Commit graph

1325 commits

Author SHA1 Message Date
Hayden Faulds
3466db0aae add acceptance tests 2017-12-04 09:42:09 +00:00
Hayden Faulds
61a1336ec6 pass userId into ProjectEntiyHandler.copyFileFromExistingProjectWithProject 2017-12-04 09:42:09 +00:00
Hayden Faulds
feee582368 pass user_id into EditorController.replaceFile 2017-12-04 09:42:09 +00:00
Hayden Faulds
08891c7a7f pass userId into ProjectEntityHandler.replaceFile 2017-12-04 09:42:09 +00:00
Hayden Faulds
088ce33cbc version ProjectEntityHandler.copyFileFromExistingProjectWithProject 2017-12-04 09:42:09 +00:00
Hayden Faulds
60ee78704a return url from FileStoreHandler.copyFile 2017-12-04 09:42:09 +00:00
Hayden Faulds
4ec0d07aae remove unused ProjectEntityHandler.copyFileFromExistingProject 2017-12-04 09:42:09 +00:00
Hayden Faulds
90e3b71c1c version replacing files 2017-12-04 09:42:09 +00:00
Hayden Faulds
980e43e478 pass user_id into EditorController.addDoc 2017-12-04 09:42:09 +00:00
Hayden Faulds
e4ca3bc5ad pass user_id into EditorController.addDocWithoutLock 2017-12-04 09:42:09 +00:00
Hayden Faulds
7d63939f79 pass owner_id to ProjectEntityHandler.addDoc from ProjectDuplicator 2017-12-04 09:42:09 +00:00
Hayden Faulds
300f76bc5c pass user_id into ProjectEntityHandler.addDoc / addDocWithProject 2017-12-04 09:42:09 +00:00
Hayden Faulds
bfd22899a0 fix DocumentUpdaterHandler.updateProjectStructure 2017-12-04 09:42:09 +00:00
Hayden Faulds
ef68c6a531 avoid N+1 lookups in DocumentUpdaterHandler 2017-12-04 09:42:09 +00:00
Hayden Faulds
953dba0ede pass userId into Editorcontroller.addFile / addFileWithoutLock 2017-12-04 09:42:09 +00:00
Hayden Faulds
42a1deaaca pass userId into ProjectEntityHandler.addFile 2017-12-04 09:42:09 +00:00
Hayden Faulds
c1481d596f call DocumentUpdaterHandle.updateProjectStructure from ProjectEntityHandler.addDoc and addFile
pass in user_id as null
2017-12-04 09:42:09 +00:00
Hayden Faulds
6e84c635cf return url from FileStoreHandler.uploadFileFromDisk 2017-12-04 09:42:09 +00:00
Hayden Faulds
0178f78249 handle file additions in DocumentUpdaterHandler.updateProjectStructure 2017-12-04 09:42:09 +00:00
Hayden Faulds
28bcf83d87 better error when project creation fails 2017-12-04 09:25:22 +00:00
Hayden Faulds
eacb19fac9 create user in db and use login endpoint instead of register 2017-12-04 09:25:22 +00:00
Hayden Faulds
938d22da3f get csrf token from /dev/csrf not /register 2017-12-04 09:25:22 +00:00
James Allen
488e6d7c5d Merge pull request #158 from sharelatex/ja-dockerise-tests
Dockerize unit and acceptance tests using docker-compose
2017-11-30 10:09:07 +00:00
Shane Kilkelly
c203a8d80a Merge branch 'sk-use-recurly-hosted-details-page' 2017-11-29 09:45:54 +00:00
Nate Stemen
2a50a18d23 Merge branch 'ns-package-aware-autocomplete' 2017-11-28 10:24:37 -05:00
Shane Kilkelly
cc9986cefd Remove the obsolete update-billing-details page 2017-11-28 11:52:14 +00:00
Shane Kilkelly
22c163c60a Move the recurly-billing-details link up to main subscription page 2017-11-28 11:40:48 +00:00
James Allen
3e90103d9c No need to bind to 0.0.0.0 when running in same container 2017-11-27 17:10:58 +00:00
James Allen
fbf8cc2d03 Run acceptance tests via docker compose 2017-11-27 17:10:58 +00:00
James Allen
62de9d8946 Move test/UnitTests -> unit/test 2017-11-27 17:10:22 +00:00
Shane Kilkelly
caa65dddc1 Send user to hosted recurly billing-details page.
And remove our update-billing-details form, the APIs for which will be
deprecated soon.
2017-11-23 16:16:13 +00:00
Brian Gough
2c3ee253e1 fix unit tests 2017-11-23 15:47:11 +00:00
Brian Gough
bb2d1321d4 Merge pull request #91 from sharelatex/bg-add-project-history-flag
route history requests based on project
2017-11-23 15:36:45 +00:00
Hayden Faulds
e54e2c8328 fix acceptance tests 2017-11-23 10:39:30 +00:00
Alasdair Smith
e1fa196de5 Merge pull request #153 from sharelatex/as-remove-old-onboarding
Remove unused onboarding
2017-11-23 10:28:50 +00:00
Alasdair Smith
8f32f0d65f Remove old unused track changes onboarding 2017-11-22 14:48:22 +00:00
James Allen
d3f146499c Merge pull request #135 from sharelatex/ja-disable-account-settings-for-ol-v2
Enable the external auth switches when OL OAuth is in use
2017-11-22 11:44:10 +00:00
Henry Oswald
b7dca80294 use /dev/csrf for smoke tests 2017-11-21 12:17:53 +00:00
Henry Oswald
7187f5ed67 use /login for smoke tests not register
1) A user needs an OL access token to load the beta - 5001dc48f1/app/coffee/OAuth/OAuthRequest.coffee (L8)

2) If a user has an OL access token they can not use the register endpoint on ShareLaTeX.  https://github.com/sharelatex/web-sharelatex-modules/blob/master/public-registration/app/coffee/PublicRegistrationController.coffee#L72
2017-11-21 10:43:24 +00:00
Alasdair Smith
24ceaffd3a Rename hook for clarity 2017-11-20 11:23:02 +00:00
Alasdair Smith
119be26989 Remove unnecessary project getter
Had bad assumption about whether ol-integration module would be available in
filesystem, now replaced with Module hook
2017-11-20 11:23:02 +00:00
Alasdair Smith
621977c47c Replace call to V1ProjectGetter with Module hook 2017-11-20 11:23:02 +00:00
Alasdair Smith
3eaf6c5d8e Stub V1 project getter 2017-11-20 11:23:02 +00:00
Alasdair Smith
47942816ae Include token based 2017-11-20 11:23:02 +00:00
Alasdair Smith
6822a0d838 Add assertions for integration module call 2017-11-20 11:23:02 +00:00
Alasdair Smith
e32406a4c4 Dynamically monkey patch impl to check integration once instead of each request 2017-11-20 11:23:02 +00:00
Alasdair Smith
56634bdb49 Add assertions for tag properties 2017-11-20 11:23:02 +00:00
Alasdair Smith
9a96f070d5 Add assertions for correctly mapping V1 properties 2017-11-20 11:23:02 +00:00
Alasdair Smith
24166af90e Add tests for V1ProjectGetter 2017-11-20 11:23:02 +00:00
Alasdair Smith
fff6873e10 Add tests for getting V1 projects 2017-11-20 11:23:02 +00:00
James Allen
311ebf89c4 Refactor to always use req.externalAuthenticationSystemUsed 2017-11-20 10:10:23 +00:00
Shane Kilkelly
5df4556e9c Set redirect when bouncing away from token route
This ensures that when the user logs in they will be redirected back
to this token, the page they wanted to access in the first place.
