Shane Kilkelly
6e09165452
Refactor auth sources
2017-10-12 10:57:11 +01:00
Shane Kilkelly
1a4ffe7708
Remove un-necessary call to getProject
from archiveProject
path
2017-10-09 11:30:55 +01:00
Shane Kilkelly
ad68adee9a
Add more commentary on the anonymous path
2017-10-09 11:13:55 +01:00
Shane Kilkelly
e73de3bfd4
Fix whitespace in function signature
2017-10-09 10:57:23 +01:00
Shane Kilkelly
732ce9417b
Don't create tokens on project by default
2017-10-09 10:25:20 +01:00
Shane Kilkelly
d386f79a76
Clean up
2017-10-06 16:10:33 +01:00
Shane Kilkelly
91abb6eed6
If project is not tokenBased, don't count members of token arrays
2017-10-06 15:57:22 +01:00
Shane Kilkelly
387854db7a
Fix an embarassing mistake, generate tokens dynamically, not once.
2017-10-06 13:24:10 +01:00
Shane Kilkelly
bb0dad3353
Safe access to potentially-null project
2017-10-05 14:19:21 +01:00
Shane Kilkelly
b8d90a1a99
Show token-access projects on the dashboard
2017-10-05 13:20:06 +01:00
Shane Kilkelly
e4e558c0e6
Hide access tokens if user is not the project owner.
...
This prevents sneaky read-only users from sniffing out the read-write
link via the browser console.
2017-10-05 13:18:30 +01:00
Shane Kilkelly
6482cd7dd8
Generate tokens on old projects if they're not present
2017-10-04 16:31:24 +01:00
Shane Kilkelly
b6c2a8f7f7
Tidy up callbacks
2017-10-03 14:14:22 +01:00
Shane Kilkelly
7b33f8b4c2
Unit test TokenAccessController
2017-10-03 14:04:59 +01:00
Shane Kilkelly
ede497f4b3
Unit test TokenAccessHandler
2017-10-03 10:02:26 +01:00
Shane Kilkelly
9f24f696a5
Use custom header, send anonToken in payload to joinProject
2017-09-29 16:32:07 +01:00
Shane Kilkelly
34d4d1360f
Anon read-token: add an Authorization header to $http
2017-09-29 15:54:55 +01:00
Shane Kilkelly
9810f63245
Render editor for token access, stub out ui changes
2017-09-28 16:06:08 +01:00
Shane Kilkelly
4552f3be67
Move the getPublicAccessLevel
helper to top-level of module
2017-09-28 10:53:35 +01:00
Shane Kilkelly
27dcf6c4c5
Fix a typo causing double-callbacks
2017-09-28 10:37:57 +01:00
Shane Kilkelly
574b115022
Working token-based access
2017-09-27 14:01:52 +01:00
Shane Kilkelly
ee32648bf4
Order privileges by highest-to-lowest
2017-09-22 15:55:38 +01:00
Shane Kilkelly
81170d472d
Add token-access routes
2017-09-22 14:54:35 +01:00
Shane Kilkelly
95292a2e55
Add unique index to token properties
2017-09-21 15:06:42 +01:00
Shane Kilkelly
441c207953
Generate tokens by default
2017-09-21 15:04:15 +01:00
Shane Kilkelly
abe41b6948
Fix projection in project query
2017-09-21 13:37:10 +01:00
Shane Kilkelly
863d327743
Change logic to exclude token users
2017-09-21 11:02:55 +01:00
Shane Kilkelly
931ba56e33
Add an 'owner' source tag, for the project owner
2017-09-21 09:35:25 +01:00
Shane Kilkelly
ef7e1ceabf
Rename functions to make distinction between invited/token members
2017-09-21 09:30:38 +01:00
Shane Kilkelly
91ec0da239
Use the invitedMembers function for sending tpds updates
2017-09-20 15:48:20 +01:00
Shane Kilkelly
574baf386e
Alter getProjectsUserIsMemberOf
to include token-access projects.
...
Also change the api to produce an object with the different project lists
attached, rather than a pair of lists.
2017-09-20 15:26:03 +01:00
Shane Kilkelly
ceb7c509d0
Rename getProjectsUserIsCollaboratorOf
to ...IsMemberOf
...
This brings the naming more in line with current conventions.
2017-09-20 13:16:50 +01:00
Shane Kilkelly
069f49d5a6
Change getCollaboratorCount
to getInvitedCollaboratorCount
.
...
And update the one call-site in LimitationsManager. This function
is used to limit invites, so it makes sense to explicitely limit
this to Invited members of the project.
2017-09-20 10:29:47 +01:00
Shane Kilkelly
8460160076
Add a getInvitedMembersWithPrivilegeLevels
function.
...
Then use it to build the loadProject view-model.
2017-09-20 10:02:43 +01:00
Shane Kilkelly
cf54989e6a
Add a getInvitedMemberIds
function
...
Limited to only members who were invited to the project, not users
who have access via a token.
2017-09-20 09:36:56 +01:00
Shane Kilkelly
fc202439ab
Read-only privelege for anonymous access
2017-09-20 09:36:06 +01:00
Shane Kilkelly
06966f67db
Differentiate project members by source, include token members
2017-09-20 09:35:19 +01:00
Shane Kilkelly
a06f4b6b28
Remove remaining traces of UserStub
2017-09-19 16:16:39 +01:00
Shane Kilkelly
7919d5342b
Remove obsolete add-email-to-project workflow
2017-09-19 15:57:19 +01:00
Shane Kilkelly
c87df7be79
Add token-access user refs to Project
2017-09-19 09:27:22 +01:00
Shane Kilkelly
8fece2d5f0
Add tokenBased
access level
2017-09-18 10:58:13 +01:00
Shane Kilkelly
2011432120
Add tokens property to Project model
2017-09-18 10:27:28 +01:00
James Allen
adf211a226
Merge pull request #594 from sharelatex/ja-include-token-in-project-schema
...
Include OL tokens in project schema
2017-09-15 11:41:24 +02:00
Brian Gough
9f9c15f6f5
Merge pull request #599 from sharelatex/bg-reset-project-state
...
clear docupdater project state in deleteAuxFiles
2017-09-15 09:09:29 +01:00
Brian Gough
28a80cf23d
Merge pull request #604 from sharelatex/bg-fix-root-doc-in-incremental-compile
...
fix root doc in incremental compile
2017-09-13 13:47:22 +01:00
Tim Alby
a04adbf132
remove extra security headers
2017-09-13 11:53:11 +02:00
Brian Gough
51eb94a493
handle incremental compile without root doc
2017-09-13 10:10:44 +01:00
Brian Gough
0e87b8950e
update clearProjectState endpoint
2017-09-12 11:40:00 +01:00
Tim Alby
d6834ff417
add security headers using Helmet
...
- use all Helmet's default headers except `X-DNS-Prefetch-Control`
- use `Referrer-Policy`
- use cache headers when:
- a user is logged in, OR
- a project is displayed
2017-09-12 11:17:59 +02:00
Brian Gough
5430c8a3c2
Merge pull request #593 from sharelatex/bg-fix-inactive-projects-request
...
avoid error when passing as limit in mongo query
2017-09-11 08:16:28 +01:00