Henry Oswald
7fd29b18a8
destroy users session before creating a new one for them after login
...
session changed to prevent against fixation attacks
2015-07-01 15:29:02 +01:00
Henry Oswald
4f0b922a5d
changed name used when project or file uploaded, this changed when
...
we started using https://github.com/expressjs/multer
* originalname - Name of the file on the user's computer
* name - Renamed file name
2015-07-01 15:28:49 +01:00
Henry Oswald
15a57f5dc4
removed req.session.destorys from endpoints now on the api router which are not needed
2015-07-01 15:26:05 +01:00
Henry Oswald
2ec925b45e
fairy removed from web, makes http request to tpds worker now
2015-06-22 22:33:04 +01:00
Henry Oswald
33aa5c732f
if a domain licence link has expired render a nice message explaining they need to retry
2015-06-01 12:43:42 +01:00
Henry Oswald
d3f6c0c614
Merge branch 'user-csv' of git://github.com/heukirne/web-sharelatex into heukirne-user-csv
2015-05-29 12:17:54 +01:00
Henry Oswald
e4011b9ba1
Merge branch 'emailverification'
2015-05-29 12:10:02 +01:00
Henrique Dias
f709ddf3eb
add csv export unit tests
2015-05-28 17:22:49 -03:00
Henry Oswald
43c4531e51
kill off CollaboratorsHandler. changeUsersPrivilegeLevel as it is not used anywhere
2015-05-28 13:02:08 +01:00
Henry Oswald
b657c5207e
cleaned up the views a bit
2015-05-27 21:45:29 +01:00
Henry Oswald
22b94e9246
renamed SubscriptionDomainAllocator -> SubscriptionDomainHandler
2015-05-27 20:57:54 +01:00
Henry Oswald
4773d6d22f
added tests around new endpoints for joining groups
2015-05-27 20:50:16 +01:00
Henry Oswald
f27c072ae1
pull logic checking if user is already part of a group out of controller into handler
2015-05-27 16:33:47 +01:00
Henry Oswald
72e528e9d1
if you are alread in the group show the custom group page
2015-05-27 15:50:28 +01:00
Henry Oswald
79fa49a43d
if a user is elelable to be part of a group subscription and they go to
...
/user/subscription it should redirect them to the group subscription invite
2015-05-27 15:35:31 +01:00
Henry Oswald
841231dbf8
make PasswordResetTokenHandler generic so it can be used for invites
2015-05-26 15:24:09 +01:00
Brian Gough
e51cdb81bd
port leak fixes from smoke-test-sharelatex module
2015-05-26 10:54:55 +01:00
Brian Gough
cc9c8fdc94
freeze Date in Recurly tests before all calls
...
beforeEach freezes and resets for each subtest, which does not give
the desired result as the time increases between each subtest, we want
to freeze once at the beginning and reset at the end using before/after.
2015-05-19 15:00:30 +01:00
Henry Oswald
f5c39efcac
patched xss hole with messages not setting the content type correctly
2015-05-19 11:04:52 +01:00
Brian Gough
3051d7dab6
modify LockManager test to avoid dependence on timing
2015-05-18 09:14:28 +01:00
Henry Oswald
9764ab258b
added complex password validation to password resets
2015-04-30 12:05:46 +01:00
Henry Oswald
a7640b5bbd
changed authentication controller to use req.parsedUrl.pathname as query strings on req.url were breaking the whitelist
2015-04-30 11:57:40 +01:00
Henry Oswald
6669884f44
Merge branch 'tpds-cleanup'
2015-04-23 10:06:26 +01:00
Henry Oswald
7a46b98c82
fixed unit tests for deleting files sent from tpds
2015-04-22 15:08:29 +01:00
James Allen
5c30a7de67
Add in option for global login requirement (defaults to on)
2015-04-15 11:14:53 +01:00
James Allen
893ff85521
Don't allow password resets for holding accounts
2015-04-14 13:11:49 +01:00
James Allen
185514ea35
Fix failing unit test
2015-03-19 16:41:09 +00:00
James Allen
9b8cf7bcfa
Remove public registration and require that a user be registered by an admin
2015-03-19 14:22:48 +00:00
James Allen
93a088618a
Return proper error from registration handler
2015-03-18 16:19:48 +00:00
James Allen
cb948fede2
Move email sending into registration controller
2015-03-18 15:57:01 +00:00
Henry Oswald
fe3b9bf07a
clients can not rename docs/files/folders to blank name.
...
Client and server side checks added
2015-03-04 11:10:59 +00:00
Brian Gough
0ff5f54bf6
fix unit test for build parameter
2015-03-02 15:33:45 +00:00
Brian Gough
0315954b47
Merge branch 'master' into support-cached-pdfs
2015-03-02 09:20:00 +00:00
Brian Gough
a64b8724bd
include the build parameter in the compile unit tests
2015-02-26 16:21:44 +00:00
Henry Oswald
a9660a3a07
add err and null project test for locating project element
2015-02-18 21:57:21 +00:00
Henry Oswald
f8e3fa6308
increase the auto compile limit a little
2015-02-18 21:57:21 +00:00
James Allen
1a7d4f6be1
Fix smoke tests
2015-02-17 11:21:14 +00:00
James Allen
8e13ded360
Regenerate the session id after logging in or registering
2015-02-13 11:18:17 +00:00
James Allen
50048a53b5
Don't throw an exception if there is an error with unzip
2015-02-11 11:34:49 +00:00
James Allen
001a5d751b
Pull out templates logic into its own module
2015-02-10 11:24:34 +00:00
James Allen
6c387edbe2
Remove Dropbox front end logic from main sharelatex repo
2015-02-05 18:20:34 +00:00
James Allen
d7afb4e513
Clean up unused real-time code in web
2015-02-05 16:37:37 +00:00
James Allen
366a0403a6
Clear rate limit in smoke tests
2015-02-05 10:18:18 +00:00
James Allen
e35d80211e
Log when rate limit is hit
2015-02-05 09:52:40 +00:00
James Allen
4235c90623
Add in rate limit to opening projets
2015-02-04 15:05:35 +00:00
Henry Oswald
0a64c1c8ac
on register try and auto allocate a group licence if one exists
2015-01-27 18:22:51 +00:00
Henry Oswald
3360b3c35a
added basic domain allocation feature
2015-01-27 18:09:56 +00:00
Henry Oswald
00810eaf21
Merge branch 'recurlyv3'
2015-01-19 13:51:02 +00:00
Henry Oswald
7e64b88fcf
fix cancel subscription on delete user
2015-01-02 10:37:59 +00:00
Henry Oswald
a7eb836c79
redirect to /thank-you on success and fix broken unit test from a few commits ago
2014-12-22 16:37:09 +00:00