* add acceptance tests for bad urls
* fix 500 from health check when smoke test userId is undefined
* handle exception from invalid urls in ExpressLocals middleware
* Add return statement before `next()`
* Cleaned up list of crash_test_urls.txt
* Return 400 instead of 404 on parsing errors
---------
Co-authored-by: mserranom <mserranom@gmail.com>
GitOrigin-RevId: dac35b07d1f12bd9ceb70e3064ec2ef8393f99b5
* Tidy up review panel components
* Add ReviewPanel providers
* [web] new design for review panel track change (#19544)
* [web] new design for review panel track change
* fixed mini view
* mini icon style change
* fix icon size
* format date
* useRangesUserContext hook
* remove useRangesUserContext hook
* using full class names
* fix action icons hover
* change wording for tooltips
* added ReviewPanelChangeUser component
* Update header in new review panel
* Extract ReviewPanelTrackChangesMenuButton as a separate component
* Remove wrapper div
* Replace h2 with div for review panel label
* Rename ReviewPanelTools to ReviewPanelHeader
* Rename trackChangesExpanded -> trackChangesMenuExpanded
* Dont break memoisation of ReviewPanelTrackChangesMenuButton
* Fix the width of the track changes arrow icon
* Update how prop types are declared
* Remove new empty state from old review panel
* Add empty state to new review panel
* Add project members and owner to ChangesUsers context (#19624)
---------
Co-authored-by: Alf Eaton <alf.eaton@overleaf.com>
* Redesign comment entry in review panel (#19678)
* Redesign comment entry in review panel
* ReviewPanelCommentOptions component
* remove unused prop
* Tidying
* Add conditional import
* Optional changeManager
* Add more split test compatibility
* More split test compatibility
* Fixes
* Improve overview scrolling
* Fix overview scrolling
* Fix & simplify track changes toggle
* Fix overview scrolling
* Fix current file container
* ExpandableContent component for messages in review panel (#19738)
* ExpandableContent component for messages in review panel
* remove isExpanded dependancy
* Delete comment option for new review panel (#19772)
* Delete comment option for new review panel
* dont show thread warning if there are no replies
* fix hasReplies issue
* Implement initial collapsing overview files
* Fix positioning of overview panel
* Small styling changes
* Add count of unresolved comments and tracked chanegs
* More style adjustments
* Move review-panel-overview styles into css file
* Remove unused var
---------
Co-authored-by: Domagoj Kriskovic <dom.kriskovic@overleaf.com>
Co-authored-by: David Powell <david.powell@overleaf.com>
Co-authored-by: David <33458145+davidmcpowell@users.noreply.github.com>
GitOrigin-RevId: e67463443d541f88445a86eed5e2b6ec6040f9c7
* Move `/api/institutions/confirm_university_domain` to institutions module
* Move `confirmDomain` to institutions module
* Move `/api/clsi/compile/*` endpoints to `publish-modal` module
* Move ApiClsiTests to publish-modal module
* Revert move of MockClsiApi. It's still needed in the main acceptance tests
GitOrigin-RevId: b59c2921e03b94546d72d21e60a688eb1ae1d05e
* open visual code if user havent used latex before
* test tooltip on code editor switch
* firstTimeLoadedEditor
* track editor.codeEditorOpened value
* lastEditorLoadedDate
* odc data loaded from mongo
* fix a typo
* use tutorial to check if it was dissmised
* use getInactiveTutorials fn
* fix test
* check if code editor was opened
* added translations
* pass classname to tooltip
* use signUpDate instead of lastEditorLoadedDate
* refactor visual fallback value
* use tutorial completed data only for tooltip
* set lastUsedMode in odc form
* safer usedLatex check
* getOnboardingDataValue helper function
* move tooltip to a separate component
* move classname to tooltipProps
* usedLatex in meta tag
* codeEdtiorOpened fallback value
* fix release date year
* fix 24 hours criteria for showing the tooltip
* fix tests
* hide tooltip when code editor is opened
* remove setting lastUsedMode in ODC form
* remove empty comment
* change date for checking signUpDate
* fix linting error
GitOrigin-RevId: 0a57ba3f4717492d4546633571117f667d3a05f8
* Promisify `AuthenticationController.doPassportLogin`
* Update tests `AuthenticationController.doPassportLogin`
* Add test on error handling for `AuthenticationController.doPassportLogin`
* Add test on error handling for `V1LoginController.doLogin`
* Extract error handling to `getErrorObject` function
* Simplify code
* Add `Metrics` calls
* Add `password is too long` in AuthenticationController
* Make `info` object consistent with the rest of the codebase
* Move error handling to `AuthenticationManager.handleAuthenticateErrors`
* Move `handleAuthenticateErrors` to other file
I moved this solely because I didn't manage to test it otherwise
* Update tests
* Remove `preDoPassportLogin` hook call
* Remove test on `preDoPassportLogin`
* Use try/catch block instead of `.catch()`
* Revert "Use try/catch block instead of `.catch()`"
This reverts commit 3475afa93ce4af7ad55c91bfc1d7ad3317600ea5.
