Commit graph

1565 commits

Author SHA1 Message Date
Shane Kilkelly
08567ff220 if projectId is not defined, error out 2017-05-10 15:25:23 +01:00
Shane Kilkelly
b8e4cafd81 Fix log line 2017-05-10 15:16:36 +01:00
Shane Kilkelly
27842996aa start testing SudoModoController 2017-05-10 15:15:57 +01:00
James Allen
274d6f4ac6 Merge pull request #493 from sharelatex/ja-redis-cluster-refactor
Move all redis end points to be cluster compatible
2017-05-10 14:38:37 +01:00
Shane Kilkelly
16128288a9 Add sudo-mode protection to sessions page 2017-05-10 11:36:19 +01:00
Shane Kilkelly
5a97521b04 Fix typo in log message 2017-05-10 11:36:05 +01:00
Shane Kilkelly
a3a2108526 Increase sudo-mode time to one hour 2017-05-10 11:35:47 +01:00
Shane Kilkelly
094784b6d5 protect settings page with sudo-mode middlewear 2017-05-10 10:25:32 +01:00
Shane Kilkelly
029c96c7cc Add sudo-mode 'confirm password' prompt 2017-05-10 10:05:48 +01:00
Shane Kilkelly
fd0176c0cf if project goes over maximum allowed files, put on cooldown 2017-05-09 14:20:29 +01:00
Shane Kilkelly
8e90b7fb9b Add Cooldown to Tpds routes 2017-05-09 13:54:11 +01:00
Shane Kilkelly
149e38855f Add a cooldown mechanism for projects which go over limits 2017-05-09 11:40:42 +01:00
Shane Kilkelly
c5c0364d49 update to newest mongoose 2017-05-08 16:09:59 +01:00
Paulo Reis
3ced808411 Use a single accept changes method. 2017-05-05 15:19:31 +01:00
James Allen
014e3afb36 Don't call sync functions inside async
Calling sync functions inside async can trigger the node max stack size.
Instead, build up our unique list of ids in advance, so we only call a
method in async for each user we actually need to look up, asynchronously.
Then use all the cached values synchronously afterwards.
2017-05-04 17:04:20 +01:00
Paulo Reis
19828d3c5b Basic bulk accept support. 2017-05-04 15:33:47 +01:00
James Allen
8449b0417c Move all redis end points to be cluster compatible 2017-05-04 15:22:54 +01:00
Brian Gough
679680532f improve stream error handling on upload 2017-04-28 14:47:18 +01:00
Brian Gough
46f693519a return 404 for api request on missing doc 2017-04-27 16:41:53 +01:00
Henry Oswald
3bdd5a4a2e Merge pull request #483 from sharelatex/ja-dont-fail-on-tpdsworker-error
Continuing flushing document on tpds worker error
2017-04-25 09:19:13 +01:00
Henry Oswald
5d55e383c7 Merge pull request #485 from sharelatex/sk-warn-on-zip-failure
when the uploaded file is not a zip, warn instead of error
2017-04-25 09:18:17 +01:00
Henry Oswald
efe5e9efb0 Merge pull request #484 from sharelatex/ho-rate-limit-compiles
added rate limit to compile endpoint
2017-04-25 09:17:27 +01:00
Shane Kilkelly
779336e5b0 when the uploaded file is not a zip, warn instead of error 2017-04-13 15:12:54 +01:00
Shane Kilkelly
a9b8b864df Move content-disposition setting into a method on res 2017-04-12 16:00:02 +01:00
Shane Kilkelly
02d75deaa0 when setting content-disposition, uri-encode names 2017-04-12 09:31:59 +01:00
Henry Oswald
0961a034ea added rate limit to compile endpoint 2017-04-11 16:08:38 +01:00
James Allen
6d2f18016f Move tpds worker error ignoring logic into tpdsUpdateSender 2017-04-11 15:41:17 +01:00
James Allen
7c8f228f48 Continuing flushing document on tpds worker error 2017-04-11 14:02:08 +01:00
Shane Kilkelly
bb65da88fe Merge branch 'master' into node-6.9 2017-04-05 10:15:51 +01:00
Shane Kilkelly
0555154a24 Merge branch 'sk-fix-folder-creation' 2017-04-04 11:01:07 +01:00
Shane Kilkelly
043520fc28 Remove the Metrics module, use metrics-sharelatex 2017-04-03 16:18:30 +01:00
Shane Kilkelly
bee62400a6 Merge branch 'master' into sk-upgrade-metrics 2017-03-31 14:08:12 +01:00
Shane Kilkelly
cc81eca902 Account for error being null 2017-03-31 10:46:13 +01:00
Shane Kilkelly
2c62acee0b Cleaner error reporting for addFolder endpoint 2017-03-31 10:31:03 +01:00
James Allen
3bf19a38ee Merge pull request #467 from sharelatex/ja-validate-recurly-subscription-on-creation
Handle a 404 from Recurly if account doesn't exist
2017-03-28 16:06:25 +01:00
James Allen
08699d7aa2 Handle a 404 from Recurly if account doesn't exist 2017-03-28 15:46:58 +01:00
James Allen
f53234271f Merge pull request #465 from sharelatex/sk-hide-email-errors
If sending email fails, return a generic error.
