Commit graph

133 commits

Author SHA1 Message Date
Jakob Ackermann
f4d17f78f7 Merge pull request #7194 from overleaf/jpa-rate-limit-zip-download
[web] rate-limit project zip download requests

GitOrigin-RevId: c99b7474de26b0e8a288863dccb60a25adfdc1b0
2022-03-25 09:03:52 +00:00
Miguel Serrano
176ead8983 Primary Email Check (#6471)
* added primary-email-check page, route and controllers
* add `#add-email` internal link in settings to display new email form
* added primary-email-check redirection with split test
* update `lastPrimaryEmailCheck` when the default email address is set
* added `lastPrimaryCheck` to admin panel
* translations for primary-email-check
* acceptance tests for primary-email-check
* [web] multi-submit for primary email check
* Using `confirmedAt` to prevent from displaying primary-email-check page

Co-authored-by: Jakob Ackermann <jakob.ackermann@overleaf.com>
Co-Authored-By: Miguel Serrano <mserranom@gmail.com>
GitOrigin-RevId: d8e3a280439da08038a4487d8bfd7b3b0596e3b5
2022-02-04 09:03:34 +00:00
Jakob Ackermann
d812b88e76 Merge pull request #6457 from overleaf/jpa-harden-login
[web] harden login process

GitOrigin-RevId: 5c0b7cc725efd5e3e879067ad8a42fe46a47b60d
2022-01-27 09:03:38 +00:00
Jakob Ackermann
8e77ada424 Merge pull request #6417 from overleaf/jpa-device-history
[web] add cookie/JWE based device history for skipping captcha challenge

GitOrigin-RevId: b091564bfd93f7e587d396c860fd864f220f4b63
2022-01-27 09:03:34 +00:00
Jakob Ackermann
d720d6affa Merge pull request #6317 from overleaf/jpa-send-explicit-content-type
[web] send explicit content type in responses

GitOrigin-RevId: d5aeaba57a7d2fc053fbf5adc2299fb46e435341
2022-01-18 09:03:18 +00:00
Jakob Ackermann
2465a32451 Merge pull request #6234 from overleaf/jpa-web-owns-spelling-preferences
[misc] move ownership of spellingPreferences collection to web

GitOrigin-RevId: f2584a1119a578c3df15371c6798923a4f2d15ae
2022-01-07 09:03:11 +00:00
Miguel Serrano
2667e9a11c Unified Navigation Bar + Split Test (#5972)
GitOrigin-RevId: 9fbde79aba1395956d591989b6161290777cc28f
2021-12-03 09:03:27 +00:00
Miguel Serrano
d5bf5b0614 Merge pull request #5881 from overleaf/ab-split-test-middleware
New global split test middleware for locals

GitOrigin-RevId: b530572f709572663fc3d051f544064bd8804f76
2021-12-03 09:03:20 +00:00
Jakob Ackermann
44b3fece89 Merge pull request #5838 from overleaf/jpa-fix-load-editor-metrics
[web] fix the http-request metric options for loading the editor

GitOrigin-RevId: 8c87ebd5be77a918b719ddd061b4758efb277a90
2021-11-22 09:03:07 +00:00
Timothée Alby
8ca159b4b9 Merge pull request #5797 from overleaf/ta-pdf-detach
PDF Detach

GitOrigin-RevId: f69d8a87d1ba2115ad496a719106dfc7707a6ed5
2021-11-16 09:02:57 +00:00
Eric Mc Sween
5fc6d7dcb3 Merge pull request #5740 from overleaf/em-gcp-logging-web
Improve GCP logging for web

GitOrigin-RevId: b304c87a3fe46c29189f665eb3daf22c23d6eb8f
2021-11-11 09:03:09 +00:00
Alexandre Bourdin
05c1ecdde0 Merge pull request #5679 from overleaf/ab-utm-tracking-fix
UTM Tracking

GitOrigin-RevId: 8e9f8372affce72b35f47786de40def77c08a514
2021-11-09 09:05:05 +00:00
Alexandre Bourdin
115436925c Merge pull request #5668 from overleaf/revert-5595-ab-utm-tracking
Revert "UTM Tracking"

