Shane Kilkelly
855fe2e143
If user is project owner, don't add them as a token user
2017-10-16 16:44:20 +01:00
Brian Gough
4c78b5770c
use regex for directory check
2017-10-16 15:17:33 +01:00
Brian Gough
2bb7c6d4c6
remove child_process module from ArchiveManager
2017-10-16 14:21:28 +01:00
Brian Gough
96d08e41a7
update tests
2017-10-16 14:15:38 +01:00
Brian Gough
d6d76f132e
replace unzip with yauzl
2017-10-16 14:15:38 +01:00
Alasdair Smith
60c297eac8
Also prevent rollout to modulo 0 users
2017-10-16 13:40:09 +01:00
Shane Kilkelly
ad999a72b6
If a token-based project not found, check private overleaf project
2017-10-16 13:20:15 +01:00
Alasdair Smith
abb21ac96b
Fix autocompile rollout logic
2017-10-16 12:44:11 +01:00
Alasdair Smith
5d3371a52c
Merge pull request #38 from sharelatex/as-autocompile-rollout
...
Rollout for auto compile; Connects to #20
2017-10-16 10:48:43 +01:00
Alasdair Smith
625f52c248
Update cutoff date
2017-10-16 10:28:42 +01:00
Shane Kilkelly
490ccc6051
Add commentary to token-generator, and move token-alpha to top level
2017-10-13 11:37:38 +01:00
Shane Kilkelly
ac513a1355
Refactor to not pass req
down into Auth modules
2017-10-13 11:20:57 +01:00
Brian Gough
4ce639db70
Merge pull request #58 from sharelatex/bg-rate-limit-autocompile
...
fix two bugs in auto compile limit logic
2017-10-13 08:18:31 +01:00
Alasdair Smith
36e1fafb60
Set proportion to 0
2017-10-12 17:10:41 +01:00
James Allen
f0079bb7a4
Merge pull request #41 from sharelatex/ja-transfer-projects
...
Add method to transfer projects from one user_id to another
2017-10-12 16:27:00 +01:00
Brian Gough
fc3ecddd0e
fix two bugs in auto compile limit logic
...
1. the compileGroup is "standard" not default
2. was not excluding normal compiles from metrics
2017-10-12 16:18:14 +01:00
Brian Gough
8cf3288187
avoid exception in validateProjectName
2017-10-12 16:03:12 +01:00
Shane Kilkelly
dcf601fe80
Only show token-based projects if accessLevel is set to token-based
2017-10-12 15:47:29 +01:00
Shane Kilkelly
9a7c8c5842
Revert "Remove remaining traces of UserStub"
...
This reverts commit ab6b4c32254a20b940c489b8b5b56237433cc0f6.
2017-10-12 15:08:48 +01:00
Brian Gough
18370076a2
Merge pull request #45 from sharelatex/bg-auto-doc-flush
...
allow docupdater to flush docs in background (connects to overleaf/sharelatex#190 )
2017-10-12 14:48:16 +01:00
Shane Kilkelly
16416463c6
Update removeUserFromProject
to account for token-access
2017-10-12 11:49:02 +01:00
Shane Kilkelly
6feedf5520
Use crypto module for token generation
2017-10-12 11:36:45 +01:00
Shane Kilkelly
22c5f41fb6
Add logging for token generation
2017-10-12 11:25:16 +01:00
Shane Kilkelly
fe708fcc04
Generate all missing tokens
2017-10-12 11:19:26 +01:00
Shane Kilkelly
70b1e42e36
Add deprecation comment regarding legacy access-levels
2017-10-12 11:00:39 +01:00
Shane Kilkelly
6e09165452
Refactor auth sources
2017-10-12 10:57:11 +01:00
Brian Gough
45ed090326
Merge pull request #37 from sharelatex/bg-rate-limit-autocompile
...
rate limit autocompile (connects to #18 )
2017-10-12 09:25:59 +01:00
Brian Gough
c913ec69ef
Merge pull request #34 from sharelatex/bg-fix-double-callback-in-resources-check
...
