Simon Detheridge
85f097343f
Merge pull request #1022 from sharelatex/spd-no-github-for-new-users
...
Don't add old v1 features for new accounts
2018-10-15 15:28:34 +01:00
Tim Alby
e646c5c42a
refactor to use config file
2018-10-15 14:46:38 +02:00
Brian Gough
a640397052
make project names unique for zip uploads and template imports
2018-10-15 09:33:39 +01:00
Brian Gough
59cf0aa3cb
fix bug in call to findAllUsersProjects
2018-10-15 09:33:39 +01:00
Simon Detheridge
48995d2d44
Don't add old v1 features for new accounts
...
Introduces the notion of v1 'grandfathered features', specifically Gihub and Mendeley integration. This allows us to create new v1 accounts for new users without them automatically getting the new features.
Requires a settings change in `settings.web.sl.coffee` to disable these features by default for v1 accounts.
bug: overleaf/sharelatex#1014
2018-10-12 17:45:57 +01:00
Hugh O'Brien
b825f0b267
Merge branch 'master' into hb-v2-affiliations-callback
2018-10-11 17:14:35 +01:00
Paulo Reis
901fb0fc1e
Unit test brand variation id.
2018-10-10 14:09:47 +01:00
Paulo Reis
29787c42c5
Read brand variation id from v1-crafted links; set brand variation id for projects created from v1 templates.
2018-10-10 14:09:47 +01:00
Paulo Reis
a380feab98
Add brand variation id to the Project model.
2018-10-10 14:09:47 +01:00
Simon Detheridge
ea2782ff22
Merge pull request #1005 from sharelatex/spd-no-more-asterisks
...
Sanitize paths in all relevant ProjectEntityHandler methods
2018-10-10 10:44:13 +01:00
Ersun Warncke
7652e80800
add account merge error
2018-10-09 09:47:03 -04:00
Tim Alby
48e5c6b523
add UserMembership logic
2018-10-09 12:09:11 +01:00
Simon Detheridge
56dcbefb5b
Check for safe paths in all ProjectEntityHandler methods
...
Some import mechanisms (for example, Github project import) call methods such as 'upsert*' directly, bypassing existing filename checks.
Added checks to all methods in ProjectEntityHandler that can create or rename a file.
bug: overleaf/sharelatex#908
Signed-off-by: Simon Detheridge <s@sd.ai>
2018-10-08 15:31:04 +01:00
Simon Detheridge
e66210d2af
Add method to sanitize full paths
...
For convenience, add a method to SafePath to break a path into components and verify the status of each one.
bug: overleaf/sharelatex#908
Signed-off-by: Simon Detheridge <s@sd.ai>
2018-10-08 14:48:17 +01:00
Simon Detheridge
9c189303c1
Merge pull request #1002 from sharelatex/spd-email-cta-links
...
Add additional CTA link to emails
2018-10-08 13:56:21 +01:00
Simon Detheridge
af9c9517f3
Merge pull request #999 from sharelatex/as-validate-password-length
...
Validate password length
2018-10-08 13:55:25 +01:00
hugh-obrien
f6307f9086
store reversedHostname property and update test accordingly
2018-10-08 13:37:12 +01:00
hugh-obrien
3919acad46
store reversed hostname and review fixes for v2 university domain confirmation
2018-10-08 12:08:29 +01:00
Jessica Lawshe
f04212c96f
Merge pull request #995 from sharelatex/ta-remove-confirmed-field
...
remove unused confirmed field from user model
2018-10-08 11:43:42 +01:00
Alasdair Smith
e129172553
Fix ordering of boolean check to be more readable
2018-10-08 11:25:24 +01:00
Alasdair Smith
04572f61bb
Fix copy/paste error
2018-10-08 10:44:26 +01:00
Alasdair Smith
676557a051
Refactor to validate in AuthenticationManager
2018-10-08 10:44:25 +01:00
Alasdair Smith
44c86b3769
Refactor to use password strength options
2018-10-08 10:44:25 +01:00
Alasdair Smith
bf60fe7f6c
Add error handling for InvalidError
2018-10-08 10:44:25 +01:00
Alasdair Smith
e99165b475
Validate password length when registering
2018-10-08 10:44:25 +01:00
Hugh O'Brien
cc962c3e6f
Merge pull request #978 from sharelatex/hb-use-exports-for-pdf-from-publish-modal
...
