Commit graph

2082 commits

Author SHA1 Message Date
Shane Kilkelly
fe708fcc04 Generate all missing tokens 2017-10-12 11:19:26 +01:00
Shane Kilkelly
70b1e42e36 Add deprecation comment regarding legacy access-levels 2017-10-12 11:00:39 +01:00
Shane Kilkelly
6e09165452 Refactor auth sources 2017-10-12 10:57:11 +01:00
Brian Gough
45ed090326 Merge pull request #37 from sharelatex/bg-rate-limit-autocompile
rate limit autocompile (connects to #18)
2017-10-12 09:25:59 +01:00
Brian Gough
c913ec69ef Merge pull request #34 from sharelatex/bg-fix-double-callback-in-resources-check
fix double callback in resources check (connects to #18)
2017-10-12 09:20:05 +01:00
Brian Gough
cf25ff058f use new endpoint docupdater get_and_flush_if_old 2017-10-11 16:05:28 +01:00
Alasdair Smith
5047213c3c Change rollout detection to account for changes in proportion preserving rolled out users 2017-10-11 14:47:39 +01:00
Hayden Faulds
f017a94b7e remove unused HistoryManager 2017-10-11 11:18:20 +01:00
Hayden Faulds
4e0a159db4 Merge pull request #40 from sharelatex/hof-pathname-for-doc-store
return pathname from DocumentController.getDoc
2017-10-11 09:52:56 +01:00
Brian Gough
5b0d3d1429 simplify rate-limit checking code 2017-10-09 16:31:01 +01:00
Brian Gough
9eec245358 allow docupdater to flush docs in background 2017-10-09 14:17:28 +01:00
Shane Kilkelly
1a4ffe7708 Remove un-necessary call to getProject from archiveProject path 2017-10-09 11:30:55 +01:00
Shane Kilkelly
ad68adee9a Add more commentary on the anonymous path 2017-10-09 11:13:55 +01:00
Shane Kilkelly
e73de3bfd4 Fix whitespace in function signature 2017-10-09 10:57:23 +01:00
Shane Kilkelly
732ce9417b Don't create tokens on project by default 2017-10-09 10:25:20 +01:00
Nate Stemen
cfca4b5d6c modified labels service to include packages aware autocompletion 2017-10-06 17:15:50 +01:00
Shane Kilkelly
d386f79a76 Clean up 2017-10-06 16:10:33 +01:00
Shane Kilkelly
91abb6eed6 If project is not tokenBased, don't count members of token arrays 2017-10-06 15:57:22 +01:00
Shane Kilkelly
387854db7a Fix an embarassing mistake, generate tokens dynamically, not once. 2017-10-06 13:24:10 +01:00
James Allen
3c54419eb3 Remove commented debug code 2017-10-05 16:12:26 +01:00
James Allen
9c1faa4395 Add method to transfer projects from one user_id to another 2017-10-05 14:26:34 +01:00
Nate Stemen
507bb568a3 labels -> metadata 2017-10-05 14:19:30 +01:00
Shane Kilkelly
bb0dad3353 Safe access to potentially-null project 2017-10-05 14:19:21 +01:00
Shane Kilkelly
b8d90a1a99 Show token-access projects on the dashboard 2017-10-05 13:20:06 +01:00
Shane Kilkelly
e4e558c0e6 Hide access tokens if user is not the project owner.
This prevents sneaky read-only users from sniffing out the read-write
link via the browser console.
2017-10-05 13:18:30 +01:00
Nate Stemen
e53a24f8f5 starting to generalize from labels to metadata 2017-10-04 17:56:43 +01:00
Shane Kilkelly
6482cd7dd8 Generate tokens on old projects if they're not present 2017-10-04 16:31:24 +01:00
Alasdair Smith
8366ea271f Restrict autocompile onboarding to users in rollout (factor of 100) 2017-10-03 17:08:19 +01:00
Brian Gough
d14723f24a add rate limits for autocompiles
global rate limit for all users and a lower rate limit for free users
2017-10-03 16:16:21 +01:00
Shane Kilkelly
b6c2a8f7f7 Tidy up callbacks 2017-10-03 14:14:22 +01:00
Shane Kilkelly
7b33f8b4c2 Unit test TokenAccessController 2017-10-03 14:04:59 +01:00
Alasdair Smith
91e0397bf5 Update signup date check to today 2017-10-03 10:48:59 +01:00
Shane Kilkelly
ede497f4b3 Unit test TokenAccessHandler 2017-10-03 10:02:26 +01:00
Brian Gough
bd005d7bb6 fix double callback in precompile resources check 2017-10-02 10:14:52 +01:00
Shane Kilkelly
9f24f696a5 Use custom header, send anonToken in payload to joinProject 2017-09-29 16:32:07 +01:00
Shane Kilkelly
34d4d1360f Anon read-token: add an Authorization header to $http 2017-09-29 15:54:55 +01:00
Hayden Faulds
bf1c24f6f9 return pathname from DocumentController.getDoc 2017-09-29 15:37:10 +01:00
Shane Kilkelly
9810f63245 Render editor for token access, stub out ui changes 2017-09-28 16:06:08 +01:00
Alasdair Smith
3e2388a7de Don't show autocompile for users signed up after release date 2017-09-28 13:57:15 +01:00
Alasdair Smith
f2c0bf5515 First pass at getting onboarding shown event from analytics 2017-09-28 13:04:18 +01:00
Alasdair Smith
afff8ddf29 Pass (dummy) autocompile onboarding 2017-09-28 11:13:49 +01:00
Shane Kilkelly
4552f3be67 Move the getPublicAccessLevel helper to top-level of module 2017-09-28 10:53:35 +01:00
Shane Kilkelly
27dcf6c4c5 Fix a typo causing double-callbacks 2017-09-28 10:37:57 +01:00
Shane Kilkelly
574b115022 Working token-based access 2017-09-27 14:01:52 +01:00
Brian Gough
13628f82ec Merge pull request #17 from sharelatex/bg-lock-compiles
show error for compile in progress
2017-09-27 13:54:16 +01:00
Hayden Faulds
4adf88ca01 handle OL or SL ids in UserInfoController.getPersonalInfo 2017-09-26 11:40:05 +01:00
Hayden Faulds
2c0e9bb89a return overleaf details from ProejctsDetailsHandler.getdetails 2017-09-26 10:19:30 +01:00
Brian Gough
0f855689a7 show error for compile in progress 2017-09-26 08:07:35 +01:00
Shane Kilkelly
ee32648bf4 Order privileges by highest-to-lowest 2017-09-22 15:55:38 +01:00
Shane Kilkelly
81170d472d Add token-access routes 2017-09-22 14:54:35 +01:00
Shane Kilkelly
95292a2e55 Add unique index to token properties 2017-09-21 15:06:42 +01:00
Shane Kilkelly
441c207953 Generate tokens by default 2017-09-21 15:04:15 +01:00
Shane Kilkelly
abe41b6948 Fix projection in project query 2017-09-21 13:37:10 +01:00
Shane Kilkelly
863d327743 Change logic to exclude token users 2017-09-21 11:02:55 +01:00
Shane Kilkelly
931ba56e33 Add an 'owner' source tag, for the project owner 2017-09-21 09:35:25 +01:00
Shane Kilkelly
ef7e1ceabf Rename functions to make distinction between invited/token members 2017-09-21 09:30:38 +01:00
Shane Kilkelly
91ec0da239 Use the invitedMembers function for sending tpds updates 2017-09-20 15:48:20 +01:00
Shane Kilkelly
574baf386e Alter getProjectsUserIsMemberOf to include token-access projects.
Also change the api to produce an object with the different project lists
attached, rather than a pair of lists.