fix double callback in resources check (connects to #18 )
2017-10-12 09:20:05 +01:00
Brian Gough
cf25ff058f
use new endpoint docupdater get_and_flush_if_old
2017-10-11 16:05:28 +01:00
Alasdair Smith
5047213c3c
Change rollout detection to account for changes in proportion preserving rolled out users
2017-10-11 14:47:39 +01:00
Hayden Faulds
f017a94b7e
remove unused HistoryManager
2017-10-11 11:18:20 +01:00
Hayden Faulds
4e0a159db4
Merge pull request #40 from sharelatex/hof-pathname-for-doc-store
...
return pathname from DocumentController.getDoc
2017-10-11 09:52:56 +01:00
Brian Gough
5b0d3d1429
simplify rate-limit checking code
2017-10-09 16:31:01 +01:00
Brian Gough
9eec245358
allow docupdater to flush docs in background
2017-10-09 14:17:28 +01:00
Shane Kilkelly
1a4ffe7708
Remove un-necessary call to getProject
from archiveProject
path
2017-10-09 11:30:55 +01:00
Shane Kilkelly
ad68adee9a
Add more commentary on the anonymous path
2017-10-09 11:13:55 +01:00
Shane Kilkelly
e73de3bfd4
Fix whitespace in function signature
2017-10-09 10:57:23 +01:00
Shane Kilkelly
732ce9417b
Don't create tokens on project by default
2017-10-09 10:25:20 +01:00
Shane Kilkelly
d386f79a76
Clean up
2017-10-06 16:10:33 +01:00
Shane Kilkelly
91abb6eed6
If project is not tokenBased, don't count members of token arrays
2017-10-06 15:57:22 +01:00
Shane Kilkelly
387854db7a
Fix an embarassing mistake, generate tokens dynamically, not once.
2017-10-06 13:24:10 +01:00
James Allen
3c54419eb3
Remove commented debug code
2017-10-05 16:12:26 +01:00
James Allen
9c1faa4395
Add method to transfer projects from one user_id to another
2017-10-05 14:26:34 +01:00
Shane Kilkelly
bb0dad3353
Safe access to potentially-null project
2017-10-05 14:19:21 +01:00
Shane Kilkelly
b8d90a1a99
Show token-access projects on the dashboard
2017-10-05 13:20:06 +01:00
Shane Kilkelly
e4e558c0e6
Hide access tokens if user is not the project owner.
...
This prevents sneaky read-only users from sniffing out the read-write
link via the browser console.
2017-10-05 13:18:30 +01:00
Shane Kilkelly
6482cd7dd8
Generate tokens on old projects if they're not present
2017-10-04 16:31:24 +01:00
Alasdair Smith
8366ea271f
Restrict autocompile onboarding to users in rollout (factor of 100)
2017-10-03 17:08:19 +01:00
Brian Gough
d14723f24a
add rate limits for autocompiles
...
global rate limit for all users and a lower rate limit for free users
2017-10-03 16:16:21 +01:00
Shane Kilkelly
b6c2a8f7f7
Tidy up callbacks
2017-10-03 14:14:22 +01:00
Shane Kilkelly
7b33f8b4c2
Unit test TokenAccessController
2017-10-03 14:04:59 +01:00
Alasdair Smith
91e0397bf5
Update signup date check to today
2017-10-03 10:48:59 +01:00
Shane Kilkelly
ede497f4b3
Unit test TokenAccessHandler
2017-10-03 10:02:26 +01:00
Brian Gough
bd005d7bb6
fix double callback in precompile resources check
2017-10-02 10:14:52 +01:00
Shane Kilkelly
9f24f696a5
Use custom header, send anonToken in payload to joinProject
2017-09-29 16:32:07 +01:00
Shane Kilkelly
34d4d1360f
Anon read-token: add an Authorization header to $http
2017-09-29 15:54:55 +01:00
Hayden Faulds
bf1c24f6f9
return pathname from DocumentController.getDoc
2017-09-29 15:37:10 +01:00
Shane Kilkelly
9810f63245
Render editor for token access, stub out ui changes
2017-09-28 16:06:08 +01:00
Alasdair Smith
3e2388a7de
Don't show autocompile for users signed up after release date
2017-09-28 13:57:15 +01:00
Alasdair Smith
f2c0bf5515
First pass at getting onboarding shown event from analytics
2017-09-28 13:04:18 +01:00
Alasdair Smith
afff8ddf29
Pass (dummy) autocompile onboarding
2017-09-28 11:13:49 +01:00
Shane Kilkelly
4552f3be67
Move the getPublicAccessLevel
helper to top-level of module
2017-09-28 10:53:35 +01:00
Shane Kilkelly
27dcf6c4c5
Fix a typo causing double-callbacks
2017-09-28 10:37:57 +01:00
Shane Kilkelly
574b115022
Working token-based access
2017-09-27 14:01:52 +01:00
Brian Gough
13628f82ec
Merge pull request #17 from sharelatex/bg-lock-compiles
...
