Shane Kilkelly
eab77aba91
Abstract away the token-protection logic
2017-10-19 16:26:01 +01:00
Alasdair Smith
ebaa640c51
Fix log call signature
2017-10-19 16:02:40 +01:00
Alasdair Smith
6fd1d493e3
Also add logging for track changes
2017-10-19 15:47:12 +01:00
Alasdair Smith
4d4dba9677
Adds some onboarding logging to investigate potential bug
2017-10-19 15:31:19 +01:00
Shane Kilkelly
97706acbac
Fix indentation
2017-10-19 14:54:59 +01:00
Shane Kilkelly
5572a0e873
Merge branch 'sk-unlisted-projects' of github.com:sharelatex/web-sharelatex-internal into sk-unlisted-projects
2017-10-19 14:46:05 +01:00
Shane Kilkelly
d8717a06a2
Fix track-changes with token-access
2017-10-19 14:42:17 +01:00
John Lees-Miller
3383a057a1
Fix typo
...
(The typo came from my comment in Overleaf many years ago.)
2017-10-19 11:47:47 +01:00
Alasdair Smith
4cc517240c
Increase rollout to 3%
2017-10-19 10:54:21 +01:00
Brian Gough
05ee2a5244
Merge pull request #67 from sharelatex/bg-ignore-git-in-uploads
...
ignore .git directories in uploads
2017-10-18 13:11:46 +01:00
Brian Gough
5d116e8ce9
Merge pull request #65 from sharelatex/bg-fix-main-doc-selection
...
fix main doc selection (connects to overleaf/sharelatex#222 )
2017-10-18 13:11:10 +01:00
Brian Gough
d0f0268783
Merge pull request #57 from sharelatex/bg-handle-undefined-project-name-with-error
...
avoid exception in validateProjectName
2017-10-18 13:10:45 +01:00
Brian Gough
f8662d8aaa
Merge pull request #60 from sharelatex/bg-fix-unzip-permission
...
replace unzip with yauzl (connects to #219 )
2017-10-18 13:10:07 +01:00
Shane Kilkelly
7d2bde85ff
Add a setting to enable anonymous read-and-write link sharing
2017-10-18 13:04:37 +01:00
Brian Gough
290361dc72
ignore .gitignore files in uploads too
2017-10-17 16:49:51 +01:00
Brian Gough
277b9c5d50
ignore .git directories in uploads
2017-10-17 16:32:26 +01:00
Brian Gough
6001f14261
log each file unzipped
2017-10-17 16:31:56 +01:00
Brian Gough
76d73951f2
fix bug when unzipping directory
2017-10-17 16:31:35 +01:00
Brian Gough
56cb901b41
filter missing doc_ids from root doc_ids list
2017-10-17 15:49:02 +01:00
Brian Gough
f70ab03bd8
show an error if the main file cannot be found
...
also improve logic for detecting the main file, if there's only one file
it must be the main file.
2017-10-17 15:47:50 +01:00
Alasdair Smith
b0dc84748a
Fix to actual percentage
2017-10-17 15:44:15 +01:00
Alasdair Smith
6ff3a2de9f
Rollout autocompile to 1% of users and improve readability
2017-10-17 15:04:27 +01:00
Shane Kilkelly
9c247d5f59
On project list, only show projects once, with max access
2017-10-17 11:10:31 +01:00
Shane Kilkelly
855fe2e143
If user is project owner, don't add them as a token user
2017-10-16 16:44:20 +01:00
Brian Gough
4c78b5770c
use regex for directory check
2017-10-16 15:17:33 +01:00
Brian Gough
2bb7c6d4c6
remove child_process module from ArchiveManager
2017-10-16 14:21:28 +01:00
Brian Gough
96d08e41a7
update tests
2017-10-16 14:15:38 +01:00
Brian Gough
d6d76f132e
replace unzip with yauzl
2017-10-16 14:15:38 +01:00
Alasdair Smith
60c297eac8
Also prevent rollout to modulo 0 users
2017-10-16 13:40:09 +01:00
Shane Kilkelly
ad999a72b6
If a token-based project not found, check private overleaf project
2017-10-16 13:20:15 +01:00
Alasdair Smith
abb21ac96b
Fix autocompile rollout logic
2017-10-16 12:44:11 +01:00
Alasdair Smith
5d3371a52c
Merge pull request #38 from sharelatex/as-autocompile-rollout
...
