Mathias Jakobsen
af76768eb7
Merge pull request #13372 from overleaf/mj-captcha-add-email
...
[web] Add recaptcha to add-email
GitOrigin-RevId: 0540e0dbc3103dcaac87dd7fabeedbc5892c371c
2023-07-17 10:40:08 +00:00
Brian Gough
64ca8ce094
Merge pull request #13530 from overleaf/bg-support-managed-users
...
add backend support for managed users
GitOrigin-RevId: 61d965949c864013be31206661d2d36b35dd37a1
2023-07-17 10:39:58 +00:00
Miguel Serrano
7e6613a1a0
Merge pull request #13327 from overleaf/msm-web-track-changes-cleanup
...
[web] Cleanup track-changes from web
GitOrigin-RevId: 8cef709ec5e91e4ffe8cd06826038ed84f36ef67
2023-07-17 10:28:12 +00:00
June Kelly
d68ed0efdf
Merge pull request #13140 from overleaf/jk-real-time-disconnect-link-sharing
...
[real-time] Disconnect relevant users when link-sharing is turned off
GitOrigin-RevId: cf44a30a235717b658a759e8a74ae4d0e5abae47
2023-05-31 08:05:07 +00:00
Jakob Ackermann
915914840a
Merge pull request #13083 from overleaf/ds-jpa-project-ownership-change
...
[web] let invited admins transfer ownership of projects
GitOrigin-RevId: 49da7d42bec089f2278bde8942a63e5538fb5401
2023-05-16 08:05:22 +00:00
Eric Mc Sween
1117bfae20
Merge pull request #13023 from overleaf/em-delete-git-bridge-data
...
Delete git bridge data when a project is expired
GitOrigin-RevId: a600941831af31ff7712d44e437936cd416fc644
2023-05-16 08:05:07 +00:00
Eric Mc Sween
9528eab43e
Merge pull request #13000 from overleaf/em-revert-delete-git-bridge-data
...
Revert "Delete git bridge data when a project is expired"
GitOrigin-RevId: a8674e040c9ccce3937b6ce244a82cd190c32c97
2023-05-09 08:05:17 +00:00
Eric Mc Sween
264bacab10
Merge pull request #12840 from overleaf/em-expire-project-git-bridge
...
Delete git bridge data when a project is expired
GitOrigin-RevId: 2f26af2f946ffd8c09f530a7eaadb37522d24a50
2023-05-09 08:05:00 +00:00
Jessica Lawshe
8be17cdb37
Merge pull request #12819 from overleaf/jpa-institutions-lookup
...
[web] migrate /institutions/ proxies to explicit V1 requests
GitOrigin-RevId: 535da280a6350dacbe2c957d2f2cedaeee02a48a
2023-04-28 08:04:34 +00:00
Eric Mc Sween
5b804ceefd
Merge pull request #12654 from overleaf/em-td-upload-filename-encoding
...
Fix filename encoding of project and file uploads
GitOrigin-RevId: e718c8f8f376772ee13c50c82d26848977e16eef
2023-04-19 08:03:13 +00:00
June Kelly
841df71a1d
Merge pull request #12342 from overleaf/jk-password-ux-please-use-another-password
...
[web] Password UX: 'Please use another password'
GitOrigin-RevId: ca9b26cbcf2dabb27c716da314764ee40ffc83dd
2023-04-12 08:04:13 +00:00
June Kelly
a140e3dc8c
Merge pull request #12269 from overleaf/jk-enable-password-similarity-check
...
[web] Enforce password similarity check
GitOrigin-RevId: 1bc4efebba401663c1db9d209dc560560f160ce0
2023-03-23 09:04:12 +00:00
Eric Mc Sween
21971956b7
Merge pull request #12219 from overleaf/em-camel-case-web
...
Camel case variables in web
GitOrigin-RevId: 28e61b759b27f71265f33ab64f588374dba610e0
2023-03-22 09:05:04 +00:00
Jakob Ackermann
03f45c02c3
Merge pull request #12276 from overleaf/jpa-batched-update-window
...
