mirror of
https://github.com/overleaf/overleaf.git
synced 2024-11-30 05:15:20 -05:00
Move public access setting to its own end point
This commit is contained in:
parent
d235ab22ed
commit
e36be96ec9
7 changed files with 44 additions and 19 deletions
|
@ -143,6 +143,7 @@ module.exports = (grunt) ->
|
|||
acceptance:
|
||||
src: ["test/acceptance/js/#{grunt.option('feature') or '**'}/*.js"]
|
||||
options:
|
||||
timeout: 10000
|
||||
reporter: grunt.option('reporter') or 'spec'
|
||||
grep: grunt.option("grep")
|
||||
|
||||
|
|
|
@ -42,6 +42,14 @@ module.exports = ProjectController =
|
|||
jobs.push (callback) ->
|
||||
editorController.setRootDoc project_id, req.body.rootDocId, callback
|
||||
|
||||
async.series jobs, (error) ->
|
||||
return next(error) if error?
|
||||
res.sendStatus(204)
|
||||
|
||||
updateProjectAdminSettings: (req, res, next) ->
|
||||
project_id = req.params.Project_id
|
||||
|
||||
jobs = []
|
||||
if req.body.publicAccessLevel?
|
||||
jobs.push (callback) ->
|
||||
editorController.setPublicAccessLevel project_id, req.body.publicAccessLevel, callback
|
||||
|
|
|
@ -103,6 +103,7 @@ module.exports = class Router
|
|||
}), SecurityManager.requestCanAccessProject, ProjectController.loadEditor
|
||||
webRouter.get '/Project/:Project_id/file/:File_id', SecurityManager.requestCanAccessProject, FileStoreController.getFile
|
||||
webRouter.post '/project/:Project_id/settings', SecurityManager.requestCanModifyProject, ProjectController.updateProjectSettings
|
||||
webRouter.post '/project/:Project_id/settings/admin', SecurityManager.requestIsOwner, ProjectController.updateProjectAdminSettings
|
||||
|
||||
webRouter.post '/project/:Project_id/compile', SecurityManager.requestCanAccessProject, CompileController.compile
|
||||
webRouter.get '/Project/:Project_id/output/output.pdf', SecurityManager.requestCanAccessProject, CompileController.downloadPdf
|
||||
|
|
|
@ -10,5 +10,10 @@ define [
|
|||
saveProjectSettings: (data) ->
|
||||
data._csrf = window.csrfToken
|
||||
ide.$http.post "/project/#{ide.project_id}/settings", data
|
||||
|
||||
saveProjectAdminSettings: (data) ->
|
||||
data._csrf = window.csrfToken
|
||||
ide.$http.post "/project/#{ide.project_id}/settings/admin", data
|
||||
|
||||
}
|
||||
]
|
|
@ -143,7 +143,7 @@ define [
|
|||
|
||||
$scope.makePublic = () ->
|
||||
$scope.project.publicAccesLevel = $scope.inputs.privileges
|
||||
settings.saveProjectSettings({publicAccessLevel: $scope.inputs.privileges})
|
||||
settings.saveProjectAdminSettings({publicAccessLevel: $scope.inputs.privileges})
|
||||
$modalInstance.close()
|
||||
|
||||
$scope.cancel = () ->
|
||||
|
@ -153,7 +153,7 @@ define [
|
|||
App.controller "MakePrivateModalController", ["$scope", "$modalInstance", "settings", ($scope, $modalInstance, settings) ->
|
||||
$scope.makePrivate = () ->
|
||||
$scope.project.publicAccesLevel = "private"
|
||||
settings.saveProjectSettings({publicAccessLevel: "private"})
|
||||
settings.saveProjectAdminSettings({publicAccessLevel: "private"})
|
||||
$modalInstance.close()
|
||||
|
||||
$scope.cancel = () ->
|
||||
|
|
|
@ -126,18 +126,6 @@ describe "ProjectController", ->
|
|||
done()
|
||||
@ProjectController.updateProjectSettings @req, @res
|
||||
|
||||
it "should update the public access level", (done) ->
|
||||
@EditorController.setPublicAccessLevel = sinon.stub().callsArg(2)