Rollout for auto compile; Connects to #20
2017-10-16 10:48:43 +01:00
Alasdair Smith
625f52c248
Update cutoff date
2017-10-16 10:28:42 +01:00
Shane Kilkelly
490ccc6051
Add commentary to token-generator, and move token-alpha to top level
2017-10-13 11:37:38 +01:00
Shane Kilkelly
ac513a1355
Refactor to not pass req
down into Auth modules
2017-10-13 11:20:57 +01:00
Brian Gough
4ce639db70
Merge pull request #58 from sharelatex/bg-rate-limit-autocompile
...
fix two bugs in auto compile limit logic
2017-10-13 08:18:31 +01:00
Alasdair Smith
36e1fafb60
Set proportion to 0
2017-10-12 17:10:41 +01:00
James Allen
f0079bb7a4
Merge pull request #41 from sharelatex/ja-transfer-projects
...
Add method to transfer projects from one user_id to another
2017-10-12 16:27:00 +01:00
Brian Gough
fc3ecddd0e
fix two bugs in auto compile limit logic
...
1. the compileGroup is "standard" not default
2. was not excluding normal compiles from metrics
2017-10-12 16:18:14 +01:00
Brian Gough
8cf3288187
avoid exception in validateProjectName
2017-10-12 16:03:12 +01:00
Shane Kilkelly
dcf601fe80
Only show token-based projects if accessLevel is set to token-based
2017-10-12 15:47:29 +01:00
Shane Kilkelly
9a7c8c5842
Revert "Remove remaining traces of UserStub"
...
This reverts commit ab6b4c32254a20b940c489b8b5b56237433cc0f6.
2017-10-12 15:08:48 +01:00
Brian Gough
18370076a2
Merge pull request #45 from sharelatex/bg-auto-doc-flush
...
allow docupdater to flush docs in background (connects to overleaf/sharelatex#190 )
2017-10-12 14:48:16 +01:00
Shane Kilkelly
16416463c6
Update removeUserFromProject
to account for token-access
2017-10-12 11:49:02 +01:00
Shane Kilkelly
6feedf5520
Use crypto module for token generation
2017-10-12 11:36:45 +01:00
Shane Kilkelly
22c5f41fb6
Add logging for token generation
2017-10-12 11:25:16 +01:00
Shane Kilkelly
fe708fcc04
Generate all missing tokens
2017-10-12 11:19:26 +01:00
Shane Kilkelly
70b1e42e36
Add deprecation comment regarding legacy access-levels
2017-10-12 11:00:39 +01:00
Shane Kilkelly
6e09165452
Refactor auth sources
2017-10-12 10:57:11 +01:00
Brian Gough
45ed090326
Merge pull request #37 from sharelatex/bg-rate-limit-autocompile
...
rate limit autocompile (connects to #18 )
2017-10-12 09:25:59 +01:00
Brian Gough
c913ec69ef
Merge pull request #34 from sharelatex/bg-fix-double-callback-in-resources-check
...
fix double callback in resources check (connects to #18 )
2017-10-12 09:20:05 +01:00
Brian Gough
cf25ff058f
use new endpoint docupdater get_and_flush_if_old
2017-10-11 16:05:28 +01:00
Alasdair Smith
5047213c3c
Change rollout detection to account for changes in proportion preserving rolled out users
2017-10-11 14:47:39 +01:00
Hayden Faulds
f017a94b7e
remove unused HistoryManager
2017-10-11 11:18:20 +01:00
Hayden Faulds
4e0a159db4
Merge pull request #40 from sharelatex/hof-pathname-for-doc-store
...
return pathname from DocumentController.getDoc
2017-10-11 09:52:56 +01:00
Brian Gough
5b0d3d1429
simplify rate-limit checking code
2017-10-09 16:31:01 +01:00
Brian Gough
9eec245358
allow docupdater to flush docs in background
2017-10-09 14:17:28 +01:00
Shane Kilkelly
1a4ffe7708
Remove un-necessary call to getProject
from archiveProject
path
2017-10-09 11:30:55 +01:00
Shane Kilkelly
ad68adee9a
Add more commentary on the anonymous path
2017-10-09 11:13:55 +01:00
Shane Kilkelly
e73de3bfd4
Fix whitespace in function signature
2017-10-09 10:57:23 +01:00
Shane Kilkelly
732ce9417b
Don't create tokens on project by default
2017-10-09 10:25:20 +01:00
Shane Kilkelly
d386f79a76
Clean up
2017-10-06 16:10:33 +01:00
Shane Kilkelly
91abb6eed6
If project is not tokenBased, don't count members of token arrays
2017-10-06 15:57:22 +01:00
Shane Kilkelly
387854db7a
Fix an embarassing mistake, generate tokens dynamically, not once.
