Commit graph

1764 commits

Author SHA1 Message Date
Shane Kilkelly
d386f79a76 Clean up 2017-10-06 16:10:33 +01:00
Shane Kilkelly
91abb6eed6 If project is not tokenBased, don't count members of token arrays 2017-10-06 15:57:22 +01:00
Shane Kilkelly
387854db7a Fix an embarassing mistake, generate tokens dynamically, not once. 2017-10-06 13:24:10 +01:00
James Allen
3c54419eb3 Remove commented debug code 2017-10-05 16:12:26 +01:00
James Allen
9c1faa4395 Add method to transfer projects from one user_id to another 2017-10-05 14:26:34 +01:00
Shane Kilkelly
bb0dad3353 Safe access to potentially-null project 2017-10-05 14:19:21 +01:00
Shane Kilkelly
b8d90a1a99 Show token-access projects on the dashboard 2017-10-05 13:20:06 +01:00
Shane Kilkelly
e4e558c0e6 Hide access tokens if user is not the project owner.
This prevents sneaky read-only users from sniffing out the read-write
link via the browser console.
2017-10-05 13:18:30 +01:00
Shane Kilkelly
6482cd7dd8 Generate tokens on old projects if they're not present 2017-10-04 16:31:24 +01:00
Alasdair Smith
8366ea271f Restrict autocompile onboarding to users in rollout (factor of 100) 2017-10-03 17:08:19 +01:00
Brian Gough
d14723f24a add rate limits for autocompiles
global rate limit for all users and a lower rate limit for free users
2017-10-03 16:16:21 +01:00
Shane Kilkelly
b6c2a8f7f7 Tidy up callbacks 2017-10-03 14:14:22 +01:00
Shane Kilkelly
7b33f8b4c2 Unit test TokenAccessController 2017-10-03 14:04:59 +01:00
Alasdair Smith
91e0397bf5 Update signup date check to today 2017-10-03 10:48:59 +01:00
Shane Kilkelly
ede497f4b3 Unit test TokenAccessHandler 2017-10-03 10:02:26 +01:00
Brian Gough
bd005d7bb6 fix double callback in precompile resources check 2017-10-02 10:14:52 +01:00
Shane Kilkelly
9f24f696a5 Use custom header, send anonToken in payload to joinProject 2017-09-29 16:32:07 +01:00
Shane Kilkelly
34d4d1360f Anon read-token: add an Authorization header to $http 2017-09-29 15:54:55 +01:00
Hayden Faulds
bf1c24f6f9 return pathname from DocumentController.getDoc 2017-09-29 15:37:10 +01:00
Shane Kilkelly
9810f63245 Render editor for token access, stub out ui changes 2017-09-28 16:06:08 +01:00
Alasdair Smith
3e2388a7de Don't show autocompile for users signed up after release date 2017-09-28 13:57:15 +01:00
Alasdair Smith
f2c0bf5515 First pass at getting onboarding shown event from analytics 2017-09-28 13:04:18 +01:00
Alasdair Smith
afff8ddf29 Pass (dummy) autocompile onboarding 2017-09-28 11:13:49 +01:00
Shane Kilkelly
4552f3be67 Move the getPublicAccessLevel helper to top-level of module 2017-09-28 10:53:35 +01:00
Shane Kilkelly
27dcf6c4c5 Fix a typo causing double-callbacks 2017-09-28 10:37:57 +01:00
Shane Kilkelly
574b115022 Working token-based access 2017-09-27 14:01:52 +01:00
Brian Gough
13628f82ec Merge pull request #17 from sharelatex/bg-lock-compiles
show error for compile in progress
2017-09-27 13:54:16 +01:00
Hayden Faulds
4adf88ca01 handle OL or SL ids in UserInfoController.getPersonalInfo 2017-09-26 11:40:05 +01:00
Hayden Faulds
2c0e9bb89a return overleaf details from ProejctsDetailsHandler.getdetails 2017-09-26 10:19:30 +01:00
Brian Gough
0f855689a7 show error for compile in progress 2017-09-26 08:07:35 +01:00
Shane Kilkelly
ee32648bf4 Order privileges by highest-to-lowest 2017-09-22 15:55:38 +01:00
Shane Kilkelly
81170d472d Add token-access routes 2017-09-22 14:54:35 +01:00
Shane Kilkelly
95292a2e55 Add unique index to token properties 2017-09-21 15:06:42 +01:00
Shane Kilkelly
441c207953 Generate tokens by default 2017-09-21 15:04:15 +01:00
Shane Kilkelly
abe41b6948 Fix projection in project query 2017-09-21 13:37:10 +01:00
Shane Kilkelly
863d327743 Change logic to exclude token users 2017-09-21 11:02:55 +01:00
Shane Kilkelly
931ba56e33 Add an 'owner' source tag, for the project owner 2017-09-21 09:35:25 +01:00
Shane Kilkelly
ef7e1ceabf Rename functions to make distinction between invited/token members 2017-09-21 09:30:38 +01:00
Shane Kilkelly
91ec0da239 Use the invitedMembers function for sending tpds updates 2017-09-20 15:48:20 +01:00
Shane Kilkelly
574baf386e Alter getProjectsUserIsMemberOf to include token-access projects.