2017-11-15 13:30:40 +00:00
Shane Kilkelly
a0c7295b36 Merge branch 'master' of github.com:sharelatex/web-sharelatex-internal 2017-11-13 10:45:29 +00:00
Shane Kilkelly
cac39134cd Remove stray test lines 2017-11-10 16:20:59 +00:00
Shane Kilkelly
600191b2af Ensure that different features produce different results 2017-11-10 16:19:43 +00:00
Shane Kilkelly
3a4edeaf4c Add a unit test for _isInPercentageRollout 2017-11-10 16:13:27 +00:00
Hayden Faulds
3ce03a40f9 send both doc update and file updates to doc-updater 2017-11-08 13:11:17 +00:00
Hayden Faulds
06116dc956 version moving entities 2017-11-08 13:11:17 +00:00
Hayden Faulds
607f0125fc return project from _removeElementFromMongoArray and _putElement 2017-11-08 13:11:17 +00:00
Hayden Faulds
929b9996d3 version doc renames 2017-11-08 13:11:17 +00:00
Hayden Faulds
599f2cb3ae add DocumentUpdaterHandler.updateProjectStructure 2017-11-08 13:10:48 +00:00
Shane Kilkelly
2b4d516353 When anon is denied access to read-write token, redirect to restricted 2017-11-06 16:46:42 +00:00
Brian Gough
17a180ea8e route history requests based on project
either to track changes or to project history service
2017-11-03 16:44:37 +00:00
Shane Kilkelly
6dc31eebc5 Fix unit tests for ProjectController 2017-11-03 15:08:21 +00:00
Shane Kilkelly
9cd6b4e6ad Test for when anon write access is disabled 2017-11-02 15:16:04 +00:00
Shane Kilkelly
1cedfed1e4 Merge branch 'master' into sk-unlisted-projects 2017-11-02 10:10:09 +00:00
Shane Kilkelly
0e869fe4e0 Test the case of anonymous read-write token access being turned on 2017-11-01 16:22:23 +00:00
Shane Kilkelly
d8486afe5d Account for higher-access in the token read-only path too 2017-11-01 14:01:00 +00:00
Shane Kilkelly
9984ab081e Generalise the higher-access logic for read-write token path 2017-11-01 11:50:04 +00:00
Hayden Faulds
79d9756bea Merge pull request #81 from sharelatex/hof-init-project-history
initialize project history on project creation
2017-10-31 14:47:00 +00:00
Hayden Faulds
19bc145ff4 separate overleaf.id from overleaf.history.id 2017-10-27 15:28:42 +01:00
Hayden Faulds
20ea9918c9 allow overleafId to be passed in to avoid history initialization 2017-10-27 14:56:16 +01:00
Shane Kilkelly
ec94e59388 Fix error-handling in setPublicAccessLevel 2017-10-26 16:39:24 +01:00
Shane Kilkelly
e16c8aa8be Add unit tests for userIsTokenMember 2017-10-25 16:09:16 +01:00
Shane Kilkelly
8561b69ee9 Remove tokenMembers sync to clients 2017-10-25 11:29:05 +01:00
Brian Gough
5999284143 Merge pull request #74 from sharelatex/bg-fix-listen-in-acceptance-tests
exit if mock servers fail to start
2017-10-25 09:14:29 +01:00
Hayden Faulds
670b183c8e initialize project history on creation 2017-10-24 13:07:00 +01:00
Nate Stemen
98909026f5 moving data to backend and fixing tests 2017-10-24 10:59:41 +01:00
Hayden Faulds
519f041215 Merge pull request #50 from sharelatex/hof-toggle-projec-history
toggle project history
2017-10-24 09:13:50 +01:00
Hayden Faulds
299112f6e0 toggle project history using setting 2017-10-23 15:49:10 +01:00
Brian Gough
dcdcbd8388 exit if mock servers fail to start 2017-10-20 16:00:52 +01:00
Shane Kilkelly
dc39e447b2 Change findAllUsersProjects, produce and object rather than lists 2017-10-20 11:49:20 +01:00
Shane Kilkelly
0e44b319db Change anonToken and such to anonymousAccessToken 2017-10-20 10:10:21 +01:00
Shane Kilkelly
eab77aba91 Abstract away the token-protection logic 2017-10-19 16:26:01 +01:00
Shane Kilkelly
22795981b9 Add tests to check when tokens are never activated 2017-10-19 15:22:44 +01:00
Shane Kilkelly
d8717a06a2 Fix track-changes with token-access 2017-10-19 14:42:17 +01:00
Shane Kilkelly
43f1cb7d64 Add unit test for token-based access, particularly anon-read-write 2017-10-18 15:31:03 +01:00
Brian Gough
5d116e8ce9 Merge pull request #65 from sharelatex/bg-fix-main-doc-selection
fix main doc selection (connects to overleaf/sharelatex#222)
2017-10-18 13:11:10 +01:00
Brian Gough
d0f0268783 Merge pull request #57 from sharelatex/bg-handle-undefined-project-name-with-error
avoid exception in validateProjectName
2017-10-18 13:10:45 +01:00
Shane Kilkelly
7d2bde85ff Add a setting to enable anonymous read-and-write link sharing 2017-10-18 13:04:37 +01:00
Brian Gough
bcabec1c5d added tests 2017-10-17 15:50:29 +01:00
Shane Kilkelly
9c247d5f59 On project list, only show projects once, with max access 2017-10-17 11:10:31 +01:00
Shane Kilkelly