show error for compile in progress
2017-09-27 13:54:16 +01:00
Hayden Faulds
4adf88ca01
handle OL or SL ids in UserInfoController.getPersonalInfo
2017-09-26 11:40:05 +01:00
Hayden Faulds
2c0e9bb89a
return overleaf details from ProejctsDetailsHandler.getdetails
2017-09-26 10:19:30 +01:00
Brian Gough
0f855689a7
show error for compile in progress
2017-09-26 08:07:35 +01:00
Shane Kilkelly
ee32648bf4
Order privileges by highest-to-lowest
2017-09-22 15:55:38 +01:00
Shane Kilkelly
81170d472d
Add token-access routes
2017-09-22 14:54:35 +01:00
Shane Kilkelly
95292a2e55
Add unique index to token properties
2017-09-21 15:06:42 +01:00
Shane Kilkelly
441c207953
Generate tokens by default
2017-09-21 15:04:15 +01:00
Shane Kilkelly
abe41b6948
Fix projection in project query
2017-09-21 13:37:10 +01:00
Shane Kilkelly
863d327743
Change logic to exclude token users
2017-09-21 11:02:55 +01:00
Shane Kilkelly
931ba56e33
Add an 'owner' source tag, for the project owner
2017-09-21 09:35:25 +01:00
Shane Kilkelly
ef7e1ceabf
Rename functions to make distinction between invited/token members
2017-09-21 09:30:38 +01:00
Shane Kilkelly
91ec0da239
Use the invitedMembers function for sending tpds updates
2017-09-20 15:48:20 +01:00
Shane Kilkelly
574baf386e
Alter getProjectsUserIsMemberOf
to include token-access projects.
...
Also change the api to produce an object with the different project lists
attached, rather than a pair of lists.
2017-09-20 15:26:03 +01:00
Shane Kilkelly
ceb7c509d0
Rename getProjectsUserIsCollaboratorOf
to ...IsMemberOf
...
This brings the naming more in line with current conventions.
2017-09-20 13:16:50 +01:00
Shane Kilkelly
069f49d5a6
Change getCollaboratorCount
to getInvitedCollaboratorCount
.
...
And update the one call-site in LimitationsManager. This function
is used to limit invites, so it makes sense to explicitely limit
this to Invited members of the project.
2017-09-20 10:29:47 +01:00
Shane Kilkelly
8460160076
Add a getInvitedMembersWithPrivilegeLevels
function.
...
Then use it to build the loadProject view-model.
2017-09-20 10:02:43 +01:00
Shane Kilkelly
cf54989e6a
Add a getInvitedMemberIds
function
...
Limited to only members who were invited to the project, not users
who have access via a token.
2017-09-20 09:36:56 +01:00
Shane Kilkelly
fc202439ab
Read-only privelege for anonymous access
2017-09-20 09:36:06 +01:00
Shane Kilkelly
06966f67db
Differentiate project members by source, include token members
2017-09-20 09:35:19 +01:00
Shane Kilkelly
a06f4b6b28
Remove remaining traces of UserStub
2017-09-19 16:16:39 +01:00
Shane Kilkelly
7919d5342b
Remove obsolete add-email-to-project workflow
2017-09-19 15:57:19 +01:00
Shane Kilkelly
c87df7be79
Add token-access user refs to Project
2017-09-19 09:27:22 +01:00
Shane Kilkelly
8fece2d5f0
Add tokenBased
access level
2017-09-18 10:58:13 +01:00
Shane Kilkelly
2011432120
Add tokens property to Project model
2017-09-18 10:27:28 +01:00
James Allen
adf211a226
Merge pull request #594 from sharelatex/ja-include-token-in-project-schema
...
