Commit graph

443 commits

Author SHA1 Message Date
Hugh O'Brien
b825f0b267 Merge branch 'master' into hb-v2-affiliations-callback 2018-10-11 17:14:35 +01:00
Paulo Reis
b0802380ae Update tests 2018-10-10 14:09:47 +01:00
Paulo Reis
901fb0fc1e Unit test brand variation id. 2018-10-10 14:09:47 +01:00
Simon Detheridge
ea2782ff22 Merge pull request #1005 from sharelatex/spd-no-more-asterisks
Sanitize paths in all relevant ProjectEntityHandler methods
2018-10-10 10:44:13 +01:00
Tim Alby
48e5c6b523 add UserMembership logic 2018-10-09 12:09:11 +01:00
Brian Gough
a68bde819d Merge pull request #1004 from sharelatex/ta-test-mock-fix
Fix Test Mock
2018-10-09 10:35:50 +01:00
Simon Detheridge
56dcbefb5b Check for safe paths in all ProjectEntityHandler methods
Some import mechanisms (for example, Github project import) call methods such as 'upsert*' directly, bypassing existing filename checks.

Added checks to all methods in ProjectEntityHandler that can create or rename a file.

bug: overleaf/sharelatex#908
Signed-off-by: Simon Detheridge <s@sd.ai>
2018-10-08 15:31:04 +01:00
Simon Detheridge
e66210d2af Add method to sanitize full paths
For convenience, add a method to SafePath to break a path into components and verify the status of each one.

bug: overleaf/sharelatex#908
Signed-off-by: Simon Detheridge <s@sd.ai>
2018-10-08 14:48:17 +01:00
hugh-obrien
f6307f9086 store reversedHostname property and update test accordingly 2018-10-08 13:37:12 +01:00
hugh-obrien
3919acad46 store reversed hostname and review fixes for v2 university domain confirmation 2018-10-08 12:08:29 +01:00
Alasdair Smith
e129172553 Fix ordering of boolean check to be more readable 2018-10-08 11:25:24 +01:00
Alasdair Smith
1ef947b1fe Fix tests after refactoring register validation 2018-10-08 10:44:25 +01:00
Hugh O'Brien
cc962c3e6f Merge pull request #978 from sharelatex/hb-use-exports-for-pdf-from-publish-modal
Generic Zip or Pdf Exports endpoint
2018-10-08 10:13:18 +01:00
hugh-obrien
65ecdf84f4 cleanup and tests for v2 affiliations confirmation 2018-10-07 16:40:26 +01:00
Tim Alby
c00a0a435d remove console.log in tests 2018-10-05 16:24:28 +01:00
Tim Alby
7b4b75b51a fix incorrect or missing test mocks 2018-10-05 16:24:05 +01:00
Shane Kilkelly
2ef23194df WIP: trying to get acceptance tests to pass 2018-10-04 15:05:40 +01:00
Shane Kilkelly
f9ed367148 Move the auth mechanism for sudo-mode into SudoModeHandler 2018-10-04 15:05:40 +01:00
Ersun Warncke
752658f773 Merge pull request #990 from sharelatex/ew-use-v1-doc-info-api
Use v1 Doc Info API for Token Access
2018-10-03 09:22:41 -04:00
Timothée Alby
c74c782cee Merge pull request #961 from sharelatex/ta-account-sync-affiliations
Add getInstitutionsPlan Function
2018-10-03 14:19:56 +01:00
Brian Gough
2b738907aa Merge pull request #989 from sharelatex/bg-clean-up-broken-project-on-error
clean up broken project on error in ProjectDuplicator
2018-10-03 10:04:30 +01:00
Ersun Warncke
642b45d0d6 use v1 doc info api 2018-10-02 11:16:46 -04:00
Brian Gough
4621234220 clean up broken project on error in ProjectDuplicator 2018-10-02 12:14:22 +01:00
Alasdair Smith
1330c8da73 Also check if v1 project exported if not found for read-only tokens 2018-09-28 11:47:14 +01:00
Alasdair Smith
435fe11115 Check if v1 project was exported if not found
This prevents a redirect loop for projects which were exported but then
deleted on v2. v2 would not find the project, redirect to v1, which
would find that it was exported and redirect back to v2.