855fe2e143 If user is project owner, don't add them as a token user 2017-10-16 16:44:20 +01:00
Shane Kilkelly
5fb86441f6 Add acceptance tests for private-overleaf-project
... when accessed via the read-write token by the owner
2017-10-16 14:15:50 +01:00
Brian Gough
96d08e41a7 update tests 2017-10-16 14:15:38 +01:00
Shane Kilkelly
ad999a72b6 If a token-based project not found, check private overleaf project 2017-10-16 13:20:15 +01:00
Shane Kilkelly
ac513a1355 Refactor to not pass req down into Auth modules 2017-10-13 11:20:57 +01:00
Nate Stemen
42412b1bb4 modified labels tests to pass with new metadata 2017-10-12 17:28:11 +01:00
James Allen
f0079bb7a4 Merge pull request #41 from sharelatex/ja-transfer-projects
Add method to transfer projects from one user_id to another
2017-10-12 16:27:00 +01:00
Brian Gough
8cf3288187 avoid exception in validateProjectName 2017-10-12 16:03:12 +01:00
Shane Kilkelly
dcf601fe80 Only show token-based projects if accessLevel is set to token-based 2017-10-12 15:47:29 +01:00
Shane Kilkelly
9a7c8c5842 Revert "Remove remaining traces of UserStub"
This reverts commit ab6b4c32254a20b940c489b8b5b56237433cc0f6.
2017-10-12 15:08:48 +01:00
Brian Gough
3d2f9f0219 Merge branch 'bg-auto-doc-flush' 2017-10-12 15:01:27 +01:00
Brian Gough
fdffc92de2 fix unit tests 2017-10-12 15:01:11 +01:00
Shane Kilkelly
16416463c6 Update removeUserFromProject to account for token-access 2017-10-12 11:49:02 +01:00
Brian Gough
45ed090326 Merge pull request #37 from sharelatex/bg-rate-limit-autocompile
rate limit autocompile (connects to #18)
2017-10-12 09:25:59 +01:00
Brian Gough
c913ec69ef Merge pull request #34 from sharelatex/bg-fix-double-callback-in-resources-check
fix double callback in resources check (connects to #18)
2017-10-12 09:20:05 +01:00
Hayden Faulds
f017a94b7e remove unused HistoryManager 2017-10-11 11:18:20 +01:00
Brian Gough
5b0d3d1429 simplify rate-limit checking code 2017-10-09 16:31:01 +01:00
Shane Kilkelly
1a4ffe7708 Remove un-necessary call to getProject from archiveProject path 2017-10-09 11:30:55 +01:00
Shane Kilkelly
29a584996f Flesh out acceptance tests for token access 2017-10-06 16:26:47 +01:00
Shane Kilkelly
b5bed1837e Start acceptance tests for token-based access 2017-10-06 15:58:03 +01:00
Shane Kilkelly
91abb6eed6 If project is not tokenBased, don't count members of token arrays 2017-10-06 15:57:22 +01:00
James Allen
9c1faa4395 Add method to transfer projects from one user_id to another 2017-10-05 14:26:34 +01:00
Shane Kilkelly
b8d90a1a99 Show token-access projects on the dashboard 2017-10-05 13:20:06 +01:00
Shane Kilkelly
6482cd7dd8 Generate tokens on old projects if they're not present 2017-10-04 16:31:24 +01:00
Shane Kilkelly
7b33f8b4c2 Unit test TokenAccessController 2017-10-03 14:04:59 +01:00
Shane Kilkelly
ede497f4b3 Unit test TokenAccessHandler 2017-10-03 10:02:26 +01:00
Brian Gough
e9114551ba add unit test for precompile resources check 2017-10-02 10:14:05 +01:00
Hayden Faulds
bf1c24f6f9 return pathname from DocumentController.getDoc 2017-09-29 15:37:10 +01:00
Shane Kilkelly
574b115022 Working token-based access 2017-09-27 14:01:52 +01:00
James Allen
63097aaf73 Merge pull request #24 from sharelatex/ja-dockerize-acceptance-tests
Set up acceptance tests to run in docker container; Fixes overleaf/sharelatex#138
2017-09-27 11:01:49 +02:00
James Allen
23bd840796 Fix MockDocStoreApi name 2017-09-27 10:53:00 +02:00
James Allen
1502da85cf Set up acceptance tests to run in docker container 2017-09-27 10:37:20 +02:00
Hayden Faulds
4adf88ca01 handle OL or SL ids in UserInfoController.getPersonalInfo 2017-09-26 11:40:05 +01:00
Hayden Faulds
2c0e9bb89a return overleaf details from ProejctsDetailsHandler.getdetails 2017-09-26 10:19:30 +01:00
Shane Kilkelly
ee32648bf4 Order privileges by highest-to-lowest 2017-09-22 15:55:38 +01:00
Shane Kilkelly
562b2db600 Fix unit test 2017-09-21 15:01:40 +01:00
Shane Kilkelly
7dc759482c Fix how adding user to project works in acceptance tests 2017-09-21 11:43:16 +01:00
Shane Kilkelly
931ba56e33 Add an 'owner' source tag, for the project owner 2017-09-21 09:35:25 +01:00
Shane Kilkelly
ef7e1ceabf Rename functions to make distinction between invited/token members 2017-09-21 09:30:38 +01:00
Shane Kilkelly
91ec0da239 Use the invitedMembers function for sending tpds updates 2017-09-20 15:48:20 +01:00
Shane Kilkelly
574baf386e Alter getProjectsUserIsMemberOf to include token-access projects.