Also change the api to produce an object with the different project lists
attached, rather than a pair of lists.
2017-09-20 15:26:03 +01:00
Shane Kilkelly
ceb7c509d0 Rename getProjectsUserIsCollaboratorOf to ...IsMemberOf
This brings the naming more in line with current conventions.
2017-09-20 13:16:50 +01:00
Shane Kilkelly
069f49d5a6 Change getCollaboratorCount to getInvitedCollaboratorCount.
And update the one call-site in LimitationsManager. This function
is used to limit invites, so it makes sense to explicitely limit
this to Invited members of the project.
2017-09-20 10:29:47 +01:00
Shane Kilkelly
8460160076 Add a getInvitedMembersWithPrivilegeLevels function.
Then use it to build the loadProject view-model.
2017-09-20 10:02:43 +01:00
Shane Kilkelly
cf54989e6a Add a getInvitedMemberIds function
Limited to only members who were invited to the project, not users
who have access via a token.
2017-09-20 09:36:56 +01:00
Shane Kilkelly
fc202439ab Read-only privelege for anonymous access 2017-09-20 09:36:06 +01:00
Shane Kilkelly
06966f67db Differentiate project members by source, include token members 2017-09-20 09:35:19 +01:00
Shane Kilkelly
a06f4b6b28 Remove remaining traces of UserStub 2017-09-19 16:16:39 +01:00
Shane Kilkelly
7919d5342b Remove obsolete add-email-to-project workflow 2017-09-19 15:57:19 +01:00
Shane Kilkelly
c87df7be79 Add token-access user refs to Project 2017-09-19 09:27:22 +01:00
Shane Kilkelly
8fece2d5f0 Add tokenBased access level 2017-09-18 10:58:13 +01:00
Shane Kilkelly
2011432120 Add tokens property to Project model 2017-09-18 10:27:28 +01:00
James Allen
adf211a226 Merge pull request #594 from sharelatex/ja-include-token-in-project-schema
Include OL tokens in project schema
2017-09-15 11:41:24 +02:00
Brian Gough
9f9c15f6f5 Merge pull request #599 from sharelatex/bg-reset-project-state
clear docupdater project state in deleteAuxFiles
2017-09-15 09:09:29 +01:00
Brian Gough
28a80cf23d Merge pull request #604 from sharelatex/bg-fix-root-doc-in-incremental-compile
fix root doc in incremental compile
2017-09-13 13:47:22 +01:00
Tim Alby
a04adbf132 remove extra security headers 2017-09-13 11:53:11 +02:00
Brian Gough
51eb94a493 handle incremental compile without root doc 2017-09-13 10:10:44 +01:00
Brian Gough
0e87b8950e update clearProjectState endpoint 2017-09-12 11:40:00 +01:00
Tim Alby
d6834ff417 add security headers using Helmet
- use all Helmet's default headers except `X-DNS-Prefetch-Control`
- use `Referrer-Policy`
- use cache headers when:
  - a user is logged in, OR
  - a project is displayed
2017-09-12 11:17:59 +02:00
Brian Gough
5430c8a3c2 Merge pull request #593 from sharelatex/bg-fix-inactive-projects-request
avoid error when passing as limit in mongo query
2017-09-11 08:16:28 +01:00
Brian Gough
6d73c48c36 Merge pull request #596 from sharelatex/bg-suppress-incremental-compile-after-errors
suppress incremental compile after errors
2017-09-11 08:15:50 +01:00
Brian Gough
2b4c8bd846 clear docupdater project state in deleteAuxFiles 2017-09-08 15:57:29 +01:00
Brian Gough
e8435e3eae make condition clearer for incremental compile 2017-09-08 13:39:24 +01:00
Brian Gough
03a5ff2e43 skip incremental compile after docupdater error 2017-09-07 15:06:09 +01:00
Shane Kilkelly
586d1f1599 Merge pull request #531 from sharelatex/sk-allow-explicit-ses-email-config
Instantiate the ses client if explicitly specified.