2018-09-28 11:47:14 +01:00
Brian Gough
6d5908f2f4 Merge pull request #893 from sharelatex/ja-fix-duplicate-text-in-email
Don't include the license name twice in invite emails
2018-09-28 11:15:40 +01:00
Brian Gough
1f6abd4e69 fix invalid project names when opening templates 2018-09-28 10:38:25 +01:00
Brian Gough
6b80d3563d add support for creating unique project names 2018-09-28 09:48:15 +01:00
hugh-obrien
52859cdfaa make the zip fetching endpoint for exports generic to either zips or pdfs 2018-09-27 16:11:11 +01:00
Ersun Warncke
a23f0a3d15 fix test failure from merge 2018-09-25 08:54:01 -04:00
Ersun Warncke
7b90fcb186 Merge pull request #969 from sharelatex/ew-check-doc-token-access
check access for doc on read only token
2018-09-25 08:35:56 -04:00
Ersun Warncke
eeed857dd9 change api path 2018-09-25 06:45:27 -04:00
Ersun Warncke
f0c0834b0f only do v1 access check when api config present 2018-09-25 05:42:04 -04:00
James Allen
e2f90ba01a Merge pull request #966 from sharelatex/as-no-project-token-based
Redirect logged out users to v1 if project is not found from token based url
2018-09-25 10:25:30 +01:00
Alasdair Smith
298ee2dbb4 Fix v1 return to path 2018-09-25 10:06:24 +01:00
Alasdair Smith
ca895ae1b1 Redirect to v1 via sign in link 2018-09-25 09:37:22 +01:00
Brian Gough
89ba3912c0 Merge pull request #964 from sharelatex/csh-issue-963-MultipleProjectDownloads
Replace ShareLaTeX with Overleaf in name of multiple project download file
2018-09-25 09:33:53 +01:00
Brian Gough
5947294016 Merge branch 'bg-support-main-file-for-templates' 2018-09-25 09:32:14 +01:00
Brian Gough
0d4143205d strip quotes from mainFile 2018-09-25 09:05:49 +01:00
Ersun Warncke
f89e85231a check access for doc on read only token 2018-09-24 18:03:28 -04:00
Alasdair Smith
d6350c963e Remove projectExists flag from higher access check
Now that find project by read and read/write token methods check whether
the project exists, it is not neccessary to check whether the project
exists in the higher access check. Therefore it has been removed
2018-09-24 19:00:10 +01:00
Alasdair Smith
99dec02266 If no project found for read/write token, redirect to v1 2018-09-24 19:00:10 +01:00
Alasdair Smith
237810509a If no project found for read token, redirect to v1 2018-09-24 19:00:10 +01:00
Christopher Hoskin
5c35cc9593 Replace ShareLaTeX with Overleaf in name of multiple project download file (Closes: #963) 2018-09-24 16:33:54 +01:00
Brian Gough
418bc10a18 allow getting doc paths by project id 2018-09-24 16:04:23 +01:00
Brian Gough
5954e45016 add missing require 2018-09-24 15:44:09 +01:00
Brian Gough
2692090f3f support a mainFile parameter for templates 2018-09-24 15:27:16 +01:00
Tim Alby
51c5228288 add getInstitutionsPlan function 2018-09-24 13:16:31 +01:00
hugh-obrien
c0b32f031e force gallery items to use legacy OL v1 texlive image 2018-09-24 10:49:01 +01:00
Hugh O'Brien
b377b89447 Merge pull request #933 from sharelatex/bg-avoid-exception-for-no-emails
fix exception when user has no emails field
2018-09-19 11:33:03 +01:00
Brian Gough
02854274a7 2018-09-18 14:09:05 +01:00
Timothée Alby
b6925647ef Merge pull request #922 from sharelatex/ta-forbid-null-query
Prevent Calls to UserGetter.getUser with Null Query
2018-09-18 12:24:19 +01:00
hugh-obrien
39f580d6ba fixing broken exports test 2018-09-18 10:13:33 +01:00
James Allen
40f08d1592 Add additional functionality to RedirectManager 2018-09-17 15:38:45 +01:00
Alasdair Smith
42cef8e393 Merge pull request #920 from sharelatex/mm-gallery-exports
Add gallery fields to export controller and handler
2018-09-17 09:42:26 +01:00
Alasdair Smith
e1e7091f30 Merge pull request #905 from sharelatex/as-project-intelligent-redirect
Intelligently redirect to v1 if no v2 project found
2018-09-17 09:40:52 +01:00
Tim Alby
41b92d4647 prevent calls to UserGetter.getUser with null query 2018-09-14 12:46:00 +01:00
Michael Mazour
10fcdd6daf Add optional gallery fields to export request
Support the optional (well, gallery-only) fields `title`, `description`, `author`, `license`, and `show_source` in export requests.
