Commit graph

262 commits

Author SHA1 Message Date
Tim Alby
9279e97cdc use ENv vars for 2FA settings
GitOrigin-RevId: b32b2d62d0f9145e5c59b8984b44940c855a1d91
2020-05-26 03:11:23 +00:00
Ersun Warncke
e9d199a0cf use relative path for default data dir
GitOrigin-RevId: a3d9e6583aba48b9814eea991460ffde7fe49984
2020-05-19 03:19:58 +00:00
Miguel Serrano
0ba6a1f11d Merge pull request #2805 from overleaf/jpa-bg-bcrypt-rounds-env
[misc] configure the bcrypt rounds via the env variable BCRYPT_ROUNDS

GitOrigin-RevId: 68a2f5b491c7162e943edfbb7e05758114d2b3d8
2020-05-07 03:27:51 +00:00
Jakob Ackermann
d3240b8f9c [perf] speedup login times for acceptance tests: use weak bcrypt params (#2801)
The overhead of password checks goes down from about 200ms to
 sub-millisecond times on a modern i7 processor (3.8GHz).
In my testing on server CPUs (2.4GHz) this goes down from 400ms to
 single digit ms.

GitOrigin-RevId: 895580fcbf1cde0bae5213ed6d8aae30c67fcfa3
2020-05-05 03:22:22 +00:00
Simon Detheridge
61e338fa7d Merge pull request #2727 from overleaf/jel-td-allowed-style-attribute
Allow style attribute on td

GitOrigin-RevId: 2886f5fdfed2d7b225e3f2e827a9313237a59ab0
2020-04-09 03:21:33 +00:00
Timothée Alby
dea9730503 Merge pull request #2694 from overleaf/ta-jl-otp
Two Factor Authentication for Staff

GitOrigin-RevId: 7028e93cb4a4cd88c138a52b0528817056b930d9
2020-04-08 03:14:35 +00:00
Jakob Ackermann
155b22caf9 Merge pull request #2713 from overleaf/jpa-custom-wsurl-for-beta-users
[misc] custom wsUrl for beta users

GitOrigin-RevId: e731ae7245e9c5586ae82cbc4c6716a74e56f2c9
2020-04-03 03:20:47 +00:00
nate stemen
c301d8bc25 Merge pull request #2666 from overleaf/em-max-json-request-size
Separate max_doc_length from max JSON request size

GitOrigin-RevId: 4c725028111966bf04109080d80d4672273dd697
2020-03-19 04:17:05 +00:00
Simon Detheridge
08a35b8998 Merge pull request #2541 from overleaf/revert-2382-msm-remove-recaptcha-default-config
Revert "Remove Recaptcha default config"

GitOrigin-RevId: 70e5b7b1f52e89a676fc0cea3654fbe5f59739ce
2020-01-28 04:18:49 +00:00
Simon Detheridge
a8483fbc89 Merge pull request #2516 from overleaf/spd-oio-samesite-cookies
Handle 'samesite=lax' session cookies on POST to open-in-overleaf

GitOrigin-RevId: d856f372e91134be47cc301a515ec08511618631
2020-01-22 04:23:00 +00:00
Miguel Serrano
1c759ad413 Add option to disable email confirmation banner (#2469)
GitOrigin-RevId: ef5e08a6359346cc53dff4ce7978affb71fdb556
2019-12-19 04:21:37 +00:00
Eric Mc Sween
b055612e3c Removal of default API passwords (#2422)
GitOrigin-RevId: d831adcf2fb8bec8792dda624c255474480bb897
2019-12-19 04:21:30 +00:00
Jessica Lawshe
cbe22f5cc7 Add Google Optimize
GitOrigin-RevId: 4c485be83456bf632d1b5f6790f2757d2b3aad54
2019-12-03 14:20:41 +00:00
Miguel Serrano
debb82960c Added settings.salesEmail to web config (#2392)
GitOrigin-RevId: 67b215e4141063fe00b29917324197923824ab8e
2019-11-27 10:26:17 +00:00
Miguel Serrano
9bfe58a959 Remove Recaptcha default config (#2382)
GitOrigin-RevId: 07fcddc135596f30614b087411e8116abad29770
2019-11-25 10:34:50 +00:00
Miguel Serrano
11419845e8 Remove v1 defaults (#2391)
GitOrigin-RevId: e9812c9d7785ac64500dcd3925a6b5be4cb04d7c
2019-11-21 10:24:41 +00:00
Miguel Serrano
475e6971a2 Revert "Remove settings.apis.v1 defaults (#2365)" (#2388)
This reverts commit 53d191a080fd50b83236f4e16a0dd10e72e705ad.