2017-09-07 10:21:01 +01:00
Brian Gough
3ac0e97a14 avoid error when passing as limit in mongo query
convert request parameter from string to number
2017-09-05 12:33:13 +01:00
Brian Gough
e2368615e2 Merge pull request #589 from sharelatex/bg-check-options-for-incremental-compile
include the options in the project state hash
2017-09-05 11:53:17 +01:00
Brian Gough
2e6c578dd7 add ol-style.css to fingerprint list 2017-09-05 10:54:26 +01:00
James Allen
39320c20b8 Include OL tokens in project schema 2017-09-05 10:50:39 +02:00
Brian Gough
d9557fcbf5 include the options in the project state hash 2017-09-01 16:36:51 +01:00
Shane Kilkelly
3d0268a486 Add other required properties for project load. 2017-09-01 11:36:23 +01:00
Shane Kilkelly
68f860b28d Load user features alongside id and email.
Fixes a bug where project features were not applied properly,
and instead fell back to the free-account defaults.
2017-09-01 11:16:45 +01:00
James Allen
9c4dc40abf Merge pull request #583 from sharelatex/ja-import-projects
Add in UserStub model and support in collaborators view
2017-08-29 16:06:00 +02:00
James Allen
a58a715fad Merge pull request #570 from sharelatex/ho-null-check-redis-sessions
Ho null check redis sessions
2017-08-29 15:44:22 +02:00
James Allen
8d268e9d42 Merge pull request #580 from sharelatex/ja-import-collaborators
Add in UserStub model and support in collaborators view
2017-08-29 15:43:54 +02:00
James Allen
ba43e45f85 Merge pull request #578 from sharelatex/ja-import-projects
Update Project schema for overleaf imports
2017-08-29 15:43:39 +02:00
James Allen
bb6ca9ba51 Update Project schema 2017-08-29 15:21:05 +02:00
Brian Gough
f9d1650c6a Merge pull request #569 from sharelatex/bg-compile-from-redis
compile from redis
2017-08-25 09:09:52 +01:00
James Allen
d5839437fd Add in UserStub model and support in collaborators view 2017-08-24 17:48:47 +02:00
James Allen
b4254f06ef Update Project schema for overleaf imports 2017-08-21 17:49:08 +02:00
Brian Gough
90ff58b820 compute project state hash from sorted docs/files 2017-08-16 10:49:29 +01:00
Brian Gough
739445336f remove unused code and fix flushing 2017-08-15 16:00:00 +01:00
Brian Gough
4789dd23ee docupdater will parse lines in getProjectDocs
no need to do this in web now
2017-08-11 16:57:23 +01:00
James Allen
1f326f7990 Merge pull request #575 from sharelatex/ja-overleaf-oauth
Allow OAuth based log-ins from Overleaf
2017-08-10 10:28:41 +02:00
Brian Gough
e2048e1ed5 use incrementalCompilesEnabled as option name 2017-08-09 16:25:57 +01:00
Brian Gough
836bddd91f comment about 409 code in DocumentUpdaterHandler 2017-08-09 16:00:11 +01:00
Brian Gough
ddecd26718 flush documents to mongo on incremental compiles 2017-08-09 15:47:44 +01:00
James Allen
7538c8834f Merge branch 'master' into ja-per-user-track-changes 2017-08-09 14:05:36 +02:00
James Allen
a0a45ee654 Update date 2017-08-09 14:02:40 +02:00
Brian Gough
7eb1c01994 add metrics for incremental compiles 2017-08-09 11:41:09 +01:00
Brian Gough
97b129cbe3 enable incremental compilation for beta users 2017-08-09 10:57:24 +01:00
James Allen
638eeb1247 Update Server.coffee 2017-08-09 11:51:08 +02:00
James Allen
17e849792c Pull out logic into module 2017-08-09 11:50:05 +02:00
Brian Gough
8aa77cec5e provide fallback to normal compile method 2017-08-08 16:48:47 +01:00