Also change the api to produce an object with the different project lists
attached, rather than a pair of lists.
2017-09-20 15:26:03 +01:00
Shane Kilkelly
ceb7c509d0 Rename getProjectsUserIsCollaboratorOf to ...IsMemberOf
This brings the naming more in line with current conventions.
2017-09-20 13:16:50 +01:00
Shane Kilkelly
069f49d5a6 Change getCollaboratorCount to getInvitedCollaboratorCount.
And update the one call-site in LimitationsManager. This function
is used to limit invites, so it makes sense to explicitely limit
this to Invited members of the project.
2017-09-20 10:29:47 +01:00
Shane Kilkelly
8460160076 Add a getInvitedMembersWithPrivilegeLevels function.
Then use it to build the loadProject view-model.
2017-09-20 10:02:43 +01:00
Shane Kilkelly
cf54989e6a Add a getInvitedMemberIds function
Limited to only members who were invited to the project, not users
who have access via a token.
2017-09-20 09:36:56 +01:00
Shane Kilkelly
06966f67db Differentiate project members by source, include token members 2017-09-20 09:35:19 +01:00
Shane Kilkelly
a06f4b6b28 Remove remaining traces of UserStub 2017-09-19 16:16:39 +01:00
Shane Kilkelly
7919d5342b Remove obsolete add-email-to-project workflow 2017-09-19 15:57:19 +01:00
Henry Oswald
a7217f1d37 Merge branch 'ho-csrf-acceptence-tests' 2017-09-15 13:50:17 +01:00
Brian Gough
1bca1e11a9 fix broken unit test 2017-09-15 09:20:53 +01:00
Brian Gough
9f9c15f6f5 Merge pull request #599 from sharelatex/bg-reset-project-state
clear docupdater project state in deleteAuxFiles
2017-09-15 09:09:29 +01:00
Brian Gough
28a80cf23d Merge pull request #604 from sharelatex/bg-fix-root-doc-in-incremental-compile
fix root doc in incremental compile
2017-09-13 13:47:22 +01:00
Tim Alby
a04adbf132 remove extra security headers 2017-09-13 11:53:11 +02:00
Brian Gough
51eb94a493 handle incremental compile without root doc 2017-09-13 10:10:44 +01:00
Tim Alby
d6834ff417 add security headers using Helmet
- use all Helmet's default headers except `X-DNS-Prefetch-Control`
- use `Referrer-Policy`
- use cache headers when:
  - a user is logged in, OR
  - a project is displayed
2017-09-12 11:17:59 +02:00
Brian Gough
2b4c8bd846 clear docupdater project state in deleteAuxFiles 2017-09-08 15:57:29 +01:00
Brian Gough
d9557fcbf5 include the options in the project state hash 2017-09-01 16:36:51 +01:00
Shane Kilkelly
7bb4638186 Restore user features to default after acceptance test.
Fixes an issue that could come up when running the tests
several times.
2017-09-01 14:45:54 +01:00
Shane Kilkelly
c170de7a4f Add unit test to cover project features. 2017-09-01 13:28:11 +01:00
Henry Oswald
d4b0c740c2 added csrf acceptence tests 2017-08-29 17:45:16 +01:00
James Allen
9c4dc40abf Merge pull request #583 from sharelatex/ja-import-projects
Add in UserStub model and support in collaborators view
2017-08-29 16:06:00 +02:00
Brian Gough
f9d1650c6a Merge pull request #569 from sharelatex/bg-compile-from-redis
compile from redis
2017-08-25 09:09:52 +01:00
James Allen
d5839437fd Add in UserStub model and support in collaborators view 2017-08-24 17:48:47 +02:00
Brian Gough
a569303b7e simplify unusual unit test 2017-08-17 15:36:52 +01:00
Brian Gough
f4da089ee3 added unit tests for project state hash 2017-08-16 11:42:36 +01:00
Brian Gough
c91599bfeb add unit test for incremental compile 2017-08-15 16:00:40 +01:00
Brian Gough
1179518f4e unit test for sync conflict 2017-08-15 14:35:02 +01:00
Brian Gough
0347abb13a added unit tests for ProjectEntityHandler 2017-08-14 15:40:46 +01:00
Brian Gough
f9617034be add unit test for getProjectDocsIfMatch 2017-08-14 14:33:34 +01:00
Brian Gough
7eb1c01994 add metrics for incremental compiles 2017-08-09 11:41:09 +01:00
Brian Gough
836219584c fix tests for beta users 2017-08-09 11:33:44 +01:00
Brian Gough
31e71854a4 fix unit tests 2017-08-08 11:38:31 +01:00
James Allen
0be1ee6b6c Fix smoke test when product name changes 2017-08-08 12:31:36 +02:00
James Allen
3d9da02815 Merge pull request #555 from sharelatex/sk-password-policy
Enforce stricter password policy.
2017-08-03 10:35:00 +02:00
James Allen
10f362a77a Add SubscriptionUpdater.deleteSubscription 2017-08-02 09:59:45 +02:00
Brian Gough
3e28eca26f move docupdater flush to point of use 2017-07-28 15:11:07 +01:00
Shane Kilkelly
0f131d940d Enforce stricter password policy.