GitOrigin-RevId: dbed61448496ff8e990eb9a3712831ef1a3376fe
2021-11-03 09:04:26 +00:00
Alexandre Bourdin
69c751ce39 Merge pull request #5595 from overleaf/ab-utm-tracking
UTM Tracking

GitOrigin-RevId: 9fff6dad166875c94dbfad80770e9ad32f883418
2021-11-03 09:03:58 +00:00
Eric Mc Sween
e5676a9643 Merge pull request #5648 from overleaf/em-revert-gcp-logging-web
Revert "Improve GCP logging for web"

GitOrigin-RevId: 92d446baf62108da1df92146eec12a2fe69d30ee
2021-11-02 09:03:29 +00:00
Eric Mc Sween
641b10cceb Merge pull request #5632 from overleaf/em-gcp-logging-web
Improve GCP logging for web

GitOrigin-RevId: 1198fab2e821a55563058171cfa435605216e337
2021-11-02 09:03:22 +00:00
Jakob Ackermann
a6f05109a3 Merge pull request #5352 from overleaf/jpa-no-var
[misc] fix eslint violations for `no-var`

GitOrigin-RevId: c52e82f3a8a993b8662cc5aa56e7b95ca3c55832
2021-10-27 08:03:00 +00:00
June Kelly
49ac6e2e6b Merge pull request #4929 from overleaf/jk-fix-disconnect-users
Fix /disconnectAllUsers endpoint security

GitOrigin-RevId: 57858daa5a076c37332bc575e76ffd6b1a1bd914
2021-09-27 08:02:57 +00:00
Timothée Alby
9e5dae3443 Merge pull request #5153 from overleaf/ta-registration-properties
Rework Referrer-From User Property

GitOrigin-RevId: f1b91616e2a9b93f3c3944890d96e735c563c237
2021-09-24 08:03:02 +00:00
Eric Mc Sween
a10c042e20 Merge pull request #4947 from overleaf/em-project-rename-for-owners-only
Prevent collaborators from renaming a project

GitOrigin-RevId: 94d12e25592fea55b84427aeae78f7bb2a544a58
2021-09-14 08:03:38 +00:00
Jakob Ackermann
827768be92 Merge pull request #5008 from overleaf/jpa-drop-ie11-for-real
[web] redirect IE11 from all the pages to the unsupported browsers page

GitOrigin-RevId: 9124ca6feef4e82125d7948543a8bdb1d7702c3b
2021-09-09 08:03:17 +00:00
Alexandre Bourdin
9468e5cb4f Merge pull request #4338 from overleaf/ab-session-manager
Extract functions from AuthenticationController to SessionManager

GitOrigin-RevId: 86870ce03a762e1a837dcf493759e8851e759883
2021-07-28 12:36:22 +00:00
Alexandre Bourdin
d28c1941c2 Merge pull request #4344 from overleaf/revert-4304-ab-configurable-split-test
Revert "Configurable split tests system"

GitOrigin-RevId: dcaf79d074949c0c28b06515278a873c89b5aecb
2021-07-28 02:06:42 +00:00
Alexandre Bourdin
daf2ee57dc Merge pull request #4304 from overleaf/ab-configurable-split-test
Configurable split tests system

GitOrigin-RevId: 908dc4f681668b32e95204314ac0d5727f269e65
2021-07-28 02:06:33 +00:00
Jakob Ackermann
fe4c48b7fb Merge pull request #4325 from overleaf/jpa-core-tests-in-saas-ce-pro
[misc] run core tests in SAAS/Server CE/Server Pro environment

GitOrigin-RevId: 6278ae1eb760a4c0c16da1b71efdde844764a526
2021-07-20 11:33:46 +00:00
Jakob Ackermann
411a12cb2d Merge pull request #4322 from overleaf/jpa-custom-base-config-for-tests
[misc] set up custom base config for acceptance tests

GitOrigin-RevId: bd49c705360488fd75c6ad311afd13f22f81de61
2021-07-20 11:33:41 +00:00
Jakob Ackermann
5e773ce950 Merge pull request #4101 from overleaf/ae-settings-module
Migrate from `settings-sharelatex` to `@overleaf/settings`

