Commit graph

394 commits

Author SHA1 Message Date
Henry Oswald
cf48c94725 rate limit pdf downloads 2015-10-30 11:56:01 +00:00
Henry Oswald
1c91de0395 added function to get project with only folders for quicker adding of files to large projects 2015-10-21 16:56:06 +01:00
Henry Oswald
d9734953a6 don't archive project in track changes for moment 2015-10-20 17:36:37 +01:00
Henry Oswald
a94a03fc3e added missing stubbed module call breaking tests 2015-10-19 15:48:59 +01:00
Henry Oswald
2c32126f68 archive in track changes as well as docstore 2015-10-19 15:44:50 +01:00
Henry Oswald
f1d07811df update the entire users features on assign bonus bu don't update
the user features if there is nothing to update when assigning bonus
2015-10-07 13:50:51 +01:00
Henry Oswald
b69ec9768d bonus allocater does not need to check if user has subscription any more. 2015-10-05 16:50:34 +01:00
Henry Oswald
fae7d431f4 after subscription is updated always check bonus 2015-10-05 16:33:13 +01:00
Henry Oswald
9a60617162 change referral allocated to only upgrade features and to find highest level
i.e. user has referred 5 users, there are bonus levels for 3 & 6 shares, auto takes 3 users now.
2015-10-05 12:30:03 +01:00
Henry Oswald
5ffd76c670 Merge branch 'master' of https://github.com/sharelatex/web-sharelatex 2015-09-14 15:36:08 +01:00
Henrique Dias
3be0425b45 add unit tests for wordcount 2015-09-11 10:21:05 -03:00
James Allen
639424f664 Don't error on project clone if not root doc is set 2015-09-02 14:32:21 +01:00
Shane Kilkelly
0aaeb6671e Keep password reset token in session, and strip it from reset page url.
This fixes an issue where the reset token was leaked in the referrer header
when navigating away from the password reset page to an external site.

Now we get the token from the query string, store it in the session,
then redirect to the bare url of the password reset page, which then
uses the stored token to render the reset form.
2015-08-24 11:53:33 +01:00
Shane Kilkelly
23bd5d317c A few extra cases which should not be treated as html. 2015-08-20 15:58:36 +01:00
Shane Kilkelly
ebf754904f More thorough tests for the FileStoreController when downloading .html files. 2015-08-20 15:56:56 +01:00
Shane Kilkelly
85c1704fc5 Test that content-type is set for mobile-safari user-agents. 2015-08-20 14:03:12 +01:00
Shane Kilkelly
ce248f56d7 Un-break FileStoreControllerTests by mocking out the req.get method. 2015-08-20 12:28:51 +01:00
Henry Oswald
0e9ec00f85 added stubbed logger in document controller tests 2015-08-19 11:58:59 +01:00
Henry Oswald
63580f6a79 remove useClsi2 flag in project collection 2015-08-19 11:58:41 +01:00
Henry Oswald
50fc886c94 changed inactive to active as its more effienct query in mongo 2015-08-19 11:54:30 +01:00
Henry Oswald
70b825fd2a fixed call to ProjectUpdateHandler.markAsOpened and made it async 2015-08-14 11:27:11 +01:00
Henry Oswald
68e970cd69 Merge branch 'master' of https://github.com/sharelatex/web-sharelatex 2015-08-14 09:31:25 +01:00
Henry Oswald
a0142d4415 added inactive and reactivate project logic 2015-08-13 22:40:28 +01:00
Henry Oswald
3ecf201eda send -> sendStatus 2015-07-08 16:56:38 +01:00
Henry Oswald
8020cd8f47 removed tpds from settings.defaults.coffee, if not set updates are now not queued 2015-07-02 12:09:08 +01:00
Henry Oswald
7fd29b18a8 destroy users session before creating a new one for them after login
session changed to prevent against fixation attacks
2015-07-01 15:29:02 +01:00
Henry Oswald
4f0b922a5d changed name used when project or file uploaded, this changed when
we started using https://github.com/expressjs/multer

* originalname - Name of the file on the user's computer
* name - Renamed file name
2015-07-01 15:28:49 +01:00
Henry Oswald
15a57f5dc4 removed req.session.destorys from endpoints now on the api router which are not needed 2015-07-01 15:26:05 +01:00
Henry Oswald
2ec925b45e fairy removed from web, makes http request to tpds worker now 2015-06-22 22:33:04 +01:00
Henry Oswald
33aa5c732f if a domain licence link has expired render a nice message explaining they need to retry 2015-06-01 12:43:42 +01:00
Henry Oswald
d3f6c0c614 Merge branch 'user-csv' of git://github.com/heukirne/web-sharelatex into heukirne-user-csv 2015-05-29 12:17:54 +01:00
Henry Oswald
e4011b9ba1 Merge branch 'emailverification' 2015-05-29 12:10:02 +01:00
Henrique Dias
f709ddf3eb add csv export unit tests 2015-05-28 17:22:49 -03:00
Henry Oswald
43c4531e51 kill off CollaboratorsHandler. changeUsersPrivilegeLevel as it is not used anywhere 2015-05-28 13:02:08 +01:00
Henry Oswald
b657c5207e cleaned up the views a bit 2015-05-27 21:45:29 +01:00
Henry Oswald
22b94e9246 renamed SubscriptionDomainAllocator -> SubscriptionDomainHandler 2015-05-27 20:57:54 +01:00
Henry Oswald
4773d6d22f added tests around new endpoints for joining groups 2015-05-27 20:50:16 +01:00
Henry Oswald
f27c072ae1 pull logic checking if user is already part of a group out of controller into handler 2015-05-27 16:33:47 +01:00
Henry Oswald
72e528e9d1 if you are alread in the group show the custom group page 2015-05-27 15:50:28 +01:00
Henry Oswald
79fa49a43d if a user is elelable to be part of a group subscription and they go to
/user/subscription it should redirect them to the group subscription invite
2015-05-27 15:35:31 +01:00
Henry Oswald
841231dbf8 make PasswordResetTokenHandler generic so it can be used for invites 2015-05-26 15:24:09 +01:00
Brian Gough
e51cdb81bd port leak fixes from smoke-test-sharelatex module 2015-05-26 10:54:55 +01:00
Brian Gough
cc9c8fdc94 freeze Date in Recurly tests before all calls
beforeEach freezes and resets for each subtest, which does not give
the desired result as the time increases between each subtest, we want
to freeze once at the beginning and reset at the end using before/after.
2015-05-19 15:00:30 +01:00
Henry Oswald
f5c39efcac patched xss hole with messages not setting the content type correctly 2015-05-19 11:04:52 +01:00
Brian Gough
3051d7dab6 modify LockManager test to avoid dependence on timing 2015-05-18 09:14:28 +01:00
Henry Oswald
9764ab258b added complex password validation to password resets 2015-04-30 12:05:46 +01:00
Henry Oswald
a7640b5bbd changed authentication controller to use req.parsedUrl.pathname as query strings on req.url were breaking the whitelist 2015-04-30 11:57:40 +01:00
Henry Oswald
6669884f44 Merge branch 'tpds-cleanup' 2015-04-23 10:06:26 +01:00
Henry Oswald
7a46b98c82 fixed unit tests for deleting files sent from tpds 2015-04-22 15:08:29 +01:00
James Allen
5c30a7de67 Add in option for global login requirement (defaults to on) 2015-04-15 11:14:53 +01:00