- Check minimum password lengths
- Set default policy to 6-128 chars
2017-07-24 11:06:47 +01:00
Brian Gough
9417266966 fix health checks for web/web-api split 2017-07-04 10:32:31 +01:00
Henry Oswald
3da5ef818c null check subscription for group admin panel 2017-06-22 14:07:07 +01:00
Shane Kilkelly
9607174b64 Merge branch 'master' into sk-server-side-labels-loading 2017-06-15 08:49:14 +01:00
Shane Kilkelly
b97becc7a2 Change getLabelsForDoc to broadcastLabelsForDoc 2017-06-13 11:38:15 +01:00
Shane Kilkelly
a3dbb16e50 Flush project before getting all project labels 2017-06-13 11:15:26 +01:00
Shane Kilkelly
bd6133aadb Remove callback-pattern from label parsers 2017-06-13 11:10:21 +01:00
Shane Kilkelly
26be4f84d0 Re-use parser 2017-06-12 15:15:14 +01:00
Shane Kilkelly
ff4991284d Change docLabelsUpdated socket event to broadcastDocLabels 2017-06-12 13:06:56 +01:00
Shane Kilkelly
9f9468d0e0 Use lowercase project_id 2017-06-12 11:37:05 +01:00
Shane Kilkelly
c9432a1238 Fix unit tests 2017-06-12 10:09:33 +01:00
James Allen
4cecbae6b6 Use an email based invite system for groups, not holding accounts 2017-06-08 12:12:08 +01:00
Shane Kilkelly
feb1d87de1 Add test for LablesHandler 2017-06-08 10:25:39 +01:00
Shane Kilkelly
3c4a6f06be Add unit tests for LabelsController 2017-06-08 09:22:26 +01:00
James Allen
d7981fd2d4 Merge pull request #512 from sharelatex/ja-project-name-validation
Refactor project name validation into one place and restrict /s
2017-06-05 11:55:39 +01:00
James Allen
59085c1ddd Add missing require stubs and remove console.logs in unit tests 2017-05-22 15:33:52 +01:00
James Allen
3105c6743e Fix unit tests 2017-05-22 15:24:52 +01:00
James Allen
ba62206b91 Refactor project name validation into one place and restrict /s 2017-05-19 17:42:24 +01:00
James Allen
76b8fecde9 Merge pull request #509 from sharelatex/ja-fix-clsi-cookie-cluster
Don't try to set the server id if it isn't returned in the response
2017-05-19 15:00:18 +01:00
James Allen
01548a0216 Don't try to set the server id if it isn't returned in the response 2017-05-19 10:23:01 +01:00
Paulo Reis
b0b75e2ebb Update docupdaterhandler tests. 2017-05-18 15:04:12 +01:00
James Allen
39ca6d1e6c Merge pull request #508 from sharelatex/ja-fix-clsi-cookie-cluster
Check for blank string in clsi cookie caching
2017-05-18 11:12:11 +01:00
James Allen
f708a0cd81 Check for blank string in clsi cookie caching
ioredis returns "" for a blank entry, the previous driver returned null,
so also check for a blank string
2017-05-18 11:09:33 +01:00
Brian Gough
5237647b8b Merge pull request #489 from sharelatex/bg-improve-upload-robustness
improve stream error handling on upload
2017-05-17 15:26:03 +01:00
Shane Kilkelly
6338835baf Merge branch 'sk-sudo-mode' 2017-05-17 09:48:22 +01:00
Shane Kilkelly
4e3284cec8 Merge branch 'sk-dont-redirect-to-images' 2017-05-17 09:48:16 +01:00
Shane Kilkelly
25e0a19350 Make confirm-password routes more restful 2017-05-16 11:51:06 +01:00
Brian Gough
e23871118d Merge remote-tracking branch 'origin/master' into bg-improve-upload-robustness 2017-05-15 16:01:01 +01:00
Shane Kilkelly
60d3e4a97b If external auth system is in use, skip sudo-mode checks 2017-05-15 15:46:24 +01:00
James Allen
5aa8b71832 Allow writing of clsi cookie cache to redis cluster secondary 2017-05-15 15:35:01 +01:00
Brian Gough
0908e36fb7 fix unit tests 2017-05-15 13:46:01 +01:00
Shane Kilkelly
c864288c4e On logout, clear sudo mode 2017-05-15 11:53:52 +01:00
Shane Kilkelly
0f75d9f4d9 Test SudoModeController 2017-05-15 10:56:43 +01:00
Shane Kilkelly
76285a1554 Start testing SudoModeController 2017-05-15 10:07:22 +01:00
Shane Kilkelly
8605dc83b4 Merge branch 'master' into sk-sudo-mode 2017-05-15 09:21:13 +01:00
Shane Kilkelly
0e26222551 Don't redirect to images, icons, etc, in login workflow 2017-05-12 15:46:16 +01:00
Shane Kilkelly
1640dfa79a Merge branch 'sk-fix-cooldown-tpds' 2017-05-12 09:11:23 +01:00
James Allen
3bfd92dd9c Rename lock to avoid potential conflict with doc updater 2017-05-11 15:27:01 +01:00
Shane Kilkelly
7b0aca7f02 add cooldown to tpds mergeUpdate path 2017-05-11 11:29:57 +01:00
Shane Kilkelly
e6286c721d Merge branch 'master' into sk-fix-large-projects 2017-05-11 08:40:17 +01:00
Shane Kilkelly
08567ff220 if projectId is not defined, error out 2017-05-10 15:25:23 +01:00
Shane Kilkelly
27842996aa start testing SudoModoController 2017-05-10 15:15:57 +01:00
Shane Kilkelly
4d662f23de test SudoModeMiddlewear 2017-05-10 14:54:49 +01:00
James Allen
274d6f4ac6 Merge pull request #493 from sharelatex/ja-redis-cluster-refactor
Move all redis end points to be cluster compatible
2017-05-10 14:38:37 +01:00
Shane Kilkelly
b09a41c557 Fix acceptance tests 2017-05-10 13:45:53 +01:00
Shane Kilkelly
993c261b10 start testing sudo-mode 2017-05-10 11:37:32 +01:00
Shane Kilkelly
149e38855f Add a cooldown mechanism for projects which go over limits 2017-05-09 11:40:42 +01:00
James Allen
8449b0417c Move all redis end points to be cluster compatible 2017-05-04 15:22:54 +01:00
Brian Gough
46f693519a return 404 for api request on missing doc 2017-04-27 16:41:53 +01:00
Shane Kilkelly
a9b8b864df Move content-disposition setting into a method on res 2017-04-12 16:00:02 +01:00
Shane Kilkelly
02d75deaa0 when setting content-disposition, uri-encode names 2017-04-12 09:31:59 +01:00
Shane Kilkelly
bb65da88fe Merge branch 'master' into node-6.9 2017-04-05 10:15:51 +01:00
Shane Kilkelly
043520fc28 Remove the Metrics module, use metrics-sharelatex 2017-04-03 16:18:30 +01:00
Shane Kilkelly
49de7bf315 mock out metrics in test 2017-03-31 14:54:20 +01:00
Shane Kilkelly
bee62400a6 Merge branch 'master' into sk-upgrade-metrics 2017-03-31 14:08:12 +01:00
James Allen
3bf19a38ee Merge pull request #467 from sharelatex/ja-validate-recurly-subscription-on-creation
Handle a 404 from Recurly if account doesn't exist
2017-03-28 16:06:25 +01:00
James Allen
08699d7aa2 Handle a 404 from Recurly if account doesn't exist 2017-03-28 15:46:58 +01:00
James Allen
f53234271f Merge pull request #465 from sharelatex/sk-hide-email-errors
If sending email fails, return a generic error.