GitOrigin-RevId: 9a298ba26382180c1351683c5fddc9004418c1e6
2021-07-08 02:08:28 +00:00
Timothée Alby
0ed07ec0b6 Merge pull request #4214 from overleaf/ta-inbound-register
Track Inbound Properties on Registration

GitOrigin-RevId: b7ff041ef6a2401683bdbf55756f332d78768f11
2021-06-22 02:07:34 +00:00
Jakob Ackermann
e8bb0114f8 Merge pull request #4203 from overleaf/bg-admin-disable-service-worker
disable service worker via admin page

GitOrigin-RevId: 96ec9f07b32b831f5271827ab345ad831044f831
2021-06-17 02:09:06 +00:00
Alexandre Bourdin
e2d116e8be Merge pull request #4149 from overleaf/ab-user-registration-properties
Track registration sources as user properties

GitOrigin-RevId: 1c1346d092808aff49c89c1659f42674506a919d
2021-06-11 02:05:50 +00:00
Jakob Ackermann
710035899a Merge pull request #4121 from overleaf/jpa-health-check-api
[misc] add /health_check/api

GitOrigin-RevId: bfa907821e8b5963a865a59fdbc717de34159834
2021-06-01 02:05:52 +00:00
Jakob Ackermann
95c83866c5 Merge pull request #4112 from overleaf/tm-private-api-basic-auth
Add requireBasicAuth middleware and refactor httpAuth to use it

GitOrigin-RevId: 7f68c0dc4a40102bfe4a97711def517e465ec7fd
2021-06-01 02:05:46 +00:00
Miguel Serrano
4bcab34580 Merge pull request #3978 from overleaf/jel-notifications-decaf
Notifications decaf cleanup and remove eslint disable

GitOrigin-RevId: 557a7c63aecda346501d56d1eb18935b12130e8a
2021-05-06 02:09:25 +00:00
Jakob Ackermann
23c73b9bf1 Merge pull request #3959 from overleaf/jpa-take-note-of-past-url
[UnsupportedBrowserMiddleware] take note of the past URL in redirect

GitOrigin-RevId: d80ed876f87e54c181f00669a11795a2ce44e5a5
2021-04-29 02:09:33 +00:00
Alf Eaton
1be43911b4 Merge pull request #3942 from overleaf/prettier-trailing-comma
Set Prettier's "trailingComma" setting to "es5"

GitOrigin-RevId: 9f14150511929a855b27467ad17be6ab262fe5d5
2021-04-28 02:10:01 +00:00
Alasdair Smith
f7cf7626ec Merge pull request #3820 from overleaf/as-block-ie
Add middleware to block unsupported browsers

GitOrigin-RevId: b1f1e4ae1572c3c323dc72442c8d5169b4879d5d
2021-04-17 02:09:52 +00:00
Alf Eaton
1ebc8a79cb Merge pull request #3495 from overleaf/ae-prettier-2
Upgrade Prettier to v2

GitOrigin-RevId: 85aa3fa1acb6332c4f58c46165a43d1a51471f33
2021-04-15 02:05:22 +00:00
Miguel Serrano
80dff8d42c Merge pull request #3800 from overleaf/ab-queue-onboarding-emails
Implement queuing for onboarding emails

GitOrigin-RevId: f1eca149a6a2cab35b4cf9c3889dc384372fd453
2021-04-01 02:04:48 +00:00
Jakob Ackermann
60cefae09a Merge pull request #3836 from overleaf/jpa-no-close-editor-in-saas
[views] admin: the open/close editor feature is not available in SAAS

GitOrigin-RevId: 6d9ba22e7843be7c27084a6bb5bc1c502ecdccc9
2021-03-31 02:05:07 +00:00
Brian Gough
bc4f5a687a Merge pull request #3682 from overleaf/bg-check-maintenance-file
check maintenance file periodically to close site

GitOrigin-RevId: 8e29f40a23df96198c6e4603ede2bab852b98740
2021-02-26 03:04:07 +00:00
Jessica Lawshe
0f7b268cdf Merge pull request #3683 from overleaf/bg-admin-open-editor
Allow admin to reopen editor after closing

