Shane Kilkelly
43f1cb7d64
Add unit test for token-based access, particularly anon-read-write
2017-10-18 15:31:03 +01:00
Brian Gough
5d116e8ce9
Merge pull request #65 from sharelatex/bg-fix-main-doc-selection
...
fix main doc selection (connects to overleaf/sharelatex#222 )
2017-10-18 13:11:10 +01:00
Brian Gough
d0f0268783
Merge pull request #57 from sharelatex/bg-handle-undefined-project-name-with-error
...
avoid exception in validateProjectName
2017-10-18 13:10:45 +01:00
Shane Kilkelly
7d2bde85ff
Add a setting to enable anonymous read-and-write link sharing
2017-10-18 13:04:37 +01:00
Brian Gough
bcabec1c5d
added tests
2017-10-17 15:50:29 +01:00
Shane Kilkelly
9c247d5f59
On project list, only show projects once, with max access
2017-10-17 11:10:31 +01:00
Shane Kilkelly
855fe2e143
If user is project owner, don't add them as a token user
2017-10-16 16:44:20 +01:00
Shane Kilkelly
5fb86441f6
Add acceptance tests for private-overleaf-project
...
... when accessed via the read-write token by the owner
2017-10-16 14:15:50 +01:00
Brian Gough
96d08e41a7
update tests
2017-10-16 14:15:38 +01:00
Shane Kilkelly
ad999a72b6
If a token-based project not found, check private overleaf project
2017-10-16 13:20:15 +01:00
Shane Kilkelly
ac513a1355
Refactor to not pass req
down into Auth modules
2017-10-13 11:20:57 +01:00
Nate Stemen
42412b1bb4
modified labels tests to pass with new metadata
2017-10-12 17:28:11 +01:00
James Allen
f0079bb7a4
Merge pull request #41 from sharelatex/ja-transfer-projects
...
Add method to transfer projects from one user_id to another
2017-10-12 16:27:00 +01:00
Brian Gough
8cf3288187
avoid exception in validateProjectName
2017-10-12 16:03:12 +01:00
Shane Kilkelly
dcf601fe80
Only show token-based projects if accessLevel is set to token-based
2017-10-12 15:47:29 +01:00
Shane Kilkelly
9a7c8c5842
Revert "Remove remaining traces of UserStub"
...
This reverts commit ab6b4c32254a20b940c489b8b5b56237433cc0f6.
2017-10-12 15:08:48 +01:00
Brian Gough
3d2f9f0219
Merge branch 'bg-auto-doc-flush'
2017-10-12 15:01:27 +01:00
Brian Gough
fdffc92de2
fix unit tests
2017-10-12 15:01:11 +01:00
Shane Kilkelly
16416463c6
Update removeUserFromProject
to account for token-access
2017-10-12 11:49:02 +01:00
Brian Gough
45ed090326
Merge pull request #37 from sharelatex/bg-rate-limit-autocompile
...
rate limit autocompile (connects to #18 )
2017-10-12 09:25:59 +01:00
Brian Gough
c913ec69ef
Merge pull request #34 from sharelatex/bg-fix-double-callback-in-resources-check
...
fix double callback in resources check (connects to #18 )
2017-10-12 09:20:05 +01:00
Hayden Faulds
f017a94b7e
remove unused HistoryManager
2017-10-11 11:18:20 +01:00
Brian Gough
5b0d3d1429
simplify rate-limit checking code
2017-10-09 16:31:01 +01:00
Shane Kilkelly
1a4ffe7708
Remove un-necessary call to getProject
from archiveProject
path
2017-10-09 11:30:55 +01:00
Shane Kilkelly
29a584996f
Flesh out acceptance tests for token access
2017-10-06 16:26:47 +01:00
Shane Kilkelly
b5bed1837e
Start acceptance tests for token-based access
2017-10-06 15:58:03 +01:00
Shane Kilkelly
91abb6eed6
If project is not tokenBased, don't count members of token arrays
2017-10-06 15:57:22 +01:00
James Allen
9c1faa4395
Add method to transfer projects from one user_id to another
2017-10-05 14:26:34 +01:00
Shane Kilkelly
b8d90a1a99
Show token-access projects on the dashboard
2017-10-05 13:20:06 +01:00
Shane Kilkelly
6482cd7dd8
Generate tokens on old projects if they're not present
2017-10-04 16:31:24 +01:00
Shane Kilkelly
7b33f8b4c2
Unit test TokenAccessController
2017-10-03 14:04:59 +01:00
Shane Kilkelly
ede497f4b3
Unit test TokenAccessHandler
2017-10-03 10:02:26 +01:00
Brian Gough
e9114551ba
add unit test for precompile resources check
2017-10-02 10:14:05 +01:00
Hayden Faulds
bf1c24f6f9
return pathname from DocumentController.getDoc
2017-09-29 15:37:10 +01:00
Shane Kilkelly
574b115022
Working token-based access
2017-09-27 14:01:52 +01:00
James Allen
63097aaf73
Merge pull request #24 from sharelatex/ja-dockerize-acceptance-tests
...
Set up acceptance tests to run in docker container; Fixes overleaf/sharelatex#138
2017-09-27 11:01:49 +02:00
James Allen
23bd840796
Fix MockDocStoreApi name
2017-09-27 10:53:00 +02:00
James Allen
1502da85cf
Set up acceptance tests to run in docker container
2017-09-27 10:37:20 +02:00
Hayden Faulds
4adf88ca01
handle OL or SL ids in UserInfoController.getPersonalInfo
2017-09-26 11:40:05 +01:00
Hayden Faulds
2c0e9bb89a
return overleaf details from ProejctsDetailsHandler.getdetails
2017-09-26 10:19:30 +01:00
Shane Kilkelly
ee32648bf4
Order privileges by highest-to-lowest
2017-09-22 15:55:38 +01:00
Shane Kilkelly
562b2db600
Fix unit test
2017-09-21 15:01:40 +01:00
Shane Kilkelly
7dc759482c
Fix how adding user to project works in acceptance tests
2017-09-21 11:43:16 +01:00
Shane Kilkelly
931ba56e33
Add an 'owner' source tag, for the project owner
2017-09-21 09:35:25 +01:00
Shane Kilkelly
ef7e1ceabf
Rename functions to make distinction between invited/token members
2017-09-21 09:30:38 +01:00
Shane Kilkelly
91ec0da239
Use the invitedMembers function for sending tpds updates
2017-09-20 15:48:20 +01:00
Shane Kilkelly
574baf386e
Alter getProjectsUserIsMemberOf
to include token-access projects.
