github/overleaf
1
0
Fork 0
mirror of https://github.com/overleaf/overleaf.git synced 2024-11-21 20:47:08 -05:00
Code Issues Projects Releases Packages Wiki Activity
4990 commits 3 branches 7 tags 206 MiB
Commit graph

4855 commits

Author SHA1 Message Date
Shane Kilkelly
6feedf5520 Use crypto module for token generation 2017-10-12 11:36:45 +01:00
Shane Kilkelly
22c5f41fb6 Add logging for token generation 2017-10-12 11:25:16 +01:00
Shane Kilkelly
fe708fcc04 Generate all missing tokens 2017-10-12 11:19:26 +01:00
Shane Kilkelly
70b1e42e36 Add deprecation comment regarding legacy access-levels 2017-10-12 11:00:39 +01:00
Shane Kilkelly
6e09165452 Refactor auth sources 2017-10-12 10:57:11 +01:00
Shane Kilkelly
1a4ffe7708 Remove un-necessary call to getProject from archiveProject path 2017-10-09 11:30:55 +01:00
Shane Kilkelly
ad68adee9a Add more commentary on the anonymous path 2017-10-09 11:13:55 +01:00
Shane Kilkelly
e73de3bfd4 Fix whitespace in function signature 2017-10-09 10:57:23 +01:00
Shane Kilkelly
732ce9417b Don't create tokens on project by default 2017-10-09 10:25:20 +01:00
Shane Kilkelly
29a584996f Flesh out acceptance tests for token access 2017-10-06 16:26:47 +01:00
Shane Kilkelly
d386f79a76 Clean up 2017-10-06 16:10:33 +01:00
Shane Kilkelly
b5bed1837e Start acceptance tests for token-based access 2017-10-06 15:58:03 +01:00
Shane Kilkelly
91abb6eed6 If project is not tokenBased, don't count members of token arrays 2017-10-06 15:57:22 +01:00
Shane Kilkelly
387854db7a Fix an embarassing mistake, generate tokens dynamically, not once. 2017-10-06 13:24:10 +01:00
Shane Kilkelly
1500976226 Add temporary text to share modal 2017-10-05 14:47:50 +01:00
Shane Kilkelly
bb0dad3353 Safe access to potentially-null project 2017-10-05 14:19:21 +01:00
Shane Kilkelly
b8d90a1a99 Show token-access projects on the dashboard 2017-10-05 13:20:06 +01:00
Shane Kilkelly
e4e558c0e6 Hide access tokens if user is not the project owner. 
This prevents sneaky read-only users from sniffing out the read-write
link via the browser console.
 2017-10-05 13:18:30 +01:00
Shane Kilkelly
6482cd7dd8 Generate tokens on old projects if they're not present 2017-10-04 16:31:24 +01:00
Shane Kilkelly
b6c2a8f7f7 Tidy up callbacks 2017-10-03 14:14:22 +01:00
Shane Kilkelly
7b33f8b4c2 Unit test TokenAccessController 2017-10-03 14:04:59 +01:00
Shane Kilkelly
ede497f4b3 Unit test TokenAccessHandler 2017-10-03 10:02:26 +01:00
Shane Kilkelly
11249c070c Remove commented-out code 2017-10-02 14:50:43 +01:00
Shane Kilkelly
ea7d7c604e Remove token header from angular $http 2017-10-02 14:44:03 +01:00
Shane Kilkelly
9f24f696a5 Use custom header, send anonToken in payload to joinProject 2017-09-29 16:32:07 +01:00
Shane Kilkelly
34d4d1360f Anon read-token: add an Authorization header to $http 2017-09-29 15:54:55 +01:00
Shane Kilkelly
a66cb15f48 Use angular $http service for spellcheck 2017-09-29 14:55:06 +01:00
Shane Kilkelly
f74da0e6cf Use angular $http service for references 2017-09-29 14:51:00 +01:00
Shane Kilkelly
e04d10d11f Styling of link-share, and fix read-only link 2017-09-29 10:59:30 +01:00
Shane Kilkelly
df338ebd6d Show tokens in share modal 2017-09-29 10:11:23 +01:00
Shane Kilkelly
9810f63245 Render editor for token access, stub out ui changes 2017-09-28 16:06:08 +01:00
Shane Kilkelly
4552f3be67 Move the getPublicAccessLevel helper to top-level of module 2017-09-28 10:53:35 +01:00
Shane Kilkelly
27dcf6c4c5 Fix a typo causing double-callbacks 2017-09-28 10:37:57 +01:00
Shane Kilkelly
574b115022 Working token-based access 2017-09-27 14:01:52 +01:00
Shane Kilkelly
ee32648bf4 Order privileges by highest-to-lowest 2017-09-22 15:55:38 +01:00
Shane Kilkelly
81170d472d Add token-access routes 2017-09-22 14:54:35 +01:00
Shane Kilkelly
95292a2e55 Add unique index to token properties 2017-09-21 15:06:42 +01:00
Shane Kilkelly
441c207953 Generate tokens by default 2017-09-21 15:04:15 +01:00
Shane Kilkelly
562b2db600 Fix unit test 2017-09-21 15:01:40 +01:00
Shane Kilkelly
abe41b6948 Fix projection in project query 2017-09-21 13:37:10 +01:00
Shane Kilkelly
7dc759482c Fix how adding user to project works in acceptance tests 2017-09-21 11:43:16 +01:00
Shane Kilkelly
863d327743 Change logic to exclude token users 2017-09-21 11:02:55 +01:00
Shane Kilkelly
931ba56e33 Add an 'owner' source tag, for the project owner 2017-09-21 09:35:25 +01:00
Shane Kilkelly
ef7e1ceabf Rename functions to make distinction between invited/token members 2017-09-21 09:30:38 +01:00
Shane Kilkelly
91ec0da239 Use the invitedMembers function for sending tpds updates 2017-09-20 15:48:20 +01:00
Shane Kilkelly
574baf386e Alter getProjectsUserIsMemberOf to include token-access projects. 