GitOrigin-RevId: 9bf0c4234a9d510785aa4bddbb9f239d678ba503
2021-02-23 03:04:31 +00:00
Eric Mc Sween
db93fa3a8b Merge pull request #3556 from overleaf/jpa-clsi-persistance-query-param
[CompileController] enable clsi node persistence via query parameter

GitOrigin-RevId: 515814d6ad5832e69538ef6d63f81c61c66fd73f
2021-01-22 03:04:42 +00:00
Paulo Jorge Reis
34f7c709f0 Merge pull request #3425 from overleaf/jpa-cookie-domain-in-ci
[misc] setup cookieDomain and siteUrl for acceptance tests

GitOrigin-RevId: a57a9c4f44186848ccda34316071cd65ac387310
2020-12-03 03:04:33 +00:00
Jakob Ackermann
500a7b60e0 Merge pull request #3414 from overleaf/jpa-rate-limit-downloads
[misc] add rate-limits to download routes of mics output files

GitOrigin-RevId: d1d646fc3da6b628adc762ce84860e3701e3857d
2020-11-27 03:04:49 +00:00
Christopher Hoskin
1e8598a8d9 Merge pull request #3331 from overleaf/csh-issue-3661-bump-agents
Update metrics module

GitOrigin-RevId: bdef141035f277ce4863f14f8a6e166d710b1111
2020-10-31 03:05:30 +00:00
Miguel Serrano
09a07c1dc0 Merge pull request #3270 from overleaf/msm-fix-login-requirement-rw-sharing
requireLogin() conditional on Settings.allowAnonymousReadAndWriteSharing

GitOrigin-RevId: 6fc3790f902c414a8104e34a508289ea32d83737
2020-10-28 03:05:04 +00:00
Jessica Lawshe
1ca50eeb98 Merge pull request #3179 from overleaf/jel-remove-sudo-mode
Remove SudoMode

GitOrigin-RevId: 9419f9b28e5051a1c5abd29f498f72448d1afd33
2020-10-07 02:04:29 +00:00
Jakob Ackermann
023f1c254f Merge pull request #3000 from overleaf/jpa-skip-requests-for-anonymous-users
[misc] skip requests for anonymous users

GitOrigin-RevId: a459fc623c171ccc146ee0d31e8faca0b719d096
2020-07-25 02:06:18 +00:00
Jakob Ackermann
53927bca95 [misc] move /user/activate into a module (#2962)
* [misc] move /user/activate into a module

Co-Authored-By: Nate Stemen <nate.stemen@overleaf.com>

* [misc] setup copybara for the new user-activate module

* [misc] move the /user/activate route behind a feature flag

...which is by default enabled.

Co-authored-by: Nate Stemen <nate.stemen@overleaf.com>
GitOrigin-RevId: 87fc5ae869a7e282ffdbeea0ff7b7c55b8b9b31b
2020-07-16 02:06:51 +00:00
Hugh O'Brien
eaa7491c2b Merge pull request #2948 from overleaf/hb-onboarding-email
User onboarding email

GitOrigin-RevId: 367fd8b6292024bfcad2139728c16cf00f2fb1cb
2020-07-14 02:06:47 +00:00
Jakob Ackermann
cafe9387f8 Merge pull request #2996 from overleaf/jpa-rate-limit-project-download
[misc] rate limit the download of project revisions to 30 per user/hour

GitOrigin-RevId: 81244a0dad1cf183da69406ef488f6684d5f134a
2020-07-11 02:04:45 +00:00
Brian Gough
49784e8ac0 Merge pull request #2990 from overleaf/bg-add-health-check-on-active-handles
add health check limit on active handles (optional)

GitOrigin-RevId: c26071c96b220935178012d881bb53013df64155
2020-07-11 02:04:15 +00:00
Shane Kilkelly
f4950c21bf Merge pull request #2870 from overleaf/sk-restrict-chat
Block restricted users from Chat endpoints

GitOrigin-RevId: caec8fe2bc93d567dd57f32dc765bd74ba53e933
2020-06-05 02:09:58 +00:00
Eric Mc Sween
ae63093300 Merge pull request #2799 from overleaf/ho-rate-limit-additions
add rate limiting to /status/compiler/:Project_id

