Paulo Reis
71604ebd5c
Create uiConfig Pug local; render it in the HTML.
2017-11-30 15:12:36 +00:00
Shane Kilkelly
10fc89c8cf
Merge pull request #142 from sharelatex/sk-fix-token-indexes
...
use correct partial indexes on project token fields
2017-11-23 10:30:31 +00:00
Shane Kilkelly
035e0c1213
Add autoIndex: false
option to mongoose connections.
...
This prevents mongoose from auto-creating missing indexes on boot.
2017-11-22 13:37:57 +00:00
James Allen
5bb06915cc
Rename setting and use Features.hasFeatures
2017-11-22 10:45:31 +00:00
James Allen
7440d8da58
Change to an 'enableGithubSync' setting
2017-11-22 10:44:57 +00:00
James Allen
4f905af078
Add feature flag for github sync
2017-11-20 11:48:06 +00:00
James Allen
a97c3ba580
Add missed Features.coffee
2017-11-20 11:43:02 +00:00
James Allen
745ae8d081
Add in Features module to handle feature flags, and use it to cleanly turn off registration
2017-11-20 10:47:32 +00:00
Shane Kilkelly
9a7c8c5842
Revert "Remove remaining traces of UserStub"
...
This reverts commit ab6b4c32254a20b940c489b8b5b56237433cc0f6.
2017-10-12 15:08:48 +01:00
Shane Kilkelly
a06f4b6b28
Remove remaining traces of UserStub
2017-09-19 16:16:39 +01:00
Tim Alby
a04adbf132
remove extra security headers
2017-09-13 11:53:11 +02:00
Tim Alby
d6834ff417
add security headers using Helmet
...
- use all Helmet's default headers except `X-DNS-Prefetch-Control`
- use `Referrer-Policy`
- use cache headers when:
- a user is logged in, OR
- a project is displayed
2017-09-12 11:17:59 +02:00
Brian Gough
2e6c578dd7
add ol-style.css to fingerprint list
2017-09-05 10:54:26 +01:00
James Allen
d5839437fd
Add in UserStub model and support in collaborators view
2017-08-24 17:48:47 +02:00
Paulo Reis
4849c705de
Optionally ask the translate local method to HTML encode; use it in the problematic tooltip.
2017-07-28 17:31:28 +01:00
Brian Gough
0ae93db08b
use ApiErrorHandler on public api
2017-07-05 15:06:23 +01:00
Brian Gough
bd83d94f64
rename apiRouter -> privateApiRouter in Modules
2017-07-05 14:41:14 +01:00
Brian Gough
29b40ad824
add public api router
2017-07-05 14:32:55 +01:00
Brian Gough
3e8ad69f3c
make loading of module routes more robust
2017-07-05 11:46:29 +01:00
Brian Gough
b2f676af5a
avoid duplicate routes for /status
2017-07-04 12:41:51 +01:00
Brian Gough
62d6933886
use settings instead of ENV for web/api split
2017-06-15 16:11:20 +01:00
Brian Gough
4b188ce120
support separate processes for web and api
...
via an environment variable WEB_TYPE
2017-05-22 13:31:02 +01:00
Brian Gough
5ac2ed8fc6
use a separate error handler for api router errors
2017-05-19 16:36:29 +01:00
Shane Kilkelly
60d3e4a97b
If external auth system is in use, skip sudo-mode checks
2017-05-15 15:46:24 +01:00
James Allen
3bfd92dd9c
Rename lock to avoid potential conflict with doc updater
2017-05-11 15:27:01 +01:00
James Allen
8449b0417c
Move all redis end points to be cluster compatible
2017-05-04 15:22:54 +01:00
Shane Kilkelly
a9b8b864df
Move content-disposition setting into a method on res
2017-04-12 16:00:02 +01:00
Shane Kilkelly
bb65da88fe
Merge branch 'master' into node-6.9
2017-04-05 10:15:51 +01:00
Shane Kilkelly
043520fc28
Remove the Metrics module, use metrics-sharelatex
2017-04-03 16:18:30 +01:00
Shane Kilkelly
f2b5901776
wip: use new metrics.timeAsyncMethod
2017-03-16 10:59:18 +00:00
Brian Gough
6f392f2270
upgrade pdfjs to 1.7.225
2017-03-02 09:31:23 +00:00
Shane Kilkelly
621a07aff2
Merge branch 'master' into node-6.9
2017-02-14 11:01:14 +00:00
Shane Kilkelly
4e9426e6bf
Merge branch 'master' into sk-pug
2017-01-30 14:36:10 +00:00
Shane Kilkelly
239164fe26
Merge branch 'master' into sk-rate-limit-cluster
2017-01-25 09:56:08 +00:00
Henry Oswald
13d21b881f
use new annoncments feature for case study info
2017-01-24 16:03:05 +00:00
Henry Oswald
2341a8481a
Merge branch 'master' into ho-promote-case-study
2017-01-24 14:49:35 +00:00
Shane Kilkelly
57cd54bf55
WIP: migrate from jade to pug
2017-01-20 12:03:02 +00:00
Shane Kilkelly
635b935acc
Add an acceptance test for login rate limits, cleanup
2017-01-16 11:46:59 +00:00
Shane Kilkelly
25956d4c62
Fix up tests
2017-01-13 16:04:26 +00:00
Shane Kilkelly
525e871d55
Merge branch 'master' into sk-rate-limit-cluster
2017-01-13 14:17:18 +00:00
Shane Kilkelly
5c25d15a18
WIP: try switch to rolling rate limiter
2017-01-12 09:25:18 +00:00
Shane Kilkelly
731f280e2e
Move auth parts of top menu out of config and into web templates.