...
Also change the api to produce an object with the different project lists
attached, rather than a pair of lists.
2017-09-20 15:26:03 +01:00
Shane Kilkelly
ceb7c509d0
Rename getProjectsUserIsCollaboratorOf
to ...IsMemberOf
...
This brings the naming more in line with current conventions.
2017-09-20 13:16:50 +01:00
Shane Kilkelly
069f49d5a6
Change getCollaboratorCount
to getInvitedCollaboratorCount
.
...
And update the one call-site in LimitationsManager. This function
is used to limit invites, so it makes sense to explicitely limit
this to Invited members of the project.
2017-09-20 10:29:47 +01:00
Shane Kilkelly
8460160076
Add a getInvitedMembersWithPrivilegeLevels
function.
...
Then use it to build the loadProject view-model.
2017-09-20 10:02:43 +01:00
Shane Kilkelly
cf54989e6a
Add a getInvitedMemberIds
function
...
Limited to only members who were invited to the project, not users
who have access via a token.
2017-09-20 09:36:56 +01:00
Shane Kilkelly
06966f67db
Differentiate project members by source, include token members
2017-09-20 09:35:19 +01:00
Shane Kilkelly
a06f4b6b28
Remove remaining traces of UserStub
2017-09-19 16:16:39 +01:00
Shane Kilkelly
7919d5342b
Remove obsolete add-email-to-project workflow
2017-09-19 15:57:19 +01:00
Henry Oswald
a7217f1d37
Merge branch 'ho-csrf-acceptence-tests'
2017-09-15 13:50:17 +01:00
Brian Gough
1bca1e11a9
fix broken unit test
2017-09-15 09:20:53 +01:00
Brian Gough
9f9c15f6f5
Merge pull request #599 from sharelatex/bg-reset-project-state
...
clear docupdater project state in deleteAuxFiles
2017-09-15 09:09:29 +01:00
Brian Gough
28a80cf23d
Merge pull request #604 from sharelatex/bg-fix-root-doc-in-incremental-compile
...
fix root doc in incremental compile
2017-09-13 13:47:22 +01:00
Tim Alby
a04adbf132
remove extra security headers
2017-09-13 11:53:11 +02:00
Brian Gough
51eb94a493
handle incremental compile without root doc
2017-09-13 10:10:44 +01:00
Tim Alby
d6834ff417
add security headers using Helmet
...
- use all Helmet's default headers except `X-DNS-Prefetch-Control`
- use `Referrer-Policy`
- use cache headers when:
- a user is logged in, OR
- a project is displayed
2017-09-12 11:17:59 +02:00
Brian Gough
2b4c8bd846
clear docupdater project state in deleteAuxFiles
2017-09-08 15:57:29 +01:00
Brian Gough
d9557fcbf5
include the options in the project state hash
2017-09-01 16:36:51 +01:00
Shane Kilkelly
7bb4638186
Restore user features to default after acceptance test.
...
Fixes an issue that could come up when running the tests
several times.
2017-09-01 14:45:54 +01:00
Shane Kilkelly
c170de7a4f
Add unit test to cover project features.
2017-09-01 13:28:11 +01:00
Henry Oswald
d4b0c740c2
added csrf acceptence tests
2017-08-29 17:45:16 +01:00
James Allen
9c4dc40abf
Merge pull request #583 from sharelatex/ja-import-projects
...
Add in UserStub model and support in collaborators view
2017-08-29 16:06:00 +02:00
Brian Gough
f9d1650c6a
Merge pull request #569 from sharelatex/bg-compile-from-redis
...
compile from redis
2017-08-25 09:09:52 +01:00
James Allen
d5839437fd
Add in UserStub model and support in collaborators view
2017-08-24 17:48:47 +02:00
Brian Gough
a569303b7e
simplify unusual unit test
2017-08-17 15:36:52 +01:00
Brian Gough
f4da089ee3
added unit tests for project state hash
2017-08-16 11:42:36 +01:00
Brian Gough
c91599bfeb
add unit test for incremental compile
2017-08-15 16:00:40 +01:00
Brian Gough
1179518f4e
unit test for sync conflict
2017-08-15 14:35:02 +01:00
Brian Gough
0347abb13a
added unit tests for ProjectEntityHandler
2017-08-14 15:40:46 +01:00
Brian Gough
f9617034be
add unit test for getProjectDocsIfMatch
2017-08-14 14:33:34 +01:00
Brian Gough
7eb1c01994
add metrics for incremental compiles
2017-08-09 11:41:09 +01:00
Brian Gough
836219584c
fix tests for beta users
2017-08-09 11:33:44 +01:00
Brian Gough
31e71854a4
fix unit tests
2017-08-08 11:38:31 +01:00
James Allen
0be1ee6b6c
Fix smoke test when product name changes
2017-08-08 12:31:36 +02:00
James Allen
3d9da02815
Merge pull request #555 from sharelatex/sk-password-policy
...
Enforce stricter password policy.
2017-08-03 10:35:00 +02:00
James Allen
10f362a77a
Add SubscriptionUpdater.deleteSubscription
2017-08-02 09:59:45 +02:00
Brian Gough
3e28eca26f
move docupdater flush to point of use
2017-07-28 15:11:07 +01:00
Shane Kilkelly
0f131d940d
Enforce stricter password policy.
...
