Commit graph

1321 commits

Author SHA1 Message Date
June Kelly
c4ecded316 Merge pull request #11508 from overleaf/jk-password-disallow-substring
[web] Metric for passwords too similar to email

GitOrigin-RevId: cf8320fc3c9561b4dc6d54a3e97db96400ece2a9
2023-02-02 18:22:17 +00:00
June Kelly
ac83dd9bb3 Merge pull request #11353 from overleaf/jk-remove-deprecated-public-access-levels
[web] Disallow deprecated access levels from being set

GitOrigin-RevId: cf276e849692be210a2dc7d896820579efc46952
2023-02-02 09:02:59 +00:00
June Kelly
be7b424a63 Merge pull request #11436 from overleaf/jk-increase-password-min-length-to-8
[web] Increase the minimum password length to 8 characters

GitOrigin-RevId: 94eb3c5605183b5e189babd3342dc308f403ebbd
2023-02-02 09:02:56 +00:00
Eric Mc Sween
75abea72b0 Merge pull request #11492 from overleaf/em-rate-limiter
Move all remaining rate limiters to rate-limiter-flexible

GitOrigin-RevId: 163ab2aebecb281057e552dc75591dd02028990c
2023-01-31 09:03:44 +00:00
Jakob Ackermann
1f14e08fa1 Merge pull request #11442 from overleaf/jpa-hybrid-pdf-download
[web] add hybrid download of compile output

GitOrigin-RevId: b9c6dfc86e3af2f7b1728e791f074ec6d5e0badf
2023-01-27 09:04:12 +00:00
Thomas
aa9b07d323 Merge pull request #11445 from overleaf/revert-11432-revert-11154-tm-lg-subscription-recurly-cache-name
Re-instate change property name for recurly status cache to recurlyStatus

GitOrigin-RevId: 3b3415d818629676ee44dbc558a6b87469fd1af0
2023-01-27 09:03:58 +00:00
Miguel Serrano
691438ee37 Merge pull request #11391 from overleaf/msm-history-controller-pipeline
[web] refactor `req.pipe` into `pipeline`

GitOrigin-RevId: 2b78ff1de3cb7e439824ef0847b3a3db9288b8c6
2023-01-25 09:06:34 +00:00
Thomas
f6ffae02a9 Merge pull request #11432 from overleaf/revert-11154-tm-lg-subscription-recurly-cache-name
Revert "Change property name for recurly status cache to recurlyStatus"

GitOrigin-RevId: 6870e421516fd705343f3e8651d8637f791063df
2023-01-25 09:06:03 +00:00
Thomas
0b6c69dc55 Change property name for recurly status cache to recurlyStatus (#11154)
* Change property name for recurly status cache to recurlyStatus

Co-authored-by: Lucie Germain <lucie.germain@overleaf.com>
GitOrigin-RevId: a1ff69d531519cd15b82ef72974e9702f43409ac
2023-01-25 09:05:48 +00:00
Miguel Serrano
b4e9bf3449 [web] pipe history zip download to history-v1 in CE/SP (#11362)
GitOrigin-RevId: 4ef181d1b79b3d0e2254af698defe0c2fa8c679f
2023-01-24 09:03:35 +00:00
Miguel Serrano
4a84922a2f Merge pull request #11346 from overleaf/msm-config-history-v1-sp
Configuration changes for FPH in CE/SP

GitOrigin-RevId: 990eb0fa6158d4815740413da085759d2cc5e231
2023-01-20 14:13:46 +00:00
Miguel Serrano
8b723c5363 Merge pull request #11160 from overleaf/msm-replace-uuid-crypto
Replace `uuid`/`node-uuid` with `node:crypto`

GitOrigin-RevId: 1be4f09c4681edac7e8bc58af3b5726d0d5ee322
2023-01-18 15:07:58 +00:00
Jakob Ackermann
59e587320a Merge pull request #11246 from overleaf/jpa-user-content-domain-access-check
[misc] prepare migration to user content domain