2017-03-28 13:16:43 +01:00
James Allen
2e6e51eb6d Merge pull request #464 from sharelatex/ja-validate-recurly-subscription-on-creation
Check Recurly for subscription as well before creating subscription
2017-03-28 13:15:58 +01:00
Brian Gough
835d8d618d use error handler 2017-03-28 11:33:37 +01:00
Brian Gough
6002fdbad6 return 404 on project details not found 2017-03-28 10:30:53 +01:00
Brian Gough
f433510e61 return NotFound error in ProjectDetailsHandler 2017-03-28 10:12:52 +01:00
Brian Gough
4e66b045e3 fix unhandled exception in ProjectDetailsHandler 2017-03-28 09:44:50 +01:00
Shane Kilkelly
d2e1efe4a9 fix a daft mistake 2017-03-27 17:45:19 +01:00
Shane Kilkelly
69b9b308d4 If sending email fails, return a generic error.
This prevents us from leaking juicy details of our aws/ses setup via the
password-reset form.
2017-03-27 16:17:38 +01:00
James Allen
7aa4c0c030 Check Recurly for subscription as well before creating subscription 2017-03-27 12:07:43 +01:00
Henry Oswald
f27dfa54f1 fixup AuthenticationController from missing module after merge 2017-03-27 09:42:49 +01:00
Henry Oswald
9c7465fd64 Merge pull request #461 from sharelatex/ho-annom-user-events
add identify on login
2017-03-27 09:28:34 +01:00
Henry Oswald
aa4f768513 Merge pull request #455 from sharelatex/ho-bug-fix
multiple small bug fixes
2017-03-27 09:28:28 +01:00
Henry Oswald
379efcb04a Merge branch 'master' into ho-annom-user-events 2017-03-27 09:28:03 +01:00
Henry Oswald
ed4a321906 remove extra debug route 2017-03-23 15:39:12 +00:00
Henry Oswald
cff922a0f5 idendify -> identify 2017-03-22 16:01:26 +00:00
Henry Oswald
ebdce6169e idendifyUser on login 2017-03-22 15:50:49 +00:00
Shane Kilkelly
1663f2a8eb Use res.send, not next 2017-03-21 11:09:39 +00:00
Shane Kilkelly
1ed1eaaa05 If analytics is not configured, produce a ServiceNotConfiguredError 2017-03-21 10:57:39 +00:00
Shane Kilkelly
8a8a5a7079 Add a 'ServiceNotConfiguredError' to Errors module. 2017-03-21 10:57:09 +00:00
Henry Oswald
ca3849c0c2 jpeg -> json 2017-03-20 11:08:42 +00:00
Shane Kilkelly
a64f890ed0 Upgrade metrics api 2017-03-17 14:55:41 +00:00
Henry Oswald
625fa810c2 validate mongo id in getPrivilegeLevelForProject
https://sentry.io/sharelatex-1/sl-web-server-prod/issues/204397665/
2017-03-17 14:44:51 +00:00
Henry Oswald
8ee2e5ba63 null check folder in findElement