* Replace `.catch` by `try/catch`
GitOrigin-RevId: 3fba65c30a2c5fc6e5abcd5b83c52801852ed462
* Replace `LoginRateLimiter.processLoginRequest` call by use of `RateLimiterMiddleware`
* Lowercase the email to avoid rate-limit bypass
* Remove unit test "when the users rate limit"
* Use `EmailHelper.parseEmail` to normalize email in `processLoginRequest`
This should address the `trim()` bypass
* Use `.trim().toLowerCase()` instead of `EmailHelper.parseEmail`
We can't use `EmailHelper.parseEmail`, else it breaks the test (and feature): "with username that does not look like an email"
* Add acceptance test for rate limit
* Add comment on rate limits
* Rename `rateLimiter` to `rateLimiterLoginEmail` for clarity
* Make the login rate limits configurable from the settings
GitOrigin-RevId: cf1c3a416745f2b007c85014a5084570d4a049a7
Link sharing changes events fixes for collaborator sharing-updates prompt and project open event
GitOrigin-RevId: 45449f0dd27e07de189a9c2620b0aa9a8849dc41
Allow checking permissions for all users on a project and rename checkPermissions -> AssertPermissions
GitOrigin-RevId: 511356cf2fe68367e284347e68e59f6116bd0f80
Implement link sharing warning events by reusing the StartFreeTrial paywall button component from the original modal
GitOrigin-RevId: 9c16407ad8a7b5afc9b5b13be1491ef903ae74a3
* Add getEditInviteCount to count only edit collaborators
* Add getInvitedEditCollaboratorCount to count joined editors
* Add canAddXEditCollaborators to determine if owner can add more editors
* Update setCollaboratorInfo to check if editor slots are available
GitOrigin-RevId: a88707f102dfbde39322f5a7bbc79d47b6e810d5
* Add helpers for checking and removing user readwrite token membership
* Add sharing-updates page and handlers
* Redirect read write token members to sharing-updates on project load
GitOrigin-RevId: d552a2cd74a9843c6103923b03f137131a48877a
* add RestoreFileOrigin in overleaf-editor-core
* support source to be an object
* use sourceOrOrigin as param
* rename to originOrSource so the priority is more clear
* get timestamp from version
* fix test
* include version and min_count in getUpdatesFromHistory
* extractOriginOrSource util function
* fix RestoreManagerTests
GitOrigin-RevId: 0ace05a6ade2794c753a9d0bffb4f858ecc6899a
* Promisify LdapController
* Update tests LdapControllerTests.js
* Promisify `AuthenticationController.finishLogin`
* Simplify null checks in LdapController
* Fix: don't use spread operator in module.exports
* Make `AuthenticationController.promises.finishLogin` a promise that resolves
* Fixup: `finishLogin` does not call `next` then the promise finishes, it calls it only on errors
* Use `Modules.promises.hooks.fire`
* Revert `processPassportLogin` callback style
* Update error handling: Use `OError.tag` instead of `logger.err`
* Fix unit tests: Rely on callbacks rather than promises
* Fix: Actually call `passport.authenticate` (!!)
