From 59a849d46e01cb6bf583b41975e42fdbca38a2db Mon Sep 17 00:00:00 2001 From: Ersun Warncke Date: Fri, 9 Nov 2018 04:57:53 -0400 Subject: [PATCH] Merge pull request #1117 from sharelatex/ew-collabratec-project-metadata-api2 Collabratec project metadata api GitOrigin-RevId: 46f4b84bfb302f68c0a176a8a1686ce22829ba08 --- .../AuthorizationMiddlewear.coffee | 7 ++- .../Uploads/ProjectUploadController.coffee | 1 - .../web/app/coffee/Features/V1/V1Api.coffee | 2 +- .../coffee/ProjectDuplicateNameTests.coffee | 43 ------------------- .../coffee/helpers/MockDocUpdaterApi.coffee | 3 ++ 5 files changed, 9 insertions(+), 47 deletions(-) diff --git a/services/web/app/coffee/Features/Authorization/AuthorizationMiddlewear.coffee b/services/web/app/coffee/Features/Authorization/AuthorizationMiddlewear.coffee index 798cd34055..10daa41f75 100644 --- a/services/web/app/coffee/Features/Authorization/AuthorizationMiddlewear.coffee +++ b/services/web/app/coffee/Features/Authorization/AuthorizationMiddlewear.coffee @@ -35,7 +35,10 @@ module.exports = AuthorizationMiddlewear = next() else logger.log {user_id, project_id}, "denying user read access to project" - AuthorizationMiddlewear.redirectToRestricted req, res, next + if req.headers?['accept']?.match(/^application\/json.*$/) + res.sendStatus(403) + else + AuthorizationMiddlewear.redirectToRestricted req, res, next ensureUserCanWriteProjectSettings: (req, res, next) -> AuthorizationMiddlewear._getUserAndProjectId req, (error, user_id, project_id) -> @@ -99,7 +102,7 @@ module.exports = AuthorizationMiddlewear = callback(null, user_id, project_id) _getUserId: (req, callback = (error, user_id) ->) -> - user_id = AuthenticationController.getLoggedInUserId(req) + user_id = AuthenticationController.getLoggedInUserId(req) || req?.oauth_user?._id || null return callback(null, user_id) redirectToRestricted: (req, res, next) -> diff --git a/services/web/app/coffee/Features/Uploads/ProjectUploadController.coffee b/services/web/app/coffee/Features/Uploads/ProjectUploadController.coffee index c7ac0f4229..d2f85f1632 100644 --- a/services/web/app/coffee/Features/Uploads/ProjectUploadController.coffee +++ b/services/web/app/coffee/Features/Uploads/ProjectUploadController.coffee @@ -52,4 +52,3 @@ module.exports = ProjectUploadController = project_id: project_id, file_path: path, file_name: name, folder_id: folder_id "uploaded file" res.send success: true, entity_id: entity?._id, entity_type: entity?.type - diff --git a/services/web/app/coffee/Features/V1/V1Api.coffee b/services/web/app/coffee/Features/V1/V1Api.coffee index 0baef0758d..61b24f5d60 100644 --- a/services/web/app/coffee/Features/V1/V1Api.coffee +++ b/services/web/app/coffee/Features/V1/V1Api.coffee @@ -41,4 +41,4 @@ module.exports = V1Api = else error = new Error("overleaf v1 returned non-success code: #{response.statusCode} #{options.method} #{options.uri}") error.statusCode = response.statusCode - callback error \ No newline at end of file + callback error diff --git a/services/web/test/acceptance/coffee/ProjectDuplicateNameTests.coffee b/services/web/test/acceptance/coffee/ProjectDuplicateNameTests.coffee index b4742eefec..3e9da6559c 100644 --- a/services/web/test/acceptance/coffee/ProjectDuplicateNameTests.coffee +++ b/services/web/test/acceptance/coffee/ProjectDuplicateNameTests.coffee @@ -84,27 +84,6 @@ describe "ProjectDuplicateNames", -> it "should respond with 400 error status", -> expect(@res.statusCode).to.equal 400 - describe "trying to upload a file with the same name", -> - before (done) -> - @owner.request.post - uri: "/project/#{@example_project_id}/upload" - json: true - qs: - folder_id: @rootFolderId - qqfilename: "main.tex" - formData: - qqfile: - value: fs.createReadStream Path.resolve(__dirname + '/../files/1pixel.png') - options: - filename: 'main.tex', - contentType: 'image/png' - , (err, res, body) => - @body = body - done() - - it "should respond with failure status", -> - expect(@body.success).to.equal false - describe "trying to add a folder with the same name", -> before (done) -> @owner.request.post { @@ -119,28 +98,6 @@ describe "ProjectDuplicateNames", -> it "should respond with 400 error status", -> expect(@res.statusCode).to.equal 400 - describe "trying to upload a file with the same name", -> - before (done) -> - @owner.request.post - uri: "/project/#{@example_project_id}/upload" - json: true - qs: - folder_id: @rootFolderId - qqfilename: "main.tex" - formData: - qqfile: - value: fs.createReadStream Path.resolve(__dirname + '/../files/1pixel.png') - options: - filename: 'main.tex', - contentType: 'image/png' - , (err, res, body) => - @body = body - done() - - it "should respond with failure status", -> - expect(@body.success).to.equal false - - describe "for an existing file", -> describe "trying to add a doc with the same name", -> before (done) -> diff --git a/services/web/test/acceptance/coffee/helpers/MockDocUpdaterApi.coffee b/services/web/test/acceptance/coffee/helpers/MockDocUpdaterApi.coffee index 395fe88a40..e90425920b 100644 --- a/services/web/test/acceptance/coffee/helpers/MockDocUpdaterApi.coffee +++ b/services/web/test/acceptance/coffee/helpers/MockDocUpdaterApi.coffee @@ -35,6 +35,9 @@ module.exports = MockDocUpdaterApi = @addProjectStructureUpdates(project_id, userId, docUpdates, fileUpdates, version) res.sendStatus 200 + app.post "/project/:project_id/doc/:doc_id/flush", (req, res, next) => + res.sendStatus 204 + app.delete "/project/:project_id/doc/:doc_id", (req, res, next) => res.sendStatus 204