From fe3b9bf07a8d206f59b1b2f278d3fbaf4e65d3ca Mon Sep 17 00:00:00 2001
From: Henry Oswald <henry.oswald@sharelatex.com>
Date: Mon, 2 Mar 2015 12:46:02 +0000
Subject: [PATCH 1/5] clients can not rename docs/files/folders to blank name.

Client and server side checks added
---
 .../Editor/EditorHttpController.coffee        |  9 ++-
 .../Uploads/ProjectUploadController.coffee    |  3 +
 .../controllers/FileTreeController.coffee     | 11 ++-
 .../FileTreeEntityController.coffee           |  5 +-
 .../Editor/EditorHttpControllerTests.coffee   | 76 ++++++++++++++-----
 .../ProjectUploadControllerTests.coffee       | 11 ++-
 6 files changed, 92 insertions(+), 23 deletions(-)

diff --git a/services/web/app/coffee/Features/Editor/EditorHttpController.coffee b/services/web/app/coffee/Features/Editor/EditorHttpController.coffee
index 384d2168c8..848d33bdfb 100644
--- a/services/web/app/coffee/Features/Editor/EditorHttpController.coffee
+++ b/services/web/app/coffee/Features/Editor/EditorHttpController.coffee
@@ -59,11 +59,16 @@ module.exports = EditorHttpController =
 				doc_id: doc._id
 			}
 
+	_nameIsAcceptableLength: (name)->
+		return name? and name.length < 150 and name.length != 0
+
 
 	addDoc: (req, res, next) ->
 		project_id = req.params.Project_id
 		name = req.body.name
 		parent_folder_id = req.body.parent_folder_id
+		if !EditorHttpController._nameIsAcceptableLength(name)
+			return res.send 400
 		EditorController.addDoc project_id, parent_folder_id, name, [], "editor", (error, doc) ->
 			return next(error) if error?
 			res.json doc
@@ -72,6 +77,8 @@ module.exports = EditorHttpController =
 		project_id = req.params.Project_id
 		name = req.body.name
 		parent_folder_id = req.body.parent_folder_id
+		if !EditorHttpController._nameIsAcceptableLength(name)
+			return res.send 400
 		EditorController.addFolder project_id, parent_folder_id, name, "editor", (error, doc) ->
 			return next(error) if error?
 			res.json doc
@@ -81,7 +88,7 @@ module.exports = EditorHttpController =
 		entity_id   = req.params.entity_id
 		entity_type = req.params.entity_type
 		name = req.body.name
-		if name.length > 150
+		if !EditorHttpController._nameIsAcceptableLength(name)
 			return res.send 400
 		EditorController.renameEntity project_id, entity_id, entity_type, name, (error) ->
 			return next(error) if error?
diff --git a/services/web/app/coffee/Features/Uploads/ProjectUploadController.coffee b/services/web/app/coffee/Features/Uploads/ProjectUploadController.coffee
index 5820ae7ac7..1fa00e3f01 100644
--- a/services/web/app/coffee/Features/Uploads/ProjectUploadController.coffee
+++ b/services/web/app/coffee/Features/Uploads/ProjectUploadController.coffee
@@ -30,6 +30,9 @@ module.exports = ProjectUploadController =
 		{name, path} = req.files.qqfile
 		project_id   = req.params.Project_id
 		folder_id    = req.query.folder_id
+		if !name? or name.length == 0 or name.length > 150
+			logger.err project_id:project_id, name:name, "bad name when trying to upload file"
+			return res.send success: false
 		FileSystemImportManager.addEntity project_id, folder_id, name, path, true, (error, entity) ->
 			fs.unlink path, ->
 			timer.done()
diff --git a/services/web/public/coffee/ide/file-tree/controllers/FileTreeController.coffee b/services/web/public/coffee/ide/file-tree/controllers/FileTreeController.coffee
index a8618be44a..737ed0dba0 100644
--- a/services/web/public/coffee/ide/file-tree/controllers/FileTreeController.coffee
+++ b/services/web/public/coffee/ide/file-tree/controllers/FileTreeController.coffee
@@ -55,9 +55,12 @@ define [
 				, 200
 
 			$scope.create = () ->
+				name = $scope.inputs.name
+				if !name? or name.length == 0
+					return
 				$scope.state.inflight = true
 				ide.fileTreeManager
-					.createDoc($scope.inputs.name, parent_folder)
+					.createDoc(name, parent_folder)
 					.success () ->
 						$scope.state.inflight = false
 						$modalInstance.close()
@@ -80,9 +83,13 @@ define [
 				, 200
 