* Update test: fixup `passport.authenticate` mocks
This would have caught the bugs that the previous commit is solving
* Remove `.then(() => next())` in `processPassportLogin`
Co-authored-by: Eric Mc Sween <eric.mcsween@overleaf.com>
---------
Co-authored-by: Eric Mc Sween <eric.mcsween@overleaf.com>
GitOrigin-RevId: a7eab5f5289956aeb8f2418408958daef3511ab7
* [web] revert binary file
* use addEntityWithName if file was deleted
* todo comments
* only show Revert file in ui even if deleted
* use _revertBinaryFile function
* emit new ids when reverting
* format:fix
* await emitToRoom calls
* use EditorController.upsertFile
* remove _revertBinaryFile function
* binary file check
* mock importFile method in tests
* move findElementByPath stub
* debug ci error
* resolve with empty object as file
* fix tests
* remove await before expect()
* format:fix
* test when binary file exists and when it does not
* use "file-revert" for source
* [web] revert existing file without ranges support (#18107)
* [web] revert existing file without ranges support
* ignore document_updated_externally if file-revert
* fix test
GitOrigin-RevId: a5e0c83a7635bc7d934dec9debe916bdd4beb51e
* Create `getPaginatedEndpointIterator` to iterate each page
* Create `waitMs` util, it will replace `slowCallback`
* Make `handleAPIError` async
* Make `isAccountUsingPaypal` async
* Make `attemptInvoiceCollection` async
* Make `attemptInvoicesCollection` async
* Use `await` instead of `new Promise`
* Remove unused callbackified `attemptInvoiceCollection`
* Run `attemptInvoiceCollection` for each page instead of gathering all pages in the beginning
* Add test on fetching multiple pages of invoice
GitOrigin-RevId: 2674b18c6ca5732b873fb2bc71b515909006f93d
* Rename `RecurlyWrapper` to `promises`, as it will only contain the promises soon
* Update `apiRequest`
* Update `_parseXml`
* Update `_parseXmlAndGetAttribute`
* Update `_parse*Xml`
* Update `updateAccountEmailAddress`
* Update `checkAccountExists`
* Update `createAccount`
* Update `createBillingInfo`
* Update `setAddressAndCompanyBillingInfo`
* Update `createSubscription`
* Update `_createPaypalSubscription`
* Update `_handle422Response`
* Update `_createCreditCardSubscription`
* Update `createSubscription`
* Update `getSubscriptions`
* Update `getSubscription`
* Update `getPaginatedEndpoint`
* Update `getAccount`
* Update `getAccountActiveCoupons`
* Update `getCoupon`
* Update `getBillingInfo`
* Update `getAccountPastDueInvoices`
* Update `attemptInvoiceCollection`
* Update `updateSubscription`
* Update `createFixedAmmountCoupon`
* Update `lookupCoupon`
* Update `redeemCoupon`
* Update `extendTrial`
* Update `listAccountActiveSubscriptions`
* To find which functions to add as callbackified, I used this Regex:
`RecurlyWrapper\.(?!promises)[^.\s]*`
And after adding callbackified functions, we're left with no results with the Regex:
`RecurlyWrapper\.(?!promises|apiUrl|_buildXml|_parseXml|attemptInvoiceCollection|createFixedAmmountCoupon|getAccountActiveCoupons|getBillingInfo|getPaginatedEndpoint|getSubscription|updateAccountEmailAddress)[^.\s]*`
* Update unit tests
* Test `getSubscription` both as "promise" and as "callback"
I'm not sure if we want to generalize this.
* Fix: add missing `await`s (!!)
* Change `apiRequest` to reject errors instead of resolving it in an object
* Fixup for CollectPayPalPastDueInvoice test
* Fix: callbackify `getSubscriptions` (!!)
* Replace `.then(...)` chain by multiple `await`
* Fixup `attemptInvoicesCollection`: prevent reading length of undefined
* Use `return await` when returning promises
Per https://github.com/overleaf/internal/pull/18384#pullrequestreview-2065738771
GitOrigin-RevId: ceda755b24fd29f97a27e60ac5db9bc7e369f932
* Fix `revokeAllUserSessions` call in `_cleanupUser`
The user object should be passed, not the _id
* Change `revokeAllUserSessions` signature, take `req` and `stayLoggedIn` arguments
* Update uses of `revokeAllUserSessions`
* Fix promisified `revokeAllUserSessions` args
* Update tests
* Destroy or Regenerate the session in the end of `revokeAllUserSessions`
Per https://github.com/overleaf/internal/issues/17036#issuecomment-1938398570
* Revert "Destroy or Regenerate the session in the end of `revokeAllUserSessions`"
This reverts commit fe30734dbe45b27d2931d2e43a711d591bb85787.
* Rename `revokeAllUserSessions` to `removeSessionsFromRedis`
* Fixup tests
* Fix: add optional chaining in `req.sessionID` (!!)
GitOrigin-RevId: d41676bf00f463230af495e09c65fb9ee521f49f
* Fix: Invoices collected array length comparison
Update the code with the correct condition to respect the intent of the previous implementation ("exit with non zero code when no invoicess were processed").
See 5476f39984
However, I'm not sure if erroring when no invoices are collected is actually what we want to do.
* Wrap `collect_paypal_past_due_invoice` script and export the function
* Fixup typo `accoutns`
* Log invoices collection data before throwing
* Add note: `handleAPIError` is silencing the errors
* Create a test on `collect_paypal_past_due_invoice`
* Replace `console.log` by `@overleaf/logger` (bunyan)
Our `console.warn` show up as Errors (in red) in GCP. For example the following is an error in GCP:
```
Errors in attemptInvoiceCollection with id=2693634 OError: Recurly API returned with status code: 400
```
https://github.com/overleaf/internal/blob/5476f39/services/web/scripts/recurly/collect_paypal_past_due_invoice.js#L9
---
Does it correctly set the levels as warnings if we use `@overleaf/logger`
GitOrigin-RevId: 37c8bdf4afd8cef4706700aafb44480ec8966a74
