum role to read" and "Minimum role to write" you set the roles
+required to read and write to the table, respectively. Users also need to have the roles
+required for running views and pages.
+
+Restricting table access by role is the simplest form of authorisation in Saltcorn, 
+but it is often too limited. Row ownership is much more flexible; see the help topic for 
+Ownership field.
+
+Note that if the user has ownership of the row, they can read and write that row even if 
+they have a role below the minimum role to read and write, respectively.

package/help/User groups.tmd

@@ -0,0 +1,35 @@
+User groups are used to grant access to tables based on membership of groups 
+where each user can be a member of many groups and each group can have many 
+users.
+
+Any table that has a field of type Key to User can be designated a user group, by
+checking the User group option. This means that when a User group table has a row with
+a key to a user, that user is a member of a group. 
+
+The consequence of designating a table as a User group is that if there is also a Key from
+the user group table to another table, then the option of group membership appears in the 
+drop-down for the Ownership field option. 
+
+In addition, If a table is designated as a user group. a value indicating group membership
+appears in the user object. For this to appear, the variable has to be referenced in an 
+ownership formula. The name of this variable is 
+`{user group table name}_by_{key to user field name}`.
+
+When changes are made to user group membership, the user needs to login and log out again before these 
+changes are reflected in the user object. If you are removing user group membership you may need to force 
+log out those users.
+
+### Example
+
+In a project management application you have a "Projects" table and a "Tasks" table (with a 
+Key to project). Several people can work on the same project.
+
+You would like to restrict access to the project table such that only uses to work on the project have access.
+
+1. Create a "User Works On Project" table with a Key to projects field and a Key to user field called Participant.
+
+2. Designate the "User Works On Project" table as a user group by checking the user group box.
+
+3. In the project table settings, In the ownership field, there is now an option called "In User Works On Project by Participant", pick this option.
+
+4. Now add rows to the "User Works On Project" table. When the users logout and login again they will have the required access.