2017-09-20 15:26:03 +01:00
Shane Kilkelly
ceb7c509d0 Rename getProjectsUserIsCollaboratorOf to ...IsMemberOf
This brings the naming more in line with current conventions.
2017-09-20 13:16:50 +01:00
Shane Kilkelly
069f49d5a6 Change getCollaboratorCount to getInvitedCollaboratorCount.
And update the one call-site in LimitationsManager. This function
is used to limit invites, so it makes sense to explicitely limit
this to Invited members of the project.
2017-09-20 10:29:47 +01:00
Shane Kilkelly
8460160076 Add a getInvitedMembersWithPrivilegeLevels function.
Then use it to build the loadProject view-model.
2017-09-20 10:02:43 +01:00
Shane Kilkelly
cf54989e6a Add a getInvitedMemberIds function
Limited to only members who were invited to the project, not users
who have access via a token.
2017-09-20 09:36:56 +01:00
Shane Kilkelly
fc202439ab Read-only privelege for anonymous access 2017-09-20 09:36:06 +01:00
Shane Kilkelly
06966f67db Differentiate project members by source, include token members 2017-09-20 09:35:19 +01:00
Shane Kilkelly
a06f4b6b28 Remove remaining traces of UserStub 2017-09-19 16:16:39 +01:00
Shane Kilkelly
7919d5342b Remove obsolete add-email-to-project workflow 2017-09-19 15:57:19 +01:00
Shane Kilkelly
c87df7be79 Add token-access user refs to Project 2017-09-19 09:27:22 +01:00
Shane Kilkelly
8fece2d5f0 Add tokenBased access level 2017-09-18 10:58:13 +01:00
Shane Kilkelly
2011432120 Add tokens property to Project model 2017-09-18 10:27:28 +01:00
James Allen
adf211a226 Merge pull request #594 from sharelatex/ja-include-token-in-project-schema
Include OL tokens in project schema
2017-09-15 11:41:24 +02:00
Brian Gough
9f9c15f6f5 Merge pull request #599 from sharelatex/bg-reset-project-state
clear docupdater project state in deleteAuxFiles
2017-09-15 09:09:29 +01:00
Brian Gough
28a80cf23d Merge pull request #604 from sharelatex/bg-fix-root-doc-in-incremental-compile
fix root doc in incremental compile
2017-09-13 13:47:22 +01:00
Tim Alby
a04adbf132 remove extra security headers 2017-09-13 11:53:11 +02:00
Brian Gough
51eb94a493 handle incremental compile without root doc 2017-09-13 10:10:44 +01:00
Brian Gough
0e87b8950e update clearProjectState endpoint 2017-09-12 11:40:00 +01:00
Tim Alby
d6834ff417 add security headers using Helmet
- use all Helmet's default headers except `X-DNS-Prefetch-Control`
- use `Referrer-Policy`
- use cache headers when:
  - a user is logged in, OR
  - a project is displayed
2017-09-12 11:17:59 +02:00
Brian Gough
5430c8a3c2 Merge pull request #593 from sharelatex/bg-fix-inactive-projects-request
avoid error when passing as limit in mongo query
2017-09-11 08:16:28 +01:00
Brian Gough
6d73c48c36 Merge pull request #596 from sharelatex/bg-suppress-incremental-compile-after-errors
suppress incremental compile after errors
2017-09-11 08:15:50 +01:00
Brian Gough
2b4c8bd846 clear docupdater project state in deleteAuxFiles 2017-09-08 15:57:29 +01:00
Brian Gough
e8435e3eae make condition clearer for incremental compile 2017-09-08 13:39:24 +01:00
Brian Gough
03a5ff2e43 skip incremental compile after docupdater error 2017-09-07 15:06:09 +01:00
Shane Kilkelly
586d1f1599 Merge pull request #531 from sharelatex/sk-allow-explicit-ses-email-config
Instantiate the ses client if explicitly specified.
2017-09-07 10:21:01 +01:00
Brian Gough
3ac0e97a14 avoid error when passing as limit in mongo query
convert request parameter from string to number
2017-09-05 12:33:13 +01:00
Brian Gough
e2368615e2 Merge pull request #589 from sharelatex/bg-check-options-for-incremental-compile
include the options in the project state hash
2017-09-05 11:53:17 +01:00
Brian Gough
2e6c578dd7 add ol-style.css to fingerprint list 2017-09-05 10:54:26 +01:00
James Allen
39320c20b8 Include OL tokens in project schema 2017-09-05 10:50:39 +02:00
Brian Gough
d9557fcbf5 include the options in the project state hash 2017-09-01 16:36:51 +01:00
Shane Kilkelly
3d0268a486 Add other required properties for project load. 2017-09-01 11:36:23 +01:00
Shane Kilkelly
68f860b28d Load user features alongside id and email.
Fixes a bug where project features were not applied properly,
and instead fell back to the free-account defaults.
2017-09-01 11:16:45 +01:00
James Allen
9c4dc40abf Merge pull request #583 from sharelatex/ja-import-projects
Add in UserStub model and support in collaborators view
2017-08-29 16:06:00 +02:00
James Allen
a58a715fad Merge pull request #570 from sharelatex/ho-null-check-redis-sessions
Ho null check redis sessions
2017-08-29 15:44:22 +02:00
James Allen
8d268e9d42 Merge pull request #580 from sharelatex/ja-import-collaborators
Add in UserStub model and support in collaborators view
2017-08-29 15:43:54 +02:00
James Allen
ba43e45f85 Merge pull request #578 from sharelatex/ja-import-projects
Update Project schema for overleaf imports
2017-08-29 15:43:39 +02:00
James Allen
bb6ca9ba51 Update Project schema 2017-08-29 15:21:05 +02:00
Brian Gough
f9d1650c6a Merge pull request #569 from sharelatex/bg-compile-from-redis
compile from redis
2017-08-25 09:09:52 +01:00
James Allen
d5839437fd Add in UserStub model and support in collaborators view 2017-08-24 17:48:47 +02:00
James Allen
b4254f06ef Update Project schema for overleaf imports 2017-08-21 17:49:08 +02:00
Brian Gough
90ff58b820 compute project state hash from sorted docs/files 2017-08-16 10:49:29 +01:00
Brian Gough
739445336f remove unused code and fix flushing 2017-08-15 16:00:00 +01:00
Brian Gough
4789dd23ee docupdater will parse lines in getProjectDocs
no need to do this in web now
2017-08-11 16:57:23 +01:00
James Allen
1f326f7990 Merge pull request #575 from sharelatex/ja-overleaf-oauth
Allow OAuth based log-ins from Overleaf
2017-08-10 10:28:41 +02:00
Brian Gough
e2048e1ed5 use incrementalCompilesEnabled as option name 2017-08-09 16:25:57 +01:00
Brian Gough
836bddd91f comment about 409 code in DocumentUpdaterHandler 2017-08-09 16:00:11 +01:00
Brian Gough
ddecd26718 flush documents to mongo on incremental compiles 2017-08-09 15:47:44 +01:00
James Allen
7538c8834f Merge branch 'master' into ja-per-user-track-changes 2017-08-09 14:05:36 +02:00
James Allen
a0a45ee654 Update date 2017-08-09 14:02:40 +02:00
Brian Gough
7eb1c01994 add metrics for incremental compiles 2017-08-09 11:41:09 +01:00
Brian Gough
97b129cbe3 enable incremental compilation for beta users 2017-08-09 10:57:24 +01:00
James Allen
638eeb1247 Update Server.coffee 2017-08-09 11:51:08 +02:00
James Allen
17e849792c Pull out logic into module 2017-08-09 11:50:05 +02:00
Brian Gough
8aa77cec5e provide fallback to normal compile method 2017-08-08 16:48:47 +01:00
Brian Gough
203e42fa4c clean up options handling 2017-08-08 16:48:37 +01:00
James Allen
eac0ce8353 Initial spike of Overleaf based logins 2017-08-08 14:00:21 +02:00
Brian Gough
31e71854a4 fix unit tests 2017-08-08 11:38:31 +01:00
Brian Gough
849e905efb simplify incremental request to docupdater
if project state hasn't changed, get the docs from the docupdater -- we
check/set the hash and return the docs in a single request.  Otherwise
do a full request from mongo.
