github/overleaf
1
0
Fork 0
mirror of https://github.com/overleaf/overleaf.git synced 2024-11-30 05:15:20 -05:00
Code Issues Projects Releases Packages Wiki Activity

Move public access setting to its own end point

Browse source
This commit is contained in:
James Allen 2016-03-10 11:13:57 +00:00
parent d235ab22ed
commit e36be96ec9
7 changed files with 44 additions and 19 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

1
services/web/Gruntfile.coffee
View file

@ -143,6 +143,7 @@ module.exports = (grunt) ->
acceptance: acceptance:
src: ["test/acceptance/js/#{grunt.option('feature') or '**'}/*.js"] src: ["test/acceptance/js/#{grunt.option('feature') or '**'}/*.js"]
options: options:
timeout: 10000
reporter: grunt.option('reporter') or 'spec' reporter: grunt.option('reporter') or 'spec'
grep: grunt.option("grep") grep: grunt.option("grep")

8
services/web/app/coffee/Features/Project/ProjectController.coffee
View file

@ -42,6 +42,14 @@ module.exports = ProjectController =
jobs.push (callback) -> jobs.push (callback) ->
editorController.setRootDoc project_id, req.body.rootDocId, callback editorController.setRootDoc project_id, req.body.rootDocId, callback
async.series jobs, (error) ->
return next(error) if error?
res.sendStatus(204)
updateProjectAdminSettings: (req, res, next) ->
project_id = req.params.Project_id
jobs = []
if req.body.publicAccessLevel? if req.body.publicAccessLevel?
jobs.push (callback) -> jobs.push (callback) ->
editorController.setPublicAccessLevel project_id, req.body.publicAccessLevel, callback editorController.setPublicAccessLevel project_id, req.body.publicAccessLevel, callback

1
services/web/app/coffee/router.coffee
View file

@ -103,6 +103,7 @@ module.exports = class Router
}), SecurityManager.requestCanAccessProject, ProjectController.loadEditor }), SecurityManager.requestCanAccessProject, ProjectController.loadEditor
webRouter.get '/Project/:Project_id/file/:File_id', SecurityManager.requestCanAccessProject, FileStoreController.getFile webRouter.get '/Project/:Project_id/file/:File_id', SecurityManager.requestCanAccessProject, FileStoreController.getFile
webRouter.post '/project/:Project_id/settings', SecurityManager.requestCanModifyProject, ProjectController.updateProjectSettings webRouter.post '/project/:Project_id/settings', SecurityManager.requestCanModifyProject, ProjectController.updateProjectSettings
webRouter.post '/project/:Project_id/settings/admin', SecurityManager.requestIsOwner, ProjectController.updateProjectAdminSettings
webRouter.post '/project/:Project_id/compile', SecurityManager.requestCanAccessProject, CompileController.compile webRouter.post '/project/:Project_id/compile', SecurityManager.requestCanAccessProject, CompileController.compile
webRouter.get '/Project/:Project_id/output/output.pdf', SecurityManager.requestCanAccessProject, CompileController.downloadPdf webRouter.get '/Project/:Project_id/output/output.pdf', SecurityManager.requestCanAccessProject, CompileController.downloadPdf

5
services/web/public/coffee/ide/settings/services/settings.coffee
View file

@ -10,5 +10,10 @@ define [
saveProjectSettings: (data) -> saveProjectSettings: (data) ->
data._csrf = window.csrfToken data._csrf = window.csrfToken
ide.$http.post "/project/#{ide.project_id}/settings", data ide.$http.post "/project/#{ide.project_id}/settings", data
saveProjectAdminSettings: (data) ->
data._csrf = window.csrfToken
ide.$http.post "/project/#{ide.project_id}/settings/admin", data
} }
] ]

4
services/web/public/coffee/ide/share/controllers/ShareProjectModalController.coffee
View file

@ -143,7 +143,7 @@ define [
$scope.makePublic = () -> $scope.makePublic = () ->
$scope.project.publicAccesLevel = $scope.inputs.privileges $scope.project.publicAccesLevel = $scope.inputs.privileges
settings.saveProjectSettings({publicAccessLevel: $scope.inputs.privileges}) settings.saveProjectAdminSettings({publicAccessLevel: $scope.inputs.privileges})
$modalInstance.close() $modalInstance.close()
$scope.cancel = () -> $scope.cancel = () ->
@ -153,7 +153,7 @@ define [
App.controller "MakePrivateModalController", ["$scope", "$modalInstance", "settings", ($scope, $modalInstance, settings) -> App.controller "MakePrivateModalController", ["$scope", "$modalInstance", "settings", ($scope, $modalInstance, settings) ->
$scope.makePrivate = () -> $scope.makePrivate = () ->
$scope.project.publicAccesLevel = "private" $scope.project.publicAccesLevel = "private"
settings.saveProjectSettings({publicAccessLevel: "private"}) settings.saveProjectAdminSettings({publicAccessLevel: "private"})
$modalInstance.close() $modalInstance.close()
$scope.cancel = () -> $scope.cancel = () ->