...
Move the remaining configuration into a new config var: `nav.header_extras`.
Add a `nav.showSubscriptionLink` var to control visibility of subscription link
in the Account menu.
This will allow admins to more easily configure extra links in the top
navigation bar, without the danger of overwriting the important auth menus.
2017-01-11 10:27:38 +00:00
Shane Kilkelly
7bbbfe20b9
If external auth is used, remove /register
items from header nav.
...
(logic moved from docker-image settings file)
2016-12-21 13:50:13 +00:00
Shane Kilkelly
64f69069b2
Experimental: upgrade to node 6.9.2 (latest LTS release)
2016-12-21 10:23:42 +00:00
Shane Kilkelly
822f76a883
Add unit tests for RedisWrapper
2016-12-19 15:12:22 +00:00
Shane Kilkelly
03b541fb64
Fix small mistakes
2016-12-19 14:10:27 +00:00
Shane Kilkelly
9f787943b6
Remove stray redis imports.
2016-12-19 12:17:23 +00:00
Shane Kilkelly
ef0a5801d5
Create a RedisWrapper, and use it for rate limiting.
2016-12-19 12:17:02 +00:00
Shane Kilkelly
d38890e9f4
Add the rolling
option to session
2016-11-30 09:41:58 +00:00
Henry Oswald
6e9458e9e1
wip
2016-11-29 14:38:25 +00:00
Brian Gough
277894631a
try out new pdfjs font fix
...
https://github.com/mozilla/pdf.js/pull/7705
2016-11-16 14:50:09 +00:00
Shane Kilkelly
6c381b127c
Count saml as an external authentication system.
2016-11-14 13:33:48 +00:00
Shane Kilkelly
2cf2199964
WIP: enable non-csrf routes from modules
2016-11-11 13:48:29 +00:00
Shane Kilkelly
bfa0e7cf89
WIP: start moving web sessions to cluster
2016-11-08 15:32:36 +00:00
Shane Kilkelly
9cb3d8c4b8
Enable hook from module into passport init.
2016-11-01 14:06:54 +00:00
Brian Gough
baf09e4f3a
avoid exception in LoggerSerializers
2016-10-25 15:50:05 +01:00
Brian Gough
3519fbe337
add worker-latex.js to fingerprints
2016-10-25 14:18:37 +01:00
Brian Gough
27a8dc1dfd
upgrade pdfjs to 1.6.210p1
2016-10-13 16:10:01 +01:00
Brian Gough
8c7d712738
update live version of ace to 1.2.5
2016-10-06 14:20:23 +01:00
Brian Gough
837151a395
include moment in package versions
2016-10-05 14:54:42 +01:00
Brian Gough
8b6425317f
introduce PackageVersions module
...
put all package versions in one central place
2016-10-05 14:54:42 +01:00
Henry Oswald
4f3b57ceeb
cleaned up comments
2016-09-27 16:23:40 +01:00
Henry Oswald
a00cb707cc
fingerprints are grouped into lists with this change
...
fingerprints are shared when require.js pulls in other resources.
this change means changes to either ace.js or mode-latex.js will
result in different fingerprints for those files.