GitOrigin-RevId: 15b703670efd1cb13ebe9bd12015ec1109f60bb8
2019-11-20 12:06:18 +00:00
Miguel Serrano
e4d180955f Remove settings.apis.v1 defaults (#2365)
GitOrigin-RevId: 53d191a080fd50b83236f4e16a0dd10e72e705ad
2019-11-20 12:06:08 +00:00
Eric Mc Sween
bdc5360bc0 Merge pull request #2372 from overleaf/em-mongo-connection-pool
Use the default Mongoose connection pool for all models

GitOrigin-RevId: d227b7eb36f130085c9eb1480dc07bd50ba57768
2019-11-18 14:20:43 +00:00
Miguel Serrano
8a0b28e7c4 Revert "Remove settings.apis.v1 defaults (#2332)" (#2364)
This reverts commit 2763f0afbe153b59ec9b238d7a4f0495677e86ad.

GitOrigin-RevId: 2c741281f268d10d66e0d4613a087919ca462125
2019-11-14 16:44:22 +00:00
Miguel Serrano
c7d1f9fb76 Remove settings.apis.v1 defaults (#2332)
GitOrigin-RevId: 2763f0afbe153b59ec9b238d7a4f0495677e86ad
2019-11-14 16:44:14 +00:00
Simon Detheridge
de69d7f2a8 Merge pull request #2266 from overleaf/spd-slow-acceptance-tests
Remove setting that slows down acceptance tests

GitOrigin-RevId: 37630ec90ad4073cddc7803323515d80082e645c
2019-10-18 16:41:42 +00:00
Alasdair Smith
9cf73f965c Merge pull request #1440 from overleaf/as-amd-webpack
Bundle all frontend code with webpack

GitOrigin-RevId: 1bd93dad516c456fe1649193868e841e20459b0b
2019-10-16 10:36:21 +00:00
Eric Mc Sween
2011189dc4 Merge pull request #2200 from overleaf/ho-add-noindex-option
adds settings.robotsNoindex setting to stop robots indexing site

GitOrigin-RevId: 0c2c3aee215dd3ef1cca8cde4e0693a4bd39c6ef
2019-10-15 13:29:47 +00:00
Brian Gough
48b58899f7 Merge pull request #2224 from overleaf/bg-fix-use-of-parseint
fix setting for zero values

GitOrigin-RevId: e6037c6e9940421acea730fdc088d4cf230fdb11
2019-10-11 10:16:41 +00:00
Brian Gough
9edb95b706 Merge pull request #2223 from overleaf/spd-redis-retries
Add maxRetriesPerRequest redis setting

GitOrigin-RevId: 69810e40eaedaf05d9e3397b59b26ea43ecbe9ce
2019-10-10 14:00:59 +00:00
Jessica Lawshe
ea0270dbdd Merge pull request #2168 from overleaf/pr-restrict-main-file-options
Restrict main file options based on extension.

GitOrigin-RevId: f7d7a61c0454621dd8bc6ab5edce8a89721018ea
2019-10-03 14:34:41 +00:00
Eric Mc Sween
95f9a08768 Merge pull request #2033 from overleaf/ns-em-add-english-dialects
add languages config to default settings

GitOrigin-RevId: 12f89c21e3bcca3e2fb72f032b1264060531950b
2019-08-20 13:00:07 +00:00
Miguel Serrano
6006c8ca79 Fixed incompatibilities between overleaf.com and community (#2028)
GitOrigin-RevId: fc1e4e3e179cab75144043d83197f09e4f6c7642
2019-08-12 11:39:17 +00:00
Timothée Alby
b9ab0edf69 Merge pull request #2015 from overleaf/ta-recurly-upgrade
Upgrade Recurly