25
services/web/test/UnitTests/coffee/Project/ProjectControllerTests.coffee
View file

@ -126,18 +126,6 @@ describe "ProjectController", ->
done() done()
@ProjectController.updateProjectSettings @req, @res @ProjectController.updateProjectSettings @req, @res
it "should update the public access level", (done) ->
@EditorController.setPublicAccessLevel = sinon.stub().callsArg(2)
@req.body =
publicAccessLevel: @publicAccessLevel = "readonly"
@res.sendStatus = (code) =>
@EditorController.setPublicAccessLevel
.calledWith(@project_id, @publicAccessLevel)
.should.equal true
code.should.equal 204
done()
@ProjectController.updateProjectSettings @req, @res
it "should update the root doc", (done) -> it "should update the root doc", (done) ->
@EditorController.setRootDoc = sinon.stub().callsArg(2) @EditorController.setRootDoc = sinon.stub().callsArg(2)
@req.body = @req.body =
@ -149,6 +137,19 @@ describe "ProjectController", ->
code.should.equal 204 code.should.equal 204
done() done()
@ProjectController.updateProjectSettings @req, @res @ProjectController.updateProjectSettings @req, @res
describe "updateProjectAdminSettings", ->
it "should update the public access level", (done) ->
@EditorController.setPublicAccessLevel = sinon.stub().callsArg(2)
@req.body =
publicAccessLevel: @publicAccessLevel = "readonly"
@res.sendStatus = (code) =>
@EditorController.setPublicAccessLevel
.calledWith(@project_id, @publicAccessLevel)
.should.equal true
code.should.equal 204
done()
@ProjectController.updateProjectAdminSettings @req, @res
describe "deleteProject", -> describe "deleteProject", ->
it "should tell the project deleter to archive when forever=false", (done)-> it "should tell the project deleter to archive when forever=false", (done)->

19
services/web/test/acceptance/coffee/AuthorizationTests.coffee
View file

@ -56,7 +56,7 @@ class User
makePublic: (project_id, level, callback = (error) ->) -> makePublic: (project_id, level, callback = (error) ->) ->
@request.post { @request.post {
url: "/project/#{project_id}/settings", url: "/project/#{project_id}/settings/admin",
json: json:
publicAccessLevel: level publicAccessLevel: level
}, (error, response, body) -> }, (error, response, body) ->
@ -78,7 +78,7 @@ class User
callback() callback()
try_read_access = (user, project_id, test, callback) -> try_read_access = (user, project_id, test, callback) ->
async.parallel [ async.series [
(cb) -> (cb) ->
user.request.get "/project/#{project_id}", (error, response, body) -> user.request.get "/project/#{project_id}", (error, response, body) ->
return cb(error) if error? return cb(error) if error?
@ -92,7 +92,7 @@ try_read_access = (user, project_id, test, callback) ->
], callback ], callback
try_settings_write_access = (user, project_id, test, callback) -> try_settings_write_access = (user, project_id, test, callback) ->
async.parallel [ async.series [
(cb) -> (cb) ->
user.request.post { user.request.post {
uri: "/project/#{project_id}/settings" uri: "/project/#{project_id}/settings"
@ -105,7 +105,7 @@ try_settings_write_access = (user, project_id, test, callback) ->
], callback ], callback
try_admin_access = (user, project_id, test, callback) -> try_admin_access = (user, project_id, test, callback) ->
async.parallel [ async.series [
(cb) -> (cb) ->
user.request.post { user.request.post {
uri: "/project/#{project_id}/rename" uri: "/project/#{project_id}/rename"
@ -115,6 +115,15 @@ try_admin_access = (user, project_id, test, callback) ->
return cb(error) if error? return cb(error) if error?
test(response, body) test(response, body)
cb() cb()
(cb) ->
user.request.post {
uri: "/project/#{project_id}/settings/admin"
json:
publicAccessLevel: "private"
}, (error, response, body) ->
return cb(error) if error?
test(response, body)
cb()
], callback ], callback
try_content_access = (user, project_id, test, callback) -> try_content_access = (user, project_id, test, callback) ->
@ -198,7 +207,7 @@ describe "Authorization", ->
@other1 = new User() @other1 = new User()
@other2 = new User() @other2 = new User()
@anon = new User() @anon = new User()
async.parallel [ async.series [
(cb) => @owner.login cb (cb) => @owner.login cb
(cb) => @other1.login cb (cb) => @other1.login cb
(cb) => @other2.login cb (cb) => @other2.login cb