Generic Zip or Pdf Exports endpoint
2018-10-08 10:13:18 +01:00
hugh-obrien
65ecdf84f4
cleanup and tests for v2 affiliations confirmation
2018-10-07 16:40:26 +01:00
hugh-obrien
af3cc01496
Lookup users by email hostname using new field
2018-10-06 17:22:39 +01:00
hugh-obrien
026f7eebcd
Setting up hostname field and institution domain confirmation endpoint
2018-10-06 15:57:25 +01:00
Simon Detheridge
286f25529a
Remove secondary CTA link from account merge confirmation email
...
bug: sharelatex/web-sharelatex-internal#987
Signed-off-by: Simon Detheridge <s@sd.ai>
2018-10-05 13:19:05 +01:00
Simon Detheridge
d316a76106
Revert "add plain text link to email address confirmation emails"
...
This reverts commit 48cd7e604dcc5f3b7ae8eb699f14b44bc073f107.
2018-10-05 13:16:42 +01:00
Simon Detheridge
a2ef0e1ae5
Add additional CTA link to emails
...
Some mail clients don't show the CTA button correctly, or at all. Add an additional, smaller link to the bottom of the email for people who can't see the button.
bug: sharelatex/web-sharelatex-internal#987
Signed-off-by: Simon Detheridge <s@sd.ai>
2018-10-05 12:04:00 +01:00
Shane Kilkelly
4c2a90966a
Merge pull request #918 from sharelatex/sk-enable-sudo-mode-in-v2
...
Enable sudo-mode for v2
2018-10-05 10:05:24 +01:00
Simon Detheridge
2b8ce379f8
Lookup correct compiler when importing v1 templates
...
bug: overleaf/sharelatex#981
Signed-off-by: Simon Detheridge <s@sd.ai>
2018-10-04 16:42:03 +01:00
Shane Kilkelly
2c47da553b
Add an error log if activating sudo-mode on login fails
2018-10-04 15:05:40 +01:00
Shane Kilkelly
778abaff6e
Remove stray log
2018-10-04 15:05:40 +01:00
Shane Kilkelly
2ef23194df
WIP: trying to get acceptance tests to pass
2018-10-04 15:05:40 +01:00
Shane Kilkelly
f9ed367148
Move the auth mechanism for sudo-mode into SudoModeHandler
2018-10-04 15:05:40 +01:00
Shane Kilkelly
254d74899b
WIP: enable sudo-mode for v2
2018-10-04 15:05:40 +01:00
Chrystal Maria Griffiths
e932eb074b
Merge pull request #992 from sharelatex/as-fix-mathjax
...
Fix mathjax incorrectly loading config
2018-10-04 15:01:05 +01:00
Chrystal Griffiths
13843f82a0
Use settings appName
2018-10-04 09:57:51 +01:00
Tim Alby
5ff66187a0
remove unused confirmed field from user model
2018-10-03 16:01:30 +01:00
Ersun Warncke
752658f773
Merge pull request #990 from sharelatex/ew-use-v1-doc-info-api
...
Use v1 Doc Info API for Token Access
2018-10-03 09:22:41 -04:00
Timothée Alby
e3cfa36b56
Merge pull request #984 from sharelatex/ta-email-cta-link
...
add plain text link to email address confirmation emails
2018-10-03 14:20:05 +01:00
Timothée Alby
c74c782cee
Merge pull request #961 from sharelatex/ta-account-sync-affiliations
...