2017-08-07 14:45:04 +01:00
Brian Gough
1321009fe1 update docupdater endpoint to /project/id/docs 2017-08-03 14:40:46 +01:00
Henry Oswald
33fe252a15 null check user during logout 2017-08-03 13:26:14 +01:00
Henry Oswald
35f31d5a3c null check the user correctly 2017-08-03 13:17:39 +01:00
Brian Gough
38c879faf2 improve comment about ClsiStateManager hash 2017-08-03 12:15:27 +01:00
Brian Gough
6d331e8ffd use projectStateUnchanged instead of stateOk 2017-08-03 12:10:23 +01:00
Brian Gough
f44b844d74 refer to project state as projectStateHash 2017-08-03 12:08:11 +01:00
Brian Gough
5c02255e07 use syncType and syncState for clsi state options 2017-08-03 11:44:10 +01:00
Brian Gough
fb29ac3031 clean up logging 2017-08-03 11:36:59 +01:00
Brian Gough
0a859d3b33 clean up state manager 2017-08-03 11:36:23 +01:00
Brian Gough
a955b8fcc9 remove unused inline function 2017-08-03 11:35:42 +01:00
Brian Gough
a4117487e9 switch from mongoose to mongojs in ClsiManager
for efficiency
2017-08-03 11:35:42 +01:00
Brian Gough
17b1075dc9 add rootFolder to attributes in Clsi request 2017-08-03 10:20:57 +01:00
James Allen
86a38df6e0 Merge pull request #563 from sharelatex/pr-support-html-encoded-i18n
Support HTML encoded i18n
2017-08-03 10:36:35 +02:00
James Allen
3d9da02815 Merge pull request #555 from sharelatex/sk-password-policy
Enforce stricter password policy.
2017-08-03 10:35:00 +02:00
James Allen
28838eff60 Merge pull request #567 from sharelatex/ja-admin-panel-additions
Some refactoring and methods needed to support the admin panel
2017-08-03 10:34:33 +02:00
Brian Gough
4d4cf4f693 project state can be stored per project
there is no need to store it per project+user because it reflects the
state of the project itself
2017-08-02 16:25:47 +01:00
Brian Gough
cf780fd8bb start making requests incremental 2017-08-02 13:53:32 +01:00
James Allen
10f362a77a Add SubscriptionUpdater.deleteSubscription 2017-08-02 09:59:45 +02:00
Brian Gough
66cd6ada14 allow querying folders from existing project
avoid loading the project unnecessarily
2017-08-01 14:39:02 +01:00
Brian Gough
7a39eeb2ea make request to docupdater for current docs 2017-08-01 14:38:34 +01:00
Paulo Reis
d576aa5b9d Update date threshold to show the per-user TC dialog. 2017-08-01 12:01:17 +01:00
Paulo Reis
fbce49f5cd Merge branch 'master' into ja-per-user-track-changes 2017-08-01 10:56:02 +01:00
Shane Kilkelly
ba3550759d Persist autoPairDelimiters setting. 2017-07-31 08:36:13 +01:00
Paulo Reis
4849c705de Optionally ask the translate local method to HTML encode; use it in the problematic tooltip. 2017-07-28 17:31:28 +01:00
Brian Gough
d66382382f split request to mongo into separate method 2017-07-28 15:17:10 +01:00
Brian Gough
3e28eca26f move docupdater flush to point of use 2017-07-28 15:11:07 +01:00
Shane Kilkelly
0f131d940d Enforce stricter password policy.
- Check minimum password lengths
- Set default policy to 6-128 chars
2017-07-24 11:06:47 +01:00
Shane Kilkelly
4c637301f7 Add rate-limit to change-password action 2017-07-21 11:07:05 +01:00
Shane Kilkelly
8e55b77055 Move recurly callback to the public api router. 2017-07-20 13:51:11 +01:00
Paulo Reis
d69a7577f5 Check in Analytics if user has already been informed about per-user TC. 2017-07-07 10:38:13 +01:00
James Allen
710c89a629 Support per user track changes (proof of concept) 2017-07-07 10:38:13 +01:00
Shane Kilkelly
04c94760f5 Merge branch 'sk-auto-pair-braces' into sk-ac-improvements-integration 2017-07-06 14:39:28 +01:00
Shane Kilkelly
34b2012727 Enable (optional) auto-pairing for latex mode 2017-07-06 11:06:51 +01:00
Brian Gough
0ae93db08b use ApiErrorHandler on public api 2017-07-05 15:06:23 +01:00
Brian Gough
1dbeebabd2 move status and health checks to public api router 2017-07-05 14:50:38 +01:00
Brian Gough
845ee51a67 rename apiRouter -> privateApiRouter in router 2017-07-05 14:43:41 +01:00
Brian Gough
bd83d94f64 rename apiRouter -> privateApiRouter in Modules 2017-07-05 14:41:14 +01:00
Brian Gough
29b40ad824 add public api router 2017-07-05 14:32:55 +01:00
Brian Gough
3e8ad69f3c make loading of module routes more robust 2017-07-05 11:46:29 +01:00
Brian Gough
5ad3fd769d preserve original /status message 2017-07-04 12:42:54 +01:00
Brian Gough
b2f676af5a avoid duplicate routes for /status 2017-07-04 12:41:51 +01:00
Brian Gough
dbbc4966d8 Merge pull request #513 from sharelatex/bg-split-web-and-web-api
split web and web api
2017-07-04 08:51:00 +01:00
Shane Kilkelly
b73b78e570 Merge branch 'master' of github.com:sharelatex/web-sharelatex 2017-06-27 08:24:24 +01:00
Shane Kilkelly
0d5d59bb66 Remove user field from log, var not in scope 2017-06-26 13:56:22 +01:00
Henry Oswald
3da5ef818c null check subscription for group admin panel 2017-06-22 14:07:07 +01:00
Shane Kilkelly
1112a1f085 Instantiate the ses client if explicitly specified.
This allows end-users to use AWS features such as instance roles,
avoiding the use of explicit crendentials
2017-06-21 10:57:13 +01:00
Brian Gough
bac275962f put /ip on web router 2017-06-19 15:54:57 +01:00
Brian Gough
d32a3fbaf5 support status and health check on web and web-api 2017-06-19 15:54:14 +01:00
Brian Gough
02cb0f2295 make compiler health check available on web 2017-06-19 15:52:04 +01:00
Brian Gough
62d6933886 use settings instead of ENV for web/api split 2017-06-15 16:11:20 +01:00
Brian Gough
1ecabaa611 Revert "update pdfjs to v1.8.188"
This reverts commit 189e48dcc00f530eff674cc4a2b87c06814d45ff.