 			$scope.create = () ->
+				name = $scope.inputs.name
+				if !name? or name.length == 0
+					return
+				$scope.state.inflight = true
 				$scope.state.inflight = true
 				ide.fileTreeManager
-					.createFolder($scope.inputs.name, parent_folder)
+					.createFolder(name, parent_folder)
 					.success () ->
 						$scope.state.inflight = false
 						$modalInstance.close()
diff --git a/services/web/public/coffee/ide/file-tree/controllers/FileTreeEntityController.coffee b/services/web/public/coffee/ide/file-tree/controllers/FileTreeEntityController.coffee
index 7c56d1cf24..2e5efd977e 100644
--- a/services/web/public/coffee/ide/file-tree/controllers/FileTreeEntityController.coffee
+++ b/services/web/public/coffee/ide/file-tree/controllers/FileTreeEntityController.coffee
@@ -13,8 +13,11 @@ define [
 			$scope.entity.renaming = true
 
 		$scope.finishRenaming = () ->
+			name = $scope.inputs.name
+			if !name? or name.length == 0
+				return
 			delete $scope.entity.renaming
-			ide.fileTreeManager.renameEntity($scope.entity, $scope.inputs.name)
+			ide.fileTreeManager.renameEntity($scope.entity, name)
 
 		$scope.$on "rename:selected", () ->
 			$scope.startRenaming() if $scope.entity.selected
diff --git a/services/web/test/UnitTests/coffee/Editor/EditorHttpControllerTests.coffee b/services/web/test/UnitTests/coffee/Editor/EditorHttpControllerTests.coffee
index 966c50dede..e740e35882 100644
--- a/services/web/test/UnitTests/coffee/Editor/EditorHttpControllerTests.coffee
+++ b/services/web/test/UnitTests/coffee/Editor/EditorHttpControllerTests.coffee
@@ -169,17 +169,28 @@ describe "EditorHttpController", ->
 				name: @name = "doc-name"
 				parent_folder_id: @parent_folder_id
 			@EditorController.addDoc = sinon.stub().callsArgWith(5, null, @doc)
-			@EditorHttpController.addDoc @req, @res
 
-		it "should call EditorController.addDoc", ->
-			@EditorController.addDoc
-				.calledWith(@project_id, @parent_folder_id, @name, [], "editor")
-				.should.equal true
+		describe "successfully", ->
+			beforeEach ->
+				@EditorHttpController.addDoc @req, @res
 
-		it "should send the doc back as JSON", ->
-			@res.json
-				.calledWith(@doc)
-				.should.equal true
+			it "should call EditorController.addDoc", ->
+				@EditorController.addDoc
+					.calledWith(@project_id, @parent_folder_id, @name, [], "editor")
+					.should.equal true
+
+			it "should send the doc back as JSON", ->
+				@res.json
+					.calledWith(@doc)
+					.should.equal true
+
+		describe "unsuccesfully", ->
+			beforeEach ->
+				@req.body.name = ""
+				@EditorHttpController.addDoc @req, @res
+
+			it "should send back a bad request status code", ->
+				@res.send.calledWith(400).should.equal true
 
 	describe "addFolder", ->
 		beforeEach ->
@@ -190,17 +201,30 @@ describe "EditorHttpController", ->
 				name: @name = "folder-name"
 				parent_folder_id: @parent_folder_id
 			@EditorController.addFolder = sinon.stub().callsArgWith(4, null, @folder)
-			@EditorHttpController.addFolder @req, @res
 
-		it "should call EditorController.addFolder", ->
-			@EditorController.addFolder
-				.calledWith(@project_id, @parent_folder_id, @name, "editor")
-				.should.equal true
+		describe "successfully", ->
+			beforeEach ->
+				@EditorHttpController.addFolder @req, @res
+
+			it "should call EditorController.addFolder", ->
+				@EditorController.addFolder
+					.calledWith(@project_id, @parent_folder_id, @name, "editor")
+					.should.equal true
+
+			it "should send the folder back as JSON", ->
+				@res.json
+					.calledWith(@folder)
+					.should.equal true
+
+		describe "unsuccesfully", ->
+
+			beforeEach ->
+				@req.body.name = ""
+				@EditorHttpController.addFolder @req, @res
+
+			it "should send back a bad request status code", ->
+				@res.send.calledWith(400).should.equal true
 
-		it "should send the folder back as JSON", ->
-			@res.json
-				.calledWith(@folder)
-				.should.equal true
 
 	describe "renameEntity", ->
 		beforeEach ->
@@ -235,6 +259,22 @@ describe "EditorHttpController", ->
 		it "should send back a bad request status code", ->
 			@res.send.calledWith(400).should.equal true
 