2017-10-06 13:24:10 +01:00
James Allen
3c54419eb3
Remove commented debug code
2017-10-05 16:12:26 +01:00
James Allen
9c1faa4395
Add method to transfer projects from one user_id to another
2017-10-05 14:26:34 +01:00
Shane Kilkelly
bb0dad3353
Safe access to potentially-null project
2017-10-05 14:19:21 +01:00
Shane Kilkelly
b8d90a1a99
Show token-access projects on the dashboard
2017-10-05 13:20:06 +01:00
Shane Kilkelly
e4e558c0e6
Hide access tokens if user is not the project owner.
...
This prevents sneaky read-only users from sniffing out the read-write
link via the browser console.
2017-10-05 13:18:30 +01:00
Shane Kilkelly
6482cd7dd8
Generate tokens on old projects if they're not present
2017-10-04 16:31:24 +01:00
Alasdair Smith
8366ea271f
Restrict autocompile onboarding to users in rollout (factor of 100)
2017-10-03 17:08:19 +01:00
Brian Gough
d14723f24a
add rate limits for autocompiles
...
global rate limit for all users and a lower rate limit for free users
2017-10-03 16:16:21 +01:00
Shane Kilkelly
b6c2a8f7f7
Tidy up callbacks
2017-10-03 14:14:22 +01:00
Shane Kilkelly
7b33f8b4c2
Unit test TokenAccessController
2017-10-03 14:04:59 +01:00
Alasdair Smith
91e0397bf5
Update signup date check to today
2017-10-03 10:48:59 +01:00
Shane Kilkelly
ede497f4b3
Unit test TokenAccessHandler
2017-10-03 10:02:26 +01:00
Brian Gough
bd005d7bb6
fix double callback in precompile resources check
2017-10-02 10:14:52 +01:00
Shane Kilkelly
9f24f696a5
Use custom header, send anonToken in payload to joinProject
2017-09-29 16:32:07 +01:00
Shane Kilkelly
34d4d1360f
Anon read-token: add an Authorization header to $http
2017-09-29 15:54:55 +01:00
Hayden Faulds
bf1c24f6f9
return pathname from DocumentController.getDoc
2017-09-29 15:37:10 +01:00
Shane Kilkelly
9810f63245
Render editor for token access, stub out ui changes
2017-09-28 16:06:08 +01:00
Alasdair Smith
3e2388a7de
Don't show autocompile for users signed up after release date
2017-09-28 13:57:15 +01:00
Alasdair Smith
f2c0bf5515
First pass at getting onboarding shown event from analytics
2017-09-28 13:04:18 +01:00
Alasdair Smith
afff8ddf29
Pass (dummy) autocompile onboarding
2017-09-28 11:13:49 +01:00
Shane Kilkelly
4552f3be67
Move the getPublicAccessLevel
helper to top-level of module
2017-09-28 10:53:35 +01:00
Shane Kilkelly
27dcf6c4c5
Fix a typo causing double-callbacks
2017-09-28 10:37:57 +01:00
Shane Kilkelly
574b115022
Working token-based access
2017-09-27 14:01:52 +01:00
Brian Gough
13628f82ec
Merge pull request #17 from sharelatex/bg-lock-compiles
...