Also change the api to produce an object with the different project lists
attached, rather than a pair of lists.
 2017-09-20 15:26:03 +01:00
Shane Kilkelly
ceb7c509d0 Rename getProjectsUserIsCollaboratorOf to ...IsMemberOf 
This brings the naming more in line with current conventions.
 2017-09-20 13:16:50 +01:00
Shane Kilkelly
069f49d5a6 Change getCollaboratorCount to getInvitedCollaboratorCount. 
And update the one call-site in LimitationsManager. This function
is used to limit invites, so it makes sense to explicitely limit
this to Invited members of the project.
 2017-09-20 10:29:47 +01:00
Shane Kilkelly
8460160076 Add a getInvitedMembersWithPrivilegeLevels function. 
Then use it to build the loadProject view-model.
 2017-09-20 10:02:43 +01:00
Shane Kilkelly
cf54989e6a Add a getInvitedMemberIds function 
Limited to only members who were invited to the project, not users
who have access via a token.
 2017-09-20 09:36:56 +01:00
Shane Kilkelly
fc202439ab Read-only privelege for anonymous access 2017-09-20 09:36:06 +01:00
Shane Kilkelly
06966f67db Differentiate project members by source, include token members 2017-09-20 09:35:19 +01:00
Shane Kilkelly
a06f4b6b28 Remove remaining traces of UserStub 2017-09-19 16:16:39 +01:00
Shane Kilkelly
7919d5342b Remove obsolete add-email-to-project workflow 2017-09-19 15:57:19 +01:00
Shane Kilkelly
c87df7be79 Add token-access user refs to Project 2017-09-19 09:27:22 +01:00
Shane Kilkelly
8fece2d5f0 Add tokenBased access level 2017-09-18 10:58:13 +01:00
Shane Kilkelly
2011432120 Add tokens property to Project model 2017-09-18 10:27:28 +01:00
Henry Oswald
a7217f1d37 Merge branch 'ho-csrf-acceptence-tests' 2017-09-15 13:50:17 +01:00
James Allen
adf211a226 Merge pull request #594 from sharelatex/ja-include-token-in-project-schema 
Include OL tokens in project schema
 2017-09-15 11:41:24 +02:00
Brian Gough
1bca1e11a9 fix broken unit test 2017-09-15 09:20:53 +01:00
Brian Gough
9f9c15f6f5 Merge pull request #599 from sharelatex/bg-reset-project-state 
clear docupdater project state in deleteAuxFiles
 2017-09-15 09:09:29 +01:00
Brian Gough
28a80cf23d Merge pull request #604 from sharelatex/bg-fix-root-doc-in-incremental-compile 
fix root doc in incremental compile
 2017-09-13 13:47:22 +01:00
Tim Alby
a04adbf132 remove extra security headers 2017-09-13 11:53:11 +02:00
Brian Gough
51eb94a493 handle incremental compile without root doc 2017-09-13 10:10:44 +01:00
Brian Gough
0e87b8950e update clearProjectState endpoint 2017-09-12 11:40:00 +01:00
Shane Kilkelly
54070c7734 pin chai 2017-09-12 11:21:34 +01:00
Tim Alby
d6834ff417 add security headers using Helmet 
- use all Helmet's default headers except `X-DNS-Prefetch-Control`
- use `Referrer-Policy`
- use cache headers when:
  - a user is logged in, OR
  - a project is displayed
 2017-09-12 11:17:59 +02:00
Brian Gough
5430c8a3c2 Merge pull request #593 from sharelatex/bg-fix-inactive-projects-request 
avoid error when passing as limit in mongo query
 2017-09-11 08:16:28 +01:00
Brian Gough
6d73c48c36 Merge pull request #596 from sharelatex/bg-suppress-incremental-compile-after-errors 
suppress incremental compile after errors
 2017-09-11 08:15:50 +01:00
Brian Gough
2b4c8bd846 clear docupdater project state in deleteAuxFiles 2017-09-08 15:57:29 +01:00
Brian Gough
e8435e3eae make condition clearer for incremental compile 2017-09-08 13:39:24 +01:00
Paulo Reis
98b380f70a Update translations commit in shrinkwrap. 2017-09-08 12:14:05 +01:00
Alasdair Smith
1b144ed183 Merge pull request #595 from sharelatex/as-fix-share-emails 
Fix UX issues in email autocompletion in share modal
 2017-09-08 11:25:16 +01:00
Brian Gough
03a5ff2e43 skip incremental compile after docupdater error 2017-09-07 15:06:09 +01:00
Brian Gough
c6d2f0f4e1 skip incremental compile after server error 2017-09-07 15:05:42 +01:00
Alasdair Smith
624802c28e Remove unnecessary parens 2017-09-07 11:30:42 +01:00
Alasdair Smith
b7713439bf Bring back comparsion erroneously removed 2017-09-07 11:30:20 +01:00
Shane Kilkelly
586d1f1599 Merge pull request #531 from sharelatex/sk-allow-explicit-ses-email-config 
Instantiate the ses client if explicitly specified.