GitOrigin-RevId: 581ccab6d39ec021fb44a555a09e55441c35d0d1
2023-01-18 09:05:14 +00:00
Eric Mc Sween
f97a543d41 Merge pull request #11255 from overleaf/em-rate-limiter
Introduce rate-limiter-flexible

GitOrigin-RevId: c787397e276fb81015c7d045d191f2ad81ef542d
2023-01-18 09:04:51 +00:00
Thomas
ae4b4c09b8 Merge pull request #11019 from overleaf/tm-fix-subscription-creation-response-timeout
Fix createSubscription timing out if non-handled error occurs

GitOrigin-RevId: 4f40d7134d81e6c212b045b2b18da36eb0421a43
2023-01-18 09:03:51 +00:00
ilkin-overleaf
7e68b4f0d5 Merge pull request #11147 from overleaf/ii-subscriptions-pages-react-split-test
[web] React subscription split test

GitOrigin-RevId: 6656b3895030bc677483a3e30d5e998f5f7d1458
2023-01-13 09:04:52 +00:00
Alf Eaton
62b727fb61 Merge pull request #11008 from overleaf/msm-fix-email-helper-group
[web] Prevent NPE parsing RFC5322 email groups

GitOrigin-RevId: 57fa7dc523b94c44afdd45a790ff6c3e62e45214
2023-01-11 09:04:49 +00:00
Eric Mc Sween
bde79780a7 Merge pull request #10971 from overleaf/em-flush-docupdater-on-rename
Flush project in docupdater after a rename

GitOrigin-RevId: f08e722e9eb65e281965fe2603f8e97024edb8e9
2023-01-10 09:05:07 +00:00
Lucie Germain
c6f9da69da Merge pull request #10995 from overleaf/lg-update-tpds-dropbox-only
Only send updates to tpds if project is linked to dropbox

GitOrigin-RevId: 52d8bbfc229b74346dd440f283925a8d6eb6198a
2023-01-09 09:04:02 +00:00
Brian Gough
f27e0f124b Merge pull request #9797 from overleaf/bg-ignore-synctex-files
Improve handling of ignored files

GitOrigin-RevId: c202a4262297408e9bd1d7af9697c2d7dae17cb0
2022-12-21 09:05:04 +00:00
Mathias Jakobsen
38cc3394e3 Merge pull request #10793 from overleaf/mj-split-test-cleanup
Split test clean-up

GitOrigin-RevId: 7dd6178487022cbefcbc85797dacc3f3fbfa17e2
2022-12-21 09:04:04 +00:00
Brian Gough
2cc2da18a5 Merge pull request #10888 from overleaf/bg-case-sensitive-delete
Make dropbox deletes case-sensitive

GitOrigin-RevId: 090112ce82e38f15079053952db4b0a1544e8300
2022-12-15 09:04:17 +00:00
Dr. Sasha Göbbels
c9cf530e36 [web] Log messages to the project audit log and do so for enabling/disabling sharing (#10281)
GitOrigin-RevId: d6af26bcbafb4d1789fca6319fd343fe8c2ecd25
2022-12-13 09:04:08 +00:00
Eric Mc Sween
38df974ce1 Merge pull request #10739 from overleaf/em-history-mongo-backend
Send a history id from web when creating a project

GitOrigin-RevId: dd1417ae734c76990931885df1864a81a9439da0
2022-12-07 09:03:51 +00:00
ilkin-overleaf
2675cab92e Merge pull request #10394 from overleaf/ii-password-reset-and-strength-checking
[web] Password reset strength checking and UI updates

GitOrigin-RevId: 442a5c9e7e9d0a61d3ae649f3526bc3c02fd5704
2022-12-07 09:03:36 +00:00
Brian Gough
5c06b29e77 Merge pull request #10740 from overleaf/jpa-auto-compile-rate-limit-two-buckets
[web] split rate-limit tracking for auto-compiles into two buckets

GitOrigin-RevId: dcc743343010afe7d877fe5d37f020f10a8fd412
2022-12-06 09:04:10 +00:00
Eric Mc Sween
5083060fbb Merge pull request #10677 from overleaf/em-history-id-string
Represent history ids as strings instead of integers

