Commit graph

1511 commits

Author SHA1 Message Date
Simon Detheridge
6fc6c44605 Don't add old v1 features for new accounts
Introduces the notion of v1 'grandfathered features', specifically Gihub and Mendeley integration. This allows us to create new v1 accounts for new users without them automatically getting the new features.

Requires a settings change in `settings.web.sl.coffee` to disable these features by default for v1 accounts.

bug: overleaf/sharelatex#1014
2018-10-16 09:45:16 +01:00
Simon Detheridge
ec9c38df57 Revert "Don't add old v1 features for new accounts" 2018-10-15 17:46:48 +01:00
Simon Detheridge
85f097343f Merge pull request #1022 from sharelatex/spd-no-github-for-new-users
Don't add old v1 features for new accounts
2018-10-15 15:28:34 +01:00
Tim Alby
e646c5c42a refactor to use config file 2018-10-15 14:46:38 +02:00
Simon Detheridge
48995d2d44 Don't add old v1 features for new accounts
Introduces the notion of v1 'grandfathered features', specifically Gihub and Mendeley integration. This allows us to create new v1 accounts for new users without them automatically getting the new features.

Requires a settings change in `settings.web.sl.coffee` to disable these features by default for v1 accounts.

bug: overleaf/sharelatex#1014
2018-10-12 17:45:57 +01:00
Simon Detheridge
ea2782ff22 Merge pull request #1005 from sharelatex/spd-no-more-asterisks
Sanitize paths in all relevant ProjectEntityHandler methods
2018-10-10 10:44:13 +01:00
Tim Alby
48e5c6b523 add UserMembership logic 2018-10-09 12:09:11 +01:00
Brian Gough
a68bde819d Merge pull request #1004 from sharelatex/ta-test-mock-fix
Fix Test Mock
2018-10-09 10:35:50 +01:00
Simon Detheridge
56dcbefb5b Check for safe paths in all ProjectEntityHandler methods
Some import mechanisms (for example, Github project import) call methods such as 'upsert*' directly, bypassing existing filename checks.

Added checks to all methods in ProjectEntityHandler that can create or rename a file.

bug: overleaf/sharelatex#908
Signed-off-by: Simon Detheridge <s@sd.ai>
2018-10-08 15:31:04 +01:00
Simon Detheridge
e66210d2af Add method to sanitize full paths
For convenience, add a method to SafePath to break a path into components and verify the status of each one.