- Check minimum password lengths
- Set default policy to 6-128 chars
2017-07-24 11:06:47 +01:00
Brian Gough
9417266966
fix health checks for web/web-api split
2017-07-04 10:32:31 +01:00
Henry Oswald
3da5ef818c
null check subscription for group admin panel
2017-06-22 14:07:07 +01:00
Shane Kilkelly
9607174b64
Merge branch 'master' into sk-server-side-labels-loading
2017-06-15 08:49:14 +01:00
Shane Kilkelly
b97becc7a2
Change getLabelsForDoc
to broadcastLabelsForDoc
2017-06-13 11:38:15 +01:00
Shane Kilkelly
a3dbb16e50
Flush project before getting all project labels
2017-06-13 11:15:26 +01:00
Shane Kilkelly
bd6133aadb
Remove callback-pattern from label parsers
2017-06-13 11:10:21 +01:00
Shane Kilkelly
26be4f84d0
Re-use parser
2017-06-12 15:15:14 +01:00
Shane Kilkelly
ff4991284d
Change docLabelsUpdated
socket event to broadcastDocLabels
2017-06-12 13:06:56 +01:00
Shane Kilkelly
9f9468d0e0
Use lowercase project_id
2017-06-12 11:37:05 +01:00
Shane Kilkelly
c9432a1238
Fix unit tests
2017-06-12 10:09:33 +01:00
James Allen
4cecbae6b6
Use an email based invite system for groups, not holding accounts
2017-06-08 12:12:08 +01:00
Shane Kilkelly
feb1d87de1
Add test for LablesHandler
2017-06-08 10:25:39 +01:00
Shane Kilkelly
3c4a6f06be
Add unit tests for LabelsController
2017-06-08 09:22:26 +01:00
James Allen
d7981fd2d4
Merge pull request #512 from sharelatex/ja-project-name-validation
...
Refactor project name validation into one place and restrict /s
2017-06-05 11:55:39 +01:00
James Allen
59085c1ddd
Add missing require stubs and remove console.logs in unit tests
2017-05-22 15:33:52 +01:00
James Allen
3105c6743e
Fix unit tests
2017-05-22 15:24:52 +01:00
James Allen
ba62206b91
Refactor project name validation into one place and restrict /s
2017-05-19 17:42:24 +01:00
James Allen
76b8fecde9
Merge pull request #509 from sharelatex/ja-fix-clsi-cookie-cluster
...
Don't try to set the server id if it isn't returned in the response
2017-05-19 15:00:18 +01:00
James Allen
01548a0216
Don't try to set the server id if it isn't returned in the response
2017-05-19 10:23:01 +01:00
Paulo Reis
b0b75e2ebb
Update docupdaterhandler tests.
2017-05-18 15:04:12 +01:00
James Allen
39ca6d1e6c
Merge pull request #508 from sharelatex/ja-fix-clsi-cookie-cluster
...
Check for blank string in clsi cookie caching
2017-05-18 11:12:11 +01:00
James Allen
f708a0cd81
Check for blank string in clsi cookie caching
...
ioredis returns "" for a blank entry, the previous driver returned null,
so also check for a blank string
2017-05-18 11:09:33 +01:00
Brian Gough
5237647b8b
Merge pull request #489 from sharelatex/bg-improve-upload-robustness
...
improve stream error handling on upload
2017-05-17 15:26:03 +01:00
Shane Kilkelly
6338835baf
Merge branch 'sk-sudo-mode'
2017-05-17 09:48:22 +01:00
Shane Kilkelly
4e3284cec8
Merge branch 'sk-dont-redirect-to-images'
2017-05-17 09:48:16 +01:00
Shane Kilkelly
25e0a19350
Make confirm-password routes more restful
2017-05-16 11:51:06 +01:00
Brian Gough
e23871118d
Merge remote-tracking branch 'origin/master' into bg-improve-upload-robustness
2017-05-15 16:01:01 +01:00
Shane Kilkelly
60d3e4a97b
If external auth system is in use, skip sudo-mode checks
2017-05-15 15:46:24 +01:00
James Allen
5aa8b71832
Allow writing of clsi cookie cache to redis cluster secondary
2017-05-15 15:35:01 +01:00
Brian Gough
0908e36fb7
fix unit tests
2017-05-15 13:46:01 +01:00
Shane Kilkelly
c864288c4e
On logout, clear sudo mode
2017-05-15 11:53:52 +01:00
Shane Kilkelly
0f75d9f4d9
Test SudoModeController
2017-05-15 10:56:43 +01:00
Shane Kilkelly
76285a1554
Start testing SudoModeController
2017-05-15 10:07:22 +01:00
Shane Kilkelly
8605dc83b4
Merge branch 'master' into sk-sudo-mode
2017-05-15 09:21:13 +01:00
Shane Kilkelly
0e26222551
Don't redirect to images, icons, etc, in login workflow
2017-05-12 15:46:16 +01:00
Shane Kilkelly
1640dfa79a
Merge branch 'sk-fix-cooldown-tpds'
2017-05-12 09:11:23 +01:00
James Allen
3bfd92dd9c
Rename lock to avoid potential conflict with doc updater
2017-05-11 15:27:01 +01:00
Shane Kilkelly
7b0aca7f02
add cooldown to tpds mergeUpdate
path
2017-05-11 11:29:57 +01:00
Shane Kilkelly
e6286c721d
Merge branch 'master' into sk-fix-large-projects
2017-05-11 08:40:17 +01:00
Shane Kilkelly
08567ff220
if projectId is not defined, error out
2017-05-10 15:25:23 +01:00
Shane Kilkelly
27842996aa
start testing SudoModoController
2017-05-10 15:15:57 +01:00
Shane Kilkelly
4d662f23de
test SudoModeMiddlewear
2017-05-10 14:54:49 +01:00
James Allen
274d6f4ac6
Merge pull request #493 from sharelatex/ja-redis-cluster-refactor
...