2018-09-14 11:02:51 +01:00
Tim Alby
0051e59309 remove unused call to UserGetter.getUser 2018-09-13 17:39:30 +01:00
James Allen
ef11161ddb Revert "Record and show last modified by user for projects" 2018-09-13 14:00:30 +01:00
Michael Mazour
1f976a0e04 Improve ExportsController unit tests
Test the params the handler's called with.
2018-09-13 12:24:03 +01:00
Alasdair Smith
8a969d1c25 Redirect directly from controller instead of via handler 2018-09-13 12:09:19 +01:00
Alasdair Smith
0c658127ef Add tests for ProjectNotTokenAccessError 2018-09-13 12:09:19 +01:00
James Allen
ab10336110 Record last update time and user from project-history 2018-09-13 10:38:52 +01:00
Hugh O'Brien
24c479e984 Merge pull request #885 from sharelatex/hb-ip-matcher-notifications
IP matcher affiliation CTA notifications
2018-09-13 08:59:25 +01:00
Ersun Warncke
7d3e17651f set options and method for request, pass cookies and form body 2018-09-10 06:10:36 -04:00
hugh-obrien
8ef90a0dcb move call for creating ip matched notifcation to project controller 2018-09-05 15:40:59 +01:00
Tim Alby
9ec60a128a add userHasSubscriptionOrIsGroupMember alias 2018-09-05 11:37:37 +01:00
hugh-obrien
23e6292fd7 updating tests for ip matcher logic 2018-09-05 11:22:26 +01:00
hugh-obrien
de83df2703 adding tests for ip matching notifications 2018-09-05 11:22:25 +01:00
James Allen
24f60bf791 Don't include the license name twice in invite emails 2018-09-05 11:05:38 +01:00
Shane Kilkelly
d432b6799f Merge pull request #888 from sharelatex/ta-v1-subscription-check-fix
Don't Regard v1 Teams as Paid Subscriptions
2018-09-05 10:22:46 +01:00
Ersun Warncke
e4e6a0fa1b add new tag methods 2018-09-03 10:40:28 -04:00
Tim Alby
3324796086 don't regard v1 teams as paid subscriptions
- use `userHasV1Subscription` instead of `userHasV1SubscriptionOrTeam` in `LimitationsManager.userHasSubscriptionOrIsGroupMember `
- remove `userHasV1SubscriptionOrTeam`
- rename `LimitationsManager.userHasSubscriptionOrIsGroupMember` to `LimitationsManager.hasPaidSubscription`
- rename some variables for clarity
2018-09-03 15:09:57 +01:00
James Allen
52381c8fb7 Merge pull request #851 from sharelatex/jel-remove-a-b-test
Remove Plans and Pricing A/B Test
2018-08-30 15:19:56 +01:00
Paulo Jorge Reis
cb4d4145a1 Merge pull request #855 from sharelatex/pr-v2-light-theme
v2 light theme
2018-08-30 11:24:52 +01:00
Ersun Warncke
afc22dc5c2 Revert "Merge pull request #790 from sharelatex/ew-add-cookie-and-form-to-proxy"
This reverts commit ebefc2f28c6e88bbfa632f2b22cb8b99b75e95ec, reversing
changes made to 223beab491d2f8dcf4c7285267fda355cfce3f05.