bug: overleaf/sharelatex#908
Signed-off-by: Simon Detheridge <s@sd.ai>
2018-10-08 14:48:17 +01:00
Alasdair Smith
e129172553 Fix ordering of boolean check to be more readable 2018-10-08 11:25:24 +01:00
Alasdair Smith
1ef947b1fe Fix tests after refactoring register validation 2018-10-08 10:44:25 +01:00
Hugh O'Brien
cc962c3e6f Merge pull request #978 from sharelatex/hb-use-exports-for-pdf-from-publish-modal
Generic Zip or Pdf Exports endpoint
2018-10-08 10:13:18 +01:00
Tim Alby
c00a0a435d remove console.log in tests 2018-10-05 16:24:28 +01:00
Tim Alby
7b4b75b51a fix incorrect or missing test mocks 2018-10-05 16:24:05 +01:00
Shane Kilkelly
70b56d0362 Fix up acceptance tests 2018-10-04 15:05:40 +01:00
Shane Kilkelly
2ef23194df WIP: trying to get acceptance tests to pass 2018-10-04 15:05:40 +01:00
Shane Kilkelly
f9ed367148 Move the auth mechanism for sudo-mode into SudoModeHandler 2018-10-04 15:05:40 +01:00
Ersun Warncke
752658f773 Merge pull request #990 from sharelatex/ew-use-v1-doc-info-api
Use v1 Doc Info API for Token Access
2018-10-03 09:22:41 -04:00
Timothée Alby
c74c782cee Merge pull request #961 from sharelatex/ta-account-sync-affiliations
Add getInstitutionsPlan Function
2018-10-03 14:19:56 +01:00
Brian Gough
2b738907aa Merge pull request #989 from sharelatex/bg-clean-up-broken-project-on-error
clean up broken project on error in ProjectDuplicator
2018-10-03 10:04:30 +01:00
Ersun Warncke
642b45d0d6 use v1 doc info api 2018-10-02 11:16:46 -04:00
Brian Gough
4621234220 clean up broken project on error in ProjectDuplicator 2018-10-02 12:14:22 +01:00
Alasdair Smith
1330c8da73 Also check if v1 project exported if not found for read-only tokens 2018-09-28 11:47:14 +01:00
Alasdair Smith
435fe11115 Check if v1 project was exported if not found
This prevents a redirect loop for projects which were exported but then
deleted on v2. v2 would not find the project, redirect to v1, which
would find that it was exported and redirect back to v2.
2018-09-28 11:47:14 +01:00
Brian Gough
6d5908f2f4 Merge pull request #893 from sharelatex/ja-fix-duplicate-text-in-email
Don't include the license name twice in invite emails
2018-09-28 11:15:40 +01:00
Brian Gough
1f6abd4e69 fix invalid project names when opening templates 2018-09-28 10:38:25 +01:00
Brian Gough
6b80d3563d add support for creating unique project names 2018-09-28 09:48:15 +01:00
hugh-obrien
52859cdfaa make the zip fetching endpoint for exports generic to either zips or pdfs 2018-09-27 16:11:11 +01:00
Alasdair Smith
4f2c91a59a Add new redirect option to auth with v1, which will urlencode the query string
This is necessary for the GET /docs endpoint, which can be used to send
urls as part of query parameters. If these are not encoded before
redirecting, they can become corrupted.
2018-09-27 12:19:16 +01:00
Ersun Warncke
a23f0a3d15 fix test failure from merge 2018-09-25 08:54:01 -04:00
Ersun Warncke
7b90fcb186 Merge pull request #969 from sharelatex/ew-check-doc-token-access
check access for doc on read only token
2018-09-25 08:35:56 -04:00
Ersun Warncke
eeed857dd9 change api path 2018-09-25 06:45:27 -04:00
Ersun Warncke
f0c0834b0f only do v1 access check when api config present 2018-09-25 05:42:04 -04:00
James Allen
e2f90ba01a Merge pull request #966 from sharelatex/as-no-project-token-based
Redirect logged out users to v1 if project is not found from token based url
2018-09-25 10:25:30 +01:00
Alasdair Smith
298ee2dbb4 Fix v1 return to path 2018-09-25 10:06:24 +01:00
Alasdair Smith
da16e8d01f Add acceptance test for unimported read only token 2018-09-25 09:43:39 +01:00
Alasdair Smith
ca895ae1b1 Redirect to v1 via sign in link 2018-09-25 09:37:22 +01:00
Brian Gough
89ba3912c0 Merge pull request #964 from sharelatex/csh-issue-963-MultipleProjectDownloads
Replace ShareLaTeX with Overleaf in name of multiple project download file
2018-09-25 09:33:53 +01:00
Brian Gough
5947294016 Merge branch 'bg-support-main-file-for-templates' 2018-09-25 09:32:14 +01:00
Brian Gough
0d4143205d strip quotes from mainFile 2018-09-25 09:05:49 +01:00
Ersun Warncke
f89e85231a check access for doc on read only token 2018-09-24 18:03:28 -04:00
Alasdair Smith
d6350c963e Remove projectExists flag from higher access check
Now that find project by read and read/write token methods check whether
the project exists, it is not neccessary to check whether the project
exists in the higher access check. Therefore it has been removed
2018-09-24 19:00:10 +01:00
Alasdair Smith
99dec02266 If no project found for read/write token, redirect to v1 2018-09-24 19:00:10 +01:00
Alasdair Smith
237810509a If no project found for read token, redirect to v1 2018-09-24 19:00:10 +01:00
Christopher Hoskin
5c35cc9593 Replace ShareLaTeX with Overleaf in name of multiple project download file (Closes: #963) 2018-09-24 16:33:54 +01:00
Brian Gough
418bc10a18 allow getting doc paths by project id 2018-09-24 16:04:23 +01:00
Brian Gough
5954e45016 add missing require 2018-09-24 15:44:09 +01:00
Brian Gough
2692090f3f support a mainFile parameter for templates 2018-09-24 15:27:16 +01:00
Tim Alby
51c5228288 add getInstitutionsPlan function 2018-09-24 13:16:31 +01:00