+	describe "rename entity with 0 length name", ->
+
+		beforeEach ->
+			@req.params =
+				Project_id: @project_id
+				entity_id: @entity_id = "entity-id-123"
+				entity_type: @entity_type = "entity-type"
+			@req.body =
+				name: @name = ""
+			@EditorController.renameEntity = sinon.stub().callsArg(4)
+			@EditorHttpController.renameEntity @req, @res
+
+		it "should send back a bad request status code", ->
+			@res.send.calledWith(400).should.equal true
+
+
 	describe "moveEntity", ->
 		beforeEach ->
 			@req.params =
diff --git a/services/web/test/UnitTests/coffee/Uploads/ProjectUploadControllerTests.coffee b/services/web/test/UnitTests/coffee/Uploads/ProjectUploadControllerTests.coffee
index f28451af10..9ca0dccc30 100644
--- a/services/web/test/UnitTests/coffee/Uploads/ProjectUploadControllerTests.coffee
+++ b/services/web/test/UnitTests/coffee/Uploads/ProjectUploadControllerTests.coffee
@@ -18,7 +18,7 @@ describe "ProjectUploadController", ->
 		@ProjectUploadController = SandboxedModule.require modulePath, requires:
 			"./ProjectUploadManager" : @ProjectUploadManager = {}
 			"./FileSystemImportManager" : @FileSystemImportManager = {}
-			"logger-sharelatex" : @logger = {log: sinon.stub(), error: sinon.stub()}
+			"logger-sharelatex" : @logger = {log: sinon.stub(), error: sinon.stub(), err:->}
 			"../../infrastructure/Metrics": @metrics
 			"fs" : @fs = {}
 		
@@ -170,3 +170,12 @@ describe "ProjectUploadController", ->
 					.calledWith(sinon.match.any, "error uploading file")
 					.should.equal true
 
+		describe "with a bad request", ->
+
+			beforeEach ->
+				@req.files.qqfile.name = ""
+				@ProjectUploadController.uploadFile @req, @res
+
+			it "should return a a non success response", ->
+				expect(@res.body).to.deep.equal
+					success: false

From 9805c6a9ff852684ec276986d806e65c6844d1cb Mon Sep 17 00:00:00 2001
From: Henry Oswald <henry.oswald@sharelatex.com>
Date: Wed, 4 Mar 2015 11:10:52 +0000
Subject: [PATCH 2/5] doc model no longer has lines or rev in it

---
 services/web/app/coffee/models/Doc.coffee | 2 --
 1 file changed, 2 deletions(-)

diff --git a/services/web/app/coffee/models/Doc.coffee b/services/web/app/coffee/models/Doc.coffee
index 3756a88f75..862638acb7 100644
--- a/services/web/app/coffee/models/Doc.coffee
+++ b/services/web/app/coffee/models/Doc.coffee
@@ -6,8 +6,6 @@ ObjectId = Schema.ObjectId
 
 DocSchema = new Schema
 	name          :     {type:String, default:'new doc'}
-	lines         :     [{}]
-	rev 			  :	  {type:Number, default:0}
 
 
 mongoose.model 'Doc', DocSchema

From 69806c02d0ca066f3bf048a4ce3513a1e95360be Mon Sep 17 00:00:00 2001
From: Henry Oswald <henry.oswald@sharelatex.com>
Date: Wed, 4 Mar 2015 14:19:47 +0000
Subject: [PATCH 3/5] improve behaviour of trying to rename a file to empty

---
 .../ide/file-tree/controllers/FileTreeEntityController.coffee  | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/services/web/public/coffee/ide/file-tree/controllers/FileTreeEntityController.coffee b/services/web/public/coffee/ide/file-tree/controllers/FileTreeEntityController.coffee
index 2e5efd977e..9c46afc967 100644
--- a/services/web/public/coffee/ide/file-tree/controllers/FileTreeEntityController.coffee
+++ b/services/web/public/coffee/ide/file-tree/controllers/FileTreeEntityController.coffee
@@ -13,10 +13,11 @@ define [
 			$scope.entity.renaming = true
 
 		$scope.finishRenaming = () ->
+			delete $scope.entity.renaming
 			name = $scope.inputs.name
 			if !name? or name.length == 0
+				$scope.inputs.name = $scope.entity.name
 				return
-			delete $scope.entity.renaming
 			ide.fileTreeManager.renameEntity($scope.entity, name)
 
 		$scope.$on "rename:selected", () ->

From 80dc2f922450645f87904317732f9fb1b81f9725 Mon Sep 17 00:00:00 2001
From: Henry Oswald <henry.oswald@sharelatex.com>
Date: Wed, 4 Mar 2015 17:50:24 +0000
Subject: [PATCH 4/5] send coupon code server side to be applied to users
 subscription