https://sentry.io/sharelatex-1/sl-web-server-prod/issues/236000085/
2017-03-17 13:29:20 +00:00
Henry Oswald
31b1c53faa proxy jpg to blog backend
https://sentry.io/sharelatex-1/sl-web-server-prod/issues/212236471/
2017-03-17 13:24:50 +00:00
Henry Oswald
e5468983ce clone project plow though null doc/file/folders
https://sentry.io/sharelatex-1/sl-web-server-prod/issues/227107799/
2017-03-17 13:21:30 +00:00
Henry Oswald
d453a4d5c7 null check stat when we check file on disk
https://sentry.io/sharelatex-1/sl-web-server-prod/issues/125814174/
2017-03-17 13:03:16 +00:00
Shane Kilkelly
f2b5901776 wip: use new metrics.timeAsyncMethod 2017-03-16 10:59:18 +00:00
Shane Kilkelly
1ce48e971a Merge branch 'sk-fix-file-upload' 2017-03-10 11:30:03 +00:00
James Allen
604aa7859e Merge pull request #449 from sharelatex/ho-trust-blog-urls
don't add /blog to the start of blog urls in annoucements
2017-03-09 13:28:36 +00:00
James Allen
6068ac8f88 Merge pull request #450 from sharelatex/pr-review-feature-page
Review features page
2017-03-09 13:28:25 +00:00
Shane Kilkelly
ec25ee9045 When upload to filestore fails, produce an error 2017-03-09 10:11:45 +00:00
James Allen
b75d0ab3eb Don't show onboarding for newly registered users 2017-03-09 09:13:49 +00:00
Henry Oswald
63b84d3724 don't add /blog to the start of blog urls in annoucements
also up timeout
2017-03-08 17:58:22 +00:00
Henry Oswald
d722f47b0f add indentify option and uuid for users not logged in 2017-03-08 17:51:35 +00:00
Paulo Reis
a5e2ae3853 New URL; style adjustments. 2017-03-08 12:25:21 +00:00
James Allen
eb30c46458 Turn on track changes for everyone and take out of beta 2017-03-08 11:58:16 +00:00
James Allen
a4464a330c Merge pull request #446 from sharelatex/ja-track-changes-module
Pull track changes backend into a module
2017-03-06 11:27:11 +00:00
Paulo Reis
5459ae8daa Prepare to use a static feature page. 2017-03-03 17:15:29 +00:00
James Allen
2b36a443c9 Pull track changes backend into a module 2017-03-02 16:45:24 +00:00
Brian Gough
e24873a945 Merge pull request #444 from sharelatex/bg-upgrade-pdfjs-1.7.225
upgrade pdfjs 1.7.225
2017-03-02 14:04:52 +00:00
Brian Gough
6f392f2270 upgrade pdfjs to 1.7.225 2017-03-02 09:31:23 +00:00
Henry Oswald
8db684bd2d Update SystemMessageManager.coffee 2017-03-01 15:46:43 +00:00
Henry Oswald
1a9c035647 bring system message checks down to 1 min.