2017-06-15 11:14:01 +01:00
Shane Kilkelly
5a6415d3f8 Add logging for Labels http actions 2017-06-15 08:56:48 +01:00
Shane Kilkelly
9607174b64 Merge branch 'master' into sk-server-side-labels-loading 2017-06-15 08:49:14 +01:00
Brian Gough
9687daf97f Merge pull request #520 from sharelatex/bg-upgrade-pdfjs-1.8.188
upgrade pdfjs 1.8.188
2017-06-13 16:46:10 +01:00
Shane Kilkelly
b97becc7a2 Change getLabelsForDoc to broadcastLabelsForDoc 2017-06-13 11:38:15 +01:00
Shane Kilkelly
a3dbb16e50 Flush project before getting all project labels 2017-06-13 11:15:26 +01:00
Shane Kilkelly
bd6133aadb Remove callback-pattern from label parsers 2017-06-13 11:10:21 +01:00
Shane Kilkelly
c25b6b792d Namespace the document route under /doc/ 2017-06-13 10:57:51 +01:00
Shane Kilkelly
26be4f84d0 Re-use parser 2017-06-12 15:15:14 +01:00
Shane Kilkelly
0a491a4f13 Add comment, explain flushing of doc to mongo 2017-06-12 13:09:13 +01:00
Shane Kilkelly
ff4991284d Change docLabelsUpdated socket event to broadcastDocLabels 2017-06-12 13:06:56 +01:00
Shane Kilkelly
9f9468d0e0 Use lowercase project_id 2017-06-12 11:37:05 +01:00
Shane Kilkelly
965a46291b Only fetch labels for uploaded docs, not files 2017-06-08 15:55:17 +01:00
Shane Kilkelly
ff7955dfdb Update labels when docs are uploaded or removed 2017-06-08 15:12:18 +01:00
James Allen
4cecbae6b6 Use an email based invite system for groups, not holding accounts 2017-06-08 12:12:08 +01:00
Shane Kilkelly
feb1d87de1 Add test for LablesHandler 2017-06-08 10:25:39 +01:00
Brian Gough
ecf0857756 update pdfjs to v1.8.188 2017-06-06 12:19:13 +01:00
Brian Gough
b277ee3254 Merge pull request #511 from sharelatex/bg-handle-web-api-errors
use a separate error handler for api router errors
2017-06-06 09:22:28 +01:00
Shane Kilkelly
f7ad4a4786 WIP: basically working, with client sync 2017-06-05 14:48:50 +01:00
James Allen
d7981fd2d4 Merge pull request #512 from sharelatex/ja-project-name-validation
Refactor project name validation into one place and restrict /s
2017-06-05 11:55:39 +01:00
Shane Kilkelly
f29320dd93 Add ability to load labels from single document 2017-06-05 09:26:13 +01:00
Shane Kilkelly
4cb41a988a WIP: initial work on server-side labels 2017-06-02 15:12:59 +01:00
James Allen
e2be4b6293 Make .asy files editable when uploaded 2017-05-22 17:12:01 +01:00
James Allen
59085c1ddd Add missing require stubs and remove console.logs in unit tests 2017-05-22 15:33:52 +01:00
Brian Gough
4b188ce120 support separate processes for web and api
via an environment variable WEB_TYPE
2017-05-22 13:31:02 +01:00
James Allen
ba62206b91 Refactor project name validation into one place and restrict /s 2017-05-19 17:42:24 +01:00
Brian Gough
5ac2ed8fc6 use a separate error handler for api router errors 2017-05-19 16:36:29 +01:00
James Allen
76b8fecde9 Merge pull request #509 from sharelatex/ja-fix-clsi-cookie-cluster
Don't try to set the server id if it isn't returned in the response
2017-05-19 15:00:18 +01:00
James Allen
01548a0216 Don't try to set the server id if it isn't returned in the response 2017-05-19 10:23:01 +01:00
Paulo Reis
e532f543a3 Merge branch 'master' into pr-bulk-actions 2017-05-18 14:38:16 +01:00
James Allen
39ca6d1e6c Merge pull request #508 from sharelatex/ja-fix-clsi-cookie-cluster
Check for blank string in clsi cookie caching
2017-05-18 11:12:11 +01:00
James Allen
f708a0cd81 Check for blank string in clsi cookie caching
ioredis returns "" for a blank entry, the previous driver returned null,
so also check for a blank string
2017-05-18 11:09:33 +01:00
Brian Gough
5237647b8b Merge pull request #489 from sharelatex/bg-improve-upload-robustness
improve stream error handling on upload
2017-05-17 15:26:03 +01:00
Shane Kilkelly
6338835baf Merge branch 'sk-sudo-mode' 2017-05-17 09:48:22 +01:00
Shane Kilkelly
4e3284cec8 Merge branch 'sk-dont-redirect-to-images' 2017-05-17 09:48:16 +01:00
Shane Kilkelly
25e0a19350 Make confirm-password routes more restful 2017-05-16 11:51:06 +01:00
Brian Gough
e23871118d Merge remote-tracking branch 'origin/master' into bg-improve-upload-robustness 2017-05-15 16:01:01 +01:00
Shane Kilkelly
60d3e4a97b If external auth system is in use, skip sudo-mode checks 2017-05-15 15:46:24 +01:00
Shane Kilkelly
707a81cc2a Correct title of confirm-password page 2017-05-15 15:46:11 +01:00
James Allen
5aa8b71832 Allow writing of clsi cookie cache to redis cluster secondary 2017-05-15 15:35:01 +01:00
Shane Kilkelly
c864288c4e On logout, clear sudo mode 2017-05-15 11:53:52 +01:00
Shane Kilkelly
0f75d9f4d9 Test SudoModeController 2017-05-15 10:56:43 +01:00
Paulo Reis
82a19444b3 Merge branch 'master' into pr-bulk-actions 2017-05-15 10:29:15 +01:00
Shane Kilkelly
76285a1554 Start testing SudoModeController 2017-05-15 10:07:22 +01:00
Shane Kilkelly
8605dc83b4 Merge branch 'master' into sk-sudo-mode 2017-05-15 09:21:13 +01:00
Shane Kilkelly
0e26222551 Don't redirect to images, icons, etc, in login workflow 2017-05-12 15:46:16 +01:00
Shane Kilkelly
1640dfa79a Merge branch 'sk-fix-cooldown-tpds' 2017-05-12 09:11:23 +01:00
James Allen
3bfd92dd9c Rename lock to avoid potential conflict with doc updater 2017-05-11 15:27:01 +01:00
Shane Kilkelly
7b0aca7f02 add cooldown to tpds mergeUpdate path 2017-05-11 11:29:57 +01:00
Shane Kilkelly
a08dd26ef3 Remove CooldownMiddlewear from Tpds routes 2017-05-11 10:07:04 +01:00
Shane Kilkelly
e6286c721d Merge branch 'master' into sk-fix-large-projects 2017-05-11 08:40:17 +01:00
Shane Kilkelly
01ee104f77 Revert "update to newest mongoose"
This reverts commit 7b05891ba0e87e4cf00fd6b1ea87d7406dc70989.
2017-05-10 15:31:17 +01:00
Shane Kilkelly
08567ff220 if projectId is not defined, error out 2017-05-10 15:25:23 +01:00
Shane Kilkelly
b8e4cafd81 Fix log line 2017-05-10 15:16:36 +01:00
Shane Kilkelly
27842996aa start testing SudoModoController 2017-05-10 15:15:57 +01:00
James Allen
274d6f4ac6 Merge pull request #493 from sharelatex/ja-redis-cluster-refactor
Move all redis end points to be cluster compatible
2017-05-10 14:38:37 +01:00
Shane Kilkelly
16128288a9 Add sudo-mode protection to sessions page 2017-05-10 11:36:19 +01:00
Shane Kilkelly
5a97521b04 Fix typo in log message 2017-05-10 11:36:05 +01:00
Shane Kilkelly
a3a2108526 Increase sudo-mode time to one hour 2017-05-10 11:35:47 +01:00
Shane Kilkelly
094784b6d5 protect settings page with sudo-mode middlewear 2017-05-10 10:25:32 +01:00
Shane Kilkelly
029c96c7cc Add sudo-mode 'confirm password' prompt 2017-05-10 10:05:48 +01:00
Shane Kilkelly
fd0176c0cf if project goes over maximum allowed files, put on cooldown 2017-05-09 14:20:29 +01:00
Shane Kilkelly
8e90b7fb9b Add Cooldown to Tpds routes 2017-05-09 13:54:11 +01:00
Shane Kilkelly
149e38855f Add a cooldown mechanism for projects which go over limits 2017-05-09 11:40:42 +01:00
Shane Kilkelly
c5c0364d49 update to newest mongoose 2017-05-08 16:09:59 +01:00
Paulo Reis
3ced808411 Use a single accept changes method. 2017-05-05 15:19:31 +01:00
James Allen
014e3afb36 Don't call sync functions inside async
Calling sync functions inside async can trigger the node max stack size.