 2017-09-07 10:21:01 +01:00
Alasdair Smith
320466a4f7 Catch invalid email address and show specific error message 2017-09-06 13:47:45 +01:00
Alasdair Smith
79566a9214 Prevent autocomplete on suggestions that don't match 
The behaviour of the ngTagsInput directive is somewhat counter-intuitive -
typing part of a suggested email will appear as though it matches but pressing
enter will not input the suggestion, but the current typed value.

Disabling add on enter will still allow enter to select the selection, but
prevents selection of the partially typed email/name.
 2017-09-06 11:39:30 +01:00
Alasdair Smith
ca8ba6dabe Fix incorrect checking of contact name 2017-09-05 17:18:26 +01:00
Brian Gough
3ac0e97a14 avoid error when passing as limit in mongo query 
convert request parameter from string to number
 2017-09-05 12:33:13 +01:00
Brian Gough
e2368615e2 Merge pull request #589 from sharelatex/bg-check-options-for-incremental-compile 
include the options in the project state hash
 2017-09-05 11:53:17 +01:00
Brian Gough
2e6c578dd7 add ol-style.css to fingerprint list 2017-09-05 10:54:26 +01:00
James Allen
39320c20b8 Include OL tokens in project schema 2017-09-05 10:50:39 +02:00
Joe Green
404749acaf disableConcurrentBuilds 2017-09-04 16:02:16 +01:00
Joe Green
144a13462e build.txt 2017-09-04 14:58:13 +01:00
Brian Gough
d9557fcbf5 include the options in the project state hash 2017-09-01 16:36:51 +01:00
Shane Kilkelly
7bb4638186 Restore user features to default after acceptance test. 
Fixes an issue that could come up when running the tests
several times.
 2017-09-01 14:45:54 +01:00
Shane Kilkelly
c170de7a4f Add unit test to cover project features. 2017-09-01 13:28:11 +01:00
Shane Kilkelly
3d0268a486 Add other required properties for project load. 2017-09-01 11:36:23 +01:00
Shane Kilkelly
68f860b28d Load user features alongside id and email. 
Fixes a bug where project features were not applied properly,
and instead fell back to the free-account defaults.
 2017-09-01 11:16:45 +01:00
Alasdair Smith
184c8adb84 Merge pull request #582 from sharelatex/as-pdfjs-cmaps-fix 
Fix Cmaps path for future versions of PDF.js
 2017-08-31 09:36:46 +01:00
Henry Oswald
d4b0c740c2 added csrf acceptence tests 2017-08-29 17:45:16 +01:00
James Allen
9c4dc40abf Merge pull request #583 from sharelatex/ja-import-projects 
Add in UserStub model and support in collaborators view
 2017-08-29 16:06:00 +02:00
James Allen
a58a715fad Merge pull request #570 from sharelatex/ho-null-check-redis-sessions 
Ho null check redis sessions
 2017-08-29 15:44:22 +02:00
James Allen
8d268e9d42 Merge pull request #580 from sharelatex/ja-import-collaborators 
Add in UserStub model and support in collaborators view
 2017-08-29 15:43:54 +02:00
James Allen
ba43e45f85 Merge pull request #578 from sharelatex/ja-import-projects 
Update Project schema for overleaf imports
 2017-08-29 15:43:39 +02:00
James Allen
2e005fd39a Merge pull request #572 from sharelatex/ns-autocomplete 
Adding default list of commands to autocomplete
 2017-08-29 15:43:24 +02:00
James Allen
bb6ca9ba51 Update Project schema 2017-08-29 15:21:05 +02:00