2017-03-28 13:16:43 +01:00
James Allen
2e6e51eb6d Merge pull request #464 from sharelatex/ja-validate-recurly-subscription-on-creation
Check Recurly for subscription as well before creating subscription
2017-03-28 13:15:58 +01:00
Brian Gough
835d8d618d use error handler 2017-03-28 11:33:37 +01:00
Brian Gough
f433510e61 return NotFound error in ProjectDetailsHandler 2017-03-28 10:12:52 +01:00
Brian Gough
4e66b045e3 fix unhandled exception in ProjectDetailsHandler 2017-03-28 09:44:50 +01:00
Shane Kilkelly
d2e1efe4a9 fix a daft mistake 2017-03-27 17:45:19 +01:00
Shane Kilkelly
69b9b308d4 If sending email fails, return a generic error.
This prevents us from leaking juicy details of our aws/ses setup via the
password-reset form.
2017-03-27 16:17:38 +01:00
James Allen
7aa4c0c030 Check Recurly for subscription as well before creating subscription 2017-03-27 12:07:43 +01:00
Henry Oswald
e22da8e530 rename unit test 2017-03-27 09:57:15 +01:00
Henry Oswald
9c7465fd64 Merge pull request #461 from sharelatex/ho-annom-user-events
add identify on login
2017-03-27 09:28:34 +01:00
Henry Oswald
379efcb04a Merge branch 'master' into ho-annom-user-events 2017-03-27 09:28:03 +01:00
Henry Oswald
cff922a0f5 idendify -> identify 2017-03-22 16:01:26 +00:00
Henry Oswald
ebdce6169e idendifyUser on login 2017-03-22 15:50:49 +00:00
Henry Oswald
f910bb58de add tests for AnalyticsController 2017-03-22 13:11:45 +00:00
Shane Kilkelly
a64f890ed0 Upgrade metrics api 2017-03-17 14:55:41 +00:00
Henry Oswald
625fa810c2 validate mongo id in getPrivilegeLevelForProject
https://sentry.io/sharelatex-1/sl-web-server-prod/issues/204397665/
2017-03-17 14:44:51 +00:00
Henry Oswald
8ee2e5ba63 null check folder in findElement
https://sentry.io/sharelatex-1/sl-web-server-prod/issues/236000085/
2017-03-17 13:29:20 +00:00
Henry Oswald
e5468983ce clone project plow though null doc/file/folders
https://sentry.io/sharelatex-1/sl-web-server-prod/issues/227107799/
2017-03-17 13:21:30 +00:00
Henry Oswald
d453a4d5c7 null check stat when we check file on disk
https://sentry.io/sharelatex-1/sl-web-server-prod/issues/125814174/
2017-03-17 13:03:16 +00:00
Shane Kilkelly
5e112043ca Fix unit tests for modules now using metrics.timeAsyncMethod 2017-03-16 11:08:17 +00:00
Shane Kilkelly
1ce48e971a Merge branch 'sk-fix-file-upload' 2017-03-10 11:30:03 +00:00
Shane Kilkelly
ec25ee9045 When upload to filestore fails, produce an error 2017-03-09 10:11:45 +00:00
James Allen
b75d0ab3eb Don't show onboarding for newly registered users 2017-03-09 09:13:49 +00:00
James Allen
2b36a443c9 Pull track changes backend into a module 2017-03-02 16:45:24 +00:00
Shane Kilkelly
9a641d43eb Remove cruft 2017-02-27 14:00:45 +00:00
Shane Kilkelly
98d7dc6f88 Make work on both 0.10 and 6.9 2017-02-27 13:54:57 +00:00
James Allen
c8096facfb Merge pull request #421 from sharelatex/ho-announcments
mark announcments before user signs up as read
2017-02-14 15:12:10 +01:00
Henry Oswald
27caf4d555 mark announcments before user signs up as read 2017-02-14 12:29:48 +00:00
James Allen
03ecf4b4ae Only show track changes onboarding once based on analytics API events 2017-02-14 10:25:46 +01:00
Shane Kilkelly
7d5dc34b3e fix the set-password form for new (admin-created) users 2017-02-06 14:58:54 +00:00
James Allen
b086d7afa2 Refactor rate limiting code around sending invites 2017-01-27 16:26:58 +01:00
James Allen
757c7002eb Merge pull request #397 from sharelatex/ja-modify-threads
Allow editing/deleting of comments and threads
2017-01-25 15:50:00 +01:00
Shane Kilkelly
239164fe26 Merge branch 'master' into sk-rate-limit-cluster 2017-01-25 09:56:08 +00:00
Henry Oswald
cc717f0357 domainAnnouncementsToShow -> domainAnnouncements 2017-01-25 09:44:13 +00:00
Henry Oswald
02e6eb4dd1 Merge pull request #399 from sharelatex/ho-promote-case-study
promote domain alerts
2017-01-25 09:41:50 +00:00
Henry Oswald
1280a2313d add check for id to exist in domain announcments
null check user at start of getUnreadAnnouncements
fix spelling mistake
2017-01-25 09:35:11 +00:00
Henry Oswald
13d21b881f use new annoncments feature for case study info 2017-01-24 16:03:05 +00:00
James Allen
f9ba7392e9 Allow editing/deleting of comments and threads 2017-01-24 16:21:14 +01:00
Shane Kilkelly
a148eb1f43 Merge branch 'master' into sk-rate-limit-cluster 2017-01-24 09:24:47 +00:00
Henry Oswald
6d35585847 limit number of invites each user can do
done with the number of collaborators a user can add
prevents notifications getting filled up as well
2017-01-21 12:43:15 +00:00
James Allen
3413687833 Merge pull request #393 from sharelatex/ja-track-changes
Ja track changes
2017-01-18 15:32:16 +01:00
Shane Kilkelly
1137ab0715 Don't record redirect to static asset paths 2017-01-17 14:35:37 +00:00
James Allen
9c0bf885be Merge branch 'master' into ja-track-changes 2017-01-17 10:16:41 +01:00
Shane Kilkelly
82ddeab2bd If user tries to invite themselves to project, don't. 2017-01-16 13:45:01 +00:00
Shane Kilkelly
635b935acc Add an acceptance test for login rate limits, cleanup 2017-01-16 11:46:59 +00:00
Henry Oswald
fed88504f8 rate limit emails sent sharing projects by users 2017-01-14 14:52:32 +00:00
Shane Kilkelly
25956d4c62 Fix up tests 2017-01-13 16:04:26 +00:00
Shane Kilkelly
525e871d55 Merge branch 'master' into sk-rate-limit-cluster 2017-01-13 14:17:18 +00:00
James Allen
aab4dea8ae Merge branch 'master' into ja-track-changes 2017-01-13 13:46:01 +01:00
Shane Kilkelly
f5ced03074 Set redirect when sending user to login page.