Instead, build up our unique list of ids in advance, so we only call a
method in async for each user we actually need to look up, asynchronously.
Then use all the cached values synchronously afterwards.
2017-05-04 17:04:20 +01:00
Paulo Reis
19828d3c5b Basic bulk accept support. 2017-05-04 15:33:47 +01:00
James Allen
8449b0417c Move all redis end points to be cluster compatible 2017-05-04 15:22:54 +01:00
Brian Gough
679680532f improve stream error handling on upload 2017-04-28 14:47:18 +01:00
Brian Gough
46f693519a return 404 for api request on missing doc 2017-04-27 16:41:53 +01:00
Henry Oswald
3bdd5a4a2e Merge pull request #483 from sharelatex/ja-dont-fail-on-tpdsworker-error
Continuing flushing document on tpds worker error
2017-04-25 09:19:13 +01:00
Henry Oswald
5d55e383c7 Merge pull request #485 from sharelatex/sk-warn-on-zip-failure
when the uploaded file is not a zip, warn instead of error
2017-04-25 09:18:17 +01:00
Henry Oswald
efe5e9efb0 Merge pull request #484 from sharelatex/ho-rate-limit-compiles
added rate limit to compile endpoint
2017-04-25 09:17:27 +01:00
Shane Kilkelly
779336e5b0 when the uploaded file is not a zip, warn instead of error 2017-04-13 15:12:54 +01:00
Shane Kilkelly
a9b8b864df Move content-disposition setting into a method on res 2017-04-12 16:00:02 +01:00
Shane Kilkelly
02d75deaa0 when setting content-disposition, uri-encode names 2017-04-12 09:31:59 +01:00
Henry Oswald
0961a034ea added rate limit to compile endpoint 2017-04-11 16:08:38 +01:00
James Allen
6d2f18016f Move tpds worker error ignoring logic into tpdsUpdateSender 2017-04-11 15:41:17 +01:00
James Allen
7c8f228f48 Continuing flushing document on tpds worker error 2017-04-11 14:02:08 +01:00
Shane Kilkelly
bb65da88fe Merge branch 'master' into node-6.9 2017-04-05 10:15:51 +01:00
Shane Kilkelly
0555154a24 Merge branch 'sk-fix-folder-creation' 2017-04-04 11:01:07 +01:00
Shane Kilkelly
043520fc28 Remove the Metrics module, use metrics-sharelatex 2017-04-03 16:18:30 +01:00
Shane Kilkelly
bee62400a6 Merge branch 'master' into sk-upgrade-metrics 2017-03-31 14:08:12 +01:00
Shane Kilkelly
cc81eca902 Account for error being null 2017-03-31 10:46:13 +01:00
Shane Kilkelly
2c62acee0b Cleaner error reporting for addFolder endpoint 2017-03-31 10:31:03 +01:00
James Allen
3bf19a38ee Merge pull request #467 from sharelatex/ja-validate-recurly-subscription-on-creation
Handle a 404 from Recurly if account doesn't exist
2017-03-28 16:06:25 +01:00
James Allen
08699d7aa2 Handle a 404 from Recurly if account doesn't exist 2017-03-28 15:46:58 +01:00
James Allen
f53234271f Merge pull request #465 from sharelatex/sk-hide-email-errors
If sending email fails, return a generic error.
2017-03-28 13:16:43 +01:00
James Allen
2e6e51eb6d Merge pull request #464 from sharelatex/ja-validate-recurly-subscription-on-creation
Check Recurly for subscription as well before creating subscription
2017-03-28 13:15:58 +01:00
Brian Gough
835d8d618d use error handler 2017-03-28 11:33:37 +01:00
Brian Gough
6002fdbad6 return 404 on project details not found 2017-03-28 10:30:53 +01:00
Brian Gough
f433510e61 return NotFound error in ProjectDetailsHandler 2017-03-28 10:12:52 +01:00
Brian Gough
4e66b045e3 fix unhandled exception in ProjectDetailsHandler 2017-03-28 09:44:50 +01:00
Shane Kilkelly
d2e1efe4a9 fix a daft mistake 2017-03-27 17:45:19 +01:00
Shane Kilkelly
69b9b308d4 If sending email fails, return a generic error.
This prevents us from leaking juicy details of our aws/ses setup via the
password-reset form.
2017-03-27 16:17:38 +01:00
James Allen
7aa4c0c030 Check Recurly for subscription as well before creating subscription 2017-03-27 12:07:43 +01:00
Henry Oswald
f27dfa54f1 fixup AuthenticationController from missing module after merge 2017-03-27 09:42:49 +01:00
Henry Oswald
9c7465fd64 Merge pull request #461 from sharelatex/ho-annom-user-events
add identify on login
2017-03-27 09:28:34 +01:00
Henry Oswald
aa4f768513 Merge pull request #455 from sharelatex/ho-bug-fix
multiple small bug fixes
2017-03-27 09:28:28 +01:00
Henry Oswald
379efcb04a Merge branch 'master' into ho-annom-user-events 2017-03-27 09:28:03 +01:00
Henry Oswald
ed4a321906 remove extra debug route 2017-03-23 15:39:12 +00:00
Henry Oswald
cff922a0f5 idendify -> identify 2017-03-22 16:01:26 +00:00
Henry Oswald
ebdce6169e idendifyUser on login 2017-03-22 15:50:49 +00:00
Shane Kilkelly
1663f2a8eb Use res.send, not next 2017-03-21 11:09:39 +00:00
Shane Kilkelly
1ed1eaaa05 If analytics is not configured, produce a ServiceNotConfiguredError 2017-03-21 10:57:39 +00:00
Shane Kilkelly
8a8a5a7079 Add a 'ServiceNotConfiguredError' to Errors module. 2017-03-21 10:57:09 +00:00
Henry Oswald
ca3849c0c2 jpeg -> json 2017-03-20 11:08:42 +00:00
Shane Kilkelly
a64f890ed0 Upgrade metrics api 2017-03-17 14:55:41 +00:00
Henry Oswald
625fa810c2 validate mongo id in getPrivilegeLevelForProject
https://sentry.io/sharelatex-1/sl-web-server-prod/issues/204397665/
2017-03-17 14:44:51 +00:00
Henry Oswald
8ee2e5ba63 null check folder in findElement
https://sentry.io/sharelatex-1/sl-web-server-prod/issues/236000085/
2017-03-17 13:29:20 +00:00
Henry Oswald
31b1c53faa proxy jpg to blog backend
https://sentry.io/sharelatex-1/sl-web-server-prod/issues/212236471/
2017-03-17 13:24:50 +00:00
Henry Oswald
e5468983ce clone project plow though null doc/file/folders
https://sentry.io/sharelatex-1/sl-web-server-prod/issues/227107799/
2017-03-17 13:21:30 +00:00
Henry Oswald
d453a4d5c7 null check stat when we check file on disk
https://sentry.io/sharelatex-1/sl-web-server-prod/issues/125814174/
2017-03-17 13:03:16 +00:00
Shane Kilkelly
f2b5901776 wip: use new metrics.timeAsyncMethod 2017-03-16 10:59:18 +00:00
Shane Kilkelly
1ce48e971a Merge branch 'sk-fix-file-upload' 2017-03-10 11:30:03 +00:00
James Allen
604aa7859e Merge pull request #449 from sharelatex/ho-trust-blog-urls
don't add /blog to the start of blog urls in annoucements
2017-03-09 13:28:36 +00:00
James Allen
6068ac8f88 Merge pull request #450 from sharelatex/pr-review-feature-page
Review features page
2017-03-09 13:28:25 +00:00
Shane Kilkelly
ec25ee9045 When upload to filestore fails, produce an error 2017-03-09 10:11:45 +00:00
James Allen
b75d0ab3eb Don't show onboarding for newly registered users 2017-03-09 09:13:49 +00:00
Henry Oswald
63b84d3724 don't add /blog to the start of blog urls in annoucements
also up timeout
2017-03-08 17:58:22 +00:00
Henry Oswald
d722f47b0f add indentify option and uuid for users not logged in 2017-03-08 17:51:35 +00:00