|
||||
@req.body =
|
||||
publicAccessLevel: @publicAccessLevel = "readonly"
|
||||
@res.sendStatus = (code) =>
|
||||
@EditorController.setPublicAccessLevel
|
||||
.calledWith(@project_id, @publicAccessLevel)
|
||||
.should.equal true
|
||||
code.should.equal 204
|
||||
done()
|
||||
@ProjectController.updateProjectSettings @req, @res
|
||||
|
||||
it "should update the root doc", (done) ->
|
||||
@EditorController.setRootDoc = sinon.stub().callsArg(2)
|
||||
@req.body =
|
||||
|
@ -150,6 +138,19 @@ describe "ProjectController", ->
|
|||
done()
|
||||
@ProjectController.updateProjectSettings @req, @res
|
||||
|
||||
describe "updateProjectAdminSettings", ->
|
||||
it "should update the public access level", (done) ->
|
||||
@EditorController.setPublicAccessLevel = sinon.stub().callsArg(2)
|
||||
@req.body =
|
||||
publicAccessLevel: @publicAccessLevel = "readonly"
|
||||
@res.sendStatus = (code) =>
|
||||
@EditorController.setPublicAccessLevel
|
||||
.calledWith(@project_id, @publicAccessLevel)
|
||||
.should.equal true
|
||||
code.should.equal 204
|
||||
done()
|
||||
@ProjectController.updateProjectAdminSettings @req, @res
|
||||
|
||||
describe "deleteProject", ->
|
||||
it "should tell the project deleter to archive when forever=false", (done)->
|
||||
@res.sendStatus = (code)=>
|
||||
|
|
|
@ -56,7 +56,7 @@ class User
|
|||
|
||||
makePublic: (project_id, level, callback = (error) ->) ->
|
||||
@request.post {
|
||||
url: "/project/#{project_id}/settings",
|
||||
url: "/project/#{project_id}/settings/admin",
|
||||
json:
|
||||
publicAccessLevel: level
|
||||
}, (error, response, body) ->
|
||||
|
@ -78,7 +78,7 @@ class User
|
|||
callback()
|
||||
|
||||
try_read_access = (user, project_id, test, callback) ->
|
||||
async.parallel [
|
||||
async.series [
|
||||
(cb) ->
|
||||
user.request.get "/project/#{project_id}", (error, response, body) ->
|
||||
return cb(error) if error?
|
||||
|
@ -92,7 +92,7 @@ try_read_access = (user, project_id, test, callback) ->
|
|||
], callback
|
||||
|
||||
try_settings_write_access = (user, project_id, test, callback) ->
|
||||
async.parallel [
|
||||
async.series [
|
||||
(cb) ->
|
||||
user.request.post {
|
||||
uri: "/project/#{project_id}/settings"
|
||||
|
@ -105,7 +105,7 @@ try_settings_write_access = (user, project_id, test, callback) ->
|
|||
], callback
|
||||
|
||||
try_admin_access = (user, project_id, test, callback) ->
|
||||
async.parallel [
|
||||
async.series [
|
||||
(cb) ->
|
||||
user.request.post {
|
||||
uri: "/project/#{project_id}/rename"
|
||||
|
@ -115,6 +115,15 @@ try_admin_access = (user, project_id, test, callback) ->
|
|||
return cb(error) if error?
|
||||
test(response, body)
|
||||
cb()
|
||||
(cb) ->
|
||||
user.request.post {
|
||||
uri: "/project/#{project_id}/settings/admin"
|
||||
json:
|
||||
publicAccessLevel: "private"
|
||||
}, (error, response, body) ->
|
||||
return cb(error) if error?
|
||||
test(response, body)
|
||||
cb()
|
||||
], callback
|
||||
|
||||
try_content_access = (user, project_id, test, callback) ->
|
||||
|
@ -198,7 +207,7 @@ describe "Authorization", ->
|
|||
@other1 = new User()
|
||||
@other2 = new User()
|
||||
@anon = new User()
|
||||
async.parallel [
|
||||
async.series [
|
||||
(cb) => @owner.login cb
|
||||
(cb) => @other1.login cb
|
||||
(cb) => @other2.login cb
|
||||
|
|
Loading…
Reference in a new issue