Allows smart redirecting to work when public access is turned off.
2017-01-10 15:42:36 +00:00
James Allen
d03aa7056e Rename /ranges/users end point to /changes/users 2017-01-10 13:43:53 +01:00
James Allen
4e128b6ab7 Send user data in /threads dat 2017-01-09 17:25:06 +01:00
James Allen
9379cff89d Add end point for accepting change in doc updater 2017-01-09 15:25:27 +01:00
James Allen
3a5d45fa32 Get user info via web, not chat 2017-01-06 13:41:58 +01:00
Shane Kilkelly
259c589076 Add option to restrict invites to existing user accounts. 2016-12-20 09:54:42 +00:00
Shane Kilkelly
822f76a883 Add unit tests for RedisWrapper 2016-12-19 15:12:22 +00:00
Shane Kilkelly
d428f9adbc Make LoginRateLimiter a thin wrapper around RateLimiter 2016-12-19 14:10:51 +00:00
Shane Kilkelly
ef0a5801d5 Create a RedisWrapper, and use it for rate limiting. 2016-12-19 12:17:02 +00:00
James Allen
988005e929 Send and get comments via the chat api 2016-12-16 16:42:41 +00:00
James Allen
293ba1fc4c Fetch all ranges from docstore when viewing overview panel 2016-12-09 15:43:08 +00:00
James Allen
1830d41eba Proxy ranges between doc updater and docstore 2016-12-08 14:09:06 +00:00
Henry Oswald
e6eeb86046 add read property to announcments 2016-12-07 11:39:22 +00:00
Shane Kilkelly
58280bf6ee Merge branch 'master' into sk-user-delete-with-cancelled-sub 2016-12-06 09:31:42 +00:00
James Allen
48cc5a992f Merge branch 'master' into ja-set-version-in-docstore 2016-12-01 09:30:53 +00:00
Shane Kilkelly
e03d16e0cd Deleting user: if subscription is already cancelled, ignore and proceed. 2016-11-30 16:03:18 +00:00
James Allen
eb648b9bc8 Proxy version number to and from docstore 2016-11-29 17:16:56 +00:00
Shane Kilkelly
a03ac8fe72 More robust session destruction after deleting user account. 2016-11-28 12:37:53 +00:00
Shane Kilkelly
52462d7020 Merge branch 'sk-sync-details-from-sso' 2016-11-28 10:11:59 +00:00
Shane Kilkelly
2ab5ad4230 If we're updating details from a SSO source, don't allow editing on settings page. 2016-11-25 14:38:00 +00:00
Shane Kilkelly
22101d0305 If user is sent to login page with explicit redirect, obey 2016-11-24 11:38:13 +00:00
Shane Kilkelly
8a4352fff2 Set redirect when redirecting from restricted 2016-11-22 16:54:03 +00:00
Shane Kilkelly
8089bb55a4 use session for the post-login redirect, remove redir query string. 2016-11-22 14:24:36 +00:00
Shane Kilkelly
da1be67aff Merge branch 'sk-ext-auth-show-email' 2016-11-18 09:34:05 +00:00
Shane Kilkelly
6606375cd7 Remove dead code: SessionInvalidator 2016-11-17 15:27:58 +00:00
Shane Kilkelly
3b8fbe8249 If using external auth, show non-editable email field.
Also defend server-side against setting email when using external auth.