Paulo Reis
a5e2ae3853 New URL; style adjustments. 2017-03-08 12:25:21 +00:00
James Allen
eb30c46458 Turn on track changes for everyone and take out of beta 2017-03-08 11:58:16 +00:00
James Allen
a4464a330c Merge pull request #446 from sharelatex/ja-track-changes-module
Pull track changes backend into a module
2017-03-06 11:27:11 +00:00
Paulo Reis
5459ae8daa Prepare to use a static feature page. 2017-03-03 17:15:29 +00:00
James Allen
2b36a443c9 Pull track changes backend into a module 2017-03-02 16:45:24 +00:00
Brian Gough
e24873a945 Merge pull request #444 from sharelatex/bg-upgrade-pdfjs-1.7.225
upgrade pdfjs 1.7.225
2017-03-02 14:04:52 +00:00
Brian Gough
6f392f2270 upgrade pdfjs to 1.7.225 2017-03-02 09:31:23 +00:00
Henry Oswald
8db684bd2d Update SystemMessageManager.coffee 2017-03-01 15:46:43 +00:00
Henry Oswald
1a9c035647 bring system message checks down to 1 min.
can take ages when at 5 mins
2017-02-28 18:53:34 +00:00
Shane Kilkelly
4945c0d478 Merge branch 'master' into node-6.9 2017-02-16 09:33:20 +00:00
James Allen
d01d6a35cf Only create Controller when showing onboarding 2017-02-15 09:47:37 +01:00
Shane Kilkelly
2d0a7b2bdb Merge branch 'master' into node-6.9 2017-02-14 14:42:35 +00:00
James Allen
b40b9add5a Turn on track changes for beta users 2017-02-14 15:28:21 +01:00
James Allen
a0a4509edc Avoid underscore (_) name overwriting 2017-02-14 15:26:36 +01:00
James Allen
c8096facfb Merge pull request #421 from sharelatex/ho-announcments
mark announcments before user signs up as read
2017-02-14 15:12:10 +01:00
Henry Oswald
27caf4d555 mark announcments before user signs up as read 2017-02-14 12:29:48 +00:00
Shane Kilkelly
621a07aff2 Merge branch 'master' into node-6.9 2017-02-14 11:01:14 +00:00
James Allen
03ecf4b4ae Only show track changes onboarding once based on analytics API events 2017-02-14 10:25:46 +01:00
James Allen
1d58efbca0 Don't enable for beta users just yet 2017-02-13 12:42:53 +01:00
James Allen
e99c9a2065 Enable track changes for beta users 2017-02-13 12:09:47 +01:00
James Allen
47a66eed50 Merge branch 'ja-include-track-changes-feature' into pr-track-changes-upgrade-prompt 2017-02-13 11:50:56 +01:00
James Allen
4728077cca Add track changes feature flag into model 2017-02-13 11:50:32 +01:00
Shane Kilkelly
6a161b4071 remove commented out code 2017-02-06 16:35:52 +00:00
Shane Kilkelly
7d5dc34b3e fix the set-password form for new (admin-created) users 2017-02-06 14:58:54 +00:00
James Allen
935847f2a1 Add track changes flag into user model 2017-02-03 14:47:04 +01:00
James Allen
343abfde23 Use user feature flags to determine track changes state 2017-02-03 14:36:11 +01:00
Shane Kilkelly
e2a207d618 Merge branch 'master' into sk-pug 2017-01-31 09:39:06 +00:00
James Allen
e7efa40c75 Merge pull request #401 from sharelatex/ja-spam-code-fixes
Refactor rate limiting code around sending invites
2017-01-31 10:21:55 +01:00
Shane Kilkelly
4e9426e6bf Merge branch 'master' into sk-pug 2017-01-30 14:36:10 +00:00
Shane Kilkelly
3ed85dad42 Merge branch 'master' into sk-upgrade-uuid 2017-01-30 11:09:50 +00:00
James Allen
b086d7afa2 Refactor rate limiting code around sending invites 2017-01-27 16:26:58 +01:00
James Allen
757c7002eb Merge pull request #397 from sharelatex/ja-modify-threads
Allow editing/deleting of comments and threads
2017-01-25 15:50:00 +01:00
Shane Kilkelly
e2f4fc3653 Merge branch 'master' into sk-rate-limit-cluster 2017-01-25 10:52:34 +00:00
Henry Oswald
3eb13ccdd1 fix stupid mistake 2017-01-25 10:38:39 +00:00
Henry Oswald
2a00b9c7a2 use user._id for error log 2017-01-25 10:33:30 +00:00
Shane Kilkelly
239164fe26 Merge branch 'master' into sk-rate-limit-cluster 2017-01-25 09:56:08 +00:00
Henry Oswald
cc717f0357 domainAnnouncementsToShow -> domainAnnouncements 2017-01-25 09:44:13 +00:00
Henry Oswald
02e6eb4dd1 Merge pull request #399 from sharelatex/ho-promote-case-study
promote domain alerts
2017-01-25 09:41:50 +00:00
Henry Oswald
1280a2313d add check for id to exist in domain announcments
null check user at start of getUnreadAnnouncements
fix spelling mistake
2017-01-25 09:35:11 +00:00
Henry Oswald
13d21b881f use new annoncments feature for case study info 2017-01-24 16:03:05 +00:00
James Allen
f9ba7392e9 Allow editing/deleting of comments and threads 2017-01-24 16:21:14 +01:00
Henry Oswald
2341a8481a Merge branch 'master' into ho-promote-case-study 2017-01-24 14:49:35 +00:00
Shane Kilkelly
a148eb1f43 Merge branch 'master' into sk-rate-limit-cluster 2017-01-24 09:24:47 +00:00
Shane Kilkelly
0add3ed66e Merge branch 'master' into sk-upgrade-uuid 2017-01-23 10:04:31 +00:00
Shane Kilkelly
abbffb8e4b Remove deprecated node-uuid package, replace with uuid. 2017-01-23 10:03:16 +00:00
Henry Oswald
9153ffac41 limit project name in email to 40 chars 2017-01-21 12:58:16 +00:00
Henry Oswald
74240e28c7 rate limit via ip the number of invite to project requests 2017-01-21 12:44:09 +00:00
Henry Oswald
6d35585847 limit number of invites each user can do
done with the number of collaborators a user can add
prevents notifications getting filled up as well
2017-01-21 12:43:15 +00:00
Shane Kilkelly
cfa2777d62 Merge branch 'sk-launchpad' 2017-01-20 13:58:16 +00:00
Shane Kilkelly
57cd54bf55 WIP: migrate from jade to pug 2017-01-20 12:03:02 +00:00
Shane Kilkelly
8922c9dbf5 New email layout for "testEmail" 2017-01-18 15:28:51 +00:00
James Allen
3413687833 Merge pull request #393 from sharelatex/ja-track-changes
Ja track changes
2017-01-18 15:32:16 +01:00
Shane Kilkelly
707838baa4 Merge branch 'master' into sk-launchpad 2017-01-17 16:25:59 +00:00
Shane Kilkelly
59ab66fca2 Fix double-callback 2017-01-17 16:25:18 +00:00
James Allen
5a34d17947 Toggle track changes in a project based on the owner's feature switch 2017-01-17 15:59:18 +01:00
Shane Kilkelly
d7251c6bfe Merge branch 'master' into sk-launchpad 2017-01-17 14:55:08 +00:00
Shane Kilkelly
1137ab0715 Don't record redirect to static asset paths 2017-01-17 14:35:37 +00:00
Shane Kilkelly
70c7e32e58 Add a 'testEmail' email type 2017-01-17 10:52:04 +00:00
James Allen
9c0bf885be Merge branch 'master' into ja-track-changes 2017-01-17 10:16:41 +01:00
Shane Kilkelly
82ddeab2bd If user tries to invite themselves to project, don't. 2017-01-16 13:45:01 +00:00
Shane Kilkelly
635b935acc Add an acceptance test for login rate limits, cleanup 2017-01-16 11:46:59 +00:00
Henry Oswald
fed88504f8 rate limit emails sent sharing projects by users 2017-01-14 14:52:32 +00:00
Shane Kilkelly
25956d4c62 Fix up tests 2017-01-13 16:04:26 +00:00