[web] add time based window queries to batchedUpdate
GitOrigin-RevId: e56c01b888cd9749f39d42b77de09bc3fe2d0ec1
2023-03-22 09:04:09 +00:00
Jakob Ackermann
e6a8f3d04f
Merge pull request #12297 from overleaf/jpa-primary-email-check-saas
...
[web] disable primary email check in Server CE/Pro
GitOrigin-RevId: be40160aecae7f19780a67e5cdd9356be232ee22
2023-03-21 09:05:45 +00:00
Jakob Ackermann
ccb0841a50
Merge pull request #12281 from overleaf/jpa-tweak-event-segmentation-filter
...
[web] tweak analytics event segmentation filter
GitOrigin-RevId: e00fef0ac74edfd7fbace33bf9289f1c6f905b57
2023-03-20 09:03:16 +00:00
Jakob Ackermann
fa5804a3cf
Merge pull request #12254 from overleaf/jpa-back-fill-doc-rev
...
[web] add script for back filling rev=1 for old (deleted) docs
GitOrigin-RevId: 62f5b773fb83ddbf9bb202a592ce2e8f33b5e6b2
2023-03-17 09:03:58 +00:00
Jakob Ackermann
3c9ace481d
Merge pull request #11855 from overleaf/jpa-fix-config
...
[web] fix access-token-encryptor config
GitOrigin-RevId: b16002159a3f0004e83ddb4b0cde3b33211184b3
2023-02-17 09:04:00 +00:00
Jakob Ackermann
dd906df7b7
Merge pull request #11360 from overleaf/jpa-encrypt-2fa-secret
...
[web] two-factor-authentication: encrypt the secret in the db
GitOrigin-RevId: 86642e13d917b239012229f685ad0210039a6706
2023-02-17 09:03:44 +00:00
June Kelly
53b78ad68b
Merge pull request #11590 from overleaf/jk-password-reset-ux-improvements
...
[web] Password Reset UX Improvements
GitOrigin-RevId: d62575ff965e045823bfb7268db892188cf709ed
2023-02-10 16:33:14 +00:00
June Kelly
ac83dd9bb3
Merge pull request #11353 from overleaf/jk-remove-deprecated-public-access-levels
...
[web] Disallow deprecated access levels from being set
GitOrigin-RevId: cf276e849692be210a2dc7d896820579efc46952
2023-02-02 09:02:59 +00:00
Eric Mc Sween
75abea72b0
Merge pull request #11492 from overleaf/em-rate-limiter
...
Move all remaining rate limiters to rate-limiter-flexible
GitOrigin-RevId: 163ab2aebecb281057e552dc75591dd02028990c
2023-01-31 09:03:44 +00:00
Eric Mc Sween
2dbc0e3b3d
Merge pull request #11489 from overleaf/em-fix-paypal
...
Set COOP header to same-origin-allow-popups
GitOrigin-RevId: c8c3751386addb307ee2caf59c228484e8e593c0
2023-01-27 09:05:43 +00:00
Tim Down
9ab12f3b44
Merge pull request #10966 from overleaf/td-add-coop-header
...
Upgrade Helmet to add some security-related response headers, including COOP
GitOrigin-RevId: fce8538b004f7b3ba6c6ca65ad311957d75b496a
2023-01-24 09:05:27 +00:00
Miguel Serrano
4a84922a2f
Merge pull request #11346 from overleaf/msm-config-history-v1-sp
...
Configuration changes for FPH in CE/SP
GitOrigin-RevId: 990eb0fa6158d4815740413da085759d2cc5e231
2023-01-20 14:13:46 +00:00
Mathias Jakobsen
e8c677f7ad
Merge pull request #11036 from overleaf/jpa-cdn-blocked-metric
...
[web] add metric for blocked cdn
GitOrigin-RevId: bee0fa5af0cc3c5d91deb64c8e32bb7e04dbcc2b
2023-01-05 09:04:04 +00:00
Mathias Jakobsen
38cc3394e3
Merge pull request #10793 from overleaf/mj-split-test-cleanup
...