GitOrigin-RevId: 9a7c4804d2fafa31ea634498359dbfd95416b2ae
2019-07-31 08:33:31 +00:00
Timothée Alby
109585d20c Merge pull request #1947 from overleaf/ta-cleanup-guard-1
Remove __guard__ Function Used to Access Settings

GitOrigin-RevId: 15e3749990a9fc68f8d344390b1bf0d09d839106
2019-07-15 13:23:38 +00:00
Jessica Lawshe
8c2da6afab Merge pull request #1673 from overleaf/jel-cms-table-style
Styling for features table

GitOrigin-RevId: a8c37cf9bcda7c93d3d910036cd08f3cba06209e
2019-05-20 16:10:56 +00:00
Brian Gough
f583ffdbff Merge pull request #1740 from sharelatex/spd-captcha-on-register
Don't add captcha fields to register form if captcha is disabled

GitOrigin-RevId: 7ac3a3b41734377243ac1e31a99b3778c9a2e77d
2019-05-02 10:18:57 +00:00
nate stemen
bec56ccafa Merge pull request #1713 from sharelatex/ns-captchas-two
turn off captchas for project invite

GitOrigin-RevId: 3e044ba8c6bb2ffb77ea4486f7b51a587133839c
2019-04-16 18:47:56 +00:00
Chrystal Maria Griffiths
36d0e8e199 Merge pull request #1654 from sharelatex/ns-add-status-page
add status.overleaf.com to 500 page

GitOrigin-RevId: 47988918a4c2ea83b2edbd9f850d65a0d2bcdf82
2019-04-10 09:52:46 +00:00
nate stemen
2ae27fbc6a Merge pull request #1702 from sharelatex/revert-1650-ns-toggle-captchas
Revert "allow toggling of captchas via setting"

GitOrigin-RevId: 422daf84d2b02a10dd9b771e5c0f672139da0613
2019-04-08 15:20:49 +00:00
nate stemen
5aac144d5b Merge pull request #1650 from sharelatex/ns-toggle-captchas
allow toggling of captchas via setting

GitOrigin-RevId: 09decba22f6b7b4e97b04a57534a2797e10940c4
2019-04-08 13:53:54 +00:00
Simon Detheridge
d9522f563d Merge pull request #1631 from sharelatex/ho-remove-recurly-sign
remove RecurlyWrapper.sign and recurly private api key

GitOrigin-RevId: ceec49bcb9b66a6ad3cbf2b436c87cf0008ab152
2019-03-25 15:52:54 +00:00
Henry Oswald
d12dd862c8 Merge pull request #1551 from sharelatex/ho-docker-debug
Add missing config into defaults file

GitOrigin-RevId: 7d47bce6b6b429eab8d2765b081967ce52908c27
2019-03-11 11:01:34 +00:00
Henry Oswald
d55b38cc05 Merge pull request #1471 from sharelatex/ho-docker2
Move to docker image based builds

GitOrigin-RevId: 992aeaf69bfea4d1847a07c457575a63985d4407
2019-03-11 10:59:20 +00:00
Ersun Warncke
57450bb0fb Merge pull request #1522 from sharelatex/ew-smoke-test-remove-rate-limit
Remove smoke test rate limit, use POST for logout

GitOrigin-RevId: 0152f259b4a4375147857cc25156621de87f8bc9
2019-03-11 10:59:09 +00:00
Chrystal Maria Griffiths
bf5a28b258 Merge pull request #1509 from sharelatex/as-update-google-config
Use env var for brandPrefix for compatibility with google infrastructure

GitOrigin-RevId: c7749007d3fbd3746cd8f6771d6b394f5864dd9f
2019-02-15 13:33:49 +00:00
Alasdair Smith
9b97af8977 Merge pull request #1403 from sharelatex/as-swap-brand-prefix
Swap brand prefix so OL is the default

