diff --git a/server-ce/hotfix/2.0.2/1-anon-upload.patch b/server-ce/hotfix/2.0.2/1-anon-upload.patch new file mode 100644 index 0000000000..75037901e0 --- /dev/null +++ b/server-ce/hotfix/2.0.2/1-anon-upload.patch @@ -0,0 +1,60 @@ +--- UploadsRouter.js ++++ UploadsRouter.js +@@ -1,13 +1,3 @@ +-/* eslint-disable +- no-unused-vars, +-*/ +-// TODO: This file was created by bulk-decaffeinate. +-// Fix any style issues and re-enable lint. +-/* +- * decaffeinate suggestions: +- * DS102: Remove unnecessary code created because of implicit returns +- * Full docs: https://github.com/decaffeinate/decaffeinate/blob/master/docs/suggestions.md +- */ + const AuthorizationMiddleware = require('../Authorization/AuthorizationMiddleware') + const AuthenticationController = require('../Authentication/AuthenticationController') + const ProjectUploadController = require('./ProjectUploadController') +@@ -28,18 +18,30 @@ module.exports = { + ProjectUploadController.uploadProject + ) + +- return webRouter.post( +- '/Project/:Project_id/upload', +- RateLimiterMiddleware.rateLimit({ +- endpointName: 'file-upload', +- params: ['Project_id'], +- maxRequests: 200, +- timeInterval: 60 * 30 +- }), +- AuthenticationController.requireLogin(), +- AuthorizationMiddleware.ensureUserCanWriteProjectContent, +- ProjectUploadController.multerMiddleware, +- ProjectUploadController.uploadFile +- ) ++ const fileUploadEndpoint = '/Project/:Project_id/upload' ++ const fileUploadRateLimit = RateLimiterMiddleware.rateLimit({ ++ endpointName: 'file-upload', ++ params: ['Project_id'], ++ maxRequests: 200, ++ timeInterval: 60 * 30 ++ }) ++ if (Settings.allowAnonymousReadAndWriteSharing) { ++ webRouter.post( ++ fileUploadEndpoint, ++ fileUploadRateLimit, ++ AuthorizationMiddleware.ensureUserCanWriteProjectContent, ++ ProjectUploadController.multerMiddleware, ++ ProjectUploadController.uploadFile ++ ) ++ } else { ++ webRouter.post( ++ fileUploadEndpoint, ++ fileUploadRateLimit, ++ AuthenticationController.requireLogin(), ++ AuthorizationMiddleware.ensureUserCanWriteProjectContent, ++ ProjectUploadController.multerMiddleware, ++ ProjectUploadController.uploadFile ++ ) ++ } + } + } diff --git a/server-ce/hotfix/2.0.2/2-read-only-access.patch b/server-ce/hotfix/2.0.2/2-read-only-access.patch new file mode 100644 index 0000000000..246cc3e04d --- /dev/null +++ b/server-ce/hotfix/2.0.2/2-read-only-access.patch @@ -0,0 +1,11 @@ +--- TokenAccessHandler.js ++++ TokenAccessHandler.js +@@ -255,7 +255,7 @@ const TokenAccessHandler = { + + getV1DocPublishedInfo(token, callback) { + // default to allowing access +- if (!Settings.apis || !Settings.apis.v1) { ++ if (!Settings.apis.v1 || !Settings.apis.v1.url) { + return callback(null, { allow: true }) + } + V1Api.request( diff --git a/server-ce/hotfix/2.0.2/3-url-linking-1.patch b/server-ce/hotfix/2.0.2/3-url-linking-1.patch new file mode 100644 index 0000000000..173809842f --- /dev/null +++ b/server-ce/hotfix/2.0.2/3-url-linking-1.patch @@ -0,0 +1,11 @@ +--- Features.js ++++ Features.js +@@ -53,6 +53,8 @@ module.exports = Features = { + return Settings.apis.references.url != null + case 'saml': + return Settings.enableSaml ++ case 'link-url': ++ return Settings.apis.linkedUrlProxy && Settings.apis.linkedUrlProxy.url + default: + throw new Error(`unknown feature: ${feature}`) + } diff --git a/server-ce/hotfix/2.0.2/4-url-linking-2.patch b/server-ce/hotfix/2.0.2/4-url-linking-2.patch new file mode 100644 index 0000000000..587a8e6e0f --- /dev/null +++ b/server-ce/hotfix/2.0.2/4-url-linking-2.patch @@ -0,0 +1,20 @@ +--- new-file-modal.pug ++++ new-file-modal.pug +@@ -21,11 +21,12 @@ script(type='text/ng-template', id='newFileModalTemplate') + i.fa.fa-fw.fa-folder-open + | + | From Another Project +- li(ng-class="type == 'url' ? 