show error for compile in progress
2017-09-27 13:54:16 +01:00
Hayden Faulds
4adf88ca01
handle OL or SL ids in UserInfoController.getPersonalInfo
2017-09-26 11:40:05 +01:00
Hayden Faulds
2c0e9bb89a
return overleaf details from ProejctsDetailsHandler.getdetails
2017-09-26 10:19:30 +01:00
Brian Gough
0f855689a7
show error for compile in progress
2017-09-26 08:07:35 +01:00
Shane Kilkelly
ee32648bf4
Order privileges by highest-to-lowest
2017-09-22 15:55:38 +01:00
Shane Kilkelly
81170d472d
Add token-access routes
2017-09-22 14:54:35 +01:00
Shane Kilkelly
95292a2e55
Add unique index to token properties
2017-09-21 15:06:42 +01:00
Shane Kilkelly
441c207953
Generate tokens by default
2017-09-21 15:04:15 +01:00
Shane Kilkelly
abe41b6948
Fix projection in project query
2017-09-21 13:37:10 +01:00
Shane Kilkelly
863d327743
Change logic to exclude token users
2017-09-21 11:02:55 +01:00
Shane Kilkelly
931ba56e33
Add an 'owner' source tag, for the project owner
2017-09-21 09:35:25 +01:00
Shane Kilkelly
ef7e1ceabf
Rename functions to make distinction between invited/token members
2017-09-21 09:30:38 +01:00
Shane Kilkelly
91ec0da239
Use the invitedMembers function for sending tpds updates
2017-09-20 15:48:20 +01:00
Shane Kilkelly
574baf386e
Alter getProjectsUserIsMemberOf
to include token-access projects.
...
Also change the api to produce an object with the different project lists
attached, rather than a pair of lists.
2017-09-20 15:26:03 +01:00
Shane Kilkelly
ceb7c509d0
Rename getProjectsUserIsCollaboratorOf
to ...IsMemberOf
...
This brings the naming more in line with current conventions.
2017-09-20 13:16:50 +01:00
Shane Kilkelly
069f49d5a6
Change getCollaboratorCount
to getInvitedCollaboratorCount
.
...
And update the one call-site in LimitationsManager. This function
is used to limit invites, so it makes sense to explicitely limit
this to Invited members of the project.
2017-09-20 10:29:47 +01:00
Shane Kilkelly
8460160076
Add a getInvitedMembersWithPrivilegeLevels
function.
...
Then use it to build the loadProject view-model.
2017-09-20 10:02:43 +01:00
Shane Kilkelly
cf54989e6a
Add a getInvitedMemberIds
function
...
Limited to only members who were invited to the project, not users
who have access via a token.
2017-09-20 09:36:56 +01:00
Shane Kilkelly
fc202439ab
Read-only privelege for anonymous access
2017-09-20 09:36:06 +01:00
Shane Kilkelly
06966f67db
Differentiate project members by source, include token members
2017-09-20 09:35:19 +01:00
Shane Kilkelly
a06f4b6b28
Remove remaining traces of UserStub
2017-09-19 16:16:39 +01:00
Shane Kilkelly
7919d5342b
Remove obsolete add-email-to-project workflow
2017-09-19 15:57:19 +01:00
Shane Kilkelly
c87df7be79
Add token-access user refs to Project
2017-09-19 09:27:22 +01:00
Shane Kilkelly
8fece2d5f0
Add tokenBased
access level
2017-09-18 10:58:13 +01:00
Shane Kilkelly
2011432120
Add tokens property to Project model
2017-09-18 10:27:28 +01:00
James Allen
adf211a226
Merge pull request #594 from sharelatex/ja-include-token-in-project-schema
...
Include OL tokens in project schema
2017-09-15 11:41:24 +02:00
Brian Gough
9f9c15f6f5
Merge pull request #599 from sharelatex/bg-reset-project-state
...
clear docupdater project state in deleteAuxFiles
2017-09-15 09:09:29 +01:00
Brian Gough
28a80cf23d
Merge pull request #604 from sharelatex/bg-fix-root-doc-in-incremental-compile
...
fix root doc in incremental compile
2017-09-13 13:47:22 +01:00
Tim Alby
a04adbf132
remove extra security headers
2017-09-13 11:53:11 +02:00
Brian Gough
51eb94a493
handle incremental compile without root doc
2017-09-13 10:10:44 +01:00
Brian Gough
0e87b8950e
update clearProjectState endpoint
2017-09-12 11:40:00 +01:00
Tim Alby
d6834ff417
add security headers using Helmet
...