Move all redis end points to be cluster compatible
2017-05-10 14:38:37 +01:00
Shane Kilkelly
b09a41c557
Fix acceptance tests
2017-05-10 13:45:53 +01:00
Shane Kilkelly
993c261b10
start testing sudo-mode
2017-05-10 11:37:32 +01:00
Shane Kilkelly
149e38855f
Add a cooldown mechanism for projects which go over limits
2017-05-09 11:40:42 +01:00
James Allen
8449b0417c
Move all redis end points to be cluster compatible
2017-05-04 15:22:54 +01:00
Brian Gough
46f693519a
return 404 for api request on missing doc
2017-04-27 16:41:53 +01:00
Shane Kilkelly
a9b8b864df
Move content-disposition setting into a method on res
2017-04-12 16:00:02 +01:00
Shane Kilkelly
02d75deaa0
when setting content-disposition, uri-encode names
2017-04-12 09:31:59 +01:00
Shane Kilkelly
bb65da88fe
Merge branch 'master' into node-6.9
2017-04-05 10:15:51 +01:00
Shane Kilkelly
043520fc28
Remove the Metrics module, use metrics-sharelatex
2017-04-03 16:18:30 +01:00
Shane Kilkelly
49de7bf315
mock out metrics in test
2017-03-31 14:54:20 +01:00
Shane Kilkelly
bee62400a6
Merge branch 'master' into sk-upgrade-metrics
2017-03-31 14:08:12 +01:00
James Allen
3bf19a38ee
Merge pull request #467 from sharelatex/ja-validate-recurly-subscription-on-creation
...
Handle a 404 from Recurly if account doesn't exist
2017-03-28 16:06:25 +01:00
James Allen
08699d7aa2
Handle a 404 from Recurly if account doesn't exist
2017-03-28 15:46:58 +01:00
James Allen
f53234271f
Merge pull request #465 from sharelatex/sk-hide-email-errors
...
If sending email fails, return a generic error.
2017-03-28 13:16:43 +01:00
James Allen
2e6e51eb6d
Merge pull request #464 from sharelatex/ja-validate-recurly-subscription-on-creation
...
Check Recurly for subscription as well before creating subscription
2017-03-28 13:15:58 +01:00
Brian Gough
835d8d618d
use error handler
2017-03-28 11:33:37 +01:00
Brian Gough
f433510e61
return NotFound error in ProjectDetailsHandler
2017-03-28 10:12:52 +01:00
Brian Gough
4e66b045e3
fix unhandled exception in ProjectDetailsHandler
2017-03-28 09:44:50 +01:00
Shane Kilkelly
d2e1efe4a9
fix a daft mistake
2017-03-27 17:45:19 +01:00
Shane Kilkelly
69b9b308d4
If sending email fails, return a generic error.
...
This prevents us from leaking juicy details of our aws/ses setup via the
password-reset form.
2017-03-27 16:17:38 +01:00
James Allen
7aa4c0c030
Check Recurly for subscription as well before creating subscription
2017-03-27 12:07:43 +01:00
Henry Oswald
e22da8e530
rename unit test
2017-03-27 09:57:15 +01:00
Henry Oswald
9c7465fd64
Merge pull request #461 from sharelatex/ho-annom-user-events
...
add identify on login
2017-03-27 09:28:34 +01:00
Henry Oswald
379efcb04a
Merge branch 'master' into ho-annom-user-events
2017-03-27 09:28:03 +01:00
Henry Oswald
cff922a0f5
idendify -> identify
2017-03-22 16:01:26 +00:00
Henry Oswald
ebdce6169e
idendifyUser on login
2017-03-22 15:50:49 +00:00
Henry Oswald
f910bb58de
add tests for AnalyticsController
2017-03-22 13:11:45 +00:00
Shane Kilkelly
a64f890ed0
Upgrade metrics api
2017-03-17 14:55:41 +00:00
Henry Oswald
625fa810c2
validate mongo id in getPrivilegeLevelForProject
...
https://sentry.io/sharelatex-1/sl-web-server-prod/issues/204397665/
2017-03-17 14:44:51 +00:00
Henry Oswald
8ee2e5ba63
null check folder in findElement
...
https://sentry.io/sharelatex-1/sl-web-server-prod/issues/236000085/
2017-03-17 13:29:20 +00:00
Henry Oswald
e5468983ce
clone project plow though null doc/file/folders
...
https://sentry.io/sharelatex-1/sl-web-server-prod/issues/227107799/
2017-03-17 13:21:30 +00:00
Henry Oswald
d453a4d5c7
null check stat when we check file on disk
...
https://sentry.io/sharelatex-1/sl-web-server-prod/issues/125814174/
2017-03-17 13:03:16 +00:00
Shane Kilkelly
5e112043ca
Fix unit tests for modules now using metrics.timeAsyncMethod
2017-03-16 11:08:17 +00:00
Shane Kilkelly
1ce48e971a
Merge branch 'sk-fix-file-upload'
2017-03-10 11:30:03 +00:00
Shane Kilkelly
ec25ee9045
When upload to filestore fails, produce an error
2017-03-09 10:11:45 +00:00
James Allen
b75d0ab3eb
Don't show onboarding for newly registered users
2017-03-09 09:13:49 +00:00
James Allen
2b36a443c9
Pull track changes backend into a module
2017-03-02 16:45:24 +00:00
Shane Kilkelly
9a641d43eb
Remove cruft
2017-02-27 14:00:45 +00:00
Shane Kilkelly
98d7dc6f88
Make work on both 0.10 and 6.9
2017-02-27 13:54:57 +00:00
James Allen
c8096facfb
Merge pull request #421 from sharelatex/ho-announcments
...
mark announcments before user signs up as read
2017-02-14 15:12:10 +01:00
Henry Oswald
27caf4d555
mark announcments before user signs up as read
2017-02-14 12:29:48 +00:00
James Allen
03ecf4b4ae
Only show track changes onboarding once based on analytics API events
2017-02-14 10:25:46 +01:00
Shane Kilkelly
7d5dc34b3e
fix the set-password form for new (admin-created) users
2017-02-06 14:58:54 +00:00
James Allen
b086d7afa2
Refactor rate limiting code around sending invites
2017-01-27 16:26:58 +01:00
James Allen
757c7002eb
Merge pull request #397 from sharelatex/ja-modify-threads
...
