Henry Oswald
cf48c94725
rate limit pdf downloads
2015-10-30 11:56:01 +00:00
Henry Oswald
1c91de0395
added function to get project with only folders for quicker adding of files to large projects
2015-10-21 16:56:06 +01:00
Henry Oswald
d9734953a6
don't archive project in track changes for moment
2015-10-20 17:36:37 +01:00
Henry Oswald
a94a03fc3e
added missing stubbed module call breaking tests
2015-10-19 15:48:59 +01:00
Henry Oswald
2c32126f68
archive in track changes as well as docstore
2015-10-19 15:44:50 +01:00
Henry Oswald
f1d07811df
update the entire users features on assign bonus bu don't update
...
the user features if there is nothing to update when assigning bonus
2015-10-07 13:50:51 +01:00
Henry Oswald
b69ec9768d
bonus allocater does not need to check if user has subscription any more.
2015-10-05 16:50:34 +01:00
Henry Oswald
fae7d431f4
after subscription is updated always check bonus
2015-10-05 16:33:13 +01:00
Henry Oswald
9a60617162
change referral allocated to only upgrade features and to find highest level
...
i.e. user has referred 5 users, there are bonus levels for 3 & 6 shares, auto takes 3 users now.
2015-10-05 12:30:03 +01:00
Henry Oswald
5ffd76c670
Merge branch 'master' of https://github.com/sharelatex/web-sharelatex
2015-09-14 15:36:08 +01:00
Henrique Dias
3be0425b45
add unit tests for wordcount
2015-09-11 10:21:05 -03:00
James Allen
639424f664
Don't error on project clone if not root doc is set
2015-09-02 14:32:21 +01:00
Shane Kilkelly
0aaeb6671e
Keep password reset token in session, and strip it from reset page url.
...
This fixes an issue where the reset token was leaked in the referrer header
when navigating away from the password reset page to an external site.
Now we get the token from the query string, store it in the session,
then redirect to the bare url of the password reset page, which then
uses the stored token to render the reset form.
2015-08-24 11:53:33 +01:00
Shane Kilkelly
23bd5d317c
A few extra cases which should not be treated as html.
2015-08-20 15:58:36 +01:00
Shane Kilkelly
ebf754904f
More thorough tests for the FileStoreController when downloading .html files.
2015-08-20 15:56:56 +01:00
Shane Kilkelly
85c1704fc5
Test that content-type is set for mobile-safari user-agents.
2015-08-20 14:03:12 +01:00
Shane Kilkelly
ce248f56d7
Un-break FileStoreControllerTests by mocking out the req.get
method.
2015-08-20 12:28:51 +01:00
Henry Oswald
0e9ec00f85
added stubbed logger in document controller tests
2015-08-19 11:58:59 +01:00
Henry Oswald
63580f6a79
remove useClsi2 flag in project collection
2015-08-19 11:58:41 +01:00
Henry Oswald
50fc886c94
changed inactive to active as its more effienct query in mongo
2015-08-19 11:54:30 +01:00
Henry Oswald
70b825fd2a
fixed call to ProjectUpdateHandler.markAsOpened and made it async
2015-08-14 11:27:11 +01:00
Henry Oswald
68e970cd69
Merge branch 'master' of https://github.com/sharelatex/web-sharelatex
2015-08-14 09:31:25 +01:00
Henry Oswald
a0142d4415
added inactive and reactivate project logic
2015-08-13 22:40:28 +01:00
Henry Oswald
3ecf201eda
send -> sendStatus
2015-07-08 16:56:38 +01:00
Henry Oswald
8020cd8f47
removed tpds from settings.defaults.coffee, if not set updates are now not queued
2015-07-02 12:09:08 +01:00
Henry Oswald
7fd29b18a8
destroy users session before creating a new one for them after login
...
session changed to prevent against fixation attacks
2015-07-01 15:29:02 +01:00
Henry Oswald
4f0b922a5d
changed name used when project or file uploaded, this changed when
...
we started using https://github.com/expressjs/multer
* originalname - Name of the file on the user's computer
* name - Renamed file name
2015-07-01 15:28:49 +01:00
Henry Oswald
15a57f5dc4
removed req.session.destorys from endpoints now on the api router which are not needed
2015-07-01 15:26:05 +01:00
Henry Oswald
2ec925b45e
fairy removed from web, makes http request to tpds worker now
2015-06-22 22:33:04 +01:00
Henry Oswald
33aa5c732f
if a domain licence link has expired render a nice message explaining they need to retry
2015-06-01 12:43:42 +01:00
Henry Oswald
d3f6c0c614
Merge branch 'user-csv' of git://github.com/heukirne/web-sharelatex into heukirne-user-csv
2015-05-29 12:17:54 +01:00
Henry Oswald
e4011b9ba1
Merge branch 'emailverification'
2015-05-29 12:10:02 +01:00
Henrique Dias
f709ddf3eb
add csv export unit tests
2015-05-28 17:22:49 -03:00
Henry Oswald
43c4531e51
kill off CollaboratorsHandler. changeUsersPrivilegeLevel as it is not used anywhere
2015-05-28 13:02:08 +01:00
Henry Oswald
b657c5207e
cleaned up the views a bit
2015-05-27 21:45:29 +01:00
Henry Oswald
22b94e9246
renamed SubscriptionDomainAllocator -> SubscriptionDomainHandler
2015-05-27 20:57:54 +01:00
Henry Oswald
4773d6d22f
added tests around new endpoints for joining groups
2015-05-27 20:50:16 +01:00
Henry Oswald
f27c072ae1
pull logic checking if user is already part of a group out of controller into handler
2015-05-27 16:33:47 +01:00
Henry Oswald
72e528e9d1
if you are alread in the group show the custom group page
2015-05-27 15:50:28 +01:00
Henry Oswald
79fa49a43d
if a user is elelable to be part of a group subscription and they go to
...
/user/subscription it should redirect them to the group subscription invite
2015-05-27 15:35:31 +01:00
Henry Oswald
841231dbf8
make PasswordResetTokenHandler generic so it can be used for invites
2015-05-26 15:24:09 +01:00
Brian Gough
e51cdb81bd
port leak fixes from smoke-test-sharelatex module
2015-05-26 10:54:55 +01:00
Brian Gough
cc9c8fdc94
freeze Date in Recurly tests before all calls
...
beforeEach freezes and resets for each subtest, which does not give
the desired result as the time increases between each subtest, we want
to freeze once at the beginning and reset at the end using before/after.
2015-05-19 15:00:30 +01:00
Henry Oswald
f5c39efcac
patched xss hole with messages not setting the content type correctly
2015-05-19 11:04:52 +01:00
Brian Gough
3051d7dab6
modify LockManager test to avoid dependence on timing
2015-05-18 09:14:28 +01:00
Henry Oswald
9764ab258b
added complex password validation to password resets
2015-04-30 12:05:46 +01:00
Henry Oswald
a7640b5bbd
changed authentication controller to use req.parsedUrl.pathname as query strings on req.url were breaking the whitelist
2015-04-30 11:57:40 +01:00
Henry Oswald
6669884f44
Merge branch 'tpds-cleanup'
2015-04-23 10:06:26 +01:00
Henry Oswald
7a46b98c82
fixed unit tests for deleting files sent from tpds
2015-04-22 15:08:29 +01:00
James Allen
5c30a7de67
Add in option for global login requirement (defaults to on)
2015-04-15 11:14:53 +01:00