GitOrigin-RevId: 60f4f03598fb6befc1ce790d39f546490612a1db
2019-02-12 11:32:28 +00:00
Ersun Warncke
81e3db260c Merge pull request #1472 from sharelatex/ew-add-close-site-and-private-disconnect-route
Add close site setting and private disconnect all users route

GitOrigin-RevId: d078c053ba4e5f5c048f30f2a6d509966736b3e0
2019-02-06 14:24:52 +00:00
Brian Gough
c51461da09 Merge pull request #1480 from sharelatex/bg-allow-separate-websocket-url
allow setting separate wsUrl for websockets

GitOrigin-RevId: afd4f441397c6b4b402e342f1dec01c971847a0f
2019-02-06 10:20:36 +00:00
Henry Oswald
68a0ff08ea Merge pull request #1366 from sharelatex/ho-bump-compile-size
Bump compile size

GitOrigin-RevId: 087e8556a7e2e39bed486cdd8829bf427aaed68b
2019-01-08 16:37:00 +00:00
Jessica Lawshe
a521a86fb7 Merge pull request #1340 from sharelatex/jel-sanitize-html-options
HTML sanitize options for icons and tables

GitOrigin-RevId: 1f2cc444120ebbefb9583eda95e8edfba4e7d1d8
2019-01-07 16:15:57 +00:00
Jessica Lawshe
e619185569 Merge pull request #1347 from sharelatex/jel-sanitize-html-options-del
Allow <del> in sanitize HTML default options

GitOrigin-RevId: 212c13e77e62717abc85248d0255c6e9729031a9
2019-01-07 16:15:45 +00:00
James Allen
5a7f72c9f9 Merge pull request #1302 from sharelatex/jel-cms-iframe-attr
Allow style attribute on iframes

GitOrigin-RevId: f6a88f544eab665fecc00b8c89e87d489f39b88d
2018-12-20 15:48:52 +00:00
James Allen
e603afe106 Merge pull request #1217 from sharelatex/ja-download-zip-version
Add option to download zip file of version in history

GitOrigin-RevId: 11ffb9a3305e1e5e0492fccf2be41be7beb67d68
2018-12-05 12:32:26 +00:00
Jessica Lawshe
c20a506f0e Merge pull request #1161 from sharelatex/jel-extend-sanitize-options-cms
Extend sanitize HTML options

GitOrigin-RevId: da9dd1741ca31f095e4fafe91c1beb9abd019567
2018-11-20 18:05:36 +00:00
Paulo Jorge Reis
0bf66e8b99 Merge pull request #1150 from sharelatex/sk-add-git-bridge-public-base-url
Add `gitBridgePublicBaseUrl` to default settings

GitOrigin-RevId: 19aeb6b9cf2e04e38ec24c15538fed1bcab9c784
2018-11-15 10:04:39 +00:00
Shane Kilkelly
81b09c7800 Merge pull request #1071 from sharelatex/sk-enable-git-bridge-in-v2
Enable git-bridge in v2

GitOrigin-RevId: 24586c7c80b53ae171199ecde538df794f78ecc7
2018-11-14 11:29:35 +00:00
James Allen
140f97eb20 Merge pull request #1107 from sharelatex/ja-purchase-groups
Purchase group/team accounts directly via app

GitOrigin-RevId: 1a502878753de77758fb431f45a6366f199f1cb0
2018-11-13 13:50:46 +00:00
Alasdair Smith
98d35b4e50 Use settings instead of hard-coding ports 2018-10-09 11:23:21 +01:00
Jessica Lawshe
bcd465a35d Allow <video> and <source> in sanitized HTML 2018-09-14 10:36:46 -05:00
Jessica Lawshe
98f98483ef Add default sanitize options 2018-08-28 17:23:55 -05:00
Henry Oswald
7a253e56ef Download all log files from compiles.sharelatex.env (#833)
* add a couple of missing buildPdfDownloadUrl