can take ages when at 5 mins
2017-02-28 18:53:34 +00:00
Shane Kilkelly
4945c0d478 Merge branch 'master' into node-6.9 2017-02-16 09:33:20 +00:00
James Allen
d01d6a35cf Only create Controller when showing onboarding 2017-02-15 09:47:37 +01:00
Shane Kilkelly
2d0a7b2bdb Merge branch 'master' into node-6.9 2017-02-14 14:42:35 +00:00
James Allen
b40b9add5a Turn on track changes for beta users 2017-02-14 15:28:21 +01:00
James Allen
a0a4509edc Avoid underscore (_) name overwriting 2017-02-14 15:26:36 +01:00
James Allen
c8096facfb Merge pull request #421 from sharelatex/ho-announcments
mark announcments before user signs up as read
2017-02-14 15:12:10 +01:00
Henry Oswald
27caf4d555 mark announcments before user signs up as read 2017-02-14 12:29:48 +00:00
Shane Kilkelly
621a07aff2 Merge branch 'master' into node-6.9 2017-02-14 11:01:14 +00:00
James Allen
03ecf4b4ae Only show track changes onboarding once based on analytics API events 2017-02-14 10:25:46 +01:00
James Allen
1d58efbca0 Don't enable for beta users just yet 2017-02-13 12:42:53 +01:00
James Allen
e99c9a2065 Enable track changes for beta users 2017-02-13 12:09:47 +01:00
James Allen
47a66eed50 Merge branch 'ja-include-track-changes-feature' into pr-track-changes-upgrade-prompt 2017-02-13 11:50:56 +01:00
James Allen
4728077cca Add track changes feature flag into model 2017-02-13 11:50:32 +01:00
Shane Kilkelly
6a161b4071 remove commented out code 2017-02-06 16:35:52 +00:00
Shane Kilkelly
7d5dc34b3e fix the set-password form for new (admin-created) users 2017-02-06 14:58:54 +00:00
James Allen
935847f2a1 Add track changes flag into user model 2017-02-03 14:47:04 +01:00
James Allen
343abfde23 Use user feature flags to determine track changes state 2017-02-03 14:36:11 +01:00
Shane Kilkelly
e2a207d618 Merge branch 'master' into sk-pug 2017-01-31 09:39:06 +00:00
James Allen
e7efa40c75 Merge pull request #401 from sharelatex/ja-spam-code-fixes
Refactor rate limiting code around sending invites
2017-01-31 10:21:55 +01:00
Shane Kilkelly
4e9426e6bf Merge branch 'master' into sk-pug 2017-01-30 14:36:10 +00:00
Shane Kilkelly
3ed85dad42 Merge branch 'master' into sk-upgrade-uuid 2017-01-30 11:09:50 +00:00
James Allen
b086d7afa2 Refactor rate limiting code around sending invites 2017-01-27 16:26:58 +01:00
James Allen
757c7002eb Merge pull request #397 from sharelatex/ja-modify-threads
Allow editing/deleting of comments and threads
2017-01-25 15:50:00 +01:00
Shane Kilkelly
e2f4fc3653 Merge branch 'master' into sk-rate-limit-cluster 2017-01-25 10:52:34 +00:00
Henry Oswald
3eb13ccdd1 fix stupid mistake 2017-01-25 10:38:39 +00:00
Henry Oswald
2a00b9c7a2 use user._id for error log 2017-01-25 10:33:30 +00:00
Shane Kilkelly
239164fe26 Merge branch 'master' into sk-rate-limit-cluster 2017-01-25 09:56:08 +00:00
Henry Oswald
cc717f0357 domainAnnouncementsToShow -> domainAnnouncements 2017-01-25 09:44:13 +00:00
Henry Oswald
02e6eb4dd1 Merge pull request #399 from sharelatex/ho-promote-case-study
promote domain alerts
2017-01-25 09:41:50 +00:00
Henry Oswald
1280a2313d add check for id to exist in domain announcments
null check user at start of getUnreadAnnouncements
fix spelling mistake
2017-01-25 09:35:11 +00:00
Henry Oswald
13d21b881f use new annoncments feature for case study info 2017-01-24 16:03:05 +00:00
James Allen
f9ba7392e9 Allow editing/deleting of comments and threads 2017-01-24 16:21:14 +01:00
Henry Oswald
2341a8481a Merge branch 'master' into ho-promote-case-study 2017-01-24 14:49:35 +00:00
Shane Kilkelly
a148eb1f43 Merge branch 'master' into sk-rate-limit-cluster 2017-01-24 09:24:47 +00:00
Shane Kilkelly
0add3ed66e Merge branch 'master' into sk-upgrade-uuid 2017-01-23 10:04:31 +00:00
Shane Kilkelly
abbffb8e4b Remove deprecated node-uuid package, replace with uuid. 2017-01-23 10:03:16 +00:00
Henry Oswald