Allow editing/deleting of comments and threads
2017-01-25 15:50:00 +01:00
Shane Kilkelly
239164fe26
Merge branch 'master' into sk-rate-limit-cluster
2017-01-25 09:56:08 +00:00
Henry Oswald
cc717f0357
domainAnnouncementsToShow -> domainAnnouncements
2017-01-25 09:44:13 +00:00
Henry Oswald
02e6eb4dd1
Merge pull request #399 from sharelatex/ho-promote-case-study
...
promote domain alerts
2017-01-25 09:41:50 +00:00
Henry Oswald
1280a2313d
add check for id to exist in domain announcments
...
null check user at start of getUnreadAnnouncements
fix spelling mistake
2017-01-25 09:35:11 +00:00
Henry Oswald
13d21b881f
use new annoncments feature for case study info
2017-01-24 16:03:05 +00:00
James Allen
f9ba7392e9
Allow editing/deleting of comments and threads
2017-01-24 16:21:14 +01:00
Shane Kilkelly
a148eb1f43
Merge branch 'master' into sk-rate-limit-cluster
2017-01-24 09:24:47 +00:00
Henry Oswald
6d35585847
limit number of invites each user can do
...
done with the number of collaborators a user can add
prevents notifications getting filled up as well
2017-01-21 12:43:15 +00:00
James Allen
3413687833
Merge pull request #393 from sharelatex/ja-track-changes
...
Ja track changes
2017-01-18 15:32:16 +01:00
Shane Kilkelly
1137ab0715
Don't record redirect to static asset paths
2017-01-17 14:35:37 +00:00
James Allen
9c0bf885be
Merge branch 'master' into ja-track-changes
2017-01-17 10:16:41 +01:00
Shane Kilkelly
82ddeab2bd
If user tries to invite themselves to project, don't.
2017-01-16 13:45:01 +00:00
Shane Kilkelly
635b935acc
Add an acceptance test for login rate limits, cleanup
2017-01-16 11:46:59 +00:00
Henry Oswald
fed88504f8
rate limit emails sent sharing projects by users
2017-01-14 14:52:32 +00:00
Shane Kilkelly
25956d4c62
Fix up tests
2017-01-13 16:04:26 +00:00
Shane Kilkelly
525e871d55
Merge branch 'master' into sk-rate-limit-cluster
2017-01-13 14:17:18 +00:00
James Allen
aab4dea8ae
Merge branch 'master' into ja-track-changes
2017-01-13 13:46:01 +01:00
Shane Kilkelly
f5ced03074
Set redirect when sending user to login
page.
...
Allows smart redirecting to work when public access is turned off.
2017-01-10 15:42:36 +00:00
James Allen
d03aa7056e
Rename /ranges/users end point to /changes/users
2017-01-10 13:43:53 +01:00
James Allen
4e128b6ab7
Send user data in /threads dat
2017-01-09 17:25:06 +01:00
James Allen
9379cff89d
Add end point for accepting change in doc updater
2017-01-09 15:25:27 +01:00
James Allen
3a5d45fa32
Get user info via web, not chat
2017-01-06 13:41:58 +01:00
Shane Kilkelly
259c589076
Add option to restrict invites to existing user accounts.
2016-12-20 09:54:42 +00:00
Shane Kilkelly
822f76a883
Add unit tests for RedisWrapper
2016-12-19 15:12:22 +00:00
Shane Kilkelly
d428f9adbc
Make LoginRateLimiter
a thin wrapper around RateLimiter
2016-12-19 14:10:51 +00:00
Shane Kilkelly
ef0a5801d5
Create a RedisWrapper, and use it for rate limiting.
2016-12-19 12:17:02 +00:00
James Allen
988005e929
Send and get comments via the chat api
2016-12-16 16:42:41 +00:00
James Allen
293ba1fc4c
Fetch all ranges from docstore when viewing overview panel
2016-12-09 15:43:08 +00:00
James Allen
1830d41eba
Proxy ranges between doc updater and docstore
2016-12-08 14:09:06 +00:00
Henry Oswald
e6eeb86046
add read property to announcments
2016-12-07 11:39:22 +00:00
Shane Kilkelly
58280bf6ee
Merge branch 'master' into sk-user-delete-with-cancelled-sub
2016-12-06 09:31:42 +00:00
James Allen
48cc5a992f
Merge branch 'master' into ja-set-version-in-docstore
2016-12-01 09:30:53 +00:00
Shane Kilkelly
e03d16e0cd
Deleting user: if subscription is already cancelled, ignore and proceed.
2016-11-30 16:03:18 +00:00
James Allen
eb648b9bc8
Proxy version number to and from docstore
2016-11-29 17:16:56 +00:00
Shane Kilkelly
a03ac8fe72
More robust session destruction after deleting user account.
2016-11-28 12:37:53 +00:00
Shane Kilkelly
52462d7020
Merge branch 'sk-sync-details-from-sso'
2016-11-28 10:11:59 +00:00
Shane Kilkelly
2ab5ad4230
If we're updating details from a SSO source, don't allow editing on settings page.
2016-11-25 14:38:00 +00:00
Shane Kilkelly
22101d0305
If user is sent to login page with explicit redirect, obey
2016-11-24 11:38:13 +00:00
Shane Kilkelly
8a4352fff2
Set redirect when redirecting from restricted
2016-11-22 16:54:03 +00:00
Shane Kilkelly
8089bb55a4
use session for the post-login redirect, remove redir
query string.
2016-11-22 14:24:36 +00:00
Shane Kilkelly
da1be67aff
Merge branch 'sk-ext-auth-show-email'
2016-11-18 09:34:05 +00:00
Shane Kilkelly
6606375cd7
Remove dead code: SessionInvalidator
2016-11-17 15:27:58 +00:00
Shane Kilkelly
3b8fbe8249
If using external auth, show non-editable email field.
...
Also defend server-side against setting email when using external auth.
2016-11-17 14:34:02 +00:00
Henry Oswald
d87067bc2f
Merge branch 'announcments'
2016-11-15 10:38:01 +00:00
Shane Kilkelly
b212c00311
Fix acceptance tests, use the correct method of getting redis key.