* only download pdfs from compile server when streaming

* use compiles.env for resonse files

* update config to use clsi_lb
2018-08-21 09:24:48 +01:00
Henry Oswald
5ed95694da Merge pull request #801 from sharelatex/ho-mailchimp
Add non checked checkbox for newsletter subscription on signup and use mailchimp as newsletter provider.
2018-08-16 11:40:39 +01:00
Henry Oswald
1e1f26b350 Merge pull request #818 from sharelatex/ho-backendgroup-config
configure backend group name via config files
2018-08-16 10:37:14 +01:00
Henry Oswald
af6e7758d3 configure backend group name via config files 2018-08-15 15:26:22 +01:00
Brian Gough
19dfe5fc8b intial version of user setting for texlive imageName 2018-08-13 10:53:43 +01:00
Henry Oswald
17a63258c6 changed newsletter to use mailchimp 2018-08-04 17:52:12 +01:00
James Allen
ba17c1da14 Cache pug templates and modules, by using production environment 2018-07-10 16:15:50 +01:00
Tim Alby
b78212290a handle dynamic Proxy URLs 2018-07-06 12:03:47 +02:00
Tim Alby
bebbc433bf proxy static institutions URLs in dev env 2018-06-27 09:59:55 +02:00
Henry Oswald
406bf1f5fc Don't set pdfDownloadDomain by default 2018-06-13 11:23:33 +01:00
Henry Oswald
75c9489c06 PDF Downloads work, not tested on large pdf's yet 2018-06-08 17:17:00 +01:00
Henry Oswald
a747480425 add references host into settings 2018-05-30 15:28:59 +01:00
Michael Mazour
859858c02c Add V1 API to settings file 2018-05-16 14:17:48 +01:00
James Allen
c5b29bd1c7 Add in default config for third-party-references service 2018-03-21 15:27:47 +00:00
Shane Kilkelly
84fff5e9b7 Merge pull request #379 from sharelatex/sk-geolocate-user-sessions
Geolocate user, and pass country-code to editing-sessions
2018-03-06 11:33:50 +00:00
James Allen
d4025908b7 Add in enabledLinkedFileTypes setting 2018-03-05 10:37:53 +00:00
James Allen
a99f55891f Use external proxy 2018-03-05 10:37:53 +00:00
Shane Kilkelly
1629f68d5e Geolocate user on login, and pass country-code to editing-sessions 2018-03-02 12:02:45 +00:00
Henry Oswald
ccffdc3265 added blog url to config 2018-02-08 14:47:54 +00:00
James Allen
662122bb1c CI and local dev environment improvements
The need for this became very noticeable due to the slowness of filesystem access in docker-in-mac, with a full compile taking over a minute for me in docker. Using make to introduce incremental compile makes this near instantaneous outside of docker (if only a few files have changed), and quick enough inside docker.

With incremental compile via make, it compiles quickly enough that re-compiling and restarting the web service automatically when backend files change is quick enough now. This is how the service is run via docker-compose in https://github.com/sharelatex/sharelatex-dev-environment, so it shouldn't be necessary to manually restart the container each time a coffee file changes.

At the moment Jenkins pull web modules in via the GitSCM plugin, but I believe this is creating a dependency in Jenkins, where any commits to any of the modules causes all of the web branches to rebuild. By doing it via our own scripts we can hopefully avoid this. It also creates a build process which is reproducible locally.

**Note that at the moment in this PR all modules pull from `ja-dockerize-dev` branches, but these should be merged first, and this PR updated to point to the master branches before merging**. This is necessary for other changes to build process/docker-compose workflow.

As well as a Makefile for web, there is now a `Makefile.module`. This is copied into each module directory by the top-level Makefile, and is written in a way to be flexible and support unit tests, acceptance tests, front-end js for the ide and main, and the modules `app/coffee` directory, while allowing modules to have some of these missing (not all modules have e.g. acceptance tests, or front-end JS). This will allows us to refine the build process in future, without needing to update the Makefile in each module repo separately (I found this to be a painful part of this development).

This makes web compatible with the docker-compose workflow at https://github.com/sharelatex/sharelatex-dev-environment, where each service is running in its own docker container, with networking managed by docker.