GitOrigin-RevId: 18977195b65492836e570c571ec7e8c7e088612b
2022-12-02 09:04:29 +00:00
Tim Down
079a0dcae4 Merge pull request #10667 from overleaf/ii-dashboard-duplicate-projects
[web] Remove duplicate projects when fetching all users projects

GitOrigin-RevId: b850cd6ea5a03f01ba82eaaba101afd21a5098cc
2022-11-30 09:04:19 +00:00
Brian Gough
4589a57774 Merge pull request #10637 from overleaf/bg-delete-user-from-dropbox
delete user data from dropbox

GitOrigin-RevId: d586c73b4500f4fe718927f537ae770356eaefc1
2022-11-29 09:04:33 +00:00
Miguel Serrano
900c5b29cb Loose regex filter for analytics events (#10329)
Allows `Date` objects being sent as attribute values
and spaces in event segmentation values

GitOrigin-RevId: ce3bf5023941a011ba612e9a3a17b92f76f9860b
2022-11-08 09:03:31 +00:00
Jakob Ackermann
10c6bd20ab Merge pull request #10266 from overleaf/ab-split-test-no-serialization
[web] Skip mongoose object transformations for the split test cache

GitOrigin-RevId: 8fb5420f6f938c0ab7cfe1ca82c107c7ce3522ca
2022-11-03 09:03:44 +00:00
Miguel Serrano
c30f887727 Merge pull request #9936 from overleaf/msm-itm-referrer
`itm_referrer` for subscription attribution

GitOrigin-RevId: 2787b55e8b7e9e415e66abef8deb669f3adf0f0d
2022-10-26 08:03:52 +00:00
Jakob Ackermann
956cacaef7 Merge pull request #10139 from overleaf/jpa-split-test-min-chunk-size
[misc] add split test for a per request pdfCachingMinChunkSize

GitOrigin-RevId: 6a8a3c6267501789f2047a67b03db6ac6df427c3
2022-10-26 08:03:39 +00:00
June Kelly
9e824ac93c Merge pull request #9951 from overleaf/jk-audit-failed-login-attempts
[web] Audit failed login attempts

GitOrigin-RevId: 19325f808f77584891e1e12b5ed7aaa16aa6aec9
2022-10-20 08:03:44 +00:00
Eric Mc Sween
8f63e21026 Merge pull request #10005 from overleaf/em-revert-get-best-subscription
Revert "pass requester data when fetching best subscription"

GitOrigin-RevId: 7d66ef9d1c136cd729b648266117f42dd38e06b6
2022-10-18 08:03:49 +00:00
Timothée Alby
caeeedd764 Merge pull request #9794 from overleaf/ab-endpoint-add-remove-tag-multiple-projects
[web] Handle adding/removing multiple projects from a tag at once

GitOrigin-RevId: 7d052fa9930035286f8ce41433d6c3959817148a
2022-10-18 08:03:17 +00:00
Timothée Alby
adeaf4de79 Merge pull request #9983 from overleaf/jpa-web-fix-password-upgrade
[web] fix process for upgrading of password hashes

GitOrigin-RevId: 3bc99dbd8601c190d758080d70ea1a465bd9e542
2022-10-18 08:03:11 +00:00
Timothée Alby
2e70803492 Merge pull request #9798 from overleaf/ta-em-gs-best-subscription-fix
Fix Best Subscription Check

GitOrigin-RevId: a7ea5063d4287a421b96222763a59c15652c8d6f
2022-10-18 08:03:01 +00:00
Alexandre Bourdin
dce00bbefe Merge pull request #9789 from overleaf/ab-tags-controller-async-await
[web] Cleanup and move TagsController to async/await

GitOrigin-RevId: 9684e341146e533e5a06eb6001997adf56ecced0
2022-10-13 08:04:32 +00:00
Eric Mc Sween
da30da76b2 Merge pull request #9894 from overleaf/em-node-fetch-web
Replace request-promise with node-fetch in web