Split test clean-up
GitOrigin-RevId: 7dd6178487022cbefcbc85797dacc3f3fbfa17e2
2022-12-21 09:04:04 +00:00
ilkin-overleaf
2675cab92e
Merge pull request #10394 from overleaf/ii-password-reset-and-strength-checking
...
[web] Password reset strength checking and UI updates
GitOrigin-RevId: 442a5c9e7e9d0a61d3ae649f3526bc3c02fd5704
2022-12-07 09:03:36 +00:00
Brian Gough
f8a1da1b47
Merge pull request #10715 from overleaf/jpa-web-share-mongo-pool
...
[web] share mongo connection pool between Mongoose and native db
GitOrigin-RevId: 8bb2a9dc76880144a8681cb564183906df624cc0
2022-12-02 09:04:02 +00:00
Brian Gough
4589a57774
Merge pull request #10637 from overleaf/bg-delete-user-from-dropbox
...
delete user data from dropbox
GitOrigin-RevId: d586c73b4500f4fe718927f537ae770356eaefc1
2022-11-29 09:04:33 +00:00
Jakob Ackermann
d4551dc7ce
Merge pull request #10442 from overleaf/jpa-convert-archived-trashed
...
[web] add migration for convert_archived_state script
GitOrigin-RevId: aeea3601a0c5f96e978c3f2a85458687d6d6678e
2022-11-15 09:07:09 +00:00
June Kelly
9e824ac93c
Merge pull request #9951 from overleaf/jk-audit-failed-login-attempts
...
[web] Audit failed login attempts
GitOrigin-RevId: 19325f808f77584891e1e12b5ed7aaa16aa6aec9
2022-10-20 08:03:44 +00:00
Eric Mc Sween
fe963ba692
Merge pull request #9956 from overleaf/em-node-fetch-web
...
Replace request-promise with fetch in web acceptance tests
GitOrigin-RevId: f50357cdea2d1353d7a82c5346b149018f91823f
2022-10-18 08:03:25 +00:00
Miguel Serrano
74f44e655a
Merge pull request #9617 from overleaf/msm-audit-log-collections
...
Move project/user audit logs to their own collections
GitOrigin-RevId: f6f89b3e2815c0fe5691a79eceb35b77b3c370d8
2022-09-30 08:04:17 +00:00
June Kelly
3288f87dbe
[web] Password set/reset: reject current password (redux) ( #8956 )
...
* [web] set-password: reject same as current password
* [web] Add 'peek' operation on tokens
This allows us to improve the UX of the reset-password form,
by not invalidating the token in the case where the new
password will be rejected by validation logic.
We give up to three attempts before invalidating the token.
* [web] Add hide-on-error feature to async forms
This allows us to hide the form elements when certain
named error conditions occur.
* [web] reset-password: handle same-password rejection
We also change the implementation to use the new
peekValueFromToken API, and to expire the token explicitely
after it has been used to set the new password.
* [web] Validate OneTimeToken when loading password reset form
* [web] Rate limit GET: /user/password/set
Now that we are peeking at OneTimeToken when accessing this page,
we add rate to the GET request, matching that of the POST request.
* [web] Tidy up pug layout and mongo query for token peeking
Co-authored-by: Mathias Jakobsen <mathias.jakobsen@overleaf.com>
GitOrigin-RevId: 835205cc7c7ebe1209ee8e5b693efeb939a3056a
2022-09-28 08:06:54 +00:00
Alf Eaton
c41c14c697
Remove deprecated grunt code ( #9506 )
...
GitOrigin-RevId: 2b19d73c593545aaa9f6eb88143d08c5df39a1be
2022-09-16 08:05:37 +00:00
Eric Mc Sween
19c73cbd73
Merge pull request #9563 from overleaf/em-tpds-merge-metadata
...
Return metadata from TPDS update endpoint in web
GitOrigin-RevId: 9154be67f7f975807c6e986a5d6fb66013c9a384
2022-09-13 08:05:50 +00:00
Alf Eaton
7c20e7701b
Remove mkdirp from web dependencies ( #7427 )
...