- use all Helmet's default headers except `X-DNS-Prefetch-Control`
- use `Referrer-Policy`
- use cache headers when:
- a user is logged in, OR
- a project is displayed
2017-09-12 11:17:59 +02:00
Brian Gough
5430c8a3c2
Merge pull request #593 from sharelatex/bg-fix-inactive-projects-request
...
avoid error when passing as limit in mongo query
2017-09-11 08:16:28 +01:00
Brian Gough
6d73c48c36
Merge pull request #596 from sharelatex/bg-suppress-incremental-compile-after-errors
...
suppress incremental compile after errors
2017-09-11 08:15:50 +01:00
Brian Gough
2b4c8bd846
clear docupdater project state in deleteAuxFiles
2017-09-08 15:57:29 +01:00
Brian Gough
e8435e3eae
make condition clearer for incremental compile
2017-09-08 13:39:24 +01:00
Brian Gough
03a5ff2e43
skip incremental compile after docupdater error
2017-09-07 15:06:09 +01:00
Shane Kilkelly
586d1f1599
Merge pull request #531 from sharelatex/sk-allow-explicit-ses-email-config
...
Instantiate the ses client if explicitly specified.
2017-09-07 10:21:01 +01:00
Brian Gough
3ac0e97a14
avoid error when passing as limit in mongo query
...
convert request parameter from string to number
2017-09-05 12:33:13 +01:00
Brian Gough
e2368615e2
Merge pull request #589 from sharelatex/bg-check-options-for-incremental-compile
...
include the options in the project state hash
2017-09-05 11:53:17 +01:00
Brian Gough
2e6c578dd7
add ol-style.css to fingerprint list
2017-09-05 10:54:26 +01:00
James Allen
39320c20b8
Include OL tokens in project schema
2017-09-05 10:50:39 +02:00
Brian Gough
d9557fcbf5
include the options in the project state hash
2017-09-01 16:36:51 +01:00
Shane Kilkelly
3d0268a486
Add other required properties for project load.
2017-09-01 11:36:23 +01:00
Shane Kilkelly
68f860b28d
Load user features alongside id and email.
...
Fixes a bug where project features were not applied properly,
and instead fell back to the free-account defaults.
2017-09-01 11:16:45 +01:00
James Allen
9c4dc40abf
Merge pull request #583 from sharelatex/ja-import-projects
...
Add in UserStub model and support in collaborators view
2017-08-29 16:06:00 +02:00
James Allen
a58a715fad
Merge pull request #570 from sharelatex/ho-null-check-redis-sessions
...
Ho null check redis sessions
2017-08-29 15:44:22 +02:00
James Allen
8d268e9d42
Merge pull request #580 from sharelatex/ja-import-collaborators
...
Add in UserStub model and support in collaborators view
2017-08-29 15:43:54 +02:00
James Allen
ba43e45f85
Merge pull request #578 from sharelatex/ja-import-projects
...
Update Project schema for overleaf imports
2017-08-29 15:43:39 +02:00
James Allen
bb6ca9ba51
Update Project schema
2017-08-29 15:21:05 +02:00
Brian Gough
f9d1650c6a
Merge pull request #569 from sharelatex/bg-compile-from-redis
...
compile from redis
2017-08-25 09:09:52 +01:00
James Allen
d5839437fd
Add in UserStub model and support in collaborators view
2017-08-24 17:48:47 +02:00
James Allen
b4254f06ef
Update Project schema for overleaf imports
2017-08-21 17:49:08 +02:00
Brian Gough
90ff58b820
compute project state hash from sorted docs/files
2017-08-16 10:49:29 +01:00
Brian Gough
739445336f
remove unused code and fix flushing
2017-08-15 16:00:00 +01:00
Brian Gough
4789dd23ee
docupdater will parse lines in getProjectDocs
...
no need to do this in web now
2017-08-11 16:57:23 +01:00
James Allen
1f326f7990
Merge pull request #575 from sharelatex/ja-overleaf-oauth
...
Allow OAuth based log-ins from Overleaf
2017-08-10 10:28:41 +02:00
Brian Gough
e2048e1ed5
use incrementalCompilesEnabled as option name
2017-08-09 16:25:57 +01:00
Brian Gough
836bddd91f
comment about 409 code in DocumentUpdaterHandler
2017-08-09 16:00:11 +01:00
Brian Gough
ddecd26718
flush documents to mongo on incremental compiles
2017-08-09 15:47:44 +01:00
James Allen
7538c8834f
Merge branch 'master' into ja-per-user-track-changes
2017-08-09 14:05:36 +02:00
James Allen
a0a45ee654
Update date
2017-08-09 14:02:40 +02:00
Brian Gough
7eb1c01994
add metrics for incremental compiles
2017-08-09 11:41:09 +01:00