Brian Gough
203e42fa4c clean up options handling 2017-08-08 16:48:37 +01:00
James Allen
eac0ce8353 Initial spike of Overleaf based logins 2017-08-08 14:00:21 +02:00
Brian Gough
31e71854a4 fix unit tests 2017-08-08 11:38:31 +01:00
Brian Gough
849e905efb simplify incremental request to docupdater
if project state hasn't changed, get the docs from the docupdater -- we
check/set the hash and return the docs in a single request.  Otherwise
do a full request from mongo.
2017-08-07 14:45:04 +01:00
Brian Gough
1321009fe1 update docupdater endpoint to /project/id/docs 2017-08-03 14:40:46 +01:00
Henry Oswald
33fe252a15 null check user during logout 2017-08-03 13:26:14 +01:00
Henry Oswald
35f31d5a3c null check the user correctly 2017-08-03 13:17:39 +01:00
Brian Gough
38c879faf2 improve comment about ClsiStateManager hash 2017-08-03 12:15:27 +01:00
Brian Gough
6d331e8ffd use projectStateUnchanged instead of stateOk 2017-08-03 12:10:23 +01:00
Brian Gough
f44b844d74 refer to project state as projectStateHash 2017-08-03 12:08:11 +01:00
Brian Gough
5c02255e07 use syncType and syncState for clsi state options 2017-08-03 11:44:10 +01:00
Brian Gough
fb29ac3031 clean up logging 2017-08-03 11:36:59 +01:00
Brian Gough
0a859d3b33 clean up state manager 2017-08-03 11:36:23 +01:00
Brian Gough
a955b8fcc9 remove unused inline function 2017-08-03 11:35:42 +01:00
Brian Gough
a4117487e9 switch from mongoose to mongojs in ClsiManager
for efficiency
2017-08-03 11:35:42 +01:00
Brian Gough
17b1075dc9 add rootFolder to attributes in Clsi request 2017-08-03 10:20:57 +01:00
James Allen
86a38df6e0 Merge pull request #563 from sharelatex/pr-support-html-encoded-i18n
Support HTML encoded i18n
2017-08-03 10:36:35 +02:00
James Allen
3d9da02815 Merge pull request #555 from sharelatex/sk-password-policy
Enforce stricter password policy.
2017-08-03 10:35:00 +02:00
James Allen
28838eff60 Merge pull request #567 from sharelatex/ja-admin-panel-additions
Some refactoring and methods needed to support the admin panel
2017-08-03 10:34:33 +02:00
Brian Gough
4d4cf4f693 project state can be stored per project
there is no need to store it per project+user because it reflects the
state of the project itself
2017-08-02 16:25:47 +01:00
Brian Gough
cf780fd8bb start making requests incremental 2017-08-02 13:53:32 +01:00
James Allen
10f362a77a Add SubscriptionUpdater.deleteSubscription 2017-08-02 09:59:45 +02:00
Brian Gough
66cd6ada14 allow querying folders from existing project
avoid loading the project unnecessarily
2017-08-01 14:39:02 +01:00
Brian Gough
7a39eeb2ea make request to docupdater for current docs 2017-08-01 14:38:34 +01:00
Paulo Reis
d576aa5b9d Update date threshold to show the per-user TC dialog. 2017-08-01 12:01:17 +01:00
Paulo Reis
fbce49f5cd Merge branch 'master' into ja-per-user-track-changes 2017-08-01 10:56:02 +01:00
Shane Kilkelly
ba3550759d Persist autoPairDelimiters setting. 2017-07-31 08:36:13 +01:00
Paulo Reis
4849c705de Optionally ask the translate local method to HTML encode; use it in the problematic tooltip. 2017-07-28 17:31:28 +01:00
Brian Gough
d66382382f split request to mongo into separate method 2017-07-28 15:17:10 +01:00
Brian Gough
3e28eca26f move docupdater flush to point of use 2017-07-28 15:11:07 +01:00
Shane Kilkelly
0f131d940d Enforce stricter password policy.
