github/overleaf
1
0
Fork 0
mirror of https://github.com/overleaf/overleaf.git synced 2024-09-16 02:52:31 -04:00
Code Issues Projects Releases Packages Wiki Activity
7805 commits 3 branches 7 tags 221 MiB
Commit graph

20 commits

Author SHA1 Message Date
Ersun Warncke
642b45d0d6 use v1 doc info api 2018-10-02 11:16:46 -04:00
Alasdair Smith
435fe11115 Check if v1 project was exported if not found 
This prevents a redirect loop for projects which were exported but then
deleted on v2. v2 would not find the project, redirect to v1, which
would find that it was exported and redirect back to v2.
 2018-09-28 11:47:14 +01:00
Ersun Warncke
7b90fcb186 Merge pull request #969 from sharelatex/ew-check-doc-token-access 
check access for doc on read only token
 2018-09-25 08:35:56 -04:00
Ersun Warncke
eeed857dd9 change api path 2018-09-25 06:45:27 -04:00
Ersun Warncke
f0c0834b0f only do v1 access check when api config present 2018-09-25 05:42:04 -04:00
Alasdair Smith
d6350c963e Remove projectExists flag from higher access check 
Now that find project by read and read/write token methods check whether
the project exists, it is not neccessary to check whether the project
exists in the higher access check. Therefore it has been removed
 2018-09-24 19:00:10 +01:00
Alasdair Smith
99dec02266 If no project found for read/write token, redirect to v1 2018-09-24 19:00:10 +01:00
Alasdair Smith
237810509a If no project found for read token, redirect to v1 2018-09-24 19:00:10 +01:00
Alasdair Smith
9d600afdf8 Fix failing tests for token access 
If project was changed from token access to private, then we want to
404 on v2 (not redirect to v1). So the logic was changed to check if the
project exists and if it does then a 404 is returned. If it does not
then it redirects to v1.
 2018-09-13 12:09:19 +01:00
Shane Kilkelly
9984ab081e Generalise the higher-access logic for read-write token path 2017-11-01 11:50:04 +00:00
Shane Kilkelly
0e44b319db Change anonToken and such to anonymousAccessToken 2017-10-20 10:10:21 +01:00
Shane Kilkelly
eab77aba91 Abstract away the token-protection logic 2017-10-19 16:26:01 +01:00
Shane Kilkelly
7d2bde85ff Add a setting to enable anonymous read-and-write link sharing 2017-10-18 13:04:37 +01:00
Shane Kilkelly
855fe2e143 If user is project owner, don't add them as a token user 2017-10-16 16:44:20 +01:00
Shane Kilkelly
ad999a72b6 If a token-based project not found, check private overleaf project 2017-10-16 13:20:15 +01:00
Shane Kilkelly
ac513a1355 Refactor to not pass req down into Auth modules 2017-10-13 11:20:57 +01:00
Shane Kilkelly
b6c2a8f7f7 Tidy up callbacks 2017-10-03 14:14:22 +01:00
Shane Kilkelly
ede497f4b3 Unit test TokenAccessHandler 2017-10-03 10:02:26 +01:00
Shane Kilkelly
574b115022 Working token-based access 2017-09-27 14:01:52 +01:00
Shane Kilkelly
81170d472d Add token-access routes 2017-09-22 14:54:35 +01:00