GitOrigin-RevId: 07dbb6db7fd42326807aaeb18e5ee39f7c3d4668
2022-10-13 08:04:24 +00:00
Thomas Mees
37b598fa5a Teardown premium features discoverability and implement variant
GitOrigin-RevId: 46dfa1aae117e1862c828bed568085dcd59acd8b
2022-10-12 08:04:51 +00:00
Jakob Ackermann
37c69ec830 Merge pull request #9493 from overleaf/jpa-dropbox-create-project-action
[misc] create new project (folder) when creating project in dropbox/web

GitOrigin-RevId: 4235b6ed66d0957bf45cb6f6009201ee02e188ca
2022-10-05 13:25:22 +00:00
Jakob Ackermann
ac91f40c08 Merge pull request #9316 from overleaf/jpa-dropbox-sync-detached-from-project-name
[misc] detach dropbox sync from project names

GitOrigin-RevId: 57b3a131aec81bc97ff4da57497950d6658eaeff
2022-10-05 13:25:08 +00:00
Miguel Serrano
74f44e655a Merge pull request #9617 from overleaf/msm-audit-log-collections
Move project/user audit logs to their own collections

GitOrigin-RevId: f6f89b3e2815c0fe5691a79eceb35b77b3c370d8
2022-09-30 08:04:17 +00:00
Jakob Ackermann
13acf0dbd7 Merge pull request #9755 from overleaf/jpa-dropbox-use-project-id-from-web
[misc] let web feed back projectId to resolve "unknown project" updates

GitOrigin-RevId: d005370e7a1e7a4a5d9e54d62e47dfff3541f8f1
2022-09-28 08:07:32 +00:00
June Kelly
3288f87dbe [web] Password set/reset: reject current password (redux) (#8956)
* [web] set-password: reject same as current password

* [web] Add 'peek' operation on tokens

This allows us to improve the UX of the reset-password form,
by not invalidating the token in the case where the new
password will be rejected by validation logic.

We give up to three attempts before invalidating the token.

* [web] Add hide-on-error feature to async forms

This allows us to hide the form elements when certain
named error conditions occur.

* [web] reset-password: handle same-password rejection

We also change the implementation to use the new
peekValueFromToken API, and to expire the token explicitely
after it has been used to set the new password.

* [web] Validate OneTimeToken when loading password reset form

* [web] Rate limit GET: /user/password/set

Now that we are peeking at OneTimeToken when accessing this page,
we add rate to the GET request, matching that of the POST request.

* [web] Tidy up pug layout and mongo query for token peeking

Co-authored-by: Mathias Jakobsen <mathias.jakobsen@overleaf.com>
GitOrigin-RevId: 835205cc7c7ebe1209ee8e5b693efeb939a3056a
2022-09-28 08:06:54 +00:00
Mathias Jakobsen
b5e2604041 [web] Upgrade restricted user access if they are invited members (#9401)
* [web] Upgrade restricted user access if they are invited members

Previously, if a user joined a project via a read-only link and later on
joined the project via an invite, we would still treat them as
restricted users, disabling chat and commenting. This patch changes
that, so that we do *not* consider an invited user restricted.

GitOrigin-RevId: e2acdfd29cc0687cb7276310a9c96d697087b21a
2022-09-28 08:06:44 +00:00
Eric Mc Sween
33d9f08599 Merge pull request #9696 from overleaf/em-fix-dropbox-top-level
Fix Dropbox metadata collection for top level folders

GitOrigin-RevId: a6262968f206cfd3459f2bae628f156d22bccd91
2022-09-22 08:04:29 +00:00
Eric Mc Sween
a6307d8497 Merge pull request #9658 from overleaf/em-dropbox-folder-sync
Sync folder creation from Dropbox to Overleaf

GitOrigin-RevId: a2749ab8d9db7dd312818b46d6e72f1dbaaaff2e
2022-09-22 08:04:22 +00:00
Eric Mc Sween
59cdcccc26 Merge pull request #9647 from overleaf/bg-dropbox-to-overleaf-existing-doc
handle updates to existing doc in dropbox to overleaf metadata

GitOrigin-RevId: e82955a4a76e62fb649263a94103fdb7f322de85
2022-09-22 08:04:11 +00:00