'active' : null") +- a(href, ng-click="type = 'url'") +- i.fa.fa-fw.fa-globe +- | +- | From External URL ++ if hasFeature('link-url') ++ li(ng-class="type == 'url' ? 'active' : null") ++ a(href, ng-click="type = 'url'") ++ i.fa.fa-fw.fa-globe ++ | ++ | From External URL + != moduleIncludes("newFileModal:selector", locals) + + td(class="modal-new-file--body modal-new-file--body-{{type}}") diff --git a/server-ce/hotfix/2.0.2/5-disable-analytics-1.patch b/server-ce/hotfix/2.0.2/5-disable-analytics-1.patch new file mode 100644 index 0000000000..198ee03935 --- /dev/null +++ b/server-ce/hotfix/2.0.2/5-disable-analytics-1.patch @@ -0,0 +1,26 @@ +--- AnalyticsController.js ++++ AnalyticsController.js +@@ -3,9 +3,13 @@ const Errors = require('../Errors/Errors') + const AuthenticationController = require('../Authentication/AuthenticationController') + const InstitutionsAPI = require('../Institutions/InstitutionsAPI') + const GeoIpLookup = require('../../infrastructure/GeoIpLookup') ++const Features = require('../../infrastructure/Features') + + module.exports = { + updateEditingSession(req, res, next) { ++ if (!Features.hasFeature('analytics')) { ++ return res.send(204) ++ } + const userId = AuthenticationController.getLoggedInUserId(req) + const { projectId } = req.params + let countryCode = null +@@ -28,6 +32,9 @@ module.exports = { + }, + + recordEvent(req, res, next) { ++ if (!Features.hasFeature('analytics')) { ++ return res.send(204) ++ } + const userId = + AuthenticationController.getLoggedInUserId(req) || req.sessionID + AnalyticsManager.recordEvent(userId, req.params.event, req.body, error => diff --git a/server-ce/hotfix/2.0.2/6-disable-analytics-2.patch b/server-ce/hotfix/2.0.2/6-disable-analytics-2.patch new file mode 100644 index 0000000000..9fb41c1cba --- /dev/null +++ b/server-ce/hotfix/2.0.2/6-disable-analytics-2.patch @@ -0,0 +1,10 @@ +--- Features.js ++++ Features.js +@@ -41,6 +41,7 @@ module.exports = Features = { + case 'templates-server-pro': + return Settings.overleaf == null + case 'affiliations': ++ case 'analytics': + // Checking both properties is needed for the time being to allow + // enabling the feature in web-api and disabling in Server Pro + // see https://github.com/overleaf/web-internal/pull/2127 diff --git a/server-ce/hotfix/2.0.2/Dockerfile b/server-ce/hotfix/2.0.2/Dockerfile new file mode 100644 index 0000000000..7a75ed97a5 --- /dev/null +++ b/server-ce/hotfix/2.0.2/Dockerfile @@ -0,0 +1,31 @@ +FROM sharelatex/sharelatex:2.0.1 + + +# Patch 1: Fixes anonymous link sharing +ADD 1-anon-upload.patch /var/www/sharelatex/web/app/src/Features/Uploads/1-anon-upload.patch +RUN cd /var/www/sharelatex/web/app/src/Features/Uploads/ && \ + patch < 1-anon-upload.patch + + +# Patch 2: Fixes read-only access +ADD 2-read-only-access.patch /var/www/sharelatex/web/app/src/Features/TokenAccess/3-read-only-access.patch +RUN cd /var/www/sharelatex/web/app/src/Features/TokenAccess/ && \ + patch < 3-read-only-access.patch + + +# Patch 3: Fixes url linking +ADD 3-url-linking-1.patch /var/www/sharelatex/web/app/src/infrastructure/6-url-linking-1.patch +RUN cd /var/www/sharelatex/web/app/src/infrastructure/ && \ + patch < 6-url-linking-1.patch +ADD 4-url-linking-2.patch /var/www/sharelatex/web/app/views/project/editor/7-url-linking-2.patch +RUN cd /var/www/sharelatex/web/app/views/project/editor/ && \ + patch < 7-url-linking-2.patch + + +# Patch 4: Disables analytics +ADD 5-disable-analytics-1.patch /var/www/sharelatex/web/app/src/Features/Analytics/8-disable-analytics-1.patch +RUN cd /var/www/sharelatex/web/app/src/Features/Analytics/ && \ + patch < 8-disable-analytics-1.patch +ADD 6-disable-analytics-2.patch /var/www/sharelatex/web/app/src/infrastructure/9-disable-analytics-2.patch +RUN cd /var/www/sharelatex/web/app/src/infrastructure/ && \ + patch < 9-disable-analytics-2.patch