Shane Kilkelly
525e871d55 Merge branch 'master' into sk-rate-limit-cluster 2017-01-13 14:17:18 +00:00
James Allen
aab4dea8ae Merge branch 'master' into ja-track-changes 2017-01-13 13:46:01 +01:00
Shane Kilkelly
d17483fd47 Merge branch 'sk-top-menu-rework' 2017-01-12 13:24:47 +00:00
Henry Oswald
daee77f052 Merge pull request #387 from sharelatex/pr-email-template-improvements
Email template improvements
2017-01-12 12:34:35 +00:00
James Allen
f9b8ada215 track changes for anonymous users 2017-01-12 13:29:57 +01:00
James Allen
64b9fe52dd Handle deleted users in comments gracefully 2017-01-12 12:31:01 +01:00
James Allen
e7ab92b7c9 Only show users controls they have permission to use 2017-01-12 11:52:39 +01:00
Shane Kilkelly
5c25d15a18 WIP: try switch to rolling rate limiter 2017-01-12 09:25:18 +00:00
Shane Kilkelly
731f280e2e Move auth parts of top menu out of config and into web templates.
Move the remaining configuration into a new config var: `nav.header_extras`.
Add a `nav.showSubscriptionLink` var to control visibility of subscription link
in the Account menu.

This will allow admins to more easily configure extra links in the top
navigation bar, without the danger of overwriting the important auth menus.
2017-01-11 10:27:38 +00:00
Shane Kilkelly
f5ced03074 Set redirect when sending user to login page.
Allows smart redirecting to work when public access is turned off.
2017-01-10 15:42:36 +00:00
James Allen
f31fa98679 Sync track changes state between sessions and client 2017-01-10 16:11:12 +01:00
James Allen
d03aa7056e Rename /ranges/users end point to /changes/users 2017-01-10 13:43:53 +01:00
James Allen
4e128b6ab7 Send user data in /threads dat 2017-01-09 17:25:06 +01:00
James Allen
43f6b9de7c Inform other clients when we accept a change 2017-01-09 15:54:12 +01:00
James Allen
9379cff89d Add end point for accepting change in doc updater 2017-01-09 15:25:27 +01:00
James Allen
3a5d45fa32 Get user info via web, not chat 2017-01-06 13:41:58 +01:00
Henry Oswald
862e15b842 log out user id and anonymous when loading editor 2017-01-05 15:02:10 +00:00
James Allen
84d9b2aa49 Save resolve and reopened state 2017-01-04 16:26:02 +01:00
Shane Kilkelly
7bbbfe20b9 If external auth is used, remove /register items from header nav.
(logic moved from docker-image settings file)
2016-12-21 13:50:13 +00:00
Shane Kilkelly
64f69069b2 Experimental: upgrade to node 6.9.2 (latest LTS release) 2016-12-21 10:23:42 +00:00
Shane Kilkelly
259c589076 Add option to restrict invites to existing user accounts. 2016-12-20 09:54:42 +00:00
Shane Kilkelly
822f76a883 Add unit tests for RedisWrapper 2016-12-19 15:12:22 +00:00
Shane Kilkelly
d428f9adbc Make LoginRateLimiter a thin wrapper around RateLimiter 2016-12-19 14:10:51 +00:00
Shane Kilkelly
03b541fb64 Fix small mistakes 2016-12-19 14:10:27 +00:00
Shane Kilkelly
9f787943b6 Remove stray redis imports. 2016-12-19 12:17:23 +00:00
Shane Kilkelly
ef0a5801d5 Create a RedisWrapper, and use it for rate limiting. 2016-12-19 12:17:02 +00:00
Paulo Reis
d6fcc21ab5 Add support for GMail go-to actions in the single CTA template. 2016-12-16 17:04:26 +00:00
James Allen
988005e929 Send and get comments via the chat api 2016-12-16 16:42:41 +00:00
Paulo Reis
869f729132 Fix forgotten templating function. 2016-12-16 15:15:06 +00:00
Paulo Reis
ca5040882f Use the new template in the join group email. 2016-12-16 14:57:59 +00:00
Paulo Reis
0fe3664a82 Use the new template in the reset pwd email. 2016-12-16 12:16:45 +00:00
Paulo Reis
2234c438a1 Support a secondary message in the single CTA email template. 2016-12-16 12:16:33 +00:00
Paulo Reis
7dfc2c61a6 Make the CTA button text configurable. 2016-12-16 10:06:56 +00:00
Paulo Reis
47a5eb5382 Add a new layout and body template for e-mails. 2016-12-15 17:22:39 +00:00
James Allen
293ba1fc4c Fetch all ranges from docstore when viewing overview panel 2016-12-09 15:43:08 +00:00
James Allen
1830d41eba Proxy ranges between doc updater and docstore 2016-12-08 14:09:06 +00:00
Henry Oswald
e6eeb86046 add read property to announcments 2016-12-07 11:39:22 +00:00
Shane Kilkelly
a5d2183441 if Recurly error, parse body xml rather than using regex match 2016-12-06 10:39:59 +00:00
Shane Kilkelly
58280bf6ee Merge branch 'master' into sk-user-delete-with-cancelled-sub 2016-12-06 09:31:42 +00:00
James Allen
48cc5a992f Merge branch 'master' into ja-set-version-in-docstore 2016-12-01 09:30:53 +00:00
Shane Kilkelly
e03d16e0cd Deleting user: if subscription is already cancelled, ignore and proceed. 2016-11-30 16:03:18 +00:00
Shane Kilkelly
d38890e9f4 Add the rolling option to session 2016-11-30 09:41:58 +00:00
James Allen
eb648b9bc8 Proxy version number to and from docstore 2016-11-29 17:16:56 +00:00
Henry Oswald
68ddf04fe8 to string record event check 2016-11-29 14:38:45 +00:00
Henry Oswald
6e9458e9e1 wip 2016-11-29 14:38:25 +00:00
Henry Oswald
aacdb1e96b to string record event check 2016-11-28 19:19:00 +00:00
Shane Kilkelly
a03ac8fe72 More robust session destruction after deleting user account. 2016-11-28 12:37:53 +00:00
Shane Kilkelly
52462d7020 Merge branch 'sk-sync-details-from-sso' 2016-11-28 10:11:59 +00:00
Shane Kilkelly
395135a655 Merge branch 'sk-post-login-redirect' 2016-11-28 09:52:14 +00:00
Shane Kilkelly
acce8853ba Remove redundant baseUrl from plans page. 2016-11-25 15:24:50 +00:00
Shane Kilkelly
2ab5ad4230 If we're updating details from a SSO source, don't allow editing on settings page. 2016-11-25 14:38:00 +00:00
Henry Oswald
4b59fdd453 added missing settings file to announcments controller 2016-11-25 11:59:50 +00:00
Henry Oswald
f130470971 log ip address of user when logging in 2016-11-25 11:59:50 +00:00
Shane Kilkelly
167f01857a Remove stray next params. 2016-11-24 14:15:01 +00:00
Shane Kilkelly
22101d0305 If user is sent to login page with explicit redirect, obey 2016-11-24 11:38:13 +00:00
Shane Kilkelly
cee3326ce3 fix omission of 'length' 2016-11-22 17:06:05 +00:00
Shane Kilkelly
8a4352fff2 Set redirect when redirecting from restricted 2016-11-22 16:54:03 +00:00
Shane Kilkelly
8089bb55a4 use session for the post-login redirect, remove redir query string. 2016-11-22 14:24:36 +00:00
Shane Kilkelly
da1be67aff Merge branch 'sk-ext-auth-show-email' 2016-11-18 09:34:05 +00:00
Shane Kilkelly
6606375cd7 Remove dead code: SessionInvalidator 2016-11-17 15:27:58 +00:00
Shane Kilkelly
fa146a1558 Remove redundant !! 2016-11-17 14:48:15 +00:00
Shane Kilkelly
3b8fbe8249 If using external auth, show non-editable email field.