Include OL tokens in project schema
2017-09-15 11:41:24 +02:00
Brian Gough
9f9c15f6f5
Merge pull request #599 from sharelatex/bg-reset-project-state
...
clear docupdater project state in deleteAuxFiles
2017-09-15 09:09:29 +01:00
Brian Gough
28a80cf23d
Merge pull request #604 from sharelatex/bg-fix-root-doc-in-incremental-compile
...
fix root doc in incremental compile
2017-09-13 13:47:22 +01:00
Tim Alby
a04adbf132
remove extra security headers
2017-09-13 11:53:11 +02:00
Brian Gough
51eb94a493
handle incremental compile without root doc
2017-09-13 10:10:44 +01:00
Brian Gough
0e87b8950e
update clearProjectState endpoint
2017-09-12 11:40:00 +01:00
Tim Alby
d6834ff417
add security headers using Helmet
...
- use all Helmet's default headers except `X-DNS-Prefetch-Control`
- use `Referrer-Policy`
- use cache headers when:
- a user is logged in, OR
- a project is displayed
2017-09-12 11:17:59 +02:00
Brian Gough
5430c8a3c2
Merge pull request #593 from sharelatex/bg-fix-inactive-projects-request
...
avoid error when passing as limit in mongo query
2017-09-11 08:16:28 +01:00
Brian Gough
6d73c48c36
Merge pull request #596 from sharelatex/bg-suppress-incremental-compile-after-errors
...
suppress incremental compile after errors
2017-09-11 08:15:50 +01:00
Brian Gough
2b4c8bd846
clear docupdater project state in deleteAuxFiles
2017-09-08 15:57:29 +01:00
Brian Gough
e8435e3eae
make condition clearer for incremental compile
2017-09-08 13:39:24 +01:00
Brian Gough
03a5ff2e43
skip incremental compile after docupdater error
2017-09-07 15:06:09 +01:00
Shane Kilkelly
586d1f1599
Merge pull request #531 from sharelatex/sk-allow-explicit-ses-email-config
...
Instantiate the ses client if explicitly specified.
2017-09-07 10:21:01 +01:00
Brian Gough
3ac0e97a14
avoid error when passing as limit in mongo query
...
convert request parameter from string to number
2017-09-05 12:33:13 +01:00
Brian Gough
e2368615e2
Merge pull request #589 from sharelatex/bg-check-options-for-incremental-compile
...
include the options in the project state hash
2017-09-05 11:53:17 +01:00
Brian Gough
2e6c578dd7
add ol-style.css to fingerprint list
2017-09-05 10:54:26 +01:00
James Allen
39320c20b8
Include OL tokens in project schema
2017-09-05 10:50:39 +02:00
Brian Gough
d9557fcbf5
include the options in the project state hash
2017-09-01 16:36:51 +01:00
Shane Kilkelly
3d0268a486
Add other required properties for project load.
2017-09-01 11:36:23 +01:00
Shane Kilkelly
68f860b28d
Load user features alongside id and email.
...
Fixes a bug where project features were not applied properly,
and instead fell back to the free-account defaults.
2017-09-01 11:16:45 +01:00
James Allen
9c4dc40abf
Merge pull request #583 from sharelatex/ja-import-projects
...
Add in UserStub model and support in collaborators view
2017-08-29 16:06:00 +02:00
James Allen
a58a715fad
Merge pull request #570 from sharelatex/ho-null-check-redis-sessions
...
Ho null check redis sessions
2017-08-29 15:44:22 +02:00
James Allen
8d268e9d42
Merge pull request #580 from sharelatex/ja-import-collaborators
...
Add in UserStub model and support in collaborators view
2017-08-29 15:43:54 +02:00
James Allen
ba43e45f85
Merge pull request #578 from sharelatex/ja-import-projects
...
Update Project schema for overleaf imports
2017-08-29 15:43:39 +02:00
James Allen
bb6ca9ba51
Update Project schema
2017-08-29 15:21:05 +02:00
Brian Gough
f9d1650c6a
Merge pull request #569 from sharelatex/bg-compile-from-redis
...
compile from redis
2017-08-25 09:09:52 +01:00
James Allen
d5839437fd
Add in UserStub model and support in collaborators view
2017-08-24 17:48:47 +02:00
James Allen
b4254f06ef
Update Project schema for overleaf imports
2017-08-21 17:49:08 +02:00
Brian Gough
90ff58b820
compute project state hash from sorted docs/files
2017-08-16 10:49:29 +01:00
Brian Gough
739445336f
remove unused code and fix flushing
2017-08-15 16:00:00 +01:00
Brian Gough
4789dd23ee
docupdater will parse lines in getProjectDocs
...
no need to do this in web now
2017-08-11 16:57:23 +01:00
James Allen
1f326f7990
Merge pull request #575 from sharelatex/ja-overleaf-oauth
...