9153ffac41 limit project name in email to 40 chars 2017-01-21 12:58:16 +00:00
Henry Oswald
74240e28c7 rate limit via ip the number of invite to project requests 2017-01-21 12:44:09 +00:00
Henry Oswald
6d35585847 limit number of invites each user can do
done with the number of collaborators a user can add
prevents notifications getting filled up as well
2017-01-21 12:43:15 +00:00
Shane Kilkelly
cfa2777d62 Merge branch 'sk-launchpad' 2017-01-20 13:58:16 +00:00
Shane Kilkelly
57cd54bf55 WIP: migrate from jade to pug 2017-01-20 12:03:02 +00:00
Shane Kilkelly
8922c9dbf5 New email layout for "testEmail" 2017-01-18 15:28:51 +00:00
James Allen
3413687833 Merge pull request #393 from sharelatex/ja-track-changes
Ja track changes
2017-01-18 15:32:16 +01:00
Shane Kilkelly
707838baa4 Merge branch 'master' into sk-launchpad 2017-01-17 16:25:59 +00:00
Shane Kilkelly
59ab66fca2 Fix double-callback 2017-01-17 16:25:18 +00:00
James Allen
5a34d17947 Toggle track changes in a project based on the owner's feature switch 2017-01-17 15:59:18 +01:00
Shane Kilkelly
d7251c6bfe Merge branch 'master' into sk-launchpad 2017-01-17 14:55:08 +00:00
Shane Kilkelly
1137ab0715 Don't record redirect to static asset paths 2017-01-17 14:35:37 +00:00
Shane Kilkelly
70c7e32e58 Add a 'testEmail' email type 2017-01-17 10:52:04 +00:00
James Allen
9c0bf885be Merge branch 'master' into ja-track-changes 2017-01-17 10:16:41 +01:00
Shane Kilkelly
82ddeab2bd If user tries to invite themselves to project, don't. 2017-01-16 13:45:01 +00:00
Shane Kilkelly
635b935acc Add an acceptance test for login rate limits, cleanup 2017-01-16 11:46:59 +00:00
Henry Oswald
fed88504f8 rate limit emails sent sharing projects by users 2017-01-14 14:52:32 +00:00
Shane Kilkelly
25956d4c62 Fix up tests 2017-01-13 16:04:26 +00:00
Shane Kilkelly
525e871d55 Merge branch 'master' into sk-rate-limit-cluster 2017-01-13 14:17:18 +00:00
James Allen
aab4dea8ae Merge branch 'master' into ja-track-changes 2017-01-13 13:46:01 +01:00
Shane Kilkelly
d17483fd47 Merge branch 'sk-top-menu-rework' 2017-01-12 13:24:47 +00:00
Henry Oswald
daee77f052 Merge pull request #387 from sharelatex/pr-email-template-improvements
Email template improvements
2017-01-12 12:34:35 +00:00
James Allen
f9b8ada215 track changes for anonymous users 2017-01-12 13:29:57 +01:00
James Allen
64b9fe52dd Handle deleted users in comments gracefully 2017-01-12 12:31:01 +01:00
James Allen
e7ab92b7c9 Only show users controls they have permission to use 2017-01-12 11:52:39 +01:00
Shane Kilkelly
5c25d15a18 WIP: try switch to rolling rate limiter 2017-01-12 09:25:18 +00:00
Shane Kilkelly
731f280e2e Move auth parts of top menu out of config and into web templates.
Move the remaining configuration into a new config var: `nav.header_extras`.
Add a `nav.showSubscriptionLink` var to control visibility of subscription link
in the Account menu.

This will allow admins to more easily configure extra links in the top
navigation bar, without the danger of overwriting the important auth menus.
2017-01-11 10:27:38 +00:00
Shane Kilkelly
f5ced03074 Set redirect when sending user to login page.
Allows smart redirecting to work when public access is turned off.
2017-01-10 15:42:36 +00:00
James Allen
f31fa98679 Sync track changes state between sessions and client 2017-01-10 16:11:12 +01:00
James Allen
d03aa7056e Rename /ranges/users end point to /changes/users 2017-01-10 13:43:53 +01:00
James Allen
4e128b6ab7 Send user data in /threads dat 2017-01-09 17:25:06 +01:00
James Allen
43f6b9de7c Inform other clients when we accept a change 2017-01-09 15:54:12 +01:00
James Allen
9379cff89d Add end point for accepting change in doc updater 2017-01-09 15:25:27 +01:00
James Allen
3a5d45fa32 Get user info via web, not chat 2017-01-06 13:41:58 +01:00
Henry Oswald
862e15b842 log out user id and anonymous when loading editor 2017-01-05 15:02:10 +00:00