Jakob Ackermann
15244a54be
[misc] WebsocketController: limit the update size to 7mb
...
bail out early on -- especially do not push the update into redis for
doc-updater to discard it.
Confirm the update silently, otherwise the frontend will send it again.
Broadcast a 'otUpdateError' message and disconnect the client, like
doc-updater would do.
2020-03-24 09:12:12 +01:00
Shane Kilkelly
6df88ebc49
Filter "comments" if restricted user.
2019-10-30 13:54:40 +00:00
Shane Kilkelly
403caa65e8
Revert "Revert "Track the isRestrictedUser
flag on clients""
...
This reverts commit 651e392a7c644403f199e1b03e7494b61ce71d0c.
2019-10-30 13:52:36 +00:00
Simon Detheridge
925a8651c1
Revert "Track the isRestrictedUser
flag on clients"
2019-10-22 10:17:38 +01:00
Shane Kilkelly
df6cd4a054
Also block getConnectedUsers for restricted users.
...
Plus refactor to use a pass list instead of a deny list.
2019-10-04 13:41:49 +01:00
Shane Kilkelly
6765d03339
Track the isRestrictedUser
flag on clients
...
Then, don't send new chat messages and new comments to those restricted clients.
We do this because we don't want to leak private information (email addresses
and names) to "restricted" users, those who have read-only access via a
shared token.
2019-10-04 10:30:24 +01:00
Brian Gough
d57b229e17
update tests
2019-08-14 13:03:14 +01:00
Brian Gough
159b39c491
ensure redis channel is subscribed when joining room
2019-07-23 17:02:09 +01:00
Brian Gough
40353a410f
fix unit tests
2019-07-19 08:49:57 +01:00
miguel
46dfe56b05
Downgraded unathorised log to warning
2019-06-21 07:30:12 +02:00
Chrystal Maria Griffiths
0b88a63444
Merge pull request #35 from sharelatex/cmg-anonymous-display-name
...
Nameless logged in user labelled as anonymous
2019-02-15 14:53:18 +00:00
Chrystal Griffiths
bb06f82e04
Still send cursorData for logged in users
2019-02-12 14:00:47 +00:00
Chrystal Griffiths
cb12e1c6f6
Send an empty string for every nameless user
2019-02-08 15:39:51 +00:00
Henry Oswald
bbd88e75eb
fix broken tests
2018-12-05 15:41:12 +00:00
Shane Kilkelly
675814f1b1
Handle the case where the user has only a last_name set
2017-12-13 10:28:35 +00:00
Shane Kilkelly
06c8729ce7
If a user has only their first_name
set, don't label as Anonymous
2017-12-12 15:27:50 +00:00
Brian Gough
c8ad331551
fix unit tests
2017-11-13 09:41:04 +00:00
Shane Kilkelly
3b39464aa5
Merge branch 'master' into sk-unlisted-projects
2017-11-02 10:58:41 +00:00
Shane Kilkelly
d4c735c3ea
Pass anonymous-read token along as header to web-api
2017-09-26 14:21:41 +01:00
Alasdair Smith
785d6e2eea
Add tests for comment & change encoding
2017-09-22 10:56:08 +01:00
Alasdair Smith
b8d3f34e54
Fix joinDoc tests not passing options arg and restructure tests
2017-09-22 10:56:08 +01:00
James Allen
d8ff8ba098
Merge pull request #11 from sharelatex/ja-allow-readonly-comments
...
Allow readonly users to submit comments
2017-03-20 14:25:03 +00:00
James Allen
8766646149
Allow users to send a comment update if they are read-only
2017-03-15 15:45:52 +00:00
Brian Gough
d468f662ac
handle disconnects of unauthenticated users
2017-02-23 12:04:36 +00:00
James Allen
bf2620ee0c
Return ranges from docupdater to client
2016-12-08 11:37:31 +00:00
Brian Gough
ef85bce3b8
track permissions when clients join and leave docs
2016-09-05 12:46:52 +01:00
James Allen
030abc5340
Don't flush to track changes now that this happens in doc updater
2016-01-20 17:51:24 +00:00
James Allen
79cd0e6a5c
Record user id correctly when updating position
2015-02-05 13:41:31 +00:00
James Allen
57a34e940e
Authorize users before updating their cursor positions
2014-11-24 12:05:05 +00:00
James Allen
66dfafdebe
Add metrics into all end points
2014-11-17 13:12:49 +00:00
James Allen
80b7875414
Add in leaveProject handler
2014-11-14 16:51:55 +00:00
James Allen
347ceaaf03
Listen for updates from doc updater and send them to clients
2014-11-14 15:30:18 +00:00
James Allen
fef5f6b775
Add acceptance tests for applyOtUpdate
2014-11-14 10:12:35 +00:00
James Allen
f0e69bfe2d
Add appltOtUpdate end point (sans acceptance tests for now)
2014-11-13 17:07:05 +00:00
James Allen
cc1c85ebf8
Distribute server side socket.io updates over Redis Pub/Sub
2014-11-13 16:03:37 +00:00
James Allen
e769819521
Add in clientTracking.updatePosition end point
2014-11-13 15:27:18 +00:00
James Allen
84778b5961
Mark user as connected for cursor updates when joining project
2014-11-13 13:05:49 +00:00
James Allen
0b18edeff3
Add in /clients and /client/:client_id status end points
2014-11-13 11:48:49 +00:00
James Allen
8b923d2fda
Add in leaveDoc end point
2014-11-12 16:51:48 +00:00
James Allen
eb8ccc0298
Create joinDoc socket.io end point
2014-11-12 15:54:55 +00:00
James Allen
dc60f2b736
Add acceptance test for unauthorized project joining
2014-11-10 11:38:26 +00:00
James Allen
02c0a3a867
Create joinProject socket.io endpoint
2014-11-10 11:27:08 +00:00