github/overleaf
1
0
Fork 0
mirror of https://github.com/overleaf/overleaf.git synced 2024-11-21 20:47:08 -05:00
Code Issues Projects Releases Packages Wiki Activity

Merge pull request #2178 from overleaf/sk-hide-ui-anon-read-only-token

Browse source 
Handle anonymous users when deciding to restrict view of the editor

GitOrigin-RevId: 617f7ef2c8cc34142a6b8187c467fadb90745863
This commit is contained in:
Eric Mc Sween 2019-09-30 09:26:27 -04:00 committed by sharelatex
parent a87a731d25
commit acd926e2e0
2 changed files with 17 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
services/web/app/src/Features/Project/ProjectController.js
View file

@ -742,7 +742,7 @@ module.exports = ProjectController = {
anonymousAccessToken: req._anonymousAccessToken,
isTokenMember,
isRestrictedTokenMember:
isTokenMember === true && privilegeLevel === 'readOnly',
privilegeLevel === 'readOnly' && (anonymous || isTokenMember),
languages: Settings.languages,
editorThemes: THEME_LIST,
maxDocLength: Settings.max_doc_length,

17
services/web/test/unit/src/Project/ProjectControllerTests.js
View file

@ -814,7 +814,7 @@ describe('ProjectController', function() {
return this.ProjectController.loadEditor(this.req, this.res)
})
it('should set isRestrictedTokenMember to true under the right conditions', function(done) {
it('should set isRestrictedTokenMember to true when the user is accessing project via read-only token', function(done) {
this.CollaboratorsHandler.userIsTokenMember.callsArgWith(2, null, true)
this.AuthorizationManager.getPrivilegeLevelForProject.callsArgWith(
3,
@ -829,6 +829,21 @@ describe('ProjectController', function() {
return this.ProjectController.loadEditor(this.req, this.res)
})
it('should set isRestrictedTokenMember to true when anonymous read-only token access', function(done) {
this.CollaboratorsHandler.userIsTokenMember.callsArgWith(2, null, null)
this.AuthenticationController.isUserLoggedIn = sinon.stub().returns(false)
this.AuthorizationManager.getPrivilegeLevelForProject.callsArgWith(
3,
null,
'readOnly'
)
this.res.render = (pageName, opts) => {
opts.isRestrictedTokenMember.should.exist
opts.isRestrictedTokenMember.should.equal(true)
return done()
}
return this.ProjectController.loadEditor(this.req, this.res)
})
it('should render the closed page if the editor is closed', function(done) {
this.settings.editorIsOpen = false
this.res.render = (pageName, opts) => {