2016-11-17 14:34:02 +00:00
Henry Oswald
d87067bc2f Merge branch 'announcments' 2016-11-15 10:38:01 +00:00
Shane Kilkelly
b212c00311 Fix acceptance tests, use the correct method of getting redis key. 2016-11-14 16:33:54 +00:00
Henry Oswald
5a13ee1077 use anlaytis api
- don’t talk to postgres
- show recent blog post announcments
- proxy all events to analytics api
2016-11-11 17:03:09 +00:00
James Allen
593e59450b Use different UserSessions keys for cluster vs normal redis session store 2016-11-10 14:31:48 +00:00
Shane Kilkelly
5f3098df38 Replace multi-ops with Async.series, tests passing 2016-11-09 11:03:03 +00:00
Shane Kilkelly
a373868862 Fix unit tests 2016-11-08 16:00:18 +00:00
Shane Kilkelly
e7b09a81a7 Merge branch 'sk-passport-ldap' 2016-11-02 15:39:32 +00:00
Paulo Reis
c5e793125e Update unit tests. 2016-11-01 16:55:26 +00:00
Shane Kilkelly
9cb3d8c4b8 Enable hook from module into passport init. 2016-11-01 14:06:54 +00:00
Shane Kilkelly
5c8cdd22cc Merge branch 'sk-account-delete-pass' 2016-10-28 11:02:41 +01:00
Shane Kilkelly
4c092e7ff1 Remove deprecated "projectSharedWithYou" email. 2016-10-28 10:37:10 +01:00
Shane Kilkelly
751a116921 add plainTextTemplate to all emails 2016-10-27 14:41:13 +01:00
Shane Kilkelly
dc62b1a86e Remove deprecated endpoint for old delete-user 2016-10-26 11:18:36 +01:00
Shane Kilkelly
a4167fcccd Unit tests for tryDeleteUser 2016-10-26 11:01:35 +01:00
Shane Kilkelly
6069d4dba3 Merge branch 'master' into sk-plans-tidy 2016-10-25 13:14:44 +01:00
Henry Oswald
1c3edcd627 added some debug lines 2016-10-24 23:36:49 +01:00
Henry Oswald
91e9447fe5 added logging to smoke test 2016-10-21 19:20:21 +01:00
Shane Kilkelly
d5a7514923 Add AB test for plans (+15 squashed commits)
Squashed commits:
[45c2237] Add a `subscription-form-switch-to-student` event
[1ad9b8f] change experiment name, and re-enable switch-to-student workflow
[f7cdb78] Remove debug
[4b9778a] Incorporate collaborator alternative plans
[701e80b] Add collaborator plans for heron and ibis
[287aa0f] AB test plans from editor page
[c74052e] Fix change-plan view for default plans
[1a947d6] Use correct plan codes
[1eecda7] Adjust prices
[69c4c7b] Introduce two plans
[8b8d5f8] Rename sixpack experiment
[c332002] Fix up the change-plan page
[c7af52d] Overhaul change-plan page, show only plans from current generation
[33d86bf] update plan
[5bbd946] Add a basic plans AB test
2016-10-21 16:17:37 +01:00
Henry Oswald
adc6b429e6 record when a subscription is canceled 2016-10-10 15:29:54 +01:00
Shane Kilkelly
0f65e98566 add acceptance test for clearing sessions 2016-10-10 10:55:45 +01:00
Shane Kilkelly
25dd998107 clear-sessions page (+4 squashed commits)
Squashed commits:
[3a56af0] Remove cruft
[c5a1f6c] Finalise alignment
[82f741a] Working sessions page
[d40f069] WIP: display sessions
2016-10-07 16:47:00 +01:00
Shane Kilkelly
95a66bbf00 Merge pull request #328 from sharelatex/sk-plain-text-email
Sk plain text email
2016-10-05 10:04:08 +01:00
Henry Oswald
3141f91b59 Merge pull request #322 from sharelatex/ho-password-limits
Ho password limits
2016-10-05 10:03:54 +01:00
Shane Kilkelly
e699fcb1fa Add plain-text component to the project-invite email 2016-10-03 15:25:38 +01:00
Shane Kilkelly
b497182557 Add an acceptance test for registration and login 2016-09-27 11:55:51 +01:00
Shane Kilkelly
dd14e51713 Handle null, undefined and false in isUserLoggedIn 2016-09-23 16:53:07 +01:00
Henry Oswald
8a2b7d0461 server side protect passwords which are too long 2016-09-23 16:51:46 +01:00
Shane Kilkelly
6e8185aeaf Merge branch 'master' into sk-passport 2016-09-23 10:28:35 +01:00
Shane Kilkelly
6c716ca252 Fix acceptance tests by updating invite-accept url 2016-09-23 10:28:17 +01:00
Shane Kilkelly
72ca1d6316 Merge branch 'master' into sk-passport
# Conflicts:
#	app/coffee/Features/Collaborators/CollaboratorsInviteController.coffee
2016-09-23 10:01:11 +01:00
James Allen
e15976be21 Use token in URL to force its precense when invite and allow easy dynamic notifications 2016-09-22 17:24:06 +01:00
Shane Kilkelly
dbac4bd008 update session when user settings change 2016-09-22 16:58:25 +01:00
Shane Kilkelly
7e449c60ed fix tests 2016-09-22 16:04:42 +01:00
Shane Kilkelly
ff1c72ee14 Fix up more session access 2016-09-22 14:30:34 +01:00
Shane Kilkelly
7f24dd6f55 Fix tests for UserInfoController. 2016-09-22 13:37:27 +01:00
Shane Kilkelly
a3ace1fccd Increase timeout because slow tests 2016-09-22 11:33:54 +01:00
Shane Kilkelly
dde5b7b830 Regenerate session on login, protect against session-fixation attack. 2016-09-21 13:03:37 +01:00
Shane Kilkelly
bb71433727 Remove getLoggedInUser 2016-09-21 09:27:51 +01:00
Shane Kilkelly
4eada48638 Merge branch 'master' into sk-passport 2016-09-19 15:40:25 +01:00
James Allen
0917fe10ca Return type when finding element by path so that we don't need a heuristic 2016-09-19 14:35:25 +01:00
Shane Kilkelly
2119dcbb58 Finalise login workflow, works with login form again. 2016-09-15 14:36:11 +01:00
Shane Kilkelly
438ac45854 fix unit tests 2016-09-07 16:40:49 +01:00
Shane Kilkelly
8e0103a1bc wip: fix unit tests for AuthenticationController 2016-09-07 14:05:51 +01:00
Shane Kilkelly
3a5b3a8e8d wip: acceptance tests working 2016-09-06 15:55:34 +01:00
Shane Kilkelly
b0a10c948c wip refactor 2016-09-06 15:22:13 +01:00
Henry Oswald
ddc0023c64 make forceCreate the default for creating notifications 2016-08-30 13:07:37 +01:00
Henry Oswald
114dbf9f3f Merge branch 'master' of https://github.com/sharelatex/web-sharelatex 2016-08-23 15:34:55 +01:00
James Allen
bcc8bfbe6c Redirect to working update billing details end point that shows a nice message 2016-08-22 17:36:33 +01:00
Henry Oswald
130fece0f6 track when users accept invites 2016-08-19 18:33:03 +01:00
Shane Kilkelly
a904427531 Fix broken test 2016-08-19 11:57:44 +01:00