Commit graph

27 commits

Author SHA1 Message Date
Alasdair Smith
8a969d1c25 Redirect directly from controller instead of via handler 2018-09-13 12:09:19 +01:00
Alasdair Smith
9d600afdf8 Fix failing tests for token access
If project was changed from token access to private, then we want to
404 on v2 (not redirect to v1). So the logic was changed to check if the
project exists and if it does then a 404 is returned. If it does not
then it redirects to v1.
2018-09-13 12:09:19 +01:00
Alasdair Smith
e0ce988d32 Intelligently redirect to v1 if no v2 project found for token 2018-09-13 12:09:19 +01:00
Shane Kilkelly
5df4556e9c Set redirect when bouncing away from token route
This ensures that when the user logs in they will be redirected back
to this token, the page they wanted to access in the first place.
2017-11-15 13:30:40 +00:00
Shane Kilkelly
2b4d516353 When anon is denied access to read-write token, redirect to restricted 2017-11-06 16:46:42 +00:00
Shane Kilkelly
caf6315d4d Remove old module import 2017-11-03 15:26:38 +00:00
Shane Kilkelly
fcb04472a1 De-duplicate logic in TokenAccessController 2017-11-01 14:05:29 +00:00
Shane Kilkelly
d8486afe5d Account for higher-access in the token read-only path too 2017-11-01 14:01:00 +00:00
Shane Kilkelly
9984ab081e Generalise the higher-access logic for read-write token path 2017-11-01 11:50:04 +00:00
Shane Kilkelly
b36849d262 Remove a dead event 2017-11-01 11:03:07 +00:00
Shane Kilkelly
a212fb1a05 Add "[TokenAccess]" context to log lines 2017-10-31 14:27:43 +00:00
Shane Kilkelly
8561b69ee9 Remove tokenMembers sync to clients 2017-10-25 11:29:05 +01:00
Shane Kilkelly
74c231826d WIP: track changes with token-access 2017-10-25 10:34:18 +01:00
Shane Kilkelly
0e44b319db Change anonToken and such to anonymousAccessToken 2017-10-20 10:10:21 +01:00
Shane Kilkelly
eab77aba91 Abstract away the token-protection logic 2017-10-19 16:26:01 +01:00
Shane Kilkelly
7d2bde85ff Add a setting to enable anonymous read-and-write link sharing 2017-10-18 13:04:37 +01:00
Shane Kilkelly
855fe2e143 If user is project owner, don't add them as a token user 2017-10-16 16:44:20 +01:00
Shane Kilkelly
ad999a72b6 If a token-based project not found, check private overleaf project 2017-10-16 13:20:15 +01:00
Shane Kilkelly
ac513a1355 Refactor to not pass req down into Auth modules 2017-10-13 11:20:57 +01:00
Shane Kilkelly
b6c2a8f7f7 Tidy up callbacks 2017-10-03 14:14:22 +01:00
Shane Kilkelly
7b33f8b4c2 Unit test TokenAccessController 2017-10-03 14:04:59 +01:00
Shane Kilkelly
ede497f4b3 Unit test TokenAccessHandler 2017-10-03 10:02:26 +01:00
Shane Kilkelly
9f24f696a5 Use custom header, send anonToken in payload to joinProject 2017-09-29 16:32:07 +01:00
Shane Kilkelly
34d4d1360f Anon read-token: add an Authorization header to $http 2017-09-29 15:54:55 +01:00
Shane Kilkelly
9810f63245 Render editor for token access, stub out ui changes 2017-09-28 16:06:08 +01:00
Shane Kilkelly
574b115022 Working token-based access 2017-09-27 14:01:52 +01:00
Shane Kilkelly
81170d472d Add token-access routes 2017-09-22 14:54:35 +01:00