Add getInstitutionsPlan Function
2018-10-03 14:19:56 +01:00
Alasdair Smith
fb8ed890f9
Correctly load Safe mathjax extention using provided config
2018-10-03 11:52:33 +01:00
Brian Gough
2b738907aa
Merge pull request #989 from sharelatex/bg-clean-up-broken-project-on-error
...
clean up broken project on error in ProjectDuplicator
2018-10-03 10:04:30 +01:00
Ersun Warncke
642b45d0d6
use v1 doc info api
2018-10-02 11:16:46 -04:00
Alasdair Smith
f90dd1b49a
Merge pull request #986 from sharelatex/as-sign-in-from-v2-post
...
Remove POST /docs custom handler, now handled by redirects
2018-10-02 14:06:57 +01:00
Brian Gough
4621234220
clean up broken project on error in ProjectDuplicator
2018-10-02 12:14:22 +01:00
Alasdair Smith
062f26dda3
Remove POST /docs custom handler, now handled by redirects
...
Implementing a system for signing into v1 via v2 using POSTs so the
unauthenticated route is no longer necessary
2018-09-28 14:11:38 +01:00
Tim Alby
4e9737bf71
add plain text link to email address confirmation emails
2018-09-28 13:36:31 +01:00
Alasdair Smith
1330c8da73
Also check if v1 project exported if not found for read-only tokens
2018-09-28 11:47:14 +01:00
Alasdair Smith
435fe11115
Check if v1 project was exported if not found
...
This prevents a redirect loop for projects which were exported but then
deleted on v2. v2 would not find the project, redirect to v1, which
would find that it was exported and redirect back to v2.
2018-09-28 11:47:14 +01:00
Brian Gough
6d5908f2f4
Merge pull request #893 from sharelatex/ja-fix-duplicate-text-in-email
...
Don't include the license name twice in invite emails
2018-09-28 11:15:40 +01:00
Brian Gough
1f6abd4e69
fix invalid project names when opening templates
2018-09-28 10:38:25 +01:00
Brian Gough
8f8694ad94
iterate over owned projects in a more robust way
2018-09-28 09:48:15 +01:00
Brian Gough
6b80d3563d
add support for creating unique project names
2018-09-28 09:48:15 +01:00
Alasdair Smith
45bd46bc01
Merge pull request #977 from sharelatex/as-encode-auth-with-v1-query-strings
...
Encode redirects which will auth with v1 first
2018-09-28 09:45:54 +01:00
hugh-obrien
52859cdfaa
make the zip fetching endpoint for exports generic to either zips or pdfs
2018-09-27 16:11:11 +01:00
Alasdair Smith
4f2c91a59a
Add new redirect option to auth with v1, which will urlencode the query string
...
This is necessary for the GET /docs endpoint, which can be used to send
urls as part of query parameters. If these are not encoded before
redirecting, they can become corrupted.
2018-09-27 12:19:16 +01:00
James Allen
0cb563816d
Don't enable legacy blog in v2
2018-09-27 10:56:14 +01:00
Alasdair Smith
c2ecccfa02
Use correct setting
2018-09-26 17:35:55 +01:00
Alasdair Smith
f2fa83a218
Fix /teams redirect using wrong setting
2018-09-26 17:04:40 +01:00
Alasdair Smith
9c0a888d11
Add custom redirect for /docs
...
We want to redirect POST and GET to different locations, but this is
unsupported by RedirectManager. Therefore we redirect GETs with
RedirectManager and POSTs with this custom route.
2018-09-26 17:04:40 +01:00
Ersun Warncke
7b90fcb186
Merge pull request #969 from sharelatex/ew-check-doc-token-access
...
check access for doc on read only token
2018-09-25 08:35:56 -04:00
Ersun Warncke
eeed857dd9
change api path
2018-09-25 06:45:27 -04:00
Ersun Warncke
f0c0834b0f
only do v1 access check when api config present
2018-09-25 05:42:04 -04:00
James Allen
1d657e1700
Merge pull request #968 from sharelatex/ja-show-register-button
...
Show register button on OL v2
2018-09-25 10:25:38 +01:00
James Allen
e2f90ba01a
Merge pull request #966 from sharelatex/as-no-project-token-based
...