Previously the Makefile was set up to run unit tests in docker with `make unit_tests`. This now just runs them natively. In the CI, they are run in docker anyway (all steps in Jenkins are), and locally, they run fine natively with `npm run test:unit`, or can be run in docker via https://github.com/sharelatex/sharelatex-dev-environment with `bin/run web_sl npm run test:unit`.

Previously we did a lot of juggling with only mounting source files (coffee, less, etc) into the docker container for acceptance tests. This was to avoid creating root owned files if the whole directory was mounted. Now instead the whole web directory is mounted read-only, with the compilation step done outside of the container before running the tests.

This allows the host and container to share the `node_modules` folder as well, which avoids needing to `npm install` twice on the CI box, and should speed up the build by a few minutes.

On macOS, this would cause a problem with compiled modules if you tried to use the same `node_modules` to run the app natively. However, if running via docker-compose in https://github.com/sharelatex/sharelatex-dev-environment, this is no longer a problem.
2018-01-15 09:36:41 +00:00
Tim Alby
08b74c95f5 proxy requests to analytics service 2018-01-10 15:03:14 +02:00
James Allen
bbfcff30fb Enable project history for new projects if enabled in settings 2018-01-03 16:55:33 +00:00
James Allen
ffa2e231fd Fix up tests 2017-12-19 13:58:47 +00:00
Hayden Faulds
3466db0aae add acceptance tests 2017-12-04 09:42:09 +00:00
James Allen
50b3045548 Tidy up docker-compose and makefile 2017-11-29 13:49:36 +00:00
James Allen
fbf8cc2d03 Run acceptance tests via docker compose 2017-11-27 17:10:58 +00:00
Shane Kilkelly
1cedfed1e4 Merge branch 'master' into sk-unlisted-projects 2017-11-02 10:10:09 +00:00
Hayden Faulds
519f041215 Merge pull request #50 from sharelatex/hof-toggle-projec-history
toggle project history
2017-10-24 09:13:50 +01:00
Hayden Faulds
299112f6e0 toggle project history using setting 2017-10-23 15:49:10 +01:00
Shane Kilkelly
7d2bde85ff Add a setting to enable anonymous read-and-write link sharing 2017-10-18 13:04:37 +01:00
Brian Gough
5b0d3d1429 simplify rate-limit checking code 2017-10-09 16:31:01 +01:00
James Allen
5c8442a86f Allow configureable brand prefix with overleaf styles 2017-08-07 17:01:59 +02:00
Shane Kilkelly
0f131d940d Enforce stricter password policy.
- Check minimum password lengths
- Set default policy to 6-128 chars
2017-07-24 11:06:47 +01:00
Shane Kilkelly
149e38855f Add a cooldown mechanism for projects which go over limits 2017-05-09 11:40:42 +01:00
James Allen
4728077cca Add track changes feature flag into model 2017-02-13 11:50:32 +01:00
Shane Kilkelly
525e871d55 Merge branch 'master' into sk-rate-limit-cluster 2017-01-13 14:17:18 +00:00
Shane Kilkelly
731f280e2e Move auth parts of top menu out of config and into web templates.
Move the remaining configuration into a new config var: `nav.header_extras`.
Add a `nav.showSubscriptionLink` var to control visibility of subscription link
in the Account menu.

This will allow admins to more easily configure extra links in the top
navigation bar, without the danger of overwriting the important auth menus.
2017-01-11 10:27:38 +00:00
Henry Oswald
84ce2d0e14 change default nav to use translations for login and register 2017-01-06 11:00:21 +00:00
Shane Kilkelly
259c589076 Add option to restrict invites to existing user accounts. 2016-12-20 09:54:42 +00:00
Shane Kilkelly
535e489ae5 Add an example redis.ratelimiter config. 2016-12-19 12:17:58 +00:00
Shane Kilkelly
cf94429e05 Add a user_email option to the nav "Account" dropdown. 2016-11-29 16:04:20 +00:00
Shane Kilkelly
bfa0e7cf89 WIP: start moving web sessions to cluster 2016-11-08 15:32:36 +00:00
Henry Oswald
d0f9a07197 turn subscriptions off by default 2016-10-12 17:35:40 +01:00