GitOrigin-RevId: b170371e538ca65fccd5c21f76dc25feec909190
2022-08-22 08:03:41 +00:00
Simon Detheridge
9953822175
Merge pull request #6661 from overleaf/spd-local-tests
...
Move acceptance test mocks to nonstandard ports and add options for running locally
GitOrigin-RevId: bd8f70ac8d80599daccc51cfe7b90a2ad8d8c3d8
2022-08-10 08:03:45 +00:00
Jakob Ackermann
e5e6be99f8
Merge pull request #9099 from overleaf/jpa-web-graceful-shutdown
...
[web] introduce graceful shutdown
GitOrigin-RevId: f42793a96f1e0304c57a855241bffa32bb291864
2022-08-05 08:03:27 +00:00
Timothée Alby
95a289b80b
Merge pull request #9009 from overleaf/ab-split-tests-saas-check
...
[web] Skip split test assignment logic when not in SaaS mode
GitOrigin-RevId: 4c370bbc78c5a6828207f3336dfa6af9f4d71e17
2022-07-29 08:04:03 +00:00
Timothée Alby
ff3e659fbb
Merge pull request #8897 from overleaf/ta-token-access-anonymous-redirect
...
Redirect Early on Anonymous Write Token Access Attempts
GitOrigin-RevId: 55e1839c3171a0a6a677ecca2f6bec87aad802bd
2022-07-29 08:03:45 +00:00
Timothée Alby
7f722a006c
Merge pull request #8571 from overleaf/ta-token-access-page
...
Require User Interaction on Token Access Page
GitOrigin-RevId: 2f4c00ba75ebd6bd87d3e770ec8223d736344f5b
2022-07-29 08:03:39 +00:00
Alexandre Bourdin
e9e36737e6
Merge pull request #8957 from overleaf/ab-split-test-controls-badge
...
[web] SplitTestBadge based on split test phase and badge config
GitOrigin-RevId: e178ca864fd6619ff61a2a84fc1ccb5d54e0a814
2022-07-26 08:04:28 +00:00
M Fahru
574d0eab12
Improve error message when a collaborator tries to refresh a linked file without access to the project ( #8884 )
...
* Improve error message when a collaborator tries to refresh a linked file without access to the project
* Move the AccessDeniedError hardcoded error message to translation file
* apply prettier
* remove period (dot) in test hardcoded string
* revert unintended changes
GitOrigin-RevId: 50a5bf46428a96e629e9091cc18068f3ee7084e3
2022-07-21 08:03:32 +00:00
Henry Oswald
5f1abee345
Merge pull request #8939 from overleaf/revert-8882-jk-web-reject-same-password
...
Revert "[web] Password set/reset: reject current password"
GitOrigin-RevId: f14f970fe93064658a8659537c5cb417e34e2751
2022-07-20 08:04:00 +00:00
June Kelly
d04ea76081
Merge pull request #8882 from overleaf/jk-web-reject-same-password
...
[web] Password set/reset: reject current password
GitOrigin-RevId: 2c40dda4926d9c68564ae5126b3393b9286bb661
2022-07-20 08:03:36 +00:00
Alexandre Bourdin
21c8b9a47a
Merge pull request #8426 from overleaf/ta-error-pages-style
...
Update General Error Pages Style
GitOrigin-RevId: 04346784c94d5ce6bf3257fd128a3f00da4c4e9e
2022-06-23 08:02:34 +00:00
Miguel Serrano
6549b93caa
Fixed tests by removing stdout checks that are no longer valid ( #8337 )
...
* Fixed tests by removing stdout checks that are no longer valid
script verbosity was updated in c73b46599b
, this checks are no longer valid. After the deleted line there's an extra check that should be good enough for the test case.
GitOrigin-RevId: 2756d11cad97fdbeca44f35c24ee192e582a52c1
2022-06-09 08:02:27 +00:00
Eric Mc Sween
e0ab82e3d4
Merge pull request #8035 from overleaf/em-remove-chaid
...
Remove the chaid package from tests
GitOrigin-RevId: 61b541eebcf1982137aa10ad51940547c649e68d
2022-05-23 08:04:07 +00:00