GitOrigin-RevId: 5237121cc281207b261246b742bd7b52c844434d
2020-05-21 03:22:30 +00:00
Miguel Serrano
0583f7a667 Merge pull request #2746 from overleaf/ew-jpa-fix-deprecated-express-methods
[misc] fix express deprecations

GitOrigin-RevId: 78c730578c6a671f142837c98f98d5fd260332a5
2020-05-07 03:27:56 +00:00
Ersun Warncke
09667a3f6a show dropbox sync status on settings page
GitOrigin-RevId: 843950ea236bd80c605cf184959a7ce2d7895693
2020-04-28 03:21:19 +00:00
Shane Kilkelly
b51e3c01e4 Merge pull request #2614 from overleaf/sk-monolithify-tags
Move 'tags' into web

GitOrigin-RevId: a248d1b2471f0bfa05589df9b7357b4d85793a79
2020-03-25 04:16:44 +00:00
Jessica Lawshe
a433235310 Merge pull request #2643 from overleaf/jel-affiliations-cron-job
Ensure affiliations cron job

GitOrigin-RevId: 4ac6f8b29b1e1460d627a86172fcdf1fa27a59a8
2020-03-12 04:18:47 +00:00
Brian Gough
fc028c7544 Merge pull request #2633 from overleaf/bg-fix-health-check-for-web-api
fix the health check on the api router

GitOrigin-RevId: 985322f8e4ff0b5dddbe7cf68c41414af6fd502d
2020-03-11 04:14:58 +00:00
Eric Mc Sween
b2ee3bf2bb Merge pull request #2634 from overleaf/jel-ensure-affiliations
Ensure affiliations after loading the settings page

GitOrigin-RevId: bf9982fb436d0e75d6fbd8418ca2d19e00fe3b66
2020-03-03 04:21:44 +00:00
Brian Gough
509c23def7 Merge pull request #2631 from overleaf/bg-maintenance-messages-in-editor
display maintenance messages in editor

GitOrigin-RevId: 7d4fda60c5e2bd12d2cead2a9bff326b75e9c4e7
2020-02-27 04:17:59 +00:00
Shane Kilkelly
7cbb00f207 Merge branch 'sk-token-csrf-protection'
GitOrigin-RevId: e71f7264be45b665502150e9ffbb85b3fc94665e
2020-02-26 04:24:01 +00:00
Simon Detheridge
db27215760 Merge pull request #2521 from overleaf/ta-announcement-remove
Remove Announcements

GitOrigin-RevId: 3fed602e89992ad5f4260134b87ade1e6e088cf7
2020-01-17 04:19:59 +00:00
Timothée Alby
9af55a11f7 Merge pull request #2381 from overleaf/ho-template-error-handling
Template error handling & blog routes removal

GitOrigin-RevId: 849423e19bbb5291ef25ed9612f49bdc67dae330
2019-11-27 13:21:32 +00:00
Hugh O'Brien
3bad05532a Merge pull request #2373 from overleaf/hb-move-internal-project-to-private-router
move internal/project route to private api router

GitOrigin-RevId: 2774eec3ba43a8307ca80d2fd7356e33b209d53a
2019-11-18 11:21:37 +00:00
Brian Gough
012bef257d Merge pull request #2346 from overleaf/bg-remove-realtime-proxy-router
remove RealTimeProxyRouter

GitOrigin-RevId: 28e85b251890fb97547db768af907f357ee545cb
2019-11-08 10:58:21 +00:00
Timothée Alby
47137f6c03 Merge pull request #2324 from overleaf/spd-devcsrf-resurrect
Reinstate /dev/csrf route and add explanatory comment

GitOrigin-RevId: 48fe437040860e974ada4e22409762c74a14d394
2019-11-04 12:01:52 +00:00
Timothée Alby
df45df5b71 Merge pull request #2309 from overleaf/spd-nodevcsrf
Remove /dev/csrf route from production

GitOrigin-RevId: 4dc19fa6d33214f9a4cc57ee1293c215eb072c00
2019-11-04 10:07:27 +00:00
Eric Mc Sween
06de9233b8 Merge pull request #2255 from overleaf/em-audit-log
Project audit logs

