Shane Kilkelly
|
0e44b319db
|
Change anonToken and such to anonymousAccessToken
|
2017-10-20 10:10:21 +01:00 |
|
Shane Kilkelly
|
eab77aba91
|
Abstract away the token-protection logic
|
2017-10-19 16:26:01 +01:00 |
|
Shane Kilkelly
|
97706acbac
|
Fix indentation
|
2017-10-19 14:54:59 +01:00 |
|
Shane Kilkelly
|
5572a0e873
|
Merge branch 'sk-unlisted-projects' of github.com:sharelatex/web-sharelatex-internal into sk-unlisted-projects
|
2017-10-19 14:46:05 +01:00 |
|
Shane Kilkelly
|
d8717a06a2
|
Fix track-changes with token-access
|
2017-10-19 14:42:17 +01:00 |
|
John Lees-Miller
|
3383a057a1
|
Fix typo
(The typo came from my comment in Overleaf many years ago.)
|
2017-10-19 11:47:47 +01:00 |
|
Shane Kilkelly
|
7d2bde85ff
|
Add a setting to enable anonymous read-and-write link sharing
|
2017-10-18 13:04:37 +01:00 |
|
Shane Kilkelly
|
9c247d5f59
|
On project list, only show projects once, with max access
|
2017-10-17 11:10:31 +01:00 |
|
Shane Kilkelly
|
855fe2e143
|
If user is project owner, don't add them as a token user
|
2017-10-16 16:44:20 +01:00 |
|
Shane Kilkelly
|
ad999a72b6
|
If a token-based project not found, check private overleaf project
|
2017-10-16 13:20:15 +01:00 |
|
Shane Kilkelly
|
490ccc6051
|
Add commentary to token-generator, and move token-alpha to top level
|
2017-10-13 11:37:38 +01:00 |
|
Shane Kilkelly
|
ac513a1355
|
Refactor to not pass req down into Auth modules
|
2017-10-13 11:20:57 +01:00 |
|
Shane Kilkelly
|
dcf601fe80
|
Only show token-based projects if accessLevel is set to token-based
|
2017-10-12 15:47:29 +01:00 |
|
Shane Kilkelly
|
9a7c8c5842
|
Revert "Remove remaining traces of UserStub"
This reverts commit ab6b4c32254a20b940c489b8b5b56237433cc0f6.
|
2017-10-12 15:08:48 +01:00 |
|
Shane Kilkelly
|
16416463c6
|
Update removeUserFromProject to account for token-access
|
2017-10-12 11:49:02 +01:00 |
|
Shane Kilkelly
|
6feedf5520
|
Use crypto module for token generation
|
2017-10-12 11:36:45 +01:00 |
|
Shane Kilkelly
|
22c5f41fb6
|
Add logging for token generation
|
2017-10-12 11:25:16 +01:00 |
|
Shane Kilkelly
|
fe708fcc04
|
Generate all missing tokens
|
2017-10-12 11:19:26 +01:00 |
|
Shane Kilkelly
|
70b1e42e36
|
Add deprecation comment regarding legacy access-levels
|
2017-10-12 11:00:39 +01:00 |
|
Shane Kilkelly
|
6e09165452
|
Refactor auth sources
|
2017-10-12 10:57:11 +01:00 |
|
Shane Kilkelly
|
1a4ffe7708
|
Remove un-necessary call to getProject from archiveProject path
|
2017-10-09 11:30:55 +01:00 |
|
Shane Kilkelly
|
ad68adee9a
|
Add more commentary on the anonymous path
|
2017-10-09 11:13:55 +01:00 |
|
Shane Kilkelly
|
e73de3bfd4
|
Fix whitespace in function signature
|
2017-10-09 10:57:23 +01:00 |
|
Shane Kilkelly
|
732ce9417b
|
Don't create tokens on project by default
|
2017-10-09 10:25:20 +01:00 |
|
Shane Kilkelly
|
d386f79a76
|
Clean up
|
2017-10-06 16:10:33 +01:00 |
|
Shane Kilkelly
|
91abb6eed6
|
If project is not tokenBased, don't count members of token arrays
|
2017-10-06 15:57:22 +01:00 |
|
Shane Kilkelly
|
387854db7a
|
Fix an embarassing mistake, generate tokens dynamically, not once.