Redirect logged out users to v1 if project is not found from token based url
2018-09-25 10:25:30 +01:00
Alasdair Smith
298ee2dbb4
Fix v1 return to path
2018-09-25 10:06:24 +01:00
Alasdair Smith
ca895ae1b1
Redirect to v1 via sign in link
2018-09-25 09:37:22 +01:00
Brian Gough
89ba3912c0
Merge pull request #964 from sharelatex/csh-issue-963-MultipleProjectDownloads
...
Replace ShareLaTeX with Overleaf in name of multiple project download file
2018-09-25 09:33:53 +01:00
Brian Gough
5947294016
Merge branch 'bg-support-main-file-for-templates'
2018-09-25 09:32:14 +01:00
Brian Gough
0d4143205d
strip quotes from mainFile
2018-09-25 09:05:49 +01:00
James Allen
19b97e953f
Show register button on OL v2
2018-09-25 08:29:34 +01:00
Ersun Warncke
f89e85231a
check access for doc on read only token
2018-09-24 18:03:28 -04:00
Alasdair Smith
d6350c963e
Remove projectExists flag from higher access check
...
Now that find project by read and read/write token methods check whether
the project exists, it is not neccessary to check whether the project
exists in the higher access check. Therefore it has been removed
2018-09-24 19:00:10 +01:00
Alasdair Smith
99dec02266
If no project found for read/write token, redirect to v1
2018-09-24 19:00:10 +01:00
Alasdair Smith
237810509a
If no project found for read token, redirect to v1
2018-09-24 19:00:10 +01:00
Christopher Hoskin
5c35cc9593
Replace ShareLaTeX with Overleaf in name of multiple project download file ( Closes : #963 )
2018-09-24 16:33:54 +01:00
Brian Gough
418bc10a18
allow getting doc paths by project id
2018-09-24 16:04:23 +01:00
Brian Gough
586e3814fe
add missing require
2018-09-24 15:27:16 +01:00
Brian Gough
2692090f3f
support a mainFile parameter for templates
2018-09-24 15:27:16 +01:00
Tim Alby
51c5228288
add getInstitutionsPlan function
2018-09-24 13:16:31 +01:00
hugh-obrien
5f4a36ca26
remove debug line
2018-09-24 10:49:01 +01:00
hugh-obrien
c0b32f031e
force gallery items to use legacy OL v1 texlive image
2018-09-24 10:49:01 +01:00
James Allen
772ac42005
Fix messed up rebase
2018-09-21 10:42:20 +01:00
Alasdair Smith
3462b8042e
Add /chrome redirect to match v1 behaviour
2018-09-21 10:35:43 +01:00
James Allen
2d9cadb487
Merge pull request #935 from sharelatex/as-teams-redirect
...
Add route to handle /teams similar to v1
2018-09-21 08:37:10 +01:00
Jessica Lawshe
488886c1d2
Merge pull request #929 from sharelatex/jel-homepage
...
Add Homepage
2018-09-20 09:01:13 -05:00
Jessica Lawshe
d2af2fb630
Merge pull request #927 from sharelatex/jel-plans-updates
...
Plans page updates
2018-09-20 09:00:58 -05:00
Jessica Lawshe
d023150b0f
Add v2 homepage
...
Specific homepage filenames and redirect to login when not found
Move variables to shared file
Move circle image styling to shared file
Leaving float on plans page because of some layout differences
2018-09-20 08:57:07 -05:00
Hugh O'Brien
b377b89447
Merge pull request #933 from sharelatex/bg-avoid-exception-for-no-emails
...