---
 .../web/app/coffee/Features/Subscription/RecurlyWrapper.coffee   | 1 +
 services/web/public/coffee/main/new-subscription.coffee          | 1 +
 2 files changed, 2 insertions(+)

diff --git a/services/web/app/coffee/Features/Subscription/RecurlyWrapper.coffee b/services/web/app/coffee/Features/Subscription/RecurlyWrapper.coffee
index 1c71b0c503..ed7813d5c7 100644
--- a/services/web/app/coffee/Features/Subscription/RecurlyWrapper.coffee
+++ b/services/web/app/coffee/Features/Subscription/RecurlyWrapper.coffee
@@ -13,6 +13,7 @@ module.exports = RecurlyWrapper =
 		          <subscription>
 		            <plan_code>#{subscriptionDetails.plan_code}</plan_code>
 		            <currency>#{subscriptionDetails.currencyCode}</currency>
+		            <coupon_code>#{subscriptionDetails.coupon_code}</coupon_code>
 		            <account>
 		            	<account_code>#{user._id}</account_code>
 		            	<email>#{user.email}</email>
diff --git a/services/web/public/coffee/main/new-subscription.coffee b/services/web/public/coffee/main/new-subscription.coffee
index 841db1d85b..cb093068bc 100644
--- a/services/web/public/coffee/main/new-subscription.coffee
+++ b/services/web/public/coffee/main/new-subscription.coffee
@@ -101,6 +101,7 @@ define [
 					subscriptionDetails:
 						currencyCode:pricing.items.currency
 						plan_code:pricing.items.plan.code
+						coupon_code:pricing.items?.coupon?.code || ""
 				$http.post("/user/subscription/create", postData)
 					.success (data, status, headers)->
 						window.location.href = "/user/subscription/thank-you"

From 97f0fad5258c2a6d7cf59a8c8c696c62d8c5fcde Mon Sep 17 00:00:00 2001
From: Henry Oswald <henry.oswald@sharelatex.com>
Date: Wed, 4 Mar 2015 18:08:06 +0000
Subject: [PATCH 5/5] add vat number option to payment form

---
 .../Features/Subscription/SubscriptionController.coffee     | 1 +
 services/web/app/views/subscriptions/new.jade               | 6 +++++-
 services/web/public/coffee/main/new-subscription.coffee     | 4 ++++
 3 files changed, 10 insertions(+), 1 deletion(-)

diff --git a/services/web/app/coffee/Features/Subscription/SubscriptionController.coffee b/services/web/app/coffee/Features/Subscription/SubscriptionController.coffee
index 0669b72524..adaf8e6e65 100644
--- a/services/web/app/coffee/Features/Subscription/SubscriptionController.coffee
+++ b/services/web/app/coffee/Features/Subscription/SubscriptionController.coffee
@@ -63,6 +63,7 @@ module.exports = SubscriptionController =
 									currency: currency
 									subdomain: Settings.apis.recurly.subdomain
 								showCouponField: req.query.scf
+								showVatField: req.query.svf
 								couponCode:      req.query.cc or ""
 								subscriptionFormOptions: JSON.stringify
 									acceptedCards: ['discover', 'mastercard', 'visa']
diff --git a/services/web/app/views/subscriptions/new.jade b/services/web/app/views/subscriptions/new.jade
index e35b6da33d..7f9f3eebf4 100644
--- a/services/web/app/views/subscriptions/new.jade
+++ b/services/web/app/views/subscriptions/new.jade
@@ -152,7 +152,11 @@ block content
 											if (showCouponField)
 												.form-group
 													input.form-control(type='text', ng-blur="applyCoupon()", ng-model="data.coupon", placeholder="#{translate('coupon')}")
-
+									.row
+										.col-md-8
+											if (showVatField)
+												.form-group
+													input.form-control(type='text', ng-blur="applyVatNumber()", ng-model="data.vat_number", placeholder="#{translate('vat_number')}")
 									.row
 										.col-xs-7
 											.form-group
diff --git a/services/web/public/coffee/main/new-subscription.coffee b/services/web/public/coffee/main/new-subscription.coffee
index cb093068bc..87a80a2ce3 100644
--- a/services/web/public/coffee/main/new-subscription.coffee
+++ b/services/web/public/coffee/main/new-subscription.coffee
@@ -60,6 +60,10 @@ define [
 		$scope.applyCoupon = ->
 			pricing.coupon($scope.data.coupon).done()
 
+		$scope.applyVatNumber = ->
+			pricing.tax({tax_code: 'digital', vat_number: $scope.data.vat_number}).done()
+
+
 		$scope.changeCurrency = (newCurrency)->
 			$scope.currencyCode = newCurrency
 			pricing.currency(newCurrency).done()