2018-08-29 12:00:20 -04:00
Ersun Warncke
e7eefc0474 Merge pull request #790 from sharelatex/ew-add-cookie-and-form-to-proxy
set options and method for request, pass cookies and form body
2018-08-29 10:17:21 -04:00
Jessica Lawshe
8889f2aed2 Remove Plans and Pricing A/B Test
Remove all layouts, analytics events, and scope related to the A/B test.

The group modal from the default layout of the A/B test should be maintained though for v2.
2018-08-28 12:42:09 -05:00
Paulo Reis
76fcee721e Update unit tests. 2018-08-28 14:24:05 +01:00
Paulo Reis
efc926ffc5 Load theme as a user setting; allow the user to change it; update tests. 2018-08-27 15:25:00 +01:00
Tim Alby
ef37902dfc check institution confirmation status 2018-08-27 15:45:31 +02:00
Hugh O'Brien
29253c5a93 Merge branch 'master' into hb-fetch-licences-graph 2018-08-23 16:11:43 +01:00
Tim Alby
753fb02c05 always return an array when getting affiliations 2018-08-23 15:15:53 +02:00
hugh-obrien
8d72fc78fc send licences graph request to v1 for data instead of analytics 2018-08-22 18:31:29 +01:00
Hugh O'Brien
eeadd1e9bb Merge pull request #797 from sharelatex/hb-inform-v1-affiliation-confirms
Tell v1 confirmation status of affiliation emails
2018-08-22 08:34:33 +01:00
Alasdair Smith
d99a42e678 Merge pull request #824 from sharelatex/as-redirect-sl-login-to-v2-login
Allow for redirection of unlinked SL account to /user/login_to_ol_v2
2018-08-21 10:13:52 +01:00
Tim Alby
8d6505b518 log institutions API errors 2018-08-17 17:48:00 +02:00
Tim Alby
f5513f36ca add param to skip affiliation creation on user create 2018-08-17 17:48:00 +02:00
Alasdair Smith
9bc3fa2df0 Pass req to preDoPassportLogin module hook 2018-08-17 12:04:05 +01:00
hugh-obrien
96ffeef73d send fixed confirmed date to v1 for affiliations 2018-08-16 13:50:34 +01:00
hugh-obrien
55597b9279 inform v1 when confirming affiliation emails 2018-08-16 13:50:34 +01:00
Henry Oswald
5ed95694da Merge pull request #801 from sharelatex/ho-mailchimp
Add non checked checkbox for newsletter subscription on signup and use mailchimp as newsletter provider.
2018-08-16 11:40:39 +01:00
Brian Gough
c2828c8ca5 add unit tests 2018-08-13 10:53:43 +01:00
Tim Alby
197e7ce8ab refactor institutions getter 2018-08-10 13:40:25 +02:00
James Allen
9cbb51bbbc Merge pull request #793 from sharelatex/sk-sl-login-v2
If we're creating v1 accounts, don't allow login for users already linked up
2018-08-08 15:51:25 +01:00
Henry Oswald
687637eec7 change email address in newsletter when changing default email
put mongo_id into mailchimp merge fields
2018-08-08 13:50:03 +01:00
Henry Oswald
6cf1f71604 add newsletter checkbox to user register forms 2018-08-06 17:43:03 +01:00
Brian Gough
efcd3577ce avoid clobbering imported image names 2018-08-06 16:56:44 +01:00
Shane Kilkelly
05df55c89e Add a unit test for the preDoPassportLogin module hook. 2018-08-03 16:10:50 +01:00