2016-09-27 16:21:04 +01:00
Shane Kilkelly
a0f156e1a9
wipe out more session access
2016-09-22 15:33:50 +01:00
Shane Kilkelly
ff1c72ee14
Fix up more session access
2016-09-22 14:30:34 +01:00
Shane Kilkelly
6df569253a
Fix session touch
2016-09-22 13:48:09 +01:00
Shane Kilkelly
eca1dfa482
Remove dead code
2016-09-21 09:27:35 +01:00
Shane Kilkelly
4eada48638
Merge branch 'master' into sk-passport
2016-09-19 15:40:25 +01:00
Brian Gough
ebe3ba4fb8
Merge pull request #316 from sharelatex/pdfjs-font-patch
...
Pdfjs font patch
2016-09-19 11:24:50 +01:00
Brian Gough
64dc1784d3
switch to patched version of pdfjs
2016-09-19 11:15:27 +01:00
Shane Kilkelly
97a6ac0f00
Merge branch 'master' into sk-passport
...
# Conflicts:
# app/coffee/Features/Authorization/AuthorizationMiddlewear.coffee
2016-09-15 14:48:51 +01:00
James Allen
c9a17982cf
Add canonical url tag and don't include query string
2016-09-14 17:08:26 +01:00
Shane Kilkelly
9758dd77b3
kill whitespace
2016-09-07 08:58:57 +01:00
Shane Kilkelly
b0a10c948c
wip refactor
2016-09-06 15:22:13 +01:00
Shane Kilkelly
eca4c46f7f
WIP: refactor
2016-09-05 16:23:37 +01:00
Shane Kilkelly
ab2c1e82fb
WIP: refactor
2016-09-05 15:58:31 +01:00
Shane Kilkelly
e6c7aa25ec
barely functional login and logout
2016-09-05 10:28:47 +01:00
Shane Kilkelly
e4f4325150
Basic passport integration
2016-09-02 16:17:37 +01:00
Henry Oswald
8c18153d5c
Merge pull request #304 from sharelatex/ho-jade-speedup
...
Ho jade speedup
2016-08-30 12:47:08 +01:00
Henry Oswald
3f4e888af5
Merge pull request #305 from sharelatex/cdnfallback
...
don't use cdn if it can not be accessed
2016-08-24 09:45:14 +01:00
Henry Oswald
934e908697
just use plain req.ip for logging
2016-08-23 17:00:13 +01:00
Henry Oswald
d3ebdb64b2
precompile the jade partial views
2016-08-23 15:31:09 +01:00
Henry Oswald
50b3403983
use url.resolve to build url for freegeoip lookups
2016-08-19 15:39:58 +01:00
Henry Oswald
d8e7bacec4
added logging in
2016-08-19 11:53:40 +01:00
Henry Oswald
3d36dc7d6c
mvp for not using cdn when blocked
2016-08-19 11:05:35 +01:00
Henry Oswald
f7a0860f0b
Merge pull request #286 from sharelatex/ha-editor-close
...
fix close editor button
2016-07-22 13:49:26 +01:00
Henry Oswald
3029fb6335
add dark host option and don’t load pdfjs worker via cdn
2016-07-21 19:06:53 +01:00
Henry Oswald
6aca798a45
don’t use cdn on dark
2016-07-21 15:34:23 +01:00
Henry Oswald
ad60268707
clean up vars for buildjs path and change default to cdn.sharelatex.dev:3000
2016-07-21 09:38:24 +01:00
Henry Oswald
e27d5ce969
use Url for lib name
2016-07-20 16:10:33 +01:00
Henry Oswald
596fc2525b
simplified buildJSPath
2016-07-20 14:48:58 +01:00
Henry Oswald
6c78ab4ace
got requirejs working nicely with cdn
2016-07-20 12:58:32 +01:00
Henry Oswald
b589ab388f
fix close editor button
...
- only evaulate close on web router, not api/static assets
- allow /admin pages to still be available
2016-07-19 17:15:20 +01:00
Henry Oswald
f8c38f30a8
got build js path working with mathjax
2016-07-19 15:41:33 +01:00
Henry Oswald
0cbd9d0ff9
use url.resolve to adding https:// part
2016-07-19 11:41:36 +01:00
Henry Oswald
a2a8b7123b
created buildCssPath img and js path funcs
2016-07-18 17:18:51 +01:00
Henry Oswald
715ffcfbf2
changed ordering on static assets path, just tidying.
2016-07-18 16:24:48 +01:00
Henry Oswald
c21549220c
mvp for cdn
2016-07-18 14:05:07 +01:00
Shane Kilkelly
9e35bdcaea
Refactor: add ?
suffix to truth tests.
2016-07-07 09:35:44 +01:00
Shane Kilkelly
d8ffa5b4b1
set expiry on the user sessions set.
2016-07-01 11:24:46 +01:00