Commit graph

135 commits

Author SHA1 Message Date
Jakob Ackermann
55af5e502f [WebsocketController] skip leaveProject when joinProject didn't complete
Also drop dead code:
 - user_id bailout

   There is a check on a completed joinProject call now. It will always
    set a user_id, see Router.coffee which has a fallback `{_id:"..."}`.

 - late project_id bailout

   WebsocketLoadBalancer.emitToRoom will not work without a project_id.
   We have to bail out before the call.
2020-05-12 17:15:08 +02:00
Jakob Ackermann
684cb3903c [WebsocketController] handle redis subscribe error on joinProject
joinProject should not complete when the redis pub/sub subscribe request
 failed.
2020-05-12 13:03:50 +02:00
Brian Gough
5c28da1031 add metric for pendingUpdates queue 2020-04-07 11:53:54 +01:00
Jakob Ackermann
56628a16c6 [misc] track redis pub/sub payload sizes on publish 2020-03-30 11:31:44 +02:00
Jakob Ackermann
af53d3b603 [misc] skip duplicate JSON serialization for size check 2020-03-24 11:22:28 +01:00
Jakob Ackermann
cb675d38c2 [misc] SafeJsonParse: align the size limit with the frontend->rt limit
frontend -> real-time and doc-updater -> real-time should be in sync.
Otherwise we can send a payload to doc-updater, but can not receive the
 confirmation of it -- and the client will send it again in a loop.

Also log the size of the payload.
2020-03-24 09:14:15 +01:00
Jakob Ackermann
15244a54be [misc] WebsocketController: limit the update size to 7mb
bail out early on -- especially do not push the update into redis for
 doc-updater to discard it.