- Check minimum password lengths
- Set default policy to 6-128 chars
2017-07-24 11:06:47 +01:00
Shane Kilkelly
4c637301f7 Add rate-limit to change-password action 2017-07-21 11:07:05 +01:00
Shane Kilkelly
8e55b77055 Move recurly callback to the public api router. 2017-07-20 13:51:11 +01:00
Paulo Reis
d69a7577f5 Check in Analytics if user has already been informed about per-user TC. 2017-07-07 10:38:13 +01:00
James Allen
710c89a629 Support per user track changes (proof of concept) 2017-07-07 10:38:13 +01:00
Shane Kilkelly
04c94760f5 Merge branch 'sk-auto-pair-braces' into sk-ac-improvements-integration 2017-07-06 14:39:28 +01:00
Shane Kilkelly
34b2012727 Enable (optional) auto-pairing for latex mode 2017-07-06 11:06:51 +01:00
Brian Gough
0ae93db08b use ApiErrorHandler on public api 2017-07-05 15:06:23 +01:00
Brian Gough
1dbeebabd2 move status and health checks to public api router 2017-07-05 14:50:38 +01:00
Brian Gough
845ee51a67 rename apiRouter -> privateApiRouter in router 2017-07-05 14:43:41 +01:00
Brian Gough
bd83d94f64 rename apiRouter -> privateApiRouter in Modules 2017-07-05 14:41:14 +01:00
Brian Gough
29b40ad824 add public api router 2017-07-05 14:32:55 +01:00
Brian Gough
3e8ad69f3c make loading of module routes more robust 2017-07-05 11:46:29 +01:00
Brian Gough
5ad3fd769d preserve original /status message 2017-07-04 12:42:54 +01:00
Brian Gough
b2f676af5a avoid duplicate routes for /status 2017-07-04 12:41:51 +01:00
Brian Gough
dbbc4966d8 Merge pull request #513 from sharelatex/bg-split-web-and-web-api
split web and web api
2017-07-04 08:51:00 +01:00
Shane Kilkelly
b73b78e570 Merge branch 'master' of github.com:sharelatex/web-sharelatex 2017-06-27 08:24:24 +01:00
Shane Kilkelly
0d5d59bb66 Remove user field from log, var not in scope 2017-06-26 13:56:22 +01:00
Henry Oswald
3da5ef818c null check subscription for group admin panel 2017-06-22 14:07:07 +01:00
Shane Kilkelly
1112a1f085 Instantiate the ses client if explicitly specified.
This allows end-users to use AWS features such as instance roles,
avoiding the use of explicit crendentials
2017-06-21 10:57:13 +01:00
Brian Gough
bac275962f put /ip on web router 2017-06-19 15:54:57 +01:00
Brian Gough
d32a3fbaf5 support status and health check on web and web-api 2017-06-19 15:54:14 +01:00
Brian Gough
02cb0f2295 make compiler health check available on web 2017-06-19 15:52:04 +01:00
Brian Gough
62d6933886 use settings instead of ENV for web/api split 2017-06-15 16:11:20 +01:00
Brian Gough
1ecabaa611 Revert "update pdfjs to v1.8.188"
This reverts commit 189e48dcc00f530eff674cc4a2b87c06814d45ff.
2017-06-15 11:14:01 +01:00
Shane Kilkelly
5a6415d3f8 Add logging for Labels http actions 2017-06-15 08:56:48 +01:00
Shane Kilkelly
9607174b64 Merge branch 'master' into sk-server-side-labels-loading 2017-06-15 08:49:14 +01:00