Allow OAuth based log-ins from Overleaf
2017-08-10 10:28:41 +02:00
Brian Gough
e2048e1ed5
use incrementalCompilesEnabled as option name
2017-08-09 16:25:57 +01:00
Brian Gough
836bddd91f
comment about 409 code in DocumentUpdaterHandler
2017-08-09 16:00:11 +01:00
Brian Gough
ddecd26718
flush documents to mongo on incremental compiles
2017-08-09 15:47:44 +01:00
James Allen
7538c8834f
Merge branch 'master' into ja-per-user-track-changes
2017-08-09 14:05:36 +02:00
James Allen
a0a45ee654
Update date
2017-08-09 14:02:40 +02:00
Brian Gough
7eb1c01994
add metrics for incremental compiles
2017-08-09 11:41:09 +01:00
Brian Gough
97b129cbe3
enable incremental compilation for beta users
2017-08-09 10:57:24 +01:00
James Allen
638eeb1247
Update Server.coffee
2017-08-09 11:51:08 +02:00
James Allen
17e849792c
Pull out logic into module
2017-08-09 11:50:05 +02:00
Brian Gough
8aa77cec5e
provide fallback to normal compile method
2017-08-08 16:48:47 +01:00
Brian Gough
203e42fa4c
clean up options handling
2017-08-08 16:48:37 +01:00
James Allen
eac0ce8353
Initial spike of Overleaf based logins
2017-08-08 14:00:21 +02:00
Brian Gough
31e71854a4
fix unit tests
2017-08-08 11:38:31 +01:00
Brian Gough
849e905efb
simplify incremental request to docupdater
...
if project state hasn't changed, get the docs from the docupdater -- we
check/set the hash and return the docs in a single request. Otherwise
do a full request from mongo.
2017-08-07 14:45:04 +01:00
Brian Gough
1321009fe1
update docupdater endpoint to /project/id/docs
2017-08-03 14:40:46 +01:00
Henry Oswald
33fe252a15
null check user during logout
2017-08-03 13:26:14 +01:00
Henry Oswald
35f31d5a3c
null check the user correctly
2017-08-03 13:17:39 +01:00
Brian Gough
38c879faf2
improve comment about ClsiStateManager hash
2017-08-03 12:15:27 +01:00
Brian Gough
6d331e8ffd
use projectStateUnchanged instead of stateOk
2017-08-03 12:10:23 +01:00
Brian Gough
f44b844d74
refer to project state as projectStateHash
2017-08-03 12:08:11 +01:00
Brian Gough
5c02255e07
use syncType and syncState for clsi state options
2017-08-03 11:44:10 +01:00
Brian Gough
fb29ac3031
clean up logging
2017-08-03 11:36:59 +01:00
Brian Gough
0a859d3b33
clean up state manager
2017-08-03 11:36:23 +01:00
Brian Gough
a955b8fcc9
remove unused inline function
2017-08-03 11:35:42 +01:00
Brian Gough
a4117487e9
switch from mongoose to mongojs in ClsiManager
...
for efficiency
2017-08-03 11:35:42 +01:00
Brian Gough
17b1075dc9
add rootFolder to attributes in Clsi request
2017-08-03 10:20:57 +01:00
James Allen
86a38df6e0
Merge pull request #563 from sharelatex/pr-support-html-encoded-i18n
...
Support HTML encoded i18n
2017-08-03 10:36:35 +02:00
James Allen
3d9da02815
Merge pull request #555 from sharelatex/sk-password-policy
...
Enforce stricter password policy.
2017-08-03 10:35:00 +02:00
James Allen
28838eff60
Merge pull request #567 from sharelatex/ja-admin-panel-additions
...
Some refactoring and methods needed to support the admin panel
2017-08-03 10:34:33 +02:00