Confirm the update silently, otherwise the frontend will send it again.
Broadcast a 'otUpdateError' message and disconnect the client, like
 doc-updater would do.
2020-03-24 09:12:12 +01:00
Shane Kilkelly
6df88ebc49 Filter "comments" if restricted user. 2019-10-30 13:54:40 +00:00
Shane Kilkelly
403caa65e8 Revert "Revert "Track the isRestrictedUser flag on clients""
This reverts commit 651e392a7c644403f199e1b03e7494b61ce71d0c.
2019-10-30 13:52:36 +00:00
Simon Detheridge
925a8651c1 Revert "Track the isRestrictedUser flag on clients" 2019-10-22 10:17:38 +01:00
Shane Kilkelly
06aa578bdc Make it an error when we get no data from joinProject 2019-10-11 09:57:16 +01:00
Shane Kilkelly
df6cd4a054 Also block getConnectedUsers for restricted users.
Plus refactor to use a pass list instead of a deny list.
2019-10-04 13:41:49 +01:00
Shane Kilkelly
6765d03339 Track the isRestrictedUser flag on clients
Then, don't send new chat messages and new comments to those restricted clients.
We do this because we don't want to leak private information (email addresses
and names) to "restricted" users, those who have read-only access via a
shared token.
2019-10-04 10:30:24 +01:00
Simon Detheridge
21e294c6eb Generate retryable error when hitting rate limits in web 2019-09-02 11:27:04 +01:00
Brian Gough
fe2e7b3065 minimal fix for undefined connected users 2019-08-16 10:07:30 +01:00
Brian Gough
fa94e3d5e3 Merge pull request #69 from overleaf/ho-drain-connections-timewindow
add shutdownDrainTimeWindow, drains all connections within time range
2019-08-15 09:22:10 +01:00
Brian Gough
d57b229e17 update tests 2019-08-14 13:03:14 +01:00
Brian Gough
7db882f339 fix unit tests 2019-08-13 17:26:49 +01:00
Henry Oswald
00cca29d9e add shutdownDrainTimeWindow, drains all connections within time range 2019-08-13 14:21:47 +01:00
Brian Gough
478a727c61 ignore spurious requests to leave other docs 2019-07-29 15:19:08 +01:00
Brian Gough
22d722f3e8 add metric for RoomEvents listeners 2019-07-24 16:25:45 +01:00
Brian Gough
e14a94906a update naming from Set -> Map 2019-07-24 14:18:15 +01:00
Brian Gough
61b3a000b4 fix whitespace 2019-07-24 09:52:20 +01:00
Brian Gough
159b39c491 ensure redis channel is subscribed when joining room 2019-07-23 17:02:09 +01:00
Brian Gough
bb629c27a1 rename unit test ChannelManager to ChannelManagerTests 2019-07-22 11:28:49 +01:00
Brian Gough
1afebd12a1 unit tests 2019-07-22 11:23:43 +01:00
Brian Gough
9f7df5f10c wip unit tests 2019-07-19 11:58:40 +01:00
Brian Gough
40353a410f fix unit tests 2019-07-19 08:49:57 +01:00
Brian Gough
dd54789e2b fix build problems 2019-07-09 12:20:59 +01:00
Brian Gough
b5f9bc422b support multple redis instances for pubsub 2019-07-08 15:56:25 +01:00
miguel
46dfe56b05 Downgraded unathorised log to warning 2019-06-21 07:30:12 +02:00
Brian Gough
a579a83389 Merge pull request #53 from overleaf/em-doc-updater-404s
Do not log error on doc updater 404
2019-06-03 10:55:04 +01:00
Brian Gough
40f3456b1c update unit test 2019-06-03 10:34:59 +01:00
Eric Mc Sween
acf850bce9 Do not log error on doc updater 404
Document updater 404s are not indicative of a problem, but just of the client
trying to connect to a deleted document, which is easy to trigger. We
log a warning instead.
2019-05-31 17:32:21 -04:00
Brian Gough
20d5cc69a4 filter invalid updates 2019-05-24 10:19:02 +01:00
Brian Gough
2dbdcf5bc8 add health check to pubsub channels 2019-04-15 14:17:55 +01:00
Brian Gough
6374a641d5 fix unit tests 2019-04-11 15:07:42 +01:00
Brian Gough
893515e83f handle duplicate entries in io.sockets.clients 2019-04-09 14:48:00 +01:00
Brian Gough
936311f1fb fix eventlogger tests to use name with dashes 2019-03-22 11:20:38 +00:00
Brian Gough
efa83b4cde stub out eventlogger in unit test 2019-03-22 11:19:31 +00:00
Brian Gough
befe4be517 add check for duplicate events 2019-03-19 14:22:11 +00:00
Chrystal Maria Griffiths
0b88a63444 Merge pull request #35 from sharelatex/cmg-anonymous-display-name
Nameless logged in user labelled as anonymous
2019-02-15 14:53:18 +00:00
Chrystal Griffiths
bb06f82e04 Still send cursorData for logged in users 2019-02-12 14:00:47 +00:00
Chrystal Griffiths
cb12e1c6f6 Send an empty string for every nameless user 2019-02-08 15:39:51 +00:00
Henry Oswald
bbd88e75eb fix broken tests 2018-12-05 15:41:12 +00:00