2016-11-14 16:33:54 +00:00
Henry Oswald
5a13ee1077
use anlaytis api
...
- don’t talk to postgres
- show recent blog post announcments
- proxy all events to analytics api
2016-11-11 17:03:09 +00:00
James Allen
593e59450b
Use different UserSessions keys for cluster vs normal redis session store
2016-11-10 14:31:48 +00:00
Shane Kilkelly
5f3098df38
Replace multi-ops with Async.series, tests passing
2016-11-09 11:03:03 +00:00
Shane Kilkelly
a373868862
Fix unit tests
2016-11-08 16:00:18 +00:00
Shane Kilkelly
e7b09a81a7
Merge branch 'sk-passport-ldap'
2016-11-02 15:39:32 +00:00
Paulo Reis
c5e793125e
Update unit tests.
2016-11-01 16:55:26 +00:00
Shane Kilkelly
9cb3d8c4b8
Enable hook from module into passport init.
2016-11-01 14:06:54 +00:00
Shane Kilkelly
5c8cdd22cc
Merge branch 'sk-account-delete-pass'
2016-10-28 11:02:41 +01:00
Shane Kilkelly
4c092e7ff1
Remove deprecated "projectSharedWithYou" email.
2016-10-28 10:37:10 +01:00
Shane Kilkelly
751a116921
add plainTextTemplate to all emails
2016-10-27 14:41:13 +01:00
Shane Kilkelly
dc62b1a86e
Remove deprecated endpoint for old delete-user
2016-10-26 11:18:36 +01:00
Shane Kilkelly
a4167fcccd
Unit tests for tryDeleteUser
2016-10-26 11:01:35 +01:00
Shane Kilkelly
6069d4dba3
Merge branch 'master' into sk-plans-tidy
2016-10-25 13:14:44 +01:00
Henry Oswald
1c3edcd627
added some debug lines
2016-10-24 23:36:49 +01:00
Henry Oswald
91e9447fe5
added logging to smoke test
2016-10-21 19:20:21 +01:00
Shane Kilkelly
d5a7514923
Add AB test for plans (+15 squashed commits)
...
Squashed commits:
[45c2237] Add a `subscription-form-switch-to-student` event
[1ad9b8f] change experiment name, and re-enable switch-to-student workflow
[f7cdb78] Remove debug
[4b9778a] Incorporate collaborator alternative plans
[701e80b] Add collaborator plans for heron and ibis
[287aa0f] AB test plans from editor page
[c74052e] Fix change-plan view for default plans
[1a947d6] Use correct plan codes
[1eecda7] Adjust prices
[69c4c7b] Introduce two plans
[8b8d5f8] Rename sixpack experiment
[c332002] Fix up the change-plan page
[c7af52d] Overhaul change-plan page, show only plans from current generation
[33d86bf] update plan
[5bbd946] Add a basic plans AB test
2016-10-21 16:17:37 +01:00
Henry Oswald
adc6b429e6
record when a subscription is canceled
2016-10-10 15:29:54 +01:00
Shane Kilkelly
0f65e98566
add acceptance test for clearing sessions
2016-10-10 10:55:45 +01:00
Shane Kilkelly
25dd998107
clear-sessions page (+4 squashed commits)
...
Squashed commits:
[3a56af0] Remove cruft
[c5a1f6c] Finalise alignment
[82f741a] Working sessions page
[d40f069] WIP: display sessions
2016-10-07 16:47:00 +01:00
Shane Kilkelly
95a66bbf00
Merge pull request #328 from sharelatex/sk-plain-text-email
...
Sk plain text email
2016-10-05 10:04:08 +01:00
Henry Oswald
3141f91b59
Merge pull request #322 from sharelatex/ho-password-limits
...
Ho password limits
2016-10-05 10:03:54 +01:00
Shane Kilkelly
e699fcb1fa
Add plain-text component to the project-invite email
2016-10-03 15:25:38 +01:00
Shane Kilkelly
b497182557
Add an acceptance test for registration and login
2016-09-27 11:55:51 +01:00
Shane Kilkelly
dd14e51713
Handle null, undefined and false in isUserLoggedIn
2016-09-23 16:53:07 +01:00
Henry Oswald
8a2b7d0461
server side protect passwords which are too long
2016-09-23 16:51:46 +01:00
Shane Kilkelly
6e8185aeaf
Merge branch 'master' into sk-passport
2016-09-23 10:28:35 +01:00
Shane Kilkelly
6c716ca252
Fix acceptance tests by updating invite-accept url
2016-09-23 10:28:17 +01:00
Shane Kilkelly
72ca1d6316
Merge branch 'master' into sk-passport
...
# Conflicts:
# app/coffee/Features/Collaborators/CollaboratorsInviteController.coffee
2016-09-23 10:01:11 +01:00
James Allen
e15976be21
Use token in URL to force its precense when invite and allow easy dynamic notifications
2016-09-22 17:24:06 +01:00
Shane Kilkelly
dbac4bd008
update session when user settings change
2016-09-22 16:58:25 +01:00
Shane Kilkelly
7e449c60ed
fix tests
2016-09-22 16:04:42 +01:00
Shane Kilkelly
ff1c72ee14
Fix up more session access
2016-09-22 14:30:34 +01:00
Shane Kilkelly
7f24dd6f55
Fix tests for UserInfoController.
2016-09-22 13:37:27 +01:00
Shane Kilkelly
a3ace1fccd
Increase timeout because slow tests
2016-09-22 11:33:54 +01:00
Shane Kilkelly
dde5b7b830
Regenerate session on login, protect against session-fixation attack.
2016-09-21 13:03:37 +01:00
Shane Kilkelly
bb71433727
Remove getLoggedInUser
2016-09-21 09:27:51 +01:00
Shane Kilkelly
4eada48638
Merge branch 'master' into sk-passport
2016-09-19 15:40:25 +01:00
James Allen
0917fe10ca
Return type when finding element by path so that we don't need a heuristic
2016-09-19 14:35:25 +01:00
Shane Kilkelly
2119dcbb58
Finalise login workflow, works with login form again.