GitOrigin-RevId: 439add2959be140c4f56ce9b41b9f59d432c494d
2019-10-23 12:59:04 +00:00
Brian Gough
45ebc42bf6 Merge pull request #2276 from overleaf/bg-reject-invalid-sessions
reject invalid sessions

GitOrigin-RevId: 5dc59609d01d7ad9bc29f9bf18faee1165d10689
2019-10-22 09:25:33 +00:00
Jessica Lawshe
b5f4e26840 Merge pull request #2118 from overleaf/cmg-convert-array-archiving
New archiving endpoint to convert to array

GitOrigin-RevId: a6f5d3e2363afcbcd5719731261b85a0ae7a1e25
2019-10-02 14:22:28 +00:00
Eric Mc Sween
3ec74ac6f2 Merge pull request #2164 from overleaf/em-ownership-transfer
Project ownership transfer backend endpoint

GitOrigin-RevId: b7d267f2c105e8f51d5013289ac4afeb077c1e21
2019-09-30 15:01:03 +00:00
Eric Mc Sween
a87a731d25 Merge pull request #2176 from overleaf/em-ta-json-auth
Make ensureUserCanAdminProject always raise a 403

GitOrigin-RevId: 4dd1eca1cfb171d92392bc3c8208b61cbf7c6815
2019-09-30 13:36:48 +00:00
Eric Mc Sween
7951ee229a Merge pull request #2179 from overleaf/sk-re-add-project-dashboard-rate-limit
Re-add rate limit on /project

GitOrigin-RevId: 1099361db517c8bfce08b4bbc6b64d05205cccb1
2019-09-26 12:56:08 +00:00
Eric Mc Sween
9cd5af840a Merge pull request #2152 from overleaf/as-per-user-trash-backend
Add per-user trash endpoint

GitOrigin-RevId: 94a6e3416b047e1f8721159ac0d049e98785e5ce
2019-09-26 12:56:02 +00:00
Timothée Alby
294ce1a13c remove dead code around syncUserToSubscription (#2122)
GitOrigin-RevId: d489365a4bceb9d675e6a75b25be61baa3aa010e
2019-09-04 11:45:24 +00:00
Brian Gough
7d9fe92f28 Merge pull request #2120 from overleaf/bg-fix-rate-limit
Revert "Add a rate limit to the `/project` page"

GitOrigin-RevId: 1bcd88e03a4cea2defbd4779bc81d0d972f1cd4e
2019-09-03 15:25:38 +00:00
Shane Kilkelly
84de1af960 Merge pull request #2108 from overleaf/sk-add-rate-limit-to-project-page
Add a rate limit to the `/project` page

GitOrigin-RevId: ef77f092c94c6a88fc73354cee6b8572b84d3d3a
2019-09-03 15:25:13 +00:00
Eric Mc Sween
e0c3a971bb Merge pull request #2044 from overleaf/em-forwarded-for
Get client IP behind proxies

GitOrigin-RevId: aed5e0bdcefb22b45db1b8745c5cd7522a32c21f
2019-08-06 12:34:26 +00:00
Simon Detheridge
748a21d74c Merge pull request #1975 from overleaf/em-one-time-login-landing-page
Landing page for one-time login

GitOrigin-RevId: d7453e7f3dbf12062cc45108e4cb2ebb7b042a76
2019-07-18 14:34:37 +00:00
Simon Detheridge
bf740f1e25 Merge pull request #1959 from overleaf/spd-integration-soft-deletion
Integration: Merge soft-deletion features into master
GitOrigin-RevId: 83baf730be2f256ad0d02271600392fda144b761
2019-07-18 14:34:22 +00:00
Simon Detheridge
c30e83a4ed Merge pull request #1877 from overleaf/em-filestore-range-request
Get file size before truncating files for preview

GitOrigin-RevId: 0822691d75bd8bfe3d6cfd23f9ca4b1c3be20585
2019-06-20 11:30:50 +00:00
Alasdair Smith
0ca81de78c Merge pull request #1717 from overleaf/as-decaffeinate-backend
Decaffeinate backend

GitOrigin-RevId: 4ca9f94fc809cab6f47cec8254cacaf1bb3806fa
2019-05-29 09:32:21 +00:00