Shane Kilkelly
675814f1b1 Handle the case where the user has only a last_name set 2017-12-13 10:28:35 +00:00
Shane Kilkelly
06c8729ce7 If a user has only their first_name set, don't label as Anonymous 2017-12-12 15:27:50 +00:00
Brian Gough
c8ad331551 fix unit tests 2017-11-13 09:41:04 +00:00
Shane Kilkelly
3b39464aa5 Merge branch 'master' into sk-unlisted-projects 2017-11-02 10:58:41 +00:00
Shane Kilkelly
d4c735c3ea Pass anonymous-read token along as header to web-api 2017-09-26 14:21:41 +01:00
Alasdair Smith
785d6e2eea Add tests for comment & change encoding 2017-09-22 10:56:08 +01:00
Alasdair Smith
b8d3f34e54 Fix joinDoc tests not passing options arg and restructure tests 2017-09-22 10:56:08 +01:00
Brian Gough
ab6fe1d948 check for null bytes from JSON.stringify 2017-06-01 11:27:56 +01:00
James Allen
642134da79 Don't return a user if there is no entry
ioredis returns a blank object, {}, if there is no key with hgetall.
Previously, node-redis returned nil. So we need to check for a blank
object as well as a nil object.
2017-05-16 11:06:05 +01:00
James Allen
a8917b933f Remove multi call to make compatible with redis-cluster 2017-05-11 17:27:28 +01:00
James Allen
720f24427a Use new redis-sharelatex with support for cluster 2017-05-02 15:51:17 +01:00
James Allen
d8ff8ba098 Merge pull request #11 from sharelatex/ja-allow-readonly-comments
Allow readonly users to submit comments
2017-03-20 14:25:03 +00:00
James Allen
8766646149 Allow users to send a comment update if they are read-only 2017-03-15 15:45:52 +00:00
Brian Gough
d468f662ac handle disconnects of unauthenticated users 2017-02-23 12:04:36 +00:00
James Allen
bf2620ee0c Return ranges from docupdater to client 2016-12-08 11:37:31 +00:00
James Allen
59d042e264 Add end point to start draining clients 2016-10-24 16:36:09 +01:00
Brian Gough
ef85bce3b8 track permissions when clients join and leave docs 2016-09-05 12:46:52 +01:00
James Allen
51939512ac Return semantic error if doc ops range is not loaded 2016-05-31 14:21:23 +01:00
James Allen
030abc5340 Don't flush to track changes now that this happens in doc updater 2016-01-20 17:51:24 +00:00
James Allen
830d676f4f Add in limit on all JSON parsing 2015-12-01 11:05:49 +00:00
James Allen
503b766dcc For duplicate ops only send ack to submitting client
When a duplicate op is received, we only need to ack it to client
that sent it. Only that client is having trouble, and all other clients
will already have received it.
2015-11-19 10:58:28 +00:00
James Allen
79cd0e6a5c Record user id correctly when updating position 2015-02-05 13:41:31 +00:00
James Allen
43a008c0bc Stub logger in unit tests 2014-11-24 15:42:13 +00:00
James Allen
57a34e940e Authorize users before updating their cursor positions 2014-11-24 12:05:05 +00:00
James Allen
ce587a00ba Send web requests with HTTP auth 2014-11-17 14:35:07 +00:00
James Allen
66dfafdebe Add metrics into all end points 2014-11-17 13:12:49 +00:00
James Allen
80b7875414 Add in leaveProject handler 2014-11-14 16:51:55 +00:00
James Allen
fd56655529 Add in track changes and doc updater flushing calls 2014-11-14 15:53:59 +00:00
James Allen
347ceaaf03 Listen for updates from doc updater and send them to clients 2014-11-14 15:30:18 +00:00
James Allen
fef5f6b775 Add acceptance tests for applyOtUpdate 2014-11-14 10:12:35 +00:00
James Allen
f0e69bfe2d Add appltOtUpdate end point (sans acceptance tests for now) 2014-11-13 17:07:05 +00:00
James Allen
cc1c85ebf8 Distribute server side socket.io updates over Redis Pub/Sub 2014-11-13 16:03:37 +00:00
James Allen
e769819521 Add in clientTracking.updatePosition end point 2014-11-13 15:27:18 +00:00
James Allen
84778b5961 Mark user as connected for cursor updates when joining project 2014-11-13 13:05:49 +00:00
James Allen
f7482014ce Import ConnectedUsersManager from web 2014-11-13 12:27:46 +00:00
James Allen
0b18edeff3 Add in /clients and /client/:client_id status end points 2014-11-13 11:48:49 +00:00
James Allen
8b923d2fda Add in leaveDoc end point 2014-11-12 16:51:48 +00:00
James Allen
eb8ccc0298 Create joinDoc socket.io end point 2014-11-12 15:54:55 +00:00
James Allen
dc60f2b736 Add acceptance test for unauthorized project joining 2014-11-10 11:38:26 +00:00
James Allen
02c0a3a867 Create joinProject socket.io endpoint 2014-11-10 11:27:08 +00:00