github/overleaf
1
0
Fork 0
mirror of https://github.com/overleaf/overleaf.git synced 2025-04-14 07:24:33 +00:00
Code Issues Projects Releases Packages Wiki Activity

Merge pull request from sharelatex/sk-censor-token-prefix

Browse source 
Censor `tokens.readAndWritePrefix` when building project model

GitOrigin-RevId: 0fe3fc2657aa191808ea282dfcd2ea5506e93fee
This commit is contained in:
Shane Kilkelly 2019-03-22 10:11:04 +00:00 committed by sharelatex
parent 49a5056e78
commit a5ad2e48d4
2 changed files with 3 additions and 1 deletions
services/web
app/coffee/Features/TokenAccess
TokenAccessHandler.coffee
test/unit/coffee/TokenAccess
TokenAccessHandlerTests.coffee

1
services/web/app/coffee/Features/TokenAccess/TokenAccessHandler.coffee
View file

@ -134,6 +134,7 @@ module.exports = TokenAccessHandler =
return
if privilegeLevel != PrivilegeLevels.READ_AND_WRITE
project.tokens.readAndWrite = ''
project.tokens.readAndWritePrefix = ''
if privilegeLevel != PrivilegeLevels.READ_ONLY
project.tokens.readOnly = ''

3
services/web/test/unit/coffee/TokenAccess/TokenAccessHandlerTests.coffee
View file

@ -480,11 +480,12 @@ describe "TokenAccessHandler", ->
describe 'protectTokens', ->
beforeEach ->
@project = {tokens: {readAndWrite: 'rw', readOnly: 'ro'}}
@project = {tokens: {readAndWrite: 'rw', readOnly: 'ro', readAndWritePrefix: 'pre'}}
it 'should hide write token from read-only user', ->
@TokenAccessHandler.protectTokens(@project, 'readOnly')
expect(@project.tokens.readAndWrite).to.equal ''
expect(@project.tokens.readAndWritePrefix).to.equal ''
expect(@project.tokens.readOnly).to.equal 'ro'
it 'should hide read token from read-write user', ->