Also defend server-side against setting email when using external auth.
2016-11-17 14:34:02 +00:00
Brian Gough
277894631a try out new pdfjs font fix
https://github.com/mozilla/pdf.js/pull/7705
2016-11-16 14:50:09 +00:00
Shane Kilkelly
f9774141b1 Fix up makeRequest, so it copes with analytics.url being un-configured. 2016-11-16 14:40:38 +00:00
Henry Oswald
5b3cd7ed2b use makeRequest func in analytics manager 2016-11-15 15:36:26 +00:00
Henry Oswald
a822cc0c92 don't log events from health check user 2016-11-15 13:41:15 +00:00
Henry Oswald
6776aa61f1 use new way to send status in express for healthcheck controlller 2016-11-15 11:04:13 +00:00
Henry Oswald
411b5324df don't try and send requests when analytics isn't enabled 2016-11-15 10:54:48 +00:00
Henry Oswald
d87067bc2f Merge branch 'announcments' 2016-11-15 10:38:01 +00:00
Henry Oswald
15564102a0 Update ProjectController.coffee 2016-11-15 10:34:57 +00:00
Shane Kilkelly
6c381b127c Count saml as an external authentication system. 2016-11-14 13:33:48 +00:00
Henry Oswald
666bfdf967 stop the /announcements call at controller level 2016-11-11 17:15:36 +00:00
Henry Oswald
5a13ee1077 use anlaytis api
- don’t talk to postgres
- show recent blog post announcments
- proxy all events to analytics api
2016-11-11 17:03:09 +00:00
Shane Kilkelly
2cf2199964 WIP: enable non-csrf routes from modules 2016-11-11 13:48:29 +00:00
James Allen
593e59450b Use different UserSessions keys for cluster vs normal redis session store 2016-11-10 14:31:48 +00:00
Shane Kilkelly
c3860dd7a7 Remove stray commented-out code, use mapSeries instead of map. 2016-11-09 14:36:25 +00:00
Shane Kilkelly
f6de4cbb44 Merge branch 'master' into sk-sessions-cluster 2016-11-09 12:10:46 +00:00
Shane Kilkelly
5f3098df38 Replace multi-ops with Async.series, tests passing 2016-11-09 11:03:03 +00:00
Shane Kilkelly
bfa0e7cf89 WIP: start moving web sessions to cluster 2016-11-08 15:32:36 +00:00
David J. Weller-Fahy
5efee51ed8 Pass ignoreTLS option to nodemailer 2016-11-02 13:14:54 -04:00
Shane Kilkelly
e7b09a81a7 Merge branch 'sk-passport-ldap' 2016-11-02 15:39:32 +00:00
Paulo Reis
840d52ef1a Remove default value from user model, but add it upon creation (i.e. affecting new users). 2016-11-01 16:36:26 +00:00
Shane Kilkelly
9cb3d8c4b8 Enable hook from module into passport init. 2016-11-01 14:06:54 +00:00
Shane Kilkelly
5c8cdd22cc Merge branch 'sk-account-delete-pass' 2016-10-28 11:02:41 +01:00
Shane Kilkelly
4c092e7ff1 Remove deprecated "projectSharedWithYou" email. 2016-10-28 10:37:10 +01:00
Shane Kilkelly
751a116921 add plainTextTemplate to all emails 2016-10-27 14:41:13 +01:00
Shane Kilkelly
1538f140f3 update test timestamp 2016-10-27 09:41:51 +01:00
Shane Kilkelly
dfd13e0815 Update AB test timestamp 2016-10-26 14:24:00 +01:00
Shane Kilkelly
d912c3b487 Merge branch 'master' into sk-plans-tidy 2016-10-26 13:47:26 +01:00
Shane Kilkelly
dc62b1a86e Remove deprecated endpoint for old delete-user 2016-10-26 11:18:36 +01:00
Shane Kilkelly
fc7bd4c2d3 fix logging 2016-10-26 10:57:34 +01:00
Shane Kilkelly
1c8721ceab Functioning account deletion with password 2016-10-25 16:23:50 +01:00
Brian Gough
baf09e4f3a avoid exception in LoggerSerializers 2016-10-25 15:50:05 +01:00
Brian Gough
bb06b97b3c avoid exception in logging null user 2016-10-25 15:01:59 +01:00
Shane Kilkelly
efe6df145c WIP: ask for password when deleting account 2016-10-25 14:33:47 +01:00
Brian Gough
3519fbe337 add worker-latex.js to fingerprints 2016-10-25 14:18:37 +01:00
Shane Kilkelly
6069d4dba3 Merge branch 'master' into sk-plans-tidy 2016-10-25 13:14:44 +01:00
Henry Oswald
450946212a log out health check failures 2016-10-21 18:59:28 +01:00
Shane Kilkelly
8c1d110688 Remove debug logs 2016-10-21 16:21:21 +01:00
Shane Kilkelly
d5a7514923 Add AB test for plans (+15 squashed commits)
Squashed commits:
[45c2237] Add a `subscription-form-switch-to-student` event
[1ad9b8f] change experiment name, and re-enable switch-to-student workflow
[f7cdb78] Remove debug
[4b9778a] Incorporate collaborator alternative plans
[701e80b] Add collaborator plans for heron and ibis
[287aa0f] AB test plans from editor page
[c74052e] Fix change-plan view for default plans
[1a947d6] Use correct plan codes
[1eecda7] Adjust prices
[69c4c7b] Introduce two plans
[8b8d5f8] Rename sixpack experiment
[c332002] Fix up the change-plan page
[c7af52d] Overhaul change-plan page, show only plans from current generation
[33d86bf] update plan
[5bbd946] Add a basic plans AB test
2016-10-21 16:17:37 +01:00