|
2017-10-06 13:24:10 +01:00 |
|
Shane Kilkelly
|
bb0dad3353
|
Safe access to potentially-null project
|
2017-10-05 14:19:21 +01:00 |
|
Shane Kilkelly
|
b8d90a1a99
|
Show token-access projects on the dashboard
|
2017-10-05 13:20:06 +01:00 |
|
Shane Kilkelly
|
e4e558c0e6
|
Hide access tokens if user is not the project owner.
This prevents sneaky read-only users from sniffing out the read-write
link via the browser console.
|
2017-10-05 13:18:30 +01:00 |
|
Shane Kilkelly
|
6482cd7dd8
|
Generate tokens on old projects if they're not present
|
2017-10-04 16:31:24 +01:00 |
|
Shane Kilkelly
|
b6c2a8f7f7
|
Tidy up callbacks
|
2017-10-03 14:14:22 +01:00 |
|
Shane Kilkelly
|
7b33f8b4c2
|
Unit test TokenAccessController
|
2017-10-03 14:04:59 +01:00 |
|
Shane Kilkelly
|
ede497f4b3
|
Unit test TokenAccessHandler
|
2017-10-03 10:02:26 +01:00 |
|
Shane Kilkelly
|
9f24f696a5
|
Use custom header, send anonToken in payload to joinProject
|
2017-09-29 16:32:07 +01:00 |
|
Shane Kilkelly
|
34d4d1360f
|
Anon read-token: add an Authorization header to $http
|
2017-09-29 15:54:55 +01:00 |
|
Shane Kilkelly
|
9810f63245
|
Render editor for token access, stub out ui changes
|
2017-09-28 16:06:08 +01:00 |
|
Shane Kilkelly
|
4552f3be67
|
Move the getPublicAccessLevel helper to top-level of module
|
2017-09-28 10:53:35 +01:00 |
|
Shane Kilkelly
|
27dcf6c4c5
|
Fix a typo causing double-callbacks
|
2017-09-28 10:37:57 +01:00 |
|
Shane Kilkelly
|
574b115022
|
Working token-based access
|
2017-09-27 14:01:52 +01:00 |
|
Shane Kilkelly
|
ee32648bf4
|
Order privileges by highest-to-lowest
|
2017-09-22 15:55:38 +01:00 |
|
Shane Kilkelly
|
81170d472d
|
Add token-access routes
|
2017-09-22 14:54:35 +01:00 |
|
Shane Kilkelly
|
95292a2e55
|
Add unique index to token properties
|
2017-09-21 15:06:42 +01:00 |
|
Shane Kilkelly
|
441c207953
|
Generate tokens by default
|
2017-09-21 15:04:15 +01:00 |
|
Shane Kilkelly
|
abe41b6948
|
Fix projection in project query
|
2017-09-21 13:37:10 +01:00 |
|
Shane Kilkelly
|
863d327743
|
Change logic to exclude token users
|
2017-09-21 11:02:55 +01:00 |
|
Shane Kilkelly
|
931ba56e33
|
Add an 'owner' source tag, for the project owner
|
2017-09-21 09:35:25 +01:00 |
|
Shane Kilkelly
|
ef7e1ceabf
|
Rename functions to make distinction between invited/token members
|
2017-09-21 09:30:38 +01:00 |
|
Shane Kilkelly
|
91ec0da239
|
Use the invitedMembers function for sending tpds updates
|
2017-09-20 15:48:20 +01:00 |
|
Shane Kilkelly
|
574baf386e
|
Alter getProjectsUserIsMemberOf to include token-access projects.
Also change the api to produce an object with the different project lists
attached, rather than a pair of lists.
|
2017-09-20 15:26:03 +01:00 |
|