Shane Kilkelly
1cedfed1e4
Merge branch 'master' into sk-unlisted-projects
2017-11-02 10:10:09 +00:00
Shane Kilkelly
d8486afe5d
Account for higher-access in the token read-only path too
2017-11-01 14:01:00 +00:00
Shane Kilkelly
9984ab081e
Generalise the higher-access logic for read-write token path
2017-11-01 11:50:04 +00:00
Brian Gough
dcdcbd8388
exit if mock servers fail to start
2017-10-20 16:00:52 +01:00
Shane Kilkelly
0e44b319db
Change anonToken
and such to anonymousAccessToken
2017-10-20 10:10:21 +01:00
Shane Kilkelly
22795981b9
Add tests to check when tokens are never activated
2017-10-19 15:22:44 +01:00
Shane Kilkelly
7d2bde85ff
Add a setting to enable anonymous read-and-write link sharing
2017-10-18 13:04:37 +01:00
Shane Kilkelly
5fb86441f6
Add acceptance tests for private-overleaf-project
...
... when accessed via the read-write token by the owner
2017-10-16 14:15:50 +01:00
Shane Kilkelly
29a584996f
Flesh out acceptance tests for token access
2017-10-06 16:26:47 +01:00
Shane Kilkelly
b5bed1837e
Start acceptance tests for token-based access
2017-10-06 15:58:03 +01:00
James Allen
23bd840796
Fix MockDocStoreApi name
2017-09-27 10:53:00 +02:00
James Allen
1502da85cf
Set up acceptance tests to run in docker container
2017-09-27 10:37:20 +02:00
Shane Kilkelly
7dc759482c
Fix how adding user to project works in acceptance tests
2017-09-21 11:43:16 +01:00
Henry Oswald
a7217f1d37
Merge branch 'ho-csrf-acceptence-tests'
2017-09-15 13:50:17 +01:00
Tim Alby
a04adbf132
remove extra security headers
2017-09-13 11:53:11 +02:00
Tim Alby
d6834ff417
add security headers using Helmet
...
- use all Helmet's default headers except `X-DNS-Prefetch-Control`
- use `Referrer-Policy`
- use cache headers when:
- a user is logged in, OR
- a project is displayed
2017-09-12 11:17:59 +02:00
Shane Kilkelly
7bb4638186
Restore user features to default after acceptance test.
...
Fixes an issue that could come up when running the tests
several times.
2017-09-01 14:45:54 +01:00
Shane Kilkelly
c170de7a4f
Add unit test to cover project features.
2017-09-01 13:28:11 +01:00
Henry Oswald
d4b0c740c2
added csrf acceptence tests
2017-08-29 17:45:16 +01:00
Shane Kilkelly
25e0a19350
Make confirm-password routes more restful
2017-05-16 11:51:06 +01:00
Shane Kilkelly
b09a41c557
Fix acceptance tests
2017-05-10 13:45:53 +01:00
Shane Kilkelly
635b935acc
Add an acceptance test for login rate limits, cleanup
2017-01-16 11:46:59 +00:00
Shane Kilkelly
22101d0305
If user is sent to login page with explicit redirect, obey
2016-11-24 11:38:13 +00:00
Shane Kilkelly
8089bb55a4
use session for the post-login redirect, remove redir
query string.
2016-11-22 14:24:36 +00:00
Shane Kilkelly
b212c00311
Fix acceptance tests, use the correct method of getting redis key.
2016-11-14 16:33:54 +00:00
Shane Kilkelly
5f3098df38
Replace multi-ops with Async.series, tests passing
2016-11-09 11:03:03 +00:00
Shane Kilkelly
0f65e98566
add acceptance test for clearing sessions
2016-10-10 10:55:45 +01:00
Shane Kilkelly
b497182557
Add an acceptance test for registration and login
2016-09-27 11:55:51 +01:00
Shane Kilkelly
6e8185aeaf
Merge branch 'master' into sk-passport
2016-09-23 10:28:35 +01:00
Shane Kilkelly
6c716ca252
Fix acceptance tests by updating invite-accept url
2016-09-23 10:28:17 +01:00
Shane Kilkelly
a3ace1fccd
Increase timeout because slow tests
2016-09-22 11:33:54 +01:00
Shane Kilkelly
3a5b3a8e8d
wip: acceptance tests working
2016-09-06 15:55:34 +01:00
Shane Kilkelly
b0a10c948c
wip refactor
2016-09-06 15:22:13 +01:00
Shane Kilkelly
da40f54d55
Improve logging, add acceptance tests for joinProject json
2016-08-16 11:17:45 +01:00
Shane Kilkelly
3cec6affab
Test creating two invites at once
2016-08-10 15:24:09 +01:00
Shane Kilkelly
5351e79c7a
Test creating, listing and revoking invites as owner
2016-08-10 14:39:27 +01:00
Shane Kilkelly
9787edd716
Add more assertions about project access
2016-08-01 15:55:56 +01:00
Shane Kilkelly
9e0ff3f628
test when the token is invalid
2016-08-01 15:21:06 +01:00
Shane Kilkelly
495bc1bcd3
Refactor
2016-08-01 15:16:10 +01:00
Shane Kilkelly
8af1a7b17a
Test login workflow
2016-08-01 15:16:03 +01:00
Shane Kilkelly
263822d665
Also parse out login url
2016-08-01 13:54:49 +01:00
Shane Kilkelly
5f1aa4cc58
test registration with invalid token
2016-08-01 13:30:43 +01:00
Shane Kilkelly
69bd954001
test the registration workflow
2016-08-01 12:14:34 +01:00
Shane Kilkelly
5159cdd0e9
Test when the user recieves second invite to project
2016-08-01 10:57:20 +01:00
Shane Kilkelly
545ce79c71
Test clicking the invite after already accepting
2016-08-01 10:14:08 +01:00
Shane Kilkelly
9c530e1bb6
rename test case
2016-08-01 10:04:42 +01:00
Shane Kilkelly
74c824edde
Test redirect to /register when user not logged in
2016-08-01 09:59:30 +01:00
Shane Kilkelly
7a8142a43c
remove extraneous body
parameter
2016-08-01 09:06:02 +01:00
Shane Kilkelly
39fc611964
Revoke invite after each test
2016-07-29 13:55:08 +01:00
Shane Kilkelly
e7c1f7f0fc
Refactor, deduplicate tests
2016-07-29 13:39:18 +01:00