fix exception when user has no emails field
2018-09-19 11:33:03 +01:00
Shane Kilkelly
e1c3689aec
Update the email-merge email template
2018-09-19 09:28:59 +01:00
Shane Kilkelly
2ec7747b60
Add a help link to the account-merge email in case of error
2018-09-19 09:28:59 +01:00
Shane Kilkelly
c95d925d56
When regenerating session, don't copy the __tmp
key
2018-09-19 09:28:59 +01:00
Shane Kilkelly
c9e3418049
Working overleaf-side of account-merge
2018-09-19 09:28:59 +01:00
Shane Kilkelly
fcfcbdb4c5
Remove dead code
2018-09-19 09:28:59 +01:00
Shane Kilkelly
677b3c759d
Remove old controller
2018-09-19 09:28:59 +01:00
Shane Kilkelly
843f1c6b35
Move AccountMergeEmailController to integration module
2018-09-19 09:28:59 +01:00
Shane Kilkelly
54a5c563fb
Address feedback
2018-09-19 09:28:59 +01:00
Shane Kilkelly
5e17dfd1cb
Also add the final email to the array of emails on the account
2018-09-19 09:28:59 +01:00
Shane Kilkelly
efb6018246
Add a rate-limit to the email-confirm endpoint
2018-09-19 09:28:59 +01:00
Shane Kilkelly
6cfe68db26
Roughly working account-merge-by-email callback endpoint
2018-09-19 09:28:59 +01:00
Shane Kilkelly
958c7a19b6
Add a skeleton of a callback endpoint for merging accounts via email
2018-09-19 09:28:59 +01:00
Shane Kilkelly
ba221a1135
WIP: add email-based account merge flow to ShareLaTeX
2018-09-19 09:28:59 +01:00
Alasdair Smith
bdcc25805e
Add route to handle /teams similar to v1
2018-09-18 17:14:37 +01:00
Brian Gough
02854274a7
2018-09-18 14:09:05 +01:00
Timothée Alby
b16cffe587
Merge pull request #932 from sharelatex/as-redirect-query-string
...
Support passing through query params in redirects
2018-09-18 12:35:21 +01:00
Timothée Alby
b6925647ef
Merge pull request #922 from sharelatex/ta-forbid-null-query
...
Prevent Calls to UserGetter.getUser with Null Query
2018-09-18 12:24:19 +01:00
Alasdair Smith
7e358ab318
Support passing through query params
2018-09-18 11:34:04 +01:00
hugh-obrien
6f00d1f45a
send required export fields for s1 submission
2018-09-18 10:05:35 +01:00
Jessica Lawshe
6fc7468b02
Thousands of templates
2018-09-17 10:47:57 -05:00
James Allen
15103ac894
Support the same URL with multiple methods in redirects
2018-09-17 15:38:58 +01:00
James Allen
40f08d1592
Add additional functionality to RedirectManager
2018-09-17 15:38:45 +01:00
Alasdair Smith
42cef8e393
Merge pull request #920 from sharelatex/mm-gallery-exports
...
Add gallery fields to export controller and handler
2018-09-17 09:42:26 +01:00
Alasdair Smith
e1e7091f30
Merge pull request #905 from sharelatex/as-project-intelligent-redirect
...
Intelligently redirect to v1 if no v2 project found
2018-09-17 09:40:52 +01:00
Tim Alby
41b92d4647
prevent calls to UserGetter.getUser with null query
2018-09-14 12:46:00 +01:00
Michael Mazour
79dc415064
Slightly refactor exports controller body handling
...
1. Move all body parsing together
2. Remove `firstName && lastName` condition, which duplicates one present in the Handler.
2018-09-14 11:02:51 +01:00
Michael Mazour
10fcdd6daf
Add optional gallery fields to export request
...
Support the optional (well, gallery-only) fields `title`, `description`, `author`, `license`, and `show_source` in export requests.
2018-09-14 11:02:51 +01:00
Tim Alby
0051e59309
remove unused call to UserGetter.getUser
2018-09-13 17:39:30 +01:00
James Allen
ef11161ddb
Revert "Record and show last modified by user for projects"
2018-09-13 14:00:30 +01:00
Alasdair Smith
f37040e4a4
Only redirect if has overleaf setting
2018-09-13 12:09:19 +01:00
Alasdair Smith
8a969d1c25
Redirect directly from controller instead of via handler
2018-09-13 12:09:19 +01:00
Alasdair Smith
9d600afdf8
Fix failing tests for token access
...