2016-09-15 14:36:11 +01:00
Shane Kilkelly
438ac45854
fix unit tests
2016-09-07 16:40:49 +01:00
Shane Kilkelly
8e0103a1bc
wip: fix unit tests for AuthenticationController
2016-09-07 14:05:51 +01:00
Shane Kilkelly
3a5b3a8e8d
wip: acceptance tests working
2016-09-06 15:55:34 +01:00
Shane Kilkelly
b0a10c948c
wip refactor
2016-09-06 15:22:13 +01:00
Henry Oswald
ddc0023c64
make forceCreate the default for creating notifications
2016-08-30 13:07:37 +01:00
Henry Oswald
114dbf9f3f
Merge branch 'master' of https://github.com/sharelatex/web-sharelatex
2016-08-23 15:34:55 +01:00
James Allen
bcc8bfbe6c
Redirect to working update billing details end point that shows a nice message
2016-08-22 17:36:33 +01:00
Henry Oswald
130fece0f6
track when users accept invites
2016-08-19 18:33:03 +01:00
Shane Kilkelly
a904427531
Fix broken test
2016-08-19 11:57:44 +01:00
Shane Kilkelly
ece0491e3d
Refactor. Handle republishing of notifications on resend.
2016-08-17 16:27:15 +01:00
Shane Kilkelly
da40f54d55
Improve logging, add acceptance tests for joinProject json
2016-08-16 11:17:45 +01:00
Shane Kilkelly
158afbb157
Merge branch 'master' into pr-email-tokens
...
Conflicts:
app/coffee/Features/Notifications/NotificationsBuilder.coffee
public/coffee/ide/share/controllers/ShareController.coffee
2016-08-15 10:29:21 +01:00
Shane Kilkelly
f92767f7b5
Address feedback, add ?
checks where appropriate
2016-08-12 15:26:20 +01:00
Shane Kilkelly
e53394919f
Rework how invite expiry functions.
2016-08-12 14:40:59 +01:00
Shane Kilkelly
a7bc8bffe0
Update markAsReadByKeyOnly
url.
2016-08-12 09:59:25 +01:00
Shane Kilkelly
276241495b
Fix tests
2016-08-11 14:23:25 +01:00
Shane Kilkelly
ce039f8cd3
Remove the email when user id is added to project
2016-08-11 14:17:01 +01:00
Paulo Reis
228de5332e
Unit test tracking code.
2016-08-11 14:09:57 +01:00
Shane Kilkelly
826295167f
Mark Notification as read by key alone
2016-08-11 14:04:11 +01:00
Shane Kilkelly
3cec6affab
Test creating two invites at once
2016-08-10 15:24:09 +01:00
Shane Kilkelly
5351e79c7a
Test creating, listing and revoking invites as owner
2016-08-10 14:39:27 +01:00
Brian Gough
abcfb2dd16
Merge pull request #290 from sharelatex/enable-chktex
...
Enable chktex
2016-08-10 11:49:31 +01:00
Shane Kilkelly
0e0ccb41ff
cancel notification when accepting invite
2016-08-08 13:57:33 +01:00
Shane Kilkelly
110082390e
Test the _trySendInviteNotfification helper
2016-08-08 10:34:54 +01:00
Shane Kilkelly
eafd61a90e
Refresh members and invites in client when status changes
2016-08-05 14:01:08 +01:00
Shane Kilkelly
8f7603c324
Add an endpoint to access project members
2016-08-04 16:47:48 +01:00
Shane Kilkelly
a5ddcc3df7
Allow resending of invites
2016-08-03 15:42:19 +01:00
Shane Kilkelly
6ea690225f
Refactor view-invite to not use model calls.
2016-08-03 10:23:34 +01:00
Shane Kilkelly
5f8952450e
Test getInviteCount
2016-08-02 16:08:05 +01:00
Shane Kilkelly
3a3688d3d0
Include invites count in canAddXCollaborators
2016-08-02 15:42:50 +01:00
Henry Oswald
2ad0bab976
use underscore.each so it doesn’t blow up on non array.
2016-08-02 15:33:41 +01:00
Shane Kilkelly
abbd059eae
Refactor to existing addUserIdToProject
function
2016-08-02 13:51:00 +01:00
Shane Kilkelly
63f8fe453a
Use UserGetter rather than User model
2016-08-02 09:48:09 +01:00
Shane Kilkelly
dca1c9be5d
Load invites on project load, rather than asynchronously.
2016-08-01 17:05:37 +01:00
Shane Kilkelly
9787edd716
Add more assertions about project access
2016-08-01 15:55:56 +01:00
Shane Kilkelly
9e0ff3f628
test when the token is invalid
2016-08-01 15:21:06 +01:00
Shane Kilkelly
495bc1bcd3
Refactor
2016-08-01 15:16:10 +01:00
Shane Kilkelly
8af1a7b17a
Test login workflow
2016-08-01 15:16:03 +01:00
Shane Kilkelly
263822d665
Also parse out login url
2016-08-01 13:54:49 +01:00
Shane Kilkelly
5f1aa4cc58
test registration with invalid token
2016-08-01 13:30:43 +01:00
Shane Kilkelly
69bd954001
test the registration workflow
2016-08-01 12:14:34 +01:00
Shane Kilkelly
5159cdd0e9
Test when the user recieves second invite to project
2016-08-01 10:57:20 +01:00
Shane Kilkelly
545ce79c71
Test clicking the invite after already accepting
2016-08-01 10:14:08 +01:00
Shane Kilkelly
9c530e1bb6
rename test case
2016-08-01 10:04:42 +01:00
Shane Kilkelly
74c824edde
Test redirect to /register when user not logged in
2016-08-01 09:59:30 +01:00
Shane Kilkelly
7a8142a43c
remove extraneous body
parameter
2016-08-01 09:06:02 +01:00
Brian Gough
e99176c0d0
fix tests
2016-07-29 14:59:48 +01:00
Shane Kilkelly
39fc611964
Revoke invite after each test
2016-07-29 13:55:08 +01:00
Shane Kilkelly
e7c1f7f0fc
Refactor, deduplicate tests
2016-07-29 13:39:18 +01:00
Shane Kilkelly
f3a1f32bb1
Test the invalid-invite page
2016-07-29 11:54:08 +01:00
Shane Kilkelly
b33d4e103d
Test when the user does not accept the invite
2016-07-29 11:08:24 +01:00
Shane Kilkelly
f33d01f375
Test acceptance of invite
2016-07-29 11:04:07 +01:00
Shane Kilkelly
563247044b
Start testing the invite page
2016-07-29 09:52:55 +01:00
Shane Kilkelly
23c94c9599
get invite and link for test
2016-07-28 16:00:18 +01:00
Shane Kilkelly
7b18f88145
Merge branch 'master' into pr-email-tokens
2016-07-28 14:53:36 +01:00
Shane Kilkelly
748851b51e
start ProjectInvite acceptance test module
2016-07-28 14:53:22 +01:00
Shane Kilkelly
ed65e16e54
If user is member of project, redirect to project.