If project was changed from token access to private, then we want to
404 on v2 (not redirect to v1). So the logic was changed to check if the
project exists and if it does then a 404 is returned. If it does not
then it redirects to v1.
2018-09-13 12:09:19 +01:00
Alasdair Smith
24495f3340
Also redirect not found read tokens to v1
2018-09-13 12:09:19 +01:00
Alasdair Smith
e0ce988d32
Intelligently redirect to v1 if no v2 project found for token
2018-09-13 12:09:19 +01:00
James Allen
ab10336110
Record last update time and user from project-history
2018-09-13 10:38:52 +01:00
Hugh O'Brien
24c479e984
Merge pull request #885 from sharelatex/hb-ip-matcher-notifications
...
IP matcher affiliation CTA notifications
2018-09-13 08:59:25 +01:00
Brian Gough
6d54e843e8
fix typo in Errors, only two underscores in __proto__
2018-09-12 10:45:50 +01:00
Ersun Warncke
7d3e17651f
set options and method for request, pass cookies and form body
2018-09-10 06:10:36 -04:00
hugh-obrien
1e04a09ec6
remove unnecessary error returns and ip fetching
2018-09-07 18:15:32 +01:00
hugh-obrien
8ef90a0dcb
move call for creating ip matched notifcation to project controller
2018-09-05 15:40:59 +01:00
Jessica Lawshe
a4956294c1
Remove plans redirect
2018-09-05 08:14:05 -05:00
Tim Alby
9ec60a128a
add userHasSubscriptionOrIsGroupMember alias
2018-09-05 11:37:37 +01:00
hugh-obrien
23e6292fd7
updating tests for ip matcher logic
2018-09-05 11:22:26 +01:00
hugh-obrien
f20d27986b
create ip match notifications without forcing replacement
2018-09-05 11:22:26 +01:00
hugh-obrien
d950e14b3f
use new routes and params from v1 ip matcher endpoint
2018-09-05 11:22:26 +01:00
hugh-obrien
bf2ea4e7b3
test against ip matcher for notification on login if different from previous ip
2018-09-05 11:22:26 +01:00
hugh-obrien
38faa5c25e
correctly create and display ip matched affiliations
2018-09-05 11:22:25 +01:00
hugh-obrien
fa23ea75b8
Call university ip matcher api when checking notifications
2018-09-05 11:22:25 +01:00
James Allen
24f60bf791
Don't include the license name twice in invite emails
2018-09-05 11:05:38 +01:00
Shane Kilkelly
d432b6799f
Merge pull request #888 from sharelatex/ta-v1-subscription-check-fix
...
Don't Regard v1 Teams as Paid Subscriptions
2018-09-05 10:22:46 +01:00
Ersun Warncke
e4e6a0fa1b
add new tag methods
2018-09-03 10:40:28 -04:00
Tim Alby
3324796086
don't regard v1 teams as paid subscriptions
...
- use `userHasV1Subscription` instead of `userHasV1SubscriptionOrTeam` in `LimitationsManager.userHasSubscriptionOrIsGroupMember `
- remove `userHasV1SubscriptionOrTeam`
- rename `LimitationsManager.userHasSubscriptionOrIsGroupMember` to `LimitationsManager.hasPaidSubscription`
- rename some variables for clarity
2018-09-03 15:09:57 +01:00
James Allen
5025b54c9c
Merge pull request #887 from sharelatex/as-logout-of-v1
...
Extract logout to function, so different redirect can be called
2018-09-03 14:04:22 +01:00
Alasdair Smith
53bd2cfd33
Add error handling on logout
2018-09-03 11:46:36 +01:00
Alasdair Smith
6569e34873
Extract logout to function, so different redirect can be called
2018-09-03 11:01:14 +01:00
Paulo Reis
af4094a88c
Use CSS hashed paths when hot-swapping themes.
2018-09-02 14:44:15 +01:00