...
Leave invite in place to expire naturally.
2016-07-28 11:15:11 +01:00
Shane Kilkelly
62d544ccfc
Redirect to project if user is already member.
...
If invite is missing, and current user is already a member
of the project, then just redirect to the project page
2016-07-27 15:28:22 +01:00
Shane Kilkelly
e46901a21b
Send an empty keys array when there is no data
2016-07-26 14:23:00 +01:00
Shane Kilkelly
855cc28483
Finish adding project and owner details to the accept-invite page
2016-07-26 14:14:14 +01:00
Shane Kilkelly
367b138cae
fix failing tests
2016-07-26 12:09:58 +01:00
Shane Kilkelly
16dcbe2cd4
WIP: wire up share-modal frontend to invite system
2016-07-25 15:07:14 +01:00
Shane Kilkelly
73fed8b0bf
Add a getAllInvites
api endpoint
2016-07-25 11:17:47 +01:00
Shane Kilkelly
ccf684cf07
test acceptInvite
2016-07-25 10:19:20 +01:00
Shane Kilkelly
5438f39f9e
Start testing acceptInvite
2016-07-25 09:58:08 +01:00
Shane Kilkelly
78570817d5
Render a separate template if the invite is not found.
2016-07-22 16:28:00 +01:00
Shane Kilkelly
9e0c44573a
Remove expiresAt
, use mongo TTL instead.
2016-07-22 16:08:56 +01:00
Shane Kilkelly
b201f1a37a
Test getInviteByToken.
2016-07-22 14:21:34 +01:00
Shane Kilkelly
e34b124c73
Test revokeInvite
2016-07-22 13:33:21 +01:00
Shane Kilkelly
c9cfcddbe9
test error case for inviteToProject
2016-07-22 11:54:16 +01:00
Shane Kilkelly
f866bd03bc
Spy on the randomBytes function
2016-07-22 11:53:55 +01:00
Shane Kilkelly
9fba98cd45
Accept invite, and start testing the invite handler.
2016-07-22 11:38:00 +01:00
Shane Kilkelly
1139444790
add token to body of acceptInvite
action.
2016-07-22 09:27:00 +01:00
Shane Kilkelly
4db9d5a466
remove whatespace and comment
2016-07-21 13:34:20 +01:00
Shane Kilkelly
3311b43644
more tests for invite controller
2016-07-21 13:31:54 +01:00
Shane Kilkelly
23a9aadba5
start tests for invite controller
2016-07-21 10:08:22 +01:00
Shane Kilkelly
effc3727be
Don’t show upgrade prompts for users with custom subscription accounts.
...
Set `hasValidSubscription` to true if user subscription is custom.
2016-07-19 10:15:45 +01:00
Shane Kilkelly
dda0841af3
Return early if there are no keys to delete
2016-07-06 15:39:03 +01:00
Shane Kilkelly
fc6cf75ad5
Merge branch 'master' into sk-session-revocation
2016-07-06 13:19:15 +01:00
Shane Kilkelly
9f724d0a04
Add tests to check if users can access a restricted page.
2016-07-06 12:14:01 +01:00
Shane Kilkelly
0362fee60f
test the retain
option to revokeAllUserSessions
.
2016-07-05 15:32:32 +01:00
Shane Kilkelly
464866847f
Fix name of UserSessionsManager test module.
2016-07-05 15:14:29 +01:00
Shane Kilkelly
a1c662b9d8
Test session revocation on password change.
2016-07-05 14:55:08 +01:00
Shane Kilkelly
2caa80bbcb
acceptance test for logging in two sessions.
2016-07-05 14:21:38 +01:00
Shane Kilkelly
5b9903551a
add an array of session ids to retain.
2016-07-05 14:20:47 +01:00
Shane Kilkelly
6e282ab308
clear sessions on password reset
2016-07-05 14:19:59 +01:00
Shane Kilkelly
bec3d2ad42
start acceptance tests for sessions
2016-07-05 10:24:24 +01:00
Shane Kilkelly
df0a7bc547
test the _checkSessions
function.
2016-07-04 14:04:10 +01:00
Shane Kilkelly
699ba21032
test revokeAllUserSessions
2016-07-04 11:15:28 +01:00
Shane Kilkelly
dfcb47fb5c
test untrackSession
2016-07-04 10:56:13 +01:00
Shane Kilkelly
2ae2e6ed4f
Test trackSession
2016-07-04 10:37:01 +01:00
Shane Kilkelly
a869c99c60
Begin testing UserSessionsManager
.
2016-07-04 10:05:34 +01:00
Shane Kilkelly
0ac9b05d02
Add ip_address
and session_created
to the session user object.
2016-07-01 15:49:07 +01:00
Shane Kilkelly
f1653d01b7
Refactor method names in UserSessionsManager
2016-07-01 15:33:59 +01:00
Shane Kilkelly
ab26edb44b
Adjust UserController unit tests
2016-07-01 10:20:22 +01:00